Networking-Blog

My WordPress Blog

UBM/XRIO CONFIGURATION PUBLIC ADDRESS ASSIGNED /30

UBM/XRIO CGI CONFIGURATION PUBLIC ADDRESS ASSIGNED /30 and
re-route internet traffic on VBOND to another link.

To configure do the following…

configure
edit adsl-port ADSL1
protocol pppoa
encapsulation vcmux
bisAcapability disable
profile BT
detect-noise enable
vpi 0
vci 38
exit
edit adsl-port ADSL2
protocol pppoa
encapsulation vcmux
bisAcapability disable
profile BT
detect-noise enable
vpi 0
vci 38
exit
edit adsl-port ADSL3
protocol pppoa
encapsulation vcmux
bisAcapability disable
profile BT
detect-noise enable
vpi 0
vci 38
exit
edit adsl-port ADSL4
protocol pppoa
encapsulation vcmux
bisAcapability disable
profile BT
detect-noise enable
vpi 0
vci 38
exit

commit
y

add link adsl1
type adsl
port ADSL1
healthcheck-address 80.74.16.173
username test1@maxbond.co.uk
password sbhy0evx
download 8000
upload 1000
exit

add link adsl2
type adsl
port ADSL2
healthcheck-address 80.74.16.173
username test2@maxbond.co.uk
password sbhy0evx
download 8000
upload 1000
exit

add link adsl3
type adsl
port ADSL3
healthcheck-address 80.74.16.173
username test3@maxbond.co.uk
password sbhy0evx
download 8000
upload 1000
exit

add link adsl4
type adsl
port ADSL4
healthcheck-address 80.74.16.173
username test4@maxbond.co.uk
password sbhy0evx
download 8000
upload 1000
exit

commit
y

add lan-interface lan1
port Port1
address 85.234.93.1/30
exit

add tunnel cgimaxbond1
type gre
endpoint-remote 80.74.16.197
endpoint-local adsl1Endpoint
virtual-remote 10.7.1.1
virtual-local 10.7.1.2
download 8000
upload 1000
exit
add tunnel cgimaxbond2
type gre
endpoint-remote 80.74.16.197
endpoint-local adsl2Endpoint
virtual-remote 10.8.1.1
virtual-local 10.8.1.2
download 8000
upload 1000
exit
add tunnel cgimaxbond3
type gre
endpoint-remote 80.74.16.197
endpoint-local adsl3Endpoint
virtual-remote 10.9.1.1
virtual-local 10.9.1.2
download 8000
upload 1000
exit
add tunnel cgimaxbond4
type gre
endpoint-remote 80.74.16.197
endpoint-local adsl4Endpoint
virtual-remote 10.10.1.1
virtual-local 10.10.1.2
download 8000
upload 1000
exit

commit
y

add team team1-adsl
algorithm static_bonding
add member tunnel cgimaxbond1
exit
add member tunnel cgimaxbond2
exit
add member tunnel cgimaxbond3
exit
add member tunnel cgimaxbond4
exit
exit

commit
y

edit system service snmp
public-community roca
exit
enable system service snmp
exit
edit system parameters
timeserver-primary 80.74.16.30
timeserver-secondary 80.74.16.31
system-name cgi
tcp-mss-clamp-mode manual
tcp-mss-clamp-value 1400
exit

commit
y

add policy policy1
source lan1Subnet
destination any
team team1-adsl
exit

edit user admin
password admin
exit

commit
y

config save

VBOND Configuration :

add tunnel cgimaxbond1
type gre
endpoint-remote 85.234.80.199
endpoint-local coreEndpoint
virtual-remote 10.7.1.2
virtual-local 10.7.1.1
download 8000
upload 1000
exit

commit
y

add tunnel cgimaxbond2
type gre
endpoint-remote 85.234.80.200
endpoint-local coreEndpoint
virtual-remote 10.8.1.2
virtual-local 10.8.1.1
download 8000
upload 1000
exit

add tunnel cgimaxbond3
type gre
endpoint-remote 85.234.80.201
endpoint-local coreEndpoint
virtual-remote 10.9.1.2
virtual-local 10.9.1.1
download 8000
upload 1000
exit

add tunnel cgimaxbond4
type gre
endpoint-remote 85.234.80.202
endpoint-local coreEndpoint
virtual-remote 10.10.1.2
virtual-local 10.10.1.1
download 8000
upload 1000
exit

commit
y

add team cgi-adsl
algorithm static_bonding
add member tunnel cgimaxbond1
exit
add member tunnel cgimaxbond2
exit
add member tunnel cgimaxbond3
exit
add member tunnel cgimaxbond4
exit

commit
y

add address-alias cgilan
type destination
address 85.234.93.1/30
exit

commit
y

add policy cgipol
destination cgilan
team cgi-adsl
exit

commit
y

Create Policy instead of adding Route :

add address-alias routecgi
type “source_or_destination”
address 85.234.93.0/30
exit

Inbound Traffic :

add policy routecgipol
destination routecgi
link maxbondnet
exit

Outbound Traffic :

add policy routecgipol1
source routecgi
destination any
link maxbondnet
exit

config save

XRIO ADD ROUTING VIA POLICY & ADDRESS-ALIAS

CGI Create Policy instead of adding Route :

add address-alias routecgi
type “source_or_destination”
address 85.234.93.0/30
exit

Inbound Traffic :

add policy routecgipol
destination routecgi
link maxbondnet
exit

Outbound Traffic :

add policy routecgipol1
source routecgi
destination any
link maxbondnet
exit

Cisco 881 + XRIO UBM

881 Router Config :

interface FastEthernet4
ip address (PUBLIC_LAN_IP_ADDRESS)
!
!
interface Vlan1
Description LAN
ip address 192.168.1.1 255.255.255.0
!
bridge 1 protocol ieee
bridge 1 route ip

 

UBM :

configure
edit mobile-port Mobile1
apn 3gnet
exit
edit mobile-port Mobile2
apn 3gnet
exit
commit
y

add healthcheck-profile 3G
recovery-time 10000
retry-attempts 10
timeout 10000
exit

add link mobile1
type mobile
port Mobile1
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G
exit

add link mobile2
type mobile
port Mobile2
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G

add lan-interface lan1
port Port1
address <<LAN_IP_ADDRESS>><<NOTATION>> ( Cisco 881 Point-to-Point-FA4)
exit
commit
y

edit system parameters
system-name <<SITE_NAME>>
tcp-mss-clamp-mode manual

tcp-mss-clamp-value 1400
timeserver-primary 80.74.16.30
timeserver-secondary 80.74.16.31
exit

remove access-rule AllowSSH
remove access-rule AllowHTTPS
remove access-rule AllowSNMP
commit
y

edit user admin
password globalwave
exit
commit
y

config save

add address-alias SSH
type source
address 85.234.86.74/32
exit

add access-rule SSH
source SSH
exit

add tunnel site_name-3g1
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile1Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit

add tunnel site_name-3g2
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile2Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit
y

add team team1-3g
algorithm distribute
add member tunnesite_name-3g1
exit
add member tunnel site_name-3g2
exit
exit

add policy policy1
source lan1Subnet
destination any
team team1-3g
exit

commit
y

config save

 

VBOND :

 

add tunnel site_name-3g1
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit

add tunnel site_name-3g2
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit
y

add team site_name-3g
algorithm distribute
add member tunnel site_name-3g1
exit
add member tunnel site_name-3g2
exit
exit
commit
y

add address-alias site_name-lan
type destination
address <<LAN_IP_ADDRESS>><<NOTATION>>
exit
commit
y

add policy site_namepol
destination site_name-lan
team site_name-3g
exit

commit
y

config save

Cisco 881w – Access-Point + XRIO UBM

881 Router Config :

interface FastEthernet4
ip address (PUBLIC_LAN_IP_ADDRESS)
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Vlan1
Description LAN
ip address 192.168.1.1 255.255.255.0
!
bridge 1 protocol ieee
bridge 1 route ip

 

881w Integrated AP : Access-Point :

dot11 mbssid
dot11 syslog
!
dot11 ssid CommsWireless
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 050A130C351D1E074A560547
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
encryption mode ciphers tkip
!
broadcast-key vlan 1 change 30
!
!
ssid CommsWireless
!
antenna gain 0
speed  basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6.
m7. m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
!

Note :

Under interface Dot11Radio0 

These can be removed :

encryption vlan 1 mode ciphers tkip
encryption mode ciphers tkip

Replaced with :

encryption vlan 1 mode ciphers aes-ccm tkip

 

interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
description LAN
ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
!
bridge 1 protocol ieee
bridge 1 route ip

 

UBM :

configure
edit mobile-port Mobile1
apn 3gnet
exit
edit mobile-port Mobile2
apn 3gnet
exit
commit
y

add healthcheck-profile 3G
recovery-time 10000
retry-attempts 10
timeout 10000
exit

add link mobile1
type mobile
port Mobile1
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G
exit

add link mobile2
type mobile
port Mobile2
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G

add lan-interface lan1
port Port1
address <<LAN_IP_ADDRESS>><<NOTATION>>( Cisco 881 Point-to-Point-FA4)
exit
commit
y

edit system parameters
system-name <<SITE_NAME>>
tcp-mss-clamp-mode manual
tcp-mss-clamp-value 1400
timeserver-primary 80.74.16.30
timeserver-secondary 80.74.16.31
exit

remove access-rule AllowSSH
remove access-rule AllowHTTPS
remove access-rule AllowSNMP
commit
y

edit user admin
password globalwave
exit
commit
y

config save

add address-alias SSH
type source
address 85.234.86.74/32
exit

add access-rule SSH
source SSH
exit

add tunnel site_name-3g1
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile1Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit

add tunnel site_name-3g2
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile2Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit

add team team1-3g
algorithm distribute
add member tunnel site_name-3g1
exit
add member tunnel site_name-3g2
exit
exit

add policy policy1
source lan1Subnet
destination any
team team1-3g
exit

commit
y

config save

 

VBOND :

 

add tunnel site_name-3g1
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit

add tunnel site_name-3g2
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit
y

add team site_name-3g
algorithm distribute
add member tunnel site_name-3g1
exit
add member tunnel site_name-3g2
exit
exit
commit
y

add address-alias site_name-lan
type destination
address <<LAN_IP_ADDRESS>><<NOTATION>>
exit
commit
y

add policy site_namepol
destination site_name-lan
team site_name-3g
exit

commit
y

config save

XRIO – UBM DSL DIAGNOSTICS

debug
adsl status
adsl down 1
adsl up 1
adsl resync 1

diagnose performance team wit1640-adsl

Please select which type of test you would like to run
1) Test Tunnel Speed Individually
2) Test Tunnel Speed Concurrently
3) Test Bonding Speed

measure team team1-adslmeasure path 80.74.16.173

 

GRE Enhancements

The GRE protocol has several noteworthy enhancements. These are from Request for Comments
(RFC) 2637. 
An Acknowledgment Number field. This is used to determine whether a particular
GRE packet or set of packets
has arrived at the remote end of the tunnel. This acknowledgment capability
is not used in conjunction with any
retransmission of user data packets. It is used instead to determine the
rate at which user data packets are to be
transmitted over the tunnel for a given user session.

Tunneling portability
The payload section contains a PPP data packet without any media-specific framing elements.

Sequence number tracking
The sequence numbers involved are per-packet sequence numbers. The sequence number for
each user
session is set to zero at session startup. Each packet sent for a given user session that
contains a payload
(and has the S bit, or Bit 3, set to one) is assigned the next consecutive sequence
number for that session.
Use of piggyback Acks. This protocol allows acknowledgments to
be carried with the data and makes the
overall protocol more efficient, which in turn requires less
buffering of packets.

Enhanced Tweaks :

edit system parameters
reorder-window-size = 10
tcp-tunnel-port = 8000
!

!
edit tunnel wit1640maxbond1
sequencing enable

XRIO 3G VBOND

3G TUNNELS

add tunnel siteref-3g1
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote 10.X.1.1 – this value should match virtual-local value set on UBM tunnel
virtual-local 10.X.1.2 – this value should match virtual-remote value set on UBM tunnel
download 1000
upload 1000
compress disable
encrypt disable
encrypt-key ABC123
exit
commit

Repeat process for additional tunnel using siteref-3g2 as the second tunnel name

3G TEAM

add team siteref-3g
algorithm distribute
add member tunnel siteref-3g1
exit
add member tunnel siteref-3g2
exit
exit
commit
yes

ADSL TUNNELS

add tunnel siterefmaxbond1
type gre
endpoint-remote <IP OF ADSL CONNECTION>
endpoint-local coreEndpoint
virtual-remote 10.X.1.1 – this value should match virtual-local value set on UBM tunnel
virtual-local 10.X.1.2 – this value should match virtual-remote value set on UBM tunnel
download 8000
upload 1000
exit
commit

Repeat process for additional tunnels

ADSL TEAM

add team siteref-adsl
algorithm static_bonding
add member tunnel siterefmaxbond1
exit
add member tunnel siterefmaxbond2
exit
backup_team siteref-3g
exit
commit
yes

ADDRESS

  1. add address sitereflan
  2. type destination
  3. address 10.2.X.0/24
  4. exit
  5. commit
  6. yes

POLICY

  1. add policy siterefpol
  2. destination sitereflan
  3. team siteref-adsl
  4. exit
  5. commit
  6. yes

exit

config save

Checking Configuration

Configuration can be checked by running the following show commands…

  • Show tunnels
  • Show teams
  • Show link
  • Show policy
  • Show address

You should also be able to ping the LAN IP of the UBM from the Wates Xrio server.
Check that you get full DHCP from the UBM using the Support laptop.

XRIO 3G SETUP

SSH to the Management Server on 80.74.17.43

Username: root
Password: xr10p455w0rd

Linux vm DHCP Server :

SSH to the relevant IP, typically 172.31.3. Login with the following details :

Username: admin
Password: password

Firmware Upgrade :

You now need upgrade the firmware to the latest version.

  1. Type firmware update http://172.31.3.254/2.2/rc3/XrioUBM_2.2.110727.163001.bin
  2. If external usefirmware update http://80.74.17.43/2.2/rc3/XrioUBM_2.2.110727.163001.bin
  3. Once updated run – “firmware patch get http://172.31.3.254/2.2/rc3/ReplacementFiles.zip
  4. Once updated type Hard ‘reboot’ Device. “Unplug Power Cord”…

!

ENSURE THAT THE UBM HAS THE REQUIRED LINKS LICENCES TO SUPPORT
BOTH 3G and ADSL.

Requesting a License

We now have access to a licensing portal…see Matt for details.

Once the license is ready run…

license activate http://portal.xrio.com/licenses/

!

REQUIRED FOR 3G UNITS ONLY ——–

After reboot the device should have detected the mobile ports, you can check this as per below.

  1. show mobile-port (This should show two ports connected)

You can now start configuring the unit as normal…

MOBILES

The mobile ports need their APN setting depending on which mobile operator is being used…

Operator APN Username Password
Vodafone Internet web web
O2 mobile.o2.co.uk web web
T-Mobile general.t-mobile.uk web web
3 3gnet web Web

To configure do the following…

configure
edit mobile-port Mobile1
apn (enter the value from above)
exit
edit mobile-port Mobile2
apn (enter the value from above)
exit
commit
yes

MOBILE LINKS

add link mobile1 (make sure lower case)
type mobile
port Mobile1
username web
password web
healthcheck 8.8.8.8
download 1000
upload 1000
exit
add link mobile2
type mobile
port Mobile2
username web
password web
healthcheck 8.8.8.8
download 1000
upload 1000

3G TUNNELS

add tunnel siteref-3g1
type tcp
endpoint-remote <IP OF VBOND>
endpoint-local mobile1Endpoint
virtual-remote 10.X.1.1 – this value is determined by the next available IP on the VBond
virtual-local 10.X.1.2 – As above but using .2 as 4th octet instead
download 1000
upload 1000
compress disable
encrypt disable
encrypt-key ABC123
exit
commit
yes

Repeat process for additional tunnel using siteref-3g2 as the second tunnel name and
incrementing the X value in the virtual tunnel by one
.

ADSL PORTS

edit adsl-port ADSL1
encapsulation vcmux
protocol pppoa
vci 38
vpi 0
exit
edit adsl-port ADSL2
encapsulation vcmux
protocol pppoa
vci 38
vpi 0
exit
commit
yes

ADSL LINKS

add link adsl1
type adsl
port adsl-port1
healthcheck 80.74.16.173
username RADIUSUsername1@maxbond.co.uk
password password
download 8000
upload 1000
exit
add link adsl2
type adsl
port adsl-port2
healthcheck 80.74.16.173
username RADIUSUsername2@maxbond.co.uk
password password
download 8000
upload 1000
commit
yes

Repeat for further 2 links if an N4

ADSL TUNNELS

add tunnel siterefmaxbond1
type gre
endpoint-remote <IP OF VBOND>
endpoint-local adsl1Endpoint
virtual-remote 10.X.1.1 – this
value is determined by the next available IP on the VBond
virtual-local 10.X.1.2 – As above but using .2 as 4th octet instead
download 8000
upload 1000
exit
commit

Repeat process for additional tunnels

LAN

add lan-interface lan1
address 10.2.X.254/24
port Port1
exit
commit
yes

DHCP

edit system service dhcp
start address 10.2.X.50
end address 10.2.X.150

dns-primary 172.18.192.10
dns-secondary 172.16.0.11
wins-primary 172.18.192.10
wins-secondary 172.16.0.11

gateway 10.2.X.254
domain-name wates.co.uk
lease-time 43200
lan lan1
subnet 10.2.x.0/24

exit
commit
yes
enable system service dhcp

TEAM

3G Team

add team team1-3g
algorithm distribute
add member tunnel
siteref-3g1
exit
add member tunnel
siteref-3g2
exit
exit
commit

ADSL Team

add team team1-adsl
algorithm static_bonding
backup-team team1-3g

add member tunnel siterefmaxbond1
exit
add member tunnel
siterefmaxbond2
exit
exit
commit

POLICY

add policy policy1
source lan1Subnet
destination any
team
team1-adsl
exit
commit
yes

SNMP

edit system service snmp
public-community roca
exit
commit
enable system service snmp
commit

ADDRESS-ALIASES

add address-alias WWHQ
type source
address 80.74.17.9/32
exit
add address-alias WWHQDSL
type source
address 81.149.30.66/32
exit
add address-alias WWMGMT
type source
address 80.74.16.8/29
exit
add address-alias WWXRIOXE
type source
address 80.74.16.203/32
exit
add address-alias XRIODC
type source
address 84.21.143.0/24
exit
add address-alias XRIOOFFICE
type source
address 95.177.98.192/28
exit
add address-alias WatesMPLS
type source
address 172.16.0.0/11
exit
commit

ACCESS RULES

add access-rule WWHQ
source WWHQ
exit
add access-rule WWHQDSL
source WWHQDSL
exit
add access-rule WWMGMT
source WWMGMT
exit
add access-rule WWXRIOXE
source WWXRIOXE
exit
add access-rule XRIODC
source XRIODC
exit
add access-rule XRIOOFFICE
source XRIOOFFICE
exit
add access-rule WatesSNMP
source WatesMPLS
exit

remove access-rule AllowSSH
remove access-rule AllowHTTPS
remove access-rule AllowSNMP
commit
yes

config save

XRIO VBOND CONFIG REMOVAL

3G

Show details :

show tunnel wit1716-3g1
show tunnel wit1716-3g1
!
show team wit1716-3g
!
show policy name wit1716pol
!
show address-alias name wit1716lan
!

Remove GRE tunnel from VBOND :

configure
remove team name wit1716-3g
remove tunnel name wit1716-3g1
remove tunnel name wit1716-3g2
remove policy name wit1716pol
remove address-alias name wit1716lan

Save Configuration :

commit
config save

******************************************

ADSL

Show details :

show tunnel wit1716maxbond1
show tunnel wit1716maxbond2

!
show team wit1716-adsl
!
show policy name wit1716pol

!
show address-alias name wit1716lan
!

Remove GRE tunnel from VBOND :

configure
remove team name wit1716-adsl
remove tunnel name wit1716maxbond1
remove tunnel name wit1716maxbond2
remove policy name wit1716pol
remove address-alias name wit1716lan

Save Configuration :

commit
config save

XRIO VBond Device

WARNING THIS IS THE CORE DEVICE THAT TERMINATES ALL  REMOTE UBM’S
DOGS TRUST MAXBOND – BE CAREFUL!

ADSL TUNNELS

add tunnel DTxmaxbond1
type gre
endpoint-remote <IP OF ADSL CONNECTION-Remote_UBM>
endpoint-local coreEndpoint
virtual-remote 10.X.1.2 – this value should match virtual-local value set on UBM tunnel
virtual-local 10.X.1.1 – this value should match virtual-remote value set on UBM tunnel
Download 8000
Upload 1000
exit

commit

add tunnel DTxmaxbond2
type gre
endpoint-remote <IP OF ADSL CONNECTION-Remote_UBM>
endpoint-local coreEndpoint
virtual-remote 10.X.1.2 – this value should match virtual-local value set on UBM tunnel
virtual-local 10.X.1.1 – this value should match virtual-remote value set on UBM tunnel
Download 8000
Upload 1000
exit

commit

Repeat process for additional tunnels

ADSL TEAM

add team DTx-adsl
algorithm static_bonding
add member tunnel DTxmaxbond1
exit
add member tunnel DTxmaxbond2
exit
exit

commit
y

ADDRESS

  1. 1. add address DTxlan
  2. type destination
  3. address 192.0.X.0/24
  4. exit
  5. commit
  6. yes

POLICY

  1. 1. add policy DTxpol
  2. 2. destination DTxlan
  3. 3. team DTx-adsl
  4. exit
  5. commit
  6. yes

exit

config save

Checking Configuration

Configuration can be checked by running the following show commands…

  • Show tunnels
  • Show teams
  • Show link
  • Show policy
  • Show address

XRIO N2 XDSL SETUP

SSH to the Management Server on 80.74.17.43

Username: root
Password: xr10p455w0rd

Linux vm DHCP Server :

SSH to the relevant IP, typically 172.31.3. Login with the following details :

Username: admin
Password: password

Firmware Upgrade :

You now need upgrade the firmware to the latest version.

  1. Type “firmware update http://172.31.3.254/2.2/rc3/XrioUBM_2.2.110727.163001.bin
  2. If external use “firmware update http://80.74.17.43/2.2/rc3/XrioUBM_2.2.110727.163001.bin
  3. Once updated run – “firmware patch get http://172.31.3.254/2.2/rc3/ReplacementFiles.zip
  4. Once updated type Hard ‘reboot’ Device. “Unplug Power Cord”…

!
!

ADSL PORTS :

configure
edit adsl-port ADSL1
encapsulation vcmux
protocol pppoa
vci 38
vpi 0
exit
edit adsl-port ADSL2
encapsulation vcmux
protocol pppoa
vci 38
vpi 0
exit

commit
y

ADSL LINKS : N2/N4

add link adsl1
type adsl
port ADSL1
healthcheck-address 80.74.16.173

username dogstrust13maxbond1@maxbond.co.uk
password hcx5q3gr
download 8000
upload 1000
exit


add link adsl2
type adsl
port
ADSL2
healthcheck-address 80.74.16.173
username
dogstrust13maxbond2@maxbond.co.uk
password 2kgab7re
download 8000
upload 1000
exit

commit
y

!
!

ADSL TUNNELS

add tunnel DT13maxbond1
type gre
endpoint-remote 85.234.64.58
endpoint-local adsl1Endpoint
virtual-remote 10.3.1.1
virtual-local 10.3.1.2
download 8000
upload 1000
exit
commit
y

add tunnel DT13maxbond2
type gre
endpoint-remote 85.234.64.58
endpoint-local adsl2Endpoint
virtual-remote 10.4.1.1
virtual-local 10.4.1.2
download 8000
upload 1000
exit
commit
y

!

Repeat process for additional tunnels

LAN

add lan-interface lan1
address 192.0.X.1/24 (NOT 192.168.x.1)
port Port1
exit
commit
y

!

ADSL Team

add team team1-adsl
algorithm static_bonding
add member tunnel DTxmaxbond1
exit
add member tunnel DTxmaxbond2
exit
exit

commit

POLICY

add policy policy1
source lan1Subnet
destination any
team team1-adsl
exit

Commit
y

SNMP

edit system service snmp
public-community roca
exit

commit
enable system service snmp
commit

ADDRESS-ALIASES

add address-alias WWHQ
type source
address 80.74.17.9/32
exit


add address-alias WWHQDSL
type source
address 81.149.30.66/32
exit

add address-alias WWMGMT
type source
address 80.74.16.8/29
exit

add address-alias WWXRIOXE
type source
address 80.74.16.203/32
exit

add address-alias XRIODC
type source
address 84.21.143.0/24
exit

add address-alias XRIOOFFICE
type source
address 95.177.98.192/28
exit

commit

ACCESS RULES

add access-rule WWHQ
source WWHQ
exit

add access-rule WWHQDSL
source WWHQDSL
exit

add access-rule WWMGMT
source WWMGMT
exit

add access-rule WWXRIOXE
source WWXRIOXE
exit

add access-rule XRIODC
source XRIODC
exit

add access-rule XRIOOFFICE
source XRIOOFFICE
exit

remove access-rule AllowSSH
remove access-rule AllowHTTPS
remove access-rule AllowSNMP

commit
y

config save