Cisco Systems 15454M6DC 2.5.2 Accessing ONS 15454s Behind Firewalls

2-12

Cisco ONS 15454 Installation and Operations Guide

November 2001

Chapter2 Software Installation

Logging into the ONS 15454

2.5.2 Accessing ONS 15454s Behind Firewalls

If an ONS 15454 or CTC computer resides behind a firewall th at u ses po rt f ilte ring , you must rec eiv e

an Internet Inter-ORB Protocol (IIOP) port from your network adm ini stra tor an d enabl e th e IIO P por t

on the ONS 15454 and/or CTC computer, depending on whether one or bot h devi ces resi de be hin d

firewalls.

If the ONS 15454 is in a protected network and the CTC co mpu ter is in an ext erna l ne tw ork , as show n

in Figure2-3, enable the IIOP listener port specified by the firewall administrator on the ONS 15454.

The ONS 15454 sends the port number to the CTC computer during the initial contact between the

devices using Hyper-Text Transfer Protocol (HTTP). After the CTC computer obtains the ONS 15454

IIOP port, the computer opens a direct session with the node using the specified IIOP port.

Figure2-3 ONS 15454s residing behind a firewall

If the CTC computer and the ONS 15454 both reside behind firewalls (Figure 2-4), set the IIOP port on

the CTC computer and on the ONS 15454. Each firewall can use a different IIOP port. For example, if

the CTC computer firewall uses IIOP port 4000, and the ONS 1 5454 firewall uses IIOP port 5000, 4000

is the IIOP port set on the CTC computer and 5000 is the IIOP port set on the ONS 15454.

Figure2-4 A CTC computer and ONS 15454s residing behind firewalls

Procedure: Set the IIOP Listener Port on the ONS 15454

Step 1 Log into the ONS 15454 node from a CTC computer that is behind the firewall.

55351

CTC computer

External network Protected network

ONS 15454

Unprotected

network Private

network

IIOP port

IIOP port

Firewall

Port

filtering ONS 15454

55350

CTC computer

Firewall

Port

filtering

Protected network External network Protected network

ONS 15454

Private

network Unprotected

network Private

network

IIOP port IIOP port

IIOP port

Firewall

Port

filtering ONS 15454

Contents

Main Cisco ONS 15454 Installation and Operations Guide Page CONTENTS Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Hardware Installation Software Installation Node Setup IP Networking SONET Topologies Circuits and Tunnels Card Provisioning Performance Monitoring Ethernet Operation Alarm Monitoring and Management SNMP Page About This Manual Audience Organization Related Documentation Conventions Obtaining Documentation World Wide Web Optical Networking Product Documentation CD-ROM Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco.com Technical Assistance Center Contacting TAC by Using the Cisco TAC Website Contacting TAC by Telephone Hardware Installation 1.1 Installation Overview 1.2 Installation Equipment 1.2.1 Included Materials 1.2.2 User-Supplied Materials 1.2.2.1 Tools Needed 1.2.2.2 Test Equipment 1.3 Rack Installation 1.3.1 Reversible Mounting Bracket Procedure: Reverse the Mounting Bracket to Fit a 19-Inch Rack 1.3.2 Mounting a Single Node Procedure: Mount the Shelf Assembly in a Rack (One Person) Procedure: Mount the Shelf Assembly in a Rack (Two People) 1.3.3 Mounting Multiple Nodes Procedure: Mount Multiple Shelf Assemblies in a Rack 1.3.3.1 Four Node Configuration 1.3.3.2 ONS 15454 Bay Assembly 1.4 Front Door Access Procedure: Open the Front Cabinet Compartment (Door) Procedure: Remove the Front Door 1.5 Backplane Access Procedure: Remove the Backplane Sheet Metal Covers 1.5.1 Lower Backplane Cover BA Procedure: Remove the Lower Backplane Cover 1.5.2 Alarm Interface Panel 1.6 EIA Installation 1.6.1 BNC EIA 1.6.2 High-Density BNC EIA BA 1.6.3 SMB EIA BA 1.6.4 AMP Champ EIA BA Page Procedure: Install a BNC, High-Density BNC, or SMB EIA 1-23 Figure1-17 Installing the High-Density BNC EIA Figure1-18 Installing the SMB EIA (use a balun for DS-1 connections) Procedure: Install the AMP Champ EIA 1.7 Fan-Tray Assembly Installation Procedure: Install the Bottom Brackets and Air Filter Procedure: Install the Fan-Tray Assembly 1.8 Power and Ground Installation Page Procedure: Install Redundant Power Feeds Page 1-32 Chapter1 Hardware Installation Alarm, Timing, LAN, and Craft Pin Connections Not Used 1.9 Alarm, Timing, LAN, and Craft Pin Connections Caution Always use the supplied ESD wristband when working with a powered ONS 15454. Plug the Figure1-24 Pinouts 1.9.1 Alarm Installation Procedure: Install Alarm Wires on the Backplane 1.9.2 Timing Installation Procedure: Install Timing Wires on the Backplane 1.9.3 LAN Installation Procedure: Install LAN Wires on the Backplane 1.9.4 TL1 Craft Interface Installation Procedure: Install Craft Interface Wires on the Backplane 1.10 Coaxial Cable Installation 1.10.1 BNC Connector Installation Procedure: Install Coaxial Cable With BNC Connectors 1.10.2 High-Density BNC Connector Installation Procedure: Install Coaxial Cable With High-Density BNC Connectors 1.10.3 SMB Connector Installation Procedure: Install Coaxial Cable with SMB Connectors 1.11 DS-1 Cable Installation 1.11.1 Twisted Pair Wire-Wrap Installation Procedure: Install DS-1 Cables Using Electrical Interface Adapters (Balun) 1.11.2 AMP Champ Connector Installation Page Procedure: Install DS-1 AMP Champ Cables on the AMP Champ EIA 1.12 Card Installation 1.12.1 Slot Requirements P Procedure: Install the TCC+ and XC/XCVT/XC10G Cards Procedure: Install Optical, Electrical, and Ethernet Cards Procedure: Install the AIC Card 1.12.2 Gigabit Interface Converter Procedure: Install Gigabit Interface Converters Page Procedure: Remove a Gigabit Interface Converter 1.13 Fiber-Optic Cable Installation Procedure: Install Fiber-Optic Cables on OC-N Cards Procedure: Install the Fiber Boot 1.14 Cable Routing and Management 1.14.1 Optical Cable Management Procedure: Route Fiber-Optic Cables in the Shelf Assembly 1.14.2 Coaxial Cable Management Procedure: Route the Coaxial Cables 1.14.3 DS-1 Twisted-Pair Cable Management BA Procedure: Route DS-1 Twisted-Pair Cables 1.14.4 AMP Champ Cable Management 1.14.5 BIC Rear Cover Installation Procedure: Install the BIC Rear Cover 1-60 Figure1-38 Backplane attachment for BIC cover Figure1-39 Installing the BIC rear cover with spacers Screw locations for attaching BIC rear cover 1.15 Ferrite Installation Procedure: Attach Ferrites to Power Cabling BA Procedure: Attach Ferrites to Wire-Wrap Pin Fields BA 1.16 ONS 15454 Assembly Specifications 1.16.1 Bandwidth 1.16.2 Slot Assignments 1.16.3 Cards 1.16.4 Configurations 1.16.5 Cisco Transport Controller 1.16.6 External LAN Interface 1.16.7 TL1 Craft Interface 1.16.8 Modem Interface 1.16.9 Alarm Interface 1.16.10 EIA Interface 1.16.11 Nonvolatile Memory 1.17 Installation Checklist 1.18 ONS 15454 Software and Hardware Compatibility Matrix Page Page Software Installation 2.1 Installation Overview 2.2 Computer Requirements Page 2.3 Running the CTC Setup Wizard Procedure: Run the CTC Setup Wizard Procedure: Set Up the Environment Variable (Solaris installations only) Procedure: Reference the JRE (Solaris installations only) 2.4 Connecting PCs to the ONS 15454 2.4.1 Direct Connections to the ONS 15454 Procedure: Creating a Direct Connection to an ONS 15454 Page 2.4.2 Network Connections Procedure: Access the ONS 15454 from a LAN Procedure: Disable Proxy Service Using Internet Explorer (Windows) Procedure: Disable Proxy Service Using Netscape (Windows and Solaris) 2.4.3 Remote Access to the ONS 15454 2.4.4 TL1 Terminal Access to the ONS 15454 2.5 Logging into the ONS 15454 Procedure: Log into the ONS 15454 2.5.1 Creating Login Node Groups Procedure: Create a Login Node Group 2.5.2 Accessing ONS 15454s Behind Firewalls Procedure: Set the IIOP Listener Port on the ONS 15454 Procedure: Set the IIOP Listener Port on CTC 2.6 Working with the CTC Window 2.6.1 Node View 2.6.1.1 CTC Card Colors 2.6.1.2 Node View Card Shortcuts 2.6.1.3 Node View Tabs 2.6.2 Network View 2.6.2.1 CTC Node Colors 2.6.2.2 Network View Tasks 2.6.2.3 Creating Domains Page 2.6.2.4 Changing the Network View Background Color Procedure: Modify the Network or Domain Background Color 2.6.2.5 Changing the Network View Background Image Procedure: Change the Network View Background Image Procedure: Add a Node to the Current Session 2.6.3 Card View 2.7 CTC Navigation Page 2.8 Viewing CTC Table Data Page 2.9 Printing and Exporting CTC Data Procedure: Print CTC Window and Table Data Procedure: Export CTC Data 2.10 Displaying CTC Data in Other Applications Page Node Setup 3.1 Before You Begin 3.2 Setting Up Basic Node Information Procedure: Add the Node Name, Contact, Location, Date, and Time 3.3 Setting Up Network Information Procedure: Set Up Network Information Procedure: Change IP Address, Default Router, and Network Mask Using the LCD Slot-0 Status=IpAddress 172.020.214.107 <Next Done Mod> Slot-0 Status=Save Cfg. Save and REBOOT? <Apply Revert> 3.4 Creating Users and Setting Security Page Procedure: Create New Users Procedure: Edit a User Procedure: Delete a User 3.5 Creating Protection Groups Procedure: Create Protection Groups Procedure: Enable Ports Procedure: Edit Protection Groups Procedure: Delete Protection Groups 3.6 Setting Up ONS 15454 Timing 3.6.1 Network Timing Example 3.6.2 Synchronization Status Messaging Procedure: Set up ONS 15454 Timing Page Page Procedure: Set Up Internal Timing 3.7 Viewing ONS 15454 Inventory 3.8 Viewing CTC Software Versions Page IP Networking 4.1 IP Networking Overview 4.2 ONS 15454 IP Addressing Scenarios 4.2.1 Scenario 1: CTC and ONS 15454s on Same Subnet 4.2.2 Scenario 2: CTC and ONS 15454s Connected to Router 4-4 4.2.3 Scenario 3: Using Proxy ARP to Enable an ONS 15454 Gateway Page 4.2.4 Scenario 4: Default Gateway on CTC Computer 4.2.5 Scenario 5: Using Static Routes to Connect to LANs Page 4-8 Procedure: Create a Static Route Use the following steps to create a static route. 4.2.6 Scenario 6: Static Route for Multiple CTCs 4.2.7 Scenario 7: Using OSPF Page 4-12 (Figure 4-10). Procedure: Set up OSPF Page Page 4.3 Viewing the ONS 15454 Routing Table Page Page Page SONET Topologies 5.1 Before You Begin 5.2 Bidirectional Line Switched Rings 5.2.1 Two-Fiber BLSRs Page 5.2.2 Four-Fiber BLSRs Page 5-6 5.2.3 BLSR Bandwidth 5.2.4 Sample BLSR Application 5-9 5-10 5.2.5 Setting Up BLSRs To set up a BLSR on the ONS 15454, you perform five basic procedures: Procedure: Install the BLSR Trunk Cards 5-12 Procedure: Create the BLSR DCC Terminations Procedure: Enable the BLSR Ports Procedure: Provision the BLSR Page 5.2.6 Upgrading From Two-Fiber to Four-Fiber BLSRs Procedure: Upgrade From a Two-Fiber to a Four-Fiber BLSR Page 5.2.7 Adding and Removing BLSR Nodes Procedure: Add a BLSR Node Page Page Procedure: Remove a BLSR Node 5.2.8 Moving BLSR Trunk Cards Page Procedure: Move a BLSR Trunk Card Page 5.3 Unidirectional Path Switched Rings 5-27 5.3.1 Example UPSR Application 5-29 5.3.2 Setting Up a UPSR Procedure: Install the UPSR Trunk Cards Procedure: Configure the UPSR DCC Terminations Procedure: Enable the UPSR Ports 5.3.3 Adding and Removing UPSR Nodes Procedure: Switch UPSR Traffic Page Procedure: Add a UPSR Node Procedure: Remove a UPSR Node 5.4 Subtending Rings 5-37 Procedure: Subtend a UPSR from a BLSR Procedure: Subtend a BLSR from a UPSR Page Procedure: Subtend a BLSR from a BLSR 5.5 Linear ADM Configurations Procedure: Create a Linear ADM Procedure: Convert a Linear ADM to UPSR Page Page Page Page Procedure: Convert a Linear ADM to a BLSR Page Page 5.6 Path-Protected Mesh Networks 5-51 Working traffic 5-52 Circuits and Tunnels 6.1 Circuits Overview 6.2 Creating Circuits and VT Tunnels Procedure: Create an Automatically Routed Circuit Page Page Page Procedure: Create a Manually Routed Circuit Page 6.3 Creating Multiple Drops for Unidirectional Circuits Procedure: Create a Unidirectional Circuit with Multiple Drops 6.4 Creating Monitor Circuits Procedure: Create a Monitor Circuit 6.5 Searching for Circuits Procedure: Search for ONS 15454 Circuits 6.6 Editing UPSR Circuits Procedure: Edit a UPSR Circuit 6.7 Creating a Path Trace Procedure: Create a J1 Path Trace Page 6.8 Cross-Connect Card Capacities 6.8.1 VT1.5 Cross-Connects Page 6-18 the Figure 6-11 example. 6.8.2 VT Tunnels Page 6.9 Creating DCC Tunnels Procedure: Provision a DCC Tunnel Page Page Card Provisioning 7.1 Performance Monitoring Thresholds 7.2 Provisioning Electrical Cards 7.2.1 DS-1 Card Parameters Procedure: Modify Line and Threshold Settings for the DS-1 Card Page Page 7.2.2 DS-3 Card Parameters Procedure: Modify Line and Threshold Settings for the DS-3 Card Page 7.2.3 DS3E Card Parameters Procedure: Modify Line and Threshold Settings for the DS3E Card Page 7.2.4 DS3XM-6 Card Parameters Procedure: Modify Line and Threshold Settings for the DS3XM-6 Card Page 7.2.5 EC1-12 Card Parameters Procedure: Modify Line and Threshold Settings for the EC-1 Card Page Page Page 7.3 Provisioning Optical Cards 7.3.1 Modifying Transmission Quality Procedure: Provision Line Transmission Settings for OC-N Cards Procedure: Provision Threshold Settings for OC-N Cards Page Page Page 7.3.2 Provisioning OC-N Cards for SDH Procedure: Provision an OC-N Card for SDH 7.4 Provisioning IPPM Procedure: Enable Intermediate-Path Performance Monitoring 7.5 Provisioning the Alarm Interface Controller 7.5.1 Using Virtual Wires Procedure: Provision External Alarms Procedure: Provision External Controls 7.5.2 Provisioning AIC Orderwire Procedure: Provision AIC Orderwire 7.5.3 Using the AIC Orderwire 7.6 Converting DS-1 and DS-3 Cards From 1:1 to 1:N Protection Procedure: Convert DS1-14 Cards From 1:1 to 1:N Protection Page Procedure: Convert DS3-12 Cards From 1:1 to 1:N Protection Page Performance Monitoring 8.1 Using the Performance Monitoring Screen 8.1.1 Viewing PMs Procedure: View PMs 8.1.2 Changing the Screen Intervals Procedure: Select Fifteen-Minute PM Intervals on the Performance Monitoring Screen Procedure: Select Twenty-Four Hour PM Intervals on the Performance Monitoring Screen 8.1.3 Viewing Near End and Far End PMs Procedure: Select Near End PMs on the Performance Monitoring Screen Procedure: Select Far End PMs on the Performance Monitoring Screen 8.1.4 Using the Signal-Type Menu Procedure: Select Signal-Type Menus on the Performance Monitoring Screen 8.1.5 Using the Baseline Button Procedure: Use the Baseline Button on the Performance Monitoring Screen 8.1.6 Using the Clear Button Procedure: Use the Clear Button on the Performance Monitoring Screen 8.2 Changing Thresholds 8.3 Enabling Intermediate-Path Performance Monitoring Page 8.4 Pointer Justification Count Parameters Procedure: Enable Pointer Justification Count Performance Monitoring 8-14 Chapter8 Performance Monitoring EC1 Path (EC1 XX) Far End PMs Not Supported Fiber 8.5 Performance Monitoring for Electrical Cards 8.5.1 EC1 Card Performance Monitoring Parameters Figure8-11 Monitored signal types for the EC1 card ONS 15454 EC1 OC48 Near End EC1 Signal Page Page Page 8-18 Chapter8 Performance Monitoring DS1 Path (DS1 XX) Far End PMs Not Supported Fiber 8.5.2 DS1 and DS1N Card Performance Monitoring Parameters Figure8-13 Monitored signal types for the DS1 and DS1N cards ONS 15454 DS1 OC48 Near End DS1 Signal ONS 15454 DS1OC48 Page Page Page 8.5.3 DS3 and DS3N Card Performance Monitoring Parameters Page 8.5.4 DS3-12E and DS3N-12E Card Performance Monitoring Parameters 8-25 November 2001 Chapter8 Performance Monito ring DS3E Path Far End PMs Are Supported Fiber Page Page 8.5.5 DS3XM-6 Card Performance Monitoring Parameters Page Page Page Page 8.6 Performance Monitoring for Optical Cards 8.6.1 OC-3 Card Performance Monitoring Parameters Page Page Page 8.6.2 OC-12, OC-48, and OC-192 Card Performance Monitoring Parameters Page Page Page Page Page Ethernet Operation 9.1 Ethernet Cards 9.1.1 E100T-12/E100T-G 9.1.2 E1000-2/E1000-2-G 9.1.3 Port Provisioning for Ethernet Cards Procedure: Provision Ethernet Ports 9.2 Multicard and Single-Card EtherSwitch 9.2.1 Multicard EtherSwitch 9.2.2 Single-Card EtherSwitch 9.2.3 ONS 15454 and ONS 15327 EtherSwitch Circuit Combinations 9.3 Ethernet Circuit Configurations 9.3.1 Point-to-Point Ethernet Circuits 9-7 Procedure: Provision an EtherSwitch Point-to-Point Circuit (Multicard or Single-Card) If you are building a Single-card Etherswitch circuit: Page Page 9.3.2 Shared Packet Ring Ethernet Circuits Procedure: Provision a Shared Packet Ring Page Page Page 9.3.3 Hub and Spoke Ethernet Circuit Provisioning Procedure: Provision a Hub and Spoke Ethernet Circuit Page 9.3.4 Ethernet Manual Cross-Connects Procedure: Provision a Single-card EtherSwitch Manual Cross-Connect Page Procedure: Provision a Multicard EtherSwitch Manual Cross-Connect Page 9.4 VLAN Support 9.4.1 Q-Tagging (IEEE 802.1Q) 9.4.2 Priority Queuing (IEEE 802.1Q) Data Flow 9.4.3 VLAN Membership Procedure: Provision Ethernet Ports for VLAN Membership Data Flow Page 9.5 Spanning Tree (IEEE 802.1D) 9.5.1 Multi-Instance Spanning Tree and VLANs Procedure: Enable Spanning Tree on Ethernet Ports 9.5.2 Spanning Tree Parameters 9.5.3 Spanning Tree Configuration 9.5.4 Spanning Tree Map Procedure: View the Spanning Tree Map 9.6 Ethernet Performance and Maintenance Screens 9.6.1 Statistics Screen 9.6.2 Line Utilization Screen 9.6.3 History Screen 9.6.4 MAC Table Screen Procedure: Retrieve the MAC Table Information 9.7 Remote Monitoring Specification Alarm Thresholds Page Procedure: Creating Ethernet RMON Alarm Thresholds Page Page Alarm Monitoring and Management 10.1 Overview 10.2 Viewing ONS 15454 Alarms Page 10.2.1 Controlling Alarm Display 10.2.2 Viewing Alarm-Affected Circuits Procedure: View Affected Circuits for a Specific Alarm 10.2.3 Conditions Tab 10.2.3.1 Retrieve and Display Conditions 10.2.3.2 Conditions Column Descriptions 10.2.4 Viewing History 10.2.5 Viewing Alarms on the LCD Procedure: View Alarm Counts on a Specific Slot and Port 10.3 Alarm Profiles 06/29/01 03.00-001A-00 24C 10.3.1 Creating and Modifying Alarm Profiles Procedure: Create an Alarm Profile 10.3.1.1 Alarm Profile Menus 10.3.1.2 Alarm Profile Editing 10.3.1.3 Alarm Severity Option 10.3.1.4 Row Display Options 10.3.2 Applying Alarm Profiles Page Procedure: Apply an Alarm Profile at the Card View Procedure: Apply an Alarm Profile at the Node View 10.4 Suppressing Alarms Procedure: Suppressing Alarms Page Page SNMP 11.1 SNMP Overview 11.2 SNMP Basic Components 11.3 SNMP Support Procedure: Set Up SNMP Support Page 11.4 SNMP Management Information Bases 11.5 SNMP Traps Page 11.6 SNMP Community Names 11.7 SNMP Remote Network Monitoring Page Page A Circuit Routing Automatic Circuit Routing Circuit Routing Characteristics Bandwidth Allocation and Routing Secondary Sources and Drops Manual Circuit Routing A-4 segment (see FigureA-3). FigureA-3 Alternate paths for virtual UPSR segments cannot be 1+1 or BLSR protected (see Figure A-4). The same rule applies at the UPSR bridge. FigureA-4 Mixing 1+1 or BLSR protected links with a UPSR Page Page Constraint-Based Circuit Routing Page B Regulatory and Compliance Requirements Regulatory Compliance Japan Approvals Label Information Class A Notice Installation Warnings DC Power Disconnection Warning B-4 DC Power Connection Warning B-5 Power Supply Disconnection Warning B-6 B-7 Outside Line Connection Warning B-8 Class 1 Laser Product Warning Class I and Class 1M Laser Warning Restricted Area Warning B-9 Ground Connection Warning B-10 B-11 Qualified Personnel Warning Invisible Laser Radiation Warning (other versions available) More Than One Power Supply B-12 Unterminated Fiber Warning B-13 B-14 B-15 Laser Activation Warning Page C Acronyms Page Page Page Page Page J Page Page Page Page Page Page W X D Glossary Page Page Page Page K Page Page Page Q Page Page Page Page INDEX Page Page Page Page Page Page Page J K Page Page Q Page Page Page Page W X