Page 121 / 216 Scroll up to view Page 116 - 120
121
CONFIG Commands
This section describes the keywords and arguments for the various CONFIG commands.
Connection commands
conn
s are used to create connections, for example, a WAN or LAN
conn.
There may be more than one of each
depending on your model.
name
s correspond to the system object IDs (OIDs) but you can name them yourself.
set conn name
name
link-oid
value
Sets the connection named
name
to point to an associated link specified by the
link-oid
value.
set conn name
name
type [ static | dhcpc | ppp ]
Specifies whether the
type
of the connection named
name
is static, dhcpc, or ppp.
set conn name
name
side [ lan | wan ]
Specifies whether this conn is LAN- or WAN-side. A
conn
can be either
lan
or
wan
.
set conn name
name
lan-type [ private | public | public-delegated ]
Specifies whether this conn’s LAN is private, public, or public-delegated. The default is
private
, the usual type of
local network.
set conn name
name
dhcp-server-enable [ on | off ]
Turns the DHCP server for this connection
on
or
off
. The DHCP server can be enabled per connection. The
default is
on
.
set conn name
name
mcast-forwarding [ off | on ]
Turns IP IGMP multicast forwarding for this connection
off
or
on
. The default is
off
.
set conn name
name
rip-send [ off | v1 | v2 | v1-compat | v2-md5 ]
Specifies whether the device should use Routing Information Protocol (RIP) broadcasts to advertise its routing
tables to other Gateways. RIP Version 2 (RIP-2) is an extension of the original Routing Information Protocol (RIP-
1) that expands the amount of useful information in the RIP packets. While RIP-1 and RIP-2 share the same basic
algorithms, RIP-2 supports several additional features, including inclusion of subnet masks in RIP packets and
implementation of multicasting instead of broadcasting (which reduces the load on hosts which do not support
routing protocols. RIP-2 with MD5 authentication is an extension of RIP-2 that increases security by requiring an
authentication key when routes are advertised. Depending on your network needs, you can configure your device
to support RIP-1, RIP-2, or RIP-2MD5.
If you specify v2-MD5, you must also specify a rip-send-key. Keys are ASCII strings with a maximum of 31 charac-
ters, and must match the other Gateway(s) keys for proper operation of MD5 support. The default is
off
.
set conn name
name
rip-receive [ off | v1 | v2 | v1-compat | v2-md5 ]
Specifies whether the device should use Routing Information Protocol (RIP) broadcasts to update its routing
tables with information received from other Gateways on the other side of the connection. If you specify
v2-md5
,
you must also specify a rip-receive-key. Keys are ASCII strings with a maximum of 31 characters, and must match
the other Gateway(s) keys for proper operation of MD5 support. The default is
off
.
Page 122 / 216
Administrator’s Handbook
122
set conn name
name
icmp-echo-drop [ off | on ]
If set to
on
, drops echo-requests received on the particular interface. The default is
off
.
set conn name
name
icmp-err-suppress [ off | on ]
An additional option to suppress ICMP error messages on WAN IP interfaces. The default is
off
.
set conn name
name
static ipaddr
ipaddr
Specifies a
static
IP address when the connection
type
has been set to
static
. The default is 192.168.1.254.
Note:
You must also set the gateway address OR turn it off, otherwise the settings cannot be saved. See
IP Gateway commands
” on page
130
.
Example:
NOS/128600225634272/conf
Config Mode v1.3
NOS/128600225634272 (top)>> conn
NOS/128600225634272 (conn)>> set
conn
(conn) node list ...
"LAN"
"WAN"
Select (name) node to modify from list,
or enter new (name) to create.
conn name (?):
name "LAN"
link-oid ("LAN") [ LAN | WAN | PPPoE |
]:
type (static) [ static | dhcpc | ppp ]:
side (lan) [ lan | wan ]:
lan-type (private) [ private | public | public-delegated ]:
mcast-forwarding (off) [ off | on ]:
rip-send (off) [ off | v1 | v2 | v1-compat | v2-md5 ]:
rip-receive (off) [ off | v1 | v2 | v1-compat | v2-md5 ]:
fs-egress ("") [ Security | QosUpstream | WanEgress |
]:
fs-ingress ("") [ Security | QosUpstream | WanEgress |
]:
static
ipaddr ("192.168.1.254"):
netmask ("255.255.255.0"):
dhcp-server-enable (on) [ off | on ]:
dhcp-server
start-addr ("192.168.1.64"):
end-addr ("192.168.1.253"):
lease-time (01:00:00:00):
subnet-order (1) [ 1 - 8 ]:
gen-option
(gen-option) node list ...
Select (name) node to modify from list,
or enter new (name) to create.
Page 123 / 216
123
gen-option name (?):
option-group
(option-group) node list ...
Select (name) node to modify from list,
or enter new (name) to create.
option-group name (?):
filterset
(filterset) node list ...
Select (name) node to modify from list,
or enter new (name) to create.
filterset name (?):
name "WAN"
link-oid ("WAN") [ LAN | WAN | PPPoE |
]:
type (dhcpc) [ static | dhcpc | ppp ]: static
side (wan) [ lan | wan ]:
mcast-forwarding (off) [ off | on ]:
nat-enable (on) [ off | on ]:
rip-receive (off) [ off | v1 | v2 | v1-compat | v2-md5 ]:
icmp-echo-drop (on) [ off | on ]:
icmp-err-suppress (off) [ off | on ]:
fs-egress ("WanEgress") [ Security | QosUpstream | WanEgress |
]:
fs-ingress ("") [ Security | QosUpstream | WanEgress |
]:
static
ipaddr (""): 10.3.53.100
netmask ("255.255.255.0"):
NOS/128600225634272 (conn)>> set ip gateway address 10.3.53.1
NOS/128600225634272 (conn)>> save
If you do not want the gateway use this command to turn it off:
set ip gateway enable off
set conn name
name
static netmask
netmask
Specifies a
static
netmask when the connection
type
has been set to
static
. The default is 255.255.255.0.
set conn name
name
dhcp-server start-addr
ipaddr
If
dhcp-server-enable
is set to
on
, specifies the first address in the DHCP address range. The Motorola Gateway
can reserve a sequence of up to 253 IP addresses within a subnet, beginning with the specified address for
dynamic assignment. The default is 192.168.1.64
set conn name
name
dhcp-server end-addr
ipaddr
If
dhcp-server-enable
is set to
on
, specifies the last address in the DHCP address range. The default is
192.168.1.253
set conn name
name
dhcp-server lease-time
seconds
If
dhcp-server-enable
is set to
on
, specifies the default length for DHCP leases issued by the Motorola Gateway.
Lease time is in seconds. Default is
3600
.
Page 124 / 216
Administrator’s Handbook
124
set conn name
name
dhcp-server subnet-order [1... 8]
If
dhcp-server-enable
is set to
on
, specifies the order in which to address the first of 8 possible subnets. Ordi-
narily, this is the first one, the default
1
.
set conn name
name
nat-enable [ on | off ]
Specifies whether you want the Motorola Gateway to use network address translation (NAT) when communicating
with remote Gateways. NAT lets you conceal details of your network from remote Gateways. It also permits all
LAN devices to share a single IP address. By default, address NAT is turned
on
.
set conn name
name
dhcp-client discover-time
seconds
The DHCP client parameters appear when the connection
type
has been set to
dhcpc
.
discover-time
is in sec-
onds; the default is
30
.
set conn name
name
dhcp-client dns-enable [ on | off ]
This allows you to enable or disable the default behavior of acting as a DNS proxy. The default is
on
.
set conn name
name
dhcp-client dns-override [ off | on ]
This allows you to enable or disable overriding default DNS behavior. The default is
off
.
set conn name
name
dhcp-client vendor-class
string
The
vendor-class
default information varies by model and components. This is information that identifies the unit.
set conn name
name
fs-egress
filterset_name
Attaches a user filterset to a conn which is applied to transmitted packets. See
Filterset commands
” on
page
124
.
set conn
name
name
fs-ingress
filterset_name
Attaches a user filterset to a conn which is applied to received packets. See
Filterset commands
” on page
124
.
Filterset commands
Filtersets provide packet filtering and QoS configuration. Packets are identified by characteristics that allow QoS
and forwarding decisions to be made. These characteristics can be at the MAC layer, IP layer, TCP | UDP | ICMP
layer(s), or (in applicable circumstances) 802.1q/p (VLAN-tagging) layer.
Your Gateway is capable of adding and stripping 802.1Q tags to and from
frames before transmission on its LAN
interfaces. See also
Link commands
” on page
143
for more information.
A maximum of 8 filtersets are supported. Each filterset can have up to 8 rules configured.
A maximum 8 egress
queues are supported. Each queue can have up to 8 entries.
A filterset rule identifies packet attributes to match with its
match
parameters. It acts on these packets using its
default action
parameters.
Page 125 / 216
125
set filterset name
filterset_name
rule
number
order
number
Determines order of execution of filterset rules (1 before 2, etc). If
order
is unspecified, the value of
order
is set to
1 more than the last order in the filterset. If
order
is set to an already existing order value, order values of other
rules are incremented automatically.
set filterset name
filterset_name
rule
number
match-eth-proto
number
Matches ethernet protocol field to the supplied value.
set filterset name
filterset_name
rule
number
match-eth-length
number
Matches ethernet length field to the supplied value.
set filterset name
filterset_name
rule
number
match-eth-p-bits
number
Matches VLAN priority bits.
set filterset name
filterset_name
rule
number
match-eth-vid
number
Matches VLAN id number.
set filterset name
filterset_name
rule
number
match-eth-src-mac-addr
mac_address
Matches supplied source MAC address field.
set filterset name
filterset_name
rule
number
match-eth-dst-mac-addr
mac_address
Matches supplied destination MAC address field.
set filterset name
filterset_name
rule
number
match-src-ip-addr
ip_address_range
Matches supplied value with packet's source ip address field.
set filterset name
filterset_name
rule
number
match-dst-ip-addr
ip_address_range
Matches supplied value with packet's destination ip address field.
set filterset
name
filterset_name
rule
number
match-protocol
protocol_string
Matches supplied value with packet's protocol field.
set filterset name
filterset_name
rule
number
match-tos [
number
|
descriptive_value
]
Matches tos field from numeric value 0-255; or one of the following descriptive values:
Minimize-Delay (0x10)
Maximize-Throughput (0x08)
Maximize-Reliability (0x04)
Minimize-Cost (0x02)
Normal-Service (0x00)

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top