zyxel prestige router technical training zyxel communications corporation march. 1999

ZyXEL Prestige Router Technical Training

ZyXEL Communications Corporation

March. 1999

Outline

• Prestige Product Line Overview.

• Prestige Technical Training.

Prestige Product Line Overview

• An overview of Prestige router product line– Prestige Product Family– Small Office and Home Office (SOHO)– Small and Medium Business (SMB)

Prestige Product Family

• Prestige 100 series: First generation• Prestige 200 series

– SOHO market– IP-based, single WAN port

• Prestige 400 series– Small business market– Multi-protocol, single/dual WAN port

• Prestige 1000 series– Small/Medium Business– Multi-protocol, T1/E1 WAN speed, VPN & Firewall

SOHO Router Product Line

P100 P200

P100MH

P100WH

P204

P240

P220

P100IH

Q1 Q2 Q3 Q4 Q1/Y2KCurrent

IP only, ISDN+10/100M Switch/hub

+Printer Server

IP only, ADSL lite+10/100M

IP only, ISDN+10/100M

IP only, 10M LAN as WAN

+10/100M

P206

IP only, ISDN+HomePNA

SMB Router Product Line

P128 P400

P128L

P2864I P128IMH

P128MH

Q1 Q2 Q3 Q4 Q1/Y2KCurrent

P480P482

IP/IPX, Dual BRI+10/100M

IP/IPX, Dual BRI+ Dual CSM+10/100M

IP/IPX, ISDN+10/100M

Total Internet Access

• ISDN Router– One/Dual BRI

• PSTN Router– One/Dual 56k modem

• WAN Router– Async/Sync WAN port

– One/Three WAN port

• xDSL Router – ADSL

– IDSL

Prestige Technical Training

• Software information

• User interface and system information

• Application case study

Software Information

• ZyXEL Networking Operating System (ZyNOS)– Operating System with Network Protocol

support– Remote Access Service code - RAS code– Configuration file - Romfile0– Boot module

Software Information

Kernal

System Service NDIS driver Boot Module

Connection Manager Network Protocols

Applications

User interface and system information

• User interface– System Management Terminal (SMT)– Prestige Web Configurator (PWC)

• Prestige Configuration Tool (PCT)

– PNC

System information

• Debug mode

• Command Interpreter mode

• System upgrade– RAS code (firmware)– Romfile0– Boot module

• Hardware and software feature matrix– DRAM vs SRAM vs Flash vs PWC vs RAS version

ISDN Model vs RAS Version

P2864I(1,0.5)

Yes A2No NoNoNo P128IMH

P128(1, 0.5)

Yes A0No NoNoNo P128+

P128L(1, 0.5)

Yes A0No NoNoNo *

P100(1,0.5,256)

YesB2-> C1(1,2,128)

No YesYesYes

(S/T only)P200

P128+(2,2,256)

YesB3 -> C1(2,2,128)

No YesYesYes

(S/T only)P400

P100IH(1,2)

Yes A0No YesYesYes

(S/T only)P100IH

New

P100IHNew(1,2)

No A0No YesYesNo P204

P128IMH(2,4)

No A0No YesYesNo *

F/W ( RAS version )H/W Migration

1.5x 2.402.20 2.212.1

P2864I(1,0.5)


P128(1, 0.5)


P128L(1, 0.5)

Yes A0No NoNoNo *

P100(1,0.5,256)

YesB2-> C1(1,2,128)

No YesYesYes

(S/T only)P200

P128+(2,2,256)

YesB3 -> C1(2,2,128)

No YesYesYes

(S/T only)P400

P100IH(1,2)

Yes A0No YesYesYes

(S/T only)P100IH

New

P100IHNew(1,2)

No A0No YesYesNo P204

P128IMH(2,4)

No A0No YesYesNo *


1.5x 2.402.20 2.212.1

ISDN Model vs PWC Version

P2864I(1,0.5)

No NoNo

P128(1, 0.5)

Yes No NoNo

P128L(1, 0.5)

No No NoNo

P100(1,0.5,256)

Yes Yes YesYes

P128+(2,2,256)

Yes Yes YesYes

P100IH(1,2)

Yes Yes YesYes

P100IHNew(1,2)

No Yes YesYes

P128IMH(2,4)

Yes No YesYes

S/W (PWC)

2.10 2.20 2.21PNC

Yes

WAN/Modem Model vs RAS Version

P2864I(1,0.5)


P128(1, 0.5)


P128L(1, 0.5)

Yes A0No NoNoNo *

P100(1,0.5,256)

YesB2-> C1(1,2,128)

No YesYesYes

(S/T only)P200

P128+(2,2,256)

YesB3 -> C1(2,2,128)

No YesYesYes

(S/T only)P400


1.5x 2.402.20 2.212.1

P100MH(1,2)

No A2->B0Yes YesYesNo *

P100WH(1,2)

No A1Yes YesYesNo *

P153(2,4)

No B0Yes YesYesNo *

P153X(2,4)

No A1Yes YesYesNo

P128MH(2,4)

No A2 -> B0Yes YesYesNo *


1.5x 2.402.20 2.212.1

*

WAN/Modem Model vs PWC Version

P100MH No YesYes

P100WH(1,2)

Yes No YesYes

P153(2,4)

No No YesNo

P153X(2,4)

No No YesNo

P128MH(2,4)

No No YesYes

S/W (PWC)

2.10 2.20 2.21PNC

Yes

Application Case Study

(1) Internet Access with SUA

InternetW AN(ISDN/PSTN) ISP

(1) Single User Account

WS

ISP

Prestige

Source IP=192.168.10.1Source port=1038Destination IP=200.101.1.1Destination port=23

Source IP=200.100.1.1Source port=5001Destination IP=200.101.1.1Destination port=23

LAN IP address WAN IP addressIP = 200.100.1.1

(2) LAN-to-LAN for TCP/IP

W AN(ISDN/PSTN)

Pre_1192.168.10.1

Internet

Pre_2192.168.20.1

SUA

LAN_1 LAN_2

202.132.154.10

202.132.154.1192.168.20.2

(2) LAN-to-LAN for TCP/IPPre_1> ip route statusDest FF Len Interface Gateway Metric stat Timer Use202.132.154.1 00 32 wan1ppp 202.132.154.1 1 0329 0 0192.168.20.1 01 32 wan0ppp 192.168.20.1 1 0329 0 0192.168.10.255 00 32 en0if 192.168.10 1 1 001d 0 0192.168.20.0 01 24 wanIdle 192.168.20.1 2 002b 0 0192.168.10.0 00 24 en0if 192.168.10.1 1 001b 0 0default 00 0 wan1ppp ISP 2 00ab 0 5

Dest : Destination routeFF: Remote node index referenced by RAS codeLEN : Subnet mask lengthInterface: en0if -> Ethernet interface; wan0ppp / wan1ppp -> WAN interface (non-ZyNOS)Gateway: gateway IP addressMetric : Hop countTimer : Timer for a route that is learned by RIP. For example, if Timer=30, it means that if Prestige does not receive corresponding RIP packet within 30 seconds. This route will be deleted.0 means infinity.Use : The number of packet that go through the corresponding route.Default : Default route. All the unknown packet will be sent to default route. In this case, to the remote node name ISP.


• How the route is decided ?• RIP-1, RIP-2B, RIP-2M

– RIP-1• accept & send RIP-1 message only.

– RIP-2B• accept RIP-1 & RIP-2 message (both broadcast &

multicast)• send RIP-2 message in broadcast format

– RIP-2M• accept RIP-1 & RIP-2 message (both broadcast &

multicast)• send RIP-2 message in multicast format


• Routing table with ZyNOSPre_1> ip route statDest FF Len Interface Gateway Metric stat Timer Use202.132.154.1 00 32 wanif1 202.132.154.1 1 03a9 0 3192.168.20.1 01 32 wanif0 192.168.20.1 1 03a9 0 6202.132.154.0 00 24 wanif1 202.132.154.1 2 0029 170 0192.168.20.0 01 24 wanif0 192.168.20.1 2 00ab 0 0192.168.10.0 00 24 enif0 192.168.10.1 1 041b 0 17default 00 0 wanif1 ISP 2 00ab 0 1

pre-ZyNOS ZyNOSwan0ppp wanif0wan1ppp wanif1

en0if enif0

(3) Multiple SUA

Pres_1192.168.10.1

Internet

Pre_2192.168.20.1

SUA

LAN_1 LAN_2

202.132.154.10

202.132.154.1192.168.20.2

192.168.20.10

SUA

(3) IPCP under SUA

Pre_1> ppp iface wan0ppp ipcp ( ZyNOS: ppp iface wanif0 ipcp )Iface wan0ppp IPCP Opened In: 6 Out: 4; IP In: 29 Out: 6 Local: will(000c) want(000c) work(000c) Want: address 0.0.0.0

Work: address 192.168.20.10 <--- Assigned by Pre_2 IP pool Remote: will(000c) want(0000) work(000c) Want: address 192.168.20.1 Work: +address 192.168.20.1 In: TCP comp 16 (01) 0:0, 0 Bad, 0 Tossed Out: TCP comp 16 (01) 0:0, 0 AsIs 0 Searches, 0 Misses, 6 NotTCP

If WAN IP address is not specified in Menu 11.3, thenLAN IP address is used. It is called IP unnumbered in terms of Cisco.Borrow LAN IP to be as WAN IP.

(4) Win9x/NT DUN dial to Prestige

W AN(ISDN/PSTN)

Pres_1IP:202.132.155.91

LAN

TA

Internet

P153IP:202.132.155.253

(4) Win9x IP routing table

< Before dial up to Prestige> Network Address Netmask Gateway Address Interface Metric 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 255.255.255.255 255.255.255.255 255.255.255.255 0.0.0.0 1

< After dial up to Prestige> Network Address Netmask Gateway Address Interface Metric

0.0.0.0 0.0.0.0 202.132.155.92 202.132.155.92 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 202.132.155.0 255.255.255.0 202.132.155.92 202.132.155.92 1 202.132.155.92 255.255.255.255 127.0.0.1 127.0.0.1 1 202.132.155.255 255.255.255.255 202.132.155.92 202.132.155.92 1 224.0.0.0 224.0.0.0 202.132.155.92 202.132.155.92 1 255.255.255.255 255.255.255.255 202.132.155.92 202.132.155.92 1

(5) Microsoft Call Back Control ProtocolPrestige-to-Prestige

W AN(ISDN/PSTN)

LAN

Prestige call back to Prestige with call back number pre-configured

LAN

Pre_2 P128

(5) Microsoft Call Back Control ProtocolPrestige-to-Prestige

Pre_2> sys trcl disp 70 546be 15e PDI1 dialer Dialing chan<1> phone(last 9-digits):3000072 54830 0 PDI1 ebp=44c94c,seqNum=20 PPP1-XMIT:3 len:23 0000: ff 03 c0 21 01 03 00 13 01 04 05 f4 02 06 00 00 0010: 00 00 08 02 0d 03 0675 5484e 0 PNET ebp=44c9dc,seqNum=23 PPP1-RECV:3 len:23 0000: ff 03 c0 21 02 03 00 13 01 04 05 f4 02 06 00 00 0010: 00 00 08 02 0d 03 06 76 54858 0 PNET ebp=44ca0c,seqNum=24 PPP1-RECV:3 len:24 0000: ff 03 c0 21 01 46 00 14 01 04 05 f4 02 06 00 00 0010: 00 00 03 04 c0 23 08 02 77 54858 0 PNET ebp=44ca3c,seqNum=25 PPP1-XMIT:3 len:24 0000: ff 03 c0 21 02 46 00 14 01 04 05 f4 02 06 00 00 0010: 00 00 03 04 c0 23 08 02 78 54858 186 PNET ppp LCP up 79 54862 189 PNET ppp PAP sending acnt/pw 93 55438 157 PDI2 dialer Incoming call,chan<2> 94 554ec 169 PDI2 dialer Call CONNECT speed<64000> chan<2> prot<1>102 558a2 186 PNET ppp LCP up 103 558ac 0 PNET ebp=44c46c,seqNum=36 PPP2-RECV:4 len:14 0000: c0 23 01 05 00 0c 03 32 33 34 03 32 33 34 104 558ac 18a PNET ppp PAP verify usr/pw OK! 105 558b6 0 PNET ebp=44c49c,seqNum=37 PPP2-XMIT:4 len:7 0000: c0 23 02 05 00 05 00 106 558b6 225 PNET ppp IPCP negotiation started

(5) Microsoft Call Back Control ProtocolWin9x/NT-to-Prestige

W AN(ISDN/PSTN)

LAN

Win9x dial up to Prestige, then Prestige callback to Win9x.

TAWin9x/NT

(6) Caller ID Call Back

W AN(ISDN/PSTN)

LAN LAN

P128_1IP:192.168.20.1

P128-2IP:192.168.10.1

(6) Caller ID Callback

• You can check CLID information from– Prestige system log

• Go to menu 24.8 and enable packet trace on screen– sys event (pre-ZyNOS)

– sys trcl call (ZyNOS)

– Prestige ring buffer • isdn drv ring [1/2] (pre-ZyNOS)• isdn atring disp [bri0|bri1] (ZyNOS)

– ISDN EPA• isdn ana on, isdn ana disp (pre-ZyNOS)• isdn fw ana on, isdn fw ana dump (ZyNOS)

Connection Manager

• The function of Call Control– Control the number of outgoing call retry– Control the incoming authentication

• The function of Call Management – Budget control– Timer of date schedule

(7) Filter rule

OutgoingPacket

DataFilters

Droppacket

User-definedCall Filters

(if applicable)

Initiate callif line not up

Active Data

Send packetand resetIdle Timer

Or Or

Drop packetif line not up

Drop packetif line not up

Send packetbut do not reset

Idle Timer

Send packetbut do not reset

Idle Timer

Match MatchMatch

Nomatch

Nomatch

Nomatch

Call Filters

Built-inCall Filters

Note: With RAS version prior 1.51. ZyNOS filter rule is different.

(7) Input & Output & Call Filter

LANWAN

LAN filter sets (Menu 3)WAN filter sets (Menu 11)

WAN input(Input from WNA)

LAN input(Input from LAN)

WAN call/ output(Output to WAN)

LAN output(Output to LAN)

(7) Filter Example -- (1)


NTIP:192.168.10.2

Win 9xIP:192.168.10.101

IP:192.168.10.1

Case 1:Block Win9x/NT’s NetBios over IP packet from triggering call.

(7) Filter Example -- (2)

Case 2:Only stations with IP address in first 64 address, that is 192.168.10.0 to 63 are allowed to access WAN.


WS1IP:192.168.10.2

WS2IP:192.168.10.65

IP:192.168.10.1

(7) Filter rule flow with SUA ( pre-ZyNOS)

LANWANSUA

LAN filter setsWAN filter sets

192.168.1.33/1023

(1)(2)

203.205.115.6/4034

(3)

(4)

203.205.115.6/4034

WAN input

(5)

192.168.1.33/1023

LAN inputWANoutput

(7) Filter rule flow with SUA - ZyNOS

LANWANSUA

LAN device & protocol INPUT filter sets

WAN protocolOUPUT filter sets

192.168.1.33/1023

(2)(4)

203.205.115.6/4034

203.205.115.6/4034

WAN input

(7)

192.168.1.33/1023

LAN inputWANoutput

WAN deviceOUTPUT filter sets

(3)

(6) (8)

LAN device & protocolOUTPUT filter set

(1)

(5)

WAN deviceINPUT filter sets

WAN protocol INPUT filter sets

(7) Filter Example -- (3) Generic filter rule

W AN(ISDN/PSTN)

LAN LAN

P128-PIP:192.168.20.1

P100IHIP:192.168.10.1

WS1IP:192.168.20.10MAC:0080C82DF13F

ServerIP:192.168.10.10

Case 3: Filter all traffic with Source Ethernet MAC address = 0080c82DF13F

(7) Filter Example -- (4) Generic filter rule

W AN(ISDN/PSTN)

LAN LAN

P128-PIP:192.168.20.1

P100IHIP:192.168.10.1

WS1IP:192.168.20.10MAC:0080C82DF13F

IP:192.168.10.10MAC:00E00820000A

Case 4: Filter all traffic with Destination Ethernet MAC address = 00E00820000A

(8) Syslog & call history & filter

W AN(ISDN/PSTN)

LAN LAN

P128-PIP:192.168.20.1

P100IHIP:192.168.10.1

WS1IP:192.168.20.10

IP:192.168.10.10Syslog daemon

Menu 24.3.2 Syslog: Active= Yes Syslog IP Address= 192.168.10.10 Log Facility= Local 3

Menu 24.9.4 - Call History Phone Number Dir Rate #call Max Min Total 1. 200020000 IN 64K 12 0:53:04 0:00:24 1:37:31 2. 300030000 IN 64K 4 0:02:14 0:01:40 0:07:55

(8) Syslog & call history & filter

Example: Feb 14 16:57:17 192.168.10.1 ZyXEL Communications Corp.: board 0 line 0 channel 0, call 18, C01 Incoming Call 64000K 200020000

*Feb 14 16:58:56 192.168.10.1 ZyXEL Communications Corp.: IP[Src=192.168.20.10 Dst=192.168.10.10 TCP spo=040f dpo=0015] } S04>R01mD Feb 14 17:07:18 192.168.10.1 ZyXEL Communications Corp.: board 0 line 0 channel 0, call 18, C02 Call Terminated

* where S04>R01mD means filter set 4 (S) and rule 1 (R), match (m) drop (D).

(9) Bridging

Data Link

Physical

Data Link

Physical

Segment A Segment B

Bridge

WS1

WS2

WS3

(9) Bridging case

W AN(ISDN/PSTN)

P128_2 P128-1

Mac:

00:e0:08:20:00:0a Mac:00:80:c8:2b:c9:56

P128_1> bri brt dispBRT Source Cache: (Bridge remote table)00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:0000:00:00:00:00:00 00:00:00:00:00:00 00:80:c8:2b:c9:56 00:00:00:00:00:00BLT Destination Cache: (Bridge local table)00:00:00:00:00:00 00:00:00:00:00:00 00:e0:08:20:00:0a 00:00:00:00:00:0000:00:00:00:00:00 00:00:00:00:00:00 00:80:c8:2b:c9:56 00:00:00:00:00:00Dst Cache pointer: 0 0 0 0 0 0 44a96c 0Addr Node Flags Uses----------------- ---- ----- ----------00:80:c8:2b:c9:56 1 0 0 10

Win9xWin9x

(10) NetBios Over TCP/IP

W AN(ISDN/PSTN)

P128_1 P128-2

Netbios name=zy-fae-notebookIP:192.168.10.10

Netbios name=Felix-engIP:202.132.155.82

Win9x_2Win9x_1

202.132.155.253 192.168.10.1

(11) DHCP

DHCP clientDHCP Serv er

(1) DHCP-Discover

(2) DHCP-Offer

(3) DHCP-Request

(4) DHCP-Ack

Ethernet adapter :

Description . . . . . . . . : AboCom LM28X Ethernet Fax/Modem CardPhysical Address. . . . . . : 00-E0-08-20-00-0ADHCP Enabled. . . . . . . . : YesIP Address. . . . . . . . . : 192.168.0.2Subnet Mask . . . . . . . . : 255.255.255.0Default Gateway . . . . . . : 192.168.0.1DHCP Server . . . . . . . . : 192.168.0.1Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 10 13 98 2:45:37 PMLease Expires . . . . . . . : 10 16 98 2:45:37 PM

(12) Cisco Mutual Authentication

Cisco

Case: Cisco initiate call to Prestige

Challenge value Name=Cisco host nameChallenge

Challenge valueName=Outgoing user name(Prestige system name)

Challenge

Hash value Name=Cisco host nameResponse

Hash value Name=Outgoing user name Response

Success/Fail

Success/Fail

(12) Cisco Mutual Authentication

Menu 11.1 - Remote Node Profile

Rem Node Name= hinet Edit PPP Options= No Active= Yes Rem IP Addr= 140.113.1.1 Call Direction= Outgoing Edit IP= No Edit Script Options= No Incoming:

Rem Login= [cisco_hostname] Telco Option:

Rem Password= 1234 Allocated Budget(min)= 0 Rem CLID= N/A Period(hr)= 0 Call Back= N/A

Outgoing: Session Options:

My Login= [prestige_system name] Input Filter Sets=

My Password= 1234 Output Filter Sets= Authen= CHAP/PAP Call Filter Sets= Pri Phone #= 0,5009097 Idle Timeout(sec)= 300 Sec Phone #=

Menu 11.1 - Remote Node Profile

Rem Node Name= hinet Edit PPP Options= No Active= Yes Rem IP Addr= 140.113.1.1 Call Direction= Outgoing Edit IP= No Edit Script Options= No Incoming:

Rem Login= [cisco_hostname] Telco Option:

Rem Password= 1234 Allocated Budget(min)= 0 Rem CLID= N/A Period(hr)= 0 Call Back= N/A

Outgoing: Session Options:

My Login= [prestige_system name] Input Filter Sets=

My Password= 1234 Output Filter Sets= Authen= CHAP/PAP Call Filter Sets= Pri Phone #= 0,5009097 Idle Timeout(sec)= 300 Sec Phone #=

CHAP case:

(13) RADIUS

LAN

RA DIUS Serv er

(1) User dial in.

(2) Access-request to RADIUS server

(3) Access-Accept or Access-Reject

(4) Authen. result

Menu 23.2 - System Security - External Server Authentication Server: Active= Yes Type: RADIUS Server Address= RADIUS Server’s IP address Port #= 1645 Key= Shared secret

RADIUSClient

(13) RADIUS - PAP.RADIUS ClientUser RADIUS server

Password UsernamePAP req. Access-req.

Password Username Authenticator

Access-Accept/RejectPAP-Ack/RejectResponse-authenticator attribute

Password in Access-Request = Hash(authenticator value+shared secret) XOR (original password)

Response Authenticator=Hash(Request Authenticator+shared secret+attribute+…….) Thus the response is able to match those pending Access-request.

(14) Prestige PPTP VPN Support

In ternetTunnel

Office LAN SOHO

Win9XPPTP client

NT PPTP Server

Prestige(SUA/NAT)

Connection to local ISPConnection to local ISP

(14) Prestige PPTP VPN Support

In ternetTunnel

Office LAN

Win9XPPTP client

NT PPTP ServerIP:192.168.0.3

Prestige(SUA/NAT)

Menu 15 - Multiple Server Configuration

Port # IP Address ------ --------------- 1.Default 192.168.0.3 2. 1723 192.168.0.3 3. 0 0.0.0.0 4. 0 0.0.0.0 5. 0 0.0.0.0 6. 0 0.0.0.0 7. 0 0.0.0.0 8. 0 0.0.0.0

HTTP:80 FTP:21 TELNET:23 MAIL:25 PPTP:1723

(14) PPTP Tunnel

In ternetTunnel

PPTP clientPPTP Server

ISP

PPP connection

PPTP control connection

PPTP data connection

Connection #1

Connection #2

(14) PPTP Tunnel Protocol Stack

In ternetTunnel

PPTP client PPTP Server

ISP

Private network

PPP

GREPPP

IP IPX NetBEUIData

IPGREPPP

IP IPX NetBEUIData

IP

IP IPX NetBEUIData

InternalAddressing

Legal IPAddressing

(14) PPTP Tunnel Protocol Stack

In ternetTunnel

PPTP client PPTP Server

ISP

Private network

V.34, etc.

PPTP

IP

**

*V.34, etc. *

Modem

PPP

IP, IPX,NBF

IP, IPX,NBF

IPWAN /LAN

NT RASServer

RASClient

ISP

PPP

IP

PPTP

PPP

PPP

IP IP

(15) L2TP -- Direct Mode

In ternetTunnel

Office LANSOHO

Prestige(SUA/NAT)

NovellServer

NTNovell Client

LNS

Incoming call request

Incoming call reply

Incoming call connected

PPP NegotiationConnection Controlfor the tunnel

(15) L2TPIn ternetTunnel

LAC LNS

PAP Req

User dial up

PAP Req(user/passwd)LCPLCP

StartControlConnectionRequest

Partial Auth passed. Tunnel init.

StartControlConnectionReplyStartControlConnectionConnected

Control Connection ConnectedIncomingCallRequest

IncomingCallReplyIncomingCallConnected

CHAP Challenge

PAP ACK/NAK or CHAP Result

(1/2 PAP or 2/3 CHAP)

Tunnel Ready. NCP

In ternetTunnel

LAC LNS

Menu10:Endpoint Name= zyxel.com.twActive= YesMy Host Name= zyxel-USPeer Host Name= zyxel-HQshared Secret= ********IP Address= 202.155.1.1

Menu10:Endpoint Name= US-BranchActive= YesMy Host Name= zyxel-HQPeer Host Name= zyxel-USshared Secret= ********IP Address= 1.1.1.1(irrelevant)

Menu14:User Name= [email protected] Active= Yes Passwd= ********

NZ-2> ipx route statNetwork FF Interface Gateway Hops Ticks 1a7be8 4 lns0ppp 00:00:00:00:00:00 1 5 034a95c1a 1 en0if 00:80:c8:19:35:a8 1 2

Win9x-DUNTele#: ISP LAC #User: [email protected]:********

NovellServer

IP:202.155.1.1

(15) L2TP Protocol Stack (1)

In ternetTunnel

PPP

L2TP

IP/IPXIP/IPX

IP/IPXMAC Ethernet IP/IPXPPP

IP/IPXPPPL2TPIP UDP1701

Tunnel end-point IP

PPP end-pointPPP end-point

Ethernet PPP

(15) L2TP Protocol Stack (2)

NovellServer

In ternetTunnel

LAC LNS

PPP

L2TP

IP/IPXIP/IPX

IP/IPX PPP Ethernet IP/IPX PPP

IP/IPX PPPL2TPIP UDP1701

Tunnel end-point IP

PPP end-pointPPP end-point

PPPEthernet

(16) SNMP

Data Link Layer

IP

UDP (161/162)

SNMP Manager

Management Application

Get

Get-N

ext

Set

Get-R

esponse

Event

Data Link Layer

IP

UDP (161/162)

SNMP Agent

Managed Object

Get

Get-N

ext

Set

Get-R

esponse

Event

SNMP Message

Network

(16) SNMP

• Prestige MIB

(17) OSI Model and Netware

Physical

Data-Link

Network IPX

(Ethernet, ARCNET, Token-Ring ...)

SPXTransport

NCP SAP RIP

(17) IPX Header -- 30 bytes

Checksum (2) FF FF

Length (2)

Transport Control (1)

Packet Type (1)

Destination Network Address (4)

Destination Node Address (6)

Destination Socket (2)

Source Network Address (4)

Source Node Address (6)

Source Socket (2)

(17) IPX RIPNWSERVER

FAE_SERVER

P128_NW

P128_FAE

Internal Net # : 12345678External net # : 3

Internal Net # : 34a95c1aExternal net # : 1

P128_NW> ipx route statNetwork FF Interface Gateway Hops Ticks Stat Timer Use12345678 1 en0if 00:80:c8:3a:7c:9e 1 2 0023 130 0 3 1 en0if 00:00:00:00:00:00 1 1 0037 0 0

P128_FAE> ipx route statNetwork FF Interface Gateway Hops Ticks Stat Timer Use 1 1 en0if 00:00:00:00:00:00 1 1 0037 0 034a95c1a 1 en0if 00:80:c8:19:35:a8 1 2 0023 180 0

(17) RIP ExampleNWSERVER

FAE_SERVER

P128_NW

P128_FAE



P128_NW> ipx route statusNetwork FF Interface Gateway Hops Ticks Stat Timer Use12345678 1 en0if 00:80:c8:3a:7c:9e 1 2 0023 130 0 3 1 en0if 00:00:00:00:00:00 1 1 0037 0 0

P128_FAE> ipx route statusNetwork FF Interface Gateway Hops Ticks Stat Timer Use 1 1 en0if 00:00:00:00:00:00 1 1 0037 0 034a95c1a 1 en0if 00:80:c8:19:35:a8 1 2 0023 180 0

1 1 wan0ppp 00:a0:c5:08:09:02 2 3 0843 0 034a95c1a 1 wan0ppp 00:a0:c5:08:09:02 2 4 0843 0 16

12345678 3 wan0ppp 00:a0:c5:08:09:03 2 4 0843 0 7 3 3 wan0ppp 00:a0:c5:08:09:03 2 3 0843 0 29

(17) SAP ExampleNWSERVER

FAE_SERVER

P128_NW

P128_FAE

P128_NW> ipx sap statusType Network Node Sock Hop Interface FF Timer Stat Server 4 12345678 000000000001 451 1 en0if 1 150 00c3 NWSERVER

P128_FAE> ipx sap statusType Network Node Sock Hop Interface FF Timer Stat Server 4 34a95c1a 000000000001 451 1 en0if 1 180 00c3 FAE_SERVER



(17) SAP Example NWSERVER

FAE_SERVER

P128_NW

P128_FAE

P128_NW> ipx sap statusType Network Node Sock Hop Interface FF Timer Stat Server 4 12345678 000000000001 451 1 en0if 1 150 00c3 NWSERVER

P128_FAE> ipx sap statusType Network Node Sock Hop Interface FF Timer Stat Server 4 34a95c1a 000000000001 451 1 en0if 1 180 00c3 FAE_SERVER



4 34a95c1a 000000000001 451 2 wan0ppp 1 0 01c3 FAE_SERVER

4 12345678 000000000001 451 2 wan0ppp 3 0 01c3 NWSERVER

(18) IDSL

• Speed - 128kbps

• Line coding– 2B1Q (same as ISDN U interface)

• Distance: Up to 5.5km.

• Applications: – High speed data communication, no voice

service.

zyxel prestige router technical training zyxel communications corporation march. 1999

Documents

destination ip

default route

lan ip addresswan ip

destination port

corresponding route

gateway ip addressmetric

source port

single wan portprestige