Route is the indication of next hop devices on the way an IP packet is sent to the destination address. Static route is a special route. It is configured by the administrator.

The major elements of a static route include:

l Destination address: Indicates destination address or destination network of an IP address

l Network mask: Identifies the segment address for a destination host or VG by being ANDed with destination address.

l Next hop IP address: Indicates the IP address of the next device that an IP packet passes through.

l Routing priority

The default route is a kind of static route with destination network and mask both being 0.

Static route configuration task include:

l Configuring Static Route

1.2 Configuring Static Route

& Note:

The system memory determines the routing entries. For the VG series voice gateways, it is recommended that you configure less than 50 static routing entries.

Perform the following configuration in system view.

Table 1-1 Configure static route

Operation	Command
Add a static route	ip route-static ip-address { mask \| masklen } { dialer interfacce-name \| nexthop-address } [ preference value ] [ reject \| blackhole ]
Delete a static route	undo ip route-static { all \| ip-address { mask \| masklen } [ dialer interfacce-name \| nexthop-address ] [ preference value ] }
Configure a default preference level for a static route	ip route-static default-preference level
Restore the preference level of a static route to the default value	undo ip route-static default-preference

By default, no static route is configured.

The parameters are described as follows:

l IP address and mask

IP address and mask are expressed in dotted decimal format. As it is required that the 1s in the 32-bit mask must be consecutive, the mask can also be represented by the mask length (i.e., digits of “1”s in the mask).

In configuring or deleting a static route, the user can get the current destination segment by running AND operation to IP address and mask.

l Transmit interface or next hop address

In configuring static routes, the user can specify transmit interface with dialer interface-number or the next hop address nexthop-address accordingly.

1.3 Displaying and Debugging Routing Tables

Perform the following configuration in any view.

Table 1-2 Display and debug routing tables

Operation	Command
View the summary information of a routing table	display ip routing-table
View the information of the specified route	display ip routing-table ip-address
View the detailed information of a routing table	display ip routing-table verbose
View the radix of a routing table	display ip routing-table radix
View a static routing table	display ip routing-table static
Enable debugging of an IP routing table	debugging ip routing
Enable the lower layer debugging of the routing protocol	debugging ip rtpro

1.4 Static Route Configuration Example

1) Network requirements

Any two hosts or VGs can communicate with each other after corresponding static routes are configured.

2) Network diagram

Figure 1-1 Network diagram for static route configuration

3) Configuration procedure

& Note:

This example assumes route A and router B are reachable, but their configurations are not detailed here.

# Configure a static route from the VG A to VG B

[VGA] ip route-static 1.1.4.0 24 1.1.1.1

[VGA] ip route-static 10.1.4.0 24 1.1.1.1

# Configure a static route from the VG B to VG A

[VGB] ip route-static 1.1.1.0 24 1.1.4.1

[VGB] ip route-static 10.1.1.0 24 1.1.4.1

Chapter 2 PPPoE Client Configuration

2.1 PPPoE Overview

2.1.1 Introduction to PPPoE

Point-to-Point Protocol over Ethernet (PPPoE) can be used for connecting Ethernet hosts to a remote access concentrator through a simple bridging device. With PPPoE, the remote access device can implement the control and billing on the accessed subscribers. Compared with traditional access approaches, PPPoE is more cost-effective. Therefore, it is widely used in many applications, such as residential quarter networks. As a popular broadband access approach at present, Asymmetric Digital Subscriber Line (ADSL) adopts this protocol.

PPPoE is in client/server mode, encapsulates PPP packets in Ethernet frames, and provides PPP connection over Ethernet.

For details about PPPoE, refer to RFC2516.

2.1.2 Introduction to PPPoE Client

PPPoE is widely used in ADSL broadband access. Normally, if a host wants to access the Internet via ADSL, it must have been installed with a PPPoE client dial-up software. The H3C VG can work as a PPPoE client (that is, implements the client dial-up function of PPPoE).

Figure 2-1 Network diagram for PPPoE

As shown in Figure 2-1, the PCs on an Ethernet are connected to a H3C VG running PPPoE client. The data destined for the Internet first reach the VG where PPPoE encapsulates the data, and then go through the ADSL access server via the ADSL Modem attached to the router, and finally access the Internet. The VG implements voice services mainly through the PPPoE link.

2.2 Configuring PPPoE Client

Basic PPPoE configuration tasks include:

l Configuring dialer interface

l Configuring PPPoE session

Advanced PPPoE configuration tasks include:

l Resetting or deleting PPPoE session

l Configuring PPP Parameters

l Configuring PPP authentication mode, username and password

l Configuring PPP negotiation time limit

l Configuring the interface IP address to be allocated by the peer

l Configuring the times of retransmission of the ppp echo request packet from the local end

2.2.1 Configuring dialer interface

Before configuring a PPPoE session, you must create a dialer interface and a dialer bundle on the interface. Each PPPoE session should uniquely associate with a dialer bundle, which is uniquely associated to a dialer interface. In other words, only a PPPoE session can be created on a dialer interface.

Perform the interface dialer command in system view and other commands in Dialer interface view.

Table 2-1 Configure a dialer interface

Operation	Command
Create a dialer interface	interface dialer number
Delete a dialer interface	undo interface dialer number
Set the link protocol of the dialer interface to PPP	link-protocol ppp
Assign an IP address to the interface	ip address ip-address { mask \| mask-length }
Delete the IP address of the interface	undo ip address
Configure a dialer bundle on the interface	dialer bundle bundle-number
Disable Resource-Shared DCC configuration and disassociate the dialer bundle from the dialer interface	undo dialer bundle

& Note:

At present, the VG models that can support dialer interface configuration are VG 10-40 and VG 10-41.

The link protocol of a dialer interface on a VG supports only PPP, which does not allow modification.

2.2.2 Configuring PPPoE session

Perform the following configuration in the Ethernet interface view.

Table 2-2 Configure PPPoE session

Operation	Command
Configure a PPPoE session (always-online)	pppoe-client dial-bundle-number number [ no-hostuniq ]
Delete the PPPoE session	undo pppoe-client dial-bundle-number number

The H3C VG only supports one type of PPPoE connection: always-online connection.

& Note:

In always-online connection, the VG will originate a PPPoE call automatically and immediately set up a PPPoE session. This session will be always in place unless the user uses the undo pppoe-client command to delete it.

2.2.3 Resetting or deleting PPPoE session

Perform the reset pppoe-client command in any view and the undo pppoe-client command in the Ethernet interface view.

Table 2-3 Reset or delete PPPoE session

Operation	Command
Reset a PPPoE session which will be re-established later	reset pppoe-client { all \| dial-bundle-number number }
Delete a PPPoE session which will not be re-established	undo pppoe-client dial-bundle-number number

The commands reset pppoe-client and undo pppoe-client differ in the sense that the former only resets a PPPoE session temporarily whereas the latter deletes a PPPoE session permanently.

If an always-online PPPoE session has been reset by executing the reset pppoe-client command, the VG will automatically re-establish the PPPoE session later.

Executing the undo pppoe-client command will permanently delete the session. Hence, you need to make reconfiguration for establishing a new PPPoE session.

2.2.4 Configuring PPP Parameters

PPP configuration tasks include:

l Configuring authentication mode, username and password for PPP

l Configuring PPP negotiation time limit

l Configuring the interface IP address to be assigned by the peer

l Configuring the times of retransmission of the ppp echo request packet from the local end

I. Configuring PPP authentication mode, username and password

Two authentication modes are available in PPP: Password Authentication Protocol (PAP) authentication and Challenge-Handshake Authentication Protocol (CHAP) authentication. The latter is with higher security.

Perform the following configuration in the Dialer interface view.

1) Configuring the peer to perform the PAP to authenticate the local

Table 2-4 Configure the peer to perform the PAP to authenticate the local

Operation	Command
Configure the PAP user name and password sent by the local when the local is authenticated by the peer	ppp pap local-user username password { simple \| cipher } password
Cancel the configuration	undo ppp pap local-user

By default, when the local is authenticated by the peer with the PAP, the user name and password sent by the local VG are null.

2) Configuring the peer to perform the CHAP to authenticate the local

Table 2-5 Configure the peer to perform the CHAP to authenticate the local

Operation	Command
Configure the local name	ppp chap user username
Cancel the configured local name	undo ppp chap user
Configure the password for the CHAP authentication of the local	ppp chap password { simple \| cipher } password
Delete the password for the CHAP authentication of the local	undo ppp chap password

3) The notification for the PAP authentication

While configuring PAP authentication, note the following:

l The VG works only as an authenticated end, and the peer originates the PAP authentication. The peer should add a username and password for the requester in the local database, and the requester should send its username and password to the authenticator (using the ppp pap local-user command).

4) The notification for the CHAP authentication

While configuring CHAP authentication, note the following:

l The VG works only as an authenticated end, and the peer originates the CHAP authentication. The authenticator should add a username and password for the requester in the local database, and the requester should send its username and password to the authenticator (using the ppp chap user and ppp chap password commands).

II. Configuring PPP negotiation time limit

During PPP negotiation, if the response packet of the peer is not received within this time limit, PPP will retransmit the packet.

Perform the following configuration in the Dialer interface view.

Table 2-6 Configure PPP negotiation time limit

Operation	Command
Configure the PPP negotiation time limit	ppp timer negotiate seconds
Reset the PPP negotiation time limit to the default value	undo ppp timer negotiate

By default, the negotiation time limit is three seconds.

III. Configuring the interface IP address to be allocated by the peer

When an interface is encapsulated with PPP, but not configured with IP address while the peer has been configured with IP address, the user can configure negotiable attributes of IP address on the interface of the local router. In this case, the local interface can accept the IP address originated from PPP negotiation and allocated by the peer router. Such configuration is mainly used to obtain IP address allocated by ISP when accessing the Internet via ISP.

Perform the following configuration in the Dialer interface view.

Table 2-7 Configure the interface IP address to be allocated by the peer

Operation	Command
Configure the interface IP address to be allocated by the peer	ip address ppp-negotiate
Configure the interface IP address not to be allocated by the peer	undo ip address

By default, the interface IP address is not allocated by the peer.

IV. Configuring the times of retransmission of the ppp echo request packet from the local end

Perform the following configuration in the Dialer interface view.

Table 2-8 Configuring the times of retransmission of the ppp echo request packet from the local end

Operation	Command
Configure the times of retransmission of the ppp echo request packet from the local end	ppp keepalive times number
Restore the times of retransmission of the ppp echo request packet from the local end to the default value	undo ppp keepalive times

By default, the times of retransmission of the ppp echo request packet from the local end is five.

2.3 Displaying and Debugging PPPoE Client

Execute the following commands in any view.

Table 2-9 Display and debug PPPoE Client

Operation	Command
Display status and statistics of PPPoE session	display pppoe-client session { summary \| packet } [ dial-bundle-number number ]
Enable PPPoE client debug function	debugging pppoe-client option [ interface type number ]
Enable PPP debugging function	debugging ppp { all \| event \| hexadecimal \| negotiation \| packet }

2.4 PPPoE Configuration Example

I. Accessing an LAN into the Internet through ADSL

1) Network requirements

The PPPoE client function is enabled on the VG, which adopts the always-online approach to access the Internet using ADSL. It uses “vg" as the user name of the ADSL account, and the password is 12345.

2) Network diagram

Figure 2-2 Access an LAN into the Internet using ADSL

3) Configuration procedure

# Configure a dialer interface

[VG]interface dialer 0

[VG-Dialer0]dialer bundle 1

[VG-Dialer0]ip address ppp-negotiate

[VG-Dialer0]ppp pap local-user vg password cipher 12345

# Configure a PPPoE session

[VG]interface ethernet 0

[VG-Ethernet0]pppoe-client dial-bundle-number 1

Chapter 3 IP Application Configuration

3.1 Configuring Address Resolution Protocol

3.1.1 Adding/Deleting a Static ARP Mapping Entry

Manual configuration of static ARP (address resolution protocol) mapping entries is necessary in such cases as a packet with a destination address beyond this network segment is bound to a particular network card to enable the packets that will be sent to this IP address can be forwarded through this gateway, or a user needs to filter some invalid IP addresses (for example, to bind these invalid addresses to a MAC address that does not exist.)

Perform the following configuration in the system view.

Table 3-1 Adding/Deleting a static ARP mapping entry

Operation	Command
Adding a static ARP mapping entry	arp static ip-address mac-address
Deleting a static ARP mapping entry	undo arp static ip-address

3.1.2 Displaying and Debugging Address Resolution Protocol

Address Resolution Protocol (ARP) is mainly used to resolve an IP address into a MAC address. Usually, the dynamic ARP is used to resolve the mapping relationship from IP addresses to MAC addresses. The dynamic ARP is implemented automatically without the help of users. At present, the VG supports up to 1000 dynamic ARP mapping entries.

Execute the following commands in any view.

Table 3-2 Display and debug ARP

Operation	Command
Display the ARP mapping table	display arp
Clear the dynamic address mapping table	reset arp-cache
Enable the ARP debugging	debugging arp

3.2 Configuring Domain Name Resolution

3.2.1 Introduction to Domain Name Resolution

The TCP/IP extranet not only provides an IP address to locate a device, but also designs a specific host naming mechanism with character strings. This system uses a layered naming mode, designating a meaningful name for a device on the Internet. There is a domain name resolution server on the network to associate the domain name to the corresponding IP address. As a result, the user can use the easy-to-remember, meaningful domain name instead of the complex IP address.

Domain name resolution includes dynamic resolution and static resolution, which can supplement each other. In the resolution of a domain name, first use static resolution. If it fails, then use dynamic resolution. Some common domain names can be put into static domain name resolution table, which greatly increases the efficiency of domain name resolution.

l Dynamic resolution has a specific domain name resolution server, which accepts the client’s domain name resolution requests. The server firstly resolves the domain name inside its own database, and submits it to superior domain name resolution server if the domain name is not within local domain, till the resolution is completed. The result can either be an IP address, or a non-existing domain name, which will be fed back to the client.

l Static resolution sets relationships between domain names and IP addresses manually. When a client requires an IP address corresponding to a domain name, it searches the static domain name resolution table for this designated domain name to get the corresponding IP address.

& Note:

At present, the VG can support only static domain name resolution.

3.2.2 Configuring Static Domain Name Resolution

I. Introduction to static domain name resolution

Static domain name resolution is conducted through static domain name resolution table, similar to the host file under Windows 95/98 operating system. The VG can obtain the IP addresses of common domain names by checking this table. Meanwhile, it is easier for the user to remember host names than the highly abstract IP addresses to access the corresponding device.

II. Adding/deleting static domain name resolution table item

Perform the following configuration in system view.

Table 3-3 Add/delete static domain name resolution table item

Operation	Command
Add static domain name resolution table item	ip host domain-name ip-address
Delete static domain name resolution table item	undo ip host domain-name

By default, the system has no static domain name resolution mapping.

Pay attention that when adding a domain name mapping, if the same hostname has been input twice, the current configuration will overwrite the previous one. A static domain name resolution table can maintain a maximum of 50 mapping relationships between domain names and IP addresses.

3.2.3 Displaying Static Domain Name Resolution Table

Execute the following command in any view.

Table 3-4 Display static domain name resolution table

Operation	Command
Display static domain name resolution table	display ip host

Chapter 4 IP Performance Configuration

4.1 Configuring IP Performance

4.1.1 Configuring MTU on an Interface

Perform the following configuration in interface view.

Table 4-1 Configure maximum transmission unit on an interface

Operation	Command
Configure maximum transmission unit on an interface	mtu size
Restore default value of maximum transmission unit on an interface	undo mtu

When the Ethernet interface is encapsulated as Ethernet II, the interface MTU ranges from 512 to 1500 bytes, and the default value is 1500 bytes. When the Ethernet interface is encapsulated as SNAP, the interface MTU ranges from 512 to 1492 bytes, and the default value is 1492 bytes.

When PPPoE is not bound to the Dialer interface, MTU ranges from 512 to 1500 bytes, and the default value is 1500 bytes. When PPPoE is bound to the Dialer interface, MTU ranges from 512 to 1492 bytes, and the default value is 1450 bytes. Configuring TCP Packet Fragments

This command is used to configure the length of the maximum TCP packet fragment, and this length determines whether it is necessary to fragment the TCP packet on this interface.

Perform the following operations in the interface view.

Table 4-2 Configure TCP packet fragmentation

Operation	Command
Configure TCP packet fragmentation	tcp mss value
Cancel TCP packet fragmentation	undo tcp mss

By default, the TCP packet is not fragmented.

4.1.2 Configuring VG Forwarding Redirect Packets

Perform the following configuration in system view.

Table 4-3 Configure VG forwarding redirect packets

Operation	Command
Configure VG forwarding redirect packets	icmp redirect send
Disable VG forwarding redirect packets	undo icmp redirect send

By default, VG forwarding redirect packets is enabled.

& Note:

When the ICMP redirect and IP fast forwarding functions are enabled simultaneously, the VG has not yet set up a fast forwarding entry for the data flow before forwarding the first packet, so it may send ICMP redirect packets (through one interface, which serves as both the incoming and outgoing interface). After forwarding the first packet, the VG will set up a fast forwarding entry and then forward the subsequent packets rapidly, so it will send no more ICMP redirect packet.

4.1.3 Configuring VG Receiving/Forwarding Source Address Route Packets

Perform the following configuration in system view.

Table 4-4 Configure VG receiving/forwarding source address route packets

Operation	Command
Configure VG receiving/forwarding source address route packets	ip option source-route
Disable VG receiving/forwarding source address route packets	undo ip option source-route

By default, VG receiving/forwarding source address route packets is disabled.

4.2 Configuring TCP Performance

4.2.1 Configuring TCP Attributes

The following TCP attributes can be configured:

l Synwait timer: When a syn message is sent, TCP starts the synwait timer. If no response message is received till the synwait timer times out, TCP connection will be terminated.

l Finwait timer: When the TCP connection status changes from FIN_WAIT_1 to FIN_WAIT_2, the finwait timer is started. If no FIN message is received till the finwait timer times out, then TCP connection is terminated.

l Size of the receiving and sending window for the connection-oriented Socket.

Perform the following configuration in system view.

Table 4-5 Configure TCP attributes

Operation	Command
Configure synwait timer for TCP connection	tcp timer syn-timeout seconds
Configure FIN_WAIT_2 timer for TCP	tcp timer fin-timeout seconds
Configure the size of the receiving and sending window for TCP Socket.	tcp window size

The Synwait timer's timeout ranges from 2 to 600 seconds, with a default value of 75 seconds. The Finwait timer's timeout ranges from 76 to 3600 seconds, with a default value of 675 seconds. The value of window-size ranges from 1 to 32 Kbytes, with a default value of 4 Kbytes.

4.3 Configuring Fast Forwarding

4.3.1 Introduction to Fast Forwarding

Message forwarding efficiency is a key feature for evaluating router performance. According to regular schedule, when a message arrives, the VG will copy it from the interface memory to the main CPU. The CPU specifies the network ID from the IP address, consults with the routing table to get the best path to forward the message, and creates MAC frame suitable for the output of the message. The created MAC frame is copied to the output queue via Direct Memory Access (DMA), and during this process the main system bus is used twice. This process can be repeated for message forwarding.

In the fast forwarding, cache is used to process messages and data stream-based technology is adopted. All Internet data are transferred in form of data stream. A data stream is a special application between two hosts. For example, an FTP operation transfers a file. A data stream is often defined by a quintuple: source IP address, source port ID, destination IP address, destination port ID and protocol ID. After the first message is forwarded by searching routing table, corresponding exchange information is generated in the cache, and forwarding of the following same messages can be realized by directly searching the cache. This practice greatly simplifies the queuing of IP messages, cuts down the route finding time and improves forwarding throughput of IP messages. Since the forwarding table in the cache has been optimized, much quicker searching speed can be obtained.

The performance of fast forwarding sometimes will be affected by some characteristics such as message queue management and message header compression. Fast forwarding can handle fragmented IP packets, but it does not support resegmentation of IP packets.

4.3.2 Configuring Fast Forwarding

Fast-forwarding configuration tasks include:

l Enabling/disabling fast forwarding on an interface

l Configuring fast forwarding table size

I. Enabling/disabling fast forwarding on an interface

You can disable fast forwarding as needed. For example, if load sharing is required when forwarding packets, fast forwarding should be disabled in the corresponding direction of the interface.

Perform the following configuration in interface view.

Table 4-6 Enable/disable fast forwarding on an interface

Operation	Command
Enable fast forwarding in both directions	ip fast-forwarding
Enable fast forwarding in the inbound direction	ip fast-forwarding inbound
Enable fast forwarding in the outbound direction	ip fast-forwarding outbound
Disable fast forwarding on the interface	undo ip fast-forwarding

By default, fast-forwarding is enabled in both directions.

Caution:

l If load sharing is to be applied to the packet forwarding, fast forwarding should be disabled in the corresponding direction on the interface.

l When the ICMP redirect and IP fast forwarding functions are enabled simultaneously, the VG has not yet set up a fast forwarding entry for the data flow before forwarding the first packet, so it may send ICMP redirect packets (through one interface, which serves as both the incoming and outgoing interface). After forwarding the first packet, the VG will set up a fast forwarding entry and then forward the subsequent packets rapidly, so it will send no more ICMP redirect packet.

l After fast-forwarding is configured on an interface, if there is data stream in the fast forwarding table, the debug ip packet command will not display the debugging information of the IP packets on the interface.

II. Configuring fast forwarding table size

Perform the following configuration in system view.

Table 4-7 Configure fast forwarding table size

Operation	Command
Configure fast forwarding table size	ip fast-forwarding cache-size { 4k \| 16k }
Reset fast forwarding table size to the default value	undo ip fast-forwarding cache-size

By default, the size of the fast-forwarding table for the VG is 4k, that is, up to 4k entries are allowed in the table.

& Note:

Fast-forwarding table size depends on the memory capacity. The larger the memory is, the larger the fast-forwarding table can be configured.

4.3.3 Displaying and Debugging Fast Forwarding

Table 4-8 Display and debug fast forwarding

Operation	Command
Display IP fast forwarding cache	display ip fast-forwarding cache
Display fast-forwarded flow-control information	display ip fast-forwarding flow-control
Clear contents in the fast forwarding cache	reset ip fast-forwarding cache

TOP

H3C reserves the right to modify its collaterals without any prior notice. For the latest information of the collaterals, please consult H3C sales or call 400 hotline.