Configuration of the BRIDGE port
Download TV-tuner drivers or install DriverPack Solution software for driver scan and update. Advanced Peripherals Tech. Download Abilis TV-tuner drivers or install DriverPack Solution software for driver scan and update. The main goal of the Abilis CPX BRIDGE driver is to provide a quick and reliable solution for customers with simple network topology, typically a star topology, who need to transport SNA 802.2/802.3 traffic through an IP backbone, with an alternative method to the much more complicated DLSw.
Statistics of the BRIDGE port
SNMP TRAPS generated for BRIDGE ports
BRIDGE is a module that introduces bridging functionalities in Abilis CPX. In this version it allows bridging of IEEE 802.3 frames only and only between pre-configured MAC addresses (future versions may allow bridging of any Ethernet types as well as other LAN frames (e.g. 802.5). Furthermore MAC addresses self-learning and spanning tree protocol could be added.
The main goal of the Abilis CPX BRIDGE driver is to provide a quick and reliable solution for customers with simple network topology, typically a star topology, who need to transport SNA 802.2/802.3 traffic through an IP backbone, with an alternative method to the much more complicated DLSw.
The Abilis CPX BRIDGE driver is however not limited to an IP backbone, it may use ANY backbone protocol supported in Abilis CPX through the ML/MLM drivers.
Three formats of the bridged packets can be selected:
- Abilis proprietary with a low overhead fragmentation technique
- ANSI, as per T1.618a
- ANSI with fragmentation, as per T1.618a
Bridging is not a complete replacement for DLSw, but under some circumstances it can fully satisfy user needs:
- The traffic is only LAN-to-LAN (in cpx limited to Ethernet 802.3 LANs)
- The traffic, considering the acknowledgments overhead, remains 'reasonably small'. This has an impact on performances but also on 'costs' if the transport network is paid by the volume of exchanged data.
- The transport network is reliable (small packet loss) and offers low delays, usually smaller than SNA IEEE 802.2 protocol timeouts.
- The topology of the SNA connections is of star type, i.e. from branch offices to central site. Although mesh topology is still possible, the deployment of large configurations will be cumbersome and error prone because of the huge amount of links that will be configured and the possibility of loops in the paths.
Configuration of the BRIDGE port
The BRIDGE port is labelled within the Abilis CPX with the acronym 'BRIDGE' and it is provided with the parameters described in this section.
Here is an example on how to show the BRIDGE parameters. Shown values are examples.
To activate changes made on the parameters displayed by low case characters, it is needed to restart the system; on the contrary for activating changes made on high case parameters it is enough to execute the initialization command INIT PO:xxx, where 'xxx' is the BRIDGE port number.
The 'Not Saved (SAVE CONF)' message is displayed every time the port configuration is modified but not saved with the SAVE CONF command.
The 'Not Refreshed (INIT)' message is displayed every time the port configuration is modified but not refreshed and/or restarted.
There is also the possibility to restart the port. Restarting a port means to reinitialize it like at start-up.
When a port is restarted, ALL the parameters are reloaded. In order to restart the BRIDGE port, the command is R PO:xxx, where 'xxx' is the BRIDGE port number.
Detail of the BRIDGE port parameter
| LOG: | Events logging activation and generation of alarm signals |
| DS | NO, D, S, A, L, T, ALL, +E |
Usually this parameter makes possible to activate/deactivate logging functionalities of meaningful events of the port as well as the detection and signalling of alarms in case of critical events.
The following table shows the available options and the related functionalities usable by the parameter:
| Option | Meaning |
|---|---|
| D | Recording of the driver state changes and/or the meaningful events in Debug Log |
| S | Recording of the driver state changes and/or the meaningful events in the System Log |
| A | Periodic detection of possible alarms. The detected alarms can be displayed the command ALARM VIEW or by the analogous command available on the UTILITY of the LCD display on the front panel |
| L | On alarm detection, acoustic signal generation plus a message on the LCD display. This function depends on activation of alarms detection by the 'A' option |
| T | Generation by the Agent SNMP of Abilis CPX of SNMP traps corresponding to any change of the driver state and/or occurring of meaningful events |
Beside the already described options the following values are also allowed:
| Option | Meaning |
|---|---|
| NO | It means that all the logging functionalities, alarms detection and generation, above mentioned, are disabled. |
| ALL | It means that all the logging functionalities, alarms detection and generation, above mentioned, are enabled. |
| +E | This option added to one or more of the previous ones, extends its (their) set of meaningful events. The value 'ALL+E' activates all the options and extends the set of meaningful events. The value 'NO+E' is meaningless so it is ignored. |
Options can be combined together.
Some examples:
- setting 'LOG:DS+E', activates the extended logging functions for Events Log and System Log
- setting 'LOG:STA', activates the extended logging functions for System Log, SNMP traps generation and periodic detection of alarm states;
By using the characters '+' and '-' as prefix of one or more options is possible to add or delete one or more functionalities without setting from the scratch the value of the parameters.
Some examples:
- Suppose the current value of the parameter is 'LOG:DSTA', by setting 'LOG:-A', the periodic detection of eventual alarm states is removed, leaving unchanged all the remaining options; in such way the final value of the parameter will be 'LOG:DST';
- Suppose the current value of the parameter is 'LOG:ST', by setting 'LOG:+DA', the logging function of the events on the Events Log and the periodic alarm detection are added to the already activated options; in such way the final value of the parameter will be 'LOG:DSTA'.
The changes made on this parameter are immediately activated, without the need of initialization commands.
| ACT: | BRIDGE activation |
| NO | NO, YES |
It activates the BRIDGE functionalities above mentioned. If the parameter is set to 'NO', even if the BRIDGE port is configured and active, it won't carry out any functionality within the system.
| LOWPO: | Identifier of the Abilis CPX lower ETH100 port |
| NONE | NONE, TYPE-XXX |
It sets the Abilis CPX lower level port. It can only be an ETH100 port.
Value 'NONE' isolates the BRIDGE port from CPX lower ethernet-100 port.
| MODE: | Behaviour of frames exchange among LAN and Links |
| STAR | STAR, MESH |
Indicates which is the behaviour used by BRIDGE upon receiving frames:
- STAR: BRIDGE port works in 'star' mode, that is data traffic can take place only between LAN and LinkS, and not between LINK and LINK.
Broadcasts received from a link are sent only to the LAN, while broadcasts received from LAN are 'copied' to all the links. - MESH: BRIDGE port works in 'mesh' mode, that is data traffic can take place between LAN and LinkS, and also between LINK and LINK.
Broadcasts received from LAN are 'copied' to all the links, as in 'star' mode, but broadcasts received from a link are sent to the LAN and to all the other LINKS.
| LAN-PROT: | Bridging protocol frames |
| IEEE | IEEE |
Selects if bridging is allowed only for IEEE frames or for ALL Ethernet frames types.
Currently BRIDGE allows traffic on only IEEE frames.
| L-MAC: | Local MAC addresses accepted |
| * | #, *, ListName |
It is used as a filter to determine which frames can be accepted from ETH100 port.
- * BRIDGE accepts frames from ETH100 from ANY source MAC addresses.
- # BRIDGE doesn't accept any frame because no list is configured.
- listname BRIDGE accepts frames from ETH100 only if the source MAC address is present in the <listname> list of MAC addresses. BRIDGE increment a counter for frames that are discarded because of this filter (L-MAC-DENY).
| M-MAC: | Multicast MAC addresses |
| # | #, ListName |
This list is used to indicate to ETH100 which multicast can be received by BRIDGE.
- # BRIDGE doesn't accept any MULTICAST frame because list is not configured.
- listname BRIDGE accepts MULTICAST frames from ETH100 only if the source MAC address is present in the <listname> list of MULTICAST MAC addresses.
| SAP: | Filter on SAP |
| * | #, *, 00..FF, 'ListName' |
This is a filter in order to allow specific SAP value. Filter as applied for both source and destination SAP.
- * BRIDGE accepts frames with ANY SAP value.
- # BRIDGE doesn't accept any frame because no SAP list nor SAP value is configured.
- value BRIDGE accept only frames with SAP <value> configured.
- listname BRIDGE accepts frames only if the SAP is present in the <listname> list of SAP values.
| RXPADREMOVE: | Remove padding in frames received from LAN |
| * | NO, YES |
This parameter allow to activate/deactivate padding removal in frames received from LAN.
| Lnk: | Link identifier |
| 1 - 256 |
It identifies the LINK where the parameters refers to.
| ST: | Link State |
| DELETED | NEW, DELETED, RUNNING |
Status of the LINK configuration.
Download Abilis Driver App
NEW: LINK is added in BRIDGE configuration, but it is not yet operative (BRIDGE needs to be restarted).
DELETED: LINK is removed from BRIDGE configuration, but it is still present into BRIDGE port, even if no more used (BRIDGE needs to be restarted to completely remove it from memory).
RUNNING: LINK is present in configuration and working. This is the only status where BRIDGE can send/receive datagrams on this LINK.
| LOWPO: | Lower link port |
| NONE | NONE, TYPE-XXX |
Identifier of the lower Abilis CPX port used by the link.
It defines the Link port of the lower level, which can only be MLM or ML type.
If no Link port is required, the value 'NONE' must be set.
| ENC: | Encapsulation method |
| ABILIS | ABILIS, ANSI, ANSI-FRAG |
Indicates the type of encapsulation performed on the LINK port.
- ABILIS Abilis proprietary protocol is used, which have fragmentation capabilities always active.
- ANSI Ethernet frame is encapsulated according to ANSI T1.617a annex F,
- ANSI-FRAG Ethernet frame is encapsulated according to ANSI T1.617a annex F, multiprotocol encapsulation over frame relay, with fragmentation specified in chapter F.5.3, without the T.618 address.
| FRAGSIZE: | Maximum length of fragments |
| 800 | 32 - 1518 |
Defines the length of the sent fragment, for those encapsulations that provide fragmentation. The parameter regulates only 'sent frames', while BRIDGE must always be ready to receive fragments of any size.
| RXQUEUE: | Receive queue size |
| 10 - 255 | 10 |
Defines the size, in kbytes, of the receive queue of the link.
Frames received from the link and destined to the lan are 'parked' in this queue.
Frame received from the link and destined to another link (MESH mode) are directly put into the link TX queue, without transiting through the link rx buffers.
| TXQUEUE: | Transmit queue size |
| 10 - 255 | 30 |
Defines the size, in kbytes, of the transmit queue of the link.
Frames destined to the link are 'parked' in this queue, regardless is they are received from LAN or from another LINK.
| R-MAC: | Remote MAC address |
| <empty> | 00-00-00-00-00-00 - FF-FF-FF-FF-FF-FF |
List of remote MACs present to the other side of the link.
This information is very important because is used to indicate to ETH100 port which MAC addresses are allowed to be received.
Statistics of the BRIDGE port
Example on how to show state and statistics of BRIDGE ports through the command D S:
Example on how to show extended statistics of BRIDGE ports through the command D SE:
The information 'Cleared DDD:HH:MM:SS ago, at DD/MM/YYYY HH:MM:SS', referred by the extended statistics, shows the time interval elapsesed from the last reset of statistics (by the format 'days:hours:minutes:seconds') and date/time of its execution (by the format 'day:month:year' and 'hours:minutes:seconds').
Detail of statistics of BRIDGE ports
| STATE: | Current state of the BRIDGE port |
| DOWN, READY, ERR |
It shows the current state of the BRIDGE port.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Debug Log | Display LCD | |||
| BRIDGE | DOWN | The BRIDGE port driver is down. | dn | ||
| READY | The BRIDGE port driver is ready. | RD | |||
| ERR | Software error, contact Abilis assistance | NA | |||
| LINKs: | Current global state of links of BRIDGE port |
| ALL-DOWN, ALL-READY, SOME-READY, NO-LINKS |
Indicates the current global state of links of BRIDGE port drvers.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Debug Log | Display LCD | |||
| BRIDGE Links | ALL-DOWN | All links of the BRIDGE port driver are down. | dn | ||
| ALL-READY | All links of the BRIDGE port driver are ready. | rd | |||
| SOME-READY | Some links of the BRIDGE port driver are ready. | RD | |||
| NO-LINKs | No links are avaiable for the BRIDGE port driver. | np | |||
| ERR | Software error, contact Abilis assistance | NA | |||
| DOWN: | Number of times that BRIDGE went into DOWN state |
| 0 - 4294967295 |
This counter shows the total number of times that BRIDGE went into DOWN state from a READY state.
| Lan: | LAN identifier |
| 1 - 256 |
Identifier used to specify to which LAN of the BRIDGE port driver, diagnostic informations refer to.
| ST: | Current LAN state |
| NONE, LINK-NP, LINK-ERR, DOWN1, READY, UNDEFINED |
Indicates th current sate of a specific LAN of the BRIDGE port driver.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Debug Log | Display LCD | |||
| BRIDGE Lan | NONE | Link doesn't exists. | dn | ||
| LINK-NP | Down state: unable to establish the connection. | np | |||
| LINK-ERR | Down state: unable to establish the connection. | dn | |||
| DOWN1 | Down state: lower layer is DOWN. | DN | |||
| READY | Channel is ready. | RD | |||
| UNDEFINED | State undefined. | dn | |||
| ERR | Software error, contact Abilis assistance | NA | |||
| DOWN: | Number of times that a LAN went into DOWN1 state |
| 0 - 4294967295 |
This counter shows the total number of times that a LAN of the BRIDGE port driver went into DOWN1 state.
| Lnk: | Link identifier |
| 1 - 256 |
Identifier used to specify to which Link of the BRIDGE port driver, diagnostic informations refer to.
| ST: | Current Link state |
| NONE, LINK-NP, LINK-ERR, DOWN1, READY, UNDEFINED |
Indicates th current sate of a specific Link of the BRIDGE port driver.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Debug Log | Display LCD | |||
| BRIDGE Link | NONE | Link doesn't exists. | dn | ||
| LINK-NP | Down state: unable to establish the connection. | np | |||
| LINK-ERR | Down state: unable to establish the connection. | dn | |||
| DOWN1 | Down state: lower layer is DOWN. | DN | |||
| READY | Channel is ready. | RD | |||
| UNDEFINED | State undefined. | dn | |||
| ERR | Software error, contact Abilis assistance | NA | |||
| DOWN: | Number of times that a Link went into DOWN1 state |
| 0 - 4294967295 |
This counter shows the total number of times that a Link of the BRIDGE port driver went into DOWN1 state.
| CHR: | Number of received/sent characters |
| 0 - 4294967295 |
The counter CHR (INPUT) is incremented every time a frame is received from every LAN and Link.
The counter CHR (OUTPUT) is incremented every time a frame is sent to every LAN and Link.
This counter is the sum of the CHR specific statistics of LAN and of the CHR specific statistics of Link present into BRIDGE.
The counter is incremented for every frame by the amount of characters present into it.
| FRM: | Number of received/sent frame |
| 0 - 4294967295 |
The counter FRM (INPUT) is incremented every time a frame is received from every LAN and Link.
The counter FRM (OUTPUT) is incremented every time a frame is sent to every LAN and Link.
This counter is the sum of the FRM specific statistics of LAN and of the FRM specific statistics of Link present into BRIDGE.
| ERROR: | Number of errors received/sent |
| 0 - 4294967295 |
This counter has a sum of all the errors counted into specific statistics for LAN and Link.
Detail of statistics of LAN of BRIDGE ports
| CHR | Number of received/sent characters |
| 0 - 4294967295 |
The counter CHR (INPUT) is incremented every time a frame is received from the specific LAN.
The counter CHR (OUTPUT) is incremented every time a frame is sent to the specific LAN.
The counter is incremented for every frame by the amount of characters present into it.
| FRM | Number of received/sent frames |
| 0 - 4294967295 |
The counter FRM (INPUT) is incremented every time a frame is received from the specific LAN.
The counter FRM (OUTPUT) is incremented every time a frame is sent to the specific LAN.
| LONG | Number of frames received and lost due to length |
| 0 - 4294967295 |
This counter is incremented for every frame received and lost due to length greater than allowed size.
| SHORT | Number of frames received and lost due to length |
| 0 - 4294967295 |
This counter is incremented for every frame received and lost due to length smalled than minimum size required to analyse the frame.
| L-MAC-DENY | Number of frames discarded to LOCAL MAC filter |
| 0 - 4294967295 |
This counter is incremented for every frame received from ETH100 port with a MAC address not present (for more details see L-MAC:).
| R-MAC-DENY | Number of frames LOST due to MAC filtering |
| 0 - 4294967295 |
This counter is incremented for every frame received from a LAN and its source MAC address is not present into R-MAC: list.
This is a filter used to avoid traffic possible only in a single direction.
| SAP-DENY | Number of frames LOST due to SAP filter |
| 0 - 4294967295 |
This counter is incremented every time a frame received from LAN contains a SAP value that is not allowed to be received due to SAP filter (for more details see SAP:).
| NODEST | Number of frames LOST due to a MAC address destination unknown |
| 0 - 4294967295 |
This counter is incremented every time a frame is received from LAN and BRIDGE has no information about where to send that frame.
Detail of statistics of Link of BRIDGE ports
| CHR | Number of received/sent characters |
| 0 - 4294967295 |
The counter CHR (INPUT) is incremented every time a frame is received from the specific Link.
The counter CHR (OUTPUT) is incremented every time a frame is sent to the specific Link.
The counter is incremented for every frame by the amount of characters present into it.
| FRM | Number of received/sent frames |
| 0 - 4294967295 |
The counter FRM (INPUT) is incremented every time a frame is received from the specific Link.
The counter FRM (OUTPUT) is incremented every time a frame is sent to the specific Link.
| LONG | Number of frames received and lost due to length |
| 0 - 4294967295 |
This counter is incremented for every frame received and lost due to length greater than allowed size.
| SHORT | Number of frames received and lost due to length |
| 0 - 4294967295 |
This counter is incremented for every frame received and lost due to length smalled than minimum size required to analyse the frame.
| L-MAC-DENY | Number of frames discarded to LOCAL MAC filter |
| 0 - 4294967295 |
This counter is incremented for every frame received from ETH100 port with a MAC address not present (for more details see L-MAC:).
| R-MAC-DENY | Number of frames LOST due to MAC filtering |
| 0 - 4294967295 |
This counter is incremented for every frame received from a Link and its source MAC address is not present into R-MAC: list.
This is a filter used to avoid traffic possible only in a single direction.
| SAP-DENY | Number of frames LOST due to SAP filter |
| 0 - 4294967295 |
This counter is incremented every time a frame received from Link contains a SAP value that is not allowed to be received due to SAP filter (for more details see SAP:).
| NODEST | Number of frames LOST due to a MAC address destination unknown |
| 0 - 4294967295 |
This counter is incremented every time a frame is received from Link and BRIDGE has no information about where to send that frame.
| NOBUF: | Frames lost due to a receiving/sending queue full |
| 0 - 4294967295 |
This counter is incremented every time the use of queues is required and no space is available to store frames.
The counter NOBUF (INPUT) is incremented every time a frame is received from a Link and receiving queue is full.
The counter NOBUF (OUTPUT) is incremented every time a frame is sent to a Link and sending queue is full.
| BAD-FMT: | Frames lost due to a frame bad format |
| 0 - 4294967295 |
This counter is incremented every time the frame format is different from expected.
It could be due also to a misconfiguration of ENC protocols between 2 links.
| BAD-FRAG: | Error during fragmentation/reassemply phase |
| 0 - 4294967295 |
The counter BAD-FRAG (INPUT) is incremented every time there is a missing fragment when reassembly whole datagram.
The counter BAD-FRAG (OUTPUT) is incremented every time is needed a frame fragmentation and ENC: parameter doesn't allow it.
SNMP TRAPS generated for BRIDGE ports
The SNMP Agent of Abilis CPX is able to generate traps owing to meaningful state changes pertinent either to the BRIDGE port itself and to LANs and to Links of the BRIDGE port driver.
SNMP traps generated for global state changes pertinent to all Links of the BRIDGE port
The traps listed below are generated when at least the 'T' options are set in the LOG: parameter, corresponding to the basic SNMP traps generation functionality provided for BRIDGE ports.
| Trap own code | Mnemonic of the trap | SNMP variables shown in the trap | Description |
|---|---|---|---|
| 66 | cxTrapBdgDown | cxPortIndex, cxPortType, cxBdgDiagState, cxBdgDiagLinksState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time the BRIDGE port currently running goes to DOWN state. |
| 67 | cxTrapBdgReady | cxPortIndex, cxPortType, cxBdgDiagState, cxBdgDiagLinksState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time the BRIDGE port currently running goes to READY state. |
| 68 | cxTrapBdgAllLinksDown | cxPortIndex, cxPortType, cxBdgDiagState, cxBdgDiagLinksState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time all links of the BRIDGE port currently running are in DOWN state. |
SNMP traps generated for state changes pertinent to LANs of the BRIDGE port
The traps listed below are generated when at least the 'T' options are set in the LOG: parameter, corresponding to the basic SNMP traps generation functionality provided for BRIDGE ports.
| Trap own code | Mnemonic of the trap | SNMP variables shown in the trap | Description |
|---|---|---|---|
| 69 | cxTrapBdgLanDown | cxPortIndex, cxPortType, cxBdgDiagLanIndex, cxBdgDiagLanState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time the LAN of the BRIDGE port currently running goes to DOWN state. |
| 70 | cxTrapBdgLanReady | cxPortIndex, cxPortType, cxBdgDiagLanIndex, cxBdgDiagLanState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time the LAN of the BRIDGE port currently running goes to READY state. |
SNMP traps generated for a single Link of the BRIDGE port
The traps listed below are generated only when the 'T+E' options are set in the LOG: parameter, i.e. it is required an extension of the basic SNMP traps generation functionality.
| Trap own code | Mnemonic of the trap | SNMP variables shown in the trap | Description |
|---|---|---|---|
| 71 | cxTrapBdgLinkDown | cxPortIndex, cxPortType, cxBdgDiagLinkIndex, cxBdgDiagLinkState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time a LINK of the BRIDGE port currently running goes to DOWN state. |
| 72 | cxTrapBdgLinkReady | cxPortIndex, cxPortType, cxBdgDiagLinkIndex, cxBdgDiagLinkState, sysUpTime | The SNMP Agent of the Abilis CPX generates this kind of trap every time a LINK of the BRIDGE port currently running goes to READY state. |
Detail of the SNMP variables shown in the BRIDGE port traps
| cxPortIndex | BRIDGE port which the SNMP trap refers to |
| 0 - 999 |
This variable stores the CPX port number, which the SNMP trap refers to.
| cxPortType | Type and description of the BRIDGE port, which the trap refers to |
| type - description |
This variable shows either the port type which the trap refers to (in this case BRIDGE) and the description eventually associated to it.
| cxBdgDiagState | Current state of the BRIDGE port driver, which the trap refers to |
| down(0), ready(1) |
This variable shows the current state of the BRIDGE port driver which the trap refers to. The following table shows the relationship among the state value stored in the SNMP variable and the ones obtained executing the command D S.
| Value of the SNMP variable | Correspondent state of the BRIDGE driver |
|---|---|
| down(0) | DOWN |
| ready(1) | READY |
| cxBdgDiagLinksState | Current global state for Links of BRIDGE port driver, which the trap refers to |
| all_down(0), some_ready(1), all_ready(2), no_links(3) |
This variable shows the current global state for Links of BRIDGE port driver which the trap refers to. The following table shows the relationship among the state value stored in the SNMP variable and the ones obtained executing the command D S.
| Value of the SNMP variable | Correspondent state of the BRIDGE driver |
|---|---|
| all_down(0) | ALL-DOWN |
| some_ready(1) | SOME-READY |
| all_ready(2) | ALL-READY |
| no_links(3) | NO-LINKs |
| cxBdgDiagLanIndex | Index of the BRIDGE port LAN, which the trap refers to |
| 1 - 256 |
This variable shows the index of the BRIDGE port LAN which the trap refers to.
| cxBdgDiagLanState | Current state of the BRIDGE port LAN, which the trap refers to |
| none(0), link_not_present(1), link_error(2), down1(3), ready(4), undefined(5) |
This variable shows the current state of the LAN of the BRIDGE port, which the trap refers to. The following table shows the relationship among the state value stored in the SNMP variable and the ones obtained executing the command D S.
| Value of the SNMP variable | Correspondent state of the LAN |
|---|---|
| none(0) | NONE |
| link_not_present(1) | LINK-NP |
| link_error(2) | LINK-ERR |
| down1(3) | DOWN1 |
| ready(4) | READY |
| undefined(5) | UNDEFINED |
| cxBdgDiagLinkIndex | Index of the BRIDGE port LINK, which the trap refers to |
| 1 - 256 |
This variable shows the index of the BRIDGE port LINK which the trap refers to.
| cxBdgDiagLinkState | Current state of the BRIDGE port LINK, which the trap refers to |
| none(0), link_not_present(1), link_error(2), down1(3), ready(4), undefined(5) |
This variable shows the current state of the Link of the BRIDGE port, which the trap refers to. The following table shows the relationship among the state value stored in the SNMP variable and the ones obtained executing the command D S.
| Value of the SNMP variable | Correspondent state of the Link |
|---|---|
| none(0) | NONE |
| link_not_present(1) | LINK-NP |
| link_error(2) | LINK-ERR |
| down1(3) | DOWN1 |
| ready(4) | READY |
| undefined(5) | UNDEFINED |
| sysUpTime | Elapsed time from the system start to the event occurrence |
| 0 - 4.294.967.295 or 'ddd:hh:mm:ss' |
This variable stores the elapsed time (in cent of second) from the system start to the SNMP trap event occurrence.
This value is usually shown by the format days:hours:minutes:seconds.
TerminologyConfiguration of the DNS port
Statistics of the DNS port
The Domain Name System (DNS) protocol of TCP/IP networks identifies network stations through a symbolic name associated to the IP address.
When active, the Abilis CPX DNS port behaves as a DNS Resolver for all the local services and, if activated, as a DNS Relay too. The DNS Relay feature allows the system to appear as a DNS server to other IP stations while it simply forwards the requests to real DNS servers, and their responses are forwarded back to the original requesters.
The DNS port of the Abilis CPX uses the Connection Less transport service, provided by the UDP protocol, to query one or two DNS servers referred as primary and secondary.
Terminology
Why it is needed?
This method is absolutely needed when the CPX is used in a LAN as a router with NAT+PAT with a dial-up PPP connection. In this situation the address of DNS servers may not be known in advance because they are discovered at PPP connection establishment, and therefore they cannot be configured in the stations: the address of CPX is configured instead, which in turn will forward the request to the DNS servers addresses obtained by PPP. The method can also be used to simplify the configuration of the lan stations: lans are configured with the same address for both 'default gateway' and 'DNS server', CPX will forward the requests to the configured DNS which may be easily changed by CPX administrator in any moment, and for all the stations.
DNS relay service 'listens' for incoming requests on the local UDP port 53, and behaves as explained below:
- listen for requests on local UDP port 53
- receives a DNS request from DNS client
- validates the request (only formally correct ones are processed)
- relays the request to a real DNS server (PRIMARY or SECONDARY)
- receives, from the real DNS server, the response for this request
- sends the response to the DNS requester (also called DNS client)
In addition DNS relay can:- Check the IP address of a requester (source IP in the request packet) against a list of allowed ones and discard those not allowed.
- Process several simultaneous requests from the same or different users.
- Load balance between PRIMARY and SECONDARY DNS servers.
- Validate incoming packets (requests from clients and responses from servers) against formal errors.
Configuration of the DNS port
The Domain Name System Protocol port is labelled within the Abilis CPX with the acronym 'DNS' and it is provided with the parameters described in this section.
Here is an example on how to display the DNS port parameters. Shown values are the default ones.
To activate changes made on the parameters displayed by low case characters, it is needed to restart the system; on the contrary for activating changes made on upper case parameters it is enough to execute the initialization command INIT PO:.
Changes made on LOG: parameter are immediately active.
The 'Not Saved (SAVE CONF)' message is displayed every time the port configuration is modified but not saved with the SAVE CONF command.
The 'Not Refreshed (INIT)' message is displayed every time the port configuration is modified but not refreshed with the INIT PO: command.
Detail of the DNS port parameters
| LOG: | Events logging activation and generation of alarm signals |
| DS | NO, D, S, A, L, T, ALL, +E |
Usually this parameter makes possible to activate/deactivate logging functionalities of meaningful events of the port as well as the detection and signalling of alarms in case of critical events.
The following table shows the available options and the related functionalities usable by the parameter:
| Option | Meaning |
|---|---|
| D | Recording of the driver state changes and/or the meaningful events in Debug Log |
| S | Recording of the driver state changes and/or the meaningful events in the System Log |
| A | Periodic detection of possible alarms. The detected alarms can be displayed the command ALARM VIEW or by the analogous command available on the UTILITY of the LCD display on the front panel |
| L | On alarm detection, acoustic signal generation plus a message on the LCD display. This function depends on activation of alarms detection by the 'A' option |
| T | Generation by the Agent SNMP of Abilis CPX of SNMP traps corresponding to any change of the driver state and/or occurring of meaningful events |
Beside the already described options the following values are also allowed:
| Option | Meaning |
|---|---|
| NO | It means that all the logging functionalities, alarms detection and generation, above mentioned, are disabled. |
| ALL | It means that all the logging functionalities, alarms detection and generation, above mentioned, are enabled. |
| +E | This option added to one or more of the previous ones, extends its (their) set of meaningful events. The value 'ALL+E' activates all the options and extends the set of meaningful events. The value 'NO+E' is meaningless so it is ignored. |
Options can be combined together.
Some examples:
- setting 'LOG:DS+E', activates the extended logging functions for Events Log and System Log
- setting 'LOG:STA', activates the extended logging functions for System Log, SNMP traps generation and periodic detection of alarm states;
By using the characters '+' and '-' as prefix of one or more options is possible to add or delete one or more functionalities without setting from the scratch the value of the parameters.
Some examples:
- Suppose the current value of the parameter is 'LOG:DSTA', by setting 'LOG:-A', the periodic detection of eventual alarm states is removed, leaving unchanged all the remaining options; in such way the final value of the parameter will be 'LOG:DST';
- Suppose the current value of the parameter is 'LOG:ST', by setting 'LOG:+DA', the logging function of the events on the Events Log and the periodic alarm detection are added to the already activated options; in such way the final value of the parameter will be 'LOG:DSTA'.
The changes made on this parameter are immediately activated, without the need of initialization commands.
| lowpo: | Lower CPX port number |
| NONE | NONE, 1 - 999 |
It sets the lower CPX port number. Only UDP are accepted.
Value 'NONE' isolate the DNS port.
| ACT: | Runtime activation/deactivation |
| NO | NO, YES |
This parameter allows to run-time activate/deactive DNS functionalities.
When it is set to 'NO', DNS port is running but its functionalities are disabled.
When it is set to 'YES', DNS port is running and its functionalities are enabled.
| RELAY: | Activation/deactivation of DNS relay feature. |
| NO | NO, YES |
This parameter activate/deactivate DNS relay feature for DNS port. DNS relay allows to relay external DNS requests of DNS clients from CPX to DNS server.
| locport: | DNS-relay listening UDP port |
| 53 | 53 |
This parameter sets the UDP port on which the DNS relay will receive client's requests. As specified in RFC-1700 and RFC-1035, the only possible value is 53.
| SRCADD: | Source IP address for outgoing requests |
| R-ID | R-ID, OUT-IPP, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255 |
It sets the IP address to be set in every outgoing DNS requests.
The 'R-ID' value makes possible to use the Router-ID IP address.
The 'OUT-IPP' value makes possible to use the IP address of the IP port through which the request is sent.
The specification of an IP address, in Dotted Decimal Notation, in the range [1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255] is also allowed. D and E class of IP addresses are not supported.
| PRIMARY: | IP address of the primary DNS Server |
| # | #, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255 |
This parameter sets the IP address of the primary DNS server, which the Abilis CPX port refers to for name resolution.
The allowed values are shown in the following table:
| HEX: | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
|---|---|---|
| DDN: | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
IP addresses of class D and E are not currently supported.
The value '#' means 'none primary DNS Server'.
| SECONDARY: | IP address of the secondary DNS Server |
| # | #, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255 |
This parameter sets the IP address of the secondary DNS server, which the Abilis CPX port refers to for name resolution.
The allowed values are shown in the following table:
| HEX: | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
|---|---|---|
| DDN: | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
IP addresses of class D and E are not currently supported.
The value '#' means 'none secondary DNS Server'.
| DELAY: | Time that resolvers waits for server's responses |
| 5 | 1..15 sec. |
This parameter sets the maximum time (in seconds) to wait for receiving a response from the DNS server (Resolver only).
| RTY: | Number of attempts to perform DNS request |
| 1 | 1..10 |
This parameter sets how many times a request has to be sent to the DNS server if the DNS Resolver doesn't get any response in the expected time interval fixed in the DELAY: parameter (Resolver only).
| RELAY-TOUT: | Timeout waiting server response for relayed requests |
| 5 | 5..60 sec. |
This parameter sets the time of life (in seconds) for a record in DNS relay table (Relay only).
The record in the DNS relay table is used to forward back to the client the response from the PRIMARY: or SECONDARY: server, therefore if the time elapses and record is deleted further 'late answers' cannot be passed back to the client.
| IPSRC: | Client IP address from which the requests are accepted |
| * | *, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255 |
This parameter selects the IP address of the client from which the requests will be accepted (Relay only).
In conjunction with IPSRCLIST:, it allows to selectively grant/deny the service to stations by looking at their IP address, actually the source IP address of the requests.
If it is equal to '*', requests are accepted from any IP address. This value also makes IPSRCLIST: parameter irrelevant.
If it is equal to a specific IP address, only requests from that address are accepted. However, if an IP list is specified in IPSRCLIST:, those IP addresses will be accepted too.
The allowed IP addresses are shown in the following table:
Download Abilis Driver Pc
| HEX: | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
|---|---|---|
| DDN: | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
IP addresses of class D and E are not currently supported.
Requests coming from DNS Client, whose IP address doesn't match neither the value configured in this parameter nor satisfies the list configured in IPSRCLIST: parameter, are discarded.
| IPSRCLIST: | List of additional client IP addresses from which the requests are accepted |
| # | ListName, # |
The parameter sets the list of DNS Client systems enabled to use the DNS relay service.
The name of the list must be string of up to 20 characters in the range [0..9, a..z, A..Z, _]. It must correspond to the name of a list of IP addresses or the name of a list of IP addresses ranges or the name of a Rule list or the name of a Master Rule list. The referenced list must already be defined in the Elements Lists service.
The value '#' means 'no list'.
Requests coming from DNS Clients, whose IP address doesn't satisfy neither the list configured in this parameter nor matches the value configured in IPSRC: parameter, are discarded.
Statistics of the DNS port
The following example shows how to display state and statistics of the DNS port through the command D S:
The following example shows how to display extended statistics of the DNS port through the command D SE:
If DNS relay feature is not active, i.e. RELAY: parameter is set to 'NO', the 'Relay' section of the statistics will not appear.
The information 'Cleared DDD:HH:MM:SS ago, at DD/MM/YYYY HH:MM:SS', referred by the extended statistics, shows the elapsed time from the last reset of the statistics (by the format 'days:hours:minutes:seconds') and date/time of its execution (by the format 'day/month/year' and 'hours:minutes:seconds').
Detail of state fields and statistics of the DNS port
| RESOLVER-STATE: | Current state of the resolver service |
| INACTIVE, DOWN, READY, ERR |
It shows the actual state of the resolver service.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Events Log | Display LCD | |||
| DNS | INACTIVE | Driver is not active because ACT: parameter is set to 'NO'. | IN | ||
| DOWN | Driver is not active because not connected to the lower level UDP port, or the LOWPO: parameter is set to 'NONE'. | DN | |||
| READY | Driver is successfully connected to the UDP port and properly working | RD | |||
| ERR | Software Error. Contact the Abilis assistance. | NA | |||
| RELAY-STATE: | Current state of the relay service |
| INACTIVE, DOWN, READY, ERR |
It shows the actual state of the relay service.
| Driver | States | Meaning | Values shown in: | ||
|---|---|---|---|---|---|
| System Log | Events Log | Display LCD | |||
| DNS | INACTIVE | State set when the parameter RELAY: is set to 'NO' or when the parameter ACT: is set to 'NO'. | NA | ||
| DOWN | Driver is not active because not connected to the lower level UDP port, or the parameter LOWPO: is set to 'NONE' | DN | |||
| READY | Driver is successfully connected to the UDP port and properly working | RD | |||
| ERR | Software Error. Contact the Abilis assistance | NA | |||
| CUR: | Number of records currently occupied with pending requests. |
| 0 | 0 - 20000 |
It counts all the records that contains a request 'waiting for server response', not yet timed out.
| PEAK: | Maximum number of simultaneously pending records ever reached. |
| 0 | 0 - 20000 |
This value shows the maximal use of the table, that is the maximum number of records that were simultaneously waiting for response, not yet timed out.
| MAX: | Maximum number of simultaneously pending requests. |
| 500 | 0 - 20000 |
This is actually the number of records that the table can host. The value 500 is the size provided in Abilis CPX and cannot be changed by the user. The value has been determined in excess, however if you exeperience frequent 'table full' please contact Abilis helpdesk to get the workaround.
| PRI-QUERIES | Number of queries sent to the primary DNS server |
| 0 - 4.294.967.295 |
The counter PRI-QUERIES (OUTPUT) shows the overall number of queries sent to the primary DNS Server.
| PRI-RES | Number of responses received from the primary DNS server |
| 0 - 4.294.967.295 |
The counter PRI-RES (INPUT) shows the overall number of response received from the primary DNS Server.
| PRI-UNK | Number of negative responses received from the primary DNS Server |
| 0 - 4.294.967.295 |
The counter PRI-UNK (INPUT) shows the overall number of negative responses ('Unknown Host') received from the primary DNS Server.
| PRI-RTY-OVR | Number of retransmission to the primary DNS server overruns |
| 0 - 4.294.967.295 |
The counter PRI-RTY-OVR (INPUT) shows how many times the maximum number, configured in the parameter RTY:, of retransmission to the primary DNS Server ran over.
| PRI-TOUT | Number of times the time-out of response from the primary DNS server ran over |
| 0 - 4.294.967.295 |
The counter PRI-TOUT (INPUT) is incremented every time the time-out, configured in the parameter DELAY:, of responses from the primary DNS Server ran over.
| PRI-ERRORS | Number of bad frames received from the primary DNS server |
| 0 - 4.294.967.295 |
The counter PRI-ERRORS (INPUT) shows the number of invalid frames received from the primary DNS Server.
| SEC-QUERIES | Number of queries sent to the secondary DNS server |
The counter SEC-QUERIES (OUTPUT) shows the overall number of queries sent to the secondary DNS Server.
| SEC-RES | Number of response received from the secondary DNS server |
| 0 - 4.294.967.295 |
The counter SEC-RES (INPUT) shows the overall number of responses received from the secondary DNS Server.
| SEC-UNK | Number of negative responses received from the secondary DNS Server |
| 0 - 4.294.967.295 |
The counter SEC-UNK (INPUT) shows the overall number of negative responses ('Unknown Host') received from the secondary DNS Server.
| SEC-RTY-OVR | Number of retransmission to the secondary DNS server overruns |
| 0 - 4.294.967.295 |
The counter SEC-RTY-OVR (INPUT) shows how many times the maximum number, configured in the parameter RTY:, of retransmission to the secondary DNS Server ran over.
| SEC-TOUT | Number of times the time-out of response from the secondary DNS server ran over |
| 0 - 4.294.967.295 |
The counter SEC-TOUT (INPUT) is incremented every time the time-out, configured in the parameter DELAY:, of responses from the secondary DNS Server ran over.
| SEC-ERRORS | Number of bad frames received from the secondary DNS server |
| 0 - 4.294.967.295 |
The counter SEC-ERRORS (INPUT) shows the number of invalid frames received from the secondary DNS Server.
| REQ-TOTAL | Total number of all the client's requests that arrived to DNS relay. |
| 0 - 4.294.967.295 |
It counts all the requests arrived from clients, regardless whether they are later processed or discarded.
Download Abilis Driver Download
| REQ-SUCC | Total number of client's DNS requests that were processed successfully. |
| 0 - 4.294.967.295 |
Incremented for every client's request that actually got an answer. It mean that:
- DNS relay received the client's request
- DNS relay forwarded the request
- DNS relay received the response from the DNS server
- The response is sent back to the client
| OVERFLOW | Total number of DNS requests received from clients but was not processed because the DNS relay table was overflow. |
| 0 - 4.294.967.295 |
This counter is incremented for every client's request that passed all the checks (access validation, formal checks, etc), but could not occupy a record because the table was full, and therefore it had to be discarded.
| PRI-NOMATCH | Number of responses from primary DNS for which a matching request was not found in the table. |
| 0 - 4.294.967.295 |
A record in the table for a response could not found when:
- DNS relay has not received a matching request for this response.
- A record for this response was in the table but it became out of date and was used for other request.
The precise distinction between timeout and missing record is not perfomed because it is an imprecise information: timed out records can be left or deleted depending on needs.
| SEC-NOMATCH | Number of responses from secondary DNS for which a matching request was not found in the table. |
| 0 - 4.294.967.295 |
A record in the table for a response could not found when:
- DNS relay has not received a matching request for this response.
- A record for this response was in the table but it became out of date and was used for other request.
The precise distinction between timeout and missing record is not perfomed because it is an imprecise information: timed out records can be left or deleted depending on needs.
| DROP-ACCESS | Total number of DNS requests received and discarded because not allowed. |
| 0 - 4.294.967.295 |
The counter DROP-ACCESS shows the number of DNS requests received from the clients but not processed because requester (the author of this DNS request) is not allowed. The not-allowed requester is a client whose IP address is not present in IPSRC and IPSRCLIST parameters configuration.
| REQ-BAD | Number of client's requests that was malformed or contained severe formal errors. |
| 0 - 4.294.967.295 |
Incremented for every client's request that, after having passed the 'source IP access validation', was detected as malformed, or with error in the content, or any other serious formal error.
| RSP-BAD | Number of responses that had to be discarded because they had formal errors that prevented further processing. |
| 0 - 4.294.967.295 |
This counter incremented in cases when:
- The source port of a response's UDP packet is not equal DNS (53) port.
- A matching request for this respons did not find in the table and the IP source address of a response's UDP packet is not equal IP address of primary DNS Server and not equal IP address of secondary DNS Server.
- other formal errors.
| PRI-REQ-RSP | Number of requests and responses exchanged with primary DNS. |
| 0 - 4.294.967.295 |
The counter PRI-REQ-RSP (INPUT) is incremented every time that DNS receives a response from the primary DNS Server.
The counter PRI-REQ-RSP (OUTPUT) is incremented every time that DNS sends a request to the primary DNS Server.
| SEC-REQ-RSP | Number of requests and responses exchanged with secondary DNS. |
| 0 - 4.294.967.295 |
The counter SEC-REQ-RSP (INPUT) is incremented every time that DNS receives a response from the secondary DNS server.
The counter SEC-REQ-RSP (OUTPUT) is incremented every time that DNS sends a request to the secondary DNS server.