Page 1 Preface Introduction Using ROX II RUGGEDCOM ROX II v2.6 Device Management System Administration Setup and Configuration User Guide Troubleshooting For RX1500, RX1501, RX1510, RX1511, RX1512 12/2014 RC1154-EN-02...
Page 2: Security Information
Siemens has verified the contents of this manual against the hardware and/or software described. However, deviations between the product and the documentation may exist. Siemens shall not be liable for any errors or omissions contained herein or for consequential damages in connection with the furnishing, performance, or use of this material.
Page 3: Table Of Contents
RUGGEDCOM ROX II User Guide Table of Contents Table of Contents Preface ......................xxix Alerts .............................. xxix Related Documents ......................... xxix System Requirements ........................xxx Accessing Documentation ........................ xxx Training ............................xxx Customer Support ..........................xxx Chapter 1 Introduction ......................1.1 Features and Benefits ........................
Page 4 RUGGEDCOM ROX II Table of Contents User Guide 2.6.4 Pinging an IPv4 Address Using MPLS Protocols ............... 27 2.6.5 Tracing the Route of an IPv4 Address Using MPLS Protocols ..........27 2.7 Using the Command Line Interface ..................... 28 Chapter 3 Device Management ..................
Page 5 RUGGEDCOM ROX II User Guide Table of Contents 3.10 Managing the Software Configuration ..................56 3.10.1 Saving the Configuration ....................56 3.10.2 Loading a Configuration ....................57 3.11 Upgrading/Downgrading the ROX II Software ................58 3.11.1 Configuring the Upgrade Source ..................59 3.11.2 Setting Up an Upgrade Server ..................
Page 6 RUGGEDCOM ROX II Table of Contents User Guide 3.17.3 Adding an Event Tracker ....................86 3.17.4 Deleting an Event Tracker ....................89 3.18 Managing Switched Ethernet Ports .................... 89 3.18.1 Viewing a List of Switched Ethernet Ports ............... 90 3.18.2 Configuring a Switched Ethernet Port ................90 3.18.3 Configuring Port Security ....................
Page 7 RUGGEDCOM ROX II User Guide Table of Contents 3.21.11 Managing Remote Hosts .................... 131 3.21.11.1 Viewing a List of Remote Hosts ................ 132 3.21.11.2 Adding a Remote Host ..................132 3.21.11.3 Deleting a Remote Host ................... 133 3.22 Managing Ethernet Trunk Interfaces ..................133 3.22.1 Viewing a List of Ethernet Trunk Interfaces ..............
Page 8 RUGGEDCOM ROX II Table of Contents User Guide 3.24.12 Configuring a PPP Connection ..................167 3.24.13 Configuring a Frame Relay Connection ............... 168 3.24.14 Managing Data Links for Frame Relay Connections ............. 170 3.24.14.1 Viewing a List of Data Links ................170 3.24.14.2 Adding a Data Link ..................
Page 9 RUGGEDCOM ROX II User Guide Table of Contents 4.7.1.3 Adding a CA Certificate and CRL ................. 199 4.7.1.4 Deleting a CA Certificate and CRL ............... 202 4.7.2 Managing Private Keys ....................202 4.7.2.1 Viewing a List of Private Keys ................202 4.7.2.2 Adding a Private Key ..................
Page 10 RUGGEDCOM ROX II Table of Contents User Guide 5.1.2 Configuring a Basic IPv6 Network ................... 239 5.2 Configuring ICMP Control ......................239 5.3 Enabling and Configuring CLI Sessions ..................241 5.4 Enabling and Configuring SFTP Sessions .................. 242 5.5 Enabling Configuring WWW Interface Sessions ................244 5.6 Enabling/Disabling Brute Force Attack Protection ...............
Page 11 RUGGEDCOM ROX II User Guide Table of Contents 5.12.3 Configuring the System Time Zone ................281 5.12.4 Configuring the Local Time Settings ................281 5.12.5 Configuring NTP Multicast Clients ................. 282 5.12.6 Configuring NTP Broadcast Clients ................283 5.12.7 Enabling/Disabling the NTP Service ................284 5.12.8 Viewing the NTP Service Status ...................
Page 12 RUGGEDCOM ROX II Table of Contents User Guide 5.15.2 Enabling/Disabling the DHCP Server ................311 5.15.3 Enabling/Disabling the DHCP Relay Support ..............312 5.15.4 Viewing a List of Active Leases ..................313 5.15.5 Managing DHCP Listen Interfaces ................314 5.15.5.1 Viewing a List of DHCP Listen Interfaces ............314 5.15.5.2 Adding a DHCP Listen Interface .................
Page 13 RUGGEDCOM ROX II User Guide Table of Contents 5.15.12 Managing Custom Host Group Client Configurations ............ 348 5.15.12.1 Viewing a List of Custom Host Group Client Configurations ........ 349 5.15.12.2 Adding Custom Host Group Client Configurations ..........349 5.15.12.3 Deleting Custom Host Group Client Configurations ..........350 5.15.13 Managing IP Pools .....................
Page 14 RUGGEDCOM ROX II Table of Contents User Guide 5.17.5 Working with Multiple Firewall Configurations ..............372 5.17.6 Configuring the Firewall for a VPN ................373 5.17.7 Configuring the Firewall for a VPN in a DMZ ..............374 5.17.8 Managing Zones ......................375 5.17.8.1 Viewing a List of Zones ..................
Page 15 RUGGEDCOM ROX II User Guide Table of Contents 5.18.1 Configuring IS-IS ......................408 5.18.2 Viewing the Status of Neighbors ................... 409 5.18.3 Viewing the Status of the Link-State Database ............... 410 5.18.4 Managing Area Tags ....................413 5.18.4.1 Viewing a List of Area Tags ................413 5.18.4.2 Adding an Area Tag ..................
Page 16 RUGGEDCOM ROX II Table of Contents User Guide 5.19.3.3 Adding a Route Map Filter ................. 440 5.19.3.4 Adding a Route Map Filter Entry ................ 441 5.19.3.5 Deleting a Routing Map Filter ................443 5.19.3.6 Deleting a Routing Map Filter Entry ..............443 5.19.3.7 Configuring Match Rules ...................
Page 17 RUGGEDCOM ROX II User Guide Table of Contents 5.19.10 Managing Aggregate Address Options ................ 471 5.19.10.1 Viewing a List of Aggregate Address Options ............ 471 5.19.10.2 Adding an Aggregate Address Option ............... 472 5.19.10.3 Deleting an Aggregate Address Option ............. 473 5.19.11 Managing Redistribution Metrics ..................
Page 18 RUGGEDCOM ROX II Table of Contents User Guide 5.20.9.3 Adding a Key Chain ..................496 5.20.9.4 Adding a Key ....................497 5.20.9.5 Deleting a Key Chain ..................501 5.20.9.6 Deleting a Key ....................501 5.20.10 Managing Redistribution Metrics ................. 502 5.20.10.1 Viewing a List of Redistribution Metrics .............
Page 19 RUGGEDCOM ROX II User Guide Table of Contents 5.21.8.2 Adding a Redistribution Metric ................530 5.21.8.3 Deleting a Redistribution Metric ................531 5.21.9 Managing Routing Interfaces ..................531 5.21.9.1 Viewing a List of Routing Interfaces ..............532 5.21.9.2 Configuring a Routing Interface ................532 5.21.10 Managing Message Digest Keys .................
Page 20 RUGGEDCOM ROX II Table of Contents User Guide 5.24.5 Configuring a Static RP Address ................... 558 5.24.6 Managing a Boot Strap Router ..................559 5.24.6.1 Configuring a BSR Candidate ................559 5.24.6.2 Configuring a Group Prefix ................559 5.24.6.3 Configuring an RP Candidate ................560 5.24.7 Viewing the Status of PIM-SM ..................
Page 21 RUGGEDCOM ROX II User Guide Table of Contents 5.26.5.3 Deleting a VRRP Group ..................588 5.26.6 Managing VRRP Instances ................... 589 5.26.6.1 Viewing a List of VRRP Instances ..............589 5.26.6.2 Adding a VRRP Instance ................... 590 5.26.6.3 Deleting a VRRP Instance ................. 593 5.26.7 Managing VRRP Monitors ....................
Page 22 RUGGEDCOM ROX II Table of Contents User Guide 5.28.1.5 NAT Traversal ....................614 5.28.1.6 Remote IPsec Client Support ................615 5.28.1.7 IPsec and Router Interfaces ................615 5.28.2 Configuring IPsec Tunnels .................... 615 5.28.3 Configuring Certificates and Keys ................. 616 5.28.4 Viewing the IPsec Tunnel Status ...................
Page 23 RUGGEDCOM ROX II User Guide Table of Contents 5.29.6 Managing Remote Daemons for GOOSE Tunnels ............651 5.29.6.1 Viewing a List of Remote Daemons ..............651 5.29.6.2 Adding a Remote Daemon ................652 5.29.6.3 Deleting a Remote Daemon ................653 5.29.7 Managing Generic Tunnels ...................
Page 24 RUGGEDCOM ROX II Table of Contents User Guide 5.31.4 Viewing a Static and Dynamic ARP Table Summary ............677 5.31.5 Viewing Routing Rules ....................677 5.31.6 Flushing Dynamic Hardware Routing Rules ..............679 5.32 Managing Classes of Service ....................680 5.32.1 Configuring Classes of Service ..................
Page 25 RUGGEDCOM ROX II User Guide Table of Contents 5.34.7 Configuring STP for Ethernet Trunk Interfaces ............... 711 5.34.8 Managing Multiple Spanning Tree Instances ..............714 5.34.8.1 Viewing Statistics for MSTIs ................714 5.34.8.2 Viewing a List of Multiple Spanning Tree Instances ..........715 5.34.8.3 Adding a Multiple Spanning Tree Instance ............
Page 26 RUGGEDCOM ROX II Table of Contents User Guide 5.35.7.2 Adding a Virtual Switch VLAN ................742 5.35.7.3 Deleting a Virtual Switch VLAN ................743 5.35.8 Managing VLAN IDs ....................743 5.35.8.1 Viewing a List of VLAN IDs for Routable Ethernet Ports and Virtual Switches ..744 5.35.8.2 Viewing a List of VLAN IDs for T1/E1 Lines ............
Page 27 RUGGEDCOM ROX II User Guide Table of Contents 5.37.7.3 Deleting a QoS Map ..................783 5.37.8 Managing Egress Markers for QoS Maps ..............784 5.37.8.1 Viewing a List of Egress Marks ................784 5.37.8.2 Adding an Egress Mark ..................785 5.37.8.3 Deleting an Egress Mark ...................
Page 28 RUGGEDCOM ROX II Table of Contents User Guide 5.39.7.1 Viewing the Status of LDP Binding ..............813 5.39.7.2 Viewing the Status of the LDP Discovery Interfaces ..........814 5.39.7.3 Viewing the Status of the LDP Neighbor Local Node Information ......814 5.39.7.4 Viewing the Status of the LDP Neighbor Connection Information ......
Page 29: Preface
Preface Preface This guide describes the Web-based user interface for ROX II v2.6 running on the RUGGEDCOM RX1500 family of products. It contains instructions and guidelines on how to use the software, as well as some general theory. It is intended for use by network technical support personnel who are familiar with the operation of networks. It is also recommended for use by network and system planners, system programmers, and line technicians.
Page 30: System Requirements
▪ Google Chrome ▪ Iceweasel/IceCat (Linux Only) • Must have a working Ethernet interface compatible with at least one of the port types on the RX1500 • The ability to configure an IP address and netmask on the computer’s Ethernet interface...
Page 31 • Mobile App Install the Industry Online Support app by Siemens AG on any Android, Apple iOS or Windows mobile device and be able to: ▪ Access Siemens' extensive library of support documentation, including FAQs, manuals, and much more ▪...
Page 32: Customer Support
RUGGEDCOM ROX II User Guide Preface Customer Support xxxii...
Page 33: Introduction
Welcome to the RUGGEDCOM ROX II (Rugged Operating System on Linux®) v2.6 User Guide for the RX1500. This document details how to configure the RX1500 via the ROX II Web interface. ROX II also features a Command Line Interface (CLI), which is described in a separate User Guide.
Page 34 Network Management System (NMS). A feature of SNMP supported by ROX II is the ability to generate traps upon system events. RUGGEDCOM NMS, the Siemens management solution, can record traps from multiple devices providing a powerful network troubleshooting tool. It also provides a graphical visualization of the network and is fully integrated with all Siemens products.
Page 35 RUGGEDCOM ROX II Chapter 1 User Guide Introduction • Broadcast Storm Filtering Broadcast storms wreak havoc on a network and can cause attached devices to malfunction. This could be disastrous on a network with mission critical equipment. ROX II limits this by filtering broadcast frames with a user-defined threshold.
Page 36 Chapter 1 RUGGEDCOM ROX II Introduction User Guide BGPv4 is a path-vector routing protocol where routing decisions are made based on the policies or rules laid out by the network administrator. It is typically used where networks are multi-homed between multiple Internet Service Providers, or in very large internal networks where internal gateway protocols do not scale sufficiently.
Page 37: Feature Keys
Feature keys add features to an existing installation of ROX II. They can be purchased and installed at any time. Three feature keys are currently available: L2STD, L3STD and L3SEC. By default, each new RX1500/RX1501/ RX1510/RX1511/RX1512 is ordered with a base feature key, which is permanently installed on the device.
Page 38: Security Recommendations
Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting purposes and should only be used by Siemens Canada Ltd. technicians. As such, this mode is not fully documented. Misuse of this maintenance mode commands can corrupt the operational state of the device and render it inaccessible.
Page 39 • Management of the certificates and keys is the responsibility of the device owner. Before returning the device to Siemens Canada Ltd. for repair, replace the current certificates and keys with temporary throwaway certificates and keys that can be destroyed upon the device's return.
Page 40: Available Services By Port
Chapter 1 RUGGEDCOM ROX II Introduction User Guide • Periodically audit the device to make sure it complies with these recommendations and/or any internal security policies. Section 1.4 Available Services by Port The following table lists the services available by the device, including the following information: •...
Page 41: User Permissions
RUGGEDCOM ROX II Chapter 1 User Guide Introduction Port Access Services Port Number Port Open Default Authorized RADIUS UDP/1812 to send, opens random port Open (if configured) Closed to listen L2TP Random Port Open (if configured) Closed Section 1.5 User Permissions The following table lists the operation, configuration, and action commands permitted to the administrator, operator, and guest users.
Page 42 Chapter 1 RUGGEDCOM ROX II Introduction User Guide Access Commands/Paths Permitted Notes Administrator Operator Guest /admin/contact /admin/hostname /admin/location /admin/session-limits /admin/session-security /admin/sftp /admin/time (status) /admin/switch-config (status) /admin/system /admin/sytem-name /admin/timezone C/R/U /admin/clear-all-alarms (action) C/R/U /admin/backup-files (action) E/R/U /admin/delete-all-ssh-known-hosts (action) /admin/delete-logs (action) /admin/delete-ssh-known-host (action) /admin/full-configuration-load (action) /admin/full-configuration-save (action) /admin/install-files (action)
Page 43 RUGGEDCOM ROX II Chapter 1 User Guide Introduction Access Commands/Paths Permitted Notes Administrator Operator Guest /routing/multicast/dynamic/pim-sm/interface C/R/U /routing/dynamic/isis/interface C/R/U /security/firewall C/R/U C/R/U /security/crypto C/R/U /security/crypto/private-key C/R/U /services C/R/U C/R/U /services/time/ntp/key/ C/R/U /tunnel C/R/U C/R/U /tunnel/ipsec C/R/U C/R/U C/R/U /mpls C/R/U C/R/U /mpls/interface-mpls /mpls/ldp/interface-ldp...
Page 44 RUGGEDCOM ROX II Chapter 1 User Guide Introduction User Permissions...
Page 45: Using Rox Ii
ROX II can be accessed through a direct serial or Ethernet connection. Using the RS232 Serial Console Port To establish a serial connection to the device, refer to the CLI User Guide for RX1500. Using an Ethernet Port To establish a direct Ethernet connection to the device, do the following: Connect a serial terminal or a computer running terminal emulation software to the MGMT port on the device.
Page 46: Connecting Through The Network
Using ROX II User Guide Figure 1: MGMT Port By default, the RUGGEDCOM RX1500 has a different IP address and subnet configured for two types of IP interfaces, both of which are mapped to one or more physical ports: Port...
Page 47: Default Usernames And Passwords
RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Open a Web browser. For a list of recommended Web browsers, refer to the section called “System Requirements”. IMPORTANT! Upon connecting to the device, some Web browsers may report that the Web server's certificate cannot be verified against any known certificates.
Page 48: Logging Out
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Figure 2: ROX II Log In Form 1. Username Box 2. Password Box 3. Submit Button NOTE ROX II features three default user accounts: admin, operator and guest. Additional user accounts can be added.
Page 49: Navigating The Interface
RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Section 2.5 Navigating the Interface The following sections describe features of the Web interface: • Section 2.5.1, “Menus” • Section 2.5.2, “Modes” • Section 2.5.3, “Edit Toolbar” • Section 2.5.4, “Using the Navigation Menu” •...
Page 50: View Mode
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Figure 5: Modes Toolbar 1. View Mode 2. Edit Private Mode 3. Edit Exclusive Mode IMPORTANT! Switching from either of the edit modes to View mode does not close the current configuration session. A configuration session can only be closed by pressing Exit Transaction on the edit toolbar.
Page 51: Edit Toolbar
RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Section 2.5.3 Edit Toolbar The edit toolbar appears in the Edit Private and Edit Exclusive modes. The controls on the toolbar allow users to list, validate, revert, commit and abort changes made during the editing session. Figure 6: Edit Toolbar 1.
Page 52: Icons
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Figure 7: Navigation Menu 1. Selected Node 2. Home Button 3. Previous Button 4. Path to Current Node Tables or configuration forms specific to the selected node appear below the navigation menu. As the user navigates beyond four levels within the ROX II data structure, the columns shift left.
Page 53: Common Controls
RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Figure 8: Icon In a Form The following icons appear in ROX II: Icon Information Type Key setting Global setting Operational data Configuration data Input data Action Section 2.5.6 Common Controls The following are common controls that can be found in the ROX II Web interface.
Page 54: Using Network Utilities
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Button Click the button to perform an action. The action to be performed (e.g. add, perform, cancel, etc.) is written on the button itself. Type parameter values in text boxes. Paper and Pencil The paper and pencil icon represents a configurable parameter value.
Page 55 RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Select the Tools menu and click Accessories. Figure 10: Tools menu 1. Tools Menu 2. Accessories Menu 3. Ping Menu 4. Ping6 Menu Depending on the host's IP address, click Ping if the host has an IPv4 address, or Ping6 if the host has an IPv6 address.
Page 56: Dumping Raw Data To A Terminal Or File
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Figure 12: Specify Host Dialog Box 1. Address Box 2. Cancel Button 3. OK Button Type the host's IP address in the Address box and click OK. The results of the ping action are displayed in the Ping Result Window.
Page 57 RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Figure 13: Tcpdump Screen 1. Interface To Capture On List 2. Maximum Packets Captured Box 3. Maximum Capture Time Box 4. Lookup Addresses Check 5. Display Link Level Header Check Box 6.
Page 58: Tracing The Route To A Remote Host
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Section 2.6.3 Tracing the Route to a Remote Host To trace the route between the device and a remote host, do the following: Select the Tools menu and click Accessories. Depending on the host's IP address, click Traceroute if the host has an IPv4 address, or Traceroute6 if the host has an IPv6 address.
Page 59: Pinging An Ipv4 Address Using Mpls Protocols
RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Section 2.6.4 Pinging an IPv4 Address Using MPLS Protocols To ping an IPv4 address using the MPLS protocols, do the following: Select the Tools menu and click Accessories. Click MPLS Ping. The MPLS Ping screen appears. Figure 15: MPLS Ping Screen 1.
Page 60: Using The Command Line Interface
Chapter 2 RUGGEDCOM ROX II Using ROX II User Guide Figure 16: MPLS Traceroute Screen 1. Remote IP Address/Prefix Box 2. Start Button 3. Result Window Type the IPv4 address in the Remote IP Address/Prefix box and click Start. The results of the trace are displayed in the Result Window.
Page 61 Using ROX II Figure 17: CLI Screen 1. CLI Window 2. Start Button 3. Stop Button 4. Paste Button For more information about how to use the Command Line Interface, refer to the RX1500 CLI User Guide. Using the Command Line Interface...
Page 62 RUGGEDCOM ROX II Chapter 2 User Guide Using ROX II Using the Command Line Interface...
Page 63: Device Management
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Device Management This chapter describes how to configure and manage the device and its components, such as module interfaces, logs and files. It describes the following tasks: NOTE For information about how to configure the device to work with a network, refer to Chapter 5, Setup and Configuration.
Page 64: Determining The Product Version
Section 3.1 Determining the Product Version During troubleshooting or when ordering new devices, Siemens Canada Ltd. personnel may request specific information about the device, such as the model, order code or serial number. To view information about the product, navigate to chassis » hardware. The Slot Hardware form appears.
Page 65: Viewing Module Information
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 19: Slot Hardware Table This table provides the following information: Parameter Description slot Synopsis: pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, cm, em, trnk The slot name, as marked on the silkscreen across the top of the chassis. Order Code The order code of the chassis as derived from the current hardware configuration.
Page 66: Viewing Flash Card Storage Utilization
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.2.3 Viewing Flash Card Storage Utilization To view the Flash card storage utilization statistics for the Flash card installed in the device, navigate to chassis » storage. The Flash form appears. Figure 21: Flash form 1.
Page 67: Viewing The Slot Status
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 22: Slot CPU/RAM Utilization Table This table provides the following information: Parameter Description slot Synopsis: pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, cm, em, trnk The slot name, as marked on the silkscreen across the top of the chassis. detected-module The installed module's type specifier.
Page 68: Viewing The Slot Sensor Status
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Status The runtime status of the installed module. Uptime The total time elapsed since the start-up of the installed module. Boot Date The date on which the installed module was started up. Boot Time The time at which the installed module was started up.
Page 69: Viewing The Parts List
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 25: Power Status Table This table provides the following information: Parameter Description Synopsis: pm1, pm2 PM Slot The name of the power module slot as labeled on the chassis. MOV Protection Synopsis: na, working, damaged The state of the MOV protection circuit.
Page 70: Shutting Down The Device
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.4 Shutting Down the Device To shut down the device, do the following: CAUTION! Security hazard – risk of unauthorized access and/or exploitation. Always shutdown the device before disconnecting power. Failure to shutdown the device first could result in data corruption. NOTE The device never enters a permanent shutdown state.
Page 71: Restoring Factory Defaults
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 28: Trigger Action Form 1. Perform Button Click Perform. Section 3.6 Restoring Factory Defaults To restore the factory defaults for the device, do the following: Navigate to admin and click restore-factory-defaults in the menu. The Restore Factory Defaults and Trigger Action forms appear.
Page 72: Decommissioning The Device
To decommission the device, do the following: Obtain a copy of the ROX II firmware currently installed on the device. For more information, contact Siemens Customer Support. Log in to maintenance mode. For more information, refer to the ROX II v2.6 CLI User Guide.
Page 73: Managing Files
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Repeat Step 5 Step 6 to flash the ROX II firmware obtained in Step 1 to the other partition and reboot the device. Shut down the device. For more information, refer to Section 3.4, “Shutting Down the Device”.
Page 74: Downloading Files
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.8.2 Downloading Files The following file types can be downloaded from the device: • configuration files • feature keys • logs • rollbacks To download a file from the device, do the following: Select the Tools menu and click Download.
Page 75: Viewing Logs
RUGGEDCOM ROX II Chapter 3 User Guide Device Management All security event logs are recorded in var/log/auth.log and can be viewed in the Authlog Viewer. For more information about viewing logs, refer to Section 3.9.1, “Viewing Logs”. Syslogs Syslog allows users to configure local and remote syslog connections to record important, non-security event information.
Page 76: Deleting Logs
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Click the link for the log viewer. The selected log appears. Figure 33: Syslog Viewer (Example) 1. Last Box 2. Text Filter Box 3. Fresh Button 4. Log Window To control the content of the log, do the following: •...
Page 77: Managing Diagnostic Logs
/var/log/webui-trace.log CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. The following sections describe how to configure and manage diagnostic logs: •...
Page 78: Enabling/Disabling The Developer's Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the Developer's log, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 79: Enabling/Disabling The Netconf Summary Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the SNMP log, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 80: Enabling/Disabling The Netconf Trace Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the NETCONF Trace log, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 81: Enabling/Disabling The Xpath Trace Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the XPATH Trace log, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 82: Enabling/Disabling The Webui Trace Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the WebUI Trace log, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 83: Viewing A List Of Remote Servers
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.9.4.1 Viewing a List of Remote Servers To view a list of remote servers, navigate to admin » logging » server. If remote servers have been configured, the Remote Server table appears. Figure 41: Remote Server Table If no remote servers have been configured, add servers as needed.
Page 84: Deleting A Remote Server
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 43: Remote Server Form 1. Enabled Check Box Configure the following parameter(s) as required: Parameter Description enabled Enables/disables the feed to the remote logging server. Configure one or more selectors for the server. For more information, refer to Section 3.9.5.2, “Adding a Remote Server Selector”.
Page 85: Managing Remote Server Selectors
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Click Exit Transaction or continue making changes. Section 3.9.5 Managing Remote Server Selectors Remote server selectors filter the information sent to specific servers. The following sections describe how to configure and manage remote server selectors: •...
Page 86 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 46: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name The log selector identifier. Enter an integer greater than 0; up to 8 selectors can be added.
Page 87: Deleting A Remote Server Selector
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description negate Excludes messages defined in the Remote Server Selector fields from the log. Selecting this option acts as a logical NOT for the selector definition. For example: Selecting same, debug, and mail in the Comparison, Level, and Facility- list fields includes debug messages from the mail subsystem in the log.
Page 88: Managing The Software Configuration
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 48: Remote Server Selector Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen remote server selector. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 89: Loading A Configuration
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 49: Full Configuration Save Form 1. Format List 2. Filename Box Figure 50: Trigger Action 1. Perform Button On the Full Configuration Save form, configure the following parameters: Parameter Description format Synopsis: cli Save full configuration to a file.
Page 90: Upgrading/Downgrading The Rox Ii Software
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 51: Load Full Configuration 1. Format List 2. Filename Box Figure 52: Trigger Action 1. Perform Button On the Load Full Configuration form, configure the following parameters: Parameter Description format Synopsis: cli Load a full configuration from a file file-name...
Page 91: Configuring The Upgrade Source
RUGGEDCOM ROX II Chapter 3 User Guide Device Management • Section 3.11.3, “Upgrading the ROX II Software” • Section 3.11.4, “Stopping/Declining a Software Upgrade” • Section 3.11.5, “Downgrading the ROX II Software” Section 3.11.1 Configuring the Upgrade Source Firmware for upgrading or downgrading ROX II can be uploaded from either an upgrade server or a portable USB Mass Storage drive.
Page 92: Adding Software Releases To The Upgrade Server
• Each device that will be upgraded/downgraded must have access to a host that acts as a Web server or FTP server. The host must also be able to download new software releases from www.siemens.com/ruggedcom. • The server must have sufficient disk space for at least two full software releases. Each full software release is approximately 75 Mbits, although most upgrades are typically much smaller.
Page 93: Using Microsoft Iis Manager 6.0 Or Higher As An Upgrade Server
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.11.2.2 Using Microsoft IIS Manager 6.0 or Higher as an Upgrade Server When using Microsoft Internet Information Services (IIS) Manager 6.0 or higher as an upgrade server, a new application/octet-stream MIME type named "*" must be added to the IIS properties. This is required for IIS to consider ROX II upgrade packets as an application/octet-stream, otherwise ROX II upgrades will fail.
Page 94 Chapter 3 RUGGEDCOM ROX II Device Management User Guide If the source of the software is a USB Mass Storage drive, insert the drive in the USB port on the device. Make sure the source of the software upgrade has been configured. For more information, refer to Section 3.11.1, “Configuring the Upgrade Source”.
Page 95 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 55: Upgrade Monitoring Form 1. Software Partition 2. Current Version 3. Upgrade Phase 4. Status Message 5. Phase 1: Filesystem Sync 6. Phase 2: Package Download 7. Phase 3: Package Installation 8.
Page 96: Stopping/Declining A Software Upgrade
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Phase 2: Package Download (% Phase 2 of the upgrade downloads all packages that require an update. This reflects the complete) estimated percentage complete. Phase 3: Package Installation (% Phase 3 of the upgrade installs all packages that require an update.
Page 97: Rolling Back A Software Upgrade
Downgrading Using ROXflash ROXflash is used to flash any previous version of a ROX II software image to the inactive partition. Images are obtained through a Siemens Sales representative. After a successful software downgrade and reboot, the downgraded partition is activated.
Page 98 Chapter 3 RUGGEDCOM ROX II Device Management User Guide If the source of the software is a USB Mass Storage drive, insert the drive in the USB port on the device. Navigate to admin » rox-imaging and click roxflash in the menu. The ROXflash and Flash a ROXII image to the other partition forms appear.
Page 99: Managing Rox Ii Applications
RUGGEDCOM ROX II Chapter 3 User Guide Device Management To monitor the real-time progress of the flashing process, navigate to admin » rox-imaging and view the ROXflash Monitoring form. Figure 60: ROXflash Monitoring Form 1. ROXflash Phase List 2. ROXflash Status 3.
Page 100: Viewing A List Of Installed Applications
Chapter 3 RUGGEDCOM ROX II Device Management User Guide • Section 3.12.4, “Uninstalling an Application” • Section 3.12.5, “Managing Application Repositories” Section 3.12.1 Viewing a List of Installed Applications To view a list of ROX II applications installed on the device, navigate to admin » software-upgrade » apps » installed-apps.
Page 101: Upgrading An Application
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 63: Trigger Action Form 1. Perform Button On the Install Apps form, configure the following parameters: Parameter Description app-name The name of the app to install as it appears in the repository configuration. To install more than one app, use a comma-separated list.
Page 102: Uninstalling An Application
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 65: Trigger Action Form 1. Perform Button On the Upgrade Apps form, configure the following parameters: Parameter Description app-name The name of the app to upgrade as it appears in the repository configuration. To upgrade more than one app, use a comma-separated list.
Page 103: Managing Application Repositories
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 67: Trigger Action Form 1. Perform Button On the Uninstall Apps form, configure the following parameters: Parameter Description app-name The name of the app to uninstall as it appears in the repository configuration. To uninstall more than one app, use a comma-separated list.
Page 104: Checking The Repository Connection
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 68: Repository Settings Table If no repositories have been configured, add repositories as needed. For more information, refer to Section 3.12.5.3, “Adding a Repository”. Section 3.12.5.2 Checking the Repository Connection To check the connection with a repository, do the following: Navigate to admin »...
Page 105: Adding A Repository
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description app-name The name of a configured app repository as it appears in the repository configuration. To check more than one repository, use a comma-separated list. On the Trigger Action form, click Perform. The connection results are displayed. Section 3.12.5.3 Adding a Repository To add an application repository, do the following:...
Page 106: Deleting A Repository
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 72: Repository Form 1. URL Box 2. Version Box Configure the following parameter(s) as required: Parameter Description The URL of the upgrade server hosting the app repository (http, https, and ftp are supported).
Page 107: Managing Feature Keys
For information on how to backup a feature key, refer to Section 3.14.2, “Backing Up Files”. To view the contents of a feature key, refer to the ROX II v2.6 CLI User Guide for the RX1500/RX1501/RX1510/ RX1511/RX1512. Section 3.14 Installing and Backing Up Files Only feature key and configuration files can be installed or backed up.
Page 108: Installing Files
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.14.1 Installing Files To install a file on the device, do the following: If the source of the file is a USB Mass Storage drive, insert the drive in the USB port on the device. Navigate to admin and click install-files in the menu.
Page 109: Backing Up Files
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.14.2 Backing Up Files To backup files stored on the device, do the following: If the file's destination is a USB Mass Storage drive, insert the drive in the USB port on the device. Navigate to admin and click backup-files in the menu.
Page 110: Managing Fixed Modules
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description timestamp Default: false If enabled, a timestamp will be appended to the file name. This option is not applicable to file names that contain '*'. The URL of the ROX file to copy. SCP, SFTP, FTPS, FTP and HTTP are supported for the file transfer.
Page 111 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 79: Key Settings Form 1. Slot Box 2. Add Button Configure the following parameter(s) as required: Parameter Description slot Synopsis: pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, cm, em, trnk The slot name, as marked on the silkscreen across the top of the chassis.
Page 112: Deleting A Fixed Module Configuration
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.15.3 Deleting a Fixed Module Configuration To delete the configuration for a fixed module, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to chassis » fixed-modules. The Fixed Modules table appears. Figure 81: Fixed Modules Table 1.
Page 113: Installing A New Line Module
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Remove the line module from the device. Section 3.16.2 Installing a New Line Module To install a new line module in the chassis, do the following: If equipped, remove the line module currently installed in the slot. For more information, refer to Section 3.16.1, “Removing a Line Module”.
Page 114: Viewing A List Of Line Module Configurations
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.16.3 Viewing a List of Line Module Configurations To view a list of line module configurations, navigate to chassis » line-modules. If line modules have been configured, the Modules table appears. Figure 83: Modules Table If no line modules have been configured, install line module as needed.
Page 115: Enabling/Disabling Controlled Bypass For M12 Line Modules
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description detected-module The installed module's type specifier. Module Type Sets the module type to be used in this slot. Admin State Sets the administrative state for a module. Enabling the module powers it on. Click Commit to save the changes or click Revert All to abort.
Page 116: Managing Event Trackers
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 86: Bypass Control and Status Form 1. Bypass Status List 2. Overcurrent Status List 3. Administrative Bypass Check Box NOTE The default status is not bypassed. NOTE After enabling bypass mode, LED on Port 1 and Port 2 of the M12 Line Module will turn yellow. Select the Administrative Bypass check box to enable controlled bypass, or clear the check box to disable Click Commit to save the changes or click Revert All to abort.
Page 117: Viewing A List Of Event Trackers
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Where available, a tracker can allow a user greater flexibility when configuring a feature. For example, advertised or received routes can be filtered or blocked entirely, based on the status of the tracker. NOTE Trackers only use ICMP messages to ping an IP target.
Page 118: Adding An Event Tracker
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 88: Statistics Form 1. Echo Attempts 2. Echo Replies 3. Min RTT 4. Average RTT 5. Max RTT 6. Standard Deviation RTT This form provides the following information: Parameter Description Echo Attempts The number of echo attempts.
Page 119 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 89: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Name The name of the event. Click Add. The Event form appears. Adding an Event Tracker...
Page 120 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 90: Event Form 1. Target Box 2. Source IP Box 3. Source Interface Box 4. Timeout Box 5. Interval Box 6. Fall Box 7. Rise Box 8. State Configure the following parameter(s) as required: Parameter Description Target...
Page 121: Deleting An Event Tracker
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Rise The number of times success occurs before changing the tracking state from down to state Synopsis: up, down Default: up The state of the event. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 122: Viewing A List Of Switched Ethernet Ports
Chapter 3 RUGGEDCOM ROX II Device Management User Guide • Section 3.18.4, “Viewing Switched Ethernet Port Statistics” • Section 3.18.5, “Viewing RMON Port Statistics” • Section 3.18.6, “Clearing Switched Ethernet Port Statistics” • Section 3.18.7, “Resetting a Switched Ethernet Port” •...
Page 123 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 93: Switched Ethernet Ports Form 1. Enabled Check Box 2. AutoN List 3. Speed List 4. Duplex List 5. Link Alarms Check Box 6. Switchport Check Box 7. Flow Control Check Box 8.
Page 124 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 94: Rate Limiting Form 1. Ingress Limit Box 2. Ingress Frames List 3. Egress Limit Box Figure 95: LLDP Form 1. Admin Status List 2. Notify Check Box NOTE Parameters on the Multicast Filtering, CoS and VLAN forms are only available when the port is in switchport mode.
Page 125 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 97: CoS Form 1. Default Priority Box 2. Inspect TOS Check Box Figure 98: VLAN Form 1. PVID Box 2. Type List 3. Format List 4. GVRP Mode List On the Switched Ethernet Ports form, configure the following parameter(s) as required: CAUTION! Security hazard –...
Page 126 Chapter 3 RUGGEDCOM ROX II Device Management User Guide NOTE Switched Ethernet ports in dedicated routing port mode cannot be trunk ports. NOTE The configuration for a switched Ethernet port in switchport mode can be restored when it is removed from a trunk. However, the configuration cannot be restored if the port is in dedicated routing mode.
Page 127 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Ingress Limit Synopsis: disabled Default: 1000 The data rate in kbps at which received frames (of the type described by the ingress frames parameter) will start to be discarded by the switch. The valid range is 62 to 256000 kbps.
Page 128 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description The priority of frames received on this port that are not prioritized based on the frame's contents (e.g. the priority field in the VLAN tag, DiffServ field in the IP header, prioritized MAC address).
Page 129: Configuring Port Security
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.18.3 Configuring Port Security Port security (or Port Access Control) provides the ability to authenticate access through individual ports, either through IEEE 802.1x authentication, static MAC address-based authorization, or both. Using IEEE 802.1x authentication, ROX II authenticates a source device against a remote RADIUS authentication server.
Page 130 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 100: 802.1x Parameters 1. Transmission Period Box 2. Quiet Period Box 3. Reauthorization Check Box 4. Reauthorize Period Box 5. Reauthorization Max Attempts Box 6. Supplicant Timeout Box 7. Server Timeout Box 8.
Page 131 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description • IEEE 802.1X with MAC Authentication, also known as MAC-Authentication Bypass. With this method, the device can authenticate clients based on the client's MAC address, if IEEE 802.1X authentication times out. Default: 0 Auto Learn The maximum number of MAC addresses that can be dynamically learned on the port.
Page 132: Viewing Switched Ethernet Port Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.18.4 Viewing Switched Ethernet Port Statistics To view statistics collected for a specific switched Ethernet port, navigate to interfaces » switch » {slot/port}, where {slot/port} is the slot name and port number of the switched Ethernet port. The Port Statistics form appears.
Page 133 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 102: RMON Port Statistics Form 1. InOctets 2. InPkts 3. InBcastPkts 4. InMcastPkts 5. TotalInOctets 6. TotalInPkts 7. OutOctets 8. OutPkts 9. DropEvents 10. OutBcastPkts 11. OutMcastPkts 12. CRCAlignErrors 13. UndersizePkts 14.
Page 134 Chapter 3 RUGGEDCOM ROX II Device Management User Guide This form provides the following information: Parameter Description InOctets The number of octets in received good packets (Unicast+Multicast+Broadcast) and dropped packets. InPkts The number of received good packets (Unicast+Multicast+Broadcast) and dropped packets.
Page 135: Clearing Switched Ethernet Port Statistics
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description LateCollisions The number of received packets for which a Late Collision Event has been detected. Pkts64Octets The number of received and transmitted packets with a size of 64 octets. This includes received and transmitted packets as well as dropped and local received packets.
Page 136: Resetting A Switched Ethernet Port
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.18.7 Resetting a Switched Ethernet Port To reset a switched Ethernet port, do the following: Navigate to interfaces » switch » {slot/port}, where {slot/port} is the slot name and port number of the switched Ethernet port.
Page 137 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Click start-cable-test in the menu. The Trigger Action and Start Cable Test forms appear. Figure 105: Trigger Action Form 1. Perform Button Figure 106: Start Cable Test Form 1. Runs Box 2.
Page 138: Viewing Cable Diagnostic Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description runs Default: 10 calibration Default: 0.0 Read and follow the instructions on the Start Cable Diagnostics Test. Click Perform to start the test. For information about how to view the test results, refer to Section 3.18.8.2, “Viewing Cable Diagnostic Statistics”.
Page 139: Clearing Cable Diagnostic Statistics
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Running Whether or not a cable test is currently running on this port Good Termination The number of times GOOD TERMINATION (no fault) is detected on the cable pairs of the selected port.
Page 140: Managing Routable Ethernet Ports
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Navigate to interfaces » switch » {slot/port} » diagnostics and click clear-cable-stats-port in the menu. The Trigger Action form appears. Figure 109: Trigger Action Form 1. Perform Button Click Perform to clear the statistics. Section 3.19 Managing Routable Ethernet Ports The following sections describe how to configure and manage routable Ethernet ports:...
Page 141 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Navigate to interface » eth » {interface}, where {interface} is the routable Ethernet port. The Routable Ethernet Ports and LLDP forms appear. Figure 111: Routable Ethernet Ports Form 1. Enabled Check Box 2.
Page 142 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 112: LLDP Form 1. Admin Status List 2. Notify Check Box On the Routable Ethernet Ports form, configure the following parameters as required: Parameter Description Enabled Default: true Enables/Disables the network communications on this port. AutoN Enables or disables IEEE 802.3 auto-negotiation.
Page 143: Managing Serial Ports
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Admin Status Synopsis: tx-only, rx-only, rx-tx, no-lldp Default: rx-tx • no-lldp : The local LLDP agent can neither transmit nor receive LLDP frames. • rxTx : The local LLDP agent can both transmit and receive LLDP frames through the port.
Page 144: Viewing Serial Port Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 113: Serial Interfaces Table Section 3.20.2 Viewing Serial Port Statistics To view statistics collected on the serial ports, navigate to interfaces » serial » port. The Serial Port Statistics form appears. Figure 114: Serial Port Statistics Form This form provides the following information: Parameter...
Page 145: Viewing Transport Connection Statistics
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description overrun-errors The number of overrun errors on this serial port. Section 3.20.3 Viewing Transport Connection Statistics To view the statistics collected for all transport connections, navigate to interfaces » serial » transport- connections.
Page 146 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 116: TCP/UDP Connection Statistics Form 1. Remote IP 2. Remote TCP/UDP Port 3. Local TCP/UDP Port 4. Transport 5. Rx-packets 6. Tx-packets 7. Target Port 8. Status These tables and forms provide the following information: Parameter Description remote-ip...
Page 147: Viewing Dnp Device Table Statistics
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.20.4 Viewing DNP Device Table Statistics To view the statistics collected for DNP device tables, navigate to interfaces » serial » dnp-device-table. The DNP Device Table table appears. Figure 117: DNP Device Table 1.
Page 148: Configuring A Serial Port
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 118: Trigger Action Form 1. Perform Button Click Perform. Section 3.20.6 Configuring a Serial Port To configure a serial port, do the following: IMPORTANT! Do not enable flow control when Modbus TCP protocol is enabled. Change the mode to Edit Private or Edit Exclusive.
Page 149 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 119: Serial Interfaces Form 1. Enabled Check Box 2. Alias Box 3. Baud-Rate List 4. Data Bits Box 5. Parity List 6. Stop Bits Box 7. Flow Control List 8. Port Type List Configure the following parameter(s) as required: Parameter Description...
Page 150: Restarting The Serial Server
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description The number of data bits. Synopsis: none, even, odd parity Default: none The parity of the serial port. stop-bits Default: 1 The number of stop bits of the serial port. flow-control Synopsis: none, xonxoff Default: none...
Page 151: Managing Serial Port Protocols
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Navigate to interfaces » serial » port » {slot/port}, where {slot/port} is the slot name and port number of the serial port. Click reset in the menu. The Trigger Action form appears. Figure 121: Trigger Action Form 1.
Page 152 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Broadcast RTU Polling Broadcast polling allows a single host connected to the device to broadcast a polling stream to a number of remote RTUs. The host connects through a serial port to the device. Up to 32 TCP remote RTUs may connect to the device's host-end via the network.
Page 153: Modbus Tcp Concepts
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.21.2 Modbus TCP Concepts The Modbus TCP Server application is used to transport Modbus requests and responses across IP networks. The source of the polls is a Modbus master, a host computer that issues the polls to a remote host (RTU) connected to the serial port of the device running the Modbus TCP Server application.
Page 154: Viewing A List Of Serial Port Protocols
Chapter 3 RUGGEDCOM ROX II Device Management User Guide When a message with an unknown DNP source address is received on a local serial port, the DNP source address and serial port number are entered into the Device Address Table. When a message with an unknown DNP source address is received from the IP network, on the IP interface that is configured as the DNP learning interface, the DNP source address and the IP address of the sender are entered into the Device Address Table.
Page 155: Adding A Serial Port Protocol
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.21.5 Adding a Serial Port Protocol To add a serial port protocol, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to interface » serial » {slot/port} » protocols, where {slot/port} is the slot name and port number of the serial port.
Page 156: Configuring The Modbus Tcp Protocol
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Click the + symbol next to setdnp. The DNP Protocols Configuration form appears. Figure 124: DNP Protocols Configuration Form 1. Address Learning Box 2. Aging Timer Box 3. Max Connection Box Configure the following parameter(s) as required: Parameter Description...
Page 157 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 125: Modbus TCP Configuration Form 1. Response Timer Box 2. Packet Timer Box 3. Turnaround Box 4. Retransmit Box 5. Max Connection Box 6. Local Port 7. RTU-List Box In the menu, click the + symbol next to settcpmodbus to add the protocol. Configure the following parameter(s) as required: Parameter Description...
Page 158: Configuring The Raw Socket Protocol
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description The amount of delay (if any) to insert after the transmissions of Modbus broadcast messages out the serial port. retransmit Default: 0 The number of times to retransmit the request to the RTU before giving up. max-connection Default: 1 The maximum number of incoming connections.
Page 159 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 126: Raw Socket Configuration Form 1. Packet Character Box 2. Packet Timer Box 3. Packet Size Box 4. Turnaround Box 5. Call Direction Box 6. Max Connection Box 7. Remote IP Box 8.
Page 160: Deleting A Serial Port Protocol
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description pack-char Synopsis: off, Default: off The numeric value of the ASCII character which will force forwarding of accumulated data to the network. pack-timer Default: 1000 The delay from the last received character until when data is forwarded. Synopsis: max, pack-size Default: max...
Page 161: Managing Device Address Tables
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 127: Serial Protocols Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen protocol. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 162: Adding A Device Address Table
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.21.10.2 Adding a Device Address Table To add a Device Address table for a serial port using the DNP protocol, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to interface »...
Page 163: Deleting A Device Address Table
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description remote-ip The IP address of the remote host that provides a connection to the DNP device with the configured address. Leave this field empty to forward DNP messages that match the configured address to the local serial port.
Page 164: Viewing A List Of Remote Hosts
Chapter 3 RUGGEDCOM ROX II Device Management User Guide • Section 3.21.11.3, “Deleting a Remote Host” Section 3.21.11.1 Viewing a List of Remote Hosts To view a list of remote hosts configured for a serial port using the raw socket protocol, navigate to interface » serial »...
Page 165: Deleting A Remote Host
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Configure the following parameter(s) as required: Parameter Description remote-ip The IP address of the remote host. remote-port The transport port of the remote host. Click Add to create the remote host. Click Commit to save the changes or click Revert All to abort.
Page 166: Viewing A List Of Ethernet Trunk Interfaces
Chapter 3 RUGGEDCOM ROX II Device Management User Guide • Section 3.22.2, “Adding an Ethernet Trunk Interface” • Section 3.22.3, “Deleting an Ethernet Trunk Interface” • Section 3.22.4, “Managing Ethernet Trunk Ports” Section 3.22.1 Viewing a List of Ethernet Trunk Interfaces To view a list of Ethernet trunk interfaces, navigate to interface »...
Page 167 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Trunk ID ;;The trunk number. It doesn't affect port trunk operation in any way and is only used for identification. Click Add to create the new trunk. The Ethernet Trunk Interfaces, Multicast Filtering, CoS and VLAN forms appear.
Page 168 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 139: CoS Form 1. Default Priority Box 2. Inspect TOS Check Box Figure 140: VLAN Form 1. PVID Box 2. Type List 3. Format List 4. GVRP Mode List On the Ethernet Trunk Interfaces form, configure the following parameter(s) as required: Parameter Description Switchport...
Page 169 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description Default: 1500 Maximum transmission unit (largest packet size allowed for this interface). alias The SNMP alias name of the interface On the Multicast Filtering form, configure the following parameter(s) as required: Parameter Description GMRP...
Page 170: Deleting An Ethernet Trunk Interface
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description GVRP (Generic VLAN Registration Protocol) operation on the port. There are several GVRP operation modes: • DISABLED : the port is not capable of any GVRP processing. • ADVERTISE ONLY : the port will declare all VLANs existing in the switch (configured or learned) but will not learn any VLANs.
Page 171: Viewing A List Of Ethernet Trunk Ports
RUGGEDCOM ROX II Chapter 3 User Guide Device Management • Section 3.22.4.3, “Deleting an Ethernet Trunk Port” Section 3.22.4.1 Viewing a List of Ethernet Trunk Ports To view a list of Ethernet trunk ports, navigate to interface » trunks » {id} » trunk-ports, where {id} is the ID given to the interface.
Page 172: Deleting An Ethernet Trunk Port
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Trunk Slot Synopsis: sm, lm1, lm2, lm3, lm4, lm5, lm6 The name of the module location provided on the silkscreen across the top of the device. Trunk Port The selected ports on the module installed in the indicated slot. Click Add to create the new trunk port.
Page 173: Viewing A List Of Cellular Modem Interfaces
RUGGEDCOM ROX II Chapter 3 User Guide Device Management • Section 3.23.2, “Viewing the Status of a Cellular Modem Interface” • Section 3.23.3, “Viewing PPP Interface Statistics” • Section 3.23.4, “Viewing the HSPA Network Status for Cellular Modems” • Section 3.23.5, “Viewing the CDMA Network Status for Cellular Modems” •...
Page 174: Viewing Ppp Interface Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 146: Cellular Modem Interfaces Form 1. State List 2. Media 3. Admin State List This table provides the following information: Parameter Description Synopsis: up, down, testing, unknown, dormant, notPresent, lowerLayerDown state The port's link status.
Page 175: Viewing The Hspa Network Status For Cellular Modems
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 147: PPP Interfaces Statistics Form 1. Status 2. Local IP Address 3. Peer IP Address 4. TX 5. RX 6. MTU This table provides the following information: Parameter Description Status PPP connection status Local IP address The IP address assigned to the modem by the remote server...
Page 176 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 148: GSM/HSPA/HSPA+ Cellular Modem Information Form 1. Network Supported 2. IMEI 3. Radio 4. RSSI Indicator 5. Network Operator 6. Network In Use 7. Network Status 8. SIM This form provides the following information: Parameter Description network-supported...
Page 177: Viewing The Cdma Network Status For Cellular Modems
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.23.5 Viewing the CDMA Network Status for Cellular Modems To view the status of the CDMA network for a cellular modem, navigate to interfaces » cellmodem » {slot/port/ profile} » cdma, where {slot/port/profile} is the slot name, port number and profile configured for the cellular modem.
Page 178: Configuring A Cellular Modem Interface
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.23.6 Configuring a Cellular Modem Interface To configure a cellular modem interface, do the following: NOTE Cellular modems with support for EDVO network technology is backward compatible with CDMA 2G and CDMA 1x RTT networks.
Page 179: Activating A Cellular Modem Account
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.23.7 Activating a Cellular Modem Account Before using the cellular modem, a cellular account must be activated on a service provider's network. Once the account is activated, the modem will be able to connect to the cellular network without further intervention. The are two account activation methods used by ROX II: OTA (Over-the-Air) and Manual.
Page 180: Activating A Cellular Modem Account Manually
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 152: Trigger Action Form 1. Perform Button On the Over The Air Activation form, configure the following parameter(s) as required: Parameter Description activation-dial-string Default: *22899 The dial string to activate the modem over the air On the Trigger Action form, click Perform to activate the account.
Page 181 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 153: Manual Activation Form 1. Activation Code Box 2. Phone Number Box 3. Mobile ID Number Box 4. System ID Box 5. Network ID Box Figure 154: Trigger Action Form 1.
Page 182: Resetting The Cellular Modem
Chapter 3 RUGGEDCOM ROX II Device Management User Guide On the Trigger Action form, click Perform to activate the account. Section 3.23.8 Resetting the Cellular Modem To reset a cellular modem, do the following: Navigate to interfaces » cellmodem » {slot/port/profile}, where {slot/port/profile} is the slot name, port number and profile configured for the cellular modem.
Page 183: Connecting As A Ppp Client
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 157: Trigger Action Form 1. Perform Button On the AT Command form, configure the following parameter(s) as required: Parameter Description command The Modem AT command to be executed. Note: The command must begin with the prefix 'AT' On the Trigger Action form, click Perform to run the command.
Page 184: Managing Wan Interfaces
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 158: CDMA Profile Form (Example) 1. Connect List 11. Configure the following parameter(s) as required: Parameter Description Connect Selects the gsm profile to connect to wireless network. The gsm profile is configured in / global/cellular/profiles/gsm 12.
Page 185: Viewing A List Of Wan Interfaces
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.24.1 Viewing a List of WAN Interfaces To view a list of WAN interfaces, navigate to interface » wan. The WAN Slot Port Settings table appears. Figure 159: WAN Slot Port Settings Table Section 3.24.2 Configuring a WAN Interface To configure a WAN interface, do the following:...
Page 186: Viewing Wan Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Disabling link-alarms will prevent alarms and LinkUp and LinkDown SNMP traps from being sent for that interface. Link alarms may also be controlled for the whole system under admin / alarm-cfg. alias The SNMP alias name of the interface Configure a T1 or E1 line.
Page 187 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 162: T1/E1 Statistics Form - Logical T1/E1 Interface 1. Slot 2. Port 3. Channel Number 4. State 5. Local 6. Remote 7. Mask 8. Create Time 9. Last Status Change This form provides the following information: Parameter Description...
Page 188: Clearing Wan Statistics
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Last Status Change The duration of time since last change of interface status. For information about clearing the WAN statistics, refer to Section 3.24.4, “Clearing WAN Statistics”. Section 3.24.4 Clearing WAN Statistics The following describes how to clear the statistics collected when WAN interfaces are enabled.
Page 189: Performing A Loopback Test
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description ddsName Select the DDS interface for which to clear statistics. t1e1Name Select the T1E1 interface for which to clear statistics. t3e3Name Select T3E3 interface for which to clear statistics. all-interfaces Clear statistics for all WAN interfaces.
Page 190 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 165: Loopback Test Form 1. Interface List 2. Type List 3. Nloops Box 4. Duration Box Figure 166: Trigger Action Form 1. Perform Button On the Loopback Test form, configure the following parameter(s) as required: Parameter Description physical-name...
Page 191: Configuring A T1 Line
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.24.6 Configuring a T1 Line To configure a T1 line for a WAN interface, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to interface » wan » {interface}, where {interface} is the WAN interface. Click the + symbol in the menu next to t1.
Page 192: Configuring An E1 Line
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Line Build Out: tunes the shape of the T1 pulses and adjusts their amplitude depending upon distances and the desired attenuation. Add and configure channels for the T1 line. For more information, refer to Section 3.24.9.2, “Adding a Channel”.
Page 193: Configuring Dds
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description clock Synopsis: normal, master Default: normal Serial clocking mode: master or normal. • master : provide serial clock signal. • normal : accept external clock signal. Add and configure channels for the E1 line. For more information, refer to Section 3.24.9.2, “Adding a Channel”.
Page 194: Managing Channels
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description • master : provide serial clock signal. • normal : accept external clock signal. Configure a PPP or frame relay connection. For more information, refer to Section 3.24.12, “Configuring a PPP Connection”...
Page 195 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 171: Key Settings Form 1. Channel Number Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Channel Number Channel Number. Click Add to create the new channel. The T1/E1 Time Slot Settings form appears. Figure 172: T1 Time Slot Settings Form 1.
Page 196: Deleting Channels
Chapter 3 RUGGEDCOM ROX II Device Management User Guide If necessary, configure a PPP connection. For more information, refer to Section 3.24.12, “Configuring a PPP Connection”. 10. If necessary, configure a frame relay connection. For more information, refer to Section 3.24.13, “Configuring a Frame Relay Connection”.
Page 197 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Before adding an HDLC-ETH connection, a T1/E1 line must be in place. For more information, refer to: • Section 3.24.6, “Configuring a T1 Line” • Section 3.24.7, “Configuring an E1 Line” To configure an HLDC-ETH connection for a T1 or E1 line, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 198: Configuring A Multi Link Ppp Connection
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 3.24.11 Configuring a Multi Link PPP Connection To configure a Multi Link Point-to-Point Protocol (MLPPP) connection for a T1 or E1 line, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 199: Configuring A Ppp Connection
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.24.12 Configuring a PPP Connection To configure a Point-to-Point Protocol (PPP) connection, do the following: Change the mode to Edit Private or Edit Exclusive. Depending on the WAN module, navigate to either: •...
Page 200: Configuring A Frame Relay Connection
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.24.13 Configuring a Frame Relay Connection To configure a frame relay connection for a T1 or E1 line, do the following: Change the mode to Edit Private or Edit Exclusive. Depending on the WAN module, navigate to either: •...
Page 201 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 178: Frame Relay Parameters Form – CPE Selected 1. Station List 2. Signal List 3. T392 Box 4. N392 Box 5. N393 Box Configure the following parameter(s) as required: Parameter Description Synopsis: cpe, switch station...
Page 202: Managing Data Links For Frame Relay Connections
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Defines the frequency of transmission of full status enquiry messages. Valid for CPE. Default: 4 n392 The number of error events (enumerated by n393) for which the channel is declared inactive;...
Page 203: Adding A Data Link
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.24.14.2 Adding a Data Link To add a data link for a frame relay connection, do the following: Change the mode to Edit Private or Edit Exclusive. Depending on the WAN module, navigate to either: •...
Page 204: Deleting A Data Link
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 181: On Demand Form 1. On Demand Check Box 2. MTU Box Configure the following parameter(s) as required: Parameter Description On Demand This interface is up or down on demand of link fail over. Default: 1500 Maximum transmission unit (largest packet size allowed for this interface).
Page 205: Managing Virtual Switches
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 182: On Demand Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen data link. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 206: Viewing A List Of Virtual Switches
Chapter 3 RUGGEDCOM ROX II Device Management User Guide • Be careful when adding a VLAN interface (assigned to a switch port on a given line module) in the virtual switch. The VLAN tag on a tagged frame received on the VLAN interface of a switch port may not be preserved when the traffic is egressed through a routable interface (i.e.
Page 207 RUGGEDCOM ROX II Chapter 3 User Guide Device Management Navigate to interface » virtualswitch and click . The Key Settings form appears. Figure 184: Key Settings Form 1. Virtual Switch ID Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Virtual Switch ID...
Page 208: Deleting A Virtual Switch
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Parameter Description Enabled Default: true Enables this interface. Forward Delay Default: 15 Delay (in seconds) of the listening and learning state before goes to forwarding state. Alias The SNMP alias name of the interface IP Address Source Synopsis: static, dynamic Default: static...
Page 209: Managing Virtual Switch Interfaces
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Section 3.25.4 Managing Virtual Switch Interfaces The following sections describe how to configure and manage virtual switch interfaces: • Section 3.25.4.1, “Viewing a List of Virtual Switch Interfaces” • Section 3.25.4.2, “Adding a Virtual Switch Interface” •...
Page 210: Deleting A Virtual Switch Interface
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Figure 188: Key Settings Form 1. Interface Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Interface Name Interface name. Click Add to create the new interface. The new interface is now visible under the ip menu. The name of the interface is the ID of the virtual switch preceded by vs (i.e.
Page 211: Managing A Domain Name System (Dns)
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 189: Interface Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 212: Viewing A List Of Domain Names
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.26.1.1 Viewing a List of Domain Names To view a list of domain names, navigate to admin » dns » search. If domain names have been configured, the Domain Name Searches table appears. Figure 190: Domain Name Searches Table If no domain names have been configured, add names as needed.
Page 213: Deleting A Domain Name
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Parameter Description encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
Page 214: Managing Domain Name Servers
Chapter 3 RUGGEDCOM ROX II Device Management User Guide Section 3.26.2 Managing Domain Name Servers A hierarchical list of domain name servers can be configured for the DNS service. ROX II will contact each server in the order they are listed when domain names require resolution. The following sections describe how to configure and manage a list of domain name servers: •...
Page 215: Deleting A Domain Name Server
RUGGEDCOM ROX II Chapter 3 User Guide Device Management Figure 194: Key Settings Form 1. Address Box 2. Add Button Configure the following parameter(s) as required: Parameter Description address Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Page 216 Chapter 3 RUGGEDCOM ROX II Device Management User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Deleting a Domain Name Server...
Page 217: System Administration
RUGGEDCOM ROX II Chapter 4 User Guide System Administration System Administration This chapter describes how to perform various administrative tasks related to device identification, user permissions, alarm configuration, certificates and keys, and more. It describes the following tasks: • Section 4.1, “Configuring the System Name and Location” •...
Page 218: Configuring The Hostname
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Configure the following parameter(s) as required: Parameter Description System Name Default: System Name An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name. If the name is unknown, the value is the zero-length string.
Page 219: Customizing The Welcome Screen
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description domain Synopsis: The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123).
Page 220: Setting The User Authentication Mode
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 199: Authentication Form 1. Mode List 2. Banner Box Under Banner, type the welcome message. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 221: Setting The Maximum Number Of Sessions
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 200: Authentication Form 1. Mode List 2. Banner Box Under Mode, select the authentication method. • If localonly is selected, users will be authenticated locally, regardless of whether or not a RADIUS server has been configured.
Page 222: Managing Alarms
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Navigate to admin. The Session Limits form appears. Figure 201: Session Limits Form 1. Maximum Sessions Total Box Configure the following parameter(s) as required: Parameter Description Maximum Sessions Total Synopsis: unbounded Default: 70 Puts a limit on the total number of concurrent sessions to ROX.
Page 223: Viewing A List Of Active Alarms
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Alarm Type Description Security Security alarms are for certificate expiry events. This includes warnings 30 days before a certificate is set to expire and when an expired certificate is installed. The following sections describe how to configure and manage alarms: •...
Page 224: Clearing Alarms
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.6.2.1 Clearing Alarms Non-conditional alarms must be cleared by the user. Conditional alarms, when configured, are cleared automatically. To clear a non-conditional alarm, do the following: Navigate to admin » alarms » {alarm}, where {alarm} is the chosen alarm. Click clear in the menu.
Page 225: Configuring An Alarm
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 204: Trigger Action Form 1. Perform Button Click Perform to acknowledge the alarm. Section 4.6.3 Configuring an Alarm While all alarms are pre-configured on the device, some alarms can be modified to suit the application. This includes changing the severity and enabling/disabling certain features.
Page 226 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 205: Alarm Configuration Form 1. Description Box 2. Severity List 3. Admin Enable Check Box 4. Failrelay Enable Check Box 5. LED Enable Check Box 6. Auto Clear Check Box Configure the following parameters as required: Parameter Description...
Page 227: Managing Certificates And Keys
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Section 4.7 Managing Certificates and Keys The following sections describe how to configure and manage certificates and keys on the device: NOTE Only admin users can read/write certificates and keys on the device. •...
Page 228: Viewing The Status Of A Ca Certificate And Crl
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.7.1.2 Viewing the Status of a CA Certificate and CRL To view the status of a CA certificate and its associated Certificate Revocation List (CRL), navigate to security » crypto » ca » {name}, where {name} is the name of the CA certificate. The Key Cert Sign Certificate Status, CRL Sign Certificate Status and CRL Status forms appear.
Page 229 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 209: CRL Status Form 1. Issuer 2. This Update 3. Next Update The Key Cert Sign Certificate Status form provides the following information: Parameter Description issuer subject Not Before Synopsis: The date-and-time type is a profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.
Page 230 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Parameter Description This certificate is not valid after this date. The CRL Sign Certificate Status form provides the following information: Parameter Description issuer subject Not Before Synopsis: The date-and-time type is a profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.
Page 231: Adding A Ca Certificate And Crl
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description full-time and provides higher resolution of time-secfrac. The canonical format for date-and- time values with a known time zone uses a numeric time zone offset that is calculated using the device's configured known offset to UTC time.
Page 232 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 210: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name The name of the CA certificate. Click Add. The CA form appears. Adding a CA Certificate and CRL...
Page 233 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 211: CA Form 1. Key Cert Sign Certificate Box 2. CRL Sign Certificate Box 3. CRL Contents Box Copy the contents of the CA certificate into the Key Cert Sign Certificate box. NOTE Large CRLs (bigger than 100KB) are not currently supported and may be difficult to add/view in the configuration.
Page 234: Deleting A Ca Certificate And Crl
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.7.1.4 Deleting a CA Certificate and CRL To delete a certificate issued by a Certified Authority (CA) and its associated Certificate Revocation List (CRL), do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to security »...
Page 235: Adding A Private Key
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 213: Private Key Table If no private keys have been configured, add keys as needed. For more information, refer to Section 4.7.2.2, “Adding a Private Key”. Section 4.7.2.2 Adding a Private Key To add an unsigned private key, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 236: Deleting A Private Key
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 215: Private Key Form 1. Algorithm List 2. Contents Box In the Private Key form, configure the following parameters as required: Parameter Description algorithm Synopsis: rsa, dsa The type of key. Contents Synopsis: The aes-cfb-128-encrypted-string works exactly like des3-cbc-encrypted- string but AES/128bits in CFB mode is used to encrypt the string.
Page 237: Managing Public Keys
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 216: Private Key Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen private key. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 238: Adding A Public Key
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.7.3.2 Adding a Public Key To add an unsigned public key, do the following: NOTE Do not associate the public key with the private key if the public key belongs to another device. Make sure the private key associated with the public key has been added.
Page 239: Deleting A Public Key
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 219: Public Key Form 1. Algorithm List 2. Contents Box 3. Private Key Name Box In the Public Key form, configure the following parameters as required: Parameter Description algorithm Synopsis: rsa, dsa The algorithm of the key.
Page 240: Managing Certificates
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Change the mode to Edit Public or Edit Exclusive. Navigate to security » crpto » public-key. The Public Key table appears. Figure 220: Public Key Table 1. Add Button 2. Edit Button 3.
Page 241: Viewing The Status Of A Certificate
RUGGEDCOM ROX II Chapter 4 User Guide System Administration If no certificates have been configured, add certificates as needed. For more information, refer to Section 4.7.4.3, “Adding a Certificate”. Section 4.7.4.2 Viewing the Status of a Certificate To view the status of a certificate, navigate to security » crypto » certificate » {name}, where {name} is the name of the certificate.
Page 242: Adding A Certificate
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Parameter Description production in Section 5.6 of RFC 3339. The date-and-time type is compatible with the dateTime XML schema type with the following notable exceptions: (a) The date-and-time type does not allow negative years. (b) The date-and-time time-offset -00:00 indicates an unknown time zone (see RFC 3339) while -00:00 and +00:00 and Z all represent the same time zone in dateTime.
Page 243: Deleting A Certificate
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description name The name of the certificate. Click Add. The Certificate form appears. Figure 224: Certificate Form 1. Contents Box 2. Private Key Name List 3. CA Certificate Name List Configure the following parameter(s) as required: Parameter Description...
Page 244: Managing Radius Authentication
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 225: Certificate Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen certificate. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 245 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Attribute Value User-Password { password } Service-Type Vendor-Specific Vendor-ID: 15004 Type: 1 Length: 11 String: RuggedCom A RADIUS server may also be used to authenticate access on ports with 802.1X security support. When this is required, the following attributes are sent by the RADIUS client to the RADIUS server: Attribute Value...
Page 246: Configuring Radius Authentication For Login Services
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.8.1 Configuring RADIUS Authentication for LOGIN Services To configure RADIUS authentication for LOGIN services, do the following: IMPORTANT! Passwords are case-sensitive. Change the mode to Edit Private or Edit Exclusive. Navigate to admin »...
Page 247: Configuring Radius Authentication For Ppp Services
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 227: Secondary Radius Server Form 1. Address Box 2. Port UDP Box 3. Password Box In both forms, configure the following parameters as required: Parameter Description Synopsis: The ip-address type represents an IP address and is IP version neutral. address The format of the textual representations implies the IP version.
Page 248 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to global » ppp » radius. The Primary Radius Server and Secondary Radius Server forms appear. Figure 228: Primary Radius Server Form 1.
Page 249: Configuring Radius Authentication For Switched Ethernet Ports
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description address The IPv4 address of the server. port-udp Default: 1812 Synopsis: The aes-cfb-128-encrypted-string works exactly like des3-cbc-encrypted- password string but AES/128bits in CFB mode is used to encrypt the string. The prefix for encrypted values is '$4$'.
Page 250: Managing Users
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 231: Secondary Radius Server Form 1. Address Box 2. Port UDP Box 3. Password Box In both forms, configure the following parameters as required: Parameter Description address The IPv4 address of the server. UDP Port Default: 1812 The IPv4 port of the server.
Page 251: Viewing A List Of Users
RUGGEDCOM ROX II Chapter 4 User Guide System Administration User Type Rights Guest Operator Admin View Settings ü ü ü Clear Logs ü ü ü Reset Alarms û ü ü Clear Statistics û ü ü Change Basic Settings û ü ü...
Page 252: Adding A User
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Section 4.9.2 Adding a User To add a new user account, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to admin » users and click in the menu. The Key Settings form appears. Figure 233: Key Settings Form 1.
Page 253: Deleting A User
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Set the user's password. For more information, refer to Section 4.10.2, “Setting a User Password/ Passphrase”. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 254: Kicking Users From The Network
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 236: Users Screen 1. List of Users 2. Send Button 3. Kick Icon 4. Messages Window 5. Message Box 6. Clear History Button The following sections describe other actions that can be used to manage users logged in to the device: •...
Page 255: Sending Messages To Users
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 237: Users Screen 1. List of Users 2. Send Button 3. Kick Icon 4. Messages Window 5. Message Box 6. Clear History Button Click the Kick icon next to the user profile. Section 4.9.4.2 Sending Messages to Users To broadcast a message to all users or a specific user, do the following:...
Page 256: Managing Passwords And Passphrases
Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 238: Users Screen 1. List of Users 2. Send Button 3. Kick Icon 4. Messages Window 5. Message Box 6. Clear History Button Type a message in the Message box and click Send. Section 4.10 Managing Passwords and Passphrases ROX II requires separate passwords or passphrases for logging into the various device modes, such as normal,...
Page 257: Configuring Password/Passphrase Complexity Rules
Accessibility hazard – risk of data loss. Do not forget the passwords for the device. If both the maintenance and boot passwords are forgotten, the device must be returned to Siemens Canada Ltd. for repair. This service is not covered under warranty. Depending on the action that must be taken to regain access to the device, data may be lost.
Page 258 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Figure 240: Password Complexity Form 1. Minimum Length Box 2. Maximum Length Box 3. Uppercase Characters Required Check Box 4. Lowercase Characters Required Check Box 5. Digits Required Check Box 6. Special Characters Required Check Box Configure the following parameter(s): Parameter Description...
Page 259: Setting A User Password/Passphrase
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description Requires the password to have at least one non-alphanumeric character. Allowed characters include "!@#$%^&*()_+-={}[];:'",<.>/?\|`~". Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 260: Setting The Boot Password/Passphrase
The boot password/passphrase is only supported by version 2010.09RR16 or later of the uboot binary. For information about determining and/or upgrading the uboot version installed on the device, refer to the application note Upgrading Uboot on ROX Devices available on www.siemens.com/ruggedcom. To set the boot password/passphrase, do the following: NOTE A passphrase must consist of four separate words and each word must be 4 to 20 characters long.
Page 261 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Figure 243: Set Boot Password Form 1. New Password Box 2. New Password Repeat Box 3. Old Password Box Figure 244: Trigger Action Form 1. Perform Button On the Set Boot Password form, configure the following parameters: Parameter Description new-password...
Page 262: Setting The Maintenance Password/Passphrase
Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting purposes and should only be used by Siemens Canada Ltd. technicians. As such, this mode is not fully documented. Misuse of this maintenance mode commands can corrupt the operational state of the device and render it inaccessible.
Page 263: Resetting Passwords And Passphrases
Command Line Interface (CLI). For information about resetting passwords/passphrases, refer to the ROX II v2.6 CLI User Guide for the RX1500 device. Section 4.11 Scheduling Jobs The ROX II scheduler allows users to create jobs that execute command line interface (CLI) commands at a specific date and time, or in response to specific configuration changes.
Page 264: Viewing A List Of Scheduled Jobs
Chapter 4 RUGGEDCOM ROX II System Administration User Guide • Section 4.11.2, “Adding Scheduled Jobs” • Section 4.11.3, “Deleting a Scheduled Job” Section 4.11.1 Viewing a List of Scheduled Jobs To view a list of scheduled jobs, navigate to admin » scheduler. If jobs have been configured, the Scheduled Jobs table appears.
Page 265 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Parameter Description Job Name The name of the scheduled job. The name can be up to 64 characters in length. Click Add. The Scheduled Jobs form appears. Figure 249: Key Settings Form 1.
Page 266 Chapter 4 RUGGEDCOM ROX II System Administration User Guide Parameter Description • To specify a list of values, enter the values as a comma-separated list. For example, to launch the job at 15, 30, and 45 minutes past the hour, enter 15,30,45. •...
Page 267: Deleting A Scheduled Job
RUGGEDCOM ROX II Chapter 4 User Guide System Administration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 4.11.3 Deleting a Scheduled Job To delete a scheduled Job, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 268 RUGGEDCOM ROX II Chapter 4 User Guide System Administration Deleting a Scheduled Job...
Page 269: Setup And Configuration
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Setup and Configuration This chapter describes how to setup and configure the device for use on a network using the various features available in ROX II. It describes the following tasks: •...
Page 270: Configuring A Basic Network
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.33, “Managing MAC Addresses” • Section 5.34, “Managing Spanning Tree Protocol” • Section 5.35, “Managing VLANs” • Section 5.36, “Managing Network Discovery and LLDP” • Section 5.37, “Managing Traffic Control” •...
Page 271: Configuring A Basic Ipv6 Network
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.1.2 Configuring a Basic IPv6 Network To configure a basic IPv6 network, do the following: Connect a computer to the Fast Ethernet port (fe-cm-1) of the device and configure the computer to be on the same subnet as the port.
Page 272 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 251: System Control Form 1. Ignore ICMP ALL Check Box 2. Ignore ICMP Broadcast Check Box 3. TCP Syn Cookies Check Box 4. Send ICMP Redirect Check Box Configure the following parameter(s) as required: NOTE ICMP redirect messages are sent by routers to hosts to inform them when a better route is available for a particular destination.
Page 273: Enabling And Configuring Cli Sessions
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.3 Enabling and Configuring CLI Sessions To enable and configure CLI sessions, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to admin. The CLI Sessions form appears. Figure 252: CLI Sessions 1.
Page 274: Enabling And Configuring Sftp Sessions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description enabled Default: true Provides the ability to configure the device via CLI over ssh and serial console. Listen IP Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Page 275 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 253: SFTP Sessions 1. Enabled Check Box 2. Listen IP Box 3. Listen Port Box 4. Extra IP Ports Box 5. Maximum Number of SFTP Sessions Box Configure the following parameter(s): Parameter Description enabled...
Page 276: Enabling Configuring Www Interface Sessions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Maximum Number of SFTP Sessions Synopsis: unbounded Default: 10 This parameter is not supported and any value is ignored by the system. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 277 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 254: WWW Interface Sessions 1. Enabled Check Box 2. Listen IP Box 3. Listen Port Box 4. Extra IP Ports Box 5. Maximum Number of WebUI Sessions 6. Idle Timeout Box 7.
Page 278: Enabling/Disabling Brute Force Attack Protection
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Listen Port Synopsis: The port-number type represents a 16-bit port number of an Internet transport layer protocol such as UDP, TCP, DCCP, or SCTP. Port numbers are assigned by IANA.
Page 279 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Use a firewall to limit access to SNMP • Do not use SNMPv1 NOTE Failed logins must happen within 10 minutes of each other to be considered malicious behavior. Once the time has expired, the host will be allowed to access the device again.
Page 280: Viewing The Status Of Ipv4 Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.7 Viewing the Status of IPv4 Routes To view the status of the IPv4 routes configured on the device, navigate to routing »...
Page 281: Viewing The Memory Statistics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 257: IPv6 Kernel Active Routing Table This table provides the following information: Parameter Description Subnet The network/prefix. Gateway Address The gateway address. Interface Name The interface name. Route Type The route type.
Page 282 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 258: Core Daemon Memory Statistics Form Figure 259: RIP Daemon Memory Statistics Form Figure 260: OSPF Daemon Memory Statistics Form Viewing the Memory Statistics...
Page 283: Managing Netconf
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 261: BGP Daemon Memory Statistics Form These forms provides the following information: Parameter Description total The total heap allocated (in bytes). used The number of used ordinary blocks (in bytes). free The number of free ordinary blocks (in bytes).
Page 284 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 262: NETCONF Sessions 1. Enabled Check Box 2. Listen IP Box 3. Listen Port Box 4. Extra IP Ports Box 5. Maximum Number of NETCONF Sessions 6. Idle Timeout Box CAUTION! Security hazard –...
Page 285: Viewing Netconf Statistics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description enabled Default: true Provides the ability to configure NETCONF features on the device. Listen IP Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Page 286 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 263: NETCONF State/StatisticsForm 1. In Bad Hellos 2. In Sessions 3. Dropped Sessions 4. In RPCs 5. In Bad RPCs 6. Out RPC Errors 7. Out Notifications This form provides the following information: Parameter Description In Bad Hellos...
Page 287: Managing Snmp
Section 5.11.7, “Managing SNMP Users” • Section 5.11.8, “Managing SNMP Security Model Mapping” • Section 5.11.9, “Managing SNMP Group Access” Section 5.11.1 MIB Files and SNMP Traps The current MIB files supported by ROX II can be downloaded from the www.siemens.com/ruggedcom. Managing SNMP...
Page 288 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE SNMP traps are not configurable in ROX II. The MIB files support the following SNMP traps: Table: SNMP Traps Standard Trap and Description authenticationFailure RFC 3418 SNMPv2-MIB An authenticationFailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated.
Page 289: Enabling And Configuring Snmp Sessions
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Standard Trap and Description The main subtree for the RUGGEDCOM software upgrade trap. trapCfgChangeTrap The main subtree for the RUGGEDCOM configuration change trap. trapFanBankTrap The main subtree for the RUGGEDCOM fan bank trap. trapHotswapModuleStateChangeTrap The main subtree for the RUGGEDCOM fan hot-swap module state change trap.
Page 290 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 264: SNMP Sessions 1. Enabled Check Box 2. Listen IP Box 3. Listen Port Box 4. Extra IP Ports Box 5. Maximum Number of SNMP Sessions 6. SNMP Local Engine ID Box 7.
Page 291 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the following parameter(s): Parameter Description Enable Default: false Provides the ability to configure SNMP features on the device. Listen IP Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Page 292: Viewing Statistics For Snmp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.11.3 Viewing Statistics for SNMP To view the statistics collected for SNMP, navigate to admin »...
Page 293 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description used in combination with the type counter32. In the value set and its semantics, this type is equivalent to the Counter32 type of the SMIv2. The total number of packets received by the SNMP engine which were dropped because they appeared outside of the authoritative SNMP engine's window.
Page 294: Discovering Snmp Engine Ids
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The total number of packets received by the SNMP engine which were dropped because they could not be decrypted. Section 5.11.4 Discovering SNMP Engine IDs To discover an SNMP engine ID on a device, do the following: Navigate to admin »...
Page 295: Managing Snmp Communities
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.11.5 Managing SNMP Communities The following sections describe how to configure and manage SNMP communities: • Section 5.11.5.1, “Viewing a List of SNMP Communities” • Section 5.11.5.2, “Adding an SNMP Community” •...
Page 296: Deleting An Snmp Community
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 269: Key Settings Form 1. Community Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Community Name The SNMP community name. Click Add to create the protocol. The SNMPv1/v2c Community Configuration screen appears. Figure 270: SNMPv1/v2c Community Configuration Form 1.
Page 297: Managing Snmp Target Addresses
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to admin » snmp » snmp-community. The SNMPv1/v2c Community Configuration table appears. Figure 271: SNMPv1/v2c Community Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen community. Click Commit to save the changes or click Revert All to abort.
Page 298: Adding An Snmp Target Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 272: SNMPv3 Target Configuration Table If no SNMP target addresses have been configured, add target addresses as needed. For more information, refer Section 5.11.6.2, “Adding an SNMP Target Address”. Section 5.11.6.2 Adding an SNMP Target Address To add an SNMP target adress, do the following:...
Page 299 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 274: SNMPv3 Target Configuration Form 1. Enabled Check Box 2. Target Address Box 3. Trap Port Box 4. Security Model List 5. User Name List 6. Security Level 7. Control Community Box 8.
Page 300 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description enabled Default: true Enables/disables this specific target. Target Address Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. An IPv4 or IPv6 address for the remote target.
Page 301: Deleting An Snmp Target Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.11.6.3 Deleting an SNMP Target Address To delete an SNMP target address, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to admin » snmp » snmp-target-address. The SNMPv3 Target Configuration table appears. Figure 275: SNMPv3 Target Configuration Table 1.
Page 302: Adding An Snmp User
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 276: SNMP User Configuration Table If no SNMP users have been configured, add users as needed. For more information, refer to Section 5.11.7.2, “Adding an SNMP User”. Section 5.11.7.2 Adding an SNMP User To add an SNMP user, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 303 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 278: SNMPv3 User Configuration Form 1. Authentication Protocol List 2. Authentication Key Box 3. Privacy Protocol List 4. Privacy Key Box Configure the following parameter(s) as required: Parameter Description Synopsis: none, md5, sha1 Authentication Protocol Default: none...
Page 304: Deleting An Snmp User
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.11.7.3 Deleting an SNMP User To delete an SNMP user, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 305: Adding An Snmp Security Model
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 280: SNMP Security Model to Group Mapping Table If no SNMP security models have been configured, add security models as needed. For more information, refer to Section 5.11.8.2, “Adding an SNMP Security Model”.
Page 306: Deleting An Snmp Security Model
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 282: SNMP Security Model to Group Mapping Form 1. Group Box Configure the following parameter(s) as required: Parameter Description Group Default: all-rights The name of the SNMP group. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 307: Managing Snmp Group Access
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Delete next to the chosen security model. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.11.9 Managing SNMP Group Access The following sections describe how to configure and manage SNMP group access:...
Page 308 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 285: Key Settings Form 1. Group Box 2. Security Model List 3. Security Level List 4. Add Button Configure the following parameter(s) as required: Parameter Description Group The name of the SNMP group. Security Model Synopsis: any, v1, v2c, v3 The SNMP security model to use: SNMPv1, SNMPv2c, or USM/SNMPv3.
Page 309: Deleting An Snmp Group
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 286: SNMP Group Access Configuration Form 1. Read View Name List 2. Write View Name List 3. Notify View Name List Configure the following parameter(s) as required: Parameter Description Read View Name Synopsis: no-view, v1-mib, restricted, all-of-mib Default: all-of-mib...
Page 310: Managing Time Synchronization Functions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 287: SNMP Group Access Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen group. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 311: Configuring The Time Synchronization Settings
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • The daemon is configured manually with a list of peers to send to • NTP servers issue advertisements to the daemon on broadcast or multicast address NOTE If a firewall is enabled, make sure UDP port 123 is open to send (if the router is an NTP client) or receive (if the router is an NTP server).
Page 312: Configuring The System Time And Date
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide If required, add server authentication keys. For more information, refer to Section 5.12.13.2, “Adding a Server Key”. Add restrictions for the remote NTP servers. For more information, refer to Section 5.12.14.2, “Adding a Server Restriction”.
Page 313: Configuring The System Time Zone
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.12.3 Configuring the System Time Zone To configure the system time zone, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 314: Configuring Ntp Multicast Clients
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 291: Local Time Settings Form 1. Enable Check Box 2. Stratum Box Configure the following parameter(s) as required: Parameter Description Enable Enables the local clock. The NTP daemon will use the local clock as the NTP source. The stratum number (of 10) indicates the priority relative to other sources.
Page 315: Configuring Ntp Broadcast Clients
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 292: NTP Multicast Clients Form 1. Enable Mutlicast Client Check Box 2. Address Box Configure the following parameter(s) as required: Parameter Description Enable Multicast Client Enables the multicast message mode. Address Synopsis: The host type represents either an IP address or a DNS domain name.
Page 316: Enabling/Disabling The Ntp Service
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 293: Network Time Protocol (NTP) Form 1. Enable NTP Service Check Box 2. Enable Broadcast Client Check Box Select the Enable Broadcast Client check box to enable the broadcast client. Add a broadcast address for a known NTP server.
Page 317: Viewing The Ntp Service Status
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.12.8 Viewing the NTP Service Status To view the status of the NTP service, do the following: Make sure the NTP service is enabled.
Page 318: Viewing The Status Of Reference Clocks
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description NTP Service Status Use this action to get the current NTP running status. A character before an address is referred to as a tally code. Tally codes indicate the fate of the peer in the clock selection process.
Page 319: Monitoring Subscribers
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Address type The address type of the remote machine. When The number of seconds since the last poll of the reference clock. Poll The polling interval in seconds. Reach An 8-bit left-rotating register.
Page 320: Adding An Ntp Server
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 298: Network Time Protocol (NTP) Servers Table If no servers have been configured, add servers as needed. For more information, refer to Section 5.12.11.2, “Adding an NTP Server”. Section 5.12.11.2 Adding an NTP Server To configure an NTP server on the device, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 321: Deleting An Ntp Server
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 300: Network Time Protocol (NTP) Servers Form 1. Enable Check Box 2. Peer Check Box 3. Mini Poll Box 4. Max Poll Box 5. IBurst Check Box 6. NTP Version Box 7.
Page 322: Managing Ntp Broadcast/Multicast Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 301: Network Time Protocol (NTP) Servers Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen server. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 323: Adding A Broadcast/Multicast Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no broadcast/multicast addresses have been configured, add addresses as needed. For more information, refer Section 5.12.12.2, “Adding a Broadcast/Multicast Address”. Section 5.12.12.2 Adding a Broadcast/Multicast Address To add a broadcast/multicast address for an NTP server, do the following: IMPORTANT! It is strongly recommended to enable NTP authentication, unless all hosts on the network are trusted.
Page 324: Deleting A Broadcast/Multicast Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 304: NTP Broadcast/Multicast Servers Form 1. Enable Check Box 2. Key List 3. NTP Version Box 4. Time to Live Box Configure the following parameter(s) as required: Parameter Description Enable Enables sending broadcast or multicast NTP messages to this address.
Page 325: Managing Server Keys
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 305: NTP Broadcast/Multicast Servers Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen address. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 326: Adding A Server Key
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide If no server keys have been configured, add keys as needed. For more information, refer to Section 5.12.13.2, “Adding a Server Key”. Section 5.12.13.2 Adding a Server Key To add a server key, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 327: Deleting A Server Key
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the following parameter(s) as required: Parameter Description Synopsis: The aes-cfb-128-encrypted-string works exactly like des3-cbc-encrypted- string but AES/128bits in CFB mode is used to encrypt the string. The prefix for encrypted values is '$4$'.
Page 328: Viewing A List Of Server Restrictions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.12.14.1, “Viewing a List of Server Restrictions” • Section 5.12.14.2, “Adding a Server Restriction” • Section 5.12.14.3, “Deleting a Server Restriction” Section 5.12.14.1 Viewing a List of Server Restrictions To view a list of NTP server restrictions, navigate to services »...
Page 329 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Address Synopsis: The host type represents either an IP address or a DNS domain name., default The address to match. The address can be a host or network IP address or a valid host DNS name.
Page 330: Deleting A Server Restriction
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description • noserve: Denies all packets except ntpq(8) and ntpdc(8) queries. • noquery: Denies ntpq(8) and ntpdc(8) queries. • nopeer: Denies packets which result in mobilizing a new association. •...
Page 331: Managing Cdma Profiles
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.13.1, “Managing CDMA Profiles” • Section 5.13.2, “Managing GSM Profiles” Section 5.13.1 Managing CDMA Profiles CDMA (Code Division Multiple Access) profiles must be configured before 3G EVDO CDMA data is available. For more information about viewing 3G EVDO CDMA data, refer to Section 3.23.5, “Viewing the CDMA Network Status for Cellular...
Page 332 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 315: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name Create a CDMA profile name Click Add to create the new profile. The Cellular Network Configuration and CDMA PPP Configuration forms appear.
Page 333 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 317: CDMA PPP Configuration Form 1. Use Peer DNS Check Box 2. Username Box 3. Password Box 4. Dial On Demand Check Box 5. Disconnect Idle Timeout 6. Failover On Demand Check Box 7.
Page 334: Deleting A Cdma Profile
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description use-peer-dns Enables the DNS server entries that the PPP server recommends. Enables this option unless you provide your own name servers. username Default: N/A The user ID to connect to the remote server. password Default: N/A The password to be authenticated by the remote server.
Page 335: Managing Gsm Profiles
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 318: Cellular Network Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen profile. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 336: Adding A Gsm Profile
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide If no GSM profiles have been configured, add profiles as needed. For more information, refer to Section 5.13.2.2, “Adding a GSM Profile”. Section 5.13.2.2 Adding a GSM Profile To add a GSM profile for the celullar modem interface, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 337 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 322: GSM PPP Configuration Form 1. Use Peer DNS Check Box 2. Username Box 3. Password Box 4. Dial On Demand Check Box 5. Disconnect Idle Timeout 6. Failover On Demand Check Box 7.
Page 338: Deleting A Gsm Profile
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The dial string given by the wireless provider to connect to the access point name. Default: 1 Specify SIM index to be used by this profile On the GSM PPP Configuration form, configure the following parameter(s) as required: Parameter Description use-peer-dns...
Page 339: Managing The Dhcp Relay Agent
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 323: Cellular Network Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen profile. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 340: Configuring The Dhcp Relay Agent
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE While DHCP Relay and DHCP Server may both be configured to run concurrently, they may not be configured to run on the same network interface. To configure the DHCP relay agent, do the following: •...
Page 341: Viewing A List Of Dhcp Client Ports
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.14.2 Viewing a List of DHCP Client Ports To view a list of DHCP relay agent client ports, navigate to switch » dhcp-relay-agent » dhcp-client-ports. If client ports have been configured, the DHCP Relay Agent Client Ports table appears. Figure 325: DHCP Relay Agent Client Ports Table If no client ports have been configured, add client ports as needed.
Page 342: Deleting A Dhcp Client Port
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.14.4 Deleting a DHCP Client Port To delete a client port for the DHCP relay agent, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 343: Configuring The Dhcp Server
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.15.3, “Enabling/Disabling the DHCP Relay Support” • Section 5.15.4, “Viewing a List of Active Leases” • Section 5.15.5, “Managing DHCP Listen Interfaces” • Section 5.15.6, “Managing Shared Networks” •...
Page 344: Enabling/Disabling The Dhcp Relay Support
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 328: Dynamic Host Control Protocol (DHCP) server Form 1. Enabled Check Box Configure the following parameter(s) as required: Parameter Description enabled Enables and disables the the DHCP server. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 345: Viewing A List Of Active Leases
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 329: Client Options Form 1. Unknown Client Box 2. Authorize Server Box 3. Option 82 Box Under Option 82, select the Enabled check box to enable Option 82 support, or clear the check box to disable support.
Page 346: Managing Dhcp Listen Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 331: Show Active Leases Section 5.15.5 Managing DHCP Listen Interfaces DHCP listen interfaces specify the IP interface to which the client sends a request. The following sections describe how to manage DHCP listen interfaces: •...
Page 347: Adding A Dhcp Listen Interface
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no DHCP listen interfaces have been configured, add interfaces as needed. For more information, refer to Section 5.15.5.2, “Adding a DHCP Listen Interface”. Section 5.15.5.2 Adding a DHCP Listen Interface To add a DHCP listen interface, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 348: Managing Shared Networks
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 334: Listen Interfaces Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen DHCP listen interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 349: Adding A Shared Network
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 335: Shared Network Configuration Table If no shared networks have been configured, add shared networks as needed. For more information, refer to Section 5.15.6.2, “Adding a Shared Network”. Section 5.15.6.2 Adding a Shared Network To add a shared network to the DHCP server, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 350: Configuring Shared Network Options
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.15.6.3 Configuring Shared Network Options To configure options for a shared network on the DHCP server, do the following: NOTE Options set at the shared network level override options set at the DHCP server level. Change the mode to Edit Private or Edit Exclusive.
Page 351: Configuring A Shared Network Client
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description The minimum leased time in seconds that the server offers to the client. Default: 7200 maximum The maximum leased time in seconds that the server offers to the clients. On the Client Configuration form, configure the following parameters as required: Parameter Description...
Page 352 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 339: Client Configuration Form 1. Host Name Box 2. Subnet Mask Box 3. Default Route Box 4. Broadcast Box 5. Domain Box 6. DNS Server Box 7. Static Route Box Figure 340: NIS Configuration Form 1.
Page 353 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 341: NetBios Configuration Form 1. Scope Box 2. Name Server Box On the Client Configuration form, configure the following parameters as required: Parameter Description hostname The unique name to refer to the host within a DHCP configuration. subnetmask Subnet mask default-route...
Page 354: Customizing Shared Network Clients
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The NetBIOS name server that the DHCP server offers to the client when it issues the lease to the client. If custom options are required for the shared network client, refer to Section 5.15.6.5, “Customizing Shared Network Clients”.
Page 355: Deleting A Shared Network
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Exit Transaction or continue making changes. Section 5.15.6.6 Deleting a Shared Network To delete a shared network, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to services »...
Page 356: Viewing A List Of Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.15.7.1 Viewing a List of Subnets To view a list of subnets, navigate to services » dhcpserver » subnet. If subnets have been configured, the Subnet Configuration table appears. Figure 344: Subnet Configuration Table If no subnets have been configured, add subnets as needed.
Page 357: Configuring Subnet Options
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Add to create the new subnet. The Subnet Configuration form appears. Figure 346: Subnet Configuration Form 1. Network IP Box 2. Shared Network List Configure the following parameter(s) as required: Parameter Description network-ip...
Page 358 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 347: Leased Configuration Form 1. Default Box 2. Maximum Box Figure 348: Client Configuration Form 1. Unknown Client Box 2. Authorize Server Box 3. Option 82 Box In the Leased Configuration form, configure the following parameters as required: Parameter Description default...
Page 359: Configuring A Subnet Client
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description The action to take for previously unregistered clients. authorize-server Enables/disables the server's authorization on this client. If enabled, the server will send deny messages to the client that is trying to renew the lease, which the server knows the client shouldn't have.
Page 360 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 349: Client Configuration Form 1. Host Name Box 2. Subnet Mask Box 3. Default Route Box 4. Broadcast Box 5. Domain Box 6. DNS Server Box 7. Static Route Box Figure 350: NIS Configuration Form 1.
Page 361 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 351: NetBios Configuration Form 1. Scope Box 2. Name Server Box In the Client Configuration form, configure the following parameters as required:. Parameter Description hostname The unique name to refer to the host within a DHCP configuration. subnetmask Subnet mask default-route...
Page 362: Deleting A Subnet
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The NetBIOS name server that the DHCP server offers to the client when it issues the lease to the client. If custom options are required for the subnet client, refer to Section 5.15.8.2, “Adding a Custom Client Option”.
Page 363: Viewing A List Of Custom Client Options
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.15.8.1 Viewing a List of Custom Client Options To view a list of custom client options configured for a DHCP subnet, navigate to services » dhcpserver » subnet » {name} » options » client » custom, where {name} is the name of the subnet. The Custom Configuration table appears.
Page 364: Deleting A Custom Client Option
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 354: Key Settings Form 1. Number Box 2. Value Box 3. Add Button Configure the following parameter(s) as required: Parameter Description number value The value of the custom option. Click Add.
Page 365: Managing Hosts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 355: Custom Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen custom client option. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 366: Adding A Host
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 356: Host Configuration Table If no hosts have been configured, add hosts as needed. For more information, refer to Section 5.15.9.2, “Adding Host”. Section 5.15.9.2 Adding a Host To add a host to the DHCP server, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 367: Configuring Host Options
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.15.9.3 Configuring Host Options To configure options for a host on the DHCP server, do the following: NOTE Options set at the host level override options set at the DHCP server level. Change the mode to Edit Private or Edit Exclusive.
Page 368 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 360: Client Configuration Form 1. Fixed IP Box 2. Unknown Client LIst 3. Shared Network LIst 4. Subnet LIst 5. Host Groups LIst On the Hardware Configuration form, configure the following parameters as required: Parameter Description type...
Page 369: Configuring A Host Client
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description subnet The subnet that this host belongs to. host-groups The host groups that this host belongs to. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 370 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 362: NIS Configuration Form 1. Server Box 2. Domain Box Figure 363: NetBios Configuration Form 1. Scope Box 2. Name Server Box On the Client Configuration form, configure the following parameters as required: Parameter Description hostname...
Page 371: Deleting Hosts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description server The NIS server address that the DHCP server offers to the client when it issues the lease to the client. domain The NIS domain name that the DHCP server offers to the client when it issues the lease to the client.
Page 372: Managing Custom Host Client Configurations
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.15.10 Managing Custom Host Client Configurations Custom configuration settings can be set for each host client. The following sections describe how to configure and manage custom host client configurations on a DHCP server: •...
Page 373: Deleting Custom Host Client Configurations
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 366: Key Settings Form 1. Number Box 2. Value Box 3. Add Button Configure the following parameter(s) as required: Parameter Description number value The value of the custom option. Click Add to create the new custom configuration.
Page 374: Managing Host Groups
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 367: Custom Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen custom configuration. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 375: Adding A Host Group
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no host groups have been configured, add host groups as needed. For more information, refer to Section 5.15.11.2, “Adding a Host Group”. Section 5.15.11.2 Adding a Host Group To add a host group to the DHCP server, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 376 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE Options set at the host group level override options set at the DHCP server level. Change the mode to Edit Private or Edit Exclusive. Navigate to services » dhcpserver » host-groups » {host} » options, where {host} is the name of the host group.
Page 377: Configuring A Host Group Client
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration On the Client Configuration form, configure the following parameters as required: Parameter Description unknown-client Synopsis: allow, deny, ignore Default: allow The action to take for previously unregistered clients. shared-network The shared network that this host group belongs to. subnet The subnet that this host group belongs to.
Page 378 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 372: Client Configuration Form 1. Hostname Box 2. Subnet Mask Box 3. Default Route Box 4. Broadcast Box 5. Domain Box 6. DNS Server Box 7. Static Route Box Figure 373: NIS Configuration Form 1.
Page 379 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 374: NetBios Configuration Form 1. Scope Box 2. Net Server Box On the Client Configuration form, configure the following parameters as required: Parameter Description hostname The unique name to refer to the host within a DHCP configuration. subnetmask Subnet mask default-route...
Page 380: Deleting A Host Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The NetBIOS name server that the DHCP server offers to the client when it issues the lease to the client. If custom configuration settings are required for the host group client, refer to Section 5.15.12, “Managing Custom Host Group Client Configurations”.
Page 381: Viewing A List Of Custom Host Group Client Configurations
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.15.12.3, “Deleting Custom Host Group Client Configurations” Section 5.15.12.1 Viewing a List of Custom Host Group Client Configurations To view a list of custom configurations for host group clients on the DHCP server, navigate to services » dhcpserver »...
Page 382: Deleting Custom Host Group Client Configurations
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description number value The value of the custom option. Click Add to create the new custom configuration. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 383: Viewing A List Of Ip Pools
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.15.13.1 Viewing a List of IP Pools To view a list of IP pools configured for a DHCP subnet, navigate to services » dhcpserver » subnet » {name} » options » ippool, where {name} is the name of the subnet. If pools have been configured, the IP Pool Configuration table appears.
Page 384 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 381: Leased Configuration Form 1. Default Box 2. Maximum Box Figure 382: IP Pool Configuration Form 1. Unknown Client Box 2. Failover Peer Box On the Leased Configuration form, configure the following parameter(s) as required: Parameter Description Default: 600...
Page 385: Deleting An Ip Pool
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Add one or more Option82 classes to the pool. For more information, refer to Section 5.15.16.2, “Adding an Option 82 Class to an IP Pool”. 10. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 386: Viewing A List Of Ip Ranges For Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.15.14.1 Viewing a List of IP Ranges for Subnets To view a list of IP ranges configured for a DHCP subnet, navigate to services » dhcpserver » subnet » {name} »...
Page 387: Deleting An Ip Range From A Subnet
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 386: IP Range Configuration Form 1. End Box Configure the following parameter(s) as required: Parameter Description The ending IP address pool that the server uses to offer to the client. Click Commit to save the changes or click Revert All to abort.
Page 388: Managing Ip Ranges For Ip Pools
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.15.15 Managing IP Ranges for IP Pools The following sections describe how to configure and manage IP ranges for IP pools: • Section 5.15.15.1, “Viewing a List of IP Ranges for IP Pools” •...
Page 389: Deleting An Ip Range From An Ip Pool
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 389: Key Settings Form 1. Start Box 2. Add Button Configure the following parameter(s) as required: Parameter Description start The starting IP address pool that the server uses to offer to the client. Click Add to create the IP range.
Page 390: Managing Option 82 Classes For Ip Pools
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to services » dhcpserver » subnet » {name} » options » ippool » {description} » iprange, where {name} is the name of the subnet and {description} is the name of the IP pool. The IP Range Configuration table appears.
Page 391: Adding An Option 82 Class To An Ip Pool
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no Option 82 classes have been configured, add classes as needed. For more information, refer to Section 5.15.16.2, “Adding an Option 82 Class to an IP Pool”. Section 5.15.16.2 Adding an Option 82 Class to an IP Pool To add an Option 82 class to an IP pool, do the following: NOTE...
Page 392: Deleting An Option 82 Class From An Ip Pool
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 394: Option 82 Configuration Form 1. Remote ID Box 2. Circuit ID Box Configure the following parameter(s) as required: Parameter Description remote-id Specifies the information relating to the remote host end of the circuit. circuit-id Specifies the local information to which circuit the request came in on.
Page 393: Managing Port Mirroring
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 395: Option 82 Configuration Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen class. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 394: Configuring Port Mirroring
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.16.3, “Managing Ingress Source Ports” Section 5.16.1 Configuring Port Mirroring To configure port mirroring, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch » port-mirroring. The Port Mirror form appears. Figure 396: Port Mirror Form 1.
Page 395: Viewing A List Of Egress Source Ports
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.16.2.1 Viewing a List of Egress Source Ports To view a list of egress source ports for port mirroring, navigate to switch » port-mirroring » egress-src. If source ports have been configured, the Egress Source Ports table appears. Figure 397: Egress Source Ports Table If no egress source ports have been configured, add egress source ports as needed.
Page 396: Deleting An Egress Source Port
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.16.2.3 Deleting an Egress Source Port To delete an egress source port for port mirroring, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 397: Adding An Ingress Source Port
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 400: Ingress Source Ports Table If no ingress source ports have been configured, add ingress source ports as needed. For more information, refer Section 5.16.3.2, “Adding an Ingress Source Port”.
Page 398: Deleting An Ingress Source Port
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.16.3.3 Deleting an Ingress Source Port To delete an ingress source port for port mirroring, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch » port-mirroring » ingress-src. The Ingress Source Ports table appears. Figure 402: Ingress Source Ports Table 1.
Page 399: Firewall Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If required, reboot the router to flush all existing connection streams. ROX II employs a stateful firewall system known as netfilter, a subsystem of the Linux kernel that provides the ability to examine IP packets on a per-session basis.
Page 400: Linux Netfilter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide always open, and connections are not opened or closed based on outside criteria. Static IP filters offer no form of authentication. Stateful or session-based firewalls add considerably more complexity to the firewalling process. They track the state of each connection, look at and test each packet (connection tracking), and recognize and manage as a whole traffic from a particular protocol that is on connected sets of TCP/UDP ports.
Page 401: Port Forwarding
SYN packets from reaching the kernel. Siemens also recommends setting the listen ports to include IP addresses on separate interfaces. For example, set the device to listen to an IP address on switch.0001 and fe-cm-1. This will make sure that one port is accessible if the other is flooded.
Page 402: Adding A Firewall
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 403: Firewall Description Table If no firewalls have been configured, add firewalls as needed. For more information, refer to Section 5.17.3, “Adding a Firewall”. Section 5.17.3 Adding a Firewall To add a new firewall, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 403 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 405: Firewall Description Form 1. Description Box Configure the following parameter(s) as required: Parameter Description Description An optional description string. Add interfaces associated with the firewall. For more information about adding interfaces, refer to Section 5.17.9.2, “Adding an Interface”.
Page 404: Deleting A Firewall
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.17.4 Deleting a Firewall To delete a firewall, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to security » firewall » fwconfig. The Firewall Description Settings table appears. Figure 406: Firewall Description Table 1.
Page 405: Configuring The Firewall For A Vpn
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 407: Firewall Configuration Form 1. Enable Active Configuration Check Box 2. Specify Work Configuration List 3. Specify Active Configuration List Under Specify work configuration, select a firewall configuration from the list to work on. The firewall configuration selected under Specify active configuration is the configuration that is actively running.
Page 406: Configuring The Firewall For A Vpn In A Dmz
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE The VPN host must be specified before the network host so the more specific VPN zone subnet can be inspected first. Table: Example Host Interface Subnet IPsec Zone W1ppp 192.168.1.0/24 W1ppp 0.0.0.0/0...
Page 407: Managing Zones
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Make sure a basic firewall has been configured. For more information about configuring a firewall, refer to Section 5.17.3, “Adding a Firewall”. Change the mode to Edit Private or Edit Exclusive. Navigate to security »...
Page 408: Viewing A List Of Zones
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The following sections describe how to configure and manage zones for a firewall: • Section 5.17.8.1, “Viewing a List of Zones” • Section 5.17.8.2, “Adding a Zone” • Section 5.17.8.3, “Deleting a Zone” Section 5.17.8.1 Viewing a List of Zones To view a list of zones, navigate to security »...
Page 409: Deleting A Zone
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Name A unique name to assign to this zone. Be sure to also create a zone called fw that is of the zone type firewall. Click Add. The Firewall Zone form appears. Figure 410: Firewall Zone Form 1.
Page 410: Managing Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 411: Firewall Zone Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen zone. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 411: Viewing A List Of Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.17.9.1 Viewing a List of Interfaces To view a list of interfaces, navigate to security » firewall » fwconfig » {firewall} » fwinterface, where {firewall} is the name of the firewall. If interfaces have been configured, the Main Interface Settings table appears. Figure 412: Main Interface Settings Table If no interfaces have been configured, add interfaces as needed.
Page 412 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 414: Main Interface Settings Form 1. Description Box Figure 415: Interface Options Form 1. ARP Filter Check Box 2. Route Back Check Box 3. TCP Flags Check Box 4. DHCP Check Box 5.
Page 413: Associating An Interface With A Zone
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description description (Optional) The description string for this interface On the Interface Options, configure the following parameter(s) as required: Parameter Description ARP Filter Responds only to ARP requests for configured IP addresses (This is permanently enabled system wide since ROX 2.3.0, and this option no longer has any effect).
Page 414: Configuring A Broadcast Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 416: Zone Form 1. Predefined Zone List 2. Undefined Zone Check Box Configure the following parameter(s) as required: Parameter Description predefined-zone A pre-defined zone undefined-zone This is used in conjunction with hosts definitions. Click Commit to save the changes or click Revert All to abort.
Page 415: Deleting An Interface
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 417: Broadcast Address Form 1. IPv4 Address Box 2. Auto Detect Check Box 3. None Check Box Configure the following parameter(s) as required: Parameter Description ipv4-address An IPv4 address for a broadcast address. detect Automatic detection of the broadcast address(es).
Page 416: Managing Hosts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 418: Main Interface Settings Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 417: Adding A Host
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 419: Main Host Settings Table If no hosts have been configured, add hosts as needed. For more information, refer to Section 5.17.10.2, “Adding Host”. Section 5.17.10.2 Adding a Host To add a new host for a firewall, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 418 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 421: Host Options Form 1. IPsec Zone Check Box Figure 422: Main Host Settings Form 1. Zone List 2. Interface List 3. IP Address Box 4. Description Box On the Host Options form, configure the following parameter(s) as required: Parameter Description IPSec zone...
Page 419: Deleting A Host
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.17.10.3 Deleting a Host To delete a host, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to security » firewall » fwconfig » {firewall} » fwhost, where {firewall} is the name of the firewall. The Main Host Settings table appears.
Page 420: Viewing A List Of Policies
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The order of the policies is important. If the last policy in the example above were to be the first policy, the firewall would reject all connection requests. NOTE The source and destination zones must be configured before a policy can be created. For more information about zones, refer to Section 5.17.8, “Managing Zones”.
Page 421 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 425: Key Settings Form 1. Policy Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Policy Name Enter a name tag for this policy. Click Add. The Main Policy Settings form appears. Figure 426: Main Policy Settings Form 1.
Page 422: Configuring The Source Zone
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description description (Optional) The description string for this policy. Configure the source zone for the policy. For more information, refer to Section 5.17.11.3, “Configuring the Source Zone”. Configure the destination zone for the policy. For more information, refer to Section 5.17.11.4, “Configuring the Destination Zone”.
Page 423: Configuring The Destination Zone
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.17.11.4 Configuring the Destination Zone To configure the destination zone for a firewall policy, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to security » firewall » fwconfig » {firewall} » fwpolicy{policy} » destintion-zone, where {firewall} is the name of the firewall and {policy} is the name of the policy.
Page 424: Managing Network Address Translation Settings
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 429: Main Policy Settings Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen policy. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 425: Adding A Nat Setting
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 430: Net Address Translation Main Settings Table If no NAT settings have been configured, add NAT settings as needed. For more information, refer to Section 5.17.12.2, “Adding a NAT Setting”.
Page 426 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 432: Net Address Translation Main Settings Form 1. External IP Address Box 2. Interface List 3. IP Alias Check Box 4. Internal Address Box 5. Limit Interface Check Box 6.
Page 427: Deleting A Nat Setting
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used. The canonical format for the zone index is the numerical format The internal IP address.
Page 428: Managing Masquerade And Snat Settings
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.17.13 Managing Masquerade and SNAT Settings Masquerading and Source Network Address Translation (SNAT) are forms of dynamic Network Address Translation (NAT). Both hide a subnetwork behind a single public IP address. Masquerading is used when the ISP provides a dynamic IP address.
Page 429 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 435: Key Settings Form 1. Masq Entry Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Masq Entry Name A name for this masquerading configuration entry. Click Add.
Page 430: Deleting A Masquerade Or Snat Setting
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Outgoing Interface Specifics (Optional) An outgoing interface list - specific IP destinations for the out-interface. IP Alias Create IP Alias for NAT rule. Source Hosts Subnet range or comma-separated list of hosts (IPs) SNAT Address (Optional) By specifying an address here, SNAT will be used and this will be the source address.
Page 431: Managing Rules
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.17.14 Managing Rules Rules establish exceptions to the default firewall policies for certain types of traffic, sources or destinations. Each rule defines specific criteria. If an incoming packet matches that criteria, the default policy is overridden and the action defined by the rule is applied.
Page 432 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 439: Key Settings Form 1. Rule Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Rule Name Enter a unique name that identifies this rule. Click Add.
Page 433 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 440: Main Rule Settings Form 1. Action List 2. Source Zone Hosts Box 3. Destination Zone Hosts Box 4. Log Level List 5. Protocol Box 6. Source Port 7. Destination Port Box 8.
Page 434: Configuring The Source Zone
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The router will still see TCP packets (i.e. retransmission packets). If required, reboot the router to flush all existing connection streams. Parameter Description Action Synopsis: accept, drop, reject, continue, redirect, dnat-, dnat Default: reject The final action to take on incoming packets matching this rule.
Page 435: Configuring The Destination Zone
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 441: Source Zone Form 1. Pre-Defined Zone List 2. Other Box 3. All Check Box Configure the following parameter(s) as required: Parameter Description predefined-zone A predefined zone other Type a custom definition - this can be a comma-separated list of zones. All zones Click Commit to save the changes or click Revert All to abort.
Page 436: Deleting Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 442: Destination Zone Form 1. Pre-Defined Zone List 2. Other Box 3. All Check Box Configure the following parameter(s) as required: Parameter Description predefined-zone A pre-defined zone other An undefined zone (string). All zones Click Commit to save the changes or click Revert All to abort.
Page 437: Validating A Firewall Configuration
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 443: Main Rule Settings Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen rule. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 438: Enabling/Disabling A Firewall
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.17.16 Enabling/Disabling a Firewall To enable or disable the firewall, do the following: IMPORTANT! Enabling or disabling the firewall will reset – but not disable – the BFA protection mechanism, if previously enabled.
Page 439 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration the network's topology. The protocol computes the best path through the network (using Dijkstra's algorithm) and then forwards packets to their destination along that path. Although it was originally designed as an ISO Connectionless-mode Network Protocol (CLNP), it was later adapted for IP network use (Dual IS-IS) in RFC 1195 [http://tools.ietf.org/html/rfc1195].
Page 440: Configuring Is-Is
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE In complex legacy networks, RIP, OSPF, BGP and IS-IS may all be active on the same router at the same time. Typically, however, only one dynamic routing protocol is employed at one time. The following sections describe how to configure the IS-IS routing protocol: •...
Page 441: Viewing The Status Of Neighbors
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Example The following illustrates how to configure an IS-IS network that includes all circuit types. In this example, R1 is a Level-1 router that needs to forward traffic to Level-2 routers. R2 and R3 are configured to be Level-1-2 routers to facilitate the connection with routers R4 and R5, which are Level-2-only routers.
Page 442: Viewing The Status Of The Link-State Database
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 449: ISIS Neighbors Status Form Section 5.18.3 Viewing the Status of the Link-State Database To view the basic status of the link-state database for the IS-IS network, do the following: Make sure IS-IS is configured.
Page 443 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 451: ISIS Database Status Form Viewing the Status of the Link-State Database...
Page 444 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 452: ISIS Database Detail Status Form Viewing the Status of the Link-State Database...
Page 445: Managing Area Tags
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.18.4 Managing Area Tags An IS-IS area is a grouping of inter-connected (or neighboring) IS-IS configured routers. As opposed to OSPF, where an Area Border Router (ABR) can exist in two areas at once, IS-IS routers reside only in one area. It is the link between routers in two different areas that forms the border.
Page 446 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 454: Key Settings Form 1. Area Tag Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Area Tag Name for a routing process, must be unique among router processes for a given router. Mandatory field.
Page 447 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 455: Area Tag Form 1. IS Type List 2. Metric Style List 3. Area Authorization List 4. Area Password Box 5. Area Authentication List 6. Domain 7. Domain Password Box 8.
Page 448: Deleting An Area Tag
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Area Password The area password to be used for transmission of level-1 LSPs. Area Authentication Synopsis: send-only, validate Default: send-only The authentication option to be used with the area password on SNP PDUs. Default is send-only.
Page 449: Managing Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 456: Area Tag Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen area tag. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 450: Configuring An Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Interfaces are added automatically when a VLAN is created. For more information about creating a VLAN, refer to Section 5.35, “Managing VLANs”. Section 5.18.5.2 Configuring an Interface By default, two interfaces are already configured for IS-IS: fe-cm-01 and switch.0001. To configure optional parameters for these and any other interfaces that have been added for IS-IS, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 451 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 458: Interface Parameters Form 1. IPv4 Area Tag Box 2. Circuit Type List 3. Point-to-Point Check Box 4. Passive Check Box 5. Circuit Password Box 6. Circuit Authorization List 7.
Page 452: Managing Lsp Generation
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description IPv4 Area Tag Name of Area Tag to be used for IS-IS over IPv4. Circuit Routing Type Synopsis: level-1-only, level-2-only, level-1-2 The IS-IS Circuit Type. Level-1 routers have neighbors only on the same area. Level-2 (backbone) can have neighbors on different areas.
Page 453: Viewing A List Of Lsp Generation Intervals
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.18.6.2, “Adding an LSP Generation Interval” • Section 5.18.6.3, “Deleting an LSP Generation Interval” Section 5.18.6.1 Viewing a List of LSP Generation Intervals To view a list of LSP generation intervals configured for an IS-IS area, navigate to routing » dynamic » isis » area »...
Page 454: Deleting An Lsp Generation Interval
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The IS type for this setting, specified as level-1-only, level-2-only or level-1-2. Click Add to create the new interval. The LSP Generic Interval Routing Type form appears. Figure 461: LSP Generic Interval Routing Type Form 1.
Page 455: Managing Spf Calculations
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Delete next to the chosen interval. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.18.7 Managing SPF Calculations IS-IS uses the Shortest Path First (SPF) algorithm to determine the best routes to every known destination in the...
Page 456: Deleting An Spf Calculation Interval
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 464: Key Settings Form 1. Routing Type List 2. Add Button Configure the following parameter(s) as required: Parameter Description Routing Type Synopsis: level-1-only, level-2-only, level-1-2 The IS type for this setting, specified as level-1-only, level-2-only or level-1-2. Click Add to create the new interval.
Page 457: Managing The Lifetime Of Lsps
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to routing » dynamic » isis » area » {name} » spf-interval, where {name} is the unique name for a routing process that belongs to a specific router. The SPF Interval Routing Type table appears. Figure 466: SPF Interval Routing Type 1.
Page 458: Adding An Lsp Lifetime Interval
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 467: Maximum LSP Lifetime Routing Type If no intervals have been configured, add intervals as needed. For more information, refer to Section 5.18.8.2, “Adding an LSP Lifetime Interval”. Section 5.18.8.2 Adding an LSP Lifetime Interval To add an LSP lifetime interval to an IS-IS area, do the following: IMPORTANT!
Page 459: Deleting An Lsp Lifetime Interval
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 469: Maximum LSP Lifetime Routing Type Form 1. Interval Box Configure the following parameter(s) as required: Parameter Description Interval Minimum interval in seconds, ranging from 350 to 65535 seconds. Default is 1200. Click Commit to save the changes or click Revert All to abort.
Page 460: Managing Lsp Refresh Intervals
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.18.9 Managing LSP Refresh Intervals IS-IS retains Link-State Packets (LSP) in the Link-State Database (LSDB) for only a short period of time unless they are refreshed. By default, LSPs are retained in the LSDB for 1200 seconds (this is referred to as the lifetime of the LSP) and are refreshed every 900 seconds.
Page 461: Deleting An Lsp Refresh Interval
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 472: Key Settings Form 1. Routing Type List 2. Add Button Configure the following parameter(s) as required: Parameter Description Routing Type Synopsis: level-1-only, level-2-only, level-1-2 The IS type for this setting, specified as level-1-only, level-2-only or level-1-2. Click Add to create the new interval.
Page 462: Managing Network Entity Titles (Nets)
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to routing » dynamic » isis » area » {name} » lsp-refresh-interval, where {name} is the unique name for a routing process that belongs to a specific router. The LSP Refresh Interval Routing Type table appears.
Page 463: Viewing A List Of Nets
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.18.10.1, “Viewing a List of NETs” • Section 5.18.10.2, “Adding a NET” • Section 5.18.10.3, “Deleting a NET” Section 5.18.10.1 Viewing a List of NETs To view a list of NETs configured for an IS-IS area, navigate to routing » dynamic » isis » area » {name} » net, where {name} is the unique name for the area.
Page 464: Deleting A Net
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Title Network Entity Title (..00) Click Add to create the new NET. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 465: Viewing A List Of Redistribution Metrics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration external metric. This puts external metrics in the range of 64 to 128, even though the metric value defined is only in the range of 0 to 63. There is no default metric for IS-IS. A metric should be defined for each routing protocol, otherwise a metric value of zero (0) is automatically applied.
Page 466 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 479: Key Settings Form 1. Source List 2. Add Button Configure the following parameter(s) as required: Parameter Description Source Synopsis: bgp, connected, kernel, ospf, rip, static Protocol that is source of IS-IS information. Click Add to create the new metric.
Page 467: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Metric The metric for redistributed routes. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.18.11.3 Deleting a Redistribution Metric To delete a redistribution metric for an IS-IS area, do the following:...
Page 468: Configuring Bgp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE In complex legacy networks, RIP, OSPF, BGP and IS-IS may all be active on the same router at the same time. Typically, however, only one dynamic routing protocol is employed at one time. The following sections describe how to configure and manage BGP: •...
Page 469 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 483: BGP Configuration 1. Enable BGP Check Box 2. Autonomous System ID Box 3. Always Compare MED Check Box 4. Default Local Preference 5. Deterministic MED Check Box 6. Router ID Box In the Distance form, configure the following parameters: Parameter Description...
Page 470: Viewing The Status Of Dynamic Bgp Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Router ID Router ID for BGP. Configure autonomous system path filters. For more information, refer to Section 5.19.6.3, “Adding an Autonomous System Path Filter”. Configure prefix list filters. For more information, refer to Section 5.19.5.3, “Adding a Prefix List”.
Page 471: Managing Route Maps
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 485: Advertised Route Table The Advertised Route table provides the following information: Parameter Description Network Network. Nexthop Next-hop address. Selected Selected next-hop for this route. Internal Internal route. Metric Metric value.
Page 472: Viewing A List Of Route Map Filters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.19.3.1 Viewing a List of Route Map Filters To view a list of route map filters for either dynamic BGP, navigate to routing » dynamic » bgp » filter » route- map.
Page 473: Adding A Route Map Filter Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 488: Key Settings Form 1. Route Map Tag Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Route Map Tag Route map tag. Click Add to create the new filter. Add one or more entries.
Page 474 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 489: Key Settings Form 1. Sequence Number Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Sequence Number The sequence number of the route-map entry. Click Add to create the new entry. The Route Map Entry form appears. Figure 490: Route Map Entry Form 1.
Page 475: Deleting A Routing Map Filter
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the match rules for the route map filter. For more information, refer to Section 5.19.3.7, “Configuring Match Rules”. Configure a set for the route map filter. For more information, refer to Section 5.19.3.8, “Configuring a Set”.
Page 476: Configuring Match Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 492: Route Map Entry Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen entry. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 477 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 494: Match Nexthop of Route Form 1. Prefix List List Figure 495: Match Advertising Source Address Form 1. Prefix List List Figure 496: Match Form 1. AS Path Filter List 2.
Page 478: Configuring A Set
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Prefix List The prefix list name. On the Match Advertising Source Address form, configure the following parameters as required: Parameter Description Prefix List The prefix list name. On the Match form, configure the following parameters as required: Parameter Description AS Path Filter...
Page 479 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 498: Metric Form 1. Operation List 2. Value Box Figure 499: Set Form 1. Local Preference Box 2. Next Hop Box 3. Origin List 4. Originator ID Box 5. Weight Box On the Aggregator form, configure the following parameters as required: Parameter Description...
Page 480: Managing Prepended And Excluded Autonomous System Paths
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Set , add or subtract the metric value. Prerequisite: Operation must be empty when value is not configured. value Value. Prerequisite: value must be empty when operation is not configured. On the Set form, configure the following parameters as required: Parameter Description...
Page 481: Viewing A List Of Prepended Autonomous System Path Filters
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.19.4.1 Viewing a List of Prepended Autonomous System Path Filters To view a list of prepended autonomous system path filters configured for a BGP route map entry, navigate to routing »...
Page 482: Adding An Excluded Autonomous System Path Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 502: Key Settings Form 1. AS Number Box 2. Add Button Configure the following parameter(s) as required: Parameter Description AS Number AS number. Click Add to add the filter. Click Commit to save the changes or click Revert All to abort.
Page 483: Deleting A Prepended Autonomous System Path Filter
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 503: Key Settings Form 1. AS Number Box 2. Add Button Configure the following parameter(s) as required: Parameter Description AS Number AS number. Click Add to add the filter. Click Commit to save the changes or click Revert All to abort.
Page 484: Deleting An Excluded Autonomous System Path Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Delete next to the chosen filter. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.19.4.6 Deleting an Excluded Autonomous System Path Filter To delete an excluded autonomous system path filter from a BGP route map entry, do the following:...
Page 485: Viewing A List Of Prefix Lists
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.19.5.6, “Deleting a Prefix Entry” Section 5.19.5.1 Viewing a List of Prefix Lists To view a list of prefix lists for dynamic BGP routes, navigate to one routing » dynamic » bgp » filter » prefix- list.
Page 486: Adding A Prefix Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 508: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Name The name of the prefix list. Click Add to create the new prefix-list. The Prefix List form appears. Figure 509: Prefix List Form 1.
Page 487 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » rip » filter » {name} » entry, where {name} is the name of the prefix list. Click .
Page 488: Deleting A Prefix List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Default: permit Action. Network Network (xxx.xxx.xxx.xxx/xx). Maximum prefix to mask for subnet The maximum prefix length to match ipaddress within subnet. Minimum prefix to mask for subnet The minimum prefix length to match ipaddress within subnet. Click Commit to save the changes or click Revert All to abort.
Page 489: Managing Autonomous System Paths And Entries
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » bgp » filter » {name} » entry, where {name} is the name of the prefix list. The Prefix List Entry table appears. Figure 513: Prefix List Entry Table 1.
Page 490: Viewing A List Of Autonomous System Path Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 514: Autonomous System Path Filter Table If no filters have been configured, add filters as needed. For more information, refer to Section 5.19.6.3, “Adding an Autonomous System Path Filter”. Section 5.19.6.2 Viewing a List of Autonomous System Path Entries To view a list of entries for an autonomous system path filter, navigate to routing »...
Page 491: Adding An Autonomous System Path Filter Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 516: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Name Name of the AS-path filter. Click Add to create the new filter. Add one or more entries.
Page 492 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Character Description Example _ (underscore) The underscore character has special meanings in an autonomous system _100,100_, _100_ path. It matches to: • Each space ( ) and comma (,) • Each AS set delimiter (e.g. { and }) •...
Page 493: Deleting An Autonomous System Path
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.19.6.5 Deleting an Autonomous System Path To delete an autonomous system path filter for dynamic BGP routes, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing »...
Page 494: Managing Neighbors
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 519: Entry Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen entry. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 495: Adding A Neighbor
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 520: Neighbor Table If no neighbors have been configured, add neighbors as needed. For more information, refer to Section 5.19.7.2, “Adding a Neighbor”. Section 5.19.7.2 Adding a Neighbor To add a neighbor for a BGP network, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 496 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 522: Route Map Form 1. In List 2. Out List Figure 523: Neighbor Form 1. Neighbor Autonomous System ID Box 2. eBGP Multi-Hop Box 3. Maximum Prefix Box 4. Next Hop Self Check Box 5.
Page 497: Deleting A Neighbor
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Apply route map to incoming routes. Apply route map to outbound routes. On the Neighbor form, configure the following parameter(s) as required: Parameter Description Neighbor Autonomous System ID A BGP neighbor.
Page 498: Managing Networks
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.19.8 Managing Networks As opposed to neighbors, which are specific routers with which to exchange routes, networks are groups of routers that are either part of a specific subnet or connected to a specific network interface.
Page 499: Adding A Network
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no networks have been configured, add networks as needed. For more information, refer to Section 5.19.8.2, “Adding a Network”. Section 5.19.8.2 Adding a Network To add a network for the BGP protocol, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 500: Tracking Commands
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 527: BGP Network Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen network. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 501: Managing Aggregate Addresses
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 528: Track Form 1. Event List 2. Apply When List Configure the following parameter(s) as required: Parameter Description Event Select an event. Apply When Synopsis: up, down Default: up Apply when the tracked event state goes UP or DOWN.
Page 502: Adding An Aggregate Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 529: Aggregate Network Table If no aggregate addresses have been configured, add addresses as needed. For more information, refer to Section 5.19.9.2, “Adding an Aggregate Address”. Section 5.19.9.2 Adding an Aggregate Address To add an aggregate address for dynamic BGP routes, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 503: Deleting An Aggregate Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.19.9.3 Deleting an Aggregate Address To delete an aggregate address for dynamic BGP routes, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » bgp » aggregate-address. The Aggregate Network table appears. Figure 531: Aggregate Network Table 1.
Page 504: Adding An Aggregate Address Option
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 532: Aggregate Network Options Table If no options have been configured, add options as needed. For more information, refer to Section 5.19.10.2, “Adding an Aggregate Address Option”. Section 5.19.10.2 Adding an Aggregate Address Option To add an option for an aggregate address, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 505: Deleting An Aggregate Address Option
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.19.10.3 Deleting an Aggregate Address Option To delete an option for an aggregate address, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » bgp » aggregate-address » {address} » options, where {address} is the subnet address and prefix for the aggregate address.
Page 506: Adding A Redistribution Metric
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 535: Redistribute Route from Other Protocols Table If no redistribution metrics have been configured, add metrics as needed. For more information, refer to Section 5.19.11.2, “Adding a Redistribution Metric”. Section 5.19.11.2 Adding a Redistribution Metric To add a redistribution metric for dynamic BGP routes, do the following:...
Page 507: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 537: Redistribute Route From Other Protocols Form 1. Metric Box Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 508: Managing Rip
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.20 Managing RIP The Routing Information Protocol (RIP) determines the best path for routing IP traffic over a TCP/IP network based on the number of hops between any two routers. It uses the shortest route available to a given network as the route to use for sending packets to that network.
Page 509 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to routing » dynamic » rip. The Routing Timers and RIP Configuration forms appear. Figure 539: Routing Timers Form 1. Update Timer Box 2. Timeout Timer Box 3. Garbage Collection Timer Box Figure 540: RIP Configuration 1.
Page 510: Viewing The Status Of Dynamic Rip Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The routing table update timer (in seconds). Default: 180 Timeout Timer The routing information timeout timer (in seconds). Garbage Collection Timer Default: 120 The garbage collection timer (in seconds). In the RIP Configuration form, configure the following parameters: Parameter Description...
Page 511 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 541: Route Table The Route table provides the following information: Parameter Description Network The network. Type The route type. Sub Type The route sub type. Nexthop The next hop. Metric The metric value.
Page 512: Managing Prefix Lists And Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 543: Advertised Route Table The Advertised Route table provides the following information: Parameter Description Network The network. Type The route type. Sub Type The route sub type. Nexthop Next hop. Metric The metric value.
Page 513: Viewing A List Of Prefix Entries
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 544: Prefix List Table If no prefix lists have been configured, add lists as needed. For more information, refer to Section 5.20.3.3, “Adding a Prefix List”. Section 5.20.3.2 Viewing a List of Prefix Entries To view a list of entries for dynamic RIP prefix lists, navigate to routing »...
Page 514: Adding A Prefix Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 546: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Name The name of the prefix list. Click Add to create the new prefix-list. The Prefix List form appears. Figure 547: Prefix List Form 1.
Page 515 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » rip » filter » {name} » entry, where {name} is the name of the prefix list. Click .
Page 516: Deleting A Prefix List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Action Synopsis: deny, permit Default: permit The action that will be performed. Network The IPv4 network address and prefix. Less Than or Equal to The maximum prefix length to be matched. Greater Than or Equal to The minimum prefix length to be matched.
Page 517: Deleting A Prefix Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.20.3.6 Deleting a Prefix Entry To delete an entry for a dynamic RIP prefix list, do the following: Change the mode to Edit Private or Edit Exclusive. Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » rip » filter » {name} »...
Page 518: Configuring A Network
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.20.4.1, “Configuring a Network” • Section 5.20.4.2, “Tracking Commands” Section 5.20.4.1 Configuring a Network To configure a network for the RIP protocol, do the following: Change the mode to Edit Private or Edit Exclusive. Add one or more network IP addresses.
Page 519: Managing Network Ip Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 552: Track Form 1. Track Event List 2. Apply When List Configure the following parameter(s) as required: Parameter Description Track Event Selects an event to track. The distribute-prefix-list is applied only when the tracked event is in the UP state.
Page 520: Adding A Network Ip Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 553: Subnet Table If no IP addresses have been configured, add addresses as needed. For more information, refer to Section 5.20.5.2, “Adding a Network IP Address”. Section 5.20.5.2 Adding a Network IP Address To add an IP address for a RIP network, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 521: Managing Network Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » rip » network » ip. The Subnet table appears. Figure 555: Subnet Table 1. Add Button 2.
Page 522: Adding A Network Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.20.6.2 Adding a Network Interface To add an interface for a RIP network, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » rip » network » interface and click . The Key Settings form appears.
Page 523: Managing Neighbors
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 558: Interface Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 524: Adding A Neighbor
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.20.7.2 Adding a Neighbor To add a neighbor for a RIP network, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » rip » network » neighbor and click . The Key Settings form appears.
Page 525: Managing The Prefix List Distribution
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 561: Neighbor Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen neighbor. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 526: Adding A Prefix List Distribution Path
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.20.8.2 Adding a Prefix List Distribution Path To add a prefix list distribution path for dynamic RIP routes, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing »...
Page 527: Deleting A Prefix List Distribution Path
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If necessary, configure an event tracker to track network commands. For more information, refer to Section 5.20.4.2, “Tracking Commands”. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 528: Viewing A List Of Key Chains
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.20.9.5, “Deleting a Key Chain” • Section 5.20.9.6, “Deleting a Key” Section 5.20.9.1 Viewing a List of Key Chains To view a list of key chains for dynamic RIP routes, navigate to routing » dynamic » rip » key-chain. If key chains have been configured, the Key Chain Management table appears.
Page 529: Adding A Key
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 568: Key Settings Form 1. Key Chain Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Key Chain Name The name of the key chain. Click Add to add the key chain.
Page 530 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 569: Key Settings Form 1. Key ID Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Key ID The key identifier number. Click Add to add the key chain. The Key Configuration, Accept Life Time and Send Life Time forms appear.
Page 531 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 572: Send Life Time Form 1. Time to Start Box 2. Expire Time Box On the Key Configuration form, configure the following parameter(s) as required: Parameter Description Sets the key string. On the Accept Life Time form, configure the following parameter(s) as required: Parameter Description...
Page 532 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description will cause date-and-time values to change accordingly. Such changes might happen periodically in case a server follows automatically daylight saving time (DST) time zone offset changes. The canonical format for date-and-time values with an unknown time zone (usually referring to the notion of local time) uses the time-offset -00:00., infinite Expire time.
Page 533: Deleting A Key Chain
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.20.9.5 Deleting a Key Chain To delete a key chain for dynamic RIP routes, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » rip » key-chain. The Key Chain Management table appears. Figure 573: Key Chain Management Table 1.
Page 534: Managing Redistribution Metrics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Delete next to the chosen key. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.20.10 Managing Redistribution Metrics Redistribution metrics redistribute routing information from other routing protocols, static routes or routes handled...
Page 535: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 576: Key Settings Form 1. Redistribute Type List 2. Add Button Configure the following parameter(s) as required: Parameter Description Redistribute Type Synopsis: kernel, static, connected, ospf, bgp Redistribute route type. Click Add to add the metric.
Page 536: Managing Routing Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 578: Redistribute Route from Other Protocols Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen metric. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 537: Configuring A Routing Interface
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.20.11.2 Configuring a Routing Interface To configure a routing interface for a RIP network, do the following: NOTE OSPF regards router interfaces as either passive or active, sending OSPF messages on active interfaces and ignoring passive interfaces.
Page 538: Managing Ospf
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Mode Synopsis: md5-rfc, md5-old-ripd, text, none The authentication mode. Key Chain The authentication key chain. String The authentication string. On the Interface Parameters form, configure the following parameter(s) as required: Parameter Description Passive Interface...
Page 539: Ospf Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration used to pick the winner. Keeping the ID fixed will avoid any unexpected changes in the election of the master router. NOTE In complex legacy networks, RIP, OSPF, BGP and IS-IS may all be active on the same router at the same time.
Page 540 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to routing » dynamic » ospf. The Distance OSPF and OSPF Configuration forms appear. Figure 582: Distance OSPF Form 1. External Routes Distance Box 2. Inter Area Routes Distance Box 3.
Page 541 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 583: OSPF Configuration 1. Enable OSPF Check Box 2. ABR Type List 3. Auto Cost Reference Bandwidth Box 4. Compatible with RFC1583 Check 5. Default Information Originate Check Box 6.
Page 542 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Inter Area Routes Distance The administrative distance for inter-area routes. intra Area Routes Distance The administrative distance for intra-area routes. In the OSPF Configuration form, configure the following parameters: Parameter Description Enable OSPF...
Page 543 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 584: Default Information Originate Form 1. Always Advertise Default Route Enable Check Box 2. Metric Box 3. Metric Type Box 4. Route Map List In the Default Information Originate form, configure the following parameters: Parameter Description Always Advertise Default Route...
Page 544: Viewing The Status Of Dynamic Ospf Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.3 Viewing the Status of Dynamic OSPF Routes To view the status of the dynamic OSPF routes configured on the device, navigate to routing » status » ospf » route »...
Page 545: Viewing A List Of Prefix Lists
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.21.4.1 Viewing a List of Prefix Lists To view a list of prefix lists for dynamic OSPF routes, navigate to one routing » dynamic » ospf » filter » prefix- list.
Page 546: Adding A Prefix Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 588: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Name The name of the prefix list. Click Add to create the new prefix-list. The Prefix List form appears. Figure 589: Prefix List Form 1.
Page 547 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » ospf » filter » {name} » entry, where {name} is the name of the prefix list. Click .
Page 548: Deleting A Prefix List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Action Synopsis: deny, permit Default: permit Action. Network Network (xxx.xxx.xxx.xxx/xx). Maximum prefix to mask for subnet The maximum prefix length to match ipaddress within subnet. Minimum prefix to mask for subnet The minimum prefix length to match ipaddress within subnet.
Page 549: Deleting A Prefix Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.21.4.6 Deleting a Prefix Entry To delete an entry for a dynamic OSPF prefix list, do the following: Change the mode to Edit Private or Edit Exclusive. Depending on the dynamic routing protocol being configured, navigate to routing » dynamic » ospf » filter »...
Page 550: Viewing A List Of Areas
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.5.1 Viewing a List of Areas To view a list of areas configured for dynamic OSPF routes, navigate to routing » dynamic » ospf » area. If areas have been configured, the OSPF Area table appears. Figure 594: OSPF Area Table If no areas have been configured, add areas as needed.
Page 551: Deleting An Area
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration IMPORTANT! All areas within the same OSPF network must use the same shortcutting mode. Figure 596: OSPF Area Form 1. Shortcut List Configure the following parameter(s) as required: Parameter Description Synopsis: default, disable, enable shortcut Default: default...
Page 552: Managing Route Maps
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 597: OSPF Area Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen area. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 553: Viewing A List Of Route Map Filter Entries
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 598: Route Map Table If no filters have been configured, add filters as needed. For more information, refer to Section 5.21.6.3, “Adding a Route Map Filter”. Section 5.21.6.2 Viewing a List of Route Map Filter Entries To view a list of entries for a route map filter for either OSPF, navigate to routing »...
Page 554: Adding A Route Map Filter Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 600: Key Settings Form 1. Route Map Tag Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Route Map Tag Route map tag. Click Add to create the new filter. Add one or more entries.
Page 555 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 601: Key Settings Form 1. Sequence Number Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Sequence Number The sequence number of the route-map entry. Click Add to create the new entry. The Route Map Entry and Set forms appear. Figure 602: Route Map Entry Form 1.
Page 556: Deleting A Routing Map Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 603: Set Form 1. Metric Box 2. Metric Type Box On the Route Map Entry form, configure the following parameter(s) as required: Parameter Description Action Synopsis: deny, permit Default: permit Action.
Page 557: Deleting A Routing Map Filter Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 604: Route Map Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen filter. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 558: Configuring Match Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.6.7 Configuring Match Rules To configure match rules for a route map filter entry, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » ospf » filter » route-map » {tag} » entry » {number} » match, where {tag} is the tag for the route map filter and {number} is the sequence number for the entry.
Page 559: Managing Incoming Route Filters
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Prefix List The prefix list name. On the Match form, configure the following parameters as required: Parameter Description Interface Name The interface name. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 560: Adding An Incoming Route Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.7.2 Adding an Incoming Route Filter To add a route filter for incoming advertised routes, do the following: Change the mode to Edit Private or Edit Exclusive. Make sure a route map has been configured. For more information, refer to Section 5.21.6, “Managing Route Maps”...
Page 561: Managing Redistribution Metrics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 611: Incoming Route Filter Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen incoming route filter. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 562: Adding A Redistribution Metric
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.8.2 Adding a Redistribution Metric To add a redistribution metric for dynamic OSPF routes, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » dynamic » ospf » redistribute and click . The Key Settings form appears.
Page 563: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Metric Type Default: 2 The OSPF exterior metric type for redistributed routes. Metric The metric for redistributed routes. Route Map The route map name. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 564: Viewing A List Of Routing Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.9.1 Viewing a List of Routing Interfaces To view a list of routing interfaces for an OSPF network, navigate to routing » dynamic » OSPF » interface. The Interface Parameters table appears. Figure 616: Interface Parameters Table Section 5.21.9.2 Configuring a Routing Interface...
Page 565 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 618: Interface Parameters Form 1. Authentication Type List 2. Link Cost Box 3. Hello Interval Box 4. Priority Box 5. Passive Interface Box 6. Retransmit Interval Box 7. Transmit Delay Box On the Dead Interval form, configure the following parameter(s) as required: NOTE For reliable operation, it is recommended that the Dead Interval value be at least four times the...
Page 566 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Dead Interval Default: 40 The time before considering a router dead (in seconds). Number of Hellos Per Second The number of times a hello message can be sent within one second. On the Interface Parameters form, configure the following parameter(s) as required: NOTE Link detection is enabled automatically for active network interfaces.
Page 567: Managing Message Digest Keys
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Exit Transaction or continue making changes. Section 5.21.10 Managing Message Digest Keys Message digest keys use the MD5 algorithm to authenticate OSPF neighbors and prevent unauthorized routers from joining the OSPF network. By enabling authentication and configuring a shared key on all the routers, only routers which have the same authentication key will be able to send and receive advertisements within the OSPF network.
Page 568: Adding A Message Digest Key
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.21.10.2 Adding a Message Digest Key To add a message digest key to an OSPF routing interface, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing »...
Page 569: Deleting A Message Digest Key
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.21.10.3 Deleting a Message Digest Key To delete a message digest key from an OSPF routing interface, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing »...
Page 570: Viewing A List Of Static Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.22.1 Viewing a List of Static Routes To view a list of static routes configured on the device, navigate to routing » static » {protocol}, where {protocol} is either IPv4 or IPv6. If routes have been configured, the Static Route table appears. Figure 623: Static Route Table If no static routes have been configured, add routes as needed.
Page 571: Adding An Ipv6 Static Route
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 625: Static Route Form 1. Hardware Accelerate Check Box Configure the following parameter(s) as required: NOTE Only TCP and UDP traffic flows will be accelerated by the IP/Layer 3 switch fabric. Non-IP packet types, such as ICMP and IGMP, will not be accelerated.
Page 572: Deleting A Static Route
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 626: Key Settings Form 1. Subnet (Network/Prefix) Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Subnet (network/prefix) The subnet (network/mask) of the static route. Click Add to add the route. If necessary, configure either a gateway or an interface for the static route.
Page 573: Configuring A Black Hole Connection For An Ipv4 Static Route
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 627: Static Route Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen route. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 574: Managing Gateways For Static Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The distance for this static route's blackhole. Default is 1. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 575: Viewing A List Of Gateways For Ipv4 Static Routes
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Distance (optional) The distance for the static route. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes.
Page 576: Deleting A Gateway For An Ipv4 Static Route
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 631: Key Settings Form 1. Gateway Address Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Gateway Address The gateway for the static route. Click Add to add the gateway address. The Static Route Using Gateway form appears. Figure 632: Static Route Using Gateway Form 1.
Page 577: Managing Interfaces For Static Routes
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to routing » static » ipv4 » {subnet} » via, where subnet is the subnet (network/prefix) of the static route. The Static Route Using Gateway table appears. Figure 633: Static Route Using Gateway Table 1.
Page 578: Viewing A List Of Interfaces For Ipv4 Static Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 634: Static Route Using Interface Form 1. Interface Name Box 2. Distance Box Configure the following parameter(s) as required: Parameter Description Interface Name The interface for the static route. Distance (optional) The distance for the static route.
Page 579 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to routing » static » ipv4 » {subnet} » dev, where subnet is the subnet (network/prefix) of the static route. Click .
Page 580: Deleting An Interface For An Ipv4 Static Route
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.22.7.4 Deleting an Interface for an IPv4 Static Route To delete an interface for an IPv4 static route, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing »...
Page 581: Managing Static Multicast Groups
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 639: Static Multicast Routing Configuration Form 1. Enabled Check Box Configure the following parameter(s) as required: Parameter Description enabled Enables static multicast routing service Prerequisite: Dynamic and static multicast routing can not be enabled together. Click Commit to save the changes or click Revert All to abort.
Page 582: Adding A Static Multicast Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.23.2.2 Adding a Static Multicast Group To add a static multicast group, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to routing » multicast » static » mcast-groups and click . The Key settings form appears.
Page 583: Deleting A Static Multicast Group
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the following parameter(s) as required: NOTE Only TCP and UDP traffic flows will be accelerated by the IP/Layer 3 switch fabric. Non-IP packet types, such as ICMP and IGMP, will not be accelerated. Parameter Description source-ip...
Page 584: Managing Out-Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.23.3 Managing Out-Interfaces The following sections describe how to configure and manage out-interfaces: • Section 5.23.3.1, “Viewing a List of Out-Interfaces” • Section 5.23.3.2, “Adding an Out-Interface”...
Page 585: Deleting An Out-Interface
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 645: Key Settings Form 1. Ifname List 2. Add Button Configure the following parameter(s) as required: Parameter Description ifname Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 586: Managing Dynamic Multicast Routing
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.24 Managing Dynamic Multicast Routing The PIM-SM feature is used for Dynamic Multicast Routing. PIM-SM stands for Protocol Independent Multicast - Sparse Mode. It is a dynamic multicast routing protocol that can dynamically prune and maintain multicast routes. PIM relies on the router's unicast routing table for its capabilities and does not rely on any specific method for learning routes, therefore it is "Protocol Independent".
Page 587: Pim-Sm Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.24.6, “Managing a Boot Strap Router” • Section 5.24.7, “Viewing the Status of PIM-SM” • Section 5.24.8, “Viewing the Status of Dynamic Multicast Routing” Section 5.24.1 PIM-SM Concepts When a PIM router receives a subscription from a host, e.g.
Page 588: Viewing A List Of Pim-Sm Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 647: PIM-SM Configuration Form 1. Enable PIM-SM Check Box 2. Default Preference Box 3. Default Metric Box 4. Broken Cisco Checksum Check Box Configure the following parameters as required: Parameter Description Enable PIM-SM...
Page 589: Enabling/Disabling A Pim-Sm Interface
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 648: Interface Table If no PIM-SM interfaces have been configured, enable interfaces as needed. For more information about enabling PIM-SM interfaces, refer to Section 5.24.4, “Enabling/Disabling a PIM-SM Interface”. Section 5.24.4 Enabling/Disabling a PIM-SM Interface To enable or disable a PIM-SM interface, do the following:...
Page 590: Configuring A Static Rp Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE Uncheck the Passive Enabled check box to activate PIM-SM on the interface, or check the Passive Enabled check box to disable PIM-SM on the interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 591: Managing A Boot Strap Router
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.24.6 Managing a Boot Strap Router The following sections describe how to configure and manage a Boot Strap Router: • Section 5.24.6.1, “Configuring a BSR Candidate” • Section 5.24.6.2, “Configuring a Group Prefix” •...
Page 592: Configuring An Rp Candidate
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to routing » multicast » dynamic » pim-sm » group-prefix and click . The Key settings form appears. Figure 652: Key Settings Form 1.
Page 593: Viewing The Status Of Pim-Sm
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 653: RP Candidate Form 1. Local Address Box 2. Timer Box 3. Priority Box Configure the following parameters as required: Parameter Description Local Address Local address to be used in the Cand-RP messages. If not specified, the largest local IP address will be used (excluding passive interfaces).
Page 594 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 654: PIM-SM Status Form Navigate to routing » status » pim-sm » vinterface. The Virtual Interface table appears displaying the status of the configured devices. Figure 655: Virtual Interface Table Parameter Description Index...
Page 595: Viewing The Status Of Dynamic Multicast Routing
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.24.8 Viewing the Status of Dynamic Multicast Routing To view the status of dynamic multicast routing, navigate to routing » status » multicast. If multicast routes have been configured, the Active Routes table appears. Figure 657: Active Routes Table Section 5.25 Managing Multicast Filtering...
Page 596 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The IGMP protocol operates between multicast routers and IP hosts. When an unmanaged switch is placed between multicast routers and their hosts, the multicast streams will be distributed to all ports.This may introduce significant traffic onto ports that do not require it and receive no benefit from it.
Page 597 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Switch IGMP Operation The IGMP Snooping feature provides a means for switches to snoop (i.e. watch) the operation of routers, respond with joins/leaves on the behalf of consumer ports, and prune multicast streams accordingly. There are two modes of IGMP the switch can be configured to assume: active and passive.
Page 598: Combined Router And Switch Igmp Operation
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide to MAC address 01-00-5E-XX-YY-ZZ where XX is the lower 7 bits of X, and YY and ZZ are simply Y and Z coded in hexadecimal. One can note that IP multicast addresses, such as 224.1.1.1 and 225.1.1.1, will both map onto the same MAC address 01-00-5E-01-01-01.
Page 599: Gmrp (Garp Multicast Registration Protocol)
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Assuming that router 1 is the querier for VLAN 2 and router 2 is simply a non-querier, the switch will periodically receive queries from router 1 and maintain the information concerning which port links to the multicast router. However, the switch port that links to router 2 must be manually configured as a router port.
Page 600: Leaving A Multicast Group
• Forward All Unknown Traffic (Multicast Groups) for which there are no members registered in the device in a VLAN If GMRP is disabled on the RX1500, GMRP packets received will be forwarded like any other traffic. Otherwise, GMRP packets will be processed by the RX1500, and not forwarded.
Page 601 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 660: Example – Establishing Membership with GMRP 1. Multicast Source 2. Switch 3. Multicast Host The hosts and switches establish membership with the Multicast Group 1 and 2 as follows: Host H1 is GMRP unaware, but needs to see traffic for Multicast Group 1.
Page 602: Enabling And Configuring Gmrp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Source S1 transmits multicast traffic to Port D2 which is forwarded via Port D1, which has previously become a member of Multicast Group 1. • Switch B forwards the Group 1 multicast via Port B4 towards Switch E. •...
Page 603: Configuring Igmp Snooping
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Leave Timer (ms) Default: 4000 The time in milliseconds to wait after issuing Leave or LeaveAll before removing registered multicast groups. If Join messages for specific addresses are received before this timer expires, the addresses will be kept registered.
Page 604: Managing Router Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description • ACTIVE : The switch generates IGMP queries, if no queries from a better candidate for the querier are detected for a while. IGMP Query Interval (s) Default: 60 The time interval between IGMP queries generated by the switch.
Page 605: Adding A Router Port
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.25.4.2 Adding a Router Port To add a router port for IGMP snooping, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch » mcast-filtering » igmp-snooping » router-ports and click . The Key Settings form appears.
Page 606: Managing The Static Multicast Group Table
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 665: Router Ports Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen router port. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 607: Adding A Static Multicast Group Entry
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.25.5.2 Adding a Static Multicast Group Entry To list a static multicast group from another device in the Static Multicast Summary table, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch »...
Page 608: Managing Egress Ports For Multicast Groups
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to switch » mcast-filtering » static-mcast-table. The Static Multicast Summary table appears. Figure 668: Static Multicast Summary Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen table entry. Click Commit to save the changes or click Revert All to abort.
Page 609: Adding An Egress Port
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no egress ports have been configured, add egress ports as needed. For more information, refer to Section 5.25.6.2, “Adding an Egress Port”. Section 5.25.6.2 Adding an Egress Port To add an egress port to a static multicast group defined in the Static Multicast Group Summary table, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 610: Viewing A Summary Of Multicast Groups
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to switch » mcast-filtering » static-mcast-table » {id/address} » egress-ports, where {id/ address} is the VLAN ID for the static multicast group and the MAC address for the host device. The Egress Ports table appears.
Page 611: Viewing A List Of Ip Multicast Groups
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.25.8 Viewing a List of IP Multicast Groups To view a list of all IP multicast groups, navigate to switch » mcast-filtering » ip-mcast-groups. If IP multicast groups have been configured, the IP Multicast Groups table appears. Figure 673: IP Multicast Groups Table This table provides the following information: Parameter...
Page 612: Vrrp Concepts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.26.7, “Managing VRRP Monitors” • Section 5.26.8, “Managing Track Scripts” • Section 5.26.9, “Managing Virtual IP Addresses” Section 5.26.1 VRRP Concepts The following sections describe some of the concepts important to the implementation of VRRP in ROX II: •...
Page 613 Setup and Configuration On RX1500 devices with ROX II v2.3 or higher installed, if the router with the highest priority is in a fault state, the backup VRRP Router can delay its transition to becoming the Master router. The length of the delay is user- defined.
Page 614 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Two or more VRRP instances can be assigned to be in the same VRRP Group, in which case, they can failover together. An Example of VRRP Groups In the next example, both host 1 and host 2 use a gateway of 192.168.3.10. The external side can access the internal side by gateway 192.168.2.10.
Page 615: Viewing The Status Of Vrrp
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.26.2 Viewing the Status of VRRP To view the status of VRRP, navigate to services » vrrp » status. The VRRP Status form appears. Figure 676: VRRP Status Form This table provides the following information: Parameter Description...
Page 616: Managing Vrrp Trackers
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Enable VRRP Service Enables or disables the VRRP service. Router ID The router ID for VRRP logs. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 617: Adding A Vrrp Tracker
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.26.4.2 Adding a VRRP Tracker To add a VRRP tracker, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to services » vrrp » trackers and click . The Key Settings form appears. Figure 679: Key Settings Form 1.
Page 618 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 680: Tracker Form 1. Tracker Type List 2. Network Box 3. Interface List 4. Interval List 5. Weight Box 6. Rise Box 7. Fall Box Configure the following parameter(s) as required: Parameter Description Track Type...
Page 619: Deleting A Vrrp Tracker
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Exit Transaction or continue making changes. Section 5.26.4.3 Deleting a VRRP Tracker To delete a VRRP tracker, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to services »...
Page 620: Adding A Vrrp Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 682: VRRP Group Table If no VRRP groups have been configured, add groups as needed. For more information, refer to Section 5.26.5.2, “Adding a VRRP Group”. Section 5.26.5.2 Adding a VRRP Group To add a VRRP group, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 621: Managing Vrrp Instances
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to services » vrrp » group. The VRRP Group table appears. Figure 684: VRRP Group Table 1. Add Button 2. Edit Button 3.
Page 622: Adding A Vrrp Instance
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide If no VRRP instances have been configured, add instances as needed. For more information, refer to Section 5.26.6.2, “Adding a VRRP Instance”. Section 5.26.6.2 Adding a VRRP Instance To add a VRRP instance, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 623 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 687: VRRP Instance Form 1. VRRP Version 2. Interface List 3. Virtual Router ID Box 4. Priority Box 5. Advertisement Interval Box 6. Gratuitous ARP Delay Box 7. No Preempt Box 8.
Page 624 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • a backup VRRP router gains higher priority and transitions to the Master state • VRRP is initiated and this router has higher priority than that of any VRRP router on the network NOTE The VRRP Instance Form displays some fields differently depending on whether version 2 or version 3 is chosen in the version field.
Page 625: Deleting A Vrrp Instance
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.26.6.3 Deleting a VRRP Instance To delete a VRRP instance, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to services » vrrp » instance. The VRRP Instance table appears. Figure 688: VRRP Instance Table 1.
Page 626: Adding A Vrrp Monitor
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 689: Monitor Interface Table If no VRRP monitors have been configured, add monitors as needed. For more information, refer to Section 5.26.7.2, “Adding a VRRP Monitor”. Section 5.26.7.2 Adding a VRRP Monitor To add a VRRP monitor, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 627: Deleting A Vrrp Monitor
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 691: Monitor Interface Form 1. Weight Box Configure the following parameter(s) as required: Parameter Description Weight The amount by which to increase or decrease the router's priority. When negative, the priority decreases by this amount when the interface falls.
Page 628: Managing Track Scripts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.26.8 Managing Track Scripts Track scripts are used to associate VRRP trackers with VRRP instances. The following sections describe how to configure and manage track scripts: •...
Page 629: Deleting A Track Script
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 694: Key Settings Form 1. Tracker Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Tracker Select a tracker to monitor VRRP instance. Click Add to add the track script. The Track Script form appears. Figure 695: Track Script Form 1.
Page 630: Managing Virtual Ip Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to services » vrrp » instance » {name} » track-script, where {name} is the name of the VRRP instance. The Track Script table appears. Figure 696: Track Script Table 1.
Page 631: Adding A Virtual Ip Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no virtual IP addresses have been configured, add addresses as needed. For more information, refer to Section 5.26.9.2, “Adding a Virtual IP Address”. Section 5.26.9.2 Adding a Virtual IP Address To add a virtual IP address, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 632: Managing Link Failover Protection
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 699: VRIP IP Address Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen address. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 633: Viewing The Link Failover Log
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.27.1 Viewing the Link Failover Log To view the link failover log, do the following: Navigate to services » link-failover » {interface}, where {interface} is the name of the interface. Click log in the menu.
Page 634: Managing Link Failover Parameters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 702: Link Fail Over Status Form 1. Main Link Status 2. Backup Link Status 3. Main Ping Test 4. Time of Last State Change 5. Link Backup State 6. Backup Interface in Use This form provides the following information: Parameter...
Page 635: Viewing A List Of Link Failover Parameters
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.27.3.1 Viewing a List of Link Failover Parameters To view a list of link failover parameters, navigate to services » link-failover. If parameters have been configured, the Link Failover Information table appears. Figure 703: Link Failover Information Table If no parameters have been configured, add parameters as needed.
Page 636 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 705: Link Fail Over Settings Form 1. Enabled Check Box 2. Ping Timeout Box 3. Ping Interval Box 4. Ping Retry Box 5. Start Delay Box 6. Main Down Timeout 7.
Page 637: Deleting A Link Failover Parameter
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description main-down-timeout Default: 60 The delay time, in seconds, that the main trunk is down before starting the backup trunk. main-up-timeout Default: 60 The delay time, in seconds, to confirm that the main trunk is up (returned to service) before stopping the backup trunk.
Page 638: Viewing A List Of Link Failover Backup Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.27.4.1 Viewing a List of Link Failover Backup Interfaces To view a list of link failover backup interfaces, navigate to services » link-failover » {interface} » backup, where {interface} is the name of the interface. If backup interfaces have been configured, the Backup Information table appears.
Page 639 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the following parameter(s) as required: Parameter Description backupIf The interface used to back up the main interface. Click Add. The Backup Settings form appears. Figure 709: Backup Settings form 1.
Page 640: Deleting A Link Failover Backup Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.27.4.3 Deleting a Link Failover Backup Interface To delete a link failover backup interface, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 641: Viewing A List Of Link Failover Ping Targets
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.27.5.1 Viewing a List of Link Failover Ping Targets To view a list of link failover ping targets, navigate to services » link-failover » {interface} » target, where {interface} is the name of the interface. If ping targets have been configured, the Targets IP Addresses table appears.
Page 642: Deleting A Link Failover Ping Target
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Configure the following parameter(s) as required: Parameter Description host-ip The IP address of the target host to verify the main path. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 643 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration To launch a link failover test, do the following: NOTE The link failover test can be cancelled at any time. For more information about cancelling a link failover test, refer to Section 5.27.7, “Cancelling a Link Failover Test”.
Page 644: Cancelling A Link Failover Test
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.27.7 Cancelling a Link Failover Test To cancel a link failover test, do the following: In normal mode or edit mode, navigate to services » link-failover » {interface} » cancel-test, where {interface} is the name of the interface.
Page 645: Ipsec Tunneling Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.28.6, “Managing Connections” • Section 5.28.7, “Managing the Internet Key Exchange (IKE) Protocol” • Section 5.28.8, “Managing the Encapsulated Security Payload (ESP) Protocol” • Section 5.28.9, “Configuring the Connection Ends” •...
Page 646: Public And Secret Key Cryptography
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Uses three DES encryptions on a single data block, with at least two different keys, to get higher security than is available from a single DES pass. 3DES is the most CPU intensive cipher. •...
Page 647: Remote Ipsec Client Support
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.28.1.6 Remote IPsec Client Support If the router is to support a remote IPsec client and the client will be assigned an address in a subnet of a local interface, a proxy ARP must be activated for that interface.
Page 648: Configuring Certificates And Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to tunnel » ipsec. The IPsec and Syslog forms appear. Figure 717: IPsec Form 1. Enable IPsec Check Box 2. NAT Traversal Check Box 3. Keep Alive Box Configure the following parameter(s) as required: Parameter Description Enable IPSec...
Page 649: Viewing The Ipsec Tunnel Status
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to tunnel » ipsec » connection » {connection} » {end}, where {connection} is the name of the connection and {end} is the either the left (local router) or right (remote router) connection end. The System Public Key and System Identifier forms appear.
Page 650: Managing Pre-Shared Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 720: IPSec Status Form This form provides a detailed log of all IPsec activity. Section 5.28.5 Managing Pre-Shared Keys Pre-shared keys are used in secret key cryptography. For more information about secret key cryptography and pre-shared keys, refer to Section 5.28.1.3, “Public and Secret Key Cryptography”.
Page 651 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » ipsec » preshared-key and click . The Key Settings form appears. Figure 722: Key Settings Form 1.
Page 652: Deleting A Pre-Shared Key
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Secret Key Synopsis: The aes-cfb-128-encrypted-string works exactly like des3-cbc-encrypted- string but AES/128bits in CFB mode is used to encrypt the string. The prefix for encrypted values is '$4$'. The pre-shared key.
Page 653: Viewing A List Of Connections
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.28.6.3, “Configuring Dead Peer Detection” • Section 5.28.6.4, “Deleting a Connection” Section 5.28.6.1 Viewing a List of Connections To view a list of connections configured for a VPN, navigate to tunnel » ipsec » connection. If connections have been configured, the Connection table appears.
Page 654 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The connection name. If the name is 'default', all settings are considered the default for all other connections. Click Add to create the new connection. The Connection form appears. Figure 727: Connection Form 1.
Page 655 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Authenticate By Synopsis: default, rsasig, secret Default: default The authentication method. The default value is 'default' unless overwritten by the default connection setting. Connection Type Synopsis: tunnel, transport, passthrough, default Default: default The connection type/mode.
Page 656: Configuring Dead Peer Detection
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide 11. If certificates and keys are required, make sure they are configured on the device. For more information, refer to Section 5.28.3, “Configuring Certificates and Keys”. 12. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 657: Deleting A Connection
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration NOTE The timeout period must be two minutes longer than the interval period. Parameter Description Enable Default: false Enables Dead Peer Detection (DPD) for this connection. Default: 30 Interval The interval (in seconds) between Dead Peer Detection keepalive messages sent for this connection when no traffic (idle) appears to be sent by a DPD enabled peer.
Page 658: Managing The Internet Key Exchange (Ike) Protocol
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.28.7 Managing the Internet Key Exchange (IKE) Protocol The Internet Key Exchange (IKE) protocol negotiates connection parameters, including keys, for the Encapsulated Security Payload (ESP) protocol employed by IPsec.
Page 659: Deleting An Ike Algorithm
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 731: Key Settings Form 1. Cipher Algorithm Box 2. Hash Method Box 3. Mod Group Box 4. Add Button Configure the following parameter(s) as required: Parameter Description Cipher Algorithm Synopsis: 3des, aes, aes256, aes192, aes128, any The cipher algorithm.
Page 660: Managing The Encapsulated Security Payload (Esp) Protocol
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 732: Algorithm Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen algorithm. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 661: Viewing A List Of Esp Algorithms
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 733: ESP Encryption Algorithm Form 1. Mod Group List Configure the following parameter(s) as required: Parameter Description Modpgroup Synopsis: modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192, any Default: any The Modular Exponential (MODP) group.
Page 662: Adding Esp Algorithms
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.28.8.3 Adding ESP Algorithms To add a new algorithm for the Encapsulated Security Payload (ESP) protocol, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » ipsec » connection » {connection} » esp » algorithm, where {connection} is the name of the connection.
Page 663: Configuring The Connection Ends
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to tunnel » ipsec » connection » {connection} » esp » algorithm, where {connection} is the name of the connection. The Algorithm table appears. Figure 736: Algorithm Table 1. Add Button 2.
Page 664 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 737: Public IP Address Form 1. Type List 2. Host Name or IP Address Box Figure 738: System Public Key Form 1. Type List 2. Certificate List (Hidden) 3. RSA Signature List (Hidden) Figure 739: System Identifier Form 1.
Page 665 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 740: Nexthop to Other System Form 1. Type List 2. IP Address Box Figure 741: Left/Right Form 1. NAT Traversal Negotiation Method List In the Public IP Address form, configure the following parameters: Parameter Description Type...
Page 666: Managing Private Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Certificate The selected certificate. In the System Identifier form, configure the following parameters: Parameter Description type Synopsis: default, none, from-certificate, address, hostname, der-asn1-dn, user-fqdn Default: default The system identifier type. The default value is 'left side public-ip' unless overwritten by the default connection setting.
Page 667: Configuring Private Subnets For Connection Ends
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.28.10.1, “Configuring Private Subnets for Connection Ends” • Section 5.28.10.2, “Viewing a List of Addresses for Private Subnets” • Section 5.28.10.3, “Adding an Address for a Private Subnet” •...
Page 668: Adding An Address For A Private Subnet
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 743: Private Subnet Behind System Table If no addresses have been configured, add addresses as needed. For more information, refer to Section 5.28.10.3, “Adding an Address for a Private Subnet”.
Page 669: Deleting An Address For A Private Subnet
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.28.10.4 Deleting an Address for a Private Subnet To delete an address for a private subnet, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » ipsec » connection » {connection} » {end} » subnet, where {connection} is the name of the connection and {end} is the either the left (local router) or right (remote router) connection end.
Page 670: Viewing The Round Trip Time Statistics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.29.10, “Managing Ethernet Types for Generic Tunnels” Section 5.29.1 Viewing the Round Trip Time Statistics The round trip time statistics reflect the measured round trip time to each remote daemon. The minimum, average, maximum and standard deviation of times is presented.
Page 671 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » l2tp. The DNS Server, WINS Server, PPP Options and L2TP forms appear. Figure 747: DNS Server Form 1.
Page 672 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 750: L2TP Form 1. Enable L2TP Check Box 2. Local IP Address Box 3. First IP Address Box 4. Maximum Number of Connections Box 5. Closing Wait Timeout Box On the DNS Server form, configure the following parameter(s) as required: Parameter Description...
Page 673: Configuring L2Tpv3 Tunnels
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Default: 1410 The Maximum Receive Unit (MRU) or maximum packet size passed when received. On the L2TP form, configure the following parameter(s) as required: Parameter Description Enable L2TP Enables L2TP.
Page 674 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 751: Static L2TPv3 Tunnel Enable Form 1. Enable Check Box Check the Enable check box. Navigate to tunnel » l2tpv3 » static » tunnel and select Add tunnel. The Key Settings form appears. Figure 752: Key Settings Form 1.
Page 675 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 753: Static L2TPv3 Tunnels Form 1. Enabled Check Box 2. Tunnel ID Field 3. Remote Tunnel ID Field 4. Local IP Field 5. Local Port Field 6. Remote IP Field 7.
Page 676 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 754: Key Settings Form 1. Session-Name Field 2. Add Button On the Key Settings form, configure the following parameter(s) as required: Parameter Description session-name Session name, contains any lower case letter or numerical digit. Prefix 'l2t-' will be added to tunnel name and session name to create l2tpv3 system interface name (ie.
Page 677 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 756: Local Cookie Form 1. Size Selection Box 2. Low Value Field 3. High Value Field Figure 757: Remote Cookie Form 1. Size Selection Box 2. Low Value Field 3.
Page 678 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description size Synopsis: 4, 8 Cookie size in byte. low-value Lower value of cookie. This value must match with low-value of other endpoint's remote cookie high-value Higher value of cookie if the cookie size is 8. This value must match with high-value of other endpoint's remote cookie 11.
Page 679: Configuring The Layer 2 Tunnel Daemon
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.4 Configuring the Layer 2 Tunnel Daemon To configure the Layer 2 tunnel daemon, do the following: IMPORTANT! Make sure there are no traffic loops possible between the substation LAN and other LANs that could forward GOOSE frames to the LAN.
Page 680: Managing Goose Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.29.5 Managing GOOSE Tunnels The GOOSE tunnel feature provides the capability to bridge GOOSE frames over a Wide Area Network (WAN). GOOSE tunnels provide the following features: • GOOSE traffic is bridged over the WAN via UDP/IP. •...
Page 681: Viewing The Goose Tunnel Statistics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.5.1 Viewing the GOOSE Tunnel Statistics To view the GOOSE tunnel statistics, navigate to tunnel » l2tunneld » status » goose. The GOOSE Tunnel Statistics form appears. Figure 760: GOOSE Tunnel Statistics Form 1.
Page 682 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 762: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name Description of the GOOSE tunnel. Click Add to create the tunnel. The GOOSE Tunnel form appears. Figure 763: GOOSE Tunnel Form 1.
Page 683: Deleting A Goose Tunnel
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.5.4 Deleting a GOOSE Tunnel To delete a GOOSE tunnel, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » l2tunneld » goose. The GOOSE Tunnel table appears. Figure 764: GOOSE Tunnel Table 1.
Page 684: Adding A Remote Daemon
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 765: Remote Daemon of Goose Tunnel Table If no remote daemons have been configured, add daemons as needed. For more information, refer to Section 5.29.6.2, “Adding a Remote Daemon”. Section 5.29.6.2 Adding a Remote Daemon To configure a remote daemon for a GOOSE tunnel, do the following:...
Page 685: Deleting A Remote Daemon
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.6.3 Deleting a Remote Daemon To delete a remote daemon, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » l2tunneld » goose » {name} » remote-daemon, where {name} is the name of the GOOSE tunnel.
Page 686: Viewing The Generic Tunnel Statistics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.29.7.1 Viewing the Generic Tunnel Statistics To view the generic tunnel statistics, navigate to tunnel » l2tunneld » status » generic. The Generic L2 Tunnel Statistics form appears. Figure 768: Generic L2 Tunnel Statistics Form 1.
Page 687 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 770: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name A description of the generic tunnel. Click Add to create the tunnel. The Generic L2 Tunnel Protocol form appears. Figure 771: Generic L2 Tunnel Protocol Form 1.
Page 688: Deleting A Generic Tunnel
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.29.7.4 Deleting a Generic Tunnel To delete a generic tunnel, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » l2tunneld » generic. The Generic L2 Tunnel Protocol table appears. Figure 772: Generic L2 Tunnel Protocol Table 1.
Page 689: Viewing A List Of Ip Addresses
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.8.1 Viewing a List of IP Addresses To view a list of remote L2 protocol server IP addresses for a generic tunnel configuration, navigate to tunnel » l2tunneld » generic » {name} » remote-daemon » ip-address, where {name} is the name of the generic tunnel. If IP addresses have been configured, the Remote Daemon IP Address table appears.
Page 690: Deleting An Ip Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.29.8.3 Deleting an IP Address To delete the IP address of a remote L2 protocols server from a generic tunnel configuration, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 691: Viewing A List Of Egress Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.9.1 Viewing a List of Egress Interfaces To view a list of egress interfaces configured for a generic tunnel, navigate to tunnel » l2tunneld » generic » {name} » remote-daemon » egress-if, where {name} is the name of the generic tunnel. If egress interfaces have been configured, the Generic L2 Tunnel Egress Interface table appears.
Page 692: Deleting An Egress Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.29.9.3 Deleting an Egress Interface To delete an egress interface for a generic tunnel, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 693: Viewing A List Of Ethernet Types
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.29.10.1 Viewing a List of Ethernet Types To view a list of Ethernet types configured for a generic tunnel, navigate to tunnel » l2tunneld » generic » {name} » ethernet-type, where {name} is the name of the generic tunnel. If Ethernet types have been configured, the L2 Ethernet Type table appears.
Page 694: Deleting An Ethernet Type
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.29.10.3 Deleting an Ethernet Type To delete an Ethernet type for a generic tunnel, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 695: Viewing Statistics For Gre Tunnels
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration w1ppp w2ppp 172.16.17.18 172.19.20.21 eth1 192.168.1.1 192.168.2.1 eth2 192.168.1.0/8 192.168.2.0/8 Figure 782: Example – GRE Tunnel Configuration 1. Router 1 2. Router 2 In this example, Router 1 establishes a GRE tunnel to Router 2 using a local router address of 172.16.17.18, a remote router address of 172.19.20.21, and a remote subnet of 192.168.2.0/24.
Page 696: Viewing A List Of Gre Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide This table provides the following information: Parameter Description Name The GRE tunnel interface name. tunnel-status The status of the tunnel. rx-packets The number of packets received through the tunnel. rx-errors The error packets received through the tunnel.
Page 697 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 785: Key Settings Form 1. Interface Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description if-name The GRE tunnel network interface name - the interface name must start with a lowercase letter, but may contain any combination of lowercase letters, numbers and dashes up to a maximum of 10 characters.
Page 698 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 786: Generic Routing Encapsulation Interfaces Form 1. Local Address Box 2. Remote Address Box 3. Remote Subnet Box 4. MTU Box 5. Multicast Check Box 6. Cost Box Configure the following parameter(s) as required: Parameter Description local-ip...
Page 699: Deleting A Gre Tunnel
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.30.4 Deleting a GRE Tunnel To delete a GRE tunnel, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to tunnel » gre. The Generic Routing Encapsulation Interfaces table appears. Figure 787: Generic Routing Encapsulation Interfaces Table 1.
Page 700 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 788: Conventional Layer 3 Router 1. Router 2. Routing Table 3. Switch 4. Layer 3 Traffic 5. Layer 2 Traffic Figure 789: Layer 3 Switch 1. Router 2. Forwarding Table 3.
Page 701: Layer 3 Switching Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.31.1 Layer 3 Switching Concepts The following sections describe Layer 3 Switching concepts and rules: • Section 5.31.1.1, “Layer 3 Switch Forwarding Table” • Section 5.31.1.2, “Static Layer 3 Switching Rules” •...
Page 702: Dynamic Learning Of Layer 3 Switching Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE Only TCP and UDP traffic flows will be accelerated by the IP/Layer 3 switch fabric. Non-IP packet types, such as ICMP and IGMP, will not be accelerated. Section 5.31.1.3 Dynamic Learning of Layer 3 Switching Rules For static routes without hardware acceleration or for dynamic routes, Layer 3 switching rules can be dynamically learned based on software-based router and firewall decisions.
Page 703: Multicast Cross-Vlan Layer 2 Switching
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration to MAC addresses. The same information is also needed by the Layer 3 switching ASIC when it switches IP packets between subnets. The destination or gateway MAC address is usually obtained through ARP. However, ARP entries can also be statically configured in the Layer 3 Switch so that they do not time out.
Page 704: Configuring Layer 3 Switching
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Layer 3 switch ASICs are somewhat limited in how switching rules can be defined. These limitations do not allow configuring arbitrary firewall rules directly in the Layer 3 switch hardware. For sophisticated firewall rules, the firewall has to be implemented in software and the Layer 3 Switch must not switch traffic that is subject to firewall processing.
Page 705 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configure the following parameter(s) as required: Parameter Description Unicast Mode Synopsis: disabled, auto, static Default: auto • Disabled: Layer 3 switching is disabled. The ability to disable routing hardware acceleration may be desired, for example, in a system with sophisticated firewall rules, which could not be supported by the Layer 3 switching ASIC and would require software processing.
Page 706: Managing Static Arp Table Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.31.3 Managing Static ARP Table Entries The following sections describe how to manage static ARP table entries: • Section 5.31.3.1, “Viewing a List of ARP Table Entries” •...
Page 707 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 792: Key Settings Form 1. IP Address Box 2. Add Button Configure the following parameters as required: Parameter Description IP Address Synopsis: The ipv4-address type represents an IPv4 address in dotted-quad notation. The IPv4 address may include a zone index, separated by a % sign.
Page 708: Deleting A Static Arp Table Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Default: 00:00:00:00:00:00 The MAC address of the network device specified by the IP address. VLAN ID The VLAN Identifier of the VLAN upon which the MAC address operates. status Synopsis: resolved, unresolved Default: unresolved...
Page 709: Viewing A Static And Dynamic Arp Table Summary
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.31.4 Viewing a Static and Dynamic ARP Table Summary To view a static and dynamic ARP table summary, navigate to switch » layer3-switching » arp-table-summary. If ARP table entries have been configured, the ARP Table Summary appears. Figure 795: ARP Table Summary This table provides the following information: Parameter...
Page 710 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 796: Routing Rules Summary Table This table provides the following information: Parameter Description Rule ID Defines the order in which rules are matched on each ingress packet. The first matched rule is applied on the packet.
Page 711: Flushing Dynamic Hardware Routing Rules
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description the default zone of the device will be used. The canonical format for the zone index is the numerical format Defines the nexthop IP address. The matched unicast packet is sent to the identified gateway.
Page 712: Managing Classes Of Service
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 797: Trigger Action Form 1. Perform Button Click Perform. Section 5.32 Managing Classes of Service Classes of Service (CoS) provides the ability to expediate the transmission of certain frames and port traffic over others.
Page 713: Configuring Classes Of Service
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Forwarding Phase Once the CoS of the frame is determined, the frame is forwarded to the egress port, where it is collected into one of the priority queues according to the assigned CoS. CoS weighting selects the degree of preferential treatment that is attached to different priority queues.
Page 714: Managing Priority To Cos Maps
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.32.2 Managing Priority to CoS Maps Assigning CoS to different IEEE 802.1p priority values in the frame is done by defining priority-to-CoS mapping table entries. The following sections describe how to configure and manage priority-to-CoS mapping: •...
Page 715 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 800: Key Settings Form 1. Priority Box 2. Add Button Configure the following parameter(s) as required: Parameter Description Priority The value of the IEEE 802.1p priority. Click Add to add the priority. The Priority to CoS Mapping form appears. Figure 801: Priority to CoS Mapping Form 1.
Page 716: Deleting A Priority
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.32.2.3 Deleting a Priority To delete a priority, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch » class-of-service » priority-to-cos. The Priority to CoS Mapping table appears. Figure 802: Priority to CoS Mapping Table 1.
Page 717: Adding A Dscp
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 803: DSCP to CoS Mapping Table If no DSCPs have been configured, add DSCPs as needed. For more information, refer to Section 5.32.3.2, “Adding a DSCP”. Section 5.32.3.2 Adding a DSCP To add a DSCP, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 718: Deleting A Dscp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 805: DSCP to CoS Mapping Form 1. CoS List Configure the following parameter(s) as required: Parameter Description Synopsis: normal, medium, high, crit Default: normal The Class of Service (CoS) assigned to the received frames with the specified DSCP. Configure the CoS parameters on select switched Ethernet ports and/or trunk interfaces as needed.
Page 719: Managing Mac Addresses
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 806: DSCP to CoS Mapping Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen DSCP. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 720: Purging The Dynamic Mac Address List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 807: MAC Address Table This table provides the following information: Parameter Description MAC Address The MAC address learned by the switch. VLAN ID The VLAN identifier of the VLAN upon which the MAC address operates. Synopsis: sm, lm1, lm2, lm3, lm4, lm5, lm6 Slot The slot containing the module including the port.
Page 721: Configuring Mac Address Learning Options
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 808: Trigger Action Form 1. Perform Button Click the Perform button. Once the table is purged, the Success! and Purge MAC Table Results forms appear. Figure 809: Success! Form Figure 810: Purge MAC Table Results Form Section 5.33.3 Configuring MAC Address Learning Options...
Page 722: Managing Static Mac Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 811: MAC Tables 1. MAC Aging Time Box 2. MAC Age on Loss Box Configure the following parameter(s) as required: Parameter Description MAC Aging Time (sec) Default: 300 The time a learned MAC address is held before being aged out. MAC Age on Loss Default: true When link failure (and potentially a topology change) occurs, the switch may have some...
Page 723: Viewing A List Of Static Mac Addresses
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.33.4.1 Viewing a List of Static MAC Addresses To view a list of static MAC addresses configured on the device, navigate to switch » mac-tables » static-mac- table. If static MAC addresses have been configured, the Static MAC Address Parameters table appears. Figure 812: Static MAC Address Parameters Table If no static MAC addresses have been configured, add addreses as needed.
Page 724 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE Letters in MAC addresses must be lowercase. Parameter Description MAC Address A unicast MAC address that is to be statically configured. It can have up to 6 '*' wildcard characters continuously applied from the right.
Page 725: Deleting A Static Mac Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.33.4.3 Deleting a Static MAC Address To delete a static MAC address, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to switch » mac-tables » static-mac-table. The Static MAC Address Parameters table appears. Figure 815: Static MAC Address Parameters Table 1.
Page 726: Rstp Operation
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.34.12, “Clearing Spanning Tree Protocol Statistics” Section 5.34.1 RSTP Operation The 802.1D Spanning Tree Protocol (STP) was developed to enable the construction of robust networks that incorporate redundancy while pruning the active topology of the network to prevent loops. While STP is effective, it requires that frame transfer halt after a link outage until all bridges in the network are guaranteed to be aware of the new topology.
Page 727 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration The discarding state is entered when the port is first put into service. The port does not learn addresses in this state and does not participate in frame transfer. The port looks for RSTP traffic in order to determine its role in the network.
Page 728: Edge Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide convince it to become the Root Port. The port becomes the alternate to the current Root Port and will become the new Root Port should the current Root Port fail. The Alternate Port does not participate in the network. A port is a Backup Port when it receives a better message from the LAN segment it is connected to, originating from another port on the same bridge.
Page 729: Bridge Diameter
• When the age exceeds the value of the maximum age parameter the next bridge to receive the message immediately discards it. To achieve extended ring sizes, Siemens's eRSTP™ uses an age increment of ¼ of a second. The value of the maximum bridge diameter is thus four times the configured maximum age parameter.
Page 730: Rstp Applications
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.34.2 RSTP Applications The following sections describe various applications of RSTP: • Section 5.34.2.1, “RSTP in Structured Wiring Configurations” • Section 5.34.2.2, “RSTP in Ring Backbone Configurations” • Section 5.34.2.3, “RSTP Port Redundancy” Section 5.34.2.1 RSTP in Structured Wiring Configurations RSTP may be used to construct structured wiring systems where connectivity is maintained in the event of link...
Page 731: Rstp In Ring Backbone Configurations
Enable RSTP Fast Root Failover option. This is a proprietary feature of Siemens. In a mesh network with only RUGGEDCOM devices in the core of the network, it is recommended to enable the RSTP Fast Root Failover option to minimize the network downtime in the event of a Root bridge failure.
Page 732 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 818: Example - Ring Backbone Configuration To design a ring backbone configuration with RSTP, do the following: Select the design parameters for the network. What are the requirements for robustness and network fail-over/recovery times? Typically, ring backbones are chosen to provide cost effective but robust network designs.
Page 733: Rstp Port Redundancy
Disable RSTP Fast Root Failover option. This is a proprietary feature of Siemens. In ROX II, the RSTP Fast Root Failover option is enabled by default. It is recommended to disable this feature when operating in a Ring network.
Page 734: Mstp Regions And Interoperability
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide By design, MSTP processing time is proportional to the number of active STP instances. This means MSTP will likely be significantly slower than RSTP. Therefore, for mission critical applications, RSTP should be considered a better network redundancy solution than MSTP.
Page 735: Mstp Bridge And Port Roles
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration CIST The CIST (Common and Internal Spanning Tree) is the union of the CST and the ISTs in all MST regions. The CIST therefore spans the entire bridged network, reaching into each MST region via the latter’s IST to reach every bridge on the network.
Page 736: Benefits Of Mstp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Role Description A Boundary Port connected to an STP bridge will send only STP BPDUs. One connected to an RSTP bridge need not refrain from sending MSTP BPDUs. This is made possible by the fact that the MSTP carries the CIST Regional Root Identifier in the field that RSTP parses as the Designated Bridge Identifier.
Page 737: Fast Root Failover Operation
Such a recovery time is difficult to calculate and can be different (and may be relatively long) for any given mesh topology. This configuration parameter enables Siemens's enhancement to RSTP, which detects a failure of the root switch and performs some extra RSTP processing steps, significantly reducing the network recovery time and making it deterministic.
Page 738 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 820: Spanning Tree Form 1. Enabled Check Box 2. STP Protocol Version List 3. Hello Time Box 4. Max Age Box 5. Transmission Hold Count Box 6. Forwarding Delay Box 7.
Page 739 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 821: eRSTP Form 1. Max Network Diameter Multiplier List 2. BPDU Guard Mode List 3. Fast Root Failover List 4. IEEE802.1w Interoperability 5. Cost Style List Check Box Figure 822: RSTP (Common) Instance Form 1.
Page 740 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Default: rstp The version (either only STP or Rapid STP or Multiple STP) of the Spanning Tree Protocol (STP) to support. Default: 2 Hello Time (sec) The time between configuration messages issued by the root bridge. Shorter hello times result in faster detection of topology changes at the expense of moderate increases in STP traffic.
Page 741: Configuring Stp For Switched Ethernet Ports
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description 'TRUE' or RSTP is disabled, the port will be shut down for the time period specified by this parameter. • NO SHUTDOWN: BPDU Guard is disabled. • UNTIL RESET: The port will remain shut down until the port reset command is issued by the user.
Page 742 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to interface » switch » {interface} » spanning-tree, where {interface} is the name given to the switched Ethernet port. The Spanning Tree form appears. Figure 823: Spanning Tree Form 1.
Page 743: Configuring Stp For Ethernet Trunk Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description detectable loop. The Edgeness of the port will be switched off and the standard RSTP rules will apply (until the next link outage). Admin Point-to-Point Synopsis: forceTrue, forceFalse, auto Default: auto RSTP uses a peer-to-peer protocol that provides for rapid transitioning on point-to-point links.
Page 744 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to interface » trunks » {id} » spanning-tree, where {id} is the ID given to the interface. The Spanning Tree form appears. Figure 824: Spanning Tree Form 1.
Page 745 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Edge ports are ports that do not participate in the Spanning Tree, but still send configuration messages. Edge ports transition directly to frame forwarding without any listening and learning delays. The MAC tables of Edge ports do not need to be flushed when topology changes occur in the STP network.
Page 746: Managing Multiple Spanning Tree Instances
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.34.8 Managing Multiple Spanning Tree Instances MSTP (Multiple Spanning Tree Protocol), as defined by the IEEE 802.1 standard, is used to map multiple VLANs to a single Spanning Tree instance, otherwise referred to as a Multiple Spanning Tree Instance (MSTI). Each MSTI is assigned an MST ID and a bridge priority: •...
Page 747: Viewing A List Of Multiple Spanning Tree Instances
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description status Synopsis: none, designatedBridge, notDesignatedForAnyLAN, rootBridge The spanning tree status of the bridge. The status may be root or designated. This field may show text saying 'not designated for any LAN' if the bridge is not the designated bridge for any of its ports.
Page 748 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to switch » spanning-tree » mstp-instance and click in the menu. The Key Settings form appears. Figure 827: Key Settings Form 1.
Page 749: Deleting A Multiple Spanning Tree Instance
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Create one or more static VLANs and map them to the MSTI. For more information, refer to Section 5.35.4.2, “Adding a Static VLAN”. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 750: Viewing A List Of Port Costs And Priorities
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.34.9.1 Viewing a List of Port Costs and Priorities To view a list of the port costs and priorities configured for switched Ethernet ports or Ethernet trunk interfaces, navigate to: •...
Page 751 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 831: Key Settings Form 1. MSTP ID List 2. Add Button Configure the following parameter(s) as required: Parameter Description MSTP ID MSTP Instance Identifier Click Add to create the instance. The MSTI Configuration form appears. Figure 832: MSTI Configuration Form 1.
Page 752: Deleting Port Costs And Priorities
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The cost to use in cost calculations, when the cost style parameter is set to STP in the bridge RSTP parameter configuration. Setting the cost manually provides the ability to preferentially select specific ports to carry traffic over others.
Page 753: Viewing The Status Of Rstp
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.34.10 Viewing the Status of RSTP To view the status of the RSTP network, navigate to switch »...
Page 754: Viewing Rstp Per-Port Statistics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Protocol (MSTP), this is an external root path cost, which is the cost of the path from the Internal Spanning Tree (IST) root (i.e. regional root) bridge to the Common Spanning Tree (CST) root (i.e.
Page 755: Clearing Spanning Tree Protocol Statistics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Describes the status of this interface in the spanning tree: • Disabled: Spanning Tree Protocol (STP) is disabled on this port. • Link Down: STP is enabled on this port but the link is down. •...
Page 756: Managing Vlans
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to switch » spanning-tree and click clear-stp-stats in the menu. The Trigger Action form appears. Figure 836: Trigger Action Form 1. Perform Button Click Perform. Section 5.35 Managing VLANs A Virtual Local Area Network (VLAN) is a group of devices on one or more LAN segments that communicate as if they were attached to the same physical LAN segment.
Page 757: Vlan Concepts
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.35.7, “Managing VLANs for Virtual Switches” • Section 5.35.8, “Managing VLAN IDs” Section 5.35.1 VLAN Concepts The following sections describe some of the concepts important to the implementation of VLANs in ROX II: •...
Page 758: Ingress And Egress Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The switch can 'pass through' traffic, forwarding frames received on one trunk port out of another trunk port. The trunk ports must be members of all VLANs that the 'pass through' traffic is part of, even if none of those VLANs are used on edge ports.
Page 759: Forbidden Ports List
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.35.1.5 Forbidden Ports List Each VLAN can be configured to exclude ports from membership in the VLAN using the forbidden ports list. For more about configuring a list of forbidden ports, refer to Section 5.35.5, “Managing Forbidden Ports”.
Page 760 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 837: Using GVRP 1. Switch 2. End Node • Switch B is the core switch, all others are edge switches • Ports A1, B1 to B4, C1, D1, D2 and E1 are GVRP aware •...
Page 761: Pvlan Edge
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.35.1.8 PVLAN Edge Protected VLAN (PVLAN) Edge refers to a feature of the switch that isolates multiple VLAN Edge ports from each other on a single device. All VLAN Edge ports in a switch that are configured as protected in this way are prohibited from sending frames to one another, but are still permitted to send frames to other, non-protected ports within the same VLAN.
Page 762: Administrative Convenience
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 838: Multiple Overlapping VLANs 1. VLAN 2. Switch Administrative Convenience VLANs enable equipement moves to be handled by software reconfiguration instead of by physical cable management. When a host's physical location is changed, its connection point is often changed as well. With VLANs, the host's VLAN membership and priority are simply copied to the new port.
Page 763: Configuring Vlans For Switch Ethernet Ports
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration 199.85.245.1/25 199.85.245.128/26 199.85.245.192/26 Figure 839: Inter-VLAN Communications 1. Server, Router or Layer 3 Switch 2. Switch 3. VLAN 2 4. VLAN 3 5. VLAN 4 Section 5.35.2 Configuring VLANs for Switch Ethernet Ports When a VLAN ID is assigned to a switched Ethernet port, the VLAN appears in the All-VLANs Table where it can be further configured.
Page 764: Configuring The Internal Vlan Range
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Configure the following parameter(s) as required: Parameter Description IP Address Source Synopsis: static, dynamic Whether the IP address is static or dynamically assigned via Dynamic Host Configuration Protocol (DHCP) or Bootstrap Protocol (BOOTP). The DYNAMIC option is a common case of a dynamically assigned IP address.
Page 765: Managing Static Vlans
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration To configure the internal VLAN range, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to admin » switch-config. The Internal VLAN Range form appears. Figure 841: Internal VLAN Range Form 1.
Page 766: Viewing A List Of Static Vlans
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide • Section 5.35.4.3, “Deleting a Static VLAN” Section 5.35.4.1 Viewing a List of Static VLANs To view a list of static VLANs, navigate to switch » vlans » static-vlan. If static VLANs have been configured, the Static VLANs table appears.
Page 767: Deleting A Static Vlan
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description VLAN ID ;;The VLAN identifier is used to identify the VLAN in tagged Ethernet frames according to IEEE 802.1Q. Click Add to create the new static VLAN. The Static VLAN Table form appears. Figure 844: Static VLAN Table Form 1.
Page 768: Managing Forbidden Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to switch » vlans » static-vlan. The Static VLANs table appears. Figure 845: Static VLANs Table 1. Add Button 2. Edit Button 3.
Page 769: Adding A Forbidden Port
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration If no ports have been forbidden, add forbidden ports as needed. For more information, refer to Section 5.35.5.2, “Adding a Forbidden Port”. Section 5.35.5.2 Adding a Forbidden Port To add a forbidden port, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 770: Managing Vlans For Hdlc-Eth Connections
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 848: Forbidden Ports Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen port. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 771: Adding An Hdlc-Eth Vlan
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 849: Ethernet Over HDLC VLAN Settings Table If no VLANs have been configured, add VLANs as needed. For more information, refer to Section 5.35.6.2, “Adding an HDLC-ETH VLAN”. Section 5.35.6.2 Adding an HDLC-ETH VLAN To add a VLAN to an HDLC-ETH connection, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 772: Deleting An Hdlc-Eth Vlan
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 851: Ethernet Over HDLC VLAN Settings Form 1. On Demand Check Box 2. MTU Box 3. IP Address Source List Configure the following parameter(s) as required: Parameter Description On Demand This interface is up or down on demand of link fail over.
Page 773: Managing Vlans For Virtual Switches
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 852: Ethernet Over HDLC VLAN Settings Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen VLAN. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 774: Adding A Virtual Switch Vlan
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.35.7.2 Adding a Virtual Switch VLAN To add virtual switch VLAN, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to interface » virtualswitch » {id} » vlan, where {id} is the ID assigned to the virtual switch. Click .
Page 775: Deleting A Virtual Switch Vlan
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.35.7.3 Deleting a Virtual Switch VLAN To delete a virtual switch VLAN, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 776: Viewing A List Of Vlan Ids For Routable Ethernet Ports And Virtual Switches
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.35.8.1 Viewing a List of VLAN IDs for Routable Ethernet Ports and Virtual Switches To view a list of VLAN IDs (VIDs) configured for either a routable Ethernet port or virtual switch, navigate to interface »...
Page 777 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 859: Key Settings Form 1. VLAN ID Box 2. Add Button Configure the following parameter(s) as required: Parameter Description VLAN ID The VLAN ID for this routable logical interface. Click Add to create the new VLAN ID.
Page 778: Adding A Vlan Id To A T1/E1 Line
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Exit Transaction or continue making changes. Section 5.35.8.4 Adding a VLAN ID to a T1/E1 Line To add a VLAN ID (VID) to a T1/E1 line, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 779: Deleting A Vlan Id For A Routable Ethernet Port Or Virtual Switch
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 862: Ethernet Over HDLC VLAN Settings Form 1. On-Demand Check Box 2. MTU Box 3. IP Address Source List Configure the following parameter(s) as required: Parameter Description On Demand This interface is up or down on demand of link fail over.
Page 780: Deleting A Vlan Id For A T1/E1 Line
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 863: VLANs Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen VLAN ID. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 781: Managing Network Discovery And Lldp
TTL TLV containing 0 in its information field. CAUTION! Security hazard – risk of unauthorized access and/or exploitation. LLDP is not secure by definition. Avoid enabling LLDP on devices connected to external networks. Siemens recommends using LLDP only in secure environments operating within a security perimeter. NOTE LLDP is implemented to keep a record of only one device per Ethernet port.
Page 782 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 865: LLDP Form 1. Enabled Check Box 2. Transmission Interval Box 3. Transmission Hold Box 4. Reinitialization Delay Box 5. Transmission Delay Box 6. Notification Interval Box Configure the following parameter(s) as required: Parameter Description Default: true...
Page 783: Viewing Global Statistics And Advertised System Information
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Transmission Delay (sec) Default: 2 The delay in seconds between successive LLDP frame transmissions initiated by the value or status changed. The recommended value is set by the following formula: 1 is less than or equal to txDelay less than or equal to (0.25 * Tx Interval) Notification Interval (sec) Default: 5...
Page 784 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 867: LLDP Local System Form 1. Local Chassis Subtype 2. Local Chassis ID 3. Local Chassis Name 4. Local Chassis Description 5. Local System Capabilities 6. Local System Capabilities Enabled The LLDP Global Statistics form displays the following information: Parameter Description...
Page 785: Viewing Statistics For Lldp Neighbors
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration The LLDP Local System form displays the following information: Parameter Description Local Chassis Subtype Synopsis: chassisComponent, interfaceAlias, portComponent, macAddress, networkAddress, interfaceName, local local-chassis-subtype Local Chassis ID local-chassis-id Local Chassis Name local-system-name Local Chassis Description local-system-desc...
Page 786: Viewing Statistics For Lldp Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Chassis ID The Chassis ID information received from a remote Link Layer Discovery Protocol (LLDP) agent. Port ID The port ID (MAC) information received from a remote Link Layer Discovery Protocol (LLDP) agent.
Page 787: Managing Traffic Control
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 869: LLDP Port Statistics Form This table displays the following information: Parameter Description Synopsis: pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, cm, em, trnk slot The slot of the module that contains this port. Port The port number as seen on the front plate silkscreen of the module.
Page 788: Enabling And Configuring Traffic Control
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide NOTE For more information about firewalls, refer to Section 5.17, “Managing Firewalls”. ROX II allows up to 4 different firewall configurations, enabling users to quickly change between configurations. Users can quickly assess different configurations without needing to save and reload any part of the configuration.
Page 789 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Packets are assigned to classes on the outbound interface based on either a mark assigned to the packet, or the Type of Service (ToS) field in the IP header. If the ToS field matches a defined class, the packet is allocated to that class.
Page 790: Managing Traffic Control Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Add traffic control rules. For more information, refer to Section 5.37.6.2, “Adding a Traffic Control Rule”. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 791 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Navigate to qos » traffic-control » basic-configuration » tcinterfaces, and click . The Key Settings form appears. Figure 872: Key Settings Form 1. Interface Box 2. Add Button Configure the following parameter(s) as required: Parameter Description interface...
Page 792: Deleting A Traffic Control Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Type Synopsis: internal, external, none Default: none (optional) 'external' (facing toward the Internet) or 'internal' (facing toward a local network). 'external' causes the traffic generated by each unique source IP address to be treated as a single flow.
Page 793: Managing Traffic Control Priorities
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 874: Basic Traffic Control Interfaces Table 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen traffic control interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 794: Adding A Traffic Control Priority
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide If no priorities have been configured, add priorities as needed. For more information, refer to Section 5.37.3.2, “Adding a Traffic Control Priority”. Section 5.37.3.2 Adding a Traffic Control Priority To add a new traffic control priority, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 795 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 877: Basic Traffic Control Priorities Form 1. Band List 2. Protocol Box 3. Port Box 4. Address Box 5. Interface Box 6. Description Box Configure the following parameter(s) as required: Parameter Description band...
Page 796: Deleting A Traffic Control Priority
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Prerequisite: An interface can be specified only if neither a protocol, port nor an address are specified. description (optional) A description for this configuration. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 797: Viewing A List Of Traffic Control Classes
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration NOTE One traffic control class must be added for each network interface. NOTE Type of Service (ToS) is defined by the Internet Engineering Task Force (IETF). For more information about ToS, refer to RFC 1349 [http://tools.ietf.org/html/rfc1349].
Page 798 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 880: Key Settings Form 1. Name Box 2. Add Button Configure the following parameter(s) as required: Parameter Description name The name for this TC class entry. Click Add to create the new class. The Class Options and Advanced Traffic Control Classes forms appear.
Page 799 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 881: Class Options Form 1. ToS Minimize Delay Check Box 2. ToS Maximize Throughput Check Box 3. ToS Maximize Reliability Check Box 4. ToS Minimize Cost Check Box 5. ToS Normal Service Check Box 6.
Page 800 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 882: Advanced Traffic Control Classes Form 1. Interface Box 2. Mark Box 3. Minimum Bandwidth Box 4. Minimum Bandwidth Unit list 5. Maximum Bandwidth Box 6. Maximum Bandwidth Unit List 7.
Page 801 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Value/mask encoding: 0x00/0x1e Default: false default One default class per interface must be defined. TCP ACK Default: false All TCP ACK packets into this class. This option should be specified only once per interface.
Page 802: Deleting A Traffic Control Class
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description description A description for this configuration item. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes.
Page 803: Viewing A List Of Traffic Control Devices
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.37.5.3, “Deleting a Traffic Control Device” Section 5.37.5.1 Viewing a List of Traffic Control Devices To view a list of traffic control devices, navigate to qos » traffic-control » advanced-configuration » tcdevices. If devices have been configured, the Advanced Traffic Control Interfaces table appears.
Page 804 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Click Add to create the new traffic control device. The Advanced Traffic Control Interfaces form appears. Figure 886: Advanced Traffic Control Interfaces Form 1. In Band Width Box 2. In Unit List 3.
Page 805: Deleting A Traffic Control Device
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.37.5.3 Deleting a Traffic Control Device To delete a traffic control device, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to qos » traffic-control » advanced-configuration » tcdevices. The Advanced Traffic Control Interfaces table appears.
Page 806: Viewing A List Of Traffic Control Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.37.6.1 Viewing a List of Traffic Control Rules To view a list of traffic control rules, navigate to qos » traffic-control » advanced-configuration » tcrules. If rules have been configured, the Advanced Traffic Control Rules table appears. Figure 888: Advanced Traffic Control Rules Table If no rules have been configured, add rules as needed.
Page 807 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 890: Advanced Traffic Control Rules Form 1. Source Box 2. Destination Box 3. Protocol Box 4. Destination Ports Box 5. Source Ports Box 6. Test Box 7. Length 8. TOS Box 9.
Page 808: Configuring Qos Marking
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Source Ports (Optional) A comma- separated list of port names, port numbers or port ranges. test (Optional) Defines a test on the existing packet or connection mark. The default is a packet mark. For testing a connection mark, add ':C' at the end of the test value.
Page 809 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Configuring a Set Mark Change the mode to Edit Private or Edit Exclusive. Navigate to qos » traffic-control » advanced-configuration » tcrules » {name} » mark-choice, where {name} is the name of the traffic control rule. In the menu, click set.
Page 810 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Sets the mark on either a packet or a connection. mark A mark that corresponds to a class mark (decimal value). mask (optional) A mask to determine which mark bits will be set. Synopsis: forward, postrouting, prerouting chain-options Default: forward...
Page 811 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 893: Mark Choice Save Form 1. Value Mask Box 2. Operation Chain List Configure the following parameter(s) as required: Parameter Description value-mask Mask to process the mark with op-chain Synopsis: forward, prerouting Default: forward A chain in which the operation will take place.
Page 812 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Configuring a Continue Mark In the menu, click continue. The Mark Choice Continue form appears. Figure 895: Mark Choice Continue Form 1. Continue Chain List Configure the following parameter(s) as required: Parameter Description continue-chain...
Page 813: Deleting Atraffic Control Rule
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed. Click Exit Transaction or continue making changes. Section 5.37.6.4 Deleting aTraffic Control Rule To delete a traffic control rule, do the following: Change the mode to Edit Private or Edit Exclusive.
Page 814: Viewing A List Of Qos Maps
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide The following sections describe how to configure and manage QoS maps for VLAN connections: • Section 5.37.7.1, “Viewing a List of QoS Maps” • Section 5.37.7.2, “Adding a QoS Map” •...
Page 815: Deleting A Qos Map
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 899: Key Settings Form 1. VLAN QoS Box 2. Add Button Configure the following parameter(s) as required: Parameter Description VLAN QoS VLAN QoS, which is the priority in the VLAN header. Click Add to create the new QoS Map.
Page 816: Managing Egress Markers For Qos Maps
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Change the mode to Edit Private or Edit Exclusive. Navigate to interface » {interface} » {interface-name} » vlan » {id}, where: • {interface} is the type of interface (either eth or virtualswitch) •...
Page 817: Adding An Egress Mark
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • {id} is the ID given to the VLAN • {priority} is the priority assigned to the QoS map If egress marks have been configured, the Egress Marks Settings table appears. Figure 902: Egress Marks Settings Table If no egress marks have been configured, add egress marks as needed.
Page 818: Deleting An Egress Mark
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Egress Mark The mark value. Click Add to create the new egress mark. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 819: Viewing Qos Statistics
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.37.9 Viewing QoS Statistics ROX II provides statistics for traffic going through each class that has been configured. Packets are assigned to classes on the outbound interface based on rules. If a packet matches the specified criteria, it is considered to be a member of the class and is forwarded to that class.
Page 820: Managing Ip Addresses For Routable Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.38 Managing IP Addresses for Routable Interfaces The following sections describe how to configure and manage IP addresses for routable interfaces: • Section 5.38.1, “Configuring Costing for Routable Interfaces” •...
Page 821: Viewing Statistics For Routable Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.38.2 Viewing Statistics for Routable Interfaces To view basic statistics for all routable interfaces, navigate to interfaces » ip. The Routeable Interface Statistics form appears. Figure 907: Routeable Interface Statistics Form 1.
Page 822 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 909: Routeable Interface Statistics Form 1. Admin State List 2. Link State List 3. Point-to-Point Check Box Figure 910: Receive Statistics Form 1. Bytes 2. Packets 3. Errors 4. Dropped Viewing Statistics for Routable Interfaces...
Page 823 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 911: Transmit Statistics Form 1. Bytes 2. Packets 3. Errors 4. Dropped 5. Collisions These forms display the following information: Parameter Description Name The name of the interface. Admin State Synopsis: up, down, testing, unknown, dormant, notPresent, lowerLayerDown The port's administrative status.
Page 824: Managing Ipv4 Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.38.3 Managing IPv4 Addresses The following sections describe how to configure and manage IPv4 addresses: • Section 5.38.3.1, “Viewing a List of IPv4 Addresses” • Section 5.38.3.2, “Adding an IPv4 Address” •...
Page 825: Deleting An Ipv4 Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 913: Key Settings Form 1. Address Box 2. Add Button Configure the following parameter(s) as required: Parameter Description IP Address The IPv4/Prefix (xxx.xxx.xxx.xxx/xx). Click Add to create the new address. The Addresses form appears. Figure 914: Addresses Form 1.
Page 826: Configuring Ipv6 Neighbor Discovery
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Navigate to ip » {interface} » ipv4, where {interface} is the name of the routable interface. The Addresses table appears. Figure 915: Addresses Table 1. Add Button 2. Edit Button 3.
Page 827 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Neighbor Advertisement Messages (ICMPv6 type 136) This message is sent by hosts to indicate the existence of the host and it provides information about its own link-layer address. • Redirect Messages (ICMPv6 type 137) This message is sent by a router to inform a host about a better router to reach a particular destination address.
Page 828 Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 917: Neighbor Discovery Form 1. Enable Route Advertisement Check Box 2. Set Advertisement Interval Option Check Box 3. Set Home Agent Configuration Flag Check Box 4. Home Agent Lifetime Box 5.
Page 829: Managing Ipv6 Network Prefixes
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration On the Neighbor Discovery form, configure the following parameter(s) as required: Parameter Description Enable Route Advertisement Enable to send router advertisement messages. Set Advertisement Interval Option Includes an Advertisement Interval option which indicates to hosts the maximum time in milliseconds, between successive unsolicited router advertisements.
Page 830: Adding An Ipv6 Network Prefix
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.38.5.1 Adding an IPv6 Network Prefix To add a network prefix to the neightbor discovery configuration for an IPv6 address, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to ip »...
Page 831 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 920: Prefix Form 1. Off Link Check Box 2. No Autoconfig Check Box 3. Set Router Address Flag Check Box On the Lifetime form, configure the following parameter(s) as required: Parameter Description Valid Lifetime...
Page 832: Deleting An Ipv6 Network Prefix
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.38.5.2 Deleting an IPv6 Network Prefix To delete a network prefix to the neightbor discovery configuration for an IPv6 address, do the following: Change the mode to Edit Private or Edit Exclusive. Navigate to ip »...
Page 833: Deleting An Ipv6 Address
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Change the mode to Edit Private or Edit Exclusive. Navigate to ip » {interface} » ipv6 » adress, where {interface} is the name of the routable interface. Click . The Key Settings form appears. Figure 922: Key Settings Form 1.
Page 834: Viewing The Status Of Ip Binding
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide MPLS traffic flows are connection-oriented, as it operates on a pre-configured LSPs (Label Switch Paths) that is built based on the dynamic Label Distribution Protocol (LDP) or through static label bindings. The following sections describe how to configure and manage MPLS: •...
Page 835: Viewing The Status Of The Forwarding Table
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.39.2 Viewing the Status of the Forwarding Table To view the status of the forwarding table on the device, navigate to mpls » status » forwarding-table, the MPLS Forwarding Table appears. Figure 924: MPLS Forwarding Table This table provides the following information: Parameter...
Page 836: Managing The Mpls Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Figure 925: Multiprotocol Label Switching (MPLS) Configuration Form 1. Enabled Check Box Configure the following parameter(s) as required: Parameter Description Enable MPLS Default: false A boolean flag to indicate that MPLS forwarding of IP packets is enabled. Click Commit to save the changes or click Revert All to abort.
Page 837: Viewing A List Of Mpls Interfaces
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description MPLS Interfaces The interface that has been enabled for MPLS. Status The operational status. If no MPLS interface has been enabled, enable interfaces as needed. For more information about enabling MPLS interfaces, refer to Section 5.39.4.3, “Enabling/Disabling an MPLS Interface”.
Page 838: Managing Static Label Binding
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Enabled Default: false A boolean flag to indicate Multiprotocol Label Switching (MPLS) forwarding of IP packets is enabled on this interface. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 839: Viewing A List Of Static Labels
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Section 5.39.5.2 Viewing a List of Static Labels To view a list of static labels, navigate to mpls » static-mpls » binding » {protocol}, where {protocol} is either ipv4 or ipv6. If static labels have been configured, the Static MPLS Bindings for IPv4 Addresses or Static MPLS Bindings for IPv6 Addresses table appears.
Page 840: Deleting A Static Label
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Prerequisite: LDP must be disabled before declaring MPLS label bindings. Click Add to apply the static label to the destination address. The Static MPLS Bindings for IPv4 Addresses or Static MPLS Bindings for IPv6 Addresses form appears. Figure 932: Static MPLS Bindings for IPv4 Addresses Form (Example) 1.
Page 841: Managing Static Cross-Connects
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 933: Static MPLS Bindings for IPv4 Addresses Table (Example) 1. Add Button 2. Edit Button 3. Delete Button Click Delete next to the chosen static label. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 842: Viewing A List Of Static Cross-Connects
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Local Label The incoming (local) label. Outgoing Label The outgoing (remote) label. Outgoing Interface The outgoing interface. Next Hop The destination next hop router. If no static cross-connects have been configured, add cross-connects as needed. For more information about adding static cross-connects, refer to Section 5.39.6.3, “Adding a Static Cross-Connect”.
Page 843 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Figure 936: Key Settings Form 1. Label Box 2. Add Button Configure the following parameter(s) as required: Parameter Description label The incoming label. Click Add to add the cross-connect label. The Static MPLS Cross-Connects form appears. Figure 937: Static MPLS Cross-Connects Form 1.
Page 844: Deleting A Static Cross-Connect
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description The outgoing label: 'explicit-null', 'implicit-null' or integer 16 -> 1048575. Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK to proceed.
Page 845: Viewing The Status Of Ldp Binding
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration • Section 5.39.7.1, “Viewing the Status of LDP Binding” • Section 5.39.7.2, “Viewing the Status of the LDP Discovery Interfaces” • Section 5.39.7.3, “Viewing the Status of the LDP Neighbor Local Node Information” •...
Page 846: Viewing The Status Of The Ldp Discovery Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.39.7.2 Viewing the Status of the LDP Discovery Interfaces To view the status of the LDP discovery interfaces on the device, navigate to mpls » ldp » status » discovery » interfaces.
Page 847: Viewing The Status Of The Ldp Neighbor Connection Information
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description Keepalive Interval The keepalive interval of the LDP neighbor local node. Section 5.39.7.4 Viewing the Status of the LDP Neighbor Connection Information To view the status of the LDP neighbor connection on the device, navigate to mpls » ldp » status » neighbor » connection-information.
Page 848: Configuring Ldp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Parameter Description Peer ID The peer ID of the LDP neighbor discovery. Peer IP The peer ID of the LDP neighbor discovery. Interface The local IP address of the LDP neighbor discovery. Local IP LDP neighbor discovery state.
Page 849: Configuring Neighbor Discovery
RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration NOTE MPLS must be enabled and MPLS label bindings must be removed before enabling LDP. Refer to Section 5.39.3, “Enabling/Disabling MPLS Routing” Section 5.39.5.4, “Deleting a Static Label” for further information. Click Commit to save the changes or click Revert All to abort.
Page 850: Viewing A List Of Ldp Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration User Guide Section 5.39.7.8 Viewing a List of LDP Interfaces To view a list of LDP interfaces, navigate to mpls » ldp » interface-ldp. If IP interfaces have been configured, the LDP Interface List Configuration table appears. Figure 946: LDP Interface List Configuration Table For more information about enabling LDP interfaces, refer to Section 5.39.7.9, “Enabling/Disabling an LDP...
Page 851 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Parameter Description IP Address Synopsis: The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version., The transport IP address (IPv4 or IPv6 format). If not provided, interface is used as the transport address.
Page 852 RUGGEDCOM ROX II Chapter 5 User Guide Setup and Configuration Enabling/Disabling an LDP Interface...
Page 853: Troubleshooting
Do not transfer file-based feature keys between devices. Contact a Siemens Canada Ltd. sales representative to order a feature key matching the serial numbers of the hardware in the destination device.
Page 854: Multicast Filtering
Chapter 6 RUGGEDCOM ROX II Troubleshooting User Guide Problem Solution two milliseconds to the next switch. If the link used is of high quality, then no pings should be lost and the average round trip time should be small. Links are inaccessible, even when using Make sure LFI is not enabled on the peer as well.
Page 855: Spanning Tree
RUGGEDCOM ROX II Chapter 6 User Guide Troubleshooting Section 6.4 Spanning Tree The following describes common problems related to the Spanning Tree Protocol (STP). Problem Solution The network locks up when a new port is Is it possible that one of the switches in the network or one of the ports on a switch in the connected and the port status LEDs are network has STP disabled and accidentally connects to another switch? If this has occurred, flashing rapidly.
Page 856: Vlans
Chapter 6 RUGGEDCOM ROX II Troubleshooting User Guide Problem Solution The network becomes unstable when a RSTP sends its configuration messages using the highest possible priority level. If CoS specific application is started. The network is configured to allow traffic flows at the highest priority level and these traffic flows burst returns to normal when the application is continuously to 100% of the line bandwidth, STP may be disrupted.

This manual is also suitable for:

Rx1501 Rx1510 Rx1511 Rx1512

Siemens RX1500 User Manual

Chapter 1 Introduction

Chapter 2 Using ROX II

Chapter 3 Device Management

Chapter 4 System Administration

Chapter 5 Setup and Configuration

Quick Links

Related Manuals for Siemens RX1500

Summary of Contents for Siemens RX1500