IBM Books

Using and Configuring Features Version 3.4

Table of Contents

Figures

Tables

Notices

Trademarks

Preface

  • Who Should Read This Manual
  • Getting Additional Information
  • About the Software
  • Conventions Used in This Manual
  • IBM 2210 Nways Multiprotocol Router Publications
  • Summary of Changes for the IBM 2210 Software Library
  • Getting Help
  • Exiting a Lower Level Environment

    • Using Bandwidth Reservation and Priority Queuing

  • Bandwidth Reservation System
  • Bandwidth Reservation over Frame Relay
  • Queuing Support
  • Discard Eligibility
  • Default Circuit Definitions for Traffic Class Handling
  • Configuring BRS for Voice over Frame Relay
  • Priority Queuing
  • Priority Queuing Without Bandwidth Reservation
  • Configuring Traffic Classes
  • BRS and Filtering
  • MAC Address Filtering and Tags
  • TCP/UDP Port Number Filtering
  • IPv4 TOS Bit Filtering
  • Using IP Version 4 Precedence Bit Processing for SNA Traffic in IP Secure Tunnels and Secondary Fragments
  • SNA and APPN Filtering for Bridged Traffic
  • Order of Filtering Precedence
  • Sample Configurations
  • Using Default Circuit Definitions for Traffic Class Handling of Frame Relay Circuits

    • Configuring and Monitoring Bandwidth Reservation

  • Bandwidth Reservation Configuration Overview
  • Bandwidth Reservation Configuration Commands
  • Activate-IP-precedence-filtering
  • Add-circuit-class
  • Add-class
  • Assign
  • Assign-circuit
  • Change-circuit-class
  • Change-class
  • Circuit
  • Clear-block
  • Create-super-class
  • Deactivate-IP-precedence-filtering
  • Deassign
  • Deassign-circuit
  • Default-circuit-class
  • Del-circuit-class
  • Default-class
  • Del-class
  • Disable
  • Disable-hpr-over-ip-port-numbers
  • Enable
  • Enable-hpr-over-ip-port-numbers
  • Interface
  • List
  • Queue-length
  • Set-circuit-defaults
  • Show
  • Tag
  • Untag
  • Use-circuit-defaults
  • Accessing the Bandwidth Reservation Monitoring Prompt
  • Bandwidth Reservation Monitoring Commands
  • Circuit
  • Clear
  • Clear-Circuit-Class
  • Counters
  • Counters-circuit-class
  • Interface
  • Last
  • Last-circuit-class
  • Bandwidth Reservation Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • CONFIG (Talk 6) Immediate Change Commands

    • Using MAC Filtering

  • MAC Filtering and DLSw Traffic
  • MAC Filtering Parameters
  • Filter-Item Parameters
  • Filter-List Parameters
  • Filter Parameters
  • Using MAC Filtering Tags

    • Configuring and Monitoring MAC Filtering

  • Accessing the MAC Filtering Configuration Prompt
  • MAC Filtering Configuration Commands
  • Attach
  • Create
  • Default
  • Delete
  • Detach
  • Disable
  • Enable
  • List
  • Move
  • Reinit
  • Set-Cache
  • Update
  • Update Subcommands
  • Add
  • Delete
  • List
  • Move
  • Set-Action
  • Accessing the MAC Filtering Monitoring Prompt
  • MAC Filtering Monitoring Commands
  • Clear
  • Disable
  • Enable
  • List
  • Reinit
  • MAC Filtering Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Command
  • CONFIG (Talk 6) Activate Command

    • Using WAN Restoral

  • Overview for WAN Restoral, WAN Reroute, and Dial-on-Overflow
  • WAN Restoral
  • WAN Reroute
  • Dial-on-overflow
  • Before You Begin
  • Configuration Procedure for WAN Restoral
  • Secondary Dial Circuit Configuration

    • Configuring and Monitoring WAN Restoral

  • WAN Restoral, WAN Reroute, and Dial-on-Overflow Configuration Commands
  • Add
  • Disable
  • Enable
  • List
  • Remove
  • Set
  • Accessing the WAN Restoral Interface Monitoring Process
  • WAN Restoral Monitoring Commands
  • Clear
  • Disable
  • Enable
  • Set
  • List
  • WAN Restoral and WAN Reroute Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Temporary Change Commands

    • The WAN Reroute Feature

  • WAN Reroute Overview
  • Dial-on-Overflow
  • Configuring WAN Reroute
  • Sample WAN Reroute Configuration

    • Using the Network Dispatcher Feature

  • Overview of Network Dispatcher
  • Balancing TCP and UDP Traffic Using Network Dispatcher
  • High Availability for Network Dispatcher
  • Failure Detection
  • Database Synchronization
  • Recovery Strategy
  • IP Takeover
  • Configuring Network Dispatcher
  • Configuration Steps
  • Using Network Dispatcher with TN3270 Server
  • Keys to Configuration
  • Explicit LUs and Network Dispatcher
  • Using Network Dispatcher with Cluster Address Advertising
  • Using Network Dispatcher with Scalable High Availability Cache (SHAC)

    • Configuring and Monitoring the Network Dispatcher Feature

  • Accessing the Network Dispatcher Configuration Commands
  • Network Dispatcher Configuration Commands
  • Add
  • Clear
  • Disable
  • Enable
  • List
  • Remove
  • Set
  • Accessing the Network Dispatcher Monitoring Commands
  • Network Dispatcher Monitoring Commands
  • List
  • Quiesce
  • Report
  • Status
  • Switchover
  • Unquiesce
  • Network Dispatcher Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • CONFIG (Talk 6) Immediate Change Commands
  • Non-Dynamically Reconfigurable Commands

    • Configuring and Monitoring the Encoding Subsystem

  • Configuring the Encoding Subsystem
  • List
  • Set
  • Monitoring the Encoding Subsystem
  • List
  • Encoding Subsystem Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • Non-Dynamically Reconfigurable Commands

    • Configuring and Monitoring Data Compression

  • Data Compression Overview
  • Data Compression Concepts
  • Data Compression Basics
  • Considerations
  • Configuring and Monitoring Data Compression on PPP Links
  • Configuring Data Compression on PPP Links
  • Monitoring Data Compression on PPP Links
  • Configuring and Monitoring Data Compression on Frame Relay Links
  • Configuring Data Compression on Frame Relay Links
  • Monitoring Data Compression on Frame Relay Links
  • Example: Monitoring Compression on a Frame Relay Interface or Circuit

    • Using Local or Remote Authentication

  • Using Authentication, Authorization, and Accounting (AAA) Security
  • What is AAA Security?
  • Using PPP
  • Valid PPP Security Protocols
  • Using Login
  • Valid Login/Admin Security Protocols
  • Using Tunnels
  • Valid Tunnel Security Protocols
  • Password Rules
  • Understanding Authentication Servers
  • SecurID Support

    • Configuring Authentication

  • Accessing the Authentication Configuration Prompt
  • Authentication Configuration Commands
  • Disable
  • Enable
  • List
  • Login
  • Nets-info
  • Password-rules
  • PPP
  • Servers
  • Set
  • Tunnel
  • User-profiles
  • Authentication (AAA) Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • CONFIG (Talk 6) Immediate Change Commands
  • Non-Dynamically Reconfigurable Commands

    • Using and Configuring Encryption Protocols

  • PPP Encryption Using Encryption Control Protocol
  • Configuring ECP Encryption for PPP
  • Monitoring ECP Encryption for PPP
  • Microsoft Point-to-Point Encryption (MPPE)
  • Configuring MPPE
  • Monitoring MPPE
  • Configuring Encryption on Frame Relay Interfaces
  • Monitoring Encryption on Frame Relay Interfaces

    • Configuring and Monitoring Quality of Service (QoS)

  • Quality of Service Overview
  • Benefits of QoS
  • QoS Configuration Parameters
  • Maximum Reserved Bandwidth (max-reserved-bandwidth)
  • Traffic Type (traffic-type)
  • Peak Cell Rate (peak-cell-rate)
  • Sustained Cell Rate (sustained-cell-rate)
  • Maximum Burst Size (max-burst-size)
  • QoS Class (qos-class)
  • Validate PCR of Best-Effort VCCs (validate-pcr-of-best-effort-vccs)
  • Negotiate QoS (negotiate-qos)
  • Accept QoS Parms from LECS (accept-qos-parms-from-lecs)
  • Accessing the QoS Configuration Prompt
  • Quality of Service Commands
  • LE Client QoS Configuration Commands
  • List
  • Set
  • Remove
  • ATM Interface QoS Configuration Commands
  • List
  • Set
  • Remove
  • Accessing the QoS Monitoring Commands
  • Quality of Service Monitoring Commands
  • LE Client QoS Monitoring Commands
  • List
  • QOS Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Temporary Change Commands

    • Using the Policy Feature

  • Overview of Policy
  • Policy Decision and Enforcement
  • Policy Objects
  • LDAP and Policy Database Interaction
  • Policy Schema
  • Generating Rules
  • Configuration Examples
  • IPSec/ISAKMP Policy with QoS
  • IPSec/ISAKMP Only Policy
  • Drop All Public Traffic (Filter Rule)
  • Configuring and Enabling the LDAP Policy Search Engine
  • Policy Quick Config Example
  • Predefined Policy Objects

    • Configuring and Monitoring the Policy Feature

  • Accessing the Policy Configuration Prompt
  • Policy Configuration Commands
  • Add
  • Change
  • Copy
  • Delete
  • Disable
  • Enable
  • List
  • Qconfig
  • LDAP Policy Server Configuration Commands
  • Disable LDAP
  • Enable LDAP
  • Set Default-Policy
  • Set LDAP
  • Set Refresh
  • Accessing the Policy Monitoring Prompt
  • Policy Monitoring Commands
  • Cache-LDAP-Plcys
  • Check-Consistency
  • Disable
  • Enable
  • Flush-Cache
  • Reset
  • Search
  • Status
  • List
  • Test
  • Policy Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Commands
  • CONFIG (Talk 6) Immediate Change Commands

    • Using IP Security

  • IP Security Overview
  • Using Secure Tunnels
  • IP Security Concepts
  • IP Security Terminology
  • IP Authentication Header
  • IP Encapsulating Security Payload
  • Using AH and ESP
  • Security Associations
  • Tunnel Mode and Transport Mode
  • Tunnel-in-Tunnel Mode
  • Path Maximum Transmission Unit Discovery
  • Diagram of a Network with an IP Security Tunnel
  • Using the Internet Key Exchange
  • Internet Key Exchange Phases
  • Negotiating an IP Security Tunnel
  • Using Public Key Infrastructure
  • Configuring PKI
  • Using Manual IP Security (IPv4)
  • Using Manual IP Security (IPv6)

    • Configuring and Monitoring IP Security

  • Configuring Internet Key Exchange (IPv4)
  • Configuring Public Key Infrastructure (IPv4)
  • Obtaining a Certificate
  • Public Key Infrastructure Configuration Commands
  • Add
  • Change
  • Delete
  • List
  • Load
  • Configuring Manual IP Security (IPv4)
  • Configuring the Algorithms
  • Configuring Encryption Keys
  • Accessing the IP Security Configuration Environment
  • Manual IP Security Configuration Commands
  • Add Tunnel
  • Change Tunnel
  • Delete Tunnel
  • Disable
  • Enable
  • List
  • Set
  • Configuring a Manual Tunnel (IPv4)
  • Configuring the Tunnel for Router A
  • Configuring the Tunnel for Router B
  • Example: Manually Configuring an IP Security Tunnel with ESP
  • Example: Manually Configuring an IP Security Tunnel with ESP and ESP-NULL
  • Configuring Manual IP Security (IPv6)
  • Configuring the Algorithms
  • Configuring Encryption Keys
  • Accessing the IP Security Configuration Environment
  • Manual IP Security Configuration Commands
  • Configuring a Manual Tunnel (IPv6)
  • Creating the IP Security Tunnel for Router A
  • Configuring Packet Filters for Router A
  • Configuring Packet Filter Access Control Rules for Router A
  • Resetting IP Security and IP on Router A
  • Creating the IP Security Tunnel for Router B
  • Configuring Packet Filters for Router B
  • Configuring Packet-Filter Access Control Rules for Router B
  • Resetting IP Security and IPv6 on Router B
  • Example: Configuring an IP Security Tunnel with ESP
  • Example: Configuring an IP Security Tunnel with ESP and ESP-NULL
  • Monitoring Manual IP Security (IPv4)
  • Accessing the Internet Key Exchange Environment
  • Internet Key Exchange Monitoring Commands
  • Accessing the Public Key Infrastructure Environment (IPv4)
  • Public Key Infrastructure Monitoring Commands
  • Accessing the IP Security Monitoring Environment (IPv4)
  • IP Security Monitoring Commands (IPv4)
  • Monitoring Manual IP Security (IPv6)
  • Accessing the IP Security Monitoring Environment
  • IP Security Monitoring Commands (IPv6)
  • IP Security Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Commands
  • GWCON (Talk 5) Temporary Change Commands
  • Non-Dynamically Reconfigurable Commands

    • Using the Differentiated Services Feature

  • Overview of Differentiated Services
  • Understanding the DiffServ Codepoint
  • Understanding the Meters and Policer
  • Understanding Buffer and Queue Management
  • Understanding the Scheduler
  • Differentiated Services Terminology
  • Configuring Differentiated Services

    • Configuring and Monitoring the Differentiated Services Feature

  • Accessing the Differentiated Services Configuration Prompt
  • Differentiated Services Configuration Commands
  • Delete
  • Disable
  • Enable
  • List
  • Set
  • Accessing the Differentiated Services Monitoring Environment
  • Differentiated Services Monitoring Commands
  • Clear
  • DScache
  • List
  • Differentiated Services Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • Non-Dynamically Reconfigurable Commands

    • Using the Random Early Detection Feature

  • Using Random Early Detection

    • Configuring and Monitoring the Random Early Detection Feature

  • Accessing the Random Early Detection Configuration Prompt
  • Random Early Detection Configuration Commands
  • Delete
  • Disable
  • Enable
  • List
  • Set
  • Accessing the Random Early Detection Monitoring Environment
  • Random Early Detection Monitoring Commands
  • Clear
  • List

    • Using Layer 2 Tunneling (L2TP, PPTP, L2F)

  • Overview of L2TP
  • L2TP Terms
  • Supported Features
  • Timing Considerations
  • LCP Considerations
  • Configuring Layer 2 Tunneling

    • Configuring and Monitoring Layer 2 Tunneling Protocols

  • Accessing the L2T Interface Configuration Prompt
  • L2 Tunneling Interface Configuration Commands
  • Disable
  • Enable
  • Encapsulator
  • List
  • Set
  • Accessing the L2 Tunneling Feature Configuration Prompt
  • L2 Tunneling Feature Configuration Commands
  • Add
  • Disable
  • Enable
  • Encapsulator
  • List
  • Set
  • Accessing the L2 Tunneling Monitoring Prompt
  • L2 Tunneling Monitoring Commands
  • Call
  • Kill
  • Memory
  • Start
  • Stop
  • Tunnel
  • L2 Tunneling Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • CONFIG (Talk 6) Immediate Change Commands
  • Non-Dynamically Reconfigurable Commands

    • Using Network Address Translator

  • Network Address Port Translator
  • Static Address Mappings
  • NAT Static Address Mapping
  • NAPT Static Address Mapping
  • Setting Packet Filters and Access Control Rules for NAT
  • Example: Configuration of NAT With IP Filters and Access Control Rules

    • Configuring and Monitoring Network Address Translator

  • Accessing the Network Address Translator Configuration Environment
  • Network Address Translator Configuration Commands
  • Change
  • Delete
  • Disable
  • Enable
  • List
  • Map
  • Reserve
  • Reset
  • Set
  • Translate
  • Accessing the Network Address Translator Monitoring Environment
  • Network Address Translator Monitoring Commands
  • List
  • Reset
  • NAT Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Commands
  • CONFIG (Talk 6) Immediate Change Commands

    • Using a Dial-In Access to LANs (DIALs) Server

  • Before Using Dial-In-Access
  • Configuring Dial-In Access
  • Configuring Dial-In Interfaces
  • Before Configuring Dial-Out Interfaces
  • Null Modem Usage
  • Configuring Dial-Out Interfaces
  • Before Configuring Global DIALs Parameters
  • Server Provided IP Addresses
  • Dynamic Host Configuration Protocol (DHCP)
  • Dynamic Domain Name Server (DDNS)

    • Configuring DIALs

  • Accessing the DIALs Global Configuration Environment
  • DIALs Global Configuration Commands
  • Add
  • Delete
  • Disable
  • Enable
  • List
  • Set
  • Accessing the DIALs Global Monitoring Environment
  • DIALs Global Monitoring Commands
  • Clear
  • List
  • Reset
  • dial-out Interface Configuration Commands
  • Set
  • Monitoring Dial-In Interfaces
  • Monitoring dial-out Interfaces
  • Clear
  • List
  • DIALs Server Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Commands
  • CONFIG (Talk 6) Immediate Change Commands
  • Non-Dynamically Reconfigurable Commands
  • Dial-Out Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface Command
  • GWCON (Talk 5) Activate Interface Command
  • GWCON (Talk 5) Reset Interface Command

    • Using DHCP Server

  • Introduction to DHCP
  • DHCP Operation
  • Lease Renewals
  • Client Movement
  • Changing Server Options
  • Number of DHCP servers
  • A Single DHCP server
  • Multiple DHCP servers
  • BOOTP Servers
  • Special DHCP Clients
  • Lease Times
  • Concepts and Terminology
  • DHCP Server and Lease Parameters
  • DHCP Options
  • Option Formats
  • Base Options Provided to the Client
  • IP Layer Parameters per Host Options
  • IP Layer Parameters per Interface Options
  • Link Layer Parameters per Interface Options
  • TCP Parameter Options
  • Application and Service Parameter Options
  • DHCP Extensions Options
  • IBM-specific Options
  • Vendor Options
  • Configuring IP for DHCP
  • Adding an IP Address
  • Using IP Simple-Internet-Access
  • Sample DHCP Server Configuration
  • ASCII Text File
  • OPCON (Talk 6) Configuration

    • Configuring and Monitoring DHCP Server

  • Accessing the DHCP Server Configuration Environment
  • DHCP Server Configuration Commands
  • Add
  • Change
  • Delete
  • Disable
  • Enable
  • List
  • Set
  • Accessing the DHCP Server Monitoring Environment
  • DHCP Server Monitoring Commands
  • Disable
  • Enable
  • List
  • Reset
  • Request
  • DHCP Dynamic Reconfiguration Support
  • CONFIG (Talk 6) Delete Interface
  • GWCON (Talk 5) Activate Interface
  • GWCON (Talk 5) Reset Interface
  • GWCON (Talk 5) Component Reset Commands
  • GWCON (Talk 5) Temporary Change Commands
  • Non-Dynamically Reconfigurable Commands

    • Configuring and Monitoring VCRM

  • Accessing the VCRM Configuration Environment
  • Accessing the VCRM Monitoring Environment
  • VCRM Monitoring Commands
  • Clear
  • Queue

    • Appendix A. Remote AAA Attributes

  • Radius
  • Keywords
  • Example of RADIUS Configuration File
  • TACACS+

    • Appendix B. List of Abbreviations

    Glossary

    Index

    [ Top of Page | Previous Page | Next Page | Table of Contents | Index ]