Kentrox Q2200 User manual

QoS Access Router

User’s Guide

Q2200 T1 Router

Q2300 Ethernet Router

Q2400 QoS Router

Hardware Reference

Router Management

Advanced Features

Operation

Diagnostics

Specifications

Software Release 1.35

Document #650-00319-04

Printed in the U.S.A.

Specifications published here are current or planned as of the date of publication

of this document. Because we are continuously improving and adding features to

our products, Kentrox reserves the right to change specifications without prior

notice. You may verify product specifications by contacting our office.

In no event shall Kentrox be liable for any damages resulting from loss of data,

loss of use, or loss of profits. Kentrox further disclaims any and all liability for

indirect, incidental, special, consequential or other similar damages. This dis-

claimer of liability applies to all products, publications and services during and

after the warranty period.

Additional copyrights applicable to portions of this product:

Trademark

information

Kentrox is a registered trademarks of Kentrox, LLC.

Q-Series is a trademark of Kentrox, LLC.

SafeNet is a registered trademark of SafeNet, Inc.

All other product names are trademarks or registered trademarks of their

respective owners.

Revision history

If you need

assistance

If you need assistance with this product or have questions not answered by this

manual, please first contact your reseller or visit our Support page on the Kentrox

web site at www.kentrox.com.

Part # Date Description

650-00319-00 February 2004 Initial release, v1.00, Q2200

650-00319-01 March 2004 Second release, v1.01, Q2200

650-00319-02 April 2004 Third release, v1.20, Q2300

650-00319-03 December 2004 Fourth release, v1.30, Q2200, Q2300

and Q2400

650-00319-04 March 2006 Fifth release, v1.35, Q2200, Q2300,

and Q2400

Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Chapter 1 Introduction to the Q-Series™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

Router features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

Typical applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

Using VPN to ensure a secure connection between remote peers. . . . . . . . . . . . . . . . . . .21

Using VPN to allow remote clients to access your network . . . . . . . . . . . . . . . . . . . . . . .22

Protecting critical traffic with QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Deployment planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Chapter 2 Hardware reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Front panel description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28

Rear panel description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

Cable connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Power-on and power-down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

Chapter 3 Accessing the router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Using the router GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Using the router CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Adding and managing users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Setting options for remote management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Configuring and using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Chapter 4 Configuring system-wide parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Setting the system date and time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

Managing logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Adding a system contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

Updating the system software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Saving the system configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Restarting the system and resetting to factory defaults . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Chapter 5 Interface configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Ethernet LAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Ethernet Port 5 (Ethernet WAN models only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67

T1 Ports (T1 WAN models only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72

Chapter 6 Routing features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

4Contents

DHCP services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

DHCP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84

DHCP relay agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88

DHCP client (Ethernet WAN models only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

DNS client and relay agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Mapped IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Chapter 7 Quality of Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

QoS in the router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98

DiffServ overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Understanding traffic management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105

Configuring QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Configuring the WAN interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Configuring the LAN interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Changing DSCP mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

QoS interaction with other router features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Using QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116

Chapter 8 Lists. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Creating lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124

Chapter 9 Virtual Private Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Common VPN configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

VPN in the router. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Configuring a VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Phase 1: Gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135

Phase 2: Tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

VPN Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

Special considerations for using VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Chapter 10 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Firewalls in the router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Configuring an IDS Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Configuring ACL firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

ACL policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

Using Application Layer Gateways (ALGs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

Firewall logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

Chapter 11 Monitoring traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

QoS Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

Policy Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157

Latency Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158

Chapter 12 Monitoring the interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Ethernet Ports 1-4 interface monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Ethernet Port 5 interface monitoring (Ethernet WAN models only) . . . . . . . . . . . . . . . .163

PPPoE monitoring (Ethernet WAN models only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166

T1 WAN interface monitoring (T1 WAN models only) . . . . . . . . . . . . . . . . . . . . . . . . .167

Frame Relay monitoring (T1 WAN models only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172

DLCI statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174

PPP monitoring (T1 WAN models only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176

Alarm Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178

Chapter 13 Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188

Chapter 14 Diagnostics and testing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

Loopbacks (T1 WAN models only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193

Appendix A Cable specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

Appendix B System specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Appendix C System defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211

Appendix D SNMP support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

6Contents

Preface

This manual covers usage instructions for Kentrox Q-Series™ QoS Access

routers (“the router”). It also contains product specifications and system default

values.

Who should use this

manual?

This manual is intended as a conceptual overview and reference for network plan-

ners, managers, and administrators of the router. The person responsible for

managing the router is referred to in this document as the network administrator.

Viewing this manual

as a PDF file

This manual is designed to be used as both a printed book and a PDF file, and

includes the following features for PDF viewing:

■Cross-references are clickable hyperlinks that appear in blue text.

■Chapters and section headings are represented as clickable bookmarks in the

left-hand pane of the Acrobat viewer.

■Page numbering is consistent between the printed page and the PDF file to

help you easily select a range of pages for printing.

You can obtain PDF files of our manuals by visiting http://www.kentrox.com.

Related publications The following provide additional information about this product:

■Additional PDF manuals, including the Setup Guide and the CLI Guide, are

located at the web site or on the CD-ROM

■Q-Series product pages: http://www.kentrox.com/Q-Series

■Q2200 product page: http://www.kentrox.com/Q2200

■Q2300 product page: http://www.kentrox.com/Q2300

■Q2400 product page: http://www.kentrox.com/Q2400

Conventions used in

this manual

Variables Italic type identifies variable syntax elements, such as values

or alphanumeric strings, that you can enter.

x|y A vertical line (pipe) between elements means that the ele-

ments are mutually exclusive; you can select one and only

one of the elements.

[ ] Brackets indicate items that are optional.

<> Angle brackets indicate that items are required.

filenames Filenames appear in Courier font, for example,

commands.txt.

commands Command line interface commands also appear in Courier

font, for example, dhcp server set subnet.

QoS Access Router User’s Guide 8

Preface

Key names The names of keyboard keys are spelled as they appear on the

keyboard and bolded, for example, Esc, Enter.

Pathnames The pathname to GUI pages as they exist on the “bread

crumb bar”, for example, Monitor > System.

Admonishments Important safety admonishments are used throughout this manual to warn of pos-

sible hazards to persons or equipment. An admonishment identifies a possible

hazard and then explains what may happen if the hazard is not avoided. The

admonishments, in the form of Dangers, Warnings, and Cautions, must be fol-

lowed at all times. These warnings are flagged by use of the triangular alert icon

(seen below), and are listed in descending order of severity of injury or damage

and likelihood of occurrence.

DANGER!

Danger is used to indicate the presence of a hazard that will cause severe per-

sonal injury, death, or substantial property damage if the hazard is not avoided.

WARNING!

Warning is used to indicate the presence of a hazard that can cause severe per-

sonal injury, death, or substantial property damage if the hazard is not avoided.

CAUTION!

Caution is used to indicate the presence of a hazard that will or can cause minor

personal injury or property damage if the hazard is not avoided.

9QoS Access Router User’s Guide

General safety precautions

General safety

precautions

This equipment has been designed to the highest quality standards of materials,

workmanship and safety. Do not bypass any of the safety features of this equip-

ment or operate this equipment in an improper environment.

WARNING!

To avoid hazard from electrical shock and/or fire, adhere to the safety practices

listed in this section and identified within the instructions of this document.

Use caution when installing or modifying communication lines. Dangerous volt-

ages may be present. It is unsafe to install communication wiring during a

lightning storm.

Always disconnect all communication lines at the network interface and power

connections from the wall outlets before servicing or disassembling this

equipment.

All wiring external to the product(s) should follow the provisions of the current

local and national building codes or any wiring rules that apply.

The router should be installed so that users have easy access to the wall outlet that

the AC power cord is plugged into. This is important so that power can be

removed quickly if there is a problem with the router or with the power adapter.

WARNING!

Potentially hazardous voltages inside. Service should be performed only by quali-

fied personnel.

ADVERTISSEMENT!:

Tensions Dangereuses à l'intérieur. Confier la maintenance à une personne

qualifiée.

WARNING!

This equipment is electrically grounded only when it is connected to a grounded

AC power outlet using the supplied AC-DC power adapter.

10 Preface

Other manuals for q2200

This manual suits for next models

Other Kentrox Network Hardware manuals

Kentrox

Kentrox DataSmart 486 User manual

Kentrox

Kentrox RMM-1400 User manual

Kentrox

Kentrox RMX-3200 User manual

Popular Network Hardware manuals by other brands

socomec

socomec SNMP Card II quick start guide

NVR SYSTEMS

NVR SYSTEMS 4-CH user manual

Draytek

Draytek VigorSwitch G1240 quick start guide

Westermo

Westermo TD-34 LV installation manual

LaCie

LaCie Network Space MAX Quick install guide

ZoneVu

ZoneVu ZSI-450-IP Installation guide & user manual

QNAP

QNAP Turbo NAS Application notes

OpenEye

OpenEye MV Series quick start guide

Huawei

Huawei SmartAX MT880a quick start guide

Proxim

Proxim Tsunami QuickBridge 2454-R installation guide

Bay Networks

Bay Networks CLAM quick start guide

Innodisk

Innodisk SATADOM-SH 3SE Series manual

Cisco

Cisco CGR 1000 Series Getting connected guide

Matrix Switch Corporation

Matrix Switch Corporation MSC-HD161DEL product manual

National Instruments

National Instruments NI 653x user manual

B&B Electronics

B&B Electronics ZXT9-IO-222R2 product manual

Yudor

Yudor YDS-16 user manual

D-Link

D-Link ShareCenter DNS-320L datasheet

Kentrox q2200 User manual

Popular Network Hardware manuals by other brands