ZyXEL_VES-1624F-44_Product_Training
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,131
On Slideshare
761
From Embeds
370
Number of Embeds
5

Actions

Shares
Downloads
7
Comments
0
Likes
0

Embeds 370

http://marrshsu.blogspot.tw 204
http://marrshsu.blogspot.com 133
http://marrs-2.blogspot.tw 25
http://marrs-2.blogspot.com 6
http://marrs-2.blogspot.ru 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • An MDF (Main Distribution Frame) is usually installed between the telephone wires from the user’s side and the telephone company central office (CO) side. Wiring is usually located in a basement or telephone room to make in-building wiring flexible and easy to manage. The MDF is the point of termination, inside the building, for the outside plant cable and in-building telephone lines. The figure above shows the in-building wire pairs in the Main Distribution Frame. Please note that the lower part of the panel is to users' telephones, while the upper part of the panel is from central office switch of the Tele company.
  • Before VDSL installation, phone service is already available and there are two MDFs; one (MDF-2) for end-user telephone line connections and the other one (MDF-1) for CO telephone line connections . These two MDFs are connected via inter-patch cable.
  • Telco cable : Telco cables are used for data and voice applications with MDFs (Main Distribution Frame). It can also be used as extension cables. Telco cables are typically made up of 25 or 50 twisted-pair copper cables. Connect a Telco connector to one end of the cable and connect the other end directly to an MDF. The whole cable installation procedure : Acquire two additional MDFs (3 and 4). Follow the pin assignments shown in previous slide to wire two Telco cables (not supplied in the package) to two Telco-50 connectors (supplied). Connect the Telco-50 connector end of the cable you want for VDSL service to the Telco-50 port labeled USER on the VES-1416 front panel. Connect the wiring on the other side of the Telco-50 cable to the upper ports of MDF 3 using a punch-down tool. Connect the Telco-50 connector end of the cable you want for phone service to the Telco-50 port labeled CO on the VES-1416 front panel. Connect the wiring on the other side of the Telco-50 cable to the upper ports of MDF 4 using a punch-down tool.
  • Unplug the non-VDSL service inter-patch cable(s) from MDF 2 and connect to the bottom ports of MDF 4. Connect the lower ports of MDF 3 to the upper ports of MDF 2 using a extra regular telephone cables for those users that want VDSL service (as well as voice service). (Users who want to telephone service only, retain the original connection from the top port of MDF 1 to the bottom port of MDF 2.) Connect the telephone wiring from the end-user’s VDSL equipment to the lower ports of MDF 2. Advantages The installer can finish the installation for all VES-1416 ports the first time thereby minimizing the need to modify existing infrastructure for future VDSL users. Even though not all of the subscribers can use VDSL service, the option to upgrade is preserved because the VES-1416 is pre-configured to accept more VDSL customers.
  • For the in-house cable wiring, you could directly connect the cable to P841 VDSL port and telephone to P841 PHONE port. The built-in POTS splitter keeps the telephone and VDSL signals separated, giving them the capability to provide simultaneous Internet access and telephone service on the same line. Splitters also eliminate the destructive interference conditions caused by telephone sets. The Noise generated from a telephone in the same frequency range as the VDSL signal can be disruptive to the VDSL signal. In addition the impedance of a telephone when off-hook may be so low that it shunts the strength of the VDSL signal. When a POTS splitter is installed at the entry point, where the line comes into the home, it will filter the telephone signals before combining the ADSL and telephone signals transmitted and received. The issues of noise and impedance are eliminated with a single POTS splitter installation. If the P841 is not installed in the entry point (there are T-tap in front of P841), you have to install a VDSL Micro filter in front of each telephone. A micro filter acts as a low-pass filter, for your telephone, to ensure that VDSL transmissions do not interfere with your telephone voice transmissions.
  • VLAN Stacking Port Role 1.Normal Port Role 2.Access Port Role 3.Tunnel Port Role
  • When a packet enters a normal port, it will follow the 802.1Q procedure and be transmitted to the forwarding process.
  • When a packet enters the Access port, the switch will insert additional SP VLAN tag into the Ethernet frame at the ingress switch and strip the SP VLAN tag at the egress
  • Only the VID of the outer tag is used by the core Ethernet switches to identify the C-VLAN across the Metro domain Thus to support a larger number of C-VLAN
  • Ingress Rule Transition Diagram:
  • Packets are colored if they conform to a token bucket profile defined by a classifier. A classifier classify traffic based on certain two criteria One criteria is based on the DS codepoint The other criteria is based on the value of a combination of one or more header fields, such as source address, destination address, DS field, protocol ID, source port and destination port numbers, and other information such as incoming interface.
  • Note: The relationship between Policy Rules and Classifiers is One-to-One or One-to-Many. The maximum number of classifiers and policy rules are 124. For example, In the presence of congestion, red packets are dropped with a higher probability than blue, which in turn are dropped with a higher probability than green.
  • In this slide, you can learn the behavior of Unicast , Broadcast and Multicast. A unicast packet is sent to a specific host A broadcast packet is sent to all reachable hosts within a certain scope Multicasting refers to sending a packet to some, but not all reachable hosts. Why multicast? Efficient use of bandwidth and host processing power.
  • In the Unicast case, a server sends one copy of each packets to every client using the unicast address. We take the example as shown in figure. There are four hosts, three of them need to get packets from the Video server while the other does not want to get packets. Firstly, the Video server know there are three hosts need to receive packets. So, it sends three packets with different Destination IP addresses to the switch. After the switch receives three packets, it forwards them to the router after it. Then the router routes these packets to the two switches behind it according to its Destination. The switches get these packets, then forward them to the Receivers. The client on the right side will not get any packets.
  • In the broadcast case, an application sends only one copy of each packets using a broadcast address. But if some stations don't request to receive the video stream, they also need to process this traffic. As the figure shown here, if there are four hosts, three are the receivers, and one is the non-receiver. The Video server sends a broadcast packet to the switch. Then the switch forwards this packet to the router. The router routes and broadcasts the packets to the switches. After the switches receive these packets, the switches flood those packets to the hosts. All hosts including the non-receiver receive them
  • Multicast is the most efficient solution that a multimedia server sends one copy of each packet using a special address. As the figure shown here, if there are four hosts, three are receivers and one is non-receiver. The Video server sends a packet to the switch. The switch forwards this packet to the multicast router. After the router gets this packet, it copies this packet and forwards them to the switches. Then the switches forward packets to the receivers, the non-receiver will not get any packet. The multicast saves bandwidth and controls network traffic by forcing the network to replicate packets only when necessary. By eliminating traffic redundancy, multicast reduces network and host processing.
  • Multicast uses class D addresses The class D IP addresses are defined as the multicast IP addresses. The addresses consist of 1110 as the high-order bits in the first octet, followed by a 28-bit group address. The range of Class D address is from 224.0.0.0 through 239.255.255.255. Each single Class D IP address is identified as a multicast group ID. A sender that wishes to send packets to the group just puts the class D address in the destination field of the IP header. The sender doesn’t need to know where are the receivers and how packets are delivered to group members and is free of maintaining the List of group members. Router task: group membership management (IGMP) and delivering multicast packets. Delivering multicast packet is through the multicast tree. (PIM MOSPF DVMRP)
  • IANA - Internet Assigned Numbers Authority http://www.iana.org/assignments/multicast-addresses The range of addresses between 224.0.0.0 and 224.0.0.255, inclusive, is reserved for the use of routing protocols and other low-level topology discovery or maintenance protocols, such as gateway discovery and group membership reporting. Multicast routers should not forward any multicast datagram with destination addresses in this range, regardless of its TTL.
  • To avoid invoking the ARP to map multicast IP address to multicast Ethernet address, the IANA designates a range of Ethernet addresses for Multicast. The Ethernet Address with prefix 01:00:5e is identified as a multicast Ethernet frame. Therefore, it includes Multicast addresses in the range from 01:00:5e:00:00:00 to 01:00:5e:7f:ff:ff. The lower 23 bits of the Class D IP addresses are mapped into a block of Ethernet address that have been reserved for multicast.
  • The Ethernet frame with prefix 01-00-5e is identified as a multicast Ethernet frame; the next bit is always 0, leaving only 23 bits for the multicast address. However, the IP multicast groups are 28bits long, the mapping cannot be one-to-one. Only the 23 least-significant bits of the IP multicast group are placed in the Multicast Ethernet frame. The remaining five high-order bits are ignored, resulting in 32 (2 5 )different multicast groups being mapped to the same Multicast Ethernet address. For example, the 224.10.10.10 (01:00:5e:0A:0A:0A) has the same Multicast Ethernet address as 225.10.10.10 (01:00:5e:0A:0A:0A).
  • A host receives a general query message, it waits a random time between zero and max. response time. A host joins a group by sending report message to group address without waiting a query The router will set a timer for the membership and the membership entry will be removed if no reports were received after timer expires.
  • By default, a layer 2 switch treats IP multicast traffic in the same manner as broadcast traffic. Because a switch usually learns MAC addresses by looking into the source address field of all the frames it receives. But, since a multicast GDA MAC address (01:00:5E:XX:XX:XX) is never used as source MAC address for a packet and since they do not appear in the MAC Filtering Database, the switch has no method of learning them. Without snooping functions, the switch would flood multicast traffic out every port regardless of whether a user is requesting it. IGMPv3 snooping monitors, or sniffs, the IGMPv3 traffic as it traverses the switch. The switch then records the Media Access Control (MAC) addresses and the port that requested to be a part of a multicast group. Because the switch becomes an integral part of the process of IGMPv3, the router forwards status messages to the switch and the switch forwards them out the appropriate ports.
  • When the Switch is connected with different network and running some routing protocol like OSPF or RIP V2m based on Multicast information exchange, setting the unknown multicast for dropping is going to break the network.
  • Multicast addresses (224.0.0.0 to 224.0.0.255) are reserved for the local scope. For examples, 224.0.0.1 is for all hosts in this subnet, 224.0.0.2 is for all multicast routers in this subnet, etc. A router will not forward a packet with the destination IP address within this range. See the IANA web site for more information. Specify the action to perform when the switch receives a frame with a reserved multicast address. Select Drop to discard the frame(s). Select Flooding to send the frame(s) to all ports.
  • Join 1.Subscriber sends an IGMP report message to the S1 switch to join the appropriate multicast. 2.Whether IGMP report matches the switch configured multicast MAC address 3.If matches, the switch CPU modifies the hw address table to include this receiver port and VLAN as a forwarding destination of the MVLAN Leave 1.Subscriber sends an IGMP leave message to the S1 switch to leave the multicast 2.The switch CPU sends an IGMP group-specific query through the receiver port VLAN. 3.If there is another subscriber in the VLAN, subscriber must respond within the max response time. 4.If there is no subscriber, the switch eliminates this receiver port. Multicast traffic for all channels is sent only on the MVLAN. MVR eliminates the need to duplicate tv-channel multicast traffic for subscribers in each VLAN. IGMP leave and join messages dynamically register for streams of multicast traffic in the MVLAN on the layer 3 device. The access layer switch (S1 switch) modifies the forwarding behavior to allow the traffic forward to the subscriber port in a different VLAN.
  • atba5 : change the baud rate to 115200 atlc : load the configuration file atur : load the firmware atgo : boot the device

Transcript

  • 1. ZyXEL VDSL SwitchZyXEL 國內代理商 :泓彥資訊股份有限公司講師 : Sam Yang( 楊勝景 )
  • 2. Agenda• Index VES-1616/24F-44 Overview• Install• Basic Setting• VDSL Setting• Virtual Local Area Network• Multicast• MVR• Troubleshooting• Case Study
  • 3. ZyXEL VES-1616/24F-44
  • 4. VES-1616F-44 Front View Alarm In Fans POTS Connector VDSL LED Uplink Port LEDConsole System LED 2 Combo ports VDSL Connector Out of band management
  • 5. VES-1616F-44 Overview 19” Rack Mount VDSL Line: Up to 16/24 VDSL Lines Wire Wrapped  Downstream/upstream rate: up to 100/45 Mbps  POTS Line: Integrated Splitter  GE Uplink: Two 1000/100Mpbs Connection Fiber Uplink: Two SFP transceiver (1000Base- SX/LX/LHX/ZX)  RS-232 Console: Local Management  RJ45 Management: Local Management
  • 6. SFP (MiniGBIC) Transceiver 1000Base-ZX – Single mode (1550nm) – up to 80KM, LC 1000Base-LHX – Single mode (1310nm)– up to 40KM, LC 1000Base-LX – Single mode(1310nm) – up to 10KM, LC 1000Base-SX – Multi mode(805nm) – up to 550M, LC
  • 7. Features Introduction  DMT modulation  Band Plan support (998)  VDSL profile  VLAN  VLAN stacking  Multicast VLAN Registration (MVR)  DiffServ  Classifier and policy rule  802.1p  Queuing  Port Mirror
  • 8. Features Introduction  Static Route  IGMP Snooping  STP/RSTP  Link Aggregation  Port Authentication and Security  Limit MAC count control  Static MAC forwarding  Access Control list  Syslog  Bandwidth Control
  • 9. Cable Installation
  • 10. In-Building WiringFrom Central OfficeTo users telephone
  • 11. Cable Before VDSL PBX To PBX MDF 1 MDF 2 To user room Room 202• MDF2: concentrate cable from user• MDF1: concentrate cable to PBX
  • 12. Wiring VES-1616 To Telco Connector VES-1616 To CO Port To USER Port MDF 4 MDF 3 To PBX To user room : Data + Voice Stream 16 pair to MDF : Voice Only Stream• MDF3: concentrate cable from user• MDF4: concentrate cable to PBX
  • 13. Cable Installation After VDSL VES-1616 PBX To CO Port To USER Port MDF 4 MDF 3 To PBX MDF 2MDF 1 To MDF 1 To MDF 2 To user room : Data + Voice Stream : Voice Only Stream MDF-1 & 2 : Original MDFs P872
  • 14. P872 InstallationNo Bridge tap Bridge tap Built-in Built-in Built-in Built-in POTS splitter POTS splitter POTS splitter POTS splitter P872 P872 Existing Existing phone line Micro filter Micro filter phone line VES-1616
  • 15. Basic Setting
  • 16. IP Setting IP   Use for OSI Layer 3. You may check the device status with   the same subnet IP. Subnet Mask   Use for check the IP is in the same subnet or not Gateway   Use for route the packet which is not in the same subnet
  • 17. Logins setting •Click Access Control from the navigation panel and then click Logins from this screen.
  • 18. Service Access Control setting •Click Access Control from the navigation panel and then click Service Access Control from this screen.
  • 19. Remote Management security setting •Click Access Control from the navigation panel and then click Remote Management from this screen.
  • 20. SNMP Setting Get community   The SNMP server should use this as a key to get the values in thedevice Set community   The devices will check the community which sent from the SNMPserver as a key to authorization. Trap community   The SNMP server will authenticate the community as a key to decideaccept the trap or not.
  • 21. SNMP Setting (Cont.) Trap Group   The traps will be sent to different destination via its type. Trap Destination   Where the traps will be sent to. At most 4 destinations
  • 22. Syslog Setting Syslog server IP   Where the log will be sent to. Facility   Class the log to different level
  • 23. Time Setting Time Server IP   The server which provide the synchronize time service Protocol   NTP(RFC 1305)/Time(RFC 868) Time zone   +8 for Taiwan Goal   To log with the correct time when there were some problem
  • 24. Port Setting Name   Describe the port use. Do not effect the traffic. Flow control   Enable in VDSL Port and Disable in Ethernet Port Type   VDSL/FastEthernet/GigaEthernet Profile   Which service profile the port provide Alarm Profile   Which alarm profile the port used BPDU   The user’s and without STP port should be discard.
  • 25. Port Setting (Cont.) BPDU   Peer for the port which join the STP topology and do not forward the BPDU   Tunnel for the port which does no join the STP topology but forward the BPDU   Network for the port which join the STP and forward the BPDU which with vlan tag
  • 26. VDSL Setting
  • 27. VDSL Overview•Very high bit rate Digital Subscriber Line•Using twisted pair cable for data transmission•Both Symmetric & Asymmetric Applications•Downstream up to 100M, Upstream up to 45M (Async mode)•Data can coexist with POTS service
  • 28. VDSL OverviewFDM to support full duplex • FDM (Frequency Division Multiplexing) : upstream and downstream use different frequency, the transmission in both direction can take place in the same time. i.e: VDSL, ADSL.Most popular VDSL standard • ANSI/ETSI Plan 998 : suit for asymmetrical
  • 29. ETSI Band Allocation PSD[dbm/hertz] 998 plan for asymmetrical application -60 DS1 US1 DS2 US2 0.138 Mhz 3.75 Mhz 5.1 Mhz 8.5 Mhz 12.0 Mhz F[Mhz]
  • 30. VDSL – Features (1) Rate Adaptive SNR Margin RFI Band Interleave Delay UPBO Band Plan
  • 31. VDSL – Features (2) •Click Basic Setting and VDSL Common Setup in the navigation panel.
  • 32. VDSL- Other Features (3) •Click Basic Setting and VDSL Profile Setup in the navigation panel.
  • 33. IEEE 802.1Q VLAN
  • 34. What is VLANVirtual Local Area NetworkLogical broadcast domain Hub Hub Hub Hub VLAN A Bridge/ Bridge/ Switch Hub Switch Hub VLAN B Hub Hub Bridge/ Hub Bridge/ Hub VLAN A Hub Hub Switch Switch Workstation Workstation VLAN B VLAN A Router Router Traditional LAN VLAN
  • 35. Benefits of VLANIncrease performanceFlexible network segmentationSimple managementEnhance network securityReduce cost
  • 36. VLAN Types Port-based VLAN, No Standard - Cant across switch Tag-based VLAN, IEEE 802.1Q - May across multiple switches - Ethernet MTU 1522 bytes (Normal MTU=1518 bytes)
  • 37. Tag-based VLAN ClassificationUntagged frame  A frame does not contain a tag headerPriority-tagged frame  A frame with tag header carries priority but no VID (VID=0)VLAN-tagged frame  A frame with tag header carries both priority and VID.
  • 38. 802.1Q VLAN802.1Q Tag VLAN  Each VLAN group has unique VID  Each member of VLAN group can talk to each otherVLAN-aware  The device can recognize and support VLAN-tagged frameVLAN-unaware  The device cant recognize VLAN-tagged frame
  • 39. 802.1Q Process Filtering Database Forwarding Ingress Rule Process Egress Rule Packet Packet Receive Transmit• Ingress Rule – Classify the received frames belonging to a VLAN• Forwarding Process – Decide to filter or forward the frame• Egress Rule – Decide if the frames must be sent tagged or untagged
  • 40. Ingress RuleTagged frame Tagged frame VID VIDUntagged frame Ingress Rule Tagged frame PVIDVLAN-aware switch can accept tagged and untagged frame For tagged frame • Directly be transmitted between 802.1Q compliant device For untagged frame • PVID is added onto this untagged frame as a tagged frame • Then the tagged frame is transmitted PVID • Default Port VLAN ID for incoming untagged frame
  • 41. Forwarding Process Forwarding decision is based on the filtering database • Filtering database contains two tables. – MAC table and VLAN table • First, check destination MAC address based on the MAC table • Second, check the VLAN ID based on the VLAN table Egress port is the allowed outgoing member port of VLAN MAC Table  VLAN TablePort MAC Address Aging Egress Egress frame VID Register 2 00:A0:C5:11:11:11 0 Port type 2 00:A0:C5:22:22:22 20 1 2 Static Untag 3 00:A0:C5:33:33:33 30 1 3 Dynamic Tag 10 00:A0:C5:44:44:44 100 100 3 Static Untag
  • 42. Egress RuleTagged frame Tagged frame VID VIDTagged frame Egress Rule Untagged frame VID
  • 43. Static Register Static VLAN table contains four information: • VID 、 Port 、 Ad Control 、 Egress Tag ControlStatic Entry SVLAN tableVID1 : :Port 1(Fixed, tag) VID1 Port 1(Fixed, tag) VID Port Ad Control TagVID2 : :Port 2(Forbidden) VID2 Port 2(Forbidden) 1 1 Fixed TagVID3 : :Port 3(Normal) VID3 Port 3(Normal) 2 2 Forbidden None 3 3 Normal Untag Fixed Forbidden Normal VID=1 VID=2 VID=3 X Port-1 Port-2 Port-3
  • 44. Dynamic Register  What is GVRP • GARP VLAN Registration Protocol • Dynamically create the VLAN between neighbor VLAN-aware device • VLAN is automatically registered and deregistered Egress EgressVID Register VID Register Port Port-1 Port-2 Port 3 2 Static 5 5 Static Switch-1 Switch-2 4 3 Static 6 6 Static 5 1 Dynamic GVRP 3 2 Dynamic 6 1 Dynamic 4 2 Dynamic
  • 45. 802.1Q Ingress Check Use to limit the incoming traffic with the specific VLAN ID Check 802.1Q VLAN table The incoming traffic will be dropped if the port is not the egress port of this VLAN ID If the incoming traffic is untagged. The default VLAN ID of the receiving port will be added first, then going to the Ingress Check
  • 46. 802.1Q Ingress Check VID Egress Port Tagged Port 1 2 3 4 5 1 2 3 4 5 9 v v v v v v 1 2 3 4 5Would be droppedsince port 2 is notthe egress port of Tagged TaggedVID 9 frame frame VID: 9 VID: 9
  • 47. 802.1Q Ingress Check VID Egress Port Tagged Port 1 2 3 4 5 1 2 3 4 5 9 v v v v v v 1 2 3 4 5Would be droppedsince port 2 is notthe egress port of UnTagged UnTaggedVID 9 frame frame PVID :9 PVID :9
  • 48. 802.1Q Ingress Check VID Egress Port Tagged Port V 1 2 3 4 5 1 2 3 4 5 to ID fir the 11 9 v v v v v v In st, un wil gr t h t a l b e s e n gg e s C g e ad he oin d fr de ck g t am d o e 1* PV 2 ID m U ea fr nta 3 ns PV am gg de fa ID e ed ul :1 4 tV 1 LA N 5 ID U fr nta PV am gg ID e ed :9
  • 49. How to configure VLAN
  • 50. How to configure VLAN
  • 51. How to configure VLAN Tag Based •Click the VLAN Port Setting link in the VLAN •Status screen.
  • 52. Default VLAN Operation Default PVID 3 Default PVID l Untag Frame Tag 1 Frame(PC)VLAN Unaware Tag 3 Frame Tag 3 FrameVLAN Aware WithTag VLAN 3 Switch CPU VLAN Aware VLAN 1 3 Ports Untag Tag Untag Frame Tag 1 Frame(PC)VLAN Unaware Tag 3 Frame Tag 3 FrameVLAN Aware
  • 53. VLAN Stacking Port Role Normal Port Role For "regular" (non-VLAN stacking). Access Port Role Adds the SP VLAN tag to all incoming frames Tunnel Port Role Adds the SP VLAN tag to all incoming frames only when SP TPID is different from incoming frame’s SP VLAN tag.
  • 54. 802.1Q Process for Normal Port Role 802.1Q frame Payload Filtering Packet Database Transmit Cust VLAN Tag Eth. Hdr Forwarding Egress Rule Process
  • 55. 802.1Q Process for Access Port Role Double-tagged frame 802.1Q frame Payload Payload Cust VLAN Tag Cust VLAN Tag SP VLAN Tag Filtering Packet Database Transmit Eth. Hdr Eth. Hdr Forwarding Egress Rule ProcessInsert additional SP VLAN Tag into the Ethernet frame atthe ingress switch of a Metro domain and strip them off atthe egress node.
  • 56. 802.1Q Process for Tunnel Port Role Payload Cust VLAN Tag Double-tagged frame SP VLAN Tag Check SP Eth. Hdr Payload VLAN TAG Filtering Same Database Cust VLAN Tag Payload Forwardin g SP VLAN Tag Process Cust VLAN Tag Eth. Hdr SP VLAN Tag SP VLAN Tag different SP VLAN tag Eth. HdrInsert additional SP VLAN tag into Ethernet frame when the SPTPID is different from the one configured in the switch
  • 57. Egress Rule Transition Diagram:Pre-OutgoingPackets Check if Packet that Yes Add the tag to all Packets out from DUT belongs to its VLAN outgoing frames group is tagged port No Remove the tag to all Packets out from DUT outgoing frames
  • 58. Case Study Q in Q VLAN 99 ES-3124-3 P12 P1Vlan 2 P11 P2 GS-3012F-1 GS-3012F-2 P11 GS-3012F-3 ES-3124-2Vlan 1 Vlan 2 Vlan 1 Vlan 1->Vlan 99(1)->Vlan 99(1)->Vlan 1
  • 59. Case Study Q in Q with STP VLAN 99 ES-3124-3 P12 P1Vlan 2 P11 P2 GS-3012F-1 GS-3012F-2 P11 GS-3012F-3 ES-3124-2Vlan 1 Vlan 2 Vlan 1 Vlan 1->Vlan 99(1)->Vlan 99(1)->Vlan 1
  • 60. Protocol-base Vlan
  • 61. CLI DescriptionVES-1616/24F-44(config-interface)#interface port-channel <port-list> protocol-based-vlan name <name>ethernet-type <ethernet-type> vlan <vid> priority <0-7> <cr>interface port-channel <port-list> protocol-based-vlan name <name>ethernet-type <ethernet-type> vlan <vid> priority <0-7> inactive**The port should be the Vlan member first**
  • 62. Protocol-Base Vlan Exampleinterface port-channel 1   protocol-based-vlan name MOD ethernet-type ipvlan 101 priority 4   protocol-based-vlan name MOD ethernet-typearp vlan 101 priority 4   protocol-based-vlan name PPPoE ethernet-type0x8863 vlan 1024 priority 0   protocol-based-vlan name PPPoE ethernet-type0x8864 vlan 1024 priority 0exit
  • 63. Protocol-base Vlan Example VoD 0x0800/0x0806 PPPoE 0x8863/0x8864 Protocol-base VLAN 101User VlanDATA VLAN 1024
  • 64. Classifier & Policy
  • 65. Classification 1 A Classifier groups traffic into data flows based on specific criteria: DSCP Combination of source address, destination address, source port number, etc. Criteria 1 Criteria 2 Criteria 3 Classifier
  • 66. Classifier parameter Packet   Format All/802.3 tagged/802.3 untagged/Ethernet II tagged/Ethernet II untagged VLAN range from 1~4094 Priority 0~7 Ethernet Layer 2 Type IP ETHII(0800)/PPPoE(8883) …etc. Source Any/Port/MAC Destination Any/MAC DSCP DiffServ Service Code Point 0~63 IP Protocol FTP/WEB/Telnet …etc. Layer 3 Source IP [socket] TCP/UDP/ALL Establish only for TCP Destination IP [socket] TCP/UDP/ALL
  • 67. Policy Rule 1 A policy rule ensures traffic flow gets requested treatment in the network. Select one or more classifiers to which this policy rule apply. Set command parameters Select the actions to apply to classified traffic flow. Classifier Policy Rule Usage Criteria 1 Rule 1 Traffic from CPE Criteria 2 Rule 2 Criteria 3 Rule 3
  • 68. Policy Rule Parameters Parameter Descriptions VLAN ID Specify a VLAN ID number. (0~ 4094) Egress Port Select an outgoing port from 1 to 28. Priority Specify a priority level from 0 to 7. DSCP Specify a DSCP number between 0 and 63. TOS Specify a Type of Service priority level from 0 to 7.Metering & Bandwidth Configure the desired bandwidth available to a data flow. Traffic that exceeds the maximum bandwidth allocated is called out-of-profile traffic. Specify traffic in Mbps. (1~1023) Out-of-Profile DSCP pecify a new DSCP number (0 to 63) if you want to replay or remark the DSCP number for out of profile traffic
  • 69. Traffic Classifier & Policy Example VoD 0x0800/0x0806 Policy PPPoE 0x8863/0x8864 10M bps Classifier VLAN 101UserDATA 10M bps
  • 70. Classifier & Policy Setup Example - Setup agenda1.Collect all useful traffic types.2.Determine how many types of traffic should be classified.  For example : Ethertype 、 S/D MAC 、 S/D IP (socket) …etc..3.Determine the action of each type of traffic.  For example : Change the VID 、 Change the egress Port …etc..4.Determine how to treat the traffic that not in classification
  • 71. Classifier setup example
  • 72. Classifier setup example (cont.)Index : indicatedActive : active or inactiveName : the ID of rule and must be uniqueRule : the classification summary of the classifier
  • 73. Policy setup example
  • 74. Policy setup example (cont.)
  • 75. Policy setup resultclassifier 0800 ethernet-type ipclassifier 0806 ethernet-type arpclassifier 8863 ethernet-type 0x8863classifier 8864 ethernet-type 0x8864policy 0800 classifier 0800 vlan 101 egress-port 1 priority 0 dscp 0 tos 0 bandidth 0 outgoing-packet-format tagged out-of-profile-dscp 0 outgoing-set-vlanpolicy 0806 classifier 0806 vlan 101 egress-port 1 priority 0 dscp 0 tos 0 bandidth 0 outgoing-packet-format tagged out-of-profile-dscp 0policy 8863 classifier 8863 vlan 1024 egress-port 1 priority 0 dscp 0 tos 0 banwidth 0 outgoing-packet-format tagged out-of-profile-dscp 0 outgoing-set-vlanpolicy 8864 classifier 8864 vlan 1024 egress-port 1 priority 0 dscp 0 tos 0 banwidth 0 outgoing-packet-format tagged out-of-profile-dscp 0 outgoing-set-vlan
  • 76. Multicast
  • 77. What is Multicast Source Destination Unicast One OneBroadcast One AllMulticast One Group
  • 78. Unicast Server Receiver Receiver Receiver Not a Receiver
  • 79. Broadcast ServerApplication:•multiple file transfer•Audio/video conference Receiver Receiver Receiver Not a Receiver
  • 80. Multicast Server Receiver Receiver Receiver Not a Receiver
  • 81. Multicast IP Address ••ClassD IP Class D IP ••SingleIP to identify a Group Single IP to identify a Group 0 3 28 bits 31 1 1 1 0•Range of Class D: 224.0.0.0 ~ 239.255.255.255•With starting pattern 1110•224.0.0.X are reserved
  • 82. Permanent GroupWell-known assigned IP addressesWell-known assigned IP addresses --224.0.0.1 ::All systems on this subnet (Query) 224.0.0.1 All systems on this subnet (Query) --224.0.0.2 ::All routers on this subnet (Leave) 224.0.0.2 All routers on this subnet (Leave) --224.0.0.4 ::DVMRP 224.0.0.4 DVMRP --224.0.0.9 ::RIP-2 routers 224.0.0.9 RIP-2 routers --224.0.0.13: PIM router 224.0.0.13: PIM router --224.0.1.1 ::NTP(Network Time Protocol) 224.0.1.1 NTP(Network Time Protocol)
  • 83. Mapping Multicast IP to Mac address••Theprefix 01:00:5e is a Multicast frame The prefix 01:00:5e is a Multicast frame••MACaddress reserved for Multicast ::lower 23bits MAC address reserved for Multicast lower 23bits••Therange of MAC address: 01:00:5e:00:00:00 ~ 01:00:5e:7f:ff:ff The range of MAC address: 01:00:5e:00:00:00 ~ 01:00:5e:7f:ff:ff Always 0 Always 0 23bits 1 25 48 XXXXXX XXXXXXX XXXXXXX 01 00 5e 0 X X X 48 bits MAC Address
  • 84. How to Mapping 1 23 bits copy to MAC 32 1110XXXX32bits Multicast IP Address 1 48 01 00 5e 0 XXXXXXX XXXXXXXX XXXXXXXX48bits MAC Address 224.10.10.10 01:00:5e:0A:0A:0A 225.10.10.10
  • 85. Illustration of Join Process IGMP Query 224.0.0.1The router onlyknows onemember persubnet IGMP member-- reduce traffic Report 239.1.1.1 receiver A receiver B receiver C 239.1.1.1 239.1.1.1 239.1.1.1 Hear C membership report 239.1.1.1 suppress report message
  • 86. IGMP Snooping
  • 87. What is IGMP Snooping••IGMP Snooping allows a switch to “listen to” IGMP Snooping allows a switch to “listen to”the IGMP conversation such as query, report, the IGMP conversation such as query, report,and leave messages between hosts and and leave messages between hosts androuters.. routers
  • 88. Function of IGMP Snooping•When a host joins a multicast group, it sends aIGMP Report message with specified GDA it wantsto join.• The IGMP snooping switch recognizes the IGMPReport Message and add a GDA MAC Address ofassociated port in the MAC Filtering Database.• While multicast traffic is transmitted to the switchnext time, it will directly forward the traffic to theports associated with this GDA MAC addressregarding the Filtering Database.
  • 89. W/O IGMP Snooping Video Multicast IGMP Router server Traffic IGMP Router Switch w/o IGMP Switch w/o IGMP Snooping Snooping Receiver Receiver Receiver Not a Receiver
  • 90. W/ IGMP SnoopingVideo Multicastserver Traffic IGMP Router IGMP Router Switch w/ IGMP Switch w/ IGMP Snooping Snooping Receiver Receiver Receiver Not a Receiver
  • 91. Multicast - Setup
  • 92. Enhancements on GUI
  • 93. Multicast Setup - CLIVES-1616/24F-44(config)#  igmp-snooping :   enable igmp-snooping  igmp-snooping unknow-multicast-frame <drop |flooding> :   drop or flooding the multicast frames which does not exist the group on the switch.  igmp-filtering :   enable igmp-filtering  igmp-filtering profile <profile-id> :   create a igmp-filtering profile
  • 94. Multicast Setup - CLI (Cont.)VES-1616/24F-44(config-interface)#  igmp-filtering profile <profile id> :    set the filter function with specific profile  igmp-group-limited :   enable limited function  igmp-group-limited number <number> :    limit groups the port can join  igmp-immediate-leave :   enable the immediate leave function  igmp-querier-mode <auto |fixed |edge> :   set the port role of igmp
  • 95. Reserved Multicast Group(224.0.0.0 – 224.0.0.255)
  • 96. INTRODUCTIONReserved Multicast Group224.0.0.0 – 224.0.0.255Problems • Unknown multicast frame with reserved multicast group • Dropped by IGMP Unknown MulticastSolutionUI review • Web, CLI
  • 97. Reserved Multicast Group Range: D 224.0.0.0/24 RFC 3171: Multicast addresses in this range are used for protocols control traffic that is not forwarded off link. • OSPF: 224.0.0.5 • NTP: 224.0.1.1 • RIP-v2m: 224.0.0.9 ...
  • 98. Issue in the past OSPF multicastWhen set to drop the Unknown multicast information Port 1 Port 23 drop When you need to use some protocol with reserved multicast like OSPF, those packets will be dropped since they belong to the Unknown multicast. Thus, OSPF will break here!
  • 99. Now the solution flowchart
  • 100. UI review – Web and CLI Web CLI • igmp-snooping reserved-multicast-group <drop|flooding>
  • 101. IGMP Snooping Vlan
  • 102. IGMP Snooping Vlan Target1.Allow a user’s VLAN to use multicast service2.To prevent the MVlan from the user’s traffic3.Under fixed mode, Mvlan is createdautomatically and can not be modified.
  • 103. IGMP Snooping Setting
  • 104. MVR - Multicast VLAN         Registration
  • 105. MVR Target1.Allow a VLAN to share with multicast trafficwhile each subscriber still in its VLAN2.Separate multicast traffic VLAN and generalpurpose VLAN for bandwidth and security issue3.Designed for applications with wide-scaleddeployment multicast traffic across an Ethernetring-based service provider network
  • 106. Multicast Operation Multicast Server 239.0.0.1 source     Operation without MVRThe trunk will have n copy(s) data   of the Multicast Server VLNA 1 VLNA 2 VLNA n Join 239.0.0.1 Join 239.0.0.1 Join 239.0.0.1
  • 107. Multicast Operation Multicast Server 239.0.0.1 source     Operation with MVRThe trunk will only have one data   of the Multicast Server untilthe data arrive the edge switch VLNA 1 VLNA 2 VLNA n Join 239.0.0.1 Join 239.0.0.1 Join 239.0.0.1
  • 108. MVR OperationMulticast VLAN sp Router sp sp Multicast Server sp sp SW1 rp rp rp IGMP CPE Join Set-top Set-top box box PC
  • 109. MVR MVLAN Setup - GUI At most 3 MVLAN(s) !!
  • 110. MVR Group Setup - GUI
  • 111. Enhancements – MVR PriorityAdvanced Application-> Multicast ->Multicast setting-> MVR
  • 112. MVR Setup - CLIVES-1616/24F-44(config)#  mvr <1-4094> :   create a MVLAN  group <group-id> start-address <ip> end-address <ip> :    set the range of the multicast group address in the vlan  mode <dynamic | compatible> :    set the MVR operation mode  receiver-port <port-list> :    set the RP of the MVLAN  source-port <port-list> :    set the SP of the MVLAN  tagged <port-list> :    the frames out of the port will be sent with 802.1Q tag
  • 113. MVR Setup - CLI (Cont.)VES-1616/24F-44#show mvr :  show the summary information of mvrshow mvr <mvlan-id> :  show the detail information of the mvlan
  • 114. Troubleshooting
  • 115. Firmware Upgrade by Console 1. Obtain the FW file, unzip it and save it in a folder on your computer. 2. Connect your computer to the console port and use terminal emulation software configured to the parameters we mentioned before. 3. Turn off the VDSL and then on to restart it and begin a session 4. When you see the message “Press any key to enter Debug Mode within 3 seconds”, press any key to enter debug mode. 5. Type atba5 after the Enter Debug Mode message (this changes the console port speed to 115200 bps) 6. Change the configuration of your terminal emulation software to use 115200 bps and reconnect to the VDSL 7. Type atur after the Enter Debug mode message
  • 116. Restore configuration via console 9600/N/8/1 command : atba5 atur atlc atgo
  • 117. Maintenance by WEB Click Management, Maintenance in the navigation panel
  • 118. Firmware Upgrade by FTP1. Use an FTP client to connect to the VDSL C:>ftp <VDSL IP address>2. Enter the User name User: admin3. Enter the management password (1234 by default) Password: 1234 230 Logged in4. Transfer the firmware file to the VDSL. The firmware file on your computer that you want to put onto the VDSL is named XXX.bin. The internal firmware file on the VDSL is named ras. ftp>put firmware.bin ras5. Quit FTP ftp>bye6. Wait for the update to finish. The VDSL restarts automatically.
  • 119. Configuration Backup by FTP1. Use an FTP client to connect to the VDSL C:>ftp <VDSL IP address>2. Enter the User name User: admin3. Enter the management password (1234 by default) Password: 1234 230 Logged in4. Transfer the configuration file from the VDSL. The configuration file on your computer that you want to put onto the VDSL is named XXX. The internal configuration file on the VDSL is named config ftp>get config XXX5. Quit FTP ftp>bye
  • 120. Configuration Restore by FTP1. Use an FTP client to connect to the VDSL C:>ftp <VDSL IP address>2. Enter the User name User: admin3. Enter the management password (1234 by default) Password: 1234 230 Logged in4. Transfer the configuration file to the VDSL. The configuration file on your computer that you want to put onto the VDSL is named XXX. The internal configuration file on the VDSL is named rom-0. ftp>put XXX config5. Quit FTP ftp>bye6. Wait for the update to finish. The VDSL restarts automatically.
  • 121. Case Study
  • 122. Case 1 - Loss of Firmware VES-1616/24F-44    sys LED flash continuously    dump of console
  • 123. Case 2 - Loss of Rom file VES-1616/24F-44    sys LED flash continuously    dump of console
  • 124. Case 3 - MAC issue 1.Some users of the device can access the Internet Some fails. Users will be fine after system reboot.   Symptom :    1.Device may loss of connection when the MAC table is full    2.can not find the MAC of user’s on GS-3012/F   Troubleshooting :    1.Check the MAC table on the VES-1616/24F-44    2.Check the MAC table on theGS-3012
  • 125. Case 3 - MAC issue 2.Can not find the MAC address from user   Symptom :    1. Can not find the user’s MAC on MAC table   Troubleshooting :    1. Check the MAC table on the VES-1616/24F-44    2. Check the packets counter on the user’s port
  • 126. Case 3 - MAC issue•Port VLAN ID MAC Address Type•3 188 00:0e:a6:bc:df:12 Dynamic •17 4001 00:30:88:f1:04:d1 Dynamic•13 203 00:12:38:f9:4d:11 Dynamic •17 174 00:90:1a:41:ce:7e Dynamic•17 4092 00:13:49:a3:ed:f3 Dynamic •17 187 00:90:1a:41:ce:7e Dynamic•17 4092 00:13:49:a3:ee:3d Dynamic •17 188 00:90:1a:41:ce:7e Dynamic•17 4092 00:13:49:bb:3c:af Dynamic •17 193 00:90:1a:41:ce:7e Dynamic•17 4001 00:13:49:f8:05:23 Dynamic •17 194 00:90:1a:41:ce:7e Dynamic•4 193 00:16:e6:d7:65:11 Dynamic •17 199 00:90:1a:41:ce:7e Dynamic•5 194 00:17:31:68:9b:d6 Dynamic •17 201 00:90:1a:41:ce:7e Dynamic•12 201 00:17:31:82:6d:d0 Dynamic •10 199 00:90:cc:82:db:97 Dynamic•1 174 00:17:31:e3:4b:30 Dynamic•2 187 00:17:9a:f8:d7:92 Dynamic•17 4092 00:19:cb:0b:29:0f Dynamic•17 4092 00:30:88:01:50:5c Dynamic
  • 127. Case 3 - MAC issue • Port Security Active : YES• Port Active Address Learning Limited Number of Learned MAC Address • 01 Y Y 9 • 02 Y Y 9 • 03 Y Y 9 • 04 Y Y 9 • 05 Y Y 9 • 06 Y Y 9 • 07 Y Y 9 • 08 Y Y 9 • 09 Y Y 9 • 10 Y Y 9 •Different between Ethernet Switch • 11 Y Y 9 • 12 Y Y 9 • and VDSL Switch • 13 Y Y 19 • 14 Y Y 9 • 15 Y Y 9 • 16 Y Y 9 • 17 N Y 0 • 18 N Y 0
  • 128. Case 3 - MAC issuesh interface 1 Port Info Port NO. :1 Link :100M/F Status :FORWARDING Up Time :402:55:42 DS/US Line Rate :10.880Mbps / 2.368Mbps Payload Rate :10.048Mbps / 2.048Mbps SNR Margin :39.5dB / 28.5dB Inter-delay :3.8ms / 3.7ms Tx Power :9.7dBm / -19.3dBm Attenuation :4.3dB / 4.9dB CRC Errors :0 / 0 RS Correct :0 / 1 RS Uncorrect :0 / 0 ES :0 / 0 SES :0 / 0 LACP :Disabled TxPkts :5131173 RxPkts :5096225 Errors :0 Tx KBs/s :1.386 Rx KBs/s :0.264 TX Packet        Tx Packets :5131173 Multicast :469
  • 129. Case 3 - MAC issueBroadcast             :80 Pause :0 Tagged :0RX Packet    Rx Packets :5096230 Multicast :798094 Broadcast :33213 Pause :794738 Control :0TX Collison Single :0 Multiple :0 Excessive :0 Late :0Error Packet RX CRC :0 Length :0 Runt :0Distribution 64 :818437 65 to 127 :3845185 128 to 255 :2563268 256 to 511 :310324 512 to 1023 :348232 1024 to 1518 :2341962 Giant :0
  • 130. Case 3 - MAC issueVDSL Performance Data        LOFs :0 / 0 LOSs :0 / 0 LOLs :0 / 0 LPRs :0 / 0 C15MinsTimeElapsed :701 / 701 Curr15MinLofs :0 / 0 Curr15MinLoss :0 / 0 Curr15MinLols :0 / 0 Curr15MinLprs :0 / 0 C1DayTimeElapsed :11501 / 11501 Curr1DayLofs :0 / 0 Curr1DayLoss :0 / 0 Curr1DayLols :0 / 0 Curr1DayLprs :0 / 0
  • 131. Case 4 - Multicast 1. Multicast channel can not use.   Symptom :    1.Can not change Channel    2.Can not watch any of Channel Troubleshooting :    1.Check MVR status    2.Check multicast status    3.Check IGMP setting
  • 132. Case 4 - Multicast 2. Unicast channel can not use.   Symptom :    1.Just can watch the Unicast channel   Troubleshooting :    1.Check multicast status    2.Check IGMP setting
  • 133. Case 4 - MulticastMulticast Vlan Registration StatusMVLAN: 4001 Active: Yes Mode: Dynamic 802.1p Priority: 4Name Source Port Receiver Port------------ ------------------------------- ------------------------------MVR 17-18 13
  • 134. Case 4 - MulticastMVLAN: 4001 Active: Yes Mode: Dynamic 802.1p Priority: 4Name: MVRSource Port: 17-18Receiver Port: 13Tagged Port: 17-18MVR Group Configuration:Name Start Address End Address-------------------------------- --------------- ---------------LIVE 224.1.4.0 224.1.4.255NVOD 230.1.2.0 230.1.2.255
  • 135. Case 4 - MulticastMulticast StatusIndex VID Port Multicast Group----- ---- ---- ---------------- 1 4001 1 224.1.4.102 2 4001 3 224.1.4.55 3 4001 3 224.1.4.102