ATM Switch Network Configuration Manual
ATM Switch Network Configuration Manual
ATM Switch Network Configuration Manual
Configuration Manual
MANU0148-07
Revision B
11-17-1999
Marconi plc
1000 FORE Drive
Warrendale, PA 15086-7502
Phone: 724-742-4444
FAX: 724-742-7742
http://www.marconi.com
Legal Notices
Copyright © 1995-1999 FORE Systems, Inc.
All rights reserved.
U.S. Government Restricted Rights. If you are licensing the Software on behalf of the U.S. Government (“Government”),
the following provisions apply to you. If the Software is supplied to the Department of Defense (“DoD”), it is classified as
“Commercial Computer Software” under paragraph 252.227-7014 of the DoD Supplement to the Federal Acquisition
Regulations (“DFARS”) (or any successor regulations) and the Government is acquiring only the license rights granted
herein (the license rights customarily provided to non-Government users). If the Software is supplied to any unit or agency
of the Government other than DoD, it is classified as “Restricted Computer Software” and the Government’s rights in the
Software are defined in paragraph 52.227-19 of the Federal Acquisition Regulations (“FAR”) (or any successor regulations)
or, in the cases of NASA, in paragraph 18.52.227-86 of the NASA Supplement to the FAR (or any successor regulations).
Restricted and Limited Rights Legend. Use, duplication or disclosure by the government is subject to restrictions as set
forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013
(October 1988) and FAR 52.227-19 (June 1987).
Printed in the USA.
No part of this work may be reproduced in any form.
The software and this publication is provided by FORE Systems, Inc. “as-is” without warranty of any kind, either express
or implied, including, but not limited to, the implied warranties of merchantability or fitness for a particular purpose.
FORE Systems, Inc. shall not be liable for any errors or omissions which may occur in the software or this publication, nor
for any direct, indirect, incidental, special, exemplary or consequential damages of any kind resulting from the furnishing,
performance or use of the software or this publication.
Information published here is current as of the date of publication of this document. Because FORE Systems, Inc. is
improving and adding features to its products continuously, the information in this document is subject to change without
notice.
The VxWorks software used in the Mini Loader is licensed from Wind River Systems, Inc., Copyright ©1984-1996.
TRADEMARKS
FORE Systems®, ForeRunner®, ForeRunnerLE®, ForeThought®, ForeView®, AVA®, CellPath®, Euristix®, Raceman®, and
Networks of Steel® are registered trademarks of FORE Systems, Inc.
ForeRunnerHE™, CellChain™, CellStarter™, PowerCell™, PowerHub™, ForeMan™, VoicePlus™, FramePlus™, StreamRun-
ner™, EdgeRunner™, ATV™, All Roads Lead To ATM™, ASN™, MSC™, TNX™, Intelligent Infrastructure™, I2™, Net-
pro™, Zero Hop Routing™, Application Aware™, ASX™, ESX™, NSX™, ForeWare™, ServiceGrid™, Dynamic Protection
Switching™, Capacity Aware Routing™, Demarc™, ERP Express™, ForeView Foundation™, ForeView Son™, ServiceOn
Management™, Active Switch™, ChannelFore™, UserAware™, Evolution™, AuthentiFirst Agent™, NetResource
Guard™, PriorSynch Solutions™, TAM™, and Technical Account Management™ are trademarks of FORE Systems, Inc.
Network of Steel® is a registered service mark of FORE Systems, Inc.
CellStarter SM and Networks of Steel SM are service marks of Fore Systems, Inc.
NOTE: The ASX™-200WG, the ASX-200BX, the ASX-1000, and the ForeRunnerLE® 155 have been tested and found to com-
ply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide
reasonable protection against harmful interference when the equipment is operated in a commercial environment. This
equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the
instruction manual, may cause harmful interference to radio communications. Operation of the equipment in a residential
area is likely to cause harmful interference in which case the user will be required to correct the interference at his own
expense.
NOTICE
Marking by the symbol indicates compliance of this system to the EMC (Electromagnetic Compatibility) directive of
the European Community and compliance to the Low Voltage (Safety) Directive. Such marking is indicative that this sys-
tem meets or exceeds the following technical standards:
• EN 55022 - “Limits and Methods of Measurement of Radio Interference Characteristics of Information
Technology Equipment.”
• EN 50082-1 - “Electromagnetic compatibility - Generic immunity standard Part 1: Residential, commercial,
and light industry.”
• IEC 1000-4-2 - “Electromagnetic compatibility for industrial-process measurement and control equipment
Part 2: Electrostatic discharge requirements.”
• IEC 1000-4-3 - “Electromagnetic compatibility for industrial-process measurement and control equipment
Part 3: Radiate electromagnetic field requirements.”
• IEC 1000-4-4 - “Electromagnetic compatibility for industrial-process measurement and control equipment
Part 4: Electrical fast transient/burst requirements.”
This is a Class A product based on the standard of the Voluntary Control Council for Interference by Information
Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio disturbance may arise. When
such trouble occurs, the user may be required to take corrective actions.
AUSTRALIA EMC COMPLIANCE
This product has been tested and found to comply with the Class A electromagnetic compatibility limits specified in AS/
NZ 3548.
(3) If the unit appears to be malfunctioning, it should be disconnected from the telephone lines
until you learn if your equipment or the telephone line is the source of the trouble. If your
equipment needs repair, it should not be reconnected until it is repaired.
(4) If the telephone company finds that this equipment is exceeding tolerable parameters, the
telephone company can temporarily disconnect service, although they will attempt to give
you advance notice if possible.
(5) Under the FCC Rules, no customer is authorized to repair this equipment. This restriction
applies regardless of whether the equipment is in or out of warranty.
(6) If the telephone company alters their equipment in a manner that will affect use of this
device, they must give you advance warning so as to give you the opportunity for
uninterrupted service. You will be advised of your right to file a complaint with the FCC.
(7) An affidavit is required to be given to the telephone company to affirm that no encoded ana-
log content or billing information is being transmitted.
168 X
The E1 and E3 network modules conform to safety standard EN60950 1992 following the provisions of Low Voltage
Product Safety Directive 73/23/EEC and CE Marking Directive 93/68/EEC, and can be marked accordingly with the CE
symbol.
The E1 and E3 network modules conform to EN55022 1994 and EN50082-1 1992 following the provisions of the EMC
Directive 89/336/EEC, and can be marked accordingly with the CE symbol.
National Approvals
UK
For a host or other expansion card fitted in the host, using or generating voltages greater Above 300 Vrms or Vdc
than 300V (rms or dc), advice from a competent telecommunications engineer must be
obtained before installation of the relevant equipment.
NOTE: Installing the network modules in the appropriate FORE Systems hosts, according to the installation instructions
provided, satisfies the requirements listed above.
The following tables show the available ports and their safety status:
NM-4/E3D
SAFETY CERTIFICATIONS
ETL certified to meet Information Technology Equipment safety standards UL 1950, CSA 22.2 No. 950, and EN 60950.
List of Figures
List of Tables
Preface
Chapter Summaries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i
Related Manuals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .ii
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii
Typographical Styles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv
Important Information Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .v
Laser Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi
Safety Precautions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Modifications to Equipment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Placement of a Marconi Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Power Cord Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
CHAPTER 4 MPOA
4.1 Overview of LANE/MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 1
4.2 LANE Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 2
4.2.1 LANE Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 2
4.2.2 An Example LANE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 3
4.2.2.1 The Initialization Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 4
4.2.2.2 The Connection Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 5
4.2.2.3 Multicast and Broadcast Packets . . . . . . . . . . . . . . . . . . . . . . . 4 - 5
4.2.2.4 Accessing Fast Ethernet and FDDI Networks . . . . . . . . . . . . . 4 - 5
4.2.2.5 Multiple ELANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 6
4.2.2.6 Distributed LAN Emulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 6
4.2.2.7 Automatic ELAN Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 6
4.2.2.8 Intelligent BUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 6
4.3 An Introduction to Multi-Protocol Over ATM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 7
4.3.1 LANE Without MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 7
4.3.2 Why MPOA? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 8
4.3.3 MPOA Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 10
4.3.4 MPOA Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 11
4.3.4.1 MPS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 12
4.3.4.2 Initialization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 12
4.3.4.3 Flow Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 13
4.3.4.4 Making a Shortcut . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 13
4.3.4.5 Shortcut Teardown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 14
5.1.4.1
Hierarchical Addressing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 3
5.1.4.1.1 Switch Prefix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 3
5.1.4.1.2 Switch Summary Prefix . . . . . . . . . . . . . . . . . . . . . . 5 - 4
5.1.4.1.3 Peer Group ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 4
5.1.4.2 Path Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 4
5.2 The Physical Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 5
5.2.1 Peer Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 8
5.2.2 Peer Group Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 8
5.2.3 Border Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 8
5.2.4 Peer Group Summary Node (PGSN) . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 9
5.2.5 Backbone Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 9
5.2.6 Single Switch Perspective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 - 9
CHAPTER 7 Signalling
7.1 UNI 4.0 Supplementary Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 1
7.1.1 Description of Supplementary Services . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 2
7.1.1.1 Direct Dialing In (DDI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 3
7.1.1.2 Multiple Subscriber Number (MSN). . . . . . . . . . . . . . . . . . . . . . 7 - 3
7.1.1.3 Calling Line Identification Presentation (CLIP) . . . . . . . . . . . . . 7 - 4
7.1.1.4 Calling Line Identification Restriction (CLIR) . . . . . . . . . . . . . . . 7 - 4
7.1.1.5 Connected Line Identification Presentation (COLP) . . . . . . . . . 7 - 4
7.1.1.6 Connected Line Identification restriction (COLR) . . . . . . . . . . . 7 - 5
7.1.1.7 Sub Addressing (SUB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 5
7.1.1.8 User-to-User Signalling (UUS) . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 5
7.1.2 Configuring Supplementary Services. . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 6
7.2 Virtual UNI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 8
7.3 Proxy Signalling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 14
7.4 VCI Allocation Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 18
7.4.1 Determining the VCI Allocation Range with ILMI Down . . . . . . . . . . . . 7 - 18
7.4.2 Determining the VCI Allocation Range with ILMI Up . . . . . . . . . . . . . . 7 - 20
7.5 Signalling Scope. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 23
7.5.1 VC-Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 23
7.5.2 Dynamic Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 24
7.6 Signalling Channel Auto Configuration Procedures . . . . . . . . . . . . . . . . . . . . . . . 7 - 25
7.6.1 Overview of Signalling Channel Auto Configuration . . . . . . . . . . . . . . . 7 - 25
7.6.2 Rules for Signalling Channel Auto Configuration . . . . . . . . . . . . . . . . . 7 - 28
7.6.2.1 Specifying the Type and Interface Version. . . . . . . . . . . . . . . . 7 - 28
7.6.2.1.1 Examples of Valid Configurations . . . . . . . . . . . . . . 7 - 29
7.6.2.1.2 Examples of Invalid Configurations . . . . . . . . . . . . 7 - 30
7.6.2.2 Specifying the Scope and Mode . . . . . . . . . . . . . . . . . . . . . . . 7 - 31
7.6.2.2.1 Examples of Valid Configurations . . . . . . . . . . . . . . 7 - 32
7.6.2.2.2 Examples of Invalid Configurations . . . . . . . . . . . . 7 - 33
7.6.2.3 Specifying the User/Network Side . . . . . . . . . . . . . . . . . . . . . . 7 - 34
7.7 Allowable Combination of Traffic Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 35
CHAPTER 8 Security
8.1 Configuring Userids . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 1
8.1.1 Login Authentication Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 5
8.1.1.1 Local Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 5
8.1.1.2 SecurID Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 5
8.1.1.2.1 SecurID Protection on Switches . . . . . . . . . . . . . . . 8 - 5
8.1.1.2.2 SecurID Passcode . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 6
8.1.1.2.2.1 PIN Number . . . . . . . . . . . . . . . . . . . . . . 8 - 6
8.1.1.2.2.2 SecurID Tokens. . . . . . . . . . . . . . . . . . . . 8 - 6
8.1.1.2.3 SecurID Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 6
8.1.1.2.3.1 Slave Server . . . . . . . . . . . . . . . . . . . . . . 8 - 6
8.1.1.2.3.2 Server Database. . . . . . . . . . . . . . . . . . . 8 - 7
8.1.1.2.3.3 Data Encryption between the Server
and Switches . . . . . . . . . . . . . . . . . . . . . 8 - 7
8.1.1.2.4 SecurID AMI Commands . . . . . . . . . . . . . . . . . . . . . 8 - 7
8.1.1.2.5 Configuring SecurID on a Switch. . . . . . . . . . . . . . . 8 - 7
8.1.1.2.5.1 Installing the Server Software . . . . . . . . . 8 - 7
8.1.1.2.5.2 Transferring the Configuration File . . . . . 8 - 7
8.1.1.2.5.3 Editing the Server Configuration File . . . 8 - 8
8.1.1.2.5.4 An Example Login Using SecurID . . . . 8 - 10
8.1.1.3 Kerberos Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 11
8.1.1.3.1 Kerberos Server. . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 11
8.1.1.3.2 Kerberos AMI Commands . . . . . . . . . . . . . . . . . . . 8 - 11
8.1.1.3.2.1 Configuring Kerberos Authentication
on a Switch . . . . . . . . . . . . . . . . . . . . . . 8 - 12
8.1.1.3.2.2 Installing the Kerberos Server
Software . . . . . . . . . . . . . . . . . . . . . . . . 8 - 12
8.1.1.3.2.3 Configuring the Kerberos Server
Database . . . . . . . . . . . . . . . . . . . . . . . 8 - 12
8.1.1.3.2.4 Transferring the Secret Key File . . . . . . 8 - 12
8.1.1.3.2.5 Setting the Correct Time . . . . . . . . . . . . 8 - 13
8.1.1.3.2.6 Adding IP Address-to-Hostname
Mappings . . . . . . . . . . . . . . . . . . . . . . . 8 - 13
8.1.1.3.2.7 Establish an Encrypted Telnet
Session . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 14
8.1.1.3.3 An Example Login Using Kerberos
Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 14
APPENDIX E RMON
E.1 MIB Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-2
E.2 SNMP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-3
E.3 RMON Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-4
E.3.1 RMON Table Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-4
E.3.1.1 The portSelect Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-5
E.3.1.2 The atmStats Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-6
E.3.1.3 The RMON Alarm Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-7
E.3.1.4 The Event Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-8
Index
CHAPTER 4 MPOA
Figure 4.1 An Example of an ELAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 4
Figure 4.2 LANE without MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 7
Figure 4.3 LANE with MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 9
Figure 4.4 MPOA Example Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 11
CHAPTER 7 Signalling
Figure 7.1 UNI 4.0 Supplementary Services . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 2
Figure 7.2 DSL-to-ATM Network Connection. . . . . . . . . . . . . . . . . . . . . . . . . 7 - 8
Figure 7.3 Virtual UNI Network Configuration . . . . . . . . . . . . . . . . . . . . . . . 7 - 10
Figure 7.4 Example of a Proxy Signalling Configuration . . . . . . . . . . . . . . . 7 - 14
CHAPTER 8 Security
APPENDIX E RMON
Figure G.8 ASX-4000 Line Level and Port Card Redundancy without Fabric
Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G - 12
Figure G.9 ASX-4000 Fabric Redundancy without Line Level and Port Card
Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G - 13
CHAPTER 7 Signalling
Table 7.1 Action Taken Based on Both Switches’ Signalling Channel
Configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 26
Table 7.2 Action Taken Based on the Peer’s Supported MIB Variable . . . . 7 - 27
Table 7.3 Valid Type and Version Combinations. . . . . . . . . . . . . . . . . . . . . 7 - 28
Table 7.4 Invalid Type and Version Combinations . . . . . . . . . . . . . . . . . . . 7 - 30
Table 7.5 Valid Scope and Mode Combinations. . . . . . . . . . . . . . . . . . . . . 7 - 31
Table 7.6 Invalid Scope and Mode Combinations . . . . . . . . . . . . . . . . . . . 7 - 33
Table 7.7 UNI 3.1 Allowable Combination of Traffic Parameters in
ForeThought 5.2.x and Greater . . . . . . . . . . . . . . . . . . . . . . . . . 7 - 37
CHAPTER 8 Security
Table 8.1 Allowable Login Method Combinations. . . . . . . . . . . . . . . . . . . . . 8 - 2
Table 8.2 Possible Login Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 3
APPENDIX E RMON
Table E.1 Common Operations Supported by SNMP . . . . . . . . . . . . . . . . . E - 3
Preface
This manual provides the technical information needed to configure the ForeRunner ® family of
ATM Switches, ForeRunnerLE ® Switches, TNX™ ATM Switches, ESX™-3000 Switch, the
ForeRunner network modules, and the accompanying ForeThought™ software. This document
also provides general ATM information and general product information. This document was
created for users with various levels of experience. If you have any questions or problems,
please contact the Marconi Technical Assistance Center (TAC).
Chapter Summaries
Chapter 1 - Configuring PVCs - Describes how to create PVCs on a switch through the ATM
Management Interface (AMI).
Chapter 2 - Configuring Classical IP - Describes how to design, configure, and maintain a
Classical IP ATM network.
Chapter 3 - Configuring an Emulated LAN - Provides an overview of LAN Emulation and
gives an example of how to configure an Emulated LAN.
Chapter 4 - MPOA - Contains an overview of LAN Emulation (LANE) and Multi-Protocol
Over ATM (MPOA).
Chapter 5 - ForeThought PNNI - Provides an overview of ForeThought PNNI and shows how
this scalable routing and signalling protocol can be used to simplify large network topologies.
Chapter 6 - ATM Forum PNNI - Provides an overview of ATM Forum PNNI and shows how
Preface
this scalable routing and signalling protocol can be used to simplify large network topologies.
Chapter 7 - Signalling - Describes signalling protocol information.
Chapter 8 - Security - Describes the various forms of security that can be used on the switch.
Chapter 9 - Configuring Timing - Describes how to set up timing on a switch.
Appendix A - Configuring SNMP - Describes the remote SNMP configuration of a switch.
Appendix B - Configuring Circuit Emulation Services - Contains information for configur-
ing Circuit Emulation Services (CES) network modules.
Appendix C - Converting FT-PNNI and PNNI Networks - Discusses the conversion of both
non-hierarchical and hierarchical FT-PNNI networks to ATM Forum PNNI networks. Also
describes the conversion of a non-hierarchical PNNI network to a lop-sided hierarchical PNNI
network.
Appendix D - Configuring FramePlus Modules - Contains information for configuring
FramePlus™ network modules.
Appendix E - RMON - Contains information for configuring RMON.
Appendix F - Configuring IMA Modules - Contains information for configuring IMA net-
work modules.
Appendix G - ASX-4000 Redundancy - Provides an overview of SONET automatic protec-
tion switching (APS) and the ASX-4000 fabric and portcard redundancy features.
Related Manuals
References are made in this manual to the following manuals:
ATM Management Interface (AMI) Manual, Part 1 - Describes the root, connections, ethernet,
and hardware level AMI commands and menus.
ATM Management Interface (AMI) Manual, Part 2 - Describes the interfaces, redundancy, rout-
ing, and security level AMI commands and menus.
ATM Management Interface (AMI) Manual, Part 3 - Describes the services, signalling, and sys-
tem level AMI commands and menus.
ATM Switch Diagnostics and Troubleshooting Manual - Describes the debug level AMI com-
mands and menus. Also, describes error messages, loopbacks, SCP diagnostics, and ATM
Forum PNNI debugging information.
These manuals can be found on the CD and can be read and printed using Acrobat Reader
which is also included on the CD. If Acrobat Reader is installed locally, run Acrobat and open
the manual from the /DOCS directory of the CD. If Acrobat Reader is not installed locally, run
the Acrobat installer to load Acrobat Reader on your machine. Then run the ACROREAD.EXE
file in the /DOCS directory of the CD.
Technical Support
In the U.S.A., customers can reach Marconi Technical Assistance Center (TAC) using any one
of the following methods:
1. Select the “Support” link from Marconi’s World Wide Web page:
http://www.marconi.com/
Technical support for customers outside the United States should be handled through the local
distributor or via telephone at the following number:
+1 724-742-6999
No matter which method is used to reach Marconi Support, customers should be ready to pro-
vide the following:
• A support contract ID number
Preface
• The serial number of each product in question
• All relevant information describing the problem or question
Typographical Styles
Throughout this manual, all specific commands meant to be entered by the user appear on a
separate line in bold typeface. In addition, use of the Enter or Return key is represented as
<ENTER>. The following example demonstrates this convention:
cd /usr <ENTER>
File names that appear within the text of this manual are represented in the following style:
“...the fore_install program installs this distribution.”
Command names that appear within the text of this manual are represented in the following
style: “...using the flush-cache command clears the bridge cache.”
Subsystem names that appear within the text of this manual are represented in the following
style: “...to access the bridge subsystem...”
Parameter names that appear within the text of this manual are represented in the following
style: “...using <seg-list> allows you to specify the segments for which you want to display
the specified bridge statistics.”
Any messages that appear on the screen during software installation and network interface
administration are shown in Courier font to distinguish them from the rest of the text as fol-
lows:
Preface
NOTE statements contain information that has been found important enough to be called to
the special attention of the operator and is set off from the text as follows:
Laser Warning
Every Marconi network module having a single mode fiber optic interface contains a Class 1
laser.
Class 1 lasers are defined as products which do not permit human access to laser radiation in
excess of the accessible limits of Class 1 for applicable wavelengths and durations. These
lasers are safe under reasonably foreseeable conditions of operation.
Safety Precautions
For your protection, observe the following safety precautions when setting up equipment:
• Follow all warnings and instructions marked on the equipment.
• Ensure that the voltage and frequency of your power source matches the voltage
and frequency inscribed on the equipment’s electrical rating label.
• Never push objects of any kind through openings in the equipment. Dangerous
voltages may be present. Conductive foreign objects could produce a short circuit
that could cause fire, electric shock, or damage to your equipment.
Modifications to Equipment
Do not make mechanical or electrical modifications to the equipment. Marconi is not responsi-
ble for regulatory compliance of a modified Marconi product.
Preface
Configuring PVCs
1.1 General Concepts
Each ATM cell contains a virtual path identifier (VPI) and a virtual channel identifier (VCI) as
part of its five-byte ATM header. The VPI and VCI are used to route the cell through the ATM
network. When a switch fabric receives a cell, it examines the ATM header to determine the
correct output port, VPI, and VCI for the cell. For example, an ATM switch fabric can be con-
figured such that any cell received on port A1 with VPI|VCI = 0|32 is switched to port B2
with VPI|VCI = 0|35. The translation from input port, VPI, and VCI to output port, VPI, and
VCI is achieved via a mapping table in the switch fabric’s memory.
The VCI value of cells does not change as the cell is switched through the ATM network via a
virtual path. In a single switch environment, a cell’s VPI and VCI are translated only once, but
in a multiple switch environment a cell’s VPI and VCI are translated many times. It is impor-
tant to remember that a cell’s VPI and VCI are of local significance only (i.e., link-by-link). It is
also important to note that virtual connections are unidirectional; that is, they are valid in one
direction only. The VPI and VCI may change as the cell is switched through the network.
VPI: 1, VCI: 37
cell
FORE ATM FORE ATM
Switch B Switch C
Workstation P Workstation Q
The mappings in an ATM network used to route cells from a source to a destination are gener-
ally referred to as virtual channels and virtual paths. The following sections is to explain how
to create the necessary mappings to establish these virtual paths and virtual channels in a net-
work of FORE ATM switches.
Configuring PVCs
Virtual
Path
Virtual
Channels
Medium
A single virtual path can be used to route many virtual channels through the ATM network.
Because a virtual path simply routes virtual channels through the network, a cell is guaran-
teed to have the same VCI when it exits the virtual path as it had when it entered the virtual
path.
cell cell
VPI: X, VCI: Y VPI: Z, VCI: Y
The VCI value of cells does not change as the cell is switched through the ATM network via a
virtual path. Each virtual path must originate at a switch fabric, pass through zero or more
switch fabrics and terminate at another switch fabric. The origination and termination points
are referred to as originating and terminating paths. Virtual paths are switched through switch
fabrics via through paths. Virtual paths are made up of an originating path, zero or more
through paths, and a terminating path.
ForeRunner
ATM Switch
FORE FORE
ATM Switch ATM Switch
Virtual Path
switch fabric
A4 B4
cell cell
VPI: 10 VPI: 20
VCI: X Through Path VCI: X
A4|10 -> B4|20
Configuring PVCs
Figure 1.5 - An Example of a Through Path
By definition, through paths only switch cells in one direction; they are unidirectional. For
example, switch fabric X is configured with the through path B1|20 -> C1|20. If a cell is
received on port C1 with VPI: 20, it is not transmitted on port B1 with a new VPI: 20. In order
for this to happen, the through path C1|20 -> B1|20 must exist as well. Since through paths
are unidirectional, two through paths are necessary for bidirectional communication.
FORE FORE
ATM Switch ATM Switch
Virtual Channels
Figure 1.7 - Using Originating and Terminating Paths for Bandwidth Allocation
Configuring PVCs
connections path through show
Input Output
AtmIf VPI AtmIf VPI AllocBW Serv Protocol Name
Categy
1A1 1 1A1 2 0.0K UBR pvc N/A
1A1 4 1A1 5 0.0K UBR pvc N/A
1A1 5 1A1 6 0.0K UBR pvc N/A
1A1 7 1A1 6 0.0K UBR pvc N/A
Field Description
Name The user-assigned name which helps to identify this through path uniquely.
To list advanced options about all of the existing virtual (through) paths, enter the following
parameters:
Input Output
AtmIf VPI AtmIf VPI LoopVPI UPC ConType
1A1 1 1A1 2 0 N/A
1A1 4 1A1 5 0 N/A
1A1 5 1A1 6 0 N/A
1A1 7 1A1 6 0 N/A
Field Description
LoopVPI Indicates whether or not traffic shaping has been enabled for this path.
UPC The integer index that refers to a specific traffic contract assigned to this through path.
UPC contracts can be displayed using connections upc show.
ConType The connection type for the endpoints of this path with respect to a particular network.
Orig (originating) means that the ingress/egress endpoint of the path is connected to the
source node which is outside the network, tran (transit) means that the ingress/egress
endpoint of the path is connected to a node within the network, and term (terminating)
means that the ingress/egress endpoint of the path is connected to the destination node
which is outside the network.
Configuring PVCs
4A2 0 term N/A 0.8K 1 511 6 pvc
4A2 0 orig N/A 0.0K 1 511 6 pvc
4A3 0 term N/A 356.2K 1 511 7 pvc
4A3 0 orig N/A 355.7K 1 511 7 pvc
4A4 0 term N/A 0.8K 1 511 6 pvc
4A4 0 orig N/A 0.0K 1 511 6 pvc
Press q to quit, any other key to continue... q
Field Description
ResBW The maximum amount of bandwidth, in Kbps, that is reserved for the virtual channels
using this vpt. A value of N/A indicates that this path is an elastic path. Elastic paths allo-
cate and de-allocate bandwidth for their channels from the link.
CurBW The amount of bandwidth, in Kbps, that is being used by the virtual channels using this
vpt.
MinVCI The bottom number for the range of VCIs that are reserved for VCCs on this virtual path
terminator.
MaxVCI The top number for the range of VCIs that are reserved for VCCs on this virtual path ter-
minator. Also, this is the maximum VCI number to be supported on the control port.
VCs The number of virtual channels that are currently using this vpt.
To list the advanced options about the existing virtual path terminators, enter the following:
Field Description
ShapeVPI Shows the output port on which traffic shaping has been enabled for this originating vpt.
This only applies to Series C network modules. N/A means that shaping has not been con-
figured on this port.
LoopVPI Shows the looping port that has been configured to loop traffic on that port for shaping on
a Series D port. N/A means that looping has not been configured on this port.
VBROB The bandwidth overbooking level assigned to this vpt, specified as a percentage. The
default is 100, which means that no overbooking has been defined. Values less than 100
cause underbooking. Values greater than 100 denote overbooking. port means this is an
elastic path. Since elastic paths derive their overbooking factors from their parent ports,
use hardware port show or interfaces atmif show to show the overbooking value.
BuffOB The buffer overbooking level assigned to this vpt, specified as a percentage. The default is
100, which means that no overbooking has been defined. Values less than 100 cause
underbooking. Values greater than 100 denote overbooking. port means this is an elastic
path. Since elastic paths derive their overbooking factors from their parent ports, use
hardware port show or interfaces atmif show to display the overbooking value.
Shaping flat means there is no shaping. All elastic VPTs are flat.
shaped means the VCCs can be serviced by any shaping mode.
shaped-roundrobin means the VCCs on this VPT are only serviced by the roundrobin
mode.
This option only applies to the Series 2 port cards on an ASX-4000 switch.
Configuring PVCs
FORE
cell ATM Switch cell
Six parameters are needed to define a virtual channel: input port, input VPI, input VCI, out-
put port, output VPI, and output VCI. Virtual channels switch cells using both the VPI and
VCI values. Both the VPI and VCI values may change when a cell is switched via a virtual
channel. For example, the virtual channel C2|1|20 -> D2|9|25 switches cells received on port
C2 with VPI: 1 and VCI: 20 such that they are transmitted out port D2 with VPI: 9 and VCI: 25.
switch fabric
C2 D2
cell cell
VPI: 1 VPI: 9
VCI: 20 VCI: 25
Virtual Channel
C2|1|20 -> D2|9|25
To establish two-way communications between two ports on a switch fabric, two virtual chan-
nels are necessary because virtual channels are unidirectional. For example, switch fabric A is
configured with the virtual channel C3|7|12 -> D1|8|2. If a cell is received on port D1 with
VPI: 8 and VCI: 2, it is not transmitted out port C3 with VPI: 7 and VCI: 12. An additional
channel, namely D1|8|2 -> C3|7|12, would have to exist.
Before a virtual channel can be created, the corresponding terminating and originating paths
must exist. For example, before the channels shown on the switch fabric in Figure 1.11 can be
created, the terminating path C3|3 must exist.
Switch or
FORE Host B
ATM Switch
Term. Orig. Switch or
Host C
C3|3|45 -> A3|9|100
Switch or C3|3|50 -> C2|3|98 Switch or
Host A C3|3|80 -> A1|7|88 Host D
C3|3|123 -> A1|3|123
Switch or
Host E
Similarly, before the virtual channels shown in Figure 1.12 can be created, the originating path
C2|2 must exist.
Switch or
Host A FORE
ATM Switch
Switch or Term. Orig.
Host B
A2|7|120 -> C2|2|120
Switch or C2|3|67 -> C2|2|37 Switch or
Host E
Host C C3|11|50 -> C2|2|102
B1|2|99 -> C2|2|99
Switch or
Configuring PVCs
Host D
Furthermore, in these examples, the terminating path C3|3 and originating path C2|2 must
have enough bandwidth allocated to support the total bandwidth used by the virtual channels
(see Figure 1.7).
SVCs
Interswitch Links
Input Output
AtmIf VPI VCI AtmIf VPI VCI ServCat Protocol Name
1A1 0 5 1CTL 0 37 nrtVBR fsig N/A
Configuring PVCs
1A1 0 14 1CTL 0 36 UBR spans N/A
1A1 0 15 1CTL 0 35 nrtVBR spans N/A
1A1 0 16 1CTL 0 38 nrtVBR fsig N/A
1A2 0 5 1CTL 0 41 nrtVBR fsig N/A
1A2 0 14 1CTL 0 40 UBR spans N/A
1A2 0 15 1CTL 0 39 nrtVBR spans N/A
1A2 0 16 1CTL 0 42 nrtVBR fsig N/A
1A3 0 5 1CTL 0 45 nrtVBR fsig N/A
1A3 0 14 1CTL 0 44 UBR spans N/A
1A3 0 15 1CTL 0 43 nrtVBR spans N/A
1A3 0 16 1CTL 0 46 nrtVBR fsig N/A
Press q to quit, any other key to continue... q
Field Description
Protocol Indicates what type of signalling protocol is running on this channel. Can be spans, pvc,
fsig, spvc, or rcc. rcc is the routing control channel (0, 18) on PNNI links over which
PNNI exchanges routing information. fsig stands for ATM Forum signalling.
Name The unique, user-assigned name for this PVC. If no name is assigned, shows N/A.
To list advanced information about all of the existing permanent virtual channels on a switch
board, enter the following:
Input Output
AtmIf VPI VCI AtmIf VPI VCI UPC Protocol ConType
1A1 0 5 1CTL 0 37 N/A fsig N/A
1A1 0 14 1CTL 0 36 N/A spans N/A
1A1 0 15 1CTL 0 35 N/A spans N/A
1A1 0 16 1CTL 0 38 N/A fsig N/A
1A2 0 5 1CTL 0 41 N/A fsig N/A
1A2 0 14 1CTL 0 40 N/A spans N/A
1A2 0 15 1CTL 0 39 N/A spans N/A
1A2 0 16 1CTL 0 42 N/A fsig N/A
1A3 0 5 1CTL 0 45 N/A fsig N/A
1A3 0 14 1CTL 0 44 N/A spans N/A
1A3 0 15 1CTL 0 43 N/A spans N/A
1A3 0 16 1CTL 0 46 N/A fsig N/A
Press q to quit, any other key to continue... q
Field Description
UPC The integer index that refers to the specific UPC traffic contract assigned to this VCI.
Protocol Indicates what type of signalling protocol is running on this channel. Can be spans, pvc,
fsig, spvc, or rcc. rcc is the routing control channel (0, 18) on PNNI links over which
PNNI exchanges routing information. fsig stands for ATM Forum signalling.
ConType The connection type for the endpoints of this PVC with respect to a particular network.
Orig (originating) means that the ingress/egress endpoint of the channel is connected to
the source node which is outside the network, tran (transit) means that the ingress/
egress endpoint of the PVC is connected to a node within the network, and term (termi-
nating) means that the ingress/egress endpoint of the PVC is connected to the destination
node which is outside the network.
Configuring PVCs
• a smart permanent virtual channel through the network
This section assumes that the physical port parameters of the switches have already been con-
figured and that the ATM network module traffic models have been set appropriately. For
more information about these configurations, see Part 1 of the AMI Configuration Commands
Reference Manual.
See Part 1 of the AMI Configuration Commands Reference Manual for descriptions of the
usage parameters.
The following is an example of how to create a virtual path which specifies a name:
myswitch:connections path through-> new -iatmif 3b1 -ivpi 75 -oatmif 3b5 -ovpi
75 -name customer_b
The following is an example of how to create a virtual path which specifies a name and a con-
nection type:
myswitch:connections path through-> new -iatmif 3b6 -ivpi 62 -oatmif 3b2 -ovpi
62 -name customer_c -ctype tran
The following is an example of how to create a virtual path on an ASX-1000 switch, ASX-1200
switch, or TNX-1100 switch. To create a through path going in port 2A1, VPI 1 on the switch
board installed in slot 2 and going out port 4B1, VPI 1 on the switch board installed in slot 4,
enter the following:
myswitch:connections path through-> new -iatmif 2a1 -ivpi 1 -oatmif 2e4 -ovpi 1
myswitch:connections path through-> new -iatmif 2e4 -ivpi 1 -oatmif 2a1 -ovpi 1
myswitch:connections path through-> new -iatmif 4b1 -ivpi 1 -oatmif 4e2 -ovpi 1
myswitch:connections path through-> new -iatmif 4e2 -ivpi 1 -oatmif 4b1 -ovpi 1
Configuring PVCs
In the first line in the first pair, notice that the output port is 2E4. This is the intra-fabric port.
The 2 means the connection is coming out of the switch board in slot 2 through the intra-fabric
port. The E represents the intra-fabric port. The 4 means the connection is destined for switch
board in slot 4. 2E4 then becomes the input port in the second line.
In the first line in the second pair, notice that the output port is 4E2. This is the intra-fabric
port. The 4 means the connection is coming out of the switch board in slot 4 through the intra-
fabric port. The E represents the intra-fabric port. The 2 means the connection is destined for
switch board in slot 2. 4E2 then becomes the input port in the second line.
At the same time, a command is entered automatically into the current configuration data-
base, which means that this virtual path is created every time the SCP is restarted.
See Part 1 of the AMI Configuration Commands Reference Manual for descriptions of the
usage parameters.
Configuring PVCs
of 500-700% is recommended until live traffic
patterns and VPC utilization can be measured. If
bandwidth is still under-utilized, a higher
VBROB setting can be used.
If you do not specify term or orig, the switch automatically deletes both sides of the path:
Switch B
Switch A
VP 3
WAN PVP Mesh
1A1
shaping port
VP 2
switch fabric
VP 0
VP 2
Switch C
1A2
VP 1 VP 3
looping port (orig. and term. paths VP 0 and VP 1)
Figure 1.14 - PVPs Looped through Port 1A2 and Output on Port 1A1 to WAN
As shown in the example in Figure 1.14, the traffic that is going out originating path 0 on port
1A2 gets looped so that it is output to the WAN on through path 2 on shaping port 1A1. Simi-
larly, the traffic that is going out originating path 1 on port 1A2 gets looped so that it is output
to the WAN on through path 3 on shaping port 1A1.
Switch B
Switch A
VP 3
Configuring PVCs
VP 0
VP 0
Switch C
1A2
VP 1 VP 1
looping port (orig. and term. paths VP 0 and VP 1)
Figure 1.15 - PVPs Coming in Port 1A1 from WAN and Looped through Port 1A2
Then, as shown in the example in Figure 1.15, the traffic that is coming in through path 2 on
port 1A1 from the WAN gets looped back to terminating path 0 on port 1A2. Similarly, the
traffic that is coming in through path 3 on port 1A1 from the WAN gets looped back to termi-
nating path 1 on port 1A2.
In your own network, you will repeat this process on these same two ports for as many paths
as you want to shape.
To configure the shaped originating paths as shown in the example in Figure 1.14 and
Figure 1.15, perform the following steps:
1. First, create the UPC contract to be used on the through paths that are going to be
output on the shaping port on the Series D network module to the WAN.
myswitch:connections upc-> new -index 2 -servicecat cbr -pcr 42452 -gcra off
-schdmod smoothed
3. Recreate the paths on the looping port using the -loopvpi option to ensure that
cells from the WAN port get looped back into the terminating path.
4. Create a PVP to the shaping port on a Series D network module and apply the UPC
contract that you created in step 1 so that it shapes the cells.
Configuring PVCs
-upc 2
5. Create a PVP in the opposite direction and use -loopvpi to ensure that the cells
on each through path get looped back the terminating paths on the looping port
(1a2).
myswitch:connections path through-> new -iatmif 1a1 -ivpi 2 -oatmif 1a2 -ovpi 2
-loopvpi 0
myswitch:connections path through-> new -iatmif 1a1 -ivpi 3 -oatmif 1a2 -ovpi 3
-loopvpi 1
6. Now use a loopback command to loop the transmit side to the receive side on the
looping port (1a2).
7. Additional shaped originating paths can be added later on these same two ports
as needed by repeating the steps in this section.
See Part 1 of the AMI Configuration Commands Reference Manual for descriptions of the
usage parameters.
Once the parameters are entered, the entry is created instantly by the SCP. At the same time, a
command is entered automatically into the current CDB which creates this ATM ARP entry
each time the SCP is restarted.
Configuring PVCs
198.29.22.37 asx0 0 65 aal34 foreIpSVC pending
IPaddress If NSAP Address
198.29.17.3 qaa0 0x47.0005.80.ffe100.0000.f21b.0138.002048102754.00
198.29.17.10 qaa0 0x47.0005.80.ffe100.0000.f21b.0137.002048100be6.00
198.29.17.15 qaa0 0x47.0005.80.ffe100.0000.f21b.0137.00204810048d.00
198.29.17.52 qaa0 0x47.0005.80.ffe100.0000.f21b.0138.0020481b0138.00
Field Description
Type Shows what kind of connection this is. Can be foreIpPVC, foreIpSVC,
classicalIpPVC, or classicalIpSVC.
See Part 1 of the AMI Configuration Commands Reference Manual for descriptions of the
usage parameters.
The following is an example of how to create a uni-directional virtual channel which specifies
the call record connection type as transit:
myswitch:connections channel-> new -iatmif 3b1 -ivpi 0 -ivci 100 -oatmif 3b4
-ovpi 0 -ovci 100 -ctype tran
The following is an example of how to create a uni-directional virtual channel which has the
name “customer_a” assigned to it:
myswitch:connections channel-> new -iatmif 3b2 -ivpi 0 -ivci 145 -oatmif 3b3
-ovpi 0 -ovci 145 -name customer_a
myswitch:connections channel-> new -iatmif 2a1 -ivpi 0 -ivci 100 -oatmif 2e4
-ovpi 0 -ovci 100
myswitch:connections channel-> new -iatmif 2e4 -ivpi 0 -ivci 100 -oatmif 2a1
-ovpi 0 -ovci 100
myswitch:connections channel-> new -iatmif 4b1 -ivpi 0 -ivci 100 -oatmif 4e2
-ovpi 0 -ovci 100
myswitch:connections channel-> new -iatmif 4e2 -ivpi 0 -ivci 100 -oatmif 4b1
-ovpi 0 -ovci 100
In the first line in the first pair, notice that the output port is 2E4. This is the intra-fabric port.
The 2 means the connection is coming out of the switch board in slot 2 through the intra-fabric
Configuring PVCs
port. The E represents the intra-fabric port. The 4 means the connection is destined for switch
board in slot 4. 2E4 then becomes the input port in the second line.
In the first line in the second pair, notice that the output port is 4E2. This is the intra-fabric
port. The 4 means the connection is coming out of the switch board in slot 4 through the intra-
fabric port. The E represents the intra-fabric port. The 2 means the connection is destined for
switch board in slot 2. 4E2 then becomes the input port in the second line.
Once the parameters are entered, the virtual channel is created instantly by the SCP. At the
same time, a command is entered automatically into the current configuration database,
which means that this virtual channel is created every time the SCP is restarted.
4. Now create the destination side of the first unidirectional SPVC. This time use the
SPANS Address from the source switch (shark) as the -destswitchaddr value
as follows:
Configuring PVCs
Usage:
[-spvcid] <integer> Spvc Id
[-srcspvcid] <integer> Src Spvc Id
[-srcswitchaddr] <SPANS Address> Src Switch Addr
[-outatmif] <AtmIf> Out AtmIf
[-outvpi] <integer> Out VPI
[-outvci] <integer> Out VCI
[[-allocbandwidth] <integer>] Alloc Bandwidth
6. Create another unidirectional SPVC going in the other direction. This time tuna is
the source and shark is the destination as follows:
7. Verify that the second unidirectional SPVC is up on both switches by looking at the
State field as follows:
Configuring PVCs
3. Create the PNNI PP SPVC on the source switch. Copy and paste the value from the
Destination NSAP field in the previous step as the -calledatmaddr value as
follows:
4. Verify that the PNNI PP SPVC is up on the source switch by looking at the State
field as follows:
Your bi-directional PNNI PP SPVC from the source switch to the destination switch is now
complete.
Configuring PVCs
[[-spvccid] <integer>] PMP SPVCCID (default: 2)
[-atmif] <AtmIf> AtmIf
[-vpi] <integer> VPI
[-vci] <integer> VCI
[[-upc] <integer>] UPC (default: 0)
[[-bearerclass] <bearerclass>] Bearer Class (default: classX)
[[-susceptclip] (no|yes)] CLIP (default: no)
[[-fwdqosclass] <QoS Class>] Forward Qos (default: class0)
[[-name] <text>] Name
[[-priority] <integer>] Priority (default: 10)
[[-nextpartyindex] <integer>] Next Party Index
[[-domainid] <integer>] Domain ID (default: 1)
[[-rgroupid] <integer>] Redundancy Group ID
[[-secondaryvpi] <integer>] Secondary VPI
[[-secondaryvci] <integer>] Secondary VCI
shark:connections smartchannel pnni pmp root-> new -spvccid 1 -atmif 1a1 -vpi 0 -vci 32
3. Create the parties. First, find the destination NSAP on one of the destination party
switches as follows:
tuna:connections-> destnsap ?
Usage:
[-domainid] <unsigned> Domain ID
[-atmif] <AtmIf> AtmIf
4. Go back to the source switch and create the party. Copy the NSAP address from the
previous step into the command for the -atmaddr <NSAP Address> parameter
as follows:
5. Create the other party. Find the destination NSAP on the other destination party
switch as follows:
flounder:connections-> destnsap ?
Usage:
[-domainid] <unsigned> Domain ID
[-atmif] <AtmIf> AtmIf
Configuring PVCs
6. Go back to the source switch and create the party. Copy the NSAP address from the
previous step into the command for the -atmaddr <NSAP Address> parameter
as follows:
PartyNsapAddress: 0x47.0005.80.ffe100.0000.f21c.3950.0020480d00bc.00
1 10 0 34 up noPref 0 00:00
PartyNsapAddress: 0x47.0005.80.ffe100.0000.f21c.3950.0020480d0001.80
If you have more parties than shown in the example, you can repeat step 5 and step 6 for each
additional party. Your PMP PNNI SPVC is now complete.
Quality of Service (QOS) Management is based on the bandwidth parameters associated with
a virtual connection and the class of service and ATM Adaptation Layer (AAL) used for that
connection. In order to support voice, video, and data, the ATM Forum has defined classes of
service, or traffic types: Constant Bit Rate (CBR), real time Variable Bit Rate (rtVBR), non-real
time Variable Bit Rate (nrtVBR), Available Bit Rate (ABR), and Unspecified Bit Rate (UBR).
• At connection set-up time, traffic that uses a CBR parameter, such as a voice sig-
nal, makes a request for a dedicated Peak Cell Rate (PCR). Once the PCR is
defined, the ATM network must be able to guarantee that amount of bandwidth
for the duration of the connection.
• At connection set-up time, traffic that uses a rtVBR or nrtVBR parameter, such as a
video and data, makes a request for a dedicated PCR, Sustainable Cell Rate (SCR),
and Maximum Burst Size (MBS). Once these cell rates are defined, the ATM net-
work must be able to guarantee these rates for the duration of the connection.
• At connection set-up time, ABR traffic makes a request for a dedicated PCR and
Minimum Cell Rate (MCR). Once these cell rates are defined, the ATM network
must be able to guarantee the MCR rate for the duration of the connection. ABR
traffic sources adjust their transmission rate in response to information they
receive describing the status of the network and its capability to successfully
deliver data.
• UBR traffic, such as broadcast information and ARP messages, is also known as
“best effort” service. UBR provides no bandwidth guarantees.
Because ATM is designed to provide a single network to transport this variety of traffic
classes, FORE’s traffic policing and Connection Admission Control (CAC) schemes are vital to
allowing this mix of traffic to flow smoothly.
Configuring PVCs
1.7.1 Leaky Bucket Algorithm
The first important concept to understand is the leaky bucket algorithm. Leaky buckets are a
mechanism by which cells entering the port are monitored for compliance with UPC traffic
contracts that have been negotiated at connection set-up time. Before the leaky buckets are
discussed, it is important to understand the parameters that are being measured by the buck-
ets, as shown in Table 1.1. These parameters are informally defined as follows:
• Peak Cell Rate (PCR) - the maximum number of cells per second
• Cell Delay Variation Tolerance (CDVT) - the tolerance for variation in the inter-
arrival time of these cells, or the amount of jitter that can be accepted by the net-
work
• Sustainable Cell Rate (SCR) - the average rate of cell transmission for this connec-
tion, taking bursting into account
• Burst Tolerance (BT) - the maximum amount of cells that can be transmitted above
SCR
• Minimum Cell Rate (MCR) - the minimum rate that the network has to guarantee
for an ABR connection
The leaky bucket algorithm is basically a timer which assesses if cells entering the port con-
form to the parameters listed above. As a cell arrives, the timer assesses if the cell is on time,
late, or early. If the cell is determined to be on time or late (based on the traffic parameters), the
cell is allowed to pass unchanged. If the cell is early (which, in turn, causes the cell stream to
exceed the specified parameters), the cell is considered non-conforming and is either dropped
or tagged (the CLP bit is set to 1), depending on the specified contract.
The first bucket in this analogy measures the PCR, or the rate at which the bucket drains. It
also considers the CDVT, or the depth of the bucket. The second bucket measures the SCR, or
the rate at which the bucket drains, and the BT, or the depth of the second bucket.
Policin Action on
Policing
g non-conforming cells
PCR SCR MBS Bucket 1 Bucket 2 on Switch
Schem
Fabric
e Bucket 1 Bucket 2
CBR0T PCR0, PCR01, PCR0, CDVT Yes Drop Tag CLP=0 (change bit
AG PCR01 CDVT CLP=0+1 to CLP=1)
VBR1 PCR01 SCR01 MBS01 PCR01, SCR01, Yes Drop Drop CLP=0+1
CDVT BT01+CDVT CLP=0+1
VBR2 PCR01 SCR0 MBS0 PCR01, SCR0, Yes Drop Drop CLP=0
CDVT BT0+CDVT CLP=0+1
VBR3 PCR01 SCR0 MBS0 PCR01, SCR0, Yes Drop Tag CLP=0 (change bit
CDVT BT0+CDVT CLP=0+1 to CLP=1)
Configuring PVCs
• scr - Sustained Cell Rate (CLP01 for VBR1, CLP0 for CBR0, CBR0TAG, VBR2, and
VBR3)
• mbs - Maximum Burst Size (CLP01 for VBR1, CLP0 for VBR2 and VBR3)
The specific combinations of these parameters that make up the ATM Forum contracts are
defined as follows:
new-cbr cbr1 <pcr>
new-cbr cbr0 <pcr> <scr>
new-cbr cbr0tag <pcr> <scr>
new-vbr (rtVBR|nrtVBR) (vbr1|vbr2|vbr3) <pcr> <scr> <mbs>
new-abr abr1 <pcr> <mcr>
The new-cbr cbr1 <pcr> contract is for CBR traffic. It only uses the first leaky bucket to assess
the conformance to PCR of the aggregate of the CLP=0 cells and the CLP=1 cells. Cells which
fail the PCR CLP=0+1 test are discarded.
The new-cbr cbr0 <pcr> <scr> and new-cbr cbr0tag <pcr> <scr> contract is for CBR traffic. It
uses the first leaky bucket to assess the conformance to SCR of the CLP=0 cells. It uses the sec-
ond leaky bucket to assess the conformance to PCR of the aggregate of the CLP=0 and the
CLP=1 cells. If the CBR0TAG policing scheme is set, the cells which fail the SCR CLP=0 test
are tagged as CLP=1 and passed on to the second leaky bucket to be tested for PCR CLP=0+1
conformance. Cells which fail the PCR test on CLP=0+1 are discarded. If the CBR0 policing
scheme option is set, cells which fail the SCR CLP=0 test are discarded and cells which fail the
PCR test on CLP=0+1 are discarded.
The new-vbr (rtVBR|nrtVBR) vbr1 <pcr> <scr> <mbs> contract is for VBR traffic.
The first leaky bucket assesses the conformance to PCR of the aggregate of CLP=0 cells and
the CLP=1 cells and the second leaky bucket assesses the conformance to SCR and BT of this
same combination. Cells which fail the PCR test are dropped. Cells which pass the PCR test,
but which fail SCR and BT test are dropped.
The new-vbr (rtVBR|nrtVBR) (vbr2|vbr3) <pcr> <scr> <mbs> contract is for VBR traffic. It
uses the first leaky bucket to assess the conformance to PCR of the aggregate of the CLP=0 and
the CLP=1 cells. Cells that fail this test are discarded. It uses the second leaky bucket to assess
the conformance to SCR and BT of the CLP=0 cells. If the VBR3 policing scheme is set, the cells
which fail the SCR and BT CLP=0 test are tagged as non-conforming cells. If the VBR2 policing
scheme is set, cells which fail the SCR and BT CLP=0 test are discarded.
The new-abr abr1 <pcr> <mcr> contract is for ABR traffic. It only uses the first leaky bucket to
assess the conformance to PCR of the aggregate of the CLP=0 cells and the CLP=1 cells. Cells
which fail the PCR CLP=0+1 test are discarded. The MCR is the guaranteed minimum rate
and the PCR is the maximum required rate. The MCR may be set to 0, which indicates “best
effort” service. If MCR is set greater than 0, then the rate is guaranteed, up to MCR. However,
between MCR and PCR, cells may be dropped when congestion is experienced.
Configuring PVCs
The following is an example of how to create a UPC contract:
myswitch:connections upc-> new -index 5 -servcat vbr -pcr 500 -scr 200 -mbs 250 -cdvt
1000 -aal5 yes -pppol on -name vbr_upc
This example specifies a contract named “vbr_upc”, which is a VBR contract with an index of
5, a PCR of 500 cells/sec (or kbps), an SCR of 200 cells/sec (or kbps), an MBS of 250 cells (or
kilobits), a CDVT of 1,000 microseconds, and partial packet policing enabled.
2.1 Introduction
This chapter describes how to design, configure, and maintain a Classical IP ATM network.
The term classical indicates that the ATM network has the same properties as existing legacy
LANs. That is, even though ATM technology allows for large, globally connected networks,
for example, it is only used in the LAN environment as a direct replacement of existing LAN
technology. The classical model of LANs connected through IP routers is maintained in ATM
networks. RFC-1577 provides the standard for Classical IP over ATM.
Classical IP over ATM is different than IP in legacy LANs in that ATM provides a virtual con-
nection environment through the use of Permanent Virtual Circuits (PVCs) and/or Switched
Virtual Circuits (SVCs). SVC management is performed via the ATM Forum UNI 3.0 Specifica-
tion, which specifies Q.2931. Q.2931 is a broadband signalling protocol designed to establish
Configuring Classical
connections dynamically at the User-Network Interface (UNI). Q.2931 uses Service Specific
Connection Oriented Protocol (SSCOP) as a reliable transport protocol, and all signalling
occurs over VPI: 0, VCI: 5. Q.2931 connections are bidirectional, with the same VPI/VCI pair
used to transmit and receive.
IP
Once a Classical IP connection has been established, IP datagrams are encapsulated using
IEEE 802.2 LLC/SNAP and are segmented into ATM cells using ATM Adaptation Layer type
5 (AAL5). Additionally, the default Maximum Transmission Unit (MTU) is 9,180 bytes (the
SNAP header adds 8 more bytes) with a maximum packet size of 65,535 bytes. There is cur-
rently no support for IP broadcast datagrams or IP multicast datagrams in a Classical IP envi-
ronment.
Configuring Classical
It is only necessary to configure the SPANS and Classical IP interfaces if the specific service
provided by that interface is required. A host sending only Classical IP would not need to con-
figure the SPANS interfaces. Likewise, a host sending only FORE IP would not need to config-
ure the Classical IP interfaces. Both the SPANS and Classical IP interfaces may be configured
IP
simultaneously, but they must be in separate subnets. Remember that Classical IP specific con-
figuration changes can only be done with the Classical IP devices, while SPANS specific con-
figuration changes can only be done with the SPANS devices.
Configuring Classical
can not supply an ATM prefix to the hosts. Therefore, the user must assign a unique, valid pre-
fix to the switch. Additionally, the same prefix should be used for all hosts attached to that
switch.
IP
On the host, uniconfig is used to configure the ATM address for a specific interface. The
switch directly attached to this interface is then informed of this ATM address/port combina-
tion through commands in the ATM Management Interface (AMI). Once the host and network
have both been informed of this ATM address/port pair, the host may begin signalling.
2.2.4 Configuration
The choice to use ILMI for address registration is made at software installation time. Since
ILMI uses SNMP as its management protocol, the use of ILMI is tied into snmpd. The choice
can be made to run FORE’s SNMP agent and use ILMI (snmpd), run FORE’s SNMP agent
without using ILMI (snmpd -n), or just use ILMI (snmpd -i or ilmid -i).
2.3.1 Theory
In order for a host to establish a connection to another host, it must first determine the other
host’s ATM address. ATM ARP (ATM address resolution protocol) is the procedure used to
resolve an IP address into an ATM address. Since the ATM standards do not currently support
broadcast on an ATM LAN, address resolution is performed by direct communication with a
special ARP server, rather than broadcasting ARP requests as is done in legacy LANs. Each
LIS must have only one ARP server configured, but a single ARP server can be the server for
several LISs.
Each host in an LIS must be configured with the ATM address of the host providing ARP ser-
vice for its LIS. On a switch, the ATM address of the ARP server can be obtained by using the
AMI command services atmarp arpserver show. On a host, the ATM address of the ARP
server can be obtained by using clipconfig show (remember to use the interface associated
with the given LIS).
On a switch, the ATM address of the ARP server can be configured by using the instructions
found in Section 2.3.2 of this manual. On a host, the ARP server address is configured into the
host at installation time using the configure_atm script.
Since only one ARP server can be functioning at a time in a given LIS, and since the ARP
server’s address is configured into each host, it is not possible to use multiple, redundant ARP
servers to improve robustness. If an ARP server becomes nonfunctional, a new ARP server
must be configured, and then each host within the LIS must be configured to use the new ARP
server. To configure a new ARP server address on a switch, use the the instructions found in
Section 2.3.2 of this manual. To configure a new ARP server address on a host, you must delete
the interface and recreate it.
For example:
2. Set the NSAP address of the ARP server to be the ATM address of the interface that
you displayed in step 1 using the following AMI command:
Configuring Classical
services atmarp arpserver modify [-ifname] [-serverid] [-addr]
For example:
IP
services atmarp arpserver modify -ifname qaa0 -serverid 1 -addr
0x47000580ffe1000000f12400de0020481900de00
3. Set the ATM address of the ARP server on each of the other switches that will use
that switch as the ARP server using the same command found in step 2.
When a host wants to communicate with another host in its LIS, it first sends an ARP request
to the ARP server containing the IP address to be resolved. When an ARP reply is received
from the ARP server, the host creates an entry in its ARP cache for the given IP address and
stores the IP-to-ATM address mapping. This ARP cache entry is marked as complete. To
ensure that all of the IP-to-ATM address mappings known by a certain host are up-to-date,
hosts are required to age their ARP entries. A host must validate its ARP entries every 15 min-
utes (20 minutes on an ARP server). Any ARP entries not associated with open connections
are immediately removed.
A host validates its SVCs by sending an ARP request to the ARP server. A host validates its
PVCs, and an ARP server validates its SVCs, by sending an InARP request on the VC. If a
reply is not received, the ARP entry is marked invalid. Once an ARP entry is marked invalid,
an attempt is made to revalidate it before transmitting. Transmission proceeds only when val-
idation is successful. If a VC associated with an invalid ARP entry is closed, the entry is
removed.
Configuring Classical
adapter.
IP
Configuring Classical
IP
FORE Switch
FORE
FORE Switch
(ARP server)
Figure 2.1 - Configuring a Third-Party Host with No ILMI and No RFC-1577 Support
1. Before beginning this process, be sure that ForeThought software is installed and
running on the FORE equipment.
2. Using the configuration software of the third-party host, assign that host an NSAP
address that has the same prefix as the switch fabric to which it is connected.
3. Configure the switch that is the ARP server so that it has a static route to the third-
party host using the following AMI command:
FORE FORE
Switch A Switch B
Third-Party Switch
ILMI, no RFC-1577
Configuring Classical
IP
= FORE Systems host
Figure 2.2 - Configuring a Third-Party Switch with ILMI Support and No RFC-1577
1. Be sure that ForeThought software has been installed on all of the hosts and that
ILMI was set in the process. ILMI dynamically performs address registration for
all of the hosts.
2. Configure a static ATM route to the third-party switch on FORE switch “B” that is
physically connected to the third-party switch using the following AMI command:
FORE FORE
Switch A Switch B *
Third-Party Switch
RFC-1577, no ILMI
*
* *
= FORE Systems host
Figure 2.3 - Configuring a Third-Party Switch with RFC-1577 and No ILMI Support
1. Be sure that ForeThought software has been installed on all of the FORE hosts and
that ILMI was set in the process. ILMI dynamically performs address registration
for all of the FORE hosts and FORE switches.
2. Statically configure the non-FORE (*) hosts with ATM addresses (edit the firmware
download script), using the same switch prefix for all of the hosts.
3. Configure a static ATM route to the third-party switch on FORE switch “B” that is
physically connected to the third-party switch using the AMI command:
Be sure to use a network mask value of 104. Also, be sure to use the same prefix
that was used to configure the hosts.
4. Configure two static ATM routes on the third-party switch, one to each of the
FORE switches to which the third-party switch is connected, using the third-party
vendor’s configuration software. Be sure to use a network mask value of 104.
3.1 Introduction
This chapter describes how to design, configure, and maintain an Emulated LAN (ELAN)
over an ATM network. An ELAN provides communication of user data frames among all
members of the ELAN, similar to a physical LAN. One or more ELANs may run simulta-
neously (and independently) on the same ATM network.
Each ELAN is composed of a set of LAN Emulation Clients (LECs), a LAN Emulation Config-
uration Server (LECS), and at least one LAN Emulation Server (LES) and Broadcast and
Unknown Server (BUS) pair (also referred to as colocated BUS or an intelligent BUS). In the
current software release, the LECS may reside either in a ForeRunner ASX-200WG,
ASX-200BX, ASX-1000, ASX-1200, ASX-4000, LE 25, LE 155, ESX-3000, TNX-210, or TNX-1100
switch, or in a UNIX workstation running Solaris 2.5, 2.5.1, or 2.6. The LES/BUS pair may
reside either in a PowerHub 7000, PowerHub 8000, ASN-9000, ASX-200WG, ASX-200BX,
ASX-1000, ASX-1200, ASX-4000, LE 25, LE 155, ESX-3000, TNX-210, or TNX-1100 switch, or in
a UNIX workstation running Solaris 2.5, 2.5.1, or 2.6. An additional software feature is Distrib-
uted LAN Emulation (DLE), which provides load sharing and fault tolerance to the ELAN.
The current software release supports the emulation of both Ethernet (IEEE 802.3) and Token
Ring ELANs.
Configuring an
The current software release supports emulation of Ethernet (IEEE 802.3) ELANs. In the cur-
Emulated LAN
rent release, each LEC resides on an ATM host system (PC, Macintosh, UNIX workstation,
ATM switch, PowerHub 7000, or ES-3810).
Configuring an
Emulated LAN
3.2.4 Broadcast and Unknown Server (BUS)
Unlike traditional shared-media LAN architectures such as Ethernet or Token Ring, ATM is
connection based. Therefore, it has no built-in mechanism for handling connectionless traffic
such as broadcasts, multicasts, and unknown unicasts. In an ELAN, the BUS is responsible for
servicing these traffic types by accepting broadcast, multicast, and unknown unicast packets
from the LECs via dedicated point-to-point connections, and forwarding the packets to all of
the members of the ELAN using a single point-to-multipoint connection. (Unknown unicast
packets are packets that the sending station broadcasts because it does not yet know the ATM
address for the packet’s destination MAC address. There may be more than one instance of an
active BUS per ELAN. Using ForeThought 5.0.x and greater, each BUS must be a colocated BUS
(also referred to as an intelligent BUS or a LES/BUS pair), which allows the BUS to use the
LES’s registration table to direct unicast traffic.
Ë CONTROL - DIRECT
LES
Ì CONTROL - DISTRIBUTE
Í MULTICAST - SEND
BUS
Î MULTICAST - FORWARD
Ï DATA - DIRECT
engineering
LEC2
Configuring an
Emulated LAN
Figure 3.2 - ELAN Operation
3.3.1 Initialization
Upon initialization, LEC1 obtains its own ATM address via ILMI address registration. LEC1
obtains the address of the LECS in one of four ways: by querying the switch to which LEC1 is
connected via ILMI, by connecting to the “well-known” address defined by the ATM Forum’s
LANE standards (47.0079.00.000000.0000.0000.0000.00A03E000001.00), by using
PVC (0,17), or by using an address that is locally configured on LEC1.
Once it knows the location of the LECS, LEC1 establishes a configuration-direct connection Ê
to the LECS. When connected, the LECS provides LEC1 with the information necessary to
connect to the ELAN it wishes to join. This information includes such parameters as: the ATM
address of the ELAN’s LES, the type of LAN being emulated, the maximum packet size, and
the name of the ELAN (engineering, for example). This configuration information is con-
tained in a configuration file that must be built and maintained by the network administrator.
The LES assigns LEC1 a unique identifier, and LEC1 registers its own MAC and ATM
addresses with the LES. (The LES maintains a table containing the MAC addresses and corre-
sponding ATM addresses of all members of the ELAN.) At this point, LEC1 has “joined” the
ELAN.
The LES then establishes a control-distribute connection Ì back to LEC1. Connections Ë and Ì
Configuring an
Emulated LAN
can now be used by LEC1 to send LAN Emulation ARP (LE_ARP) requests to the LES, and
receive replies.
LEC1 now sends an LE_ARP request to the LES to get the ATM address of the BUS corre-
sponding to the broadcast MAC address (FF-FF-FF-FF-FF-FF). The LEC then establishes a
multicast-send connection Í to the BUS. The BUS responds by setting up a multicast-forward
connection Î to the LEC.
At this point, the LEC is ready to transfer data.
While waiting for the LES to respond, LEC1 forwards the packet to the BUS. The BUS broad-
casts the packet to all LECs on the ELAN. This is done to avoid data loss, and to minimize con-
nection set-up latency (due to the LE_ARP process) that may not be acceptable to some
network protocols.
If the LE_ARP response is received, LEC1 establishes a data-direct connection Ï to the destina-
tion address of LEC2. This path will be used for subsequent data transfers. Before LEC1 begins
to use this connection, it first sends a “flush” packet via the BUS to the destination, LEC2.
When LEC2 acknowledges receipt of this packet, signifying that the BUS path is empty, only
then does LEC1 begin to use the data-direct connection Ï for data transfer. This process
ensures that the network protocol’s frames arrive in the proper order.
If no response is received to the LE_ARP, LEC1 continues to send data via the BUS, while con-
tinuing to LE_ARP until a response is received and a data-direct connection to LEC2 is estab-
lished.
If LEC1 already has a data-direct connection to a MAC address it wishes to reach, it need not
go through the LE_ARP process again. Instead, it continues to use the current connection. This
is possible because each LEC maintains a cache of MAC address to ATM address mappings
that it receives in response to the LE_ARPs it has sent. Entries in this cache are “aged” out over
a period of time. Data-direct connections are also cleared if they remain inactive for a period of
time.
Eng
LES/BUS 1
Configuring an
Emulated LAN
Eng
LES/BUS 1
Ê
Ë
When LEC 3 receives the IP ARP request, it recognizes that it is the intended destination, and,
therefore, attempts to send an IP ARP response to LEC 1 (whose MAC address was supplied
in the ARP request packet).
As shown in Figure 3.5, the delivery of the ARP response is a three-step process: Ì LEC 3 sends
an LE-ARP query to the LES, asking for the ATM address that corresponds to LEC 1’s MAC
address; Í the LES sends an LE-ARP response to LEC 3; and Î LEC 3 establishes a circuit to
LEC 1’s ATM address.
Eng Í
LES/BUS 1
Î Ì
Eng LEC 1 Eng LEC 2 Eng LEC 3
Configuring an
Emulated LAN
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Each DLE peer server actually maintains two sets of connections: one is a point-to-multipoint
connection to each of its peers for broadcasting multicast data and flooding control information,
and the other includes individual point-to-point connections to each peer for directed control
traffic.
Each DLE peer server that supports the ELAN is responsible for registering and giving reports
about the LECs that are attached to it directly. Each DLE peer server propagates this informa-
tion to both its locally attached LECs and its peers.
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Upon receiving the broadcast from the first DLE peer server, the peers re-distribute the packet
to their own locally attached LECs Ì, as shown in Figure 3.8, so the packet arrives its actual
destination at LEC 9.
Configuring an
LES/BUS 1 Ì LES/BUS 3
Emulated LAN
LES/BUS 2
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
LEC 9 recognizes its IP address, and prepares an IP ARP response. As shown in Figure 3.9, it
then sends an LE-ARP request to its local LES Í, asking for the ATM address that matches LEC
1’s MAC address. Since LEC 9’s local LES does not have an entry for LEC 1, the local LES
passes the query along to all of its locally-attached proxy LECs (none are shown in this figure)
and all of its DLE peer servers Î.
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Figure 3.9 - LE-ARP for Unknown Host Sent to Proxies (not shown) and DLE Peer Servers
In Figure 3.10, the second DLE peer server is attached to two proxy LECs (LEC 4 and LEC 5).
When the DLE peer server receives the LE-ARP query, it cannot resolve the query, so the DLE
peer server re-distributes the query to its proxy LECs Ï (but not to its peer servers again, to
avoid a loop). Meanwhile, the first peer server has been able to resolve the LE-ARP for the
address of LEC 1 and has sent an LE-ARP response to the third server Ð.
Ð
Eng Eng Eng
LES/BUS 1 Ï LES/BUS 2 LES/BUS 3
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Figure 3.10 - LE-ARP Query Answered by One DLE Peer Server and Re-distributed by Another
When the third DLE peer server receives the LE-ARP response, it passes it directly to LEC 9
(which sent the original query) Ñ. The third DLE peer server also caches the registration infor-
mation for LEC 1 so that other local LECs do not have to go through the entire process again.
However, this cache ages out over time. LEC 9 can now open a connection to LEC 1, and send
its IP ARP response Ò, as shown in Figure 3.11.
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Configuring an
Emulated LAN
3.4.2.2.2 Improved Performance for Remote LECs
With DLE, broadcast delivery and LE-ARP resolution across peer servers can take a little
longer than if all LECs were connected to a single server, since extra processing steps and
transmissions are needed. However, ELANs with groups of LECs in different locations can be
designed for higher performance by providing a DLE peer server with each group. Broadcasts
and address resolution within each group will improve.
ELAN Eng
LES/BUS
Ì
LECS
Ë
Switch 1 Switch 2 Switch 3
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Figure 3.12 - ELAN with a Single Server and Multiple Switches Connecting to Services
In Figure 3.13, when LEC 7 goes through the same process, it is slightly more complicated.
When LEC 7 asks its local switch’s signalling software to establish a circuit to the LECS Ê, the
local switch must use inter-switch link information (IISP or PNNI tables) to establish a cross-
switch circuit to the LECS. Once this circuit is established, however, the process is identical.
ELAN Eng
LES/BUS 1
Î
Ì Ë
LECS
Í
Switch 1 Switch 2 Switch 3
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Figure 3.13 - ELAN with Single Server and Remote Connection to Server
Figure 3.14 shows the ELAN in operation after three LECs have gone through the registration
process.
ELAN Eng
LES/BUS 1
LECS
Configuring an
Emulated LAN
Switch 1 Switch 2 Switch 3
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
If the single server in Figure 3.14 goes down, then the entire ELAN goes down. At this point,
the administrator must intervene and reconfigure the ELAN.
LECS Ë
Ë Ë
Ë
Switch 1 Switch 2 Switch 3
Ê Ê
Ê
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
LECs 1, 4, and 7 are directed by their switches to the LECS. The result is shown in Figure 3.16.
LECS
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
This ELAN may experience significant performance improvements for the reasons described
earlier. Even if the actual performance is similar to using a single server in a particular net-
work, a great advantage is gained through its fault-tolerance if one of the servers fails as
depicted in Figure 3.17.
Configuring an
Ë
Emulated LAN
LECS
Ë Ë
Ê Ê
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
Figure 3.17 - Failure of One ELAN Server and the Recovery Process
ELAN A ELAN A
LES/BUS 1 LES/BUS 2
LECS
Eng LEC 1 Eng LEC 2 Eng LEC 3 Eng LEC 4 Eng LEC 5 Eng LEC 6 Eng LEC 7 Eng LEC 8 Eng LEC 9
You can enable ELAN access control when you are creating the LES. When you use the
services les new command, specify the -secure option as enabled. This indicates you
want to activate a secure LES/BUS pair and a secure well-known LECS address. (ELAN access
control is disabled by default.)
However, if you are using an LECS address that is different than the well-known address, then
you must also type the full LECS ATM address to be used using the [-lecs] <NSAP
Address> option.
If you want to disable ELAN access control, or if you want to enable ELAN access control at a
Configuring an
Emulated LAN
later time after the LES has been created, you can do this by entering the services les new
command and specifying a value for the -secure option. See Chapter 2 in Part 3 of the AMI
Configuration Commands Reference Manual for more information. By using this command, you
do not have to delete and recreate the LES.
There are different instructions for configuring an ELAN, depending on how your network is
currently configured. Please read the following list to determine which set of instructions to
use.
• If you had previously configured LANE, you want to upgrade some or all of the
clients to ForeThought 6.x, and you want to upgrade all the equipment that is run-
ning services to ForeThought 6.x using DLE, use the instructions found in
Section 3.7.
• If you had previously configured LANE, you want to leave the clients running
ForeThought 4.1.x, and you want to upgrade all the equipment that is running ser-
vices to ForeThought 6.x without using DLE, use the instructions found in
Section 3.8.
• If you are configuring LANE for the first time and all of your equipment is run-
ning ForeThought 6.x, use the instructions that follow here in Section 3.6.
To configure an ELAN on a switch, you must log into AMI on a switch running ForeThought
6.1.x and use the commands found under services lane lecs, services lane les, and
interfaces lec.
There are three major steps that the system administrator should follow in order to configure
and maintain ELANs:
1. Configure an LECS configuration database file.
2. Start the LAN Emulation Services (LECS and LES/ BUS).
3. Start the LEC(s) and join an ELAN.
The remainder of this section gives a practical example of configuring and administering an
ELAN.
Configuring an
Emulated LAN
[[group].]key : value
Configuring an
Emulated LAN
engineering.Maximum_Frame_Size : 1516
Similarly, to specify a default maximum frame size of 1516 bytes for all ELANs defined in a
given configuration file, enter the following:
.Maximum_Frame_Size : 1516
Table 3.1 defines the various key parameters that may be entered in the configuration file. The
acceptable range of values and the default value for each parameter is also given.
Parameter Definition
.LAN_Type: Ethernet/IEEE 802.3 Identifies the type of ELAN, either Ethernet/IEEE 802.3
or IEEE 802.5. The default is Ethernet/IEEE 802.3.
.Maximum_Frame_Size: 1516 Specifies the length (in number of bytes) of the largest
frame. Selections are: 1516, 1580, 4544, 9234, and 18190.
The default is 1516 for Ethernet and 4544 for Token Ring.
.Control_TimeOut: 120 Specifies the timing out of request/response control
frame interactions, in seconds. The minimum is 10 sec-
onds and the maximum is 300 seconds. The default is
120 seconds.
.Maximum_Unknown_Frame_Count: 1 Limits the number of unicast frames sent to the BUS. The
minimum is 1 frame per 60 seconds and the maximum is
10 frames per second. The default is 1 frame per second.
.Maximum_Unknown_Frame_Time: 1 Limits the number of unicast frames sent to the BUS in
the specified number of seconds. The default is 1 second.
.VCC_TimeOut_Period: 1200 Specifies the length of time that an idle data connection
remains open before being closed. The default value is
1200 seconds.
.Maximum_Retry_Count: 1 Limits the number of LE_ARP retransmission requests.
The minimum is 0 and the maximum is 2. The default is
1.
.Aging_Time: 300 Specifies the period that LE_ARP cache table entries
remain valid, in seconds. The minimum is 10 and the
maximum is 300. The default value is 300 seconds.
.Forward_Delay_Time: 15 Specifies the timing out of non-local ARP cache entries
in seconds. The minimum is 4 and the maximum is 30.
The default value is 15 seconds.
.Expected_LE_ARP_Response_Time: 1 Specifies the maximum time a LEC expects an LE_ARP
request/response will take, in seconds. The minimum is
1 and the maximum is 30. The default value is 1 second.
.Flush_TimeOut: 4 Specifies the maximum time a LEC expects an
LE_FLUSH request/response will take, in seconds. The
minimum is 1 and the maximum is 4. The default value
is 4 seconds.
Parameter Definition
.Path_Switching_Delay: 6 Specifies the minimum time between switching BUS and
data paths, in seconds. The minimum is 1 and the maxi-
mum is 8. The default value is 6 seconds.
.Local_Segment_ID The segment ID of the emulated LAN for an IEEE 802.5
source routing bridge.
.ELAN_Identifier: auto Specifies a non-zero ELAN identifier. The default is
auto, which signals the LES to generate an ELAN identi-
fier itself.
.Multicast_Send_VCC_Type: Specifies the multicast send mode, either Best Effort,
Best Effort Variable, or Constant. The default is Best Effort.
.Connection_Complete_Timer: 4 Specifies the time period in which data or READY_IND
is expected, in seconds. The minimum is 1 and the maxi-
mum is 10. The default is 4 seconds.
.ShortCut_Protocols: IP Specifies the set of protocols on which to perform flow
detection. Also, specifies the set of protocols for which
MPOA resolution is supported. The default is {}.
Currently, the only supported value is IP.
.ShortCut_Threshold: 10/1 Specifies the number of frames per second that a LANE/
MPOA client (LEC/MPC) forwards to the same destina-
tion via the default forwarding path before which it
should begin using a shortcut. The minimum number of
frames is 1 frame and the maximum is 65,535 frames.
The minimum rate of speed at which the frames are for-
warded is 1 second and the maximum is 60 seconds. The
Configuring an
Emulated LAN
default is 10 frames per second.
.Resolution_Initial_Retry_Time: 5 Specifies the initial retry time interval after which a
LEC/MPC may send another MPOA Resolution
Request if an MPOA Resolution Reply has not been
received for the initial request. The minimum is 1
second. The maximum is 300 seconds. The default is 5
seconds.
.Resolution_Maximum_Retry_Time: 40 Specifies the maximum retry time interval after which a
LEC/MPC assumes an MPOA Resolution Request has
failed. The minimum is 10 seconds. The maximum is 300
seconds. The default is 40 seconds.
Parameter Definition
.Resolution_Hold_Down_Time: 160 Specifies the minimum amount of time to wait before re-
initiating an MPOA Resolution Request after a failed
resolution attempt. This value is usually greater than the
Resolution_Maximum_Retry_Time. The minimum is 30
seconds. The maximum is 1,200 seconds. The default is
160 seconds.
.MPOA_KeepAlive_Time: 10 Specifies how often an MPS must send MPOA Keep-
Alive messages to all LEC/MPCs for which it has cre-
ated and is maintaining Egress Cache Entries. The mini-
mum is 1 second. The maximum is 300 seconds. The
default is 10 seconds.
.MPOA_KeepAlive_Lifetime: 35 Specifies the length of time that a Keep-Alive message is
considered valid. It is recommended that this value be at
least twice the value of the MPOA_KeepAlive_Time.
The minimum is 3 seconds. The maximum is 1,000
seconds. The default is 35 seconds.
.Resolution_GiveUp_Time: 40 Specifies the minimum amount of time to wait before an
MPS should give up on a pending resolution request.
The minimum is 5 seconds. The maximum is 300 sec-
onds. The default is 40 seconds.
.Resolution_Default_Holding_Time: Specifies the default holding time for use in NHRP Reso-
1200 lution Replies. The minimum is 60 seconds. The maxi-
mum is 7,200 seconds. The default is 1,200 seconds.
.IP_Flows: <ip-flow> Specifies a set of IP flows that are defined by the param-
{,<ip-flow>} eters listed below.
<ip-flow> Specifies the IP information that is defined by the
parameters listed below. The format is <src-dst>
[<proto>] <thresholds> <qos>.
<src-dst> Specifies the source and destination addresses of an IP
flow. The format is <ip-addr> <ip-addr> with the
source address first and the destination address second.
<ip-addr> Specifies the format for the IP addresses <ip-addr>
used above. The format is <dotted-addr>/<prefix-
leng>.
Parameter Definition
<dotted-addr> Specifies the format for the IP addresses <dotted-
addr> used above. The format is <octet>.<octet>.
<octet>.<octet>. The range of each octet is from 0 to
255.
<prefix-leng> Specifies the prefix length to indicates how much of a
given IP address is significant. The range is 0 through 32.
0 means any IP address can be matched and 32 means
the entire IP address is significant.
<proto> Optionally specifies for which protocol this flow applies
(ICMP, IGMP, TCP, or UDP). The format is one of: ICMP,
IGMP, TCP <port> <port>, or UDP <port> <port>. If
no protocol is specified, then this flow applies to all pro-
tocols.
<port> Specifies the source and destination port number,
respectively, to be used with the <proto> parameter. 0
indicates a match for any port number. The range is 0
through 65535.
<thresholds> Specifies a traffic threshold that must be reached before
a shortcut VCC is established for a flow. Also, specifies a
threshold below which a shortcut VCC is no longer con-
sidered valid, is torn down, and the default forwarding
path is used. Both thresholds are expressed in frames per
second. The format is <threshold> <threshold>
<threshold> with the set-up threshold first, the tear-
down threshold second, and the set-up threshold for the
Configuring an
Emulated LAN
default forwarding path third.
<threshold> Specifies the format for entering the threshold data as
described for <thresholds>. The format is <frame-
count>/<frame-time>. For set-up, a zero count with
a non-zero time means a shortcut VCC should be estab-
lished upon the first frame and a non-zero count with a
zero time means a shortcut VCC is never established.
For tear-down, a zero count with a non-zero time means
a shortcut VCC is never torn down.
<frame-count> Specifies the format for the number of frames for the set-
up and tear-down thresholds. The range is 0 through
65535.
Parameter Definition
<frame-time> Specifies the format for the number of seconds for the
set-up and tear-down thresholds. The range is 0 through
65535.
<qos> Specifies the parameters used in signalling a connection
for the specified flow. The format is <qos-flags>
<qos-class>. Currently, <qos-flags> is unused and
its value should be 0.
<qos-class> Specifies the Quality of Service (QoS) class for this flow.
Shared specifies a UBR connection will be shared
among all flows to the same destination. UBR specifies a
non-shared UBR connection. The format is UBR <rate>.
CBR specifies a CBR connection. The format is CBR
<rate>. VBR specifies a VBR connection. The format is
VBR <rate> <rate> <burst> (for CLP=0+1 cells)
<rate> <burst> (for CLP=0 cells). NRT-VBR specifies
a non-real time VBR connection. The format is NRT-VBR
<rate> <rate> <burst> (for CLP=0+1 cells) <rate>
<burst> (for CLP=0 cells). ABR specifies an ABR con-
nection. There is no format currently defined for ABR.
<rate> Specifies the rate for the QoS class specified. For UBR
and CBR, this is the Peak Cell Rate (PCR) in cells per sec-
ond. For VBR and NRT-VBR, this is the PCR for cells that
are CLP=0+1 in cells per second, the Sustainable Cell
Rate (SCR) for cells that are CLP=0+1 in cells per second,
and the SCR for cells that are CLP=0 in cells per second.
<burst> Specifies the Maximum Burst Size (MBS) in cells for the
QoS class specified (VBR and NRT-VBR only). This is the
MBS for cells that are CLP=0+1, in cells, and the MBS for
cells that are CLP=0, in cells.
Lines beginning with # may be inserted if you wish to include comments or to improve the
clarity of the presentation when the file is viewed or printed. These lines are ignored when the
file is read. Lines may be continued by escaping the end-of-line with a backslash “\” (do not
enter the quote marks).
engineering.Address: C5.0005.80.ffe100.0000.f21a.01b9.0020480605b2.00
In addition, you may instruct a given ELAN to override any of the default values. For exam-
ple, the engineering ELAN could override a Maximum_Frame_Size setting of 1516; thus:
engineering.Maximum_Frame_Size: 4544
If you want to control which clients may or may not join a given ELAN, two additional keys,
Accept and Reject, whose values are comma-separated lists of matching elements, may be
used.
Configuring an
Emulated LAN
a MAC address,
engineering.Accept: 47.0005.80.FFE100.0000.0000.0000.002048000000.00\
FF.FFFF.FF.FFFFFF.0000.0000.0000.FFFFFF000000.00
marketing.Accept: 47.0005.80.FFE100.XXXX.XXXX.XXXX.002048XXXXXX.XX
The last two forms of ATM-address matching elements are functionally the same. The latter is
shorter but only allows for masks whose semi-octets are all ones or all zeros, while the former
allows for arbitrary masks. A prospective-client address is “captured” by an ELAN name if
the client’s address matches one of the Accept elements but not one of the Reject elements
(if present). Finally, an ELAN may be configured to accept any client that wishes to join by
including the following statement:
default.Accept:XX.XXXX.XX.XXXXXX.XXXX.XXXX.XXXX.XXXXXXXXXXXX.XX
The order in which to apply the Accept and Reject rules is given by a Match.Ordering
group.key statement, whose value is a comma-separated list of ELAN names. For example:
The names of all ELANs that have Accept keys must be included in Match.Ordering.
The LE_CONFIGURE_REQUEST frame contains an ATM address and an optional MAC
address or route descriptor (which is always present for ELAN access control requests). The
Accept/Reject checking proceeds in two distinct phases: first, for the MAC address or route
descriptor, if present, and second, for the ATM address. So, even though a client might be
rejected by its MAC address, it can be accepted by its ATM address. Therefore, when configur-
ing the Accept and Reject rules, ensure that you write them either as explicit lists of only MAC
addresses or route descriptors, or only as ATM address matches.
47.0005.80.FFE100.0000.0000.0000.002048222222.22.LAN_Name:engineering
002048ABCDEF.LAN_Name: marketing
012F.LAN_Name: publications
Configuration parameter overrides can also be given on a per-client basis. For example, the
following statements override the default VCC_TimeOut_Period and Aging_Time configu-
ration parameters for a client whose MAC address is 002048080011 on the engineering
ELAN:
002048080011.LAN_Name:engineering
002048080011.VCC_TimeOut_Period:1200
002048080011.Aging_Time: 30
When a client contacts the LECS, the connections established are known as Configuration
Direct VCCs. To override the default value of the VCC_TimeOut_Period key (the number of
seconds before an idle Configuration Direct VCC is automatically closed by the LECS), enter a
statement similar to the following:
LECS.VCC_TimeOut_Period: 1200
The LECS periodically checks whether its configuration file has been modified, and, if it has,
the file is reread. The length of this period, in seconds, is given by the Reload_Period key:
LECS.Reload_Period: 600
The Permanent_Circuits key holds a comma-separated list of VPI.VCI pairs denoting the
local ends of 0.17 PVCs on which the LECS should listen. For example:
The LECS can provide the client with a fourteen-bit pattern to permute the MAC-address gen-
eration algorithm. This bit pattern is specified with the MAC_Address_Base key.
Configuring an
Emulated LAN
LECS.MAC_Address_Base: 38fe
.ShortCut_Protocols: IP
.ShortCut_Threshold: 10/1
LEC/MPC parameters can also be specified for resolution requests. When a LEC/MPC sends
an MPOA Resolution Request, it sets a timer to a Resolution_Initial_Retry_Time. If an MPOA
Resolution Reply is not received in that amount of time, a retry may be sent. Each time a retry
is sent, the timer is set to the Resolution_Initial_Retry_Time value * a retry multiplier. If the
value exceeds the Resolution_Maximum_Retry_Time value, the LEC/MPC assumes the
request has failed. A new request may not be sent until the Resolution_Hold_Down_Time has
been surpassed.
For example, the following parameters indicate that an initial MPOA Resolution Request
should be retried after 5 seconds, backing off to a maximum retry time of 40 seconds, and then
the MPOA Resolution Request process is re-initialized after 160 seconds.
.Resolution_Initial_Retry_Time: 5
.Resolution_Maximum_Retry_Time: 40
.Resolution_Hold_Down_Time: 160
MPOA server (MPS) parameters can also be specified. For example, the following parameters
indicate that the MPS must send Keep-Alive messages every 10 seconds. Each of these mes-
sages is valid for 35 seconds. The MPS must wait 40 seconds before giving up on a pending
resolution request, and should use 1200 seconds as the default holding time in NHRP Resolu-
tion Replies.
.MPOA_KeepAlive_Time: 10
.MPOA_KeepAlive_Lifetime: 35
.Resolution_GiveUp_Time: 40
.Resolution_Default_Holding_Time: 1200
Parameters can also be specified for flow descriptors which determine whether and when to
trigger creation of shortcut circuits. The LECS sends the LEC/MPC this set of parameters.
These parameters consist of the following elements in the following order: a source/destina-
tion specifier, flow establishment thresholds, and a QoS descriptor.
For example, you could specify that telnet traffic to the Class C 202.19.88.0 subnet should be
sent on a UBR VCC with a peak rate of 10,000 cells per second, but only after the traffic on that
connection exceeds 20 frames per second. If the VCC is idle for more than 10 minutes, then the
shortcut should be torn down.
.IP_Flows:0.0.0.0/0 202.19.88.0/24 \
TCP 0 23 \
20/1 1/600 0/1 \
0x0 UBR 10000
Configuring an
Emulated LAN
The sample LECS configuration file shown at the end of this section in Figure 3.19 and
Figure 3.20 defines three ELANs:
• default
• engineering
• marketing
The Match.Ordering statement specifies the ELAN names in the order that prospective cli-
ents will attempt to match. The default configuration parameters are shown with their default
values. These values apply to all ELANs in this configuration file, unless overridden for a par-
ticular ELAN or client.
ELAN default is configured to accept any client that wishes to join. The ATM address of the
default LES is listed in the default.Address statement. If DLE is being configured for
ELAN default, then this address must be the anycast address that allows the clients to reach
any of the DLE peer servers for ELAN default.
ELAN engineering has overridden the default Maximum_Frame_Size with a new size of
4544 bytes. Consequently, this frame size applies only to traffic on the engineering ELAN.
The default and marketing ELANs continue to use the default frame size of 1516 bytes.
Two LECs, whose MAC addresses are 002048080011 and 0020481020ef, are identified as
acceptable clients for the engineering and marketing ELANs.
#
# The search ordering of elan names
#
Match.Ordering: default, engineering, marketing
#
# the default configuration parameters
#
.Control_TimeOut: 120
.Maximum_Unknown_Frame_Count: 1
.Maximum_Unknown_Frame_Time: 1
.VCC_TimeOut_Period: 1200
.Maximum_Retry_Count: 1
.Aging_Time: 300
.Forward_Delay_Time: 15
.Expected_LE_ARP_Response_Time: 1
.Flush_TimeOut: 4
.Path_Switching_Delay: 6
.Multicast_Send_VCC_Type: Best Effort
.Connection_Complete_Timer: 4
.LAN_Type: Ethernet/IEEE 802.3
.Maximum_Frame_Size: 1516
.ShortCut_Protocols:IP
.ShortCut_Threshold:10/1
.Resolution_Initial_Retry_Time:5
.Resolution_Maximum_Retry_Time:40
.Resolution_Hold_Down_Time:160
.MPOA_KeepAlive_Time:10
Configuring an
Emulated LAN
.MPOA_KeepAlive_Lifetime:35
.Resolution_GiveUp_Time:40
.Resolution_Default_Holding_Time:1200
.IP_Flows: 0.0.0.0/0 202.19.88.0/24 \
TCP 0 23 \
20/1 1/600 0/1 \
0x0 UBR 10000
#
# Parameters for the default elan
#
default.Address: C5.0005.80.ffe100.0000.f21a.21b8.0097036324b2.25
default.Accept: XX.XXXX.XX.XXXXXX.XXXX.XXXX.XXXX.XXXXXXXXXXXX.XX
#
# Parameters for elan: engineering
#
engineering.Address:C5.0005.80.ffe100.0000.f21a.01b9.0020480605b2.11
engineering.Accept: 002048080011 , 0020481020ef
engineering.Maximum_Frame_Size: 4544
#
# Parameters for elan: marketing
#
marketing.Address: C5.0005.80.ffe100.0000.f21a.01b9.0020480605b2.21
marketing.Accept: 002048080011 , 0020481020ef
#
2. After you have retrieved the LECS configuration database file, use the following
AMI command to start the LECS service on the switch:
Configuring an
Emulated LAN
Usage:
[[-index] <integer>] Index (default: 1)
[-atmaddress] <NSAP Selector> LECS ATM Address
[[-adminstatus] (up|down)] Admin State
[[-database] <text>] Database File Name
[[-defaultles] <NSAP Address>] Default LES ATM Address
[[-lesflag] (enabled|disabled)] Default LES Flag
[[-wkaflag] (none|atmforum|other)] WKA Flag
[[-wka] <NSAP Address>] Well Known Address
For example, to start the LECS service using the -db option and using the ATM
Forum’s well-known address you would enter something similar to the following:
3. Use the following AMI command to verify that the LECS has been started and is
running:
The OperStatus field shows up, meaning that the LECS is running. Now you
must start the DLE peer servers as described in the next section.
Usage:
[[-index] <integer>] Index (default: 1)
[-atmaddress] <NSAP Selector> LES ATM address
[-name] <text> ELAN Name
[[-adminstatus] (up|down)] Admin State (default: up)
[[-bus] <NSAP Address>] BUS ATM Address
[[-type] (ethernet|token-ring)] LAN Type (default: ethernet)
[[-mtu] <mtu>] MTU (default: 1516)
[[-lecs] <NSAP Address>] Secure LECS Address
[[-secure] (enabled|disabled)] Secure
[[-fwdtlvs] (enabled|disabled)] Forward TLVs
[[-elanid] <integer>] ELAN ID
[[-trnumber] <Hex Integer>] Token Ring Number
[[-fwdarp] (enabled|disabled)] Forward ARP
[[-anycast] <NSAP Address>] Anycast ATM Address
[[-peerlist] <text>] Peer ATM Addresses
Configuring an
Emulated LAN
services les new -atmaddress 90 -name engineering -anycast
c5.0005.80.ffe100.0000.f21a.3596.0020481a3596.f0 -peerlist
“47.0005.80.ffe100.0000.f21a.10bb.0020481a10bb.90
47.0005.80.ffe100.0000.f21a.3552.0020481a3552.10
47.0005.80.ffe100.0000.f21a.3218.0020481a3218.44”
2. Use the following AMI command to verify that the LES and the BUS have been
started and are running.
The OperStatus field shows up, meaning that the LES and the BUS are running.
3. Configure the DLE peer servers by opening an AMI session on one of the other
switches that will run a DLE peer server and enter something similar to the
following:
4. Open an AMI session on the third switch that will run a DLE peer server and enter
something similar to the following:
Once all of the peers have been created, use the services lane les advanced-
info command to verify that the peers have established point-to-point and point-
to-multipoint connections to each other.
Configuring an
Emulated LAN
1. To start a LEC that will attempt to join the ELAN, use the following AMI command
on the switch that is going to be a LEC:
Usage:
[[-index] <integer>] Index (default: 1)
[-atmaddress] <NSAP Selector> LEC ATM Address
[-name] <text> ELAN Name
[[-adminstatus] (up|down)] Admin State
[[-mode] (wellknown|manual)] LEC Config Mode (default: wellknown)
[[-lecs] <NSAP Address>] LECS ATM Address
[[-les] <NSAP Address>] LES ATM Address
[[-ipaddr] <IP Address>] Interface IP Address
[[-netmask] <IP Address>] Interface Netmask
[[-ifstate] (up|down)] Interface State
For example, to start a LEC that attempts to join the ELAN called engineering,
enter the following:
2. Verify that the LEC has joined the ELAN by using the following AMI command:
Admin Oper
Index State State Mode MACaddress IfName IfState ELAN
1 up up wellknown 00:20:48:15:09:6b el0 up engineering
IpAddress: 198.168.61.25
Netmask: 255.255.255.0
LEC: 0x47.0005.80.ffe100.0000.f21c.09f1.0020481c09f1.00
Configuring an
Emulated LAN
LECS: 0x47.0079.00.000000.0000.0000.0000.00a03e000001.00
LES: c000580ffe1000000f21c09f10020481c09f1f0
The OperStatus field shows up, meaning that the LEC has successfully joined
the ELAN.
You can also use the command interface lec advanced-info to display more
information about the LEC.
3. After the first LEC has joined the ELAN, you can perform the same steps in this
section on another switch to allow a LEC to run on that switch. You can also use
the VLAN Manager or the host software to add more LECs to this ELAN. Once all
the LECs have joined, the ELAN is complete.
The following basic steps are involved in upgrading your ELAN to use DLE. Each of these
steps is described in detail in the following sections. It is recommended that you read the
entire section before attempting to upgrade to DLE. These steps describe the commands for a
switch. Refer to the corresponding User’s Manual for the appropriate steps for commands for
hosts, PowerHubs, ES-3810s, or the VLAN Manager.
1. Edit the LECS.CFG file.
2. Delete the old LES and BUS.
3. Upgrade the switches that are running services.
4. Create the DLE peer servers.
5. Transfer the updated LECS.CFG file.
6. Restart the LECS.
7. Recreate the LECs.
8. Create the last DLE peer.
9. Add the last DLE peer to each list of peers.
10. Change the last failover ELAN information in the LECS.CFG file.
Configuring an
Emulated LAN
11. Transfer the final LECS.CFG file.
12. Restart the LECS.
Transfer the LECS.CFG file that is currently being used by the LECS to a workstation (other
than the one to which you backed up the file) so you can edit the file.
The information about the LES addresses in your old LECS.CFG file may look something like
this before editing:
Mktg|0.Address: 47000580ffe1000000f21a24f90020481a24f900
Mktg|0.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Mktg|1.Address: 47000580ffe1000000f21a390e0020481a390e00
Mktg|1.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
On the workstation that has the LECS.CFG file, use a text editor to make the following
changes:
1. Add a new ELAN to the beginning of the Match.Ordering list that is named like
the old failover ELANs, but without the |n. In this example, there are currently
two failover ELANS named Mktg|0 and Mktg|1. Therefore, add an ELAN named
Mktg.
2. Give the anycast address of the DLE peer servers to the new ELAN. Also, replace
the LES address of the old ELANs with this anycast address, except for the last of
the |n failover ELANs (in this case, Mktg|1). Leave Mktg|1 with old LES address
for now so the LECs can use it until they are all changed over. (It will be changed
at the end of the process.)
3. If there were any non-colocated BUSs (none shown in this example), delete any
lines that refer to them, since each BUS will co-located with a LES after you
upgrade to ForeThought 6.x.
After following the steps above, the information about the LES addresses in your LECS.CFG
file would look like this:
Mktg.Address: c5000580ffe1000000f21c126b0020481c126b66
Mktg.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Mktg|0.Address: c5000580ffe1000000f21c126b0020481c126b66
Mktg|0.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Mktg|1.Address: 47000580ffe1000000f21a390e0020481a390e00
Mktg|1.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Configuring an
Emulated LAN
Admin Oper ELAN
Index State State Type MTU Name SECURE FwdTLVs FwdARPs ID
1 up up ethernet 1516 Mktg|0 disabled enabled disabled 0
LES: 0x47.0005.80.ffe100.0000.f21a.24f9.0020481a24f9.00
BUS: 0x47.0005.80.ffe100.0000.f21a.24f9.0020481a24f9.00
LECS: N/A
ANYCAST: N/A
PEER: N/A
Administer the LES and BUS down for Mktg|0 using the following AMI command:
Do the same for each old LES and BUS, except for the last LES and BUS (in this case, Mktg|1).
All clients will still be using the last LES/BUS temporarily until the DLE peer servers have
been established. The last LES and BUS will be changed over at the very end of the process.
Do not upgrade the switch that is running the last LES and BUS (in this case, Mktg|1). The
LECs will still be using the last LES/BUS temporarily until the DLE peer servers have been
established.
Create a DLE peer server (LES/BUS pair) with the new ELAN name (in this case, Mktg) on
each switch that is to become a DLE peer server.
Use the show command to verify the information that you entered:
Create each of the other peer servers using the same anycast address and giving them the peer
address(es) of each peer in the ELAN. (In this example, there is only one peer.)
Use the show command to verify the information that you entered:
Configuring an
Emulated LAN
BUS: 0x47.0005.80.ffe100.0000.f21c.10bb.0020481c10bb.90
LECS: N/A
ANYCAST: c5.0005.80.ffe100.0000.f21c.126b.0020481c126b.66
PEER: 0x47.0005.80.ffe100.0000.f21a.24f9.0020481a24f9.00
Use the show command and look at the OperStatus field to verify that the LECS has come
up again.
Use the following command to get the interface name from the IfName field as follows:
IpAddress: 172.14.15.19
Netmask: 255.255.0.0
LEC: 0x47.0005.80.ffe100.0000.f21c.09f1.0020481c09f1.00
LECS: 0x47.0079.00.000000.0000.0000.0000.00a03e000001.00
LES: 0x47.0005.80.ffe100.0000.f21c.09f1.0020481c09f1.f0
Delete all instances of the LEC (including anything that had been <ELAN name>|n).
Recreate the LEC. (You now only need one instance per LEC and you will not specify |n in the
name anymore.)
Configuring an
Emulated LAN
myswitch:interfaces lec-> new -atmaddress 0x11 -name Mktg -ipaddr 192.168.61.25
-netmask 255.255.255.0 -ifstate up
Use the following command to verify that the LEC has joined the ELAN by looking at the
OperStatus field as follows:
IpAddress: 172.14.15.19
Netmask: 255.255.0.0
LEC: 0x47.0005.80.ffe100.0000.f21c.09f1.0020481c09f1.00
LECS: 0x47.0079.00.000000.0000.0000.0000.00a03e000001.00
LES: 0x47.0005.80.ffe100.0000.f21c.09f1.0020481c09f1.f0
Repeat all of the steps in this section for each LEC. Refer to the corresponding User’s Manual
for the appropriate steps for re-creating LECs that are running on hosts, PowerHubs, or
ES-3810s. At this time, you may also add any new clients to the ELAN.
On that workstation, use a text editor to delete all lines referring to any of the |n failover
ELANs (in this case, Mktg|0 and Mktg|1). If the LES address portion of your LECS.CFG file
looked like this before editing:
Mktg.Address: c5000580ffe1000000f21c126b0020481c126b66
Mktg.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Mktg|0.Address: c5000580ffe1000000f21c126b0020481c126b66
Mktg|0.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Mktg|1.Address: 47000580ffe1000000f21a390e0020481a390e00
Mktg|1.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Match.Ordering: Mktg
Configuring an
Emulated LAN
Mktg.Address: c5000580ffe1000000f21c126b0020481c126b66
Mktg.Accept: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Use the show command and look at the OperStatus field to verify that the LECS has come
up again:
Configuring an
Emulated LAN
commands for any services that are running on
hosts, PowerHubs, or ES-3810s.
Administer down the LES and BUS using a pre-ForeThought 6.x version of software.
Transfer the LECS.CFG file that is currently being used by the LECS to a workstation (other
than the one to which you backed up the file) so you can edit the file.
On the workstation that has the LECS.CFG file, use a text editor to delete any lines that refer to
any non-colocated BUSs.
After you have made the changes, transfer the LECS.CFG file back to the LECS.
Configuring an
Emulated LAN
[-atmaddress] <NSAP Selector> LES ATM address
[-name] <text> ELAN Name
[[-adminstatus] (up|down)] Admin State (default: up)
[[-bus] <NSAP Address>] BUS ATM Address
[[-type] (ethernet|token-ring)] LAN Type (default: ethernet)
[[-mtu] <mtu>] MTU (default: 1516)
[[-lecs] <NSAP Address>] Secure LECS Address
[[-secure] (enabled|disabled)] Secure
[[-fwdtlvs] (enabled|disabled)] Forward TLVs
[[-elanid] <integer>] ELAN ID
[[-trnumber] <Hex Integer>] Token Ring Number
[[-fwdarp] (enabled|disabled)] Forward ARP
[[-anycast] <NSAP Address>] Anycast ATM Address
[[-peerlist] <text>] Peer ATM Addresses
You need to specify the LES selector byte (the BUS uses the same selector byte by default) and
you need to give the same LES name that you used before. You may optionally specify any of
the parameters, except for the anycast address and the peer addresses since you are not using
DLE.
This chapter provides an overview of LAN Emulation (LANE) and Multi-Protocol Over ATM
(MPOA) as implemented in FORE Systems’ ForeThought software.
MPOA
MPOA
ATM
Each PC
PC2 runs a PC5
PC1 PC3 LEC/MPC PC4 PC6
3. The LEC/MPC requests the information needed to join a specified ELAN or the
default ELAN. The LECS has information about available ELANs, what ELANs
each LEC/MPC can join, and which ELAN the LEC/MPC should attempt to join
first.
If a LECS is not available, or if you choose not to use it, you can manually specify
the information required to join a specific ELAN.
4. The LEC/MPC contacts the LES associated with the ELAN it wants to join and reg-
isters its MAC-ATM address pair. It also contacts the BUS associated with the
ELAN. At this point, the LEC/MPC and the LES have the information required to
allow this host to communicate with other hosts on the ELAN as if it were an Ether-
net (or Token Ring) network. Refer to the following section for a description of how
the LEC/MPC connects to other hosts on the ELAN.
MPOA
Router
ELAN
ELAN marketing
engineering
ATM cloud
MPOA
In addition to LANE, protocols such as IP can operate over an ATM network via the IETF
Internetworking Over NBMA Networks (ION) Working Group’s Next Hop Resolution Protocol
(NHRP). NHRP allows the ATM network to be divided into Logical IP Subnets (LISs). Using
NHRP, routers are still required to interconnect these subnets; but NHRP permits intermediate
routers to be bypassed on the data path. NHRP allows entities called Next Hop Clients (NHCs)
to send queries between different subnets. These queries are propagated using Next Hop Serv-
ers (NHSs) via paths found using standard routing protocols. Consequently, NHRP enables
the establishment of VCC data paths across subnet boundaries without requiring physical routers
in the data path.
ELAN ELAN
engineering marketing
Router
Shortc
ut VCC
ATM cloud
MPOA
Each of
PC these runs
a LEC/MPC ELAN
PC PC
engineering
Runs a LECS,
ASX-200BX LES, and BUS
Runs
an MPS
ATM
and a PowerHub 7000
Cloud
LEC/MPC
Runs a LECS,
ASX-200BX LES, and BUS
ELAN
marketing Each of
these runs
PC PC a LEC/MPC
PC
MPOA
4.3.4.2 Initialization
When its host boots, each LEC/MPC automatically goes through the following sequence to
establish a connection to the MPS.
1. The LEC/MPC registers via ILMI with the switch to which it is attached.
2. The LEC/MPC connects to an LECS to which it sends its own ATM address and
the name of the ELAN it wishes to join (the ELAN name is an empty string unless
the LEC/MPC has been site-configured with an ELAN name). The LEC/MPC also
supplies a LANE 1.0 compliant parameter identifying itself as an MPOA-aware
client.
3. Next, the LEC/MPC receives the following from the LECS:
- the name of the ELAN to which it is assigned
- the ATM address of the LES for the ELAN it is joining
- the parameters containing the flow detection and shortcut establishment poli-
cies it is to use
4. The LEC/MPC then connects to its assigned LES, and provides the LES with a
parameter identifying itself as MPOA-aware.
5. Finally, the LEC/MPC connects to the ELAN’s BUS.
Once the LANE/MPOA connections are established, third-party network-layer protocol driv-
ers on the host can establish network-layer connectivity. The methods these upper-layer driv-
ers use to determine host IP addresses, default gateway, and backup gateway addresses vary
depending on the third-party product. For example, the LANE/MPOA driver itself permits
these drivers to use BOOTP or DHCP to obtain IP configuration information.
4. When the ingress LEC/MPC receives the NHRP response containing the destina-
tion’s ATM address, it first checks if a shortcut circuit to that ATM address already
exists. If a shortcut circuit to that address already exists, it sends the packets via the
existing shortcut circuit. If no shortcut circuit exists it opens a new shortcut circuit
and begins sending packets over it to the destination.
ForeThought PNNI
PNNI (Private Network Node Interface or Private Network-to-Network Interface) is an ATM
Forum approved protocol which defines interoperability between private ATM switches.
PNNI defines both the routing and signalling standards for inter-switch interoperability.
This chapter provides an overview of FORE Systems’ pre-standard version of PNNI,
ForeThought PNNI (FT-PNNI), and its use in a multiple-switch network. FT-PNNI is a scalable
routing and signalling protocol used in networks containing multiple FORE switches.
FT-PNNI simplifies large network topologies by organizing the nodes (switches) in that net-
work into smaller groups.
It is this reorganization of the network topology that makes FT-PNNI’s simplified routing pos-
sible. By segmenting a large network into smaller peer groups of nodes, FT-PNNI reduces the
amount of network topology information that those very nodes must maintain.
5.1.3 Flooding
Flooding is a reliable hop-by-hop propagation of loglinks throughout a peer group. Whenever
a new loglink is discovered by a switch, the switch immediately broadcasts the existence of
this link to all of its neighbors. The neighboring switches then broadcast the existence of the
same link to all of their neighbors. Very quickly, the existence of the new loglink is flooded
throughout all of the switches in the network.
Similarly, when a link goes down, or when a significant change is seen in the metrics of a
loglink, the latest state of the loglink is propagated immediately throughout the network.
ForeThought PNNI
FT-PNNI operates in a hierarchical topology. The structure of the hierarchy is defined by the
peer group ID in a routing domain. Address assignment in FT-PNNI, therefore, corresponds to
this hierarchical topology, providing increased scalability.
104 bits
Peer Group ID
Switch Prefix
ForeThought PNNI
In an ATM network, data is sent and received over virtual circuits, or circuits that only exist
when needed. This communication over these virtual circuits is made possible by signalling
that occurs between the switches in the network.
In a network of FORE switches, any new addition to the topology is recognized immediately
by all nodes (switches) having a direct connection to the new node. Then each switch that has
recognized the new switch sends a message to each of its direct connections, and so on. Even-
tually, and within a very brief period of time, every switch in the network is aware of the new
addition and the links by which that new addition can be reached. This topology is stored by
each switch in its local topology database.
In a small, local area network (LAN), the topology is relatively simple, meaning that the
switches in the LAN have a relatively small topology database to maintain. As the LAN
grows, however, and more switches are added, that same database can grow to be very large
in a short period of time.
As this topology database grows, the amount of information a switch must look up when
searching for an address also grows. In the end, this can result in delayed connection set-up,
congestion in the network, and even lost data.
Figure 5.2 depicts a typical ATM network, containing 21 FORE switches ( ). The hierarchy
of this network is flat, meaning that each switch must be aware of all the other switches in the
network, as well as all the possible routes to those switches. As more switches are added to
this network, the hierarchy will become more complex and the switches will have to contend
with larger topology databases.
Figure 5.2 - Private ATM Network with 21 Switches and 34 Bidirectional Links
It is in these large, single-level networks that FT-PNNI is most useful, because it lets you sim-
plify large network topologies by creating a two-level hierarchy. In this hierarchy, clusters of
contiguous switches are grouped together and they are collectively summarized by a single,
logical node.
Figure 5.3 shows the same network as in Figure 5.2 after being organized into peer groups,
now having a two-level hierarchy. The subsections that follow explain the organization of
these peer groups, how they simplify the overall network topology, and how they change the
logical view of the network.
ForeThought PNNI
Peer Group C
Peer Group
C.6
Border Switch Peer Group D
Switch/Node D.4 C.5
Logical Link D.3 C.4
D.2 C.3
(loglink)
D.1 C.2
C.1
A.1 B.2
B.3 B.8
A.2
B.4
A.3
B.1
Peer Group A B.5 B.7
B.6
Peer Group B
ForeThought PNNI
A PGSN is a virtual (logical) or imaginary node that summarizes a peer group’s reachability
information. The PGSN has the peer group ID of its peer group as its switch summary prefix.
Each border switch in the peer group advertises a logical link (loglink) to the PGSN. The
PGSN is a logical representation of the switches contained in a peer group.
Backbone Link
Peer Group Summary D C
Node (PGSN)
D.2
C.2
C.1
A.1
B.8
A B.1
A.3 B
A.2
In April, 1996, the ATM Forum (ATMF) approved an industry specification for PNNI Phase 1
(Private Network Node Interface or Private Network-to-Network Interface). PNNI (Private
Network Node Interface or Private Network-to-Network Interface) is a scalable protocol that
defines both the routing and signalling standards for interoperability between private ATM
switches. PNNI simplifies large network topologies by organizing the nodes in a network into
* +
*
*
*View of the network
from a
* switch
*
* +
* +
+
*
+
Hierarchical routing reduces the number of links that each switch must maintain. For exam-
ple, if the switches in Figure 6.1 were in a flat network, each switch would have to be aware of
all 16 links shown. If the switches are separated into peer groups, the routing table for each
switch becomes smaller.
In the example shown in the inset in Figure 6.1, a * switch only needs to know about the four
links inside its peer group plus one link to the O peer group and one to the + peer group. This
is a total of six links, as opposed to 16. The example in the inset is hierarchical because the *
switches view all of the O switches as a single node and all of the + switches as another single
node.
ForeThought 6.x supports the dynamic configuration of ATMF PNNI PGL hierarchical net-
All of the NSAP addresses of the group members can be represented as a single, shortened
(summarized) address. Additionally, every member of a peer group has the same level. Mem-
bers of a peer group are connected to each other by horizontal links.
Each peer group is summarized by its PGL as a single group node. A node is a logical entity
that resides in a switch and performs routing operations such as discovering other nodes in
the network, maintaining a topology database of its peer group, exchanging that database
with its neighbors, and computing paths from itself to other nodes in the network.
border node
B.3.4
B.1.2 B.2.3
B.3.1 B.3.3
B.1.1
Level 80 B.2.1 B.2.2 Level 80
B.1.3 B.3.2 PG B.3
PG B.1 Level 80
PG B.2
outside link
horizontal link (inside link)
B.3.4
B.1.2 B.2.3
B.3.1 B.3.3
B.1.1
B.2.1 B.2.2 Level 80
Level 80
B.1.3 B.3.2 PG B.3
PG B.1 Level 80
PG B.2
When a DTL fails, a back-off mechanism is used to determine when to retry that particular
DTL. The DTL is not attempted for a user-configured interval in order to allow any old infor-
mation to age out and allow the network to stabilize. This interval is set under connections
smartchannel pnni parameters [-backoffinterval] <integer> for SPVCs. It is set
under connections smartpath parameters [-backoffinterval] <integer> for
SPVPs.
However, you can enable or disable this back-off mechanism on a per-SPVC or per-SPVP
basis. Use the -backoffstatus option under connections smartchannel pnni pp new
(or modify) for SPVCs. Use the -backoffstatus option under connections smartpath
new (or modify) for SPVPs. The default setting for both SPVCs and SPVPs is enabled. If you
disable this mechanism, then instead of waiting for the user-configured back-off interval after
6.2.2 Crankback
During PNNI signalling, a call being processed according to a DTL may encounter a blocked
node or link along the designated route. Crankback allows a partial reroute of such a rejected
call so that it does not have to be cleared the whole way back to the source. Additionally, an
indication of the blockage and subsequent reroute information is sent to the originator of the
DTL.
6.3.8 PGLs
6.3.8.1 Parent Nodes and Child Nodes
PGL capability is fully implemented as described in Sections 5.10.1 through 5.10.1.5 of the
ATMF PNNI Specification. A PGL is a node in a peer group that collects and assimilates data
to represent the entire peer group as a single node in the form of a parent node. A parent node
is an LGN that represents its peer group at the next higher level of hierarchy. A child node is a
node at the next lower level of hierarchy. It can be an LGN or a physical node.
link x 9
LGN A link y 8 LGN B
link a 9
link b 9
S1 S2 link c 8 S3 S4
Peer Group A Peer Group B
In the aggregation example in Figure 6.4, switches S1 and S2 form peer group A and switches
S3 and S4 form peer group B. Outside links a and b each have an aggregation token of 9, and
outside link c has has an aggregation token of 8. Switches S2 and S3, which are border nodes,
advertise three separate uplinks. However, links a and b are aggregated together as one LGN
horizontal link, which is link x. There is another separate LGN horizontal link for link c, which
is represented as link y.
area
S3 gateway switch
PNNI node
S1
S3
FT-PNNI node
S2 S4
6.4.2 Interfaces
Interfaces can be attached to PNNI nodes. By default, a PNNI interface comes up attached to
the default PNNI node in ForeThought 6.x. FT-PNNI interfaces are automatically attached to
FT-PNNI nodes. An interface becomes a PNNI or FT-PNNI interface via ILMI auto-configura-
tion or by the user hard configuring the UNI using the command signalling new. (For more
information about this command, see Part 3 of the AMI Configuration Commands Reference
Manual.)
6.4.3.1 Areas
An area is a subset of nodes within a domain that are contiguous and that together execute a
link state routing protocol to exchange reachability information dynamically among them-
selves. Because of the database exchange protocol, two nodes that belong to an area have iden-
tical copies of the link-state topology database. Using ForeThought 5.x, an area can be one of
the following:
• a non-hierarchical PNNI network (i.e., a single PNNI peer group because only the
lowest-level peer group is implemented)
• a hierarchical FT-PNNI network (i.e., a multiple FT-PNNI peer group system
using hierarchy)
C.6
Peer Group Peer Group D
Border Link D.4
C.5
D.3 C.4
Switch/Node D.2 C.3 Peer Group C
Horizontal Link
D.1 C.2
C.1
A.1 B.2
B.3 B.8
A.2
B.4
A.3 B.1
B.5 B.7
Peer Group A
B.6
Peer Group B
6.4.3.1.3 Levels
Each area has a level associated with it. Levels are used to control the flow of reachability infor-
mation in a multi-level routing hierarchy (which is discussed in the next section). An N-level
hierarchy has N discrete values of levels associated with it, namely, L1, L2,..., LN. Each of the
areas in the hierarchy has one of these N values as its level. Numerical values are assigned to
levels in order from the lowest to the highest; i.e., L1 < L2 < L3 < LN, so LN is the highest level.
An area of level Li can adjoin any number of areas at level Li-1, but can only adjoin at most one
area at level Li+1 or higher. This means that on a given switch, there can never be areas config-
ured that belong to more than two distinct levels. Furthermore, there can only be one area that
belongs to the higher level.
PNNI node
FT-PNNI node
IISP link
Switch S2
(split switch)
Area A Area D
Area B Area C
Switch S1 Switch S3
(gateway switch) Node 1 Node 2 (gateway switch)
Domain 1 Domain 2
In Figure 6.8, the two nodes configured in switch S1 belong to different areas, and so they do
not share the same link-state topology database. The same is true for the nodes configured in
switch S3. Dynamic reachability leaking takes place among the nodes in switch S1, enabling
end systems in Area A to reach other end systems in Area B, and vice versa within Domain 1.
The same applies to the nodes in switch S3.
The two nodes in split switch S2 belong to two different areas, each of which is part of a differ-
ent domain. An inter-domain route must be configured on both node 1 and node 2 so they can
share reachability information between two domains. An inter-domain route can be created
using the command routing pnni interdomain new. Exchange of reachability information
can then occur between the nodes over this inter-domain route.
6.4.3.3.1 Policies
ForeThought software lets you configure a policy as a flexible means of enforcing security
across the network topology. When a node discovers an address that is leaked by another
node, it checks its own policy table to determine if the address is to be advertised within its
own area. There are three types of policies:
• summary - Addresses matching a summary policy cause just the summarized
6.4.3.3.2 Scope
If no paths are found to the destination using constrained routing, then path computation uses
unconstrained mode, in which only the administrative cost is considered.
A.X.2
A.X.1 A.Z.1
A.Z.3
A.Y.4 A.Y.5
PNNI is the default protocol on switches running ForeThought 6.0.x and greater. If
any switches are running FT-PNNI, you need to change the default protocol to
PNNI using the routing domain modify command. You can change the proto-
col when you use this command to modify the prefix in step 3.
2. Check the connections between the switches that will become peer group A.X (in
this case, 1B1 and 1D4) to be sure that the Interface field shows PNNI, the
SigVersion is pnni10, and the State is up.
4. Repeat step 1 through step 3 on each switch in peer group A.X and assign the same
prefix to the other switches in that peer group. That is, the bits in the prefix should
be the same for all switches in the peer group, up to the level being used. The bits
after the level being used, up to the 104th bit, must be unique for all peers in the
peer group.
The default level is 80. When a parent node is created, the level is decremented by
8 by default. Do not assign a PGL priority yet. Create all of the parent nodes for the
peer group and then set the PGL priority to a non-zero value on the PGL
candidates.
2. Use the following command to display information about the parent node:
The first part of the PnniNodeID is 72. This shows the level of this node (the parent
node). The second part of the PnniNodeID is 80. This shows the level of the child
node. The OperStat is down because the PGL has not been configured and
elected yet.
2. The election process may take a minute or two. Display the PGL information for
the nodes on switch A.X.2 to see if the election is complete. If the PglState says
operPgl when the node has been elected as PGL.
PG A.X
Level 80 A.X.2
A.X.1 A.Z.1
A.Z.3
A.X.4 A.Z.2
A.Y.2
A.X.3
A.Y.1 A.Z.4
A.Y.3
A.Y.4 A.Y.5
Repeat the steps in Section 6.8.2 through Section 6.8.5 to configure peer groups A.Y and A.Z.
Once you have configured peer groups A.Y and A.Z, the network looks like Figure 6.11. LGN
A.Y is at level 72 representing peer group A.Y, while the rest of the lower level nodes are at
level 80. Similarly, LGN A.Z is at level 72 representing peer group A.Z, while the rest of the
lower level nodes are at level 80.
The LGNs form peer group A at level 72. The LGNs dynamically establish SVCC RCCs to each
other and begin to communicate.
PG A
Level 72
A.X.1 A.Z.1
A.Z.3
A.Y.4 A.Y.5
switchaz2::routing-> show
AtmIf VPI Node Domain IntType SigProto SigSt
1C1 0 0 1 auto privNNI up
NodeST HelloSt PeerSt
up twoWayInside full
AtmIf VPI Node Domain IntType SigProto SigSt
1C2 0 0 1 auto privUNI down
NodeST HelloSt PeerSt
N/A N/A N/A
AtmIf VPI Node Domain IntType SigProto SigSt
1C3 0 0 1 auto privNNI up
NodeST HelloSt PeerSt
up commonOutside N/A
Press <return> for more, or 'q' to quit...q
When everything is configured properly, the HelloSt on the outside link between
two peer groups (border link) goes to commonOutside as shown on port 1C3. If
the link still shows twoWayOutside, then check the following items:
a. Ensure the prefixes have been properly configured using routing
domain show. Remember that each switch in a peer groups shares a pre-
fix, and each peer group must have a different prefix than the other peer
groups.
b. Ensure the parent nodes have been properly configured and that their
OperStat is up using routing pnni node show.
c. Ensure that the PGLs have been properly configured and that their
PglState is operPgl using routing pnni node show -pgl. The bor-
der link still shows twoWayOutside if the neighboring peer group does
not have a PGL configured yet or if the neighboring peer group’s PGL has
not come up yet.
2. Check that an SVCC RCC has been established between LGNs by using the follow-
ing command on each LGN. If the SVCC RCC has been established properly, the
HelloState shows twoWayInside.
3. Check that a horizontal link has been established between LGNs by using the fol-
lowing command on each LGN. If the horizontal link has been established
properly, the HelloState shows twoWayInside and the LinkType shows
horizontalLinkToFromLgn.
This chapter contains information that pertains to the signalling portion of ForeThought soft-
ware. This signalling information is described in the following sections:
• Section 7.1 - UNI 4.0 Supplementary Services
• Section 7.2 - Virtual UNI
• Section 7.3 - Proxy Signalling Services
• Section 7.4 - VCI Allocation Range
• Section 7.5 - Signalling Scope
• Section 7.6 - Signalling Channel Auto Configuration Procedures
• Section 7.7 - Allowable Combination of Traffic Parameters
Signalling
ForeThought 6.1 or greater supports supplementary UNI 4.0 services as described in the UNI
4.0 signalling specification. This implementation of supplementary services satisfies all of the
mandatory requirements, as specified in Annex 4 of the ATM Forum’s ATM UNI Signalling
Specification, Version 4.0.
The following supplementary services are supported by FORE ATM switches:
• Direct Dialing In (DDI)
• Multiple Subscriber Number (MSN)
• Calling Line Identification Presentation (CLIP)
• Calling Line Identification Restriction (CLIR)
• Connected Line Identification Presentation (COLP)
• Connected Line Identification Restriction (COLR)
• Sub Addressing (SUB)
• User to User Signalling (UUS)
The details of these supplementary services are described in the following sections.
For information on using the AMI commands for supporting different supplementary ser-
vices, see Section 7.1.2.
Signalling
interworking devices.
Signalling
checking between the called and calling user.
This is required for applications that are supporting OSI X.213 services and X.25. It is also used
between PBX-to-PBX to pass additional information for the call.
myswitch:signalling-> new
[-atmif] <AtmIf> AtmIf
[-vpi] <unsigned> VPI
[[-suppservices] (enabled|disabled)] Suppl Services (default: disabled)
[[-clip] (enabled|disabled)] CLIP Status (default: disabled)
[[-clir] (enabled|disabled)] CLIR Status (default: disabled)
[[-colp] (enabled|disabled)] COLP Status (default: disabled)
[[-colr] (enabled|disabled)] COLR Status (default: disabled)
[[-sub] (enabled|disabled)] SUB Status (default: disabled)
[[-uus] (enabled|disabled)] UUS Status (default: disabled)
[[-defconndpaddr] <NSAP Address>] Connected Party Def Addr
Signalling
1D1 0 N/A N/A N/A N/A N/A N/A N/A
1D2 0 N/A N/A N/A N/A N/A N/A N/A
1D3 0 enabled enabled disabled disabled disabled enabled enabled
CLIP_addr=47.234567ff0000000000000178.fd323cf34312.00
COLP_addr=47.234567ff0000000000000178.fd323cf34312.00
1CTL 0 N/A N/A N/A N/A N/A N/A N/A
To modify supplementary services, you would use the following command (pertinent portion
of the AMI syntax is listed here for reference):
myswitch:signalling-> modify
Usage:
[-atmif] <AtmIf> AtmIf
[-vpi] <unsigned> VPI
[[-clip] (enabled|disabled)] CLIP Status
[[-clir] (enabled|disabled)] CLIR Status
[[-colp] (enabled|disabled)] COLP Status
[[-colr] (enabled|disabled)] COLR Status
[[-sub] (enabled|disabled)] SUB Status
[[-uus] (enabled|disabled)] UUS Status
[[-defconndpaddr] <NSAP Address>] Connected Party Def Addr
DSLAM
(VP-Mux)
In most cases, virtual UNIs have VCs allocated on VP=0. This means that all end users (DSL
devices) are signalling and requesting SVCs on VP=0. The VP-Mux maps each of the end users
to a unique VP on the switch side. Virtual UNI support requires the switch to understand that
setup messages received on a non-zero signalling path must be responded to as though all the
devices were on path zero. The ATM switch allocates virtual circuits on the VPs on which it
receives the Setup message. However, it translates the VPCI-VPI=0 when reporting it back to
the end user in the Connect message.
In order for the switch to support VP-Muxes, it supports multiple virtual UNIs on the single
physical interface to the VP-Mux. A unique VPI on the interface between the DSLAM and the
switch is used to distinguish between individual end users. Switches send and receive signal-
ling messages on a unique VPI associated with the individual user devices.
The switch maintains a translation table between VPCI and VPI. For the end user, the VPCI is
equal to the VPI. The VPCI remains constant in the signalling message as it travels between
the user and switch. The VPI associated with the VPCI is used while the switch allocates a vir-
tual circuit upon receiving a Setup message. Similarly, the VPCI associated with the VPI on
which the circuit is allocated is used while sending the Connect message back to the end user.
The switch maintains two tables:
• VPCI mapping table (VMT): contains information for a single VPCI-VPI-port
mapping where each entry in the VMT is assigned a unique map index.
• VPCI mapping group table: contains a listing of all VPCI map indexes where each
entry in the VPCI group table is assigned a unique group index. This group index
must be used when creating the signalling interfaces on the switch. This enables
VPCI-VPI translation in the signalling messages.
The following outlines the steps necessary to create virtual UNI connections:
1. Create one or more VPCI-to-VPI mappings using the following AMI command:
2. Create a VPCI group for one or more of the VPCI-to-VPI mappings created in the
previous step using the following AMI command:
Signalling
signalling vpci groups new -groupindex -position -mapindex
3. Create the signalling channel and specify the assigned VPCI group index created
in the previous step using the following AMI command:
signalling new
For usage parameters descriptions for the AMI commands mentioned above, see Part 3 of the
AMI Configuration Commands Reference Manual.
The following example shows how a single VPCI-VPI mapping can be achieved for three vir-
tual UNIs using the VPCI mapping table (VMT). In Figure 7.3, a switch is connected to the
VP-Mux and three end user devices are connected to the VP-Mux.
User A
VPI=0
User B
Port 3
VPI=0 Switch
Port 4 4C8
Port 10
VP-Mux
Port 3, VP=0 Port 10, VP=11
Port 4, VP=0 Port 10, VP=12
Port 5, VP=50 Port 10, VP=13
The steps for configuring the switch for the virtual UNI example illustrated in Figure 7.3 is as
follows:
1. Create the VPCI-VPI-port mappings for the VPCI map table by entering the fol-
lowing AMI commands:
You can simplify the above configuration by entering the required parameter values and tak-
ing the default values for the optional parameters. For example:
2. Display the VPCI-VPI-port mappings that you just created by entering the
following AMI command:
Signalling
signalling vpci maps show
If you entered the simplified configuration, you would enter the following instead:
4. Display the VPCI group you just created by entering the following:
6. Display the VPCI group to which the signalling interface is associated by entering
the following:
The following must be taken into consideration when configuring virtual UNIs:
• There is a maximum configurable limit on the number of privates UNIs that can
be created. The maximum limit depends on the switch platform: HA/CF proces-
sors allow a maximum of 192 signalling interfaces and P5/P6 processors allow a
maximum of 600 signalling interfaces.
• A large number of NNI signalling interfaces is not addressed by virtual UNI sup-
port.
• Disable all debug tracing on the switch while using large number of private UNI
signalling interfaces.
• The default control port VC space is 0 to 1024 for the ASX-200BX, ASX-1000, 0 to
8192 for the ASX-4000, and 0 to 4091 for the ESX-3000. Ensure that the VC space is
sufficient to support the number of UNIs on the switch. If it is not sufficient, mod-
ify the maximum VCI number to be supported on the control port using the
connections path term modify AMI command. See Chapter 3 in Part 1 of the
AMI Configuration Commands Reference Manual.
• VC space on the switch: By default, 511 VCCs are allocated per VP and in turn to
each signalling interface. For a large number of UNIs, it is recommended to con-
figure VPs with a smaller VC range between 0-40.
• If end systems can be configured to run signalling and ILMI protocol (5 and 16,
Signalling
respectively) on non-reserved VCCs, these can be configured on, for example,
VCC 32 and 33, respectively. In this case, the VC range per VP can be set between
32-40 with 6 VCCs used for other applications on the end systems.
Proxy
Signalling
ATM
Services
ATM Switch
PSA 4b1 4d1
In the above example, proxy clients 1, 2, 3, and 4 are connected to an ATM switch on 4C1,4C2,
4C3, and 4C4, respectively. The PSA is connected to the switch on 4B1. The VC setup messages
are exchanged on 4B1, but the.actual VCs are set on ports 4C1, 4C2, 4C3, and 4C4.
Creation of a proxy service signalling interface requires the creation of valid entries in the
VPCI mapping table and VPCI group table.
The following outlines the steps necessary to configure proxy signalling services:
1. Create the virtual path terminators that will be controlled by the proxy service sig-
nalling interface.
Signalling
connections path term new 4C2 70
2. Create VPCI -VPI-port mappings (make sure to create a mapping for the signalling
interface*).
Signalling
A VCI allocation range can be specified when a signalling channel is created using the ATM
Management Interface (AMI) command signalling new. The range is computed differently
depending on whether or not you have ILMI running.
the actual range is computed as an intersection based on the range you enter (70 - 200) and the
range available in that VP (1 - 511).
To display what the actual VCI range is, enter the following command:
In this display, the range that you have requested is shown in the Admin MinVCI and Admin
MaxVCI fields. The range that is computed and allowed is displayed in the Oper MinVCI and
Oper MaxVCI fields. In this example, no VCIs are reserved on VP 65, so the requested range of
70 - 200 is allowed.
In another example, if there are VCIs already reserved on VP 65, as shown below in the
MinVCI and MaxVCI fields:
Signalling
AtmIf VPI Type ResBW CurBW MinVCI MaxVCI VCs Protocol
1A1 0 term N/A 37.3K 1 511 35 pvc
1A1 0 orig N/A 0.8K 1 511 7 pvc
1A2 0 term N/A 0.8K 1 511 6 pvc
1A2 0 orig N/A 0.8K 1 511 6 pvc
1A3 65 term N/A 0.8K 1 120 6 pvc
1A3 65 orig N/A 0.8K 1 120 6 pvc
1A4 0 term N/A 0.8K 1 511 6 pvc
1A4 0 orig N/A 0.8K 1 511 6 pvc
1CTL 0 term N/A 45.4K 1 1023 85 pvc
1CTL 0 orig N/A 45.4K 1 1023 33 pvc
then the actual range is computed as an intersection based on the range you enter (70 - 200)
and the range available in that VP (1 - 120).
To see what the actual VCI range is, enter the following command:
In this example, since VCIs 1 - 120 are already reserved on VP 65, the range of 70 - 120 is the
actual range allowed.
the actual range is computed as an intersection based on the range you enter (70 - 200), the
range available in that VP (1 - 511), and the range of the peer signalling entity (32 - 511).
To display what the actual VCI range is, enter the following command:
In this display, the range that you have requested is shown in the Admin MinVCI and Admin
MaxVCI fields. The range that is computed and allowed is displayed in the Oper MinVCI and
Oper MaxVCI fields. In this example, no VCIs are reserved on VP 65 and the signalling peer
supports the range of 32 - 511, so the requested range of 70 - 200 is allowed.
In another example, if the peer supports the range of 32 - 511, but there are VCIs already
reserved on VP 65, as shown below in the MinVCI and MaxVCI fields:
Signalling
connection path term show
Input Output
Port VPI Port VPI ResBW CurBW MinVCI MaxVCI VCs Protocol
1A1 0 terminate N/A 37.3K 1 511 35 pvc
1A2 0 terminate N/A 0.8K 1 511 6 pvc
1A3 0 terminate N/A 0.8K 1 511 6 pvc
1A3 65 terminate N/A 0.8K 1 120 6 pvc
1A4 0 terminate N/A 0.8K 1 511 6 pvc
1CTL 0 terminate N/A 45.4K 1 1023 85 pvc
originate 1A1 0 N/A 1.7K 1 511 7 pvc
Press return for more, q to quit: q
then the actual range is computed as an intersection based on the range you enter (70 - 200),
the range available in that VP (1 - 120), and the range supported by the peer (32 - 511).
To see what the actual VCI range is, enter the following command:
In this example, since the peer supports VCIs 32 - 511, but VCIs 1 -120 are already reserved on
VP 65, the range of 70 - 120 is the actual range allowed.
In a third example, if the peer only supports the range of 32 - 180, and VCIs 1 - 120 are already
reserved on VP 65, and you enter the following:
then the actual range is computed as an intersection based on the range you enter (70 - 200),
the range available in that VP (1 - 120), and the range supported by the peer (32 - 180).
To see what the actual VCI range is, enter the following command:
In this example, since the peer supports VCIs 32 - 180, and VCIs 1 - 120 are already reserved on
VP 65, the range of 70 - 120 is the actual range allowed.
7.5.1 VC-Space
The VC-space of a signalling channel is the VPI/VCI space within which a signalling channel
can allocate connections. This is determined by the allocation scope of the signalling channel
and the VCI allocation range (see Section 7.4) for the signalling channel.
The VC-space of a VP-scope signalling channel is the VCI allocation range of the signalling
Signalling
channel applied only to the path that contains the signalling channel.
The VC-space of a link-scope signalling channel is comprised of the aggregate VCI allocation
range of the signalling channel applied to all paths controlled by the signalling channel (i.e.,
the path containing the signalling channel and all other paths in which the signalling channel
has allocated connections).
To avoid conflicts of ownership of the path, a link-scope signalling channel never uses an
existing provisioned terminating/originating path (apart from the path that contains the sig-
nalling channel) to allocate virtual channel connections.
Dynamic paths inherit the characteristics of the virtual path that contains the signalling chan-
nel (called the containing path). Therefore, dynamic paths have the same VCI-range as the con-
taining path and are elastic paths.
To see which paths are dynamic paths, look at the Protocol field associated with each path
under the AMI command connections path term show. This field displays q2931 for
dynamic paths and displays pvc for provisioned terminating/originating paths.
A dynamic path is controlled only by the link-scope signalling channel that uses it. Therefore,
a dynamic path is not open to any provisioning such as the creation of a PVC connection,
SPANS signalling path, etc.
Signalling
The following two tables summarize the above information. Table 7.1 highlights the actions
taken based on the configurations of the FORE switches on both sides of an interface.
ForeThought versions prior to ForeThought 4.1.x always default to UNI 3.0. Both UNI 3.1 and
UNI 4.0 use SSCOP version 31.
Table 7.1 - Action Taken Based on Both Switches’ Signalling Channel Configurations
Peer’s
Configured
Configured Action Taken
Version
Version
UNI 3.0 UNI 3.0 SSCOP 30 stack initialized
UNI 3.1 SSCOP 30 stack initialized; error message displayed on syslog
UNI 4.0 SSCOP 30 stack initialized; error message displayed on syslog
PNNI 1.0 SSCOP 30 stack initialized; error message displayed on syslog
Auto SSCOP 30 stack initialized; peer changes version to UNI 3.0
UNI 3.1 UNI 3.0 SSCOP 31 stack initialized; error message displayed on syslog
UNI 3.1 SSCOP 31 stack initialized
UNI4.0 SSCOP 31 stack initialized; error message displayed on syslog
PNNI 1.0 SSCOP 31 stack initialized; misconfiguration
Auto SSCOP 31 stack initialized; peer changes version to UNI 3.1
PNNI 1.0 UNI 3.0 SSCOP 31 stack initialized; error message displayed on syslog
UNI 3.1 SSCOP 31 stack initialized; misconfiguration
UNI4.0 SSCOP 31 stack initialized; misconfiguration
PNNI 1.0 SSCOP 31 stack initialized
Auto SSCOP 31 stack initialized; peer changes version to PNNI 1.0
if it supports PNNI
UNI 4.0 UNI 3.0 SSCOP 31 stack initialized; error message displayed on syslog
UNI 3.1 SSCOP 31 stack initialized; error message displayed on syslog
UNI4.0 SSCOP 31 stack initialized
PNNI 1.0 SSCOP 31 stack initialized; misconfiguration
Auto SSCOP 31 stack initialized; peer changes version to UNI 4.0
Auto UNI 3.0 SSCOP 30 stack initialized
UNI 3.1 SSCOP 31 stack initialized
UNI4.0 SSCOP 31 stack initialized
PNNI 1.0 SSCOP 31 stack initialized
Both stacks initialized as SSCOP 31 if both sides support UNI
Auto 3.1 or UNI 4.0; otherwise, both sides are initialized to SSCOP
30. If both sides support PNNI then, both sides are initialized
to SSCOP 31 and the version is set to PNNI 1.0.
Table 7.2 - Action Taken Based on the Peer’s Supported MIB Variable
Configured atmfAtmLayer
Action Taken
UNI Version UNI Version
UNI 3.0 Version 3.0 SSCOP 30 stack initialized
Version 3.1 SSCOP 30 stack initialized; error message displayed on syslog
Version 4.0 SSCOP 31 stack initialized; error message displayed on syslog
Version 2.0 SSCOP 30 stack initialized; version 2.0 is not supported and
error message displayed on syslog
MIB variable SSCOP 30 stack initialized
not supported
UNI 3.1 Version 3.0 SSCOP 31 stack initialized; error message displayed on syslog
Version 3.1 SSCOP 31 stack initialized
Version 4.0 SSCOP 31 stack initialized; error message displayed on syslog
Version 2.0 SSCOP 30 stack initialized; version 2.0 is not supported and
Signalling
error message displayed on syslog
MIB variable SSCOP 31 stack initialized; error message displayed on syslog
not supported
UNI 4.0 Version 3.0 SSCOP 30 stack initialized
Version 3.1 SSCOP 30 stack initialized; error message displayed on syslog
Version 4.0 SSCOP 31 stack initialized
Version 2.0 SSCOP 30 stack initialized; version 2.0 is not supported and
error message displayed on syslog
MIB variable SSCOP 30 stack initialized
not supported
Auto Version 3.0 SSCOP 30 stack initialized
Version 3.1 SSCOP 31 stack initialized
Version 4.0 SSCOP 31 stack initialized
Version 2.0 SSCOP 30 stack initialized; version 2.0 is not supported and
error message displayed on syslog
MIB variable SSCOP 30 stack initialized
not supported
Type Version
auto auto
privateUNI uni30
privateUNI uni31
privateUNI uni40
publicUNI auto1
publicUNI uni30
publicUNI uni31
publicUNI uni40
IISP uni30
IISP uni31
IISP uni40
IISP auto1
privateNNI pnni10
1.
Exceptions to the rule.
Signalling
The first example is the default that is most often used when configuring a signalling interface.
Using this specification allows the interface to auto configure to any possible valid combina-
tion like privUNI/uni30, privUNI/uni31, privUNI/uni40, ftpnni/uni30, ftpnni/
uni31, ftpnni/uni40, or privateNNI/pnni10. This is the most preferred input.
The fifth and sixth examples illustrate the exception to the rule.
The scope and mode either both have to be auto or both have to be given a parameter other
than auto. Specifying the scope as auto and hard configuring the mode or vice-versa is not
allowed. If a scope is not entered, then the scope parameter defaults to auto. Similarly, the
Signalling
mode parameter defaults to auto if a mode is not entered.
Since scope and mode are not negotiated based on the peer signalling entity’s status, if the
scope and mode are hard configured on one side of a link, they should also be hard configured
on the remote side.
Table 7.5 shows the valid combinations.
Scope Mode
autoScope autoMode
vpScope vpAssoc
vpScope nonAssoc1
linkScope nonAssoc
1.
This combination is valid as long as the -admintype is
not configured as auto or privateNNI. If the
-admintype is auto, the link could become a PNNI link,
which would conflict with a -sigmode of nonAssoc and
a -sigscope of vpScope.
The first example is the default that is most often used when configuring a signalling interface.
This is the most preferred mode since the auto configuration of the link and scope procedures
can correctly determine what is valid for a given interface.
Signalling
for an interface.
sig new 1a1 0 -sigscope vp -sigmode nonAssoc This is an invalid combination
if the type is auto (default).
sig new 1a1 0 -admintype privateNNI -adminversion VP scope and nonAssoc mode
pnni10 -sigscope vp -sigmode nonAssoc are incompatible with the type
privateNNI.
There is a potential invalid configuration that can occur because the auto configuration of the
operating scope and mode depend on whether a path is an elastic path or not. A non-elastic
path has bandwidth reserved for it from the link bandwidth at the time that the path is created
(when the -allocbw option in connections path term new is used.) An elastic path does
not have reserved bandwidth at creation time. Instead, it uses the residual bandwidth avail-
able on the link.
The invalid configuration can occur when a signalling interface on VPI 0 that has both the
scope and mode configured as auto becomes a PNNI interface (either by the user explicitly
specifying -admintype privateNNI or by specifying -admintype auto). In this case, if
the path is an elastic path, then the operating scope becomes link and the operating mode
becomes nonAssoc. If the path is a non-elastic path, then the operating scope becomes vp and
the operating mode becomes vpAssoc.
Therefore, if a signalling interface exists between two switches on VPI 0, with one half of this
path being elastic on one switch and one half being non-elastic on the other switch, then the
interface comes up with incompatible modes on either side if it becomes a PNNI interface.
This results in no calls being set up on this interface.
To prevent this invalid configuration, be sure that both sides of your PNNI interface are either
elastic or non-elastic. If this invalid configuration occurs, simply delete one side of the path
and recreate it to match the other side.
Signalling
• the value of the ATC, if present, and the absence or presence of the best effort indi-
cator in octet 18 of the ATM Traffic Descriptor information element
Derivation of a service category from the above information is specified in Section A9.2
(Determination of ATM service Category) of the ATM User-Network Interface (UNI)
Signalling Specification, Version 4.0 (UNI 4.0). However, ForeThought 5.2.x and greater does
not support the following from Table A9-1 of this specification:
• The Transparent VP-Service in the BBC information element is not supported.
Table 7.7 shows the subset of the UNI 3.1 allowable combination of traffic parameters sup-
ported by ForeThought 5.2.x and greater:
Table 7.7 - UNI 3.1 Allowable Combination of Traffic Parameters in ForeThought 5.2.x and Greater
Signalling
The following are used in the table above:
Y Yes
N No
S Specified
Y/N Either Yes or No is allowed.
* All QoS classes are supported.
& The parameter is coded to either “no indication,” or
“VBR,” or, for UNI 3.1, Octet 5a (Traffic Type /
Timing Required) is absent; these 3 codings are
treated as equivalent.
&& The parameter is coded to either “no indication,” or
“No,” or, for UNI 3.1, Octet 5a (Traffic Type / Timing
Required) is absent; these 3 codings are treated as
equivalent.
A blank entry indicates that the parameter is not
present.
ForeThought software version 5.0.x or greater provides various forms of switch security. Secu-
rity can be implemented by creating userids with different levels of privileges. The user login
authentication can be implemented using Kerberos and SecurID. There are also security meth-
ods that prevent access to the switch, which include IP filtering and NSAP filtering.
This chapter provides detailed information about each switch security method available. Steps
for configuring these methods are also provided in each section.
Before allowing access to a switch, the user must first be authenticated using one of the meth-
ods described in this chapter.
Security
On a new switch running ForeThought 6.1.x or greater, there is a default userid: ami. This user-
name is configured with the local authentication method, with admin privileges (meaning
you are allowed to use all AMI commands), and is allowed to log in to the switch using all the
possible methods. The userid is assigned a null password.
The network administrator should configure userids for all people who will have access to
each switch. If the administrator wants to use the same set of userids on each switch in the net-
work, he or she should configure the entire set of userids on each switch. This can also be done
with a batch file.
The security login show command displays a list of user login methods:
If a user attempting to access the switch matches one of the user login methods, then they are
permitted onto the switch. For example, if a user named ami telnets into AMI and supplies the
correct password, they are then permitted into the switch and given admin level privileges
(allowed to use all AMI commands). See Section 8.1.2 for more information.
Not all combinations of application and authentication methods are permitted. The following
table lists the allowable combinations:
For some security methods, you can configure default login privileges so that you do not have
to add an entry to the security login table (security login show). Use the security
login defaults new command to add a default login privilege.
If there is a matching entry in the security login table, then that entry is used to determine the
profile. Otherwise, the profile is determined from the defaults table.
There are several different scenarios that can occur, such as the SecurID server being down or
a userid not being listed on a particular switch. Table 8.2 shows the different login scenarios
and the action taken by the switch for each.
Security
Userid not listed and SecurID server not accessible Reject
Userid not listed; SecurID server accessible; and SecurID Reject
server rejects userid
Userid not listed; SecurID server accessible; and SecurID Accept
server accepts userid
Userid listed and access method not OK. Reject (If this is for SecurID or
Kerberos authentication, this
login will not be rejected if there
is a listing in the default table.)
Userid listed; access method OK; local authentication; and sup- Reject
plied password does not match
For specific information and examples of how to log in to the switch via telnet, the serial port,
or a remote switch, see the ATM Management Interface (AMI) Manual. For information about
logging in via ForeView, see the ForeView Network Management User’s Manual.
Security
sonal identification number (PIN) and the current code generated by the user’s assigned
SecurID token. After a validation check is made based on the scenarios listed in Table 8.2, an
AMI or HTTP session is started.
1.
The client software is already provided on FORE ATM switches, but the server software
must be purchased separately from Security Dynamics.
Security
8.1.1.2.5.2 Transferring the Configuration File
As described earlier, the server and the switches need to maintain some common configura-
tion parameters. The desired configuration information is specified in the sdconf.rec file
when the server is installed. Once you have installed the server software, copy this file to the
switch using the AMI command security securid getconf. This command uses either
the FTP protocol or the TFTP protocol to transfer the specified file from the specified server to
the switch.
This configuration file is read and information is stored in the FLASH so that they persist
across reboots. Additionally, the first time the switch contacts the server, it receives a node
secret file, which is a string of about 16 bytes. This string, which is known only to the server
and this switch, is used in encrypting messages between the server and the switch and is also
stored in the FLASH.
If the configuration file is not found, if the wrong file was copied, or if the file is corrupted,
then the SecurID service will not work. An appropriate error message is logged to the console,
and the user trying to log in is denied access.
A sample of the contents of a sdconf.rec file and a description of the parameters follows:
Parameter Description
FILE OWNERSHIP The account that owns the ACE/server files; i.e., that has permissions to run the ACE/
server administration programs. root is the default, but the login of any other adminis-
trator can be specified here.
SETUID BIT If set, allows anyone who can run the programs to run them with the permissions of the
files’ owner.
CLIENT RETRY Specifies how many times a client attempts to establish communications with the server
Security
before reporting an error.
CLIENT TIMEOUT Specifies how many seconds should elapse between attempts to establish client-server
communications.
DES ENCRYPTION Shows if DES or Security Dynamics encryption is used for client-server communications.
DURESS MODE Allows a user to enter a special PIN to signal that he or she is being forced to log in by
an unauthorized person.
Parameter Description
SLAVE SERVER Indicates that the slave server may be installed. If it is installed, its name and IP address
become part of the configuration record.
AUTHENTICATION SERVICE The name of this authentication service as it appears in the /etc/services or in a NIS
Services file.
PORT NUMBER The UDP port number that has been assigned for the use of this service.
ADDRESSES Indicates how network devices shall have the IP addresses resolved.
BAD PASSCODES The number of failed login attempts with incorrect passcodes, after which the server
puts the token associated with that userid into Next Token Mode. When the token is in
this mode, the next time the same user tries to log in and gets the passcode correct, he or
she is also prompted to enter the next token code; i.e., the one that appears next on the
token after 60 seconds.
RESPONSE DELAY Indicates how long an authentication request should be held (by the server) before a
response is returned to the client.
If the passcode entered by the user is accepted, a session to the switch is started. If the server
denies access to the user, the following message appears on the screen: Login incorrect.
After three unsuccessful attempts, the telnet connection is torn down by the switch.
Security
A Kerberos server maintains a database of user, server, and password information. When a
user attempts to access a switch via a DES encrypted telnet session, the switch configured for
Kerberos authentication verifies the session key and encrypts and decrypts messages sent
between the switch and the telnet session.
This key file is read only. Information is stored in the FLASH so that Kerberos configuration
persists across reboots.
Authentication fails if the key file is not found, if the wrong file was installed, or if the file is
corrupt. In these cases, an appropriate message is logged to the console, and access is denied.
Security
entries allowed in the host table is 10.See Part 2 of the AMI Configuration Commands Reference
Manual.
For example, you would enter something similar to the following:
Enter the following to display the IP address-to-Hostname mapping you just added:
IP Address Hostname
169.144.44.4 guppy
169.144.33.3 shark
telnet -x fishtank
Trying 172.19.4.20...
Connected to fishtank.
Escape character is '^]'.
[ Kerberos V5 accepts you as ``jsmith@FORE.COM'' ]
Trying 172.19.4.20...
Connected to fishtank.
Escape character is '^]'.
Authentication negotiation has failed, which is required for encryption. Goodbye.
After Kerberos authentication, you are still prompted for your AMI userid unless a default
profile is supplied for Kerberos. See Section 8.1 for more information on userids and default
profiles.
Security
• system upgrade
8.2 IP Filtering
The IP filtering feature lets the network administrator limit access to the control port of the
switch to prevent unauthorized access to the switch. The switch performs filtering on incom-
ing IP packets by determining if there is a match between the packet’s header source address
and this table of authorized incoming IP addresses. If the addresses match, the packets are
accepted, provided that they meet the requirements set up by the other IP filtering flags; oth-
erwise, they are rejected. Statistics are kept of the number of rejected IP packets and about the
last IP packet that was rejected.
Security
port. The address you enter must be the address
of the machine you are using. Otherwise, you
will lock yourself out of the switch.
This feature also has a filter lookup mechanism which provides statistics about calls that were
filtered and information about the last call that was rejected by the filtering process.
Security
using an asterisk (*). If * is specified for the port, then any port is accepted by the filter. If * is
specified for the VPI, then any VPI is accepted by the filter. If * is specified for the NSAP
address, or if 0 is specified for the mask, then any NSAP address is accepted by the filter.
Templates within a filter are applied in the order in which they appear in the filter, not by
maximum prefix match. See Part 2 of the AMI Configuration Commands Reference Manual for
more information about how to create, modify, and delete filters and templates.
See Part 2 of the AMI Configuration Commands Reference Manual for descriptions of the
usage parameters.
The switch returns an answer of either accepted or rejected, and the template-id of the
specific template that accepted or rejected the tested call setup message. If the message does
not match any of the templates in the filter, the switch returns an answer of rejected and
address unknown.
See Part 2 of the AMI Configuration Commands Reference Manual for field descriptions.
NSAP filtering statistics and traps include:
Security
• counts of accepted calls
• calls rejected because of an explicit match with a reject template
• calls rejected because of no match with any template
A trap is sent when rejected calls occur more frequently than the user-specified limit.
This chapter describes how to set up timing on a FORE ATM Switch. Topics covered include:
• Section 9.1 - Overview
• Section 9.2 - Timing Modes
• Section 9.3 - Switchclock
• Section 9.4 - Port Level Timing
• Section 9.5 - Timing Configuration Examples
9.1 Overview
When running voice or video over an ATM network, the equipment on the network should be
timed so that all of the equipment is transmitting and receiving data in a synchronized man-
ner. Even though ATM is asynchronous, this only refers to the cell-level transmission that
occurs in the ATM Layer. The physical layer underlying the cells is synchronous. Therefore, a
time reference signal must be distributed to every element in the network to establish one
cohesive entity. This time reference on FORE ATM Switches is called a switchclock.
Switch mode means that all network modules that support distributed timing import their
clock source from the designated switchclock port. This is the default mode for any switch
that does not have a TCM installed. See Section 9.3 for more information about this mode.
9.3 Switchclock
If a TCM is not installed in the switch, all of the ports within a fabric use the switchclock as
their timing reference. The switchclock can be any port that is able to recover a clock (i.e., the
network module supports distributed timing). (To see if the network module supports distrib-
uted timing, use the command hardware netmod show and look for yes under the Timing
field.) In an ASX-1000, ASX-1200, or a TNX-1100, the port may be from another fabric in the
same chassis.
When the switchclock is set to any of the ports within the same fabric, that port’s clock is
exported to all of the network modules within the same fabric. On an ASX-1000, ASX-1200, or
a TNX-1100 only, the switchclock is also exported to the network modules in all of the other
fabrics in this chassis. You can then configure each of the other fabrics to use that clock. In this
way, all of the network modules in all of the fabrics will use the same timing source.
Configuring Timing
2. On fabrics 3 and 4, use the following AMI commands to set your primary and sec-
ondary clocks:
In the example above, the primary timing source is set to 3B1. The switch exports the timing
source from the ATM port card in slot 3 to the entire chassis.
Configuring SNMP
The switch control software for the FORE ATM switches includes an SNMP agent. The SNMP
agent enables the remote monitoring and configuration of these switches.
Trap
Trap Name Description
Number
0 asxSwLinkDown An asxSwLinkDown trap signifies that the sending
protocol entity recognizes a failure in one of the ATM
Switch links that is connected to another switch.
1 asxSwLinkUp An asxSwLinkUp trap signifies that the sending proto-
col entity recognizes that one of the ATM Switch links
that is connected to another switch has come up.
2 asxHostLinkDown An asxHostLinkDown trap signifies that the sending
protocol entity recognizes a failure in one of ATM
Switch links that is connected to a host.
3 asxHostLinkUp An asxHostLinkUp trap signifies that the sending pro-
tocol entity recognizes that one of the ATM Switch
links that is connected to a host has come up.
4 asxNetModuleDown An asxNetModuleDown trap signifies that the sending
protocol entity recognizes a failure in one of the ATM
Switch network modules, that is identified by the
board and the module numbers. This is probably
caused by a hot-swap of a network module.
5 asxNetModuleUp An asxNetModuleUp trap signifies that the sending
protocol entity recognizes a new operational ATM
Switch network module, that is identified by the board
and the module numbers. This is probably caused by a
hot-swap of a network module.
Configuring SNMP
Trap
Trap Name Description
Number
6 asxPsInputDown This trap alerts that one ATM switch power supply
failed due to failure in the input voltage. The power
supply that failed is identified by the power supply
index. Note that an input voltage may be out of specifi-
cation and may not cause a power supply failure if
high loads are not applied.
7 asxPsInputUp This trap alerts that one ATM switch power supply
that had an input failure is up. The power supply that
is back up is identified by the power supply index.
9 asxPsOutputDown This trap alerts that one ATM switch power supply
output or the power supply was physically removed.
The power supply that failed is identified by the
power supply index.
10 asxPsOutputUp This trap alerts that one ATM switch power supply
that had an output failure or was removed is now up.
The power supply that is back up is identified by the
power supply index.
22 asxFanBankDown This trap alerts that one ATM switch fan bank failed.
The fan bank that failed is identified by the fan bank
index.
23 asxFanBankUp This trap alerts that one ATM switch fan bank is up.
The fan bank that is back up is identified by the fan
bank index.
28 asxLinkDown This trap alerts that the link that is identified by
{hwPortBoard, hwPortModule, hwPortNumber} was
configured up but lost its carrier (or the framing bit)
and is currently down.
29 asxLinkUp This trap alerts that the link that is identified by
{hwPortBoard, hwPortModule, hwPortNumber} is
back up.
30 asxSpansDown This trap alerts that the SPANS signalling on the link
that is identified by the sigPathPort and sigPathVPI
failed.
Trap
Trap Name Description
Number
31 asxSpansUp This trap alerts that the SPANS signalling on the link
that is identified by the sigPathPort and sigPathVPI is
up.
32 asxTempSensorOverTemp This trap alerts that one of the temperature sensors
indicates over temperature. The temperature sensor is
identified by the temperature sensor index.
33 asxTempSensorRegularTemp This trap alerts that one of the temperature sensors
indicates regular temperature. The temperature sensor
is identified by the temperature sensor index.
34 asxFabricTemperature This trap alerts that one of the temperature sensors
OverTemp indicates over temperature. The temperature sensor is
identified by the temperature sensor index.
35 asxFabricTemperature This trap alerts that one of the temperature sensors
RegularTemp indicates regular temperature. The temperature sensor
is identified by the temperature sensor index.
36 asxSonetLOSDetected This trap indicates that the specified SONET port is
experiencing Loss Of Signal. Bellcore Document
TA-NWT-000253 Section 6.3.1.1.1 states that, “A
SONET NE shall declare a LOS failure when the LOS
defect persists for 2.5 (± .5) seconds, or when a LOS
defect is present and the criteria for LOF failure decla-
ration have been met.”
37 asxSonetLOSCleared This trap indicates that the LOS condition identified by
trap asxSonetLOSon has been cleared.
38 asxSonetPathLabelOn This trap indicates that the specified SONET port is
receiving and errored C2 Path Label byte. Reference
Bellcore Document TA-NWT-000253 Section 3.3.2.3
and 6.3.1.1.8 the Path Label (C2) byte should have the
value 0x13.
39 asxSonetPathLabelOff This trap indicates that the Errored Path Label (C2)
byte error condition signalled by the asxSonetPath-
LabelOn trap has been cleared.
Configuring SNMP
Trap
Trap Name Description
Number
40 asxSonetLineAISDetected This trap indicates that the specified SONET port is
receiving a Line level Alarm Indication Signal from the
far-end equipment.
41 asxSonetLineAISCleared This trap indicates that the Line AIS error condition
signalled by the asxSonetLineAISon trap has been
cleared.
46 asxDS3PLCPYellowDetected This trap indicates that the specified DS3 port has
detected incoming Yellow Alarm.
47 asxDS3PLCPYellowCleared This trap indicates that the specified DS3 port has
detected clearance of incoming Yellow Alarm.
48 asxDS3PLCPLOFDetected This trap indicates that the specified DS3 port has
detected incoming LOF Alarm.
49 asxDS3PLCPLOFCleared This trap indicates that the specified DS3 port has
detected clearance of incoming LOF Alarm.
50 asxDS3LOFDetected This trap indicates that Loss Of Frame(LOF) is
detected on the incoming signal.
51 asxDS3LOFCleared This trap indicates that Loss Of Frame is cleared on the
incoming signal.
52 asxDS3AISDetected This trap indicates that AIS Alarm is detected on the
incoming signal.
53 asxDS3AISCleared This trap indicates that AIS Alarm is cleared on the
incoming signal.
60 asxDS1PLCPYellowDetected This trap indicates that the specified DS1 port has
detected an incoming Yellow Alarm.
61 asxDS1PLCPYellowCleared This trap indicates that the specified DS1 port has
detected clearance of an incoming Yellow Alarm.
62 asxDS1PLCPLOFDetected This trap indicates that the specified DS1 port has
detected an incoming LOF Alarm.
63 asxDS1PLCPLOFCleared This trap indicates that the specified DS1 port has
detected clearance of an incoming LOF Alarm.
64 asxDS1YellowDetected This trap indicates that Yellow Alarm is detected on
the incoming signal.
Trap
Trap Name Description
Number
65 asxDS1YellowCleared This trap indicates that Yellow Alarm is cleared on the
incoming signal.
66 asxDS1AISDetected This trap indicates that AIS Alarm is detected on the
incoming signal.
67 asxDS1AISCleared This trap indicates that AIS Alarm is cleared on the
incoming signal.
68 asxDS1LOSDetected This trap indicates that LOS Alarm is detected on the
incoming signal.
69 asxDS1LOSCleared This trap indicates that LOS Alarm is cleared on the
incoming signal.
70 asxDS1LOFDetected This trap indicates that LOF Alarm is detected on the
incoming signal.
71 asxDS1LOFCleared This trap indicates that LOF Alarm is cleared on the
incoming signal.
74 asxDS3FERFDetected This trap indicates that FERF Alarm is detected on the
incoming signal.
75 asxDS3FERFCleared This trap indicates that FERF Alarm is cleared on the
incoming signal.
78 asxE3YellowDetected This trap indicates that the Yellow Alarm is being
detected on the incoming signal.
79 asxE3YellowCleared This trap indicates that Yellow alarm has cleared on the
incoming signal.
80 asxE3OOFDetected This trap indicates that Out Of Frame (OOF) is
detected on the incoming signal.
81 asxE3OOFCleared This trap indicates that Loss Of Frame is cleared on the
incoming signal.
82 asxE3AtmLCDDetected This trap indicates that the specified E3 port is experi-
encing Loss of Cell Delineation (LCD). An LCD failure
is declared when the LCD defect persists for a period
of 2.5 +/- 0.5 seconds.
Configuring SNMP
Trap
Trap Name Description
Number
83 asxE3AtmLCDCleared This trap indicates that the LCD failure identified by
trap asxE3AtmLCDDetected has been cleared. An LCD
failure is cleared when the LCD defect is absent for 10
+/- 0.5 seconds.
86 asxE3PLCPYellowDetected This trap indicates that the specified E3 port has
detected incoming PLCP Yellow Alarm.
87 asxE3PLCPYellowCleared This trap indicates that the specified E3 port has
detected clearance of incoming PLCP Yellow Alarm.
90 asxE1YellowDetected This trap indicates that the Yellow Alarm is being
detected on the incoming signal.
91 asxE1YellowCleared This trap indicates that Yellow alarm has cleared on the
incoming signal.
92 asxE1LOFDetected This trap indicates that LOF is being detected on the
incoming signal.
93 asxE1LOFCleared This trap indicates that LOF is cleared on the incoming
signal.
96 asxE1PLCPYellowDetected This trap indicates that the specified E1 port has
detected incoming PLCP Yellow Alarm.
97 asxE1PLCPYellowCleared This trap indicates that the specified E1 port has
detected clearance of incoming PLCP Yellow Alarm.
98 asxE1PLCPLOFDetected This trap indicates that the specified E1 port has
detected incoming PLCP LOF Alarm.
99 asxE1PLCPLOFCleared This trap indicates that incoming PLCP LOF alarm has
been cleared on the specified E1 port.
100 asxE1LOSDetected This trap indicates that the specified E1 port has
detected incoming LOS Alarm.
101 asxE1LOSCleared This trap indicates that incoming LOS alarm has been
cleared on the specified E1 port.
102 asxE1AISDetected This trap indicates that the specified E1 port has
detected incoming AIS Alarm.
103 asxE1AISCleared This trap indicates that incoming AIS alarm has been
cleared on the specified E1 port.
Trap
Trap Name Description
Number
104 asxE3AISDetected This trap indicates that the specified E3 port has
detected incoming AIS Alarm.
105 asxE3AISCleared This trap indicates that incoming AIS alarm has been
cleared on the specified E3 port.
106 asxE3LOSDetected This trap indicates that the specified E3 port has
detected incoming LOS Alarm.
107 asxE3LOSCleared This trap indicates that incoming LOS alarm has been
cleared on the specified E3 port.
108 asxE3PLCPLOFDetected This trap indicates that the specified E3 port has
detected incoming PLCP LOF Alarm.
109 asxE3PLCPLOFCleared This trap indicates that incoming PLCP LOF alarm has
been cleared on the specified E3 port.
112 asxJ2YellowDetected This trap indicates that Yellow Alarm is detected on
the incoming signal.
113 asxJ2YellowCleared This trap indicates that Yellow Alarm is cleared on the
incoming signal.
114 asxJ2AISDetected This trap indicates that AIS Alarm is detected on the
incoming signal.
115 asxJ2AISCleared This trap indicates that AIS Alarm is cleared on the
incoming signal.
116 asxJ2LOSDetected This trap indicates that LOS Alarm is detected on the
incoming signal.
117 asxJ2LOSCleared This trap indicates that LOS Alarm is cleared on the
incoming signal.
118 asxJ2LOFDetected This trap indicates that LOF Alarm is detected on the
incoming signal.
119 asxJ2LOFCleared This trap indicates that LOF Alarm is cleared on the
incoming signal.
120 asxDS3LOSDetected This trap indicates that the specified DS3 port has
detected incoming LOS Alarm.
Configuring SNMP
Trap
Trap Name Description
Number
121 asxDS3LOSCleared This trap indicates that the incoming LOS Alarm has
been cleared on the specified DS3 port.
130 asxSonetLOFDetected This trap indicates that the specified SONET port is
experiencing Loss Of Frame (LOF) failure. An LOF
failure is declared when the LOF defect persists for a
period of 2.5 +/- 0.5 seconds, except when an LOS
defect or failure is present.
131 asxSonetLOFCleared This trap indicates that the LOF failure identified by
trap asxSonetLOFDetected has been cleared. The LOF
failure is cleared when the LOS failure is declared, or
when the LOF defect is absent for 10 +/- 0.5 seconds.
132 asxSonetLineRDIDetected This trap indicates that the specified SONET port is
experiencing Line Remote Defect Indication (LRDI). A
Line RDI failure is declared when the incoming Line
RDI defects lasts for 2.5 +/- 0.5 seconds.
133 asxSonetLineRDICleared This trap indicates that the Line RDI failure identified
by trap asxSonetLineRDIDetected has been cleared.
The Line RDI failure is cleared when no Line RDI
defects are detected for 10 +/- 0.5 seconds.
134 asxSonetPathAISDetected This trap indicates that the specified SONET port is
experiencing Path Alarm Indication Signal (PAIS). A
Path AIS failure is declared when the Path AIS defect
persists for 2.5 +/- 0.5 seconds.
135 asxSonetPathAISCleared This trap indicates that the Path AIS failure identified
by trap asxSonetPathAISDetected has been cleared. A
PAIS failure is cleared when the PAIS defect is absent
for 10 +/- 0.5 seconds.
136 asxSonetPathLOPDetected This trap indicates that the specified SONET port is
experiencing Loss Of Pointer (LOP). A LOP failure is
declared when the LOP defect persists for a period of
2.5 +/- 0.5 seconds.
137 asxSonetPathLOPCleared This trap indicates that the LOP failure identified by
trap asxSonetLOPDetected has been cleared. A LOP
failure is cleared when the LOP defect is absent for 10
+/- 0.5 seconds.
Trap
Trap Name Description
Number
138 asxSonetPathUNEQDetected This trap indicates that the specified SONET port is
experiencing unequipped (UNEQ). A UNEQ failure is
declared when the UNEQ defect persists for a period
of 2.5 +/- 0.5 seconds.
139 asxSonetPathUNEQCleared This trap indicates that the UNEQ failure identified by
trap asxSonetUNEQDetected has been cleared. A
UNEQ failure is cleared when the UNEQ defect is
absent for 10 +/- 0.5 seconds.
140 asxSonetPathRDIDetected This trap indicates that the specified SONET port is
experiencing Path Remote Defect Indication (PRDI). A
Path RDI failure is declared when the incoming Path
RDI defects lasts for 2.5 +/- 0.5 seconds.
141 asxSonetPathRDICleared This trap indicates that the Path RDI failure identified
by trap asxSonetPathRDIDetected has been cleared.
The Path RDI failure is cleared when no Path RDI
defects are detected for 10 +/- 0.5 seconds.
142 asxSonetAtmLCDDetected This trap indicates that the specified SONET port is
experiencing Loss of Cell Delineation (LCD). A LCD
failure is declared when the LCD defect persists for a
period of 2.5 +/- 0.5 seconds.
143 asxSonetAtmLCDCleared This trap indicates that the LCD failure identified by
trap asxSonetAtmLCDDetected has been cleared. A
LCD failure is cleared when the LCD defect is absent
for 10 +/- 0.5 seconds.
144 asxSonetAtmLineBIP- This trap indicates that the specified SONET port is
Detected experiencing Bit Interleaved Parity (BIP) errors. A Line
BIP failure is declared when the Line BIP defect per-
sists for a period of 2.5 +/- 0.5 seconds.
145 asxSonetAtmLineBIPCleared This trap indicates that the Line BIP failure identified
by trap asxSonetAtmLineBIPDetected has been
cleared. A Line BIP failure is cleared when the Line BIP
defect is absent for 10 +/- 0.5 seconds.
160 asxDS3IdleDetected This trap indicates that an Idle Maintenance Signal
(IDLE) is detected on the incoming signal.
Configuring SNMP
Trap
Trap Name Description
Number
161 asxDS3IdleCleared This trap indicates that an Idle Maintenance Signal
(IDLE) is cleared on the incoming signal.
162 asxDS3AtmLCDDetected This trap indicates that the specified DS3 port is expe-
riencing Loss of Cell Delineation (LCD). An LCD fail-
ure is declared when the LCD defect persists for a
period of 2.5 +/- 0.5 seconds.
163 asxDS3AtmLCDCleared This trap indicates that the LCD failure identified by
trap asxDS3AtmLCDDetected has been cleared. An
LCD failure is cleared when the LCD defect is absent
for 10 +/- 0.5 seconds.
164 asxDS3PbitPerrDetected This trap indicates that the specified DS3 port is expe-
riencing P-bit Parity errors. A P-bit Parity Error failure
is declared when the P-bit Parity Error persists for a
period of 2.5 +/- 0.5 seconds.
165 asxDS3PbitPerrCleared This trap indicates that the P-bit Parity Error failure
identified by trap asxDS3PbitPerrDetected has been
cleared. A P-bit Parity Error failure is cleared when the
P-bit Parity Error defect is absent for 10 +/- 0.5 sec-
onds.
176 asxDS1PRBSDetected This trap indicates that PRBS pattern is detected on the
incoming signal.
177 asxDS1PRBSCleared This trap indicates that PRBS pattern is cleared on the
incoming signal.
178 asxDS1AtmLCDDetected This trap indicates that the specified DS1 port is expe-
riencing Loss of Cell Delineation (LCD). An LCD fail-
ure is declared when the LCD defect persists for a
period of 2.5 +/- 0.5 seconds.
179 asxDS1AtmLCDCleared This trap indicates that the LCD failure identified by
trap asxDS1AtmLCDDetected has been cleared. An
LCD failure is cleared when the LCD defect is absent
for 10 +/- 0.5 seconds.
Trap
Trap Name Description
Number
180 asxDS1CRCErrDetected This trap indicates that the specified DS1 port is expe-
riencing excessive CRC-6 errors. A CRC-6 Error failure
is declared when the CRC-6 Error persists for a period
of 2.5 +/- 0.5 seconds.
181 asxDS1CRCErrCleared This trap indicates that the excessive CRC-6 Error fail-
ure identified by trap asxDS1CRCErrDetected has
been cleared. A CRC-6 Parity Error failure is cleared
when the CRC-6 Error defect is absent for 10 +/- 0.5
seconds.
192 asxE3TrailChangeDetected This trap indicates that a change in the trail trace mes-
sage was detected on the incoming signal.
208 asxE1AtmLCDDetected This trap indicates that the specified E1 port is experi-
encing Loss of Cell Delineation (LCD). An LCD failure
is declared when the LCD defect persists for a period
of 2.5 +/- 0.5 seconds.
209 asxE1AtmLCDCleared This trap indicates that the LCD failure identified by
trap asxE1AtmLCDDetected has been cleared. An LCD
failure is cleared when the LCD defect is absent for 10
+/- 0.5 seconds.
224 asxJ2RLOCDetected This trap indicates that Receive Loss of Clock (RLOC)
is detected on the incoming signal.
225 asxJ2RLOCCleared This trap indicates that Receive Loss of Clock (RLOC)
is cleared on the incoming signal.
226 asxJ2HBERDetected This trap indicates that High Bit Error Rate (HBER) is
detected on the incoming signal.
227 asxJ2HBERCleared This trap indicates that High Bit Error Rate (HBER) is
cleared on the incoming signal.
228 asxJ2PAISDetected This trap indicates that Payload Alarm Indication Sig-
nal (PAIS) is detected on the incoming signal.
229 asxJ2PAISCleared This trap indicates that Payload Alarm Indication Sig-
nal (PAIS) is cleared on the incoming signal.
Configuring SNMP
Trap
Trap Name Description
Number
230 asxJ2AtmLCDDetected This trap indicates that the specified J2 port is experi-
encing Loss of Cell Delineation (LCD). An LCD failure
is declared when the LCD defect persists for a period
of 2.5 +/- 0.5 seconds.
231 asxJ2AtmLCDCleared This trap indicates that the LCD failure identified by
trap asxJ2AtmLCDDetected has been cleared. An LCD
failure is cleared when the LCD defect is absent for 10
+/- 0.5 seconds.
232 asxJ2TLOCDetected This trap indicates that Transmit Loss of Clock (TLOC)
is detected.
233 asxJ2TLOCCleared This trap indicates that Transmit Loss of Clock (TLOC)
is cleared.
250 asxTP25LOSDetected This trap indicates that LOS Alarm is detected on the
incoming signal.
251 asxTP25LOSCleared This trap indicates that LOS Alarm is cleared on the
incoming signal.
1024 asxOutputQueueCongested This trap indicates that the output queue for the given
priority has exceeded its dedicated length, and has
begun overflowing into the shared buffer space on the
network module.
1025 asxOutputQueueCellLoss This trap indicates that the output queue for the given
priority has overflowed and cells have been dropped.
1026 asxExtendedModeViolation This trap indicates that a series A or B network mod-
ule was inserted into a switch board running in
extended mode.
1027 asxNonextendedMode- This trap indicates that a series C or greater network
Warning module was inserted into a switch board running in
non-extended mode.
1028 q2931AVRejectTrap This trap is generated whenever any UNI3.x with
AddressValidation enabled rejects a Setup Request call
more than q2931AVRejectTrapThreshold times in any
given q2931AVRejectTrapPeriod.
Trap
Trap Name Description
Number
1029 crConfMemoryOflow This trap is generated when the allocated call record
memory (as indicated by crMemoryAllocated) is
exceeded.
1030 crXfrPrimaryXfrFailed This trap is generated when the call record transfer to
the primary host (as indicated by crXfrPrimaryUrl)
fails.
1031 crXfrSecondaryXfrFailed This trap is generated when the call record transfer to
the secondary host (as indicated by crXfrSecond-
aryUrl) fails.
1032 crConfMemAllocFail This trap is generated when Callrecord functionality is
unable to allocate memory as specified by crMemory-
Allocated. This can happen when the crConfAdmin-
Status changes state from “off” or when the switch
reboots when Callrecords is configured “on”.
1033 crGeneralFailure This trap is generated when any of the callrecord
related functionality fails for any reason. One example
would be when the Callrecord Module fails to sched-
ule an interval timer.
1034 asxDualScpSyncFailure This trap indicates that automatic CDB synchroniza-
tion is disabled due to failures.
1035 asxDualScpSwitchOver This trap indicates that the backup SCP has taken con-
trol of the switch.
1036 asxDualScpHotSwap This trap indicates that an SCP hotswap insertion or
removal has occurred.
1037 asxVPAISDetected This trap indicates that the Alarm Indication Signal
(AIS) is detected on the incoming (terminating) virtual
path. This trap is generated once when the virtual path
is declared to be in the active AIS state.
1038 asxVPAISCleared This trap indicates that the Alarm Indication Signal
(AIS) has been removed from the incoming (terminat-
ing) virtual path. This trap is generated once when the
virtual path is declared to be in the inactive AIS state.
Configuring SNMP
Trap
Trap Name Description
Number
1039 asxVPRDIDetected This trap indicates that the Remote Defect Indication
(RDI) is detected on the incoming (terminating) virtual
path. This trap is generated once when the virtual path
is declared to be in the active RDI state.
1040 asxVPRDICleared This trap indicates that the Remote Defect Indication
(RDI) has been removed from the incoming (terminat-
ing) virtual path. This trap is generated once when the
virtual path is declared to be in the inactive RDI state.
1041 asxNonextendedModeViola- This trap indicates that a Series D network module was
tion inserted into a switch board running in non-extended
mode. Multicast will not work on the Series D module
without removing all Series B modules and rebooting
the switch.
1042 asxUnsupportedNetwork- This trap indicates that a unsupported network mod-
Module ule was inserted into a switch.
1043 asxDualScpRedundancy This trap indicates that there is a change in the state of
dual SCP redundancy.
1049 asxIpFilterViolation This trap occurs when an incoming IP packet is unau-
thorized to enter the switch control port and has been
dropped.
1053 q2931AFRejectKnown This trap is generated whenever any q2931 UNI with
Address Filtering enabled rejects a Setup request
because the request matched a template with the
action “reject.” The variables sent in the trap identify
the source and destination UNI for the call.
1054 q2931AFRejectUnknown This trap is generated whenever any q2931 UNI with
Address Filtering enabled rejects a Setup request
because the address matched no template. The vari-
ables sent in the trap identify the source and destina-
tion UNI for the call.
1061 q2931CreationFailure This trap is generated whenever a switch fails to create
a UNI. This is most likely due to a resource limitation
on the switch.
Trap
Trap Name Description
Number
1068 asxPsCurrentDown This trap alerts that one ATM switch power supply
had a current failure. The power supply that failed is
identified by the power supply index.
1069 asxPsCurrentUp This trap alerts that one ATM switch power supply
that had a current failure is now up. The power supply
that is back up is identified by the power supply index.
1070 asxPs5VoltDown This trap alerts that one ATM switch power supply
had a +5V failure. The power supply that failed is
identified by the power supply index.
1071 asxPs5VoltUp This trap alerts that one ATM switch power supply
that had a +5V failure is now up. The power supply
that is back up is identified by the power supply index.
1072 asxSwitchLoginDetected An asxSwitchLoginDetected trap signifies that a user
logged in on the switch.
1073 asxSwitchLoginFailed An asxSwitchLoginFailed trap signifies that a user’s
attempt to log in on the switch failed.
1074 pnniTdbGuardbandResrv- This trap is generated when the guardband memory
Fail reserve for any of the PNNI TDB (Topology Database)
related functionality like creation, modification, and
deletion on objects like node, PTSE, flags, internal pre-
fixes, external prefixes, etc. fails. The switch is low on
memory.
1075 pnniTdbInconsistentState This trap is generated when the PNNI TDB (Topology
Database) is in an unrecoverable error condition due to
MALLOC and other TDB related failures. When this
happens, the associated logical node is shut down and
this trap is sent. The switch has to be rebooted to bring
this PNNI logical node up again.
1077 asxShmem2OutputQueue This trap indicates that the output queue for the
Congested given priority has exceeded its dedicated length,
and has begun overflowing into the shared buffer
space on the network module.
Configuring SNMP
Trap
Trap Name Description
Number
1078 asxShmem2OutputQueue This trap indicates that the output queue for the
CellLoss given priority has overflowed and cells have been
dropped.
1080 fabricLvl3Lookup This trap is generated when a fabric detects excessive
level 3 lookup errors. The level 3 lookup count is read
every second. If the lookup count is non-null for 5 con-
secutive seconds, then this trap is generated. If the
errors continue, this trap is generated continuously
every 5 seconds. This trap can be caused by: a miscon-
figured PVC; bad hardware.
1081 fabricCorrectedLookup This trap is generated when the SCP detects inconsis-
tent information in the HDCOMP lookup. The switch
has corrected the bad information in the HDCOMP
lookup ASIC’s data structures.
1090 spvcRerouteInitiated This trap is sent when a SPVC is being re-routed due to
a better path being found.
1091 asxQ2931Down This trap is generated whenever UNI signalling goes
down.
1092 asxQ2931Up This trap is generated whenever UNI signalling goes
up.
1093 asxFabricDown An asxFabricDown trap signifies that the sending pro-
tocol entity recognizes a failure in one of the ASX-4000
ATM Switch fabrics, that is identified by the board
number. This is probably caused by a hot-swap of a
fabric module.
1094 asxFabricUp An asxFabricUp trap signifies that the sending proto-
col entity recognizes a new operational ATM ASX-4000
Switch fabric, that is identified by the board number.
This is probably caused by a hot-swap of a fabric mod-
ule.
Trap
Trap Name Description
Number
1095 asxQ2931CallClearing This trap is generated whenever calls are cleared in a
signalling interface for the following reasons.
-- Carrier loss
-- SONET alarms in case of SONET
-- VP failure
2000 frf8PVCStatus This trap indicates when an interworking PVC has
experienced an alarmed condition, either on the ATM
network side or Frame Relay side. It is also generated
when the PVC alarmed condition is cleared. It carries
the operational status of the PVC by the
frf8ConnOperStatus, as well as the reason why exiting,
entering, or changing the alarmed state
frf8ConnPVCAlarmReason.
Configuring SNMP
Trap
Trap Name Description
Number
2004 pnniSpvccDown This trap is sent when an SPVC call is cleared or
deleted. The pnniSpvcSrcDownReason indicates if the
call was cleared due to a better route being found or a
network failure. It also may indicate SPVC deletion.
This trap is only sent if pnniSpvcTrapMode is all.
2005 pnniSpvccUp This trap is send when an SPVC call is established. It
identifies the SPVC and the old and new cost. If the
call has not been up before, the pnniSpvcSrcOldRoute-
Cost will be -1. This trap is only sent if pnniSpvcTrap-
Mode is failure or all.
2006 pnniSpvccFail This trap is sent when an SPVC call that is down fails
to get connected on 16 consecutive attempts. This trap
is only sent if pnniSpvcTrapMode is failure or all.
2007 pnniSpvpcDown This trap is sent when an SPVP call is cleared. The
pnniSpvcSrcDownReason indicates if the call was
cleared due to a better route being found or a network
failure. It also may indicate SPVPC deletion. This trap
is only sent if pnniSpvpcTrapMode is all.
2008 pnniSpvpcUp This trap is sent when an SPVP call is established. It
identifies the SPVP and the old and new cost. If the call
has not been up before, the pnniSpvcSrcOldRouteCost
will be -1. This trap is only sent if pnniSpvpcTrapMode
is all or failure.
2009 pnniSpvpcFail This trap is sent when an SPVP call that is down fails
to get connected on 16 consecutive attempts. This trap
is only sent if pnniSpvpcTrapMode is all or failure.
2010 asxPortCardDown An asxPortCardDown trap signifies that the sending
protocol entity recognizes a failure in one of the ATM
Switch port cards, that is identified by the port card
index. This is probably caused by a hot-swap of the
port card.
2011 asxPortCardUp An asxPortCardUp trap signifies that the sending pro-
tocol entity recognizes a new operational ATM Switch
port card, that is identified by the port card index. This
is probably caused by a hot-swap of the port card.
Trap
Trap Name Description
Number
2013 asxServiceCategoryOutput- This trap indicates that the output queue for the ser-
QueueCongested vice category has exceeded its dedicated length, and
has begun overflowing into the shared buffer space on
the netmod.
2014 asxServiceCategoryOutput- This trap indicates that the output queue for the given
QueueCellLoss service category has overflowed and cells have been
dropped.
2015 pnniNormalToOver- This trap is generated on transition from the normal
loadTransition state to the overload state.
2016 pnniOverloadToNormal- This trap is generated on transition from the overload
Transition to the normal state.
Table A.2 defines the message types and the message requests for Trap 2003.
Configuring SNMP
Table A.2 - Message Type Encodings for Trap 2003
Table A.3 defines the error codes for Trap 2003 and their meanings.
Configuring SNMP
Error Code Error Code Meaning
14 Invalid parameter
15 Duplicate DLCI
16 Memory allocation failure
17 Service not created
18 Connection does not exist
19 Invalid Service
1A Connection ID unavailable
1B Invalid Connection ID
1C Unexpected message
1D Object already configured
21 Operation failed
22 Physical channel configuration failed
23 Physical connection configuration failed
24 Physical channel teardown failed
25 Physical connection teardown failed
26 Port configuration failed
27 EPD/PPD configuration failed
28 Unknown SDPM message received
29 Netmod not configured
2A SDPM message size error
2B Port not configured
2C Allocation of buffer failed
The <IP address> variable indicates the IP address of the SNMP trap destination that is to
be created. For example:
Repeat this for as many SNMP trap destinations as needed. Traps are active as soon as they are
set.
http://www.fore.com/tac/index.html
Trap Destination
1 192.88.243.18
2 198.29.16.14
3 198.29.16.18
Configuring SNMP
myswitch:system snmp trapdest-> show
No trap information is available
The <IP address> variable indicates the index number of the SNMP trap destination that is
to be removed. For example:
FORE Systems’ Circuit Emulation Services (CES) Network Modules (NMCE-6/DS1A and
NMCE-6/E1A) provide adaptation from time-division multiplexed (TDM) equipment (i.e.,
PBXs, WAN multiplexers, channel banks, video codecs, etc.) and traffic to ATM. Both modules
Emulation Services
Configuring Circuit
provide structured and unstructured services, with a maximum of 127 connections supported
on each module.
• All six ports of the DS1 CES Network Module may support fractional DS1
services (n x 56 Kbps/n x 64 Kbps) where 1 to 24 contiguous or non-contiguous
DS0 channels are mapped to a single ATM VCC, not to exceed 127 total connec-
tions.
• All six ports of the E1 CES Network Module may support fractional E1 services (n
x 56 Kbps/n x 64 Kbps) where 1 to 31 contiguous or non-contiguous DS0 channels
are mapped to a single ATM VCC, not to exceed 127 total connections.
Structured services provide digital access and cross-connect system (DACS) connectivity
where n x 64 Kbps and n x 56 Kbps digital signal level zero (DS0) channels are adapted to
ATM cells and mapped to unique ATM virtual connections (VCCs).
Unstructured services provide support and maintenance of a single full bandwidth 1.544
Mbps (DS1) or 2.048 Mbps (E1) clear channel across a single ATM virtual connection.
Configurations of both the DS1 and the E1 version of the CES network module are detailed in
this chapter. This chapter assumes the proper configuration of general switch parameters and
of CES specific parameters, such as timing distribution/recovery, additional CES alarms, CES
ports, etc.
Emulation Services
Configuring Circuit
When a connection is idle, OAM F5 cells are used to maintain the connection. When the first
data cell that is received does not match the idle pattern, the connection immediately becomes
active.
myswitch:services ces-> new -iatmif <AtmIf> -its <text> -oatmif <AtmIf> -ots <text>
-idlesupp <state> -oidlesupp <state>
For example:
myswitch:services ces-> new -iatmif 1a3 -its 1 -oatmif 1b1 -ots 1 -idlesupp enable
-oidlesupp enable
Alternatively, you could use the following syntax if the the input and output ports are CEM
ports that are not directly connected (e.g., an OC-3 port in between). Enter the following on
the incoming switch:
incomingswitch:services ces-> new -iatmif <AtmIf> -its <text> -oatmif <AtmIf> -ovpi
<integer> -ovci <integer> -idlesupp <state>
outgoingswitch:services ces-> new -iatmif <AtmIf> -its <text> -oatmif <AtmIf> -ovpi
<integer> -ovci <integer> -oidlesupp <state>
For example:
incomingswitch:services ces-> new -iatmif 1a3 -its 1 -oatmif 1b1 -ovpi 0 -ovci 100
-idlesupp enable
outgoingswitch:services ces-> new -iatmif 1a3 -its 1 -oatmif 1b1 -ovpi 0 -ovci 100
-oidlesupp enable
Emulation Services
Configuring Circuit
AMI command line. An idle detection mechanism is used on a per-connection basis. When
idle pattern matching is used, the default pattern is FF. The same default pattern is used for
mask pattern matching. When the signalling method is used, the default value is as per Cus-
tomer Installation to Network idle patterns. The idle detection method is based on the connec-
tion type as follows:
• CAS connections use idle CAS signalling pattern matching.
• Structured Basic connections use idle pattern matching.
For example:
myswitch:services ces-> new -iatmif <AtmIf> -its <text> -idlesupp <state> -idlepat
<text> -oatmif <AtmIf> -ovpi <integer> -ovci <integer> -cas <cas>
For example:
myswitch:services ces-> new -iatmif 1a3 -its 1 -idlesupp enable -idlepat em01
-oatmif 1b2 -ovpi 0 -ovci 100 -cas cas
For example:
For example:
For example:
For example:
Emulation Services
Configuring Circuit
-idlepat 7F -oatmif 1b2 -ovpi 0 -ovci 100
For example:
For example:
myswitch:services ces-> ?
delete Delete a CES configuration
new Create a new CES configuration
show Display CES configuration
For example:
Parameter Description
Emulation Services
Configuring Circuit
[[-ots] <text>] Output Timeslots
[[-ovpi] <integer>] Output VPI
[[-ovci] <integer>] Output VCI
[[-srts] <cbrclockmode>] SRTS
[[-fupc] <UPC Index>] Forward UPC
[[-bupc] <UPC Index>] Backward UPC
[[-cas] <cas>] CAS
[[-partialfill] <integer>] Partial Fill
[[-reassCDVT] <integer>] Reass CDVT (us)
[[-bufSize] <integer>] Buf Size
[[-integ] <integer>] Integer
[[-idlesupp] <state>] Idle Supp
[[-idlemask] <Hex Integer>] Idle Mask
[[-idlepat] <text>] Idle Pat
[[-idleintp] <integer>] Idle Int Period
[[-oidlesupp] <state>] Oidle Supp
[[-oidlemask] <Hex Integer>] Oidle Mask
[[-oidlepat] <text>] Oidle Pat
[[-oidleintp] <integer>] Oidle Intp
For example:
The CES new command can also be used in other ways. When the following parameters are
used, by default, a bidirectional PVC is created.
myswitch:services ces-> new -iatmif <AtmIf> -its <text> -oatmif <AtmIf> -ots
<text>
OR
myswitch:services ces-> new -iatmif <AtmIf> -its <text> -oatmif <AtmIf> -ovpi
<integer> -ovci <integer>
For example:
OR
myswitch:services ces-> new -iatmif 1a1 -its 1 -oatmif 1d1 -ovpi 0 -ovci 100
Parameter Description
-ifindex <integer> The index number to be assigned to this CES service. An index is automatically assigned
by the switch. The default is 0.
-iatmif <AtmIf> The input port on which the CES connection is to be created.
-its <text> Indicates which timeslots (1-24 for DS1, 1-31 for E1) are being configured for a particular
PVC. all indicates unstructured service. The time slot assignments may be either contig-
uous or non-contiguous DS0s.
Parameter Description
-oatmif <AtmIf> The output port of the CES connection, which can be a CES port or an ATM port.
-ovpi <integer> The output Virtual Path Identifier (VPI) of the CES connection when the output port is not
a CES port.
-ovci <integer> The output Virtual Channel Identifier (VCI) of the CES connection when the output port is
not a CES port.
-ots <text> The output timeslots of the CES connection when the output port is a CES port.
-srts <cbrclockmode> Indicates whether Synchronous Residual Time Stamp (SRTS) clock recovery is to be
enabled on this connection. srts indicates that SRTS is enabled. synch indicates that
Emulation Services
Configuring Circuit
SRTS is disabled. The default is synch.
-fupc <UPC Index> The UPC contract type to be used in the ingress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-bupc <UPC Index> The UPC contract type to be used in the egress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-cas <cas> Indicates whether Channel Associated Signalling (CAS) is to be used on the connection.
basic indicates that CAS will not be used, cas indicates that CAS will be used. The
default is basic.
-partialfill <integer> Indicates how many of the available 47 payload bytes in each cell are used before they are
deemed “full” and ready for transmission across the ATM network (i.e., how much of the
ATM cell contains data and how much is padding). The range for this parameter is 12 to
47. The default value is 47. Partialfill is used to minimize network transmission latency
and is useful especially with time-sensitive, robbed-bit signalling sources.
-reassCDVT <integer> The Cell Delay Variation Tolerance for cells being received by the segmentation and reas-
sembly (SAR) engine. This value must be entered as a multiple of 10 (µs). The range for
this parameter is 100 to 24000 (in µs), and the default is 2000.
-bufSize <integer> The amount of reassembly buffer space allocated for the connection. The default is 256
bytes per timeslot.
-integ <integer> The amount of time allocated to re-establish the connection before, while, or after the call
is established, or in the case of interruption. The default is 2500 milliseconds.
-idlesupp <state> enable means idle channel suppression is going to be used on the incoming side of this
connection. disable means idle channel suppression is not going to be used on the
incoming side of this connection. The default is disable. When this option is enabled on
structured basic connections, a minimum partialfill size of 24 is required. For proper oper-
ation, idle channel suppression must be enabled on both the input and the output side of
the connection.
-idlemask <integer> The mask pattern for idle detection on the incoming side of this connection. This method
is only used for structured basic service. The range of values is 00 to FF. The default is FF.
Parameter Description
-oatmif <AtmIf> The output port of the CES connection, which can be a CES port or an ATM port.
-ovpi <integer> The output Virtual Path Identifier (VPI) of the CES connection when the output port is not
a CES port.
-ovci <integer> The output Virtual Channel Identifier (VCI) of the CES connection when the output port is
not a CES port.
-ots <text> The output timeslots of the CES connection when the output port is a CES port.
-srts <cbrclockmode> Indicates whether Synchronous Residual Time Stamp (SRTS) clock recovery is to be
enabled on this connection. srts indicates that SRTS is enabled. synch indicates that
SRTS is disabled. The default is synch.
-fupc <UPC Index> The UPC contract type to be used in the ingress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-bupc <UPC Index> The UPC contract type to be used in the egress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-cas <cas> Indicates whether Channel Associated Signalling (CAS) is to be used on the connection.
basic indicates that CAS will not be used, cas indicates that CAS will be used. The
default is basic.
-partialfill <integer> Indicates how many of the available 47 payload bytes in each cell are used before they are
deemed “full” and ready for transmission across the ATM network (i.e., how much of the
ATM cell contains data and how much is padding). The range for this parameter is 12 to
47. The default value is 47. Partialfill is used to minimize network transmission latency
and is useful especially with time-sensitive, robbed-bit signalling sources.
-reassCDVT <integer> The Cell Delay Variation Tolerance for cells being received by the segmentation and reas-
sembly (SAR) engine. This value must be entered as a multiple of 10 (µs). The range for
this parameter is 100 to 24000 (in µs), and the default is 2000.
-bufSize <integer> The amount of reassembly buffer space allocated for the connection. The default is 256
bytes per timeslot.
-integ <integer> The amount of time allocated to re-establish the connection before, while, or after the call
is established, or in the case of interruption. The default is 2500 milliseconds.
-idlesupp <state> enable means idle channel suppression is going to be used on the incoming side of this
connection. disable means idle channel suppression is not going to be used on the
incoming side of this connection. The default is disable. When this option is enabled on
structured basic connections, a minimum partialfill size of 24 is required. For proper oper-
ation, idle channel suppression must be enabled on both the input and the output side of
the connection.
-idlemask <integer> The mask pattern for idle detection on the incoming side of this connection. This method
is only used for structured basic service. The range of values is 00 to FF. The default is FF.
Parameter Description
-oatmif <AtmIf> The output port of the CES connection, which can be a CES port or an ATM port.
-ovpi <integer> The output Virtual Path Identifier (VPI) of the CES connection when the output port is not
a CES port.
-ovci <integer> The output Virtual Channel Identifier (VCI) of the CES connection when the output port is
not a CES port.
-ots <text> The output timeslots of the CES connection when the output port is a CES port.
-srts <cbrclockmode> Indicates whether Synchronous Residual Time Stamp (SRTS) clock recovery is to be
enabled on this connection. srts indicates that SRTS is enabled. synch indicates that
Emulation Services
Configuring Circuit
SRTS is disabled. The default is synch.
-fupc <UPC Index> The UPC contract type to be used in the ingress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-bupc <UPC Index> The UPC contract type to be used in the egress direction of the connection. (See Part 1 of
the AMI Configuration Commands Reference Manual for more information about UPC con-
tracts.)
-cas <cas> Indicates whether Channel Associated Signalling (CAS) is to be used on the connection.
basic indicates that CAS will not be used, cas indicates that CAS will be used. The
default is basic.
-partialfill <integer> Indicates how many of the available 47 payload bytes in each cell are used before they are
deemed “full” and ready for transmission across the ATM network (i.e., how much of the
ATM cell contains data and how much is padding). The range for this parameter is 12 to
47. The default value is 47. Partialfill is used to minimize network transmission latency
and is useful especially with time-sensitive, robbed-bit signalling sources.
-reassCDVT <integer> The Cell Delay Variation Tolerance for cells being received by the segmentation and reas-
sembly (SAR) engine. This value must be entered as a multiple of 10 (µs). The range for
this parameter is 100 to 24000 (in µs), and the default is 2000.
-bufSize <integer> The amount of reassembly buffer space allocated for the connection. The default is 256
bytes per timeslot.
-integ <integer> The amount of time allocated to re-establish the connection before, while, or after the call
is established, or in the case of interruption. The default is 2500 milliseconds.
-idlesupp <state> enable means idle channel suppression is going to be used on the incoming side of this
connection. disable means idle channel suppression is not going to be used on the
incoming side of this connection. The default is disable. When this option is enabled on
structured basic connections, a minimum partialfill size of 24 is required. For proper oper-
ation, idle channel suppression must be enabled on both the input and the output side of
the connection.
-idlemask <integer> The mask pattern for idle detection on the incoming side of this connection. This method
is only used for structured basic service. The range of values is 00 to FF. The default is FF.
Parameter Description
-idlepat <text> The pattern for idle detection on the incoming side of this connection. For detection based
on both idle and mask patterns, it contains the idle octet pattern. For detection based on
signalling, it contains one of the following CAS patterns: em00, em01, fxolsuser01,
fxolsuser11, fxolsnet00, fxolsnet01, fxslsuser00, fxslsuser01, fxslsnet01, fxslsnet11,
fxsgsuser01, fxsgsnet10, fxsgsnet11, fxogsuser10, fxogsuser11, fxogsnet01, r210. A maxi-
mum of one idle pattern can be used for structured basic connections. Idle patterns are
filled from the least significant byte. The default is FF for structured basic connections. The
default CAS idle AB bit pattern is em00.
-idleintp <integer> The integration period for idle detection on the incoming side of this connection. Idle pat-
terns are observed for this period before declaring that an active connection has gone idle.
For both CAS and basic connections, the range of values is 500 milliseconds to 2 seconds
and the default is 1 second.
-oidlesupp <state> enable means idle channel suppression is going to be used on the outgoing side of this
connection. disable means idle channel suppression is not going to be used on the out-
going side of this connection. The default is disable. When this option is enabled on
structured basic connections, a minimum partialfill size of 24 is required. For proper oper-
ation, idle channel suppression must be enabled on both the input and the output side of
the connection.
-oidlemask <integer> The mask pattern for idle detection on the outgoing side of this connection. This method is
only used for structured basic service. The range of values is 00 to FF. The default is FF.
-oidlepat <text> The patterns for idle detection on the outgoing side of this connection. For detection based
on both idle and mask patterns, it contains the idle octet patterns. For detection based on
signalling, it contains one of the following CAS patterns: em00, em01, fxolsuser01,
fxolsuser11, fxolsnet00, fxolsnet01, fxslsuser00, fxslsuser01, fxslsnet01, fxslsnet11,
fxsgsuser01, fxsgsnet10, fxsgsnet11, fxogsuser10, fxogsuser11, fxogsnet01, r210. A maxi-
mum of one idle pattern can be used for structured basic connections. Idle patterns are
filled from the least significant byte. The default is FF for structured basic connections. The
default CAS idle AB bit pattern is em00.
-oidleintp <integer> The integration period for idle detection on the outgoing side of this connection. Idle pat-
terns are observed for this period before declaring that an active connection has gone idle.
For both CAS and basic connections, the range of values is 500 milliseconds to 2 seconds
and the default is 1 second.
Emulation Services
Configuring Circuit
1052 down 4A3 4 0 132 pvc 4A2 3 0 131
Field Description
CES Index The identification number (assigned by the switch) of this CES connection.
Input AtmIf The incoming port on which the CES connection exists.
Input State Indicates whether the CES connection is enabled (up) or disabled (down).
Input Timeslots Indicates which timeslots (1-24 for DS1, 1-31 for E1) are configured for the input port. all
indicates unstructured service.
Output AtmIf The outgoing port on which the CES connection exists.
Output Timeslots Indicates which timeslots (1-24 for DS1, 1-31 for E1) are configured for the output port.
all indicates unstructured service.
Type The type of ATM connection (i.e., PVC or SPVC) that is associated with the CES connec-
tion.
Field Description
CES Index The identification number (assigned by the switch) of this CES connection.
Clock Mode Synch means that the connection is in synchronous mode (either structured or unstruc-
tured). SRTS means that the connection is in asynchronous (unstructured) mode. (Syn-
chronous Residual Time Stamp (SRTS) clock recovery is enabled on this connection.)
Cas basic indicates that Channel Associated Signalling (CAS) will not be used, cas indicates
that CAS will be used.
Partial Fill Indicates how many of the available 47 payload bytes in each cell are used before they are
deemed “full” and ready for transmission across the ATM network (i.e., how much of the
ATM cell contains data and how much is filler). partialfill is used to minimize network
transmission latency and is useful especially with time-sensitive, robbed-bit signalling
sources.
Max Buf The amount of reassembly buffer space allocated for the connection. The default is 256
bytes per timeslot.
Integ. Period The amount of time allocated to re-establish the connection before, while, or after the call
is established, or in the case of interruption. The default is 2500 milliseconds.
reass CDVT The Cell Delay Variation Tolerance for cells being received by the segmentation and reas-
sembly (SAR) engine.
Emulation Services
Configuring Circuit
1052 enabled pattern 255 1 255 1000
Field Description
CES Index The identification number (assigned by the switch) of this CES connection.
IdleSupp State enabled means idle channel suppression is going to be used on this connection.
disabled means idle channel suppression is not going to be used on this connection.
Idle Mask The mask pattern for idle detection on this connection. This method of idle detection can
only be used on basic and unstructured connections.
NoOf Patt The number of idle patterns configured for detection. This field is read-only.
Idle Patterns The patterns for idle detection on this connection. For detection based on both idle and
mask patterns, it contains the idle octet patterns. For detection based on signalling, it con-
tains one of the following patterns: em00, em01, fxolsuser01, fxolsuser11, fxolsnet00,
fxolsnet01, fxslsuser00, fxslsuser01, fxslsnet01, fxslsnet11, fxsgsuser01, fxsgsnet10,
fxsgsnet11, fxogsuser10, fxogsuser11, fxogsnet01, r210. A maximum of one idle pattern can
be used for structured basic connections. Idle patterns are filled from the least significant
byte.
IdleInt. Period (ms) The integration period for idle detection on this connection. Idle patterns are observed for
this period before declaring that an active connection has gone idle.
Field Description
CES Id The CES service ID of the CES connection for which statistics are shown.
Reass Cells The number of cells that have been reassembled on the port.
Header Errors The number of AAL1 header errors that have been seen on the port.
Lost Cells The number of cells that have been lost on the port.
Buffer OverFlows The number of extra bytes received which were not anticipated.
CellLoss Status Indicates whether the AAL1 state machine is currently in a state where cells are not being
received. Displays one of the following: loss, no loss, idle, or no cells.
This appendix discusses the conversion of both non-hierarchical and hierarchical FT-PNNI
networks to ATM Forum PNNI (hereafter referred to as PNNI) routing. It also describes the
conversion of a non-hierarchical PNNI network to a lop-sided hierarchical PNNI network. It is
assumed that you are familiar with the fundamentals of FT-PNNI and PNNI routing and
familiar with FORE’s implementation of PNNI as described in Chapter 6 of this manual.
The first section discusses PNNI routing in networks that contain ASX-1000, ASX-1200, or
TNX-1100 switches. The various procedures for converting your network are described in the
later sections. If you do not have any ASX-1000, ASX-1200, or TNX-1100 switches in your net-
work, you can skip to Section C.2 or Section C.3 to learn how to convert your network from
FT-PNNI to PNNI. You can skip to Section C.4 to learn how to convert your non-hierarchical
PNNI network to a lop-sided hierarchical PNNI network. If you do have ASX-1000, ASX-1200,
or TNX-1100 switches in your network, it is recommended that you read Section C.1 first to
Converting FT-PNNI
and PNNI Networks
avoid potential configuration problems when migrating your network.
• Section C.1 - ASX-1000, ASX-1200, and TNX-1100 Routing Configuration Issues
• Section C.2 - Migration of a Non-Hierarchical FT-PNNI Network
• Section C.3 - Migration of a Hierarchical FT-PNNI Network
• Section C.4 - Migration of a Non-hierarchical PNNI Network to a Lop-sided
Hierarchical PNNI Network
Figure C.1 - Invalid Configuration of ASX-1000, ASX-1200, or TNX-1100 Split between Two
FT-PNNI Peer Groups
Suppose you want to route from A.4 to B.3. After the initial step of prefix matching, the Peer
Group Summary Node (PGSN) of peer group B (not shown in the figure) is chosen as the des-
tination for this path computation. Since B.1 and B.2 both advertise links to the PGSN and
they are equidistant from A.4, A.4 may decide to construct the Destination Transit List (DTL)
as A.4 to A.2 to B.2 to B’s PGSN. When the setup of this call proceeds into peer group B and
reaches node B.2, the only way to route to B.3 is through B.1. But since you cannot take a two-
hop path across the ASX-1000, ASX-1200, or TNX-1100, this call setup will fail.
This problem can be avoided by not breaking up an ASX-1000, ASX-1200, or TNX-1100
between multiple FT-PNNI peer groups. For example, in the network in Figure C.2, the entire
ASX-1000, ASX-1200, or TNX-1100 could have been made part of peer group B with only A.3,
A.4, and A.5 in peer group A. A.3 and A.4 would be the border nodes in peer group A con-
nected to A.1 and A.2 (re-numbered to have B as their peer group ID) in peer group B.
Converting FT-PNNI
and PNNI Networks
B.4
A.2
Figure C.2 - Invalid Configuration of ASX-1000, ASX-1200, or TNX-1100 Split between Two PNNI
Peer Groups
The problem in the network shown above occurs when computing a path from A.2 to B.3. In
this case, routing is forced to use a two-hop path across the backplane, thereby failing to set up
a call. To avoid this problem, be sure that you configure all fabrics in an ASX-1000, ASX-1200,
or TNX-1100 as part of the same peer group.
Converting FT-PNNI
and PNNI Networks
Figure C.3 - Multiple Fabrics of an ASX-1000, ASX-1200, or TNX-1100 Incorrectly Configured as
Gateways
In the above figure, the ASX-1000, ASX-1200, or TNX-1100 shown is predominantly part of the
FT-PNNI peer group B. However, the ASX-1000, ASX-1200, or TNX-1100 has gateways config-
ured to the PNNI peer group A. Since fabric 1 and fabric 2 are both configured as gateways, the
link between them comes up as a PNNI link in peer group A. Because of this, the backplane
links of the ASX-1000, ASX-1200, or TNX-1100 are divided between peer group A and peer
group B. This may cause two-hop paths to be taken across the backplane links and is an invalid
configuration. To avoid this problem, be sure that you configure either only one of the fabrics
on an ASX-1000, ASX-1200, or TNX-1100 as a gateway between a single FT-PNNI area and a
single PNNI area, or all of the fabrics on an ASX-1000, ASX-1200, or TNX-1100 as a gateway
between the same FT-PNNI area and the same PNNI area.
FT-PNNI node
FT-PNNI link S2 S3
S1
S4 S5
This network has five switches named S1 through S5. The following steps are involved in
changing over this network.
Converting FT-PNNI
and PNNI Networks
1. Upgrade all of the switches to ForeThought 6.1.x using the following AMI
command:
For more information about upgrading your switches, see Chapter 4 of the ATM
Switch Installation and Maintenance Manual.
2. Convert S5 to a gateway switch by modifying the default protocol of the default
domain in S5 to gateway using the following AMI command:
Reboot switch S5. Upon the reboot, S5 will come up with two nodes: one FT-PNNI
node and one PNNI node. By default, these nodes are in areas 4 and 5, respectively,
and levels 4 and 5, respectively. At this point, the nodes in the network are divided
between the two areas with the PNNI node being the only node in area 5 as shown
in Figure C.5.
Reboot switch S3. Upon the reboot, S3 will come up with two nodes: one FT-PNNI
node in area 4 and one PNNI node in area 5. The link between the two gateway
switches S5 and S3 will come up as a PNNI link as shown in Figure C.6. This is the
first PNNI link in the network. All of the other links are still FT-PNNI links.
Reboot switch S4. Upon the reboot, S4 will come up with a FT-PNNI node in area
4 and a PNNI node in area 5. The link between S4 and S5 will come up as a PNNI
link, and the link between S3 and S4 will come up as a PNNI link, since they are
both gateway switches.
5. At this point, S5 no longer has any links attached to its FT-PNNI node, so it does
not need to be a gateway switch anymore. Modify the default protocol of S5 to
pnni using the following AMI command:
Reboot switch S5. The state of the network at this point is shown in Figure C.7.
Converting FT-PNNI
and PNNI Networks
PNNI node
PNNI link Fore Area A4
Fore Level L4 S2 S3
FT-PNNI peer group boundary
FT-PNNI node
S1 A5
FT-PNNI link L5
S4 S5
Reboot switch S2. Upon the reboot, S2 will come up with a FT-PNNI node in area
4 and a PNNI node in area 5. The only FT-PNNI links left in the network are
between S1 and S2 and between S1 and S4.
7. At this point, S3 no longer has any links attached to its FT-PNNI node, so it does
not need to be a gateway switch anymore. Modify the default protocol of S3 to
pnni using the following AMI command:
Reboot switch S1. Now all of the links have been switched over to PNNI.
9. Convert both S2 and S4 to PNNI by modifying the default protocol of both S2 and
S4 to pnni using the following AMI command:
Reboot switches S2 and S4. The final state of the network upon completion of the
conversion is shown in Figure C.8.
PNNI node
PNNI link S2 S3
Fore Area A5
S1 Fore Level L5
S4 S5
Converting FT-PNNI
and PNNI Networks
a contiguous backbone as shown in Figure C.9 to a PNNI network. In this figure, only the bor-
der nodes are shown. The individual nodes within each peer group are not shown.
C.1
C.2
PG C
Figure C.9 - Hierarchical FT-PNNI Network with 3 Peer Groups and a Contiguous Backbone
For more information about upgrading your switches, see Chapter 4 of the ATM Switch
Installation and Maintenance Manual. After the upgrade, there is only one FT-PNNI area with
area ID 4 and level 4. The three FT-PNNI peer groups are contained within this one area.
2. Modify the default protocol of the default domain in C.1 to gateway using the fol-
lowing AMI command:
Reboot switch C.1. Upon the reboot, C.1 will come up with two nodes: one
FT-PNNI node and one PNNI node. There are now two areas: one FT-PNNI area 4
at level 4, and one PNNI area 5 at level 2.
3. A.1 will be the second switch to be converted to a gateway between the existing
FT-PNNI area and the PNNI area to be created. Change the peer group ID of its
PNNI node (currently down) to D, modify the level of its PNNI node to 2, and
modify the default protocol of the default domain in A.1 to gateway using the fol-
lowing AMI commands:
Converting FT-PNNI
and PNNI Networks
routing domain modify -id <integer> -defaultproto gateway
Reboot switch A.1. Upon the reboot, the link between the PNNI nodes on C.1 and
A.1 now becomes the first PNNI link in the network. The state of the network at
this stage is shown in Figure C.10.
C.1
C.2
PG C
4. B.1 will be the next switch to be converted to a gateway switch. Administer the
node down. Change the peer group ID of its PNNI node to D, modify the level of
its PNNI node to 2, modify the default protocol of the default domain in B.1 to
gateway, then administer the node up using the following AMI commands:
Reboot switch B.1. Upon the reboot, the link between the A.1 and B.1 becomes a
PNNI link.
5. At this point, the FT-PNNI peer group A is now severed from the rest of the
FT-PNNI area. Since there are now two areas with area ID 4, one of them has to be
renamed. Change the area ID of the FT-PNNI node on A.1 to 2 using the following
AMI command:
Reboot A.1 so the change takes effect. Figure C.11 shows the state of the network
at this point.
C.2 PG C
Figure C.11 - Peer Group Severed from the Rest of the FT-PNNI Area
6. C.2 is the final backbone switch to be converted to a gateway switch. Change the
peer group ID of its PNNI node (currently down) to D, modify the level of its PNNI
node to 2, and modify the default protocol of the default domain in C.2 to gateway
using the following AMI commands:
Reboot switch C.2. Upon the reboot, all of the backbone links of the network are
converted to PNNI.
7. At this point, the FT-PNNI peer group B is an area by itself. So, the area ID of the
FT-PNNI node on B.1 needs to be changed to 3 using the following AMI command:
Converting FT-PNNI
and PNNI Networks
Reboot switch B.1. The FT-PNNI peer group C is also an area by itself, but it can be
allowed to retain its original area ID of 4. Upon the reboot of switch B.1, the migra-
tion of the backbone is complete.
C.6
C.6 will be the first switch to be converted to a gateway between the existing FT-PNNI area
and the PNNI area. This area should be at a lower level. The level of this peer group will be 6.
1. Modify the level of the PNNI node (currently down) in C.6 to 2, change the area ID
of its PNNI node to 6, and modify the default protocol of the default domain in C.6
to gateway using the following AMI commands:
Reboot switch C.6. Upon the reboot, the first PNNI node is created in area 6. At this
point, this node has no links attached to it.
2. Convert C.5 to a gateway switch by changing the level of its PNNI node to 6,
changing the area ID of C.5 to 6, and modifying the default protocol of the default
domain in C.5 to gateway using the following AMI commands:
Reboot switch C.6. Upon the reboot, the first PNNI link in area 6 comes up between
switches C.6 and C.5.
3. Convert C.4 to a gateway switch by changing the level of its PNNI node to 6,
changing the area ID of C.4 to 6, and modifying the default protocol of the default
domain in C.4 to gateway using the following AMI commands:
Converting FT-PNNI
and PNNI Networks
routing pnni node modify -index <integer> -forelevel 6 -forearea 6
Reboot switch C.4. Upon the reboot, the link between C.4 and C.6 comes up as
PNNI in area 6. The links between C.4 and C.2 and between C.4 and C.1 will
attempt to come up as PNNI (because these links are between two gateway
switches), but they will not become operational (because the PNNI links will not
reach the two-way-inside hello state).
4. Since C.6 does not need to be a gateway switch anymore, change the default pro-
tocol of the default domain in C.6 to pnni using the following AMI command:
5. Since C.3 is the last FT-PNNI switch, convert it directly to a PNNI switch by chang-
ing the level of its PNNI node to 6, changing the area ID of C.3 to 6, and modifying
the default protocol of the default domain in C.3 to pnni using the following AMI
commands:
Reboot switch C.3. Upon the reboot, the link between C.3 and C.1 will attempt to
become PNNI, but will not become operational. At this point, the peer group is
temporarily separated from the backbone and other peer groups in the network as
shown in Figure C.13. It will be restored to full connectivity when C.1 and C.2 have
their second PNNI nodes created.
C.5
C.2
C.4 C.6
A6
L6
PG C
6. Since C.5 and C.4 do not need to be gateway switches anymore, change the default
protocol of the default domain in C.5 and in C.4 to pnni using the following AMI
command:
7. Change the default protocol of the default domain in C.1 to pnni using the follow-
ing AMI command:
Reboot switch C.1. Then, modify the interfaces on C.1 corresponding to the links
to C.4 and C.3 and attach them to node 2 on C.1. Use the following AMI command
for each link:
Converting FT-PNNI
and PNNI Networks
This brings the links to C.3 and C.4 back to being operational.
9. Change the default protocol of the default domain in C.2 to pnni using the follow-
ing AMI command:
11. Modify the interfaces on C.2 corresponding to the link to C.4 and attach it to node
2 on C.2. Use the following AMI command for each link:
Reboot C.2. This brings the link between C.2 and C.4 back to being operational.
12. Upon reboot of C.1, C.3 and C.4 will no longer need to be gateway switches. So,
modify the default protocol to PNNI using the following AMI command on each
switch:
PNNI node
PNNI peer group boundary PG A
A3
L4
A2
L4 A6
PG D L4
PG B
A5 PG C
L2
Converting FT-PNNI
and PNNI Networks
For more information about upgrading your switches, see Chapter 4 of the ATM Switch
Installation and Maintenance Manual.
Reboot the switch. This creates the first PNNI node in the network with a default
area 5 and level 5 as shown in Figure C.15.
A4 A.1
L4 C.1 C.3 PG C
C.2
PG B
C.5
C.4
B.1
C.6
A5
L5
2. Modify the default protocol of the default domain in C.5 to gateway using the fol-
lowing AMI command:
Reboot switch C.5. This creates the second PNNI node in the network and the first
PNNI link in area 5 between C.6 and C.5.
3. Modify the default protocol of the default domain in C.3 to gateway using the fol-
lowing AMI command:
Reboot switch C.3. This creates the second PNNI link in the network between C.5
and C.3.
4. At this point, C.5 does not have any more FT-PNNI links left. So, modify the
default protocol of the default domain in C.5 to pnni using the following AMI
command:
Converting FT-PNNI
and PNNI Networks
7. C.1 is the next switch to be changed to a gateway. Since the FT-PNNI peer group of
C will become partitioned when C.1 becomes a gateway switch, it is a good idea to
change the peer group ID of the FT-PNNI node on C.1 so that other peer groups
will not attempt to use peer group C as a transit peer group while computing inter-
peer group routes. Change the peer group ID of the FT-PNNI node on C.1 to E
(something other than C) using the following AMI commands:
Answer no to the question of whether or not you want to the switch to be rebooted.
8. Modify the default protocol of the default domain in C.1 to gateway as follows:
Now reboot switch C.1. Two more PNNI links between C.1 and C.3 and between
C.1 and C.4 are created.
9. Since C.3 no longer needs to be a gateway switch, modify the default protocol of
the default domain in C.3 to pnni using the following AMI command:
10. C.2 is the last switch in the peer group to become a gateway. Modify the default
protocol of the default domain in C.2 to gateway using the following AMI
command:
Upon the reboot of C.2, the last FT-PNNI link (between C.2 and C.4) in the peer
group becomes a PNNI link.
11. Modify the default protocol of the default domain in C.4 to pnni using the follow-
ing AMI command:
PG B
C.5
C.2
B.1
C.4
C.6
Converting FT-PNNI
and PNNI Networks
routing domain modify -id <integer> -defaultproto pnni
Reboot switch C.1. This is the first node in the backbone area.
3. Modify the interface on C.1 corresponding to the link to A.1 and attach it to the
newly-created node 2 on C.1 using the following AMI command:
4. Change the default protocol of the default domain in A.1 to pnni using the follow-
ing AMI command:
Reboot switch A.1. The FT-PNNI link between A.1 and B.1 is lost at this stage and
connectivity between peer group A and the rest of the network is severed.
5. Create a second PNNI node in A.1 with a node index of 2, the peer group ID set to
D, area 3, and level 2 using the following AMI commands:
At this point, the connectivity between peer groups A and C should be restored,
but peer groups A and B still remain disconnected. The current state of the network
is shown in Figure C.17.
C.1
A3 A5
L2 L5 C.3 PG C
PG B
C.5
A4 C.2
B.1
Converting FT-PNNI
and PNNI Networks
L4
C.4
C.6
To quickly restore the connectivity, the rest of the backbone should be migrated to PNNI.
7. Change the peer group ID to D, the level to 2, and area to 3 on the PNNI node in
B.1, and change the default protocol of the default domain in B.1 to gateway using
the following AMI commands:
Reboot switch B.1. The link between A.1 and B.1 should now be restored as a PNNI
link and connectivity resumes between A and B.
8. C.2 no longer needs to be a gateway switch. Modify the default protocol of the
default domain in C.2 to pnni using the following AMI command:
Reboot switch C.2. Upon the reboot, the backbone and peer groups A and C are
now running PNNI and only peer group B needs to be migrated. The current state
of the network is shown in Figure C.18.
PG B
A5
A4 C.1 L5
L4 B.1 C.3 PG C
PG D
A3
L2
C.2 C.5
C.4
C.6
B.1 A4
L4
C.1
Converting FT-PNNI
and PNNI Networks
PG B
B.2
PG C
C.2
Figure C.19 - Hierarchical FT-PNNI Network with 3 Peer Groups and a Non-contiguous Backbone
Upon the complete migration of this network to PNNI, the network is modified as follows:
• Make peer group A the backbone area in a split-switch based hierarchical net-
work.
• Peer group A would become a PNNI area with an area ID of 2 and level 2 with a
single PNNI peer group in the new network.
• Peer group B would become a PNNI area with an area ID 1 and level 4 (a lower
level than 2) with a single PNNI peer group.
• Peer group C would become a PNNI area with an area ID 3 and level 4 (a lower
level than 2) with a single PNNI peer group.
• The link between B.2 and C.2 in the FT-PNNI network can be placed in a new area
(with peer group ID D), which is a higher level area connecting peer groups B and
C and acts as a back door entry between the two peer groups. This provides the
redundancy that this link offered in the original FT-PNNI network.
Figure C.20 shows the state of the network on the completion of the migration.
B.1 C.1
A4
L2
PG B B.2
A1 C.2 PG C
L4
D.2 D.1 A3
L4
PG D
Converting FT-PNNI
and PNNI Networks
4. Verify the election on all of the switches.
5. Change the interface on the node that resides in the higher level peer group.
6. Verify that this interface becomes an outside link.
7. Administer the de-activated node down.
8. Verify that the LGN has set up an SVCC RCC.
9. Repeat step 1 through step 8 for each peer group.
For more information about upgrading your switches, see Chapter 4 of the ATM
Switch Installation and Maintenance Manual.
2. Start by migrating peer group B.X. Select a peer group leader (PGL) candidate and
set its node PGL priority to a non-zero value so that it gets elected as PGL. In this
example, B.X.1 is used.
4. Verify the election on all of the switches in peer group B.X using the following
command:
On the node that has been elected PGL, the PglState should say operPgl. At
Converting FT-PNNI
this point, an LGN B.X representing peer group B.X has been activated by the PGL
5. On the split switch containing B.X.2 (lower level node) and B.1 (higher level node),
move any links attached to the higher level node (B.1) to the lower level node
(B.X.2) as shown in Figure C.23. Change the interfaces on node 1 (B.X.2) using the
following commands:
6. These links become PNNI outside links because they connect nodes in two differ-
ent peer groups (PG B.X and PG B). Verify that 1C1 0 and 1D1 0 become outside
links by noting that the HelloSt for each says twoWayOutside using the follow-
ing command:
routing show
7. Node B.1 (node 2 on the split switch) can now be de-activated. Administer this
node down as follows:
The peer groups now look like the example in Figure C.24.
B.Y.3
B.X.2 Level 80
B.Y.1 B.Y.2
B.X.1
Level 80 PG B.Y
B.X.3
PG B.X
Figure C.24 - Node B.1 is De-activated and LGN B.X Represents Peer Group B.X
Converting FT-PNNI
and PNNI Networks
8. LGN B.X (residing at the same switch as B.X.1) now sets up SVCC RCCs to B.2 and
B.3 and initiates a peer relationship with them. LGN B.X now becomes an integral
part of peer group B. Verify that the LGN has set up an SVCC RCC with B.2 and
B.3 as follows:
a. On the LGN switch, use the following command:
The HelloState should say twoWayInside because the switches are within the
same peer group.
b. On switches B.2 and B.3, use the following command:
The HelloState should say twoWayInside because the switches are within the
same peer group.
9. Repeat step 1 through step 8 on peer group B.Y to convert it in a similar manner so
that B.Y.3 is the PGL in peer group B.Y and so that LGN B.Y is created as shown in
Figure C.25.
B.X.2 B.Y.3
Level 80
B.X.1
B.Y.1 B.Y.2
Level 80
B.X.3
PG B.X PG B.Y
FramePlus Modules
Configuring
If you choose highzero, you want all of the buffering space to go in the low priority buffer and
none in the high priority buffer. If you choose high1quarter, then one fourth of the buffering
FramePlus Modules
space goes in the high priority buffer and three fourths goes in the low priority buffer, etc.
Configuring
Before you can change the buffer allocation, you must first take the network module out of
service by administering it down as follows:
myswitch:hardware netmod-> modify -module 1d -admin down
Disabling the network module will destroy all
existing connections going through it.
You need to administer the network module back up after you make the change.
myswitch:hardware netmod-> modify -module 1d -admin up
For this buffer configuration example, assume you have set the buffers to use high2quarter,
meaning that both the high and low priority buffers have 16, 384 cells as shown in Figure D.1.
Figure D.1 - Buffer Sizes Configured Using the Hardware Netmod Fram Modify Command
FramePlus Modules
Figure D.2 - CLP0PPD Automatically Calculated
Configuring
FramePlus Modules
Configuring
FramePlus Modules
or to a FUNI PVC using the -epdppd <integer> option under services funi pvc new.
Configuring
The EPD/PPD profile lets you specify which priority buffer (high or low) will handle the traf-
fic of the given PVC. The different thresholds can be enabled or disabled per PVC. These
thresholds can be configured under hardware netmod fram modify.
FramePlus Modules
Configuring
D.3.6 FUNI Profile
The FUNI profile lets you determine the VPI, VCI range to use for FUNI connections. The pro-
file then can be applied on a per-service basis to a FUNI service using the -funi <integer>
option under services funi new.
D.3.7 Services
A service is a grouping of timeslots on a port. In this respect, a service is similar to an ATM
PVP. Multiple DLCIs (connections) can exist within each service.
FramePlus Modules
Configuring
myswitch:services fratm-> new -iatmif 4c1 -timeslotstr 2 -lmi 1 -name service_b
-stats enabled
The newly created service id is 4C1:01
3. Create a new service using the port from step 1 as the -iatmif, specifying the
timeslots (-timeslotstr) as either all or 0-31, and using the service profile
from step 2 for -service, as follows:
FramePlus Modules
and -ovci must be specified.
Configuring
To create a port-to-port Frame connection (both
ends on the same FramePlus network module),
the -oserviceid and -odlci must be
specified.
myswitch:services fratm pvc-> new -id 4C1:00 -dlci 100 -oatmif 4d1 -ovpi 0 -ovci
100 -epdppd 1 -name pvc_a
myswitch:services fratm pvc-> new -id 4C1:01 -dlci 101 -oatmif 4d1 -ovpi 0 -ovci
101 -name pvc_b
myswitch:services fratm pvc-> new -id 4C1:02 -dlci 102 -oatmif 4d1 -ovpi 0 -ovci
102 -name pvc_c
FramePlus Modules
Configuring
4. Create a dangling PVC on the source switch (i.e., do not specify the -oatmif,
-ovpi, and -ovci parameters) as follows:
5. Create a service on the destination switch (tuna) if you have not already done so as
follows:
tuna:services fratm-> new -id 1a1:00 -iatmif 1a1 -timeslotstr 1
NOTICE: SNMP_TRAP: Specific 4 (linkUp) [1059] [2] [1] [Xmit]
The newly created service ID is 1A1:00.
8. Now create the destination side of the first unidirectional SPVC. This time use the
SPANS Address from the source switch (shark) as the -srcswitchaddr value as
follows:
9. Verify that the unidirectional SPVC is up on both switches by looking at the State
field as follows:
10. Create another unidirectional SPVC going in the other direction. This time tuna is
the source and shark is the destination as follows:
11. Verify that the second unidirectional SPVC is up on both switches by looking at the
State field as follows:
FramePlus Modules
tuna:connections smartchannel spans source-> show
Local Remote State
Configuring
ID AtmIf VPI VCI BW ID
1 1A1 0 32 0 1 up
Remote ATM Addr: 00000000.f21a333b
3. Create a dangling PVC on the source switch (i.e., do not specify the -oatmif,
-ovpi, and -ovci parameters) as follows:
4. Create a service on the destination switch (tuna) if you have not already done so as
follows:
6. Find the destination NSAP of the destination ATM interface (1A1 in this example)
on the destination switch as follows:
7. Create the PNNI PP SPVC on the source switch. Copy and paste the value from the
Destination NSAP field in the previous step as the -calledatmaddr value as
follows:
8. Verify that the PNNI PP SPVC is up on the source switch by looking at the State
field as follows:
Your bi-directional PNNI PP SPVC from the source switch to the destination switch is now
complete.
FramePlus Modules
Configuring
The application key should be specified only if you want to reconfigure the network module
to run a different type of application. When you change the application, the switch deletes all
existing services and PVCs that use a different application, and removes them from the CDB
(i.e., if you are changing from Frame Relay to FUNI, the switch deletes existing Frame Relay
information, and vice versa). To change the application, first admin the module down:
myswitch:hardware netmod-> modify 2B down
WARNING: Disabling the network module will destroy all existing connections
going through it.
Do you wish to continue (y or n)? y
FramePlus Modules
myswitch:services funi-> new -iatmif 4c1 -timeslotstr 1 -name service_a
Configuring
notice: The newly created service ID is 4C1:00.
As you can see in the Stats field, the collection of statistics is disabled, by default, at the ser-
vice level. It is enabled, by default, at the module level. If you want to collect statistics, you
must enable that functionality here at the service level as well:
3. Create a new service using the port from step 1 as the -iatmif, specifying the
timeslots (-timeslotstr) as either all or 0-31, and using the service profile
from step 2 for -service, as follows:
FramePlus Modules
The default minimum VCI is 32 and the default
Configuring
NOTE maximum VCI is 63. If you are trying to create a
PVC on a FUNI service that uses the default
FUNI service profile, you are limited to this VCI
range when specifying the -fvci parameter.
myswitch:services funi pvc-> new -id 4C1:00 -fvpi 0 -fvci 40 -oatmif 4d1 -ovpi 0
-ovci 40 -name customer_a
myswitch:services funi pvc-> new -id 4C1:01 -fvpi 0 -fvci 41 -oatmif 4d1 -ovpi 0
-ovci 41 -name customer_b
myswitch:services funi pvc-> new -id 4C1:02 -fvpi 0 -fvci 42 -oatmif 4d1 -ovpi 0
-ovci 42 -name customer_c
4. Create a dangling PVC on the source switch (i.e., do not specify the -oatmif,
-ovpi, and -ovci parameters) as follows:
5. Create a service on the destination switch (tuna) if you have not already done so as
follows:
FramePlus Modules
0 -invci 40 -destspvcid 1 -destswitchaddr 00000038.f21a3656
Configuring
On the destination switch (tuna), use the
NOTE command system show and copy and paste the
value from the SPANS Address field as the
-destswitchaddr value.
8. Now create the destination side of the first unidirectional SPVC. This time use the
SPANS Address from the source switch (shark) as the -srcswitchaddr value as
follows:
9. Verify that the unidirectional SPVC is up on both switches by looking at the State
field as follows:
10. Create another unidirectional SPVC going in the other direction. This time tuna is
the source and shark is the destination as follows:
11. Verify that the second unidirectional SPVC is up on both switches by looking at the
State field as follows:
3. Create a dangling PVC on the source switch (i.e., do not specify the -oatmif,
-ovpi, and -ovci parameters) as follows:
4. Create a service on the destination switch (tuna) if you have not already done so as
follows:
FramePlus Modules
5. Create a dangling PVC on the destination switch as follows:
Configuring
tuna:services funi-> pvc
tuna:services funi pvc-> new -id 1a1:00 -fvpi 0 -fvci 40
WARNING: None of output port id, vpi and vci is specified. A dangling
connection will be created.
6. Find the destination NSAP of the destination ATM interface (1A1 in this example)
on the destination switch as follows:
7. Create the PNNI PP SPVC on the source switch. Copy and paste the value from the
Destination NSAP field in the previous step as the -calledatmaddr value as
follows:
8. Verify that the PNNI PP SPVC is up on the source switch by looking at the State
field as follows:
Your bi-directional PNNI PP SPVC from the source switch to the destination switch is now
complete.
The method for upgrading the network module software is similar to that for upgrading the
switch software.
FramePlus Modules
Configuring
These parameters are defined as follows:
Parameter Description
[-netmod] <Netmod> The FramePlus network module on which you want to upgrade the software.
For example:
Downloaded 79 of 80 bytes
File download to netmod 1A successful
The network module is automatically reset if it was in the admin up state before the upgrade.
Otherwise, it remains in the admin down state and must be reset manually using hardware
netmod modify -admin up.
To display the current revision numbers of the application software, enter the following:
myswitch:hardware netmod application-> show -appversion
Netmod AppVersion
1A N_FR_ForeThought_1.4.00 FCS (1.46060)
To display the current revision number of the boot software, enter the following:
This appendix provides a basic description about Management Information Base (MIB)
objects and the implementation of RMON with extensions for an ATM network on Enterprise
switches. RMON stands for “remote monitor” and is a specification for the Simple Network
Management Protocol (SNMP) management interface for remote network monitors imple-
mented either as a stand-alone probe or as an agent residing on a switch.
This appendix contains the following information:
• Section E.1 - MIB Overview - Provides a brief overview of network management
systems and the relationship between SNMP and Management Information Base
(MIB) objects in the TCP/IP network.
• Section E.2 - SNMP Overview - Describes the common operations performed by
SNMP to support the exchange of management information between networked
devices.
• Section E.3 - RMON Overview - Describes the RMON specification and provides
a snapshot of the associated table definitions supported in this release.
RMON
Operation Description
RMON
RMON
RMON
Configuring IMA
Modules
Universal IMA network modules are multi-service network modules containing eight DS1 or
E1 ports that support ATM UNI and Inverse Multiplexing for ATM (IMA). IMA provides a
cost-effective way to increase WAN ATM bandwidth in increments of T1/E1. The universal
IMA network modules also provide all of the capabilities of the Series D network modules.
This appendix provides an overview of a universal IMA network module and provides con-
figuration examples. Topics that are covered include the following:
• Section F.1 - IMA Overview
• Section F.2 - Configuring IMA
• Section F.3 - Testing an IMA Group
• Section F.4 - Upgrading the IMA Network Module Software
Link a 4, 1 Re-aggregated
Tx Cell Sequence Cell Sequence
Link b 5, 2
6, 5, 4, 3, 2, 1 6, 5, 4, 3, 2, 1
Link c 6, 3
universal IMA network module
In the transmit direction, cells In the receive direction, cells
are distributed across the links are reconstructed into a
in round-robin sequence. single ATM stream.
Figure F.1 - Multiple Physical Links Aggregated into One Logical Link
F.1.2 Benefits
Configuring IMA
The universal IMA network module provides the following important benefits.
Modules
F.1.2.1 Scalability
The universal IMA network module allows you to increase your network capacity by incre-
mentally adding to your existing, leased lines. For example, if you already have a leased DS1
line, but require a small amount of additional bandwidth, you can lease a second DS1 line and
use the universal IMA network module to approximately double the bandwidth of your con-
nection. The second line can be added without disrupting the existing traffic. This provides a
cost-effective alternative to upgrading to a DS3 line.
F.1.2.2 Load-balancing
The universal IMA network module is load-balanced so that when several physical DS1 or E1
lines are aggregated together in an IMA group, the services running on the link are main-
tained even if one or more of the individual links in the group goes down. Additionally, you
can add physical links to or delete physical links from an existing group without disruption to
the services that are already running on that group.
For example, to create a group that will contain three links, enter the following, using the
-imalinks option to assign the links to the group:
Configuring IMA
wish to change anything.
Modules
Links may be added either at the time you create
the group by using the -imalinks option, or by
using the interfaces ima link new
command as shown in Section F.2.1.1. If using
the -imalinks option, the links must be
delimited with a colon; e.g., -imalinks
1a1:1a2:1a3.
Configuring IMA
[[-fetxunusablesec] <integer>] FE Tx Unusable Sec
Modules
[[-ferxunusablesec] <integer>] FE Rx Unusable Sec
[[-netxnumfailures] <integer>] NE Tx Num Failures
[[-nerxnumfailures] <integer>] NE Rx Num Failures
[[-fetxnumfailures] <integer>] FE Tx Num Failures
[[-ferxnumfailures] <integer>] FE Rx Num Failures
[[-txstuffs] <integer>] Tx Stuffs
[[-rxstuffs] <integer>] Rx Stuffs
myswitch:connections channel-> new -iatmif ima1 -ivpi 0 -ivci 100 -oatmif 1d1 -ovpi 0
-ovci 100 –name Ima1_1d1
Configuring IMA
on an IMA group is limited by the
-mintxlinks parameter of the IMA group. For
Modules
example, if the -mintxlinks parameter of an
IMA group on a DS1 IMA netmod is set to 1,
then you can create a maximum of one DS1
worth of rate-controlled (shaped or guaranteed)
connections. This provides the rate-controlled
connections with the highest priority.
myswitch:connections path through-> new -iatmif ima1 -ivpi 5 -oatmif ima1 -ovpi 5
Configuring IMA
The following is an example of how to start a test:
Modules
msywitch:interfaces ima group test-> modify ima2 -testlink 1a4 -testpattern 180
-testprocstatus operating
The method for upgrading the network module software is similar to that for upgrading the
switch software.
Parameter Description
[-netmod] <Netmod> The universal IMA network module on which you want to upgrade the software.
Configuring IMA
upgrade file resides must be a tftpboot server. If
you are unsure of how to configure the bootp
Modules
server and the tftpboot server properly, see
Chapter 4 of the ATM Switch Installation and
Maintenance Manual.
If you manually admin the network module down prior to the upgrade (using hardware
netmod modify -admin down), you must manually admin it up after the upgrade (using
hardware netmod modify -admin up). However, if you upgrade the network module
while it is in the admin up state, the software automatically admins it down, performs the
upgrade, and then admins it back up without any additional user intervention.
Downloaded 79 of 80 bytes
File download to netmod 1A successful
To display the current revision number of the application software, enter the following:
To display the current revision number of the boot software, enter the following:
ASX-4000 Redundancy
• passive fabric protection
• passive port card protection
This appendix provides an overview of SONET APS and the ASX-4000 redundancy features
that are implemented. Topics that are covered include the following:
• Section G.1 - Overview of SONET APS
• Section G.2 - Terminology
• Section G.3 - Redundant Switch Configurations
• Section G.4 - Redundant Link Naming Convention
• Section G.5 - Configuring Working and Protection Interfaces
• Section G.6 - Partner Synchronization
• Section G.7 - Loopbacks on Redundant Ports
Working Links
TX RX
RX TX
TX RX
RX TX
Protection Links
Figure G.1 - Linear APS Failover to the Protection Link upon Detection of SONET Line Failure
ASX-4000 Redundancy
G.1.1.3 Failure Recovery / Switchover Performance
ASX-4000 ports configured for SONET Linear 1+1 APS can be configured for non-revertive
manual recovery mechanism or revertive automatic recovery mechanism. Non-revertive man-
ual recovery specifies that in the event of a failure on the working link and the subsequent
failover to the protection link, traffic is maintained on the protection link even after the work-
ing link has recovered from its original failure condition. Manual intervention is required for
recovery purposes, to direct traffic back to the working line/port, or port card. Implementing
non-revertive recovery avoids an unnecessary service disruption (to switch back to the work-
ing channel as in the revertive mode).
RX
Fiber Pair X TX
Port N
Port N Fiber Pair Y
TX RX
Port 1 Port 1
RX TX
Port N
Port N
The ASX-4000 also supports SONET linear 1+1 APS on a port card-wide basis where all lines/
ports associated with both the working and protection physical port cards are placed into a
1+1 protected mode of operation.
The ASX-4000 supports APS between Revision E fabrics and working and protection port
cards of the same series and type (i.e. Series 1: 8 Port 622 Mbps SMIR and Series 1: 8 Port 622
Mbps SMIR; or Series 2: 8 Port 622 Mbps SMIR and Series 2: 8 Port 622 Mbps SMIR). However,
port cards that are not the same series and type may exist between near-end and far-end
switches. The working port card and its partner protection port card is fixed and is dependent
on the slot that the working port card is installed. The interface group of the working port card
should be the same for the protection port card. For example, if 1AB is the working port card,
2AB is its protection port card. If 3CD is the working port card, 4CD would be its protection
port card. The protection fabric is also fixed and is dependent on the fabric that is being pro-
tected (working). See Section G.5 for more information.
ASX-4000 Redundancy
The ASX-4000 is compatible with 3rd party SONET and SDH equipment including Add/Drop
Multiplexers and ATM switches so long as they are compliant with the mandatory require-
ments specified under section 5.3, Linear 1+1 APS Architecture, in Telcordia GR-253-CORE.
Each fabric transmits outbound cells onto both a primary and a secondary transmit cell bus,
with one bus connecting to a working port card and the other to its corresponding protection
card. At any time, a port card is actively listening to either its primary or secondary transmit
bus. If a working fabric or port card is hot-swapped, the corresponding protection element can
take over in its place. If a port failure or fiber cut occurs, the receiver can detect the failure and
switch to the standby circuit within 50 milliseconds. Such rapid protection switching provides
transparent recovery by maintaining the connection with minimal cell loss.
ASX-4000 Redundancy
The ASX-4000 supports manual port card/fabric redundancy. Manual protection includes
failovers initiated by AMI, WEB and SNMP commands as well as failovers that occur when
port cards/fabrics are removed or unseated from the ASX-4000.
The ASX-4000 is capable of detecting and completing port card/fabric failover in less than 50
ms. Port card switchover is non-revertive while fabric switchover can be configured for rever-
tive or non-revertive modes.
G.2 Terminology
Throughout the documentation, certain terms are used in reference to 1+1 redundancy. The
following terms are defined as follows:
Term Description
working Used in the 1+1 protection sense to refer to the logical state of
various switch components (i.e., lines/ports, fabrics, port cards)
that are designated as the principal path for carrying traffic
between the head-end and tail-end equipment.
protection Used in the 1+1 protection sense to refer to the logical state of
various switch components (i.e. lines/ports, fabrics, port cards)
that are designated as the redundant or failover path for carry-
ing traffic between the head-end and tail-end equipment.
active Refers to the link or component that is actually carrying data at
any given time.
standby Refers to the operational state of an ASX-4000 link or compo-
nent that is functioning as a hot backup in the event that the
active component should fail.
link An entity that defines a topological relationship including avail-
able transport capacity between two nodes in different subnet-
works or devices. The term link is specifically used to define the
physical transmit or receive data path of a specific port.
switchover Refers to the transition from protection to working components
as a result of a manually, forced, or automatically initiated
action.
ASX-4000 Redundancy
Gbps switch with full 1+1 data path redundancy. In this configuration, ports, port cards, and
fabrics are protected on a 1+1 basis (see Figure G.5). Redundant switches are part of a cost-
effective restoration strategy for voice and multi-service network providers with protected
SONET/SDH infrastructure.
40 Gbps
Backplane
5 Gbps Port Card 2AB
40 Gbps Fabric 2
Working
40 Gbps
Backplane
5 Gbps Port Card 2AB
40 Gbps Fabric 2
Protection
ASX-4000 Redundancy
then fabric 2 is the protection fabric. Alternatively, you can choose to define fabric 2 as the
working fabric and fabric 1 as the protection fabric.
40 Gbps
Backplane
5 Gbps Port Card 2AB
40 Gbps Fabric 2
Working
Protection
40 Gbps
40 Gbps
40 Gbps
Backplane
5 Gbps Port Card 2AB
40 Gbps
Working
Protection
40 Gbps
40 Gbps
Figure G.8 - ASX-4000 Line Level and Port Card Redundancy without Fabric Redundancy
ASX-4000 Redundancy
5 Gbps Port Card 1AB
Fabric 1
40 Gbps
5 Gbps Port Card1CD
40 Gbps
Backplane
5 Gbps
40 Gbps Fabric 2
5 Gbps
Working
Protection
40 Gbps
40 Gbps
Figure G.9 - ASX-4000 Fabric Redundancy without Line Level and Port Card Redundancy
ASX-4000 Redundancy
are configured as a single 10 Gbps working/protection pair.
The protection fabric is fixed and is dependent on the fabric that is being protected (working).
The following table shows the working fabric and the corresponding partner protection fabric:
ASX-4000 Redundancy
active on the remote switch it will use this port to
listen for UNI and SPANS signalling
information. The local port is still disabled and is
not transmitting signalling traffic. No signalling
will be established.
Partner fabric 2 will be the protection fabric and fabric 1 will be the working fabric.
Part fabric 4 will be the protection fabric and fabric 3 will be the working fabric.
Fabric and port card compatibility is checked during the execution of this com-
mand. The protect command fails if any fabric is incompatible (checked for
Revision E fabrics), any port card is incompatible with its partner port card or if the
fabric which is being protected or unprotected is not present in the switch.
At this point, these commands are in pending mode. Any pending action takes
effect only after executing the commit command.
2. Execute the pending command(s):
Fabric Admin Mode Oper State Cloning State Pending Mode Committed
1 working active done none yes
2 protection standby done none yes
3 working active done none yes
4 protection standby done none yes
ASX-4000 Redundancy
aps1B1 no_request sf none uni
aps1B2 no_request none none uni
aps1B3 no_request none none uni
aps1B4 no_request none none uni
aps1C1 no_request none sf uni
aps1C2 no_request none sf uni
aps1C3 no_request none sf uni
aps1C4 no_request none sf uni
aps1D1 no_request none sf uni
aps1D2 no_request none sf uni
aps1D3 no_request none sf uni
aps1D4 no_request none sf uni
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying a
parameter for one fabric will modify the parameter for the partner fabric.
Entering the following:
OR
will turn scrambling off for both 1A1 and 2A1 if configured for redundancy.
ASX-4000 Redundancy
myswitch:hardware netmod traffic pc1-> modify
Usage:
[-netmod] <Netmod> Netmod
[[-model] <integer>] Model used
[[-epd] <percent>] Early Packet Discard
[[-epdubr] <percent>] Early Packet Discard for UBR
[[-efcion] <integer>] EFCI On
[[-efcioff] <integer>] EFCI Off
[[-vbrpriority] (rt|nrt)] VBR Priority (LE only)
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying a
parameter for one Series 1 port card will modify the parameter for the partner port card.
Entering the following:
OR
will set the AAL5 packet drop value to 90 for both 1A and 2A if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying a
parameter for one Series 2 port card will modify the parameter for the partner port card.
Entering the following:
OR
will set the EFCI threshold value to 90 for both 1A and 2A if configured for redundancy.
ASX-4000 Redundancy
hardware netmod traffic pc2 buffer new -netmod 1A -buffer ABR
OR
hardware netmod traffic pc2 buffer assign new -netmod 1A -buffer ABR
OR
hardware netmod traffic pc2 buffer assign new -netmod 2A -servcat CBR
-subcat 1 -buffer CBR
will create a buffer class assignment in both 1A and 2A if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying a
fabric will also modify the partner fabric.
Entering the following:
OR
will modify the number of multicast connections for both fabric 1 and fabric 2.
Entering the following:
OR
will set the value to 80 for both fabric 1 and fabric 2 if configured for redundancy.
ASX-4000 Redundancy
myswitch:interfaces sonet medium-> modify
Usage:
[-ifindex] <SonetLowLevelIf> Sonet Interface
[[-type] <Operating Mode>] Framing Type
[[-loopbackmode] <sonet_loopconfig>] Loopback Config
[[-txclocksource] <sonet_clock>] Transmit Clock Source
[[-adminstatus] <ifadminstatus>] Admin Status
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying
the admin status of a SONET medium will also modify the partner SONET medium.
Entering the following:
OR
will set the admin status to down for both 1A1 and 2A1 if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying
the admin status of a SONET path will also modify the partner SONET path.
Entering the following:
OR
will set the admin status to down for both 1A1[1,1] and 2A1[1,1] if configured for redundancy.
ASX-4000 Redundancy
[[-linecoding] <DSX3 Line Coding>] Line Coding
[[-sendcode] <DSX3 FEAC Code>] Send Code
[[-circuitidentifier] <text>] Tx Circuit Identifier
[[-loopbackconfig] <DSX3 Loopback Configuration>]
Loopback Config
[[-transmitclocksource] <DSX3 Transmit Clock Source>]
Transmit Clock Source
[[-adminstatus] <ifadminstatus>] Admin Status
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying
the admin status of a DSX3 interface will also modify the partner DSX3 interface.
Entering the following:
OR
will set the admin status to down for both 1A1[1,1] and 2A1[1,1] if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying
the framing mode for this ATM-TC will also modify the partner ATM-TC.
Entering the following:
OR
will set the framing mode to plcp for both 1A1[1,1] and 2A1[1,1] if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, setting the
ASX-4000 Redundancy
LED model for one port will also modify the partner port.
Entering the following:
OR
will set the LED model to LAN1 for both 1A1 and 2A1 if configured for redundancy.
For example, if fabric 1 is the working fabric and fabric 2 is the protection fabric, modifying
the alarm priorities for a port card slot will also modify the partner port card slot.
Entering the following:
OR
will set the alarm priority to high for both slots 1A and 2A if configured for redundancy.
2. Display the operational state of the redundant ports by entering the following: