2.12. Configuring Physical Ports with CLI
This section provides information to configure cards, MDAs, and ports.
2.13. Preprovisioning Guidelines
7210 SAS routers have a console port to connect terminals to the router. The 7210 SAS does not support a management port.
Configure parameters from a system console connected to a console port, using Telnet to access a the device remotely or SSH to open a secure shell connection.
2.13.1. Predefining Entities
The 7210 SAS auto-provisions card and MDA types.
On 7210 SAS platforms, where cards/MDAs are not auto-provisioned, to initialize a card, the chassis slot, line card type, and MDA type must match the preprovisioned parameters. In this context, preprovisioning means to configure the entity type (such as the line card type, MDA type, port, and interface) that is planned for a chassis slot, line card, or MDA. Preprovisioned entities can be installed but not enabled or the slots can be configured but remain empty until populated. Provisioning means that the preprovisioned entity is installed and enabled.
You can:
- Preprovision ports and interfaces after the line card and MDA types are specified.
- Install line cards in slots with no preconfiguration parameters specified. When the card is installed, the card and MDA types must be specified. This is required on 7210 SAS chassis based platforms or on those platforms that support expansion slots. Typically, on 7210 SAS platforms that do not support any removable cards and/or MDAs, the cards are preprovisioned for fixed ports.
- Install a line card in a slot provisioned for a different card type (the card will not initialize). The existing card and MDA configuration must be deleted and replaced with the current information. This is required on 7210 SAS chassis based platforms or on those platforms that support expansion slots. Typically, on 7210 SAS platforms that do not support any removable cards and/or MDAs, the MDAs are preprovisioned for all fixed ports.
2.13.2. Preprovisioning a Port
Some recommendations to configure a port include:
- Ethernet
- Configure an access port for customer facing traffic on which services are configured.
An encapsulation type may be specified to distinguish services on the port or channel. Encapsulation types are not required for network ports.
To configure an Ethernet access port, refer to Configuring Ethernet Port Parameters.
2.14. Basic Configuration
On 7210 SAS platforms that do not support any removable cards and/or MDAs, the most basic configuration must have the following:
- Identify chassis slot.
- Specify line card type (must be an allowed card type).
- Identify MDA slot.
- Specify MDA type (must be an allowed MDA type).
- Identify specific port to configure.
2.15. Common Configuration Tasks
This describes common configuration tasks.
2.15.1. Configuring Ethernet Port Parameters
This section describes Ethernet port configuration.
2.15.1.1. Ethernet Network Port
A network port is network facing and participates in the service provider transport or infrastructure network processes.
The following is a sample network port configuration output.
Ethernet network port configuration is supported only on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
2.15.1.2. Ethernet Access-Uplink Port
An access-uplink port is network facing and participates in the service provider transport or infrastructure network processes. This is similar to a network port concept.
A SAP can be created when a port is configured in access uplink mode. When a port is configured in access uplink mode, then the encapsulation type of the port is set to QinQ.
The following is a sample network port configuration output.
Access uplink port configuration is supported on the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
2.15.1.3. Ethernet Access Port
Services are configured on access ports used for customer-facing traffic. If a Service Access Port (SAP) is to be configured on a port, it must be configured as access mode or access uplink mode. When a port is configured for access mode, the appropriate encapsulation type can be specified to distinguish the services on the port. When a port has been configured for access mode, multiple services may be configured on the port.
The following is a sample Ethernet access port configuration (for 7210 SAS-D) output.
Access port configuration is supported on the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
2.15.1.4. Configuring 802.1x Authentication Port Parameters
The following is a sample of an 802.1x port configuration output.
2.15.1.5. Configuring MAC Authentication Port Parameters
 | Note: MAC authentication is only supported on 7210 SAS-Dxp. |
The 7210 SAS supports a fallback MAC authentication mechanism for client devices (for example, PCs and cameras) on an Ethernet network that do not support 802.1x EAP.
MAC authentication provides protection against unauthorized access by forcing the device connected to the 7210 SAS to have its MAC address authenticated by a RADIUS server before the device is able to transmit packets through the 7210 SAS.
Use the following CLI syntax to configure MAC authentication for an Ethernet port.
The following example shows the command usage to configure MAC authentication for an Ethernet port.
Use the info detail command to display port configuration information. The following is a sample port configuration output.
2.15.1.6. Configuring VLAN Authentication Port Parameters
| Note: VLAN authentication is only supported on 7210 SAS-Dxp. |
The 7210 SAS supports VLAN authentication for client devices (for example, PCs and STBs) on an Ethernet network.
VLAN authentication provides protection against unauthorized access by forcing the device connected to the 7210 SAS to be authenticated by a RADIUS server before the device is able to transmit packets through the 7210 SAS.
Use the following CLI syntax to configure VLAN authentication for an Ethernet port.
The following example shows the command usage to configure VLAN authentication for an Ethernet port.
Use the info detail command to display port configuration information. The following is a sample port configuration output.
2.15.2. Configuring LAG Parameters
The following are general rules for configuring LAGs:
- The 7210 SAS-D and 7210 SAS-Dxp support up to four 1GE ports in a LAG. The 7210 SAS-Dxp also supports up to two 10GE ports in a LAG.
- The 7210 SAS-K 2F1C2T and 7210 SAS-K 2F6C4T support up to three 1GE ports in a LAG.
- The 7210 SAS-K 3SFP+ 8C supports up to three 1GE ports or two 10GE ports in a LAG.
- All ports in the LAG must share the same characteristics (speed, duplex, hold-timer, and so on). The port characteristics are inherited from the primary port.
- Autonegotiation must be disabled or set to limited mode for ports that are part of a LAG to guarantee a specific port speed.
- Ports in a LAG must be configured as full duplex.
The following is a sample LAG configuration output.
2.16. CRC Error Monitoring
| Note: This feature is supported on all 7210 SAS platforms as described in this document, except the 7210 SAS-K 2F1C2T. |
This feature allows the user to track CRC (cyclic redundancy check) errors received on a specific port and notify them. The detection mechanism is based around a configurable threshold specified by the administrator. Two thresholds are configurable, one for CRC degrade and one for CRC signal fail. The first threshold crossing generates an alarm, log entry, trap, but does not bring the physical port down, while the second (signal fail) threshold crossing logs an alarm, trap generation, and brings the port operationally down.
The thresholds are configurable with the following CLI command config>port>ethernet crc-monitor.
This behavior is enabled on a per-port basis. By default, the command and functionality is disabled for the signal degrade and the signal fail.
The user can configure different values for the sf-threshold and the sd-threshold. However, sf-threshold value must be less than or equal to the sd-threshold value.
The values provided by the user for threshold and multiplier is used to compute the error ratio as (Multiplier * (10 ^ - (threshold value)). Port Stats are collected once per second and accumulated over the configured window size. Each second, the oldest sample is discarded and the new sample is added to a running total. If the error ratio exceeds the configured threshold (the preceding computation) over the window size for two consecutive seconds, appropriate actions are taken as follows:
- If the number of CRC errors exceeds the signal degrade threshold value, a log warning message, syslog event and SNMP trap with the message “CRC errors in excess of the configured degrade threshold <M>*10e-<N> Set” is raised.
- If the CRC error rate increases further and exceeds configured the signal fail threshold value, an alarm log message, syslog event and SNMP trap should be raised, and the port should be brought operationally down.
When the condition is cleared, a SNMP trap message to clear the event is sent out.
2.17. Service Management Tasks
This section describes basic procedures of the service management tasks:
To change an MDA type already provisioned for a specific slot/card, first you must shut down the slot/MDA/port configuration and then delete the MDA from the configuration. Modify and delete operations can be performed only on the MDAs that are not auto equipped or auto provisioned.
Use the following syntax to modify an MDA.
2.17.1. Modifying a Card Type
The modify operation cannot be performed on an IOM card that is auto equipped and auto provisioned during bootup and is fixed.
2.17.2. Deleting a Card
The delete operation cannot be performed on an IOM card that is auto equipped and auto provisioned during bootup and is fixed.
2.17.3. Deleting Port Parameters
Use the following syntax to delete a port provisioned for a specific card.