Академический Документы
Профессиональный Документы
Культура Документы
InfiNet Wireless R5000 по ОС - 2
Загружено:
Анатолий ПетьковОригинальное название
Авторское право
Доступные форматы
Поделиться этим документом
Поделиться или встроить документ
Этот документ был вам полезен?
Это неприемлемый материал?
Пожаловаться на этот документАвторское право:
Доступные форматы
InfiNet Wireless R5000 по ОС - 2
Загружено:
Анатолий ПетьковАвторское право:
Доступные форматы
InfiNet Wireless R5000
WANFleX
: 15 2011
: V1.83
Copyright 2004-2011 by InfiNet Wireless
Copyright 2004-2011 by InfiNet Wireless Limited.
All rights reserved.
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
I. ................................................................................................................................. 1
1. ...................................................................................................................... 1
2. IP- .................................................................................................................... 1
II. .................................................................................................................... 2
1. Help ......................................................................................................................................... 2
2. System...................................................................................................................................... 2
3. Config ( ) ..................................................................................... 4
4. Set ( TIME ZONE) ......................................................................................................... 5
5. Flashnet (/ ) ................................................................................................ 5
6. Restart ...................................................................................................................................... 6
7. Ping .......................................................................................................................................... 6
8. Telnet ....................................................................................................................................... 6
9. Tracert ...................................................................................................................................... 7
10. Webcfg ( Web -) ...................................................................................... 7
11. Rshd (Remote Shell) ................................................................................................................... 8
12. SSH (Secure Shell) ..................................................................................................................... 8
SSH ( sshd) ........................................................................................................ 9
SSH ( sshc) ...................................................................................................... 11
13. Ipstat ( IP-) ......................................................................................... 13
14. Sflowagent ( Sflow) .......................................................................................................... 15
15. ( acl) ................................................................................ 17
16. Sntp ....................................................................................................................................... 19
17. Date ....................................................................................................................................... 20
18. Erp ( )................................................................................................... 20
19. AAA ( RADIUS ) .............................................................. 22
20. License ................................................................................................................................... 23
21. Dport ...................................................................................................................................... 23
22. Mem ....................................................................................................................................... 24
23. Grep ( )................................................................................. 24
III. .................................................................. 26
1. Rfconfig ( ) .............................................................................. 26
2. Mint ........................................................................................................................................ 32
........................................................................................................................ 32
............................................................................................................ 33
(join) ............................................................................................... 43
(prf).................................................................................................... 44
.............................................................................................................. 45
Over-the-air update ........................................... 47
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
Over-the-air encryption ............................................................................................................... 49
................................................................................................... 49
................................................................................................... 52
.................................................................................................................... 53
............................................................................................. 54
TRACE ......................................................................................................................... 55
ODR (On-Demand Routing) ............................................................................................ 55
RMA MINT ................................................................................. 56
3. Prf .......................................................................................................................................... 57
4. ( lag) .......................................................................................... 58
5. Ltest ( ) .......................................................................................... 60
6. Muffer ..................................................................................................................................... 65
7. Macf ....................................................................................................................................... 69
8. Sppp ....................................................................................................................................... 71
9. Arp ......................................................................................................................................... 73
10. switch ....................................................................................................................... 75
Wildcard ........................................................................................................................ 76
(List commands) ........................................................... 77
(Group commands)....................................................................... 79
(Rules commands) .................................................. 87
(Control commands) ................................................................................... 88
............................................................................................................... 92
11. CES........................................................................................................................... 93
12. WiFi ( Wi-Fi AP) .................................................................................................. 97
13. DFS ( ) .......................................................................................100
IV. ......................................................................103
1. Ifconfig ( ) ...........................................................................................103
2. Tun .......................................................................................................................................105
3. Qm ( Quality-of-Service) .....................................................................................107
4. Route ( ) ...............................................................................................114
5. ARIP ......................................................................................................................................115
.................................................................................................................................115
. ...........................................................................................115
/ RIP . ........................................................................................118
................................................................................................................118
RIP ..........................................................................................................................120
(route-map) ...................................................................................................122
. ...................................................................................123
. ................................................................................................................124
RIP ...........................................................................................................125
Copyright 2004-2011 by InfiNet Wireless
ii
InfiNet Wireless
WANFleX
6. Rip ( ) ............................................................................125
7. OSPFv2 ( ) .....................................................130
.................................................................................................................................130
. ...........................................................................................130
/ OSPF . ......................................................................................132
...............................................................................................133
................................................................................................................133
............................................................................................................135
........................................................................................................................140
OSPF ............................................................................................140
. .................................................................................................144
. ...................................................................................146
........................................................................147
8. Netstat...................................................................................................................................153
9. Ipfw (IP Firewall) ....................................................................................................................154
.......................................................................................................................154
...............................................................................................................................155
..................................................................................................................................157
.......................................................................161
..................................................................................................................................162
10. Loadm ( ) .........................................................................................167
11. Bpf (Berkeley Packet Filter) ......................................................................................................168
12. RPCAP ...................................................................................................................................169
13. Snmpd (SNMP daemon) ...........................................................................................................170
14. Td (Telnet daemon).................................................................................................................171
15. Nat (Network Address Translation) ............................................................................................172
..................................................................................................................................173
........................................................................................................176
NAT H.323 ............................................................................................................179
16. Trapd (SNMP traps) .................................................................................................................181
17. DHCP Server ...........................................................................................................................184
DHCP .................................................................................................184
18. DHCP relay. dhcpr .....................................................................................................202
.......................................................................................................................202
.....................................................................................................................203
19. DHCP . dhcp ..................................................................................................204
.......................................................................................................................204
......................................................................................................................................204
..................................................................................................................................205
..................................................................................................................................205
Copyright 2004-2011 by InfiNet Wireless
iii
InfiNet Wireless
WANFleX
20. VRRP . vrrp ..................................................................................................206
.......................................................................................................................206
.....................................................................................................................207
V. ...................................................................................................213
1. Ctl ( ) ...............................................................................213
VI. .........................................................216
1. Gatekeeper.............................................................................................................................216
Copyright 2004-2011 by InfiNet Wireless
iv
InfiNet Wireless
WANFleX
I.
1.
,
Unix. .
,
.
config save.
,
";" ( ).
, ,
.
.
VT100 ANSI,
.
"!h". ,
"!". TAB
( ).
Ctrl/R ,
. ,
, .
, "?"
.
- 38400 (
dport).
,
Telnet HTTP.
3 Telnet ( 23) HTTP ( 80).
2. IP-
IP-.
IP- .
( )
( IP-). IP- 0/0
IP-.
:
nn.nn.nn.nn ( )
nn.nn.nn.nn/N (N )
nn.nn.nn.nn:xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx )
192.168.9.0/24 192.168.9.0 24.
192.168.9.0:255.255.255.0
.
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
II.
1. Help
.
:
help
:
.
.
2. System
.
:
system []
:
system name [ ]
system name Revolution.
system location [, ]
,
SNMP.
:
system location , .
system gpsxy [E|W]XX.XXXXX
[N|S]YY.YYYYY
( ) .
.
:
system gpsxy 60.40056 56.82857
system user
,
telnet/http.
:
system user root
system password
.
:
system password qwerty
,
.
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
system prompt _
(prompt) .
16 .
: Prompt#ttyN>
:
system prompt MyHost
system guest /
. login,
.
,
.
:
system guest for_members_only
system [no]fastroute
/
.
(traceroute),
.
, Ethernet,
IP .
system icmplimit XX
ICMP
( 200).
.
0 (), .
system [no]sendredirects
() icmp
redirect
.
system [no]dropredirects
() icmp
redirect
.
system uptime
.
system cpu
system search [seconds]
10 .
system version
.
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
system OfficialAddress IP
"sys OfficialAddress IP" ,
.
system log [args]
on -
off -
IP-ADDR - UNIX
syslog. syslogd
facility.level "user.notice"
15.
- -
show - ( ,
/ )
clear -
[no]filter -
,
( )
sys serialCD [no]log [no]trap
/ Carrier Detect
(CD) (). "log"
(sys
log).
"trap"
SNMP-trap
.
CD oid 1.3.6.1.4.1.3942.0.103
CD oid 1.3.6.1.4.1.3942.0.104
, SNMP
trapd "trapd on"
(. trapd).
"-".
config save.
3. Config ( )
:
config [show | save | clear]
config import | export login:password@host/file
:
show - .
config show.
( ).
.
:
co show mint rip
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
MINT RIP
co show r !rip
, "r" , "rip".
save -
.
clear (
).
.
export, import -
.
FTP.
.
:
config export user:secret@192.168.1.1/var/conf/test.cfg
4. Set ( TIME ZONE)
.
/ .
:
set TZ TIMEZONE
:
set TZ EST+5EDT,M4.1.0/2,M10.5.0/2
set TZ EKT+5
http://ru.wikipedia.org/wiki/_
5. Flashnet (/ )
:
flashnet get/put login[:password]@/
:
flashnet get
get.
FTP.
.
,
, . -s
IP-.
:
flashnet get ftp:ftp@192.168.1.1/R5000-H05S01-MINTv168.7.bin
:
".".
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
put
.
6. Restart
.
:
restart [y]
restart SECONDS
restart stop
:
restart
.
, ,
.
"y", ,
.
(restart 300).
,
.
.
.
restart stop.
7. Ping
:
ping IP [size|-s SIZE] [count|-c COUNT] [source|-S SRC_IP]
:
(ICMP_ECHO_REQUEST) (IP).
.
10
8000 ( 64) ,
( 5).
,
, . -S
IP-.
8. Telnet
Telnet .
:
telnet IP_
:
telnet
.
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
-
,
, .
Ctrl/D.
9. Tracert
.
:
tracert [-s SourceAddress] HostAddress
:
HostAddress.
IP 'time to live'
ICMP TIME_EXCEEDED,
,
.
,
, . -s
IP-.
30-
36
3 .
.
.
.
, ,
ICMP:
! -
!N -
!H -
!P -
!F -
!X - (, , ..)
* - .
10.Webcfg ( Web -)
Web-.
:
webcfg start|stop
:
/ Web-
. Web-
Web-.
:
webcfg start
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
11.Rshd (Remote Shell)
Remote Shell (RSH).
rshd enable | disable RemoteUSER RemoteHOST LocalUSER
rshd start | stop | flush
:
RSH
rsh.
TCP
.
RSH .
rshd start
rshd stop.
, ,
.
rshd enable :
RemoteUSER - ( 16 )
RemoteHOST IP-
LocalUSER - ( 16 ).
6-
.
WANFleX .
rshd disable
.
rshd flush rsh .
RSH
(rsh -l mysecretuser RWR.domain.ru ipstat get).
:
rshd enable
admin 195.38.44.1
rshd enable
root
mysecretuser
195.38.45.123 mysecret2
rshd start
12. SSH (Secure Shell)
SSH (Secure Shell)
.
Telnet, Telnet, SSH
, . , SSH
.
SSH SSH SSH . SSH
SSH ,
. SSH
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
, ,
.
InfiNet Wireless SSH SSH .
SSH ( sshd)
SSH (SSH daemon)
sshd.
:
sshd -window=SIZE
sshd -keepalive=TIME
sshd -banner=on | off
sshd -log-level={emerg | alert | crit | error | warning | notice | info | debug |
LEVEL}
sshd -algo-list
sshd -kex-algos=ALGO-LIST
sshd -hostkey-algos=ALGO-LIST
sshd -cipher-algos=ALGO-LIST
sshd -hash-algos=ALGO-LIST
sshd -comp-algos=ALGO-LIST
sshd -auth-methods[=AUTH-METHODS-LIST]
sshd start
sshd stop
sshd newkeys
sshd pub[key] {sh[ow] | cl[ear] | de[lete] N}
sshd pub[key]
[COMMENT]
{in[stall]
im[port]
[LOGIN[:PASSWORD]@]HOST/FILE}
:
-, SSH . /
sshd start sshd stop .
SSH
DSS RSA (Host Keys), SSH
.
sshd newkeys.
, SSH SSH
.
SSH
$ACLOCAL. , SSH
, SSH , IP , .
$ACLOCAL
.
SSH :
Copyright 2004-2011 by InfiNet Wireless
InfiNet Wireless
WANFleX
-window=SIZE -
.
SSH
SSH SSH . , 24576 .
-log-level={emerg | alert | crit | error | warning | notice |
info | debug | LEVEL}
SSH ,
(
sys log).
: emerg, alert, crit,
error, warning, notice, info, debug
LEVEL ( 0 7). -,
6- (info).
-keepalive=TIME -
,
. -, SSH
( 0).
-banner=on/off /
IW WANFleX SSH .
SSH :
-algo-list
SSH
(kex),
(host key), (cipher), (hash)
(compress).
: -kex-algos=ALGO-LIST, -hostkey-algos= ALGOLIST, -cipher-algos= ALGO-LIST, -hash-algos= ALGO-LIST, comp-algos= ALGO-LIST -
( SSH , c
-algo-list),
SSH .
SSH
-, SSH , SSH
.
. WANFleX
SSH ,
sshd pubkey sshd -auth-methods.
sshd pubkey
(public key). SSH
, ,
,
SSH .
SSH ,
SSH .
SSH SSH FTP
:
sshd pubkey import [LOGIN[:PASSWORD]@]HOST/FILE [COMMENT]
HOST IP- FTP , FILE ,
RSA/DSS SSH OpenSSH
SSH2. FTP ,
LOGIN PASSWORD.
COMMENT
,
Copyright 2004-2011 by InfiNet Wireless
10
InfiNet Wireless
WANFleX
, SSH .
-, IP- SSH IP-
FTP , .
SSH ,
SSH ( ).
SSH :
sshd pubkey install [COMMENT]
COMMENT ,
sshd import (. ).
sshd show ,
SSH .
sshd clear SSH .
sshd delete N SSH
.
sshd -auth-methods SSH
.
:
sshd -auth-methods
SSH
(
):
sshd -auth-methods=AUTH-METHODS-LIST
AUTH-METHODS-LIST
.
, all ( ).
:
,
Public key.
sshd -auth-methods=publickey
SSH ( sshc)
SSH sshc.
:
sshc [options] [LOGIN@]HOST [REMOTE-COMMAND]
options:
-window=SIZE
-keepalive=TIME
-compress, -C
-bind-addr=ADDR, -b ADDR
-pubkey-show
Copyright 2004-2011 by InfiNet Wireless
11
InfiNet Wireless
WANFleX
-pubkey-new=BITS
-pubkey-clear
-pubkey-export=[LOGIN[:PASSWORD]@]HOST/FILE
-algo-list
-kex-algos=ALGO-LIST
-hostkey-algos=ALGO-LIST
-cipher-algos=ALGO-LIST, -c ALGO-LIST
-hash-algos=ALGO-LIST, -m ALGO-LIST
-comp-algos=ALGO-LIST
:
( SSH
) SSH :
sshc [options] [LOGIN@]HOST [REMOTE-COMMAND]
LOGIN - (
InfiNet Wireless system user).
,
LOGIN .
HOST - IP- .
REMOTE-COMMAND ,
.
(options) SSH :
-window=SIZE -
.
SSH
SSH SSH . , 24576
.
-keepalive=TIME -
SSH .
SSH SSH ,
. -, SSH
( 0). .
-compress, -C .
-bin-addr=ADDR ( : -b ADDR)
IP- SSH . ,
IP- ,
.
(Public key):
-pubkey-new=BITS DSS RSA
SSH . BITS
( : 512-4096). ,
RSA DSS , 512 :
sshc pubkey-new=512
Copyright 2004-2011 by InfiNet Wireless
12
InfiNet Wireless
WANFleX
-pubkey-show SSH
, .
-pubkey-export=[LOGIN[:PASSWORD]@]HOST/FILE
SSH
FTP . HOST IP- ,
FILE , RSA/DSS SSH
. FTP ,
LOGIN
PASSWORD.
-pubkey-clear SSH .
SSH :
-algo-list SSH
(kex), (host key),
(cipher), (hash) (compress).
: -kex-algos=ALGO-LIST, -hostkey-algos=ALGO-LIST, cipher-algos=ALGO-LIST ( : -c ALGO-LIST),
-hash-algos=ALGO-LIST ( : -m ALGOLIST),
-comp-algos=ALGO-LIST
( SSH ,
c -algo-list),
SSH .
SSH (,
, SSH SSH )
: <Enter>~. (
Enter, ~, .).
:
sshc -C root@1.2.3.4
SSH ,
IP- 1.2.3.4,
root, (
SSH ).
13. Ipstat ( IP-)
IP .
:
ipstat enable [items] | disable
ipstat clear | getclear
ipstat fixit | fixget | fixclear
ipstat strict | -strict
ipstat add [ifname] rule...
ipstat del N
ipstat traffic
:
/
.
Copyright 2004-2011 by InfiNet Wireless
13
InfiNet Wireless
WANFleX
: ,
.
, ,
- .
"ipstat enable SLOTS",
"SLOTS" - . - 1000,
15-20 .
12 .
( rsh), :
ipstat enable [incoming|outgoing|full] [detail] [SLOTS] | disable
/
IP
.
incoming/outgoing
/ . full
.
detail ,
. SLOTS
ipstat.
ipstat clear - .
ipstat fixit - .
.
ipstat fixget - .
.
ipstat fixclear - .
,
, .
,
. enable strict,
, ,
.
.
"ipstat add [ifname] rule" ,
, ,
"rule". ,
(ifname). , ,
ipfw.
"ipstat del N" N .
" ipstat rearrange N"
N ( , 1).
ipstat traf [detail] [bytes | total_bytes]
.
detail ,
. bytes(/total_bytes)
(total bytes).
Copyright 2004-2011 by InfiNet Wireless
14
InfiNet Wireless
WANFleX
rsh:
#!/usr/bin/perl -w
for(;;)
{
my $stat;
do
{
$stat = system("rsh
ips fixit >/dev/null");
-t
30
-n
-l
root
IWR_IP
-l
root
IWR_IP
-l
root
IWR_IP
if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);
do
{
$stat = system("rsh
ips fixget >stat.tmp");
-t
30
-n
if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);
do
{
$stat = system("rsh
ips fixclear >/dev/null");
-t
30
-n
if(int($stat) != 0) { sleep(5); }
} while (int($stat) != 0);
system("cat stat.tmp >>stat.txt");
sleep(300);
}
14. Sflowagent ( Sflow)
Sflow.
:
Available commands are:
sta[rt]
Start Sflow agent
sto[p]
Stop Sflow agent
wi[pe]
Stop Sflow agent and clean all configuration
add[instance] 'name'
Add instance (default 'ipstat')
del[instance] 'name'
Delete instance (default 'ipstat')
stat 'name'
cl[earstat] 'name'
Show statistics for instance (default 'ipstat')
Clear statistics for instance (default 'ipstat')
Copyright 2004-2011 by InfiNet Wireless
15
InfiNet Wireless
WANFleX
Available options are:
-collector=IPaddress[:port] Set collector address
-agent=IPaddress
Set agent address (default 0.0.0.0)
-maxpacket=size
Set maximal datagram size (default 1500)
-interval=number
Set statistics recieve interval, in seconds (default 5)
-datagrams=number
Set datagrams per statistics interval (default 100)
-rawheader={on|off}
Sends original ipV4 headers (default off)
-debug={on|off}
-version -v
Puts debug output to log (default off)
Display Version
:
Sflow ,
. ..
. Sflowagent
Sflow .
sflow sta[rt] Sflow
sflow sto[p] Sflow
sflow wi[pe] Sflow
sflow add[instance] name
( name, ipstat)
sflow del[instance] name
( name, ipstat)
sflow stat name
( name, ipstat)
:
Total flow records
Total flow samples
Overflow records
Overflow count
Total cycles
Total datagrams
Unused datagrams
Bytes sent
Lost flow samples
Lost flow records
Lost overflow
records
- , Instance.
- ,
flow records.
- , Instance
, Instance ,
,
interval.
- , Instance ,
,
interval.
.
.
,
datagrams,
.
-
Sflow.
flow samples -
maxpacket, interval datagrams.
flow records -
maxpacket, interval datagrams.
- , Instance ,
,
Copyright 2004-2011 by InfiNet Wireless
16
InfiNet Wireless
WANFleX
interval .
sflow cl[earstat] name
( name,
ipstat)
sflow collector=IPaddress[:port] - ,
sflow-. 6343.
sflow -agent=IPaddress
()
sflow -maxpacket=size
Sflow . , 1472 .
"" .
, ,
.
sflow -interval=number - , , ,
instance.
, , ,
. 15
.
sflow -datagrams=number -
instance.
- ,
CPU. , , .
,
, .. .
maxpacket /
interval. 100. sflow =
datagrams/interval * maxpacket, (/).
sflow -rawheader={on|off} - ,
ipV4 ( - off).
.
Sflow -debug={on|off} -
.
:
ipstat enable full detail 3000 #
sflow add ipstat #
sflow -collector=1.2.3.4 start #
15. ( acl)
(Access Control Lists).
:
acl add $NAME TYPE params...
acl del $NAME [params...]
acl ren $NAME1 $NAME2
acl flush
Copyright 2004-2011 by InfiNet Wireless
17
InfiNet Wireless
WANFleX
Possible TYPES: net num
Predefined ACL names:
$ACLOCAL
- Hosts (networks) permitted to configure the device.
(, ipfw, qm, ipstat). (ACL)
.
acl add NAME TYPE.
$ 7
- , ";" (
).
TYPE, .
,
.
acl del
NAME. , .
acl rename NAME1 NAME2.
acl flush .
(TYPE):
net - dot :
xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx/MASKLEN
xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx
net
. ,
1.1.1.1 ,
1.1.1.0/24 1.1.1.1.
:
acl add $LIST1 net 10.0.0.0/8 192.168.0.0/16 5.5.5.5
acl del $LIST1 100.100.100.100/28
:
$ACLOCAL (
) telnet, ftp, http, ssh.
$ACLOCAL,
() .
:
acl add $ACLOCAL net 10.0.0.0/8 192.168.0.0/16
Copyright 2004-2011 by InfiNet Wireless
18
InfiNet Wireless
WANFleX
16.Sntp
SNTP.
SNTP WANFlex
NTP ,
SNTP RFC 2030.
unicast
.
:
sntp [options] [command]
:
start
stop -
:
-server={ipaddr}
- SNTP
-interval={seconds}
-debug={on|off}
- /
:
sntp -interval=3600 -debug=on
sntp -server=9.1.1.1 start
:
start
.
:
sntp start
stop
.
:
sntp stop
:
.
server
server IP- NTP .
:
sntp -server=9.1.1.1
interval
interval ,
NTP ,
3600.
Copyright 2004-2011 by InfiNet Wireless
19
InfiNet Wireless
WANFleX
:
sntp -interval=5000
debug
/ (
) WANFlex.
:
sntp -debug=on
sntp -debug=off
17.Date
.
WANFlex.
(kernel clock), hardware clock (
).
:
date [[[[[cc]yy]mm]dd]HH]MM[.ss]]
cc
19 20
yy
( 89 1989, 05 2005)
mm 1 12
dd
, 1 31
HH
, 0 23
MM
, 0 59
ss
, 0 61 (59 leap seconds)
:
date 20040210053004
Tue Feb 10 05:30:04 2004
date
Tue Feb 10 05:30:10 2004
18.Erp ( )
ERP (Emergency Repair Procedure)
(system password) .
:
erp [options] [command]
Copyright 2004-2011 by InfiNet Wireless
20
InfiNet Wireless
WANFleX
[options]:
-serial <n>
- device serial number
-code <c>
- ERP code
-ip <address> - interface IP address
-mask <mask>
- interface IP address mask
[command]:
boot
- force continuing boot on device(s).
Device serial number may be unspecified
and means 'any device'.
reset - resets device's configuration.
Serial number and ERP code must be specified
ifup
- turns up device's interface and add IP address
and mask alias to it. Serial number, IP address
and IP address mask must be specidfied
If command is not specified, then it's assumed the 'boot' command.
:
:
-serial <n> -
-code <c> - ERP-
-ip <address> - IP- Ethernet
-mask <mask> - Ethernet
:
boot .
reset ,
.
ERP-.
ifup Ethernet (eth0)
IP- .
, IP- .
InfiNet Wireless. ,
, ERP.
Ethernet
Ethernet-.
:
1. ERP c serial,
Copyright 2004-2011 by InfiNet Wireless
21
InfiNet Wireless
WANFleX
erp serial <SERIAL>
ERP .
2. , ,
-
3. ERP Sequence
.
InfiNet Wireless.
4. . ERP-
.
5. ERP :
erp serial <SERIAL> -code < ERP-> reset
6. ,
7. ERP
8. ,
(user name)
. .
IP- Ethernet (eth0),
, (
, Ethernet
(down) IP- ):
erp serial <SERIAL> -ip <address> -mask <mask> ifup
19. AAA ( RADIUS )
AAA ,
RADIUS .
:
aaa [options] [command]
where commands are:
start - start service
stop - stop service
where options are:
-auth=ip[:port],secret[,identifier] - RADIUS server parameters,
address
secret
- Server IP Address
- shared secret
identifier - NAS Identifier
this option can be repeated.
-remove=ip[:port]
- Remove RADIUS server.
-debug={on|off}]
- on/off debug output.
Copyright 2004-2011 by InfiNet Wireless
22
InfiNet Wireless
WANFleX
start/stop
.
AAA
:
-auth=ip[:port],secret[,identifier]
RADIUS , ip[:port] IP RADIUS
, secret , identifier NAS (Network Access
Server) .
-remove=ip[:port] RADIUS
.
-debug={on|off}]
AAA .
20. License
license /
.
:
license [options]
options are:
--install=<url> - install new license
--export=<url> - export current license to external server
--show
- show license info
<url> = ftp://[login[:password]@]host/file
:
install/export / /
.
show
.
:
li --export=ftp://ftp_login:ftp_password@192.168.145.1/license_file
li --show
21. Dport
:
dport BAUD
:
.
: 9600, 19200, 38400, 57600, 115200 /.
: 38400 /.
Copyright 2004-2011 by InfiNet Wireless
23
InfiNet Wireless
WANFleX
22. Mem
:
mem
:
, (mbuf),
.
:
23. Grep ( )
grep .
,
().
! H01/H02.
:
grep [OPTIONS] [-e]PATTERN "command"
Copyright 2004-2011 by InfiNet Wireless
24
InfiNet Wireless
WANFleX
command | grep [OPTIONS] [-e]PATTERN
OPTIONS:
-e PATTERN, --regexp=PATTERN
-i, --ignore-case
-v, --invert-match
-w, --word-regexp
-x, --line-regexp
-c, --count
-m NUM, --max-count=NUM
-n, --line-number
-A NUM, --after-context=NUM
-B NUM, --before-context=NUM
-C NUM, --context=NUM
:
grep (command),
,
(PATTERN).
-e (-e PATTERN --regexp=PATTERN),
, (-).
, i ( -ignore-case).
, .. ,
-v ( -invert-match).
,
(-w) (-x) .
( ,
v), c.
m (-m NUM)
, .
(command)
, 1.
n.
A NUM, -B NUM C NUM
, (A), (B)
(C) , .
(---)
.
Copyright 2004-2011 by InfiNet Wireless
25
InfiNet Wireless
WANFleX
III.
1. Rfconfig ( )
.
:
rf interface parameters...
Interface rf5.0 parameters:
band XXX: bandwidth (MHz) - {double (40)|full (20)|half (10)|quarter (5)}
grid B G: frequency grid - <bw> freq1[-freq2[/step]],... | clear
freq XXX: central frequency (MHz)
bitr XXX: bitrate (Kbps)
txpwr XXX: tx power (dBm)
sid
XXX: system identifier - up to 8 hex digits.
cap
: RF capabilities
dist XXX: distance in kilometers or auto
txrt XXX: max transmit retries [15]
txvrt XXX: max transmit retries in voice mode [5]
[-]burst : burst mode
[-]shortgi: short guard interval mode
noise XXX: Noise floor threshold, dB [20]
[-]pwrctl : automatic TPC mode
[-]wocd
[modulation OFDM | CCK]
[chntime XXX]
[statistics]
[-]bcsid
,
.
"rf rfNAME ?" .
"rf rfNAME cap".
band XXX - :
double 40 , full 20 , half 10 , quarter 5 .
.
.
grid B G
, .
.
Copyright 2004-2011 by InfiNet Wireless
26
InfiNet Wireless
WANFleX
(__/),
, .
:
IFNAME grid BAND FREQUENCY_RANGE_LIST
:
rf rf5.0 grid 40 4920-5940/5
rf rf5.0 grid 20 5310-5390/10,5450,5500-5580/20
rf rf5.0 grid 10 5480, 5500, 5520, 5540, 5560, 5580
( rf cap) ,
(roaming, dfs ..).
:
rf IFNAME grid BAND clear
,
.
freq XXX , .
.
"rf rfNAME cap".
bitr XXX - ( ).
:
2 : 11000, 5500, 2000, 1000 .
5-6 : 6000, 9000, 12000, 24000, 36000, 48000, 54000
/.
Xm:
5 : 3250, 6500, 9750, 13000, 19500, 26000,
29250, 32500 /
10 : 6500, 13000, 19500, 26000, 39000, 52000,
58500, 65000 /
20 : 13000, 26000, 39000, 52000, 78000, 104000,
117000, 130000 /
40 : 30000, 60000, 90000, 120000, 180000,
240000, 270000, 300000 /.
txpwr XXX - dBm.
.
"rf <IFNAME> capabilities".
sid XXX - , 1H FFFFFFH.
, ,
.
cap (capabilities) -
,
, ..
Copyright 2004-2011 by InfiNet Wireless
27
InfiNet Wireless
WANFleX
dist XXX (distance) - (
). ,
.
dist ,
.
:
(
): rf rf5.0 dist auto. ,
auto :
auto (XX).
(, GPS),
sys gpsxy, dist
auto.
,
dist. -,
,
.
,
,
, .
0 dist
.
txrt XXX (transmit retries) -
unicast . 15.
txvrt XXX (transmit voice retries) -
( )
, 5. (Voice Mode)
VoIP.
- 64 .
burst - BURST.
.
burst -
,
.
.
muf stat.
-burst . .
shortgi - (short
guard interval).
.
,
,
, ,
.
-shortgi . .
noise XXX - (Noise floor
threshold). . 20 .
Copyright 2004-2011 by InfiNet Wireless
28
InfiNet Wireless
WANFleX
, .
,
,
. (Noise floor)
(Noise floor threshold)
rf IFNAME stat.
pwrctl -
(ATPC).
,
.
-pwrctl . .
wocd - .
.
.
"-wocd"
. "-wocd" ( ).
modulation - -
(OFDM/CCK). 5-6 OFDM.
chntime XXX (Channel Burst Time) -
burst (0...5000). 0 (
).
statistics -
1 .
.
"rf stat" 5
Broadcast rate
Bitrate Broadcast
Multicast ;
Voice Mode
/ Voice . ,
Bytes Received
Bytes Transmitted
Packets Received OK
Packets Transmitted OK
Duplicate Received
Total Retries
FIFO Overrun
Copyright 2004-2011 by InfiNet Wireless
29
InfiNet Wireless
WANFleX
FIFO Underrun
CRC Errors
Excessive Retries
Noise Floor
,
10
Noise Floor Threshold
Carrier Detect
Decrypted frames
Decrypted errors
Replay drops
Aggr Subframe Retries
,
-
( )
Aggr Full Retries
Max aggr frames
Max aggr bytes
Encrypted frames
"rf stat" 2.4
Beacons Received
802.11
( )
Beacons Transmitted
802.11
( )
Ack Packets Transmitted
RTS Packets Transmitted RTS
CTS Packets Transmitted CTS
PLCP CRC Errors
Single Collisions
PLCP Format Errors
PLCP
Polling cache aged
PLCP Length Errors
PLCP
Copyright 2004-2011 by InfiNet Wireless
30
InfiNet Wireless
WANFleX
No Deferral
MAC CRC Errors
Deferred Protocol
Partial Received
Deferred Energy Detect
SSID Mismatches
Retry Long
,
RTS
AP Mismatches
AP ( )
Retry Short
,
RTS
Data Rate Mismatches
Authentication Rejects
Ack Received
Authentication T/O
802.11
No Ack Received
Association Rejects
CTS Received
CTS
Association T/O
No CTS Received
CTS
Packets Aged
Noise Floor
( 10
)
Noise Floor Threshold
Carrier
Detect
SSID
bcsid - SID
beacon ,
.
,
,
SID ( ANY). MINT
,
,
,
.
-bcsid . SID
.
SID
Copyright 2004-2011 by InfiNet Wireless
31
InfiNet Wireless
WANFleX
NetStumbler, AirTraf, AiroPeak ..
:
rfconfig rf5.0 sid 1 bitr 130000 freq 2427 burst
rfconfig rf5.0 bitr 300000 freq 5280 sid 01020304 burst
rfconfig rf5.0 txpwr 18 pwrctl
2. Mint
! MINT RMA.
.
MINT (
, ) Ethernet
. , Ethernet
- (tun, ppp, null etc).
Ethernet .
, .
:
mint IFNAME -type {mesh | master | slave}
mint IFNAME -mode {mobile | nomadic | fixed}
mint IFNAME -nodeid NUMBERID
mint IFNAME -name NAME
mint IFNAME -key SECRETKEY
mint IFNAME -authmode {public | static | remote}
mint IFNAME -[no]authrelay
mint IFNAME [no]snmprelay
mint IFNAME -[no]replicate [$ACL]
mint IFNAME -[no]autobitrate [+/-DB] | -fixedbitrate
mint IFNAME autofactor 1..5 [3]
mint IFNAME -tpcmin dB -tpcmax dB -tpcadj +/-dB
mint IFNAME -ratefall 0..8 [0]
mint IFNAME -minbitrate XX
mint IFNAME -meshextracost XX
mint IFNAME -extracost XX
mint IFNAME -fixedcost XX
mint IFNAME -maxlinks XX
Copyright 2004-2011 by InfiNet Wireless
32
InfiNet Wireless
WANFleX
mint IFNAME [-loamp XX] [-hiamp XX]
mint IFNAME -[no]crypt
mint IFNAME -airupdate {disable | {[active|passive]|force}} [fast|normal|slow]
mint IFNAME -[no]log [detail]
mint IFNAME -roaming {leader | enable [multiBS] | disable}
mint IFNAME profile N [-freq X[,Y,N-M,...] | auto] [-sid X[,Y,..]] [-bitr X]
[-band {double | full | half | quarter}]
[-type {master|mesh|slave}] [-key XXX] [-nodeid N]
[{-minbitr XXX [-autobitr [+/-dB]] | -fixedbitr}]
[-long {on|off}]
[enable | disable | delete]
mint IFNAME addnode [-defgw X.X.X.X] [-defmask X.X.X.X]
mint IFNAME addnode -mac X:X:X:X:X:X [-key STRING] [-note STRING] [maxrate XX]
[-lip X.X.X.X] [-tip X.X.X.X] [-mask X.X.X.X]
[-lgw X.X.X.X] [-tgw {X.X.X.X | none}]
[-lcost XX] [-tcost XX] [{-setpri | -addpri} NN | -1]
[-disable | -enable | -delete]
mint IFNAME delnode -mac X:X:X:X:X:X
mint IFNAME map [routes | full | swg] [detail] [-m]
mint -[no]colormap
mint IFNAME monitor [-s] [-i SEC] [MAC [MAC ...]] | -[no]audio [full] [-mac
MAC]
mint IFNAME rcmd -node {ADDR|all} [-peer] [-self] {-cmd "CMD" | -file URL} [key KEY] [-quiet]
mint IFNAME -rcmdserver {disable | enable} -guestKey STRING -fullKey STRING
mint IFNAME -odr hub
mint IFNAME -odr spoke [[-]connected [$ACL]] [[-]kernel [$ACL]]
mint IFNAME -odr disable | show
mint IFNAME start | stop | restart | clear
mint IFNAME poll {start [log] | stop | stat [clear]}
mint join IFNAME1 IFNAME2 ...
mint disjoin
mint IFNAME trace MAC
mint vers
:
mint IFNAME type {mesh | master | slave}
Copyright 2004-2011 by InfiNet Wireless
33
InfiNet Wireless
WANFleX
MINT : master, mesh
slave.
MASTER:
.
mesh
. master
. master
,
- ().
(
join).
.
MESH:
.
mesh master.
mesh master , master
(master-master)
mesh ( ),
master-mesh ( master)
( meshextracost),
. , mesh
, , .
mesh
master-a. , master
, mesh
( , join).
master-a ( )
mesh (
).
SLAVE:
master.
master-a. master-a
slave . slave
"" "" () ( - ) (master-slave).
:
mint rf5.0 type master
:
mint IFNAME mode {mobile | nomadic | fixed}
.
.
:
Copyright 2004-2011 by InfiNet Wireless
34
InfiNet Wireless
WANFleX
Fixed. ,
.
.
Nomadic. ,
, , ,
.
Mobile. .
.
:
mint rf5.0 mode nomadic
:
mint IFNAME -nodeid NUMBERID
. ,
.
XXX.YYY,
IP ( XXX YYY
1 255).
.
.
:
mint rf5.0 nodeid 5
mint rf5.0 nodeid 123.112
:
mint IFNAME -name NAME
.
mint map. 16 .
,
.
:
mint rf5.0 name My_node
mint rf5.0 -name "Master Unit"
()
:
mint IFNAME poll {start [log] | stop | stat [clear]}
Copyright 2004-2011 by InfiNet Wireless
35
InfiNet Wireless
WANFleX
start
stop
log
stat
clear
()
.
,
, .
CSMA/CA .
,
.
,
,
.
.
,
, online- . ,
,
,
.
MINT.
mint IFname poll start [mi=XX] [ub=XX] [mt=XX]
MI - ,
.
.
4 20.
UB - .
, .
telnet. 3
1000.
MT - Marker Timeout.
.
:
mint rf5.0 poll start ub=250
:
Copyright 2004-2011 by InfiNet Wireless
36
InfiNet Wireless
WANFleX
mint IFNAME -[no]replicate [$ACL]
""
.
mint noreplicate, ,
,
.
, .
(mint -replicate).
$ACL "num" (acl add
$ISOLATE num N1 N2 ...),
,
( ).
,
.
.
:
mint IFNAME [no]autobitrate [+/-DB]
/
(autobitrate).
autobitrate
( / ,
)
,
. , ,
, .
autobitrate ,
bitr,
rfconfig. autobitrate,
, minbitrate
mint (. ) bitr rfconfig
;
. minbitrate ,
(
).
autobitrate
:
mint IFNAME -minbitrate BITRATE
:
mint rf5.0 -autobitrate
Copyright 2004-2011 by InfiNet Wireless
37
InfiNet Wireless
WANFleX
mint rf5.0 minbitrate 9000
+/-DB
. Autobitrate
(bitrate),
(mint
IFNAME autobitrate - <number in dB>). ,
(mint IFNAME autobitrate + <number in dB>).
autobitrate :
mint rf5.0 -fixedbitrate
(fixedbitrate)
, bitr
rfconfig.
mint IFNAME -ratefall 0..8
:
,
,
.
,
.
1 8
, (
rf rfX cap). 0
.
:
mint rf5.0 ratefall 4
:
mint IFNAME autofactor 1..5
-.
autofactor,
,
.
3.
:
mint IFNAME [-loamp XX] [-hiamp XX]
loamp.
. SNR
.
, . 2.
Copyright 2004-2011 by InfiNet Wireless
38
InfiNet Wireless
WANFleX
hiamp.
( ).
,
. 6.
:
mint rf5.0 loamp 2
ATPC
:
mint IFNAME -tpcmin dB -tpcmax dB -tpcadj +/-dB
ATPC
( ). ATPC
rf <interface> pwrctl (.
rfconfig).
tpcmin dB.
dB, ATPC
.
tpcmax dB.
dB, ATPC
.
tpcadj +/-dB.
, ATPC .
ATPC (tpcadj + <number
in dB>) (tpcadj - <number in dB>)
, , .
:
mint IFNAME addnode [-defgw X.X.X.X] [-defmask X.X.X.X]
mint IFNAME addnode -mac X:X:X:X:X:X [-key STRING] [-note STRING] [maxrate XX]
[-lip X.X.X.X] [-tip X.X.X.X] [-mask X.X.X.X]
[-lgw X.X.X.X] [-tgw {X.X.X.X | none}]
[-lcost XX] [-tcost XX] [{-setpri | -addpri} NN | -1]
[-disable | -enable | -delete]
, .
:
mac. . MAC- .
key. ( 64 ;
, ).
Copyright 2004-2011 by InfiNet Wireless
39
InfiNet Wireless
WANFleX
key ,
(mint IFNAME key).
lip. IP-. ,
tip mask. IP- .
.
IP-. ,
, .
lgw. IP- .
.
tgw. IP- .
. none
(
addnode defgw)
lcost.
(local cost). ,
, MINT.
tcost. (target
cost). , ,
MINT.
lcost tcost , lcost
.
enable/disable/delete. /
.
maxrate.
.
setpri | addpri. /
, .
setpri" ,
.
-1, .
"addpri" ,
, .
.
note.
.
:
mint rf5.0 addnode mac 000028BAF234 lip 1.1.1.1 tip 1.1.1.2 mask
255.255.255.252 lcost 120
, "mint addnode" "-defgw
X.X.X.X -defmask X.X.X.X".
-defgw X.X.X.X. .
-defmask X.X.X.X. .
, ,
. ,
IP :
mint rf5.0 addnode -mac 000435567322 -tip 10.1.1.1 -key SecretKey1
Copyright 2004-2011 by InfiNet Wireless
40
InfiNet Wireless
WANFleX
, ,
. IP ,
.
(
addnode -tgw / addnode defgw) ,
.
:
mint IFNAME delnode -mac X:X:X:X:X:X
MAC-
.
:
mint rf5.0 delnode mac 000028BAF234
:
mint IFNAME start|stop
/ MINT The
command starts or stops MINT protocol.
:
mint rf5.0 start
:
mint IFNAME fixedcost XX
.
( join) . 0
() .
:
mint rf5.0 fixedcost 120
:
mint IFNAME extracost XX
extracost .
.
MINT,
Copyright 2004-2011 by InfiNet Wireless
41
InfiNet Wireless
WANFleX
.
. 0 () .
:
mint rf5.0 extracost 60
mesh
:
mint IFNAME meshextracost XX
meshextracost .
master mesh.
500.
:
mint rf5.0 meshextracost 300
join
:
mint IFNAME joincost XX
joincost .
, join (
3). 0 () .
:
mint rf5.0 joincost 60
MINT :
mint IFNAME -[no]log [detail]
:
. -nolog.
. -log.
/
. -log detail.
,
( autobitrate)
:
mint rf5.0 log detail
MINT
:
Copyright 2004-2011 by InfiNet Wireless
42
InfiNet Wireless
WANFleX
mint vers
MINT.
(join)
:
mint join IFACE1 IFACE2
MINT
(join) mesh
.
, .
MINT .
-
- (, ,
) (
, ..). JOIN (
) , ,
.
.
mint join rf4.0 rf4.1
mint map
=================================================
Interface rf4.0, node 000000000011 "Node1_1" id:11 (mesh)
2 Neighbors:
00020 Node2
00012 Node1_2
000000000002, Cost=40 , I/O=24/27 <36/36> /mesh/
000000000012, Cost=3 , I/O=0/0
<0/0> /join/
Interface rf4.1, node 000000000012 "Node1_2" id:12 (mesh)
2 Neighbors:
-----------00020 Node3
00030 Node1_1
000000000003, Cost=40 , I/O=24/27 <36/36> /mesh/
000000000011, Cost=3 , I/O=0/0
Copyright 2004-2011 by InfiNet Wireless
<0/0> /join/
43
InfiNet Wireless
WANFleX
, ,
.
,
(
) ( ).
, .
, JOIN ,
MINT,
.
:
mint disjoin
(prf)
MINT ,
Ethernet.
- (prf),
, vlanX.
prf 0 parent eth0
ifconfig prf0 up
-
MINT .
MINT, -,
.
mint prf0 start
mint join rf4.0 rf4.1 prf0
MINT
, , .
join -
(bottleneck).
.
join,
().
mint join rf4.0 rf4.1
Copyright 2004-2011 by InfiNet Wireless
44
InfiNet Wireless
WANFleX
switch group 1 add eth0 rf4.0
:
mint IFNAME key SECRETKEY
. .
64 . ,
.
mint IFNAME -authmode {public | static | remote}
.
1)
public - () .
,
, -,
,
MINT.
2
, .
public
.
,
,
.
2)
static -
, .
. ,
, ,
, .
static
.
mint IFNAME addnode
,
.
3)
remote -
, RADIUS,
(
AAA).
,
,
Copyright 2004-2011 by InfiNet Wireless
45
InfiNet Wireless
WANFleX
,
(, IP).
,
:
mint IFNAME [no]authrelay
MINT.
, remote,
,
.
mint IFNAME [no]snmprelay
SNMP
MINT.
SNMP .
1:
B
public.
:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public
B:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public
2:
B ,
public
:
mint rf5.0 key SECRETKEY
mint rf5.0 authmode public
mint rf5.0 addnode -mac B:B:B:B:B:B -key KEY2
B:
mint rf5.0 key KEY2
mint rf5.0 authmode public
mint rf5.0 addnode -mac A:A:A:A:A:A -key SECRETKEY
Copyright 2004-2011 by InfiNet Wireless
46
InfiNet Wireless
WANFleX
public,
.
3:
.
B remote
.
:
mint rf5.0 key KEY1
mint rf5.0 authmode static
mint rf5.0 authrelay
mint rf5.0 addnode -mac B:B:B:B:B:B -key KEY2
mint rf5.0 addnode -mac ::::: -key KEY3
B:
mint rf5.0 key KEY2
mint rf5.0 authmode remote
B
( A).
A remote,
,
( ),
.
Overthe-air update
:
mint IFNAME -airupdate {disable | {[active|passive]|force}} [fast|normal|slow]
?
AirUpdate
MINT
. (
)
( ),
.
?
.
( ) MINT
, (
) . MINT (
Copyright 2004-2011 by InfiNet Wireless
47
InfiNet Wireless
WANFleX
)
,
.
.
,
MINT-MTP.
fast,
normal slow.
fast ,
2 ,
.
normal 7 , slow 24 .
passive normal.
force. ,
,
.
,
,
,
.
1.
,
.
,
7 .
mint rf5.0 airupdate active normal
2.
,
,
.
mint rf5.0 airupdate passive slow
3.
.
mint rf5.0 airupdate force
4.
,
.
Copyright 2004-2011 by InfiNet Wireless
48
InfiNet Wireless
WANFleX
mint rf5.0 airupdate disable
Over-the-air encryption
MINT .
AES-128 CCMP.
,
:
mint IFNAME -[no]crypt
:
mint rf5.0 -crypt
:
mint IFNAME map [routes | full | swg] [detail] [-m]
mint -[no]colormap
WANFleX 1.25.11:
:
Neighbors ( ). :
MAC-
MAC-
Routes. :
Copyright 2004-2011 by InfiNet Wireless
49
InfiNet Wireless
WANFleX
Full.
Swg. , MINT .
,
. .. ,
-. :
:
-detail -
(),
/ (/), / (/),
Cost, IP- -.
--m /
/.
.
WANFleX 1.25.11 :
Copyright 2004-2011 by InfiNet Wireless
50
InfiNet Wireless
WANFleX
mint map (/
mint -[no]colormap):
-,
.
,
.
(,
).
,
. ,
, -,
.
,
.
-
-,
.
Copyright 2004-2011 by InfiNet Wireless
51
InfiNet Wireless
WANFleX
:
mint IFNAME monitor [-s] [-i SEC] [MAC [MAC ...]]
MAC-() ,
.
MAC- nodeid ()
.
.
/
/.
-s ( ).
-i SECONDS .
AudioMonitor:
:
mint IFNAME monitor -[no]audio [full] [-mac MAC]
-audio (AudioMonitor).
noaudio.
full
. full
,
,
( ).
-mac MAC
, MAC-.
mint IFNAME monitor -audio [full]
,
.
Copyright 2004-2011 by InfiNet Wireless
52
InfiNet Wireless
WANFleX
:
mint IFNAME -roaming {leader | enable [multiBS] | disable}
mint IFNAME profile N [-freq X[,Y,N-M,...] | auto] [-sid X[,Y,..]] [-bitr X]
[-band {double | full | half | quarter}]
[-type {master|mesh|slave}] [-key XXX] [-nodeid N]
[{-minbitr XXX [-autobitr [+/-dB]] | -fixedbitr}]
[-long {on|off}]
[enable | disable | delete]
,
IWR-MINT
.
roaming ,
, .
( ) ,
- .
MINT roaming leader. Roaming leader
,
,
,
, . ,
,
. Roaming leader, , DFS
Radar Detection ( ).
() roaming
,
(roaming enable).
- , .
,
.
,
,
.
multiBS
, ,
.
multiBS , - ,
,
.
:
freq X[,Y,N-M,...] | auto ( )
. auto,
, .
sid X[,Y,..] - ( )
()
bitr X .
autobitrate
Copyright 2004-2011 by InfiNet Wireless
53
InfiNet Wireless
WANFleX
band {double | full | half | quarter}
type {master|mesh|slave}
key XXX -
nodeid N ID
fixedbitr
minbitr XXX
autobitrate
autobitr [+/-dB]
. [+/-dB]
.
long {on|off} long.
enable | disable | delete // .
:
mint rf5.0 profile 1 -freq 5920 -sid ABCDE
mint rf5.0 profile 2 -freq 5960 -sid ABCDE disable
mint rf5.0 profile 3 -freq auto -sid DEAD
mint rf5.0 roaming enable
:
mint IFNAME rcmd -node {ADDR|all} [-peer] [-self] {-cmd "CMD" | -file URL} [key KEY] [-quiet]
mint IFNAME -rcmdserver {disable | enable} -guestKey STRING -fullKey STRING
MINT
() c MINT .
:
-rcmdserver {disable | enable} /
( )
-guestKey STRING .
-fullKey STRING .
-node {ADDR|all} Mac- MINT
MINT
, /
[-peer] MINT,
[-self]
{-cmd "CMD" | -file URL}
, ftp
Copyright 2004-2011 by InfiNet Wireless
54
InfiNet Wireless
WANFleX
[-key KEY]
[-quiet]
:
mint rf5.0 rcmd -node all -cmd "co sh"
mint rf5.0 rcmd -node all -file ftp_name:ftp_pswd@192.168.100.21/1.txt
TRACE
:
mint IFNAME trace MAC
TRACE MINT
MAC-: , ID , ,
Cost, .
( cost)
.
ODR (On-Demand Routing)
ODR - MINT,
- .
ODR (OnDemand Routing)
.
,
. ODR IP
MINT .
ODR ,
(spokes) (hub).
-,
.
:
mint IFNAME -odr hub
Copyright 2004-2011 by InfiNet Wireless
55
InfiNet Wireless
WANFleX
, ,
:
mint IFNAME -odr spoke [[-]connected [$ACL]] [[-]kernel [$ACL]]
connected IP-/
. kernel
( route
add).
IP-/
Access Control List ($ACL). Access
Control List
.
, :
ODR
mint IFNAME -odr show
:
ODR
mint IFNAME -odr disable
RMA MINT
!
MINT
.
,
mesh point-to-multipoint ,
, ..
1. :
- MAC ,
.
:
Ifc rf5.0
- (,
) :
config save
- MINT :
fl get user:password@server/file
2. ( ) :
restart y
3. MINT .
Copyright 2004-2011 by InfiNet Wireless
56
InfiNet Wireless
WANFleX
MINT.
(RMA) , MINT
(master, autobitrate, hiamp=4).
(
).
, MINT .
IP RMA.
4. "mint map" ,
.
5. IP ,
:
ifc rf5.0 10.0.0.254/24 up
6. "mint rcmd" IP
, MAC (
MAC ), :
mint rf5.0 rcmd -node 17:9a:c2:f4:34 -cmd "ifc rf5.0 10.0.0.1/24 up; co save;"
mint rf5.0 rcmd -node 17:9a:c3:ad:46 -cmd "ifc rf5.0 10.0.0.2/24 up; co save;"
mint rf5.0 rcmd -node 179ab1f391
-cmd "ifc rf5.0 10.0.0.3/24 up; co save;"
...
..
IP ( ).
7. telnet
( ..)
IP ,
"mint
rcmd":
mint rf5.0 rcmd -node 0023113231 -cmd "co show" -reply
-reply,
(sys log show).
3. Prf
MINT ,
Ethernet.
- (prf),
, vlanX.
:
prf N parent IFACE [hwmtu N] [channel N]
prf N clear
Copyright 2004-2011 by InfiNet Wireless
57
InfiNet Wireless
WANFleX
prf
ethernet. ethernet,
IEEE802.3.
1514
, Jumbo frame
IETF,
http://www3.ietf.org/proceedings/01mar/I-D/kaplan-isis-ext-eth-02.txt
Ethernet-
,
, .
Ethernet-
" ".
4 " " Ethernet . prf
"" 0 3. , Ethernet-
, prf
.
prf:
parent IFACE
IFACE - ,
(, , ) .
ethernet-.
hwmtu N
N - Ethernet-, ""
channel N
N - ,
"" .
clear - prf
prf
mint.
4. ( lag)
(Link Aggregation)
.
, , ,
, .
, ,
,
Ethernet .
LACP (Link Aggregation Control Protocol)
InfiNet Wireless
IEEE 802.3ad. ,
LACP,
.
Copyright 2004-2011 by InfiNet Wireless
58
InfiNet Wireless
WANFleX
lagN.
:
lag N [command] [(port|-port) (IFNAME | IFNAME...)]
where [command] is:
status
- show lag interface status
migrate
- enable session migrate
-migrate
- disable session migrate
balance
- enable session-oriented load balancing
-balance
- disable session-oriented load balancing
mode
- switch lag inteface mode. Modes: (stand|fast)
clear
- remove lag interface from configuration
loadm
- show realtime per-port load status
:
:
lag N port (IFNAME | IFNAME...)]
lagN
( ),
.
:
lag 1 port eth0 eth1
lag1,
Ethernet .
LAG -port.
:
lag 1 -port eth1
LACP :
lag N status aggregation id,
lag N migrate / lag N -migrate /
, , ,
.
lag N balance / lag N -balance /
, .
lag N mode LACP: stand fast.
standard LACP
Copyright 2004-2011 by InfiNet Wireless
59
InfiNet Wireless
WANFleX
IEEE 802.3ad. fast
,
LACP ,
.
lag N clear removes lagN interface from the device configuration
lag N loadm
.
5. Ltest ( )
.
.
:
ltest IFNAME target [-r rate[,reply_rate]]
[-s packet_size[,reply_size]] -- default size 1024, max 1794
[-b]
-- send as broadcast
[-p priority]
-- set priority (0 to 16)
[-a (l|r|m)]
-- enable audiomonitor,
l - local amp, r - remote amp
m - min(local,remote) amp
[-auto (l|r|m)]
-- like -a, but run in background
and autostart on boot
[-align [L[,R]]]
-- MIMO antenna alignment mode
L,R - local/remote tx antenna
(0/1 or V/H)
[-evm]
-- display Error Vector Magnitude
[-tu [seconds]]
-- unidirectional throughput test
[-tb [seconds]]
-- bidirectional throughput test
[-load N[m|k]
-- limit throughput to N:
m - Mbps, k - Kbps
[-mint]
-- do throughput test through MINT
ltest -key [PASSWORD]
ltest (-stop|-noauto)
-- stop all running tests
(-noauto - cancel test on boot)
ltest (-disable|-enable)
-- disable/enable ltest
:
IFNAME ,
target MAC- ,
-r rate[,reply_rate] bitrate
.
Copyright 2004-2011 by InfiNet Wireless
60
InfiNet Wireless
WANFleX
. ,
:
o
-, ..
tx/rx bitrate
mint map. rate reply
rate tx/rx bitrate,
mint map.
,
, .
rate reply rate ,
bitrate
(, 6 Mbps
20 MHz, 3Mbps 10 MHz, 1.5 Mbps 5 MHz).
-s packet_size[,reply_size]
.
1024 .
1810 .
-b
-a (l|r|m) ().
, ..
, .
ODU.
.
.
l
,
r
,
m
-auto (l|r|m)
.
,
. a(l|r|m)
-key [PASSWORD] .
,
,
-noauto
, .. ,
-stop -
-disable|-enable /
.
-align [L[,R]]
Xm (, R5000-Om). L
,
Copyright 2004-2011 by InfiNet Wireless
61
InfiNet Wireless
WANFleX
. R ,
-
. L ,
.
-r, ,
. -r ,
L R .
L R 0 1
, 1
).
(0
-evm (Error Vector
Magnitude).
EVM ( 21).
( .. )
.
:
lt rf5.0 00179AC2F3E6
.
lt
, MAC- 00179AC2F3E6.
lt rf5.0 00179AC2F3E6 r 24000
rate
24 /. reply rate
.
lt rf5.0 00179AC2F3E6 a l
,
,
.
ltest:
ltest ,
( auto).
:
Copyright 2004-2011 by InfiNet Wireless
62
InfiNet Wireless
WANFleX
ltest ( -align):
ant.amps,
amp/max. ant.amps
0, 1 2 .
:
1.
bitrate.
MINT
bitrate, MINT
autobitrate.
2.
amp/max 12 40.
.
40
12,
bitrate (, 20 10
).
Copyright 2004-2011 by InfiNet Wireless
63
InfiNet Wireless
WANFleX
.
12
,
,
,
.
,
,
, , . ,
,
,
..
3. rt%
.
4. up%
, ,
.
5. ua%
, ,
.
50,
distance.
20 , ,
long.
(Local
Remote) ltest.
:
: ,
, .
ltest:
-tu [seconds] Unidirectional test:
(
target)
-tb [seconds] Bidirectional test:
- 1536
( -s).
, (
5 ). - 60 .
-load N[m|k]
, ltest
( -tu -tb). N
, k -
(: 10m - 10 /, 500k - 500 /).
mint
MINT,
Copyright 2004-2011 by InfiNet Wireless
64
InfiNet Wireless
WANFleX
(ATPC)
(autobitrate).
.
target
MAC- MINT ,
(multi-hop).
-tu -tb.
-mint -r .
:
:
lt rf5.0 00179AC2F3E6 -tb
, MAC-
00179AC2F3E6.
6. Muffer
.
:
muffer IFNAME [-tXX] [-lXX] review [FREQ1 [FREQ2 ...]]
| sid | { mac[2|3]|mynet|scan [MAC]}
muffer IFNAME sensor [F1 [F2] [BW STEP]]
muffer stat [clear]
:
,
,
.
.
review
.
,
( ).
Copyright 2004-2011 by InfiNet Wireless
65
InfiNet Wireless
WANFleX
:
muffer rf5.0 review
SID sid
(SID).
, rfconfig.
:
muffer rf5.0 sid
MAC-
"mac/mac2/mac3/mynet"
(MAC-). [MAC]
, MAC-.
mac , mac2
, MAC- ( ).
mac3, mac2,
, ,
.
mynet
.
:
muffer rf5.0 mac2
Copyright 2004-2011 by InfiNet Wireless
66
InfiNet Wireless
WANFleX
muf scan
.
.
.
.
:
muffer rf5.0 scan
-tXX - , .
, 2 . "0"
.
-lXX - ,
. - 24 .
ESC Ctrl/C.
() muffer stat
. MAC- ,
,
.
Copyright 2004-2011 by InfiNet Wireless
67
InfiNet Wireless
WANFleX
,
,
.
muffer stat clear .
(-)
muf sensor
- .
Web- (.
IW Technical User Manual).
.
H02.
:
muffer rf5.0 sensor
Copyright 2004-2011 by InfiNet Wireless
68
InfiNet Wireless
WANFleX
F1 - .
.
F2 .
, , .
BW .
1/5/10/20 .
STEP .
1/5/10/20 , .
ESC Ctrl/C.
7. Macf
MAC IP-
:
macf MAC IP omment
macf del N
macf [-]dhcp [-]strict | [-]reverse | [-]simple | [-]quiet
macf show | clear
Copyright 2004-2011 by InfiNet Wireless
69
InfiNet Wireless
WANFleX
:
macf MAC IP-
ethernet .
,
, .
,
IP- ( ) , ,
.
, , ,
MAC IP-,
,
MAC- .
macf MAC IP .
macf 102030405060
1.1.1.1
Room123
macf 203040506070
2.2.2.2
Room125
macf show
co show:
macf show
macf
1
macf
2
macf
3
macf
192.78.64.174
0020af915099
0020af9150a3
0020af9150a4
4
Admin
192.78.64.99
Server
192.78.64.194
Room94
192.78.64.134
Room57
0020af9150a7
, macf del N.
macf clear .
quiet.
.
( ) ,
, - .
( macf strict), ,
, .
, telnet,
, strict, ,
.
,
.
, ,
(sys log).
,
.
.
:
1. MAC-
2. ,
IP-.
reverse :
Copyright 2004-2011 by InfiNet Wireless
70
InfiNet Wireless
WANFleX
1.
IP-
2.
MAC-.
, ,
simple, 1- .
.
,
strict. .
dhcp, macf
, DHCP .
,
DHCP .
:
1. .
ethernet .
,
, strict:
macf MAC IP [strict]
2.
, "reverse
strict" "reverse simple", IP-
, MAC MAC-
.
3. ,
,
"simple" "reverse strict" c MAC
.
.
,
arp.
8. Sppp
PPP
'Point to Point Protocol'
(PPP) , sppp
ppp0, ppp1 E1
0(main), 1(sub) .
:
sppp [-v] ifname [{enable/disable}] [options]
ifname - (ppp0 ppp1).
enable/disable
E1.
PPP-
SPPP :
Cisco HDLC;
PPP (Point to Point Protocol, RFC 1661);
Frame Relay
Copyright 2004-2011 by InfiNet Wireless
71
InfiNet Wireless
WANFleX
sppp.
:
sppp ppp0 enable mode=cisco
ifconfig ppp0 10.0.0.1 10.0.0.2 up
10.0.0.1 - PPP , 10.0.0.2 .
:
mode
mode (
) : cisco; ppp; fr.
cisco - Cisco HDLC.
ppp - Point to Point Protocol RFC 1661
fr - Frame Relay
:
sppp ppp0 enable mode=cisco
sppp ppp0 enable mode=ppp
sppp ppp0 enable mode=fr
keepalive
cisco ppp,
: on; off.
/
10
. keepalive cisco ppp.
:
sppp ppp0 enable mode=cisco keepalive=on
sppp ppp0 keepalive=off
sppp ppp0 keepalive=on
ppp
ppp
.
proto
(.
myproto hisproto), : none; pap; chap.
o
none -
pap - . Password Authentication
Protocol, ,
/ (. {my|his}name
{my|his}secret)
.
chap - Challenge Handshake Authentication Protocol RFC 1994,
; "-"
( ).
Copyright 2004-2011 by InfiNet Wireless
72
InfiNet Wireless
WANFleX
myproto
proto, . ,
, .
hisproto
, proto, .
myname
(chap;
pap).
hisname
()
(chap; pap).
mysecret
(key, password)
. chap . pap
(myname).
hissecret
mysecret, .
:
sppp ppp0 enable mode=ppp proto=none
ppp .
ppp0
chap , , ppp1
.
sppp ppp0 enable mode=ppp proto=chap
sppp ppp0 myname=local mysecret=secret
sppp ppp0 hisname=remote hissecret=secret
sppp ppp1 enable mode=ppp myproto=chap hisproto=none
sppp ppp1 myname=local mysecret=secret
{no}rechallenge
/
.
chap (Conware CoNet,
firmware 4.0.x).
:
sppp ppp0 norechallenge
9. Arp
ARP
:
arp view [IP]
arp add IP MAC|auto proxy
arp del IP|all [proxy]
Copyright 2004-2011 by InfiNet Wireless
73
InfiNet Wireless
WANFleX
arp [-]freeze
arp [-]proxyall [$ACL]
:
ARP
MAC .
, Ethrnet IP-
48- Ethernet
.
ARP ,
.
. arp .
:
arp view [IP]
ARP IP, ,
.
arp add IP MAC [proxy]
arp add IP auto proxy
ARP . IP
MAC. proxy,
, ARP
(proxy), (IP)
. MAC-
auto, MAC-
, IP.
arp del IP|all [proxy]
IP-, ,
all. proxy,
,
(proxy).
arp [-]freeze
"" ARP.
.
MINT.
telnet.
arp [-]proxyall [$ACL]
proxyall ARP ,
IP-
. ,
,
.
proxyall / $ACL,
.
:
arp add 10.10.10.10 00:11:22:33:44:55
arp add 192.168.5.1 5544332211 proxy
Copyright 2004-2011 by InfiNet Wireless
74
InfiNet Wireless
WANFleX
10. switch
().
MAC
Switch
:
________ LIST commands __________________________________
switch list LISTNAME [{iface | mac | numrange | match}]
{add | del} [VALUE ...]
dump [WILDCARD]
rename NEWNAME
file FILENAME
[ flush|remove]
________ GROUP commands _________________________________
switch group ID {add | del} IFNAME[:{TAG|0}] ...
switch group ID {repeater|trunk|uncoupled} {on|off}
switch group ID {(up|down)stream} {SCID|0}
switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]
switch group ID nvlan {[on]|off}
switch group ID info INFO_STRING
switch group ID setid NEWID
switch group ID stp { off | on | dump }
switch group ID stp priority [PRIO]
#(default: 32768, step: 4096)
switch group ID stp forwarddelay [DELAY]
switch group ID stp maxage [TIME]
#(default: 15 sec)
#(default: 20 sec)
switch group ID stp port IFNAME priority [PRIO] #(default: 128,step 16)
switch group ID stp port IFNAME cost [COST] #(default: 200000(RSTP),
65535(STP))
switch group ID igmp-snooping { off | on }
switch group ID order N
switch group ID
[ setpri|addpri prio ]
{deny | permit | showrules | showblack}
switch group ID
[dump [interface] [WILDCARD]]
[dbdelete MACADDRESS]
{start | stop | remove}
switch group ID in-trunk [{ID|0}]
switch admin-group {ID|0}
________ RULES commands _________________________________
Copyright 2004-2011 by InfiNet Wireless
75
InfiNet Wireless
WANFleX
switch {group ID | interface IFNAME} rule NUMBER
[set NEWNUMBER] [not]
[src LIST] [dst LIST] [vlan LIST]
[iface LIST] [proto LIST] [match LIST]
[ setpri|addpri prio ]
[ deny | permit ] [ remove ]
_______ CONTROL commands _______________________________
switch keeptag [(on|off)]
switch resynchronize
switch local-tag TAG
switch trace { off | on | verbose | filter "pcap expr"}
switch stptrace { off | on }
switch stpblock { off | on }
switch {dump [WILDCARD]|MACADDRESS}
switch igmp-snooping dump [detail]
switch igmp-snooping lmqt Value
switch igmp-snooping gmi Value
switch igmp-snooping static-add MCAST IF_NAME [MAC]
switch igmp-snooping static-del MCAST IF_NAME [MAC]
switch igmp-snooping srcip IP
switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]
{start|stop|clear}
switch {start | stop | restart | destroy | dead-interval DEAD_INTERVAL | strictadmin [(on|off)]}
switch statistics [(clear|help)]
switch maxsources (MAXSOURCES|0)
!
1.22.0 (switch)
.
, ,
.
MINT .
Over The Air.
Wildcard
Wildcard
. wildcard,
:
* -
. .
Copyright 2004-2011 by InfiNet Wireless
76
InfiNet Wireless
WANFleX
~ -
.
:
rf~.~
,
rf5.0, rf5.1, ..
#1> switch group 1 dump eth~
Bridge group 1(normal), READY STARTED Interfaces
Total
records
DST MAC
L Int. GateWay MAC GT Cost
========= = ==== ========= == ===
=======
001111144693
eth0 000000000000
0
000435018822
* eth0 000000000000
0
000435118822 * eth1 000000000000
0
0
: eth0(F) eth1(F) rf5.0(F)
5
UsCNT
Dead
HashC
===== ===== ====
3987
0
0
300
0
1
1
1
Ethernet .
(List
commands)
:
switch list LISTNAME [{iface | mac | numrange | match}]
{add | del} [VALUE ...]
dump [WILDCARD]
rename NEWNAME
file FILENAME
[ flush|remove]
(rule).
: iface, mac, numrange, match.
.
. ,
.
:
list
LISTNAME . ,
.
iface ,
mac , MAC
numrange ,
<min>[-<max>].
, <min>=<max>.
()
Copyright 2004-2011 by InfiNet Wireless
77
InfiNet Wireless
WANFleX
.
() ,
/ .
match , match
, .
PCAP (. tcpdump).
,
. tcpdump :
http://www.protocols.ru/modules.php?name=News&file=article&sid=125
add del
.
VALUE ( match) ,
.
:
switch list my_iface iface add eth0 rf5.0
iface my_iface
eth0 rf5.0.
switch list vlans numrange add 10 20-30 40
vlans
10, 20 30
40.
switch list ip_mynet match add net 195.38.45.64/26
- match.
,
(ip, arp ..), 195.38.45.64/26.
switch list ip_mynet match add ip net 195.38.45.64/26
- match,
ip-,
195.38.45.64/26.
.
,
.
FTP .
:
switch list MACGROUP1 file ftp://1.2.3.4/switches/list/macgroup1.txt
macgroup1.txt , , :
#
00:01:02:03:04:05
00:11:12:13:14:15
<EOF>
,
:
Copyright 2004-2011 by InfiNet Wireless
78
InfiNet Wireless
WANFleX
switch synchronize
switch list LISTNAME remove
LISTNAME
.
switch list LISTNAME flush
LISTNAME
switch list OLDLISTNAME rename NEWLISTNAME
OLDLISTNAME NEWLISTNAME.
switch list LISTNAME dump [WILDCARD]
LISTNAME.
WILDCARD,
WILDCARD.
(Group commands)
:
switch group ID {add | del} IFNAME[:{TAG|0}] ...
switch group ID {repeater|trunk|uncoupled} {on|off}
switch group GORUPID {(up|down)stream} {SCID|0}
switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]
switch group ID nvlan {[on]|off}
switch group ID info INFO_STRING
switch group ID setid NEWID
switch group ID stp { off | on | dump }
switch group ID stp priority [PRIO]
#(default: 32768, step: 4096)
switch group ID stp forwarddelay [DELAY]
switch group ID stp maxage [TIME]
#(default: 15 sec)
#(default: 20 sec)
switch group ID stp port IFNAME priority [PRIO] #(default: 128,step 16)
switch group ID stp port IFNAME cost [COST] #(default: 200000(RSTP),
65535(STP))
switch group ID igmp-snooping { off | on }
switch group ID order N
switch group ID
[ setpri|addpri prio ]
{deny | permit | showrules | showblack}
switch group ID
[dump [interface]] [WILDCARD]]
[dbdelete MACADDRESS]
Copyright 2004-2011 by InfiNet Wireless
79
InfiNet Wireless
WANFleX
{start | stop | remove}
switch group ID in-trunk [{ID|0}]
switch admin-group {ID|0}
switch group ID {add | del} IFNAME[:{TAG|0}] ...
.
ID (1-4095)
add|del /
. add,
ID ,
.
IFNAME ,
.
TAG. ,
.
:
o
TAG >0. ,
vlan TAG.
vlan, vlan TAG.
TAG . , vlan
, ( ).
TAG 0. ,
,
vlan .
:
switch group 3 add rf5.0:10 eth0:0
, 3
vlan 10 rf5.0
eth0.
,
.
switch group ID {repeater|trunk|uncoupled} {on|off}
/ (repeater),
(trunk) uncoupled.
, ,
, .
, , eth*
, rf*
vlan . ,
, .
rf*, eth*
vlan ,
rf* .
Copyright 2004-2011 by InfiNet Wireless
80
InfiNet Wireless
WANFleX
(CORE)
,
. STP
. , "uncoupled",
,
,
, .
uncoupled ( ),
.
:
switch group 12 trunk on
,
VLAN ,
in-trunk
, :
switch group ID in-trunk [{ID|0}]
, 100
5 ( 100
VLAN ID 100 100),
: switch group 100 intrunk 5
, VLAN .
switch group ID [x]vlan {TAG|LIST|0} [[no]bidir]
, ID
, vlan TAG, ,
LIST numrange.
vlan ,
TAG .
bidir
VLAN ( ).
VLAN
,
.
. vlan,
(. ) .
:
switch group 5 vlan 5
switch group ID xvlan {TAG|LIST|0} [[no]bidir]
, "vlan {TAG|LIST|0}",
.
:
switch list MYNET numrange add 100 200 300
Copyright 2004-2011 by InfiNet Wireless
81
InfiNet Wireless
WANFleX
switch group 10 xvlan MYNET
switch group 10 trunk on
10 VLAN ID 100, 200, 300,
.
MINT , (
- 10), - VLAN ID.
switch list MYNET numrange add 100 200 300
switch group 20 vlan MYNET
switch group 20 trunk on
20 MYNET
VLAN ID (
).
switch list MYNET numrange add 100 200 300
switch group 30 vlan MYNET
switch group 30 trunk off
30 MYNET
30.
switch group ID nvlan {[on]|off}
,
VLAN .
switch group ID info INFO_STRING
/
.
switch group ID setid NEWID
GROUPIID
NEWID.
:
switch group 3 setid 7
switch group ID
[dump [interface] [WILDCARD]]
[dbdelete MACADDRESS]
{start | stop | remove}
Here:
dump MAC
interface - MAC
.
WILDCARD
.
Copyright 2004-2011 by InfiNet Wireless
82
InfiNet Wireless
WANFleX
dbdelete MACADDRESS MAC
, MAC
start|stop /
.
restart ( switch group GID stop;
switch group GID start).
. ,
.
remove .
:
switch group 3 dump eth0
switch group 5 start
,
eth* , .. ,
, ,
: . ,
- (MESH) ,
.
switch admin-group {ID|0}
multicast
downstream upstream.
switch group ID {(up|down)stream} {SCID|0}
:
1,2,3,4,5 6 ,
multicast ,
,
.
Copyright 2004-2011 by InfiNet Wireless
83
InfiNet Wireless
WANFleX
downstream ( ) , ,
1000, .
upstream
.
.
broadcast , - ,
,
MINT downstream
. ,
upstream ,
,
.
MAC switch () STP,
: STP, RSTP.
:
switch group ID stp { off | on | dump }
off / on
STP . dump
STP .
switch group ID stp dump:
Copyright 2004-2011 by InfiNet Wireless
84
InfiNet Wireless
WANFleX
switch group ID stp priority [PRIO]
stp , [PRIO]
. ,
, 57344.
,
4096 (step 4096).
switch group ID stp forwarddelay [DELAY]
stp forward delay,
listening learning,
[DELAY] .
, , 15 .
switch group ID stp maxage [TIME]
stp MAX age,
BPDU- , [TIME]
. ,
, 20 .
switch group ID stp port IFNAME priority [PRIO]
stp ,
IFNAME , [PRIO] .
, ,
128. ,
16 (step 16).
switch group ID stp port IFNAME cost [COST]
stp cost ,
, [COST]
. ,
, 200000 RSTP, 65535 STP.
:
switch group 1 add eth0 rf5.0
Copyright 2004-2011 by InfiNet Wireless
85
InfiNet Wireless
WANFleX
switch group 1 stp priority 36864
switch group 1 stp on
switch group 1 start
group 1.
stp stp
36864.
switch group ID igmp-snooping { off | on }
/ IGMP snooping
.
:
switch group 1 igmp-snooping on
switch group ID order N
.
, ,
.
. ,
.
switch group ID [ setpri|addpri prio ]
/
. setpri
. -1,
. addpri ,
,
( , ).
addpri .
:
switch group 1 addpri 15
switch group ID {deny | permit}
(deny) (permit)
, .
switch group ID {showrules}
,
.
switch group ID {showblack}
MAC ,
.
Copyright 2004-2011 by InfiNet Wireless
86
InfiNet Wireless
WANFleX
(Rules
commands)
:
eth*. ,
,
.
.
.
(rules)
(deny/permit). ,
(deny/permit).
. ,
.
.
.
,
. deny
, .
,
. 5 :
1.
- (iface)
2.
MAC (src)
3.
MAC (dst)
4.
VLAN tag (vlan)
5.
Ethernet ( proto )
. ,
, PCAP (tcpdump).
match. , ,
,
match. -
, , ,
.
, ,
,
(, vlan tag).
:
switch {group ID | interface IFNAME} rule NUMBER
[set NEWNUMBER] [not]
[src LIST] [dst LIST] [vlan LIST]
[iface LIST] [proto LIST] [match LIST]
[ setpri|addpri prio ]
Copyright 2004-2011 by InfiNet Wireless
87
InfiNet Wireless
WANFleX
[ deny | permit ] [ remove ]
:
ID IFNAME .
NUMBER
set NEWNUMBER
NEWNUMBER
remove .
src, dst, vlan, iface, proto, match
.
,
,
.
deny | permit
setpri|addpri prio -
/
. setpri
.
-1, .
addpri ,
,
( , ).
addpri .
:
switch list MACGROUP1
00:11:12:13:14:15
MACGROUP1
mac
add
00:01:02:03:04:05
switch list VGROUP numrange add 10 20-30 40
switch list IP_NET3845 match add arp net 195.38.45.64/26 || ip net
195.38.45.64/26
switch group 5 rule 10 src MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 5 rule 20 dst MACGROUP1 vlan VGROUP match IP_NET3845 deny
switch group 1 rule 1 setpri 10
:
switch {group ID | interface IFNAME}
{deny | permit }
(Control commands)
:
switch keeptag [(on|off)]
Copyright 2004-2011 by InfiNet Wireless
88
InfiNet Wireless
WANFleX
switch resynchronize
switch trace { off | on | verbose | filter "pcap expr"}
switch stptrace { off | on }
switch stpblock { off | on }
switch {dump [WILDCARD]|MACADDRESS}
switch local-tag TAG
switch igmp-snooping dump [detail]
switch igmp-snooping lmqt Value
switch igmp-snooping gmi Value
switch igmp-snooping static-add MCAST IF_NAME [MAC]
switch igmp-snooping static-del MCAST IF_NAME [MAC]
switch igmp-snooping srcip IP
switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]
{start|stop|clear}
switch {start | stop | restart | destroy | dead-interval DEAD_INTERVAL | strictadmin [(on|off)]}
switch statistics [(clear|help)]
switch maxsources (MAXSOURCES|0)
switch resynchronize
, file.
switch trace { off | on | verbose | filter "pcap expr"}
/ log .
verbose .
filter pcap expr
.
:
sw trace filter "ether host 00:11:22:33:44:55"
sw trace filter "net 1.2.3.0/24"
sw trace off -
switch stptrace { off | on }
off / on
STP, ,
, (sys log). .
switch stpblock { off | on }
Copyright 2004-2011 by InfiNet Wireless
89
InfiNet Wireless
WANFleX
Stpblock on STP ,
STP .
STP stpblock off.
()
MAC ,
(dst).
.
,
.
MAC .
. , ,
.
, .
.
:
switch dead-interval <DEAD_INTERVAL_IN_SECONDS>
//
:
switch {start | stop | restart}
:
switch {destroy}
:
switch statistics [(clear|help)]
, flood-,
MAC- (DB Records).
clear , help
,
.
:
MAC-
switch maxsources (MAXSOURCES|0)
5000.
0, 500.
, MINT,
,
( eth*) .
- VLAN :
switch local-tag TAG
, ,
VLAN local-tag. , ,
VLAN ID
Copyright 2004-2011 by InfiNet Wireless
90
InfiNet Wireless
WANFleX
local-tag,
MINT ( ).
switch keeptag [(on|off)]
(switch keeptag on)
(eth*)
. , off.
switch strict-admin [(on|off)]
, ,
, ,
(switch strict-admin off).
switch strict-admin on,
, admin-group.
switch igmp-snooping dump [detail]
IGMP (),
(Internet Protocol multicast) .
switch igmp-snooping dump:
detail
.
switch igmp-snooping lmqt Value
Last Member Query Time, ..
,
, Multicast-
IGMP leave.
Ethernet , MAC-
, .
switch igmp-snooping gmi Value
Group Membership Interval,
.. , ,
( IGMP report
).
Copyright 2004-2011 by InfiNet Wireless
91
InfiNet Wireless
WANFleX
switch igmp-snooping static-add MCAST IF_NAME [MAC]
Multicast-.
switch igmp-snooping static-del MCAST IF_NAME [MAC]
Multicast-.
switch igmp-snooping srcip IP
IP- IGMP
Report IP-, IP .
switch igmp-snooping querier group N [source X] [mcast X [,Y,...]] [vlan N]
{start|stop|clear}
/ (start/stop) Querier,
Multicast-
IGMP Snooping.
:
group N
IGMP Snooping.
source X Multicast-.
mcast X Multicast .
vlan N Multicast-
Vlan.
clear IGMP Querier.
switch list VGROUP numrange add 10 20-30 40
switch list ALL_VLAN numrange add 0-4095
switch group 5 add eth0 rf5.0
switch group 5 rule 10 vlan VGROUP permit
switch group 5 deny
switch group 5 start
switch group 15 add eth0 rf5.0
switch group 15 rule 10 vlan VGROUP deny
switch group 15 rule 11 vlan ALL_VLAN permit
switch group 15 deny
switch group 15 start
Copyright 2004-2011 by InfiNet Wireless
92
InfiNet Wireless
WANFleX
switch group 25 add eth0 rf5.0
switch group 25 rule 10 vlan ALL_VLAN deny
switch group 25 permit
switch group 25 start
switch admin-group 25
switch start
. 5
c VLAN 10, 20-30 40. 15
VLAN , 5. 25
VLAN . , 25
.
11. CES
Infinet Wireless,
IDU-5000-E1SCR, IDU-5000-E1RJ.
ces TDM
(CES-), WANFleX
CES-over-WLAN.
CES-over-WLAN
( TDM ):
CES- (Master) Infinet Wireless, TDM
, TDM,
Ethernet, ,
, ,
.
CES- (Slave),
TDM .
Infinet Wireless CES-over-WLAN
CES-,
.
, -CES
.
,
CES, ,
CES.
CES ,
.
!!! CES- Single Clock Domain.
, CES, TDM ,
.
:
ces start
ces stop
Copyright 2004-2011 by InfiNet Wireless
93
InfiNet Wireless
WANFleX
ces clear
ces unit <addr>
ces mode (e1|t1) (line|internal|loopback|recovery)
ces ports <list>
ces frames <N>
ces maxjitter <N>
ces adjust (now|auto [clear]) <list>
ces stat [clear]
ces stat delay [clear]
ces eth media <MediaType>
ces eth bwlimit <Kbps>
ces eth stat [full] [clear]
MediaType: 100BaseTX-fullduplex, 100BaseTX-halfduplex,
10BaseT-fullduplex, 10BaseT-halfduplex, auto
ces start - , CES-.
, TDM .
ces stop - , CES-.
ces clear - ces.
ces unit <addr> - IP CES-,
/24.
CES-. :
169.254.1.100 - , 169.254.1.0/24
CES-.
ces mode (e1|t1) (line|internal|loopback|recovery) -
CES-. - , E1
T1, - : line -
0 , internal
, loopback -
,
recovery CES-over-WLAN .
ces ports <list> -
.
ces frames <N> - TDM CES-over-WLAN .
,
. : E1 - 1 25,
26 44, T1 - 1 33,
34 60.
ces maxjitter <N> -
. : 1 200,
frames 8.
ces adjust (now|auto [clear]) <list> -
. now
, auto -
, auto clear
. <list> :
<>[/], - ( , )
, , (:
Copyright 2004-2011 by InfiNet Wireless
94
InfiNet Wireless
WANFleX
45%)
maxjitter,
.
- 50%.
:
ces adjust auto 0/1.5 1/15% 2/15
- 0, 1 2.
0,
1.5 , 1
15 , 2 -
15 .
ces stat [clear] - ces.
clear .
ces eth media <MediaType> -
LAN IDU. <MediaType>: 100BaseTXfullduplex, 100BaseTX-halfduplex, 10BaseT-fullduplex, 10BaseThalfduplex, auto. : auto.
ces eth bwlimit <Kbps> -
LAN IDU. : 10-100000.
. . 0
.
ces eth stat [full] [clear] - Ethernet LAN IDU.
full .
clear .
ces multihop repeater
, ces stat delay.
ces stat:
>ces stat
unit status: slave, active
time: 00:06:42 since started, 00:00:02 since stat cleared
mode: e1 recovery
peer: 00134676EEAC
master settings:
~~~~~~~~~~~~~~~
mode: e1 loopback
jitterbuf: 40
frames: 16
datapad: 32
ports: 0
physical interface: 0 tx fifo underruns, 0 rx fifo overruns
~~~~~~~~~~~~~~~~~~
link status octets in/out frames in/out
port 0: up NoAlarm 37173184/39834496 1161662/1244828
port 1: up NoAlarm 0/39744608 0/1242019
port 2: down LossOfSignal 16632896/39654336 519778/1239198
port 3: down LossOfSignal 0/39554560 0/1236080
packet interface:
~~~~~~~~~~~~~~~~
port 0:
tx: on restarts: 0
Copyright 2004-2011 by InfiNet Wireless
95
InfiNet Wireless
WANFleX
rx: on restarts: 0
jitter buffer: 7.769 cur (0.231 dev.), 6.953 min, 8.406 max
packets: total 39523, 500 per second, 100% valid
0 R bit, 0 L bit, 0 late, 0 lost,
0 out of order, 0 underrun, 0 overrun,
0 invalid sequence, 0 duplicate, 0 malformed
port 1: disabled
port 2: disabled
port 3: disabled
, unit status - CES-. : slave/master
- CES-. Slave - recovery,
master - recovery.
time - ces start,
.
mode - ces mode.
peer Mac- , CESover-WLAN.
master settings - slave,
CES-Master-.
, Slave.
physical interface E1/T1 .
packet interface - CES-over-WLAN
E1/T1 . , (rx) (tx)
(, off - /) ,
tx rx .
jitter buffer - .
7.769
, (8)
0.231 .
- 6.953 , - 8.406
.
packets - 39523 CES-over-WLAN ,
- 500 . 100% valid , 500 .
R bit - R
CESoPSN
L bit - L
CESoPSN
late - ,
lost -
out of order - ,
underrun - ,
overrun - ,
invalid sequence - ,
duplicate -
Copyright 2004-2011 by InfiNet Wireless
96
InfiNet Wireless
WANFleX
malformed - ,
ces stat delay [clear] - CES
ODU. clear
.
CES multihop repeater (CES )
CES .
Infinet Wireless 4 E1/T1 :
Master Device:
rf rf5.0 freq 5200 bitr 36000 sid 10101010 txpwr 18
mint rf5.0 start
ces ports 0 1 2 3
ces start
Slave Device:
rf rf5.0 freq 5200 bitr 36000 sid 10101010 txpwr 18
mint rf5.0 start
ces mode e1 recovery
ces start
Master ,
sid. MINT. .
CES-over-WLAN, :
e1, loopback.
Slave , sid.
MINT. e1, recovery.
( ces adjust)
Master. CES-over-WLAN.
12. WiFi ( Wi-Fi AP)
Wi-Fi.
:
wifi IFNAME [options] [command]
where IFNAME are WiFi Interface name (for example, wifi0)
where options are:
-name <"string">
- Set optional interface name
-ssid <"string">
- Define Service Set Identification
-freq <frequency>
- Set center frequency (MHz; see "wifi IFNANE cap"
for a list of supported frequencies)
-power <power>
of supported values)
- Set Tx power (mW; see "wifi IFNANE cap" for a list
-antenna <antenna>
antenna types)
- Select antenna (see "licence --show" for allowed
Copyright 2004-2011 by InfiNet Wireless
97
InfiNet Wireless
WANFleX
-pass <key>
[ascii|hex:]<string>.
- Set authentication key. Key format:
-auth <type>
for supported auth types)
- Select authentication type (see "wifi IFNANE cap"
-wpa-encrypt <type> - Select WPA encryption type (see "wifi IFNANE cap"
for supported encryption types; different encryption types can be combined with
comma as delimeter)
-auth-server <address> - Set authentication server address. Use
<host>[:<port>],<secret> format for the address.
-acct-server <address> - Set accounting server address. Use
host>[:<port>],<secret> format for the address.
-debug-radius on|off
- Enable/disable RADIUS conversation debugging.
-hidden on|off
- Enable/disable hidden AP mode
-wme on|off
- Enable/disable Wireless Multimedia Extensions
(QoS)
-isolation on|off
- Enable/disable client staions isolation
-rsn-preauth on|off
- Enable/disable RSN/WPA2 pre-authentication
-mcast-rate <rate>
- Set multicast packets bitrate
-acct-interval <iterval> - Set interim accounting update interval in seconds
where commands are:
cap
- Show IF capability
status
- Show status of IF
stations
- Show associated stations list
:
Wi-Fi
ifconfig -a (, wifi0).
Wi-Fi AP ifc <Wi-Fi
interface name> up.
-name <"string"> - NAS-
Radius.
-ssid <"string"> - ,
(Service Set Identity), string -
.
-freq <frequency> - .
wifi IFNAME
cap.
-power <power> - AP .
wifi IFNAME cap.
-antenna <antenna> - Wi-Fi AP.
diversity ,
Copyright 2004-2011 by InfiNet Wireless
98
InfiNet Wireless
WANFleX
(
).
li --show.
-auth <type> -
AP.
wifi IFNAME cap.
-pass <key> -
AP.
key:
[ascii|hex:]<string>, ascii|hex
, <string> - .
-wpa-encrypt <type> - WPA.
wifi IFNAME cap.
type
.
-auth-server <address> - Radius
. address: <host>[:<port>],<secret>,
<host>[:<port>] IP- , <secret>
.
-acct-server <address> - Radius
().
address:
<host>[:<port>],<secret>, <host>[:<port>] IP-
, <secret> .
-debug-radius on|off /
Radius .
-hidden on|off / AP.
AP
.
-wme on|off - / QoS 802.11e.
-isolation on|off / AP
(
).
-rsn-preauth on|off - /
(quick roaming) 802.11r.
-mcast-rate <rate> - ,
multicast
-acct-interval <iterval> - ,
Radius
.
cap AP.
status AP.
stations - AP:
stations:
Copyright 2004-2011 by InfiNet Wireless
99
InfiNet Wireless
WANFleX
:
#WiFI remote AP configuration
wifi wifi0 -ssid "IW"
wifi wifi0 -freq 2432
wifi wifi0 -power 63
wifi wifi0 -antenna "diversity"
wifi wifi0 -auth "WPA-PSK"
wifi wifi0 -pass "SecretHotspot"
wifi wifi0 -wpa-encrypt "RC4"
wifi wifi0 -syslog on
13. DFS ( )
( ) .
DFS
:
dfs "interface_name" (dfsradar | dfsonly | dfsoff)
dfs "interface_name" freq { all |"frequency_list"}
dfs "interface_name" cot hh:mm
dfs "interface_name" scansec <seconds>
:
- dfs "interface_name" dfsonly DFS .
DFS
.
DFS
(density), ,
. .
- dfs "interface_name" dfsradar DFS
. DFS
( ).
Copyright 2004-2011 by InfiNet Wireless
100
InfiNet Wireless
WANFleX
- dfs "interface_name" dfsoff DFS .
- dfs "interface_name" freq {all |"frequency_list"}
( frequency_list),
DFS. all
DFS
.
- dfs "interface_name" cot {hh:mm | off}
.
(hh:mm). off .
- dfs "interface_name" scansec <seconds>
. : 6
.
DFS:
: (24 )
: 6
: 1
DFS Leader/Client:
DFS
Leader
,
(, ).
DFS Client ,
DFS Leader (,
). -
DFS Leader,
DFS Client. DFS Leader
,
.
DFS Leader:
1. Roaming Leader:
mint rf5.0 roaming leader
.
2. DFS ( ).
dfs rf5.0 dfsonly
DFS
DFS Client.
DFS Client:
1.
:
Roaming
Profile
mint rf5.0 profile freq auto
mint rf5.0 roaming enable
.
Copyright 2004-2011 by InfiNet Wireless
101
InfiNet Wireless
WANFleX
,
DFS Leader.
Copyright 2004-2011 by InfiNet Wireless
102
InfiNet Wireless
WANFleX
IV.
1. Ifconfig ( )
.
:
ifconfig IFNAME
[info "TEXT up to 72 chars"]
[address[/netmask] [ [delete | -alias] [ up ] [ down ]
[mtu N]
[link0 | link1 | link2]
[media MediaType]]
[vlan TAG [-]vlandev IFParent]
ifconfig a
MediaType:
1000BaseFX-fullduplex, 1000BaseFX-halfduplex,
1000BaseTX-fullduplex, 1000BaseTX-halfduplex,
100BaseTX-fullduplex, 100BaseTX-halfduplex,
10BaseT-fullduplex, 10BaseT-halfduplex,
auto
:
IFNAME - (
, ifconfig -a netstat -i)
info: 72 .
address IP-; IP-/
IP-: IP-.
:
ifconfig eth0 192.168.1.1/26
ifconfig eth0 192.168.1.1:255.255.255.192
ifconfig eth0 192.168.1.1
delete| -alias: alias ,
IP-.
IP-, ,
(primary), (alias).
, :
ifconfig eth0 193.124.189.1/27 up
ifconfig eth0 10.0.0.1 alias
eth0 .
delete
-alias, IP-, .
Copyright 2004-2011 by InfiNet Wireless
103
InfiNet Wireless
WANFleX
ifconfig eth0 delete CES
( ) .
.
:
ifconfig eth0 193.124.189.1/27 alias
[-]alias IP-, ..
, ,
alias-.
(primary) IP-,
IP- (alias).
up,
.
down
:
o
lo0 down
(
up).
:
ifconfig eth0 up
ifconfig eth0 1.1.1.1/24 up
ifconfig rf5.0 down
mtu N MTU (Maximum Transfer
Unit) , .
, ,
, MTU
. ,
.
MTU .
media Ethernet
(ethX) 10/100/1000. (
):
1000BaseFX-fullduplex,
1000BaseFXhalfduplex,
1000BaseTX-fullduplex,
1000BaseTX-halfduplex,
100BaseTX-fullduplex, 100BaseTX-halfduplex, 10BaseT-fullduplex,
10BaseT-halfduplex, auto. : auto.
vlanX (VLAN IEEE 802.1q)
vlan vlandev.
vlan VLAN (1-4094).
vlandev
.
Copyright 2004-2011 by InfiNet Wireless
104
InfiNet Wireless
WANFleX
:
ifconfig vlan1 1.1.1.1/24 vlan 5 vlandev eth0 up
ifconfig vlan1 1.1.1.1/24 up
ifconfig vlan1 vlan 5 vlandev eth0
ifconfig vlan1 -vlandev eth0
vlan1 eth0.
vlanX (vlan vlandev)
, ,
IP-.
vlanX, ,
, (ethX)
(up).
vlanX IEEE 802.1Q-in-Q.
IEEE 802.1Q-in-Q VLAN ID
IEEE 802.1Q ,
() VLAN.
VLAN-
IEEE 802.1Q-in-Q VLAN
link0 ifconfig.
VLAN ID IEEE 802.1Q-in-Q
, ,
IEEE 802.1Q
VLAN ID .
:
ifc vlan2 1.1.1.1/24 up
ifc vlan2 vlan 2 vlandev eth0 link0
ifconfig
,
.
ifconfig a.
2. Tun
.
:
tun N src ADDR dst ADDR [mtu N] [[-]df] \ clear
:
-
.
Copyright 2004-2011 by InfiNet Wireless
105
InfiNet Wireless
WANFleX
" " (VPN), ,
, ,
,
, , , .
,
,
.
.
,
.
.
OS WANFleX - IP Encapsulation within IP,
c RFC2003.
Cisco
IPSEC
.
, P2P
.
, , IP
.
4 :
P2P
P2P
,
Copyright 2004-2011 by InfiNet Wireless
106
InfiNet Wireless
WANFleX
,
P2P ifconfig
tunN:
ifconfig tun0 1.1.1.1 1.1.1.2
tun:
tun 0 src 195.23.23.23 dst 194.34.34.34
1.1.1.1 -> 1.1.1.2
IP-
194.34.34.34
, 194.34.34.34
- , .
,
(route add)
RIP.
, ,
.,
.
:
tunX: looping...
195.23.23.23
195.23.23.23
P2P .
P2P
:
ifconfig tun0 1.1.1.2 1.1.1.1
tun 0 src 194.34.34.34 dst 195.23.23.23
Cisco,
:
interface Tunnel0
ip address 1.1.1.2 255.255.255.252
tunnel source 195.34.34.34
tunnel destination 195.23.23.23
tunnel mode ipip
!
MTU (Maximum Transfer Unit) - 1480,
mtu N tun.
N
:
tun N clear
-df DF (Don`t
Fragment) IP , .
3. Qm ( Quality-of-Service)
QoS .
Copyright 2004-2011 by InfiNet Wireless
107
InfiNet Wireless
WANFleX
:
qm option {[-]rtp [-]dot1p [-]tos [-]icmp [-]tcpack [-]strict}
qm classN {[max=N] [ceil=N] [ceilprio=N] [parent=N]} | {clear}
qm chN [max=N[%]|0] [[ceil=N[%]|0] [ceilprio=N|0] [latency=N|0] [pri=P]
[[no]strict]]
[pps=N|0]
[to=addr]
[vlan=N|-1]
[dscp=N|-1]
[dot1p=N|-1] [classL] / clear
qm stat [full] [clear]
del RULE_NUMBER
mov RULE_A RULE_B
rearrange [N]
qm add[out] [num] [ifname] chN [pass] rule...
QoS
, .
:
(200) ,
.
, , ,
, ,
.
, ,
.
"qm classN max=N"
( /).
. : "qm classL clear".
,
(parent)
. [ceil=N] [ceilprio=N]
[parent=N]. [ceil=N] [ceilprio=N]
qm chN. [parent=N]
, N
.
"qm chN [max=N[%]|0] [[ceil=N[%]|0] [ceilprio=N|0]
[latency=N|0] [pri=P] [[no]strict]] [pps=N|0] [to=addr] [vlan=N|-1]
[dscp=N|-1] [dot1p=N|-1] [classL] / clear"
.
(1..200) chN.
max=N
( /). 10
100000. 0 () .
classN,
N.
: ,
N, ,
, .
, ,
.
Copyright 2004-2011 by InfiNet Wireless
108
InfiNet Wireless
WANFleX
: H02
, ,
.
max=N
, (max=50%).
ceil=N[%] ,
, .
, ,
,
N.
.
0.
ceilprio=N ,
,
. -
. 17
0 () 16 ().
0, ..
.
latency=N
.
, . .
0.
pri=P
(016). .
: -1
, -2
, .
[no]strict] Qm option.
pps=N
.
0.
to=ADDR ,
. ADDR
).
, ,
,
.
vlan=N, dot1p=N, dscp=N
DSCP / 802.1p. -1 :
DSCP ( 0-63) .
802.1p ( 0-7) , VLAN ID
, VLAN.
Vlan ID ( 0-4095)
VLAN 802.1p.
clear .
,
: ,
, .
vlan dot1p, vlan, dot1p.
Copyright 2004-2011 by InfiNet Wireless
109
InfiNet Wireless
WANFleX
,
"=".
qm stat [full] [clear]
( ):
qm ch1 max=128 cur=127 packets=12345 (1234) bytes=1234567 (12345)
.
full .
clear .
qm stat
(PPS),
(qm chN pps=N).
"qm add [ifname] chN [pass] rule..."
, "rule"
N. ,
out (qm addout ).
num
.
,
(ifname).
pass
. , ,
ipfw.
"qm del RULE_NUMBER" .
"qm mov RULE_A RULE_B" A
B.
"qm rearrange [N]"
N ( 5).
config show.
, ,
, ,
,
, .
,
.
qm
MINT.
qm/ipfw, tos dscp.
qm ch1 pri=6
qm add ch1 all from x/x to y/y
qm add ch1 dscp=31 all from a to b
qm add ch1 dscp=42
(016).
Copyright 2004-2011 by InfiNet Wireless
110
InfiNet Wireless
WANFleX
:
QM_PRIO_NETCRIT
QM_PRIO_VOICE
QM_PRIO_RT1
QM_PRIO_VIDEO
QM_PRIO_RT2
QM_PRIO_QOS1
QM_PRIO_QOS2
QM_PRIO_QOS3
QM_PRIO_QOS4
QM_PRIO_BUSINESS1
QM_PRIO_BUSINESS2
10
QM_PRIO_BUSINESS3
11
QM_PRIO_BUSINESS4
12
QM_PRIO_BUSINESS5
13
QM_PRIO_BUSINESS6
14
QM_PRIO_BUSINESS7
15
QM_PRIO_BUSINESS8
16
MINT.
1 2 .
, ,
best effort.
Qm option:
qm option {[-]rtp [-]dot1p [-]tos [-]icmp [-]tcpack [-]strict}
. [-]rtp [-]dot1p []tos
[-]icmp
[-]tcpack
/
, IEEE 802.1p (
MINT IEEE 802.1p
), TOS, ICMP (Internet Control
Message Protocol), TCP ACK .
[-]strict ,
Strict Priority (..
).
( ) Weighted Fair Queuing
(..
).
, 4 1 1
2, 8 1 1
3).
MINT IEEE 802.1p:
MINT
IEEE 802.1p
QM_PRIO_BUSINESS8 0 BE Best Effort
Copyright 2004-2011 by InfiNet Wireless
111
InfiNet Wireless
WANFleX
QM_PRIO_BUSINESS1
QM_PRIO_QOS3
QM_PRIO_VIDEO
QM_PRIO_VOICE
QM_PRIO_NETCRIT
1 BK Background
2 Spare
3 EE Excellent Effort
4 CL Controlled Load
5 VI Video
6 VO Voice
7 NC Network Control
,
IEEE 802.1p.
IEEE 802.1p 6 VO Voice.
QM_PRIO_VOICE ,
.
: MINT
, pri=N.
DSCP MINT
.
802.1p
.
, MINT
dot1p dscp, .
QoS
"" (. ).
:
qm ch1 max=64
qm add eth0 ch1 all from 0/0 to 0/0
64 /.
qm ch1 pri=5
qm add ch1 all from 1.1.1.0/24 to 0/0
qm add ch1 all from 0/0 to 1.1.1.0/24
1.1.1.0/24
.
qm ch1 pri=5
qm ch2 pri=10
qm add ch2 all from 1.1.1.0/24 to 0/0
qm add ch2 all from 0/0 to 1.1.1.0/24
qm add ch1 all from 0/0 to 0/0
1.1.1.0/24
. .
, ,
.
qm ch1 to=10.10.10.10
qm ch2 to=20.20.20.20
Copyright 2004-2011 by InfiNet Wireless
112
InfiNet Wireless
WANFleX
qm add ch1 all from 1.1.1.0/24 to 0/0
qm add ch2 all from 2.2.2.0/24 to 0/0
1.1.1.0/24 10.10.10.10,
2.2.2.0/24
20.20.20.20.
,
,
,
.
qm option voice tos
TOS.
:
1 DSCP 802.1p
qm ch1 dscp=0 dot1p=-1
2 QM_PRIO_BUSINESS1 DSCP
31
qm ch2 pri=9 dscp=31
3 QM_PRIO_VIDEO DSCP 11
qm ch3 pri=3 dscp=11
4 QM_PRIO_BUSINESS8 DSCP
51
qm ch4 pri=16 dscp=51
1,
qm add ch1 pass all from 0/0 to 0/0
2
qm add ch2 tcp from X.X.X.0/24 to 0/0
3
qm add ch3 udp from X.X.X.0/24 PORT to 0/0
-
4
qm add ch4 all from 0/0 to 0/0
25 802.1p . VLAN
,
qm ch25 dot1p=5
26 802.1p VLAN ID. VLAN
,
qm ch26 vlan=7 dot1p=4
, MINT eth0
DSCP 11, 25
qm addout eth0 ch25 dscp11 from 0/0 to 0/0
Copyright 2004-2011 by InfiNet Wireless
113
InfiNet Wireless
WANFleX
, MINT eth0
DSCP 13, 26
qm addout eth0 ch26 dscp13 from 0/0 to 0/0
:
Class 1
Class 2
Ch 1
Class 3
Ch 2
Ch 3
Ch 4
qm class1 max=1000
qm class2 max=600 ceil=1000
qm class3 max=300 ceil=1000 ceilprio=1
qm ch1 max=200 ceil=1000 class2
qm ch2 max=400 ceil=1000 class2
qm ch3 max=100 ceil=300 class3
qm ch4 max=200 ceil=300 class3
(. ),
(Ch1 Ch2), Class2,
class1 - 1000 /,
(Ch3 Ch4), .. Class2 , Class3.
4. Route ( )
.
:
route add [metric XX] [-}
route delete []
:
route
.
,
, ,
, .
add -
delete -
-
Copyright 2004-2011 by InfiNet Wireless
114
InfiNet Wireless
WANFleX
metric - [0-15], RIP (
- 0)
.
,
_/___
_: _ default.
:
route add default 195.38.44.129
route add 193.124.189.0/27 195.38.44.108
route add 193.124.189.0:255.255.255.224 195.38.44.108.
route
add
"". ,
route delete,
,
,
(gateway).
,
( ).
5. ARIP
ARIP
RIP.
RIP (Routing
Information Protocol) - RIP-1 RIP-2.
arip.
.
ARIP (),
:
#1>arip
RIP>
, ,
,
.
. ?:
RIP>?
configure Configuration from vty interface
end
exit
End current mode and change to root mode (CTRL+C).
Back to WANFlex command shell (CTRL+D).
Copyright 2004-2011 by InfiNet Wireless
115
InfiNet Wireless
WANFleX
help
show
Print command list
Show running system information
RIP>
.
RIP()#. ,
configure, config:
RIP> configure
RIP(config)#
.
configure
RIP>
end(Ctrl+C)
RIP(config)#
router
RIP(config-router)#
interface
RIP(config-if)#
route-map
RIP(config-route-map)#
RIP
. ,
:
#1> arip configure
#1> arip router
#1> arip
RIP(config-router)#
( ) arip
.
,
:
Help -
End
Exit WANFlex
,
.
WANFlex
superuser. ,
(, telnet) .
, ,
5- .
,
"?". :
RIP> config
Copyright 2004-2011 by InfiNet Wireless
116
InfiNet Wireless
WANFleX
RIP(config)#?
access-list Add an access list entry
clear
Reset functions
end
End current mode and change to root mode (CTRL+C).
exit
Back to WANFlex command shell (CTRL+D).
help
Print command list
interface
Select an interface to configure
key
Authentication key management
no
Negate a command or set its defaults
prefix-list Build a prefix list
route-map
Create route-map or enter route-map command mode
router
Enable a routing process
show
Show running system information
stop
stop
RIP(config)# interface?
IFNAME Interface's name
RIP(config)# interface eth0
RIP(config-if)#?
authentication Authentication control
description
end
Interface specific description
End current mode and change to root mode (CTRL+C).
exit
Back to WANFlex command shell (CTRL+D).
help
Print command list
no
Negate a command or set its defaults
receive
Advertisement reception
send
Advertisement transmission
show
Show running system information
split-horizon Perform split horizon
RIP(config-if)#
exit ( Ctrl+D)
.
.
.
( help) :
A.B.C.D -
192.168.0.15
IP .
WORD
<1-N> -
1 N
A.B.C.D/M IP /
0 32. : 192.168.0.0/24
IFNAME . : eth0
Copyright 2004-2011 by InfiNet Wireless
117
InfiNet Wireless
WANFleX
,
, |.
: (A.B.C.D|<0-4294967295>).
, -
,
[].
no.
()
.
/ RIP .
RIP WANFleX:
arip start
config:
stop (daemon|clear)
:
>arip
RIP> configure
RIP(config)# stop daemon
clear, RIP
.
.
(access-list)
(prefix-list)
.
IP ( ) deny ()
permit (). <> <
>.
(IP , ..).
,
,
.
(deny permit).
RIP :
. 1-99 1300-1999
.
. 100-199 2000-2699
(, ).
. ,
, . , ()
<>/< >
Copyright 2004-2011 by InfiNet Wireless
118
InfiNet Wireless
WANFleX
RIP
config:
1.
accesslist
(<1-99>|<1300-1999>) (deny|permit) A.B.C.D
A.B.C.D
.
() .
,
. , IP
192.168.12.0 192.168.12.255, 192.168.12.0,
0.0.0.255.
(0.0.0.0 255.255.255.255) any.
, :
RIP(config)# access-list 1 permit 0.0.0.0 255.255.255.255
:
RIP(config)# access-list 1 permit any
, ,
, host.
, :
RIP(config)# access-list 1 permit 192.168.12.150 0.0.0.0
:
RIP(config)# access-list 1 permit host 192.168.12.150
2.
access- (<100-199>|<2000-2699>) (deny|permit) ip
list
3.
accesslist
A.B.C.D
A.B.C.D
A.B.C.D
A.B.C.D
WORD
(deny|permit)
A.B.C.D/M [exact-match]
<>/< >. , IP
192.168.12.0 192.168.12.255,
192.168.12.0/24. (0.0.0.0/0)
any. :
RIP(config)# access-list TestList1 deny 192.168.1.0/24
RIP(config)# access-list TestList1 permit any
. ..
.
Copyright 2004-2011 by InfiNet Wireless
119
InfiNet Wireless
WANFleX
,
()
. ,
,
.
. ..
.
prefix-list
WORD
[seq <1-4294967295>]
(deny|permit)
A.B.C.D/M
[ge <0-32>] [le <0-32>]
,
5
. ..
, , .
RIP
RIP
.
. ,
,
RIP. config-router :
network A.B.C.D/M
C IP .
.
config-router :
network WORD
WORD .
:
RIP>configure
RIP(config)# router
RIP(config-router)# network 4.7.8.0/24
RIP(config-router)# network rf5.0
RIP(config-router)#
RIP :
no network A.B.C.D/M
no network WORD
.
config-router:
neighbor a.b.c.d
a.b.c.d -. :
no neighbor a.b.c.d
Copyright 2004-2011 by InfiNet Wireless
120
InfiNet Wireless
WANFleX
config-router :
redistribute (kernel|connected|static|ospf) [metric <0-16777214>]
[route-map WORD]
,
config-router:
distribute-list WORD direct ifname
WORD .
. direct out
in. in
.
eth0 ,
10.0.0.0/8:
RIP(config-router)# distribute-list private in eth0
RIP(config-router)# access-list private permit 10 10.0.0.0/8
RIP(config-router)# access-list private deny any
config-router:
default-metric <0-16>
, 1.
redistribute kernel RIP
default route ( = 0.0.0.0/0),
. ,
default route configrouter:
default-information originate
default route :
no default-information originate
ip- config-if:
split-horizon [poisoned-reverse]
, ,
.
poisoned-reverse
, ,
.
16.
poisoned-reverse
.
Copyright 2004-2011 by InfiNet Wireless
121
InfiNet Wireless
WANFleX
:
no split-horizon
(route-map)
,
(route-map).
-.
, ,
( /
),
(, ) (
).
.
, :
(deny),
, ,
( )
(permit),
(
/ ). , , ,
,
:
1.
on-match
next
2.
on-match goto <N> -
N, , .
config:
route-map WORD (deny|permit) <1-65535>
WORD () .
/.
, .
. :
RIP> configure
RIP(config)# route-map testmap permit 10
RIP(config-route-map)#
. config-route-map :
match address (<1-199>|<1300-2699>|WORD)
match address prefix-list WORD
match interface WORD
match next-hop (<1-199>|<1300-2699>|WORD)
match next-hop prefix-list WORD
Copyright 2004-2011 by InfiNet Wireless
122
InfiNet Wireless
WANFleX
: (destination), gateway (nexthop)
.
. ,
. match next-hop match address
( ) :
access-list prefix-list. ,
.
match interface
, .
config-route-map:
set metric <0-4294967295>
, :
on-match goto <1-65535>
on-match next
:
RIP> configure
RIP(config)# access-list AnyNetwork permit any
RIP(config)# access-list net200 permit 192.168.200.0/24
RIP(config)# route-map mapForConnected permit 10
RIP(config-route-map)# match address net200
RIP(config-route-map)# set metric 7
RIP(config-route-map)# route-map mapForConnected deny 11
RIP(config-route-map)# match address AnyNetwork
RIP(config-route-map)# router
RIP(config-router)# redistribute connected route-map mapForConnected
RIP(config-route-map)#
,
connected .
, 192.168.200.0/24,
7,
.
!!! ,
route-map, ,
route-map config-router:
route-map WORD (in|out) IFNAME
WORD road-map.
. .
RIP
Copyright 2004-2011 by InfiNet Wireless
123
InfiNet Wireless
WANFleX
.
():
.
, Internet (sniffing),
.. ,
.
.
(message-digest).
MD5.
,
.
(null-).
config-if.
1. :
authentication mode text
authentication string LINE
LINE , 16
2. :
authentication mode md5
authentication key-chain LINE
LINE MD5
, LINE,
config:
RIP(config)# key chain WORD
RIP(config-keychain)# key <0-2147483647>
RIP(config-keychain-key)# key-string LINE
WORD
<0-2147483647> -
LINE md5
.
RIP .
:
Update timer 30 . RIP
RIP
.
Timeout timer 180 .
.
, , .
Copyright 2004-2011 by InfiNet Wireless
124
InfiNet Wireless
WANFleX
Garbage collect timer 120 .
.
config-router
:
timers basic update timeout garbage
:
no timers basic
RIP
RIP
:
show access-list
.
show memory
.
show rip
RIP.
, , , , RIP.
show route
6. Rip ( )
RIP-1, RIP-2.
(Routing Information Protocol) - RIP-1 RIP-2
RIP
rip.
.
rip start|stop|restart|flush|[-]trace [LEVEL]|dump|[]ridhosts|[-]keepstatic
rip IFNAME v1 v2 [-]in [-]out [-]v1in
[-]v2out [-]ag [-]subag
[-]v1out
[-]v2in
rip IFNAME peer ADDR[/MASK | /MASKLEN] ... | del
rip [-]static NET[/MASK] GATEWAY
/ :
rip [INTERFACE] [no]export |[no]import NET[/MASK | /MASKLEN]
[exact] | all |
default [[+|]metric N] [pref N] ...
rip [INTERFACE] [no]export |[no]import NET[/MASK]|[/MASKLEN]
del
rip start
rip stop
Copyright 2004-2011 by InfiNet Wireless
125
InfiNet Wireless
WANFleX
rip restart
, , .
(config save),
.
rip flush
.
rip [-]trace [LEVEL]
LEVEL
1 -
2 - /
3 - /
4 - .
, , 4.
rip dump
rip show
rip [-]ridhosts
-,
.
c
.
rip [-]keepstatic
.
route add.
" ",
,
.
, , - ,
.
( ) ,
.
1.
,
rip export.
(rip -keepstatic),
, .
rip IFNAME v1 v2 [-]in [-]out [-]v1in [-]v1out [-]v2in [-]v2out
.
Copyright 2004-2011 by InfiNet Wireless
126
InfiNet Wireless
WANFleX
, .
RIP2 RIP1 (rip IFNAME v2 v1).
rip IFNAME [-]ag [-]subag
( ).
()
.
subag
,
.
ag,
"C".
.
,
, -
,
, .
, ,
.
,
.
, ,
,
, .
rip IFNAME peer { ADDR[/MASK] ... | clear
,
IFNAME.
,
.
,
, .
,
.
:
rip rf0 peer 10.1.2.3
10.4.5.6
192.168.1.0/16
10.1.2.3, 10.4.5.6
, 192.168.1.0/16
rip [-]static NET[/MASK] GATEWAY
3.31.
route add. rip static,
, route add.
/ :
/ .
Copyright 2004-2011 by InfiNet Wireless
127
InfiNet Wireless
WANFleX
3 :
INTERFACE "int:ADDR"
,
, ().
:
rip int:10.2.3.4 export all
INTERFACE .
,
.
:
rip eth0 export all
INTERFACE .
, .
:
rip export all
EXPORT NOEXPORT ,
.
IMPORT NOIMPORT
,
.
:
, ,
, .
, ,
.
, ,
.
, ,
.
, ,
.
-, ,
, .
, -,
.
-
,
.
Copyright 2004-2011 by InfiNet Wireless
128
InfiNet Wireless
WANFleX
/
, .
rip noexport 192.168.9.0/24
rip noexport default
rip export all
,
(default), .
rip noimport 10.0.0.0/255.0.0.0
rip import all
10.0.0.0/8,
.
:
rip noexport 192.168.9.0/24 192.168.10.0/24 192.168.20.0/24
,
:
rip import 192.168.9.0/24 metric 5
rip export 192.168.9.0/24 metric 7
,
.
rip export all +metric 2
2
.
rip import default -metric 1
,
2 13.
, ,
( ).
,
exact.
, :
rip noimport 10.0.0.0/255.0.0.0
10.0.0.0,
(10.XXX.XXX.XXX).
, :
rip noimport 10.0.0.0/255.0.0.0 exact
10.0.0.0,
.
del
.
rip noexport 192.168.9.0/24 del
Copyright 2004-2011 by InfiNet Wireless
129
InfiNet Wireless
WANFleX
7. OSPFv2 ( )
OSPF
IP.
OSPF RFC 2328.
OSPF
LinkState, :
multicast
authentication
.
OSPF (),
:
#1> ospf
OSPF>
, ,
,
.
. ?:
OSPF>?
configure Configuration from vty interface
end
End current mode and change to root mode (CTRL+C).
exit
Back to WANFlex command shell (CTRL+D).
help
Print command list
show
Show running system information
OSPF>
.
OSPF()#. ,
configure, config:
OSPF> configure
OSPF(config)#
.
Copyright 2004-2011 by InfiNet Wireless
130
InfiNet Wireless
WANFleX
configure
OSPF>
end(Ctrl+C)
OSPF(config)#
router
OSPF(config-router)#
interface
OSPF(config-if)#
route-map
OSPF(config-route-map)#
,
:
Help -
End
Exit WANFlex
,
.
WANFlex
superuser. ,
(, telnet) .
, ,
5- .
,
"?". :
OSPF> config
OSPF(config)#?
access-list Add an access list entry
clear
Reset functions
end
End current mode and change to root mode (CTRL+C).
exit
Back to WANFlex command shell (CTRL+D).
help
Print command list
interface
no
Select an interface to configure
Negate a command or set its defaults
prefix-list Build a prefix list
route-map
Create route-map or enter route-map command mode
router
Enable a routing process
show
Show running system information
stop
stop
OSPF(config)# interface?
IFNAME Interface's name
OSPF(config)# interface eth0
OSPF(config-if)#?
Copyright 2004-2011 by InfiNet Wireless
131
InfiNet Wireless
WANFleX
authentication
Enable authentication on this interface
authentication-key Authentication password (key)
cost
Interface cost
dead-interval
description
Interval after which a neighbor is declared dead
Interface specific description
end
End current mode and change to root mode (CTRL+C).
exit
Back to WANFlex command shell (CTRL+D).
hello-interval
help
Time between HELLO packets
Print command list
message-digest-key Message digest authentication password (key)
network
Network type
no
Negate a command or set its defaults
priority
Router priority
retransmit-interval Time between retransmitting lost link state
show
Show running system information
transmit-delay
Link state transmit delay
OSPF(config-if)#
exit ( Ctrl+D)
.
.
.
( help) :
A.B.C.D -
192.168.0.15
IP .
WORD
<1-N> -
1 N
A.B.C.D/M IP /
0 32. : 192.168.0.0/24
IFNAME . : eth0
,
, |.
: (A.B.C.D|<0-4294967295>).
, -
,
[].
no.
()
.
/ OSPF .
OSPF WANFlex:
ospf start
Copyright 2004-2011 by InfiNet Wireless
132
InfiNet Wireless
WANFleX
config:
stop (daemon|clear)
:
>ospf
OSPF> configure
OSPF(config)# stop daemon
clear,
.
OSPF .
32- . ,
config-router :
router-id A.B.C.D
:
OSPF>configure
OSPF(config)# router
OSPF(config-router)# ospf router-id 195.38.45.107
OSPF(config-router)#
,
( ) IP ,
OSPF.
:
no router-id
(access-list)
(prefix-list)
.
IP ( ) deny ()
permit (). <> <
>.
(IP , ..).
,
,
.
(deny permit).
OSPF :
. 1-99 1300-1999
.
Copyright 2004-2011 by InfiNet Wireless
133
InfiNet Wireless
WANFleX
. 100-199 2000-2699
(, ).
. ,
, . , ()
<>/< >
OSPF
config:
1.
accesslist
(<1-99>|<1300-1999>) (deny|permit) A.B.C.D
A.B.C.D
.
() .
,
. , IP
192.168.12.0 192.168.12.255, 192.168.12.0,
0.0.0.255.
(0.0.0.0 255.255.255.255) any.
, :
OSPF(config)# access-list 1 permit 0.0.0.0 255.255.255.255
:
OSPF(config)# access-list 1 permit any
, ,
, host.
, :
OSPF(config)# access-list 1 permit 192.168.12.150 0.0.0.0
:
OSPF(config)# access-list 1 permit host 192.168.12.150
2.
access- (<100-199>|<2000-2699>) (deny|permit) i
list
p
3.
accesslist
A.B.C.D
A.B.C.D
A.B.C.D
A.B.C.D
WORD
(deny|permit)
A.B.C.D/M [exact-match]
<>/< >. , IP
192.168.12.0 192.168.12.255,
192.168.12.0/24. (0.0.0.0/0)
any. :
Copyright 2004-2011 by InfiNet Wireless
134
InfiNet Wireless
WANFleX
OSPF(config)# access-list TestList1 deny 192.168.1.0/24
OSPF(config)# access-list TestList1 permit any
. ..
.
,
()
. ,
,
.
. ..
.
prefix-list
WORD
[seq <1-4294967295>]
(deny|permit)
A.B.C.D/M
[ge <0-32>] [le <0-32>]
,
5
. ..
, , .
OSPF
:
1. . ,
,
( ) OSPF
.
2. . ,
, .
,
WANFlex route add (kernel).
,
IP ()
(connected).
, OSPF ,
, .
config-router :
network A.B.C.D/M area (A.B.C.D|<0-4294967295>)
IP
. ,
IP , .
:
OSPF>configure
OSPF(config)# router
OSPF(config-router)# network 4.7.8.32/24 area 0.0.0.1
Copyright 2004-2011 by InfiNet Wireless
135
InfiNet Wireless
WANFleX
OSPF(config-router)# network 192.168.15.1/24 area 0
OSPF(config-router)#
IP
, OSPF
,
( ).
WANFlex ifconfig <intf> <IP/MASK>
alias up,
OSPF.
(
OSPF ) , .
point-to-point,
OSPF
point-to-point .
:
no network A.B.C.D/M area (A.B.C.D|<0-4294967295>)
.
, IP ()
. ,
. config-router
:
auto-interface IFNAME area (A.B.C.D|<0-4294967295>)
, IP (alias)
OSPF
.
() .
config-router:
no auto-interface IFNAME
config-router :
redistribute (kernel|connected|static) [metric <0-16777214>] [metric-type (1|2)]
[route-map WORD]
,
configrouter:
distribute-list WORD out (kernel|connected|static)
,
,
,
redistribute.
OSPF
1, 2 (External Type1|2).
OSPF,
. OSPF
,
default route (
Copyright 2004-2011 by InfiNet Wireless
136
InfiNet Wireless
WANFleX
). ,
1 OSPF
.
. ,
, .
2,
,
, ,
(). ,
2
,
, .
, ,
1.
WORD ,
.
(route-map).
(, gateway,
..), .
/ ,
2.
:
default-metric <0-16777214>
, 1.
redistribute kernel OSPF
default route ( = 0.0.0.0/0),
. ,
default route configrouter:
default-information originate [always]
16777214>] [route-map WORD]
[metric-type
(1|2)]
[metric
<0-
metric-type (1|2) metric <0-16777214>
redistribute.
.
always. always
default route
.
default route :
no default-information originate
, OSPF ospf
redistribute:
ospf config router summary-address A.B.C.D/M [metric M] [metric-type T]
,
summary-address,
A.B.C.D/M.
Copyright 2004-2011 by InfiNet Wireless
137
InfiNet Wireless
WANFleX
OSPF .
,
,
, :
ospf show summary-address [detail]
detail .
.
(route-map)
,
,
(route-map). .
, ,
,
( /
), (, )
( ).
. , :
(deny),
, ,
( )
(permit),
(
/ ). , , ,
,
:
1. on-match next
2. on-match goto <N> -
N, ,
.
config:
route-map WORD (deny|permit) <1-65535>
WORD () .
/.
, .
. :
OSPF> configure
OSPF(config)# route-map testmap permit 10
OSPF(config-route-map)#
Copyright 2004-2011 by InfiNet Wireless
138
InfiNet Wireless
WANFleX
. config-route-map :
match address (<1-199>|<1300-2699>|WORD)
match address prefix-list WORD
match interface WORD
match next-hop (<1-199>|<1300-2699>|WORD)
match next-hop prefix-list WORD
: (destination), gateway (nexthop)
.
. ,
. match next-hop match address
( ) :
access-list prefix-list. ,
.
match interface
, ().
/ ,
config-route-map:
set metric <0-4294967295>
set metric-type (type-1|type-2)
, :
on-match goto <1-65535>
on-match next
:
OSPF> configure
OSPF(config)# access-list AnyNetwork permit any
OSPF(config)# access-list net200 permit 192.168.200.0/24
OSPF(config)# route-map mapForConnected permit 10
OSPF(config-route-map)# match address net200
OSPF(config-route-map)# set metric 7
OSPF(config-route-map)# route-map mapForConnected deny 11
OSPF(config-route-map)# match address AnyNetwork
OSPF(config-route-map)# router
OSPF(config-router)# redistribute connected route-map mapForConnected
OSPF(config-route-map)#
, connected
2. ,
192.168.200.0/24, 7,
Copyright 2004-2011 by InfiNet Wireless
139
InfiNet Wireless
WANFleX
. OSPF
,
:
M = reference_bandwidth/bandwidth.
reference_bandwidth 100 /,
bandwidth ,
. reference_bandwidth
config-router:
auto-cost reference-bandwidth <1-4294967>
/.
, .
()
- config-if:
cost <1-65535> [A.B.C.D]
config-if
:
interface IFNAME
:
OSPF> configure
OSPF(config)# interface eth0
OSPF(config-if)# cost 4 192.168.15.1
OSPF(config-if)#
cost IP ,
( ), .
,
, -,
().
OSPF
OSPF .
, ()
, (area).
OSPF. ,
.
,
,
.
,
(ABR). ,
Copyright 2004-2011 by InfiNet Wireless
140
InfiNet Wireless
WANFleX
( redistribute),
OSPF (ASBR).
area-id.
area-id OSPF
(backbone).
OSPF
.
(non-backbone) .
(contiguous),
.
ABR
OSPF ABR:
1. cisco ABR,
- .
( ).
2. ibm cisco,
3. standard
4. shortcut standard,
,
( )
cisco ibm RFC3509.
shortcut ABR ,
,
,
(
). shortcut
ospf-shortcut-abr-02.txt.
ABR config-router:
abr-type (cisco|ibm|shortcut|standard)
( )
config-router:
area (A.B.C.D|<0-4294967295>) shortcut (default|enable|disable)
ABR- shortcut
:
Default
, ABR
.
Enable ,
.
Disable shortcut-ABR
.
.
, ABR ABR
Copyright 2004-2011 by InfiNet Wireless
141
InfiNet Wireless
WANFleX
,
( ) .
OSPF ABR
. , ABR default gateway,
.
config-router :
area (A.B.C.D|<0-4294967295>) stub [no-summary]
no-summary ,
,
.. ABR .
.
,
,
, .
.
, OSPF , (area 0)
. .
. , ABR
.
.
ABR (
)
. config-router :
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D
(A.B.C.D|<0-4294967295>) ,
,
A.B.C.D ABR (router-id),
.
. :
Router 192.168.152.45:
OSPF> configure
OSPF(config)# router
OSPF(config-router)# area 0.0.0.1 virtual-link 192.168.78.12
Router 192.168.78.12:
OSPF> configure
OSPF(config)# router
OSPF(config-router)# area 0.0.0.1 virtual-link 192.168.152.45
,
point-to-point, ABR ,
.
.
, ABR
() .
ABR
().
Copyright 2004-2011 by InfiNet Wireless
142
InfiNet Wireless
WANFleX
config-router :
area (A.B.C.D|<0-4294967295>) export-list NAME
area (A.B.C.D|<0-4294967295>) filter-list prefix WORD (in|out)
area (A.B.C.D|<0-4294967295>) import-list NAME
NAME (access-list),
WORD (in|out) (prefix-list)
(in , out ).
,
ABR, .
.
, OSPF ,
.
. ,
ABR ( )
,
,
. ,
,
.
() ,
( ) , ,
, (
).
, ,
:
(R)
(not-advertise)
() (C )
(Rs)
,
C Rs. R,
R ( Rs,
) ( C,
).
config-router.
R
not-advertise:
area (A.B.C.D|<0-4294967295>) range A.B.C.D/M [not-advertise]
R
C:
area (A.B.C.D|<0-4294967295>) range A.B.C.D/M [cost <0-16777215>]
Rs R:
Copyright 2004-2011 by InfiNet Wireless
143
InfiNet Wireless
WANFleX
area (A.B.C.D|<0-4294967295>) range A.B.C.D/M substitute A.B.C.D/M
.
,
,
,
. ,
, ,
-, OSPF (
).
.
( ) OSPF
, IP
,
.
,
().
:
hello-interval
dead-interval
, hello-interval 10 , dead-interval 40
. -
config-if :
dead-interval <1-65535> [A.B.C.D]
hello-interval <1-65535> [A.B.C.D]
.
IP ,
. ,
,
,
,
. ,
,
.
, ,
, (DR)
. ,
. ,
IP .
config-if :
priority <0-255> [A.B.C.D]
,
,
. ,
.
,
.
OSPF ,
.
Copyright 2004-2011 by InfiNet Wireless
144
InfiNet Wireless
WANFleX
. , .
,
(Backup).
,
.
, .
master-slave, IP .
.
,
(retransmit).
OSPF
/
. config-if
retransmit-interval <3-65535> [A.B.C.D]
,
.
:
(
)
.
,
, ,
.
.
.
/
config-if:
transmit-delay <1-65535> [A.B.C.D]
,
, .. (
) . 1800
(), config-router:
refresh timer <10-1800>
, OSPF
.
,
-. ,
. ,
.
() config-router:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D
(hello-interval|
<1-65535>
retransmit-interval|
transmit-delay|
Copyright 2004-2011 by InfiNet Wireless
145
InfiNet Wireless
WANFleX
dead-interval)
.
OSPF
.
():
. ,
, 64-
OSPF.
64- .
,
Internet (sniffing), ..
,
.
.
OSPF
(message-digest), OSPF.
MD5.
(one-way)
OSPF .
,
(null- ).
( , ) /
- , .
1.
config-if
:
authentication-key AUTH_KEY [A.B.C.D]
AUTH_KEY , IP
2. :
message-digest-key <1-255> md5 KEY [A.B.C.D]
KEY MD5, IP
. <1-255> -
. ..
255 .
.
, .
.. ,
MD5 (
255) , .
Copyright 2004-2011 by InfiNet Wireless
146
InfiNet Wireless
WANFleX
, ()
config-if:
authentication [(null|message-digest)] [A.B.C.D]
. null IP
.
(
)
.
config-router:
:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D authentication-key
AUTH_KEY
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D message-digest-key <1255> md5 KEY
:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D (authentication|) (messagedigest|null)
,
, OSPF.
,
, .
.., ,
null, . ,
, ,
(),
config-router:
area (A.B.C.D|<0-4294967295>) authentication [message-digest]
message-digest ,
.
,
, ,
() . ,
,
.
configrouter:
no area (A.B.C.D|<0-4294967295>) authentication
. ,
show running-config
Copyright 2004-2011 by InfiNet Wireless
147
InfiNet Wireless
WANFleX
.
,
.
:
OSPF> show running-config
Current configuration:
interface eth0
interface eth1
interface lo0
interface null0
interface tun0
network point-to-point
router
router-id 195.38.45.107
network 1.1.1.1/32 area 0.0.0.0
network 4.7.8.0/24 area 0.0.0.1
network 192.168.15.1/24 area 0.0.0.1
network 195.38.45.107/26 area 0.0.0.0
area 0.0.0.1 virtual-link 192.168.151.10
end
OSPF>
show neighbor [A.B.C.D] [detail]
IP
(),
. ,
.
:
OSPF> show neighbor
Neighbor ID
9.1.1.8
Pri State
Dead Time Address
1 Full/DROther
192.168.151.1
eth1:192.168.15.1
192.168.45.116
1
eth0:192.168.45.107
192.168.151.10
00:00:32
1.1.1.2
Full/DR
tun0:1.1.1.1
00:00:32
Full/DR
1 Full/DROther
Interface
00:00:32
00:00:39
192.168.15.10
192.168.45.116
192.168.151.10 VLINK0
OSPF>
:
Copyright 2004-2011 by InfiNet Wireless
148
InfiNet Wireless
WANFleX
Neighbor ID
Pri
State /.
:
o
Init. Hello
,
(. ., Hello
).
o
2-Way. ,
Hello.
.
o
ExStart. ,
/.
o
Exchange.
,
.
o
Loading.
,
( ) Exchange.
.. .
o
Full.
.
:
o DR
o Backup .
o DROther (
)
Dead Time
.
Address IP
Interface ()
.
detail,
, .
show database
(LSA).
show database (asbr-summary|external|network|router|summary) [A.B.C.D]
[adv-router A.B.C.D]
,
.
.
Copyright 2004-2011 by InfiNet Wireless
149
InfiNet Wireless
WANFleX
, ,
,
192.168.45.107:
OSPF> show database network adv-router 192.168.45.107
OSPF Router with ID (192.168.151.10)
Net Link States (Area 0.0.0.0)
Net Link States (Area 0.0.0.1)
LS age: 473
Options: 0x2 : *|-|-|-|-|-|E|*
LS Flags: 0x6
LS Type: network-LSA
Link State ID: 192.168.15.1 (address of Designated Router)
Advertising Router: 192.168.45.107
LS Seq Number: 80000001
Checksum: 0x9148
Length: 32
Network Mask: /24
Attached Router: 192.168.45.107
Attached Router: 192.168.151.1
Net Link States (Area 0.0.0.2)
OSPF>
show access-list [(<1-99>|<100-199>|<1300-1999>|<2000-2699>|WORD)]
.
,
. :
OSPF> show access-list
IP access list any_network
permit any
IP access list net200
permit 192.168.200.0/24
:
show prefix-list
show prefix-list WORD
show route
,
. :
Copyright 2004-2011 by InfiNet Wireless
150
InfiNet Wireless
WANFleX
OSPF> show route
============ OSPF network routing table ============
N IA 1.1.1.1/32
[3] area: 0.0.0.1
via 192.168.15.1, eth0
N IA 1.1.1.2/32
[2] area: 0.0.0.1
via 192.168.15.1, eth0
4.7.8.0/24
[2] area: 0.0.0.1
via 192.168.15.1, eth0
N IA 9.1.1.0/24
[12] area: 0.0.0.1
via 192.168.15.1, eth0
N IA 192.168.0.0/24
[3] area: 0.0.0.1
via 192.168.15.1, eth0
N
192.168.15.0/24
[1] area: 0.0.0.1
directly attached to eth0
N IA 192.168.80.0/24
[12] area: 0.0.0.1
via 192.168.15.1, eth0
N
192.168.151.0/24
[1] area: 0.0.0.1
directly attached to eth0
N IA 192.168.152.0/24
[2] area: 0.0.0.1
via 192.168.151.10, eth0
N IA 195.38.45.64/26
[2] area: 0.0.0.1
via 192.168.15.1, eth0
============ OSPF router routing table =============
R
192.168.151.10
[1] area: 0.0.0.1, ABR, ASBR
via 192.168.151.10, eth0
R
195.38.45.107
[1] area: 0.0.0.1, ABR
via 192.168.15.1, eth0
============ OSPF external routing table ===========
N E2 192.168.200.0/24
[1/7] tag: 0
via 192.168.151.10, eth0
OSPF>
:
1.
(OSPF network routing table).
(
) OSPF . IA
, ,
, ..
(inter-area path).
,
. via -, ..
(next hop).
Copyright 2004-2011 by InfiNet Wireless
151
InfiNet Wireless
WANFleX
2.
(OSPF
router routing table).
3.
, ..
OSPF (OSPF external routing table). E2
(E1 1, E2
2.
< ,
>/< >.
show interface [INTERFACE]
, .
- ,
.
:
OSPF> show interface
VLINK0 is up
Internet Address 192.168.151.10/24, Area 0.0.0.0
Router ID 192.168.151.10, Network Type VIRTUALLINK, Cost: 2
Transmit Delay is 1 sec, State Point-To-Point, Priority 1
No designated router on this network
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Neighbor Count is 1, Adjacent neighbor count is 1
eth0 is up
Internet Address 192.168.151.10/24, Area 0.0.0.1
Router ID 192.168.151.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.151.10, Interface Address 192.168.151.10
Backup Designated
192.168.151.1
Router
(ID)
192.168.151.1,
Interface
Address
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
Neighbor Count is 1, Adjacent neighbor count is 1
Internet Address 192.168.152.1/24, Area 0.0.0.2
Router ID 192.168.151.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.151.10, Interface Address 192.168.152.1
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03
Copyright 2004-2011 by InfiNet Wireless
152
InfiNet Wireless
WANFleX
Neighbor Count is 0, Adjacent neighbor count is 0
lo0 is up
OSPF not enabled on this interface
null0 is down
OSPF not enabled on this interface
rf5.0 is up
OSPF not enabled on this interface
OSPF>
8. Netstat
:
netstat -r
netstat -i
:
netstat ,
.
-r - .
:
U -
H - . ,
.
D -
(icmp redirect)
M -
(icmp redirect)
G - . ,
, .
S - ,
route add
1 - ,
rip static
Copyright 2004-2011 by InfiNet Wireless
153
InfiNet Wireless
WANFleX
L -
( ARP )
C -
( L).
-i -
.
9. Ipfw (IP Firewall)
.
ipfirewall -
IP .
(addincoming) (addoutgoing)
. ,
. ,
.
(
,
,
).
:
( IP, TCP, UDP, ICMP, ARP)
/ ( TCP UDP)
,
TCP-.
,
IP .
MAC- .
:
Copyright 2004-2011 by InfiNet Wireless
154
InfiNet Wireless
WANFleX
() - (reject)
(accept).
,
, .
. ,
, .
(accept), , ,
. ,
, .
!
.
ipfw. ,
ipfw add reject all from 192.168.5.3 to 192.168.11.7
,
, 192.168.5.3
192.168.11.7.
,
.
ipfw - ipfirewall
:
ipfw
=================================================
list
show | reset
Copyright 2004-2011 by InfiNet Wireless
155
InfiNet Wireless
WANFleX
rearrange [N]
flush
quiet | -quiet
del num
mov num1 num2
add[out] [NUM] [IFNAME] rules...
rules: [{setpri|addpri}=[N]] accept|reject|rpfilter|pass [log]
[vlan={N|any|$ACL}] [dot1p=N] [swg=N] [ether={X|any}] [dscp=N|tos=N]
[prf]
-f "pcap filter expression"
|
PROTO from [not] ADDR [PORTs] to [not] ADDR [PORTs]
PROTO: [all] | tcp | udp | icmp | arp | proto NUMBER
ADDR: IP | $LOCAL | $ROUTE | $ACL | mac {x:x:x:x:x:x}
PORTS: NUM[:NUM] [NUM] ...
ipfw list
.
ipfw show
ipfw.
ipfw reset
c ipfw.
ipfw flush
(
) . .
ipfw add[incoming] [num] . . .
ipfw addout[going] [num] . . .
addincoming addoutgoing . add*
.
num
.
ipfw del num
.
num,
ipfw list.
ipfw mov num1 num2
num1 num2.
Copyright 2004-2011 by InfiNet Wireless
156
InfiNet Wireless
WANFleX
ipfw rearrange [N]
N ( 5).
ipfw [-]quiet
.
, ipfw quiet.
ipfw show
.
ipfw reset
.
:
[[{setpri|addpri}=[N]] accept|reject|rpfilter|pass [log]
[vlan={N|any|$ACL}] [dot1p=N] [swg=N] [ether={X|any}] [dscp=N|tos=N]
[prf]
-f "pcap filter expression"
|
PROTO from [not] ADDR [PORTs] to [not] ADDR [PORTs]
PROTO: [all] | tcp | udp | icmp | arp | proto NUMBER
:
. (..
), (..
) .
.
interface ,
.
, , eth0 rf5.0
ethernet - .
interface , ,
.
setpri|addpri /
, . setpri
.
(setpri=),
. addpri ,
, (
, ). addpri
.
disp ( disposition) ,
.
: accept reject. accept,
. reject ,
.
log (accept log reject log),
Copyright 2004-2011 by InfiNet Wireless
157
InfiNet Wireless
WANFleX
"ipfw" "rpfilter" (reverse path filter).
,
,
. , ipfw
, .
:
ipfw add rpfilter all from 0/0 to 0/0
disp pass, ""
, ,
.
:
ipfw add pass log tcp from 0/0 to 0/0
, ,
.
[vlan={N|any|$ACL}]
[dot1p=N]
[swg=N]
[ether={X|any}] [dscp=N|tos=N] [prf]
, VLAN ID, 802.1p,
(SWitchGroup), (EtherType),
ip_tos DSCP IP precedence.
prf
PRF.
vlan VLAN
$ACL ( ACL . (
acl)).
any vlan ether
VLAN ID
.
proto IP,
. : tcp, udp, icmp, arp, all
.
modifiers
. .
from proto modifiers
(endpoint). to
(endpoint).
endpoint .
endpoint proto. proto
all icmp, endpoint . proto
udp tcp , endpoint
.
IP-
(mask). IP-
(nn.nn.nn.nn).
, (nnn.nnn.nnn.nnn).
:
nn.nn.nn.nn
nn.nn.nn.nn:xxx.xxx.xxx.xxx
Copyright 2004-2011 by InfiNet Wireless
158
InfiNet Wireless
WANFleX
nn.nn.nn.nn/NN
,
.
"/" ( ,
, ).
: 192.168.9.0/24 192.168.9.0
24 .
: 192.168.9.0:255.255.255.0.
0/0 IP-.
,
,
IP ($ACLRULE)
ACL ,
.
$LOCAL ,
.
( ) .
ipfw add accept all from 0/0 to $LOCAL
$ROUTE ,
default route. ,
.
ipfw add reject all from 0/0 to not $ROUTE
, MAC- Ethernet,
MAC
"mac".
MAC- ,
. ,
, "$BS".
MAC-
(
).
, MAC-
,
, ,
. .
"from" "to"
"not",
(), ,
.
:
ipfw add reject all from mac 0012345678 to 0/0
ipfw addout reject all from 0/0 to mac 0012345678
ipfw add rf1 reject all from mac $BS to 0/0
ipfw add reject all from 0/0 to not 1.1.1.0/24
.
Copyright 2004-2011 by InfiNet Wireless
159
InfiNet Wireless
WANFleX
,
. (
, ).
10 .
, ,
IP-, (
).
,
, IP-
.
modifiers
, .
:
tcp_connection
, TCP
.
onnection
tcp_connection.
, TCP
SYN ACK.
ip_fragment
,
.
, offset
, more fragments.
ip_head_fragment
,
.
, offset more fragments
.
ip_tail_fragment
,
, .
, offset ( more fragments
).
ip_option
IP-,
IP ( NO-OP).
ip_recroute_option
IP-,
record-route timestamp IP
.
. .
ip_misc_option
, IP
record-route,
timestampIP
NO-OP.
Copyright 2004-2011 by InfiNet Wireless
160
InfiNet Wireless
WANFleX
IP misc
.
modifiers,
:
tcp_connection proto
tcp.
ip_fragment,
ip_head_fragment ip_tail_fragment,
.
ip_option,
ip_recroute_option ip_misc_option,
.
f pcap.
:
ipfw add reject -f "icmp and host (1.1.1.1 or 1.1.1.5)"
,
.
, .
, ,
IP- . IP ,
,
.
, ,
, .
, " " ,
, ,
.
:
, .
, .
, .
, .
, ,
.
:
proto all ,
, .
,
( , ,
, ).
Copyright 2004-2011 by InfiNet Wireless
161
InfiNet Wireless
WANFleX
,
(-, ,
).
ip_fragment,
, .
ip_tail_fragment,
, , .
ip_head_fragment,
,
.
tcp_connection,
TCP/IP ,
, .
ip_option, IP
( NO-OP EOL), .
ip_recroute_option,
, .
ip_misc_option,
IP , , record-route, timestamp,
EOL
NO-OP, .
proto udp
tcp ,
( )
,
.
proto udp tcp
,
( )
, .
disp.
ARP :
ARP IP-
IP-, (accept)
,
.
, ipfw
.
,
1.1.1.1
2.2.2.2:
ipfw add reject all from 1.1.1.1 to 2.2.2.2
,
:
ipfw add reject all from 1.1.1.0/24 to 2.2.2.2
Copyright 2004-2011 by InfiNet Wireless
162
InfiNet Wireless
WANFleX
24 "/" () .
24 C, 256 .
":"
:
ipfw add reject all from 1.1.1.1:255.255.255.0
to
2.2.2.2
:
ipfw add reject all from 1.1.1.0/24 to 0/0
1.1.1.0 C
(, ,
).
, ,
smtp ( ) IP-
192.5.42.1. :
ipfw add accept tcp from 0/0 to 192.5.42.1 25
tcp ,
TCP . 25,
smtp.
.
, . ,
ipfw add accept tcp from 0/0 to 1.1.1.1 900:5000 25 113
TCP 1.1.1.1,
900 5000 25 (smtp)
113 (ident).
IP spoofing
.
,
,
( IP spoofing). ,
.
, , .
:
Copyright 2004-2011 by InfiNet Wireless
163
InfiNet Wireless
WANFleX
, innerhost,
( ). ,
, ,
. , ,
rf5.0 ,
firewall, ,
, .
:
ipfw add rf5.0 reject all from innerhost/16 to 0/0
,
rf5.0. ,
, (
, B).
, ,
loopback
(127.0.0.0):
ipfw add rf0 reject all from 127.0.0.0/8 to 0/0
IP spoofing
( CERT summary CS-95:01,
summaries CERT WWW site ).
,
IP spoofing ,
. , CERT
advisory CA-95:01 .
TCP
TCP/IP 900 5000,
900 5000.
,
(, rf5.0
):
ipfw add rf5.0 accept tcp from 0/0 to 0/0 900:5000
ipfw add rf5.0 reject tcp from 0/0 to 0/0
Copyright 2004-2011 by InfiNet Wireless
164
InfiNet Wireless
WANFleX
,
900 5000 (
), .
, .
900 5000.
.
,
900 5000
. -
.
tcp_connection :
ipfw add rf0 reject tcp connection from 0/0 to 0/0 900:5000
ipfw add rf0 accept tcp from 0/0 to 0/0 900:5000
ipfw add rf0 reject tcp from 0/0 to 0/0
900 5000.
TCP ,
TCP .
UDP
TCP,
, UDP ().
,
, UDP/IP
UDP.
,
,
(, UDP,
.
, ,
UDP,
.
(DNS) ,
UDP.
, rf5.0 - ,
DNS , UDP :
ipfw add accept udp from 0/0 53 to 0/0 53
ipfw add rf0 reject udp from 0/0 to 0/0
,
UDP ,
.
UDP ,
( ):
NFS , ,
UDP 2049 (TCP/IP NFS TCP
2049, , ,
tcp_connection - ).
Copyright 2004-2011 by InfiNet Wireless
165
InfiNet Wireless
WANFleX
RPC portmapper
. ,
portmapper (TCP UDP 111).
,
.
, UDP .
, ,
TCP/IP UDP/IP
.
Microsoft LAN manager UDP.
Microsoft
, ,
:
ipfirewall add rf0 reject tcp from 0/0 to 0/0 135:139
ipfirewall add rf0 reject udp from 0/0 to 0/0 135:139
( Windows
NT/95/98).
IP
ip_fragment, ip_head_fragment ip_tail_fragment
IP .
, ,
:
, TCP UDP,
IP ,
.
IP ,
"denial-of-service"
( ),
,
.
denial-of-service,
, ,
:
ipfw add reject all ip_fragment from 0/0 to 0/0
, , ,
,
(,
)
,
.
,
( 1500 ).
, ,
. , -
,
.
, IP-
. ,
Copyright 2004-2011 by InfiNet Wireless
166
InfiNet Wireless
WANFleX
(, )
.
, ,
, :
ipfw add accept all ip_tail_fragment from 0/0 to 0/0
( "
") ,
,
. -
,
( 60 ).
10. Loadm ( )
:
loadm [-b] [-m] [-l] [-p] [-w delay] interface
:
loadm
.
, ()
:
-b - ();
-m - (
-b) ;
-l - ( );
-p ;
-w delay - .
: rf5.0, loadm
, ,
. ,
, /
.
,
.
eth0.
:
loadm -l rf5.0
Copyright 2004-2011 by InfiNet Wireless
167
InfiNet Wireless
WANFleX
Ctrl/C ESC.
11.Bpf (Berkeley Packet Filter)
:
bpf ifname ADDR PORT
bpf ifname
bpf -f "pcap filter expression"
:
, bpf,
, ,
.
.
,
,
(
) (
tcpdump).
, ( MAC ),
,
UDP .
Copyright 2004-2011 by InfiNet Wireless
168
InfiNet Wireless
WANFleX
,
.
, bpfshow
FreeBSD/OpenBSD. ,
-
pcap.raw.
tcpdump:
bpfshow 8000
^c
tcpdump -r pcap.raw
bpf f pcap .
:
bpf rf5.0 10.11.12.13 8000
,
rf5.0 10.11.12.13 8000.
bpf rf5.0
rf5.0
12. RPCAP
RPCAP (Remote Packet Capture)
,
, .
RPCAP
( ) . RPCAP,
,
:
.
InfiNet Wireless RPCAP.
rpcapd,
.
:
rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change]
rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop]
rpcapd [-buffersize=[SND_BUFFER_SIZE]]
rpcapd {trace|notrace}
rpcapd show [-s=SOURCENAME]
rpcapd clear
:
/ RPCAP :
Copyright 2004-2011 by InfiNet Wireless
169
InfiNet Wireless
WANFleX
rpcapd [-port[=PORT]] [-maxconn[=MAXCONNECTIONS]] [start|stop]
(rpcapd start),
RPCAP 2002
.
port maxconn.
//
RPCAP :
rpcapd -user=USERNAME -key[=PASSWORD] [add|del|change]
(add, del change),
, add change,
.
RPCAP ,
.
user key:
rpcapd user= -key=.
RPCAP
:
rpcapd [-buffersize=[SND_BUFFER_SIZE]]
32.
/
:
rpcapd {trace|notrace}
:
rpcapd show [-s=SOURCENAME]
s BPF
(
s).
:
rpcapd clear
13.Snmpd (SNMP daemon)
SNMP.
:
snmpd
user
NAME
(add|set)
[pass
PASSWORD]
[sec[urity]
(noAuthNoPriv|authNoPriv|authPriv)]
[acc[essRights]
(readOnly|readWrite)]
[cla[ss] (guest|admin)] [privpass PRIVPASS] [proto (des|aes128)]
snmpd user NAME del[ete]
snmpd comm[unity] NAME
snmpd (nodebug|debug [prox] [trap] [stat] [mibs] [user] [cryp] [pack] [time]
[flow])
snmpd (v1disable|v1enable)
snmpd (start|stop)
Copyright 2004-2011 by InfiNet Wireless
170
InfiNet Wireless
WANFleX
snmpd clear
:
(Simple Network Management
Protocol, SNMP) 1 3.
SNMP
,
.
SNMP v1
,
,
. MIB
, -
read-only. v1disable
, SNMP-.
SNMP SNMP v3
USM (User-based Security Model) MD5 .
,
(
).
accessRights snmpd. ReadOnly|readWrite
.
class
guest/admin
.
SNMP v1 community
"public". snmpd community NAME
.
MIB-II, MIB.
SNMP,
sec[urity]:
noAuthNoPriv SNMP
authNoPriv SNMP
,
authPriv SNMP
. privpass PRIVPASS
() , proto
(des|aes128) .
nodebug/debug /
SNMP .
snmpd clear SNMP .
:
snmpd comm secret
snmpd user john add pass mypassword security authNoPriv
snmpd on
14.Td (Telnet daemon)
Telnet daemon
Copyright 2004-2011 by InfiNet Wireless
171
InfiNet Wireless
WANFleX
:
td enable | disable RemoteHOST
td start | stop | flush
Telnet
, .
Telnet .
td stop.
.
td start.
,
().
"td enable RemoteHOST",
. RemoteHOST IP- .
10- .
td disable
.
td flush telnet .
:
td enable 195.38.44.1
td enable 195.38.44.11
td start
15.Nat (Network Address Translation)
NAT - (Network Address Translation
RFC1631)
:
nat command [arguments]
:
(Network Address Translation)
-
IPv4
IP . NAT
IP-,
, ,
. NAT
IP- ,
, ,
, . NAT
( ) natd
libalias FreeBSD.
(RFC1918),
IPv4
IP
(private internets):
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
Copyright 2004-2011 by InfiNet Wireless
172
InfiNet Wireless
WANFleX
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Internet
,
.
, .
,
IP .
. (public) IP .
, WWW, FTP, ICQ, IRC, Telnet,
SMTP, On-line Games ..
IP NAT. ,
. , HTTP
FTP Squid. ,
.
IP-
H.323, IP .
NAT H.323,
.
, IP
IP .
NAT.
local_acl
:
nat local_acl $NAME
[enable|disable|delete]
[public_addr|dhcp
IFNAME]
[-exclude
$DSTACL]
(public) IP-,
.
-
. Revolution
: Ethernet (eth) radio (rf).
, , , IP .
Ethernet ,
.
?
alias-
null0.
ifconfig null0 123.1.1.1/32 up
,
. -
.
.
, , ,
. .
. NAT
Copyright 2004-2011 by InfiNet Wireless
173
InfiNet Wireless
WANFleX
, , . ,
.
,
123.1.1.0/30, null0 , :
ifconfig null0 123.1.1.0/30
. ,
123.1.1.0 alias_address,
123.1.1.3)
nat
redirect_xxx (. )
.
(ipfw, ipstat, qm) NAT
,
. , , ipfw
.
ipstat.
(ACL) ,
.
local_acl
.
local_acl local_acl,
local_acl .
,
, .
acl add $NAT net 192.168.1.0/24
nat local_acl $NAT 123.1.1.1
192.168.1.0/24 ( ),
local_acl 123.1.1.1
.
,
.
, ,
DHCP.
IP dhcp
DHCP .
:
nat local_acl $NAT dhcp eth0
-exclude $DSTACL
/ .
enable, disable, delete ,
.
maxlinks NUM
,
1000.
Copyright 2004-2011 by InfiNet Wireless
174
InfiNet Wireless
WANFleX
, .
, ,
.
.
,
, .
,
.
, , NAT.
enable
NAT
.
, :
ifconfig null0 123.1.1.1/32 up
rip start #
#
acl add $NAT net 192.168.1.0/24
nat local_acl $NAT 123.1.1.1
nat enable
. .
disable
,
NAT.
nat disable
same_ports yes|no
NAT
. ,
.
.
nat same_ports no
verbose yes|no
.
nat verbose
proxy_only yes|no
, NAT
proxy_rule (. ).
.
stat
.
Copyright 2004-2011 by InfiNet Wireless
175
InfiNet Wireless
WANFleX
nat stat
NAT ,
.
, .
.
NAT .
(redirect_xxx proxy_rule).
,
. config show
.
nat del XX, XX
.
redirect_port
:
redirect_port proto local_addr:local_port_range
[public_addr:]public_port_range
[remote_addr[:remote_port_range]]
(-)
(-).
proto tcp, udp, ras cs.
ras cs
H.323.
Local_addr:local_port_range IP-
.
[Public_addr:]public_port_range IP- .
public_port_range local_port_range
.
.
remote_addr remote_port_range
(
, ).
remote_port_range , .
remote_port_range ,
public_port_range.
nat redirect_port tcp 192.168.1.5:23 7777
tcp 7777
192.168.1.5 23
(telnet).
nat redirect_port tcp 192.168.1.4:2300-2399 123.1.1.2:3300-3399
tcp 3300-3399
123.1.1.2
192.168.1.4
Copyright 2004-2011 by InfiNet Wireless
176
InfiNet Wireless
WANFleX
1:1, 3300->2300, 3301->2301
..
, , IRC A, -
B. , ,
6667 (irc) 80 (),
:
nat redirect_port tcp 192.168.0.2:6667 6667
nat redirect_port tcp 192.168.0.3:80 80
:
redirect_port proto local_addr_1:local_port_range[,
local_addr_2:local_port_range, ]
[public_addr:]public_port_range
[remote_addr[:remote_port_range]]
,
(LSNAT) ,
:
redirect_port tcp 192.168.1.2:80, 192.168.1.3:80, 192.168.1.4:80 123.1.1.2:80
WEB
.
redirect_address
public_addr
public_addr local_addr.
local_addr
,
123.1.1.2
[,Local_addr,
...]
local_addr,
.
nat redirect_address 192.168.1.2 192.1.1.1
nat redirect_address 192.168.1.3 192.1.1.2
192.1.1.1
192.168.1.2,
192.1.1.2 192.168.1.3
, IP,
. NAT
IP-. NAT
, IP , ,
IP-,
. NAT. , IP-
128.1.1.1, 128.1.1.2 128.1.1.3 . 128.1.1.1
IP- ,
128.1.1.2 128.1.1.3
A B.
nat redirect_address 192.168.1.2 128.1.1.2
nat redirect_address 192.168.1.3 128.1.1.3
IP- NAT
, .
Copyright 2004-2011 by InfiNet Wireless
177
InfiNet Wireless
WANFleX
default_h323 [yes|no]
H.323
. UDP-, 1719,
TCP-, 1720.
.
: ,
NAT UDP-, 1719,
TCP-, 1720,
NAT H.323
.
h323_destination ras|cs remote_addr[:remote_port]
[local_addr[:local_port]]
H.323
, H.323.
ras|cs - H.323,
remote_addr - ,
remote_port - ,
. , 1719
ras 1720 cs
local_addr - ,
. ,
,
local_port - ,
. ,
,
proxy_rule
:
proxy_rule [ ] ...
. TCP ,
,
.
.
, .
, .
:
type encode_ip_hdr | encode_tcp_stream | no_encode
,
:
encode_ip_hdr,
IP (IP option)
Copyright 2004-2011 by InfiNet Wireless
178
InfiNet Wireless
WANFleX
encode_tcp_stream,
"DEST
IP port''.
port portnum
, .
server host[:portnum]
.
. ,
.
proto tcp | udp
,
.
src IP[/bits]
dst IP[/bits]
. ()
.
:
nat proxy_rule proto tcp port 80 server 123.1.1.1:3128
TCP , 80
, - .
nat del rule_number
rule_number.
NAT H.323
H.323.
- RAS (registration, admission, status),
, CS (call signalling),
. H.225.0.
( ""
):
1. , ,
- .
h323_destination
cs. 1720,
default_h323.
: 10.0.0.99, -
123.45.67.89. ,
. - :
nat h323_destination cs 123.45.67.89 10.0.0.99
2: 10.0.0.99,
- .
, .
- default_h323:
nat default_h323
2. ,
, - .
Copyright 2004-2011 by InfiNet Wireless
179
InfiNet Wireless
WANFleX
redirect_port
cs, alias
( alias ),
(
).
: 10.0.0.98
10.0.0.99, - 123.45.67.89. Alias_address NAT
123.45.67.65. ,
, .
- :
nat redirect_port cs 10.0.0.98:1720 1720 123.45.67.89
nat redirect_port cs 10.0.0.99:1720 1721 123.45.67.89
123.45.67.65:1720 123.45.67.65:1721 .
3.
.
h323_destination ras _.
1719,
default_h323.
: 10.0.0.99,
123.45.67.89. ,
. - :
nat h323_destination ras 123.45.67.89 10.0.0.99
2: ,
123.45.67.89
RAS 1024. ,
. :
nat h323_destination ras 123.45.67.89:1024
3: 10.0.0.99,
-
. ,
. default_h323:
nat default_h323
4.
. redirect_port ras
RAS ,
. ,
static ,
redirect_port s
S .
: 123.45.67.89,
10.0.0.99. ,
. Alias_address NAT 123.45.67.65. -
:
nat redirect_port ras 10.0.0.99:1719 1719 123.45.67.89
RAS
123.45.67.65:1719.
Copyright 2004-2011 by InfiNet Wireless
180
InfiNet Wireless
WANFleX
2: Static 123.45.67.89,
10.0.0.99. ,
. Alias_address NAT
123.45.67.65. - :
nat redirect_port s 10.0.0.99:1720 1720 123.45.67.89
S
123.45.67.65:1720.
16. Trapd (SNMP traps)
SNMP traps.
SNMP
(traps)
().
SNMP traps
SNMP .
:
trapd dst[addr] x.x.x.x[:PORT] [[GROUPNAME] ...] [[[-]TYPENAME] ...]
trapd dst[addr] x.x.x.x[:PORT]
trapd map
trapd agent x.x.x.x
trapd -agent
trapd gateway {xxxxxxxxxxxx|auto}
trapd -gateway
trapd type TYPENAME enable|disable
trapd start|stop
where PORT default value is 162 if omitted
possible GROUPNAMEs are:
topoGroup
mintGroup
cmxGroup
ospfGroup
and possible TYPENAMEs are:
topoEvent
newNeighborEvent
lostNeighborEvent
mintRetries
mintBitrate
mintSignalLevel
cesDsx1LineStatus
cesJitterStatus
ospfNBRState
ospfVirtNBRState
Copyright 2004-2011 by InfiNet Wireless
181
InfiNet Wireless
WANFleX
ospfIFState
ospfVirtIFState
ospfConfigError
linkEvent
trapdColdStartEvent
snmpdAuthenticationFailureEvent
syslog
:
| SNMP :
trapd start|stop
SNMP :
trapd dst[addr] x.x.x.x[:PORT] [[GROUPNAME] ...] [[[-]TYPENAME] ...]
, x.x.x.x IP- SNMP .
:PORT UDP ( UDP
162). GROUPNAME
, SNMP
. [-]TYPENAME
, (
, -) SNMP .
IP- SNMP .
:
trapd dst 192.168.1.1
trapd dst 192.168.1.100
SNMP IP-
SNMP ,
(SNMP traps).
IP- SNMP
-, :
:
trapd -dst 192.168.1.1
SNMP
:
trapd map
IP- , SNMP-trap,
:
trapd agent x.x.x.x
127.0.0.1.
IP- -,
.
trapd gateway xxxxxxxxxxxx|auto
Copyright 2004-2011 by InfiNet Wireless
182
InfiNet Wireless
WANFleX
,
Mac (xxxxxxxxxxxx Mac ). Mac auto, SNMP
MINT SNMP relay ( mint snmprelay), MINT.
Mac -,
.
trapd type TYPENAME enable|disable
/
. TYPENAME.
.
:
trapd dst 192.168.1.1
trapd type newNeighborEvent enable
trapd start
:
ColdStartEvent ,
AuthenticationFailureEvent
SNMP
Syslog ,
TopoGroup
topoEvent ,
,
lostNeighborEvent ,
-
newNeighborEvent ,
-
MintGroup
mintBitrate - ,
mintRetries - ,
10%
mintSignalLevel - ,
10%
cmxGroup
cesDsx1LineStatus - ,
TDM CES-
cesJitterStatus - ,
TDM CES
ospfGroup
ospfNBRState - ,
OSPF ( ).
Copyright 2004-2011 by InfiNet Wireless
183
InfiNet Wireless
WANFleX
ospfVirtNBRState - ,
OSPF .
ospfIFState - ,
OSPF ( ).
ospfVirtIFState - ,
OSPF .
ospfConfigError - , ,
.
linkEvent ,
Ethernet . / :
linkUp linkDown.
17.DHCP Server
DHCP
TELNET WANFlex.
DHCP WANFlex dhcpd.
( ):
:
add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
add dscope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>
clear
delete option <OPTION_NAME>
delete scope <SCOPE_NAME>
delete virtual interface <VIFNAME>
interface <INTERFACE> delete option <OPTION_NAME>
interface <INTERFACE> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE> reservation
<CLIENT_ID> delete option <OPTION_NAME>
interface <INTERFACE> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE|*> show boundhistory
interface <INTERFACE|*> show client <CLIENT_ID|*>
lock interface <INTERFACE>
option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> add exclude <START_IP> <END_IP>
scope <SCOPE_NAME> add reservation <CLIENT_ID> <CLIENT_IP>
scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> delete exclude <START_IP>
scope <SCOPE_NAME> delete option <OPTION_NAME>
scope <SCOPE_NAME> delete reservation <CLIENT_ID>
scope <SCOPE_NAME> interface <INTERFACE|*>
scope <SCOPE_NAME> option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> reservation
<CLIENT_ID> delete option <OPTION_NAME>
scope <SCOPE_NAME> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
Copyright 2004-2011 by InfiNet Wireless
184
InfiNet Wireless
WANFleX
scope <SCOPE_NAME> set range <START_IP> <END_IP>
scope <SCOPE_NAME|*> show declinehistory
show config
show interface <INTERFACE|*>
show options
show scope <NAME|*>
show unleases <SUBSTR|*>
show version
start
stop
unlock interface <INTERFACE>
virtual interface <VIFNAME> add subnet <IP_ADDRESS> <SUBNET_MASK>
virtual interface <VIFNAME> change <GATEWAY> <GWIFNAME|*>
virtual interface <VIFNAME> delete subnet <IP_ADDRESS> <SUBNET_MASK>
,
DHCP .
, dhcpd show scope * dhcpd
s s *, dhcpd show config dhcpd sh c.
DHCP , ,
, WANFlex superuser. DHCP
.
<>. - ,
.
:
#2>dhcpd scope MSOFT add classid "MSFT 5.0"
#2>dhcpd add scope "Micro Soft" eth0 9.1.1.201 9.1.1.250
! DHCP :
dhcpd start
DHCP (CLIENT)
DHCP
( )
TCP/IP. DHCP
UDP/IP. ,
(ip , , .)
DHCP. IP .
, DHCP
IP
.
. ,
,
, .
,
(MAC) . .. DHCP
(
). ( <CLIENT_ID> )
ID:<>|01:<
>.
Copyright 2004-2011 by InfiNet Wireless
185
InfiNet Wireless
WANFleX
:
ID:01:00:04:35:22:88:1D.
,
( ). ,
- ,
. , ,
. , DHCP ,
Windows XP,
MSFT 5.0, IP Infinet Wireless IW_IP_PHONE.
() .
(SCOPE)
(scope) - IP-
IP .
,
.
:
:
dhcpd add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
SCOPE_NAME .
.
,
( _ )
INTERFACE ,
( ).
*, ,
.
,
IP (alias),
IP .
,
,
. :
,
.
START_IP END_IP IP
. ,
( )
. IP ,
,
,
. .. .
,
, .
:
dhcpd add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
Copyright 2004-2011 by InfiNet Wireless
186
InfiNet Wireless
WANFleX
:
#2> dhcpd add scope MSOFT eth0 192.168.177.20 192.168.177.22
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope attached
OK
MSOFT
eth0.
eth0 192.168.177.12
#2> dhcpd add scope new * 10.12.12.30 10.12.12.50
WRN: Scope created, but not attached.
new
. ,
, ..
,
.
:
:
dhcpd scope <SCOPE_NAME> set range <START_IP> <END_IP>
SCOPE_NAME ,
START_IP END_IP IP
.
:
:
scope <SCOPE_NAME> interface <INTERFACE|*>
SCOPE_NAME ,
INTERFACE
.
, .
,
.
:
#2> dhcpd scope OTHER interface -eth0
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope detached
OK
OTHER.
:
#2> dhcpd scope OTHER interface eth0 ( *)
[eth0] <192.168.177.12> (OTHER):
Copyright 2004-2011 by InfiNet Wireless
187
InfiNet Wireless
WANFleX
192.168.177.10-192.168.177.19 Scope attached
OK
(exclude).
, ,
. :
:
dhcpd scope <SCOPE_NAME> add exclude <START_IP> <END_IP>
SCOPE_NAME
START_IP END_IP
. ,
( )
, .
.
:
:
dhcpd scope <SCOPE_NAME> delete exclude <START_IP>
, ,
,
.
! dhcpd scope <SCOPE_NAME> set
range <START_IP> <END_IP>,
,
, !
(CLASSID)
.
, IP
, ,
.
,
.
,
(client vendor class id),
IP .
:
:
scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>
SCOPE_NAME
CLIENT_CLASS_ID
CLIENT_CLASS_ID (
255). ,
.
,
IP . ,
, ,
, IP
Copyright 2004-2011 by InfiNet Wireless
188
InfiNet Wireless
WANFleX
,
.
:
:
scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>
(INTERFACE)
VLAN ,
WANFlex.
,
DHCP . ,
,
broadcast (BMA), (VLAN).
,
WANFlex.
:
:
show interface <INTERFACE|*>
INTERFACE ,
. *,
.
, :
:
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
,
eth0 vlan0. eth0 (UP) IP .
PHONES,
: OTHER MSOFT. vlan0
, ..
(DOWN).
DHCP
.
:
lock interface <INTERFACE>
<INTERFACE> - .
,
.
Copyright 2004-2011 by InfiNet Wireless
189
InfiNet Wireless
WANFleX
:
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
DHCP : eth0 vlan0.
vlan0 WANFlex ifconfig vlan0 down. Eth0
: phones, other msoft.
phones 9.1.1.100/255.255.255.0,
192.168.177.12/255.255.255.0.
,
eth0 DHCP :
:
#2> dhcpd lock interface eth0
[eth0] <9.1.1.100> (PHONES):
9.1.1.151-9.1.1.200 Scope detached
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope detached
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope detached
OK
DHCP
#2> dhcpd show interface *
>INTERFACES
[eth0] UP LOCKED
<SUBNET> 9.1.1.100/255.255.255.0
<SUBNET> 192.168.177.12/255.255.255.0
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
, eth0 .
.
:
:
dhcpd unlock interface <INTERFACE>
:
#2> dhcpd unlock interface eth0
[eth0] <192.168.177.12> (MSOFT):
192.168.177.20-192.168.177.22 Scope attached
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Scope attached
[eth0] <9.1.1.100> (PHONES):
9.1.1.151-9.1.1.200 Scope attached
OK
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
Copyright 2004-2011 by InfiNet Wireless
190
InfiNet Wireless
WANFleX
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
OK
(scope reservation)
IP
.
:
:
dhcpd scope <SCOPE_NAME> add
reservation <CLIENT_ID> <CLIENT_IP>
SCOPE_NAME .
CLIENT_ID ,
CLIENT_IP IP , .
.
:
#2>dhcpd scope PHONES add reservation
ID:01:00:04:35:00:22:23 9.1.1.170
OK
.., , PHONES
DHCP ID:01:00:04:35:00:22:23,
IP 9.1.1.170. IP
, . ..
(, dhcpd scope
PHONES add exclude 9.1.1.165 9.1.1.175)
, .
,
- ,
, .
#1> dhcpd scope other add reservation
ID:01:00:04:35:00:22:23 192.168.177.10
[eth0] <192.168.177.12> (OTHER):
192.168.177.10-192.168.177.19 Reservation for "ID:01:00:04:35:00:22:23"
already exists in scope PHONES with IP=9.1.1.170
ERR: Reservation's IP is out of scope's range
, IP
, .
:
#2> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
Copyright 2004-2011 by InfiNet Wireless
191
InfiNet Wireless
WANFleX
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
<BOUND> since 01/01/2003 05:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)
10.12.12.30
- 10.12.12.50
' 192.168.177.20
[*]
(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT> ID:01:00:05:90:02:1F:C8 ""
'
' 192.168.177.10
<BOUND> since 01/01/2003 05:34:24
<FREE RANGE> 192.168.177.11 - 192.168.177.11 =1
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 05:00:34
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 05:49:35
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
, ID:01:00:05:90:02:1F:C8 DHCP
(), , IP
OTHER, 192.168.177.12/255.255.255.0
eth0, .. .
,
ID:01:00:05:90:02:1F:C8 IP
PHONES. PHONES
IP , , 9.1.1.200:
#2> dhcpd scope PHONES add reservation
ID:01:00:05:90:02:1F:C8 9.1.1.200
OK
#2> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 05:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)
10.12.12.30
- 10.12.12.50
[*]
(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<FREE RANGE> 192.168.177.10 - 192.168.177.11 =2
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
Copyright 2004-2011 by InfiNet Wireless
[*] ATTACHED [eth0]
192
InfiNet Wireless
WANFleX
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 05:00:34
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 05:49:35
<FREE RANGE> 9.1.1.171
- 9.1.1.199
=29
<RESERV> ID:01:00:05:90:02:1F:C8 ""
'
' 9.1.1.200
<BOUND> since 01/01/2003 06:22:30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
,
IP
PHONES.
, .
,
:
:
dhcpd scope <SCOPE_NAME> delete reservation <CLIENT_ID>
IP
, , ,
, (
). .
:
#1> dhcpd scope phones delete
reservation ID:01:00:05:90:02:1F:C8
OK
#1> dhcpd show scope *
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 01:01:08
<FREE RANGE> 192.168.177.21 - 192.168.177.22 =2
(NEW)
10.12.12.30
- 10.12.12.50
[*]
(OTHER)
192.168.177.10 - 192.168.177.19 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT> ID:01:00:05:90:02:1F:C8 ""
'
' 192.168.177.10
<BOUND> since 01/01/2003 01:16:36
<FREE RANGE> 192.168.177.11 - 192.168.177.11 =1
<FREE RANGE> 192.168.177.13 - 192.168.177.19 =7
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 01:01:47
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew ' 9.1.1.170
<BOUND> since 01/01/2003 01:01:37
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
Copyright 2004-2011 by InfiNet Wireless
193
InfiNet Wireless
WANFleX
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
, ,
ID:01:00:05:90:02:1F:C8 IP 9.1.1.200 PHONES, ..
PHONES.
OTHER.
#1> dhcpd scope phones delete
reservation ID:01:00:04:35:00:22:23
OK
#1> dhcpd show scope phones
>SCOPES:
(PHONES)
9.1.1.151
- 9.1.1.200
[*] ATTACHED [eth0]
<9.1.1.100>/255.255.255.0
<CLIENT CLASS IDs>: "IW_IP_PHONE"
<CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Stas ' 9.1.1.151
<BOUND> since 01/01/2003 01:01:47
<FREE RANGE> 9.1.1.152
- 9.1.1.169
=18
<CLIENT> ID:01:00:04:35:00:22:23 "IW_IP_PHONE" 'Andrew '
9.1.1.170
<BOUND> since 01/01/2003 01:01:37
<FREE RANGE> 9.1.1.171
- 9.1.1.200
=30
<OPTION>
Router 9.1.1.3
<OPTION>
H323_GK_ADDRESS 195.38.45.84
OK
ID:01:00:04:35:00:22:23
9.1.1.170 , ..
.
! dhcpd scope <SCOPE_NAME> set
range <START_IP> <END_IP>,
,
, !
(options)
(options) ,
.
, , Address Time ( ), Router
( ), NTP Servers ..
.
,
.
()
DHCP . () :
1. .
.
2. . ,
.
3. .
,
.
4. . ,
, ,
,
.
5. . ,
,
Copyright 2004-2011 by InfiNet Wireless
194
InfiNet Wireless
WANFleX
. ,
.
-
, .
:
Address Time ( ).
,
120 ( = 2 )
Subnet Mask ( ).
.
, , IP
.
DHCP
http://www.iana.org/assignments/bootp-dhcp-parameters
, DHCP
. ,
:
OPTION_NAME - (. ).
, ,
( _ ).
.
OPTION_VALUE .
DHCP
():
1. . , , , Bootfile-Name.
,
.
2. . .
,
. : Address Time, Time Offset.
3. IP . , IP .
Router ( ).
IP ,
.
() :
1.
:
dhcpd scope <SCOPE_NAME> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
SCOPE_NAME
.
CLIENT_ID .
,
.
2.
Copyright 2004-2011 by InfiNet Wireless
195
InfiNet Wireless
WANFleX
:
dhcpd interface <INTERFACE> reservation
<CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
INTERFACE
CLIENT_ID.
,
.
,
,
.
:
IP . ..
IP
.
. ..,
Class Id,
, .
, DHCP
. , , ,
.
.
3.
:
dhcpd scope <SCOPE_NAME>
option <OPTION_NAME> <OPTION_VALUE>
4.
:
dhcpd interface <INTERFACE>
option <OPTION_NAME> <OPTION_VALUE>
5.
:
dhcpd option <OPTION_NAME> <OPTION_VALUE>
,
:
:
dhcpd scope <SCOPE_NAME>
reservation <CLIENT_ID> delete option <OPTION_NAME>
dhcpd scope <SCOPE_NAME> delete option <OPTION_NAME>
dhcpd interface <INTERFACE>
reservation <CLIENT_ID> delete option <OPTION_NAME>
dhcpd interface <INTERFACE> delete option <OPTION_NAME>
dhcpd delete option <OPTION_NAME>
Copyright 2004-2011 by InfiNet Wireless
196
InfiNet Wireless
WANFleX
. ,
,
.
. Subnet
Mask, ,
.
,
. ,
Class Id:
:
#1> dhcpd scope phones option class_id "TestClass"
ERR: This option cannot contain in the given division.
, ,
, ,
. DHCP :
Subnet Mask
Address Request
Overload
DHCP Msg Type
DHCP Server Id
Parameter List
DHCP Message
DHCP Max Msg Size
Client Id
()
ERR: This option cannot contain in
the given division.
DHCP
MS Classless Static Route
Classless
Static
Route
:
IP/MASK>GATEWAY[,IP/MASK>GATEWAY,...]
:
dhcpd
scope
TEST
option
Classless_Static_Route
192.168.12.0/24>192.169.1.1,192.168.15.0/24>192.169.1.2
192.168.12.0/24
gateway
192.168.15.0/24 gateway 192.169.1.2
192.169.1.1
,
:
:
dhcpd interface <INTERFACE|*> show client <CLIENT_ID|*>
INTERFACE ,
CLIENT_ID ,
. *,
.
*,
.
Copyright 2004-2011 by InfiNet Wireless
197
InfiNet Wireless
WANFleX
,
IP
, .
:
#2> dhcpd interface * show client *
>INTERFACES CLIENTS
--------- [eth0] --------(IPHONES) <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Unknown node'
192.168.0.101
<BOUND>
since 25/04/2005 11:32:57
SUPPLIED OPTIONS:
#1
. . . . . DF Subnet Mask
255.255.255.0
#2
. . . . . . Time Offset
<not supplied>
#3
. . S . . . Router
192.168.0.1
#7
. . . . . . Log Server
<not supplied>
#42
. . S . . . NTP Servers
192.168.0.1
#230
. . S . . . H323 GK ADDRESS
192.168.0.1
#231
. IR . . . . H323 LOGIN ALIAS
IWPhone/V. Pupkin/101
#232
. . . . . . H323 GK ID
<not supplied>
(supplied options)
(), (#<N>)
,
( ),
, .
, <not
supplied>.
:
1. SR
2. IR
3. S .
4. I
5. SV .
, ,
,
(, Subnet Mask) DF.
(Address Time)
IP ,
Address Time. , ,
Address Time,
.
, .
, Address Time
, .
,
120 .
, - ,
, ,
.
,
.
Address Time.
,
(). ..
,
, ,
.
,
. ,
Copyright 2004-2011 by InfiNet Wireless
198
InfiNet Wireless
WANFleX
, IP .
(dhcpd show scope *)
<OBIND>. .., ,
<OBIND> .
,
, IP ,
.
#1> dhcpd show scope MSOFT
>SCOPES:
(MSOFT)
192.168.177.20 - 192.168.177.22 [eth0] ATTACHED [eth0]
<192.168.177.12>/255.255.255.0
<CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
<CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
'wad
' 192.168.177.20
<BOUND> since 01/01/2003 01:01:14
<O_BIND> ID:01:00:0F:EA:05:29:C6 "MSFT 5.0"
'win2k3sbs'
192.168.177.21 <OBIND>
<FREE RANGE> 192.168.177.22 - 192.168.177.22 =1
OK
(boundhistory).
#1> dhcpd interface eth0 show boundhistory
[eth0]
>BOUND_HISTORY 1
(MSOFT) ID:01:00:0F:EA:05:29:C6 BOUND=192.168.177.21
02/01/2003 13:25:37
until
OK
24
.
24 ,
.
, , ,
.
boundhistory .
(,
).
IP
IP .
, IP
, ,
IP .
, , IP
(, )
. ARP
.
, IP .
, .
,
.
Copyright 2004-2011 by InfiNet Wireless
199
InfiNet Wireless
WANFleX
IP , IP
.
,
boundhistory . IP
, .
(unleases)
, DHCP IP ,
unleases.
15 ,
. :
1.
,
( ).
2.
3.
4.
(host name)
:
:
dhcpd show unleases <SUBSTR|*>
SUBSTR unleases.
,
unleases, .
. *,
.
:
#1> dhcpd show unleases *
>UNLEASES 1
eth0 ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"
OK
wad
(virtual interface)
, DHCP IP .
. ..
IP ,
(broadcast). ,
, ,
DHCP DHCP
( ). , DHCP
, DHCP
. , ,
DHCP
DHCP Relay Agent (DRA). DRA DHCP
( ) DHCP DHCP
. DHCP DRA DHCP
(unicast). , DRA DHCP
IP
. DHCP
. DHCP
, DRA. ..
DHCP ,
.
Copyright 2004-2011 by InfiNet Wireless
200
InfiNet Wireless
WANFleX
:
:
add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>
VIFNAME DHCP
GATEWAY IP- DRA,
.
GWIFNAME DRA, DHCP
. GWIFNAME *,
DRA .
.
:
#1> dhcpd add virtual interface vvv1 192.168.177.81 *
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
<SUBNET> 192.168.15.55/255.255.255.0
<RESERVATION> for ID:01:00:05:90:02:1F:C8
<OPTION>
Class_Id
"Swissvoice"
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
,
vvv1. ,
. ,
- ,
. :
:
dhcpd virtual interface <VIFNAME> add subnet <IP_ADDRESS>
<SUBNET_MASK >
VIFNAME DHCP
IP_ADDRESS IP , DRA
SUBNET_MASK .
:
#1> dhcpd virtual interface vvv1
add subnet 192.168.188.1 255.255.255.0
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
<SUBNET> 9.1.1.100/255.255.255.0
<SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
<SUBNET> 192.168.177.12/255.255.255.0
<SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
<SUBNET> 192.168.15.55/255.255.255.0
Copyright 2004-2011 by InfiNet Wireless
201
InfiNet Wireless
WANFleX
<RESERVATION> for ID:01:00:05:90:02:1F:C8
<OPTION>
Class_Id
"Swissvoice"
[vlan0] DOWN
<SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
<SUBNET> 192.168.188.1/255.255.255.0
DHCP
IP , DRA.
:
#1> dhcpd add scope VIRTUAL_TEST
vvv1 192.168.188.20 192.168.188.50
#1> dhcpd show interface vvv1
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
<SUBNET> 192.168.188.1/255.255.255.0
<SCOPE> (VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50 [vvv1] ATTACHED [vvv1]
<192.168.188.1>/255.255.255.0 <FREE RANGE> 192.168.188.20 192.168.188.50 =31
:
:
dhcpd virtual interface <VIFNAME> delete subnet <IP_ADDRESS>
<SUBNET_MASK>
:
#1> dhcpd virtual interface vvv1 delete subnet 192.168.188.1
255.255.255.0
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST)
192.168.188.20 - 192.168.188.50 [vvv1]
, , ,
, ..
vvv1, ,
vvv1.
DHCP .
,
dhcpd stop. ,
dhcpd clear
18. DHCP relay. dhcpr
DHCP-
, .
Copyright 2004-2011 by InfiNet Wireless
202
InfiNet Wireless
WANFleX
. ,
- DHCP- ,
. -
""
DHCP- (Relay
Agent)
DHCP. .
:
dhcpr [add]|delete SERVERIP
dhcpr (flush|trace|notrace)
dhcpr (lock|unlock) INTERFACE
dhcpr (info|noinfo)
dhcpr (start|stop)
/
:
dhcpr {start | stop}
DHCP .
:
dhcpr start
DHCP
:
dhcpr [add]|delete SERVERIP
DHCP
.
:
dhcpr add 125.12.100.12
dhcpr 125.12.100.13
dhcpr delete 125.12.100.12
DHCP
ethernet.
- ,
.
Copyright 2004-2011 by InfiNet Wireless
203
InfiNet Wireless
WANFleX
:
dhcpr (lock|unlock) INTERFACE
INTERFACE ( )
, .
:
dhcr lock eth0
DHCP DHCP Relay agent information
,
DHCP ,
. DHCP
. , DHCP
. /
:
:
dhcpr (info|noinfo)
:
dhcpr info
19.DHCP . dhcp
DHCP DHCP
. IP , ,
.
DHCP :
:
dhcpc [options] [IFNAME] [commands]
IFNAME .
DHCP ,
. : none
default. none
. default
. ,
, . ,
default DHCP .
o
-l (none|default|$ACLNAME|acl:ACLNAME)
IP DHCP ,
Copyright 2004-2011 by InfiNet Wireless
204
InfiNet Wireless
WANFleX
. ACLNAME (.
acl). (
acl), DHCP
DHCP .
o
-k
(none|default|key:KEYVALUE)
. DHCP c RFC 3118
- Authentication for DHCP Messages.
o
-a (none|default|NUMBER)
arp , DHCP
IP DHCP . DHCP,
IP
. DHCP
arp . arp
, ,
DHCP 16 .
o
-t (on|off)
- -
.
. DHCP
.
start - DHCP
stop - DHCP
o
delete - DHCP
.
o
dump - DHCP .
dhcpc a 5
dhcpc l $DHCP_SERVERS eth0 start
dhcpc a none k key:qwerty rf5.0 start
ARP
5. eth0
DHCP_SERVERS. DHCP
eth0. rf5.0 ARP
. .. rf5.0 DHCP 16 arp
. DHCP rf5.0
qwerty.
dhcpc dump
DHCP
ID I-face IP address/mask Gateway address
Server ID
Lease exp.
== ======== ================== ===============
0 eth0 192.168.61.29/26
192.168.61.1
192.168.61.1 000:35:16
1 rf5.0 ------------------ -------------- , DHCP eth0
rf5.0.
Copyright 2004-2011 by InfiNet Wireless
205
InfiNet Wireless
WANFleX
eth0 DHCP IP 192.168.61.26
26 DHCP 192.168.61.1.
35 16 .
DHCP rf5.0
.
20. VRRP . vrrp
.
,
, .
.
,
:
,
- .
VRRP
.
. VRRP
,
.
, ,
(VR). VR
IP VR. , -
( ),
IP (.. ARP
, ,
IP ).
VR 1255
(VRID).
, VRRP :
1) VRRP VR,
VRID IP-;
2) VRRP ( MASTER)
( BACKUP);
,
( ).
BACKUP MASTER.
3) (
MASTER)
:
( ) Primary IP- .
Copyright 2004-2011 by InfiNet Wireless
206
InfiNet Wireless
WANFleX
:
vrrp start|stop|dump
vrrp dump IFNAME:VRID
vrrp IFNAME:VRID [start|stop|clean|flush]
vrrp IFNAME:VRID [add]|delete IPADDRESS[/(MASK|MASKLEN)]
vrrp IFNAME:VRID [-priority=[PRIO|own]] [-interval=AINT]
[-(password|key)=[PASSWORD]]
[-preempt=(on|off)] [-owner=[on|off]] [-learn=(on|off)]
[-track=(off|default|IPADDRESS/MASKLEN)]
/
:
vrrp {start | stop}
VRRP .
:
vrrp start
:
vrrp IFNAME:VRID add IPADDRESS[/{MASK|MASKLEN}]
IFNAME
VRID. VRID
1....255. , IP ()
IP VR. IP VR
(Primary IP-address) , .
VRRP
, IP
.
:
vrrp eth0:10 add 9.8.7.6/24
/
:
Vrrp IFNAME:VRID {start|stop}
/
.
Copyright 2004-2011 by InfiNet Wireless
207
InfiNet Wireless
WANFleX
:
vrrp eth0:10 start
:
vrrp IFNAME:VRID -priority=[PRIO|own]
VR.
2255.
.
.
255 . ,
VR.
(owner)
IP VR.
:
vrrp eth0:10 priority=200
owner
:
vrrp IFNAME:VRID -owner=on|off
owner IP VR
. ..
, IP VR
IP , VR.
. ..
,
(, ).
owner .
:
vrrp eth0:10 owner=off
:
vrrp IFNAME:VRID preempt=on|off
, , ,
() VR.
.
:
Copyright 2004-2011 by InfiNet Wireless
208
InfiNet Wireless
WANFleX
vrrp eth0:10 preempt=off
:
vrrp IFNAME:VRID -track=(off|default|IPADDRESS/MASKLEN)
VRRP
IP (IPADDRESS/MASKLEN),
(default).
, BACKUP.
off.
:
vrrp eth0:10 track=default
:
vrrp IFNAME:VRID -interval=AINT
. .
,
(MASTER),
VR. (BACKUP)
.
.
,
VR
.
:
vrrp eth0:10 interval=2
:
vrrp IFNAME:VRID learn=on|off
IP
VR , (
BACKUP). VRRP
. IP VR
IP ( 255).
VR IP
.
:
Copyright 2004-2011 by InfiNet Wireless
209
InfiNet Wireless
WANFleX
vrrp eth0:10 learn=on
VR
:
vrrp IFNAME:VRID clean
VR.
:
vrrp eth0:10 clean
IP VR
:
vrrp IFNAME:VRID delete IPADDRESS
IP VR.
IP VR
:
vrrp IFNAME:VRID flush
IP VR.
:
vrrp eth0:10 flush
VRRP
RFC 2338 VRRP
:
1.
2. IP Authentication Header
:
vrrp IFNAME:VRID password=PASSWORD
vrrp IFNAME:VRID key=PASSWORD
, VRRP
VR.
RFC 3768:
10. Security Considerations
VRRP does not currently include any type of authentication. Earlier
Copyright 2004-2011 by InfiNet Wireless
210
InfiNet Wireless
WANFleX
versions of the VRRP specification included several types of
authentication ranging from none to strong. Operational experience
and further analysis determined that these did not provide any real
measure of security. Due to the nature of the VRRP protocol, even if
VRRP messages are cryptographically protected, it does not prevent
hostile routers from behaving as if they are a VRRP master, creating
multiple masters. Authentication of VRRP messages could have
prevented a hostile router from causing all properly functioning
routers from going into backup state. However, having multiple
masters can cause as much disruption as no routers, which
authentication cannot prevent. Also, even if a hostile router could
not disrupt VRRP, it can disrupt ARP and create the same effect as
having all routers go into backup.
VRRP
:
vrrp dump
VRRP.
:
vrrp dump
VRRP interface:ID Prio AInterval
reason
Master IP
STATE
Time
Stop
================== ==== ========= ===============
======= =============== ===========
eth0:010 200o
001
192.168.15.50 BACKUP
0/0:0:3:000
VRRP ,
:
VRRP interface:ID VR IFNAME:VRID
Prio ,
VR. owner,
o.
AInterval .
Master IP primary IP ,
(MASTER).
STATE :
o
MASTER
BACKUP
STOP
,
l (),
, lBACKUP
Copyright 2004-2011 by InfiNet Wireless
211
InfiNet Wireless
WANFleX
Time ,
STATE.
/:::000
Stop reason ,
VR. VR
STOP.
.
:
o Configuration conflict
VR. ,
VR
IP .
o
IP Address list is empty IP .
o Interface has no primary IP address
primary IP .
o Interface is down , VR
(down)
Copyright 2004-2011 by InfiNet Wireless
212
InfiNet Wireless
WANFleX
V.
1. Ctl ( )
:
ctl
ctl heater
ctl switch
ctl temperature
ctl signaling
ctl trap
:
.
()
.
: .
5V, 200mA.
30V, 1A.
ctl,
.
ctl heater
, .
: -15 0 . OT:
tl heater -10
-10.
, .
ctl switch
/
.
ctl switch on | off
on - .
off - .
ctl switch auto signalling | temperature
temperature -
.
signalling
.
ctl temperature
.
ctl temperature high low cooler | heater
Copyright 2004-2011 by InfiNet Wireless
213
InfiNet Wireless
WANFleX
high ,
.
low ,
.
cooler ,
, :
o high,
o
low,
heater ,
, :
o
low,
o high,
.
ctl signalling .
ctl signalling [enable | disable | maniac] [opened | closed] [log | nolog] [bt
] [fp | nofp] [traps ]
enable - .
disable - .
maniac - . ,
, ,
disable.
opened - .
closed - .
log, nolog -
.
bt - ( )
.
fp, nofp - ,
.
fp ,
,
, ,
. fp maniac.
nofp,
, .
traps - ,
SNMP, , traps 0,
.
1
.
SNMP oid
1.3.6.1.4.1.3942.0.100
oid
1.3.6.1.4.1.3942.0.101
, SNMP
Copyright 2004-2011 by InfiNet Wireless
214
InfiNet Wireless
WANFleX
trapd "trapd
(. trapd).
Copyright 2004-2011 by InfiNet Wireless
on"
215
InfiNet Wireless
WANFleX
VI.
:
mem -
mb -
ps - Unify SoftSwitch
1. Gatekeeper
voip
gatekeeper WANFlex,
voip, ,
.
AquaGatekeeper, (
AquaGatekeeperMonitor.
:
gatekeeper [options] [commands]
:
start - Start gatekeeper service
stop - Stop gatekeeper service
create - Create empty configuration
:
--help -h -? - Help
--version -v - Show file version
--configuration=[filename] - Use configuration file location,
default is Gatekeeper.cfg
:
console> gatekeeper start
console> gatekeeper stop
start
.
stop
.
create
,
,
.
IP- eth0,
system .
configuration
configuration
, create start.
:
Copyright 2004-2011 by InfiNet Wireless
216
InfiNet Wireless
WANFleX
console> gatekeeper --configuration='test.cfg' create
console> gatekeeper start
Gatekeeper.cfg
Copyright 2004-2011 by InfiNet Wireless
217
Вам также может понравиться
- Руководство по настройке OLT BDCOM P3310Документ39 страницРуководство по настройке OLT BDCOM P3310andriy nbookОценок пока нет
- EzDent-i - инструкция пользователяДокумент50 страницEzDent-i - инструкция пользователяIgor RotarciucОценок пока нет
- 3663-Voprosyi Bez Otvetov Dlya Agentstva 20200629 PDFДокумент1 170 страниц3663-Voprosyi Bez Otvetov Dlya Agentstva 20200629 PDFmarconiОценок пока нет
- Navigat Xmk2 RussiaДокумент28 страницNavigat Xmk2 RussiaMeverОценок пока нет
- 94 0085 4 - CyScan Installers GuideДокумент82 страницы94 0085 4 - CyScan Installers GuideakhilОценок пока нет
- OSN8800 Product Manual RUSДокумент322 страницыOSN8800 Product Manual RUSvansan93100% (2)
- U SYS SoftX3000 System Description - V3Документ106 страницU SYS SoftX3000 System Description - V3fedorbezborodovОценок пока нет
- PrivodДокумент112 страницPrivoddanilovv100% (1)
- Carrier Supra 422 522 622 722 822 922 444 544 644 744 844 944Документ90 страницCarrier Supra 422 522 622 722 822 922 444 544 644 744 844 944СергейОценок пока нет
- Дефибриллятор Nihon KohdenДокумент137 страницДефибриллятор Nihon KohdenaudiolimitОценок пока нет
- Pianoteq Russian 5 PDFДокумент69 страницPianoteq Russian 5 PDFDon YurikОценок пока нет
- Руководство по настройке и конфигурации iPasolinkДокумент18 страницРуководство по настройке и конфигурации iPasolinkАнатолий Петьков67% (3)
- Руководство по пошаговой конфигурации OmniBAS - изд.1.1Документ55 страницРуководство по пошаговой конфигурации OmniBAS - изд.1.1Анатолий Петьков50% (2)
- InfiNet Wireless R5000 техническое руководствоДокумент100 страницInfiNet Wireless R5000 техническое руководствоАнатолий ПетьковОценок пока нет
- SMR-3600R ИНСТРУКЦИЯДокумент53 страницыSMR-3600R ИНСТРУКЦИЯVladymirОценок пока нет
- Olencom NR2000-N руководство - V2.0 - рус - 11 - 2016 PDFДокумент124 страницыOlencom NR2000-N руководство - V2.0 - рус - 11 - 2016 PDFAnonymous DKIu0o4vIU100% (1)
- InfiNet Wireless R5000 MINT - Handbook PDFДокумент30 страницInfiNet Wireless R5000 MINT - Handbook PDFАнатолий ПетьковОценок пока нет
- Users Manual Cis 3130 117250 PDFДокумент96 страницUsers Manual Cis 3130 117250 PDFAbhijithОценок пока нет
- !!!ПАРОЛИ и ПЕРЕПРОГРАММИРОВАНИЕ!!!Документ1 страница!!!ПАРОЛИ и ПЕРЕПРОГРАММИРОВАНИЕ!!!alexОценок пока нет
- CST Advices For AntennaДокумент21 страницаCST Advices For AntennaДиана ГаниеваОценок пока нет
- OMD 24 Manual RUS 02Документ24 страницыOMD 24 Manual RUS 02Vadim KiselevОценок пока нет
- Инструкция По Установке и Настройке (Ns3000,4000) 2009Документ3 страницыИнструкция По Установке и Настройке (Ns3000,4000) 2009СергейДранкоОценок пока нет
- Samyung SI-30R Install ManualДокумент77 страницSamyung SI-30R Install ManualSergeyОценок пока нет
- Spr-1400 Manual RusДокумент69 страницSpr-1400 Manual RusOger1Оценок пока нет
- Manual P3310 Rus 22022013 PDFДокумент33 страницыManual P3310 Rus 22022013 PDFРуслан ШматкоОценок пока нет
- Å ¡ Ô¿ñ DPДокумент80 страницÅ ¡ Ô¿ñ DPVladОценок пока нет
- Отчет По Практике Azov Sea (Для Суд.мех.)Документ74 страницыОтчет По Практике Azov Sea (Для Суд.мех.)Джон ТокаревОценок пока нет
- Устройство суднаДокумент17 страницУстройство суднаЮрий КораОценок пока нет
- Electrolux Ewm1000 Plus Ewm1000evo Ewm3000new Env06 11xx21xx 25xx 35xxДокумент185 страницElectrolux Ewm1000 Plus Ewm1000evo Ewm3000new Env06 11xx21xx 25xx 35xxБорислав Зарков100% (1)
- Nokia FlexiHopperДокумент68 страницNokia FlexiHopperВячеслав ОжигинОценок пока нет
- Manual Adast Popular Minor LPGДокумент57 страницManual Adast Popular Minor LPGАлексей ЕреминОценок пока нет
- ИБП8-2,0 - 48 (60) К-6.N и ИБП8-2,0 - 48 (60) К-8.N РЭ2Документ51 страницаИБП8-2,0 - 48 (60) К-6.N и ИБП8-2,0 - 48 (60) К-8.N РЭ2Vanek505Оценок пока нет
- Orion3 Guide V2 2 PDFДокумент229 страницOrion3 Guide V2 2 PDFмихаилОценок пока нет
- Краткая инструкция по настройке антенны КNSДокумент39 страницКраткая инструкция по настройке антенны КNSAlexander BudnikОценок пока нет
- A30050 X6078 X 3 5618Документ24 страницыA30050 X6078 X 3 5618Oleg KuryanОценок пока нет
- Vvedenie V JelektronДокумент205 страницVvedenie V JelektronАлексей Гомонов100% (1)
- Autocom User Manual RUSДокумент28 страницAutocom User Manual RUSleshaserviceОценок пока нет
- SecurOS Installation GuideДокумент37 страницSecurOS Installation GuideандрОценок пока нет
- Service Manual Phaser 3140 3155 3160.RUSДокумент294 страницыService Manual Phaser 3140 3155 3160.RUSRAMONОценок пока нет
- Strap RuДокумент1 752 страницыStrap Rumomen.freelanceОценок пока нет
- Sonara - User Manual RuДокумент124 страницыSonara - User Manual RuPaul GennsonОценок пока нет
- Gfu Standard Vacon NXLДокумент24 страницыGfu Standard Vacon NXLCoil98Оценок пока нет
- Ka L15 L22RSV2 Rus 131111Документ50 страницKa L15 L22RSV2 Rus 131111FktrctqОценок пока нет
- Kb01.1 Lr560 Hart - Ru.arcДокумент162 страницыKb01.1 Lr560 Hart - Ru.arcigor gulevatiyОценок пока нет
- A Byte of Python Rus 2.01Документ204 страницыA Byte of Python Rus 2.01Stressed by a Mountain of BooksОценок пока нет
- HaskellДокумент157 страницHaskellartursaliyevОценок пока нет
- Introduction in GNU - LinuxДокумент101 страницаIntroduction in GNU - LinuxIon CapcanariОценок пока нет
- ix2 инструкцияДокумент173 страницыix2 инструкцияVladislavОценок пока нет
- 7000 Series Operators Manual V3 Monitor 00 RussianДокумент230 страниц7000 Series Operators Manual V3 Monitor 00 RussianvanchinatanyaОценок пока нет
- контрольные вопросыДокумент75 страницконтрольные вопросыstudy timeОценок пока нет
- Кармин Новиелло - Освоение Stm32Документ825 страницКармин Новиелло - Освоение Stm32TestKn82Оценок пока нет
- DSC NEO HS2016 - HS2032 - HS2064 - HS2128 - v1 - 1 - Manual - RusДокумент206 страницDSC NEO HS2016 - HS2032 - HS2064 - HS2128 - v1 - 1 - Manual - RusRostislavОценок пока нет
- Treyding Na Valyutnom Riynke Dlja Nachinayusheih 9785961466546 - 12288 - 6326Документ30 страницTreyding Na Valyutnom Riynke Dlja Nachinayusheih 9785961466546 - 12288 - 6326Дмитрий ДенисовОценок пока нет
- ODN Russian VersionДокумент114 страницODN Russian VersionNeroFoxОценок пока нет
- Мониторы пациента bsm6000 - series (001-083)Документ83 страницыМониторы пациента bsm6000 - series (001-083)audiolimitОценок пока нет
- m716 UgДокумент69 страницm716 UgАлександр КривоспицкийОценок пока нет
- Системы ввода - вывода и интерфейсыДокумент187 страницСистемы ввода - вывода и интерфейсыDenisОценок пока нет
- Astra - Hmi.security ManualДокумент240 страницAstra - Hmi.security ManualКокорин ИльяОценок пока нет
- Інструкція KBA Alfajet Mondo - RUS-2Документ200 страницІнструкція KBA Alfajet Mondo - RUS-2Evci PlastikОценок пока нет
- ECOSYSM8130cidn RUДокумент550 страницECOSYSM8130cidn RUTS ELKASAОценок пока нет
- RU PrismaVENT 68436Документ68 страницRU PrismaVENT 68436E.D.V.Оценок пока нет
- Rubix 24Документ31 страницаRubix 24JefОценок пока нет
- 103 Kratkoe Rukovodstvo Flatpack2 4u Distr Sp2Документ32 страницы103 Kratkoe Rukovodstvo Flatpack2 4u Distr Sp2AVkucher1983Оценок пока нет
- Quick Start Manual Fp2 RusДокумент41 страницаQuick Start Manual Fp2 RusАнатолий ПетьковОценок пока нет
- Ds Minipack 800 48v FC Rus EvДокумент2 страницыDs Minipack 800 48v FC Rus EvАнатолий ПетьковОценок пока нет
- Flatpack2 Integrated 5 8uДокумент2 страницыFlatpack2 Integrated 5 8uЗиновий Путин100% (1)
- Ds Minipack System Rus EvДокумент2 страницыDs Minipack System Rus EvАнатолий ПетьковОценок пока нет
- WinLink 1000 User Manual RussianДокумент328 страницWinLink 1000 User Manual Russianciro_svОценок пока нет
- RADWIN 2000 User Manual RussianДокумент340 страницRADWIN 2000 User Manual RussianJLA7777Оценок пока нет
- СИСТЕМА ЭЛЕКТРОПИТАНИЯ NetSure 501Документ27 страницСИСТЕМА ЭЛЕКТРОПИТАНИЯ NetSure 501Анатолий ПетьковОценок пока нет
- IPasolink Configuration Manual On Russian Language PDFДокумент179 страницIPasolink Configuration Manual On Russian Language PDFalekskotОценок пока нет
- Презентация - iPasolink 101018 MTS redДокумент36 страницПрезентация - iPasolink 101018 MTS redDmitry Savolyuk100% (1)
- Инструкция по работе с Pasolink+Документ16 страницИнструкция по работе с Pasolink+Alex EdalovОценок пока нет
- Eclipse ManualДокумент1 118 страницEclipse ManualАнатолий ПетьковОценок пока нет
