870 likes | 1.1k Views
MSAN kurs @Eye Networks, 24. og 25. oktober. ZyXEL Communications Anders Opsahl ( ao@zyxel.no ). Agenda. Dag 1, grunnleggende Kjapt om IES-5xxx/-6000 - Antall og typer linjekort - Måter å aksessere DSLAM - Firmware-oppgradering - Backup / restore / save VLAN og IP
E N D
MSAN kurs@Eye Networks, 24. og 25. oktober ZyXEL Communications Anders Opsahl (ao@zyxel.no)
Agenda Dag 1, grunnleggende Kjapt om IES-5xxx/-6000 - Antall og typer linjekort - Måter å aksessere DSLAM - Firmware-oppgradering- Backup / restore / save VLAN og IP - Sette IP og gateway, samt Management-VLAN - Fixed og untagged, samt PVID Port-setup - Lage profil, sette profil på port(er) - Åpne og stenge porter - PVC-setup Enkel feilsøking - Hva om det ikke går trafikk på en port? - Hva om linjekortet ikke blir "active"? Dag 2, avansert Port-setup - VDSL2 (Profil, PSD-maske) - VDSL2 med ADSL2+ fallback - SHDSL-bundling - EFM-oppsett Tjenester - Quality of Service - Multicast ACL - Anti-MAC-spoofing
MSAN Products - Overview IES-1248-53 IES-1000 • 1.5U built-in splitter • 2 Combo Gigabit Uplink • Hot swappable Fan • 48-ports ADSL2+ • 48-ports VoIP • 1U with built-in splitter • 2 Fast Ethernet Uplink • 2 slots for EFM G.SHDSL SAM-1316-22 IES-5112 • 2 Fast Ethernet Ports • 16 ports ATM/EFM G.SHDSL • 6.5U with 2G Backplane • 4 Gigabits Ethernet Uplink • 8 horizontal slots • ADSL2+/VDSL2/EFM G.SHDSL/VoIP • Active Fiber Ethernet • Power and MSC redundancy IES-6000 IES-5106 VES-1616FE-55A/53A VES-1608FE-57 • 4U with 2G Backplane • 4 Gigabits Ethernet Uplink • 4 horizontal slots • ADSL2+/VDSL2/G.SHDSL/VoIP • Active Fiber Ethernet • Power redundancy • 12.5U with Giga Backplane • 8G or 2x10G+6G Uplink • 17 vertical slots • ADSL2+/VDSL2/EFM G.SHDSL/ VoIP • Active Fiber Ethernet • Power and MSC redundancy • Environmentally Hardened • 2 Combo Gigabit Uplink • 8/16-p VDSL2 (17a w/ADSL FB) • 8p 30a VDSL2
Chassis MSAN & Line-cards - Overview IES-6000 Uplink Cards (MSC1224GB & MSC1024GB) • 4 x 1G combo (SFP & RJ45) + 2 x 10G SFP+ • 4 x 1G combo (SFP& RJ45) • 12.5U with Giga Backplane • 4G combo or 2x10G + 4G Uplink • 17 vertical slots (1+16 or 2+15) • ADSL2+/VDSL2/G.SHDSL/VoIP • Active Fiber Ethernet • Power & Control Card redundancy Line Cards • ADSL2+ • 48-port ADSL2+ over ISDN IES-5112 VDSL2 • 17a 24-port or 48-port VDSL2 over POTS (VLC1348G-51) • 17a 24-port or 48-port VDSL2 over ISDN (VLC1348G-53) • 30a 24-port VDSL2 over POTS (VLC1424G-56) • 8.5U with 2 Giga Backplane • 4G combo or 2x10G + 4G Uplink • 12 horizontal slots (2+10) • ADSL2+/VDSL2/G.SHDSL/VoIP • Active Fiber Ethernet • Power & Control Card Redundancy G.SHDSL.Bis • 48-port G.SHDSL.bis (SLC1348G-22) • ATM/EFM with bonding IES-5106 POTS/VoIP • 48-port and new 72-port VoIP over POTS (VOP1372G-61) • SIP or H.248 • 5U with 2Giga Backplane • 4G combo or 2x10G + 4G Uplink • 6 horizontal slots (1+5) • ADSL2+/VDSL2/G.SHDSL/VoIP • Active Fiber Ethernet • Power redundancy Active Fiber • 20-port 100FX Ethernet fiber line card (ELC1220G-55) Legacy • 8-port E1 IMA line card (IMA1408G-81)
Chassis - Management Cards (1/2) MSC1024GB: 4G Control Card RS232 for Console port ACO 1 x 100Mbps FE for Out-of-band Management Combo design 4 x SFP 4 x 1000 Base T Ethernet
Chassis - Management Cards (2/2) MSC1224GB: 2x10G + 4G Control Card RS232 for Console port 1 x 100Mbps FE for Out-of-band Management 2x10G SFP+ Combo design ACO 4 x 1000 Base T Ethernet 4 x SFP
ALC1248G-51/53 Front View Power LED Telco 50 connecters ALC1248G-51 System LED Console port Alarm LED
Typerlinjekort: ALC-1248G-53 • Teknologi Generasjon Porter Backplane Chipset Annex
Typer linjekort: • ALC-1248G-53 • SLC-1248G-22 • SLC-1348G-22 • VLC-1324G-53 • VLC-1348G-53 • ELC-1220G-55
WEB-GUI Telnet FTP SSH SNMP Console Out-of-band MGMT-port(default IP: 192.168.0.1) User Management Management IP og VLAN
Support multi-users & multi-privilege - Up to 16 user account 3 level user privileges - Low: read only - Middle: read/ write - High: read/ write/ user management Support remote authentication (RADIUS) On-line user information User Management (cnt.)
Telnet & SSH session share 4 sessions FTP & SFTP session share 1 session Up to 3 Web sessions supported one session per user account User Management (cnt.)
Firmware and Configuration File Maintenance • File Name Conventions • FTP management is more convenient in CSO’s daily support • Editable Configuration File Backup via FTP • Editable Configuration File Upload via FTP • MSC card Firmware File Upgrade via FTP • Line-card Firmware File Upgrade via FTP • Get Alarm History logs via FTP
Editable configuration File Backup • Editable Configuration File Backup • Configure your system, and then use FTP to backup the plain-text configuration file onto your computer. • Perform following to backup the configuration file: Use an FTP client to connect to the IES C:\ ftp <IES IP address> Type your username and press [Enter] User (123.23.15.86: (none)): admin Enter the managemenet password(1234 by default). Password: 1234 230 Logged in Use get to transfer the configuration file to the computer. The configuration file on the system(that you want to backup to the computer) is named config-0 ftp> get config-0 config.dat Quit FTP ftp>quit
Editable configuration File Upload • Editable Configuration File Upload • You can upload the configuration file by following the steps below. Use an FTP client to connect to the IES C:\ ftp <IES IP address> Type your username and press [Enter] User (123.23.15.86: (none)): admin Enter the managemenet password(1234 by default). Password: 1234 230 Logged in ftp> put xxx.dat config-0 Quit FTP ftp>quit Wait for the update to finish. The system restarts automatically.
Firmware File Upgrade (1/2) • Firmware File Upgrade • Use the following procedure to upload firmware to the management swicth card or DSL line-cards Use an FTP client to connect to the IES C:\ ftp <IES IP address> Type your username and press [Enter] User (123.23.15.86: (none)): admin Enter the managemenet password(1234 by default). Password: 1234 230 Logged in Use the ls FTP command to list the files that you can work with on the IES.
‘ls’ command in FTP • The following is an example. Use entries from the list to transfer the firmware file to the management switch card, line card or all the line cards of a certain model.
Firmware File Upgrade(2/2) • Firmware File Upgrade • Ensure the firmware file on you computer (that you want to put onto a card or cards) is named firmware.bin • Use this command to transfer the firmware file to the management switch card that you are using (the internal firmware file is named ras). ftp>put firmware.bin ras • Use this command to transfer the firmware file to a line card or the management switch card that you are not currently using. Use “fw-” followed by the number of the slot. ftp>put firmware.bin fw-3 • Use this command to transfer the firmware file to all of the IES line cards of the same type. Use “fw-” followed by ALC1248G-51, ALC1248G-53, ALC1272G-51, SLC1248G-22, VLC1224G-41 or VOP1248G-51. The following example uploads firmware to all of the ALC1248G-51 line cards in the IES. ftp>put firmware.bin fw-ALC1248G-51
Get Alarm History logs • Get Alarm History logs • Some alarm logs has be stored in the alarm history logs. • Alarm history log is useful to support customer cases. Use an FTP client to connect to the IES C:\ ftp <IES IP address> Type your username and press [Enter] User (123.23.15.86: (none)): admin Enter the managemenet password(1234 by default). Password: 1234 230 Logged in Use get to transfer the alarm history file to the computer. The alarm history logs file on the system(that you want to backup to the computer) is named almhis ftp> get almhis alarmhistory.txt Quit FTP ftp>quit
VLAN • Segmentere ett fysisk nett til flere logiske nett • Sikkerhet og managament • Flere lag3-nett på en lag2-switch
FilteringDatabase ForwardingProcess Ingress Rule Egress Rule PacketReceive PacketTransmit 802.1Q Processs
Ingress Rule Tagged frame Tagged frame VID VID Ingress Rule Tagged frame Untagged frame PVID
Egress Rule Tagged frame Tagged frame VID VID Tagged frame Untagged frame Egress Rule VID
Sette IP og VLAN MSC1024GB> ip set usage: set inband <ip>[/<netmask>] [<inband-vid> <gateway-ip>] set outband <ip>[/<netmask>] [<gateway-ip>] <inband-vid> : inband management vlan id <gateway-ip> : default gateway ip MSC1024GB> ip set inband 212.62.250.84/28 211 212.62.250.81
Sette IP og VLAN med “forsikring”(eller andre config-parametre) MSC1024GB> sys reboot 300 telnet-1(212.62.253.200) has initiated reboot, system reboot in 300 seconds! MSC1024GB> sys reboot cancel telnet-1(212.62.253.200) has cancelled system reboot!
VLAN Trunking Example • Assume we have set 802.1Q VLAN1 and VLAN2 on A and B, to transfer VLAN traffic from A to B, you don’t need to set VLAN1 and VLAN 2 on C,D,E which are between them, only need to enable VLAN trunking on each port like the upper figure. B A D C E V1 V2 V1 V2 • Enable VLAN Trunking on these ports
LAB 1 • Oppgrader MSC1024GB til fw-versjon: 400UHB0C0_0217 • Oppgrader VLC13xxG-53 til V.400Bxx.0b7 (ftp01.zyxel.no msan / zyms4n) • Opprett VLAN 100, sett Fix / Tag på uplink • Sett IP: 192.168.100.x / 255.255.255.0 • Gateway: 192.168.100.1 • Sett management VLAN 100 • “Config save”
MSC1024GB> port adsl set Usage: set <slot-port> <profile> <mode><slot-port> : example 3-*, 3-3~5,10~15<profile> : adsl profile name<mode> : gdmt, etsi, auto, adsl2, adsl2+ MSC1024GB> port adsl set 4-1~10,15~20 Max auto Port-setup via telnet
MSC1024GB> port enable usage: enable <slot-port> <slot-port> : example *-*, 3-*, 3-1,3~5,10~15 MSC1024GB> port enable *-* MSC1024GB> port enable 3-* MSC1024GB> port enable 3-1,3~5,10~15 Port-setup via telnet
PVC is used to create a logical traffic interface Support various PVC for multiple services PVC Categories: PVC - VLAN Bridging PPVC - 802.1p Priority to ATM QoS mapping PAEPVC - PPPoA forwarding TLSPVC - Transparent VLAN Service DTPVC – Double tag PVC Permanent Virtual Circuit
Slett default PVC 0/33 Opprett PVC 8/35, sett PVID 100Sjekk at CPE (og PC) er på nett LAB 2