Вы находитесь на странице: 1из 223

InfiNet Wireless R5000

WANFleX

: 15 2011

: V1.83
Copyright 2004-2011 by InfiNet Wireless

Copyright 2004-2011 by InfiNet Wireless Limited.


All rights reserved.

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

I. ................................................................................................................................. 1
1. ...................................................................................................................... 1
2. IP- .................................................................................................................... 1
II. .................................................................................................................... 2
1. Help ......................................................................................................................................... 2
2. System...................................................................................................................................... 2
3. Config ( ) ..................................................................................... 4
4. Set ( TIME ZONE) ......................................................................................................... 5
5. Flashnet (/ ) ................................................................................................ 5
6. Restart ...................................................................................................................................... 6
7. Ping .......................................................................................................................................... 6
8. Telnet ....................................................................................................................................... 6
9. Tracert ...................................................................................................................................... 7
10. Webcfg ( Web -) ...................................................................................... 7
11. Rshd (Remote Shell) ................................................................................................................... 8
12. SSH (Secure Shell) ..................................................................................................................... 8
SSH ( sshd) ........................................................................................................ 9
SSH ( sshc) ...................................................................................................... 11
13. Ipstat ( IP-) ......................................................................................... 13
14. Sflowagent ( Sflow) .......................................................................................................... 15
15. ( acl) ................................................................................ 17
16. Sntp ....................................................................................................................................... 19
17. Date ....................................................................................................................................... 20
18. Erp ( )................................................................................................... 20
19. AAA ( RADIUS ) .............................................................. 22
20. License ................................................................................................................................... 23
21. Dport ...................................................................................................................................... 23
22. Mem ....................................................................................................................................... 24
23. Grep ( )................................................................................. 24
III. .................................................................. 26
1. Rfconfig ( ) .............................................................................. 26
2. Mint ........................................................................................................................................ 32
........................................................................................................................ 32
............................................................................................................ 33
(join) ............................................................................................... 43
(prf).................................................................................................... 44
.............................................................................................................. 45
Over-the-air update ........................................... 47

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

Over-the-air encryption ............................................................................................................... 49


................................................................................................... 49
................................................................................................... 52
.................................................................................................................... 53
............................................................................................. 54
TRACE ......................................................................................................................... 55
ODR (On-Demand Routing) ............................................................................................ 55
RMA MINT ................................................................................. 56
3. Prf .......................................................................................................................................... 57
4. ( lag) .......................................................................................... 58
5. Ltest ( ) .......................................................................................... 60
6. Muffer ..................................................................................................................................... 65
7. Macf ....................................................................................................................................... 69
8. Sppp ....................................................................................................................................... 71
9. Arp ......................................................................................................................................... 73
10. switch ....................................................................................................................... 75
Wildcard ........................................................................................................................ 76
(List commands) ........................................................... 77
(Group commands)....................................................................... 79
(Rules commands) .................................................. 87
(Control commands) ................................................................................... 88
............................................................................................................... 92
11. CES........................................................................................................................... 93
12. WiFi ( Wi-Fi AP) .................................................................................................. 97
13. DFS ( ) .......................................................................................100
IV. ......................................................................103
1. Ifconfig ( ) ...........................................................................................103
2. Tun .......................................................................................................................................105
3. Qm ( Quality-of-Service) .....................................................................................107
4. Route ( ) ...............................................................................................114
5. ARIP ......................................................................................................................................115
.................................................................................................................................115
. ...........................................................................................115
/ RIP . ........................................................................................118
................................................................................................................118
RIP ..........................................................................................................................120
(route-map) ...................................................................................................122
. ...................................................................................123
. ................................................................................................................124
RIP ...........................................................................................................125
Copyright 2004-2011 by InfiNet Wireless

ii

InfiNet Wireless

WANFleX

6. Rip ( ) ............................................................................125
7. OSPFv2 ( ) .....................................................130
.................................................................................................................................130
. ...........................................................................................130
/ OSPF . ......................................................................................132
...............................................................................................133
................................................................................................................133
............................................................................................................135
........................................................................................................................140
OSPF ............................................................................................140
. .................................................................................................144
. ...................................................................................146
........................................................................147
8. Netstat...................................................................................................................................153
9. Ipfw (IP Firewall) ....................................................................................................................154
.......................................................................................................................154
...............................................................................................................................155
..................................................................................................................................157
.......................................................................161
..................................................................................................................................162
10. Loadm ( ) .........................................................................................167
11. Bpf (Berkeley Packet Filter) ......................................................................................................168
12. RPCAP ...................................................................................................................................169
13. Snmpd (SNMP daemon) ...........................................................................................................170
14. Td (Telnet daemon).................................................................................................................171
15. Nat (Network Address Translation) ............................................................................................172
..................................................................................................................................173
........................................................................................................176
NAT H.323 ............................................................................................................179
16. Trapd (SNMP traps) .................................................................................................................181
17. DHCP Server ...........................................................................................................................184
DHCP .................................................................................................184
18. DHCP relay. dhcpr .....................................................................................................202
.......................................................................................................................202
.....................................................................................................................203
19. DHCP . dhcp ..................................................................................................204
.......................................................................................................................204
......................................................................................................................................204
..................................................................................................................................205
..................................................................................................................................205
Copyright 2004-2011 by InfiNet Wireless

iii

InfiNet Wireless

WANFleX

20. VRRP . vrrp ..................................................................................................206


.......................................................................................................................206
.....................................................................................................................207
V. ...................................................................................................213
1. Ctl ( ) ...............................................................................213
VI. .........................................................216
1. Gatekeeper.............................................................................................................................216

Copyright 2004-2011 by InfiNet Wireless

iv

InfiNet Wireless

WANFleX

I.
1.

,
Unix. .
,
.

config save.
,
";" ( ).
, ,
.
.
VT100 ANSI,

.

"!h". ,
"!". TAB
( ).
Ctrl/R ,
. ,
, .
, "?"
.
- 38400 (
dport).
,
Telnet HTTP.
3 Telnet ( 23) HTTP ( 80).

2. IP-
IP-.
IP- .
( )
( IP-). IP- 0/0
IP-.
:
nn.nn.nn.nn ( )
nn.nn.nn.nn/N (N )
nn.nn.nn.nn:xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx )
192.168.9.0/24 192.168.9.0 24.
192.168.9.0:255.255.255.0
.

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

II.
1. Help
.
:
help
:
.
.

2. System
.
:
system []
:
system name [ ]

system name Revolution.

system location [, ]
,
SNMP.
:
system location , .
system gpsxy [E|W]XX.XXXXX

[N|S]YY.YYYYY

( ) .

.
:
system gpsxy 60.40056 56.82857
system user
,

telnet/http.
:
system user root
system password
.
:
system password qwerty
,
.
Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

system prompt _
(prompt) .
16 .
: Prompt#ttyN>
:
system prompt MyHost
system guest /
. login,
.
,
.
:
system guest for_members_only
system [no]fastroute
/

.

(traceroute),
.

, Ethernet,
IP .
system icmplimit XX
ICMP
( 200).

.
0 (), .
system [no]sendredirects
() icmp
redirect
.
system [no]dropredirects
() icmp
redirect
.
system uptime
.
system cpu


system search [seconds]

10 .

system version
.
Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

system OfficialAddress IP
"sys OfficialAddress IP" ,

.
system log [args]

on -

off -

IP-ADDR - UNIX
syslog. syslogd
facility.level "user.notice"
15.

- -

show - ( ,
/ )

clear -

[no]filter -
,
( )

sys serialCD [no]log [no]trap


/ Carrier Detect
(CD) (). "log"

(sys
log).

"trap"

SNMP-trap
.
CD oid 1.3.6.1.4.1.3942.0.103
CD oid 1.3.6.1.4.1.3942.0.104
, SNMP
trapd "trapd on"
(. trapd).
"-".

config save.

3. Config ( )

:
config [show | save | clear]
config import | export login:password@host/file
:
show - .

config show.
( ).

.
:
co show mint rip
Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

MINT RIP
co show r !rip
, "r" , "rip".
save -
.
clear (
).
.
export, import -
.
FTP.
.
:
config export user:secret@192.168.1.1/var/conf/test.cfg

4. Set ( TIME ZONE)


.
/ .

:
set TZ TIMEZONE
:
set TZ EST+5EDT,M4.1.0/2,M10.5.0/2
set TZ EKT+5

http://ru.wikipedia.org/wiki/_

5. Flashnet (/ )
:
flashnet get/put login[:password]@/
:
flashnet get
get.
FTP.
.
,
, . -s
IP-.
:
flashnet get ftp:ftp@192.168.1.1/R5000-H05S01-MINTv168.7.bin
:

".".

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

put
.

6. Restart
.
:
restart [y]
restart SECONDS
restart stop
:
restart
.

, ,
.
"y", ,
.

(restart 300).
,
.

.
.
restart stop.

7. Ping

:
ping IP [size|-s SIZE] [count|-c COUNT] [source|-S SRC_IP]
:
(ICMP_ECHO_REQUEST) (IP).
.
10
8000 ( 64) ,
( 5).
,
, . -S
IP-.

8. Telnet
Telnet .
:
telnet IP_
:
telnet
.
Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

-
,
, .
Ctrl/D.

9. Tracert
.
:
tracert [-s SourceAddress] HostAddress
:
HostAddress.
IP 'time to live'
ICMP TIME_EXCEEDED,
,
.
,
, . -s
IP-.

30-

36
3 .

.
.


.
, ,
ICMP:

! -

!N -

!H -

!P -

!F -

!X - (, , ..)

* - .

10.Webcfg ( Web -)
Web-.
:
webcfg start|stop
:
/ Web-
. Web-
Web-.
:
webcfg start

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

11.Rshd (Remote Shell)


Remote Shell (RSH).

rshd enable | disable RemoteUSER RemoteHOST LocalUSER


rshd start | stop | flush
:
RSH
rsh.
TCP
.
RSH .
rshd start
rshd stop.
, ,
.
rshd enable :

RemoteUSER - ( 16 )

RemoteHOST IP-

LocalUSER - ( 16 ).

6-

.

WANFleX .
rshd disable
.
rshd flush rsh .
RSH

(rsh -l mysecretuser RWR.domain.ru ipstat get).
:
rshd enable

admin 195.38.44.1

rshd enable

root

mysecretuser

195.38.45.123 mysecret2

rshd start

12. SSH (Secure Shell)


SSH (Secure Shell)
.
Telnet, Telnet, SSH
, . , SSH
.
SSH SSH SSH . SSH
SSH ,
. SSH

Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

, ,
.
InfiNet Wireless SSH SSH .

SSH ( sshd)
SSH (SSH daemon)
sshd.
:
sshd -window=SIZE
sshd -keepalive=TIME
sshd -banner=on | off
sshd -log-level={emerg | alert | crit | error | warning | notice | info | debug |
LEVEL}
sshd -algo-list
sshd -kex-algos=ALGO-LIST
sshd -hostkey-algos=ALGO-LIST
sshd -cipher-algos=ALGO-LIST
sshd -hash-algos=ALGO-LIST
sshd -comp-algos=ALGO-LIST
sshd -auth-methods[=AUTH-METHODS-LIST]
sshd start
sshd stop
sshd newkeys
sshd pub[key] {sh[ow] | cl[ear] | de[lete] N}
sshd pub[key]
[COMMENT]

{in[stall]

im[port]

[LOGIN[:PASSWORD]@]HOST/FILE}

:
-, SSH . /
sshd start sshd stop .
SSH
DSS RSA (Host Keys), SSH
.
sshd newkeys.
, SSH SSH
.
SSH
$ACLOCAL. , SSH
, SSH , IP , .
$ACLOCAL
.
SSH :
Copyright 2004-2011 by InfiNet Wireless

InfiNet Wireless

WANFleX

-window=SIZE -
.
SSH
SSH SSH . , 24576 .

-log-level={emerg | alert | crit | error | warning | notice |


info | debug | LEVEL}
SSH ,
(
sys log).
: emerg, alert, crit,
error, warning, notice, info, debug
LEVEL ( 0 7). -,
6- (info).

-keepalive=TIME -
,
. -, SSH
( 0).

-banner=on/off /
IW WANFleX SSH .

SSH :

-algo-list

SSH

(kex),
(host key), (cipher), (hash)
(compress).

: -kex-algos=ALGO-LIST, -hostkey-algos= ALGOLIST, -cipher-algos= ALGO-LIST, -hash-algos= ALGO-LIST, comp-algos= ALGO-LIST -


( SSH , c
-algo-list),
SSH .

SSH
-, SSH , SSH
.

. WANFleX
SSH ,
sshd pubkey sshd -auth-methods.
sshd pubkey
(public key). SSH
, ,
,
SSH .
SSH ,
SSH .
SSH SSH FTP
:
sshd pubkey import [LOGIN[:PASSWORD]@]HOST/FILE [COMMENT]
HOST IP- FTP , FILE ,
RSA/DSS SSH OpenSSH
SSH2. FTP ,
LOGIN PASSWORD.
COMMENT
,
Copyright 2004-2011 by InfiNet Wireless

10

InfiNet Wireless

WANFleX

, SSH .
-, IP- SSH IP-
FTP , .
SSH ,
SSH ( ).
SSH :
sshd pubkey install [COMMENT]
COMMENT ,
sshd import (. ).
sshd show ,
SSH .
sshd clear SSH .
sshd delete N SSH
.
sshd -auth-methods SSH
.

:

sshd -auth-methods
SSH

(
):
sshd -auth-methods=AUTH-METHODS-LIST

AUTH-METHODS-LIST

.
, all ( ).
:
,
Public key.
sshd -auth-methods=publickey

SSH ( sshc)
SSH sshc.
:
sshc [options] [LOGIN@]HOST [REMOTE-COMMAND]
options:
-window=SIZE
-keepalive=TIME
-compress, -C
-bind-addr=ADDR, -b ADDR
-pubkey-show

Copyright 2004-2011 by InfiNet Wireless

11

InfiNet Wireless

WANFleX

-pubkey-new=BITS
-pubkey-clear
-pubkey-export=[LOGIN[:PASSWORD]@]HOST/FILE
-algo-list
-kex-algos=ALGO-LIST
-hostkey-algos=ALGO-LIST
-cipher-algos=ALGO-LIST, -c ALGO-LIST
-hash-algos=ALGO-LIST, -m ALGO-LIST
-comp-algos=ALGO-LIST

:
( SSH
) SSH :
sshc [options] [LOGIN@]HOST [REMOTE-COMMAND]
LOGIN - (
InfiNet Wireless system user).
,
LOGIN .
HOST - IP- .
REMOTE-COMMAND ,

.
(options) SSH :

-window=SIZE -
.
SSH
SSH SSH . , 24576
.

-keepalive=TIME -
SSH .
SSH SSH ,
. -, SSH

( 0). .

-compress, -C .

-bin-addr=ADDR ( : -b ADDR)
IP- SSH . ,
IP- ,
.

(Public key):

-pubkey-new=BITS DSS RSA


SSH . BITS
( : 512-4096). ,
RSA DSS , 512 :
sshc pubkey-new=512

Copyright 2004-2011 by InfiNet Wireless

12

InfiNet Wireless

WANFleX

-pubkey-show SSH
, .

-pubkey-export=[LOGIN[:PASSWORD]@]HOST/FILE
SSH
FTP . HOST IP- ,
FILE , RSA/DSS SSH
. FTP ,
LOGIN
PASSWORD.

-pubkey-clear SSH .

SSH :

-algo-list SSH
(kex), (host key),
(cipher), (hash) (compress).

: -kex-algos=ALGO-LIST, -hostkey-algos=ALGO-LIST, cipher-algos=ALGO-LIST ( : -c ALGO-LIST),


-hash-algos=ALGO-LIST ( : -m ALGOLIST),
-comp-algos=ALGO-LIST

( SSH ,
c -algo-list),
SSH .

SSH (,
, SSH SSH )
: <Enter>~. (
Enter, ~, .).
:
sshc -C root@1.2.3.4
SSH ,
IP- 1.2.3.4,
root, (
SSH ).

13. Ipstat ( IP-)


IP .
:
ipstat enable [items] | disable
ipstat clear | getclear
ipstat fixit | fixget | fixclear
ipstat strict | -strict
ipstat add [ifname] rule...
ipstat del N
ipstat traffic
:

/
.

Copyright 2004-2011 by InfiNet Wireless

13

InfiNet Wireless

WANFleX


: ,
.
, ,
- .

"ipstat enable SLOTS",
"SLOTS" - . - 1000,
15-20 .
12 .

( rsh), :

ipstat enable [incoming|outgoing|full] [detail] [SLOTS] | disable


/

IP
.

incoming/outgoing

/ . full
.
detail ,
. SLOTS
ipstat.

ipstat clear - .

ipstat fixit - .
.

ipstat fixget - .

.

ipstat fixclear - .

,
, .
,

. enable strict,
, ,
.
.
"ipstat add [ifname] rule" ,
, ,
"rule". ,
(ifname). , ,
ipfw.
"ipstat del N" N .
" ipstat rearrange N"
N ( , 1).
ipstat traf [detail] [bytes | total_bytes]
.
detail ,
. bytes(/total_bytes)

(total bytes).
Copyright 2004-2011 by InfiNet Wireless

14

InfiNet Wireless

WANFleX


rsh:

#!/usr/bin/perl -w
for(;;)
{
my $stat;
do
{
$stat = system("rsh
ips fixit >/dev/null");

-t

30

-n

-l

root

IWR_IP

-l

root

IWR_IP

-l

root

IWR_IP

if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);
do
{
$stat = system("rsh
ips fixget >stat.tmp");

-t

30

-n

if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);
do
{
$stat = system("rsh
ips fixclear >/dev/null");

-t

30

-n

if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);

system("cat stat.tmp >>stat.txt");


sleep(300);
}

14. Sflowagent ( Sflow)


Sflow.
:
Available commands are:
sta[rt]

Start Sflow agent

sto[p]

Stop Sflow agent

wi[pe]

Stop Sflow agent and clean all configuration

add[instance] 'name'

Add instance (default 'ipstat')

del[instance] 'name'

Delete instance (default 'ipstat')

stat 'name'
cl[earstat] 'name'

Show statistics for instance (default 'ipstat')


Clear statistics for instance (default 'ipstat')

Copyright 2004-2011 by InfiNet Wireless

15

InfiNet Wireless

WANFleX

Available options are:


-collector=IPaddress[:port] Set collector address
-agent=IPaddress

Set agent address (default 0.0.0.0)

-maxpacket=size

Set maximal datagram size (default 1500)

-interval=number

Set statistics recieve interval, in seconds (default 5)

-datagrams=number

Set datagrams per statistics interval (default 100)

-rawheader={on|off}

Sends original ipV4 headers (default off)

-debug={on|off}
-version -v

Puts debug output to log (default off)


Display Version

:
Sflow ,
. ..
. Sflowagent
Sflow .
sflow sta[rt] Sflow
sflow sto[p] Sflow
sflow wi[pe] Sflow
sflow add[instance] name
( name, ipstat)
sflow del[instance] name
( name, ipstat)
sflow stat name
( name, ipstat)
:

Total flow records


Total flow samples
Overflow records

Overflow count
Total cycles
Total datagrams
Unused datagrams
Bytes sent
Lost flow samples
Lost flow records
Lost overflow
records

- , Instance.
- ,
flow records.
- , Instance
, Instance ,
,
interval.
- , Instance ,
,
interval.

.
.
,
datagrams,
.
-
Sflow.
flow samples -
maxpacket, interval datagrams.
flow records -
maxpacket, interval datagrams.
- , Instance ,
,

Copyright 2004-2011 by InfiNet Wireless

16

InfiNet Wireless

WANFleX

interval .

sflow cl[earstat] name


( name,
ipstat)
sflow collector=IPaddress[:port] - ,
sflow-. 6343.
sflow -agent=IPaddress
()
sflow -maxpacket=size
Sflow . , 1472 .
"" .
, ,
.
sflow -interval=number - , , ,
instance.

, , ,
. 15
.
sflow -datagrams=number -
instance.

- ,
CPU. , , .
,
, .. .
maxpacket /
interval. 100. sflow =
datagrams/interval * maxpacket, (/).
sflow -rawheader={on|off} - ,
ipV4 ( - off).

.
Sflow -debug={on|off} -
.
:
ipstat enable full detail 3000 #
sflow add ipstat #
sflow -collector=1.2.3.4 start #

15. ( acl)
(Access Control Lists).
:
acl add $NAME TYPE params...
acl del $NAME [params...]
acl ren $NAME1 $NAME2
acl flush
Copyright 2004-2011 by InfiNet Wireless

17

InfiNet Wireless

WANFleX

Possible TYPES: net num


Predefined ACL names:
$ACLOCAL

- Hosts (networks) permitted to configure the device.



(, ipfw, qm, ipstat). (ACL)
.
acl add NAME TYPE.
$ 7
- , ";" (
).
TYPE, .
,
.
acl del
NAME. , .
acl rename NAME1 NAME2.
acl flush .
(TYPE):
net - dot :
xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx/MASKLEN
xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx
net
. ,
1.1.1.1 ,
1.1.1.0/24 1.1.1.1.
:
acl add $LIST1 net 10.0.0.0/8 192.168.0.0/16 5.5.5.5
acl del $LIST1 100.100.100.100/28

:
$ACLOCAL (
) telnet, ftp, http, ssh.
$ACLOCAL,
() .
:
acl add $ACLOCAL net 10.0.0.0/8 192.168.0.0/16

Copyright 2004-2011 by InfiNet Wireless

18

InfiNet Wireless

WANFleX

16.Sntp
SNTP.
SNTP WANFlex
NTP ,
SNTP RFC 2030.
unicast
.
:
sntp [options] [command]
:
start
stop -
:
-server={ipaddr}

- SNTP

-interval={seconds}
-debug={on|off}

- /

:
sntp -interval=3600 -debug=on
sntp -server=9.1.1.1 start
:
start
.
:
sntp start
stop
.
:
sntp stop
:

.
server
server IP- NTP .
:
sntp -server=9.1.1.1
interval
interval ,
NTP ,
3600.
Copyright 2004-2011 by InfiNet Wireless

19

InfiNet Wireless

WANFleX

:
sntp -interval=5000
debug
/ (
) WANFlex.
:
sntp -debug=on
sntp -debug=off

17.Date
.
WANFlex.

(kernel clock), hardware clock (
).
:
date [[[[[cc]yy]mm]dd]HH]MM[.ss]]

cc

19 20

yy

( 89 1989, 05 2005)

mm 1 12
dd

, 1 31

HH

, 0 23

MM

, 0 59

ss

, 0 61 (59 leap seconds)

:
date 20040210053004
Tue Feb 10 05:30:04 2004

date
Tue Feb 10 05:30:10 2004

18.Erp ( )
ERP (Emergency Repair Procedure)
(system password) .
:
erp [options] [command]

Copyright 2004-2011 by InfiNet Wireless

20

InfiNet Wireless

WANFleX

[options]:
-serial <n>

- device serial number

-code <c>

- ERP code

-ip <address> - interface IP address


-mask <mask>

- interface IP address mask

[command]:
boot

- force continuing boot on device(s).


Device serial number may be unspecified
and means 'any device'.

reset - resets device's configuration.


Serial number and ERP code must be specified
ifup

- turns up device's interface and add IP address


and mask alias to it. Serial number, IP address
and IP address mask must be specidfied

If command is not specified, then it's assumed the 'boot' command.


:
:
-serial <n> -
-code <c> - ERP-
-ip <address> - IP- Ethernet
-mask <mask> - Ethernet
:
boot .
reset ,
.
ERP-.
ifup Ethernet (eth0)
IP- .
, IP- .


InfiNet Wireless. ,
, ERP.
Ethernet
Ethernet-.
:
1. ERP c serial,

Copyright 2004-2011 by InfiNet Wireless

21

InfiNet Wireless

WANFleX

erp serial <SERIAL>


ERP .
2. , ,
-
3. ERP Sequence
.
InfiNet Wireless.
4. . ERP-
.
5. ERP :
erp serial <SERIAL> -code < ERP-> reset
6. ,
7. ERP

8. ,
(user name)
. .
IP- Ethernet (eth0),
, (
, Ethernet
(down) IP- ):
erp serial <SERIAL> -ip <address> -mask <mask> ifup

19. AAA ( RADIUS )


AAA ,
RADIUS .
:
aaa [options] [command]
where commands are:
start - start service
stop - stop service
where options are:
-auth=ip[:port],secret[,identifier] - RADIUS server parameters,
address
secret

- Server IP Address
- shared secret

identifier - NAS Identifier


this option can be repeated.
-remove=ip[:port]

- Remove RADIUS server.

-debug={on|off}]

- on/off debug output.

Copyright 2004-2011 by InfiNet Wireless

22

InfiNet Wireless

WANFleX

start/stop
.

AAA

:
-auth=ip[:port],secret[,identifier]
RADIUS , ip[:port] IP RADIUS
, secret , identifier NAS (Network Access
Server) .
-remove=ip[:port] RADIUS
.

-debug={on|off}]

AAA .

20. License
license /
.
:
license [options]
options are:
--install=<url> - install new license
--export=<url> - export current license to external server
--show

- show license info

<url> = ftp://[login[:password]@]host/file
:
install/export / /
.
show
.
:
li --export=ftp://ftp_login:ftp_password@192.168.145.1/license_file
li --show

21. Dport
:
dport BAUD

:
.
: 9600, 19200, 38400, 57600, 115200 /.
: 38400 /.
Copyright 2004-2011 by InfiNet Wireless

23

InfiNet Wireless

WANFleX

22. Mem
:
mem
:

, (mbuf),
.
:

23. Grep ( )
grep .

,
().

! H01/H02.

:
grep [OPTIONS] [-e]PATTERN "command"

Copyright 2004-2011 by InfiNet Wireless

24

InfiNet Wireless

WANFleX

command | grep [OPTIONS] [-e]PATTERN

OPTIONS:
-e PATTERN, --regexp=PATTERN
-i, --ignore-case
-v, --invert-match
-w, --word-regexp
-x, --line-regexp
-c, --count
-m NUM, --max-count=NUM
-n, --line-number
-A NUM, --after-context=NUM
-B NUM, --before-context=NUM
-C NUM, --context=NUM

:
grep (command),
,
(PATTERN).
-e (-e PATTERN --regexp=PATTERN),
, (-).
, i ( -ignore-case).
, .. ,
-v ( -invert-match).
,
(-w) (-x) .

( ,
v), c.
m (-m NUM)
, .
(command)
, 1.
n.
A NUM, -B NUM C NUM
, (A), (B)
(C) , .
(---)
.

Copyright 2004-2011 by InfiNet Wireless

25

InfiNet Wireless

WANFleX

III.
1. Rfconfig ( )
.
:
rf interface parameters...
Interface rf5.0 parameters:
band XXX: bandwidth (MHz) - {double (40)|full (20)|half (10)|quarter (5)}
grid B G: frequency grid - <bw> freq1[-freq2[/step]],... | clear
freq XXX: central frequency (MHz)
bitr XXX: bitrate (Kbps)
txpwr XXX: tx power (dBm)
sid

XXX: system identifier - up to 8 hex digits.

cap

: RF capabilities

dist XXX: distance in kilometers or auto


txrt XXX: max transmit retries [15]
txvrt XXX: max transmit retries in voice mode [5]
[-]burst : burst mode
[-]shortgi: short guard interval mode
noise XXX: Noise floor threshold, dB [20]
[-]pwrctl : automatic TPC mode
[-]wocd
[modulation OFDM | CCK]
[chntime XXX]
[statistics]
[-]bcsid


,
.

"rf rfNAME ?" .
"rf rfNAME cap".

band XXX - :
double 40 , full 20 , half 10 , quarter 5 .

.
.

grid B G
, .
.
Copyright 2004-2011 by InfiNet Wireless

26

InfiNet Wireless

WANFleX

(__/),
, .

:
IFNAME grid BAND FREQUENCY_RANGE_LIST
:
rf rf5.0 grid 40 4920-5940/5
rf rf5.0 grid 20 5310-5390/10,5450,5500-5580/20
rf rf5.0 grid 10 5480, 5500, 5520, 5540, 5560, 5580

( rf cap) ,
(roaming, dfs ..).

:

rf IFNAME grid BAND clear


,
.

freq XXX , .

.
"rf rfNAME cap".

bitr XXX - ( ).
:
2 : 11000, 5500, 2000, 1000 .
5-6 : 6000, 9000, 12000, 24000, 36000, 48000, 54000
/.
Xm:

5 : 3250, 6500, 9750, 13000, 19500, 26000,


29250, 32500 /

10 : 6500, 13000, 19500, 26000, 39000, 52000,


58500, 65000 /

20 : 13000, 26000, 39000, 52000, 78000, 104000,


117000, 130000 /

40 : 30000, 60000, 90000, 120000, 180000,


240000, 270000, 300000 /.

txpwr XXX - dBm.



.

"rf <IFNAME> capabilities".

sid XXX - , 1H FFFFFFH.


, ,
.

cap (capabilities) -
,
, ..

Copyright 2004-2011 by InfiNet Wireless

27

InfiNet Wireless

WANFleX

dist XXX (distance) - (


). ,
.
dist ,

.
:

(
): rf rf5.0 dist auto. ,
auto :
auto (XX).


(, GPS),
sys gpsxy, dist
auto.
,
dist. -,

,
.
,
,
, .
0 dist
.

txrt XXX (transmit retries) -


unicast . 15.

txvrt XXX (transmit voice retries) -


( )
, 5. (Voice Mode)

VoIP.
- 64 .

burst - BURST.

.
burst -
,
.
.
muf stat.
-burst . .

shortgi - (short
guard interval).

.
,
,
, ,
.
-shortgi . .

noise XXX - (Noise floor


threshold). . 20 .

Copyright 2004-2011 by InfiNet Wireless

28

InfiNet Wireless

WANFleX

, .
,
,
. (Noise floor)
(Noise floor threshold)
rf IFNAME stat.

pwrctl -
(ATPC).
,

.
-pwrctl . .

wocd - .

.
.
"-wocd"
. "-wocd" ( ).

modulation - -
(OFDM/CCK). 5-6 OFDM.

chntime XXX (Channel Burst Time) -


burst (0...5000). 0 (
).

statistics -
1 .

.

"rf stat" 5

Broadcast rate

Bitrate Broadcast
Multicast ;

Voice Mode

/ Voice . ,

Bytes Received

Bytes Transmitted

Packets Received OK

Packets Transmitted OK

Duplicate Received

Total Retries

FIFO Overrun

Copyright 2004-2011 by InfiNet Wireless

29

InfiNet Wireless

WANFleX

FIFO Underrun

CRC Errors

Excessive Retries

Noise Floor

,
10

Noise Floor Threshold

Carrier Detect

Decrypted frames

Decrypted errors

Replay drops

Aggr Subframe Retries

,
-
( )

Aggr Full Retries

Max aggr frames

Max aggr bytes

Encrypted frames

"rf stat" 2.4

Beacons Received

802.11
( )

Beacons Transmitted

802.11
( )

Ack Packets Transmitted


RTS Packets Transmitted RTS
CTS Packets Transmitted CTS
PLCP CRC Errors

Single Collisions

PLCP Format Errors

PLCP

Polling cache aged

PLCP Length Errors

PLCP

Copyright 2004-2011 by InfiNet Wireless

30

InfiNet Wireless

WANFleX

No Deferral

MAC CRC Errors

Deferred Protocol

Partial Received

Deferred Energy Detect

SSID Mismatches

Retry Long

,
RTS

AP Mismatches

AP ( )

Retry Short

,
RTS

Data Rate Mismatches

Authentication Rejects

Ack Received

Authentication T/O

802.11

No Ack Received

Association Rejects

CTS Received

CTS

Association T/O

No CTS Received

CTS

Packets Aged

Noise Floor

( 10
)

Noise Floor Threshold

Carrier
Detect

SSID

bcsid - SID
beacon ,
.
,
,
SID ( ANY). MINT
,
,
,
.
-bcsid . SID
.
SID

Copyright 2004-2011 by InfiNet Wireless

31

InfiNet Wireless

WANFleX


NetStumbler, AirTraf, AiroPeak ..
:
rfconfig rf5.0 sid 1 bitr 130000 freq 2427 burst
rfconfig rf5.0 bitr 300000 freq 5280 sid 01020304 burst
rfconfig rf5.0 txpwr 18 pwrctl

2. Mint


! MINT RMA.

.
MINT (
, ) Ethernet
. , Ethernet
- (tun, ppp, null etc).
Ethernet .
, .
:
mint IFNAME -type {mesh | master | slave}
mint IFNAME -mode {mobile | nomadic | fixed}
mint IFNAME -nodeid NUMBERID
mint IFNAME -name NAME
mint IFNAME -key SECRETKEY
mint IFNAME -authmode {public | static | remote}
mint IFNAME -[no]authrelay
mint IFNAME [no]snmprelay
mint IFNAME -[no]replicate [$ACL]
mint IFNAME -[no]autobitrate [+/-DB] | -fixedbitrate
mint IFNAME autofactor 1..5 [3]
mint IFNAME -tpcmin dB -tpcmax dB -tpcadj +/-dB
mint IFNAME -ratefall 0..8 [0]
mint IFNAME -minbitrate XX
mint IFNAME -meshextracost XX
mint IFNAME -extracost XX
mint IFNAME -fixedcost XX
mint IFNAME -maxlinks XX
Copyright 2004-2011 by InfiNet Wireless

32

InfiNet Wireless

WANFleX

mint IFNAME [-loamp XX] [-hiamp XX]


mint IFNAME -[no]crypt
mint IFNAME -airupdate {disable | {[active|passive]|force}} [fast|normal|slow]
mint IFNAME -[no]log [detail]
mint IFNAME -roaming {leader | enable [multiBS] | disable}
mint IFNAME profile N [-freq X[,Y,N-M,...] | auto] [-sid X[,Y,..]] [-bitr X]
[-band {double | full | half | quarter}]
[-type {master|mesh|slave}] [-key XXX] [-nodeid N]
[{-minbitr XXX [-autobitr [+/-dB]] | -fixedbitr}]
[-long {on|off}]
[enable | disable | delete]
mint IFNAME addnode [-defgw X.X.X.X] [-defmask X.X.X.X]
mint IFNAME addnode -mac X:X:X:X:X:X [-key STRING] [-note STRING] [maxrate XX]
[-lip X.X.X.X] [-tip X.X.X.X] [-mask X.X.X.X]
[-lgw X.X.X.X] [-tgw {X.X.X.X | none}]
[-lcost XX] [-tcost XX] [{-setpri | -addpri} NN | -1]
[-disable | -enable | -delete]
mint IFNAME delnode -mac X:X:X:X:X:X
mint IFNAME map [routes | full | swg] [detail] [-m]
mint -[no]colormap
mint IFNAME monitor [-s] [-i SEC] [MAC [MAC ...]] | -[no]audio [full] [-mac
MAC]
mint IFNAME rcmd -node {ADDR|all} [-peer] [-self] {-cmd "CMD" | -file URL} [key KEY] [-quiet]
mint IFNAME -rcmdserver {disable | enable} -guestKey STRING -fullKey STRING
mint IFNAME -odr hub
mint IFNAME -odr spoke [[-]connected [$ACL]] [[-]kernel [$ACL]]
mint IFNAME -odr disable | show
mint IFNAME start | stop | restart | clear
mint IFNAME poll {start [log] | stop | stat [clear]}
mint join IFNAME1 IFNAME2 ...
mint disjoin
mint IFNAME trace MAC
mint vers



:
mint IFNAME type {mesh | master | slave}

Copyright 2004-2011 by InfiNet Wireless

33

InfiNet Wireless

WANFleX

MINT : master, mesh


slave.

MASTER:
.
mesh
. master
. master
,
- ().
(
join).

.

MESH:
.
mesh master.
mesh master , master
(master-master)
mesh ( ),
master-mesh ( master)
( meshextracost),
. , mesh

, , .
mesh
master-a. , master
, mesh
( , join).
master-a ( )
mesh (
).

SLAVE:
master.

master-a. master-a
slave . slave
"" "" () ( - ) (master-slave).

:
mint rf5.0 type master


:
mint IFNAME mode {mobile | nomadic | fixed}
.
.
:

Copyright 2004-2011 by InfiNet Wireless

34

InfiNet Wireless

WANFleX

Fixed. ,
.
.

Nomadic. ,
, , ,
.

Mobile. .
.
:
mint rf5.0 mode nomadic


:
mint IFNAME -nodeid NUMBERID
. ,
.
XXX.YYY,
IP ( XXX YYY
1 255).
.
.
:
mint rf5.0 nodeid 5
mint rf5.0 nodeid 123.112


:
mint IFNAME -name NAME
.
mint map. 16 .
,
.
:
mint rf5.0 name My_node
mint rf5.0 -name "Master Unit"


()
:
mint IFNAME poll {start [log] | stop | stat [clear]}

Copyright 2004-2011 by InfiNet Wireless

35

InfiNet Wireless

WANFleX

start

stop

log

stat

clear

()

.
,

, .

CSMA/CA .
,

.
,
,
.

.


,
, online- . ,
,
,
.

MINT.
mint IFname poll start [mi=XX] [ub=XX] [mt=XX]
MI - ,
.
.
4 20.
UB - .
, .


telnet. 3
1000.
MT - Marker Timeout.
.
:
mint rf5.0 poll start ub=250


:
Copyright 2004-2011 by InfiNet Wireless

36

InfiNet Wireless

WANFleX

mint IFNAME -[no]replicate [$ACL]


""

.
mint noreplicate, ,

,
.
, .
(mint -replicate).
$ACL "num" (acl add
$ISOLATE num N1 N2 ...),
,
( ).
,
.

.

:
mint IFNAME [no]autobitrate [+/-DB]
/
(autobitrate).
autobitrate
( / ,
)
,
. , ,
, .
autobitrate ,
bitr,
rfconfig. autobitrate,
, minbitrate
mint (. ) bitr rfconfig
;
. minbitrate ,

(
).
autobitrate
:
mint IFNAME -minbitrate BITRATE

:
mint rf5.0 -autobitrate

Copyright 2004-2011 by InfiNet Wireless

37

InfiNet Wireless

WANFleX

mint rf5.0 minbitrate 9000


+/-DB
. Autobitrate
(bitrate),
(mint
IFNAME autobitrate - <number in dB>). ,

(mint IFNAME autobitrate + <number in dB>).
autobitrate :
mint rf5.0 -fixedbitrate
(fixedbitrate)
, bitr
rfconfig.
mint IFNAME -ratefall 0..8

:
,
,
.
,
.
1 8
, (
rf rfX cap). 0
.
:
mint rf5.0 ratefall 4


:
mint IFNAME autofactor 1..5

-.
autofactor,
,
.
3.

:
mint IFNAME [-loamp XX] [-hiamp XX]

loamp.
. SNR
.
, . 2.

Copyright 2004-2011 by InfiNet Wireless

38

InfiNet Wireless

WANFleX

hiamp.
( ).
,
. 6.

:
mint rf5.0 loamp 2

ATPC
:
mint IFNAME -tpcmin dB -tpcmax dB -tpcadj +/-dB

ATPC
( ). ATPC
rf <interface> pwrctl (.
rfconfig).
tpcmin dB.
dB, ATPC
.
tpcmax dB.
dB, ATPC
.
tpcadj +/-dB.
, ATPC .
ATPC (tpcadj + <number
in dB>) (tpcadj - <number in dB>)
, , .


:
mint IFNAME addnode [-defgw X.X.X.X] [-defmask X.X.X.X]
mint IFNAME addnode -mac X:X:X:X:X:X [-key STRING] [-note STRING] [maxrate XX]
[-lip X.X.X.X] [-tip X.X.X.X] [-mask X.X.X.X]
[-lgw X.X.X.X] [-tgw {X.X.X.X | none}]
[-lcost XX] [-tcost XX] [{-setpri | -addpri} NN | -1]
[-disable | -enable | -delete]


, .
:

mac. . MAC- .

key. ( 64 ;
, ).
Copyright 2004-2011 by InfiNet Wireless

39

InfiNet Wireless

WANFleX

key ,
(mint IFNAME key).

lip. IP-. ,

tip mask. IP- .


.
IP-. ,
, .

lgw. IP- .
.

tgw. IP- .
. none
(
addnode defgw)

lcost.
(local cost). ,
, MINT.

tcost. (target
cost). , ,
MINT.
lcost tcost , lcost
.

enable/disable/delete. /
.

maxrate.
.

setpri | addpri. /
, .
setpri" ,
.
-1, .
"addpri" ,
, .
.

note.
.

:
mint rf5.0 addnode mac 000028BAF234 lip 1.1.1.1 tip 1.1.1.2 mask
255.255.255.252 lcost 120


, "mint addnode" "-defgw
X.X.X.X -defmask X.X.X.X".

-defgw X.X.X.X. .

-defmask X.X.X.X. .


, ,
. ,
IP :
mint rf5.0 addnode -mac 000435567322 -tip 10.1.1.1 -key SecretKey1
Copyright 2004-2011 by InfiNet Wireless

40

InfiNet Wireless

WANFleX

, ,
. IP ,
.
(
addnode -tgw / addnode defgw) ,
.


:
mint IFNAME delnode -mac X:X:X:X:X:X
MAC-
.
:
mint rf5.0 delnode mac 000028BAF234


:
mint IFNAME start|stop
/ MINT The
command starts or stops MINT protocol.
:
mint rf5.0 start


:
mint IFNAME fixedcost XX
.
( join) . 0
() .
:
mint rf5.0 fixedcost 120


:
mint IFNAME extracost XX
extracost .
.
MINT,
Copyright 2004-2011 by InfiNet Wireless

41

InfiNet Wireless

WANFleX

.

. 0 () .
:
mint rf5.0 extracost 60

mesh
:
mint IFNAME meshextracost XX
meshextracost .
master mesh.
500.
:
mint rf5.0 meshextracost 300

join
:
mint IFNAME joincost XX
joincost .
, join (
3). 0 () .
:
mint rf5.0 joincost 60



MINT :
mint IFNAME -[no]log [detail]
:

. -nolog.

. -log.
/

. -log detail.
,

( autobitrate)

:
mint rf5.0 log detail

MINT
:
Copyright 2004-2011 by InfiNet Wireless

42

InfiNet Wireless

WANFleX

mint vers
MINT.

(join)
:
mint join IFACE1 IFACE2
MINT
(join) mesh
.
, .
MINT .
-
- (, ,
) (
, ..). JOIN (
) , ,
.

.

mint join rf4.0 rf4.1


mint map
=================================================
Interface rf4.0, node 000000000011 "Node1_1" id:11 (mesh)
2 Neighbors:
00020 Node2
00012 Node1_2

000000000002, Cost=40 , I/O=24/27 <36/36> /mesh/


000000000012, Cost=3 , I/O=0/0

<0/0> /join/

Interface rf4.1, node 000000000012 "Node1_2" id:12 (mesh)


2 Neighbors:
-----------00020 Node3
00030 Node1_1

000000000003, Cost=40 , I/O=24/27 <36/36> /mesh/


000000000011, Cost=3 , I/O=0/0

Copyright 2004-2011 by InfiNet Wireless

<0/0> /join/
43

InfiNet Wireless

WANFleX

, ,
.
,
(
) ( ).
, .

, JOIN ,
MINT,
.
:
mint disjoin

(prf)
MINT ,
Ethernet.
- (prf),
, vlanX.
prf 0 parent eth0
ifconfig prf0 up
-
MINT .
MINT, -,
.
mint prf0 start
mint join rf4.0 rf4.1 prf0

MINT
, , .
join -


(bottleneck).
.
join,
().
mint join rf4.0 rf4.1
Copyright 2004-2011 by InfiNet Wireless

44

InfiNet Wireless

WANFleX

switch group 1 add eth0 rf4.0


:
mint IFNAME key SECRETKEY
. .
64 . ,
.
mint IFNAME -authmode {public | static | remote}

.
1)

public - () .

,
, -,
,
MINT.
2
, .
public
.

,

,
.
2)
static -
, .

. ,
, ,
, .
static
.
mint IFNAME addnode
,
.
3)
remote -
, RADIUS,
(
AAA).
,
,

Copyright 2004-2011 by InfiNet Wireless

45

InfiNet Wireless

WANFleX

,
(, IP).

,
:
mint IFNAME [no]authrelay

MINT.
, remote,
,

.

mint IFNAME [no]snmprelay


SNMP
MINT.
SNMP .
1:
B
public.
:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public
B:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public

2:
B ,
public

:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public
mint rf5.0 addnode -mac B:B:B:B:B:B -key KEY2

B:
mint rf5.0 key KEY2
mint rf5.0 authmode public
mint rf5.0 addnode -mac A:A:A:A:A:A -key SECRETKEY

Copyright 2004-2011 by InfiNet Wireless

46

InfiNet Wireless

WANFleX


public,
.
3:

.
B remote
.
:
mint rf5.0 key KEY1
mint rf5.0 authmode static
mint rf5.0 authrelay
mint rf5.0 addnode -mac B:B:B:B:B:B -key KEY2
mint rf5.0 addnode -mac ::::: -key KEY3

B:
mint rf5.0 key KEY2
mint rf5.0 authmode remote

B
( A).
A remote,
,
( ),
.

Overthe-air update
:
mint IFNAME -airupdate {disable | {[active|passive]|force}} [fast|normal|slow]

?
AirUpdate
MINT
. (
)
( ),
.

?

.
( ) MINT
, (
) . MINT (
Copyright 2004-2011 by InfiNet Wireless

47

InfiNet Wireless

WANFleX

)
,
.

.
,

MINT-MTP.
fast,
normal slow.
fast ,

2 ,
.
normal 7 , slow 24 .
passive normal.

force. ,
,

.

,
,
,
.

1.
,
.
,
7 .
mint rf5.0 airupdate active normal

2.
,
,
.
mint rf5.0 airupdate passive slow

3.

.
mint rf5.0 airupdate force

4.
,
.
Copyright 2004-2011 by InfiNet Wireless

48

InfiNet Wireless

WANFleX

mint rf5.0 airupdate disable

Over-the-air encryption
MINT .

AES-128 CCMP.
,
:
mint IFNAME -[no]crypt
:
mint rf5.0 -crypt



:
mint IFNAME map [routes | full | swg] [detail] [-m]
mint -[no]colormap

WANFleX 1.25.11:
:
Neighbors ( ). :

MAC-

MAC-

Routes. :

Copyright 2004-2011 by InfiNet Wireless

49

InfiNet Wireless

WANFleX

Full.
Swg. , MINT .
,
. .. ,
-. :

:
-detail -
(),

/ (/), / (/),
Cost, IP- -.
--m /
/.
.

WANFleX 1.25.11 :

Copyright 2004-2011 by InfiNet Wireless

50

InfiNet Wireless

WANFleX

mint map (/
mint -[no]colormap):

-,
.
,
.
(,
).
,
. ,
, -,
.
,
.

-
-,
.

Copyright 2004-2011 by InfiNet Wireless

51

InfiNet Wireless

WANFleX


:
mint IFNAME monitor [-s] [-i SEC] [MAC [MAC ...]]
MAC-() ,
.
MAC- nodeid ()
.
.

/
/.
-s ( ).
-i SECONDS .
AudioMonitor:
:
mint IFNAME monitor -[no]audio [full] [-mac MAC]
-audio (AudioMonitor).
noaudio.
full
. full
,
,
( ).
-mac MAC
, MAC-.
mint IFNAME monitor -audio [full]
,

.

Copyright 2004-2011 by InfiNet Wireless

52

InfiNet Wireless

WANFleX


:
mint IFNAME -roaming {leader | enable [multiBS] | disable}
mint IFNAME profile N [-freq X[,Y,N-M,...] | auto] [-sid X[,Y,..]] [-bitr X]
[-band {double | full | half | quarter}]
[-type {master|mesh|slave}] [-key XXX] [-nodeid N]
[{-minbitr XXX [-autobitr [+/-dB]] | -fixedbitr}]
[-long {on|off}]
[enable | disable | delete]
,
IWR-MINT
.
roaming ,
, .
( ) ,
- .
MINT roaming leader. Roaming leader
,
,
,
, . ,
,
. Roaming leader, , DFS
Radar Detection ( ).
() roaming
,
(roaming enable).
- , .

,
.
,
,
.
multiBS
, ,
.
multiBS , - ,
,
.
:

freq X[,Y,N-M,...] | auto ( )


. auto,

, .

sid X[,Y,..] - ( )
()

bitr X .
autobitrate

Copyright 2004-2011 by InfiNet Wireless

53

InfiNet Wireless

WANFleX

band {double | full | half | quarter}

type {master|mesh|slave}

key XXX -

nodeid N ID

fixedbitr

minbitr XXX
autobitrate

autobitr [+/-dB]
. [+/-dB]
.

long {on|off} long.

enable | disable | delete // .

:
mint rf5.0 profile 1 -freq 5920 -sid ABCDE
mint rf5.0 profile 2 -freq 5960 -sid ABCDE disable
mint rf5.0 profile 3 -freq auto -sid DEAD
mint rf5.0 roaming enable


:
mint IFNAME rcmd -node {ADDR|all} [-peer] [-self] {-cmd "CMD" | -file URL} [key KEY] [-quiet]
mint IFNAME -rcmdserver {disable | enable} -guestKey STRING -fullKey STRING

MINT
() c MINT .
:

-rcmdserver {disable | enable} /


( )

-guestKey STRING .

-fullKey STRING .

-node {ADDR|all} Mac- MINT


MINT
, /

[-peer] MINT,

[-self]

{-cmd "CMD" | -file URL}


, ftp
Copyright 2004-2011 by InfiNet Wireless

54

InfiNet Wireless

WANFleX

[-key KEY]

[-quiet]

:
mint rf5.0 rcmd -node all -cmd "co sh"
mint rf5.0 rcmd -node all -file ftp_name:ftp_pswd@192.168.100.21/1.txt

TRACE
:
mint IFNAME trace MAC
TRACE MINT
MAC-: , ID , ,
Cost, .
( cost)
.

ODR (On-Demand Routing)


ODR - MINT,

- .
ODR (OnDemand Routing)
.
,
. ODR IP
MINT .
ODR ,
(spokes) (hub).
-,
.

:
mint IFNAME -odr hub
Copyright 2004-2011 by InfiNet Wireless

55

InfiNet Wireless

WANFleX

, ,
:
mint IFNAME -odr spoke [[-]connected [$ACL]] [[-]kernel [$ACL]]
connected IP-/
. kernel
( route
add).
IP-/
Access Control List ($ACL). Access
Control List
.

, :

ODR

mint IFNAME -odr show



:

ODR

mint IFNAME -odr disable

RMA MINT
!
MINT
.
,
mesh point-to-multipoint ,
, ..
1. :
- MAC ,
.
:
Ifc rf5.0
- (,
) :
config save
- MINT :
fl get user:password@server/file

2. ( ) :
restart y

3. MINT .

Copyright 2004-2011 by InfiNet Wireless

56

InfiNet Wireless

WANFleX

MINT.
(RMA) , MINT

(master, autobitrate, hiamp=4).
(
).
, MINT .
IP RMA.
4. "mint map" ,
.
5. IP ,
:
ifc rf5.0 10.0.0.254/24 up

6. "mint rcmd" IP
, MAC (
MAC ), :
mint rf5.0 rcmd -node 17:9a:c2:f4:34 -cmd "ifc rf5.0 10.0.0.1/24 up; co save;"
mint rf5.0 rcmd -node 17:9a:c3:ad:46 -cmd "ifc rf5.0 10.0.0.2/24 up; co save;"
mint rf5.0 rcmd -node 179ab1f391

-cmd "ifc rf5.0 10.0.0.3/24 up; co save;"

...
..

IP ( ).
7. telnet
( ..)
IP ,
"mint
rcmd":
mint rf5.0 rcmd -node 0023113231 -cmd "co show" -reply
-reply,
(sys log show).

3. Prf
MINT ,
Ethernet.
- (prf),
, vlanX.
:
prf N parent IFACE [hwmtu N] [channel N]
prf N clear

Copyright 2004-2011 by InfiNet Wireless

57

InfiNet Wireless

WANFleX

prf
ethernet. ethernet,
IEEE802.3.
1514
, Jumbo frame
IETF,
http://www3.ietf.org/proceedings/01mar/I-D/kaplan-isis-ext-eth-02.txt

Ethernet-
,
, .
Ethernet-
" ".
4 " " Ethernet . prf
"" 0 3. , Ethernet-
, prf
.
prf:

parent IFACE
IFACE - ,
(, , ) .
ethernet-.

hwmtu N
N - Ethernet-, ""

channel N
N - ,
"" .

clear - prf

prf
mint.

4. ( lag)
(Link Aggregation)


.

, , ,
, .
, ,
,
Ethernet .
LACP (Link Aggregation Control Protocol)
InfiNet Wireless
IEEE 802.3ad. ,
LACP,
.

Copyright 2004-2011 by InfiNet Wireless

58

InfiNet Wireless

WANFleX


lagN.
:
lag N [command] [(port|-port) (IFNAME | IFNAME...)]
where [command] is:
status

- show lag interface status

migrate

- enable session migrate

-migrate

- disable session migrate

balance

- enable session-oriented load balancing

-balance

- disable session-oriented load balancing

mode

- switch lag inteface mode. Modes: (stand|fast)

clear

- remove lag interface from configuration

loadm

- show realtime per-port load status

:

:
lag N port (IFNAME | IFNAME...)]
lagN
( ),
.
:
lag 1 port eth0 eth1
lag1,
Ethernet .

LAG -port.
:
lag 1 -port eth1


LACP :

lag N status aggregation id,


lag N migrate / lag N -migrate /

, , ,
.

lag N balance / lag N -balance /

, .

lag N mode LACP: stand fast.


standard LACP
Copyright 2004-2011 by InfiNet Wireless

59

InfiNet Wireless

WANFleX

IEEE 802.3ad. fast


,
LACP ,
.

lag N clear removes lagN interface from the device configuration

lag N loadm
.

5. Ltest ( )
.

.
:
ltest IFNAME target [-r rate[,reply_rate]]
[-s packet_size[,reply_size]] -- default size 1024, max 1794
[-b]

-- send as broadcast

[-p priority]

-- set priority (0 to 16)

[-a (l|r|m)]

-- enable audiomonitor,
l - local amp, r - remote amp
m - min(local,remote) amp

[-auto (l|r|m)]

-- like -a, but run in background


and autostart on boot

[-align [L[,R]]]

-- MIMO antenna alignment mode


L,R - local/remote tx antenna
(0/1 or V/H)

[-evm]

-- display Error Vector Magnitude

[-tu [seconds]]

-- unidirectional throughput test

[-tb [seconds]]

-- bidirectional throughput test

[-load N[m|k]

-- limit throughput to N:
m - Mbps, k - Kbps

[-mint]

-- do throughput test through MINT

ltest -key [PASSWORD]


ltest (-stop|-noauto)

-- stop all running tests


(-noauto - cancel test on boot)

ltest (-disable|-enable)

-- disable/enable ltest

:
IFNAME ,

target MAC- ,

-r rate[,reply_rate] bitrate
.

Copyright 2004-2011 by InfiNet Wireless

60

InfiNet Wireless

WANFleX

. ,
:
o

-, ..
tx/rx bitrate
mint map. rate reply
rate tx/rx bitrate,
mint map.

,
, .
rate reply rate ,
bitrate
(, 6 Mbps
20 MHz, 3Mbps 10 MHz, 1.5 Mbps 5 MHz).

-s packet_size[,reply_size]
.
1024 .
1810 .
-b
-a (l|r|m) ().

, ..
, .
ODU.
.

.
l
,
r
,


m


-auto (l|r|m)
.
,
. a(l|r|m)
-key [PASSWORD] .
,
,

-noauto

, .. ,

-stop -
-disable|-enable /
.
-align [L[,R]]
Xm (, R5000-Om). L
,
Copyright 2004-2011 by InfiNet Wireless

61

InfiNet Wireless

WANFleX

. R ,
-
. L ,
.
-r, ,
. -r ,
L R .
L R 0 1
, 1
).

(0

-evm (Error Vector


Magnitude).
EVM ( 21).

( .. )
.
:
lt rf5.0 00179AC2F3E6
.
lt
, MAC- 00179AC2F3E6.

lt rf5.0 00179AC2F3E6 r 24000


rate
24 /. reply rate
.

lt rf5.0 00179AC2F3E6 a l
,
,
.
ltest:
ltest ,
( auto).
:

Copyright 2004-2011 by InfiNet Wireless

62

InfiNet Wireless

WANFleX

ltest ( -align):

ant.amps,
amp/max. ant.amps
0, 1 2 .

:

1.
bitrate.
MINT
bitrate, MINT
autobitrate.
2.
amp/max 12 40.

.

40

12,
bitrate (, 20 10
).

Copyright 2004-2011 by InfiNet Wireless

63

InfiNet Wireless

WANFleX


.
12
,
,
,
.
,
,
, , . ,
,

,
..
3. rt%
.
4. up%
, ,
.
5. ua%
, ,
.
50,
distance.
20 , ,
long.
(Local
Remote) ltest.
:

: ,
, .
ltest:
-tu [seconds] Unidirectional test:
(
target)
-tb [seconds] Bidirectional test:

- 1536
( -s).
, (
5 ). - 60 .
-load N[m|k]
, ltest
( -tu -tb). N
, k -
(: 10m - 10 /, 500k - 500 /).
mint
MINT,
Copyright 2004-2011 by InfiNet Wireless

64

InfiNet Wireless

WANFleX

(ATPC)
(autobitrate).
.
target
MAC- MINT ,
(multi-hop).
-tu -tb.
-mint -r .

:

:
lt rf5.0 00179AC2F3E6 -tb

, MAC-
00179AC2F3E6.

6. Muffer
.
:
muffer IFNAME [-tXX] [-lXX] review [FREQ1 [FREQ2 ...]]
| sid | { mac[2|3]|mynet|scan [MAC]}
muffer IFNAME sensor [F1 [F2] [BW STEP]]
muffer stat [clear]
:

,
,
.

.
review
.
,
( ).
Copyright 2004-2011 by InfiNet Wireless

65

InfiNet Wireless

WANFleX

:
muffer rf5.0 review

SID sid

(SID).

, rfconfig.
:
muffer rf5.0 sid

MAC-

"mac/mac2/mac3/mynet"


(MAC-). [MAC]
, MAC-.
mac , mac2
, MAC- ( ).
mac3, mac2,
, ,
.
mynet
.
:
muffer rf5.0 mac2

Copyright 2004-2011 by InfiNet Wireless

66

InfiNet Wireless

WANFleX

muf scan
.

.
.

.
:
muffer rf5.0 scan

-tXX - , .
, 2 . "0"
.

-lXX - ,
. - 24 .

ESC Ctrl/C.
() muffer stat

. MAC- ,
,
.

Copyright 2004-2011 by InfiNet Wireless

67

InfiNet Wireless

WANFleX

,
,
.
muffer stat clear .

(-)
muf sensor
- .


Web- (.
IW Technical User Manual).


.

H02.
:
muffer rf5.0 sensor

Copyright 2004-2011 by InfiNet Wireless

68

InfiNet Wireless

WANFleX

F1 - .

.

F2 .

, , .

BW .
1/5/10/20 .

STEP .
1/5/10/20 , .

ESC Ctrl/C.

7. Macf
MAC IP-
:
macf MAC IP omment
macf del N
macf [-]dhcp [-]strict | [-]reverse | [-]simple | [-]quiet
macf show | clear
Copyright 2004-2011 by InfiNet Wireless

69

InfiNet Wireless

WANFleX

:
macf MAC IP-
ethernet .
,

, .
,
IP- ( ) , ,
.
, , ,
MAC IP-,
,
MAC- .
macf MAC IP .
macf 102030405060

1.1.1.1

Room123

macf 203040506070

2.2.2.2

Room125

macf show
co show:
macf show
macf
1
macf
2
macf
3
macf
192.78.64.174

0020af915099
0020af9150a3
0020af9150a4
4
Admin

192.78.64.99
Server
192.78.64.194
Room94
192.78.64.134
Room57
0020af9150a7


, macf del N.
macf clear .

quiet.
.
( ) ,
, - .
( macf strict), ,
, .

, telnet,
, strict, ,
.
,
.
, ,
(sys log).
,
.
.
:
1. MAC-
2. ,
IP-.
reverse :
Copyright 2004-2011 by InfiNet Wireless

70

InfiNet Wireless

WANFleX

1.

IP-

2.

MAC-.

, ,

simple, 1- .

.
,
strict. .
dhcp, macf
, DHCP .
,
DHCP .
:
1. .
ethernet .
,
, strict:
macf MAC IP [strict]
2.
, "reverse
strict" "reverse simple", IP-
, MAC MAC-
.
3. ,
,
"simple" "reverse strict" c MAC
.
.
,
arp.

8. Sppp
PPP
'Point to Point Protocol'
(PPP) , sppp
ppp0, ppp1 E1
0(main), 1(sub) .
:
sppp [-v] ifname [{enable/disable}] [options]

ifname - (ppp0 ppp1).


enable/disable
E1.

PPP-

SPPP :
Cisco HDLC;
PPP (Point to Point Protocol, RFC 1661);
Frame Relay

Copyright 2004-2011 by InfiNet Wireless

71

InfiNet Wireless

WANFleX


sppp.
:
sppp ppp0 enable mode=cisco
ifconfig ppp0 10.0.0.1 10.0.0.2 up
10.0.0.1 - PPP , 10.0.0.2 .
:
mode
mode (
) : cisco; ppp; fr.
cisco - Cisco HDLC.
ppp - Point to Point Protocol RFC 1661
fr - Frame Relay
:
sppp ppp0 enable mode=cisco
sppp ppp0 enable mode=ppp
sppp ppp0 enable mode=fr
keepalive
cisco ppp,
: on; off.
/
10
. keepalive cisco ppp.
:
sppp ppp0 enable mode=cisco keepalive=on
sppp ppp0 keepalive=off
sppp ppp0 keepalive=on
ppp
ppp

.
proto
(.
myproto hisproto), : none; pap; chap.
o

none -

pap - . Password Authentication


Protocol, ,
/ (. {my|his}name
{my|his}secret)
.

chap - Challenge Handshake Authentication Protocol RFC 1994,



; "-"
( ).
Copyright 2004-2011 by InfiNet Wireless

72

InfiNet Wireless

WANFleX

myproto
proto, . ,
, .
hisproto
, proto, .
myname
(chap;
pap).
hisname
()
(chap; pap).
mysecret
(key, password)
. chap . pap
(myname).
hissecret
mysecret, .
:
sppp ppp0 enable mode=ppp proto=none
ppp .
ppp0
chap , , ppp1
.
sppp ppp0 enable mode=ppp proto=chap
sppp ppp0 myname=local mysecret=secret
sppp ppp0 hisname=remote hissecret=secret
sppp ppp1 enable mode=ppp myproto=chap hisproto=none
sppp ppp1 myname=local mysecret=secret
{no}rechallenge
/
.
chap (Conware CoNet,
firmware 4.0.x).
:
sppp ppp0 norechallenge

9. Arp
ARP
:
arp view [IP]
arp add IP MAC|auto proxy
arp del IP|all [proxy]
Copyright 2004-2011 by InfiNet Wireless

73

InfiNet Wireless

WANFleX

arp [-]freeze
arp [-]proxyall [$ACL]
:
ARP
MAC .
, Ethrnet IP-
48- Ethernet
.
ARP ,
.

. arp .
:
arp view [IP]
ARP IP, ,
.
arp add IP MAC [proxy]
arp add IP auto proxy
ARP . IP
MAC. proxy,
, ARP
(proxy), (IP)
. MAC-
auto, MAC-
, IP.
arp del IP|all [proxy]
IP-, ,
all. proxy,
,
(proxy).
arp [-]freeze
"" ARP.
.

MINT.
telnet.
arp [-]proxyall [$ACL]
proxyall ARP ,
IP-
. ,
,
.
proxyall / $ACL,
.
:
arp add 10.10.10.10 00:11:22:33:44:55
arp add 192.168.5.1 5544332211 proxy
Copyright 2004-2011 by InfiNet Wireless

74

InfiNet Wireless

WANFleX

10. switch

().

MAC

Switch

:
________ LIST commands __________________________________
switch list LISTNAME [{iface | mac | numrange | match}]
{add | del} [VALUE ...]
dump [WILDCARD]
rename NEWNAME
file FILENAME
[ flush|remove]
________ GROUP commands _________________________________
switch group ID {add | del} IFNAME[:{TAG|0}] ...
switch group ID {repeater|trunk|uncoupled} {on|off}
switch group ID {(up|down)stream} {SCID|0}
switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]
switch group ID nvlan {[on]|off}
switch group ID info INFO_STRING
switch group ID setid NEWID
switch group ID stp { off | on | dump }
switch group ID stp priority [PRIO]

#(default: 32768, step: 4096)

switch group ID stp forwarddelay [DELAY]


switch group ID stp maxage [TIME]

#(default: 15 sec)
#(default: 20 sec)

switch group ID stp port IFNAME priority [PRIO] #(default: 128,step 16)
switch group ID stp port IFNAME cost [COST] #(default: 200000(RSTP),
65535(STP))
switch group ID igmp-snooping { off | on }
switch group ID order N
switch group ID
[ setpri|addpri prio ]
{deny | permit | showrules | showblack}
switch group ID
[dump [interface] [WILDCARD]]
[dbdelete MACADDRESS]
{start | stop | remove}
switch group ID in-trunk [{ID|0}]
switch admin-group {ID|0}
________ RULES commands _________________________________
Copyright 2004-2011 by InfiNet Wireless

75

InfiNet Wireless

WANFleX

switch {group ID | interface IFNAME} rule NUMBER


[set NEWNUMBER] [not]
[src LIST] [dst LIST] [vlan LIST]
[iface LIST] [proto LIST] [match LIST]
[ setpri|addpri prio ]
[ deny | permit ] [ remove ]
_______ CONTROL commands _______________________________
switch keeptag [(on|off)]
switch resynchronize
switch local-tag TAG
switch trace { off | on | verbose | filter "pcap expr"}
switch stptrace { off | on }
switch stpblock { off | on }
switch {dump [WILDCARD]|MACADDRESS}
switch igmp-snooping dump [detail]
switch igmp-snooping lmqt Value
switch igmp-snooping gmi Value
switch igmp-snooping static-add MCAST IF_NAME [MAC]
switch igmp-snooping static-del MCAST IF_NAME [MAC]
switch igmp-snooping srcip IP
switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]
{start|stop|clear}
switch {start | stop | restart | destroy | dead-interval DEAD_INTERVAL | strictadmin [(on|off)]}
switch statistics [(clear|help)]
switch maxsources (MAXSOURCES|0)

!
1.22.0 (switch)
.
, ,
.
MINT .
Over The Air.

Wildcard
Wildcard
. wildcard,
:

* -
. .
Copyright 2004-2011 by InfiNet Wireless

76

InfiNet Wireless

WANFleX

~ -
.

:
rf~.~
,
rf5.0, rf5.1, ..

#1> switch group 1 dump eth~


Bridge group 1(normal), READY STARTED Interfaces
Total
records
DST MAC
L Int. GateWay MAC GT Cost
========= = ==== ========= == ===
=======
001111144693
eth0 000000000000
0
000435018822
* eth0 000000000000
0
000435118822 * eth1 000000000000
0
0

: eth0(F) eth1(F) rf5.0(F)


5
UsCNT
Dead
HashC
===== ===== ====
3987
0
0

300
0
1

1
1

Ethernet .

(List
commands)
:
switch list LISTNAME [{iface | mac | numrange | match}]
{add | del} [VALUE ...]
dump [WILDCARD]
rename NEWNAME
file FILENAME
[ flush|remove]

(rule).
: iface, mac, numrange, match.
.
. ,
.
:

list

LISTNAME . ,
.

iface ,

mac , MAC

numrange ,

<min>[-<max>].
, <min>=<max>.
()
Copyright 2004-2011 by InfiNet Wireless

77

InfiNet Wireless

WANFleX

.
() ,
/ .

match , match
, .
PCAP (. tcpdump).
,
. tcpdump :
http://www.protocols.ru/modules.php?name=News&file=article&sid=125

add del
.
VALUE ( match) ,
.
:
switch list my_iface iface add eth0 rf5.0
iface my_iface
eth0 rf5.0.

switch list vlans numrange add 10 20-30 40


vlans
10, 20 30
40.

switch list ip_mynet match add net 195.38.45.64/26


- match.
,
(ip, arp ..), 195.38.45.64/26.
switch list ip_mynet match add ip net 195.38.45.64/26
- match,
ip-,
195.38.45.64/26.
.
,
.
FTP .
:
switch list MACGROUP1 file ftp://1.2.3.4/switches/list/macgroup1.txt
macgroup1.txt , , :
#
00:01:02:03:04:05

00:11:12:13:14:15

<EOF>

,
:
Copyright 2004-2011 by InfiNet Wireless

78

InfiNet Wireless

WANFleX

switch synchronize

switch list LISTNAME remove


LISTNAME
.

switch list LISTNAME flush


LISTNAME
switch list OLDLISTNAME rename NEWLISTNAME
OLDLISTNAME NEWLISTNAME.

switch list LISTNAME dump [WILDCARD]


LISTNAME.

WILDCARD,

WILDCARD.

(Group commands)
:
switch group ID {add | del} IFNAME[:{TAG|0}] ...
switch group ID {repeater|trunk|uncoupled} {on|off}
switch group GORUPID {(up|down)stream} {SCID|0}
switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]
switch group ID nvlan {[on]|off}
switch group ID info INFO_STRING
switch group ID setid NEWID
switch group ID stp { off | on | dump }
switch group ID stp priority [PRIO]

#(default: 32768, step: 4096)

switch group ID stp forwarddelay [DELAY]


switch group ID stp maxage [TIME]

#(default: 15 sec)
#(default: 20 sec)

switch group ID stp port IFNAME priority [PRIO] #(default: 128,step 16)
switch group ID stp port IFNAME cost [COST] #(default: 200000(RSTP),
65535(STP))
switch group ID igmp-snooping { off | on }
switch group ID order N
switch group ID
[ setpri|addpri prio ]
{deny | permit | showrules | showblack}
switch group ID
[dump [interface]] [WILDCARD]]
[dbdelete MACADDRESS]

Copyright 2004-2011 by InfiNet Wireless

79

InfiNet Wireless

WANFleX

{start | stop | remove}


switch group ID in-trunk [{ID|0}]
switch admin-group {ID|0}

switch group ID {add | del} IFNAME[:{TAG|0}] ...



.

ID (1-4095)

add|del /
. add,
ID ,
.

IFNAME ,
.

TAG. ,
.
:
o

TAG >0. ,

vlan TAG.
vlan, vlan TAG.

TAG . , vlan
, ( ).

TAG 0. ,
,
vlan .

:
switch group 3 add rf5.0:10 eth0:0
, 3
vlan 10 rf5.0
eth0.
,
.

switch group ID {repeater|trunk|uncoupled} {on|off}


/ (repeater),
(trunk) uncoupled.

, ,
, .
, , eth*
, rf*
vlan . ,
, .
rf*, eth*
vlan ,
rf* .

Copyright 2004-2011 by InfiNet Wireless

80

InfiNet Wireless

WANFleX

(CORE)
,
. STP

. , "uncoupled",
,
,
, .

uncoupled ( ),
.
:
switch group 12 trunk on

,
VLAN ,
in-trunk
, :
switch group ID in-trunk [{ID|0}]
, 100
5 ( 100
VLAN ID 100 100),
: switch group 100 intrunk 5

, VLAN .

switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]


, ID
, vlan TAG, ,
LIST numrange.
vlan ,
TAG .
bidir
VLAN ( ).
VLAN
,
.
. vlan,
(. ) .
:
switch group 5 vlan 5

switch group ID xvlan {TAG|LIST|0} [[no]bidir]


, "vlan {TAG|LIST|0}",
.
:
switch list MYNET numrange add 100 200 300

Copyright 2004-2011 by InfiNet Wireless

81

InfiNet Wireless

WANFleX

switch group 10 xvlan MYNET


switch group 10 trunk on
10 VLAN ID 100, 200, 300,
.
MINT , (
- 10), - VLAN ID.
switch list MYNET numrange add 100 200 300
switch group 20 vlan MYNET
switch group 20 trunk on
20 MYNET
VLAN ID (
).
switch list MYNET numrange add 100 200 300
switch group 30 vlan MYNET
switch group 30 trunk off
30 MYNET
30.

switch group ID nvlan {[on]|off}


,
VLAN .

switch group ID info INFO_STRING


/
.

switch group ID setid NEWID


GROUPIID
NEWID.
:
switch group 3 setid 7

switch group ID
[dump [interface] [WILDCARD]]
[dbdelete MACADDRESS]
{start | stop | remove}
Here:

dump MAC

interface - MAC
.

WILDCARD
.
Copyright 2004-2011 by InfiNet Wireless

82

InfiNet Wireless

WANFleX

dbdelete MACADDRESS MAC


, MAC

start|stop /
.

restart ( switch group GID stop;


switch group GID start).
. ,
.

remove .

:
switch group 3 dump eth0
switch group 5 start

,
eth* , .. ,
, ,

: . ,
- (MESH) ,
.
switch admin-group {ID|0}

multicast

downstream upstream.
switch group ID {(up|down)stream} {SCID|0}
:
1,2,3,4,5 6 ,
multicast ,
,

.

Copyright 2004-2011 by InfiNet Wireless

83

InfiNet Wireless

WANFleX

downstream ( ) , ,
1000, .
upstream
.

.
broadcast , - ,
,
MINT downstream
. ,
upstream ,
,
.

MAC switch () STP,


: STP, RSTP.
:
switch group ID stp { off | on | dump }
off / on
STP . dump
STP .
switch group ID stp dump:

Copyright 2004-2011 by InfiNet Wireless

84

InfiNet Wireless

WANFleX

switch group ID stp priority [PRIO]


stp , [PRIO]
. ,
, 57344.
,
4096 (step 4096).

switch group ID stp forwarddelay [DELAY]


stp forward delay,
listening learning,
[DELAY] .
, , 15 .

switch group ID stp maxage [TIME]


stp MAX age,
BPDU- , [TIME]
. ,
, 20 .

switch group ID stp port IFNAME priority [PRIO]


stp ,
IFNAME , [PRIO] .
, ,
128. ,

16 (step 16).

switch group ID stp port IFNAME cost [COST]


stp cost ,
, [COST]
. ,
, 200000 RSTP, 65535 STP.
:
switch group 1 add eth0 rf5.0
Copyright 2004-2011 by InfiNet Wireless

85

InfiNet Wireless

WANFleX

switch group 1 stp priority 36864


switch group 1 stp on
switch group 1 start
group 1.
stp stp
36864.

switch group ID igmp-snooping { off | on }


/ IGMP snooping
.
:
switch group 1 igmp-snooping on

switch group ID order N



.
, ,
.
. ,
.

switch group ID [ setpri|addpri prio ]


/
. setpri
. -1,
. addpri ,
,
( , ).
addpri .
:
switch group 1 addpri 15

switch group ID {deny | permit}


(deny) (permit)
, .

switch group ID {showrules}



,
.

switch group ID {showblack}


MAC ,
.

Copyright 2004-2011 by InfiNet Wireless

86

InfiNet Wireless

WANFleX

(Rules
commands)
:


eth*. ,
,

.



.

.

(rules)
(deny/permit). ,
(deny/permit).
. ,
.
.
.
,
. deny
, .
,
. 5 :
1.
- (iface)
2.
MAC (src)
3.
MAC (dst)
4.
VLAN tag (vlan)
5.
Ethernet ( proto )

. ,
, PCAP (tcpdump).

match. , ,

,
match. -
, , ,
.
, ,
,
(, vlan tag).

:
switch {group ID | interface IFNAME} rule NUMBER
[set NEWNUMBER] [not]
[src LIST] [dst LIST] [vlan LIST]
[iface LIST] [proto LIST] [match LIST]
[ setpri|addpri prio ]

Copyright 2004-2011 by InfiNet Wireless

87

InfiNet Wireless

WANFleX

[ deny | permit ] [ remove ]


:

ID IFNAME .

NUMBER

set NEWNUMBER
NEWNUMBER

remove .

src, dst, vlan, iface, proto, match


.
,
,

.

deny | permit

setpri|addpri prio -
/
. setpri
.
-1, .
addpri ,
,
( , ).
addpri .

:
switch list MACGROUP1
00:11:12:13:14:15

MACGROUP1

mac

add

00:01:02:03:04:05

switch list VGROUP numrange add 10 20-30 40


switch list IP_NET3845 match add arp net 195.38.45.64/26 || ip net
195.38.45.64/26
switch group 5 rule 10 src MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 5 rule 20 dst MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 1 rule 1 setpri 10


:
switch {group ID | interface IFNAME}
{deny | permit }

(Control commands)
:
switch keeptag [(on|off)]
Copyright 2004-2011 by InfiNet Wireless

88

InfiNet Wireless

WANFleX

switch resynchronize
switch trace { off | on | verbose | filter "pcap expr"}
switch stptrace { off | on }
switch stpblock { off | on }
switch {dump [WILDCARD]|MACADDRESS}
switch local-tag TAG
switch igmp-snooping dump [detail]
switch igmp-snooping lmqt Value
switch igmp-snooping gmi Value
switch igmp-snooping static-add MCAST IF_NAME [MAC]
switch igmp-snooping static-del MCAST IF_NAME [MAC]
switch igmp-snooping srcip IP
switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]
{start|stop|clear}
switch {start | stop | restart | destroy | dead-interval DEAD_INTERVAL | strictadmin [(on|off)]}
switch statistics [(clear|help)]
switch maxsources (MAXSOURCES|0)

switch resynchronize

, file.

switch trace { off | on | verbose | filter "pcap expr"}


/ log .
verbose .
filter pcap expr
.

:
sw trace filter "ether host 00:11:22:33:44:55"
sw trace filter "net 1.2.3.0/24"
sw trace off -

switch stptrace { off | on }


off / on
STP, ,
, (sys log). .

switch stpblock { off | on }


Copyright 2004-2011 by InfiNet Wireless

89

InfiNet Wireless

WANFleX

Stpblock on STP ,
STP .
STP stpblock off.
()
MAC ,
(dst).
.
,
.
MAC .
. , ,
.

, .
.
:
switch dead-interval <DEAD_INTERVAL_IN_SECONDS>

//
:
switch {start | stop | restart}

:
switch {destroy}

:
switch statistics [(clear|help)]
, flood-,
MAC- (DB Records).
clear , help
,
.

:

MAC-

switch maxsources (MAXSOURCES|0)


5000.
0, 500.
, MINT,
,
( eth*) .
- VLAN :
switch local-tag TAG
, ,
VLAN local-tag. , ,
VLAN ID

Copyright 2004-2011 by InfiNet Wireless

90

InfiNet Wireless

WANFleX

local-tag,
MINT ( ).

switch keeptag [(on|off)]


(switch keeptag on)
(eth*)
. , off.

switch strict-admin [(on|off)]


, ,
, ,
(switch strict-admin off).
switch strict-admin on,
, admin-group.

switch igmp-snooping dump [detail]


IGMP (),
(Internet Protocol multicast) .
switch igmp-snooping dump:

detail
.

switch igmp-snooping lmqt Value


Last Member Query Time, ..
,
, Multicast-
IGMP leave.
Ethernet , MAC-
, .
switch igmp-snooping gmi Value

Group Membership Interval,


.. , ,
( IGMP report
).
Copyright 2004-2011 by InfiNet Wireless

91

InfiNet Wireless

WANFleX

switch igmp-snooping static-add MCAST IF_NAME [MAC]


Multicast-.

switch igmp-snooping static-del MCAST IF_NAME [MAC]


Multicast-.

switch igmp-snooping srcip IP


IP- IGMP
Report IP-, IP .

switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]


{start|stop|clear}
/ (start/stop) Querier,
Multicast-
IGMP Snooping.
:

group N
IGMP Snooping.

source X Multicast-.

mcast X Multicast .

vlan N Multicast-
Vlan.

clear IGMP Querier.


switch list VGROUP numrange add 10 20-30 40
switch list ALL_VLAN numrange add 0-4095
switch group 5 add eth0 rf5.0
switch group 5 rule 10 vlan VGROUP permit
switch group 5 deny
switch group 5 start
switch group 15 add eth0 rf5.0
switch group 15 rule 10 vlan VGROUP deny
switch group 15 rule 11 vlan ALL_VLAN permit
switch group 15 deny
switch group 15 start
Copyright 2004-2011 by InfiNet Wireless

92

InfiNet Wireless

WANFleX

switch group 25 add eth0 rf5.0


switch group 25 rule 10 vlan ALL_VLAN deny
switch group 25 permit
switch group 25 start
switch admin-group 25
switch start
. 5
c VLAN 10, 20-30 40. 15
VLAN , 5. 25
VLAN . , 25
.

11. CES
Infinet Wireless,
IDU-5000-E1SCR, IDU-5000-E1RJ.
ces TDM
(CES-), WANFleX
CES-over-WLAN.

CES-over-WLAN
( TDM ):
CES- (Master) Infinet Wireless, TDM
, TDM,
Ethernet, ,
, ,
.
CES- (Slave),
TDM .
Infinet Wireless CES-over-WLAN
CES-,

.
, -CES
.
,
CES, ,
CES.
CES ,
.

!!! CES- Single Clock Domain.


, CES, TDM ,
.
:
ces start
ces stop
Copyright 2004-2011 by InfiNet Wireless

93

InfiNet Wireless

WANFleX

ces clear
ces unit <addr>
ces mode (e1|t1) (line|internal|loopback|recovery)
ces ports <list>
ces frames <N>
ces maxjitter <N>
ces adjust (now|auto [clear]) <list>
ces stat [clear]
ces stat delay [clear]
ces eth media <MediaType>
ces eth bwlimit <Kbps>
ces eth stat [full] [clear]
MediaType: 100BaseTX-fullduplex, 100BaseTX-halfduplex,
10BaseT-fullduplex, 10BaseT-halfduplex, auto
ces start - , CES-.
, TDM .
ces stop - , CES-.
ces clear - ces.
ces unit <addr> - IP CES-,
/24.
CES-. :
169.254.1.100 - , 169.254.1.0/24
CES-.
ces mode (e1|t1) (line|internal|loopback|recovery) -
CES-. - , E1
T1, - : line -
0 , internal
, loopback -
,
recovery CES-over-WLAN .
ces ports <list> -
.
ces frames <N> - TDM CES-over-WLAN .
,
. : E1 - 1 25,
26 44, T1 - 1 33,
34 60.
ces maxjitter <N> -
. : 1 200,
frames 8.
ces adjust (now|auto [clear]) <list> -
. now
, auto -
, auto clear
. <list> :
<>[/], - ( , )
, , (:
Copyright 2004-2011 by InfiNet Wireless

94

InfiNet Wireless

WANFleX

45%)
maxjitter,
.
- 50%.
:
ces adjust auto 0/1.5 1/15% 2/15
- 0, 1 2.
0,
1.5 , 1
15 , 2 -
15 .
ces stat [clear] - ces.
clear .
ces eth media <MediaType> -
LAN IDU. <MediaType>: 100BaseTXfullduplex, 100BaseTX-halfduplex, 10BaseT-fullduplex, 10BaseThalfduplex, auto. : auto.
ces eth bwlimit <Kbps> -
LAN IDU. : 10-100000.
. . 0
.
ces eth stat [full] [clear] - Ethernet LAN IDU.
full .
clear .
ces multihop repeater
, ces stat delay.
ces stat:
>ces stat
unit status: slave, active
time: 00:06:42 since started, 00:00:02 since stat cleared
mode: e1 recovery
peer: 00134676EEAC
master settings:
~~~~~~~~~~~~~~~
mode: e1 loopback
jitterbuf: 40
frames: 16
datapad: 32
ports: 0
physical interface: 0 tx fifo underruns, 0 rx fifo overruns
~~~~~~~~~~~~~~~~~~
link status octets in/out frames in/out
port 0: up NoAlarm 37173184/39834496 1161662/1244828
port 1: up NoAlarm 0/39744608 0/1242019
port 2: down LossOfSignal 16632896/39654336 519778/1239198
port 3: down LossOfSignal 0/39554560 0/1236080
packet interface:
~~~~~~~~~~~~~~~~
port 0:
tx: on restarts: 0
Copyright 2004-2011 by InfiNet Wireless

95

InfiNet Wireless

WANFleX

rx: on restarts: 0
jitter buffer: 7.769 cur (0.231 dev.), 6.953 min, 8.406 max
packets: total 39523, 500 per second, 100% valid
0 R bit, 0 L bit, 0 late, 0 lost,
0 out of order, 0 underrun, 0 overrun,
0 invalid sequence, 0 duplicate, 0 malformed
port 1: disabled
port 2: disabled
port 3: disabled
, unit status - CES-. : slave/master
- CES-. Slave - recovery,
master - recovery.
time - ces start,
.
mode - ces mode.
peer Mac- , CESover-WLAN.
master settings - slave,
CES-Master-.
, Slave.
physical interface E1/T1 .
packet interface - CES-over-WLAN
E1/T1 . , (rx) (tx)
(, off - /) ,
tx rx .
jitter buffer - .
7.769
, (8)
0.231 .
- 6.953 , - 8.406
.
packets - 39523 CES-over-WLAN ,
- 500 . 100% valid , 500 .
R bit - R
CESoPSN
L bit - L
CESoPSN
late - ,

lost -
out of order - ,
underrun - ,

overrun - ,

invalid sequence - ,

duplicate -

Copyright 2004-2011 by InfiNet Wireless

96

InfiNet Wireless

WANFleX

malformed - ,

ces stat delay [clear] - CES


ODU. clear
.
CES multihop repeater (CES )
CES .
Infinet Wireless 4 E1/T1 :
Master Device:
rf rf5.0 freq 5200 bitr 36000 sid 10101010 txpwr 18
mint rf5.0 start
ces ports 0 1 2 3
ces start

Slave Device:
rf rf5.0 freq 5200 bitr 36000 sid 10101010 txpwr 18
mint rf5.0 start
ces mode e1 recovery
ces start
Master ,
sid. MINT. .
CES-over-WLAN, :
e1, loopback.
Slave , sid.
MINT. e1, recovery.
( ces adjust)
Master. CES-over-WLAN.

12. WiFi ( Wi-Fi AP)


Wi-Fi.
:
wifi IFNAME [options] [command]
where IFNAME are WiFi Interface name (for example, wifi0)
where options are:
-name <"string">

- Set optional interface name

-ssid <"string">

- Define Service Set Identification

-freq <frequency>
- Set center frequency (MHz; see "wifi IFNANE cap"
for a list of supported frequencies)
-power <power>
of supported values)

- Set Tx power (mW; see "wifi IFNANE cap" for a list

-antenna <antenna>
antenna types)

- Select antenna (see "licence --show" for allowed

Copyright 2004-2011 by InfiNet Wireless

97

InfiNet Wireless

WANFleX

-pass <key>
[ascii|hex:]<string>.

- Set authentication key. Key format:

-auth <type>
for supported auth types)

- Select authentication type (see "wifi IFNANE cap"

-wpa-encrypt <type> - Select WPA encryption type (see "wifi IFNANE cap"
for supported encryption types; different encryption types can be combined with
comma as delimeter)
-auth-server <address> - Set authentication server address. Use
<host>[:<port>],<secret> format for the address.
-acct-server <address> - Set accounting server address. Use
host>[:<port>],<secret> format for the address.
-debug-radius on|off

- Enable/disable RADIUS conversation debugging.

-hidden on|off

- Enable/disable hidden AP mode

-wme on|off

- Enable/disable Wireless Multimedia Extensions

(QoS)
-isolation on|off

- Enable/disable client staions isolation

-rsn-preauth on|off

- Enable/disable RSN/WPA2 pre-authentication

-mcast-rate <rate>

- Set multicast packets bitrate

-acct-interval <iterval> - Set interim accounting update interval in seconds


where commands are:
cap

- Show IF capability

status

- Show status of IF

stations

- Show associated stations list

:
Wi-Fi
ifconfig -a (, wifi0).

Wi-Fi AP ifc <Wi-Fi


interface name> up.

-name <"string"> - NAS-


Radius.

-ssid <"string"> - ,
(Service Set Identity), string -
.
-freq <frequency> - .
wifi IFNAME
cap.
-power <power> - AP .

wifi IFNAME cap.
-antenna <antenna> - Wi-Fi AP.
diversity ,
Copyright 2004-2011 by InfiNet Wireless

98

InfiNet Wireless

WANFleX

(
).
li --show.
-auth <type> -
AP.
wifi IFNAME cap.
-pass <key> -

AP.

key:
[ascii|hex:]<string>, ascii|hex
, <string> - .
-wpa-encrypt <type> - WPA.
wifi IFNAME cap.
type
.
-auth-server <address> - Radius
. address: <host>[:<port>],<secret>,
<host>[:<port>] IP- , <secret>
.
-acct-server <address> - Radius

().

address:
<host>[:<port>],<secret>, <host>[:<port>] IP-
, <secret> .
-debug-radius on|off /
Radius .
-hidden on|off / AP.
AP
.
-wme on|off - / QoS 802.11e.
-isolation on|off / AP
(
).
-rsn-preauth on|off - /
(quick roaming) 802.11r.
-mcast-rate <rate> - ,
multicast
-acct-interval <iterval> - ,
Radius
.
cap AP.
status AP.
stations - AP:
stations:

Copyright 2004-2011 by InfiNet Wireless

99

InfiNet Wireless

WANFleX

:
#WiFI remote AP configuration
wifi wifi0 -ssid "IW"
wifi wifi0 -freq 2432
wifi wifi0 -power 63
wifi wifi0 -antenna "diversity"
wifi wifi0 -auth "WPA-PSK"
wifi wifi0 -pass "SecretHotspot"
wifi wifi0 -wpa-encrypt "RC4"
wifi wifi0 -syslog on

13. DFS ( )

( ) .

DFS

:
dfs "interface_name" (dfsradar | dfsonly | dfsoff)
dfs "interface_name" freq { all |"frequency_list"}
dfs "interface_name" cot hh:mm
dfs "interface_name" scansec <seconds>

:
- dfs "interface_name" dfsonly DFS .
DFS
.
DFS
(density), ,

. .
- dfs "interface_name" dfsradar DFS
. DFS

( ).
Copyright 2004-2011 by InfiNet Wireless

100

InfiNet Wireless

WANFleX

- dfs "interface_name" dfsoff DFS .


- dfs "interface_name" freq {all |"frequency_list"}
( frequency_list),
DFS. all
DFS
.
- dfs "interface_name" cot {hh:mm | off}

.
(hh:mm). off .
- dfs "interface_name" scansec <seconds>
. : 6
.
DFS:

: (24 )

: 6

: 1

DFS Leader/Client:

DFS
Leader

,
(, ).
DFS Client ,
DFS Leader (,
). -
DFS Leader,
DFS Client. DFS Leader
,
.
DFS Leader:
1. Roaming Leader:
mint rf5.0 roaming leader

.
2. DFS ( ).
dfs rf5.0 dfsonly
DFS
DFS Client.
DFS Client:
1.
:

Roaming

Profile

mint rf5.0 profile freq auto


mint rf5.0 roaming enable

.
Copyright 2004-2011 by InfiNet Wireless

101

InfiNet Wireless

WANFleX

,
DFS Leader.

Copyright 2004-2011 by InfiNet Wireless

102

InfiNet Wireless

WANFleX

IV.
1. Ifconfig ( )
.
:
ifconfig IFNAME
[info "TEXT up to 72 chars"]
[address[/netmask] [ [delete | -alias] [ up ] [ down ]
[mtu N]
[link0 | link1 | link2]
[media MediaType]]
[vlan TAG [-]vlandev IFParent]
ifconfig a
MediaType:
1000BaseFX-fullduplex, 1000BaseFX-halfduplex,
1000BaseTX-fullduplex, 1000BaseTX-halfduplex,
100BaseTX-fullduplex, 100BaseTX-halfduplex,
10BaseT-fullduplex, 10BaseT-halfduplex,
auto
:

IFNAME - (
, ifconfig -a netstat -i)

info: 72 .

address IP-; IP-/


IP-: IP-.

:
ifconfig eth0 192.168.1.1/26
ifconfig eth0 192.168.1.1:255.255.255.192
ifconfig eth0 192.168.1.1

delete| -alias: alias ,

IP-.
IP-, ,
(primary), (alias).
, :

ifconfig eth0 193.124.189.1/27 up


ifconfig eth0 10.0.0.1 alias
eth0 .
delete
-alias, IP-, .

Copyright 2004-2011 by InfiNet Wireless

103

InfiNet Wireless

WANFleX

ifconfig eth0 delete CES


( ) .
.

:
ifconfig eth0 193.124.189.1/27 alias
[-]alias IP-, ..
, ,
alias-.
(primary) IP-,
IP- (alias).

up,
.

down

:
o

lo0 down


(
up).

:
ifconfig eth0 up
ifconfig eth0 1.1.1.1/24 up
ifconfig rf5.0 down

mtu N MTU (Maximum Transfer


Unit) , .
, ,
, MTU
. ,

.

MTU .

media Ethernet
(ethX) 10/100/1000. (

):
1000BaseFX-fullduplex,
1000BaseFXhalfduplex,
1000BaseTX-fullduplex,
1000BaseTX-halfduplex,
100BaseTX-fullduplex, 100BaseTX-halfduplex, 10BaseT-fullduplex,
10BaseT-halfduplex, auto. : auto.

vlanX (VLAN IEEE 802.1q)


vlan vlandev.
vlan VLAN (1-4094).
vlandev
.
Copyright 2004-2011 by InfiNet Wireless

104

InfiNet Wireless

WANFleX

:
ifconfig vlan1 1.1.1.1/24 vlan 5 vlandev eth0 up

ifconfig vlan1 1.1.1.1/24 up


ifconfig vlan1 vlan 5 vlandev eth0
ifconfig vlan1 -vlandev eth0

vlan1 eth0.
vlanX (vlan vlandev)
, ,
IP-.
vlanX, ,
, (ethX)
(up).

vlanX IEEE 802.1Q-in-Q.


IEEE 802.1Q-in-Q VLAN ID
IEEE 802.1Q ,

() VLAN.

VLAN-

IEEE 802.1Q-in-Q VLAN


link0 ifconfig.

VLAN ID IEEE 802.1Q-in-Q
, ,
IEEE 802.1Q
VLAN ID .
:
ifc vlan2 1.1.1.1/24 up
ifc vlan2 vlan 2 vlandev eth0 link0

ifconfig
,
.
ifconfig a.

2. Tun
.
:
tun N src ADDR dst ADDR [mtu N] [[-]df] \ clear
:
-
.

Copyright 2004-2011 by InfiNet Wireless

105

InfiNet Wireless

WANFleX


" " (VPN), ,
, ,
,
, , , .
,
,
.



.

,
.
.
OS WANFleX - IP Encapsulation within IP,
c RFC2003.
Cisco
IPSEC
.
, P2P
.
, , IP

.
4 :
P2P
P2P
,
Copyright 2004-2011 by InfiNet Wireless

106

InfiNet Wireless

WANFleX

,
P2P ifconfig
tunN:
ifconfig tun0 1.1.1.1 1.1.1.2
tun:
tun 0 src 195.23.23.23 dst 194.34.34.34
1.1.1.1 -> 1.1.1.2
IP-
194.34.34.34
, 194.34.34.34
- , .
,
(route add)

RIP.
, ,
.,
.

:
tunX: looping...
195.23.23.23
195.23.23.23

P2P .
P2P
:
ifconfig tun0 1.1.1.2 1.1.1.1
tun 0 src 194.34.34.34 dst 195.23.23.23
Cisco,
:
interface Tunnel0
ip address 1.1.1.2 255.255.255.252
tunnel source 195.34.34.34
tunnel destination 195.23.23.23
tunnel mode ipip
!
MTU (Maximum Transfer Unit) - 1480,
mtu N tun.
N
:

tun N clear
-df DF (Don`t
Fragment) IP , .

3. Qm ( Quality-of-Service)
QoS .

Copyright 2004-2011 by InfiNet Wireless

107

InfiNet Wireless

WANFleX

:
qm option {[-]rtp [-]dot1p [-]tos [-]icmp [-]tcpack [-]strict}
qm classN {[max=N] [ceil=N] [ceilprio=N] [parent=N]} | {clear}
qm chN [max=N[%]|0] [[ceil=N[%]|0] [ceilprio=N|0] [latency=N|0] [pri=P]
[[no]strict]]
[pps=N|0]
[to=addr]
[vlan=N|-1]
[dscp=N|-1]
[dot1p=N|-1] [classL] / clear
qm stat [full] [clear]
del RULE_NUMBER
mov RULE_A RULE_B
rearrange [N]
qm add[out] [num] [ifname] chN [pass] rule...

QoS
, .

:
(200) ,
.
, , ,
, ,

.
, ,
.
"qm classN max=N"
( /).

. : "qm classL clear".
,

(parent)


. [ceil=N] [ceilprio=N]
[parent=N]. [ceil=N] [ceilprio=N]
qm chN. [parent=N]
, N
.
"qm chN [max=N[%]|0] [[ceil=N[%]|0] [ceilprio=N|0]
[latency=N|0] [pri=P] [[no]strict]] [pps=N|0] [to=addr] [vlan=N|-1]
[dscp=N|-1] [dot1p=N|-1] [classL] / clear"
.
(1..200) chN.
max=N
( /). 10
100000. 0 () .
classN,
N.
: ,
N, ,
, .
, ,
.

Copyright 2004-2011 by InfiNet Wireless

108

InfiNet Wireless

WANFleX

: H02
, ,

.
max=N
, (max=50%).
ceil=N[%] ,
, .
, ,
,
N.
.
0.
ceilprio=N ,

,
. -
. 17
0 () 16 ().
0, ..
.
latency=N
.
, . .
0.
pri=P
(016). .
: -1
, -2
, .
[no]strict] Qm option.
pps=N
.
0.
to=ADDR ,
. ADDR

).
, ,
,
.
vlan=N, dot1p=N, dscp=N
DSCP / 802.1p. -1 :
DSCP ( 0-63) .
802.1p ( 0-7) , VLAN ID
, VLAN.
Vlan ID ( 0-4095)
VLAN 802.1p.
clear .
,
: ,
, .
vlan dot1p, vlan, dot1p.
Copyright 2004-2011 by InfiNet Wireless

109

InfiNet Wireless

WANFleX

,
"=".

qm stat [full] [clear]


( ):
qm ch1 max=128 cur=127 packets=12345 (1234) bytes=1234567 (12345)
.
full .
clear .
qm stat
(PPS),
(qm chN pps=N).

"qm add [ifname] chN [pass] rule..."


, "rule"
N. ,
out (qm addout ).
num
.

,
(ifname).
pass
. , ,
ipfw.
"qm del RULE_NUMBER" .
"qm mov RULE_A RULE_B" A
B.
"qm rearrange [N]"
N ( 5).

config show.
, ,
, ,
,
, .
,
.

qm
MINT.


qm/ipfw, tos dscp.

qm ch1 pri=6
qm add ch1 all from x/x to y/y
qm add ch1 dscp=31 all from a to b
qm add ch1 dscp=42
(016).

Copyright 2004-2011 by InfiNet Wireless

110

InfiNet Wireless

WANFleX


:
QM_PRIO_NETCRIT

QM_PRIO_VOICE

QM_PRIO_RT1

QM_PRIO_VIDEO

QM_PRIO_RT2

QM_PRIO_QOS1

QM_PRIO_QOS2

QM_PRIO_QOS3

QM_PRIO_QOS4

QM_PRIO_BUSINESS1

QM_PRIO_BUSINESS2

10

QM_PRIO_BUSINESS3

11

QM_PRIO_BUSINESS4

12

QM_PRIO_BUSINESS5

13

QM_PRIO_BUSINESS6

14

QM_PRIO_BUSINESS7

15

QM_PRIO_BUSINESS8

16

MINT.

1 2 .
, ,
best effort.
Qm option:
qm option {[-]rtp [-]dot1p [-]tos [-]icmp [-]tcpack [-]strict}


. [-]rtp [-]dot1p []tos
[-]icmp
[-]tcpack

/

, IEEE 802.1p (
MINT IEEE 802.1p
), TOS, ICMP (Internet Control
Message Protocol), TCP ACK .

[-]strict ,
Strict Priority (..
).
( ) Weighted Fair Queuing
(..

).
, 4 1 1
2, 8 1 1
3).

MINT IEEE 802.1p:


MINT
IEEE 802.1p
QM_PRIO_BUSINESS8 0 BE Best Effort
Copyright 2004-2011 by InfiNet Wireless

111

InfiNet Wireless

WANFleX



QM_PRIO_BUSINESS1
QM_PRIO_QOS3
QM_PRIO_VIDEO
QM_PRIO_VOICE
QM_PRIO_NETCRIT

1 BK Background
2 Spare
3 EE Excellent Effort
4 CL Controlled Load
5 VI Video
6 VO Voice
7 NC Network Control

,
IEEE 802.1p.
IEEE 802.1p 6 VO Voice.
QM_PRIO_VOICE ,
.

: MINT
, pri=N.
DSCP MINT
.
802.1p
.
, MINT
dot1p dscp, .
QoS
"" (. ).
:
qm ch1 max=64
qm add eth0 ch1 all from 0/0 to 0/0

64 /.
qm ch1 pri=5
qm add ch1 all from 1.1.1.0/24 to 0/0
qm add ch1 all from 0/0 to 1.1.1.0/24
1.1.1.0/24
.
qm ch1 pri=5
qm ch2 pri=10
qm add ch2 all from 1.1.1.0/24 to 0/0
qm add ch2 all from 0/0 to 1.1.1.0/24
qm add ch1 all from 0/0 to 0/0
1.1.1.0/24
. .
, ,
.
qm ch1 to=10.10.10.10
qm ch2 to=20.20.20.20
Copyright 2004-2011 by InfiNet Wireless

112

InfiNet Wireless

WANFleX

qm add ch1 all from 1.1.1.0/24 to 0/0


qm add ch2 all from 2.2.2.0/24 to 0/0
1.1.1.0/24 10.10.10.10,
2.2.2.0/24
20.20.20.20.
,
,
,
.
qm option voice tos

TOS.
:
1 DSCP 802.1p
qm ch1 dscp=0 dot1p=-1
2 QM_PRIO_BUSINESS1 DSCP
31
qm ch2 pri=9 dscp=31
3 QM_PRIO_VIDEO DSCP 11
qm ch3 pri=3 dscp=11
4 QM_PRIO_BUSINESS8 DSCP
51
qm ch4 pri=16 dscp=51
1,
qm add ch1 pass all from 0/0 to 0/0
2
qm add ch2 tcp from X.X.X.0/24 to 0/0
3
qm add ch3 udp from X.X.X.0/24 PORT to 0/0

-
4
qm add ch4 all from 0/0 to 0/0
25 802.1p . VLAN
,
qm ch25 dot1p=5
26 802.1p VLAN ID. VLAN
,
qm ch26 vlan=7 dot1p=4
, MINT eth0
DSCP 11, 25
qm addout eth0 ch25 dscp11 from 0/0 to 0/0

Copyright 2004-2011 by InfiNet Wireless

113

InfiNet Wireless

WANFleX

, MINT eth0
DSCP 13, 26
qm addout eth0 ch26 dscp13 from 0/0 to 0/0
:

Class 1

Class 2

Ch 1

Class 3

Ch 2

Ch 3

Ch 4

qm class1 max=1000
qm class2 max=600 ceil=1000
qm class3 max=300 ceil=1000 ceilprio=1
qm ch1 max=200 ceil=1000 class2
qm ch2 max=400 ceil=1000 class2
qm ch3 max=100 ceil=300 class3
qm ch4 max=200 ceil=300 class3
(. ),
(Ch1 Ch2), Class2,
class1 - 1000 /,
(Ch3 Ch4), .. Class2 , Class3.

4. Route ( )
.
:
route add [metric XX] [-}
route delete []
:
route
.
,
, ,
, .

add -

delete -

-
Copyright 2004-2011 by InfiNet Wireless

114

InfiNet Wireless

WANFleX

metric - [0-15], RIP (


- 0)

.
,

_/___
_: _ default.
:
route add default 195.38.44.129
route add 193.124.189.0/27 195.38.44.108
route add 193.124.189.0:255.255.255.224 195.38.44.108.

route
add

"". ,

route delete,
,
,
(gateway).
,
( ).

5. ARIP

ARIP

RIP.

RIP (Routing
Information Protocol) - RIP-1 RIP-2.
arip.

.
ARIP (),
:
#1>arip
RIP>
, ,
,
.
. ?:
RIP>?
configure Configuration from vty interface
end
exit

End current mode and change to root mode (CTRL+C).


Back to WANFlex command shell (CTRL+D).
Copyright 2004-2011 by InfiNet Wireless

115

InfiNet Wireless

WANFleX

help
show

Print command list


Show running system information

RIP>
.
RIP()#. ,
configure, config:
RIP> configure
RIP(config)#
.

configure
RIP>

end(Ctrl+C)
RIP(config)#

router
RIP(config-router)#
interface
RIP(config-if)#
route-map
RIP(config-route-map)#

RIP
. ,
:
#1> arip configure
#1> arip router
#1> arip
RIP(config-router)#
( ) arip
.
,
:

Help -

End

Exit WANFlex

,
.
WANFlex
superuser. ,

(, telnet) .
, ,
5- .
,
"?". :
RIP> config
Copyright 2004-2011 by InfiNet Wireless

116

InfiNet Wireless

WANFleX

RIP(config)#?
access-list Add an access list entry
clear

Reset functions

end

End current mode and change to root mode (CTRL+C).

exit

Back to WANFlex command shell (CTRL+D).

help

Print command list

interface

Select an interface to configure

key

Authentication key management

no

Negate a command or set its defaults

prefix-list Build a prefix list


route-map

Create route-map or enter route-map command mode

router

Enable a routing process

show

Show running system information

stop

stop

RIP(config)# interface?
IFNAME Interface's name
RIP(config)# interface eth0
RIP(config-if)#?
authentication Authentication control
description
end

Interface specific description


End current mode and change to root mode (CTRL+C).

exit

Back to WANFlex command shell (CTRL+D).

help

Print command list

no

Negate a command or set its defaults

receive

Advertisement reception

send

Advertisement transmission

show

Show running system information

split-horizon Perform split horizon


RIP(config-if)#
exit ( Ctrl+D)
.
.
.
( help) :

A.B.C.D -
192.168.0.15

IP .

WORD

<1-N> -
1 N

A.B.C.D/M IP /
0 32. : 192.168.0.0/24

IFNAME . : eth0
Copyright 2004-2011 by InfiNet Wireless

117

InfiNet Wireless

WANFleX

,
, |.
: (A.B.C.D|<0-4294967295>).
, -
,
[].
no.
()
.

/ RIP .
RIP WANFleX:
arip start
config:
stop (daemon|clear)
:
>arip
RIP> configure
RIP(config)# stop daemon
clear, RIP
.



.
(access-list)
(prefix-list)
.
IP ( ) deny ()
permit (). <> <
>.
(IP , ..).
,

,
.
(deny permit).
RIP :
. 1-99 1300-1999
.
. 100-199 2000-2699

(, ).
. ,
, . , ()
<>/< >

Copyright 2004-2011 by InfiNet Wireless

118

InfiNet Wireless

WANFleX

RIP
config:
1.
accesslist

(<1-99>|<1300-1999>) (deny|permit) A.B.C.D


A.B.C.D

.
() .
,
. , IP
192.168.12.0 192.168.12.255, 192.168.12.0,
0.0.0.255.
(0.0.0.0 255.255.255.255) any.
, :
RIP(config)# access-list 1 permit 0.0.0.0 255.255.255.255
:
RIP(config)# access-list 1 permit any
, ,
, host.

, :
RIP(config)# access-list 1 permit 192.168.12.150 0.0.0.0
:
RIP(config)# access-list 1 permit host 192.168.12.150
2.

access- (<100-199>|<2000-2699>) (deny|permit) ip


list

3.
accesslist

A.B.C.D
A.B.C.D

A.B.C.D
A.B.C.D

WORD

(deny|permit)

A.B.C.D/M [exact-match]

<>/< >. , IP
192.168.12.0 192.168.12.255,
192.168.12.0/24. (0.0.0.0/0)
any. :
RIP(config)# access-list TestList1 deny 192.168.1.0/24
RIP(config)# access-list TestList1 permit any

. ..

.
Copyright 2004-2011 by InfiNet Wireless

119

InfiNet Wireless

WANFleX

,
()
. ,
,
.
. ..

.
prefix-list

WORD

[seq <1-4294967295>]

(deny|permit)

A.B.C.D/M

[ge <0-32>] [le <0-32>]

,
5
. ..
, , .

RIP
RIP
.
. ,
,
RIP. config-router :
network A.B.C.D/M
C IP .
.
config-router :
network WORD
WORD .
:
RIP>configure
RIP(config)# router
RIP(config-router)# network 4.7.8.0/24
RIP(config-router)# network rf5.0
RIP(config-router)#

RIP :
no network A.B.C.D/M
no network WORD

.
config-router:
neighbor a.b.c.d
a.b.c.d -. :
no neighbor a.b.c.d
Copyright 2004-2011 by InfiNet Wireless

120

InfiNet Wireless

WANFleX


config-router :
redistribute (kernel|connected|static|ospf) [metric <0-16777214>]
[route-map WORD]
,

config-router:
distribute-list WORD direct ifname
WORD .
. direct out
in. in
.
eth0 ,
10.0.0.0/8:
RIP(config-router)# distribute-list private in eth0
RIP(config-router)# access-list private permit 10 10.0.0.0/8
RIP(config-router)# access-list private deny any

config-router:
default-metric <0-16>
, 1.
redistribute kernel RIP
default route ( = 0.0.0.0/0),

. ,
default route configrouter:
default-information originate
default route :
no default-information originate


ip- config-if:
split-horizon [poisoned-reverse]

, ,

.
poisoned-reverse


, ,
.
16.
poisoned-reverse
.

Copyright 2004-2011 by InfiNet Wireless

121

InfiNet Wireless

WANFleX

:
no split-horizon

(route-map)
,
(route-map).
-.

, ,
( /
),
(, ) (
).
.
, :
(deny),
, ,
( )
(permit),
(
/ ). , , ,
,
:
1.

on-match
next

2.

on-match goto <N> -


N, , .

config:
route-map WORD (deny|permit) <1-65535>
WORD () .

/.
, .

. :
RIP> configure
RIP(config)# route-map testmap permit 10
RIP(config-route-map)#

. config-route-map :
match address (<1-199>|<1300-2699>|WORD)
match address prefix-list WORD
match interface WORD
match next-hop (<1-199>|<1300-2699>|WORD)
match next-hop prefix-list WORD

Copyright 2004-2011 by InfiNet Wireless

122

InfiNet Wireless

WANFleX


: (destination), gateway (nexthop)
.
. ,
. match next-hop match address
( ) :
access-list prefix-list. ,

.
match interface
, .

config-route-map:
set metric <0-4294967295>


, :
on-match goto <1-65535>
on-match next
:
RIP> configure
RIP(config)# access-list AnyNetwork permit any
RIP(config)# access-list net200 permit 192.168.200.0/24
RIP(config)# route-map mapForConnected permit 10
RIP(config-route-map)# match address net200
RIP(config-route-map)# set metric 7
RIP(config-route-map)# route-map mapForConnected deny 11
RIP(config-route-map)# match address AnyNetwork
RIP(config-route-map)# router
RIP(config-router)# redistribute connected route-map mapForConnected
RIP(config-route-map)#
,
connected .
, 192.168.200.0/24,
7,
.
!!! ,
route-map, ,
route-map config-router:
route-map WORD (in|out) IFNAME
WORD road-map.

. .

RIP

Copyright 2004-2011 by InfiNet Wireless

123

InfiNet Wireless

WANFleX

.
():

.
, Internet (sniffing),
.. ,
.
.
(message-digest).
MD5.
,
.

(null-).

config-if.

1. :
authentication mode text
authentication string LINE

LINE , 16
2. :
authentication mode md5
authentication key-chain LINE
LINE MD5
, LINE,
config:
RIP(config)# key chain WORD
RIP(config-keychain)# key <0-2147483647>
RIP(config-keychain-key)# key-string LINE

WORD
<0-2147483647> -
LINE md5

.
RIP .
:
Update timer 30 . RIP
RIP
.
Timeout timer 180 .
.
, , .

Copyright 2004-2011 by InfiNet Wireless

124

InfiNet Wireless

WANFleX

Garbage collect timer 120 .



.
config-router
:
timers basic update timeout garbage
:
no timers basic

RIP
RIP
:
show access-list
.
show memory
.
show rip
RIP.
, , , , RIP.
show route

6. Rip ( )
RIP-1, RIP-2.

(Routing Information Protocol) - RIP-1 RIP-2

RIP

rip.
.
rip start|stop|restart|flush|[-]trace [LEVEL]|dump|[]ridhosts|[-]keepstatic
rip IFNAME v1 v2 [-]in [-]out [-]v1in
[-]v2out [-]ag [-]subag

[-]v1out

[-]v2in

rip IFNAME peer ADDR[/MASK | /MASKLEN] ... | del


rip [-]static NET[/MASK] GATEWAY
/ :
rip [INTERFACE] [no]export |[no]import NET[/MASK | /MASKLEN]
[exact] | all |
default [[+|]metric N] [pref N] ...
rip [INTERFACE] [no]export |[no]import NET[/MASK]|[/MASKLEN]
del

rip start
rip stop

Copyright 2004-2011 by InfiNet Wireless

125

InfiNet Wireless

WANFleX

rip restart
, , .
(config save),
.
rip flush
.
rip [-]trace [LEVEL]

LEVEL
1 -
2 - /
3 - /
4 - .
, , 4.

rip dump

rip show

rip [-]ridhosts

-,
.
c
.

rip [-]keepstatic

.

route add.
" ",
,
.
, , - ,

.
( ) ,
.
1.
,
rip export.
(rip -keepstatic),
, .
rip IFNAME v1 v2 [-]in [-]out [-]v1in [-]v1out [-]v2in [-]v2out
.
Copyright 2004-2011 by InfiNet Wireless

126

InfiNet Wireless

WANFleX


, .
RIP2 RIP1 (rip IFNAME v2 v1).
rip IFNAME [-]ag [-]subag
( ).
()
.
subag
,
.
ag,
"C".
.
,
, -
,

, .
, ,
.
,

.
, ,
,
, .
rip IFNAME peer { ADDR[/MASK] ... | clear
,
IFNAME.
,
.
,
, .
,
.
:
rip rf0 peer 10.1.2.3

10.4.5.6

192.168.1.0/16

10.1.2.3, 10.4.5.6
, 192.168.1.0/16
rip [-]static NET[/MASK] GATEWAY
3.31.
route add. rip static,
, route add.
/ :

/ .
Copyright 2004-2011 by InfiNet Wireless

127

InfiNet Wireless

WANFleX

3 :

INTERFACE "int:ADDR"
,
, ().
:
rip int:10.2.3.4 export all

INTERFACE .
,
.
:
rip eth0 export all

INTERFACE .
, .
:
rip export all
EXPORT NOEXPORT ,

.
IMPORT NOIMPORT
,
.
:

, ,
, .


, ,
.

, ,
.

, ,
.

, ,
.

-, ,
, .

, -,
.

-
,
.

Copyright 2004-2011 by InfiNet Wireless

128

InfiNet Wireless

WANFleX

/
, .

rip noexport 192.168.9.0/24


rip noexport default
rip export all
,
(default), .
rip noimport 10.0.0.0/255.0.0.0
rip import all
10.0.0.0/8,
.
:
rip noexport 192.168.9.0/24 192.168.10.0/24 192.168.20.0/24

,
:
rip import 192.168.9.0/24 metric 5
rip export 192.168.9.0/24 metric 7
,
.
rip export all +metric 2
2
.
rip import default -metric 1
,
2 13.
, ,
( ).
,
exact.
, :
rip noimport 10.0.0.0/255.0.0.0
10.0.0.0,
(10.XXX.XXX.XXX).
, :
rip noimport 10.0.0.0/255.0.0.0 exact
10.0.0.0,
.
del
.
rip noexport 192.168.9.0/24 del

Copyright 2004-2011 by InfiNet Wireless

129

InfiNet Wireless

WANFleX

7. OSPFv2 ( )

OSPF
IP.
OSPF RFC 2328.
OSPF
LinkState, :



multicast

authentication

.
OSPF (),
:
#1> ospf
OSPF>
, ,
,
.
. ?:
OSPF>?
configure Configuration from vty interface
end

End current mode and change to root mode (CTRL+C).

exit

Back to WANFlex command shell (CTRL+D).

help

Print command list

show

Show running system information

OSPF>
.
OSPF()#. ,
configure, config:
OSPF> configure
OSPF(config)#
.

Copyright 2004-2011 by InfiNet Wireless

130

InfiNet Wireless

WANFleX

configure
OSPF>

end(Ctrl+C)
OSPF(config)#

router
OSPF(config-router)#
interface
OSPF(config-if)#
route-map
OSPF(config-route-map)#

,
:

Help -

End

Exit WANFlex

,
.
WANFlex
superuser. ,

(, telnet) .
, ,
5- .
,
"?". :
OSPF> config
OSPF(config)#?
access-list Add an access list entry
clear

Reset functions

end

End current mode and change to root mode (CTRL+C).

exit

Back to WANFlex command shell (CTRL+D).

help

Print command list

interface
no

Select an interface to configure


Negate a command or set its defaults

prefix-list Build a prefix list


route-map

Create route-map or enter route-map command mode

router

Enable a routing process

show

Show running system information

stop

stop

OSPF(config)# interface?
IFNAME Interface's name
OSPF(config)# interface eth0
OSPF(config-if)#?
Copyright 2004-2011 by InfiNet Wireless

131

InfiNet Wireless

WANFleX

authentication

Enable authentication on this interface

authentication-key Authentication password (key)


cost

Interface cost

dead-interval
description

Interval after which a neighbor is declared dead


Interface specific description

end

End current mode and change to root mode (CTRL+C).

exit

Back to WANFlex command shell (CTRL+D).

hello-interval
help

Time between HELLO packets


Print command list

message-digest-key Message digest authentication password (key)


network

Network type

no

Negate a command or set its defaults

priority

Router priority

retransmit-interval Time between retransmitting lost link state


show

Show running system information

transmit-delay

Link state transmit delay

OSPF(config-if)#
exit ( Ctrl+D)
.
.
.
( help) :
A.B.C.D -
192.168.0.15

IP .

WORD
<1-N> -
1 N
A.B.C.D/M IP /
0 32. : 192.168.0.0/24
IFNAME . : eth0
,
, |.
: (A.B.C.D|<0-4294967295>).
, -
,
[].
no.
()
.

/ OSPF .
OSPF WANFlex:
ospf start
Copyright 2004-2011 by InfiNet Wireless

132

InfiNet Wireless

WANFleX

config:
stop (daemon|clear)
:
>ospf
OSPF> configure
OSPF(config)# stop daemon
clear,
.


OSPF .
32- . ,
config-router :
router-id A.B.C.D
:
OSPF>configure
OSPF(config)# router
OSPF(config-router)# ospf router-id 195.38.45.107
OSPF(config-router)#
,

( ) IP ,
OSPF.
:
no router-id

(access-list)

(prefix-list)

.
IP ( ) deny ()
permit (). <> <
>.
(IP , ..).
,

,
.
(deny permit).
OSPF :

. 1-99 1300-1999
.

Copyright 2004-2011 by InfiNet Wireless

133

InfiNet Wireless

WANFleX

. 100-199 2000-2699

(, ).

. ,
, . , ()
<>/< >

OSPF
config:
1.
accesslist

(<1-99>|<1300-1999>) (deny|permit) A.B.C.D


A.B.C.D

.
() .
,
. , IP
192.168.12.0 192.168.12.255, 192.168.12.0,
0.0.0.255.
(0.0.0.0 255.255.255.255) any.
, :
OSPF(config)# access-list 1 permit 0.0.0.0 255.255.255.255
:
OSPF(config)# access-list 1 permit any
, ,
, host.

, :
OSPF(config)# access-list 1 permit 192.168.12.150 0.0.0.0
:
OSPF(config)# access-list 1 permit host 192.168.12.150
2.

access- (<100-199>|<2000-2699>) (deny|permit) i


list
p

3.
accesslist

A.B.C.D
A.B.C.D

A.B.C.D
A.B.C.D

WORD

(deny|permit)

A.B.C.D/M [exact-match]

<>/< >. , IP
192.168.12.0 192.168.12.255,
192.168.12.0/24. (0.0.0.0/0)
any. :
Copyright 2004-2011 by InfiNet Wireless

134

InfiNet Wireless

WANFleX

OSPF(config)# access-list TestList1 deny 192.168.1.0/24


OSPF(config)# access-list TestList1 permit any

. ..

.
,
()
. ,
,
.
. ..

.
prefix-list

WORD

[seq <1-4294967295>]

(deny|permit)

A.B.C.D/M

[ge <0-32>] [le <0-32>]

,
5
. ..
, , .


OSPF
:
1. . ,
,
( ) OSPF
.
2. . ,
, .
,
WANFlex route add (kernel).
,
IP ()
(connected).
, OSPF ,
, .
config-router :
network A.B.C.D/M area (A.B.C.D|<0-4294967295>)
IP
. ,
IP , .
:
OSPF>configure
OSPF(config)# router
OSPF(config-router)# network 4.7.8.32/24 area 0.0.0.1

Copyright 2004-2011 by InfiNet Wireless

135

InfiNet Wireless

WANFleX

OSPF(config-router)# network 192.168.15.1/24 area 0


OSPF(config-router)#
IP
, OSPF
,
( ).
WANFlex ifconfig <intf> <IP/MASK>
alias up,
OSPF.
(
OSPF ) , .
point-to-point,

OSPF
point-to-point .
:
no network A.B.C.D/M area (A.B.C.D|<0-4294967295>)

.
, IP ()
. ,
. config-router
:
auto-interface IFNAME area (A.B.C.D|<0-4294967295>)
, IP (alias)
OSPF
.
() .

config-router:
no auto-interface IFNAME


config-router :
redistribute (kernel|connected|static) [metric <0-16777214>] [metric-type (1|2)]
[route-map WORD]
,
configrouter:
distribute-list WORD out (kernel|connected|static)
,
,
,
redistribute.
OSPF
1, 2 (External Type1|2).
OSPF,
. OSPF
,
default route (
Copyright 2004-2011 by InfiNet Wireless

136

InfiNet Wireless

WANFleX

). ,
1 OSPF
.

. ,
, .
2,
,
, ,
(). ,
2
,
, .

, ,
1.
WORD ,
.

(route-map).
(, gateway,
..), .
/ ,

2.
:
default-metric <0-16777214>
, 1.
redistribute kernel OSPF
default route ( = 0.0.0.0/0),

. ,
default route configrouter:
default-information originate [always]
16777214>] [route-map WORD]

[metric-type

(1|2)]

[metric

<0-

metric-type (1|2) metric <0-16777214>


redistribute.
.
always. always
default route
.
default route :
no default-information originate

, OSPF ospf
redistribute:
ospf config router summary-address A.B.C.D/M [metric M] [metric-type T]

,
summary-address,
A.B.C.D/M.
Copyright 2004-2011 by InfiNet Wireless

137

InfiNet Wireless

WANFleX


OSPF .
,
,
, :
ospf show summary-address [detail]
detail .

.

(route-map)
,
,
(route-map). .
, ,
,
( /
), (, )
( ).

. , :

(deny),
, ,
( )

(permit),
(
/ ). , , ,
,
:
1. on-match next

2. on-match goto <N> -


N, ,
.
config:
route-map WORD (deny|permit) <1-65535>
WORD () .

/.
, .

. :
OSPF> configure
OSPF(config)# route-map testmap permit 10
OSPF(config-route-map)#

Copyright 2004-2011 by InfiNet Wireless

138

InfiNet Wireless

WANFleX


. config-route-map :
match address (<1-199>|<1300-2699>|WORD)
match address prefix-list WORD
match interface WORD
match next-hop (<1-199>|<1300-2699>|WORD)
match next-hop prefix-list WORD

: (destination), gateway (nexthop)
.
. ,
. match next-hop match address
( ) :
access-list prefix-list. ,

.
match interface
, ().

/ ,
config-route-map:
set metric <0-4294967295>
set metric-type (type-1|type-2)


, :
on-match goto <1-65535>
on-match next
:
OSPF> configure
OSPF(config)# access-list AnyNetwork permit any
OSPF(config)# access-list net200 permit 192.168.200.0/24
OSPF(config)# route-map mapForConnected permit 10
OSPF(config-route-map)# match address net200
OSPF(config-route-map)# set metric 7
OSPF(config-route-map)# route-map mapForConnected deny 11
OSPF(config-route-map)# match address AnyNetwork
OSPF(config-route-map)# router
OSPF(config-router)# redistribute connected route-map mapForConnected
OSPF(config-route-map)#

, connected
2. ,
192.168.200.0/24, 7,

Copyright 2004-2011 by InfiNet Wireless

139

InfiNet Wireless

WANFleX



. OSPF

,
:
M = reference_bandwidth/bandwidth.
reference_bandwidth 100 /,
bandwidth ,
. reference_bandwidth
config-router:
auto-cost reference-bandwidth <1-4294967>
/.

, .
()
- config-if:
cost <1-65535> [A.B.C.D]
config-if

:
interface IFNAME
:
OSPF> configure
OSPF(config)# interface eth0
OSPF(config-if)# cost 4 192.168.15.1
OSPF(config-if)#
cost IP ,
( ), .
,
, -,
().

OSPF
OSPF .
, ()
, (area).
OSPF. ,

.
,
,
.
,
(ABR). ,

Copyright 2004-2011 by InfiNet Wireless

140

InfiNet Wireless

WANFleX

( redistribute),
OSPF (ASBR).

area-id.
area-id OSPF
(backbone).
OSPF


.
(non-backbone) .
(contiguous),


.

ABR
OSPF ABR:
1. cisco ABR,

- .
( ).
2. ibm cisco,

3. standard

4. shortcut standard,

,
( )
cisco ibm RFC3509.
shortcut ABR ,
,
,
(
). shortcut
ospf-shortcut-abr-02.txt.
ABR config-router:
abr-type (cisco|ibm|shortcut|standard)
( )
config-router:
area (A.B.C.D|<0-4294967295>) shortcut (default|enable|disable)

ABR- shortcut
:
Default
, ABR
.
Enable ,
.
Disable shortcut-ABR
.


.
, ABR ABR
Copyright 2004-2011 by InfiNet Wireless

141

InfiNet Wireless

WANFleX

,
( ) .
OSPF ABR
. , ABR default gateway,
.
config-router :
area (A.B.C.D|<0-4294967295>) stub [no-summary]
no-summary ,
,
.. ABR .
.
,
,
, .

.
, OSPF , (area 0)
. .

. , ABR
.
.
ABR (
)
. config-router :
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D

(A.B.C.D|<0-4294967295>) ,
,

A.B.C.D ABR (router-id),


.
. :

Router 192.168.152.45:
OSPF> configure
OSPF(config)# router
OSPF(config-router)# area 0.0.0.1 virtual-link 192.168.78.12
Router 192.168.78.12:
OSPF> configure
OSPF(config)# router
OSPF(config-router)# area 0.0.0.1 virtual-link 192.168.152.45
,
point-to-point, ABR ,
.
.


, ABR
() .
ABR
().
Copyright 2004-2011 by InfiNet Wireless

142

InfiNet Wireless

WANFleX

config-router :
area (A.B.C.D|<0-4294967295>) export-list NAME
area (A.B.C.D|<0-4294967295>) filter-list prefix WORD (in|out)
area (A.B.C.D|<0-4294967295>) import-list NAME

NAME (access-list),
WORD (in|out) (prefix-list)
(in , out ).
,
ABR, .

.
, OSPF ,

.

. ,
ABR ( )

,
,
. ,
,
.
() ,
( ) , ,
, (
).
, ,
:

(R)

(not-advertise)

() (C )

(Rs)

,
C Rs. R,
R ( Rs,
) ( C,
).

config-router.
R
not-advertise:
area (A.B.C.D|<0-4294967295>) range A.B.C.D/M [not-advertise]
R
C:
area (A.B.C.D|<0-4294967295>) range A.B.C.D/M [cost <0-16777215>]

Rs R:

Copyright 2004-2011 by InfiNet Wireless

143

InfiNet Wireless

WANFleX

area (A.B.C.D|<0-4294967295>) range A.B.C.D/M substitute A.B.C.D/M

.
,
,
,
. ,
, ,
-, OSPF (
).
.
( ) OSPF
, IP
,
.
,
().
:

hello-interval

dead-interval

, hello-interval 10 , dead-interval 40
. -
config-if :
dead-interval <1-65535> [A.B.C.D]
hello-interval <1-65535> [A.B.C.D]
.
IP ,
. ,
,
,
,
. ,
,
.
, ,
, (DR)
. ,

. ,

IP .

config-if :
priority <0-255> [A.B.C.D]
,
,
. ,
.
,
.
OSPF ,
.

Copyright 2004-2011 by InfiNet Wireless

144

InfiNet Wireless

WANFleX

. , .

,
(Backup).
,
.
, .

master-slave, IP .
.
,

(retransmit).
OSPF
/
. config-if
retransmit-interval <3-65535> [A.B.C.D]
,
.
:

(
)

.

,

, ,
.
.
.
/
config-if:
transmit-delay <1-65535> [A.B.C.D]
,

, .. (
) . 1800
(), config-router:
refresh timer <10-1800>
, OSPF
.
,
-. ,
. ,

.
() config-router:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D

(hello-interval|

<1-65535>

retransmit-interval|
transmit-delay|

Copyright 2004-2011 by InfiNet Wireless

145

InfiNet Wireless

WANFleX
dead-interval)

.

OSPF
.
():

. ,
, 64-
OSPF.
64- .
,
Internet (sniffing), ..
,
.

.
OSPF
(message-digest), OSPF.
MD5.
(one-way)
OSPF .
,


(null- ).

( , ) /
- , .
1.
config-if
:
authentication-key AUTH_KEY [A.B.C.D]

AUTH_KEY , IP

2. :
message-digest-key <1-255> md5 KEY [A.B.C.D]
KEY MD5, IP
. <1-255> -
. ..
255 .

.
, .
.. ,


MD5 (
255) , .

Copyright 2004-2011 by InfiNet Wireless

146

InfiNet Wireless

WANFleX

, ()
config-if:

authentication [(null|message-digest)] [A.B.C.D]


. null IP

.

(
)
.



config-router:
:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D authentication-key
AUTH_KEY
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D message-digest-key <1255> md5 KEY
:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D (authentication|) (messagedigest|null)
,
, OSPF.
,
, .
.., ,
null, . ,
, ,
(),
config-router:
area (A.B.C.D|<0-4294967295>) authentication [message-digest]
message-digest ,
.
,
, ,
() . ,
,
.
configrouter:
no area (A.B.C.D|<0-4294967295>) authentication



. ,

show running-config
Copyright 2004-2011 by InfiNet Wireless

147

InfiNet Wireless

WANFleX

.
,
.
:
OSPF> show running-config
Current configuration:
interface eth0
interface eth1
interface lo0
interface null0
interface tun0
network point-to-point
router
router-id 195.38.45.107
network 1.1.1.1/32 area 0.0.0.0
network 4.7.8.0/24 area 0.0.0.1
network 192.168.15.1/24 area 0.0.0.1
network 195.38.45.107/26 area 0.0.0.0
area 0.0.0.1 virtual-link 192.168.151.10
end
OSPF>


show neighbor [A.B.C.D] [detail]
IP
(),
. ,
.
:
OSPF> show neighbor
Neighbor ID
9.1.1.8

Pri State

Dead Time Address

1 Full/DROther

192.168.151.1
eth1:192.168.15.1

192.168.45.116
1
eth0:192.168.45.107
192.168.151.10

00:00:32

1.1.1.2

Full/DR

tun0:1.1.1.1

00:00:32

Full/DR

1 Full/DROther

Interface

00:00:32
00:00:39

192.168.15.10
192.168.45.116

192.168.151.10 VLINK0

OSPF>
:

Copyright 2004-2011 by InfiNet Wireless

148

InfiNet Wireless

WANFleX

Neighbor ID

Pri

State /.
:
o
Init. Hello
,
(. ., Hello
).
o
2-Way. ,
Hello.
.
o
ExStart. ,
/.
o
Exchange.
,
.
o
Loading.
,
( ) Exchange.
.. .
o
Full.

.
:

o DR

o Backup .
o DROther (
)

Dead Time
.

Address IP

Interface ()
.
detail,
, .


show database

(LSA).
show database (asbr-summary|external|network|router|summary) [A.B.C.D]

[adv-router A.B.C.D]

,


.

.
Copyright 2004-2011 by InfiNet Wireless

149

InfiNet Wireless

WANFleX

, ,
,
192.168.45.107:
OSPF> show database network adv-router 192.168.45.107
OSPF Router with ID (192.168.151.10)
Net Link States (Area 0.0.0.0)
Net Link States (Area 0.0.0.1)
LS age: 473
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
LS Type: network-LSA
Link State ID: 192.168.15.1 (address of Designated Router)
Advertising Router: 192.168.45.107
LS Seq Number: 80000001
Checksum: 0x9148
Length: 32
Network Mask: /24
Attached Router: 192.168.45.107
Attached Router: 192.168.151.1
Net Link States (Area 0.0.0.2)
OSPF>


show access-list [(<1-99>|<100-199>|<1300-1999>|<2000-2699>|WORD)]
.
,
. :
OSPF> show access-list
IP access list any_network
permit any
IP access list net200
permit 192.168.200.0/24
:
show prefix-list
show prefix-list WORD


show route
,
. :

Copyright 2004-2011 by InfiNet Wireless

150

InfiNet Wireless

WANFleX

OSPF> show route


============ OSPF network routing table ============
N IA 1.1.1.1/32

[3] area: 0.0.0.1


via 192.168.15.1, eth0

N IA 1.1.1.2/32

[2] area: 0.0.0.1


via 192.168.15.1, eth0

4.7.8.0/24

[2] area: 0.0.0.1


via 192.168.15.1, eth0

N IA 9.1.1.0/24

[12] area: 0.0.0.1


via 192.168.15.1, eth0

N IA 192.168.0.0/24

[3] area: 0.0.0.1

via 192.168.15.1, eth0


N

192.168.15.0/24

[1] area: 0.0.0.1

directly attached to eth0


N IA 192.168.80.0/24

[12] area: 0.0.0.1

via 192.168.15.1, eth0


N

192.168.151.0/24

[1] area: 0.0.0.1

directly attached to eth0


N IA 192.168.152.0/24

[2] area: 0.0.0.1

via 192.168.151.10, eth0


N IA 195.38.45.64/26

[2] area: 0.0.0.1

via 192.168.15.1, eth0


============ OSPF router routing table =============
R

192.168.151.10

[1] area: 0.0.0.1, ABR, ASBR

via 192.168.151.10, eth0


R

195.38.45.107

[1] area: 0.0.0.1, ABR


via 192.168.15.1, eth0

============ OSPF external routing table ===========


N E2 192.168.200.0/24

[1/7] tag: 0

via 192.168.151.10, eth0


OSPF>
:
1.
(OSPF network routing table).
(
) OSPF . IA
, ,
, ..
(inter-area path).
,
. via -, ..
(next hop).
Copyright 2004-2011 by InfiNet Wireless

151

InfiNet Wireless

WANFleX

2.
(OSPF
router routing table).
3.
, ..
OSPF (OSPF external routing table). E2
(E1 1, E2
2.
< ,
>/< >.


show interface [INTERFACE]

, .
- ,
.
:
OSPF> show interface
VLINK0 is up
Internet Address 192.168.151.10/24, Area 0.0.0.0
Router ID 192.168.151.10, Network Type VIRTUALLINK, Cost: 2
Transmit Delay is 1 sec, State Point-To-Point, Priority 1
No designated router on this network
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Neighbor Count is 1, Adjacent neighbor count is 1
eth0 is up
Internet Address 192.168.151.10/24, Area 0.0.0.1
Router ID 192.168.151.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.151.10, Interface Address 192.168.151.10
Backup Designated
192.168.151.1

Router

(ID)

192.168.151.1,

Interface

Address

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
Neighbor Count is 1, Adjacent neighbor count is 1
Internet Address 192.168.152.1/24, Area 0.0.0.2
Router ID 192.168.151.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.151.10, Interface Address 192.168.152.1
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03

Copyright 2004-2011 by InfiNet Wireless

152

InfiNet Wireless

WANFleX

Neighbor Count is 0, Adjacent neighbor count is 0


lo0 is up
OSPF not enabled on this interface
null0 is down
OSPF not enabled on this interface
rf5.0 is up
OSPF not enabled on this interface
OSPF>

8. Netstat

:
netstat -r
netstat -i
:
netstat ,
.
-r - .

:
U -
H - . ,
.
D -
(icmp redirect)
M -
(icmp redirect)

G - . ,
, .
S - ,
route add
1 - ,
rip static
Copyright 2004-2011 by InfiNet Wireless

153

InfiNet Wireless

WANFleX

L -
( ARP )
C -
( L).
-i -
.

9. Ipfw (IP Firewall)


.


ipfirewall -
IP .
(addincoming) (addoutgoing)
. ,
. ,
.

(

,
,

).
:
( IP, TCP, UDP, ICMP, ARP)
/ ( TCP UDP)
,
TCP-.
,

IP .
MAC- .

:

Copyright 2004-2011 by InfiNet Wireless

154

InfiNet Wireless

WANFleX

() - (reject)
(accept).
,
, .

. ,
, .
(accept), , ,
. ,
, .
!
.

ipfw. ,
ipfw add reject all from 192.168.5.3 to 192.168.11.7
,
, 192.168.5.3
192.168.11.7.

,
.

ipfw - ipfirewall
:
ipfw
=================================================
list
show | reset
Copyright 2004-2011 by InfiNet Wireless

155

InfiNet Wireless

WANFleX

rearrange [N]
flush
quiet | -quiet
del num
mov num1 num2
add[out] [NUM] [IFNAME] rules...
rules: [{setpri|addpri}=[N]] accept|reject|rpfilter|pass [log]
[vlan={N|any|$ACL}] [dot1p=N] [swg=N] [ether={X|any}] [dscp=N|tos=N]
[prf]
-f "pcap filter expression"
|
PROTO from [not] ADDR [PORTs] to [not] ADDR [PORTs]
PROTO: [all] | tcp | udp | icmp | arp | proto NUMBER
ADDR: IP | $LOCAL | $ROUTE | $ACL | mac {x:x:x:x:x:x}
PORTS: NUM[:NUM] [NUM] ...

ipfw list
.
ipfw show
ipfw.
ipfw reset
c ipfw.
ipfw flush
(
) . .
ipfw add[incoming] [num] . . .
ipfw addout[going] [num] . . .

addincoming addoutgoing . add*
.
num
.

ipfw del num


.
num,
ipfw list.
ipfw mov num1 num2
num1 num2.
Copyright 2004-2011 by InfiNet Wireless

156

InfiNet Wireless

WANFleX

ipfw rearrange [N]


N ( 5).
ipfw [-]quiet
.
, ipfw quiet.
ipfw show
.
ipfw reset
.

:
[[{setpri|addpri}=[N]] accept|reject|rpfilter|pass [log]

[vlan={N|any|$ACL}] [dot1p=N] [swg=N] [ether={X|any}] [dscp=N|tos=N]


[prf]
-f "pcap filter expression"
|
PROTO from [not] ADDR [PORTs] to [not] ADDR [PORTs]
PROTO: [all] | tcp | udp | icmp | arp | proto NUMBER

:

. (..
), (..
) .
.
interface ,
.
, , eth0 rf5.0
ethernet - .
interface , ,
.
setpri|addpri /
, . setpri
.
(setpri=),
. addpri ,
, (
, ). addpri
.
disp ( disposition) ,
.
: accept reject. accept,
. reject ,
.
log (accept log reject log),
Copyright 2004-2011 by InfiNet Wireless

157

InfiNet Wireless

WANFleX

"ipfw" "rpfilter" (reverse path filter).


,
,
. , ipfw
, .
:
ipfw add rpfilter all from 0/0 to 0/0
disp pass, ""
, ,
.
:
ipfw add pass log tcp from 0/0 to 0/0
, ,
.

[vlan={N|any|$ACL}]
[dot1p=N]
[swg=N]
[ether={X|any}] [dscp=N|tos=N] [prf]
, VLAN ID, 802.1p,
(SWitchGroup), (EtherType),
ip_tos DSCP IP precedence.
prf
PRF.
vlan VLAN
$ACL ( ACL . (
acl)).
any vlan ether
VLAN ID
.
proto IP,
. : tcp, udp, icmp, arp, all
.
modifiers
. .
from proto modifiers
(endpoint). to
(endpoint).
endpoint .
endpoint proto. proto
all icmp, endpoint . proto
udp tcp , endpoint
.
IP-
(mask). IP-
(nn.nn.nn.nn).
, (nnn.nnn.nnn.nnn).
:
nn.nn.nn.nn
nn.nn.nn.nn:xxx.xxx.xxx.xxx
Copyright 2004-2011 by InfiNet Wireless

158

InfiNet Wireless

WANFleX

nn.nn.nn.nn/NN
,
.
"/" ( ,
, ).
: 192.168.9.0/24 192.168.9.0
24 .
: 192.168.9.0:255.255.255.0.
0/0 IP-.
,
,

IP ($ACLRULE)
ACL ,
.
$LOCAL ,
.
( ) .
ipfw add accept all from 0/0 to $LOCAL
$ROUTE ,
default route. ,

.
ipfw add reject all from 0/0 to not $ROUTE
, MAC- Ethernet,
MAC
"mac".
MAC- ,
. ,
, "$BS".
MAC-
(
).
, MAC-
,
, ,
. .
"from" "to"
"not",
(), ,
.
:
ipfw add reject all from mac 0012345678 to 0/0
ipfw addout reject all from 0/0 to mac 0012345678
ipfw add rf1 reject all from mac $BS to 0/0
ipfw add reject all from 0/0 to not 1.1.1.0/24

.
Copyright 2004-2011 by InfiNet Wireless

159

InfiNet Wireless

WANFleX

,
. (
, ).
10 .
, ,
IP-, (
).
,
, IP-
.
modifiers
, .
:

tcp_connection
, TCP
.

onnection
tcp_connection.
, TCP
SYN ACK.

ip_fragment
,
.
, offset
, more fragments.

ip_head_fragment
,
.
, offset more fragments
.

ip_tail_fragment
,

, .

, offset ( more fragments


).

ip_option

IP-,

IP ( NO-OP).

ip_recroute_option
IP-,
record-route timestamp IP
.

. .

ip_misc_option
, IP

record-route,
timestampIP

NO-OP.
Copyright 2004-2011 by InfiNet Wireless

160

InfiNet Wireless

WANFleX

IP misc

.
modifiers,
:

tcp_connection proto
tcp.

ip_fragment,
ip_head_fragment ip_tail_fragment,
.

ip_option,
ip_recroute_option ip_misc_option,
.

f pcap.
:
ipfw add reject -f "icmp and host (1.1.1.1 or 1.1.1.5)"

,
.

, .
, ,
IP- . IP ,
,
.
, ,
, .
, " " ,
, ,
.
:
, .
, .
, .
, .
, ,
.
:
proto all ,
, .
,
( , ,
, ).
Copyright 2004-2011 by InfiNet Wireless

161

InfiNet Wireless

WANFleX

,
(-, ,
).
ip_fragment,
, .
ip_tail_fragment,
, , .
ip_head_fragment,
,
.
tcp_connection,
TCP/IP ,
, .
ip_option, IP
( NO-OP EOL), .
ip_recroute_option,
, .
ip_misc_option,
IP , , record-route, timestamp,
EOL
NO-OP, .
proto udp
tcp ,
( )
,
.
proto udp tcp
,
( )

, .

disp.
ARP :
ARP IP-
IP-, (accept)
,
.

, ipfw
.

,
1.1.1.1
2.2.2.2:
ipfw add reject all from 1.1.1.1 to 2.2.2.2
,
:

ipfw add reject all from 1.1.1.0/24 to 2.2.2.2


Copyright 2004-2011 by InfiNet Wireless

162

InfiNet Wireless

WANFleX

24 "/" () .
24 C, 256 .
":"
:
ipfw add reject all from 1.1.1.1:255.255.255.0

to

2.2.2.2

:
ipfw add reject all from 1.1.1.0/24 to 0/0
1.1.1.0 C
(, ,
).


, ,
smtp ( ) IP-
192.5.42.1. :
ipfw add accept tcp from 0/0 to 192.5.42.1 25
tcp ,
TCP . 25,
smtp.

.
, . ,

ipfw add accept tcp from 0/0 to 1.1.1.1 900:5000 25 113


TCP 1.1.1.1,
900 5000 25 (smtp)
113 (ident).
IP spoofing

.
,
,
( IP spoofing). ,
.
, , .
:

Copyright 2004-2011 by InfiNet Wireless

163

InfiNet Wireless

WANFleX

, innerhost,
( ). ,
, ,
. , ,
rf5.0 ,
firewall, ,
, .
:
ipfw add rf5.0 reject all from innerhost/16 to 0/0
,
rf5.0. ,
, (
, B).
, ,
loopback
(127.0.0.0):
ipfw add rf0 reject all from 127.0.0.0/8 to 0/0
IP spoofing
( CERT summary CS-95:01,
summaries CERT WWW site ).
,
IP spoofing ,
. , CERT
advisory CA-95:01 .
TCP
TCP/IP 900 5000,
900 5000.
,
(, rf5.0
):
ipfw add rf5.0 accept tcp from 0/0 to 0/0 900:5000
ipfw add rf5.0 reject tcp from 0/0 to 0/0
Copyright 2004-2011 by InfiNet Wireless

164

InfiNet Wireless

WANFleX

,
900 5000 (
), .
, .
900 5000.
.
,
900 5000
. -

.
tcp_connection :
ipfw add rf0 reject tcp connection from 0/0 to 0/0 900:5000
ipfw add rf0 accept tcp from 0/0 to 0/0 900:5000
ipfw add rf0 reject tcp from 0/0 to 0/0

900 5000.
TCP ,
TCP .
UDP
TCP,
, UDP ().
,
, UDP/IP

UDP.
,
,
(, UDP,
.
, ,
UDP,
.
(DNS) ,
UDP.
, rf5.0 - ,

DNS , UDP :
ipfw add accept udp from 0/0 53 to 0/0 53
ipfw add rf0 reject udp from 0/0 to 0/0
,
UDP ,
.
UDP ,
( ):
NFS , ,
UDP 2049 (TCP/IP NFS TCP
2049, , ,
tcp_connection - ).

Copyright 2004-2011 by InfiNet Wireless

165

InfiNet Wireless

WANFleX

RPC portmapper
. ,
portmapper (TCP UDP 111).
,
.
, UDP .
, ,
TCP/IP UDP/IP
.
Microsoft LAN manager UDP.
Microsoft
, ,

:
ipfirewall add rf0 reject tcp from 0/0 to 0/0 135:139
ipfirewall add rf0 reject udp from 0/0 to 0/0 135:139


( Windows
NT/95/98).
IP
ip_fragment, ip_head_fragment ip_tail_fragment
IP .
, ,
:
, TCP UDP,
IP ,
.
IP ,
"denial-of-service"
( ),
,
.
denial-of-service,
, ,
:
ipfw add reject all ip_fragment from 0/0 to 0/0
, , ,
,
(,
)
,
.

,
( 1500 ).
, ,
. , -
,
.

, IP-
. ,
Copyright 2004-2011 by InfiNet Wireless

166

InfiNet Wireless

WANFleX


(, )
.
, ,
, :
ipfw add accept all ip_tail_fragment from 0/0 to 0/0

( "
") ,
,
. -
,

( 60 ).

10. Loadm ( )

:
loadm [-b] [-m] [-l] [-p] [-w delay] interface
:
loadm
.

, ()
:
-b - ();
-m - (
-b) ;
-l - ( );
-p ;
-w delay - .
: rf5.0, loadm
, ,
. ,
, /
.
,
.
eth0.
:
loadm -l rf5.0

Copyright 2004-2011 by InfiNet Wireless

167

InfiNet Wireless

WANFleX

Ctrl/C ESC.

11.Bpf (Berkeley Packet Filter)



:
bpf ifname ADDR PORT
bpf ifname
bpf -f "pcap filter expression"
:
, bpf,
, ,

.
.
,

,
(
) (
tcpdump).
, ( MAC ),
,
UDP .

Copyright 2004-2011 by InfiNet Wireless

168

InfiNet Wireless

WANFleX

,

.
, bpfshow
FreeBSD/OpenBSD. ,
-
pcap.raw.

tcpdump:

bpfshow 8000
^c
tcpdump -r pcap.raw

bpf f pcap .
:
bpf rf5.0 10.11.12.13 8000
,
rf5.0 10.11.12.13 8000.
bpf rf5.0
rf5.0

12. RPCAP
RPCAP (Remote Packet Capture)
,
, .
RPCAP
( ) . RPCAP,
,
:

.
InfiNet Wireless RPCAP.
rpcapd,
.
:
rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change]
rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop]
rpcapd [-buffersize=[SND_BUFFER_SIZE]]
rpcapd {trace|notrace}
rpcapd show [-s=SOURCENAME]
rpcapd clear
:
/ RPCAP :
Copyright 2004-2011 by InfiNet Wireless

169

InfiNet Wireless

WANFleX

rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop]


(rpcapd start),
RPCAP 2002
.

port maxconn.
//
RPCAP :

rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change]


(add, del change),
, add change,
.

RPCAP ,
.

user key:
rpcapd user= -key=.
RPCAP
:
rpcapd [-buffersize=[SND_BUFFER_SIZE]]
32.
/
:
rpcapd {trace|notrace}
:
rpcapd show [-s=SOURCENAME]
s BPF
(
s).
:
rpcapd clear

13.Snmpd (SNMP daemon)


SNMP.
:
snmpd
user
NAME
(add|set)
[pass
PASSWORD]
[sec[urity]
(noAuthNoPriv|authNoPriv|authPriv)]
[acc[essRights]
(readOnly|readWrite)]
[cla[ss] (guest|admin)] [privpass PRIVPASS] [proto (des|aes128)]
snmpd user NAME del[ete]
snmpd comm[unity] NAME
snmpd (nodebug|debug [prox] [trap] [stat] [mibs] [user] [cryp] [pack] [time]
[flow])
snmpd (v1disable|v1enable)
snmpd (start|stop)
Copyright 2004-2011 by InfiNet Wireless

170

InfiNet Wireless

WANFleX

snmpd clear
:
(Simple Network Management
Protocol, SNMP) 1 3.
SNMP
,

.
SNMP v1
,
,
. MIB
, -
read-only. v1disable
, SNMP-.
SNMP SNMP v3
USM (User-based Security Model) MD5 .
,
(
).

accessRights snmpd. ReadOnly|readWrite

.

class
guest/admin

.
SNMP v1 community
"public". snmpd community NAME
.
MIB-II, MIB.
SNMP,
sec[urity]:

noAuthNoPriv SNMP

authNoPriv SNMP
,

authPriv SNMP
. privpass PRIVPASS
() , proto
(des|aes128) .

nodebug/debug /
SNMP .

snmpd clear SNMP .


:
snmpd comm secret
snmpd user john add pass mypassword security authNoPriv
snmpd on

14.Td (Telnet daemon)


Telnet daemon
Copyright 2004-2011 by InfiNet Wireless

171

InfiNet Wireless

WANFleX

:
td enable | disable RemoteHOST
td start | stop | flush

Telnet

, .
Telnet .
td stop.
.
td start.
,
().
"td enable RemoteHOST",
. RemoteHOST IP- .
10- .
td disable
.
td flush telnet .
:
td enable 195.38.44.1
td enable 195.38.44.11
td start

15.Nat (Network Address Translation)


NAT - (Network Address Translation
RFC1631)
:
nat command [arguments]
:
(Network Address Translation)
-
IPv4
IP . NAT
IP-,
, ,
. NAT
IP- ,
, ,
, . NAT
( ) natd
libalias FreeBSD.

(RFC1918),

IPv4
IP
(private internets):
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
Copyright 2004-2011 by InfiNet Wireless

172

InfiNet Wireless

WANFleX

192.168.0.0 - 192.168.255.255 (192.168/16 prefix)


Internet
,
.

, .
,

IP .
. (public) IP .

, WWW, FTP, ICQ, IRC, Telnet,
SMTP, On-line Games ..
IP NAT. ,

. , HTTP
FTP Squid. ,
.
IP-
H.323, IP .
NAT H.323,
.
, IP
IP .
NAT.

local_acl
:
nat local_acl $NAME
[enable|disable|delete]

[public_addr|dhcp

IFNAME]

[-exclude

$DSTACL]

(public) IP-,
.
-
. Revolution
: Ethernet (eth) radio (rf).

, , , IP .
Ethernet ,
.
?
alias-
null0.
ifconfig null0 123.1.1.1/32 up
,
. -
.
.
, , ,
. .
. NAT

Copyright 2004-2011 by InfiNet Wireless

173

InfiNet Wireless

WANFleX

, , . ,
.
,
123.1.1.0/30, null0 , :

ifconfig null0 123.1.1.0/30


. ,
123.1.1.0 alias_address,

123.1.1.3)

nat
redirect_xxx (. )
.
(ipfw, ipstat, qm) NAT
,
. , , ipfw
.
ipstat.
(ACL) ,
.
local_acl
.
local_acl local_acl,
local_acl .
,
, .
acl add $NAT net 192.168.1.0/24
nat local_acl $NAT 123.1.1.1

192.168.1.0/24 ( ),
local_acl 123.1.1.1
.

,
.
, ,
DHCP.
IP dhcp
DHCP .
:
nat local_acl $NAT dhcp eth0

-exclude $DSTACL
/ .

enable, disable, delete ,


.

maxlinks NUM
,
1000.
Copyright 2004-2011 by InfiNet Wireless

174

InfiNet Wireless

WANFleX


, .
, ,

.

.
,

, .
,
.
, , NAT.

enable
NAT
.
, :
ifconfig null0 123.1.1.1/32 up
rip start #
#
acl add $NAT net 192.168.1.0/24
nat local_acl $NAT 123.1.1.1
nat enable
. .

disable
,
NAT.
nat disable

same_ports yes|no
NAT
. ,
.
.
nat same_ports no

verbose yes|no

.
nat verbose

proxy_only yes|no
, NAT
proxy_rule (. ).
.

stat

.

Copyright 2004-2011 by InfiNet Wireless

175

InfiNet Wireless

WANFleX

nat stat


NAT ,
.
, .

.
NAT .

(redirect_xxx proxy_rule).
,
. config show
.
nat del XX, XX
.

redirect_port
:
redirect_port proto local_addr:local_port_range
[public_addr:]public_port_range
[remote_addr[:remote_port_range]]
(-)
(-).
proto tcp, udp, ras cs.
ras cs
H.323.
Local_addr:local_port_range IP-
.
[Public_addr:]public_port_range IP- .
public_port_range local_port_range
.
.
remote_addr remote_port_range
(
, ).
remote_port_range , .
remote_port_range ,
public_port_range.
nat redirect_port tcp 192.168.1.5:23 7777
tcp 7777
192.168.1.5 23
(telnet).
nat redirect_port tcp 192.168.1.4:2300-2399 123.1.1.2:3300-3399
tcp 3300-3399
123.1.1.2
192.168.1.4

Copyright 2004-2011 by InfiNet Wireless

176

InfiNet Wireless

WANFleX

1:1, 3300->2300, 3301->2301


..
, , IRC A, -
B. , ,
6667 (irc) 80 (),
:
nat redirect_port tcp 192.168.0.2:6667 6667
nat redirect_port tcp 192.168.0.3:80 80

:
redirect_port proto local_addr_1:local_port_range[,
local_addr_2:local_port_range, ]
[public_addr:]public_port_range
[remote_addr[:remote_port_range]]
,
(LSNAT) ,
:
redirect_port tcp 192.168.1.2:80, 192.168.1.3:80, 192.168.1.4:80 123.1.1.2:80
WEB
.

redirect_address
public_addr

public_addr local_addr.

local_addr
,

123.1.1.2

[,Local_addr,

...]

local_addr,
.
nat redirect_address 192.168.1.2 192.1.1.1
nat redirect_address 192.168.1.3 192.1.1.2
192.1.1.1
192.168.1.2,
192.1.1.2 192.168.1.3
, IP,
. NAT
IP-. NAT
, IP , ,
IP-,
. NAT. , IP-
128.1.1.1, 128.1.1.2 128.1.1.3 . 128.1.1.1
IP- ,
128.1.1.2 128.1.1.3
A B.

nat redirect_address 192.168.1.2 128.1.1.2


nat redirect_address 192.168.1.3 128.1.1.3
IP- NAT
, .
Copyright 2004-2011 by InfiNet Wireless

177

InfiNet Wireless

WANFleX

default_h323 [yes|no]
H.323
. UDP-, 1719,
TCP-, 1720.
.

: ,
NAT UDP-, 1719,
TCP-, 1720,
NAT H.323
.

h323_destination ras|cs remote_addr[:remote_port]


[local_addr[:local_port]]
H.323
, H.323.
ras|cs - H.323,

remote_addr - ,

remote_port - ,
. , 1719
ras 1720 cs
local_addr - ,
. ,
,
local_port - ,
. ,
,

proxy_rule
:
proxy_rule [ ] ...
. TCP ,
,
.

.
, .
, .
:
type encode_ip_hdr | encode_tcp_stream | no_encode

,
:
encode_ip_hdr,
IP (IP option)

Copyright 2004-2011 by InfiNet Wireless

178

InfiNet Wireless

WANFleX

encode_tcp_stream,
"DEST
IP port''.
port portnum
, .
server host[:portnum]
.
. ,
.
proto tcp | udp
,
.
src IP[/bits]
dst IP[/bits]
. ()
.
:
nat proxy_rule proto tcp port 80 server 123.1.1.1:3128
TCP , 80
, - .

nat del rule_number


rule_number.

NAT H.323
H.323.
- RAS (registration, admission, status),

, CS (call signalling),
. H.225.0.

( ""
):
1. , ,
- .
h323_destination
cs. 1720,
default_h323.
: 10.0.0.99, -
123.45.67.89. ,
. - :
nat h323_destination cs 123.45.67.89 10.0.0.99
2: 10.0.0.99,
- .
, .
- default_h323:
nat default_h323
2. ,
, - .
Copyright 2004-2011 by InfiNet Wireless

179

InfiNet Wireless

WANFleX

redirect_port
cs, alias
( alias ),
(
).
: 10.0.0.98
10.0.0.99, - 123.45.67.89. Alias_address NAT
123.45.67.65. ,
, .
- :
nat redirect_port cs 10.0.0.98:1720 1720 123.45.67.89
nat redirect_port cs 10.0.0.99:1720 1721 123.45.67.89

123.45.67.65:1720 123.45.67.65:1721 .
3.
.
h323_destination ras _.
1719,
default_h323.
: 10.0.0.99,
123.45.67.89. ,

. - :
nat h323_destination ras 123.45.67.89 10.0.0.99
2: ,
123.45.67.89
RAS 1024. ,
. :
nat h323_destination ras 123.45.67.89:1024
3: 10.0.0.99,
-
. ,
. default_h323:
nat default_h323
4.
. redirect_port ras
RAS ,
. ,
static ,
redirect_port s
S .
: 123.45.67.89,
10.0.0.99. ,

. Alias_address NAT 123.45.67.65. -
:
nat redirect_port ras 10.0.0.99:1719 1719 123.45.67.89
RAS
123.45.67.65:1719.
Copyright 2004-2011 by InfiNet Wireless

180

InfiNet Wireless

WANFleX

2: Static 123.45.67.89,
10.0.0.99. ,
. Alias_address NAT
123.45.67.65. - :
nat redirect_port s 10.0.0.99:1720 1720 123.45.67.89
S
123.45.67.65:1720.

16. Trapd (SNMP traps)


SNMP traps.
SNMP
(traps)
().
SNMP traps

SNMP .
:
trapd dst[addr] x.x.x.x[:PORT] [[GROUPNAME] ...] [[[-]TYPENAME] ...]
trapd dst[addr] x.x.x.x[:PORT]
trapd map
trapd agent x.x.x.x
trapd -agent
trapd gateway {xxxxxxxxxxxx|auto}
trapd -gateway
trapd type TYPENAME enable|disable
trapd start|stop
where PORT default value is 162 if omitted
possible GROUPNAMEs are:
topoGroup
mintGroup
cmxGroup
ospfGroup
and possible TYPENAMEs are:
topoEvent
newNeighborEvent
lostNeighborEvent
mintRetries
mintBitrate
mintSignalLevel
cesDsx1LineStatus
cesJitterStatus
ospfNBRState
ospfVirtNBRState
Copyright 2004-2011 by InfiNet Wireless

181

InfiNet Wireless

WANFleX

ospfIFState
ospfVirtIFState
ospfConfigError
linkEvent
trapdColdStartEvent
snmpdAuthenticationFailureEvent
syslog
:
| SNMP :
trapd start|stop

SNMP :
trapd dst[addr] x.x.x.x[:PORT] [[GROUPNAME] ...] [[[-]TYPENAME] ...]
, x.x.x.x IP- SNMP .
:PORT UDP ( UDP
162). GROUPNAME
, SNMP
. [-]TYPENAME
, (
, -) SNMP .
IP- SNMP .
:
trapd dst 192.168.1.1
trapd dst 192.168.1.100
SNMP IP-
SNMP ,
(SNMP traps).
IP- SNMP
-, :
:
trapd -dst 192.168.1.1
SNMP
:
trapd map

IP- , SNMP-trap,
:
trapd agent x.x.x.x
127.0.0.1.
IP- -,
.

trapd gateway xxxxxxxxxxxx|auto


Copyright 2004-2011 by InfiNet Wireless

182

InfiNet Wireless

WANFleX

,
Mac (xxxxxxxxxxxx Mac ). Mac auto, SNMP
MINT SNMP relay ( mint snmprelay), MINT.
Mac -,
.

trapd type TYPENAME enable|disable


/
. TYPENAME.
.
:
trapd dst 192.168.1.1
trapd type newNeighborEvent enable
trapd start


:
ColdStartEvent ,
AuthenticationFailureEvent
SNMP

Syslog ,

TopoGroup

topoEvent ,
,

lostNeighborEvent ,
-

newNeighborEvent ,
-

MintGroup

mintBitrate - ,

mintRetries - ,
10%

mintSignalLevel - ,
10%

cmxGroup

cesDsx1LineStatus - ,
TDM CES-

cesJitterStatus - ,
TDM CES

ospfGroup

ospfNBRState - ,
OSPF ( ).
Copyright 2004-2011 by InfiNet Wireless

183

InfiNet Wireless

WANFleX

ospfVirtNBRState - ,
OSPF .

ospfIFState - ,
OSPF ( ).

ospfVirtIFState - ,
OSPF .

ospfConfigError - , ,

.

linkEvent ,
Ethernet . / :
linkUp linkDown.

17.DHCP Server

DHCP

TELNET WANFlex.
DHCP WANFlex dhcpd.
( ):
:
add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
add dscope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>
clear
delete option <OPTION_NAME>
delete scope <SCOPE_NAME>
delete virtual interface <VIFNAME>
interface <INTERFACE> delete option <OPTION_NAME>
interface <INTERFACE> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE> reservation
<CLIENT_ID> delete option <OPTION_NAME>
interface <INTERFACE> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE|*> show boundhistory
interface <INTERFACE|*> show client <CLIENT_ID|*>
lock interface <INTERFACE>
option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> add exclude <START_IP> <END_IP>
scope <SCOPE_NAME> add reservation <CLIENT_ID> <CLIENT_IP>
scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> delete exclude <START_IP>
scope <SCOPE_NAME> delete option <OPTION_NAME>
scope <SCOPE_NAME> delete reservation <CLIENT_ID>
scope <SCOPE_NAME> interface <INTERFACE|*>
scope <SCOPE_NAME> option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> reservation
<CLIENT_ID> delete option <OPTION_NAME>
scope <SCOPE_NAME> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
Copyright 2004-2011 by InfiNet Wireless

184

InfiNet Wireless

WANFleX

scope <SCOPE_NAME> set range <START_IP> <END_IP>


scope <SCOPE_NAME|*> show declinehistory
show config
show interface <INTERFACE|*>
show options
show scope <NAME|*>
show unleases <SUBSTR|*>
show version
start
stop
unlock interface <INTERFACE>
virtual interface <VIFNAME> add subnet <IP_ADDRESS> <SUBNET_MASK>
virtual interface <VIFNAME> change <GATEWAY> <GWIFNAME|*>
virtual interface <VIFNAME> delete subnet <IP_ADDRESS> <SUBNET_MASK>

,
DHCP .
, dhcpd show scope * dhcpd
s s *, dhcpd show config dhcpd sh c.
DHCP , ,
, WANFlex superuser. DHCP
.

<>. - ,
.
:
#2>dhcpd scope MSOFT add classid "MSFT 5.0"

#2>dhcpd add scope "Micro Soft" eth0 9.1.1.201 9.1.1.250


! DHCP :
dhcpd start

DHCP (CLIENT)
DHCP
( )
TCP/IP. DHCP
UDP/IP. ,
(ip , , .)
DHCP. IP .
, DHCP
IP
.
. ,
,
, .
,
(MAC) . .. DHCP

(
). ( <CLIENT_ID> )
ID:<>|01:<
>.
Copyright 2004-2011 by InfiNet Wireless

185

InfiNet Wireless

WANFleX

:
ID:01:00:04:35:22:88:1D.
,
( ). ,
- ,
. , ,
. , DHCP ,
Windows XP,
MSFT 5.0, IP Infinet Wireless IW_IP_PHONE.


() .

(SCOPE)
(scope) - IP-
IP .
,
.
:
:
dhcpd add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>

SCOPE_NAME .
.
,

( _ )
INTERFACE ,
( ).
*, ,
.
,
IP (alias),
IP .
,
,
. :
,
.
START_IP END_IP IP
. ,

( )
. IP ,
,
,
. .. .
,
, .
:
dhcpd add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>

Copyright 2004-2011 by InfiNet Wireless

186

InfiNet Wireless

WANFleX

:
#2> dhcpd add scope MSOFT eth0 192.168.177.20 192.168.177.22
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope attached
OK
MSOFT
eth0.
eth0 192.168.177.12
#2> dhcpd add scope new * 10.12.12.30 10.12.12.50
WRN: Scope created, but not attached.
new
. ,
, ..
,
.
:
:
dhcpd scope <SCOPE_NAME> set range <START_IP> <END_IP>

SCOPE_NAME ,

START_IP END_IP IP
.
:
:
scope <SCOPE_NAME> interface <INTERFACE|*>

SCOPE_NAME ,

INTERFACE
.

, .
,

.
:
#2> dhcpd scope OTHER interface -eth0
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope detached
OK

OTHER.
:
#2> dhcpd scope OTHER interface eth0 ( *)
[eth0] <192.168.177.12> (OTHER):
Copyright 2004-2011 by InfiNet Wireless

187

InfiNet Wireless

WANFleX

192.168.177.10-192.168.177.19 Scope attached


OK
(exclude).
, ,
. :
:
dhcpd scope <SCOPE_NAME> add exclude <START_IP> <END_IP>

SCOPE_NAME

START_IP END_IP
. ,
( )
, .
.

:
:
dhcpd scope <SCOPE_NAME> delete exclude <START_IP>

, ,
,
.
! dhcpd scope <SCOPE_NAME> set
range <START_IP> <END_IP>,
,
, !

(CLASSID)
.
, IP
, ,
.
,
.
,
(client vendor class id),
IP .
:
:
scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>

SCOPE_NAME
CLIENT_CLASS_ID
CLIENT_CLASS_ID (
255). ,
.
,
IP . ,
, ,
, IP

Copyright 2004-2011 by InfiNet Wireless

188

InfiNet Wireless

WANFleX

,
.
:
:
scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>

(INTERFACE)
VLAN ,
WANFlex.
,
DHCP . ,
,
broadcast (BMA), (VLAN).
,
WANFlex.
:
:
show interface <INTERFACE|*>

INTERFACE ,
. *,
.
, :
:
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
,
eth0 vlan0. eth0 (UP) IP .
PHONES,
: OTHER MSOFT. vlan0
, ..
(DOWN).
DHCP
.
:
lock interface <INTERFACE>

<INTERFACE> - .
,
.
Copyright 2004-2011 by InfiNet Wireless

189

InfiNet Wireless

WANFleX

:
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
DHCP : eth0 vlan0.
vlan0 WANFlex ifconfig vlan0 down. Eth0
: phones, other msoft.
phones 9.1.1.100/255.255.255.0,
192.168.177.12/255.255.255.0.
,

eth0 DHCP :
:
#2> dhcpd lock interface eth0
[eth0] <9.1.1.100> (PHONES):
9.1.1.151-9.1.1.200 Scope detached
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope detached
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope detached
OK
DHCP
#2> dhcpd show interface *
>INTERFACES
[eth0] UP LOCKED
<SUBNET> 9.1.1.100/255.255.255.0
<SUBNET> 192.168.177.12/255.255.255.0
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
, eth0 .
.
:
:
dhcpd unlock interface <INTERFACE>
:
#2> dhcpd unlock interface eth0
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope attached
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope attached
[eth0] <9.1.1.100> (PHONES):
9.1.1.151-9.1.1.200 Scope attached
OK
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
Copyright 2004-2011 by InfiNet Wireless

190

InfiNet Wireless

WANFleX

<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK

(scope reservation)
IP
.
:
:
dhcpd scope <SCOPE_NAME> add
reservation <CLIENT_ID> <CLIENT_IP>

SCOPE_NAME .
CLIENT_ID ,
CLIENT_IP IP , .


.
:
#2>dhcpd scope PHONES add reservation
ID:01:00:04:35:00:22:23 9.1.1.170
OK
.., , PHONES
DHCP ID:01:00:04:35:00:22:23,
IP 9.1.1.170. IP
, . ..
(, dhcpd scope
PHONES add exclude 9.1.1.165 9.1.1.175)
, .
,
- ,
, .
#1> dhcpd scope other add reservation
ID:01:00:04:35:00:22:23 192.168.177.10
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Reservation for "ID:01:00:04:35:00:22:23"
already exists in scope PHONES with IP=9.1.1.170
ERR: Reservation's IP is out of scope's range
, IP
, .
:
#2> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
Copyright 2004-2011 by InfiNet Wireless

191

InfiNet Wireless

WANFleX

<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"


<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
<BOUND> since 01/01/2003 05:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)

10.12.12.30

- 10.12.12.50

' 192.168.177.20

[*]

(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT> ID:01:00:05:90:02:1F:C8 ""
'
' 192.168.177.10
<BOUND> since 01/01/2003 05:34:24
<FREE RANGE> 192.168.177.11 - 192.168.177.11 =1
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 05:00:34
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 05:49:35
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
, ID:01:00:05:90:02:1F:C8 DHCP
(), , IP
OTHER, 192.168.177.12/255.255.255.0
eth0, .. .
,

ID:01:00:05:90:02:1F:C8 IP
PHONES. PHONES
IP , , 9.1.1.200:
#2> dhcpd scope PHONES add reservation
ID:01:00:05:90:02:1F:C8 9.1.1.200
OK
#2> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 05:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)

10.12.12.30

- 10.12.12.50

[*]

(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<FREE RANGE> 192.168.177.10 - 192.168.177.11 =2
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
Copyright 2004-2011 by InfiNet Wireless

[*] ATTACHED [eth0]

192

InfiNet Wireless

WANFleX

<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151


<BOUND> since 01/01/2003 05:00:34
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 05:49:35
<FREE RANGE> 9.1.1.171
- 9.1.1.199
=29
<RESERV> ID:01:00:05:90:02:1F:C8 ""
'
' 9.1.1.200
<BOUND> since 01/01/2003 06:22:30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
,
IP
PHONES.
, .
,
:
:
dhcpd scope <SCOPE_NAME> delete reservation <CLIENT_ID>
IP
, , ,
, (
). .
:
#1> dhcpd scope phones delete
reservation ID:01:00:05:90:02:1F:C8
OK
#1> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 01:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)

10.12.12.30

- 10.12.12.50

[*]

(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT> ID:01:00:05:90:02:1F:C8 ""
'
' 192.168.177.10
<BOUND> since 01/01/2003 01:16:36
<FREE RANGE> 192.168.177.11 - 192.168.177.11 =1
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 01:01:47
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 01:01:37
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
Copyright 2004-2011 by InfiNet Wireless

193

InfiNet Wireless

WANFleX

<OPTION>

H323_GK_ADDRESS 195.38.45.84

OK
, ,
ID:01:00:05:90:02:1F:C8 IP 9.1.1.200 PHONES, ..
PHONES.
OTHER.
#1> dhcpd scope phones delete
reservation ID:01:00:04:35:00:22:23
OK
#1> dhcpd show scope phones
>SCOPES:
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 01:01:47
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<CLIENT> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew '
9.1.1.170
<BOUND> since 01/01/2003 01:01:37
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
ID:01:00:04:35:00:22:23
9.1.1.170 , ..
.
! dhcpd scope <SCOPE_NAME> set
range <START_IP> <END_IP>,
,
, !

(options)
(options) ,
.
, , Address Time ( ), Router
( ), NTP Servers ..
.
,
.
()
DHCP . () :
1. .
.
2. . ,
.
3. .
,

.
4. . ,
, ,
,
.
5. . ,
,
Copyright 2004-2011 by InfiNet Wireless

194

InfiNet Wireless

WANFleX

. ,
.
-
, .
:
Address Time ( ).
,
120 ( = 2 )
Subnet Mask ( ).

.

, , IP
.
DHCP
http://www.iana.org/assignments/bootp-dhcp-parameters
, DHCP
. ,
:
OPTION_NAME - (. ).
, ,
( _ ).
.
OPTION_VALUE .
DHCP
():
1. . , , , Bootfile-Name.
,
.
2. . .
,
. : Address Time, Time Offset.
3. IP . , IP .
Router ( ).
IP ,
.
() :
1.
:
dhcpd scope <SCOPE_NAME> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>

SCOPE_NAME
.
CLIENT_ID .
,
.
2.

Copyright 2004-2011 by InfiNet Wireless

195

InfiNet Wireless

WANFleX

:
dhcpd interface <INTERFACE> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>

INTERFACE
CLIENT_ID.
,
.

,
,
.
:
IP . ..
IP
.
. ..,
Class Id,
, .
, DHCP
. , , ,
.

.
3.
:
dhcpd scope <SCOPE_NAME>
option <OPTION_NAME> <OPTION_VALUE>
4.
:
dhcpd interface <INTERFACE>
option <OPTION_NAME> <OPTION_VALUE>
5.
:
dhcpd option <OPTION_NAME> <OPTION_VALUE>
,
:
:
dhcpd scope <SCOPE_NAME>
reservation <CLIENT_ID> delete option <OPTION_NAME>
dhcpd scope <SCOPE_NAME> delete option <OPTION_NAME>
dhcpd interface <INTERFACE>
reservation <CLIENT_ID> delete option <OPTION_NAME>
dhcpd interface <INTERFACE> delete option <OPTION_NAME>
dhcpd delete option <OPTION_NAME>
Copyright 2004-2011 by InfiNet Wireless

196

InfiNet Wireless

WANFleX


. ,
,
.
. Subnet
Mask, ,
.
,
. ,
Class Id:
:
#1> dhcpd scope phones option class_id "TestClass"
ERR: This option cannot contain in the given division.
, ,
, ,
. DHCP :
Subnet Mask
Address Request
Overload
DHCP Msg Type
DHCP Server Id
Parameter List
DHCP Message
DHCP Max Msg Size
Client Id
()
ERR: This option cannot contain in
the given division.

DHCP

MS Classless Static Route

Classless

Static

Route

:
IP/MASK>GATEWAY[,IP/MASK>GATEWAY,...]
:
dhcpd
scope
TEST
option
Classless_Static_Route
192.168.12.0/24>192.169.1.1,192.168.15.0/24>192.169.1.2

192.168.12.0/24

gateway
192.168.15.0/24 gateway 192.169.1.2

192.169.1.1

,
:
:
dhcpd interface <INTERFACE|*> show client <CLIENT_ID|*>

INTERFACE ,

CLIENT_ID ,
. *,
.
*,
.
Copyright 2004-2011 by InfiNet Wireless

197

InfiNet Wireless

WANFleX

,
IP
, .
:
#2> dhcpd interface * show client *
>INTERFACES CLIENTS
--------- [eth0] --------(IPHONES) <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Unknown node'
192.168.0.101
<BOUND>
since 25/04/2005 11:32:57
SUPPLIED OPTIONS:
#1
. . . . . DF Subnet Mask
255.255.255.0
#2
. . . . . . Time Offset
<not supplied>
#3
. . S . . . Router
192.168.0.1
#7
. . . . . . Log Server
<not supplied>
#42
. . S . . . NTP Servers
192.168.0.1
#230
. . S . . . H323 GK ADDRESS
192.168.0.1
#231
. IR . . . . H323 LOGIN ALIAS
IWPhone/V. Pupkin/101
#232
. . . . . . H323 GK ID
<not supplied>

(supplied options)
(), (#<N>)
,
( ),
, .

, <not
supplied>.
:
1. SR
2. IR
3. S .
4. I
5. SV .
, ,
,
(, Subnet Mask) DF.

(Address Time)
IP ,
Address Time. , ,
Address Time,
.
, .
, Address Time
, .
,
120 .
, - ,
, ,
.
,

.
Address Time.
,
(). ..
,
, ,
.
,
. ,
Copyright 2004-2011 by InfiNet Wireless

198

InfiNet Wireless

WANFleX

, IP .
(dhcpd show scope *)
<OBIND>. .., ,
<OBIND> .
,
, IP ,
.
#1> dhcpd show scope MSOFT
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 01:01:14
<O_BIND> ID:01:00:0F:EA:05:29:C6 "MSFT 5.0"
'win2k3sbs'
192.168.177.21 <OBIND>
<FREE RANGE> 192.168.177.22 - 192.168.177.22 =1
OK

(boundhistory).
#1> dhcpd interface eth0 show boundhistory
[eth0]
>BOUND_HISTORY 1
(MSOFT) ID:01:00:0F:EA:05:29:C6 BOUND=192.168.177.21
02/01/2003 13:25:37

until

OK
24
.
24 ,

.

, , ,
.
boundhistory .

(,
).

IP
IP .
, IP
, ,
IP .
, , IP
(, )
. ARP
.
, IP .
, .
,
.

Copyright 2004-2011 by InfiNet Wireless

199

InfiNet Wireless

WANFleX

IP , IP

.
,
boundhistory . IP
, .

(unleases)
, DHCP IP ,
unleases.
15 ,
. :
1.
,
( ).
2.

3.

4.
(host name)

:
:
dhcpd show unleases <SUBSTR|*>

SUBSTR unleases.
,
unleases, .
. *,
.
:
#1> dhcpd show unleases *
>UNLEASES 1
eth0 ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
OK

wad

(virtual interface)
, DHCP IP .
. ..
IP ,

(broadcast). ,
, ,
DHCP DHCP
( ). , DHCP
, DHCP
. , ,
DHCP
DHCP Relay Agent (DRA). DRA DHCP
( ) DHCP DHCP
. DHCP DRA DHCP
(unicast). , DRA DHCP
IP
. DHCP
. DHCP
, DRA. ..
DHCP ,
.

Copyright 2004-2011 by InfiNet Wireless

200

InfiNet Wireless

WANFleX

:
:
add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>

VIFNAME DHCP

GATEWAY IP- DRA,


.
GWIFNAME DRA, DHCP
. GWIFNAME *,
DRA .

.
:
#1> dhcpd add virtual interface vvv1 192.168.177.81 *
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
<SUBNET> 192.168.15.55/255.255.255.0
<RESERVATION> for ID:01:00:05:90:02:1F:C8
<OPTION>
Class_Id
"Swissvoice"
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
,
vvv1. ,
. ,
- ,
. :
:
dhcpd virtual interface <VIFNAME> add subnet <IP_ADDRESS>
<SUBNET_MASK >

VIFNAME DHCP

IP_ADDRESS IP , DRA

SUBNET_MASK .
:
#1> dhcpd virtual interface vvv1
add subnet 192.168.188.1 255.255.255.0
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
<SUBNET> 192.168.15.55/255.255.255.0
Copyright 2004-2011 by InfiNet Wireless

201

InfiNet Wireless

WANFleX

<RESERVATION> for ID:01:00:05:90:02:1F:C8


<OPTION>
Class_Id
"Swissvoice"
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
<SUBNET> 192.168.188.1/255.255.255.0
DHCP
IP , DRA.
:
#1> dhcpd add scope VIRTUAL_TEST
vvv1 192.168.188.20 192.168.188.50
#1> dhcpd show interface vvv1
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
<SUBNET> 192.168.188.1/255.255.255.0
<SCOPE> (VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50 [vvv1] ATTACHED [vvv1]
<192.168.188.1>/255.255.255.0 <FREE RANGE> 192.168.188.20 192.168.188.50 =31
:
:
dhcpd virtual interface <VIFNAME> delete subnet <IP_ADDRESS>
<SUBNET_MASK>
:
#1> dhcpd virtual interface vvv1 delete subnet 192.168.188.1
255.255.255.0
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST)
192.168.188.20 - 192.168.188.50 [vvv1]
, , ,
, ..
vvv1, ,

vvv1.

DHCP .
,
dhcpd stop. ,

dhcpd clear

18. DHCP relay. dhcpr


DHCP-
, .
Copyright 2004-2011 by InfiNet Wireless

202

InfiNet Wireless

WANFleX

. ,
- DHCP- ,

. -
""
DHCP- (Relay
Agent)
DHCP. .
:
dhcpr [add]|delete SERVERIP
dhcpr (flush|trace|notrace)
dhcpr (lock|unlock) INTERFACE
dhcpr (info|noinfo)
dhcpr (start|stop)


/
:
dhcpr {start | stop}
DHCP .
:
dhcpr start

DHCP
:
dhcpr [add]|delete SERVERIP
DHCP
.
:
dhcpr add 125.12.100.12
dhcpr 125.12.100.13
dhcpr delete 125.12.100.12


DHCP
ethernet.
- ,
.

Copyright 2004-2011 by InfiNet Wireless

203

InfiNet Wireless

WANFleX

:
dhcpr (lock|unlock) INTERFACE
INTERFACE ( )
, .
:
dhcr lock eth0

DHCP DHCP Relay agent information


,
DHCP ,
. DHCP
. , DHCP
. /
:
:
dhcpr (info|noinfo)
:
dhcpr info

19.DHCP . dhcp


DHCP DHCP

. IP , ,
.
DHCP :
:
dhcpc [options] [IFNAME] [commands]
IFNAME .

DHCP ,

. : none
default. none

. default
. ,
, . ,
default DHCP .
o
-l (none|default|$ACLNAME|acl:ACLNAME)
IP DHCP ,
Copyright 2004-2011 by InfiNet Wireless

204

InfiNet Wireless

WANFleX

. ACLNAME (.
acl). (
acl), DHCP
DHCP .
o
-k
(none|default|key:KEYVALUE)

. DHCP c RFC 3118


- Authentication for DHCP Messages.
o
-a (none|default|NUMBER)
arp , DHCP
IP DHCP . DHCP,
IP
. DHCP
arp . arp
, ,
DHCP 16 .
o
-t (on|off)
- -
.
. DHCP
.

start - DHCP

stop - DHCP

o
delete - DHCP
.
o

dump - DHCP .

dhcpc a 5
dhcpc l $DHCP_SERVERS eth0 start
dhcpc a none k key:qwerty rf5.0 start
ARP
5. eth0
DHCP_SERVERS. DHCP
eth0. rf5.0 ARP
. .. rf5.0 DHCP 16 arp
. DHCP rf5.0
qwerty.

dhcpc dump
DHCP
ID I-face IP address/mask Gateway address

Server ID

Lease exp.

== ======== ================== ===============


0 eth0 192.168.61.29/26

192.168.61.1

192.168.61.1 000:35:16

1 rf5.0 ------------------ -------------- , DHCP eth0


rf5.0.

Copyright 2004-2011 by InfiNet Wireless

205

InfiNet Wireless

WANFleX

eth0 DHCP IP 192.168.61.26


26 DHCP 192.168.61.1.
35 16 .
DHCP rf5.0
.

20. VRRP . vrrp



.
,
, .

.
,
:
,

- .
VRRP
.

. VRRP
,
.
, ,
(VR). VR
IP VR. , -
( ),
IP (.. ARP
, ,
IP ).
VR 1255
(VRID).
, VRRP :
1) VRRP VR,
VRID IP-;
2) VRRP ( MASTER)
( BACKUP);
,
( ).
BACKUP MASTER.
3) (
MASTER)

:
( ) Primary IP- .
Copyright 2004-2011 by InfiNet Wireless

206

InfiNet Wireless

WANFleX

:
vrrp start|stop|dump
vrrp dump IFNAME:VRID
vrrp IFNAME:VRID [start|stop|clean|flush]
vrrp IFNAME:VRID [add]|delete IPADDRESS[/(MASK|MASKLEN)]
vrrp IFNAME:VRID [-priority=[PRIO|own]] [-interval=AINT]
[-(password|key)=[PASSWORD]]
[-preempt=(on|off)] [-owner=[on|off]] [-learn=(on|off)]
[-track=(off|default|IPADDRESS/MASKLEN)]


/
:
vrrp {start | stop}
VRRP .
:
vrrp start


:
vrrp IFNAME:VRID add IPADDRESS[/{MASK|MASKLEN}]
IFNAME
VRID. VRID
1....255. , IP ()
IP VR. IP VR
(Primary IP-address) , .
VRRP
, IP
.
:
vrrp eth0:10 add 9.8.7.6/24

/
:
Vrrp IFNAME:VRID {start|stop}
/
.
Copyright 2004-2011 by InfiNet Wireless

207

InfiNet Wireless

WANFleX

:
vrrp eth0:10 start


:
vrrp IFNAME:VRID -priority=[PRIO|own]
VR.
2255.
.
.
255 . ,
VR.
(owner)
IP VR.
:
vrrp eth0:10 priority=200

owner
:
vrrp IFNAME:VRID -owner=on|off
owner IP VR
. ..
, IP VR
IP , VR.
. ..
,
(, ).
owner .
:

vrrp eth0:10 owner=off


:
vrrp IFNAME:VRID preempt=on|off

, , ,

() VR.
.
:
Copyright 2004-2011 by InfiNet Wireless

208

InfiNet Wireless

WANFleX

vrrp eth0:10 preempt=off


:
vrrp IFNAME:VRID -track=(off|default|IPADDRESS/MASKLEN)

VRRP
IP (IPADDRESS/MASKLEN),
(default).
, BACKUP.
off.
:
vrrp eth0:10 track=default


:
vrrp IFNAME:VRID -interval=AINT

. .
,
(MASTER),

VR. (BACKUP)
.
.
,
VR
.
:
vrrp eth0:10 interval=2


:
vrrp IFNAME:VRID learn=on|off
IP
VR , (
BACKUP). VRRP
. IP VR
IP ( 255).
VR IP
.
:
Copyright 2004-2011 by InfiNet Wireless

209

InfiNet Wireless

WANFleX

vrrp eth0:10 learn=on

VR
:
vrrp IFNAME:VRID clean
VR.
:
vrrp eth0:10 clean

IP VR
:
vrrp IFNAME:VRID delete IPADDRESS
IP VR.

IP VR
:
vrrp IFNAME:VRID flush
IP VR.

:
vrrp eth0:10 flush

VRRP
RFC 2338 VRRP
:
1.
2. IP Authentication Header

:
vrrp IFNAME:VRID password=PASSWORD
vrrp IFNAME:VRID key=PASSWORD
, VRRP
VR.
RFC 3768:
10. Security Considerations
VRRP does not currently include any type of authentication. Earlier

Copyright 2004-2011 by InfiNet Wireless

210

InfiNet Wireless

WANFleX

versions of the VRRP specification included several types of


authentication ranging from none to strong. Operational experience
and further analysis determined that these did not provide any real
measure of security. Due to the nature of the VRRP protocol, even if
VRRP messages are cryptographically protected, it does not prevent
hostile routers from behaving as if they are a VRRP master, creating
multiple masters. Authentication of VRRP messages could have
prevented a hostile router from causing all properly functioning
routers from going into backup state. However, having multiple
masters can cause as much disruption as no routers, which
authentication cannot prevent. Also, even if a hostile router could
not disrupt VRRP, it can disrupt ARP and create the same effect as
having all routers go into backup.

VRRP
:
vrrp dump
VRRP.
:
vrrp dump
VRRP interface:ID Prio AInterval
reason

Master IP

STATE

Time

Stop

================== ==== ========= ===============


======= =============== ===========
eth0:010 200o

001

192.168.15.50 BACKUP

0/0:0:3:000

VRRP ,
:
VRRP interface:ID VR IFNAME:VRID
Prio ,
VR. owner,
o.
AInterval .
Master IP primary IP ,
(MASTER).
STATE :
o

MASTER

BACKUP

STOP

,
l (),
, lBACKUP
Copyright 2004-2011 by InfiNet Wireless

211

InfiNet Wireless

WANFleX

Time ,
STATE.
/:::000
Stop reason ,
VR. VR
STOP.
.
:
o Configuration conflict
VR. ,
VR
IP .
o

IP Address list is empty IP .

o Interface has no primary IP address


primary IP .
o Interface is down , VR
(down)

Copyright 2004-2011 by InfiNet Wireless

212

InfiNet Wireless

WANFleX

V.
1. Ctl ( )

:
ctl
ctl heater
ctl switch
ctl temperature
ctl signaling
ctl trap
:

.
()
.

: .
5V, 200mA.

30V, 1A.
ctl,
.
ctl heater
, .
: -15 0 . OT:

tl heater -10
-10.
, .
ctl switch
/
.
ctl switch on | off

on - .

off - .

ctl switch auto signalling | temperature


temperature -
.
signalling

.
ctl temperature
.
ctl temperature high low cooler | heater
Copyright 2004-2011 by InfiNet Wireless

213

InfiNet Wireless

WANFleX

high ,

.
low ,

.
cooler ,
, :
o high,

o

low,

heater ,
, :
o

low,

o high,
.
ctl signalling .
ctl signalling [enable | disable | maniac] [opened | closed] [log | nolog] [bt
] [fp | nofp] [traps ]

enable - .

disable - .

maniac - . ,
, ,
disable.

opened - .

closed - .

log, nolog -
.
bt - ( )
.
fp, nofp - ,
.
fp ,
,
, ,
. fp maniac.
nofp,
, .
traps - ,
SNMP, , traps 0,
.
1
.
SNMP oid
1.3.6.1.4.1.3942.0.100
oid
1.3.6.1.4.1.3942.0.101
, SNMP
Copyright 2004-2011 by InfiNet Wireless

214

InfiNet Wireless

WANFleX

trapd "trapd
(. trapd).

Copyright 2004-2011 by InfiNet Wireless

on"

215

InfiNet Wireless

WANFleX

VI.
:
mem -
mb -
ps - Unify SoftSwitch

1. Gatekeeper
voip
gatekeeper WANFlex,
voip, ,
.
AquaGatekeeper, (

AquaGatekeeperMonitor.
:
gatekeeper [options] [commands]
:
start - Start gatekeeper service
stop - Stop gatekeeper service
create - Create empty configuration
:
--help -h -? - Help
--version -v - Show file version
--configuration=[filename] - Use configuration file location,
default is Gatekeeper.cfg
:
console> gatekeeper start
console> gatekeeper stop
start
.
stop
.
create
,
,
.

IP- eth0,
system .
configuration
configuration
, create start.
:
Copyright 2004-2011 by InfiNet Wireless

216

InfiNet Wireless

WANFleX

console> gatekeeper --configuration='test.cfg' create


console> gatekeeper start
Gatekeeper.cfg

Copyright 2004-2011 by InfiNet Wireless

217