Skip to end of metadata
Go to start of metadata

Download PDF Document

2018-05-11

For all Mediatrix units

v. 42.1.857


1 Important Information About Network Interfaces

Naming

  • The name of the network interface is case sensitive.
  • Using the special values All, Loop, LoopV6, and Rescue are not allowed to name a network interface
  • A valid network interface name:
    • must start with a letter
    • cannot contain characters other than letters, numbers, and underscores.

Configuration

  • It is not possible to have different IP addresses from the same subnet on one interface.
  • It is possible to create up to 48 network interfaces.
  • LLDP cannot be activated on multiple network interfaces simultaneously.
  • If no network is configured in IPv6, the unit does not have any IPv6 address, not even the Link-Local address. When a network is configured in IPv6, the Link-Local (FE80 ::...) address is automatically created and displayed in the Network Status information.
  • In case of address conflicts between two or more network interfaces, the network interface with the highest priority will remain enabled and the other interfaces will be disabled. If the priority is the same, only the first enabled network interface will be able to use the IP address. When a conflict ends, all network interfaces concerned automatically return to an operational state.
  • Media5 recommends to reserve an IP address with an infinite lease for each Mediatrix unit on the network.
  • The Rescue Network Interface cannot be deleted.

Important

Use extreme care when configuring network interfaces, especially when configuring the network interface used to contact the unit for management. Be careful never to disable or delete the network interface used to contact the unit. Also be careful to always set the unit’s management interface to be an interface that you can contact.


2 Basic Concepts


2.1 Default Network Interfaces

There are four Network Interfaces created by default on the Mediatrix unit: Uplink, Lan 1, UplinkV6, and Rescue.

  • The Uplink network interface defines the uplink information required by the Mediatrix unit to properly connect to the WAN. Refer to the Link Default Values for the Uplink Network Interface. By default, this interface uses the IpDhcp (IPv4 DHCP) connection type. If you are using only one Network Interface, you must use Uplink.
  • The Lan1 network interface defines the information required by the Mediatrix unit to properly connect to the LAN. Refer to the Link Default Values for the Lan 1 Network Interface. By default, the Lan1 Network Interface uses the IpStatic (IPv4 Static) connection type. The Lan1 network interface can only be added on units with 2 network ports.
  • The Rescue network interface, is used to display the Rescue Management Interface when a partial reset of the unit is performed. By default, the Rescue network interface
    • is disabled and automatically enabled when a partial reset is performed.
    • uses the IpStatic (IPv4 Static) or the Ip6Static (IPv6 Static) addresses.
    The Rescue Network Interface cannot be deleted. Refer to Partial Reset.
  • The is used to access the Rescue Management Interface. By default, this interface uses the IP6autoConf (IPv6 Auto-Conf) configuration mode.
It is possible to create up to 48 Network Interfaces.


2.1.1 Link Default Values for the Uplink Network Interface

Unit Type Link Default Value
Sentinel 400 eth1
Sentinel 100 eth1
Mediatrix G7 eth1
Mediatrix S7 eth1
Mediatrix C7 series eth1
Mediatrix 3000 eth5
Mediatrix 4104 eth1/eth
Mediatrix 4108/16/24 eth1/Ethernet
Mediatrix 4102 Wan
Mediatrix 4400 series eth1/Network
Mediatrix LP series eth1/Ethernet
Mediatrix 4108 IPPBX eth1/Ethernet

2.1.2 Link Default Values for the Lan 1 Network Interface

Unit Type Link Default Value
Sentinel 400 eth2-5
Sentinel 100 eth2-5
Mediatrix G7 eth2-5
Mediatrix S7 eht2-5
Mediatrix C7 series eth2
Mediatrix 3000 eth1-4
Mediatrix 4104 eth2
Mediatrix 4108/16/24 eth2
Mediatrix 4102 lan
Mediatrix 4400 series eth2
Mediatrix LP series eth2
Mediatrix 4108 IPPBX eth2

2.1.3 Partial Reset

The partial reset provides a way to contact the Mediatrix unit in a known and static state while keeping most of the configuration unchanged.

A partial reset can be performed at the initial start-up of the Mediatrix unit or on a unit already in use where the configuration was modified in such a way that the user can no longer access the system by the Web page or otherwise. In both cases, the user will access the Rescue Interface with the Rescue Network Interface using either a static IPv4 address (192.168.0.1 ) or an IPv6 Link Local address connection. These connections give access to the Rescue Management Interface where the configuration of a new unit can be completed and where an existing configuration can be modified.

By default the Rescue Network Interface is disabled. When a partial reset is performed, the Rescue network Interface becomes enabled. Once the configuration has been modified to solve the problem that required the partial reset, it is important to disable the Rescue Network Interface to make sure that you are no longer working in the Rescue Network Interface.

Performing a partial reset on a new unit will not modify the configuration, as it has not yet been modified to your needs. However, a partial reset performed on a unit already in use will:

  • Rollback Local Firewall settings that are not yet applied.
  • Add a Local Firewall rule to allow complete access to the Rescue interface.
  • Rollback NAT settings that are not yet applied.
  • Add NAT rule to allow complete access to the Rescue interface.
  • Cancel the changes that were being modified but not yet applied to the configuration.
  • Disable any Network Interface in conflict with the Network Rescue Interface.
  • Configure and enable the Rescue Network Interface to:
    • use the link as the default value used by the Uplink Network Interface
    • set the IP address to 192.168.0.1 and the Network Mask to 255.255.255.0.
    • set the IPv6 link-local address on all network links. The IPv6 link-local address can be found underneath the unit.

A partial reset will also modify the following parameters to their default value:

Service Parameter Default Value
AAA Users.Password User(s) from profile are restored with their factory password. All other usernames keep their password.
Users.AccessRights User(s) from profile are restored with their factory rights.
ServicesAaaType (table) Each service will be configured to use Local authentication and no accounting mechanism.
CLI EnableTelnet Disable
TelnetPort 23
EnableSsh Enable
SshPort 22
InactivityTimeOut 15
HOC ManagementInterface Lan1
SNMP EnableSnmpV1 Disable
EnableSnmpV2 Disable
EnableSnmpV3 Enable
Port 161
Web ServerPort 80
SecureServerPort 443


2.2 IP Address Reservation

Before connecting the Mediatrix unit to the network, Media5 strongly recommends to reserve an IP address in your network server – if using one – for the unit you are about to connect.

This way, the IP address associated with a particular unit will be known. Network servers generally allocate a range of IP addresses for use on a network and reserve IP addresses for specific devices using a unique identifier for each device. The Mediatrix unit unique identifier is the media access control (MAC) address. Refer to Locating the MAC Address of Your Mediatrix Unit.


2.2.1 Locating the MAC Address of Your Mediatrix Unit

Context

The MAC address of the unit is:

  • printed on a label located under the Mediatrix unit
  • displayed in the Current Status table of the Web Interface (System/Information)


2.3 Link Layer Discovery Protocol (LLDP)

The Link Layer Discovery Protocol (LLDP) service is used by network devices for advertising their identity, capabilities, and neighbors on a IEEE 802 local area network, usually wired Ethernet.

LLDP cannot be activated on more than one network interface at a time.


2.4 Link Connectivity Detection

Each Ethernet port of the Mediatrix unit is associated with an Ethernet link.

An Ethernet link has connectivity if at least one of its port status is not disconnected. The link connectivity is periodically polled (every 500 milliseconds). It takes two consecutive detections of the same link state before reporting a link connectivity transition. This avoids reporting many link connectivity transitions if the Ethernet cable is plugged and unplugged quickly.


2.5 PPP Negotiation

When the Mediatrix unit restarts, it establishes the connection to the access concentrator in conformance with RFC 2516 section 5.1.

When establishing a PPP connection, the Mediatrix unit goes through three distinct phases:

  • Discovery phase: The Mediatrix unit broadcasts the value of the Service Name field. The access concentrator with a matching service name answers the Mediatrix unit.
    • If no access concentrator answers, this creates a PPPoE failure error.
    • If more than one access concentrators respond to the discovery, the Mediatrix unit tries to establish the PPP connection with the first one that supports the requested service name.
  • Authentication phase: If the access concentrator requests authentication, the Mediatrix unit sends the ID/secret pair configured in the User Name and Password fields. If the access concentrator rejects the authentication, this creates an “authentication failure” error.
  • Network-layer protocol phase: The Mediatrix unit negotiates an IP address. The requested IP address is the one from the last successful PPPoE connection. If the Mediatrix unit never connected by using PPPoE (or after a factory reset), it does not request any specific IP address.


3 Basic Tasks


3.1 Creating a Network Interface

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the Network Interface Configuration table, click +.
  3. Enter a name in the Name field.

    Note

    The Network Interface name must be unique and is case sensitive.

  4. From the Link selection list, select the link the network interface will use.
  5. Click Apply.

Result

The new Network Interface will be available in the:
  • Media Interface Configuration table under the SBC/ Configuration tabs (provided you have the Sbc service)
  • Signaling Interface Configuration table under SBC/ Configuration tabs (provided you have the Sbc service)
  • DHCP Server Configuration table under the Network/ DHCP Server tabs
  • Signaling Network table under the SIP/Gateways tabs
  • Network Interface table under the SIP Proxy/Configuration tabs.
  • Network Interface table under the Management/Misc tabs.
  • Forward To Network table under the Network/IP Routing tabs.

3.2 Configuring a Network Interface

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed. When configuring network interfaces, Media5 recommends to have a syslog client properly configured and enabled in order to receive any message related to the network interfaces behaviour. The interface used to access the syslog client must also be properly enabled.

Steps

  1. Go to Network/Interfaces.

    Important

    Use extreme care when configuring network interfaces, especially when configuring the network interface used to contact the unit for management. Be careful never to disable or delete the network interface used to contact the unit. Also be careful to always set the unit’s management interface to be an interface that you can contact.

  2. In the Network Interface Configuration table, complete the fields as required.
  3. From the Activation drop-down list, select Enable.
  4. Click Apply.

3.3 Associating an Ethernet Link to a Network Interface

Before You Start

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the Network Interface Configuration table, from the Link field , select the link to be associated with a Network Interface (the link will appear as ethx.VlanId).

    Note

    Once the changes are applied, the connection with the unit might be lost. You may need to reconnect to the Web page.

  3. Complete the fields as required.
  4. Click Apply.

Result

The Network interface is associated with a physical interface i.e. an Ethernet Link.

3.4 Disabling the Rescue Interface

Context

By default the Rescue interface is disabled. However, after a partial reset the rescue interface is enabled.

Steps

  1. Go to Management/Misc.
  2. From the Network Interface drop-down menu, select the interface that will be used to manage the unit.

    Important

    If you keep the Rescue Interface selected, you will not be able to get into the management interface after disabling it.

  3. Go to Network/Interfaces.
  4. In the Rescue Interface table, from the Activation selection list, select Disable.
  5. Click Apply.

Result

The unit will be reachable either on the new configured static IP address or on the DHCP .

3.5 Configuring the PPPoE Connection Type

Before You Start

The User Name and Password fields are not accessible if you have the User or Observer access right.

Context

Perform this procedure only if you have selected PppIpcp (IPv4 PPPoE) as a connection type for your Network Interfaces. If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the PPPoE Configuration table, complete the fields as required.
  3. Click Apply.

Result

The current PPPoE information is displayed in the Status page.

3.6 Configuring the Link Layer Discovery Protocol (LLDP)

Before You Start

The Llpd service must be started.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the LLDP Configuration table, select the network interface name on which LLDP should be enabled.

    Note

    LLDP cannot be activated on multiple network interfaces simultaneously.

  3. Select the address type to populate the chassis ID device identifier.
  4. Select whether to enable the LLDP-MED protocol override of the VLAN ID.
  5. Click Apply if you do not need to set other parameters.

Result

The current LLDP information is displayed in the Status tab.

3.7 Configuring the Ethernet Link linked to a Network Interface

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the Ethernet Link Configurationtable, set the MTU field of a specific Ethernet link with required value.

    Note

    The MTU value applied for a PPPoE connection is the smallest of the value negotiated with the server and the value configured here.

    Note

    Each Network interface used by TCP/IP may have a different MTU value specified. All VLAN connections use the MTU size configured on their related Ethernet link.

  3. From the 802.1x Authentication select Enable for each Ethernet link requiring 802.1x Authentication.
  4. Enter the EAP username used to authenticate each Ethernet link interfaces during the IEEE 802.1x EAPTLS authentication process..
  5. From the EAP Certificate Validation field, choose the IEEE 802.1x level of validation used by the device to authenticate the IEEE 802.1x EAPTLS peer's certificate.
  6. Click Apply if you do not need to set other parameters.

Result

The current status of the network interfaces is displayed in the Status page.

3.8 Selecting the IEEE 802.1x Version

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Interfaces.
  2. In the EAP 802.1x Configuration table, select the IEEE 802.1x version.
  3. Click Apply if you do not need to set other parameters.

Result


4 Advanced Parameters


4.1 IPv6 Autoconfiguration Interfaces

When the Type drop-down menu is set to IPv6 Auto-Conf, the network interface is an IPv6 over Ethernet connection with IP parameters obtained by stateless auto-configuration or stateful (DHCPv6) configuration.

Autoconfiguration of IPv6 address is first initiated using state-less autoconfiguration. Stateful autoconfiguration is initiated only if one of the following conditions is met:

  • The router explicitly required stateful autoconfiguration by setting the “managed” or “other” flag of the router advertisement.
  • No router advertisement was received after 3 router solicitations. RFC 4861 defines the number of router solicitations to send and the 4 seconds interval between the sent router solicitations.


4.2 Stateless Autoconfiguration

All IPv6 addresses present in the router advertisements are applied to the network interface

Each IPv6 address is assigned a network name based on the configured network name with a suffix in the following format: ConfiguredNetworkName-XX-Y. XX is the address scope

  • GU (Global Unique)
  • UL (Unique Local)
  • LL (Link-Local)
Y is a unique ID for the address scope.


4.3 Spanning Tree Protocol vs Stateless Autoconfiguration

Many network switches use the Spanning Tree Protocol (STP) to manage Ethernet ports activity.

STP uses a detection timeout before a router advertisement is sent to the Mediatrix unit. The default value for this timeout is usually 30 seconds. However, when the unit wants to get an IPv6 address in Stateless autoconfiguration, this timeout is too long and the unit falls into Stateful Autoconfiguration mode before it receives the router advertisement. This results in the unit receiving a DHCPv6 address. To solve the issue, check if the default STP detection timeout value in your router can be modified. If so, set it to a value of 8 s or less. If you cannot modify the timeout value, Media5 recommends to disable the Spanning Tree Protocol on the network to which the unit is connected.


4.4 Statefull Autoconfiguration

Stateful autoconfiguration is managed by DHCPv6. The DHCPv6 lease is negotiated according to the limitations listed in section 1.5 of RFC 3315.

DHCPv6 may be used to obtain the following information (depending on the router advertisement flags):

  • IPv6 addresses (when the router advertisement “managed” flag is set)
  • Other configuration (when the router advertisement “other” flag is set)
If only the “other” flag is set in the router advertisement, the DHCPv6 client only sends an information request to the DHCPv6 server, otherwise it sends a DHCPv6 solicit message. If the flags change over time, only the transitions from “not set” to “set“ are handled.


4.5 Speed and Duplex Detection Issues

There are two protocols for detecting the Ethernet link speed: parallel detection and auto-negotiation (IEEE 802.3u).

The auto-negotiation protocol allows to detect the connection speed and duplex mode. It exchanges capabilities and establishes the most efficient connection. When both endpoints support the auto-negotiation, there are no problems. However, when only one endpoint supports auto-negotiation, the parallel detection protocol is used. This protocol can only detect the connection speed; the duplex mode cannot be detected. In this case, the connection may not be established. The Mediatrix unit has the possibility to force the desired Ethernet link speed and duplex mode by disabling the auto-negotiation and selecting the proper setting. When forcing a link speed at one end, be sure that the other end (a hub, switch, etc.) has the same configuration. To avoid any problem, the link speed and duplex mode of the other endpoint must be exactly the same.


4.6 Advanced Network Interface Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the configuration parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters

Network Interfaces Priority

Refer to eth.networkInterfacesPriority in the Reference Guide published on the Media5 documentation portal.

DHCP Client Identifier Presentation

Refer to bni.dhcpClientIdentifierPresentation in the Reference Guide published on the Media5 documentation portal.

Ethernet Connection Speed

Refer to eth.portsSpeed in the Reference Guide published on the Media5 documentation portal.

5 Documentation

Mediatrix units are supplied with an exhaustive set of documentation.

Mediatrix user documentation is available on the Documentation Portal .

Several types of documents were created to clearly present the information you are looking for. Our documentation includes:

  • Release notes: Generated at each GA release, this document includes the known and solved issues of the software. It also outlines the changes and the new features the release includes.
  • Configuration notes: These documents are created to facilitate the configuration of a specific use case. They address a configuration aspect we consider that most users will need to perform. However, in some cases, a configuration note is created after receiving a question from a customer. They provide standard step-by-step procedures detailing the values of the parameters to use. They provide a means of validation and present some conceptual information. The configuration notes are specifically created to guide the user through an aspect of the configuration.
  • Technical bulletins: These documents are created to facilitate the configuration of a specific technical action, such as performing a firmware upgrade.
  • Hardware installation guide: They provide the detailed procedure on how to safely and adequately install the unit. It provides information on card installation, cable connections, and how to access for the first time the Management interface.
  • User guide: The user guide explains how to customise to your needs the configuration of the unit. Although this document is task oriented, it provides conceptual information to help the user understand the purpose and impact of each task. The User Guide will provide information such as where and how TR-069 can be configured in the Management Interface, how to set firewalls, or how to use the CLI to configure parameters that are not available in the Management Interface.
  • Reference guide: This exhaustive document has been created for advanced users. It includes a description of all the parameters used by all the services of the Mediatrix units. You will find, for example, scripts to configure a specific parameter, notification messages sent by a service, or an action description used to create Rulesets. This document includes reference information such as a dictionary, and it does not include any step-by-step procedures.


6 Copyright Notice

Copyright © 2018 Media5 Corporation.

This document contains information that is proprietary to Media5 Corporation.

Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.

This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.

Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.