Perle P841 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Perle P841, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Perle P841 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Perle P841. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Perle P841 should contain:
- informations concerning technical data of Perle P841
- name of the manufacturer and a year of construction of the Perle P841 item
- rules of operation, control and maintenance of the Perle P841 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Perle P841 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Perle P841, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Perle service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Perle P841.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Perle P841 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Perle P840 Bridge/Router Reference Manual All So ftw are Versio n s Pa rt numb er 5500084-12 © cop yright 2002 b y P erle System s Ltd.[...]

  • Page 2

    [...]

  • Page 3

    1 1 Introduc tion Th e P840 rou te r Th e P 840 ro ut er p ro vide s I P an d I PX r o utin g c om b in ed with a pr ot o co l tr ansp ar en t brid ge. This br idge /r out er com b in atio n is ofte n the bes t sol u ti on to li nk i ng re motel y l oca ted LANs w here mos t of the tra f fi c i s IP or IPX w i th sma l le r amou nts of traf fi c fr[...]

  • Page 4

    Introduction 2 ARP —Addr es s Re sol ut ion Prot ocol A protocol cal l ed ARP (Addres s R es olu ti on Protoc ol) i s u sed to dete rmine the MAC a dd res s of a pa rti cu l ar IP ad dres s . The MAC (Medium Acces s Control) address i s u niq ue predefi ned number for each devi ce on the LAN. The manu factu rer of the devi ce assi gns MAC a ddres[...]

  • Page 5

    Introduction 3 • Lo cal ro ut er will r eceiv e the data fra me and strip off the MAC portion. The resu lting IP frame w ill be e xam in ed to determ ine th e destination IP address. • Lo cal ro ut er will lo ok in its ro uting t able t o fin d t he I P add re ss o f th e r o ute r t o sen d th e I P fr ame to nex t. Th e loc al ro uter will se[...]

  • Page 6

    Introduction 4 Protocol The protocol se cti on i s u se d to i ndi ca te the protoc ol be i ng u s ed by the trans port l ay er. Thi s cou l d be TC P, U DP , or som et h ing else . Time to live The time to liv e secti on is u sed to prevent a fr ame from traver sin g the networ k forever. Th is field c ontai ns a nu mbe r (m axim um 255) t h at is[...]

  • Page 7

    Introduction 5 ICMP Messages Internet Control Mess ag e P rotocol (ICMP ) mess a ge s a re u se d to perf orm sta ti on a nd rou ter protocol pa rtic ipa ti on. ICMP me ssages are p a ssed be twe en r o uter s, or b etwe en ro uter s an d stat ion s. Th er e ar e seve ral differe nt m essages, as discussed bel ow. Unr eac ha bl e The “ unre ac ha[...]

  • Page 8

    Introduction 6 RIP— Rou ti n g Inf orm a ti on Pr otocol The most importa nt func tion of the IP protocol i s routi ng . IP route rs c onsta ntl y exc hang e i nforma ti on k eepi ng the ir rou ti ng tabl es up to d ate . A method o f com m un ica tion is requi red t o en sur e co mpatib ility b etween all IP routers in the n etwork . RIP is the [...]

  • Page 9

    Introduction 7 IPX Rou tin g and Th e P840 route r Th e P 840 ro ute r may b e use d t o r out e be twe en differ e nt I PX ne t wor ks. Nove ll Netwa re uses a su i te of protocols f or LAN commu ni ca ti ons. The Nov el l protoc ol s i ncl u de IP X, S PX , R IP, SAP , pl u s others, and opera te a t la ye rs 3 a nd a bove . Thes e protocol s , t[...]

  • Page 10

    Introduction 8 Node Addres se s The Node Nu mber identifi es th e indivi dua l stations in a Network. In IPX devi ces, this a ddress i s a ssi gned au toma ti cal l y a nd i s i de ntic al to the MAC a ddr ess . Th i s mean s that the Node Numb er i s se l f-con f ig ur in g, and will be uni q u e w i thin the Ne twork be ca us e the MAC a ddr ess [...]

  • Page 11

    Introduction 9 Est ablishing an IP X Connec tio n Th e N etwar e m odel is Clie nt /Ser ver , wh ere C lien ts in itiat e c alls t o Se rve rs fo r var io us p urp o ses . T he Clie n ts are made aware of the presenc e of S erv ers by l is teni ng for S erv ic e Adv erti s ement P rotocol (SAP ) broa dca sts . S erv ers s end SAP broad ca sts regu [...]

  • Page 12

    Introduction 10 SAP Reques ts So m et ime s C lien t s will n eed to find o ut if a sp ec ific S er ver is available. Th is m ay o ccur im med iate ly aft er a Clie n t is brought up, and before i t h as receiv ed any SAP bro adcas ts. The Cli ent (o r a new Serv er) sends out a SAP Req ues t br o adc ast as king f or a sp ec ific S er ver . T h at[...]

  • Page 13

    Introduction 11 RIP /X Requests A Cl i ent may al s o req ue st a rou te to a gi v en netw ork or serv er. To d o so, the Cli ent g ene rates a R ou te Re q ue st br o adc ast th at th e ro ute r s h ear , an d r o ute rs th at kno w of the ro ute reques te d will re s pond to the ori g ina ti ng sta ti on. In this wa y a new Cli ent may fi nd rou [...]

  • Page 14

    Introduction 12 The I nitia l Bridg ing Pro c ess Eac h t i me a P840 r out er is p owe r ed up , it will p er fo rm ex t en sive h ardware an d soft ware test s to en sure th e int egr ity of the unit and it s att ache d LA N and L ink int erf aces. U pon successful complet io n of the pow er-u p diag nos ti cs, th e P840 r oute r wil l foll ow ru[...]

  • Page 15

    Introduction 13 Forw arding Unk now n De stinatio n Addre sse s When a frame is receiv ed from a LAN segment with an unk nown destination address (an address that does not yet ex ist in th e filt er ta ble ) , t he br idge will f or ward t he fr ame t o t he o t he r segm e nt , lo gging th e addr ess , an d m ar king t he loc ati on a s “ u nk n[...]

  • Page 16

    Introduction 14 Agin g E xce pt ion “Perma nent” address entries are an exception to the agi ng rul e. A permanent address i s one that is not subj ect to th e aging tim er an d will rem ain in t he filt er t able fo r an in defin ite p er io d of tim e. A tabl e i s res erv ed for perma nent ad dres s entri es , s epara te f rom the ta ble tha[...]

  • Page 17

    Introduction 15 P840 rou ter Fe atu re De fin iti ons Tel n et A T eln et LA N stat io n or anot h er P840 r out er h as th e abilit y t o c o n ne ct t o t he Op erat or I nt er face o f an y P840 r o ute r su pporti ng the Tel net f ea ture . W ith the T eln et f eat ure , a ll of yo ur P840 ro uter s may be manage d fr o m a singl e point. Once [...]

  • Page 18

    Introduction 16 0 1 2 3 4 5 6 7 Graphic Database Post Script ASCII C Source Spreadsheet Binary Pre-compressed Fi le Ty pe Compres sion Ratio Fi gu re 1 — 5 Typ ica l C omp ressio n Rati os b y F ile Type Dat a co m p re ssion will give a 56/64 Kbp s link an effec tive t hr oughp ut ran ge fro m 112/128 Kb ps whe n tr ansfer rin g binar y files, t[...]

  • Page 19

    Introduction 17 WAN T op olo gies Th e P840 ro ut er m ay b e c o n ne ct ed to ot h er P840 r out er s in two co nfigurat io n s: M ultip o int or PPP M ultilin k. The WAN routing method used is set in the Re mote Site profile def ined in t he Remo te Site Set-Up Menu. Mult ilink In a Mult ilink co n figurat ion, two P840 ro ut er s are connected [...]

  • Page 20

    Introduction 18 To set u p a Ba ndw id th on Dema nd i ns tal l a tion, you mus t choos e the throu g hput l ev el tha t w ill be r e quire d fo r act ivatin g the st and -b y link. Th e th ro ughput level is m eas ure d in p er ce n t age o f use o f t h e p r imar y link. Th is per cen tage level is def ine d by th e Up Thr esh old p arame ter in[...]

  • Page 21

    19 2 ISD N Conne cti on M ana gem ent P840 ISD N Co nnectio n Manag ement In t h e wo r ld o f IS DN th e ab ility t o de cr ease connection t ime is a finan cial bonu s in th e LA N in terconnecting marketpl ace. If ISDN connec ti ons ca n be contr oll ed so tha t a mini mu m am ount of cos t i s in cu rre d w hi le f ull LAN in terconne c ti ng f[...]

  • Page 22

    ISDN Connection Management 20 Aut o-Call (Tim e- of-Day Conn ect ions) An Aut o -C all con n ect ion is an I SD N co n ne ct io n t hat is est ab lishe d eac h time t h e P840 att em p ts to start th e li nk. This start ing o f the lin k s oc c urs each ti me a P 840 po wers up o r when the lin k go es thro u gh a re st art or at th e tim es sp eci[...]

  • Page 23

    ISDN Connection Management 21 Address Conn ect An Add res s Connec t connec tion i s a n ISDN c onnecti on tha t i s es tabl i s hed to a s peci fi c des ti na tion P 8 40 dependent u pon the desti na tion net work address cont a ined w ithin traf f ic r eceive d fr om t he l ocal L A N. When a devi ce on the local LAN wi shes to establi sh a ses s[...]

  • Page 24

    ISDN Connection Management 22 Com binat ion A combi na ti on of the Addre ss Con nect an d A uto-C all opt io ns m ay be c o nf i gur ed whe n a se mi-per manent conne c ti on is req ui red to one remote site an d a dyn amic conne c tio n is r e quired to mul ti ple sites. A dyna mic connect ion i ndica t e s th at th e r e m ot e sit e f or t he s[...]

  • Page 25

    ISDN Connection Management 23 Protocol A waren es s For Co nn ection M anagement to be effective, each of the P840s must be aware of th e pro tocols used within the data being transferred over the ISDN call s between them . IP an d IPX C lien t- Se rve r se ssion s are es tablis hed b etw ee n devi ces loca ted o n t he LA Ns t hat are ro uted by t[...]

  • Page 26

    ISDN Connection Management 24 P840 Session Pa rtici pation ( Spoofing) Whi le an IS DN cal l i s up an d connected , a ll tra ff ic w ithin the s es s ions will be c o ns idere d interes ting a nd will be tr an sfer re d t o th e par tn er P840 acr oss t h e I SD N call. Wh en t h e P840 det erm ine s th at th e I SD N call i s to b e suspe n ded ,[...]

  • Page 27

    ISDN Connection Management 25 Term inat ion Proces s Whe n th e P840 has de te rm in ed t hat t here are no ses sion s acti ve on a n ISDN call, the P 840 will att e mpt to clo se the ca l l. I f the partner P 840 st ill ha s s e ssions assign ed to t hat call , t he call will be m ain tain ed unt il each sid e h as determ ined t hat there are no a[...]

  • Page 28

    ISDN Connection Management 26 IP X Spec ifics RIP/IPX and SA P/IPX P840 ISD N r out er s in co rp orat e a 3 sec on d sett lin g tim e fo r IP X RIP and SAP upd ate s. T his m eans th at a P840 will wait fo r th ree se co nds aft er an in itial ch ange in t he n et wo rk is re p or t ed b efor e tr an sm itt in g th at ch an ge o n to the re main i[...]

  • Page 29

    27 3 Interfaces Reference Pino ut I nfo rm ati on Conso le Connec to r Th e con so le c on nect or o n th e P840 is a DC E in t er fac e o n a RJ 45 pino ut . T he supp lied DB 9 t o RJ 45 con ver te r sh ould b e us ed t o co n ne c t t o t he D B9 c o nn ect or of a D TE te r min al. Th is co nne ct ion will t hen p ro vide a ccess to the bui l t[...]

  • Page 30

    28 4 Event Logs Th e P 840 ro ut er gen er ates eve n t lo gs fo r vario us fun ct io ns p erfo rm ed by t he b ridge /r o ute r. All o f t h e e ven t logs are sto r ed in the internal ev ent log fi l e, whi ch is acces si ble throug h the Network Ev ents menu. Certain event logs are classi fi ed as alarms becau se they are deemed to b e of higher[...]

  • Page 31

    Event Logs 29 Compl eted BCP neg oti ati on w i th <re mote s i te a li a s > Genera ted w hen the Bri d gi ng Control Protoc ol negoti a ti on has been c omple ted w i th the remote s i te dev i ce ass ociated with t he stated rem ote site profile. Once BCP neg otiations a re comp lete, IP routi ng may tak e place betw een th e two routers. [...]

  • Page 32

    Event Logs 30 Error executing: XXXXXX Genera ted whe n an error i s d etec ted loa di ng bac k a c onfi g ur ati on. The inv a li d com man d i s sp ec i fie d. Idle timeout expired, dis conected ISDN link has ha d no t raffi c for longer than specifi ed by the idle ti mer and has been disconnected. Incorrect pa ss w ord f rom < IP ad dres s >[...]

  • Page 33

    Event Logs 31 LCP X a u thenti ca ting pe er wi th PAP Generated when th is devi ce is u sing PAP to authenticate the peer (rem ote) device. LCP X esta bl i shi ng Gen er ated wh en th e Lin k Con tr ol Pr ot oco l of a PPP link o r re mo te site is est ablishing betwe en th is device and t he r em ot e site PPP device. LCP X no rep ly to Y Echo-Re[...]

  • Page 34

    Event Logs 32 Res tori ng boot DNLDSEG config u ra tion Genera ted u pon ente ring Netw ork Load Mode to i ni ti al i z e s peci fi c c onfi g ura ti on i nforma ti on re qu i red for retriev i ng new code i mag e. Generated upon enter ing operat i onal afte r a successful c od e bur n into fl ash . Res tori ng boot EEP RO M confi gu ra ti on Gener[...]

  • Page 35

    Event Logs 33 Sta rting IPX CP neg oti ati on w i th <re mote s i te a li a s> Genera ted when the Internet P ac ke t Excha ng e Control Pr otocol neg otia ti on has bee n ini ti a ted w i th the remote site device a ssoci ated wi th th e stated remote site profile. St atio n ad dr ess t able h as bee n fille d Ge n er at ed whe n th e stat i[...]

  • Page 36

    Event Logs 34 Ala rm log s: * Bad i nternal block check su m detected Ge n er at ed wh en power up diag nos tics fi nds a fault in th e in te rn al b lock of t he EEPRO M. * Clos i ng remote s i te X (ca l l l im it) Generated when the specified nu mber o f cal ls has been exceeded. * Clos ing r em o te sit e X (c allb ack failur e) Generated when [...]

  • Page 37

    Event Logs 35 * Cl osi ng re mote si te X (su s pens ion ti meou t) Genera ted d ue to rea ching m ax imum t ime th at the connection ma y b e suspe nded. * Clos ing r em o te sit e X ( usage lim it) Genera ted d ue to reachin g u s ag e limit fo r t his 24 hour pe rio d. * Co n fig. er ase faile d Ge n er at ed wh en, dur ing a sof twar e updat e,[...]

  • Page 38

    Event Logs 36 * DH CP s erv er – ou t of a ddre ss es in IP pool Genera ted w hen the la s t add res s f rom the DHCP IP Ad dres s pool has been as s ig ned to a de vi ce . * Dow nl oad a borted – Incomp lete f ile Ge n er at ed wh en a T FT P do wn load is ab or ted b efor e t h e file t ran sfer is co m ple t e * Download abor ted – Invalid[...]

  • Page 39

    Event Logs 37 * FTP server added t o firewall The IP addres s of the FTP serv er added to the table of s ervi ces a va il a ble through the firew al l. * FTP serv er removed from fire wa ll Th e I P addre ss of th e FTP server re m oved fr o m t he ta ble of servi ces available throu gh the f ire w a ll. * IS DN BRI interfa ce dea cti va ted Genera[...]

  • Page 40

    Event Logs 38 * Li nk X Di sconne ct: Y Genera ted w hen the d i sconne ct of a n ISDN c al l i s c omple ted. This ev ent i s g ene rate d on both si de s of the IS DN ca ll. T he cause will b e o ne o f t he cause s as spec ified in the CCIT T Reco mme nd atio n Q.931. Cause s of “ normal ca ll cl eari ng ” , “ U ser bu sy ”, and “Nu mb[...]

  • Page 41

    Event Logs 39 Code De sc ri ption 055 056 057 058 063 065 In com in g calls b ar red w ith in CUG Call wa itin g n ot s ub scr ibed Bearer cap ab ility no t a uth orized Bearer ca p ab ility n ot p res ent ly a vaila ble Serv i ce or option not available, unsp ecified Bearer cap abilit y no t im plemen ted 06 6 C hanne l type not impl e mente d 067[...]

  • Page 42

    Event Logs 40 * Lin k X do wn Gen erated when a WAN link goes down. * Li nk X dow n to < remote si te a l i as > Genera ted whe n a P PP ISDN c al l to a remote si te is dropped . * Li nk X dow n to < remote si te a l i as > Generated when a W AN li nk connect ion to th e specif ied remote site goes down. * Li nk X Incomi ng Data Ca l l[...]

  • Page 43

    Event Logs 41 * Local DNS ser ver added to firewal l The IP addres s of the Local DNS server a dded to th e table of servi ces av ai la ble throug h the firewa ll . * Local DNS serv er removed from f irewa l l Th e I P addr ess of th e L oc al DNS ser ver r e mov ed fr om t he ta ble of se rvices availabl e throu gh the f ir ew a ll . * NAT UDP flo[...]

  • Page 44

    Event Logs 42 * Old down load m et h od ! L o ad in ”*. all” file Ge n er ate d wh e n an at te m pt is made to lo ad a *.f cs o r *.lda f or m at p rogr am file in to har dwar e whic h will on l y a ccept *.all fo r mat co de . * O l d forma t confi g ura ti on, u si ng de fa u lt Generated when the sa ved co nf ig ur ation doe s not match t[...]

  • Page 45

    Event Logs 43 * R u nni ng i n Sys tem Load mode Ge ne r ate d wh en e nt er i ng Sy ste m Lo ad Mod e in p re para t ion for a downloa d of code to be burn e d into f las h. * SECU RITY ALER T: SNMP commu ni ty < X> ha s wr ite access enabled to “AL L ” hosts The SNMP comm unity di spla yed has had w rite access enabled to all hosts on t[...]

  • Page 46

    Event Logs 44 * U nabl e to bind UD P Boot P ser ver port Generated as a resul t of an internal dev ice error. Try resetti ng the devi ce. If this i s u nsu ccess ful , contact a s ervi ce representativ e. * U na ble to bind UDP DHCP ser ver port Generated a s a resu lt of an i nternal de vi ce error. Try reset tin g the dev ice. If th is is uns u [...]

  • Page 47

    Event Logs 45 PPP Secu rity logs: CHAP a uthe ntica ti on fa i lu re s o termi nate l i nk . Genera ted when the CHAP au thenti ca tion sent by this router i n res ponse to a re qu es t f rom a remote si te i s rejected. CHA P failed for < re m ot e sit e alias> Ge n er ate d when t he re m ot e site r oute r fa iled a C HA P aut he n tic at [...]

  • Page 48

    46 5 Programmable Filtering Pro gra mm ab le filt er in g gives t he ne tw ork manag er t he a b ility to control und er wh at con ditions Et her ne t fra me s are forwa rded acros s bridg e or bridg e/ rou ter ports. There are many rea sons why this mi g ht need to be ac compl is hed , s ome of w hi ch a re sec uri ty, protocol d is cri mi na tion[...]

  • Page 49

    Fil ter in g 47 Se curity—“ Filt e r if Des tinat ion” Filt er if De st in atio n is a funct i on th at allo ws yo u to filter an Et h er n et fr ame b ased o n t h e d est in atio n of its addr es s. If th e destinati on a ddress equal s the address that th e Fil ter if Destination function has been appli ed to, th e frame is fil tered. Exam[...]

  • Page 50

    Fil ter in g 48 Se curit y—“ Filter if S ource ” Fil ter if So urce is a function th at al low s you to fi lter an Ethernet frame if the source a ddress of the fra me equa ls the ad dres s tha t the F ilter if So urce fun ctio n has bee n a ppl ied t o. Exam pl e: Ass u me tha t a P ers onal Compu ter is l oca ted on s eg ment 1 on the l oca [...]

  • Page 51

    Fil ter in g 49 8 Th e b r idge/ r out er will pr o m pt yo u fo r th e L AN th at th e stat io n is loc at ed on ; en te r t he n am e o f the p ar tn er br idge/r out er L AN ( LA N345678, fo r e xam p le) . No t e t h at t h e St at us of th e ad dr ess is m arke d as [ p re sen t] , th e lo cat ion is updat ed t o LA N345678 and the Permanent e[...]

  • Page 52

    Fil ter in g 50 5 From the MAC ADDR ESS F ILTERS ME NU, enter a 1. Th is will p lace y ou a t the fir st EDIT MA C AD DRES S F IL TER MENU screen. At the prompt enter the MAC addre ss for which yo u w ant to sp ecify th e filter . 6 Enter the 1 2 -di gi t Etherne t ad dres s of the hos t sy stem i n the f ol low i ng forma t: 000001020304 (enter a [...]

  • Page 53

    Fil ter in g 51 4 From the MAC AD DRESS FILTERS MENU , make s ure that the Fil ter Operation is currently s et to “nega tiv e”. Th is will c ause t he M AC Ad dr ess Filt er s sp ec ifie d t o be use d fo r fo rwar ding fr am es wit h th e spe cif ied M AC addresse s. 5 At this menu, enter a 1. Th is will p lace y ou a t the fir st EDIT MA C AD[...]

  • Page 54

    Fil ter in g 52 Patt ern F ilter Oper ato rs Th e f ollo wing op erat o rs are use d in cr eat ing Pat te r n f ilte r s an d will b e d iscuss ed furt her in th e follo wing page s. Fo r ad di ti onal i nforma ti on ref er to the octe t loc ati ons di a gra ms at the ba ck of this ma nua l . Ea ch octet l oca ti on may contai n a HEX val ue. - off[...]

  • Page 55

    Fil ter in g 53 In Local Area Netw ork s there ma y be many d i ff erent Netw ork a nd Tra nsport l a yer protocol s tha t coexi s t on the sa me phys i cal medi a . TCP/IP , DECNET, and XNS are j u s t a f ew of the c ommon protocol s i n u se toda y. E ach of thes e protocol s is encapsul ated within an Ethern et frame, and th erefore is transpar[...]

  • Page 56

    Fil ter in g 54 In th is cas e, whenever a frame i s recei v ed, the frame w ill be f ilte re d if th e p rot oco l ty pe is NO T e qual to 0800 (I P) . Onl y one f i lte r patte rn may be u s ed tha t conta i ns the NOT opera tor.[...]

  • Page 57

    Fil ter in g 55 Transp ort Cont rol Prot ocol / In te rne t Prot ocol (TCP/IP) The previ ou s exa mple s how ed how to fi lte r a l l Ethernet f rame s that conta ine d a n IP protocol pa ck et. H ow ev er, IP is us ed as the Netw ork -l aye r protocol for more tha n 4 0 di ff erent Tra nsport-l a yer protoc ols , TCP bei ng onl y one of them. Ther[...]

  • Page 58

    Fil ter in g 56 DEC DE C uses pro t oc o l ty pe s 6000 to 600F , and alth ough som e are un de fine d, a sim p le filter m ask can b e c re at ed t o filte r all DE C t raf fic. Filt er all DE C Th e m ask to filt er all DE C t raffic wo uld be : 1 2-600X The X is a var iable r ep r ese n tin g t he last fo ur bit s (a nib ble) o f t he t yp e. Th[...]

  • Page 59

    Fil ter in g 57 General Restric tio ns Bridg e Fi lter Ma sk s may be crea ted to generall y restri ct acces s for v ari ous pu rposes. Some of these purposes may be to fi lter spec if i c combin at ions of inform atio n. T h is s ect io n will gen era lly d epic t m a sks tha t may be create d to co ntro l tr af fic a cross t he brid ge d LAN netw[...]

  • Page 60

    Fil ter in g 58 Mask Co mbin ati on s Mask com binations may be requ ired to ensu re th at a f rame is suf fi ciently q ua li fi ed before the decisi on to fi lter is mad e. Th e qualifica tion a f r ame must go thro u gh befor e a fil ter d e ci si o n is mad e depe nds on the re as on for t he filter . Nonethel es s, a few ex ampl es bel ow hav e[...]

  • Page 61

    Fil ter in g 59 IP Ro uter P att ern Fi lt ering Pa ttern fi lte ring ma y be u s ed on a ny porti on of the IP f ra me. IP pattern f i l teri ng be hav es the s ame as bri dg e pa ttern fi l teri n g, except the start of the IP frame is off set 0 , becaus e the IP router functi on of the bridge /router handles only the IP f rame its elf. IP pa tte[...]

  • Page 62

    60 6 Frame Formats This a ppendi x prov i de s octe t loc ati ons for the v a ri ou s porti ons of three of the common Etherne t fra mes . Whe n c rea ting pat ter n filte r s t he se diagr ams will assist in th e cor rect defin itio n of th e pat t er n s. Th e off set num be r s are indic at ed by th e numbers a bove the frame representations. No[...]

  • Page 63

    Frame Format s 61 ETHERNET TYPE CODES Type Code Descr ipti on 0800 DOD I P 0801 X.75 I nt ernet 0804 Ch aos net 0805 X.25 Lev el 3 0806 A RP 0807 XN S C om pati b ility 6001 DEC M OP Dum p/Load 6002 DEC M OP Rem ote Con s ol e 6003 DEC DE C NET Phase IV Ro ute 6004 DEC LA T 6005 DEC D ia gnostic P rotocol 6006 DEC Cu sto mer P rotocol 6007 DEC LA V[...]

  • Page 64

    Frame Format s 62 Octet Locations on an IPX Route d Novell Netwa re Frame Octet Location s on a Bridged X NS Frame[...]