FireBrick FB6000 User Manual
   Next

FireBrick FB6000 User Manual

This User Manual documents Software version V1.18.001

Copyright © 2012 FireBrick Ltd.

Revision History

Table of Contents

Preface
1. Introduction
1.1. The FB6000
1.1.1. Where do I start?
1.1.2. What can it do?
1.1.3. Ethernet port capabilities
1.1.4. Differences between the devices in the FB2x00 series
1.1.5. Software features
1.2. About this Manual
1.2.1. Version
1.2.2. Intended audience
1.2.3. Document style
1.2.4. Document conventions
1.2.5. Comments and feedback
1.3. Additional Resources
1.3.1. Technical Support
1.3.2. IRC Channel
1.3.3. Application Notes
1.3.4. White Papers
1.3.5. Training Courses
2. Getting Started
2.1. IP addressing
2.2. Accessing the web-based user interface
2.2.1. Add a new user
3. Configuration
3.1. The Object Hierarchy
3.2. The Object Model
3.2.1. Formal definition of the object model
3.2.2. Common attributes
3.3. Configuration Methods
3.4. Web User Interface Overview
3.4.1. User Interface layout
3.4.1.1. Customising the layout
3.4.2. Config pages and the object hierarchy
3.4.2.1. Configuration categories
3.4.2.2. Object settings
3.4.3. Navigating around the User Interface
3.4.4. Backing up / restoring the configuration
3.5. Configuration using XML
3.5.1. Introduction to XML
3.5.2. The root element - <config>
3.5.3. Viewing or editing XML
3.5.4. Example XML configuration
3.6. Downloading/Uploading the configuration
3.6.1. Download
3.6.2. Upload
4. System Administration
4.1. User Management
4.1.1. Login level
4.1.2. Configuration access level
4.1.3. Login idle timeout
4.1.4. Restricting user logins
4.1.4.1. Restrict by IP address
4.1.4.2. Restrict by profile
4.2. General System settings
4.2.1. System name (hostname)
4.2.2. Administrative details
4.2.3. System-level event logging control
4.2.4. Home page web links
4.3. Software Upgrades
4.3.1. Software release types
4.3.1.1. Breakpoint releases
4.3.2. Identifying current software version
4.3.3. Internet-based upgrade process
4.3.3.1. Manually initiating upgrades
4.3.3.2. Controlling automatic software updates
4.3.4. Manual upgrade
4.4. Boot Process
4.4.1. LED indications
4.4.1.1. Power LED status indications
4.4.1.2. Port LEDs
5. Event Logging
5.1. Overview
5.1.1. Log targets
5.1.1.1. Logging to Flash memory
5.1.1.2. Logging to the Console
5.2. Enabling logging
5.3. Logging to external destinations
5.3.1. Syslog
5.3.2. Email
5.3.2.1. E-mail process logging
5.4. Factory reset configuration log targets
5.5. Performance
5.6. Viewing logs
5.6.1. Viewing logs in the User Interface
5.6.2. Viewing logs in the CLI environment
5.7. System-event logging
5.8. Using Profiles
6. Interfaces and Subnets
6.1. Relationship between Interfaces and Physical Ports
6.1.1. Port groups
6.1.2. Interfaces
6.2. Defining port groups
6.3. Defining an interface
6.3.1. Defining subnets
6.3.1.1. Using DHCP to configure a subnet
6.3.2. Setting up DHCP server parameters
6.3.2.1. Fixed/Static DHCP allocations
6.3.2.2. Partial-MAC-address based allocations
6.4. Physical port settings
6.4.1. Disabling auto-negotiation
6.4.2. Setting port speed
6.4.3. Setting duplex mode
6.4.4. Defining port LED functions
7. Routing
7.1. Routing logic
7.2. Routing targets
7.2.1. Subnet routes
7.2.2. Routing to an IP address (gateway route)
7.2.3. Special targets
7.3. Dynamic route creation / deletion
7.4. Routing tables
7.5. Route overrides
8. Profiles
8.1. Overview
8.2. Creating/editing profiles
8.2.1. Timing control
8.2.2. Tests
8.2.2.1. General tests
8.2.2.2. Time/date tests
8.2.2.3. Ping tests
8.2.3. Inverting overall test result
8.2.4. Manual override
9. Traffic Shaping
9.1. Graphs and Shapers
9.1.1. Graphs
9.1.2. Shapers
10. PPPoE
10.1. Types of DSL line and router in the United Kingdom
10.2. Definining PPPoE links
10.2.1. IPv6
10.2.2. Additional options
10.2.2.1. MTU and TCP fix
10.2.2.2. Service and ac-name
10.2.2.3. Logging
10.2.2.4. Speed and graphs
11. Tunnels
11.1. FB105 tunnels
11.1.1. Tunnel wrapper packets
11.1.2. Setting up a tunnel
11.1.3. Viewing tunnel status
11.1.4. Dynamic routes
11.1.5. Tunnel bonding
11.1.6. Tunnels and NAT
11.1.6.1. FB6000 doing NAT
11.1.6.2. Another device doing NAT
12. System Services
12.1. HTTP Server configuration
12.1.1. Access control
12.1.1.1. Trusted addresses
12.2. Telnet Server configuration
12.2.1. Access control
12.3. DNS configuration
12.4. NTP configuration
12.5. SNMP configuration
13. Network Diagnostic Tools
13.1. Firewalling check
13.2. Access check
13.3. Packet Dumping
13.3.1. Dump parameters
13.3.2. Security settings required
13.3.3. IP address matching
13.3.4. Packet types
13.3.5. Snaplen specification
13.3.6. Using the web interface
13.3.7. Using an HTTP client
13.3.7.1. Example using curl and tcpdump
14. VRRP
14.1. Virtual Routers
14.2. Configuring VRRP
14.2.1. Advertisement Interval
14.2.2. Priority
14.3. Using a virtual router
14.4. VRRP versions
14.4.1. VRRP version 2
14.4.2. VRRP version 3
14.5. Compatibility
15. Command Line Interface
I. Command Line Reference
check access — Check whether an IP address can access/utilise network services provided by the FB6000
check firewall — Checks firewalling rules behaviour.
clear bgp — ** TBC ? **
clear dhcp — Clears one or all of the stored allocations made by the FB6000's DHCP server.
clear l2tp all — ** TBC ? **
clear l2tp session — ** TBC ? **
clear l2tp tunnel — ** TBC ? **
clear pppoe — ** TBC ? **
delete config — Delete a configuration from the Flash memory
delete data — Delete a data item from the Flash memory
delete image — Delete a software image from the Flash memory
ethernet reset — ** TBC ? **
ethernet stall — ** TBC ? **
exit — Logout and end a command-line session.
kill command session — ** TBC ? **
kill session — Kills an active session in the session-table.
login — Login to a command-line session.
logout — Log-out from a command-line session.
panic — Force a system panic.
ping — Ping an IP address.
quit — Logout and end a command-line session.
reboot — Reboots the FB6000.
set boot block — ** TBC ? **
set command screen width — ** TBC ? **
show arp — Prints the ARP table.
show bgp — ** TBC ? **
show bgp nexthop — ** TBC ? **
show bgp peer — ** TBC ? **
show bgp routes — ** TBC ? **
show bgp summary — ** TBC ? **
show boot log — ** TBC ? **
show command sessions — Print a list of command-line sessions.
show dhcp — Print list of IP address allocations made by the FB6000's DHCP server.
show dns — Displays the DNS resolvers that are currently configured for use.
show ethernet counters — Print values of counters maintained by the Ethernet hardware.
show ethernet status — Print current status of the Ethernet ports
show fb105 — Print information about FB105 tunnels.
show flash contents — Print a list of what is currently stored in the internal Flash memory.
show flash log — Print log text stored in the 'Flash log'.
show l2tp — Print overview of L2TP status.
show l2tp session — ** TBC ? **
show l2tp sessions — ** TBC ? **
show l2tp tunnel — ** TBC ? **
show l2tp tunnels — ** TBC ? **
show log — Prints the stored log text for a specified log target.
show memory — Print information about memory usage by the FB6000 application software.
show pppoe — Print information about PPPoE sessions.
show profiles — Print the current state of all the profiles that are defined.
show radius — **TBC ? **
show route — Print information about a specific route.
show routes — Print the list of route destinations from a routing table.
show sessions — Displays the session table.
show status — Print general FB6000 status information.
show subnet — Print information about a specific locally-attached subnet.
show subnets — Print list of locally-attached subnets.
show uptime — Print up-time since last bootup.
show tasks — Prints the list of software tasks running on the FB6000.
show vrrp — Prints VRRP status information.
start command session — ** TBC ? **
traceroute — Runs a classical traceroute procedure.
troff — Prevents log messages sent to the console from being displayed.
tron — Enables log messages sent to the console to be displayed.
uptime — Print up-time since last bootup.
A. Factory Reset Procedure
B. CIDR and CIDR Notation
C. MAC Addresses usage
D. VLANs : A primer
Index

List of Figures

2.1. Initial web page in factory reset state
2.2. Initial "Users" page
2.3. Setting up a new user
2.4. Configuration being stored
3.1. Main menu
3.2. Icons for layout controls
3.3. Icons for configuration categories
3.4. The "Setup" category
3.5. Editing an "Interface" object
3.6. Show hidden attributes
3.7. Attribute definitions
3.8. Navigation controls
4.1. Setting up a new user
4.2. Software upgrade available notification
4.3. Manual Software upload
C.1. Product label showing MAC address range

List of Tables

2.1. IP addresses for computer
2.2. IP addresses to access the FireBrick
3.1. Special character sequences
4.1. User login levels
4.2. Configuration access levels
4.3. General administrative details attributes
4.4. Attributes controlling auto-upgrades
4.5. Power LED status indications
5.1. Logging attributes
5.2. System-Event Logging attributes
6.1. Physical port usage options
6.2. Port LED functions
6.3. Example modified Port LED functions
7.1. Route targets
12.1. List of system services
13.1. Packet dump parameters
13.2. Packet types that can be captured
18. Information provided by show fb105 command
C.1. DHCP client names used
   Next
   Preface