Tut Systems SMS2000 manual Static Routable Addresses, Dhcp Pools

Page 70

IP Addressing

Figure 11-1 Plug and Play with NAT

Client A believes that it’s IP address is 38.1.43.32 and client B believes it’s IP address is 141.211.43.87. The SMS2000 will respond to each of these clients as their respective gateways, 38.1.43.1 and 141.211.43.1. By using Network Address Translation (NAT), each of these clients is actually sharing the SMS2000’s network-side address of 217.44.23.76.

This capability is called “plug and play” since the SMS2000 is automatically adjusting to the client.

In the simplest configuration without RADIUS or the OCS, if a client attempts to learn its address with DHCP, the SMS2000 can respond with an arbitrary IP address. This address can be remembered and may not be given to other clients to prevent address collisions on the subscriber Ethernet side, if the subscriber media pass broadcasts between clients. The

SMS2000 always responds to client DHCP requests.

The SMS2000 can also respond with an IP address from a configured DHCP pool. If that pool is out of IP addresses, the SMS2000 will revert to using NATed addresses.

Static Routable Addresses

It is not always desirable to treat each host on the subscriber network as a client. For example, an Ethernet switch of an Expresso MDU Lite has an SNMP management agent that must be accessed outside of the subscriber network by a static routable IP address. In this case, the SMS2000 allows an administrator to set up static configurations for given IP addresses. No address translation or authentication is performed on static addresses.

Note: Subscribers can get static IP address via RADIUS, SMS2000 rules, or OCS-based service provisioning.

Note: The Static routable addresses must be in the same subnet as the

SMS2000 or in a control-net.

For example,

sms2000% group add specials sms2000% iptype static

sms2000% set rule ip101 1 ip=192.168.0.101,255.255.255.255

DHCP Pools

With DHCP a subscriber gets the same IP address as often as possible. The DHCP archiving feature archives past IP address assignments to track previous IP address allocations between reboots of the SMS2000.

The SMS2000 allows the network provider to specify multiple-named DHCP pools that must correspond to real addresses (i.e., not NATed). The SMS2000 then applies policies to determine which clients get addresses from which pools. The OCS can load the policy information such that, for example, a subscriber paying a lower rate gets an arbitrary address that goes through NAT while a subscriber paying a higher rate gets an address

TUT Systems, Inc

Page 70 of 104

P/N 220-06288-20

Image 70
Contents TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Configuring Snmp Polling Configuring SmtpConfiguring NTP Connectivity and TestingAuthentication with Radius Authentication Configuring the Command ServerAuthentication AuthorizationGroups Using Rule PrioritiesConfiguring Radius SMS2000 RulesSMS2000 Troubleshooting Procedures Using Both Radius and OCS AuthenticationWeb Proxy Settings SMS2000 Status Attributes and StatisticsList of Tables Radius Attributes in Access-Accept PacketsList of Figures Documentation available for this Release PrefaceAudience Related DocumentationSubscriber Management Features IntroductionIntroduction Subscriber Management Components Subscriber Management ComponentsSMS2000 OCSIntroduction Getting Started User InterfaceIfconfig portnumber ipaddress /masklen Accessing Help for CommandsFor example restore config web original-confi g Style ConventionsCursor Movement Cursor Motion KeystrokesEstablishing a Connection with the SMS2000 Initial ConfigurationClick Configure Establishing a Connection Via a Serial InterfaceEstablishing a Connection Via Telnet Initial Configuration Changing Your Password Initial ConfigurationSetting the Quick Configuration Disabling Authentication Setting the HostnameSaving the Configuration Verifying the Configuration Rebooting the SystemReboot Setting the Default Configuration E-mail System AdministrationConfiguration E-Mail Settings Set config-mailrecipient@SMTPserver SMTPserverDeleting the Configuration E-mail Configuration and System File ToolsMailing the Current Configuration Committing Configuration ChangesCommit auto Automatically Committing Configuration ChangesDisabling Automatic Configuration Changes Commit noautoLoading a Configuration File Saving a ConfigurationRestoring a Previous Configuration Setting the Smtp Server Configuring SmtpRestoring the Default Configuration Deleting the Smtp ServerSetting the Timezone Configuring NTPSetting the Smtp ID Set smtpid on offSetting the Time Configuring Snmp PollingConfiguring the NTP server Enabling Snmp PollingDisabling Snmp Polling Testing to See if Snmp Polling will WorkSnmp-pollmacaddress Setting Specialized System Options Connectivity and TestingTesting Connectivity System ToolsLeftrighthelp ? Setting and Deleting Static PortsDefining Ports Port-definition mixed tut vlanEvent Tracking Disconnecting a Session on a PortSetting the Syslog Server Displaying Log MessagesDisplaying Version Information System Administration ToolsExiting the Management Session Passwd Changing a PasswordDisplaying Control Keys KeysSnmp System Contact Snmp ManagementSnmp Agent Snmp System LocationSnmp Community Snmp Trap RecipientSMS2000% snmp delete trap-recipient Troubleshooting ToolsSystem Information Tools Show snmp trap-recipientSetting the ARP Failure Limit Subscriber Connectivity CommandsUpgrades Setting the ARP Polling PeriodUpgrading from Tut Systems’ Website Archiving SMS2000 Firmware and distributing it from a ServerReturning to an Older Firmware Version Verifying a Successful UpgradeLoading Another Image System Administration Authentication AuthenticationDeleting the Command Server Configuring the Command ServerSetting the Command Server for OCS Interaction Adding the OCS as the Authentication ServerAuth add web url secret secret cmd-serv Deleting an Authentication ServerTesting Authentication Auth onAuth off forcedweb authokurl blockall Setting the Authentication IntervalBypassing Authentication Auth interval minutes offAllow-Nets Setting the Http Request ThrottleHttp Request Throttle Deleting the Http Request ThrottleSetting an Allow-Net Set allow-netipaddress netmask dns-nameDeleting an Allow-Net Setting the Automatic Redirection URLAutomatic Redirection URLs Set authok urlAdding a Radius Server Authentication with RadiusDeleting the authok Delete authokCommand Syntax DescriptionDefault retrans-primary-only is DefaultUsage Guidelines Example Set nas-port-type integer Set NAS port type parameterSet nas-port-type Show status radius Testing Authentication on the Radius ServerConfiguring a Radius SSL Back Channel Show status radius ExampleAuthorization AuthorizationAuthorization Server FunctionalityAccounting AccountingSending Accounting Messages to a Syslog Server Sending Accounting Messages to a Radius Server Radius Accounting ConfigurationConfiguring Accounting Parameters Deleting a Radius Accounting ServerProvisioning ProvisioningBilling BillingAdding a Group Service Creation Using Groups and RulesGroups Group add groupname noinherit inherit groupnameSetting Maximum Users Per Port Setting the Active Group ContextSubscribers that Cannot Support Authentication Deleting a GroupDeleting a Rule SMS2000 RulesAdding a Rule Set rule rulename groupname priority rulestringMAC Address Rule Expression ComponentsIP Address Ip=ipaddress ,netmaskVlan=vlanida-vlanidb Not OperatorTut=ipaddress-linenum*-portnum Parenthesis OperatorOr Operator Expression and expressionUsing Rule Priorities IP Addressing IP AddressingPlug and Play With NAT Static Routable Addresses Dhcp PoolsStatic Non-Routable Addresses IP MulticastingIptype default NAT static Dhcp 1to1 1to1Unique Configuring IP TypesUnderstanding 1to1 and 1to1 Unique IP Types Source-Nets Setting a Source-NetDeleting a Configured Source-Net Set source-netstartaddress endaddress subnet-maskRemoving a Dhcp Assignment Setting the DNS Server AddressCreating Dhcp Pools Dhcp-server release macaddressAdding Routes Static RoutesDeleting the DNS Server Address Set dns add ipaddressPrinting Setting up the LPR HostSet lpr hostname off queuename maxpages maxbytes Configuring Radius Using SMS2000 with a Radius ServerObtaining the Radius Server Software Adding the SMS2000 as a Client on the Radius Server Configuring Service ParametersAdding Users to the Radius Server Using Real IP Addresses Radius PortsSMS2000 NAS File SMS2000 Status Attributes and StatisticsRadius Attributes Sent in Accounting Messages Radius Attributes Sent In Access Request Packets Using Both Radius and OCS AuthenticationRadius Attributes Received in Access- Accept Packets Shape xbps/rbps Setting Traffic ShapingDeleting Traffic Shaping Shape xbps/rbps deleteSetting the PMS Server SMS2000 and Property Management Systems PMSProtocol Modes TTY ACK-NAK ENQ-ACK-NAKENQ-ACK-NAK Mode Files For Groups Customizing SMS2000 Web Authentication with RadiusLoading and Deleting Customized Web Pages Loading Web Pages or FilesPath Components Load web url defaultsImage Links Deleting Web Pages or Files Customizing Web PagesUpgrading Preserving the Web FormSize For Web Pages and External Links Web Page RedirectionViewing Customizations Active Page ComponentsReference Setting the Wpad Curl Configuring Web Proxy SettingsWeb Proxy Settings Setting the Wpad TimeoutWeb Proxy Server Delete proxy-ports port Set proxy-ports portShow proxy-ports SMS2000 Troubleshooting SMS2000 Troubleshooting ProceduresBrowser Snmp PollingMultiple frames opened Unable to do credit cardVerify OCS screens off LineAppendix a Radius Access-Accept Dictionary File Radius Attributes in Access-Accept PacketsAppendix Appendix TUT Systems, Inc 100 Internet Telephone Appendix B Technical Assistance and Customer SupportTechnical Support Equipment Return and RepairLimitations of Warranty Appendix C SMS2000 Limited WarrantyHardware Limited Warranty Exclusive RemediesAssistance Electrical Safety AdvisoryTut Systems, Inc., Customer Service Department FCC Radio Frequency Interference StatementTUT Systems, Inc 104