Académique Documents
Professionnel Documents
Culture Documents
Feature Description
February 2012
Hardware Release: R1
Software Release: C6.9
Document Revision A
Feature Description
Notice
This document contains information that is proprietary to Ceragon Networks Ltd. No part of this
publication may be reproduced, modified, or distributed without prior written authorization of
Ceragon Networks Ltd. This document is provided as is, without warranty of any kind.
Registered Trademarks
Ceragon Networks is a registered trademark of Ceragon Networks Ltd. FibeAir is a registered
trademark of Ceragon Networks Ltd. CeraView is a registered trademark of Ceragon Networks
Ltd. Other names mentioned in this publication are owned by their respective holders.
Trademarks
CeraMap, ConfigAir, PolyView, EncryptAir, and CeraMon are trademarks of Ceragon
Networks Ltd. Other names mentioned in this publication are owned by their respective holders.
Statement of Conditions
The information contained in this document is subject to change without notice. Ceragon
Networks Ltd. shall not be liable for errors contained herein or for incidental or consequential
damage in connection with the furnishing, performance, or use of this document or equipment
supplied with it.
Information to User
Any changes or modifications of equipment not expressly approved by the manufacturer could
void the users authority to operate the equipment and the warranty for such equipment.
Revision History
Rev
Date
Author
Description
Approved by
Date
26.2.2012
Alex Yufit
Initial release.
Erez Aviv
28.2.2012
Page 2 of 60
Feature Description
Table of Contents
Registered Trademarks ......................................................................................... 2
Trademarks ............................................................................................................ 2
Statement of Conditions ........................................................................................ 2
Open Source Statement ........................................................................................ 2
Information to User ................................................................................................ 2
Revision History..................................................................................................... 2
Table of Contents ................................................................................................... 3
1. Introduction ...................................................................................................... 5
1.1
1.2
1.3
1.4
Acronyms ....................................................................................................................... 6
2.2
2.3
2.3.1
2.3.2
2.3.3
2.3.4
2.3.5
2.3.6
2.4
2.4.1
2.4.2
2.4.3
Licensing ...................................................................................................................... 11
General license considerations .................................................................................... 12
License violation ........................................................................................................... 12
Demo (temporary) license ............................................................................................ 12
2.5
Page 3 of 60
Feature Description
3.5
3.5.1
3.5.2
3.5.3
Security ........................................................................................................................ 47
User access control...................................................................................................... 47
Secure communication channels ................................................................................. 47
Security log .................................................................................................................. 51
3.6
3.6.1
3.6.2
3.6.3
3.6.4
3.6.5
3.6.6
Page 4 of 60
Feature Description
1. Introduction
This New Software Version (NSV) release introduces the first release of the
IP-10C, Ceragons compact, all-outdoor backhaul Ethernet product. FibeAir IP10C combines radio, baseband, and Carrier Ethernet functionality in a single,
durable box for outdoor installations.
FibeAir IP-10C offers the convenience of an easy installation procedure, and
full compatibility with FibeAir RFU-C mediation devices, enabling easy
transition of existing sites to all-outdoor zero-footprint solutions. It is
designed for use in tail sites, particularly as part of a Smart Pipe solution.
FibeAir IP-10C covers the entire licensed frequency spectrum and offers a
wide capacity range, from 50 Mbps to 1 Gbps over a single radio carrier,
depending on traffic scenario based on legacy MAC and enhanced Multi-Layer
header compression. Additional functionality and capacity, including MultiLayer header compression, are enabled via license keys while using the same
hardware.
By enabling more capacity, at lower latencies to any location, with proper
traffic management mechanisms and an optional downstream boost, FibeAir
IP-10C is built to enhance end user Quality of Experience.
FibeAir IP-10C employs the most advanced Adaptive Coding & Modulation
(ACM) technique. This unique feature enables users to maximize spectrum
utilization and capacity over any given bandwidth and changing
environmental conditions.
1.1
1.2
Page 5 of 60
1.3
Feature Description
1.4
Acronyms
AIS
ACM
AES
BER
CA
Certificate Authority
DST
EXC BER
Excessive BER
FTP (SFTP)
GbE / GBE
Gigabit Ethernet
GMT
IDC
InDoor Controller
IFG / IPG
HTTP (HTTPS)
LOC
Loss Of Carrier
LOF
Loss Of Frame
LOS
Loss Of Signal
MAC (Ethernet)
MAC (Security)
MHC
MIB
MSE
NTP
NSV
OAM
PIRL
PM
Performance Monitoring
Page 6 of 60
Feature Description
PN
PV
PolyView
QoS
Quality of Service
RSL
S/N
Serial Number
SNMP
SNTP
SSH
UC
User Channel
UTC
Page 7 of 60
Feature Description
2.
2.1
2.2
Main Interfaces:
1 x GbE combo port: 10/100/1000Base-T or SFP 1000Base-X (traffic)
2 x GbE electrical ports for management: 10/100/1000Base-T
Power interface (-48VDC)
Additional Interfaces:
Terminal console
RSL interface: BNC connector
In addition, each of the non-combo ports can be configured to support
Ethernet out-of-band management.
Page 8 of 60
Feature Description
Additional LEDs are located next to the Ethernet interfaces. For a description
of these LEDs, see Ethernet port LED functionality description on page 34.
2.3
IP-10C Architecture
Featuring an advanced architecture, FibeAir IP-10C uniquely integrates the
latest radio technology with Smart Pipe Ethernet capabilities. The FibeAir IP10C radio core engine is designed to support native Ethernet over the air
interface enhanced with Adaptive Power and Adaptive Coding & Modulation
(ACM) for maximum spectral efficiency in any deployment scenario.
FibeAir IP-10C Block Diagram
The CPU acts as the units central controller, and all management frames
received from or sent to external management applications must pass through
the CPU.
The Mux assembles the radio frames, and transfers them to the MODEM.
The MODEM represents the physical layer, modulating, transmitting, and
receiving the data stream.
2.3.1
Ethernet Interfaces
Ethernet Interface Functionality
Indication
Interface Rate
GEB Combo
GbE Management
GbE 10/100/1000
Disabled/Management/Future Use
GbE Management
GbE 10/100/1000
Functionality
Page 9 of 60
2.3.2
Feature Description
RF Interface
In all configurations, both remote mount and direct mount, IP-10C is
connected to the antenna via the RF port. The RF port is a TX/RX direct
waveguide connection.
Note:
Waveguide
Flange
Antenna
Flange
WR137
PDR70
UDR70
7/8
WR112
PBR84
UBR84
10/11
WR90
PBR100
UBR100
13
WR75
PBR120
UBR120
15
WR62
PBR140
UBR140
18-26
WR42
PBR220
UBR220
28-38
WR28
PBR320
UBR320
2.3.3
RSL Indication
The RSL indication is used for antenna alignment during the link
commissioning phase of installation. Connecting a DVM to this BNC connector
will show current RSL in a 3 digit display following the 1V indication.
For example, a level of -35dBm is displayed as 1.35V on the DVM.
Note:
2.3.4
Power Interface
The IP-10C power interface is connected via a proprietary two pin connector,
at the end of an 18-12AWG cable supplying -48VDC (nominal).
Page 10 of 60
2.3.5
2.3.6
Feature Description
Additional Interfaces
2.4
Licensing
The following licenses are available for an IP-10C system:
Capacity license: Limits the total amount of radio capacity available.
This license is enforced by limiting the bandwidth of the radio script
that can be loaded.
ACM license: Enables the use of dynamic ACM radio scripts.
Synchronization unit license: Enables the SyncE PRC regenerator
feature.
Enhanced QoS license: Enables the enhanced QoS and PTP optimized
transport features.
Page 11 of 60
2.4.1
Feature Description
Normal Once a license has been successfully loaded to the system, the
IP-10C unit is considered to be in a "normal" license state. In a normal
license state, access to features and capacities is enabled according to
the loaded license key.
2.4.2
License violation
A License Violation alarm is an alarm scenario in the system, indicating that
configuration of the system allows capacities or features that are not allowed
by the license.
When a License Violation alarm is raised, radio port capacity is automatically
limited to ~3Mbps, allowing only management channels to the remote end. In
order to clear the License Violation alarm, the user must configure the system
to comply with the loaded license, and then issue a cold-reset. When the
system returns online, it checks the legality of the configuration against the
license limits. If no violation is detected, no alarm is raised, and the radio is
fully operational.
2.4.3
Page 12 of 60
2.5
Feature Description
Page 13 of 60
3.
Feature Description
3.1
3.1.1
User Configuration
Automatic State
Propagation disabled.
No mute is issued.
Local LOF, Link-ID mismatch Mute the LOCAL port when one or
(always enabled)
more of the following events occurs:
No shutdown.
Shut down the LOCAL port when one or more of the
following events occurs:
Page 14 of 60
Feature Description
User Configuration
Local LOC
Mute the LOCAL port when a GbELOC alarm is raised on the LOCAL
unit.
Remote Fault
No shutdown.
Note1: Electrical-GbE cannot be muted. ElectricalGbE LOC will not trigger Shutdown, because it will not
be possible to enable the port when the LOC alarm is
cleared
Note1: Electrical-GbE cannot be muted. ElectricalGbE LOC will not trigger "Shut-down", because it will
5. Excessive BER (on remote), only not be possible to enable the port when LOC alarm is
if enabled on the LOCAL.
cleared
Notes:
3.1.2
Ingress Port #x
Classifier
(4 Queues)
Egress Port #y
5 Policers
(Ingress
Rate
Limiting)
Marker
Queue
Controller
Scheduler
Shaper
(Egress rate
limiting)
Page 15 of 60
Feature Description
Classifier criteria
Classifier is made up of four classification criteria hierarchies:
First Criteria: MAC DA (Destination Address) Overwrite
Classification and marking is performed for incoming frames carrying a
MAC DA that appears in the Static MAC table (for details, see Classifier
tables on page 17), according to the following options:
Disable No MAC DA classification or VLAN Pbits overwrite
(marking).
Queue Decision Only classification to queue. No marking.
VLAN Pbits Overwrite Only VLAN Pbits overwrite (marking).
Classification according to a lower criteria.
Queue Decision and VLAN Pbits Overwrite Both classification
and VLAN Pbits overwrite.
Second Criteria: VLAN ID Overwrite If the first criteria is not fulfilled
(either because it is disabled, or because the ingress frame does not
carry any MAC DA that appears in the Status MAC table), classification
and/or marking (VLAN Pbits overwrite, assuming the frame egress is
tagged) is decided according to the VLAN ID to Queue table (for
details, see Classifier tables on page 17) according to the following
options:
Disable No VLAN ID classification or VLAN Pbits overwrite
(marking).
Queue Decision Only classification to queue. No marking.
Third Criteria: VLAN Pbits Overwrite Only VLAN Pbits overwrite
(marking).
Classification is according to the lower criteria (pbits or port priority).
In this case, Pbits are assigned as follows (if egress frame is tagged):
Frames classified to 1st queue are given Pbits=0
Frames classified to 2nd queue are given Pbits=2
Frames classified to 3rd queue are given Pbits=4
Frames classified to 4th queue are given Pbits=6
Fourth Criteria: Queue Decision & VLAN Pbits Overwrite Both
classification and VLAN Pbits overwrite. Initial Classification is
according to the following configuration:
VLAN Pbits Classification is according to VLAN Pbits. And the
queue is assigned according to the VLAN Pbits to Queue table (for
details, see Classifier tables on page 17).
IP TOS Classification is according to IP TOS (IP precedence, or IP
diffserv). The queue is assigned according to the IP Pbits to Queue
table (for details, see Classifier tables on page 17).
Page 16 of 60
Feature Description
Classifier tables
The following tables are available to users for configuration:
VLAN-Pbits to Queue A single table for all ports in the switch. Assigning a
queue to a frame, according to the frames Pbits (CoS), assuming the frame is
tagged.
Each line in the table indicates a different possible value for CoS, with eight
table entries (all CoS legal values). The user can define the priority for each
value.
IP-Pbits to Queue A single table for all ports in the switch. Assigning a
queue to a frame, according to the frames IP priority bits (IP precedence or
Diffserv), assuming the frame contains an IP packet. The number of table
entries is:
IP Precedence configuration 8 entries.
DiffServ configuration 64 entries.
VLAN-ID to Queue A single table for all ports in the switch. Assigning a
queue to a frame, according to the frames VLAN-ID. The number of table
entries depends on the number of VLANs that have "queue allocation". By
default, VLANs do not have pre-determined "queue allocation".
VLAN Pbits priority Remap A single table per port. Enables the user to
remap VLAN-Priority bit values 0-7 to any other preferable value in the range
of 0-7. The number of table entries is 8 (all CoS legal values). The remapping
table can be used to re-scale some ports priorities down (for example 7:0 ->
3:0) while at same time scaling some ports priorities up (for example 7:0>7:4), or to ensure that certain priorities are reserved for specific purposes, by
initially remapping all frames away from reserved priorities (for example 7:0> 4:0, protecting priorities 7:5).
Static MAC - A single table for all ports in the switch. This table enables the
user to add a Static MAC entry to the switchs forwarding table. Such an
entry includes the static MAC address, the ports to which the frame should be
forwarded, and a priority, that will be assigned to the frame when MAC DA
classification overwrite is enabled on the port.
Policer list A list of all defined policers. Each Policer can have up to five
class map (policy rule) resources.
Page 17 of 60
Feature Description
Policer - Port Ingress Rate Limit (BW Profile definitions). Up to five class
maps can be configured per policer
The system supports a color blind leaky bucket scheme.
Each class map has following parameters:
Data type The rate can be limited based on the following data types:
None (no limiting), Unknown unicast, Unknown multicast, Broadcast,
Multicast, Unicast, Management, ARP, TCP-Data, TCP-Control, UDP,
Non- UDP, Non-TCP-UDP, Queue1, Queue2, Queue3, Queue4.
Note:
Note:
The rate for rate limiting is measured for all Layer 1 bytes,
meaning: Preamble (8bytes) + Frame's DA to CRC + IFG (12
Bytes)
The significance of CIR and CBS is illustrated in the following simple example
for a service that provides a CIR=4Mbps (=4,000,000 bps) and a CBS=2KB
(=2000 bytes): Two 1518 byte Frames are sent back to back. The first frame
depletes 1518 bytes of the initial 2KB CBS in the token bucket leaving 462
bytes remaining (2000 L1 frame size = 2000 1518 20 = 462). This service
frame is in-profile and delivered per the performance parameters specified by
the service. The second 1518 byte Service Frame needs more than the 462
bytes remaining in the bucket and therefore is out-of-profile and is
immediately discarded (if the "Limit Exceed Action" configuration is set to
"Discard Frame").
3.1.2.3
Page 18 of 60
Feature Description
Page 19 of 60
Feature Description
3.1.3
Enhanced QoS
Enhanced QoS (also called enhanced Traffic Manager), a license-enabled
feature, is used to improve the QoS capabilities of the IP-10 platform.
Enhanced QoS provides the following improvements:
Enhanced classification criterions.
Improved Scheduler based on strict priorities and/or WFQ algorithm.
8 priority queues with configurable buffer length.
Enhanced shaper per priority queue. Configurable CIR and CBS (based
on MEF 10.2 recommendations).
WRED support (see Weighted Random Early Detection (WRED) )
These enhancements apply to egress traffic on the radio port (where the
bottleneck is). All the other ports will function as usual. Enhanced QoS
requires a license, and can be enabled and disabled by the user.
When enhanced QoS is enabled, radio port egress traffic scheduling and
shaping are performed in the enhanced QoS module. Thus, the egress shaper
and scheduler on the radio port are degenerated in switch configuration:
Page 20 of 60
Note:
3.1.3.1
Feature Description
Page 21 of 60
Feature Description
Page 22 of 60
Feature Description
Page 23 of 60
WARNING:
Feature Description
Page 24 of 60
Feature Description
The user can specify CoS and color for each DSCP value. Classification
by DSCP bits can be used for untagged frames as well as 802.1Q tagged
and/or provider VLAN tagged frames.
Note:
Page 25 of 60
Feature Description
The user can specify CoS and color for each value in the MPLS field.
Note:
Page 26 of 60
3.1.3.2
Feature Description
3.1.3.3
Page 27 of 60
Feature Description
Each one of the 8 priority queues can be given a different weight. For each
queue, the user defines the WRED profile curve. This curve describes the
probability of randomly dropping frames as a function of queue occupancy.
Basically, as the queue occupancy grows, the probability of dropping each
incoming frame increases as well. As a consequence, statistically more TCP
flows will be restrained before traffic congestion occurs.
For each one of the priority queues, the WRED profile curve can be adjusted.
Yellow and Green frames can also be assigned different weights. Usually,
Green frames (committed rate) are preferred over Yellow frames (excessive
rate), as shown in the curve below.
Page 28 of 60
Note:
3.1.3.4
Feature Description
WRED can also be set to a tail drop curve. A tail drop curve
is useful for reducing the effective queue size, such as when
low latency must be guaranteed. In order to set the tail drop
curve to its maximum level, the drop percentage must be set
to zero.
Note:
The actual, effective buffer size of the queue can be less than
0.5Mb based on the configuration of the WRED tail drop
curve.
Throughput immunity to fast bursts When traffic is characterized
by fast bursts, it is recommended to increase the buffer sizes of the
priority queues to prevent packet loss. Of course, this comes at the cost
of a possible increase in latency.
The user can configure burst size as a tradeoff between latency and immunity
to bursts, according the application requirements. The following figure shows
the configuration screen for queue buffer sizes in the Web-Based EMS.
3.1.3.5
Page 29 of 60
Feature Description
Note:
The following figure shows the shows the shaper and scheduled configuration
screen in the Web-Based EMS.
3.1.3.6
Page 30 of 60
Feature Description
The shaper and scheduler configurations share the same table in the WebBased EMS.
3.1.3.7
Page 31 of 60
Note:
3.1.3.8
Feature Description
PM and statistics
The following PMs are collected per each queue:
Green Bytes passed Measures the transmitted green bytes (CIR
rate).
Yellow Bytes passed Measures the transmitted yellow bytes (EIR
rate).
Page 32 of 60
Feature Description
3.1.4
Ethernet interfaces
Interface Name
Interface Rate
Functionality
Eth2
Eth3
Eth5 (Radio)
Note:
Traffic
Page 33 of 60
3.1.4.1
3.1.4.2
Feature Description
Combo Eth1
(RJ-45)
Combo Eth1
(SFP)
Disabled
Eth2
Eth3
Interface type
Jumbo mode
MTU = 9612
MTU = 1632
Management port
MTU = 1632
MTU = 1632
Note:
3.1.4.3
GbE interfaces
The IP-10C supports two dual GbE interface, which the user can configure to
Electrical GbE (10/100/1000) or Optical GbE (SFP) interface. It is NOT
supported and NOT possible to use SFP with electrical stack. SFP supports
only optical stack.
It is possible to use an electrical interface at one end of the link, and an optical
interface at the other end. In order to change interfaces, it is essential to
disable the active interface first, and then to enable the other interface.
The options are:
Eth1: Electrical GbE or Optical GbE.
Page 34 of 60
3.1.4.4
Feature Description
The statistic counters are divided into ingress statistics and egress statistics.
The following table describes the special RMON counters:
Counter
Description
Frames longer than 2048 bytes (non jumbo mode) or 10240 (jumbo mode)
Total frames received with a length of more than MTU bytes, but with an
invalid FCS
Fragments frames received Total frames received with a length of less than 64 bytes, and an invalid FCS
3.1.5
Total frames received with CRC error, not counted in "Fragments", "Jabber" or
"Rx error" counters
In Discard Frames
Counts good frames that cannot be forwarded due to lack of buffer memory
In Filtered Frames
Counts good frames that were filtered due to egress switch VLAN policy rules
All traffic coming from the Ethernet interface is sent directly to the radio and
vice versa. QoS can be used with Smart Pipe.
In Smart Pipe mode, other GbE (10/100/1000) interfaces can be configured as
management interfaces (see Ethernet interfaces on page 33). Otherwise, they
are shut down.
Page 35 of 60
3.1.6
Feature Description
Item Description
Manufacturer
Name
Manufacturer PN
AO-0049-0
XCVR,SFP,850nm,1.25Gb,MM,500M,W.DDM
PHOTON
PST120-51TP+
AO-0049-0
XCVR,SFP,850nm,1.25Gb,MM,500M,W.DDM
Wuhan Telecom.
Devices (WTD)
RTXM191-551
AO-0049-0
XCVR,SFP,850nm,1.25Gb,MM,500M,W.DDM
CORETEK (*)
CT-1250NSP-SB1L
AO-0049-0
XCVR,SFP,850nm,1.25Gb,MM,500M,W.DDM
Fiberxon
FTM-8012C-SLG
AO-0037-0
XCVR,SFP,1310nm,1.25Gb,SM,10km
Wuhan Telecom.
Devices (WTD)
RTXM191-401
AO-0037-0
XCVR,SFP,1310nm,1.25Gb,SM,10km
CORETEK (*)
CT-1250TSP-MB4L-A
AO-0037-0
XCVR,SFP,1310nm,1.25Gb,SM,10km
Fiberxon
FTM-3012C-SLG
AO-0037-0
XCVR,SFP,1310nm,1.25Gb,SM,10km
AGILENT
AFCT-5710PZ
* Electrically, these SFP modules work properly but they tend to get
mechanically stuck in the IP-10C chassis.
3.1.7
The following table describes VLANs that are reserved for internal use:
VLAN
Description
Remark
4091
4092
Internal VLANs.
4093
4094
4095
Not defined.
Page 36 of 60
3.2
3.2.1
Feature Description
Basic operation
In PRC pipe regenerator mode, frequency is taken from the incoming GbE
Ethernet signal, and used as a reference for the radio frame. On the receiver
side, the radio frame frequency is used as the reference signal for the outgoing
Ethernet PHY.
Frequency distribution behaves in a different way for optical and electrical
GbE interfaces, because of the way these interfaces are implemented:
For optical interface, separate and independent frequencies are
transported in each direction.
For electrical interfaces, each PHY must act either as clock master or as
clock slave in its own link. For this reason, frequency can only be
distributed in one direction, determined by the user.
3.2.1.2
User configuration
For PRC pipe regenerator mode to work, the following is necessary:
Ethernet port #1 (GbE) must be enabled.
Licensing
PRC regenerator is a licensed feature. It requires a SyncU license. Enabling
PRC regenerator without the proper license will cause a license violation alarm.
Page 37 of 60
3.3
3.3.1
Feature Description
Performance Monitoring
PM measurements
The following PMs are measured (15 minute or 24 hour intervals):
Radio PMs
MSE PM:
Minimum MSE
Maximum MSE
Exceed MSE Threshold seconds
Radio MRMC
Minimum ACM profile
Radio Ethernet Capacity (overall Ethernet bits rate, data and overhead,
measured on radio-Ethernet interface):
Peak Capacity
Average Capacity
Exceed Capacity threshold seconds.
Note:
Peak Utilization
Average Utilization
Page 38 of 60
3.3.2
Feature Description
Change (in
seconds)
Time left
Add new
Mark IDF
+7
473
No
no
--
+35
445
No
Yes
--
-7
487
No
No
--
-35
515
No
Yes
--
+490
890
Yes
Yes
No
+520
860
Yes
Yes
Yes
Page 39 of 60
3.4
Feature Description
Radio Features
3.4.1
ACM
3.4.1.1
General overview
Adaptive Coding and Modulation (ACM) radio capability is supported by the
following radio scripts:
ACM-56MHz, QPSK 256QAM
Page 40 of 60
3.4.1.2
Feature Description
Adaptive TX power
General Overview
Adaptive TX power is designed to work with ACM in certain scenarios to
maximize the additional few dB of TX power available at lower order
modulation schemes for a given modulation scheme. See the table below for a
summary of the maximum power levels available for each modulation scheme
and frequency band.
The user has the option to use the adaptive TX power feature, which increases
TX power in correspondence to a reduction in ACM modulation in response to
deteriorating link conditions, thus providing valuable extra dB of system gain
to counter deteriorating propagation. This can amount to up to 4dB over the
range of QPSK to 256QAM.
For this feature to be used effectively, it is essential for the operator not to
breach any regulator-imposed EIRP limitations. For example, if used, the
operator must license the system for the maximum possible EIRP.
The Adaptive TX Power feature, together with ACM, can work in either of the
following scenarios:
Increase capacity (increase throughput of existing link) With the
option to use Adaptive TX Power.
Increase availability (new link) Adaptive TX Power is not applicable.
The first scenario is for customers who have existing links in a low class
(modulation order), and want to use ACM in order to carry additional Ethernet
traffic without occupying more spectrum bandwidth.
The second scenario is for customers who plan a new link for a specific
availability and capacity, but want to take advantage of the new ACM
capability to get lower capacity even in higher fades.
In the first scenario the user must plan the link according to a low class
channel mask, and when radio path conditions allow it, the link will increase
the modulation. This increase of modulation may require lowering the output
power (see table below), in order to decrease the non-linearity of the
transmitter for the higher constellations and in order for the transmitted
spectrum to stay within the licensed low class channel mask. The following
figure demonstrates the differences between a low class mask (e.g., class 2)
and a high class mask (e.g., class 5):
Page 41 of 60
Feature Description
Limitations / Guidelines
The feature is available only when ACM Adaptive Mode is configured. The user
must first enable Adaptive Mode in order to enable Adaptive TX Power when
configuring the radio script.
Reference class is ETSI terminology. Any FCC radio script (channel spacing:
10, 20, 30, 40, 50MHz) should be selected with the reference class = FCC
option (CQ20359).
IP-10C enables the configuration of any reference class, without regard to
the scripts configured channel spacing. In fact, the regulation standards
(ETSI/FCC) have limitations on which reference class to use for each specific
channel spacing. It is the users responsibility to configure the right reference
class according to the channel spacing (CQ20098).
3.4.1.3
3.4.1.4
Page 42 of 60
Feature Description
degrades below the 32QAM threshold, the radio will lose carrier
synchronization, and will report Loss of Frame.
The user can enable and disable this feature. When the feature is enabled, the
user can set the minimum MRMC profile. The default is disabled.
3.4.2
3.4.3
Page 43 of 60
3.4.4
Feature Description
Page 44 of 60
Feature Description
L2 (Ethernet + MPLS)
L3 (Ethernet + IP)
L4 ( All supported layers up to L4)
Excluding rules
The learning lookup table is limited to 256 entries. To optimize compression
rates, it is important to avoid over-population of the lookup table. Users can
optimize compression performance by excluding flows that should not be
compressed, according to the following rules:
By MAC destination address (DA) 6 bytes DA
Page 45 of 60
Feature Description
Bit 5
Bit 4
Bit 3
Bit 2
L2
PBB-TE
MPLS
L3 - IPv4
L3 - IPv6
L4
00 untag
0 no
0 no
0 no
0 no
00 no
10 reserved
1 - yes
1 - yes
1 - yes
1 yes
01 UDP
01 single tag
10 TCP
11 double tag
11 - GRE
Licensing
Multi layer header compression is a licensed feature that requires an
enhanced compression license. Switching to enhanced compression mode
without a valid license will cause a license violation and will initiate a license
violation alarm.
Page 46 of 60
3.5
Feature Description
Security
Security features are relevant to the following areas:
User access control: Allowing only authorized users to access the
system.
Secure communication channels: End-to-end encrypted channels for
management.
Security log: A tool to analyze undesired or unauthorized changes in
the system security configuration.
Note:
3.5.1
3.5.2
Page 47 of 60
3.5.2.1
3.5.2.2
Feature Description
Supported Encryptions: aes128-cbc, 3des-cbc, blowfish-cbc, cast128cbc, arcfour128, arcfour256, arcfour, aes192-cbc, aes256-cbc, aes128ctr, aes192-ctr, aes256-ctr.
MAC (Message Authentication Code): SHA-1-96 (MAC length = 96 bits,
key length = 160 bit). Supported MAC: hmac-md5, hmac-sha1, hmacripemd160, hmac-sha1-96, hmac-md5-96'
The server will authenticate the user based on user name and
password. The number of failed authentication attempts is not limited.
Server timeout for authentication: 10 minutes. This value cannot be
changed.
The status of the upload operation can be monitored in the Web-Based EMS.
The returned status values are: ready (default), in-progress, success, and
failed. In case of failure, an appropriate error message will appear.
Page 48 of 60
Feature Description
Page 49 of 60
3.5.2.3
Feature Description
Downloading software
3.5.2.4
freeSSHd : http://www.freesshd.com/?ctt=download
msftpsrvr: http://www.download3k.com/Install-CoreFTP.com-CoreFTP-Mini-SFTP-Server.html
Page 50 of 60
Feature Description
3.5.3
Security log
The security log is an internal system file which records all changes performed
to any security feature, as well as all security related events.
The security log file has the following attributes:
The file is of a cyclic nature (fixed size, newest events overwrite
oldest).
Readable only by users with "admin" or above privilege
Page 51 of 60
Feature Description
FTP enable/disable
Loading certificates
RADIUS server and NAS parameters (IP address) change
RADIUS enable/disable
Remote logging enable/disable (for security and configuration logs)
Syslog server address change (for security and configuration logs)
System clock change
NTP enable/disable
Security events
Successful and unsuccessful login attempts
N consecutive unsuccessful login attempts (blocking)
Configuration change failure due to insufficient permissions
Page 52 of 60
3.6
3.6.1
Feature Description
System management
Alarms editing
It is possible for users to change the description text (by appending extra text
to the existing description) or the severity of any alarm in the system. This
feature is available through CLI only.
This is performed as follows:
Each alarm in the system is identified by a unique name (see separate
list of system alarms and events).
The user can perform the following operations on any alarm:
View current description and severity
Define the text to be appended to the description and/or severity
Return the alarm to its default values
The user can also return all alarms and events to their default values.
3.6.2
3.6.2.1
3.6.2.2
Web-Based EMS
A Web-Based EMS connection to the IP-10C can be opened using an HTTP
Browser (Explorer or Mozilla Firefox). To open a connection, open the
browser and type http://ip_address. For example, if the IP address of the IP10C is 192.168.1.1, type: http://192.168.1.1 to open a session with the IP-10C
via the Web-Based EMS. If HTTPS protocol is used, type: https://192.168.1.1
The Web-Based EMS uses a graphical interface, and is much more userfriendly than the CLI. All system configurations and statuses are available via
the Web-Based EMS, including all L2-Switch configurations (port type, VLANs,
QoS, etc.).
When L2-Switch parameters are configured, it is important to click Apply in
order to save the configuration to the disk.
Page 53 of 60
3.6.2.3
Feature Description
SNMP
IP-10C supports SNMPv1, SNMPv2c, and SNMPv3 traps. For more details,
seeSNMPv3 Traps on page 54.
IP-10C supports the following MIBs:
For more information, see the FibeAir IP-10C MIB Reference Guide, DOC00033227.
3.6.2.4
SNMPv3 Traps
IP-10C supports SNMPv1 and SNMPv3. Supported MIBs can be found in the
FibeAir IP-10C MIB Reference Guide, DOC-00033227.
The relevant parameters and commands for handling SNMP actions are:
Configuring SNMPv1 or SNMPv3
Setting SNMP to enable or disable
When configuring SNMPv3, the following configurations are available:
username: SNMPv3 user name
security-mode: the valid options are: authentication, authenticationprivacy, no-security.
authentication-protocol (valid only when security mode is other than
no-security): valid options: MD5, SHA.
Note:
3.6.3
Management configuration
3.6.3.1
Management configuration
An IP-10C system can be configured to use 1 or 2 Ethernet management ports.
Interfaces "eth2" and "eth3" are the only ports that can be assigned as
management ports:
Configured Number Management Interfaces
of Management Ports
1
Eth3
Eth3, Eth2
None
Management ports are connected to the switch (bridge) and are configured to
"learning" mode.
Page 54 of 60
3.6.3.2
Feature Description
3.6.3.3
Management capacity
Management ports can be configured to have one of the following capacities:
64kbps, 128kbps, 256kbps, 512kbps, 1024kbps, 2048kbps (default). Capacity
is limited by the port ingress rate limit.
3.6.3.4
3.6.3.5
In-Band management
With In-Band management, the remote IP-10C is managed by specific frames
that are sent as part of the traffic. These frames are identified as management
frames by a special VLAN ID configured by the user. This VLAN ID must be
used ONLY for management. It is NOT possible to configure more than a single
VLAN ID for management.
Important:
The local unit is the gateway for In-Band management. The remote unit is
managed via its traffic ports (the radio port, for example), so that no
management ports are needed on the remote unit.
Avoiding Ethernet Loops
When configuring the system to In-Band management, it is essential to avoid
Ethernet loops, as shown in the following figures. It is necessary to transport
management traffic to the main unit by using external Ethernet cables.
Page 55 of 60
Feature Description
1+ 0 In- Band
Management
2 Management
Interfaces
1 Management
Interfaces
Radio
Link
Radio
Link
IP-10
IP-10
IP-10
1 Management
Interfaces
1 Management
Interfaces
IP-10
Agenda
Radio
Link
Traffic Port
1+ 0 Branching
In- Band Management
.
Loops should be avioded
!
Management Port
3.6.3.6
IP-10
Mng
Frames
Block providers
management Frames
Mng
Frames
Block providers
management Frames
Provider Network
Management Center
In Single Pipe mode, VLANs cannot be used to block traffic, since the line and
radio interfaces are transparent by definition to all VLANs. Thus, this
management blocking capacity is a special feature for Single Pipe applications
that blocks management frames from egressing the line interface.
Ceragon Proprietary and Confidential
Page 56 of 60
Feature Description
Management isolation and blocking behavior is controlled by the blockmanagement-towards-line CLI parameter. The default is disable (not blocked).
3.6.4
3.6.4.1
General overview
CLI configuration text scripts, written in Ceragon CLI format, can be
downloaded into the IP-10C. It is impossible to upload the IP-10Cs
configuration into a text file.
CLI scripts can only be downloaded and handled via CLI. CLI scripts cannot be
downloaded via the Web-Based EMS. All CLI commands that handle CLI
scripts reside at:
/platform/idc-board/
The user can perform the following operations on CLI scripts:
This operation returns the text content of the downloaded script to the
console.
Execute (activate) a CLI script.
set /platform/idc-board/cli-script execute
Page 57 of 60
Operation
Feature Description
Event Scenario
3.6.4.2
Reset IP-10C
Protection copy-to-mate command
Only a single command of this kind can be used per script, and only at the end
of the script!
If such a command is used at the end of the script, when this command is the
next one to be executed, the script will hold and wait until the user enters
confirmation (CQ19326).
A user with operator privileges cannot include user commands that require
higher privileges in a script. Higher privilege commands will not be executed
and will echo error.
SNMPv3 and Add user commands are not recommended for use via CLI
scripts. This is because these commands require user attention. The SNMPv3
commands or FTP password for software configuration or download, for
example, require a password from the user, and therefore should not be
performed via a CLI script.
Page 58 of 60
3.6.5
Feature Description
Language support
Users should be aware of the following limitations regarding the usage of non
standard ASCII (ASCII 7) characters:
Web-Based EMS
Web browser encoding is automatically set to UTF-8, for proper
functionality of the Web-Based EMS. No other encoding type is available
(CQ18826).
Any bridge-related (L2 switching machine or L2 protocols) free text must be
in standard ASCII (ASCII 7), e.g.,, Policer Name, Class-map Name, etc.
Any usage of non-standard ASCII characters will be rejected by the system,
returning a Bad Character error message.
Any other free text fields (which are not related to the L2 switch) can be
populated by text in any language, e.g.,. System Name, System Location,
Contact Person, etc.
User names and passwords must be typed in Standard ASCII (ASCII 7).
Otherwise, they will be rejected by the system, which returns a Bad
Character error message.
It is recommended to use only ASCII 7 format characters when configuring
SNMP-related parameters via the Web-Based EMS (e.g., CLLI) in order to avoid
gibberish when these parameters are obtained via an SNMP interface, which
supports only ASCII 7 format (CQ21324).
Note:
3.6.6
NTP
IP-10C supports NTP client. If the user enables this capability, the user should
enter the IP address of the NTP server on which the user wants the IP-10C to
be locked.
The NTP client returns one of the following Sync statuses:
If locked, it returns the IP address of the server it is locked on.
Loca The NTP client is locked on the local elements real-time clock.
NA - The NTP client is not synchronized with any clock (valid only
when Admin is set to Disable).
Page 59 of 60
Feature Description
The following table displays the clock to which the various software interfaces
are disciplined:
UTC - Universal Time Coordinated.
Time Offset Configured by the user indicating the time offset from
the UTC (Unit Information page in the Web-Based EMS).
DST Daylight Saving Time configured by the user (Unit Information
page in the Web-Based EMS).
Local Time Calculated by offsetting the UTC by the total offset (Time
Offset + DST).
PM
I6.1 MIB
PolyView 6.1
I6.1 WEB
I6.2 MIB
I6.2 WEB
No MIB
UTC (GMT)
Local Time
UTC (GMT)
Local Time
Traps
UTC (GMT)
N/A
PMGenTime (internal
Param)
UTC (GMT)
N/A
InvGenTime
UTC (GMT)
N/A
(internal Param)
Note:
Page 60 of 60