Allied-Telesis AT-iMG624A Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Allied-Telesis

AT-iMG624A

Page 306 / 998 Scroll up to view Page 301 - 305

Unconfigured interfaces

iMG/RG Software Reference Manual (IPNetwork Functions)

4-4

If the packet cannot be forwarded, an ICMP

Destination Unreachable

error will be returned to the sender.

By default, the checksum of forwarded IP packets is not checked. This is for reasons of efficiency, because calcu-

lating the checksum on all packets adds significantly to the forwarding time and reduces throughput. This default

setting is common in most IP routers. Locally terminated packets always have their checksum checked.

4.1.4

Unconfigured interfaces

An interface with an IP address of 0.0.0.0 is unconfigured. An interface is added as unconfigured when it is to be

configured at a later time, for example, by IPCP or DHCP.

No traffic will be forwarded from an unconfigured interface. However, an unconfigured interface may still

receive certain types of traffic, such as responses to DHCP requests.

An unconfigured interface should not be confused with an unnumbered interface.

4.1.5

Unnumbered interfaces

In a routed network, consider two routers that are joining two different subnets via a point-to-point link. It

would usually be necessary to allocate a whole subnet just for the link between the routers, in addition to the

other two subnets.

An unnumbered interface does not have a subnet associated with it and simply serves as one end of a point-to-

point link. An unnumbered link does not have an IP address, but a router ID

THAT

is the IP address of one of

the router’s other interfaces.

You can have multiple unnumbered interfaces as long as you have at least one normal (numbered) IP interface in

your router so that you can use its IP address as the router ID. The unnumbered interfaces can either use dif-

ferent router ID values, or use the same router ID value. Wha

TEVER

THEIR

VALUE

THE

ROUTER

ID(s) must match

the address of a normal interface.

Note:

Unnumbered interfaces can only be used on point-to-point links. This includes PPP. You cannot use

unnumbered interfaces with Ethernet

4.1.5.1 Unconfigured interfaces vs unnumbered interfaces

An unnumbered interface is not the same as an unconfigured interface.

An unconfigured interface is created by adding an interface without specifying an IP address (ip add interface

myinterface), or by specifying an IP address of 0.0.0.0 (ip add interface myinterface 0.0.0.0).

You would add an unconfigured interface if the interface address were to be set automatically later, for exam-

ple, by IPCP or DHCP. It cannot be used for normal traffic.

An unnumbered interface is different - it is used for normal traffic but does not have its own IP address or a

local subnet associated with it.

Page 307 / 998

Unnumbered interfaces

4-5

iMG/RG Software Reference Manual (IPNetwork Functions)

4.1.5.2 Configuring unnumbered interfaces

Unnumbered interfaces are created using the following CLI command:

IP ADD INTERFACE <name> <ipaddress> 255.255.255.255

For example:

ip add interface myinterface 192.168.101.3 255.255.255.255

In this command:

•

myinterface

is the unnumbered interface name.

•

192.168.101.3 is the

router id

. The router ID must be set to the IP address of one of the router’s normal

interfaces. The main use of the router ID is as the source address for packets sent on an unnumbered inter-

face from local applications or routing protocols. Router IDs are described in

RFC1812 Requirements for

IP v4 Routers

•

255.255.255.255 is a special subnet mask that identifies an unnumbered interface and distinguishes it from

any other type of interface.

You must also add a route before your unnumbered interface can send packets.

4.1.5.3 Creating a route

Because an unnumbered interface does not have a local subnet associated with it, no packets can be routed to

an unnumbered interface until a route is added. Let us just consider how this is done.

Usually, for Ethernet interface, routes are added with a gateway to be used for a particular destination.

For example:

ip add route myroute 10.0.0.0 255.0.0.0 gateway 192.168.101.10

This means that all packets for the 10.0.0.0 subnet will be sent to the address 192.168.101.10 as their next hop.

The gateway must be reachable directly, so 192.168.101.10 must be on a subnet served by one of the local inter-

faces.

But, for point-to-point links, you can add a route through the interface, without specifying a gateway address,

for example:

ip add route myroute 10.0.0.0 255.0.0.0 interface myinterface

All packets for the specified destination will be sent via the unnumbered interface called

myinterface

. This type

of route can be used for all interfaces with point-to-point links, not just for unnumbered interfaces.

On devices of the type

FIBER B/D/E, MODULAR

and

ADSL B/C

routes can be disabled and

enabled.Unless explicitely set: routes are created

and enabled.

Page 308 / 998

Virtual interfaces

iMG/RG Software Reference Manual (IPNetwork Functions)

4-6

4.1.6

Virtual interfaces

Usually, each transport only has one router interface associated with it, and each router interface has only one

IP address and local subnet associated with.

Virtual interfaces allow you to attach more than one IP interface to the same transport. Secondary IP addresses

allow you to associate more than one IP address with the same IP interface. Together, these features allow

many configurations that would not otherwise be possible.

Virtual interfaces allow you to create multiple router interfaces on the same transport, for example, on the

same Ethernet port. This allows the IP stack to communicate with and route between multiple subnets existing

on the same LAN.

4.1.6.1 Configuring virtual interfaces

To configure a virtual interface you need to create an IP interface, but instead of attaching it to a transport, you

need to attach it to a second IP interface that already has a transport attached to it.

In this way, the two interfaces share the transport that is only attached to one of the interfaces.

The original interface attached directly to a transport is called the real interface, and the interface that is

attached to the real interface is called the virtual interface.

To configure a virtual interface using the CLI:

•

Create the real interface, then create an Ethernet transport and attach the IP interface to the transport:

ip add interface real_ip 192.168.101.2 255.255.255.0

On FIBER A/C and ADSL A devices:

ethernet add transport eth1 myvlan

ip attach real_ip eth1

On the remaining models it’s enough to:

ip attach real_ip myvlan

•

Create the virtual interface:

ip add interface virtual_ip 192.168.50.10 255.255.255.0

•

Attach the virtual interface to the real interface:

ip attachvirtual virtual_ip real_ip

You can add more than one virtual interface to the same real interface.

Attaching them to a real interface instead of to a transport directly creates virtual interfaces. If the real inter-

face is deleted, then all associated virtual interfaces are detached automatically.

Page 309 / 998

Secondary IP addresses

4-7

iMG/RG Software Reference Manual (IPNetwork Functions)

4.1.6.2 Similarities between virtual interfaces and real interfaces

A virtual interface is similar to a real interface:

•

Virtual interfaces may be manipulated in the same way as real interfaces using the CLI.

•

The IP stack will route between virtual interfaces and real interfaces in the same way that it routes between

real interfaces.

Note:

Like real interfaces, virtual interfaces must have a unique subnet that does not overlap with other

interfaces. In order to have the router respond to more than one IP address on the same subnet,

secondary addresses must be used instead of virtual interfaces.

4.1.6.3 Differences between virtual interfaces and real interfaces

When the IP stack receives a packet from a transport that has associated virtual interfaces, the IP stack must

decide which interface the packet arrived on.

The source address of the incoming packet is compared with the subnet of each virtual interface on that trans-

port. If there is no match, the IP stack assumes that the packet arrived on the real interface.

The interface that the packet arrived on is important in two scenarios:

•

When the Firewall is in use - different rules (such as policies, portfilters and validators) are configured

between different interfaces, so you need to know which interfaces the packet passes between.

•

Some applications are written to only respond to traffic received on a specific interface. For example, DHCP

server.

Because the traffic for all virtual interfaces is received in the same way as the real interface, the only reasonable

way of selecting an interface is based on source address as described above. This means that:

•

A virtual interface only receives packets with a source address matching its interface subnet, providing pack-

ets arrive via the real interface that the virtual interface is attached to.

•

Packets that arrive with a source address that does not match a local subnet are deemed to have been

received on the real interface, even if the next hop would be reached through the virtual interface when

sending to that destination.

•

Any packets from an unconfigured host, for example DHCP or BOOTP requests, are deemed to be received

on the real interface.

Note:

Remember that the sender can spoof the source address of the packet; therefore security-related

decisions should not be based on the ability to distinguish between virtual interfaces on the same

transport.

4.1.7

Secondary IP addresses

Secondary IP addresses differ from virtual interfaces because there is no concept of a separate local subnet

associated with a secondary address.

Page 310 / 998

TCP/IP command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-8

The secondary addresses share the same subnet with the interface.

Secondary addresses therefore allow the IP stack to have more than one address on the same subnet. After

setting the main interface address, one or more additional addresses on the same subnet can be added to the

interface.

4.1.7.1 Configuring secondary IP addresses

You can create and configure secondary IP addresses using the CLI.

The following CLI commands allow you to create and configure secondary IP addresses:

ip interface add secondaryipaddress

ip interface clear secondaryipaddresses

ip interface delete secondaryipaddress

ip interface list secondaryipaddresses

Note:

FThe ability to specify a subnet mask with a secondary address is

superseded by the functionality of

virtual interfaces. You should use virtual interfaces instead.

Support for adding secondary IP addresses including subnet mask specification will be withdrawn in a future

software release.

4.1.7.2 Functionality of secondary IP addresses

On Ethernet interfaces, secondary IP addresses must be on the same subnet as the interface. Secondary

addresses may be added to virtual interfaces, as well as real interfaces.

On Point-to-Point links, secondary addresses may be added on a different subnet to the main interface address.

This will provide an additional address that the IP stack will respond to for traffic arriving on that interface, but

with no associated local subnet.

This is similar to configuring a virtual interface as an unnumbered interface. This is not a common configuration.

4.1.8

TCP/IP command reference

This section describes the commands available on AT-iMG models to manage the TCP/IP module.

4.1.8.1 IP Tracing commands

You can carry out tracing in the IP stack using the following system commands:

•

SYSTEM LOG ENABLE|DISABLE; enables/disables the tracing support output for a specific module and cat-

egory.

•

SYSTEM LOG LIST; displays the tracing options for the modules available in the current image

Rate

Popular Allied-Telesis Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share