1. SpeedTouch: Basic Training [email protected] [email protected].
85
1
-
Upload
christina-stevens -
Category
Documents
-
view
234 -
download
5
Transcript of 1. SpeedTouch: Basic Training [email protected] [email protected].
1
3
Agenda: DAY1
Company profileProduct portfolioSoftware releasesSoftware structureAccessArchitectureHands-on
Company Profile
5
Thomson along the value chain
Theatre
Production / Post-production
Mediaasset
management
Capture
Video Network Solutions
CREATION
Industry & Consumer Solutions
Content creators
End consumer
sTraditional / Digital
cinema
Home
• Convergence• PC, TV +…, phone• Content management
Office• Professional solutions
Out of home
• Mobility
Electronic / physicaldistribution
DVDdistribution
Film print
DVDreplicatio
n
Broadcast
Networkservices
Broadband• Cable
• Satellite
• Terrestrial
• Telcos (internet, 3G, WIFI, VDSL)
DISTRIBUTION ACCESS
Digital Content Solutions
6
ParisFrance
RennesFrance
HanoverGermany Beijing
ChinaPrinceton/NYUSA
IndianapolisUSA
BurbankUSA
LondonUK
Global Organisation….
with a local presence.23 000 employees world wide.
DSL Product portfolio
8
DSL Portfolio 2007
Wired Wireless Triple Play
ST546
ST330
Price
ST516ST536
ST122g
Business
ST585
Hig
h e
nd
pro
du
cts
Lo
w e
nd
pro
du
cts
ST706
ST780
TG790
ST510ST530
ST608 & 608 Wireless
ST620 & 620s
ST605 & 605s
TG546 VDSL
TG587n TG780BusinessTG707n
TG787n
TG797n
TG546 Fiber
TG585n
TG151
TG576
TG787 VDSL
TG628s
Software releases
10
Release Timeline
2007 2008
8.2.1
wk820 wk830
8.2.2
wk838
8.4.1
wk846
8.4.2 8.4.3
wk904
9.2.1
wk912
9.2.2
wk920
Main
7.4.3
wk804wk738
7.4.1
wk746
7.4.2 8.2.0
wk812wk730
6.2.T
wk729
7.2.0
wk750
8.1.0 8.3.0
wk825
.1 .2
wk850
9.1.0 .1 .2 …. Early Adopter.1 .2.1 .2 … … …
Dev. Feature X Dev. Feature Y Dev. Feature Z
Dev. Feature A
….
Demo build X Demo build X+Y Demo build X+Y+Z+A Concept
11
Software / Firmware / Build Structure
boot loader
Software
archive(customization)
.ini.tpl & .def
physical layer
security.cfg
.bin file local upgrade
.www file local upgrade remote upgrade
rescuebootp mode
12
File types
user.ini– saved config
<file>.tpl– templates (Set-Up Wizard)
<file>.def– factory defaults
<file>.cfg– configuration files; physical layer, dial
tones, security files <file>.sts
– SpeedTouch Script <file>.binSoftware container, including bootloader
<file>.wwwSoftware container, without bootloader
13
user.ini
saved configuration saved in passive directory /dl
backup via FTP– ftp://192.168.1.254
– cd dl
– get user.ini
backup via GUI– SpeedTouch – Configuration – task: Save and restore configuration
backup-configurationsave user.ini
14
user.ini content
[ cac.ini ]config port=dsl0 state=enabledconfig port=dsl1 state=enabledconfig port=atm2 state=enabledconfig port=aal5 state=disabledconfig port=atm5 state=disabledoverbooking rt=0 nrt=0
[ language.ini ]config language=fr complete=no
[ script.ini ]
…
[ fwlevel.ini ]add name=Standard index=1 readonly=enabled udptrackmode=loose service=enabled proxy=enabled text="Ce réglage
autorise le trafic sortant mais bloque le trafic entrant susceptible de nuire."add name=Off index=2 readonly=enabled udptrackmode=loose service=enabled proxy=enabled text="Le firewall est
désactivé, tout trafic entrant et sortant est autorisé."set name=Standard
[ firewall.ini ]config state=enabled keep=disabled tcpchecks=exact udpchecks=enabled icmpchecks=enabled logdefault=disabled
logthreshold=enabled tcpwindow=65536debug traceconfig tcpchecks=disabled udpchecks=disabled icmpchecks=disabled sink=none forward=none source=nonerule add chain=source_fire index=1 name=AnyTraffic log=disabled state=enabled action=acceptrule add chain=forward_level_Standard index=1 name=FromLAN srcintf=lan log=disabled state=enabled action=acceptrule add chain=forward_level_Off index=1 name=AnyTraffic log=disabled state=enabled action=accept
[ endofarch ]
15
e.g. cwmp.def
config state=disabled mode=full periodicInform=enabled periodicInfInt=43200 sessionTimeout=60 noIpTimeout=10 maxEnvelopes=2 connectionRequest=disabled connectionReqPath="" connectionReqUserName=$CWMPUSER connectionReqPsswd=$_WEPKEY_SERIAL connectionReqAuth=digest qos-class=12 bootdelayrange=0
server config url=http://acs-server.com username=$CWMPUSER password=""
debug traceconfig level=0
runtimevar softwareVersion=Unknown bootstrap=disabled
changed factory defaults
$<name> is referring to local variable
$_<name> is referring to local dynamic variable
The command line interfaceand system/software management
17
CLI access
Through TELNET– To any IP@ allocated to the CPE
– TELNET system service should allow the access
– UserID should also have TELNET in it’s allowed zones
18
CLI Navigation
Main login page
Any userID which is allowed to use the CLI
19
CLI Navigation
TAB key will auto-complete any incomplete command – When unique– Show a list of possible completions
Help command (or ?)– Works in every menu– Shows the possible sub-menus– Shows the possible commands– Shows the us of a command when used in conjunction with that
command
20
CLI Navigation
Moving forward and back in the menu-structure– Use .. To move back– Use <menu name> to move forward– Use : in front of a command to execute it from the root menu– Menu items and commands within these items can be used in one phrase.
Using the : in front will execute the sequence from the root menu.– : without a command or menu will move back to the root menu– Exit : to exit the CLI
21
CLI basic tracing
By default some traces are available from many modules :
– Press CTRL+Q to start showing tracings– Press CTRL+S to stop showing tracings– Press CTRL+T to interrupt showing historical tracings (all tracings
since startup).
22
System managementSystem menu
– System debug stats : to show system performance/resource parameters
– Reboot – Other :
Settime, localeRA : Remote assistance configuration (WWW GUI)
23
System management
System config– Set UPnP, MDAP and other
– ResetWith or without ISP defaults
24
Upgrade wizard Upgrade
Upgrade wizard is a Thomson tool Allows binary flash upgrades for significant firmware changes (including
filesystem) : bootp/tftp based Does not require ‘perfect’ IP connectivity
– Multicast (MDAP) based Provided for free on every product CD
– Easy to use Only for products with bootloader
25
Configuration upgrade
Configuration files can be uploaded through– FTP
In /dl dirWhen file is called “user.ini” it will be loaded
– TFTP up/download– Web GUI
Through speedtouch tab, configuration, backup or restore configuration
Through expert, speedtouch tab, system update, upload files section
Files need to be called user.ini in /dl to be taken into account by the bootloader
26
Configuration upgrade/backup : WWW based
More on access…
28
FTP access
29
MDAP
MDAP ( IP Multicast Discovery and Access Protocol) is a Thomson proprietary protocol
Main function: allowing discovery and communication between the modem and the host
Communication between two hosts is possible as long as IP connectivity is present
– any valid IP address is OK for modem & host ( no subnet issue)– Auto IP – modem and host should be directly connected without router or firewall in
between
MDAP– can (but shouldn’t) be disabled on the modem– allows upload and download of ASCII files– Supports authentication (login & password)
30
Reset to factory defaults
:system reset factory=yes proceed=yesThis will reset the device to factory defaults
When device running, push pinhole until rebootThis will reset the device to factory defaults
When device is booting, push pinhole until LED goes orange
This will put the device in BOOTP
31
BOOTP
BOOTP is the state where the hardware is booted, but the software is not initiated yet.
In this state, you are able to upgrade the router
In this state, no authentication is required since authentication is part of the software (which is not loaded yet)
Hierarchical module overview
33
Interface Architecture Modules
– Layer 1 : Physical ATM Phonebook menu ATM menu => ATM interface
- ATM interface with destination a phonebook entry
– Layer 2 : Datalink IP menu =>IPoA interface
- IPoA with destination an ATM interface Eth menu => ETHoA interface
- Ethoa with destination an ATM interface Eth bridge menu => bridge interfaces
- Bridge with destination an ATM interface- Part of the bridge (also eth1, eth2, eth3 and eth4
and OBC) PPPoA and PPPoE
– Layer 3 : Network IP menu => IP interface
- IP with destination IPoA, EthoA or LAN interface- IP routing
NAT : NAT menu Streams : connection menu ALG : connection menu
– Layer 4/5 : Transport Firewall menu : stateful firewall
– Layer 6 : Presentation Not applicable
– Layer 7 : Application Not applicable
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
Applicable encapsulations
35
Default configuration
:ip iplist
:ip iflist
:eth iflist
:eth bridge iflistBRIDGE
Ethernet Bridge
ethif1
SWITCH
ethif2 ethif3 ethif4
IP
Forwarding process
Local Network
10.0.0.138 192.168.1.254
USB Wifi WDS ...
EthoA
ATM
Atm_Internet
Pb8/35
Internet
PPP relay
36
A Bridge acts at the MAC layer (L2)Flooding and ForwardingNot aware of higher layers (IP packets)Self learningTraffic reduction
L1L2L3L4L5L6L7
L1L2L3L4L5L6L7
L1L1
Bridge
End node End node
L2 L2 MAC address
Bridging: general Concept
37
Bridged Ethernet : Protocol Stack
38
Bridged Ethernet : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
39
Bridged Ethernet : CLI Commands
Create an ATM phonebook entry:atm phonebook add name=BrEthoa_ph addr=8.35 type=any
Create and configure an ATM interface:atm ifadd intf=BrEthoa_atm:atm ifconfig intf=BrEthoa_atm dest BrEthoa_ph ulp=mac:atm ifattach intf=BrEthoa_atm
Create and configure an ETH interface:eth bridge ifadd intf=BrEthoa_br:eth bridge ifconfig intf=BrEthoa_br dest BrEthoa_atm:eth bridge ifattach intf=BrEthoa_br
:saveall
40
The Bridge
BRIDGE
Ethernet Bridge
ethif1
SWITCH
ethif2 ethif3 ethif4 ...
ATMMyATM1 MyATM2
Pb0/35
Pb8/35
:eth bridge iflist
41
Bridged PPPoE : Protocol stack
42
Bridged PPPoE : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
43
Bridged PPPoE : CLI Commands
Create an ATM phonebook entry:atm phonebook add name=BrEthoa_ph addr=8.35 type=any
Create and configure an ATM interface:atm ifadd intf=BrEthoa_atm
:atm ifconfig intf=BrEthoa_atm dest BrEthoa_ph ulp=mac
:atm ifattach intf=BrEthoa_atm
Create and configure an ETH interface:eth bridge ifadd intf=BrEthoa_br
:eth bridge ifconfig intf=BrEthoa_br dest BrEthoa_atm
:eth bridge ifattach intf=BrEthoa_br
44
A Router acts at the Internet layer (L3) Routing based upon IP address Not aware of higher layers (TCP segments, applications) Self learning based upon routing protocols Traffic reduction
L1L2L3L4L5L6L7
L1L2L3L4L5L6L7
L1L1
Router
End node End node
IP addressL2L3
L2L3
Routing : general Concept
45
Routed IPoA : Protocol stack
46
Routed IPoA : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
47
Routed IPoA : CLI Commands
Create and configure an ATM interface:atm phonebook add name=RtIPoA_ph addr=8.35 type= any
:atm ifadd intf=RtIPoA_atm
:atm ifconfig intf=RtIPoA_atm dest=RtIPoA_ph ulp=ip
:atm ifattach intf=RtIPoA_atm
Create and configure an IP interface:ip ifadd intf=RtIPoA_ip
:ip ifconfig intf=RtIPoA_ip dest=RtIPoA_atm
:ip ifattach intf=RtIPoA_ip
Configure the IP address:ip ipadd addr=192.6.11.67/24 intf=RtIPoA_ip addroute=yes
:saveall
48
Routed IPoEoA : Protocol stack
49
Routed IPoEoA : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
50
Routed IPoEoA : CLI Commands
Create and configure an ATM interface:atm phonebook add name=RtEthoa_ph addr=8.35 type= any:atm ifadd intf=RtEthoa_atm:atm ifconfig intf=RtEthoa_atm dest RtEthoa_ph ulp=mac:atm ifattach intf=RtEthoa_atm
Create and configure an ETH interface:eth ifadd intf=RtEthoa_eth:eth ifconfig intf=RtEthoa_eth dest RtEthoa_atm:eth ifattach intf=RtEthoa_eth
Create and configure an IP interface:ip ifadd intf=RtEthoa_ip:ip ifconfig intf=RtEthoa_ip dest RtEthoa_eth:ip ifattach intf=RtEthoa_ip
In Case of DHCP client:dhcp client ifadd intf=RtEthoa_ip:dhcp client ifattach intf=RtEthoa_ip
In Case of static IP:ip ipadd addr=192.6.11.67/24 intf=RtEthoa_ip addroute=yes
51
Routed PPPoA : Protocol stack
52
Routed PPPoA : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
53
Routed PPPoA : CLI Commands
Create and configure an ATM interface– :atm phonebook add name=RtPPPoA addr=8.35 type=any– :atm ifadd intf=RtPPPoa_atm
– :atm ifconfig intf=RtPPPoa_atm dest=RtPPPoA ulp=ppp
– :atm ifattach intf=RtPPPoa_atm
Create and configure a PPP interface– :ppp ifadd intf=Rt_PPPoA
:ppp rtadd intf=Rt_PPPoA dst=0/0 src=10.0.0.0 srcmsk=1
– :ppp ifconfig intf=Rt_PPPoA dest=RtPPPoA_atm user=johndoe@ISP password=johndoe
:nat ifconfig intf=Rt_PPPoA translation enabled
– :ppp ifattach intf=Rt_PPPoA
– :saveall
54
Routed PPPoE : Protocol stack
55
Routed PPPoE : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
56
Routed PPPoE : CLI Commands
Create and configure an ATM interface:atm phonebook add name=RtPPPoE_ph addr=8.35 type=any
:atm ifadd intf=RtPPPoE_atm:atm ifconfig intf=RtPPPoE_atm dest=RtPPPoE_ph ulp=mac:atm ifattach intf=RtPPPoE_atm
Create and configure an ETH interface:eth ifadd intf=RtPPPoE_eth:eth ifconfig intf=RtPPPoE_atm dest=RtPPPoE_atm:eth ifattach intf=RtPPPoE_eth
Create and configure a PPP interface:ppp ifadd intf=RtPPPoE0
:ppp rtadd intf=RtPPPoE0 dst=0/0 src=10.0.0.0 srcmsk=1:ppp ifconfig intf=RtPPPoE0 dest=RtPPPoE_eth user=johndoe@ISP password=johndoe
:nat ifconfig intf=RtPPPoE0 translation=enabled :ppp ifattach intf=RtPPPoE0
:saveall
57
PPPoE Relay : Protocol stackFeature to allow the combination of Bridged and Routed
PPPoE
58
PPPoE Relay : Interface mapping
PPPoA
IPoA
iARP
PPPoEIPoE /IPoEoA
ARP
PPPoE RELAY Multilink PPP
EthoA
IP Interface(s)
IP Forwarding
LoopBack
Ethernet Interface(s)(Physical Ports, OBC Bridge Port, VLAN)
Bridge
VLAN
ATM Bundle
59
PPPoE relay Overview
With CLI : first create an ETHoA interface WITHOUT IP address and add then an PPPoE interface
To enable PPPoE RELAY, configure dest=RELAY in PPPoE configuration Add the the desired ports to the RELAY ALLOW filter
– :ppp relay ifadd
60
PPPoE relay overview
Setting up pppoe sessions can happen in 2 ways :– By binding an ethernet encapsulated destination port (eth0 or ethoa) to a
pppoe session – without relay– By binding the pppoe session to the RELAY
RELAY is a filter which contains a list of allowed portsAny ethernet encapsulated ports can be added (eth and ethoa ports)
– Consequences :Pppoe sessions can be setup over a real ethernet port (eth0) e.g. to another
DSL gatewayMultiple pppoe sessions can be setup through the same PVC (RELAY)Multiple pppoe sessions can be mixed with ethoa connections having static or
dynamic ip addresses or bridgesEmbedded pppoe sessions can be mixed with pppoe sessions coming from the
LAN…
61
PPPoE Relay : CLI Commands
Create and configure an ATM interface:atm phonebook add name=RtPPPoE_ph addr=8.35 type=any:atm ifadd intf=RtPPPoE_atm:atm ifconfig intf=RtPPPoE_atm dest=RtPPPoE_ph ulp=mac:atm ifattach intf=RtPPPoE_atm
Create and configure an ETH interface:eth ifadd intf=RtPPPoE_eth:eth ifconfig intf=RtPPPoE_atm dest=RtPPPoE_atm:eth ifattach intf=RtPPPoE_eth
Add ETH to PPPoE Relay:ppp relay ifadd intf=RtPPPoE_eth:ppp relay ifadd intf=Bridge
Create and configure a PPP interface:ppp ifadd intf=RtPPPoE0:ppp rtadd intf=RtPPPoE0 dst=0/0 src=10.0.0.0 srcmsk=1:ppp ifconfig intf=RtPPPoE0 dest=relay user=johndoe@ISP password=johndoe:nat ifconfig intf=RtPPPoE0 translation=enabled :ppp ifattach intf=RtPPPoE0
:saveall
Hands-on!
Upgrade via upgrade-wizard to 7.4
64
Default configuration
:ip iplist
:ip iflist
:eth iflist
:eth bridge iflistBRIDGE
Ethernet Bridge
ethif1
SWITCH
ethif2 ethif3 ethif4
IP
Forwarding process
Local Network
10.0.0.138 192.168.1.254
USB Wifi BT WDS ...
EthoA
ATM
Atm_Internet
Pb8/35
Internet
PPP relay
65
Ethernet without bridge
… flush …
:eth bridge ifdelete …
:eth ifadd …:eth ifconfig …:eth ifattach …
:ip ifadd …:ip ifconfig …:ip ifattach …
:ip ipadd / :dhcp client ifadd (1,3,6,51,58,59)
:nat interface …
BRIDGE
Ethernet Bridge
ethif1
SWITCH
ethif2 ethif3 ethif4
IP
Forwarding process
Local Network
10.0.0.138 192.168.1.254
USB Wifi BT ...
MyWAN_Eth
DHCP_client
MyWAN_IP
Debug-tools
•ip debug traceconfig
•ctrl-q / ctrl-s / ctrl-t
•Wireshark
•Set Capture port on switch:eth switch mirror capture port=3:eth switch mirror ingress port=4:eth switch mirror egress port=4
67
Mirroring from the WAN
:eth switch mirror capture port=3:eth switch mirror ingress port=4:eth switch mirror egress port=4
BRIDGE
Ethernet Bridge
ethif1
SWITCH
ethif2 ethif3 ethif4
IP
Forwarding process
Local Network
10.0.0.138 192.168.1.254
USB Wifi BT ...
MyWAN_Eth
DHCP_client
MyWAN_IP
Wireshark
Capture HTTP/FTP request!
69
70
Troubleshooting
ADSL ATM OAM IP traceNAPT traceConnections
71
CLI
– Press CTRL+Q to start showing tracings
– Press CTRL+S to stop showing tracings
– Press CTRL+T to interrupt showing historical tracings (all tracings since startup).
72
Advanced debugging
Debug menu– Only for exceptional tracing
– Contains many low-level debugging possibilities
– “exec” command
73
ADSL
To enable ADSL logging :– :adsl config trace enabled
Set ADSL training mode– :adsl config opermode
multimode : legacy ADSLmulti_adsl2 multi_readsl2 : reach extended multi_adsl2plus
– :adsl config
74
ADSL traces
75
ATM statistics
ATM debug menu– Portstats
– AAL5stats : AAL5 errors
DSL0 = fast channelDSL1 = interleaved channel
76
ETH(oA) ports overview
Eth bridge iflist On Board CPU = routing engine
77
ETH statistics
Learned MAC addresses
ARP list
IP interface list
78
IP TRACING
IP Debug menu– Traceconfig : to display routed packets
Input/output/forward : set filter none, -telnet or use a label
– Example :
– Then press CTRL+T to clear the log qSend traffic, e.g. ping
Exclude TELNET traffic
79
IP TRACING
Ip debug traceconfig – Mode options
Default = lineAlternative = dump
80
Special IP commands
IP debug PING IP debug traceroute IP debug stats
81
Connections
:connection list– To find active connections between 2 IP addresses.
82
Additional traces
Many other menus have debug sections with trace commands
Other menus have a config option to enable tracing :NAT :DHCP server :
83
Multi level user and passwordMLP
85
Multi User – Multi Role Management
Management Interactions
Ch
an
nels
OriginsRoles
•telnet•ftp•http•Serial•MDAP•Upnp•TR-69
•LAN•Local•WAN
•Root•Guest•ASP•NSP•ISP•…
•All cli commands/options•Web pages•File access
Role + Channel + Origin = Management Interaction Template
Authentication based on either•Username/password (MRMU protected)•Ip realm (via firewall)•Triggered by end user (u/p)•Certificates (ssl/(ssh))
