ECG9210-04 Home Gateway VDSL2 Router with 802.11b/g capabilities User Guide http://www.edgecorenetworks.com http://www.
User Guide Home Gateway VDSL2 Router VDSL2 Home Gateway Router with 4100BASE-TX (RJ-45) Ports, 2 VDSL Ports (RJ-11) and 802.
EGC9210-04 E022010-DT-R01 150200000095A
Compliances FCC - Class B This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with instructions, may cause harmful interference to radio communications.
• EN 300 328 - Technical requirements for 2.
English Hereby, SMC, declares that this Radio LAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/ EC. Finnish Suomi Valmistaja SMC vakuuttaa täten että Radio LAN device tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.
Spanish Español Por medio de la presente SMC declara que el Radio LAN device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE Polish Polski Niniejszym SMC oświadcza, że Radio LAN device jest zgodny z zasadniczymi wymogami oraz pozostałymi stosownymi postanowieniami Dyrektywy 1999/5/EC. Portuguese Português SMC declara que este Radio LAN device está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE.
Warnings and Cautionary Messages Warning: This product does not contain any serviceable user parts. Caution: Do not plug a phone jack connector in the RJ-45 port. This may damage this device. Caution: Use only twisted-pair cables with RJ-45 connectors that conform to FCC standards. Environmental Statement The manufacturer of this product endeavours to sustain an environmentally-friendly policy throughout the entire production process.
x
About This Guide Purpose This guide details the hardware features of the Gateway, including its physical and performance-related characteristics, and how to install the Gateway. It also includes information on how to operate and use the management functions of the Gateway. Audience The guide is intended for use by network administrators who are responsible for installing and setting up network equipment; consequently, it assumes a basic working knowledge of LANs (Local Area Networks).
xii
Contents Chapter 1: Introduction Overview VDSL Technology Features and Benefits Description of Hardware 13 13 14 15 16 Chapter 2: Installation Installation Overview Package Contents System Requirements Cable Connections Powering On Configuring the TCP/IP Protocols 25 25 25 25 26 27 27 Chapter 3: Network Planning Application Examples Networking Concepts Route Determination Bridging Routing Network Applications Accessing a Remote Site Accessing the Internet Network Services DHCP Service DNS Service NAT Fu
Contents WAN Status Bridge WAN Status LAN Status System Log DHCP Client List System Configuration System Mode System Time Admin Settings System Tools UPnP Service Settings SNMP DNS Management IP WAN Configuration WAN Type WAN Settings Dynamic IP Address Static IP Address PPPoE DDNS LAN Configuration LAN Type LAN Settings Switch Ports Route Configuration Static Routing Dynamic Routing Policy Routing Wireless Configuration WLAN Security WEP Security WPA2 Security WPS Security Access Control Client List NAT Co
Contents Remote Control Denial of Service VDSL Configuration VDSL Status and Rate Information Performance Counters SNR Information DELT IGMP Configuration IGMP Settings QoS Configuration QoS Settings Traffic Classification DSCP to 802.
Contents xvi
Chapter 1: Introduction Overview This device can serve as a key component in any Ethernet-over-VDSL2 data transport system that consists of an end-user Gateway and a VDSL2 switch connected by standard telephone cable. The VDSL connection delivers an Ethernet data link rated up to both 100 Mbps downstream and 100 Mbps upstream (VDSL2 profile 30A), while simultaneously supporting standard telephone services.
1 Introduction VDSL Technology VDSL (Very High Bit-Rate Digital Subscriber Line) is at the high-end of all the DSL technologies, offering the best combination of fiber optics and copper to provide high-speed broadband Internet access. VDSL’s primary application is in providing a broadband data service to multi-tenant residential or commercial buildings.
Features and Benefits 1 distortions. Reed-Solomon Forward Error Correction and interleaving protects against errors due to impulse noise, and enables recovery from signal interruptions. Frequency Division Duplexing (FDD) separates downstream and upstream channels and allows VDSL signals to coexist with regular telephone services. A power back-off mechanism is also implemented to reduce noise from crosstalk in line bundles.
1 Introduction • Network Address Translation (NAT/NAPT) which enables multiple user Internet access with a single user account, flexible local IP address administration, and firewall protection • Virtual Server which allows remote users access to various services at your site using a constant IP address • DMZ Host allows a client to be fully exposed to the Internet for applications which do not work properly behind a firewall • Dynamic Host Configuration Protocol (DHCP) for dynamic IP address assignment a
1 Description of Hardware The following figure shows the front components of the Gateway: 802.11b/g Antenna WPS Button PWR ALAR M VD SL VD SL LA LINK N1 LA TX/RX N2 LA N3 LAN4 WLAN WPS WPS Power LED VDSL LINK LED ALARM LED LAN1~4 LEDs VDSL TX/RX LED WPS LED WLAN LED Figure 1-2 Top Panel The Gateway includes key system and port indicators that simplify installation and network troubleshooting.
1 Introduction Table 1-2 LED Display Status (Continued) LED Color Status VDSL TX/RX Green On Signal detected on VDSL WAN port. Off No signal detected on VDSL WAN port. Blinking Network traffic is crossing the VDSL WAN port. LAN1-4 Green WLAN Green WPS Green Description On Ethernet link signal detected on LAN port. Off No Ethernet link signal detected on LAN port. Blinking Network traffic is crossing the LAN port. On/ Flashing Indicates the 802.11b/g radio is enabled.
Description of Hardware 1 The following figure shows the base components of the Gateway: Rubber Feet Reset Button Figure 1-4 Base Panel 19
1 Introduction The gateway also includes a wall/ceiling mount bracket illustrated in the picture that follows. Align the bracket in the direction indicated, marking four screw holes in the mounting surface with a pencil. Drill four holes in the mounting surface sufficient in size to accomodate the screws that you are using. If drilling into a wall, make sure to use wall-plugs as well. The mounting bracket also includes two clips for attaching the unit to the backet.
Description of Hardware 1 The mounting bracket also includes two clips for attaching the unit to the backet.
1 Introduction Figure 1-7 Mounting the unit in the bracket Figure 1-8 Mount the connected unit into the bracket in the direction of the red arrows shown above, making sure the unit clips correctly into the mounting clips.
Description of Hardware 1 Figure 1-9 Unit in bracket 23
1 Introduction If mounting the assembled unit to a vertical surface follow the directions of the red arrows indicated below.
Chapter 2: Installation Installation Overview Before installing the Gateway, verify that you have all the items listed in “Package Contents.” If any items are missing or damaged, contact your local distributor. Also, be sure you have all the necessary tools and cabling before installing the Gateway.
2 Installation Cable Connections Depending on the wiring configuration used in your house, separate wall jacks may be used for telephone and VDSL services. Otherwise, you will need to connect telephones and your computer directly to the Gateway. RJ-45 Ports RJ-11 Ports AC Power Adapter Telephone, Fax, or Modem Computer AC Power Outlet Standard Telephone Cable Category 5 UTP cable to Ethernet port on computer VDSL Line Wall Jack Figure 2-1 Connecting the Gateway 1.
2 Powering On Powering On Plug the power adapter cord into the DC 12V power socket on the Gateway, and then plug the power adapter directly into a power outlet. Check the LED marked PWR on the top of the unit to be sure it is on. If the PWR indicator does not light up, refer to Appendix A: “Troubleshooting” on page 111. If the Gateway is properly configured, it will take about 30 seconds to establish a connection with the VDSL service provider after powering up.
2 Installation 2. Right-click the “Local Area Connection” icon for the adapter you want to configure. 3. Highlight “Internet Protocol (TCP/IP).” 4. Click on “Properties.” 5. Select the option “Obtain an IP address automatically” and “Obtain DNS server address automatically.” Windows Vista 1. Click Start/Control Panel. 2. Double-click “Network and Sharing Center.” 3. Click “View status.” 4. Click “Properties.” If the “User Account Control” window appears, click “Continue.” 5.
Chapter 3: Network Planning Application Examples VDSL provides significant savings on network installation, equipment, and service fees. Internet services operate over existing phone cabling and a minimal amount of network equipment. The only changes require installing a VDSL CPE (or Gateway as described in this manual) for each client, and a VDSL switch in the basement or wiring closet. Internet service can then be provided over a direct Ethernet connection from your ISP.
3 Network Planning the same segment (that is, the local network or remote network) as the source address. Routing When Router Mode is selected, the Gateway forwards incoming IP packets and uses RIP or RIP-2 for routing path management if enabled. The router supports both static routing and dynamic routing. • Static routing requires routing information to be stored in the router, either manually or when a connection is set up, using the default gateway designated by your ISP.
Network Applications 3 The source MAC address of each frame is recorded into the address database only if it belongs to the local LAN segment. This information is then used to make subsequent decisions on frame forwarding. The address database can hold up to 512 unique MAC addresses. An entry in the address database will be discarded only if it has not been accessed for a period of time called the aging time.
3 Network Planning make better choices on the most appropriate path to a remote network. However, RIP-1 is adequate for most networks and involves less overhead. VDSL Internet VDSL ECG9210-04 Local Area Network PPP/ATM ISP DSLAM TCP/IP Protocol Figure 3-2 Routed Network Network Services DHCP Service Dynamic Host Configuration Protocol (DHCP) allows network clients to dynamically obtain TCP/IP configuration information upon bootup. When a DHCP client starts, it broadcasts a DHCP request.
Network Services 3 Virtual Server You can also map multiple local servers to the Gateway’s external IP address. In this way, service requests from Internet users can be redirected to designated servers on the local network. This allows you to define a single access point for all the Internet services provided at your site, such as a local web server or an FTP server.
3 Network Planning Virtual Private Network The Gateway supports three of the most commonly used VPN protocols – PPTP, L2TP and IPSec. These protocols allow remote users to establish a secure connection to their corporate network. If your service provider supports VPNs, then any of these protocols can be used to create an authenticated and encrypted tunnel for passing secure data over the Internet (i.e., a traditionally shared data network).
Chapter 4: Initial Configuration Accessing the Setup Wizard The Gateway provides a Setup Wizard for initial configuration of the unit’s operating mode (Bridge or Router as described in “Networking Concepts” on page 29) and WAN IP address (when Router mode is selected). For initial configuration, connect a PC directly to one of the LAN ports on the back of the unit, and use a web browser (such as Internet Explorer 6.0 or above, or Mozilla Firefox 2.0.0.0 or above) to connect to the Gateway.
4 Initial Configuration 3. Click WIZARD when the home page appears. Figure 4-2 Home Page Using the Setup Wizard There are only a few basic steps you need to set up the Gateway, and to configure an IP address for the WAN interface (when operating in Router mode). The Setup Wizard takes you through the configuration procedures shown below: 1. Select the Operating Mode – By default, the Gateway is set to operate in Bridge mode, and requires no other features to be set before using the Advanced Setup menu.
Using the Setup Wizard 4 If Router mode is selected the information displayed on the screen changes to that shown below. Figure 4-4 Mode Selection (Router Mode) 2. Set the WAN Connection Type – By default, the Gateway’s WAN port is configured for dynamic IP assignment using DHCP. Select the option indicated by your Internet service provider, and click Next. Figure 4-5 WAN Type • Dynamic IP – If you selected Dynamic IP, the following screen will appear. Click Next to confirm your selection.
4 Initial Configuration • Static IP – If you selected Static-IP, the following screen will appear. Fill in the required settings, and then click Next. Figure 4-7 WAN Setting (Static IP) Field Attributes • IP address assigned by your ISP – IP address of the WAN interface. Valid addresses consist of four decimal numbers, 0 to 255, separated by periods. • Subnet Mask – This mask identifies the subnet and host portion of the IP address.
Using the Setup Wizard 4 • PPPoE – If you selected PPPoE, the following screen will appear. Fill in the required settings, and then click Next. Figure 4-8 WAN Setting (PPPoE) Field Attributes • • • • User Name – Sets the PPPoE user name. (Range: 1-32 characters) Password – Sets a PPPoE password. (Range: 1-32 characters) Password Confirm – Prompts you to re-enter your password. Service Name – The service name assigned for the PPPoE connection.
4 Initial Configuration 3. Enable Local DHCP Service – By default, the Gateway’s is configured to provide DHCP service to any client attached to the Gateway’s LAN ports. Set the administrative status of this feature, and click Next. Figure 4-9 DHCP Setting 4. Set Wireless Settings – The wireless radio on the Gateway is disabled by default. To enable it check the WLAN Enable box. The access point’s ESSID is automatically set, but may be changed by altering this field.
Using the Setup Wizard 4 5. Setting WLAN Security (WEP) – Sets the wireless security encryption key for the wireless network. Figure 4-11 WLAN Security - WEP Field Attributes • None – Disables security on the access point. (Default: Disabled) • WEP – WEP is used as the multicast encryption cipher. • Authentication Mode – Defines the mode with which the access point will associate with other clients. • Key Mode – Select 64 Bit, or 128 Bit length.
4 Initial Configuration Setting WLAN Security (WPA) – Sets the WPA/WPA2 PSK wireless security encryption key for the wireless network. Figure 4-12 WLAN Security - WPA Field Attributes • TKIP/AFS – TKIP/AES is used as the multicast encryption cipher. • AES – AES is used as the multicast encryption cipher. AES-CCMP is the standard encryption cipher required for WPA2. 6. Click Next followed by Apply on the next srceen to save your settings. The unit will save your settings and restart.
Using the Setup Wizard 4 7. When the system restarts, a countdown window displays for about 60 seconds.
4 44 Initial Configuration
Chapter 5: System Configuration Using the Web Interface The Gateway provides a web-based management interface for configuring device features and viewing statistics to monitor network activity. This interface can be accessed by any computer on the network using a standard web browser (such as Internet Explorer 6.0 or above, or Mozilla Firefox 2.0.0.0 or above). Note: You can also use the Command Line Interface (CLI) to manage the Gateway over a serial connection to the console port or via Telnet or SSH.
5 System Configuration Home Page When your web browser connects with the Gateway’s web agent, the home page is displayed as shown below. For initial configuration, you can use the Setup Wizard as described in the preceding chapter. To carry out more detailed configuration tasks, use the Advanced Setup Menu, as described in this chapter.
Using the Web Interface 5 Click “START WITH ADVANCED SETUP” to open the Advanced Settings menu as shown below. By default, the Gateway is set to Bridge Mode. (For a brief description of Bridge Mode and Router Mode, see “Route Determination” on page 29.) Figure 5-2 Initial Page for Advanced Settings (Router Mode) Advanced Settings Menu The Advanced Settings pages display the main menu on the left side of the screen and sub-menu tabs at the top of screen.
5 System Configuration Table 5-1 Advanced Settings Menu (Continued) Menu Mode Page WAN Shows configuration status (DHCP or static), IP Router 51 address, subnet mask, DNS servers, gateway address, and WAN link status LAN Shows IP address, subnet mask, and local DHCP server status Log Displays a log of all network access and service activity Both DHCP Displays addresses currently bound to DHCP clients SYSTEM Router 52 53 Router 54 Basic administrative settings Both 54 Mode Sets the device
Using the Web Interface 5 Table 5-1 Advanced Settings Menu (Continued) Menu Description Mode Wireless Configures wireless AP settings Both 79 Client List List of all wireless clients currently associated with the Both AP 85 NAT Page Network Address Translation Router 86 Maps public to private service addresses Router 86 Port Mapping Maps one or more service ports to a local server Router 87 DMZ Allows a specified host on the local network to access Router 89 the Internet without any fi
5 System Configuration Status Information The Status pages display details on the current configuration and status of the Gateway, network access logs, and DHCP client lists. Note: The Status Information pages display different statistics depending on the mode selected – Bridge or Router. Refer to “Networking Concepts” on page 3-29 for a general description about these operating modes. Refer to “System Mode” on page 5-54 for information on setting the operation mode.
Status Information • • • • • 5 Company Name – The name of the manufacturer. Postal Address – The postal address of the manufacturer. Phone Number – The phone number of the manufacturer. Fax Number(option) – The facsimile number of the manufacturer. Support E-mail Address – The support email address. WAN Status This page shows the administrative status, the IP address configuration mode (DHCP, static assignment, or PPPoE), the IP address, subnet mask, DNS servers, gateway address, and WAN link status.
5 System Configuration Bridge WAN Status This page shows the administrative status of the bridge WAN port. Click Status, Bridge WAN Status. Figure 5-5 Bridge WAN Status Field Attributes • Mode – The administrative status of the bridge WAN port. • TX packets – The total number of transmitted packets sent by the unit since boot up. • TX bytes – The total number of transmitted bytes sent by the unit since boot up.
Status Information 5 • Subnet Mask – This mask identifies the subnet and host portion of the IP address. • DHCP Server – Shows if the Gateway’s DHCP server is enabled or disabled. System Log This page displays a log of all network access requests by client devices and service responses sent from the Gateway. Click Status, System Log. Figure 5-7 System Log Field Attributes • Log Entry – Shows the date, time, process, and description. • Download – Downloads the log table as an raw text file.
5 System Configuration • Count Down – The time after which the connection will expire and the DHCP client must request a new IP address. • MAC Address – The MAC address of the DHCP client. • IP Address – The IP address assigned to the DHCP client. • Host – The host name of the DHCP client.
System Configuration 5 Figure 5-11 System Mode - Router - DHCP Enabled Field Attributes • Bridge – Sets the Gateway to function as a Layer-2 bridge, using only the physical address stored in the packet’s source and destination address fields to pass traffic. • Router – Sets the Gateway to function as a Layer-3 router, using a specific route (that is, next hop) for each IP host or subnet that is statically configured or learned through dynamic routing protocols.
5 System Configuration • • • • • Enable Broadcast Pass Through – Enables Broadcast Pass Through. VID – Specifies the VLAN ID. 802.1p – Specifies quality of service level. Enable DHCP Option – Option 60 – Option 60 allows a DHCP server to differentiate between the two kinds of client machines and process the requests from the two types of modems appropriately. The DHCP server and client send a vendor class option that contains an ASCII-encoded string with three parts delimited by a / character.
System Configuration 5 Admin Settings The Administrative Settings page allows you to configure the management access password, and IP address(es) authorized for remote management access over the WAN link. To protect access to the management interface, you need to configure a new password as soon as possible. If a new password is not configured, then anyone having access to the Gateway may be able to compromise the unit's security by entering the default password.
5 System Configuration System Tools This page provides facilities for pinging another device, updating firmware, restoring factory defaults, and rebooting the unit. Click System, System Tools. Follow the instructions shown on the web page to perform any of the listed tasks. Figure 5-14 System Tools Field Attributes • Firmware Update – Allows you to download new firmware by selecting a file stored on your management station. • Restore Factory Default – Restores the factory defaults.
System Configuration 5 UPnP This page is used to enable or disable the UPnP auto-discovery mechanism. Universal Plug and Play (UPnP) is a set of protocols that allows devices to connect seamlessly and simplifies the deployment of home and office networks. UPnP achieves this by using UPnP device control protocols designed upon open, Internet-based communication standards. Note that only devices within the same broadcast domain can be discovered through UPnP.
5 System Configuration Service Settings This page allows you to enable or disable TFTP, Telnet, and Secure Shell access. Note that these functions are only used for the command line interface, not the web interface. Click System, Service Settings. Enable or disable the required service, and click Apply. Figure 5-16 Service Settings Field Attributes • tftpd – Trivial File Transfer Protocol used to download firmware to the Gateway.
System Configuration 5 SNMP Simple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
5 System Configuration Figure 5-17 SNMP • SNMP – Enables or disables SNMP management access and also enables the access point to send SNMP traps (notifications). (Default: Disable) • Contact – A text string that describes the system contact. (Maximum length: 255 characters) • Location – A text string that describes the system location. (Maximum length: 255 characters) • Trap IP – The IP address of the SNMP server. • ROCommunity – Defines the SNMP community access string that has read-only access.
System Configuration 5 DNS The Domain Name System (DNS) distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. Figure 5-18 DNS • Primary and Secondary DNS Address – The IP address of Domain Name Servers on the network.
5 System Configuration WAN Configuration The WAN pages are used to configure the address assignment method for the WAN interface, and to configure dynamic DNS service. WAN Type The WAN Type page allows the user to create multiple WANs by VLAN. Figure 5-20 WAN Type • • • • 64 No Tag – Specifies no VLAN tag. VID – The VLAN ID. NAT – Enables/disables NAT on the specified VLAN. Add – Applies the settings and creates the WAN.
WAN Configuration 5 WAN Settings This page configures address assignment options for the WAN interface, using DHCP, a static address, or PPPoE. The WAN interface should connect directly to a Layer 3 device at your service provider’s central office or to another gateway device at your office. You therefore need to use the method and parameter settings given to you by your service provider or network administrator. Dynamic IP Address Click WAN, WAN Settings. Be sure the WAN interface is enabled.
5 System Configuration The general framework for these DHCP options are set out in RFC 2132, but the specific string to use should be supplied by your service provider or network administrator. Static IP Address Click WAN, WAN Settings. Be sure the WAN interface is enabled. Then select Static IP Address mode, fill in the appropriate settings as required, and click Apply.
WAN Configuration 5 PPPoE Point-to-Point Protocol over Ethernet (PPPoE) emulates a dial-up connection. It allows an ISP to use existing network configuration settings to implement VDSL service without significant changes. Click WAN, WAN Settings. Be sure the WAN interface is enabled. Then select PPPoE mode, fill in the appropriate settings as required, and click Apply. Figure 5-23 WAN Settings (PPPoE) Field Attributes • • • • • • • • Mode – Select PPPoE to obtain a address using this protocol.
5 System Configuration to the upstream gateway whenever an Internet access request is made. (Range: 1-99 minutes; Default: 2 minutes) DDNS The DDNS Settings page is used to configure dynamic DNS services for DynDNS and TZO servers. DDNS provides clients accessing the Internet with a method to tie a specific host name to their computer’s dynamically assigned IP address. DDNS allows your host name to follow your IP address automatically by changing your DNS records when your IP address changes.
LAN Configuration 5 LAN Configuration The LAN pages are used to configure an IP address for management access through the LAN interface, configure the local DHCP server, and DNS service. These pages are also used to configure port connection parameters, including speed and duplex mode. LAN Type LAN Type settings enable VLANs on the units four LAN ports. You may configure up to four VLANs in total. Figure 5-25 LAN Type Field Attributes • • • • • • VLAN – Enables or disables VLANs.
5 System Configuration LAN Settings This page is used to configure IP settings for the LAN, including an IP address for management access, a local DHCP server, and DNS service. Click LAN, LAN Settings. Enable the LAN interface, set an IP address for management access from the LAN side, configure the DHCP server and DNS service, then click Apply.
LAN Configuration 5 Figure 5-28 LAN Settings (DHCP Relay) Field Attributes • IP Address – IP address used for management access from the LAN side. • Netmask – This mask identifies the subnet and host portion of the IP address. The following attributes only apply to Router mode: • DHCP Server – Enables or disables the local DHCP server. • Domain – DNS suffix appended to unqualified names that are used by this client.
5 System Configuration • Secondary DNS Address – The backup DNS server. Switch Ports This page is used to configure port connection parameters, including speed and duplex mode. Click LAN, Switch Ports. Set the required connection parameters for any port, and click Apply. Figure 5-29 Switch Ports Field Attributes • Port – The four ports on the LAN interface. • Mode – The connection mode for a port. - auto – Uses auto-negotiation to obtain the optimal settings.
Route Configuration 5 Route Configuration The ROUTE pages are used to configure either static routing entries, or to enable or disable dynamic routing, or to enable policy routing on the LAN and WAN interfaces. Static Routing The Gateway can dynamically configure routes to other network segments using RIP. However, static routes can also be manually entered in the routing table.
5 System Configuration Dynamic Routing The Gateway supports RIP (also referred to as RIP-1) and RIP-2 dynamic routing protocols. Routing Information Protocol (RIP) is the most widely used method for dynamically maintaining routing tables. RIP uses a distance vector-based approach to routing. Routes are chosen to minimize the distance vector, or hop count, which serves as a rough estimate of transmission cost.
Route Configuration 5 Figure 5-31 Dynamic Routing Field Attributes • Enable – Enables dynamic routing for both the LAN and WAN interface. • LAN Version – Specifies RIP-1 or RIP-2 on the LAN interface. • WAN Version – Specifies RIP-1 or RIP-2 on the WAN interface.
5 System Configuration Policy Routing Policy routing enables the user to route LAN trafiic to the WAN port according to source IP, source port, and Protocol. Figure 5-32 Policy Routing Field Attributes • • • • • • • • • 76 Enable Policy Routing – Enables policy routing to the WAN interface. Source IP – Specifies the source IP address. Mask – Specifies an IP mask. Protocol – Specifies the port type, TCP, UDP or both. Src. Port – Specifies the soruce port. Des. Port – Specifies the destination port.
Wireless Configuration 5 Wireless Configuration The IEEE 802.11b/g interfaces include configuration options for radio signal characteristics and wireless security features. The unit’s access point function can operate in three modes, mixed 802.11b/g, 802.11b only, or 802.11g. Also note that 802.11g is backward compatible with 802.11b, at slower data transmit rates. Figure 5-33 Wireless Setup Field Attributes • WLAN – Specifies a wireless LAN (WLAN) interface.
5 System Configuration • Status – Displays whether the wireless interface is enabled or not. • Mode – Specifies the security mode. • Access Control – Configures the access control method. WLAN Settings • WLAN Enable – Enables the communication for the VAP wireless interface. • (Default: Enabled) • SSID – The name of the wireless network service provided by the VAP. • SSID Broadcast – Enables broadcasting of the SSID to the local wireless network. (Default: Enabled) • WDS Status – Enables the WDS status.
Wireless Configuration 5 If the RTS threshold is set to 0, the access point always sends RTS signals. If set to 2347, the access point never sends RTS signals. If set to any other value, and the packet size equals or exceeds the RTS threshold, the RTS/CTS (Request to Send / Clear to Send) mechanism will be enabled. The access points contending for the medium may not be aware of each other. The RTS/CTS mechanism can solve this “Hidden Node Problem.
5 System Configuration Setting up shared keys enables the basic IEEE 802.11 Wired Equivalent Privacy (WEP) on the access point to prevent unauthorized access to the network. If you choose to use WEP shared keys instead of an open system, be sure to define at least one static WEP key for user authentication and data encryption. Also, be sure that the WEP shared keys are the same for each client in the wireless network.
Wireless Configuration 5 Figure 5-35 WPA2 PSK Security Field Attributes • TKIP/AES – Uses Temporal Key Integrity Protocol (TKIP) or AES keys for encryption. WPA specifies TKIP as the data encryption method to replace WEP. TKIP avoids the problems of WEP static keys by dynamically changing data encryption keys. WPA/WPA2 mixed modes allow both WPA and WPA2 clients to associate to a common SSID interface. In mixed mode, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each client.
5 System Configuration Figure 5-36 WPA2 EAP Security Field Attributes • RADIUS Server IP – Specifies a RADIUS server IP address. • RADIUS Server Port – Specifies a RADIUS server port number. (Default: 1812) • Secret – Specifies a secret text string. WPS Security The WPS protocol itself consists as a series of EAP message exchanges that is triggered by a user action and relies on an exchange of descriptive information that should precede that user's action.
Wireless Configuration 5 Figure 5-37 WPS Security Field Attributes • • • • Self PinCode – Displays a PIN code for authentication. SSID – Displays the SSID. Configure via Push Button – Starts a scan for neighboring access points. Configure via Client PinCode – Allows the user to enter a PIN code for authentication. • UPnP Configured for vista – Enables support for Windows Vista.
5 System Configuration Access Control Wireless clients can be authenticated for network access by checking their MAC address against a local database configured on the access point. You can configure a list of up to 32 wireless client MAC addresses in the filter list to either allow or deny network access. Figure 5-38 Access Control Field Attributes • Wireless Access Control – Enables access control. • List Mode – Specifies whether the MAC address is to be allowed (Whitelist) or denied (Blacklist).
Wireless Configuration 5 Client List The Client List displays all current clients associated with the access point. Figure 5-39 Client List Field Attributes • MAC Address – Displays the MAC address of the currently associated client. • Client Type – Displays the type of client associated with the access point.
5 System Configuration NAT Configuration Network Address Translation (NAT) is a method of mapping between a single global address on the WAN interface to multiple local addresses on the LAN interface. For the Gateway, the internal (local) IP addresses are those assigned to PCs or other network devices by the DHCP server, and the external IP address is the single address assigned to the WAN port.
NAT Configuration 5 Click NAT, Virtual Server. Specify the IP address of the local server, the private port number, TCP or UDP type, the public port number, and click Apply. Figure 5-40 Virtual Server Field Attributes • Public Port – Specifies the WAN port number. • Private IP – The IP address of a server on the local network. The specified address must be in the same subnet as the Gateway and its DHCP server address pool. • Private Port – Specifies the local LAN TCP/UDP port number.
5 System Configuration Click NAT, Port Mapping. Specify the TCP/UDP port range, the IP address of a local server, and click Apply. Figure 5-41 Port Mapping Field Attributes • • • • • • • • • • 88 Enable – Enables port mapping. Port Mapping – Specifies one of two port mapping lists. Source IP – Species a source IP address to route from. External Port – Specifies an external port, or port range. Internal IP – Specifies an internal port to route through.
NAT Configuration 5 DMZ This page is used to allow a specified host on the local network to access the Internet without any firewall protection. Some Internet applications, such as interactive games or videoconferencing, may not function properly behind the Gateway’s firewall. By specifying a Demilitarized Zone (DMZ) host, the PC's TCP ports are completely exposed to the Internet, allowing unrestricted two-way communications.
5 System Configuration Firewall Configuration The Gateway provides extensive firewall protection by restricting connection parameters to limit the risk of intrusion and defending against a wide array of common hacker attacks. Firewall Settings This page is used to enable or disable the firewall, and set the default forwarding policy for addresses not found in the MAC or IP filtering list. Click FIREWALL, Firewall Settings. Enable the firewall, set the default forwarding policy, and click Apply.
Firewall Configuration 5 IP Filtering This page is used to filter the IP addresses of clients attempting to access the Internet based on the source or destination IP address and TCP/UDP port of each packet. Address filtering allows the Gateway to permit or deny specified packets passing through to the Internet. Click FIREWALL, IP Filtering. Mark the check box to enable IP address filtering.
5 System Configuration ALG Configuration This page is used to enable or disable customized Application Layer Gateway (ALG) traversal filters for SIP, H323, IRC, PPTP, SNMP, and TFTP applications. Click FIREWALL, ALG Configuration. Enable ALG traversal filters for the required applications, and click Apply.
Firewall Configuration 5 - IPSEC – Internet Protocol Security is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. • Status – Enables or disables filter for specified protocol. Remote Control The Remote Control function configures the IP addresses of users who may have exclusive control of the VDSL/Router from the WAN port.
5 System Configuration Denial of Service A denial-of-service attack (DoS attack) is an attempt to make computer resources unavailable to its intended users. This device provides following options to protect this device from those attacks. You can optionlly enable those protections for your needs. Figure 5-47 DoS Field Attributes • DoS Protection Enable – Enables DoS protection. • Attacks – Lists the type of DoS attack the unit provides protection from.
VDSL Configuration 5 VDSL Configuration VDSL connection parameters can be applied globally to all VDSL ports on the Gateway. VDSL Status and Rate Information This page is used to display the status of the VDSL line, provision the BME and VDSL ports, run loop-back tests for diagnostic purposes; and also to display the current rate for various stream types and other VDSL line information. Use any of the functions listed in the VDSL Status table for the System Provision, Port Provision, or to stop ports.
5 System Configuration • Port – Starts or stops the VDSL port. Rate and Line Information • BME – The number of VDSL ports supported by the BME. • Downstream/Upstream Line Rate – This rate includes payload (user data) and any applicable framing overhead. • Fast Downstream/Upstream Payload Rate – The actual payload carried on the fast channels. • Slow Downstream/Upstream Payload Rate – The actual payload carried on the interleaved channels.
VDSL Configuration 5 Table 5-49 VDSL2 Band Plans (Continued) Code Band Plan 0x02 BP3_998_4 BP998_4B_12M 0x03 BP4_997_3 BP997_3B_7_1M 0x04 BP5_997_3 0x05 BP6_997_4 BP997_4B_7_1M 0x06 BP7_MXU_3 FLEX_3B_8_5M 0x07 BP8_MXU_2 0x08 BP9_998_2 0x09 BP10_998_2 BP998_2B_3_8M 0x0A BP11_998_2 0x0B BP12_998_2 0x0C BP13_MXU_3 0x0D BP14_MXU_3 0x0E BP15_MXU_3 0x0F BP16_997_4B_4P 0x10 BP17_998_138_4400 0x11 BP18_997_138_4400 0x12 BP19_997_32_4400 0x15 BP20_998_138_4400_opBand 0x16 BP2
5 System Configuration Performance Counters This page is used to display performance information including common error conditions for the VDSL line. Figure 5-50 Performance Counters (Basic) Field Attributes Basic Performance Counters • LOF – Loss of Frame. The number of times there was loss of framing error. • SES – Severely Errored Seconds.
VDSL Configuration 5 • CRC_F – Far end CRC errors on the fast path. • FEC_S – Far end Forward Error Correction on the slow path. • CRC_S – Far end CRC errors on the slow path. • LOS – Loss of Signal. The number of times there was a loss of signal error. • HEC_F – Header Error Control (HEC)/EFM framing errors on the fast path. • HEC_S – Header Error Control (HEC)/EFM framing errors on the slow path. • ES – Errored Seconds.
5 System Configuration DELT Dual-ended loop testing (DELT) is an ITU-standard loop diagnostic tool that enables the measurement of conditions at both ends of a DSL line. DELT can be used after deployment to allow service providers to monitor stability and connection rates for existing customer lines. Click VDSL, DELT. Figure 5-52 DELT Loopback Test Information • Run DELT Test – Performs the selected DELT test. • DELT Option – The type of signal transmitted from the specified port.
IGMP Configuration 5 • 14 – Upstream TSSI breakpoints • 15 – Average line attenuation • 16 – Average signal attenuation • 17 – Downstream DELT band information • 18 – Upstream DELT band information • 19 – Near end UPBO electrical loop length • 20 – Far end UPBO electrical loop length • 21 – Near end TX last tone index • 22 – Far end TX last tone index • 23 – Actual maximum DS PSD • 24 – Actual maximum US PSD • 25 – Per tone DS Tx PSK • 26 – Per tone US Tx PSK • Show Test Result – Displays the DELT test re
5 System Configuration IGMP Settings This page is used to configure IGMP Proxy, IGMP Snooping, Fast Leave, and several other IGMP timeout attributes. Click IGMP. Enable the required IGMP function, modify any of the timeout attributes as required, and then click Apply.
IGMP Configuration 5 an interface if it is connected to only one IGMP-enabled device, either a service host or a neighbor running IGMP snooping. This attribute is only effective if IGMP snooping is enabled, and IGMPv2 snooping is used. • Router Timeout – This function is used to see if IGMP query packets are arriving from the WAN side at regular intervals, and indicates the time the Gateway waits after the querier stops before it considers it to have expired.
5 System Configuration QoS Configuration Quality of Service (QoS) specifies which data packets have greater precedence when traffic is buffered in the Gateway due to congestion. The Gateway supports QoS with eight priority queues for each port. Data packets in a port’s high-priority queue will be transmitted before those in the lower-priority queues. QoS Settings This page is used to enable or disable QoS, sets the upstream rate limit, and the queuing mode. Click QoS, QoS Settings.
5 QoS Configuration Traffic Classification This page is used to configure diffServ priorities based on protocol type, source and destination addresses, and TCP/UDP port. Click QoS, Traffic Classification. Select the classification method from the drop-down list and fill in the required parameters, set the priority, click ADD to insert the rule in the table, and then click Apply. Figure 5-55 Traffic Classification Field Attributes • Method - Protocol – Specifies the protocol type to match as TCP or UDP.
5 System Configuration • Priority - CS Class – Class of Service (CoS) priority. (Range: 0 - 7, where 7 is the highest priority: Default: 0) This Gateway processes Class of Service (CoS) priority tagged traffic by using eight priority queues for each port. Up to eight separate traffic priorities are defined in IEEE 802.1p. The default priority levels are assigned according to recommendations in the IEEE 802.1p standard as shown in the following table.
QoS Configuration 5 DSCP to 802.1p Mapping Use the DSCP to 802.1p page to assign Class of Service (CoS) values to the priority queues (i.e., hardware output queues 0 - 3) on the CPE. Most CPEs currently support Class of Service by using four priority queues, with Weighted Round Robin queuing for each port. Eight separate traffic classes are defined in IEEE 802.1p. The default priority levels are assigned as shown below.
5 System Configuration ACS Configuration Configures parameters for auto-configuration servers (ACS) based on TR-069 (CPE WAN Management Protocol) and TR-098 (Internet Gateway Device Data Model for TR-069 Configuration). TR Settings This page is used to configure parameters for establishing a connection between the Gateway and an auto-configuration server. Click TR. Configure the required parameters, and click Apply.
ACS Configuration 5 • User Name – A string used to identify the Gateway during authentication with the ACS. This string should be globally unique among all CPE manufacturers. Specifically it should be a multi-part string comprising a manufacturer identifier and a serial number unique within that manufacturer. The recommended format for this string is OUI-SERIAL, where OUI is a six-digit hexadecimal value using all upper-case letters and including any leading zeros.
5 110 System Configuration
Appendix A: Troubleshooting Diagnosing Gateway Indicators Gateway operation is easily monitored via the LED indicators to identify problems. The table below describes common problems you may encounter and possible solutions. If the solutions in the table fail to resolve the problem, contact technical support for advice. Table A-1 Troubleshooting Chart Symptom PWR indicator does not light up after power on. LAN link indicator does not light up after making a connection.
A Troubleshooting If You Cannot Connect to the Internet • Check that your computer is properly configured for TCP/IP. See “Configuring the TCP/IP Protocols” on page 27. • Make sure the correct network adapter driver is installed for your PC operating system. If necessary, try reinstalling the driver. • Check that the network adapter’s speed or duplex mode has not been configured manually. We recommend setting the adapter to auto-negotiation when installing the network driver.
Appendix B: Cables Twisted-Pair Cable and Pin Assignments For 10BASE-T and 100BASE-TX connections, the twisted-pair cable must have two pairs of wires. Each wire pair is identified by two different colors. For example, one wire might be green and the other, green with white stripes. Also, an RJ-45 connector must be attached to both ends of the cable. Caution: DO NOT plug a phone jack connector into any RJ-45 port. Use only twisted-pair cables with RJ-45 connectors that conform with FCC standards.
B Cables Table B-1 10BASE-T/100BASE-TX MDI and MDI-X Port Pinouts Pin 1 MDI Signal Name Transmit Data plus (TD+) MDI-X Signal Name Receive Data plus (RD+) 2 Transmit Data minus (TD-) Receive Data minus (RD-) 3 Receive Data plus (RD+) Transmit Data plus (TD+) 6 Receive Data minus (RD-) Transmit Data minus (TD-) 4,5,7,8 Not used Not used Note: The “+” and “-” signs represent the polarity of the wires that make up each wire pair.
Twisted-Pair Cable and Pin Assignments B Crossover Wiring If the twisted-pair cable is to join two ports and either both ports are labeled with an “X” (MDI-X) or neither port is labeled with an “X” (MDI), a crossover must be implemented in the wiring. (When auto-negotiation is enabled for the RJ-45 port on the Gateway, you can use either straight-through or crossover cable to connect to any device type.
B Cables RJ-11 Ports Standard telephone RJ-11 connectors and cabling can be found in several common wiring patterns. These six-pin connectors can accommodate up to three wire-pairs (three telephone lines), but usually only one or two pairs of conductor pins and wires are implemented. The RJ-11 ports on the side of the Gateway contain two wire-pairs, an inner pair (pins 3 and 4) and outer pair (pins 2 and 5). On the LINE port, the inner wire-pair carries both voice and digital data.
Appendix C: Specifications VDSL Functional Criteria VDSL2 profile 30A (100 Mbps upstream / 100 Mbps downstream) Band Plan: 8D, 12A, 12B and 17A Signal Bandwidth: 25 kHz to 17.
C Specifications Temperature Operating: 0 °C to 40 °C (32 °F to 104 °F) Storage: -25 °C to 70 °C (-13 °F to 158 °F) Humidity Operating: 20% to 90% (non-condensing) LED Indicators PWR, ALARM, VDSL LINK, VDSL TX/RX, LAN 1-4 Standards Ethernet Standards IEEE 802.3-2005 Ethernet Access Ethernet, Fast Ethernet Full-duplex flow control (ISO/IEC 8802-3) IEEE 802.1D Spanning Tree Protocol IEEE 802.1p priority tags IEEE 802.3ac VLAN tagging VDSL Standards ANSI T1.424-2004 (T1E1 T1.
Compliances C Compliances Emissions FCC Class B FCC Part 68 IEC 61000-4-2 ESD (level 2) CE Environmental RoHS compliant Wireless Characteristics Wireless Transmit Power (Maximum) 802.11b : 20.36 dBm 802.11g : 22.84 dBm Wireless Receive Sensitivity (Maximum) 802.11b/g: 802.11b: -85 dBm @ 1 Mbps; -80 dBm @ 11 Mbps 802.11g: -83 dBm @ 6 Mbps; -66 dBm @ 54 Mbps Operating Frequency 802.11g: 2.4 ~ 2.4835 GHz (US, Canada) 2.4 ~ 2.4835 GHz (ETSI, Japan) 802.11b: 2.4 ~ 2.4835 GHz (US, Canada) 2.4 ~ 2.
C Specifications 13 channels (ETSI) 14 channels (Japan) Modulation Type 802.11g: CCK, BPSK, QPSK, OFDM 802.
Glossary 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over two pairs of Category 3, 4, or 5 UTP cable. 100BASE-TX IEEE 802.3u specification for 100 Mbps Fast Ethernet over two pairs of Category 5 or better UTP cable. Auto-Negotiation Signalling method allowing each node to select its optimum operational mode (e.g., speed and duplex mode) based on the capabilities of the node to which it is connected.
Glossary Dynamic Routing Dynamic routing uses a routing protocol to exchange routing information with neighboring routers on the network. It calculates routing tables based on a given metric, such as lest number of hops or shortest path. It can respond to changes in the status or traffic on the network, re-routing traffic as required. End Station A workstation, server, or other device that does not forward traffic.
Glossary ITU International Telecommunication Union ITU-T Telecommunication Standardization Section of ITU LAN Segment Separate LAN or collision domain. Layer 2 Data Link layer in the ISO 7-Layer Data Communications Protocol. This is related directly to the hardware interface for network devices and passes on traffic based on MAC addresses. LED Light emitting diode used for monitoring a device or network condition. Local Area Network (LAN) A group of interconnected computer and support devices.
Glossary similar networking device, then you must connect to an MDI port on the other device. Pin-out assignments are shown in Appendix B. Network Address Translation (NAT) A standard that enables a local-area network (LAN) to use one set of IP addresses for external traffic and a second set of addresses for internal traffic. Network Time Protocol (NTP) NTP provides the mechanisms to synchronize time across the network.
Glossary Rate Adaptive A VDSL service that automatically adjusts the transmission rate depending on line quality and loading to ensure data quality (such as, keeping within a maximum error rate). Router A device used to interconnect networks over local or wide areas and provide traffic control and filtering functions. Routing Routing forwards incoming IP packets using statically defined routes or a dynamic routing protocol such as RIP (or RIP 2).
Glossary TIA Telecommunications Industry Association Transmission Control Protocol/Internet Protocol (TCP/IP) Protocol suite that includes TCP as the primary transport protocol, and IP as the network layer protocol. Universal Plug-and-Play (UPnP) A set of protocols that allows devices to connect seamlessly and simplifies the deployment of home and office networks, using auto-discovery of other network devices, acquiring information about device capabilities, and requests for services.
Index Numerics 100BASE-TX 16 10BASE-T 16 10BASE-T/100BASE-TX pin assignments 113 A auto-configuration server 108 DiffServ 105 DNS general configuration 71 downloading software 58 dynamic DNS services 68 dynamic IP 37 setting WAN type 37 dynamic IP address assignment WAN interface 65 dynamic routing 30, 74 B bridge mode, setting 36, 54 bridging 29 E Ethernet 16 event logging 53 C cable crossover 115 straight-through 114 testing category 5 cable 115 cable connections 26 Class of Service, See CoS complian
Index snooping, setting fast leave 102 installation connecting cables 26 powering on 27 IP address default setting 35 DHCP 65 IP filter, for management access 57 ISP, single-user account 32 L LED indicators 17 problems 111 local server FTP 33 Web 33 log-in, Web interface 45 logon authentication 57 logs, displaying messages 53 M main menu 47 management access, IP filter 57 management IP address, LAN 71 MINI-DIN port 16 MTU, configuring 39 multicast filtering 101 N NAT 32 configuration 86 Network Address T
Index router mode, setting 36, 54 routing 30, 31 dynamic 30 static 30 table 31 Routing Information Protocol, See RIP time, setting 56 troubleshooting 111 Internet connection 112 management access 112 troubleshooting, Gateway indicators 111 S U Secure Shell, See SSH setup wizard 35 single-user account 32 software displaying version 50 downloading 58 specifications component 117 environmental 118 power 117 VDSL 117 SSH 60 standards IEEE 118 ITU-T 118 static addresses, setting 91 static IP 37 setting WAN t
Index 130
ECG9210-04 E022010-DT-R01 150200000095A 20 Mason • Irvine, CA 92618 • Phn: 949-679-8000 • www.smc.
