FireBrick FB6502 User Manual
   Next

FireBrick FB6502 User Manual

This User Manual documents Software version V1.24.121

Copyright © 2012-2013 FireBrick Ltd.

Revision History

Table of Contents

Preface
1. Introduction
1.1. The FB6000
1.1.1. Where do I start?
1.1.2. What can it do?
1.1.2.1. FB6502 Gigabit core VoIP SIP switch for ISTP use
1.1.3. Ethernet port capabilities
1.1.4. Product variants in the FB6000 series
1.2. About this Manual
1.2.1. Version
1.2.2. Intended audience
1.2.3. Technical details
1.2.4. Document style
1.2.5. Document conventions
1.2.6. Comments and feedback
1.3. Additional Resources
1.3.1. Technical Support
1.3.2. IRC Channel
1.3.3. Application Notes
1.3.4. White Papers
1.3.5. Training Courses
2. Getting Started
2.1. IP addressing
2.2. Accessing the web-based user interface
2.2.1. Add a new user
3. Configuration
3.1. The Object Hierarchy
3.2. The Object Model
3.2.1. Formal definition of the object model
3.2.2. Common attributes
3.3. Configuration Methods
3.4. Web User Interface Overview
3.4.1. User Interface layout
3.4.1.1. Customising the layout
3.4.2. Config pages and the object hierarchy
3.4.2.1. Configuration categories
3.4.2.2. Object settings
3.4.3. Navigating around the User Interface
3.4.4. Backing up / restoring the configuration
3.5. Configuration using XML
3.5.1. Introduction to XML
3.5.2. The root element - <config>
3.5.3. Viewing or editing XML
3.5.4. Example XML configuration
3.6. Downloading/Uploading the configuration
3.6.1. Download
3.6.2. Upload
4. System Administration
4.1. User Management
4.1.1. Login level
4.1.2. Configuration access level
4.1.3. Login idle timeout
4.1.4. Restricting user logins
4.1.4.1. Restrict by IP address
4.1.4.2. Restrict by profile
4.2. General System settings
4.2.1. System name (hostname)
4.2.2. Administrative details
4.2.3. System-level event logging control
4.2.4. Home page web links
4.3. Software Upgrades
4.3.1. Software release types
4.3.1.1. Breakpoint releases
4.3.2. Identifying current software version
4.3.3. Internet-based upgrade process
4.3.3.1. Manually initiating upgrades
4.3.3.2. Controlling automatic software updates
4.3.4. Manual upgrade
4.4. Boot Process
4.4.1. LED indications
4.4.1.1. Power LED status indications
4.4.1.2. Port LEDs
5. Event Logging
5.1. Overview
5.1.1. Log targets
5.1.1.1. Logging to Flash memory
5.1.1.2. Logging to the Console
5.2. Enabling logging
5.3. Logging to external destinations
5.3.1. Syslog
5.3.2. Email
5.3.2.1. E-mail process logging
5.4. Factory reset configuration log targets
5.5. Performance
5.6. Viewing logs
5.6.1. Viewing logs in the User Interface
5.6.2. Viewing logs in the CLI environment
5.7. System-event logging
5.8. Using Profiles
6. Interfaces and Subnets
6.1. Relationship between Interfaces and Physical Ports
6.1.1. Port groups
6.1.2. Interfaces
6.2. Defining port groups
6.3. Defining an interface
6.3.1. Defining subnets
6.3.1.1. Using DHCP to configure a subnet
6.3.2. Setting up DHCP server parameters
6.3.2.1. Fixed/Static DHCP allocations
6.3.2.2. Partial-MAC-address based allocations
6.4. Physical port settings
6.4.1. Disabling auto-negotiation
6.4.2. Setting port speed
6.4.3. Setting duplex mode
6.4.4. Defining port LED functions
7. Routing
7.1. Routing logic
7.2. Routing targets
7.2.1. Subnet routes
7.2.2. Routing to an IP address (gateway route)
7.2.3. Special targets
7.3. Dynamic route creation / deletion
7.4. Routing tables
8. Profiles
8.1. Overview
8.2. Creating/editing profiles
8.2.1. Timing control
8.2.2. Tests
8.2.2.1. General tests
8.2.2.2. Time/date tests
8.2.2.3. Ping tests
8.2.3. Inverting overall test result
8.2.4. Manual override
9. Traffic Shaping
9.1. Graphs and Shapers
9.1.1. Graphs
9.1.2. Shapers
10. PPPoE
10.1. Types of DSL line and router in the United Kingdom
10.2. Definining PPPoE links
10.2.1. IPv6
10.2.2. Additional options
10.2.2.1. MTU and TCP fix
10.2.2.2. Service and ac-name
10.2.2.3. Logging
10.2.2.4. Speed and graphs
11. Tunnels
11.1. FB105 tunnels
11.1.1. Tunnel wrapper packets
11.1.2. Setting up a tunnel
11.1.3. Viewing tunnel status
11.1.4. Dynamic routes
11.1.5. Tunnel bonding
11.1.6. Tunnels and NAT
11.1.6.1. FB6000 doing NAT
11.1.6.2. Another device doing NAT
12. System Services
12.1. Common settings
12.2. HTTP Server configuration
12.2.1. Access control
12.2.1.1. Trusted addresses
12.3. Telnet Server configuration
12.3.1. Access control
12.4. DNS configuration
12.4.1. Blocking DNS names
12.4.2. Local DNS responses
12.4.3. Auto DHCP DNS
12.5. NTP configuration
12.6. SNMP configuration
13. Network Diagnostic Tools
13.1. Access check
13.2. Packet Dumping
13.2.1. Dump parameters
13.2.2. Security settings required
13.2.3. IP address matching
13.2.4. Packet types
13.2.5. Snaplen specification
13.2.6. Using the web interface
13.2.7. Using an HTTP client
13.2.7.1. Example using curl and tcpdump
14. VRRP
14.1. Virtual Routers
14.2. Configuring VRRP
14.2.1. Advertisement Interval
14.2.2. Priority
14.3. Using a virtual router
14.4. VRRP versions
14.4.1. VRRP version 2
14.4.2. VRRP version 3
14.5. Compatibility
15. VoIP
15.1. What is VoIP?
15.2. Registration and Proxies
15.2.1. Registrar
15.2.2. Proxy
15.3. Core call routing switch
15.4. Network Address Translation
15.5. Number plan
15.6. Telephone handsets
15.7. VoIP call carriers
15.8. Hunt groups
15.9. Call pickup/steal
15.10. Busy lamp field
15.11. Using RADIUS
15.11.1. RADIUS accounting
15.11.2. RADIUS authentication
15.11.2.1. Call routing by RADIUS
15.12. Call recording
15.13. Voicemail and IVR services
15.14. Call Data Records
15.15. Technical details
16. BGP
16.1. What is BGP?
16.2. Using BGP in an ISP network?
17. Command Line Interface
A. Factory Reset Procedure
B. CIDR and CIDR Notation
C. MAC Addresses usage
D. VLANs : A primer
E. Supported RADIUS Attribute/Value Pairs for VoIP operation
E.1. Authentication request
E.2. Authentication response
E.2.1. Challenge authentication
E.2.2. Accepted authentication (registration)
E.2.3. Accepted authentication (invite)
E.2.4. Rejected authentication
E.3. Accounting Start
E.4. Accounting Interim
E.5. Accounting Stop
E.6. Disconnect
E.7. Change of Authorisation
F. Command line reference
F.1. General commands
F.1.1. Trace off
F.1.2. Trace on
F.1.3. Uptime
F.1.4. General status
F.1.5. Memory usage
F.1.6. Process/task usage
F.1.7. Login
F.1.8. Logout
F.1.9. See XML configuration
F.1.10. Load XML configuration
F.1.11. Show profile status
F.1.12. Show RADIUS servers
F.1.13. Show DNS resolvers
F.2. Networking commands
F.2.1. Subnets
F.2.2. Ping and trace
F.2.3. Show a route from the routing table
F.2.4. List routes
F.2.5. List routing next hops
F.2.6. See DHCP allocations
F.2.7. Clear DHCP allocations
F.2.8. Lock DHCP allocations
F.2.9. Unlock DHCP allocations
F.2.10. Name DHCP allocations
F.2.11. Show ARP/ND status
F.2.12. Show VRRP status
F.2.13. Send Wake-on-LAN packet
F.2.14. Check access to services
F.3. BGP commands
F.4. VoIP commands
F.5. Advanced commands
F.5.1. Panic
F.5.2. Reboot
F.5.3. Screen width
F.5.4. Make outbound command session
F.5.5. Show command sessions
F.5.6. Kill command session
F.5.7. Flash memory list
F.5.8. Delete block from flash
F.5.9. Boot log
F.5.10. Flash log
G. Configuration Objects
G.1. Top level
G.1.1. config: Top level config
G.2. Objects
G.2.1. system: System settings
G.2.2. link: Web links
G.2.3. user: Admin users
G.2.4. log: Log target controls
G.2.5. log-syslog: Syslog logger settings
G.2.6. log-email: Email logger settings
G.2.7. services: System services
G.2.8. snmp-service: SNMP service settings
G.2.9. ntp-service: NTP service settings
G.2.10. telnet-service: Telnet service settings
G.2.11. http-service: HTTP service settings
G.2.12. dns-service: DNS service settings
G.2.13. dns-host: Fixed local DNS host settings
G.2.14. dns-block: Fixed local DNS blocks
G.2.15. radius-service: RADIUS service definition
G.2.16. radius-service-match: Matching rules for RADIUS service
G.2.17. radius-server: RADIUS server settings
G.2.18. ethernet: Physical port controls
G.2.19. portdef: Port grouping and naming
G.2.20. interface: Port-group/VLAN interface settings
G.2.21. subnet: Subnet settings
G.2.22. vrrp: VRRP settings
G.2.23. dhcps: DHCP server settings
G.2.24. dhcp-attr-hex: DHCP server attributes (hex)
G.2.25. dhcp-attr-string: DHCP server attributes (string)
G.2.26. dhcp-attr-number: DHCP server attributes (numeric)
G.2.27. dhcp-attr-ip: DHCP server attributes (IP)
G.2.28. route: Static routes
G.2.29. network: Locally originated networks
G.2.30. blackhole: Dead end networks
G.2.31. loopback: Locally originated networks
G.2.32. bgp: Overall BGP settings
G.2.33. bgppeer: BGP peer definitions
G.2.34. bgpmap: Mapping and filtering rules of BGP prefixes
G.2.35. bgprule: Individual mapping/filtering rule
G.2.36. cqm: Constant Quality Monitoring settings
G.2.37. profile: Control profile
G.2.38. profile-date: Test passes if within any of the time ranges specified
G.2.39. profile-time: Test passes if within any of the date/time ranges specified
G.2.40. profile-ping: Test passes if any addresses are pingable
G.2.41. ip-group: IP Group
G.2.42. voip: Voice over IP config
G.2.43. carrier: VoIP carrier details
G.2.44. telephone: VoIP telephone authentication user details
G.2.45. tone: Tone definitions
G.2.46. ringgroup: Ring groups
G.3. Data types
G.3.1. autoloadtype: Type of s/w auto load
G.3.2. config-access: Type of access user has to config
G.3.3. user-level: User login level
G.3.4. syslog-severity: Syslog severity
G.3.5. syslog-facility: Syslog facility
G.3.6. month: Month name (3 letter)
G.3.7. day: Day name (3 letter)
G.3.8. radiuspriority: Options for controlling platform RADIUS response priority tagging
G.3.9. radiustype: Type of RADIUS server
G.3.10. port: Physical port
G.3.11. Crossover: Crossover configuration
G.3.12. LinkSpeed: Physical port speed
G.3.13. LinkDuplex: Physical port duplex setting
G.3.14. LinkFlow: Physical port flow control setting
G.3.15. LinkClock: Physical port Gigabit clock master/slave setting
G.3.16. LinkLED-y: Yellow LED setting
G.3.17. LinkLED-g: Green LED setting
G.3.18. LinkPower: PHY power saving options
G.3.19. LinkFault: Link fault type to send
G.3.20. ramode: IPv6 route announce level
G.3.21. dhcpv6control: Control for RA and DHCPv6 bits
G.3.22. bgpmode: BGP announcement mode
G.3.23. peertype: BGP peer type
G.3.24. voip-format: Number presentation format
G.3.25. uknumberformat: Number formatting option
G.3.26. recordoption: Recording option
G.3.27. ring-group-order: Order of ring
G.3.28. ring-group-type: Type of ring when one call in queue
G.4. Basic types
Index

List of Figures

2.1. Initial web page in factory reset state
2.2. Initial "Users" page
2.3. Setting up a new user
2.4. Configuration being stored
3.1. Main menu
3.2. Icons for layout controls
3.3. Icons for configuration categories
3.4. The "Setup" category
3.5. Editing an "Interface" object
3.6. Show hidden attributes
3.7. Attribute definitions
3.8. Navigation controls
4.1. Setting up a new user
4.2. Software upgrade available notification
4.3. Manual Software upload
C.1. Product label showing MAC address range

List of Tables

2.1. IP addresses for computer
2.2. IP addresses to access the FireBrick
2.3. IP addresses to access the FireBrick
3.1. Special character sequences
4.1. User login levels
4.2. Configuration access levels
4.3. General administrative details attributes
4.4. Attributes controlling auto-upgrades
4.5. Power LED status indications
5.1. Logging attributes
5.2. System-Event Logging attributes
6.1. Physical port usage options
6.2. Port LED functions
6.3. Example modified Port LED functions
7.1. Route targets
12.1. List of system services
12.2. List of system services
13.1. Packet dump parameters
13.2. Packet types that can be captured
C.1. DHCP client names used
E.1. Access-request
E.2. Access-Challenge
E.3. Access-Accept
E.4. Access-Accept
E.5. Access-Reject
E.6. Accounting-Start
E.7. Accounting-Interim
E.8. Accounting-Stop
E.9. Disconnect
E.10. Change-of-Authorisation
G.1. config: Attributes
G.2. config: Elements
G.3. system: Attributes
G.4. system: Elements
G.5. link: Attributes
G.6. user: Attributes
G.7. log: Attributes
G.8. log: Elements
G.9. log-syslog: Attributes
G.10. log-email: Attributes
G.11. services: Elements
G.12. snmp-service: Attributes
G.13. ntp-service: Attributes
G.14. telnet-service: Attributes
G.15. http-service: Attributes
G.16. dns-service: Attributes
G.17. dns-service: Elements
G.18. dns-host: Attributes
G.19. dns-block: Attributes
G.20. radius-service: Attributes
G.21. radius-service: Elements
G.22. radius-service-match: Attributes
G.23. radius-server: Attributes
G.24. ethernet: Attributes
G.25. portdef: Attributes
G.26. interface: Attributes
G.27. interface: Elements
G.28. subnet: Attributes
G.29. vrrp: Attributes
G.30. dhcps: Attributes
G.31. dhcps: Elements
G.32. dhcp-attr-hex: Attributes
G.33. dhcp-attr-string: Attributes
G.34. dhcp-attr-number: Attributes
G.35. dhcp-attr-ip: Attributes
G.36. route: Attributes
G.37. network: Attributes
G.38. blackhole: Attributes
G.39. loopback: Attributes
G.40. bgp: Attributes
G.41. bgp: Elements
G.42. bgppeer: Attributes
G.43. bgppeer: Elements
G.44. bgpmap: Attributes
G.45. bgpmap: Elements
G.46. bgprule: Attributes
G.47. cqm: Attributes
G.48. profile: Attributes
G.49. profile: Elements
G.50. profile-date: Attributes
G.51. profile-time: Attributes
G.52. profile-ping: Attributes
G.53. ip-group: Attributes
G.54. voip: Attributes
G.55. voip: Elements
G.56. carrier: Attributes
G.57. telephone: Attributes
G.58. tone: Attributes
G.59. ringgroup: Attributes
G.60. autoloadtype: Type of s/w auto load
G.61. config-access: Type of access user has to config
G.62. user-level: User login level
G.63. syslog-severity: Syslog severity
G.64. syslog-facility: Syslog facility
G.65. month: Month name (3 letter)
G.66. day: Day name (3 letter)
G.67. radiuspriority: Options for controlling platform RADIUS response priority tagging
G.68. radiustype: Type of RADIUS server
G.69. port: Physical port
G.70. Crossover: Crossover configuration
G.71. LinkSpeed: Physical port speed
G.72. LinkDuplex: Physical port duplex setting
G.73. LinkFlow: Physical port flow control setting
G.74. LinkClock: Physical port Gigabit clock master/slave setting
G.75. LinkLED-y: Yellow LED setting
G.76. LinkLED-g: Green LED setting
G.77. LinkPower: PHY power saving options
G.78. LinkFault: Link fault type to send
G.79. ramode: IPv6 route announce level
G.80. dhcpv6control: Control for RA and DHCPv6 bits
G.81. bgpmode: BGP announcement mode
G.82. peertype: BGP peer type
G.83. voip-format: Number presentation format
G.84. uknumberformat: Number formatting option
G.85. recordoption: Recording option
G.86. ring-group-order: Order of ring
G.87. ring-group-type: Type of ring when one call in queue
G.88. Basic data types
   Next
   Preface