Configuration

https//www.racom.eu/eng/products/m/ray2/config.html

Print version

5. Configuration

5.1. Introduction

Controls

The following configuration buttons are used for configuration:

ApplyApply and save parameters.
CancelSet parameters are overwritten with original values.
RefreshReload all current values of the unit / both units.
Show defaultsShow values of individual parameters as they are stored in backup configuration (in the buffer). To use any of these values, you must use the “Apply” button.
Show backupClicking the button displays the values of individual parameters downloaded from the backup file (Backup/Settings/Open file upload). To use any of these values, you must use the “Apply” button. For loading the backup configuration see menu Tools/Maintenance/Backup.
StartActivating automatic refresh fields marked by icon using the Start button with the frequency cca 1 sec.
StopUse the “Stop” button to stop automatic refresh of displayed information with 1sec period. Date and time values are refreshed anyway.
Info Refresh

Fig. 5.1: Info Refresh


Help

The microwave link configuration system is equipped with built in Help – see Help section. The Help is accessible in two forms:

  • Configuration parameter context help. The help text is displayed in the pop up window after clicking the parameter name.

  • The whole user interface help. The help text is displayed within the configuration screen after clicking the Help menu.

Secure login

You can login into the configuration interface using either the insecure http protocol (default login screen), or the secure https protocol. You should select the connection method on the login screen. If the https protocol is used, it is not possible to tap the network communication and acquire the station’s login information.

Login

Fig. 5.2: Login


Rollback function

If you interrupt the connection on an operating link by entering inappropriate radio link parameters, the original parameters will be restored after 1 minute. The connection is automatically restored.

5.2. Status bar

Status bar 1

Fig. 5.3: Status bar 1


The Status bar is located on the upper part of the screen below the title bar. It consists of 3 fields:

  • Local unit status (unit assigned to the IP address entered in the browser or CLI)

  • Local to Peer Link status.

  • Peer unit status.

Local and Peer field displays:

  • Station name according to configuration.

  • Actual time valid for respective unit.

  • Warning or Alarm icon in case of warning or alarm.

Link field display:

  • Status of the link between both sides of the microwave link.

  • Warning icon when the link is not capable of user data transfer.

The Link status can be one of the following values:

 UNKNOWNUnit start up. The initialization is not yet finished.
 SETUPUnit initialization according to valid configuration.
 SINGLEUnit in operation status. Link to peer unit is not established.
 CONNECTINGConnection to peer unit in progress.
 AUTHORIZINGAuthorization of the peer unit in progress.
 OKLink is connected. Peer unit is authorized.
 ANALYZERSpectrum analyzer mode active. User data are not transferred.

All link states except for the state of OK are highlighted with a triangle.:

Status bar 2

Fig. 5.4: Status bar 2


Example of a complete page – status bar, menu and control buttons:

Page example

Fig. 5.5: Page example


5.3. Status

Menu Status

Fig. 5.6: Menu Status


The “Status” menu provides basic information about local and remote station. Informations is valid the moment the page is open, or the Refresh button is hit.
The Status/Brief tab shows only the most important values whereas the Status/Detailed tab provides further details. Below is a list of all values according to the tab Status/Detailed .
The icon marks fields which are automatically updated with 30 sec period (or 1 sec when the “Start” button is active).

5.3.1. Status – General

LED indicators
Unit status indication
 A – AIRGreen
Red
– Radio link OK
– Radio link interrupted
 S – SYSGreen– System OK
 E – ETHGreen
Orange
– ETH1 port – Link 10/100/1000
– ETH2 port – Link 1000
Product codeUnit product code – is the same as the Ordering code.
Serial no.Unit serial number.
Station nameStation name can be modified to reflect the unit location in the network topology.
Station locationStation location can be used to reflect the network topology hierarchy.
Radio approval versionSoftware defined radio version.
Firmware versionUnit’s firmware version.
Date, TimeThe internal real-time clock. The clock is set manually or it is synchronized with NTP server and set for both units.
Inside temperature [°C]Temperature inside the unit (on the modem board).
Voltage [V]Unit’s power supply voltage level.
Power supplyThe power supply input the unit is powered from.
PoE – unit is powered via Ethernet cable plugged into port “ETH1+POE”.
AUX – unit is powered via DC cable plugged into port “P”.

5.3.2. Status – Radio

Radio typeRadio unit type: L (Lower) or U (Upper) part of the frequency band.
PolarizationHorizontal or vertical polarization based on the physical installation. Indicates the polarization of the received signal. Local and Peer are indicated separately. The proper position of the cable is sideways down.
Notice for RAy2-17 and RAy2-24 links: One side of the link must be installed in vertical polarization and the other in horizontal polarization.
Frequency tableDisplays the currently used frequency table in format <name:version>.
Net bitrate [Mbps]Current transfer capacity of radio channel for user data.
Max. net bitrate [Mbps]The maximum RF channel capacity according to installed feature key.
Bandwidth [MHz]One of the standard channel widths can be selected. This parameter must be set identically in local and remote.
TX and RX channel [GHz]Used channels. Both number of the channel and frequency in GHz are listed.
TX modulationModulation type currently used for transmitting. When adaptive modulation is enabled, the ACM letters are displayed as well as information about maximum permitted modulation: “current modulation ACM / maximum modulation”
TX power [dBm]Current output power on the RF channel in dBm. If ATPC is enabled, the ATPC letters are displayed as well as information about maximum permitted power: “current power ATPC / maximum power”
RSS [dBm]Received signal strength. If ATPC is enabled, the ATPC letters are displayed as well as information about threshold value for activation of power control loop: “current RSS ATPC / threshold RSS”
SNR [dB]Signal to Noise Ratio. If ATPC is enabled, the ATPC letters are displayed as well as information about threshold value for activation of power control loop: “current SNR ATPC / threshold SNR”
BER [-]Bit Error Rate is registered at the receiving end; instantaneous value.
Link uptimeTime elapsed since the current link connection has been established.

5.3.3. Status – Switch interface

Egress rate limit Air
Status of the Egress rate limiter on the Air interface. The traffic can be limited according to bits per second or frames per second.
Message format for bits per second: “xx.xx Mbps Ly auto” where:
 xx.xx MbpsEgress speed limit.
 LyL1/L2/L3 which Ethernet layer is used for speed calculation.
 autogives information about active Speed guard function.
Message format for frames per second: “xx.xx fps” where:
 xx.xx fpsEgress frames per second limit.
Link mode Eth1, 2Status of ethernet interface. Current bit rate (10 = 10BASE-T, 100 = 100BASE-TX and 1000 = 1000BASE-T) and state of duplex (FD = full duplex, HD = half duplex).

5.3.4. Status – Service access

MAC addressHW address of the Ethernet module.
IPv4 addressIP address in the standard dotted decimal notation, including the bit width of netmask after the forward slash.
Management VLANService access via VLAN management only.
ServicesServices enabled for unit management and monitoring (Web, Telnet, SSH, SNMP, NTP).

5.3.5. Status – Radio link statistics

Information on statistical data:
Statistics ClearedTime of log clearing.
Statistics PeriodPeriod of log refresh.
Radio link statistics:
Overall Link UptimeOverall time the link has been connected.
Overall Link DowntimeOverall time the link has been disconnected.
Reliability [%]The ratio of “Uptime” and “Downtime”.
Current Link UptimeCurrent time the link has been connected.
The Longest DropThe longest downtime period recorded.
The Last DropLength of the last link interruption.
Number of DropsNumber of link interruptions.

5.4. Link settings

5.4.1. General

Setup of general parameters of the link.

Menu Link settings / General

Fig. 5.7: Menu Link settings / General


Unit codeUnit type indicator.
Serial no.Unit serial number.
IPv4 addressIP address in the standard dotted decimal notation, including the bit width of netmask after the forward slash.
Station nameStation name can be modified to reflect the unit location in the network topology.
Station locationStation location can be used to reflect the network topology hierarchy.
Date, TimeThe internal real-time clock. The clock is set manually or it is synchronized with NTP server and set for both units.
Time sourceTime synchronization source setup. Manual setup or NTP protocol use. For easier diagnostics of link operation, it is recommended to use the NTP time synchronization.
Adjust timeManual time setup. Use the dialog box to manually set the current date and time. You can copy time from browser (local PC).
     
NTP source IPIP address of the time synchronization server.
NTP periodTime synchronization interval.
Time zoneTime zone
Daylight savingEnable daylight saving time
[Note]Note

When the time zone and/or daylight saving time is changed, the original values set in the RAy unit are kept. The actual change takes place after OS restart in order to prevent unexpected states related with local time change.

5.4.2. Radio

Setup of general parameters of the radio link.

Menu Link settings / Radio

Fig. 5.8: Menu Link settings / Radio


Radio typeRadio unit type: L(ower) or U(pper) part of the frequency band.
PolarizationHorizontal or vertical polarization based on the physical installation. Indicates the polarization of the received signal. Local and Peer are indicated separately. The proper position of the cable is sideways down.
Notice for RAy2-17 and RAy2-24 links: One side of the link must be installed in vertical polarization and the other in horizontal polarization.
Bandwidth [MHz]One of the standard channel widths can be selected. This parameter must be set identically in local and remote.
Frequency inputEnable manual input (if supported). TX and RX frequencies [GHz] are manually entered. It is possible to disconnect the TX-RX lock and select TX and RX channels individually. Corresponding channels at peer unit are set automatically.
TX channel [GHz]TX and RX channels are selected from a list of channels. The basic configuration has the TX and RX options interconnected. In this case the basic duplex spacing between channels is preserved and by selecting one channel, the other three are defined as well. For units operating in free bands, it is possible to disconnect the TX-RX lock and select TX and RX channels individually. Corresponding channels at peer unit are set automatically.
NOTE: Non-standard duplex setting leads to non-effective use of the spectrum.
RX channel [GHz]
Duplex spacing [MHz]Information about duplex spacing of TX and RX channel.
ACMEnable automatic control of modulation.
TX modulationModulation level for TX channel. You can select in range from QPSK (high sensitivity for difficult conditions) to 256QAM (high speed under appropriate conditions). With ACM enabled the modulation will automatically operate from QPSK to the selected modulation.
ATPCEnable automatic control of RF power (see Note below for more details). Its maximum is defined by parameter ‘TX power’ below.
Power is regulated towards lower level while maintaining signal level high enough not to affect current degree of modulation.
ATPC RSS threshold [dBm]The ATPC algorithm controls the output power according to RSS of the peer unit. The lowest allowed RSS (the threshold) is approx. 10 dBm above declared sensitivity for BER 10-6. If necessary, it is possible to use this parameter to move the threshold slightly up or down.
TX power [dBm]RF output power. With ATPC enabled this parameter defines maximum RF power level.
Antenna gain [dBi]Gain of used antenna. It is used to calculate approximate EIRP.
Valid only for RAy2-17 and RAy2-24 links.
EIRP ?= limit [dBm]Approximate calculation of EIRP. Number on the right shows the allowed EIRP limit. Sign between numbers gives information on compliance / noncompliance with allowed EIRP limits. If the EIRP limit field background is RED, the value shown may be used but will exceed the EIRP limit.
This field value will only be shown for certain RAy2-17 and RAy2-24 links and based on the Frequency tables used.
[Note]Note

The principle behind ATPC is to maintain the lowest transmitting power without affecting the throughput of the link. The output is primarily controlled by RSS on the opposite side. ATPC is also used to maintain SNR thus protecting the selected modulation level.
The ATPC Control loop is evaluated once per second.

The principle behind ACM is to maintain the connection between the two units even when degraded propagation conditions are experienced which make it impossible to maintain the selected modulation level. ACM regulates modulation across all ranges from QPSK to TX modulation according to the limits in table ACM switching according to SNR state.
ACM control loop is evaluated with each frame, ie. roughly after tens of microseconds.

In normal operating conditions, ATPC is applied first (even if it is the slower control loop). When deterioration in propagation conditions gradually increases the attenuation on the route, it is compensated by increasing RF power. ACM control will only be applied in conditions when ATPC reaches its ceiling.

5.4.3. Service access

5.4.3.1. Services

Access routes for link configuration.

Menu Link settings / Service access / Services

Fig. 5.9: Menu Link settings / Service access / Services


Service
channel
There are two modes of accessing the internal management system of the microwave link: standard and direct
 standard:
Both units are configured with the separate IP addresses, Netmasks, Gateways and Management VLANs. IP addresses of both units does not have to belong in to the same sub-net. The “Internal VLAN” is required to encapsulate the internal service traffic between both units of the microwave link. There are additional internal service addresses used for this internal service traffic (see “IPv4 address – Local” section for further details).
 direct:
Both units are configured with the separate IP addresses but with the same Netmask, Gateway and the Management VLAN. IP addresses of both units must belong in to the same sub-net. There is no need for “Internal VLAN” to handle the internal service traffic between both units of the microwave link. No additional internal service addresses exist.
NOTE: It is strongly recommended to use “Management VLAN” to encapsulate and prioritize the management traffic when the direct mode is selected. If the “Management VLAN” is not used (while in direct mode), the internal service traffic is NOT prioritized.
IPv4 address
– Local
Service IP address, by default 192.168.169.169 for L unit and 192.168.169.170 for U unit. Four addresses 169.254.173.236/30 are used for internal communication. Must not be used as service IP address. Those four addresses are not used while “Service channel” is set to “direct” mode.
[Note]Note

Unknown IP address
If you forget the Service IPv4 address, it can be found by reading data broadcast through LLDP protocol. Data is transmitted every 60 seconds and contains the following information:

  1. Management address: IP address

  2. System Description: Serial number

  3. Chassis Subtype: Type (e.g. RAY2-17-L)

  4. IEEE 802.1 – Port and Protocol VLAN ID: Port and Protocol VLAN Identifier: (e.g. 300 (0x012C)) but only if Management VLAN is enabled

The message can be recorded and converted into a readable form using an LLDP client. A suitable tool for this purpose is Wireshark IP traffic analyzing tool, with free licenses available for both Windows and Linux. To locate the message easily, use the Capture filter “ether proto 0x88cc” in Wireshark.

IPv4 address
– Peer
Management address of the Peer station. This address has to be set up when the “Service channel” is set to “direct” mode.
NetmaskMask for service access, 24 by default.
GatewayDefault gateway for service access; empty by default.
Management VLANEnables access via VLAN management. Blocks access for https, ssh and telnet configuration via untagged packets (without VLAN) making only VLAN access possible. VLAN management is off by default.
WARNING:
By enabling VLAN management, ALL accesses are blocked for configuration using normal (untagged) LAN! During tests, you may enable VLAN management on one unit only (if the “Service channel = standard”). Then it is possible to access the link via LAN and VLAN either directly or via radio link.
     VIDVLAN management ID, by default 1. This field must have a value entered even when VLAN management is not active.
     ProtocolProtocol 802.1q or 802.1ad
Internal VLANValid only for “Service channel = standard”: The RAy uses one VLAN id for internal service communication between both units.
There are two situations when it might be necessary to change the Internal VLAN id:
– Conflict within user data flow when the same VLAN id is already present within a data flow.
– Conflict with the internal management address of another RAy unit located at the same site and connected in the same LAN segment.
NOTE: The Ethernet frames within this service channel are marked with IEEE 802.1p priority class “7”. Default parameters for QoS and Egress queue control are pre-set to prioritize this service communication channel.
Web serverAllows access via web server (for HTTP and HTTPS protocol).
WARNING: after disabling access via web server, you will not be able to access the unit using a web browser!
CLI (telnet)Enables access via telnet protocol. Provides access to CLI (Command Line Interface) for simple telnet clients. Disabled by default.
CLI (SSH)Enables access via SSH protocol. Provides secure access to CLI. If preventing unauthorized access to the unit is the number one priority, leave only this server on.
SNMPEnabling SNMP server. Off by default.
SNMP community stringSNMP community string. Can contain both lower and uppercase letters, numbers, four characters . : _ – and can be up to 256 characters long.
SNMP trap IPAddress for sending SNMP traps. It is possible to record up to 3 addresses separated by commas.
LED indicatorsEnable LED status indicators on the body of the unit. You can turn off all LEDs with this option.
LLDP (Service IP info)
Data transmitted through the LLDP protocol can be accessed in two ways:
 OnTransmissions every 60 seconds
 SingleTransmitted once only when unit is rebooted
See “IPv4 address – Local … Unknown IP address” for description of the data transmitted through the LLDP protocol.

5.4.3.2. USB accessories

The USB connector is used for management access (not for user data) to the local unit using Ethernet or WiFi adapter. Only RACOM recommended adapters are supported.

Default WiFi IP address of the unit is 172.17.17.17 with DHCP enabled by default allocating IP address automatically to connected device.

Menu Link settings / Service access / USB accessories

Fig. 5.10: Menu Link settings / Service access / USB accessories


USB infoStatus information about device connected via the USB:
n/a – info not available (peer has older fw), or
No device – no device plugged in the USB port, or
Vendor ID:Product ID
Manufacturer
Product
WiFi/Eth: up/down … only for network device
MAC … only for network device
IPv4 addressUnit service management address when connecting via USB port.
NetmaskNetwork mask when connecting via USB port.
DHCP start
DHCP end
DHCP range for dynamic address allocation of the management client connected via USB port.
Ethernet adapter enableUSB to Ethernet adapter operation Enable/Disable.
Ethernet adapter DHCP enableDHCP server for the client(s) connected via USB to Ethernet adapter.
WiFi adapter enable
on Air link loss
USB to WiFi adapter is only activated during Air-Link loss – means WiFi starts to work and transmit SSID. WiFi is activated 60 seconds after Air-Link loss and deactivated 600 seconds after the Air-Link is restored. The WiFi passphrase should be set by admin before using this option (if not WiFi management alarm is activated).
WiFi adapter Force
enable
USB to WiFi adapter is forced to be permanently active (and to transmit SSID) and WiFi management alarm is activated. WiFi passphrase should be set by admin before using this option.
This parameter has a higher priority than “WiFi adapter enable on Air link loss”, so if it is set ON then WiFi activity does not depend on Air-Link status.
WiFi adapter DHCP
enable
DHCP server for the client(s) connected via the USB to WiFi adapter.
WiFi SSIDService WiFi SSID can be max 32 characters long.
WiFi encryptionService WiFi encryption is WPA2 and can not be changed. Factory default is “none” due to missing passphrase. WPA2 is applied automatically once any passphrase is entered.
WiFi passphraseService WiFi passphrase has to be 8-64 characters long. The WiFi passphrase should be set by admin before any use of WiFi. Until passphrase is set, WiFi management alarm is activated.
WiFi modeService WiFi mode can be IEEE 802.11n or IEEE 802.11g
WiFi channelWiFi channel can be set 1-11 depending on WiFi mode setting (see parameter above):
IEEE 802.11n – channels 1-7
IEEE 802.11g – channels 1-11
The WiFi adapter does not search for conflicts in the air. If problems occur, changing the channel is the easiest way to resolve the issue.
[Note]Note

When upgrading from FW older than 2.1.28.0 it is necessary to click “Show Defaults” followed by “Apply” to enable smooth WiFi functionality.

5.4.3.3. Users

List and setup of users. Example menu of the cli_super level user.

Menu Link settings / Service access / Users

Fig. 5.11: Menu Link settings / Service access / Users


Within the default Factory Settings one user is defined in the system. This user has username admin and password admin and is assigned the highest level of permissions cli_super. This user then assigns other users to the system along with their level of permissions.

Service access has three groups of users with different levels of permissions.

Permissionscli_guestcli_admincli_super
Create new userNoNoYes
Change own passwordYesYesYes
Delete user *NoNoYes
Copy (Mirror) permissions local to peerNoNoYes
Configure and modify link settingsNoYesYes

Numbers of users that can be defined in the system:

GroupNo of users
cli_guest10
cli_admin10
cli_super *2

   * The system prevents the user from deleting both cli_super accounts.

The logged on user is shown in the top right of the screen. There can be different users on either end of the link.

[Important]Important

It is strongly recommended that the default password admin is changed. Similarly all other users should change their password. Using the CLI, it is appropriate to supplement the SSH key.

Local, PeerList of users on Local and Peer stations.
UsernameThis name is entered at Login to log into the link management.
Group
User group to which the user belongs.
 cli_guestRead Only
 cli_adminConfigure and modify link settings
 cli_superConfigure and modify user accounts and link settings
PasswordInformation about whether user has a password
SSH keyInformation about whether user has at least one ssh key defined.

 

[Note]Note

More users concurrently

If two or more users work concurrently on the unit any change of configuration settings should be applied by all users. This applies to the menu Link settings which works with both, Local and Peer parameters. Notification to other users:

If one user sends the Apply command, other users will receive a message: “Configuration changed, please go to Link settings and click Refresh”. Other users can only use the Apply command after refreshing Link Settings.

Edit use

Clicking “Edit” next to a username opens a screen with configuration of the given account.

Menu Link settings / Service access / Users / edit

Fig. 5.12: Menu Link settings / Service access / Users / edit


 UsernameUser name
 GroupThe group to which this user will belong.
 PasswordPassword can be set or deleted.
  Delete – User will not have a password. The user will only be able to log in with an ssh key. In order to delete the password, you must first upload the ssh key.
  Set – Password settings.
 New passwordNew password.
 Confirm passwordRepeat password.
 SSH keyWorking with ssh key.
  Delete – Clear all ssh keys from user account.
  Set/replace – Add a new key. If there already was any key(s), it will be overwritten.
  Add – Add a new key. You can enter multiple ssh keys in this way.
 Key fileInsert key file.
 

Save the menu content by clicking on the button Apply.

Backup user
 The user settings can be backed up, see Tools / Maintenance / Backup.
Delete user
 Users at level cli_super have a Delete button next to each user. Delete a user using this button without being asked to confirm deletion. Users at level cli_super cannot both be deleted.
Add user
 The button is located on the bottom bar.
 For level cli_super users, the “Add user” button is active. Use it to create a new user within any group.
 UsernameName of new user.
 GroupThe group to which this user is assigned.
 New passwordPassword for this user.
 Confirm passwordRepeat password.
 SSH keyIf you want the user to have access using ssh protocol and identity verification using ssh key, enter the ssh key here.
 Create a new user account by clicking on the button Apply.
Mirror users
 The button is located on the bottom bar.
 For level cli_super users, the “Mirror users” button is active. This function will copy all user accounts from Local unit to Peer unit. All existing user accounts on the Peer unit are deleted.

5.4.4. Alarms

5.4.4.1. Alarms Status

Menu Link settings / Alarms / Status

Fig. 5.13: Menu Link settings / Alarms / Status


Alarm severity

Fig. 5.14: Alarm severity


Overview of alarms

All system alarms are listed on this screen. Inactive alarms are colored white with an “OK” text label. Active alarms are colored according to the severity of the alarm with a text message describing the measured value status.

For a detailed description of each Alarm click on the Alarm name.

5.4.4.2. Alarms Acknowledge

Menu Link settings / Alarms / Acknowledge

Fig. 5.15: Menu Link settings / Alarms / Acknowledge


Alarm acknowledgement allows the operator to confirm the system is set in alarm state. Only an active alarm can be acknowledged. Multiple selections of active alarms (to acknowledge groups of alarms) can be performed using Shift or Ctrl keys.

NameAlarm identification – The following alarms can appear:
Inside temperature, Voltage min, Voltage max, RSS, SNR, BER, Net bitrate, Air link, Eth1 link, Eth2 link, RF power, WiFi management
StateThere are three possible alarm states:
OK … No alarm (alarm is inactive) or alarm disabled.
Ack … Alarm is active and acknowledged.
Alarm … Alarm is active and is not acknowledged.
FromTime stamp when the alarm occurred.
ToTime stamp when the alarm expired (returned to normal conditions).
AckTime stamp when the alarm was acknowledged.
Time stamp format: yyyy-MM-dd hh:mm:ss
UserName (login) of the user who acknowledged the alarm.
CommentThe comment field can be used to add user defined comments when an ‘alarm acknowledge’ is performed. Use this comment field to describe important details of the alarm status. The comment can be up to 50 characters long. Special characters are not allowed.
The alarm can be acknowledged multiple times with different comments. Every acknowledgement is written to the internal memory and is visible in the alarm log.

5.4.4.3. Alarms Config

Menu Link settings / Alarms / Config

Fig. 5.16: Menu Link settings / Alarms / Config


The diagnostics system of the link monitors the operation of the unit.

It generates various event outputs – system warnings and alarms. The event is always written to the system log and indicated in the status bar and Alarms/Status screen. Some events have adjustable thresholds. Events with no adjustable thresholds may or may not be Enabled. If they are not Enabled, the system event is not activated even if the system status is changed.

If the event goes above or below the set parameter limits or a link goes down or up, you can choose to send an SNMP trap. All SNMP traps are OFF in defaults.

alarmdefault  description
Inside temper. [°C] >80  Temperature inside the unit (on the modem board). Active if temperature exceeds the threshold.
Voltage min [V] <40  Lower threshold of supply voltage. Active if voltage drops below min voltage threshold.
The same SNMP trap (same OID) applies for both Voltage min and max.
Voltage max [V] >60  Upper threshold of supply voltage. Active if voltage rises above max voltage threshold.
The same SNMP trap (same OID) applies for both Voltage min and max.
RSS [dBm] <−80  Received Signal Strength. Active if RSS drops below RSS threshold.
SNR [dB] <10  Signal to Noise Ratio. Active if SNR drops below SNR threshold.
BER [-] >10e−6  Bit Error Rate is registered at the receiving end – instantaneous value. Active if BER exceeds the threshold set in this parameter.
Net bitrate [Mbps]    0  The system warning is generated when the current transfer capacity of radio channel is lower than the threshold set in this parameter.
Air link downon  Interruption of radio link. Active if radio link is interrupted and units can not communicate by Air.
Eth1 link downCorresponding user Eth link (Eth1/Eth2) on station interrupted.
NOTE: The “EthX link” system alarm can only be activated if this alarm is Enabled. When the alarm is not Enabled, the “EthX link” alarm on Status screen is always “Ok” regardless of the current status of the Ethernet link.
RF power failLoss of transmit power (not applicable for RAy2-17 neither RAy2-24).
WiFi Managementon  Warning is generated when WiFi passphrase is not set or WiFi adapter (and Host Access Point) is permanently enabled (WiFi Force Enable is ON). Parameter can not be changed in web interface (only through CLI).

5.5. Switch settings

5.5.1. Status

5.5.1.1. Port status

The unit internal Ethernet switch port status

Menu Switch settings / Port status

Fig. 5.17: Menu Switch settings / Port status


Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Link status
Ethernet link status can be
 down / typeno link signal detected
 up / typelink signal detected
The type of the physical layer is indicated after the slash
 coppermetallic Ethernet interface
 SFPSFP module can be either optic or metallic
Speed
/ duplex
Ethernet link Speed and duplex.
 Speed:10/100/1000 Mbps.
 Duplex:full/half
SFP info
Information about the (optionally) inserted SFP module. The three different types of SFP modules can be used:
 Fibredual mode with LC connector
 Fibresingle mode with LC connector
 Copperwith RJ45 connector
There can be one of the following scenarios:
 scenariomessage
 SFP OKThe SFP vendor string read out of SFP module. The vendor, model, connector (RJ45/LC) and wavelength values are shown. Separate window with more detailed information can be opened by clicking the “more…” link.
 No SFPNo SFP module
 read errorn/a
 no SFP
option
MDIXStatus of the internal crossover of Ethernet cables. (MDIX = internally crossed pairs, MDI = direct connection, N/A means an unknown state).
Tx state
Port transmitting status can be
 transmittingNormal port operation
 pausedPort transmitter is paused due to Pause frames reception
Flow control
Mechanism for temporarily stopping the transmission of data on an Ethernet network. Enabling flow control allows use of buffers of connected active network elements for leveling uneven flow of user data. For correct operation it is necessary to also enable Flow control on the connected device. Flow control is handled by sending Pause frames to the connected device. See Flow control and Pause limit parameters.
Flow control can be one of the following values:
 disabledFlow control is disabled.
 enabledFlow control is enabled.
 activeFlow control is enabled and activated. The port has requested the link partner not to send any more data (by sending Pause frames).
QoS
Quality of Service status can be one of the following values:
 disabledQoS functions are disabled.
 802.1pQoS according to 802.1p is enabled.
 DSCPQoS according to DSCP is enabled.
 802.1p,DSCPQoS according to 802.1p and DSCP is enabled. The 802.1 prefer tag is selected.
 DSCP,802.1pQoS according to 802.1p and DSCP is enabled. The DSCP prefer tag is selected.

5.5.1.2. RMON counters

The unit internal Ethernet switch RMON counters

Menu Switch settings / RMON counters

Fig. 5.18: Menu Switch settings / RMON counters


The Remote Network MONitoring (RMON) MIB was developed by the IETF to support monitoring and protocol analysis of LANs.

Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.

The Internal switch port RMON counters

These counters provide a set of Ethernet statistics for frames received on ingress and transmitted on egress.

Ingress statistics counters
 In good octetsThe sum of lengths of all good Ethernet frames received, that is frames that are not bad frames.
 In bad octetsThe sum of lengths of all bad Ethernet frames received.
 In unicastsThe number of good frames received that have a Unicast destination MAC address.
 In multicastsThe number of good frames received that have a Multicast destination MAC address.
NOTE: This does not include frames counted in “In broadcasts” nor does it include frames counted in “In pause”.
 In broadcastsThe number of good frames received that have a Broadcast destination MAC address.
 In pauseThe number of good frames received that have a Pause destination MAC address.
 In undersizeTotal frames received with a length of less than 64 octets but with a valid FCS.
 In oversizeTotal frames received with a length of more than MaxSize octets but with a valid FCS.
 In FCS errorsTotal frames received with a CRC error not counted in “In fragments”, “In jabber” or “In MAC RX” errors.
 In fragmentsTotal frames received with a length of less than 64 octets and an invalid FCS.
 In jabberTotal frames received with a length of more than MaxSize octets but with an invalid FCS.
 In MAC RX
errors
Total frames received with an RxErr signal from the PHY.
 In discardsTotal number of frames that normally would have been forwarded, but could not be due to a lack of buffer space.
 In filteredTotal number of good frames that were filtered due to ingress switch policy rules.
Egress statistics counters
 Out octetsThe sum of lengths of all Ethernet frames sent from this MAC.
 Out FCS errorsThe number of frames transmitted with an invalid FCS. Whenever a frame is modified during transmission (e.g., to add or remove a tag) the frame’s original FCS is inspected before a new FCS is added to a modified frame. If the original FCS is invalid, the new FCS is made invalid too and this counter is incremented.
 Out unicastsThe number of frames sent that have a Unicast destination MAC address.
 Out multicastsThe number of good frames sent that have a Multicast destination MAC address.
NOTE: This does not include frames counted in “Out broadcasts” nor does it include frames counted in “Out pause”.
 Out broadcastsThe number of good frames sent that have a Broadcast destination MAC address.
 Out pauseThe number of Flow Control frames sent.
 Out defferedThe total number of successfully transmitted frames that experienced no collisions but are delayed because the medium was busy during the first attempt. This counter is applicable in half-duplex only.
 Out collisionsThe number of collision events seen by the MAC not including those counted in “Out Single”, Multiple, Excessive, or Late. This counter is applicable in half-duplex only. See Auto negotiation.
 Out singleThe total number of successfully transmitted frames that experienced exactly one collision. This counter is applicable in half-duplex only.
 Out multipleThe total number of successfully transmitted frames that experienced more than one collision. This counter is applicable in half-duplex only.
 Out excessiveThe number frames dropped in the transmit MAC because the frame experienced 16 consecutive collisions. This counter is applicable in half-duplex only.
 Out lateThe number of times a collision is detected later than 512 bits-times into the transmission of a frame. This counter is applicable in half-duplex only.
 Out filteredTotal number of good frames that were filtered due to egress switch policy rules.
Frame size histogram counters
 Size 64 octetsTotal frames received (and/or transmitted) with a length of exactly 64 octets, including those with errors.
 Size   65-127 octetsTotal frames received (and/or transmitted) with a length of between 65 and 127 octets inclusive, including those with errors.
 Size 128-255 octetsTotal frames received (and/or transmitted) with a length of between 128 and 255 octets inclusive, including those with errors.
 Size 256-511 octetsTotal frames received (and/or transmitted) with a length of between 256 and 511 octets inclusive, including those with errors.
 Size 512-1023 octetsTotal frames received (and/or transmitted) with a length of between 512 and 1023 octets inclusive, including those with errors.
 Size 1024-max octetsTotal frames received (and/or transmitted) with a length of between 1024 and MaxSize (see MTU parameter) octets inclusive, including those with errors.
Histogram counters mode
Frame size histogram counters can count received and/or transmitted octets. The mode of histogram counters is indicated here.
Measure time
This is the time interval, the diff column is valid for. The “diff” column shows the difference of the actual value of the counters at the moment of pressing the Difference button and the value of the counters at the moment of pressing the Refresh button.
Refresh
Difference
In another way: The Difference counter reference value can be reset by pressing the Refresh button. The time point at which the Difference counter sample is triggered and the “diff” value is calculated is defined by pressing the Difference button.
The “total” column always shows the actual values. It is refreshed either by pressing the Refresh and also the Difference button.

5.5.1.3. Queue allocation

Menu Switch settings / Queue allocation

Fig. 5.19: Menu Switch settings / Queue allocation


Free queue
Free Queue Size Counter. This counter reflects the current number of unallocated buffers available for all the ports [buffers].
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Ingress …This counter reflects the current number of reserved Ingress buffers assigned to this port [buffers].
Egress …This counter reflects the current number of Egress buffers switched to this port. This is the total number of buffers across all priority queues [buffers].
Queue 0~3
[buffers]
Those counters reflect the current number of Egress buffers switched to this port for individual priority queues [buffer].

5.5.1.4. Register dump

Menu Switch settings / Register dump

Fig. 5.20: Menu Switch settings / Register dump


The exact contents of the internal switch configuration and diagnostic registers can be listed for diagnostic purposes. All registers are separated into several groups.

Groups
 GlobalsGlobal switch parameters.
 All portsGlobal port related parameters.
PortsPort specific parameters.
RegistersRegisters contents is listed in hexadecimal notation.

5.5.1.5. RSTP

Menu Switch settings / RSTP

Fig. 5.21: Menu Switch settings / RSTP


RSTP service status

5.5.2. Interface

5.5.2.1. Port

Port settings

Menu Switch settings / Port

Fig. 5.22: Menu Switch settings / Port


Phyter is responsible for Ethernet signal conversion between wire (e.g. CAT7 cable) and internal switch bus.

Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
Link status
Ethernet link status can be
 down / typeno link signal detected
 up / typelink signal detected
The type of the physical layer is indicated after the slash
 coppermetallic Ethernet interface
 SFPSFP module can be either optic or metallic
Speed / duplex
Ethernet link Speed and duplex.
 Speed10/100/1000 Mbps
 Duplexfull/half
SFP info
Information about the (optionally) inserted SFP module. The three different types of SFP modules can be used:
 Fibredual mode with LC connector
 Fibresingle mode with LC connector
 Copperwith RJ45 connector
There can be one of the following scenarios:
 scenariomessage
 SFP OKThe SFP vendor string read out of SFP module. The vendor, model, connector (RJ45/LC) and wavelength values are shown. Separate window with more detailed information can be opened by clicking the “more…” link.
 No SFPNo SFP module
 read errorn/a
 no SFP
option
Port enable
The port can be enabled or disabled.
 WARNING: When the port is disabled, no communication is possible through this port.
Auto negotiation
Auto-Negotiation is an Ethernet procedure by which two connected devices choose common transmission parameters, such as speed, duplex mode and flow control. In this process, the connected devices first share their capabilities regarding these parameters and then choose the highest performance transmission mode they both support.
The device supports three types of Auto-Negotiation:
 10/100/1000BASE-T Copper Auto-Negotiation. (IEEE 802.3 Clauses 28 and 40)
 1000BASE-X Fiber Auto-Negotiation (IEEE 802.3 Clause 37)
 SGMII Auto-Negotiation (Cisco specification)
Auto-Negotiation provides a mechanism for transferring information from the local unit to the link partner to establish speed, duplex and Master/Slave preference during a link session.
Auto-Negotiation is initiated upon any of the following conditions:
 Power up reset
 Hardware reset
 Software reset
 Restart Auto-Negotiation
 Transition from power down to power up
 The link goes down
The 10/100/1000BASE-T Auto-Negotiation is based on Clause 28 and 40 of the IEEE 802.3 specification. It is used to negotiate speed, duplex and flow control over CAT5 (or higher) UTP cable. Once Auto-Negotiation is initiated, the device determines whether or not the remote device has Auto-Negotiation capability. If so, the device and the remote device negotiate the speed and duplex with which to operate.
If the remote device does not have Auto-Negotiation capability, the device uses the parallel detect function to determine the speed of the remote device for 100BASE-TX and 10BASE-T modes. If a link is established based on the parallel detect function, it is then required to establish the link at half-duplex mode only. Refer to IEEE 802.3 clauses 28 and 40 for a full description of Auto-Negotiation.
1000BASE-X Auto-Negotiation is defined in Clause 37 of the IEEE 802.3 specification. It is used to auto-negotiate duplex and flow control over fibre cable.
If the PHY enables 1000BASE-X Auto-Negotiation and the link partner does not, the link cannot linkup. The device implements an Auto-Negotiation bypass mode.
SGMII Auto-Negotiation. SGMII is a de-facto standard designed by Cisco. SGMII uses 1000BASE-X coding to send data as well as Auto-Negotiation information between the PHY and the MAC. However, the contents of the SGMII Auto-Negotiation are different than the 1000BASE-X Auto-Negotiation.
 WARNING: If one device provides Auto-negotiation and the other works with a manual link parameters settings (i.e. without Auto-negotiation) the link operates in half-duplex mode. If the manual settings is set to full-duplex, the “Out collisions” may occur.
Speed / duplex
Ethernet link speed and duplex mode can be selected. Both parameters can be either auto negotiated or set manually. When the Auto negotiation parameter is disabled, only manual setting of the speed and duplex is possible. In most cases it is better to enable the auto negotiation and use “auto / auto” speed and duplex settings.
There are two possibilities to force the link to operate in specific speed and duplex:
 Auto negotiation enabled. Select the desired Speed / duplex. The auto negotiation process advertises only this specified link mode. The link partner is asked to use it.
 Auto negotiation disabled. Select the desired Speed / duplex. The link is set to this specified link mode. The link partner has to be set manually to the same mode.
Flow control
The flow control mechanism is handled by sending Pause frames to the connected device. There are several modes of Pause frames generation:
 no pausePause frames disabled.
 symmetricPause frames transmission and reception enabled.
 asymmetric (send)Pause frames transmission enabled, reception disabled.
 asymmetric (receive)Pause frames reception enabled, transmission disabled.
Auto-Negotiation has to be enabled to enable Pause frames sending and receiving.
Force
flow control
If the Auto-Negotiation is disabled and Flow control is required, the Force flow control parameter can be used. Flow control is turned on without having to be Auto-Negotiated
1000T master mode
The 1000BASE-T master/slave mode can be manually configured.
 autoAutomatic MASTER/SLAVE configuration.
 masterManual configure as MASTER.
 slaveManual configure as SLAVE.
Energy detect
The device can be placed in energy detect power down modes by selecting either of the two energy detect modes. Both modes enable the PHY to wake up on its own by detecting activity on the Ethernet cable. The energy detect modes only apply to the copper media.
In the first “sense” mode, if the PHY detects energy on the line, it starts to Auto-Negotiate sending FLPs (Fast Link Pulse) for 5 seconds. If at the end of 5 seconds the Auto-Negotiation is not completed, then the PHY stops sending FLPs and goes back to monitoring received energy. If Auto-Negotiation is completed, then the PHY goes into normal 10/100/1000 Mbps operation. If during normal operation the link is lost, the PHY will re-start Auto-Negotiation. If no energy is detected after 5 seconds, the PHY goes back to monitoring received energy.
In “sense pulse” mode, the PHY sends out a single 10 Mbps NLP (Normal Link Pulse) every one second. Except for this difference, this is identical to the previous mode (sense) operation. If the device is in sense mode, it cannot wake up a connected device; therefore, the connected device must be transmitting NLPs. If the device is in “sense pulse” mode, then it can wake a connected device.
 offOff
 sense pulseSense and periodically transmit NLP (Energy Detect+TM).
 senseSense only on Receive (Energy Detect).

5.5.2.2. Port advanced

The unit internal Ethernet switch Port settings

Menu Switch settings / Port advanced

Fig. 5.23: Menu Switch settings / Port advanced


Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
LabelCustom port name.
Frame mode
Ethernet Frame mode control defines the expected Ingress and the generated Egress tagging frame format for this port as follows:
 normalNormal Network mode uses industry standard IEEE 802.3ac Tagged or Untagged frames. Tagged frames use an Ether Type of 0x8100. Ports that are expected to be connected to standard Ethernet devices should use this mode.
 DSAInactive options are not required.
 providerProvider mode uses user definable Ether Types per port (see Ether type parameter) to define that a frame is Provider Tagged. Ports that are connected to standard Provider network devices, or devices that use Tagged frames with an Ether Type other than 0x8100 should use this mode.
  Frames that ingress this port with an Ether Type that matches the port’s Ether Type parameter will be considered tagged, will have the tag’s VID and PRI bits assigned to the frame (i.e. they will be used for switching and mapping), and will have the Provider Tag removed from the frame. If subsequent Provider Tags are found following the 1st Provider Tag, they too will be removed from the frame with their VID and PRI bits being ignored. Modified frames will be padded if required.
  Frames that ingress this port with an Ether Type that does not match the Ether Type parameter will be considered untagged. The ingressing frames are modified so they are ready to egress out Customer ports (Normal Network Frame Mode ports) unmodified.
  Frames that egress this port will always have a tag added (even if they were already tagged). The added tag will contain this port’s Ether Type as its Ether Type. The PRI bits will be the Frame Priority FPri assigned to the frame during ingress. The VID bits will be the source port’s Default VID bits (if the source port was in Normal Network mode), or the VID assigned to the frame during ingress (if the source port was in Provider mode).
 ether type DSAValid only for the “p5 CPU” port.
 Ether Type DSA mode uses standard Marvell DSA Tagged frame information following a user definable Ether Type (see Ether type parameter). This mode allows the mixture of Normal Network frames with DSA Tagged frames and is useful on ports that connect to a CPU.
  Frames that ingress this port with an Ether Type that matches the port’s “Ether Type” will be considered DSA Tagged and processed accordingly. The frame’s Ether Type and DSA pad bytes will be removed so the resulting frame will be ready to egress out Marvell DSA Tag Mode ports unmodified. Frames that ingress this port with a different Ether Type will be considered Normal Network Frames and processed accordingly.
  Marvell DSA Tag control frames that egress this port will always get the port’s “Ether Type” inserted followed by two pad bytes of 0x00 before the DSA Tag. Marvell DSA Tag Forward frames that egress this port can egress just like the control frames (with the added Ether Type and pad) or they can egress as if the port was configured in Normal Network mode. This selection is controlled by the port’s Egress Mode bits above.
Ether type
Ethernet frame type (often called EtherType) is used to indicate which protocol is encapsulated in the payload of an Ethernet Frame. This parameter is important when one protocol is encapsulated to another protocol.
Examples:
Eth. typeStandardComment
0x8100IEEE 802.1qDouble-tagged, Q-in-Q or C-tag stacking on C-tag. C-tag in IEEE 802.1ad frames
0x88a8IEEE 802.1adS-Tag
0x88e7IEEE 802.1ahS-Tag (backbone S-Tag)
0x9100It is used very often. For example an old non-standard 802.1QinQ protocol uses this value.
See http://en.wikipedia.org/wiki/EtherType for further details.
MTU [B]
MTU determines the maximum frame size allowed to be received or transmitted from or to a given physical port. This implies that a Jumbo frame may be allowed to be received from a given input port but may or may not be allowed to be transmitted out of a port or ports. The possible values are 1522, 2048 and 10240 Bytes.
 NOTE: The definition of frame size is counting the frame bytes from MAC_DA through Layer2 CRC of the frame.
Pause limit in [frame]
Limit the number of continuous Pause refresh frames that can be received on this port (if full-duplex) or the number of 16 consecutive collisions (if half-duplex). When a port has flow control enabled, this parameter can be used to limit how long this port can be Paused or Back Pressured off to prevent a port stall through jamming.
The Flow Control on the port is (temporarily) disabled when the Pause refresh frames count exceeds the value of this parameter.
 Setting this parameter to 0 will allow continuous jamming to be received on this port.
Pause limit out [frame]
Limit the number of continuous Pause refresh frames that can be transmitted from this port – assuming each Pause refresh is for the maximum pause time of 65536 slot times. When full-duplex Flow Control is enabled on this port, this parameter is used to limit the number of Pause refresh frames that can be generated from this port to keep this port’s link partner from sending any data.
 Clearing this parameter to 0 will allow continuous Pause frame refreshes to egress this port as long as this port remains congested.
 Setting this parameter to 1 will allow 1 Pause frame to egress from this port for each congestion situation.
 Setting this parameter to 2 will allow up to 2 Pause frames to egress from this port for each congestion situation, etc.
Ignore Frame checksum
Ignore Frame checksum (FCS) – or in other words – Force good FCS in the frame. When this parameter is not set (default behaviour), frames entering this port must have a good CRC or else they are discarded. When this parameter is set, the last four bytes of frames received on this port are overwritten with a good CRC and the frames are accepted by the switch (assuming that the frame’s length is good and it has a destination).

5.5.2.3. PIRL

PIRL (Port based Ingress Rate Limiting) has the task of arranging the transfer of frames; ensuring as few frames as possible are discarded and that ports are not blocked.

Diagram of framework processing options are available within the QoS, PIRL and Egress queue control menus:

PIRL and queues

Fig. 5.24: PIRL and queues


Frame

The frame comes via port, has a certain length and MAC addresses SA and DA. The IP header carries the DSCP priority and may also carry the 802.1p VLAN priority.

QoS

The Queue priority (QPri) is created based on preferences within the DSCP or 802.1p priority. This priority takes values from 0 to 3, and controls the processing of frames inside the switch.

  • Untagged frames are provided with 802.1p priority by default.

  • Priorities may be remapped.

  • The priority can also be overwritten by the Advanced menu priority derived from a VLAN, SA and/or DA addresses.

The Frame priority (FPri) is processed in a similar manner. Frame coming from the network and frame being sent to the network is marked by this priority.

PIRL

Between the port and the common switch there may be between 1 and 5 “flow restrictors” working in parallel according to the schedule “leaky bucket”. These are called “Resource”. This is analogous to the container which is intermittently replenished by tokens according to incoming frames and is continuously emptied. Regulatory measures are implemented at a certain height to ensure the bucket does not overflow.

PIRL – Edit section of this menu is made up of several groups of parameters:

  • Resource identification.

  • Resource capacity, transfer byte into tokens.

  • Method of counting frames.

  • Regulatory interventions (drop frame – reduce feeding)

  • Selecting frames (all – by priority QPri – by type).

The above mentioned parameters are used to allocate part of a frame to each Resource. Their passage is regulated thus avoiding network congestion. If there is a framework that does not match the filter of any Resource, this then passes to the switch without restrictions.

Switching block

In this block (L2-switch) each frame is routed to a designated port according to the Advanced menu.

Egress queue

Block output queues. Each port receives frames from the L2 switch through 4 queues (No. 3-0). The highest priority has a queue No. 3. The frames are organized into queues according to their priorities QPri.

The Method to empty queues is selected by the parameter Scheduling Mode. The emptying rate is governed by the Rate limit parameter.

A Frame sent from the port to the network can be identified by priority FPri, although it is also possible to change its tag: see menu VLAN/Egress mode.

Port based ingress rate limiting, see also the Functional diagram

Menu Switch settings / PIRL

Fig. 5.25: Menu Switch settings / PIRL


The device supports per port TCP/IP ingress rate limiting along with independent Storm prevention. Port based ingress rate limiting accommodates information rates from 64 Kbps to 1 Mbps in increments of 64 Kbps, from 1 Mbps to 100 Mbps in increments of 1 Mbps and from 100 Mbps to 1000 Mbps in increments of 10 Mbps.

In addition to this, the device supports Priority based ingress rate limiting. A given ingress rate resource can be configured to track any of the four priority traffic types. One of the popular schemes for implementing rate limiting is a leaky bucket. The way a leaky bucket scheme works is that the bucket drains tokens constantly at a rate called Committed Information Rate (CIR) and the bucket gets replenished with tokens whenever a frame is allowed to go through the bucket. All calculations for this bucket are done in tokens. Therefore, both bucket decrementing and incrementing is performed using tokens (i.e., frame bytes are converted into bucket tokens for calculation purposes).

The device supports a color blind leaky bucket scheme.

The traffic below Committed Burst Size limit (CBS Limit) is passed without any further actions. If the traffic burst were to continue and the bucket token depth approaches closer to the Excess Burst Size limit (EBS Limit) by less than the CBS Limit, then a set of actions are specified. Note that if the frame gets discarded then the equivalent number of tokens for that frame will not get added to the bucket.

There are the two default ingress limiting rules already configured in the switch default configuration. They limit the maximum allowed ARP traffic coming to the CPU port to 10Mbps from Eth1 and 10Mbps from Eth2 ports.

Leaky bucket

Fig. 5.26: Leaky bucket


Primary key
The live data icon indicates which parameter field is taken as the unique identifier in the database. This field entry ensures each record is unique and must not be duplicated.
Port namePorts Eth1, Eth2, CPU, Air. See Port status.
Id
Each port can be assigned up to five different ingress rate resources.
Each resource defines a rule (filter) for the incoming frame. If the rule is met, the frame is affected (as set by the EBS limit action parameter). If the incoming frame does not meet any rule, it is not affected by PIRL. The frame is accepted and forwarded further to the switch engine.
CIR (estimated)
The Committed Information Rate (CIR) is dependent on the Bucket Rate factor and the Bucket increment.
The calculation is estimated as the real data throughput depends on frame size. The Accounted bytes parameter affects this as well.
The formula for the CIR (in bits per second) is as follows: CIR = a * BRF / BI.
Where “a” is constant, which is 12 500 000 for Accounted bytes=”frame”, and is 100 000 000 for Accounted bytes=”layer1″. BRF is Bucket Rate factor and BI is Bucket increment.
Bucket rate factor
This is a factor which determines the amount of tokens that need to be decremented for each rate resource decrement (which is done periodically based on the Committed Information Rate).
Bucket
increment
Bucket increment (BI) indicates the amount of tokens that need to be added for each byte of the incoming frame.
Mode
Rate type or Traffic type of rate limiting. See Bucket type parameter.
Edit
Press Edit to edit selected PIRL resource.
Delete
Press Delete to delete selected PIRL resource.
Add resource
Press Add resource button to add another PIRL resource.

5.5.2.4. PIRL – resource configuration

Menu Switch settings / PIRL Resource

Fig. 5.27: Menu Switch settings / PIRL Resource


Each port can be assigned up to five different ingress rate resources.

Each resource defines a rule (filter) for the incoming frame. If the rule is met, the frame is affected (as set by the EBS limit action parameter). If the incoming frame does not meet any rule, it is not affected by PIRL. The frame is accepted and forwarded further to the switch engine.

Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Id
Each port can be assigned up to five different ingress rate resources.
Each resource defines a rule (filter) for the incoming frame. If the rule is met, the frame is affected (as set by the EBS limit action parameter). If the incoming frame does not meet any rule, it is not affected by PIRL. The frame is accepted and forwarded further to the switch engine.
CIR (estimated)
The Committed Information Rate (CIR) is dependent on the Bucket Rate factor and the Bucket increment.
The calculation is estimated as the real data throughput depends on frame size. The Accounted bytes parameter affects this as well.
The formula for the CIR (in bits per second) is as follows: CIR = a * BRF / BI.
Where “a” is constant, which is 12 500 000 for Accounted bytes=”frame”, and is 100 000 000 for Accounted bytes=”layer1″. BRF is Bucket Rate factor and BI is Bucket increment.
Burst allocation [b]
The Burst allocation (BA) is dependent of the Bucket increment, the Committed Burst Size limit and the Excess Burst Size limit.
The formula for the BA is as follows: BA = 8 * (EBS-CBS) / BI.
Where EBS is the Excess Burst Size limit, CBS is the Committed Burst Size limit and BI is the Bucket increment.
The Burst allocation size should be less than switch internal memory which is 1Mb.
CBS min
The minimum value for the CBS limit is related to the maximum frame size and Bucket increment.
The CBS limit should always be bigger than the CBS min.
The calculation for CBS min is as follows:
CBS min = BI * MaxFrameSize [bytes].
Where BI is the Bucket increment.
If the CBS limit is lower than this value (i.e. to allow a large burst), then an ingress stream composed of maximum sized frames may exceed the Committed Information Rate. It is for this reason that we recommend the CBS limit value always stays above the CBS min value. Also, the CBS limit should never exceed the EBS limit.
EBS limit
Excess Burst Size limit.
The EBS limit should always be bigger than CBS limit. It is recommended that the EBS limit be set to 16777200.
CBS limit
Committed Burst Size limit. This indicates the committed information burst amount.
Bucket
rate factor
This is a factor which determines the amount of tokens that need to be decremented for each rate resource decrement (which is done periodically based on the Committed Information Rate).
Bucket
increment
Bucket increment (BI) indicates the amount of tokens that need to be added for each byte of the incoming frame.
Account
discarded
frames
This parameter decides whether the ingress rate limiting logic accounts for frames that have been discarded by the queue controller due to output port queue congestion reasons. To account for all frames coming into a given port associated with this rate resource, this parameter needs to be set.
Account filtered frames
This parameter decides whether the ingress rate limiting logic accounts for frames that have been discarded because of ingress policy violations. To account for all frames coming into a given port associated with this rate resource, this parameter needs to be set.
Management non rate limit
When this parameter is disabled all frames that are classified by the ingress frame classifier as MGMT frames would be considered to be ingress rate limited as far as this particular ingress rate resource is concerned.
When this parameter is enabled, all frames that are classified as MGMT frames by the ingress frame classifier would be excluded from the ingress rate limiting calculations for this particular ingress rate resource.
SA non rate limit
When this parameter is enabled then SA ATU non rate limiting overrides can occur on this port. An SA ATU non rate limiting override occurs when the source address of a frame results in an ATU hit where the SA’s MAC address returns an “Entry state” with “static non rate limiting” value. When this occurs the frame will not be ingress rate limited.
DA non rate limit
When this parameter is enabled then DA ATU non rate limiting overrides can occur on this port. A DA ATU non rate limiting override occurs when the destination address of a frame results in an ATU hit where the DA’s MAC address returns an “Entry state” with “static non rate limiting” value. When this occurs the frame will not be ingress rate limited.
Accounted bytes
This parameter determines which frame bytes are to be accounted for in the rate resource’s rate limiting calculations.
There are for different supported configurations:
 frameFrame based configures the rate limiting resource to account for the number of frames from a given port mapped to this rate resource.
 layer 1Preamble (8bytes) + Frame’s DA to CRC + IFG (inter frame gap, 12 bytes)
 layer 2Frame’s DA to CRC
 layer 3Frame’s DA to CRC – 18 – 4(if the frame is tagged)
A frame is considered tagged if it is either Customer of Provider tagged during ingress.
EBS limit action
This parameter controls what kind of action is performed when the EBS limit has been exceeded. Three types of action can be selected:
 dropThe frame that was received on the port will get discarded.
 flow controlIn this mode an Ethernet flow control frame gets generated (if the flow control is enabled for that port) and sent to the source port but the incoming frame gets passed through the rate resource. If the port is operating in half-duplex mode then the port gets jammed.
 acceptThe frame that was received on the port is accepted even though there are not enough tokens to accept the entire incoming frame. This mode is expected to be selected for TCP based applications. It is not recommended for media streaming applications where data timing is critical.
Flow control mode is expected to be programmed on ports that have a trusted flow control mechanism available. The EBS limit action is a per-port characteristic. If a port has multiple rate resource buckets then all buckets enabled are expected to be programmed with the same EBS limit action.
Sampling mode
This mode is used for sampling one out of so many frames/bytes that are being monitored. The stream could be identified by the ingress engine as a Policy mirror and packet sampling can be applied for that stream using one of the rate resources.
In this mode, once the rate resource’s “EBS Limit” is exceeded, the next incoming frame from this port that is assigned to this resource gets sent out to the mirror destination. After sending a sample frame, the token count within the rate resource is reset to zero and the bucket increments continue for each subsequent frame arrival.
The sampling mode is useful for limiting the number of Mirror frames sent to the mirror destination.
Flow control
de-assertion
This parameter controls the flow control de-assertion when EBS limit action is set to generate a flow control message. There are two modes available:
 emptyFlow control gets de-asserted only when the ingress rate resource has become empty.
 CBS limitFlow control gets de-asserted when the ingress rate resource has enough room to accept at least one frame of size specified by the CBS limit.
For example, if the CBS limit is programmed to be 2k Bytes, then the flow control will get de-asserted if there is at least 2k Bytes worth of tokens available in the ingress rate resource.
Bucket type
Any given bucket can be programmed to be aggregate rate based or traffic type based.
 Rate based ingress rate limit: Limits all types of traffic on the ingress port.
 Traffic type based ingress rate limit: Limits a specific type of traffic on the ingress port.
Mask operation
This parameter controls whether an ingress frame must meet both Priority and Frame type requirements to be counted for ingress rate calculations or if meeting only one requirement is sufficient to be counted for ingress rate calculations for this rate resource.
Priority
Any combinations of the four queue priorities can be selected. Frames with marked priority are accounted for in this ingress rate resource.
If there is no priority selected, priority of the frame does not have any affect on the ingress rate limiting calculations done for this ingress rate resource.
Frame type
Any of the following frame types can be selected to be tracked as part of the rate resource calculations:
Management (MGMT), Multicasts, Broadcasts, Unicasts, Address Resolution Protocol (ARP), TCP Data, TCP Ctrl, UDP, Non-TCPUDP (covers IGMP, ICMP, GRE, IGRP and L2TP), IMS, PolicyMirror, PolicyTrap, Unknown Unicasts or Unknown Multicasts.
More than one frame type can be selected for a given rate resource.

5.5.2.5. Egress queue control

See also Output queue diagram.

Menu Switch settings / Egress queue

Fig. 5.28: Menu Switch settings / Egress queue


Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Scheduling mode
Port’s Scheduling mode.
The device supports strict priority, weighted round robin, or a mixture on a per egress port selection basis.
In the strict priority scheme all top priority frames egress for a port until that priority’s queue is empty, then the next lower priority queue’s frames egress, etc. This approach can cause the lower priorities to be starved out preventing them from transmitting any frames but also ensures that all high priority frames egress the switch as soon as possible.
In the weighted scheme an 8, 4, 2, 1 weighting is applied to the four priorities unless an alternate weighting is programmed into the QoS Weights Table. This approach prevents the lower priority frames from being starved out with only a slight delay to the higher priority frames.
Some applications may require the top priority queue, or the top two priority queues to be in a fixed priority mode while the lower queues work in the weighted approach. All scheduling modes are selectable on a per port basis.
The port scheduling mode can be one of the following values:
 weighted RRBUse a weighted round robin queuing scheme.
 strict pri 3Use Strict for priority 3 and use weighted round robin for priorities 2,1 and 0
 strict pri 3, 2Use Strict for priorities 3 and 2 and use weighted round robin for priorities 1 and 0
 strictUse a Strict priority scheme for all priorities
Speed guard
The speed guard controls automatically the Egress data rate shaping according to available capacity of the Air channel. The Air channel capacity check and the Egress shaping adjustment takes place approx. once per 50 ms.
Count mode
Egress rate limiting count mode. This parameter is used to control which bytes in the transmitted frames are counted for egress rate limiting as follows:
 frameThe egress rate limiting is done based on frame count [fps] as opposed to the byte count [kbps] of the packet.
 layer 1Preamble (8bytes) + Frame’s DA to CRC + IFG (inter frame gap, 12 bytes)
 layer 2Frame’s DA to CRC
 layer 3Frame’s DA to CRC – 18 – 4(if the frame is tagged)
Only one tag is counted even if the frame contains more than one tag. A frame is considered tagged if the egress frame going out onto the wire is tagged.
Rate [kbps] / [fps]
Egress data rate shaping. When Rate = 0 egress rate limiting is disabled.
 NOTE: The Count mode parameter is used to control which bytes in the transmitted frames are counted for egress rate limiting.
If the egress shaping is controlled by frame rate, the desired frame rate can vary from 7.6k to 1.488M frames per second. Valid values are between 7600 and 1488000.
If the egress shaping is controlled by bit rate, the desired rate can vary from 64 kbps to 1 Gbps in the following increments:
 Desired rate between 64 kbps and 1 Mbps in increments of 64 kbps
 Desired rate between 1 Mbps to 100 Mbps in increments of 1 Mbps
 Desired rate between 100 Mbps to 1 Gbps in increments of 10 Mbps
Therefore, the valid values are:
 64, 128, 192, 256, 320, 384,…, 960,
 1000, 2000, 3000, 4000, …, 100000,
 110000, 120000, 130000, …, 1000000
Frame overhead [B]
Egress Rate Frame Overhead adjustment.
This parameter is used to adjust the number of bytes that need to be added to a frame’s IFG (inter frame gap) on a per frame basis. This is to compensate for a protocol mismatch between the sending and the receiving stations. For example if the receiving station were to add more encapsulations to the frame for the nodes further down stream, this per frame adjustment would help reduce the congestion in the receiving station.
This adjustment, if enabled, is added to the Egress Rate Control’s calculated transmitted byte count meaning Egress Rate Control must be enabled for this Frame Overhead adjustment to work.
Weight table
The weighted round robin alternate weighting can be defined here. The sequence of the output queue numbers (0,1, 2 or 3) defines the sequence of the output queue frame egressing. This sequence can be up to 128 items long.

5.5.3. QoS

Quality of Service (QoS) is the ability to provide different priorities to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. QoS using 802.1p and DSCP are implemented.

The ingress block has the task of determining the priority of each frame to be used for the internal Queue Controller (QPri) as well as the priority assigned to the frame (FPri) if the frame egresses the switch tagged. The classification as to if the frame is discard eligible is also determined. The Ingress block does not perform the QoS switching policy, which is the task of the Queue Controller. Instead, it has the job of determining the QPri and FPri assigned to each frame for the Queue Controller and Egress block.

See the Functional diagram.

5.5.3.1. 802.1p

Menu Switch settings/QoS/802.1p

Fig. 5.29: Menu Switch settings/QoS/802.1p


The IEEE 802.1p QoS technique also known as class of service (CoS), is a 3-bit field called the Priority Code Point (PCP) within an Ethernet frame header when using VLAN tagged frames as defined by IEEE 802.1Q. It specifies a priority value of between 0 and 7 inclusive that can be used by QoS disciplines to differentiate traffic. The value 0 is generally taken as the lowest priority and 7 as the highest priority.

Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Enabled
The QoS classification according to IEEE 802.1p priority bits is enabled/disabled.
Prefer
Enable this parameter to force 802.p priority over DSCP.
When enabled, the DSCP Prefer parameter is automatically disabled.
Default traffic class
The IEEE 802.1q untagged frames (thus having no IEEE 802.1p priority) are treated with this priority.
CoS remap
The frame’s IEEE 802.1p priority can be changed to other value.
Class of service
Arranging individual priorities (coded in priority bits according to IEEE 802.1p) into selected output queue (0..3).

5.5.3.2. DSCP

Menu Switch settings /QoS/DSCP

Fig. 5.30: Menu Switch settings /QoS/DSCP


The DSCP stands for Differentiated services Code Point which is a 6-bit value stored within the IP header. The QoS techniques using those bits are called DiffServ or Differentiated services.

Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Enabled
The QoS classification according to DSCP priority bits is enabled/disabled.
Prefer
Enable this parameter to force DSCP priority over 802.p.
When enabled, the IEEE 802.1p Prefer parameter is automatically disabled.
DSCP 0..63
Arranging individual priorities (coded in DS field of IP header) into selected output queue (0..3).

5.5.4. Advanced

According to the Advanced menu proceeds the deciding, through which port the framework should be transmitted from RAy unit.

The processing of framework can be observed on the diagram and in the table. Table columns indicate successive steps and in the rows there is hinted the development of framework parameters.

Advanced menu diagram

Fig. 5.31: Advanced menu diagram


 FrameVLANVTUSTUATUTrunk
DA, SADA, SA   id 
QPriQoS, DSCPby portby VLAN DA, SA 
VIDVIDdef. VIDid   
SID  SIDid  
FID by portby VLAN id 
Trunk    ATU-Trunkid
port egress by port RSTPATU-PortTrunk
tag egress Egress modeMember tag   

An indicative description of the function of each block:

Frame

An incoming frame contains the destination MAC address DA and the source address SA. The VLAN 802.1p priority can be contained in the Ethernet header and the DSCP priority in the IP header. If the frame is a member of a VLAN, it carries it’s VID number and 802.1q priority in the tag.

VLAN

A frame is received through ports Eth1, Eth2, Air or from microwave CPU. The head of the frame may change at this time based on parameters set in the VLAN menu.

All untagged frames are assigned a VID. A tagged (VLAN) framework can have its own VID overwritten by a default VID.

The packet priority can be overwritten according to parameter menus QoS, VLAN and ATU.

The FID for searching in the ATU table is allocated to the frame within the VLAN menu (by the input port) or from the corresponding VID in the VTU table.

Member parameter can limit the allowed output direction of ports.

Frames sent from a unit transfers through an output port. The Egress mode parameter bound to the port either adds or removes the VLAN tag.

VTU

Values in the VID determine search results from the VTU table. These are created manually. The SID index (enabled ports in terms of STP) FID index (for searching in the address table ATU) taken from this search result are assigned to the frame. This FID will overwrite the FID from menu VLAN.

Based on this, the VTU can also overwrite the priority of this frame.

The permitted output ports and method of working with VLAN tag on the output are also defined here.

STU

The Spanning tree protocol in this table maintains the status of ports from the viewpoint of the authorized network throughput and the learning of routing. Protocol MSTP is used.

Each VTU entry uses some of the entries in the STU. Entries in the ATU are created in accordance with these assigned states.

The port state behaviour is determined by the STP.

ATU settings

Any assigned parameters dictate how the ATU table should be used.

The Global section of this menu provides for passage of MGMT frames (e.g. BPDU).

In the Port settings section, the behaviour of individual port is defined:

– Behaviour of the ATU table in terms of automatically creating records (Learning, Hold at 1, ATU refresh, Learn limit).

– Discarding frames according to the source addresses.

– Handling frames with unfamiliar destination addresses.

– The frames’ priority can be overridden by the SA or the DA.

ATU

The ATU table determines the output port on the RAy according to the DA in the frame.

Records are arranged according to the FID and the MAC addresses.

The table is created and maintained based on informations contained in incoming frames (learning). Manual recording is also possible.

The record can be dynamic or static.

Priority frames with a static record can be overridden by the SA or DA.

The results of searching the ATU provide the set of output ports or trunk number.

RSTP

The RSTP demon turns off redundant paths through the network (switch ports), or re-activates them in the case of failure in other branch.

The Global section of this menu contains switch priority for the RSTP and necessary time constants.

The Port settings section holds the value of each port as seen by the RSTP. This information indicates if the RSTP shuts down or restarts a redundant port if a route is interrupted.

Trunk

The Trunk enables the distribution of data load on multiple ports. The ratio of distribution is determined by parameter Balancing mode.

Abbreviations used in the Advanced menu.

DA, SA

Destination and Source frame address (MAC)

LAN

Local Area Network

VLAN

Virtual LAN, menu of parameters related to the VLAN

VID

VLAN network ID

VTU

VLAN Table Unit – according to VID assigns SID and FID to the frame

SID

Spanning tree ID – record number for STP

STP

Spanning Tree Protocol – prevents a loop in the network

STU

Spanning Tree Unit – parameters associated with STP

FID

Forwarding Information Database number – according to this runs searching in the table

ATU

Address Translation Unit – conversion FID and DA to number of output port

MGMT

Management frames – service frames of the microwave link:
frames “ATU / Entry state = static management”
and frames “ATU settings / Reserved…”

BPDU

Bridge Protocol Data Unit – frames used by STP protocol

802.1d

Spanning tree protocol by ports

802.1s

Spanning tree protocol by VLAN

802.1q

tagging of frames (VLAN)

802.1p

priority by 2-nd layer (tagged frames Ethernet)

DSCP

Differentiated Services Code Point – priority by 3-rd layer (IP packet)

QoS

Quality of Service

FPri

Frame Priority – priority in the network

QPri

Queue Priority – priority of the frame inside the switch

Trunk

here in the sense of aggregation ethernet links – conjunction multiple ports into a single line
another meaning is VLAN aggregation lines – multiple VLANs on a single port

5.5.4.1. VLAN

Menu Switch settings / Advanced / VLAN

Fig. 5.32: Menu Switch settings / Advanced / VLAN


Setup of VLAN related and global parameters.

Link
authorization guard
Remote unit authorization must take place to ensure user data flow between both units. See User manual Section 6.3.3 Remote unit authorization for more details.
The Link authorization guard parameter can be used to bypass this authorization requirement.
 DisabledRemote unit authorization is bypassed. User data flow through the Air channel occurs even if the remote unit is not authorized.
 EnabledUser data flow through the Air channel occurs only if the remote unit is authorized – according to the Remote unit authorization procedure.
Remove one
provider tag
When this parameter is enabled and a port is configured as a Provider Port, recursive Provider Tag stripping will NOT be performed. Only the first Provider Tag found on the frame will be extracted and removed. Its extracted data will be used for switching.
When this parameter is disabled and a port is configured as a Provider Port, recursive Provider Tag stripping will be performed. The first Provider Tag’s data will be extracted and used for switching, and then all subsequent Provider Tags found in the frame will also be removed. This will only occur if the port’s Ether type is not 0x8100 (recursive Provider Tag removal cannot be performed when the Provider’s Ether Type is equal to 0x8100).
ARP without broadcast
checking
 DisabledARP frames must contain a Broadcast Destination address to be able to access the CPU port.
 EnabledARP frames only need an Ether type equal to 0x0806 and the frames Destination Address can be any value to be able to access the CPU port. This supports Mirroring ARP replies that are destined to a unicast address.
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Egress mode
This parameter determines the make up of frames when they egress this port. The Egress mode behaviour is affected by the Frame mode (menu Interface/Port advanced/Frame mode) parameter.
Frame mode … normal:
 unmodifyFrames are transmitted unmodified
 untagRemove the tag from any tagged frame
 tagAdd a tag (e.g. according to Default VID ) to any untagged frame. Ethernet frame type is set to 0x8100.
 ether type tagnot used
Frame mode … provider:
 unmodifyUse this mode when Frame mode is set to provider.
 untagnot used
 tagnot used
 ether type tagnot used
Frame mode … ether type DSA:
 unmodifynot used
 untagnot used
 tagnot used
 ether type tagAdd a tag (e.g. according to “Default VID”) to any untagged frame. Ethernet frame type is set according to “Ether type” parameter (menu Switch settings/Interface/Port advanced).
802.1q mode
This parameter determines if 802.1q base VLANs are used along with port based VLANs for this Ingress port. It also determines the action to be taken if an 802.1q VLAN Violation is detected. VLAN barriers (both port based and 802.1q based) can be bypassed by VLAN Tunnel.
 disabledUse Port Based VLANs only. The VID assigned to the frame is the port’s Default VID which is used as the VID in the Provider Tag if the frame egresses a Provider port.
 fallbackEnable 802.1q for this Ingress port. Do not discard Ingress Membership violations and use the VLAN Table bits if the frames’ VID is not contained in the VTU.
The ingressing frames are not discarded and it not matter if the frames’ VID is a member of the VTU.
 checkEnable 802.1q for this Ingress port. Do not discard Ingress Membership violation but discard the frame if its VID is not contained in the VTU.
The ingressing frames’ VID must be configured in the VTU to enable it to ingress. The VTU “Member tag” parameter does not have any effect.
 secureEnable 802.1q for this Ingress port. Discard Ingress Membership violations and discard frames whose VID is not contained in the VTU.
The ingressing frame is checked fully against the record in the VTU table. The “VID” and the “Member tag” parameters are validated to allow the frame to ingress.
Discard tagged
When this parameter is enabled all non-MGMT frames that are processed as tagged are discarded as they enter this switch port. Priority only tagged frames (with a VID of 0x000) are considered untagged. This feature works whether 802.1q is enabled on the port or not.
If the port is configured in Provide Mode and this parameter is enabled, frames that contain an Ether Type that matches the port’s PortEType (Ether type parameter) that have a non-zero VID will be discarded.
Discard
untagged
When this parameter is enabled all non-MGMT frames that are processed as untagged, are discarded as they enter this switch port. Priority only tagged frames (with a VID of 0x000) are considered untagged. This feature works whether 802.1q is enabled on the port or not.
If the port is configured in Provide Mode and this parameter is enabled, frames that do not contain an Ether Type that matches the port’s PortEType (Ether type parameter) that have a non-zero VID will be discarded.
VTU priority
override
When this parameter is set to anything other than none, VTU priority overrides can occur on this port. A VTU priority override occurs when the determined VID of a frame results in a VID whose “Use VID priority” parameter is enabled. When this occurs three (other than none) forms of priority overrides are possible:
 noneNormal frame priority processing occurs.
 frameThe “VID priority” value assigned to the frame’s VID (in the VLAN database) is used to overwrite the frame’s previously determined FPri (frame priority). If the frame egresses tagged the priority in the frame will be this new VID priority value – the frame is permanently modified.
 queueThe “VID priority” value assigned to the frame’s VID (in the VLAN database) is used to overwrite the frame’s previously determined QPri (queue priority). The QPri is used internally to map the frame to one of the egress queues inside the switch. QPri override will not affect the contents of the frame in any way.
 frame+queueBoth the above overrides take place on the frame.
The VTU Priority override has higher priority than the port’s Default Priority and the frame’s IEEE and/or IP priorities. The priority determined by the frames’ VID can however be overridden by the frames’ SA and/or DA Priority Overrides.
Force default VID
Force to use Default VID. When 802.1q is enabled on this port and this parameter is enabled, all Ingress frames’ VID are ignored and the “Default VID” is assigned and replaced into the frame (if the frame egresses tagged). When this parameter is disabled all IEEE802.3ac Tagged frames with a non-zero VID use the frames’ VID unmodified.
When 802.1q is disabled on this port, this bit has no effect.
Default VID
Default VLAN Identifier. When 802.1q is enabled on this port the Default VID parameter is used as the IEEE Tagged VID added to untagged or priority tagged frames during egress that ingressed from this port. It is also used as a tagged frame’s VID if the frame’s VID was 0x000 (i.e., it is a priority tagged frame) or if the port’s “Force Default VID” is enabled.
When 802.1q is disabled on this port, the Default VID field is assigned to all frames entering the port (whether tagged or untagged). This assignment is used internal to the switch.
FID
Port’s Default Filtering Information Database (FID). This parameter can be used with non-overlapping VLANs to keep each VLAN’s MAC address mapping database separate from the other VLANs. This allows the same MAC address to appear multiple times in the address database (at most one time per VLAN) with a different port mapping per entry. This field is overridden by the FID returned from a VTU hit and it should be zero if not used. It must be a unique number for each independent, non-overlapping, address database if used.
IGMP
snooping
IGMP and MLD Snooping. When this parameter is enabled and this port receives an IPv4 IGMP frame or an IPv6 MLD frame, the frame is switched to the CPU port overriding the destination ports determined by the DA mapping. When this parameter is disabled IGMP/MLD frames are not treated specially.
IGMP/MLD Snooping is intended to be used on Normal Network or Provider ports only.
ARP
mirroring
When this parameter is enabled non-filtered Tagged or Untagged Frames that ingress this port that have the Broadcast Destination Address with an Ethertype of 0x0806 are mirrored to the CPUDest port. This mirroring takes place after the ingress mapping decisions to allow ARPs to get to a CPU that is otherwise isolated. When this bit is cleared to a zero no special ARP handling will occur.
VLAN tunnel
When this parameter is disabled, the port based VLANs defined in the VLAN Table, 802.1q VLANs defined in the VTU and Trunk Masking are enforced for ALL frames.
When this parameter is enabled, the port based VLAN Table masking, 802.1q VLAN membership masking and the Trunk Masking are bypassed for any frame entering this port with a DA that is currently ‘static’ in the ATU. This applies to unicast as well as multicast frames.
While enabled, the Unicast frames with the management CPU DA can go from the Eth1 and Eth2 ports in to the CPU port. The static record with the CPU DA in the ATU table has to be configured (it is pre-configured by default).
Member
(VLAN Table)
The In Chip Port based VLAN Table contains parameters used to restrict the output ports to which an input port can send frames. These parameters (VLANTable bits) are used for all frames, except for MGMT frames, even if 802.1q is enabled on this port. These parameters restrict where a port can send frames to (unless a VLANTunnel frame is being received). If ForceMap (Learning) is enabled, these parameters indicate which port or ports all frames that ingress this port are sent to overriding the mapping from the address database.
The default setting prevents sending frames from Eth1 to Eth2 and vice versa. This is very important for separating different networks (e.g. different customers) connected to separate user ports.
The Link authorization guard affects the user data flow through the Air channel. When the Link authorization guard is enabled, the user Ethernet ports to Air port connection control is disabled. Parameter status of user Ethernet to Air port connection changes dynamically according to Link authorization status.

5.5.4.2. STU

Menu Switch settings / Advanced / STU

Fig. 5.33: Menu Switch settings / Advanced / STU


The per VLAN Spanning Tree Unit (STU) in the device supports user commands to access and modify the contents of the Port State database.

Primary key
The icon indicates which parameter field is taken as the unique identifier in the database. This field entry ensures each record is unique and must not be duplicated.
SID
VTU 802.1s (MSTP) Port State Information Database number. This parameter indicates the SID number that is associated with the 802.1s “Port state” parameter.
It is essential to define the SID to be able to create records in the VTU (VLAN Table).
Label
A custom string label for a STU entry.
Port state
This parameter is used to support 802.1s per VLAN spanning tree. Port states (bellow) are valid for frames with a VID that is associated to this SID:
 disabledUse non-VLAN Port States (i.e., the port’s default Port State) for this port.
 blocking
/listening
 
 learning 
 forwardingaaaa
This “Port state” takes precedence over the port’s Port State bits unless the port’s Port State (driven by STP) is Disabled (which prevents all frames from flowing).
Add entry
Add a new STU database entry.
Edit
Press the Edit button to open the configuration dialog of the selected STU database record.
NOTE: Should the Primary key value be modified, the “other” record – identified by the entered Primary key – is added (if it does not exist yet) or modified (if it exists already).
Delete
Delete the selected STU database record.
Menu Switch settings / Advanced / STU / edit

Fig. 5.34: Menu Switch settings / Advanced / STU / edit


5.5.4.3. VTU

Menu Switch settings / Advanced / VTU

Fig. 5.35: Menu Switch settings / Advanced / VTU


The VTU (VLAN Table Unit) records form the VLAN Table.

Primary key
The icon indicates which parameter field is taken as the unique identifier in the database. This field entry ensures each record is unique and must not be duplicated.
VID
VLAN ID. This parameter indicates the VID number that is associated with the Member tag, VTU Priority, VTU policy and the FID (Forwarding Information Database number).
Label
A custom string label for a VTU entry.
FID
Forwarding Information Database number. If separate address databases are used, this parameter indicates the address database number to use for all frames assigned with this VID. All MAC DA look-ups and SA learning will refer to the address database number defined by the FID associated with the frame’s VID. Multiple VID’s can use the same FID. If separate address databases are not used, the FID must be zero. The ATU database records are joined with the VTU database records via this number.
SID
802.1s Information Database Number. If 802.1s per VLAN spanning tree is being used, this parameter indicate the spanning tree instance number to use for all frames assigned with this VID. Multiple VID’s can use the same SID. The STU database records are joined with the VTU database records via this number.
Use
VID priority
VID Priority Override. This parameter is used to indicate that frames assigned with this VID can have their priority overridden with the “VID priority” value (see below) if the port’s “VTU priority override” parameters is enabled to do so. See VTU priority override for more details.
VID priority
VID Priority override value when enabled by the “Use VID priority” parameter (see above). Used for priority override on ingressing frames. Enabling a priority on a VID will override the frame’s priority only if the port’s VTU priority override parameter is enabled to do so.
VID policy
This parameter is used to indicate that frames assigned with this VID can have Layer 2 Policy actions applied to it if the port’s “Policy VTU” (menu Advanced/Monitoring,Policy/Policy) is enabled to do so.
Member tag
This parameters is used to indicate which ports are members of the VLAN (i.e, with the given VID) and if these VLANs frames should be tagged or untagged, or unmodified when exiting the port as follows:
 egress unmodifiedPort is a member of this VLAN and frames are to egress unmodified.
 egress untaggedPort is a member of this VLAN and frames are to egress Untagged.
 egress taggedPort is a member of this VLAN and frames are to egress Tagged.
 not memberPort is not a member of this VLAN. The result is that frames assigned with this VID can not egress this port.
This parameter takes effect only if the “802.1q mode” parameter (see menu Advanced/VLAN) is set to “secure” mode.
Add entry
Add a new VTU database entry.
Edit
Press the Edit button to open the configuration dialog of selected VTU database record.
NOTE: Should the Primary key value be modified, the “other” record – identified by the entered Primary key – is added (if it does not exist yet) or modified (if it exists already).
Delete
Delete the selected VTU database record.
Flush all
Delete the whole VTU database.
Menu Switch settings / Advanced / VTU / edit

Fig. 5.36: Menu Switch settings / Advanced / VTU / edit


5.5.4.4. ATU settings

Menu Switch settings / Advanced / ATU settings

Fig. 5.37: Menu Switch settings / Advanced / ATU settings


Setup of ATU (Address Translation Unit) table related parameters.

Aging timeout [s]
ATU age time. This value determines the time that each ATU Entry remains valid in the database, since its last access as a source address, before being purged.
 The default value is 330 seconds.
 The minimum age time is 15 seconds.
 The maximum age time is 3825 seconds (almost 64 minutes).
 If the Age Time is set to 0 the Aging function is disabled and all learned addresses will remain in the database forever.
Reserved multicast
to CPU
When this parameter is enabled, frames with a Destination Address in the range 01:80:C2:00:00:0x or 01:80:C2:00:00:2x, regardless of their VLAN membership, will be considered MGMT frames and sent to the CPU port. See the RSTP, RSTP enable parameter.
Reserved multicast priority
This parameter sets the priority of the frames affected by “Reserved multicast to CPU” parameter.
Reserved multicast DA
This parameter enables individual multicast DA addresses to be affected by “Reserved multicast to CPU” parameter.
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Learning (ForceMap)
When this parameter is disabled, normal frame processing occurs.
When this parameter is enabled, all received frames will be considered MGMT (MGMT=Management frames, frames that can tunnel through Blocked ports) and are mapped to the port or ports defined in the VLANTable bits overriding the mapping from the address database. The forcing function is needed to get BPDU frames to egress specific ports by the CPU for the Spanning Tree Protocol. ForceMapped frames will egress ports that are not in the Disabled port state (i.e., they are MGMT frames and will egress via Blocked ports). This parameter is accessible by the CPU’s Ingress Header so the CPU can enable and disable MGMT and forcing on a frame by frame bases.
 NOTE: Learning is disabled on MGMT frames, so enabling this parameter also disables learning on frames entering this port.
Hold at 1
Hold Aging ATU Entries at an Entry State value of 1. When this parameter is disabled, a zero normal Aging occurs for ATU entries associated with this port. When this parameter is enabled ATU entries associated with this port will age down to an Entry state of 1 but will not go to 0. This feature can be used (for example) to keep dynamic records in the ATU table.
ATU refresh
 unlockedNormal address learning is enabled
 knownAuto refreshing of known addresses will occur even if this port is Locked. Already known addresses will be auto refreshed (i.e., their Entry State will be updated to 0x7 whenever this address is used as a source address in a frame on this port) even when this port is Locked.
 lockedCPU directed learning (needed for 802.1X MAC authentication) is enabled. Automatic SA learning and refreshing is disabled in this mode.
DA mapping
When this parameter is enabled, normal switch operation occurs where a frame’s DA is used to direct the frame out of the correct port. When this parameter is disabled the frame will be sent out of the port defined by EgressFloods even if the DA is found in the address database. The static ATU table records are used, even in “DA mapping” disabled status.
Egress block
Egress Flooding mode. The DA of every unicast and multicast frame is searched in the ATU. If the DA is found in the address database it is considered known. If it is not found it is considered unknown. Frames with known DA’s are not affected by this register.
Frames with unknown DA’s generally flood out all the ports (except the port they originally came in on). This register can be used to prevent frames with unknown DA’s from egressing this port as follows:
 unknownDo not egress any frame with an unknown DA (unicast or multicast)
 unknown multicastDo not egress any frame with an unknown multicast DA
 unknown
unicast
Do not egress any frame with an unknown unicast DA
 noneEgress all frames with an unknown DA (unicast and multicast)
SA filtering
Source Address Filtering method:
 disabledNo frame will be filtered (i.e. discarded) as a result of the contents of its Source Address field.
 drop
on lock
Ingressing frames will be discarded if their SA field is not in the ATU’s address database (i.e. it’s a new or unknown Source Address) or if this port’s bit is not set in the PortVec bits for the frames’ SA (i.e. this port is not the source port for that MAC address). Used for MAC based 802.1X.
 drop
on unlock
Ingressing frames will be discarded if their SA field is in the ATU’s address database as a Static entry with a PortVec of all zeros. Used to discard frames from known untrusted sources.
 drop
to CPU
Ingressing frames will be mapped to the CPUDest if their SA field is in the ATU’s address database as a Static entry with a PortVec of all zeros and the frame is not otherwise filtered. Otherwise, the frames will be discarded if their SA field is not in the ATU’s address database (i.e. it’s a new or unknown Source Address) or if this port’s bit is not set in the PortVec bits for the frames’ SA (i.e. this port is not the source port for that MAC address). This mode is a form of MAC based 802.1X where some frames can be forced to the CPU for further authentication prior to full authorization.
Learn limit (LearnLimit)
When this parameter is set to zero, normal address learning and frame policy occurs.
When this parameter is non-zero the number of MAC addresses that can be learned on this port are limited to the value of this parameter. Automatic learning and frame policy will occur normally until the number of unicast MAC addresses auto-learned from this port reaches the port’s LearnLimit (addresses that were learned from this port but were aged out are not counted – i.e., this register limits the number of ‘active’ unicast MAC addresses associated to this port). When the LearnLimit has been reached any frame that ingresses this port with a source MAC address not already in the address database that is associated with this port will be discarded (the port will act as if the port is Locked and the port’s DropOnLock SAFiltering mode is set). Normal auto-learning will resume on the port as soon as the number of ‘active’ unicast MAC addresses associated to this port is less than the LearnLimit (due to address aging).
Care is needed when enabling this feature:
 Enable “Learn to all” (GL1-0x0A:11:3 Learn2All=1)
 Set “SA filtering” to “disabled” or “drop on unlock” (PORT-0x04:14 SAFiltering[0]=0)
Safe procedure:
 Disable or block the ports (PORT-04.1 PortState[1]=0).
 Flush all non-static addresses in the ATU.
 Define the desired limit for the ports.
 Re-enable the ports.
SA priority
override
When any other than “none” mode is selected, SA ATU priority overrides can occur on this port. An SA ATU priority override occurs when the source address of a frame results in an ATU hit where the SA’s MAC address returns an EntryState that indicates Priority Override. When this happens three forms of priority overrides are possible (other than “none”):
 noneNormal frame priority processing is active.
 framePRI value assigned to the frame’s SA (the MAC priority field in the ATU database) is used to overwrite the frame’s previously determined frame priority (FPri). If the frame egresses, the tagged priority in the frame will be this new PRI value.
 queueThe two upper bits of the PRI value assigned to the frame’s SA (the MAC priority field in the ATU database) are used to overwrite the frame’s previously determined queue priority (QPri). The QPri is used internally to map the frame to one of the egress queues inside the switch. QPri override will not affect the contents of the frame in any way.
 frame+queueBoth above overrides take effect on the frame
The SA ATU Priority Override has a higher priority than the port’s Default Priority, the frame’s IEEE and/or IP priorities and the VTU Priority Override. The priority determined by the frame’s SA can however be overridden, by the frame’s DA Priority Override.
DA priority
override
When any other than “none” mode is selected, the DA ATU priority overrides can occur on this port. A DA ATU priority override occurs when the source address of a frame results in an ATU hit where the DA’s MAC address returns an EntryState that indicates Priority Override. When this occurs three forms of priority overrides are possible (other than “none”):
 noneNormal frame priority processing is active.
 framePRI value assigned to the frame’s DA (the MAC priority field in the ATU database) is used to overwrite the frame’s previously determined frame priority (FPri). If the frame egresses the tagged priority in the frame will be the new PRI value.
 queueThe two upper bits of the PRI value assigned to the frame’s DA (the MAC priority field in the ATU database) are used to overwrite the frame’s previously determined queue priority (QPri). The QPri is used internally to map the frame to one of the egress queues inside the switch. QPri override will not affect the contents of the frame in any way.
 frame+queueBoth of the above overrides take place on the frame
The DA ATU Priority Override has the highest priority over the port’s Default Priority, the frame’s IEEE and/or IP priorities, the VTU Priority Override and the SA Priority Override.
Port
association
(PAV)
Port Association Vector for ATU learning. The value in these bits (one bit per port) is used as the port’s DPV on automatic ATU Learning or Entry_State refresh whenever these bits contain a non-zero value. When these bits are all zero, automatic Learning and Entry_State refresh is disabled on this port.
For normal switch operation, this port’s bit should be the only bit set in the vector. These bits must only be changed when frames are not entering the port.
The PAV bits can be used to set up port trunking (along with the VLANTable bits). For the two ports that form a trunk, set both of their port’s bits in both port’s PAV registers (this Port association parameter for both ports of the trunk), then use the VLANTable to isolate the two ports from each other, or to use the Trunk Mask table to steer the traffic from the other ports down the desired trunk line of the pair using DA/SA Load Balancing.

5.5.4.5. ATU

Menu Switch settings / Advanced / ATU

Fig. 5.38: Menu Switch settings / Advanced / ATU


The Address Translation Unit (ATU) in the device supports user commands to access the contents of the MAC address database.

There is one static record which can not be deleted. This is the management CPU record. The unicast frames directed to management are allowed to access the CPU port. The VLAN tunnel parameter is also used to enable the AP frames to access the CPU port.

Primary key
The icon indicates which parameter field is taken as the unique identifier in the database. This field entry ensures each record is unique and must not be duplicated.
FID
Forwarding Information Database number. If multiple address databases are not being used, this parameter must remain zero. If multiple address databases are being used, this parameter is used to set the desired address database number that is to be associated with this ATU Entry’s MAC Address. When frames ingress the switch, the VID assigned to the frame is used to access the VTU. The VTU returns the FID associated with that VID for MAC address lookups in to the ATU.
MAC
MAC address associated with this ATU entry in the database number defined by the FID.
Label
A custom string label for an ATU entry.
Entry state
The Entry state parameter is used to determine the entry’s age or its type as follows:
 staticUse for ordinary static entry.
 static policyUse for “Policy DA” and/or Policy SA (menu Switch settings/Advanced/Monitoring/Policy).
 static non rate limitingUse for “SA non rate limit” and/or “DA non rate limit” (menu Switch settings/Interface/PIRL).
 static managementThis value is used for the mapping of the DA even if the “DA mapping” parameter is disabled (menu Switch settings/Advanced/ATU settings).
 dynamicOrdinary dynamic entry.
Use
MAC priority
Use this parameter to enable the MAC priority (see “MAC priority” description).
MAC priority
Use the MAC priority to override value, when it is enabled by the “Use MAC priority” parameter. It is used for priority override on ingressing frames. Enabling a priority on a MGMT MAC address will override all priorities for these MGMT frames. Enabling a priority on a static, non-MGMT MAC address, will only override the frame’s priority if the port’s DA priority override or SA priority override parameters are enabled.
Trunk
member
When this parameter is enabled, the MAC address is a member of a trunk – according to the “Trunk Id” parameter. When this parameter is disabled, the MAC address is associated with port(s) – according to the Port association parameter.
Trunk Id
The Trunk ID associated with this MAC address.
The port or ports that this DA MAC address is associated with is determined by the Port association parameter.
Use this parameter to ensure the proper unit management CPU is accessed when two units are connected in trunk.
Trunk port association vector
Mask of ports associated with this MAC address.
Add entry
Add a new ATU database entry.
Edit/Copy
Press the Edit/Copy button to open the configuration dialog of the selected ATU database record.
NOTE: Should the Primary key value be modified, the ‘other’ record – identified by the entered Primary key – is added (if it does not exist yet) or modified (if it exists already).
Delete
Delete the selected ATU database record.
Flush all and use default
Delete the whole ATU database and create default record(s).
Flush
non-static
Delete all except static ATU database records.
Menu Switch settings / Advanced / ATU / edit

Fig. 5.39: Menu Switch settings / Advanced / ATU / edit


5.5.4.6. Monitoring, Policy

Menu Switch settings / Advanced / Monitoring, Policy

Fig. 5.40: Menu Switch settings / Advanced / Monitoring, Policy


Setup of Monitoring and Policy functions.

The Policy functions allow a special handling of specific types of ingress frames.

Ingress
monitor
destination
Frames that are targeted toward an “Ingress Monitor Destination” leave via the port selected by this parameter. This includes frames received on a port that is enabled to be the “Ingress monitor source”.
Egress
monitor
destination
Frames that are targeted toward an “Egress Monitor Destination” leave via the port selected by this parameter. This includes frames transmitted on a port that is enabled to be the “Egress monitor source”.
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Ingress
monitor
source
When this parameter is enabled, any frame that ingresses this port is also sent to the “Ingress monitor destination” port. The frame is sent to this port even if it is discarded due to switching policy but the frame will not be forwarded if it contains an error (such as CRC, etc.) or is filtered by ingress rate limiting.
Egress
monitor
source
When this parameter is enabled any frame that egresses this port will also be sent to the “Egress monitor destination” port. The 802.1q mode and VTU entries on the “Egress monitor destination” port must be set to be the same as they are on the “Egress monitor source” port so the frames egress with the same tagged or untagged information.
Mirror
destination
Frames that ingress a port that trigger a policy mirror are mapped (copied) to this port as long as the frame is not filtered or discarded.
CPU
destination
CPU destination port can not be changed. It is shown here to better understand the description of some other parameters which interact with the CPU destination port. For example the “trap” value of the “Policy* ” parameters cause frames to be forwarded to this CPU destination port.
Policy
There are four different operations as a result of a policy:
 normalNormal frame switching.
 mirrorMirror (copy) frame to the “Mirror destination” port.
 trapTrap (re-direct) frame to the “CPU destination” port.
 discardDiscard (filter) the frame.
There are eight different policy triggers:
 DADA Policy Mapping occurs when the DA of a frame is contained in the ATU address database with an Entry State set to “static policy”.
 SASA Policy Mapping occurs when the SA of a frame is contained in the ATU address database with an Entry State set to “static policy”.
 VTUVTU Policy Mapping occurs when the VID of a frame is contained in the VTU database with the VID policy parameter enabled.
 ether typeEtherType Policy Mapping occurs when the Ether Type of a frame matches the Ether type parameter of this port.
 PPPoEPPPoE Policy Mapping occurs when the Ether Type of a frame matches 0x8863.
 VBASVBAS Policy Mapping occurs when the Ether Type of a frame matches 0x8200.
 DHCP
option 82
DHCP option 82 Policy Mapping occurs when the ingressing frame is an IPv4 UDP with a UDP Destination port=0x0223of 0x0222.
 UDPUDP Policy Mapping occurs when the ingressing frame is a Broadcast IPv4 UDP or a Multicast IPv6 UDP.

5.5.4.7. RSTP

Menu Switch settings / Advanced / RSTP

Fig. 5.41: Menu Switch settings / Advanced / RSTP


The Rapid Spanning Tree Protocol (RSTP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of RSTP is to prevent bridge loops and the broadcast radiation that results from them. Spanning Tree Protocol also allows network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links.

RSTP enable
When RSTP is enabled, the bridge is created and RSTP service is initiated. Should the RAy2 unit be connected via two Ethernet cables (using Eth1 and Eth2 ports), the active participation of the RSTP protocol may be necessary. If the parameter is not enabled, the RAy2 unit transfers the BPDU frames transparently.
NOTE: To enable proper RSTP functionality, these switch parameters has to be set:
 Switch settings / Interface / Port advanced / Frame mode / p5 CPU: “ether type DSA”
 Switch settings / Interface / Port advanced / Ether type / p5 CPU: “0xDADA”
 Switch settings / Advanced / ATU settings / Reserved multicast to CPU: “Enable”
Bridge
priority
The priority value is a number between 0 and 61440 in incremental steps of 4096, with a default value of 32768. Lower priority values are ‘better’. The bridge with the lowest priority value will be elected ‘root bridge’.
Hello time [s]
The hello time is the time between each Bridge Protocol Data Unit (BPDU) that is sent on a port. Hello time is equal to 2 seconds by default.
Max age [s]
The max age timer controls the maximum length of time that passes before a bridge port saves its configuration BPDU information. This time is set to 20 sec by default.
Forward delay [s]
The forward delay is the time that is spent in the listening and learning state. This time is equal to 15 sec by default.
Algorithm
This parameter sets the bridge’s spanning tree algorithm to operate in normal (RSTP) or force it to operate in slow (STP) mode. In normal mode, RSTP reverts back to STP on ports where it sees other hosts operating in STP mode.
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Port priority
The ports’ priority value is a number between 0 and 240 in increments of 16, with a default value of 128.
Path cost
The Path cost can be set automatically or manually. Entering the value of zero sets this parameter automatically. The automatic setup is based on link speed.
Edge
Selecting the checkbox sets the port as an “edge” port. If a port is an edge port it is assumed to be a leaf link in the graph, not connected to any other bridges. Receiving any STP BPDU’s on a port configured as an edge port temporarily overrides edge port behaviour for the port.
MAC address
The ports’ default MAC addresses are the same as the MAC address of the RAy2 unit.

5.5.4.8. Trunk

Menu Switch settings / Advanced / Trunk

Fig. 5.42: Menu Switch settings / Advanced / Trunk


Port trunking is supported by the device using any combinations of ports. The ports that are to be associated with the trunk need to have all the port members’ defined with the same “Trunk Id” and the “Enabled” parameter has to be enabled.

When a frame enters a Trunk Port its Source Address (SA) is learned with its association to the ingress port’s TrunkID number. In this way the contents of the address database contain the same association with the frame’s SA regardless of the link of the trunk the frame entered the switch.

When frames are routed back toward a trunk the frame will have its Destination Address (DA) found from the address database. If the frame’s DA is unknown the frame will try to flood out all ports of the trunk (this is OK in so far as this will be fixed with load balancing). If the frame’s DA is found, the entry will indicate mapping to a trunk and the entry’s DPV bits will contain the TrunkID associated with this frame’s DA. This TrunkID needs to be converted into a DPV (Destination Port Vector) that the rest of the switch can use. This is accomplished by accessing the Trunk Mapping table using the TrunkID that was in the ATU’s entry.

Balancing mode
Hash DA and SA for TrunkMask selection. Trunk load balancing is accomplished using the frame’s DA and SA fields to access one of eight Trunk Masks. Two options are available:
 XORThe lower 3 bits if the frame’s DA and SA are XOR’ed together to select the TrunkMask to use.
 hashThe hash computed for address table lookups is used for the TrunkMask selection. Use this parameter to reach better load balancing between the ports in the trunk.
Port name
Identification of the internal switch port. The switch ports are connected to an external port or to an internal device (radio modem, management CPU).
 Eth1
Eth2
CPU
Air
The external port (with RJ45 interface) labeled “ETH1+POE”. Port 2.
The external port (with SFP interface) labeled “ETH2”. Port 4.
The internal port to management CPU. It is physical port number 5.
The internal port to radio modem, i.e. link to the peer unit. Port 6.
Enabled
When this parameter is enabled, the port is considered to be a member of a trunk with the Trunk Id defined below.
Trunk Id
This parameter defines which trunk the port is to be associated with. All ports that are members of the same trunk must be assigned the same Trunk ID.
Balancing
Trunk Mask bits.

5.6. Tools

5.6.1. Maintenance

5.6.1.1. Backup, Default settings, Diagnostic package, MIB

Menu Tools / Backup

Fig. 5.43: Menu Tools / Backup


Settings – External backup
(Local & Peer)
Saving and restoring unit configuration. User accounts are not affected by those functions.
 Backup
to external file
Configuration is saved to backup file which is downloaded to management PC. The backup file name contains the date, time and RAy serial number as follows:
yyyyMMddhhmm_SN_cnf_backup.tgz.
It can be either a full configuration or a difference to the default configuration.
 Upload fileUpload configuration from a backup file into buffer. The current unit configuration is not affected. The uploaded configuration can be displayed using “Show backup” button on particular configuration screens. The configuration of the entire unit can be restored (from this buffer) using “Restore” button below.
 Restore from fileAfter the configuration backup file has been loaded into the unit buffer (using Upload button above), the whole unit configuration can be restored using Restore button.
 
Settings –
Internal backup
(Local)
It is possible to make a temporary backup of the local unit configuration. The backup is stored directly in the unit FLASH memory. This backup is totally independent from the backup to external file and its values are not dispayed using ‘Show backup’ button. Such a fast backup is strongly recommended before any modification of unit parameters or before antenna alignment, because it allows fast restore to the surely working configuration.
  NOTE: The internal backup FLASH is deleted if factory settings or firmware upgrade are performed.
 Internal backupMake a temporary backup of the unit configuration locally in the unit FLASH memory.
 Internal restoreRestore (from the unit FLASH memory) the temporary backup of the unit configuration.
 Internal restore
– HW button
The local temporary backup of the unit configuration can be also restored using the hardware button. The HW button is located next to the DC connector within the port marked “P”.
The rollback and reboot functions are suppressed while restoring from internal backup. All changes are applied immediately. Should the time zone be changed, the unit has to be restarted for changes to take effect.
Press the HW button for the required time interval of 5 seconds. The button being pressed is confirmed by the Status LED flashing green. After the 5 seconds guard time, the unit restores to customer settings stored previously in to the unit FLASH memory.
Users (Local)
Saving and restoring user accounts.
  NOTE: The “super” user privileges are necessary to be able to perform those actions.
 Backup
to external file
Backup local unit user accounts to an external file. The file is downloaded to management PC.
 Upload file
& restore
 
Restoring user accounts from an external backup file.
Default settings
Applying default values to configuration parameters.
 Restore link
settings
(Local & Peer)
Whole set of parameters from the Link settings menu tree is affected.
 
 
 Restore switch
settings (Local)
Whole set of parameters from the Switch settings menu tree is affected.
Factory settings (Local)
Reverting the unit to its original state – like it was shipped from the factory. All configuration items, user accounts, measured values and system messages (logs) will be irreversibly deleted.
  WARNING: This task takes a few minutes to complete. Do not interrupt the power supply during the operation.
 Restore
factory settings
Applying Factory settings to Local unit. The unit reboots itself after applying all changes.
 Restore
factory settings
– HW button
It is possible to bring the unit to Factory settings by holding the hardware button depressed during unit’s boot. The HW button is located next to the DC connector within the port marked “P”.
Disconnect the power supply from the unit. Keep the HW button depressed while reconnecting the power. The LED marked SYS starts to flash red after a few seconds. Keep the HW button pressed another 5 seconds until the red status LED stops flashing. The unit’s boot up sequence continues and Factory settings are applied.
Should the HW button be released when the status LED is in the red flashing phase (but before the 5 s guard time), the unit stays in Service mode. Please, leave this mode by rebooting the unit.
Diagnostic package
(Local & Peer)
 
To facilitate communication with the technical support you can create an archive file with detailed information about the unit. If connection with Peer unit is active the diagnostic information from both units are saved.
 Create
& download file
Saving a file with information about the unit (Local and Peer).
  NOTE: This task takes a few minutes to complete.
Management
Information Base
 

Management Information Base (called often a MIB table) is a key info for setting up a SNMP communication between the unit and a network management system (NMS).

 SNMP MIBSaving a file with SNMP MIB (Management Information Base) table. The downloaded file is identical to the SNMP MIB table file downloaded from RACOM web (section Download) for relevant FW version.

5.6.1.2. Feature keys

Menu Tools / Maintenance / Feature keys

Fig. 5.44: Menu Tools / Maintenance / Feature keys


The sub-set of RAy parameters is affected by use of SW Feature keys.

The SW Feature keys limiting data transfer speed [Mbps] are available. Speed of the transferred data is determined by a combination of the radio channel bandwidth (parameter Bandwidth [MHz]) and modulation order (parameter TX modulation). The key limiting the data transfer speed enables only certain combinations of the channel bandwidth and modulation order to get the data transfer speed according to the key. The data transfer speed is typically slightly higher than declared.

When installed, the key is activated after the unit restart. The unit can be restarted using the Tools – Maintenance – Restart. Choose the Restart mode – warm.

Feature
Name of the function controlled by the Feature key.
SW keys of the local unit only are displayed. To be able to manipulate the Feature keys, it is necessary to access directly the management system of the relevant unit – use the IP address of the relevant unit.
Limit / Enable
The numeric value set by the key.
Remove
The specific Feature key can be deleted using the Delete button. The parameters controlled by this Feature key are reset to their default values after the unit restart.
NOTE: The link radio parameters can be changed subsequently (e.g. to a different operating frequency)!
Upload
Feature keys are installed into the unit from the binary files.
NOTE: Use the file as it is (do not unpack).
 Open file upload – Dialog for the Feature key binary file selection is open.
The Feature key is activated after the unit restart.

5.6.1.3. Firmware

Menu Tools / Firmware

Fig. 5.45: Menu Tools / Firmware


If a new firmware version is released for the given microwave link type, you can upload it to your RAy units.

          Info
Firmware
version
Information about the current firmware package version on the Local and Peer units.
Radio firmware version
Information about the radio board current firmware version on Local and Peer unit.
Radio configuration version
Radio board calibration data format version.
Hardware
version
Information about the HW version of the modem board.
Radio hardware version
Information about the HW version of the radio board.
 
          Firmware upgrade
Firmware upload
Open file upload – opens a dialog for uploading firmware package to the unit buffer. Only after firmware has been prepared in the buffer, can you perform the actual upgrade.
NOTE: Use the file as it is (do not unpack).
File name
Name of the uploaded firmware file.
File size [B]
Size of the uploaded firmware file.
Version in buffer
Information about firmware version prepared in the buffer for installation into the unit (Local, Peer). This firmware must first be prepared in the Firmware upload section (see above).
Clean buffer
You can use the Clean buffer button to delete prepared firmware package in the buffer.
Force upgrade
Force mode blocks all safety and compatibility checks and probably bricks your unit.
You should not use force mode until instructed to do so by the technical support.
Upgrade
Use the Upgrade button to perform the firmware installation.
[Warning]Warning

Installing the firmware takes several minutes (about 3 minutes). During this time, transmission of user data is interrupted. Do not interrupt the power supply during firmware installation!

5.6.1.4. Radio adaptation

Menu Tools / Radio adaptation

Fig. 5.46: Menu Tools / Radio adaptation


Radio type
IMPORTANT: Applies only for RAy2-17 and RAy2-24 links.
Hardware of these links is universal for the entire frequency band. To facilitate the configuration of radio parameters, units are coded for L (Lower) and U (Upper) part of the band. L or U band assignment can be modified.
 Radio typeRadio unit type: L (Lower) or U (Upper) part of the frequency band. Use the Change button to change the radio type.
WARNING: When the radio type is changed, the “Link settings” menu parameters of each unit are reset to default values except login / password details.
Frequency tables
The microwave link contains one or more frequency tables (called rcinfo). These tables contain the following information:
 List of available bandwidths and modulations.
 Assignment of frequencies to the channels and the names of these channels. These channels are used to configure radio parameters of the link (see screen Link settings / Radio).
 Default values of radio parameters.
 A set of radio parameters, needed for the ATPC operation.
 ActiveName of the currently used frequency table.
 NewSelect a new frequency table. Available tables are displayed in format <name:version>. Use the Change button to change the table. The following dialog appears, e.g.:
 WARNING: This change will only affect the Local station.
The station reboots and radio parameters may get changed.
[Warning]Warning

Using the wrong frequency table can lead to violation of the corresponding telecommunications regulations.

 

5.6.1.5. Restart

Menu Tools / Restart

Fig. 5.47: Menu Tools / Restart


Target
Restart of selected unit, Local or Peer.
Restart mode
 WarmReboot management system.
 ColdRestart the whole station as if power was removed.
System restart
Performs the selected restart.

5.6.2. Live data

5.6.2.1. Bar indicators

Menu Tools / Bar indicators

Fig. 5.48: Menu Tools / Bar indicators


Graphical indication of BER, SNR and RSS.

Refresh
One-time update of displayed values.
Start, Stop
Use the Start button to start automatic update of displayed values with a period of 1 second. Use the Stop button to stop it.

5.6.2.2. Antenna Alignment Tool

The Antenna Alignment Tool supports interactive antenna alignment. RSS and SNR are displayed for both local and peer unit. A selected value can be indicated in large font and acoustically. Values are refreshed 10x per second.

When performing antenna alignment, both ATPC and ACM functions should be disabled; their automatic behaviour interferes with the alignment process which is based on finding the maximum signal strength.

The tool is accessed via e.g. http://192.168.169.169/tk for standard Ethernet ports, and via http://172.17.17.17/tk for connections using USB/WiFi or USB/Eth. The Antenna Alignment Tool does not require user authentication.

Ray Tools

Fig. 5.49: Ray Tools


Red strip
(top of the page)
   +Increases the number of displayed parameters
   xDecreases the number of displayed parameters
   textLocal Station name (e.g. ‘Site-A’)
Link
 3.5 MHz
Ok
Channel width
Link connected (green icon).
The Peer values (see below) are visible when the connection between Local and Peer unit has been established.
Local, Peer
 QPSK
ACM, ATPC
Current modulation of the Tx signal
Status of ACM + ATPC (red colour warns ACM or ATPC is enabled).
Go to unit
management
 Link to the full configuration interface of the microwave unit; user authentication is required.
-71.8
 Actual RSS [dBm] or SNR value. The selected value is chosen by clicking/tapping on the respective value below the main display.
Exclamation icon !
 An exclamation icon is displayed when either Local or Peer unit has ACM or ATPC enabled. ACM and ATPC mode should be disabled; they can affect signal strength.
Icon
of speaker
 Acoustic indication for local RSS value ON/OFF.
The TONE or BEEP signal is supplemented with voice output every 10 seconds, notifying signal strength.
TONE / BEEP
 Select the sound generated.
 The better the signal, the higher the frequency.
The acoustic indication is linked to the value on the main display.
If a WiFi connection is used to access Antenna Alignment, the ‘noise’ audio signal is used to notify low quality or low stability of the WiFi signal.
COARSE
/ FINE
 Choose the scale of acoustic indication
 COARSE
 
FINE
– for approximate alignment. Range of tones (or frequency of beeps) is equal to -100 to -30 dBm
– for a more precise alignment. Range of tones (or frequency of beeps) is equal to ±10 dBm from the value sampled at the moment when the FINE button was pressed)
RSS, SNR
 Values RSS and SNR for local and peer unit (4 values in total):
 First column
Second column
Best values recorded
Current values
 The value to be displayed on the main display is selected by a tapping/clicking on the respective value.
Reset peaks
 Best values history is cleared.
  

5.6.2.3. RX constellation diagram

Menu Tools / RX constellation

Fig. 5.50: Menu Tools / RX constellation


Constellation diagram shows the quality of received signal.

RX modulation
Modulation level of RX channel.
Buffer
Number of plotted points.
Refresh
One-time update of diagram.

5.6.2.4. Frequency spectrum analyzer

Menu Tools / Frequency analyzer

Fig. 5.51: Menu Tools / Frequency analyzer


A very useful tool for identifying in-band interference and locating a free channel. It is not a full-blown spectrum analyzer as it scans the spectrum with 7MHz channel resolution. The accuracy of measured results is given by the accuracy of measuring RSS.

[Warning]Warning

Running spectrum measurement causes interruption of user data flow between stations!

Enable
Opening analyzer functions.
Start
Interrupts communication on the link and starts scanning frequencies in the band.
Spectrum
measure time
Selection of measurement length in range:
single sweep … up to 15 min
Mute peer TX
The deactivation of Peer station transmission during measurement.

After using the analyzer visit any of the Link menu settings and select Refresh. This restores the configuration connection (message Peer: n/a ).

5.6.3. History

The unit continuously stores information about the values of important variables. Stored values can be viewed using three methods – Thumbnails, Viewer and Data

5.6.3.1. Thumbnails

Preview all values for the last 24 hours. Click on a thumbnail to open the viewer with a chart.

Menu Tools / History / Thumbnails

Fig. 5.52: Menu Tools / History / Thumbnails


TemperatureInstantaneous value of temperature inside the unit. Measured on the modem board. Temperature of radio board is available via SNMP.
VoltageInstantaneous value of unit supply voltage.
RSSReceived signal strength.
SNRSignal-to-noise ratio of the received signal.
BERInstantaneous bit error rate on link.
Net bitrateInstantaneous transmission capacity.
Eth1, Eth2 in
throughput
Instantaneous speed (20s average) of incoming user data on the user Ethernet port.
Eth1, Eth2 out
throughput
Instantaneous speed (20s average) of outgoing user data on the user Ethernet port.
TX powerInstantaneous value of transmission power.

5.6.3.2. Viewer

Detailed graphical view of one or two selected values for the given interval. You can choose to view data from Local or Peer or both.

Menu Tools / History / Viewer

Fig. 5.53: Menu Tools / History / Viewer


The values are saved in the following resolutions and history lengths:
 Resolution 1 minute, length of history 7 days
 Resolution 15 minutes, length of history 30 days
 Resolution 1 day, length of history about 180 days
Interval
Selecting width of interval to be displayed. Based on the interval width, data is displayed in a suitable grid: Up to 3 hours at one minute. Up to 4 days at 15 minutes. For longer intervals at one day.
 IntervalResolutionHistory
 1 hour – 3 hours1 minute7 days
 6 hours – 4 days15 minutes30 days
 1 week – 6 months1 day180 days
More options:
 Previous      Move by one width of selected interval towards older values.
 Next             Move by one width of selected interval towards newer values.
 Last              Move to the newest values.
Primary Y axis
Selecting one of the observed values:
 Temperature, Voltage, RSS, SNR, BER, Net bitrate, Ethernet in throughput, Ethernet out throughput, TX power
Secondary
Y axis
Selecting a second value:
 None
 Temperature, Voltage, RSS, SNR, BER, Net bitrate, Ethernet in throughput, Ethernet out throughput, TX power
Alarm
Enables the display of alarms, if there were any.

5.6.3.3. Data

Numerical view of all values

Menu Tools / History / Data

Fig. 5.54: Menu Tools / History / Data


Quantities
Detailed graphical view of values for selected interval.
 Plotted – Shows only the values that are selected for the graph.
 Local, Peer, All – Shows all logged values. Filtering of values from local, remote or both.

5.6.4. Logs

Shows internal unit logs. Individual tabs allow total or filtered view.

Menu Tools / Logs

Fig. 5.55: Menu Tools / Logs


When you first open the screen, it is necessary to start browsing logs by pressing the Refresh button.

Maximum length of displayed logs is 250 entries. If you need to display longer history, use of CLI interface is needed.

Overall
Displays the last 3 records from all types of logs.
Local alarms, Peer alarms
Alarms from Local or Peer unit.
Local events, Peer events
Events from Local or Peer unit.
Filter
Listings of all logs can be filtered. You can enter text in the upper left corner window for filtering listings. For example, you want to know when the configuration of the unit was modified: On the Local events screen, enter Configuration and hit Enter.
You can use plain text or regular expressions for filtering (JavaScript format).

5.6.5. Programs

5.6.5.1. Ping

The Ping tool allows sending ICMP pings to a selected address

Menu Tools / Programs / Ping

Fig. 5.56: Menu Tools / Programs / Ping


Start the test by clicking on Send. The result is displayed in the text window.

Destination
Destination address in dotted decimal notation. The default address 127.0.0.1 is the localhost address – i.e. the unit itself.
Size [B]
Length of sent data 7 to 1500 bytes, 8 bytes of the header will be added.
Count
Number of sent pings.
The period for sending pings is constant: 1000 ms.

5.6.5.2. CLI

Web interface for executing non-interactive scripts and programs.

Menu Tools / Programs / CLI

Fig. 5.57: Menu Tools / Programs / CLI


Manage custom commands
Using “Open file upload”/”upload” the user can upload scripts to the unit. The uploaded file can be either a single shell script with extension .sh (e.g. my_script.sh) or package with multiple scripts with extension .tar.gz or .tgz created using tar.
“Delete all” removes all custom scripts from the unit.
Custom scripts are located in /home/shared/bin.
Custom commands
A custom script can be selected here and initial comments/help is shown.
CLI commands
A CLI command can be selected here. You can use cli_help for listing all CLI commands or <command> –help to obtain detailed help on a selected command.
Command
Command line for writing commands with parameters. You can use any non-interactive program/script according to your permissions.
Format of custom scripts
Custom scripts must be a shell script with preamble #!/bin/sh and extension sh.
Blocks of lines beginning with the comment sign (#) after preamble are considered to be help and are listed when the script is selected in the web interface.
Scripts should not be interactive as there is no possibility to send a response from the web interface. All script options should be implemented as parameters.
Syntax should be valid for interpret shell ash from BusyBox v1.20.1.
Example of
custom script
 
#!/bin/sh
#script checkes if service with the same name or vid already exists
#if not creates a new entry in VTU with given VID
#
#  input parameters:
#      service_name - name of the new service
#      VID - vid of the new service
#
#  return values:
#      0 - ok
#      3 - bad parameter
#      5 - service already exists
#      6 - there already exists an entry with given VID
#     42 - other error

D42_NAME="$1"
D42_VID="$2"

D42N="service_data42"

error()
{
        echo "$D42N: Error: $*" >&2
}

info()
{
        echo "$D42N: $*" >&2
}

die()
{
        error "$*"
        exit 42 #error
}

# basic check if not empty
if [ -z "$D42_NAME" ]; then
        error "Bad service name"
        exit 3
fi
if [ -z "$D42_VID" ]; then
        error "Bad service VID"
        exit 3
fi

D42_FOUND=$(cli_nw_get --vtu all | grep "$D42_NAME")
if [ -n "$D42_FOUND" ]; then
        error "Service(s) with name $D42_NAME found"
        echo $D42_FOUND
        exit 5
fi

D42_VALID=$(cli_nw_get --vtu "$D42_VID" | sed -n 's/^valid=\(.\+\)$/\1/p')
if [ "pre_$D42_VALID" = "pre_true" ]; then
        error "VID $D42_VID is used"
        cli_nw_get --vtu "$D42_VID"
        exit 6
fi

D42_VALID=$(cli_nw_get --stu 1 | sed -n 's/^valid=\(.\+\)$/\1/p')
if [ "pre_$D42_VALID" = "pre_false" ]; then
        info "Creating STU entry with SID=1"
        cli_nw_set --stu 1 'label="D42_auto", port_state=["disabled", "disabled", "forwarding", "disabled", "disabled", "forwarding", "forwarding"]'
        if [ $? -ne 0 ]; then
                die "Failed to create STU entry"
        fi
fi

info "Creating service \"$D42_NAME\" with VID=$D42_VID"
cli_nw_set --vtu "$D42_VID" label="$D42_NAME" 'fid=0, sid=1, pri_override=true, priority=5, policy=false, member_tag=["unmodify", "unmodify", "tag", "unmodify", "not_member", "not_member", "unmodify"]'
if [ $? -ne 0 ]; then
        die "Failed to create service \"$D42_NAME\" with VID=$D42_VID"
fi

5.7. Help

Help menu

Fig. 5.58: Help menu


Help from Help menu

The Help screen displays contents of the embedded help. The help text is displayed in the whole configuration window. The text structure corresponds to individual configuration screens. Every item of this Help opens the specific help menu.

CLI help visible
Allows displaying of the CLI help with examples.
Third party
documentation
Allows displaying references to the third party documentation (e.g. internal switch documentation).

Help from configuration menu

Clicking the name of the specific parameter in the configuration menu brings up the help belonging to this parameter. The help text is displayed in the pop up window:

Parameter help

Fig. 5.59: Parameter help


There is a Go to help link within the help text. It displays the whole configuration menu help:

Configuration menu help

Fig. 5.60: Configuration menu help


There is a link on each help screen which points to the respective configuration screen.

Clicking the question mark icon in the upper right corner of the configuration screen brings a summary help for the configuration screen in the pop up window:

Summary help

Fig. 5.61: Summary help


The Help window can be moved by dragging the Hints bar. Resize it by dragging the bottom corner.

©  2024 RACOM s.r.o. All Rights Reserved.