ZyXEL Communications 792H manual Traffic Shaping

Page 83

Prestige 792H G.SHDSL Router

5.4Traffic Shaping

Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average rate and fluctuations of data transmission over an ATM network. This agreement helps eliminate congestion, which is important for transmission of real time data such as audio and video connections.

Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter may be lower (but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits), so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells/sec. This rate is not guaranteed because it is dependent on the line speed.

Sustained Cell Rate (SCR) is the mean cell rate of each bursty traffic source. It specifies the maximum average rate at which cells can be sent over the virtual connection. SCR may not be greater than the PCR.

Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again.

If the PCR, SCR or MBS is set to the default of “0”, the system will assign a

maximum value that correlates to your upstream line rate.

The following figure illustrates the relationship between PCR, SCR and MBS.

WAN

5-3

Image 83

Contents Prestige 792H Page Trademarks DisclaimerPage Certifications Page Information for Canadian Users Page Safety Warnings ZyXEL Limited WarrantyPage Customer Support Page Table of Contents WAN Setup LAN SetupDynamic DNS Setup Creating Custom Rules 10-1 Firewall ConfigurationCustomized Services 11-1 Content Filtering 12-115-1 14-1Dial Backup 21-1 Maintenance 17-1General Setup 19-1 WAN Setup 20-425-1 22-123-1 24-1Firmware and Configuration File Maintenance 31-1 Filter Configuration 28-1Snmp Configuration 29-1 System Maintenance 30-1Remote Management 35-1 System Maintenance and Information 32-1IP Policy Routing 33-1 Call Scheduling 34-1Internal Sptgen 38-1 VPN/IPSec Setup 36-1Troubleshooting 39-1 SA Monitor 37-1List of Figures Xviii List of Figures List of Figures Xix Diagnostic General 17-8 List of Figures Xxi Xxii List of Figures List of Figures Xxiii Xxiv List of Figures List of Figures Xxv Page List of Tables List of Tables Xxvii Xxviii List of Tables 28-15 Xxx List of Tables Page Syntax Conventions Related DocumentationXxxii Preface Introduction to G.SHDSL Introduction to DSLPart Page Scalability Features of the PrestigeSymmetrical High Speed Internet Access Getting to Know Your G.SHDSL RouterSnmp Simple Network Management Protocol versions 1 IPSec VPN CapabilityFirewall Traffic Redirect10/100MB Auto-negotiation Ethernet/Fast Ethernet Interface SUA for Single-IP Address Internet AccessIP Alias IP Policy RoutingFull Network Management Upgrade Firmware via LANEase of Installation Universal Plug and Play UPnPLAN-to-LAN Application Internet AccessApplication Scenarios for the Prestige Accessing the Prestige Web Configurator Introducing the Web ConfiguratorWeb Configurator Overview Password Screen Navigating the Prestige Web ConfiguratorConfiguring Password Label Description Resetting the PrestigeUploading a Configuration File Via Console Port Using The Reset ButtonPage Service Type Wizard SetupWizard Setup Introduction WAN SetupPPP over Ethernet Standard ModeEncapsulation Transfer RatesVC-based Multiplexing MultiplexingPPPoA 4 RFCVPI and VCI Wizard Setup Configuration First ScreenRate and the same Transfer Min Rate Server see Service TypeVCI IP Address and Subnet MaskPPPoE VPIIP Assignment with PPPoA or PPPoE Encapsulation IP Address AssignmentPrivate IP Addresses IP Assignment with RFC 1483 EncapsulationIP Assignment with Enet Encap Encapsulation 10 NAT Wizard Setup Configuration ISP ParametersNailed-Up Connection PPP Internet Connection with PPPoA Internet Internet Connection with RFC 11.2 RFCEnet Encap Internet Connection with Enet EncapInternet Connection with PPPoE PPPoEDhcp Setup IP Pool Setup Wizard Setup Configuration LAN ConfigurationWizard LAN Configuration Wizard Screen LAN COnfigurationWizard Setup Configuration Connection Tests Wizard Screen Connection Tests Test Your Internet ConnectionPage LANs, WANs and the Prestige LAN SetupLAN Overview DNS Server AddressLAN TCP/IP DNS Server Address AssignmentMulticast Factory LAN DefaultsRIP Setup IP Address and Subnet MaskLAN Configuring LANTCP/IP LAN Metric WAN SetupWAN Overview PPPoE Encapsulation Traffic Shaping Example of Traffic Shaping Configuring WAN SetupWAN Setup ATM traffic. Enter the VCI assigned to you Subnet as the remote node For remote node setup, enter the IP address in the sameEncap in the Encapsulation field Traffic RedirectTraffic Redirect LAN Setup Configuring WAN BackupWAN Backup Cost 38400 , 57600 , 115200 or 230400 bps Outgoing Authentication ProtocolWAN , Traffic Redirect , Dial Backup Configuring Advanced WAN Backup Advanced WAN Backup 57600 , 115200 or 230400 bps Choose Both, In Only or Out Only Choose RIP-1,RIP-2B or RIP-2MConnection settings AT Command StringsResponse Strings DTR SignalConfiguring Advanced Modem Setup Advanced Modem Setup Nmbr ClidPart Page What NAT Does Network Address Translation NATNAT Overview NAT DefinitionsNAT Application How NAT WorksNAT Application With IP Alias NAT Mapping TypesType IP Mapping SMT Abbreviation SUA Single User Account Versus NATMapping types NAT Mapping TypesSUA Server Port Forwarding Services and Port NumbersEcho Configuring Servers Behind SUA ExampleServices and Port Numbers Services Port NumberMultiple Servers Behind NAT Example Selecting the NAT ModeConfiguring SUA Server Edit SUA/NAT Server Set Configuring Address Mapping Many-to-One and Server mapping types Address Mapping RulesAddress Mapping Rule Edit Editing an Address Mapping RuleAddress Mapping Rules screen Page Dyndns Wildcard Dynamic DNS SetupConfiguring Dynamic DNS Dynamic DNSDdns Firewall and Content Filter Page Packet Filtering Firewalls FirewallsFirewall Overview Types of FirewallsStateful Inspection Firewalls Introduction to ZyXEL’s FirewallBasics Denial of ServiceCommon IP Ports Types of DoS AttacksThree-Way Handshake Icmp Commands That Trigger Alerts Message Request Positive Negative Retarget Keepalive Legal NetBIOS CommandsLegal Smtp Commands Stateful InspectionStateful Inspection Stateful Inspection ProcessStateful Inspection and the Prestige 4 UDP/ICMP Security TCP SecuritySecurity In General Guidelines for Enhancing Security with Your FirewallUpper Layer Protocols Packet Filtering Packet Filtering Vs FirewallFirewall When To Use FilteringPrestige 792H G.SHDSL Router Enabling the Firewall Firewall ConfigurationRemote Management and the Firewall E-mail Configuring E-mail AlertsAttack Alert Daily Weekly Hourly When Log is Full NoneHalf-Open Sessions AlertsThreshold Values TCP Maximum Incomplete and Blocking Time Following table describes the labels in this screen Alert256 Page Rules Overview Rule ChecklistStudy these points carefully before configuring rules Creating Custom RulesBlock means the firewall silently discards the packet Key Fields For Configuring RulesSecurity Ramifications LAN to WAN Rules Connection DirectionWAN to LAN Rules LogsLabel Description Example Firewall LogsBlock, Forward or None Rule SummaryFirewall Rules Summary First Screen Predefined Services Service Description Predefined ServicesPINGICMP0 RLOGINTCP513NEWSTCP144 NNTPTCP119Creating/Editing Firewall Rules Creating/Editing a Firewall Rule Source and Destination Addresses Range Address , Subnet Address and Any Address TimeoutTimeout Factors Influencing Choices for Timeout Values10-16 Creating Custom Rules Introduction to Customized Services Customized ServicesCreating/Editing a Customized Service Creating/Editing a Customized ServiceClick Rule Summary under Internet to Local Network Set Example Custom Service Firewall RuleConfigure Source IP Example Syslog Rule Configuration Example Rule Summary Example Configuring Keyword Blocking Content FilteringContent Filtering Overview Content Filter Keyword Content Filter Schedule Configuring the ScheduleContent Filter Trusted Configuring Trusted ComputersContent Filter Logs Configuring LogsBlockcybernot BLOCKUNTRUSTDOMAIN, BLOCKKEYWORD, BlockactivexBLOCKJAVAAPPLET, BLOCKCOOKIE, Blockproxy VPN/IPSec Page Security Association Introduction to IPSecVPN Overview IPSecData Integrity Data Origin AuthenticationVPN Applications VPN Application IPSec ArchitectureKey Management IPSec AlgorithmsIPSec and NAT Transport ModeTunnel Mode ESP Security Protocol Mode NATVPN and NAT IPSec Algorithms AH Authentication Header ProtocolVPN Screens 14.1 VPN/IPSec OverviewAH and ESP My IP AddressSecure Gateway Address Dynamic Secure Gateway AddressIPSec Summary Fields VPN Summary ScreenVPN Summary Keep Alive ID Type and ContentLocal ID TYPE= CONTENT= ID Type and Content ExamplesLocal ID Type and Content Fields Peer ID Type and Content FieldsEditing VPN Policies Matching ID Type and Content Configuration ExampleMismatching ID Type and Content Configuration Example Pre-Shared KeyVPN IKE VPN Screens 14-9 14-10 VPN Screens VPN Screens 14-11 IKE Authentication Algorithm fields described nextTwo Phases to Set Up the IPSec SA IKE PhasesDiffie-Hellman DH Key Groups Negotiation ModePerfect Forward Secrecy PFS 14.11Configuring Advanced IKE SettingsLabel Description VPN IKE VPN IKE AdvancedVPN Screens 14-17 14-18 VPN Screens Security Parameter Index SPI 14.12Manual Key SetupVPN Manual Key 14.13Configuring Manual KeySPI 14-22 VPN Screens VPN Screens 14-23 14.14Viewing SA Monitor 10 SA Monitor SA Monitor11 Global Setting 14.15Configuring Global Setting12 VPN Logs 14.16Configuring IPSec LogsLOG Message Description 13 Sample IKE Key Exchange LogsRequest conflict with rule #d 14 Sample IPSec Logs During Packet TransmissionLOG Display Payload Type 15 RFC-2408 Isakmp Payload TypesHeadquarters Telecommuters 14.17Telecommuter VPN/IPSec ExamplesTelecommuters Sharing One VPN Rule Example All Headquarters Rules All Telecommuter Rules Telecommuters Using Unique VPN Rules Example14.18VPN and Remote Management Remote Management and UPnP Remote Management and NAT Remote Management ConfigurationRemote Management Overview Remote Management Limitations15.4 Web System TimeoutTelnet 15.3 FTPRemote Management Configuring Remote ManagementNAT Transversal How do I know if Im using UPnP?Universal Plug-and-Play UPnP Universal Plug and Play OverviewUPnP and ZyXEL Accessing the Prestige Web Configurator to Configure UPnPConfiguring UPnP Field Description Installing UPnP in Windows ExampleInstalling UPnP in Windows Me Optional Networking Component Installing UPnP in Windows XPDouble-clickNetwork Connections Auto-discover Your UPnP-enabled Network Device Using UPnP in Windows XP ExampleInternet Connection Properties Connections Select My Network Places under Other Places Web Configurator Easy Access ExampleClick start and then Control Panel UPnP 16-9 Maintenance Page System Status Screen MaintenanceMaintenance Overview System Status VPI/VCI System Status Show Statistics System StatisticsMaintenance 17-5 Dhcp Table Dhcp Table ScreenMAC Diagnostic ScreensDiagnostic General Screen Diagnostic General Prestige 792H G.SHDSL Router Diagnostic DSL Line ScreenFirmware Screen Firmware UpgradeNetwork Temporarily Disconnected SMT General Configuration Introducing the SMT Procedure for SMT Configuration via Console PortProcedure for SMT Configuration via Telnet Entering PasswordPrestige SMT Menu Overview Login ScreenPrestige Menu Overview ? or ChangeMe Main Menu CommandsNavigating the SMT Interface Operation Keystroke DescriptionMenu Title Description System Management Terminal Interface SummaryMain Menu Summary Menu 23 System Password Changing the System PasswordConfiguring Menu General SetupGeneral Setup Yes Configure Menu 1.1 Configure Dynamic DNS discussed nextField Description Example User Configuring Dynamic DNSPage From the main menu, enter 2 to open menu WAN Setup Screen20-5 Configuring Dial Backup in Menu Dial BackupDial Backup Overview 9600, 19200, 38400, 57600, 115200 or 230400 bps Advanced WAN SetupEnter to go to Menu 2.1 Advanced Setup 115200Nmbr = Field Description DefaultConnect Remote Node Profile Backup ISPAdvanced WAN Port Setup Call Control Parameters CHAP/PAP Remote Node Profile Backup ISPPress Enter to go to Menu 11.3 Remote Node Network Otherwise select Standard PPP Editing PPP OptionsEditing TCP/IP Options NAT Enter to open Menu 11.3 Network Layer OptionsRIP-1 Editing Filter SetsBoth Both/ None /In Only /Out Only and NoneMenu 11.5 Remote Node Filter Ethernet LAN Port Filter Setup Ethernet SetupTCP/IP and Dhcp Setup IP Alias SetupRIP-2B or RIP-2M Route IP SetupBoth , In Only or Out Only General Setup 22.1.4 TCP/IP Ethernet Setup and DhcpRIP-1,RIP-2B or RIP-2M Both Both, In Only, Out Only or NoneRIP-1 22-6 Internet Access Setup Internet AccessInternet Access Overview UBR Enet EncapOr Enet Encap LLC-basedSUA Only DynamicAdvanced Applications Remote Node Overview Remote Node ConfigurationRemote Node Setup Encapsulation and Multiplexing Scenarios Remote Node SetupBased or LLC-based Then the Rem Login, Rem Password, My Login, MyAllocated Budget is 10 minutes and the Period hr ChapTo display Menu 11.3 Remote Node Network Layer Options To display Menu 11.6 Remote Node ATM Layer OptionsRemote Remote Node Network Layer OptionsStatic Options are Both, In Only, Out Only or None My WAN Addr Sample IP AddressesSample IP Addresses for a TCP/IP LAN-to-LAN Connection Remote Node FilterPress Enter to open Menu 11.6 Remote Node ATM Layer Options Editing ATM Layer OptionsVC-based Multiplexing non-PPP Encapsulation Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation LLC-based Multiplexing or PPP EncapsulationStatic Route Overview Static Route SetupStatic Route Setup Edit IP Static Route Page Bridging Overview Bridging SetupBridge Ethernet Setup Remote Node Bridging SetupRemote Node Bridging Options Bridge Static Route SetupBridge Static Route Setup 26-4 Bridging Setup Applying NAT Applying NAT for Internet Access Enter 1 to bring up Menu 15.1 Address Mapping Sets NAT SetupFull Feature Address Mapping SetsAddress Mapping Rules SUA Address Mapping SetsUser-Defined Address Mapping Sets Natset Field Desription ExampleSelect Rule item Global Start/End IPsEdit To-One,Many-to-One and Server types One-to-OneFor Server NAT Server Sets NAT Server Setup General NAT Examples Example 1 Internet Access Only11 NAT Example 13 NAT Example Example 2 Internet Access with an Inside Server14 NAT Example 2 Menu Example 3 Multiple Public IP Addresses With Inside Servers15 NAT Example 17 Example 3 Menu Enter 2 in Menu 15 NAT Setup 19 Example 3- Menu Example 4 NAT Unfriendly Application Programs21 Example 4 Menu 22 Example 4 Menu Advanced Management Page About Filtering Filter ConfigurationOutgoing Packet Filtering Process Filter Rule Process Execute Filter RuleFilter Structure of the Prestige Filter Set ConfigurationNetBios WAN Filter Rules Summary TelnetWAN Filter Rules Summary Ftpwan Filter Rules Summary Abbreviations Used in the Filter Rules Summary Menu Filter Rules Summary MenusGEN Filter Rule ConfigurationRule Abbreviations Used Filter Type DescriptionChoices are TCP/IP Filter Rule or Generic Filter Rule 28.3.1 TCP/IP Filter RuleTCP/IP Filter Rule If More is Yes , then Action Matched and Action Not TCP/IP Filter RuleChoices are None , Less , Greater , Equal or Not Equal Choices are Check Next Rule, Forward or Drop Check Next RuleCheck Next Rule, Forward or Drop 12 Executing an IP Filter 13 Generic Filter Rule Generic Filter RuleGeneric Filter Rule Menu Fields Example Filter Filter Types and NAT15 Sample Telnet Filter 16 Sample Filter Rules Summary Menu 17 Sample Filter Rules Summary Menu Filter Sets Description Applying Filters and Factory DefaultsEthernet Traffic Filter Sets Table19 Filtering Ethernet Traffic Remote Node FiltersPage Snmp Overview Snmp ConfigurationSnmp is only available if TCP/IP is configured Supported MIBs Snmp ConfigurationTrap # Trap Name Description Snmp TrapsSnmp Traps Snmp29-4 Snmp Configuration System Status System MaintenanceSystem Maintenance Overview System Maintenance Status WAN System InformationSystem Information LAN Menu 1 General SetupConsole Port Speed Viewing Error LogLog and Trace Syslog Sample Error and Information MessagesCDR System Maintenance Menu Syslog ParametersParameter Description System Maintenance Diagnostic DiagnosticSystem Maintenance Menu Diagnostic Page Filename Conventions Firmware and Configuration File MaintenanceFile Type Internal External Name Description Backup ConfigurationFilename Conventions Example of FTP Commands from the Command Line Backup ConfigurationUsing the FTP Command from the Command Line Tftp and FTP over WAN Will Not Work When General Commands for GUI-based FTP ClientsCommand Description GUI-based FTP ClientsGUI-based Tftp Clients Backup Configuration Using TftpTftp Command Example General Commands for GUI-based Tftp Clients Backup Via Console PortBackup Configuration Example Restore ConfigurationSystem Maintenance Restore Configuration Restore Using FTPRestore Via Console Port Restore Using FTP Session ExampleFirmware File Upload Uploading Firmware and Configuration Files13 System Maintenance Upload System Firmware Configuration File UploadTftp File Upload FTP File Upload Command from the DOS Prompt ExampleFTP Session Example of Firmware File Upload Uploading Via Console Port Tftp Upload Command ExampleUploading Firmware File Via Console Port Example Xmodem Firmware Upload Using HyperTerminalExample Xmodem Configuration Upload Using HyperTerminal Uploading Configuration File Via Console Port19 Example Xmodem Upload Command Interpreter Mode System Maintenance and InformationBudget Management Call Control SupportBudget Management System Maintenance Time and Date Setting Time and Date SettingNTP RFC-1305 is similar to Time RFC-868 Resetting the TimeTime and Date Setting Fields Page Routing Policy IP Policy RoutingIP Policy Routing Overview IP Policy Routing BenefitsIP Routing Policy Setup IP Routing Policy SetupAction ServiceAbbreviation Meaning CriterionG t Delay, Max Thruput, Min Cost or Max ReliableMatched Applying an IP PolicyEthernet IP Policies Less, Greater, Less or Equal or Greater or Equal33-6 IP Policy Routing Example of IP Policy Routing IP Policy Routing ExampleIP Routing Policy Example Applying IP Policies Page Call Scheduling Overview Schedule SetupCall Scheduling Schedule Set Setup Forced On OnceApplying Schedule Sets to a Remote Node PPPoE Remote Management Remote Management and Telnet ServicesRemote Management and FTP Services Remote Management Control Remote Management SetupRemote Management and Web Services Disabling Remote ManagementRemote Management and NAT System TimeoutSMT VPN/IPSec and Internal Sptgen 36.1 VPN/IPSec Overview VPN/IPSec SetupIPSec Summary Screen Menu 27 VPN/IPSec SetupESP DES MD5 Tunnel36-4 VPN/IPSec Setup IPSec Setup IPSec Summary Menu 27.1.1 IPSec SetupGateway Address field below Single Address field set toSubnet Manual Setup Description Example IKE Setup3Menu 27.1.1.1 IKE Setup FieldMD5 DESDH1 Active Protocol Encapsulation and Security Protocol Manual SetupMode Security Protocol Active ProtocolESP Tunnel Menu 27.1.1.2 Manual SetupVPN/IPSec Setup 36-15 Page SA Monitor Overview Using SA MonitorSA Monitor Refresh TaiwanESP DES VPN Responder IPSec Log Diagram 37-1 Example VPN Responder IPSec LogViewing IPSec Log Page Internal Sptgen Overview Configuration Text File FormatInternal Sptgen 38-2 Internal Sptgen Internal Sptgen FTP Download Example Invalid Parameter Entered Command Line ExampleInternal Sptgen FTP Upload Example Internal Sptgen FTP Upload ExampleAppendices and Index Page Troubleshooting the Start-Up of Your Prestige TroubleshootingProblems Starting Up the Prestige Problems with the LAN InterfaceTroubleshooting Internet Access Problems with the WAN InterfaceProblems with Internet Access Troubleshooting the WAN InterfaceTroubleshooting Telnet Problems with the PasswordProblems with Telnet Troubleshooting the PasswordPage Traditional Dial-up Scenario Appendix a PPPoEPPPoE in Action Benefits of PPPoEPrestige as a PPPoE Client Diagram 2 Prestige as a PPPoE ClientAppendix B Virtual Circuit Topology Diagram 3 Virtual Circuit TopologyUnited Kingdom Plug Standards Power Adapter SpecificationsAppendix C North American Plug StandardsChina Standards European Plug StandardsAA-121ABN Power Consumption Safety Standards Ccee GB8898 Index 17-10 28-430-6 Local Network10-7 24-1,24-2 24-230-5 RIPTraceroute TCP/IP

Related manuals

Manual 2 pages 9.52 Kb