3Com 11.1 manual Virtual Circuit Prioritization, Summary of Encryption Strengths, Encryption Key

Page 12

New Features 13

<56 bit support packages/kits contain:

A package identifier ending in ‘E’ (example, NE)

A 3CR number containing/ending in ‘91’ (examples, 3CR856791, 3CR6452P91FLASH)

Table 3 contains a summary of the encryption strengths and the associated package ids.

Table 3 Summary of Encryption Strengths

 

 

Encryption Key

Algorithm

Package ID

Length

 

 

 

RC4

xE

40

 

xS

128

 

 

 

RC5

xE

56

 

xS

128

 

 

 

DES

xE

56

 

xS

56

 

 

 

3DES (2 key)

xS

112

 

 

 

RSVP

RSVP is a dynamic quality of service (QoS) setup protocol that enables IPv4-based real time applications to reserve resources at network nodes along the sender-to-receiver data path to meet its quality of service requirements. RSVP monitors and enforces bandwidth reservations for outbound QoS traffic on PPP and Frame Relay virtual ports. The Phase 1 RSVP message processing engine conforms to RFC 2205 and its application to Integrated Services as defined in RFC 2210. NETBuilder bridge/router-specific flow admission control, packet classification, and packet scheduling mechanisms are implemented to provide the controlled-load QoS control services as specified in RFC 2211. Both IPv4 unicast and multicast (over DVMRP/MOSPF domains) flows are supported.

New and Enhanced This section describes new and enhanced protocol features.

Protocol Features

Virtual Router Redundancy Protocol (VRRP) Phase 2

The Virtual Router Redundancy Protocol (VRRP) is designed to eliminate the single point of failure inherent in the static default routed environment. VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. This is the second phase of VRRP. This phase adds FDDI to the currently supported media (Ethernet and Fast Ethernet). Phase II (similar to the initial implementation) will not support source route for VRRP advertisements (that is, the VRRP routers that belong to the same VRID cannot be separated by source route bridges.)

Virtual Circuit Prioritization

Frame Relay Virtual Circuit Prioritization extends the current queue handling capabilities of PPP ports to Frame Relay virtual circuits. The FR virtual circuit can be either a FR virtual port or a virtual circuit associated only with the parent port. All

Page 11 Page 13
Image 12
Page 11 Page 13
Contents NETBuilder Family Software Version 11.1 Release Notes 3Com Corporation Bayfront PlazaSanta Clara, California 95052-8145Contents Web Link Documentation Path Zmodem Time Out Known Problems Bcmfdinteg File Conversion ConsiderationsCPU Utilization Statistic Deleting ATM Neighbors Web Link Login Support NAT Proxy ARP RouteDiscovery Sdhlc Half-Duplex ModeDisplaying Configuration Profiles Dynamic Paths Limitations Accm Not ConfigurableAuthentication Header AH CONFigurationConfiguring IPsec How IPsec Works PoliciesStatPollInterval Netbuilder Software Version Release Notes EncryptionPackages Contact 3Com or your network supplierNew Products Supported PC Flash Memory CardsLists 3Comapproved vendors of the PC flash memory card Approved 20 MB Flash Memory CardsNew Features VPN Features Layer Two Tunneling ProtocolApproved Dram SIMMsExtensible Authentication Protocol Additional RAS EnhancementsDhcp Proxy Encryption StrengthVirtual Circuit Prioritization Summary of Encryption StrengthsEncryption Key Algorithm Package ID LengthIP Version 6 Phase Firewall EnhancementsBGP-4 Enhancements Ospf Not-So-Stubby-Area Nssa Frame Relay PVC Q.933 SupportData Over Voice B-Channel Isdn Specification Boundary Router Remote LAN DetectionFeatures Ascii Boot Token Ring in Fast Ethernet Tife56/64K CSU/DSU External Loopback NETBuilder Web Link ImprovementsUpgrade Management Utilities and NETBuilder Upgrade Link Application NotesFlash Load Placing a Data OverExample Toggle the respective paths. TypeNew Features Application Notes NETBuilder II Software Features SoftwareVersion 11.1 for the NETBuilder bridge/router platforms Other Features NETBuilder II Firmware RequirementsNETBuilder II Firmware Requirements IBM ProtocolsSuperStack II NETBuilder SI Software Features 438 458SuperStack II NETBuilder Ethernet and Token Ring Features Models Features Token RingMemory Requirements OfficeConnect NETBuilder Software Features Models Features Token Ring WAN ProtocolsModel and Software Package 112 132 111 145 131112 131 120 132 Additional OfficeConnect NETBuilder Models Software Features 117 137 116136 Memory Requirements Utilities for the Solaris 2.5 platforms Ruuhp111.1Utilities for the HP-UX 10.x platforms Ruuaix111.1NETBuilder Upgrade Management Utilities Known Issues Etc/passwd. You must add an entry can be ignoredPROfile Service Bridge Static RoutesDLSw SVCsDialog boxes will be fully visible without scrolling Token Ring a non-source routed framePorts in DCE Mode Supported Asynchronous ModemsSupported Synchronous Modem ModemsHistory, the PPP link does not come up IBM-Related Feature Settings for Token Ring Ports Token Ring Frame Copy Errors Frame Copy Errors under LAN Net Manager3Com Bridge/Routers and Supported Features Known Problems Interrupt the boot cycle and enter monitor mode This systemValue SHow !profileID -PROFILE CONFiguration Notation Known Problems ADD !v1 -PPP ARU user, password Limitations Processor/Frame Relay Relay port is Access for LLC2 Traffic Number of TCP ConnectionsFront-End IBM Boundary RoutingSpeed Multilink PPPPort running PPP Snmp ManagementService Point Source-Route Sdlc Adjacent LinkStations for Appn Source RouteUsing Netbuilder Family Software Update PagesConfiguring Ipsec Procedures in this section describe how to configure IPsecConfiguring IPsec Replace with this chapterCreating an Encryption Policy On bridge/router, 2 enterCreating a Security Policy On bridge/router 2, enterFor example, to create a new encryption key set, enter Manual key information, useTo disable Ipsec on port 1, enter Confidentiality and data integrityEnable Layer 2 Tunnelling by entering Assign an IP address to the tunnel virtual port by enteringCreate a route between the two tunnel endpoints by entering Configure an Ipsec policy/security association by enteringEnable Layer 2 Tunnelling Pptp by entering How IPsec WorksCreate a route between two tunnel endpoints by entering Intercepted and viewedHow IPsec Works Configuring Ipsec Reference for Netbuilder Family Ipsec Service Parameters CONFigurationIpsec Service Parameters and Commands CONTrolKeySet ManualKeyInfo ManualPOLicyIs assigned dynamically using Ipcp or Dhcp Policyname Name you assign to the policy you are addingBe all or ALL Srcipaddr/maskEncrypt phases, and the second 8 bytes for the decrypt Phase of the encrypt-decrypt-encryptSpecifies Cipher Block Chaining mode of the Data 239.255.255.254Ipsec Service Parameters Rsvp Service Parameters MaxFlowRate REQuestRESerVation UDPEndcapSR Service Parameters AllRoutesPlace this page in front of Chapter ROUte ROUte SR Service Parameters SYS Service Parameters SYS Service Parameters Weblink Service Parameters StatPollIntervalWeblink Service Parameters
Top Page Image Contents