peribit seq reducer operators guide sr_31_og

Sequence ReducerOperator’s Guide

For use with Peribit SR-20, SR-50, and SR-55 Sequence Reducers with SRS 3.1 software

CopyrightSequence Reducer Operator's Guide © 2001-2003 Peribit Networks, Inc. All Rights Reserved.

Peribit, Molecular Sequence Reduction (MSR), Peribit Profile Mode (PPM), and the Peribit logo are trademark[s] of Peribit Networks, Inc. All other trademarks are the property of their respective owners.

U.S. GOVERNMENT RIGHTSUse, duplication, or disclosure by the U.S. Government of any of the programs included in this product shipment is subject to restrictions set forth in the Peribit Networks, Inc. SOFTWARE LICENSE AGREEMENT AND LIMITED WARRANTY and as provided in DFARS 227.7202-1(a) and 227.7202-3(a) (1995), DRAS 252.227-7013(c)(ii) (OCT 1988), FAR 12.212(a)(1995), FAR 52.227-19, or FAR 52.227-14 (ALT III), as applicable. Peribit Networks, Inc.

This product includes a modified copy of the traceroute software developed by the University of California and its contributors. © 1990, 1993 The Regents of the University of California.

A copy of the University of California copyright notice, license terms and disclaimer is available in the Sequence Reducer Operator’s Guide at page 201.

This product includes a modified version of OpenSSL. © 2001-2003 Peribit Networks, Inc. All Rights Reserved. © 1998-2000 The OpenSSL Project. © 1995-1998 Eric Young.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit(http://www.openssl.org).

A copy of the OpenSSL Project copyright notice, license terms and disclaimer is available in the Sequence Reducer Operator’s Guide at page 202.

A copy of the Eric Young copyright notice, license terms and disclaimer is available the Sequence Reducer Operator’s Guide at page 202.

This installation includes a modified version of ospfd. © 2001-2003 Peribit Networks, Inc. All Rights Reserved. ospfd © 1998 John T. Moy. You may find a copy of the modified source code atwww.peribit.com/opensource/ospfd.zip.

ospfd is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may obtain a copy of the GNU General Public License at www.peribit.com/opensource/gpl.zip. Or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

A log of modifications made to the ospfd source code is available atwww.peribit.com/opensource/ospfd.zip.

Part number 100068 Rev. 004

Peribit Networks, Inc.2855 Bowers AveSanta Clara, CA 95051Phone: 1-866-Peribit

408-330-5600Fax: 408-330-5601Email: [email protected]: http://www.peribit.com

http://www.peribit.com

Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Sequence Reducer Package Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Operator’s Guide Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Document Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Commonly Used Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Obtaining Additional Product Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

About the Peribit Sequence Reducers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

What’s New in Version 3.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Sample Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Typical Sequence Reducer Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Point-to-Multipoint Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Virtual Private Network (VPN) Topology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Chapter 2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Installing the SR-20 Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

SR-20 Hardware Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Configuring Network Settings for the SR-20 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Installing the SR-50 & SR-55 Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

SR-50 & SR-55 Hardware Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Configuring Network Settings for the SR-50 & SR-55 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Running Quick Setup through the Web Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Chapter 3 Setting up the Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Web Console Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Logging In to a Sequence Reducer from the Web Console. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Understanding the SRS Web Console Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Configuring the Network Address and Device Contact Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Configuring the Interface Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Configuring Time Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Entering a License Key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Enabling SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Enabling Syslog Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Contents � iii

Changing the Administrator Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Securing Operator Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Enabling Read-Only Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Securing Front Panel Access (SR-50 & SR-55 Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Configuring Local Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Adding Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Enabling Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Enabling OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Enabling Route Polling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Importing a Routing Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Enabling Router Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Chapter 4 Configuring Policies for the Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring Basic Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring End Points for the Peribit Community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring Registration Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Configuring Reduction Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Setting Community Topology Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Managing Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Defining New Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Viewing Application Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Filtering Data Reduction by Source and Destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Configuring Advanced Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Viewing Remote Route Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Configuring Load Balancing Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Setting Default Assemblers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Setting the Preferred Assemblers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Configuring Tunnel Mode Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

About Multi-flow Emulation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

About Application Visibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Guidelines for Choosing a Tunnel Mode Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Where to Go Next. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Chapter 5 Applying QoS Policies for the Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . 81

Configuring Application QoS Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Managing Bandwidth for Peribit End Points and Other Network Paths . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Creating Application Classes for Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Assigning Applications to Application Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

iv � Sequence Reducer Operator’s Guide

Chapter 6 Viewing Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Reduction Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Throughput Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Data Reduction Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Application Detail Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Application Summary Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Traffic Characterization Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Outbound Bandwidth Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Inbound Bandwidth Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Traffic Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Viewing Top Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Viewing Pass-Through Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Traffic by Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Chapter 7 Maintaining and Managing the Sequence Reducer . . . . . . . . . . . . . . . . . . . . 107

Maintaining the Sequence Reducer through the Web Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Saving the Device Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Displaying the Running Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Loading a Device Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Loading a Boot Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Clearing Application Monitoring Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Setting the Device to the Factory Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Rebooting the Sequence Reducer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Managing the Sequence Reducer through the Web Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Pinging a Network Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Running a Traceroute to a Network Device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Viewing and Saving a System Log File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Viewing the Access Control Log File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Exporting Performance Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Creating a Diagnostic File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Chapter 8 Using the Sequence Reducer’s CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Accessing the Sequence Reducer’s CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Using a Secure Shell Program from a Remote Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Using a Terminal Connected to the Serial Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Logging In to the Sequence Reducer from the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

CLI Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

CLI Show Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Contents � v

Top-Level CLI Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Commit Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Import Route Table Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Load Config Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Packet Capture Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Reboot Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Rollback Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Save Config Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Set Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Shutdown Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Source Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Support Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Upgrade Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

CLI Configure Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Configure Application Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Configure ARP Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Configure Bandwidth Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

About Outbound Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

How to Configure Outbound Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

About Inbound Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

How to Configure Inbound Bandwidth Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Configure Clock Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Configure Console Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Configure Filter Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Configure Interface Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

Configure IP Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Configure License Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Configure Monitored Applications Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Configure Multi-Node Command (SR-50 & SR-55 Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Configure OSPF Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Configure QoS Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Configure Reduction Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Configure Reduction Subnets Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Configure Registration Server Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Configure Remote Routes Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Configure RIP Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Configure Route Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

Configure Route Poll Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Configure Security Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Configure SNMP Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Configure SNTP Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Configure Syslog Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Configure Top Talker Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

vi � Sequence Reducer Operator’s Guide

Other CLI Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Viewing System and Access Control Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Setting the Device to the Factory Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Using the Ping Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Using the Traceroute Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Where to Go Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Appendix A Installing Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

About Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Installing Two Sequence Reducers in Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

Hardware Installation for Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

Configuring Network Settings for Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Running Quick Setup for Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Displaying the Status of Multi-Node Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Appendix B Sequence Reducer Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

SR-20 Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

SR-50 & SR-55 Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

Appendix C SNMP Traps and Syslog Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Syslog Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

Appendix D Understanding Exported Data Results. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

General Device Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

System Session Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

Reduction Session Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Application Session Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Inbound Traffic By Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Bandwidth Management Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Appendix E Common Application Port Numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

Contents � vii

viii � Sequence Reducer Operator’s Guide

Preface

Welcome to the Sequence Reducer Operator’s Guide for the Peribit SR-20™, SR-50™, andSR-55™ Sequence Reducers. With its patent-pending Molecular Sequence Reduction™ (MSR) technology, the Peribit Sequence Reducer provides instant WAN capacity to your existing network.

This section describes the audience, organization, and typographical conventions used in this manual.

AudienceThis manual is intended for Peribit Sequence Reducer administrators — individuals responsible for configuring and managing the Peribit Sequence Reducers. It is assumed that readers of this manual are familiar with their network architecture and devices, and can perform basic network configuration procedures.

Sequence Reducer Package ContentsThe Peribit SR-20, SR-50, and SR-55 Sequence Reducers ship with the following items:

� 1 Peribit SR-20, SR-50, or SR-55 Sequence Reducer

� 1 Female/female DB-9 crossover cable (e.g., null-modem cable) (SR-20 Only)

� 2 Rack-mount flanges for rack mount installation

� 6 Screws for the rack-mount flanges (SR-50 & SR-55)

� 4 Screws for the rack-mount flanges (SR-20)

� 4 Rubber feet for desktop placement

� 1 Power Cord

� 1 Quick Start Card

� 1 Documentation/Utilities CD

� 1 Release notes document

Operator’s Guide Contents� Chapter 1, “Introduction”

This chapter introduces the Peribit Sequence Reducers, describes the new features, and provides sample topologies for deployment.

� Chapter 2, “Installation”

This chapter describes how to install and initially configure the Sequence Reducer.

Preface � 9

Operator’s Guide Contents

� Chapter 3, “Setting up the Sequence Reducer”

This chapter describes how to set up the Sequence Reducers through the Web console. Topics include configuring IP parameters, setting security parameters, and configuring local routes for the Sequence Reducers.

� Chapter 4, “Configuring Policies for the Sequence Reducer”

This chapter describes how to configure policy settings for the Sequence Reducers and their communication links with other devices in the Peribit Community.

� Chapter 5, “Applying QoS Policies for the Sequence Reducer”

This chapter describes how to configure Quality of Service (QoS) settings for the Sequence Reducers, including Application QoS, Bandwidth Management, and Appli-cation classes.

� Chapter 6, “Viewing Results”

This chapter describes the detailed graphs and reports that you use to monitor results of the Sequence Reducers.

� Chapter 7, “Maintaining and Managing the Sequence Reducer”

This chapter describes how to maintain and manage the Sequence Reducers, and covers topics such as saving configuration files and displaying system log files.

� Chapter 8, “Using the Sequence Reducer’s CLI”

This chapter describes how to set up and configure the Sequence Reducer using the Command Line Interface (CLI).

� Appendix A, “Installing Multi-Node Configuration”

This appendix describes how to install two SR-50 or SR-55 Sequence Reducers inMulti-Node Configuration.

� Appendix B, “Sequence Reducer Specifications”

This appendix lists the SR-20, SR-50, and SR-55 device specifications.

� Appendix C, “SNMP Traps and Syslog Messages”

This appendix describes SNMP Trap and Syslog messages generated by the Sequence Reducers.

� Appendix D, “Understanding Exported Data Results”

This appendix describes the details of exported data results. After exporting the reduction statistics to a comma-separated values file, use this appendix to interpret the data.

� Appendix E, “Common Application Port Numbers”

This appendix provides a listing of common application port numbers that you can use when defining new applications.

� Glossary

The glossary provides definitions of terms used throughout this manual.

10 � Sequence Reducer Operator’s Guide

Document Conventions

Document ConventionsThis section describes conventions used throughout this manual.

Commonly Used TermsPeribit Sequence Reducers can be configured through a Graphical User Interface (GUI) Web console or Command Line Interface (CLI). When referring to these methods of configuring the Sequence Reducers, the following terminology is used:

� Web console — Terminology used to refer to the Web-based console.

� CLI — Terminology used to refer to the Command Line Interface.

Typographical Conventions Table 1 lists the typographical conventions used throughout this manual.

Technical SupportPeribit's commitment to create products and services that enable our customers success is reflected in our Technical Assistance Center (TAC), and our comprehensive support programs.

For technical support with Peribit products, use the following methods:

� Our Customer Support Extranet:

a. Go to http://www.peribit.com/support

b. Click Customer login.

c. Enter your user name and password.

If you have not received your user name and password, please send email to [email protected].

� Our toll-free telephone support line:

Call +1-866-Peribit (+1-866-737-4248), or +1-408-330-5600 and follow the prompt for Peribit Support.

Table 1 Typographical Conventions

Conventions Meaning Example

boldface Names of buttons or keys you should press. Click Submit.

courier font Input that you should enter from your key-board.

Enter the following command: a:\setup

Angle brackets Variables that you must substitute another value for.

set ip <Sequence Reducer’s IP address>

italics Names of manuals, directories, files, or Uniform Resource Locators (URLs).

The address of Peribit’s web site ishttp://www.peribit.com.

Preface � 11

http://www.peribit.com/support

Obtaining Additional Product Information

Obtaining Additional Product InformationIn addition to this Sequence Reducer Operator’s Guide, refer to the SR-20, SR-50, or SR-55 Quick Start cards for product installation instructions. The printed Quick Start cards are enclosed with the product. Also refer to the SRS 3.0 Release Notes document enclosed with the product.

For additional product information, please visit our web site at http://www.peribit.com.


http://www.peribit.com

Chapter 1 Introduction

This chapter introduces the Peribit Sequence Reducers and includes a description of the new features for this release.

About the Peribit Sequence ReducersThe Peribit SR-20, SR-50, and SR-55 Sequence Reducers are LAN-based network devices that operate transparently within the network. The SR-20 and SR-50 Sequence Reducers feature two 10/100 auto-sensing Ethernet ports (RJ-45), and the SR-55 features two 10/100/1000 auto-sensing Ethernet ports (RJ-45). The SR-20 Sequence Reducers can process IP WAN traffic up to 2 megabits per second (Mbps), while the SR-50 and SR-55 Sequence Reducers can process IP WAN traffic up to 45 Mbps (T3 speeds).

Peribit Sequence Reducers identify repetitions and patterns at the byte level, in real time, across all applications and over millions of sessions. The Sequence Reducers eliminate massive amounts of repetitive traffic over the WAN, resulting in increased effective link capacity, reduced network congestion, and improved overall data flow. Because far fewer bytes or packets traverse the WAN after adding Sequence Reducers, the WAN as a whole becomes much more efficient.

The Sequence Reducers manage this newly created bandwidth by honoring and setting Quality of Service (QoS) priority levels. The Sequence Reducer will also allocate bandwidth based on traffic classes to ensure consistent application behavior.

The Sequence Reducers include a secure Web-based (SSL) configuration and monitoring tool that enables you to easily manage and view the results of the Sequence Reducer. The Sequence Reducers also include a Command Line Interface (CLI) that enables you to configure and manage the device through a Secure Shell (SSH) program or terminal emulation program.

Features and BenefitsPeribit Sequence Reducers enable networks to achieve maximum capacity over wide-area network (WAN) links. The primary features and benefits of the Sequence Reducers include:

� Substantial throughput gain — Greatly improves WAN capacity, while reducing load on other network devices.

� Immediate impact — Gains are realized immediately upon inclusion of the Sequence Reducer into the network. No time-consuming build-out.

� Transparent — Operates transparently to existing network equipment, topologies, and WAN interfaces (e.g., Frame Relay, ATM, etc.). No network or application modifications are required.

� Application independent — Works on any application over IP (e.g., e-mail, database, web, ERP, etc.). Uses open standard protocols.

� QoS Interoperable — Honors, retains, and sets QoS priority levels set within your network. Can maintain application visibility for data flows, enabling WAN probes and WFQ to work effectively.

� Intelligent Bandwidth Management — Can allocate operator-defined bandwidth ranges by traffic classes for greater control of newly created bandwidth.

Chapter 1 Introduction � 13

What’s New in Version 3.1

� Failsafe non-stop operation — Switch-to-wire on any hardware or software disruption, including power loss.

� Easily managed — Administrative access through an intuitive Web user interface (SSL) or command line interface (CLI). SSH support. SNMP support.

� VPN and firewall friendly — Works seamlessly with VPNs and firewalls.

What’s New in Version 3.1Peribit Sequence Reducers with SRS 3.1 software introduce the following new features:

� Supports the SR-20, SR-50, and SR-55 Sequence Reducers

� Supports the Peribit Central Management System (CMS)

� Bandwidth allocation and rate limiting for both inbound and outbound traffic

� Backward compatibility with SRS 3.0 and SRS 2.1

� Ability to reduce all IP traffic types and fragments

� Top Traffic data collection

� Ability to configure preferred list of assemblers

� Delay tunnel setup during Quick Setup

� Packet capture utility

� Dynamic identification of IANA registered port numbers

� Support for up to 120 tunnels

� Support for up to 256 application definitions

� Monitor up to 40 applications

� Change priority of IP address vs. port number in application classification

� Quick setup allows for designating Sequence Reducer as Hub, Spoke, or Mesh topology

� Configure secondary NTP server

� Ability to configure meta-packet wait time or disable meta-packet

� More detailed “show ARP” command

� Ordered list of default assemblers

� Static configuration of distances for reduction subnets


Sample Topologies

Sample TopologiesThis section provides sample topologies for Peribit Sequence Reducer deployment, and covers the following topics:

� “Typical Sequence Reducer Deployment” in the next section.

� “Point-to-Multipoint Topology” on page 15.

� “Virtual Private Network (VPN) Topology” on page 16.

� “Multi-Node Configuration” on page 17.

Typical Sequence Reducer DeploymentPeribit Sequence Reducers are situated at both ends of a WAN connection on the LAN side of the edge routers (Figure 1-1).

Figure 1-1 Typical Sequence Reducer Deployment

When two or more Sequence Reducers are installed, a reduction tunnel is formed between the devices.

Point-to-Multipoint TopologyPeribit Sequence Reducers support multi-point configurations of both “star” and “mesh” configurations between multiple enterprise sites (Figure 1-2).

Figure 1-2 Deploying Peribit Sequence Reducers in a Point-to-Multipoint Configuration


Sample Topologies

In this example, a data center (located at headquarters) is accessed by workgroups in remote sites. Data reduction tunnels, that are automatically established and managed by the Sequence Reducers at the various corporate sites, continuously process and reduce the data traveling through these tunnels thereby reducing traffic on the WAN circuits and creating more bandwidth.

Note that it is not necessary to deploy a Sequence Reducer for every remote site that links into the corporate headquarters network. In such instances, data between the corporate headquarters and remote site without a Sequence Reducer will not be reduced.

In addition, Figure 1-2 shows four remote sites with dedicated connections to the Corporate HQ network. Since the Sequence Reducer is protocol and interface neutral, any of the four links could be a public or private packet-based service interface (e.g., Frame Relay, ATM, etc.).

Virtual Private Network (VPN) TopologyWhile the Sequence Reducer is an extremely powerful network device, it operates transpar-ently relative to existing equipment, including routers, firewalls, Virtual Private Network (VPN) devices, load balancers, switches, hubs, proxy caches, and servers (Figure 1-3).

Figure 1-3 Deploying Sequence Reducers in a VPN Configuration

By enveloping the VPN tunnel in the data reduction tunnel, the Sequence Reducer greatly reduces the work load for the VPN devices, and delivers the same bandwidth multiplication effect as across private corporate WANs.


Where to Go Next

Multi-Node ConfigurationPeribit Sequence Reducers have the ability to work in conjunction with one another to provide greater reduction of data on higher-speed or heavily congested networks. This type of configu-ration is called multi-node configuration. For more information on multi-node configuration, refer to Appendix A, “Installing Multi-Node Configuration”.

Figure 1-4 Installing Two Sequence Reducers in Multi-Node Configuration

In multi-node configuration, one Sequence Reducer is designated as the Master, and another Sequence Reducer is designated as the Last. The Master connects its Local interface to the switch (or other aggregating device) and its Remote interface to the LAN interface of the other (Last) Sequence Reducer. The Last Sequence Reducer connects its WAN interface to the edge router.

Where to Go NextAfter reviewing this chapter, continue to Chapter 2, “Installation” for complete installation instructions, or Chapter 3, “Setting up the Sequence Reducer” for information on setting up the Sequence Reducer through the Web console.


Where to Go Next


Chapter 2 Installation

This chapter describes how to install the SR-20, SR-50, and SR-55 Sequence Reducer and perform initial configuration. It covers the following topics:

� “Before You Begin” in the next section.

� “Installing the SR-20 Sequence Reducer” on page 20.

� “Installing the SR-50 & SR-55 Sequence Reducer” on page 25.

� “Running Quick Setup through the Web Console” on page 30.

Before You BeginBefore you install and configure a Peribit Sequence Reducer into your network, note the following guidelines:

� Ensure sufficient power is available for the Sequence Reducer. Supply circuits should be protected by a maximum 20A circuit breaker.

� Ensure there is ample space and lighting for the Sequence Reducer. You need enough space to insert 2 CAT-5 UTP Ethernet data cables and 1 power cord into the back of the chassis, and the proper lighting to see LED’s on the Ethernet data ports that indicate link and speed.

� Ensure a minimum of six inches clearance in the front and back of the chassis. Since the Sequence Reducer pulls air for cooling from the front panel, do not install the Sequence Reducer behind another device where warm or hot air may be circulated. There are no ventilation requirements above or below the Sequence Reducer.

� Do not stack paper materials or other heavy equipment units on top of the Sequence Reducer.

� For rack-mount installations, identify adequate rack space for a 1U form factor device (SR-20) or a 2U form factor device (SR-50 and SR-55).

� Reserve an IP address and identify the default gateway for the Sequence Reducer. The default gateway is the next hop on the Remote side of the Peribit Sequence Reducer.

� Obtain a license key for the Sequence Reducer. The license key determines the throughput levels for the device, and properly registers the product with Peribit Networks. To obtain a permanent license key, go to http://license.peribit.com.

� Identify Peribit Sequence Reducer system administrators. Make a note of workstation IP addresses (if static), and/or subnet(s) from which administrators will access the Peribit devices.

� Identify a 10/100 (or 10/100/1000 for SR-55s) Ethernet LAN port for the Sequence Reducer that transmits data to your WAN router. This port is typically from an aggregation switch, or from another LAN device connected directly to the router. Direct fiber inter-faces are currently not supported. If your LAN transmits data to your WAN router via fiber links, you will need to use a fiber optic media converter to convert to an RJ-45 interface.

� If your network architecture restricts specific ports along the communication path between Peribit devices, ensure ports 3577 and 3578 are open for TCP and UDP data transmission.

Chapter 2 Installation � 19

http://license.peribit.com

Installing the SR-20 Sequence Reducer

� Identify the TX/RX polarity (MDI/MDI-X) of the device interfaces to which the Sequence Reducer will connect its Ethernet interfaces. This information will be useful for deter-mining the kind of cable (straight-through or crossover) that will be needed for wiring the Sequence Reducer.

� Identify all application servers that exist in any of the reduction subnets defined on the Sequence Reducer and note the TCP/UDP port number on which the application listens for clients or peer servers. Also, identify which of those applications may be encrypting or compressing their communications with clients and/or peer servers.

� Log in to the router that will be on the WAN side of the Sequence Reducer and make a note of the interface settings (i.e., speed and duplex mode).

� If your network uses OSPF with password authentication for OSPF peers/hosts, note the password used, as well as the OSPF Area ID into which the Sequence Reducer will be introduced.

� If your network uses OSPF with MD5 key authentication for OSPF peers/hosts, note the key ID and key used, as well as the OSPF Area ID into which the Sequence Reducer will be introduced.

� If your network uses RIP with password authentication for RIP peers/hosts, note the password used.

Installing the SR-20 Sequence ReducerThis section describes the hardware installation process for the SR-20 Sequence Reducer.

� “SR-20 Hardware Installation” in the next section.

� “Configuring Network Settings for the SR-20” on page 22.

SR-20 Hardware InstallationTo install the Sequence Reducer into your network, follow these steps:

1. Set up the chassis.

– If you plan to install the Sequence Reducer in a 19-inch device rack, install the supplied brackets (front panel forward) to the sides of the device with the countersunk screws provided in the kit. Next, install the chassis into your network device rack (Figure 2-1).

Figure 2-1 Installing the Sequence Reducer into a 19-inch Device Rack

– If you plan to install the Sequence Reducer on a desktop, place the chassis upside down on a smooth, flat surface. Next, install the supplied rubber feet in the marked areas on the bottom of the chassis. Finally, place the chassis on a desktop or on top of another device so that all four rubber feet are securely mounted to the flat surface.



2. Connect the network cables to the Sequence Reducer.

IMPORTANT: Do not connect power to the device until Step 4.

The SR-20 is configured with two 10/100 Ethernet interfaces. These RJ-45 ports are labeled REMOTE and LOCAL on the back of the chassis (Figure 2-2).

Figure 2-2 Peribit Sequence Reducer Ethernet Ports

To connect the network cables to the Sequence Reducer, follow these steps:

a. Locate the cable that connects from the switch (or other aggregating device) to the router.

b. Disconnect this cable from the router port and then connect it to the Sequence Reducer’s LOCAL port.

c. Using a straight-through cable (not provided), connect one end to the Sequence Reducer’s REMOTE port and the other end to the router port.

REMOTE Port - Use to connect to WAN router.

LOCAL Port - Use to connect to a LAN aggregating switch or other device



3. Verify connectivity between devices on either side of the Sequence Reducer.

The Sequence Reducer maintains a hard-wire pass through connectivity in the event of a power loss. You must verify the connectivity between the devices to ensure the correct network cables are used.

– One method of testing connectivity between devices is to Ping a host on the remote side of the Sequence Reducer from a host on the local side of the Sequence Reducer.

– Another method is to observe the link status LEDs (if available) on the interfaces of the adjacent network devices (switch and router).

4. Connect the power cable to the back of the Sequence Reducer chassis and turn on the power switch.

After you have installed the Sequence Reducer network cables and verified network connectivity between devices on either side of the Sequence Reducer, plug in the supplied power cord to the back of the chassis, and then connect the power cord to the local power source (Figure 2-3).

Figure 2-3 Connecting the Power Cable to the Sequence Reducer

NOTE: The Sequence Reducer’s power usage is 150 Watts Max or 510 BTU/hr.

Now that the Sequence Reducer is installed and powered on, continue to the next section to configure network settings for the device.

Configuring Network Settings for the SR-20After you have installed and powered on the Sequence Reducer, the next step is to configure network settings for the device.

To configure the network settings for the SR-20, you connect an ANSI compatible terminal to the Sequence Reducer’s serial port and use a terminal emulation program (e.g., TeraTerm, HyperTerminal).

NOTE: The Sequence Reducer’s serial port is of type RS-232 (AT-compatible) with a male, DB-9 connector. You should use a female/female DB-9 crossover cable (e.g., null-modem cable) when connecting directly to a PC serial port.



To set IP parameters for the device using a terminal emulation program, follow these steps:

1. Connect an ANSI compatible terminal to the serial port on the back of the Sequence Reducer (Figure 2-4).

Figure 2-4 Connecting the SR-20 to an ANSI Compatible Terminal

2. Verify the serial port settings are as follows:

– Baud rate: 9600 bps

– Data bits: 8

– Parity: none

– Stop bits: 1

– Flow control: none

– Smooth-scroll: disabled

3. Start the terminal emulation program (e.g., TeraTerm, HyperTerminal), and choose to connect via the serial port.

4. At the User name and Password prompts, type admin for the user name and peribit for the password.

NOTE: This is a factory-configured password for the device. You will be asked to change the default password during the Quick Setup.

You will now configure the IP parameters (IP address, subnet mask, and default gateway) to enable connectivity for this device. Once these parameters are configured, you can run the Quick Setup process through the Web console.

After running the Quick Setup process, additional management tasks can be performed via the Command Line Interface (CLI) or Web console.

5. To set the IP address, IP subnet mask, and default gateway, follow these steps:

a. Type an IP address, and then press Enter.

b. Type the subnet mask for the network, and then press Enter.

c. Type the default gateway for this device, and then press Enter.



NOTE: The Sequence Reducer’s Ethernet interfaces are set to auto-negotiate the speed and duplex mode. However, if the router on the WAN side of the Sequence Reducer has the speed and duplex mode manually set, it is strongly recommended that you configure the Local and/or Remote interface settings. To manually configure the Sequence Reducer’s interfaces from the CLI, refer to “Configure Interface Command” on page 140.

6. The required parameters are now configured. You should now commit and save the config-uration. To commit and save the configuration file with the default name and location, type:

commit

and then type:

save-config

The configuration file is saved as “startup.cfg” and will be used if you reboot the device.

To save the configuration file with another name, type:

save-config <file name>

NOTE: Do not include the file name extension (e.g., “.cfg”).

7. Check the LEDs above to the Ethernet ports (Figure 2-5).

Figure 2-5 Checking the Link LEDs

– If the LINK LEDs light, the device is properly connected.

– If the LINK LEDs do not light, toggle the MDI/MDI-X button(s).

– The 100M LEDs for the REMOTE and LOCAL ports indicate 100 Mbps connectivity.

You are now ready to run the Quick Setup process. Refer to “Running Quick Setup through the Web Console” on page 30.


Installing the SR-50 & SR-55 Sequence Reducer

Installing the SR-50 & SR-55 Sequence ReducerThis section describes the hardware installation process for the SR-50 and SR-55 Sequence Reducer.

� “SR-50 & SR-55 Hardware Installation” in the next section.

� “Configuring Network Settings for the SR-50 & SR-55” on page 27.

SR-50 & SR-55 Hardware InstallationTo install the Sequence Reducer into your network, follow these steps:

1. Set up the chassis.

– If you plan to install the Sequence Reducer in a 19-inch device rack, install the supplied brackets (front panel forward) to the sides of the device with the countersunk screws provided in the kit. Next, install the chassis into your network device rack (Figure 2-1).

Figure 2-6 Setting Up the Sequence Reducer Chassis

– If you plan to install the Sequence Reducer on a desktop, place the chassis upside down on a smooth, flat surface. Next, install the supplied rubber feet in the marked areas on the bottom of the chassis. Finally, place the chassis on a desktop or on top of another device so that all four rubber feet are securely mounted to the flat surface.

2. Connect the network cables.

IMPORTANT: Do not connect power to the device until Step 4.

The SR-50 is configured with two 10/100 auto-sensing, Ethernet interfaces. The SR-55 is configured with two 10/100/1000 auto-sensing, Ethernet interfaces. These RJ-45 ports are labeled REMOTE and LOCAL on the back of the chassis (Figure 2-7 on page 26).




To connect the network cables to the Sequence Reducer, follow these steps:

a. Locate the cable that connects from the switch (or other aggregating device) to the router.

b. Disconnect this cable from the router port and then connect it to the Sequence Reducer’s LOCAL port.

c. Using a straight-through cable (not provided), connect one end to the Sequence Reducer’s REMOTE port and the other end to the router port.

3. Verify connectivity between devices on either side of the Sequence Reducer.

The Sequence Reducer maintains a hard-wire pass through connectivity in the event of a power loss. You must verify the connectivity between the devices to ensure the correct network cables are used.



REMOTE Port - Use to connect to WAN router.LOCAL Port - Use to connect to a LANaggregating switch or other device



4. Connect the power cable to the back of the Sequence Reducer chassis.

After you have installed the Sequence Reducer network cables and verified network connectivity between devices on either side of the Sequence Reducer, plug in the supplied power cord to the back of the chassis, and then connect the power cord to the local power source (Figure 2-8).



Now that the Sequence Reducer is installed and powered on, continue to the next section to configure network settings.

Configuring Network Settings for the SR-50 & SR-55After you have installed and powered on the Sequence Reducer, the next step is to configure network settings.

The SR-50 and SR-55’s front-panel keypad and LCD enable you to program and view network address information assigned to the device. Figure 2-9 describes the front panel keypad and LCD of the Sequence Reducer.

Figure 2-9 Sequence Reducer Front Panel Keypad and LCD

Front Panel LCD

LEDs:- Power- Fault- Pass through

Key pad



After you power on the Sequence Reducer, the “Peribit Networks” message appears in the front panel LCD.

1. Press the Enter button (center button) to initiate the programing.

2. At the “Select Setup Network_” prompt in the LCD, press Enter.

You are prompted to enter network address information for the device.

3. Use the front-panel keypad to assign an IP address, the subnet mask, and the default gateway for the Sequence Reducer as follows:

– Use the up and down arrow buttons to display a number (between 0-9).

– Use the left and right arrow buttons to move to the previous or next character.

– Use the center button (Enter) to make a selection.

NOTE: The default gateway is typically the next hop on the Remote side of the Sequence Reducer. There can be an exception if you plan to designate a Sequence Reducer as a Default Assembler. After installing the Sequence Reducer, refer to “Setting Default Assemblers” on page 74 for more information.

4. By default, the Sequence Reducer’s Ethernet interfaces are set to auto-negotiate the speed and duplex mode. However, if the router on the WAN side of the Sequence Reducer has the speed and duplex mode manually set, it is strongly recommended that you configure the Local and/or Remote interface settings. To manually configure the Sequence Reducer’s interfaces from the front panel, follow these steps:

a. Use the down arrow to show the Config Local Interface menu option.

b. Press the center (Enter) button to select this option.

c. Use the down arrow to show the desired interface setting:

SR-50: 10/Half, 10/Full, 100/Half, 100/Full, Auto-Negotiate

SR-55: 10/Half, 10/Full, 100/Half, 100/Full, 1000/Full, Auto-Negotiate

NOTE: After installation, you can change the Sequence Reducer’s interface settings from the Web console or CLI.

5. After entering network address and interface information, choose to Save and Commit the device configuration.



6. Check the LEDs next to the Ethernet ports. Figure 2-10 shows the SR-50 LEDs. Figure 2-11 show the SR-55 LEDs.

Figure 2-10 Checking the Link LEDs for the SR-50 Sequence Reducer


– If the LINK LEDs do not light, toggle the MDI/MDI-X button(s).

– The 100M LEDs for the REMOTE and LOCAL ports indicate 100 Mbps connectivity.

Figure 2-11 Checking the Link LEDs for the SR-55 Sequence Reducer


– The SPEED LEDs for the REMOTE and LOCAL ports indicate 100 or 1000 Mbps connectivity.

The SR-50 or SR-55 installation is complete. You are now ready to run the Quick Setup process, as described in the next section.


Running Quick Setup through the Web Console

Running Quick Setup through the Web ConsoleAfter powering on the Peribit Sequence Reducer and configuring network settings, the next step is to log into the SRS Web console and run the Quick Setup program. The first time you log in to the Web console, the Quick Setup program initiates automatically. The six-step procedure guides you through initial configuration options for the device — such as regis-tration server information, license key information, etc.

You can log into the Web console from any workstation within your network. The Web console supports Microsoft Internet Explorer versions 5.5, and 6.0, as well as Netscape Communicator version 6.2 or higher. Data is securely transmitted through HTTPS.

To log into the Web console, follow these steps:

1. From a workstation within your network, start your web browser and enter the following URL:

https://<IP address of the Sequence Reducer>

2. Depending on your browser settings, the Security Alert dialog box may appear, click Yes to proceed.

3. In the Enter Network Password dialog box, type admin for the user name and peribit for the password.

NOTE: This is a factory-configured password for the device. You will be asked to change the default password during the Quick Setup.

The Registration Server Setup page opens (Figure 2-12).

Figure 2-12 Registration Server Setup

Within a Peribit community, one Sequence Reducer must be designated as a registration server. While all Sequence Reducers are capable of transferring data to one another, the registration server stores information about each device within a Peribit community. All Sequence Reducers within the Peribit community maintain information on other devices through the registration server.



4. If you want to designate this device as the registration server, select the option and assign a registration server password in the appropriate fields. A password provides a means of authenticating the devices within a Peribit community, and should be different from the Sequence Reducer device password. When you set up additional Sequence Reducers, you supply each device with the registration server IP address and password.

If this Sequence Reducer is not the registration server, enter the IP address of the current (or future) registration server, and enter the registration server password in the appropriate fields.

NOTE: If this device is not the registration server, and you have not yet configured the registration server for the Peribit community, enter the IP address of the Sequence Reducer that will be the registration server and the chosen registration server password.

5. You can also delay the formation of reduction tunnels to other Sequence Reducers in the Peribit community. If you select this option, the Sequence Reducer will not reduce or assemble data from other Peribit Sequence Reducers until you enable reduction tunnel formation in the End Points page of the SRS Web console. For more information, refer to “Configuring End Points for the Peribit Community” on page 57.

6. Click Next to continue.

The Time Setup page opens (Figure 2-13).

Figure 2-13 Set the Time for the Sequence Reducer

7. The time settings page displays the local time of the Sequence Reducer. If the time settings are not correct, enter the current time, date, and local time zone for the Sequence Reducer. If applicable, select the Daylight Savings Time checkbox.

NOTE: If your network uses an NTP server for device time settings, you can configure the Sequence Reducer to use the NTP server after completing the Quick Setup. For more information, refer to “Configuring Time Settings” on page 40.




The Specify Community Topology page opens (Figure 2-14).

Figure 2-14 Specify Community Topology

When you create a Peribit community of devices, you can select the Community Topology setting that best describes your network. The Community Topology setting ensures that a Sequence Reducer’s resources are efficiently used to reduce and assemble data between devices.

9. Choose the topology setting that best describes your network and the Sequence Reducer’s relationship to the network (Hub, Spoke, or Mesh). Next, select the range for the number of Sequence Reducers in the Peribit community. For more information on Community Topology settings, refer to “Setting Community Topology Parameters” on page 64.


The Advertise Local Subnet page opens (Figure 2-15).

Figure 2-15 Advertise Local Subnet and Enter a Device Name

11. By default the local subnet on which the Sequence Reducer is installed is not advertised to the other Sequence Reducers in the Peribit community. As a result, data destined for this subnet is not reduced even if there are Sequence Reducers in the path. If you want other Sequence Reducers to reduce data destined for this subnet, select the Advertise checkbox.

If you choose not to advertise the local subnet for this Sequence Reducer, you should review the Reduction subnets page after completing the Quick Setup. For more infor-mation, refer to “Configuring Reduction Subnets” on page 62.



12. In the Device name field, you can assign a name for the Sequence Reducer to help you identify the devices in your Peribit community.

NOTE: If you plan to use CMS to manage Sequence Reducers in your Peribit communities, it is strongly recommended that you provide a unique device name for each Sequence Reducer.

13. Click Next to continue the Quick Setup.

The License Key page opens (Figure 2-16).

Figure 2-16 Entering a License Key for the Sequence Reducer

Each Peribit Sequence Reducer requires a unique license key for operation. When the Sequence Reducer is powered on, it will attempt to detect its unique serial number. If the Sequence Reducer cannot detect its serial number, you can manually enter it in the Serial number field.

You can find the serial number for your Sequence Reducer on the back of the device (Figure 2-17).

Figure 2-17 Locating the Sequence Reducer’s Serial Number

After you have the Sequence Reducer’s unique serial number, you can obtain a permanent license key for the device through Peribit’s Online License Key server or by calling Peribit Support at 1-866-Peribit (866-737-4248) or +1-408-330-5600. The License Key server is accessible by clicking the Online Service button.

14. Enter the permanent license key for the Sequence Reducer in the License Key field.

15. Click Next to continue the Quick Setup.

Serial number


Where to Go Next

The Change Administrator Password page opens (Figure 2-18).

Figure 2-18 Change Administrator Password

16. Enter a new Administrator password in the New password and Verify new password fields, and then click Finish.

NOTE: If you deselect the “automatic save” option, configuration settings will be reset upon a power cycle of the Sequence Reducer.

Initial configuration of the Sequence Reducer is complete. You are now ready to set up the Sequence Reducer for your network, and then configure policy settings. You can set up the Sequence Reducer through a web console using your Internet browser, or through a command line interface (CLI) from a workstation.

� To configure the device through the Web console, refer to Chapter 3, “Setting up the Sequence Reducer”.

� To configure the device through the CLI, refer to Chapter 8, “Using the Sequence Reducer’s CLI”.

Where to Go NextAfter installing the Sequence Reducer and running Quick Setup, proceed to one of the following chapters depending on your preference for configuring the device:

� Chapter 3, “Setting up the Sequence Reducer”.

� Chapter 8, “Using the Sequence Reducer’s CLI”.


Chapter 3 Setting up the Sequence Reducer

This chapter describes how to set up the Peribit Sequence Reducer through the Web console, and covers the following topics:

� “Web Console Basics” in the next section.

� “Configuring the Network Address and Device Contact Information” on page 37.

� “Configuring the Interface Settings” on page 38.

� “Configuring Time Settings” on page 40.

� “Entering a License Key” on page 41.

� “Enabling SNMP” on page 43.

� “Enabling Syslog Reporting” on page 44.

� “Changing the Administrator Password” on page 45.

� “Securing Operator Access” on page 46.

� “Enabling Read-Only Access” on page 47.

� “Securing Front Panel Access (SR-50 & SR-55 Only)” on page 48.

� “Configuring Local Routes” on page 49.

NOTE: You can also set up a Peribit Sequence Reducer through the Command Line Interface (CLI). Refer to Chapter 8, “Using the Sequence Reducer’s CLI” for more information.

Web Console BasicsThe SRS Web console is a portal for accessing and configuring a Peribit Sequence Reducer. Using the Web console, you can log in to a Sequence Reducer from anywhere in your network and securely access configuration and management information as well as reduction statistics.

The SRS Web console supports Microsoft Internet Explorer 5.5, or 6.0 and Netscape Commu-nicator version 6.2 browsers. The SRS Web console is designed to be viewed at 1024 x 768 pixels. To ensure secure transmission of configuration and management data, the SRS Web console uses the Secure Sockets Layer protocol (SSL/HTTPS).

Logging In to a Sequence Reducer from the Web ConsoleTo log in to a Peribit Sequence Reducer through the SRS Web console, follow these steps:

1. Using a supported Web browser, enter the IP address of a Peribit Sequence Reducer as follows:

https://<IP address of a Sequence Reducer>

2. Depending on your browser settings, a Security Alert dialog box may appear, click Yes to proceed.

Chapter 3 Setting up the Sequence Reducer � 35

Web Console Basics

3. In the Enter Network Password dialog box, type admin for the user name, and the password you assigned the device during the Quick Setup process.

NOTE: If this is the first time you have logged into this Sequence Reducer, use the default password peribit. The Quick Setup process begins. Refer to “Running Quick Setup through the Web Console” on page 30 for more information.

4. Continue to the next section for a description of the SRS Web Console interface.

Understanding the SRS Web Console InterfaceThe SRS Web console contains a menu frame of seven core administrative functions, a left-hand navigation frame of various sub-menu items, and a data frame for configuring and viewing Sequence Reducer information.

Figure 3-1 SRS Web Console Interface

In addition to the SRS Web console main window, the Help window provides specific hardware and software information for the Peribit device (such as the Sequence Reducer IP address, the software version that the device is using, and the license key assigned to the device).

Menu Frame

Left-hand navigation frame

Data Frame

Help Window


Configuring the Network Address and Device Contact Information

Configuring the Network Address and Device Contact InformationPeribit Sequence Reducers require an IP address, subnet mask information, and a default gateway so that they can be identified by and communicate with other devices within your network. During the Sequence Reducer installation process, you entered this network infor-mation for the device through the front-panel display or through a terminal device connected to the console port.

If you need to change the network information for a Sequence Reducer, you can use the Addresses page of the Web console. In addition, you can use the Addresses page to enter device and administrator contact information, which can help you manage the devices within your Peribit community.

To configure network address and contact information for a Sequence Reducer, follow these steps:

1. Click Setup in the menu frame, and then click Addresses in the left-hand navigation frame.

The Addresses page is shown (Figure 3-2).

Figure 3-2 Configuring Network Address and Contact Information

2. To change the network information for the device (i.e., IP address, subnet mask, default gateway), enter the new information in the appropriate fields.

NOTE: If you change the Sequence Reducer’s IP address or subnet mask, you must reboot the device. In addition, if this device is the Peribit community’s Registration Server, you must designate a different Sequence Reducer as the Registration Server before changing the IP address. For more information on designating a new Registration Server, refer to “Configuring Registration Server Settings” on page 59.

3. Enter a name for the device, and administrator contact information in the appropriate fields.

Device name changes are propagated to the Registration Server the next time the device checks in with the Registration Server for updates.

4. Click Submit to activate the changes. To restore the original parameters, click Reset.


Configuring the Interface Settings

Configuring the Interface SettingsPeribit Sequence Reducers have two Network Interface Controllers (NICs), labeled LOCAL and REMOTE, which you use to connect the device to your network. By default, these interface controllers are set to auto-negotiate the link speed and mode (i.e., half or full-duplex).

NOTE: The SR-20 and SR-50 Sequence Reducers have two 10/100 NICs. The SR-55 Sequence Reducers have two 10/100/1000 NICs.

The Web console enables you to view the negotiated NIC parameters, and to manually configure the interface speed and duplex mode settings if required to ensure operability.

In addition, you can configure loss of link connectivity settings for the LOCAL and REMOTE interfaces. This feature enables the Sequence Reducer to act upon a link failure from a device connected to either the LOCAL or REMOTE port by turning off the adjacent interface for a period of 15 seconds.

If the Sequence Reducer is installed in a high-availability environment, the link propagation ensures that high-availability route mechanisms can perform as expected.

Figure 3-3 Using Local and Remote Link Propagation Features

� With Local Link Failure Propagation enabled, if the switch should fail, the Sequence Reducer will turn off its REMOTE interface so that the router knows of the loss of connectivity with the switch.

� With Remote Link Failure Propagation enabled, if the router should fail, the Sequence Reducer will turn off its LOCAL interface so that the switch detects a loss of connectivity with the router.

To view and/or configure the interface speed and duplex mode settings for a Sequence Reducer, follow these steps:

1. Click Setup in the menu frame, and then click Interfaces in the left-hand navigation frame.


Configuring the Interface Settings

The Interfaces page opens (Figure 3-4).

Figure 3-4 Configuring Interface Speed and Duplex Mode Settings

The Status fields for the Local and Remote interfaces show the current speed and mode parameters for the 10/100 (SR-20 and SR-50) or 10/100/1000 (SR-55) interface cards. By default, the LOCAL and REMOTE interfaces are set to auto-negotiate. In addition, each interface’s Media Access Control (MAC) address is listed.

2. To change the speed and mode settings for the LOCAL and/or REMOTE interfaces, select Manual, and then choose speed and mode setting for the interface (e.g., 100 half-duplex).

3. To enable Local link failure propagation in the event of a loss of connectivity on the Local side of the Sequence Reducer select the checkbox.

4. To enable Remote link failure propagation in the event of a loss of connectivity on the Remote side of the Sequence Reducer, select the checkbox.

NOTE: If link failure propagation is enabled and the Sequence Reducer detects a failure in a device connected to its LOCAL or REMOTE interface, the adjacent interface is turned off for a period of 15 seconds. After 15 seconds, the Sequence Reducer attempts tore-enable link connectivity.

5. Click Submit to activate the changes. To restore the original information without making changes, click Reset.


Configuring Time Settings

Configuring Time SettingsPeribit Sequence Reducers support the Network Time Protocol (NTP). An NTP server provides a common time base for devices within your network. If your network utilizes NTP, you can enable this feature for a Sequence Reducer on the Time page of the Web console.

If your network does not use an NTP server, you should manually configure the time settings for each Sequence Reducer within your Peribit community. The time settings for Sequence Reducers are propagated to system log files to assist with device administration.

To configure the time settings for a Sequence Reducer, follow these steps:

1. In the Setup page, click Time in the left-hand navigation frame.

The Time page is shown (Figure 3-5).

Figure 3-5 Configuring the Time Settings for a Device

2. To synchronize the time settings of an NTP server in your network with the Sequence Reducer, select Use NTP Server and then enter the IP address of the NTP server in the Primary field. If there is a secondary NTP server in your network, enter the IP address in the Secondary field. Also, select the time zone for the location of the Sequence Reducer, and then select Automatically adjust time for daylight savings if applicable.

3. If you do not have an NTP server in your network, select Enter Local Time and enter the current time, date, and local time zone for location of the Sequence Reducer. Also, select Automatically adjust time for daylight savings if applicable.



Entering a License Key

Entering a License KeyEach Peribit Sequence Reducer requires a permanent license key for operation. The license key determines the throughput level for the device, and properly registers the product with Peribit Networks. By default, the Sequence Reducer uses a 30-day evaluation license. Upon expiration of the evaluation license, data will pass through the Sequence Reducer without reduction.

The Sequence Reducer’s license key is determined by the unique serial number assigned to each Peribit device. When the Sequence Reducer is powered on, it will attempt to detect its unique serial number. This number is then displayed in the Help > About box and on the License Key page of the Web console. If the Sequence Reducer cannot detect its serial number, you can manually enter it in the Serial number field of the License Key page.

The serial number for the Sequence Reducer is located on the back of the device (Figure 3-6).

Figure 3-6 Locating the Sequence Reducer’s Serial Number

After you have the Sequence Reducer’s unique serial number, you can obtain a permanent license key for the device through Peribit’s Online License Key server. The License Key server is accessible by clicking the Online Service button in the License Key page of the Web console, or by going to:


NOTE: If you do not have Internet access, please call Peribit Support at 1-866-Peribit (866-737-4248) or +1-408-330-5600 to obtain a license key.

To enter a license key for a Sequence Reducer, follow these steps:

1. In the Setup page, click License key in the left-hand navigation frame.

Serial number


Entering a License Key

The License Key page is shown (Figure 3-7).

Figure 3-7 Entering a License Key through the Web Console

The License key page displays the current status of the Peribit Sequence Reducer’s license, including the maximum licensed throughput for the device.

2. If the Sequence Reducer is able to detect its unique serial number, the serial number field is populated. If the Sequence Reducer cannot detect its serial number, enter it in the serial number field. To obtain the device’s serial number, see Figure 3-6 on page 41.

3. If you have obtained a registered license key for the Sequence Reducer, enter it the License Key field. If you do not have a registered license key, click Online Service.

A new browser window opens which points to http://license.peribit.com. Complete the form, including entering the Sequence Reducer’s serial number. After you have registered the device, you will receive a permanent license key.



Enabling SNMP

Enabling SNMPPeribit Sequence Reducers support SNMP, and use the Management Information Base(MIB) II Interface Group public objects, and Peribit’s Enterprise MIB objects. Peribit’s Enter-prise MIB allows you to use your Network Management System (NMS) to review statistics on the benefits of the Sequence Reducer to your network. In addition, enabling SNMP Traps on a a Peribit Sequence Reducer allows the device to send traps to the NMS as they occur.

To enable SNMP for a Peribit Sequence Reducer, follow these steps:

1. In the Setup page, click SNMP in the left-hand navigation frame.

The SNMP page opens (Figure 3-8).

Figure 3-8 Enabling SNMP

2. To enable SNMP for this Sequence Reducer, select Yes. Enter Read and Write Community Strings to secure access to SNMP data. Community Strings are used to authenticate messages sent between an NMS and the Peribit Sequence Reducer.

3. To enable SNMP Traps for this Sequence Reducer, select Yes. Next, enter a Trap Community String, and the IP address(es) of the NMS to which the SNMP traps should be sent. You can disable Authentication Failure traps so that a trap is not sent for an incorrect login attempt or an unauthorized user access attempt to the Sequence Reducer.

NOTE: For a complete description of Traps generated by the Sequence Reducer, refer to Appendix C, “SNMP Traps and Syslog Messages” on page 177.



Enabling Syslog Reporting

Enabling Syslog ReportingPeribit Sequence Reducers can send Syslog messages to up to five Syslog servers. A Syslog server allows you to centrally log and analyze configuration events and system error messages such as interface status, security alerts, and environmental conditions.

To enable Syslog reporting for a Peribit Sequence Reducer, follow these steps:

1. In the Setup page, click Syslog server in the left-hand navigation frame.

The Syslog server page opens (Figure 3-9).

Figure 3-9 Enabling Syslog Reporting for a Peribit Sequence Reducer

2. To enable Syslog reporting for this Peribit Sequence Reducer, select Yes and then enter the IP address(es) of up to five Syslog servers in your network.

3. To configure the severity levels of the messages sent to the Syslog server, choose one or more of the following:

– Critical: Critical error messages about software or hardware malfunctions.

– Error: Error message, such as License expired.

– Information: Informational messages, such as reload requests and low-process stack messages.

NOTE: For a description of Syslog messages generated by the Sequence Reducer, refer to Appendix C, “SNMP Traps and Syslog Messages” on page 177.



Changing the Administrator Password

Changing the Administrator PasswordThe default administrator password for Web console and CLI is set to “peribit”. To ensure secure access to configuration information, you can change the administrator password for the Sequence Reducer.

To change the administrator password for a Sequence Reducer, follow these steps:

1. In the Setup page, click Admin password in the left-hand navigation frame.

The Administrator password page opens (Figure 3-10).

Figure 3-10 Changing the Administrator Password

2. In the Administrator password page, type the current administrator password, and then type the new administrator password in the New password and Verify new password fields.

3. Click Submit to activate the changes.


Securing Operator Access

Securing Operator AccessAs an added security measure for a Peribit device, you can restrict access to the device from specific IP addresses through the Operator Access page. On this page, you can create an Include or Exclude list of IP addresses so that access to the device is restricted based on these parameters.

By default, the Include and Exclude lists are empty. If you enter an address in the Include list, an operator may log into this device only from the address listed. If you enter an address (or address plus subnet mask) in the Exclude list, access to device from the address (and/or subnets) listed is denied.

To restrict operator access to a Peribit Sequence Reducer, follow these steps:

1. In the Setup page, click Operator access in the left-hand navigation frame.

The Operator access page opens (Figure 3-11).

Figure 3-11 Controlling Operator Access

2. If you have specific users you want to allow access to this device, enter the addresses of the clients that you want to grant access to in the Include list. To grant access to a range of addresses, enter the following:

<client network address>/<subnet mask>


Enabling Read-Only Access

All other client IP addresses are denied access to the device.

3. If you want to restrict access from specific users or subnets, enter the addresses of the clients that you want to deny access to in the Exclude list.

NOTE: If you have the same IP address in both the Include and Exclude list, the client address will be denied access.


Enabling Read-Only AccessYou can enable read-only access for the SRS Web console so that a user can view all pages of the Web console, but cannot make any configuration changes. After you enable read-only access, use the following default user name and password for the user account:

� User name: user

� Password: peribit

To enable the user account feature, follow these steps:

1. In the Setup page, click Read Only access in the left-hand navigation frame.

The Read Only access page opens (Figure 3-12).

Figure 3-12 Creating a User Account for the SRS Web Console

2. To enable the read only access account, select Activate user account.

NOTE: The default user name for the read-only access account is “user” and the default password is “peribit.”


Securing Front Panel Access (SR-50 & SR-55 Only)

3. To change the default password for read-only access, select Change password, and then enter the new password in the New password and Verify new password fields.


Securing Front Panel Access (SR-50 & SR-55 Only)

You can secure front-panel access to a Peribit SR-50 or SR-55 Sequence Reducer by enabling the locking mechanism in the Web console. Locking the front panel prevents anyone from rebooting, resetting, or making any other changes to the Sequence Reducer via the front panel keypad and LCD.

NOTE: The SR-20 Sequence Reducer does not have a front-panel. Therefore, this option is not available for SR-20 devices.

To lock front panel access to a Peribit Sequence Reducer, follow these steps:

1. In the Setup page, click Front panel access in the left-hand navigation frame.

The Front panel access page opens (Figure 3-13).

Figure 3-13 Controlling Front Panel Access for a Peribit Sequence Reducer

2. To lock front-panel access for this device, select Locked.



Configuring Local Routes

Configuring Local RoutesWhen you install a Peribit Sequence Reducer into your network, information for reachable network devices on the Local side is collected using standard routing protocols. A reduction subnet map, which lists subnet points available from this Peribit device, is created and embedded in the SRS. These local routes are then advertised to other Sequence Reducers within the Peribit community.

Using the Sequence Reducer’s Web console, you can manually add static network routes to the local routes table. In addition, if your network uses the Open Shortest Path First (OSPF) or the Routing Information Protocol (RIP v1, RIP v2), you can enable support for these dynamic routing protocols on the Sequence Reducer.

Peribit Sequence Reducers can also obtain network routes from a Cisco router’s routing table. The routing table can be dynamically imported and periodically polled for updates, or you can import a file with static routes from an FTP server.

To configure local network routes for a Peribit Sequence Reducer, follow these steps:

1. In the Setup page, click Local routes in the left-hand navigation frame.

The Local routes page opens (Figure 3-14).

Figure 3-14 Configuring Local Network Routes

2. If your network uses dynamic routing, but you want static routes to take precedence over dynamically discovered routes, select the check box at the bottom of the page.

NOTE: Routes collected through all mechanisms (other than Static) are labeled “Dynamic”.



3. To remove a user-defined static route from the list so that it is not recognized by the Sequence Reducer, click Delete.

4. Refer to the following sections to add static routes, enable dynamic routing, or to import routes:

– “Adding Static Routes” in the next section.

– “Enabling Dynamic Routing” on page 51.

– “Importing a Routing Table” on page 53.

– “Enabling Router Balancing” on page 54.

Adding Static RoutesTo manually add static network routes, follow these steps:

1. On the Local routes page, click Static.

The Local routes > Static page opens (Figure 3-15).

Figure 3-15 Adding a New Local Static Route

2. Enter the IP address, the Subnet Mask for the new route, and the IP address of the Gateway to this network.

3. Click Submit to activate the new route. You return to the Local routes page.



Enabling Dynamic RoutingIf your network uses OSPF or RIP, you can enable the Sequence Reducer to discover these types of dynamic networks. The dynamic routes on the local side of the Sequence Reducer are discovered and added to the Local Routes table.

Another method of obtaining dynamic routes for the Sequence Reducer is to obtain a routing table from a Cisco router. The Sequence Reducer periodically checks the routing table to keep Peribit Reduction tunnels updated with dynamic routing topologies.

To obtain a routing table from a Cisco router, the router must be configured to allow Remote Shell (rsh) access by the Peribit Sequence Reducer. The rsh protocol allows a user or device to execute commands on a remote system without having to log in to the system. For more infor-mation on enabling rsh on your Cisco router, refer to the Cisco IOS documentation.

To enable dynamic routing, follow these steps:

1. On the Local routes page, click Dynamic.

The Local routes > Dynamic page opens (Figure 3-16).

Figure 3-16 Enabling Dynamic Routing for the Sequence Reducer

Enabling OSPF

2. To enable support for OSPF on the Sequence Reducer, follow these steps:

a. On the Local routes > Dynamic page, click OSPF to configure the dynamic route settings.

b. On the Local routes > Dynamic > OSPF page, enter the Area ID for OSPF.

c. Select the Authentication type for OSPF. The Authentication type is used for all OSPF protocol exchanges.

NOTE: For more information on OSPF, refer to the OSPF specification (RFC #2328).

d. Click Submit on the Local routes > Dynamic > OSPF page.

e. On the On the Local routes > Dynamic page, select Start next to OSPF and click Submit.



Enabling RIP

3. To enable support for RIP on the Sequence Reducer, follow these steps:

a. On the Local routes > Dynamic page, click RIP to configure the dynamic route settings.

b. On the Local routes > Dynamic > RIP page, choose the version of RIP your network uses (either 1 or 2).

c. Enter the Authentication type (if applicable).

NOTE: Refer to the RIP 2 specifications (RFC #1387-1389) for more information.

d. Click Submit on the Local routes > Dynamic > RIP page.

e. On the On the Local routes > Dynamic page, select Start next to RIP and click Submit.

Enabling Route Polling

4. To dynamically obtain the routing table from a Cisco router, follow these steps:

a. Click Router to configure the dynamic route import settings.

The Local routes > Dynamic > Router page opens (Figure 3-17).

Figure 3-17 Dynamically Obtaining a Routing Table from a Router

b. In the Poll Routes section, enter the Cisco router’s IP address and port number for rsh access. You can also add a second router IP address and port number in the Secondary router section. The Sequence Reducer will only obtain the routing table from the second router if the first router cannot be contacted.

c. Enter the Local user name. Next, enter the remote user name. These parameters must be identical to those configured on the Cisco router’s rcmp configuration.

d. Select a polling interval for which the Sequence Reducer should check the Cisco routing table for updates. The default setting is 5 minutes.

e. Click Submit to activate the setting. You return to the Local routes > Dynamic page.

5. Select Obtain routing table from router, and then click Submit.



Importing a Routing TableThe Sequence Reducer supports the import of a Cisco routing table from an FTP server. If you export a routing table from your Cisco router to a file and then save the file to an FTP server, you can import the routes file to the Sequence Reducer. This feature populates the Sequence Reducer’s Local routes table with the routes from the routes table file from the Cisco router.

For example, if you log in to a Cisco router and type “show ip route”, a list of routes is displayed. These routes can be imported into the Sequence Reducer’s Local Routes table.

Note that the routing table must be from a router within the Sequence Reducer’s local subnet, and it is preferable if you use the routing table from the router that is connected to the Sequence Reducer’s REMOTE port. Before you import the Routing Table into the Sequence Reducer, you must export the Routing Table file from your Cisco router and save it to an FTP or TFTP server.

The Sequence Reducer will recognize the following routes from the Cisco router:

S - Static routes, O - OSPF derived, C - Connected routes, I - IGRP derived, D - EIGRP routes, E - EGP derived, I - IS-IS derived, R - RIP derived

NOTE: The Sequence Reducer will not import BGP routes.

To import routes for the Sequence Reducer, follow these steps:

1. On the Local Routes page, click Import.

The Local routes > Import page opens (Figure 3-18).

Figure 3-18 Importing a Routing Table

2. In the Import from FTP Server section, enter the IP address of the FTP server, the directory path and file name of the file, the user name and password for the FTP server, and the Cisco router’s IP address.



NOTE: If dynamic routing is enabled (i.e., RIP, OSPF, or Route Polling), you cannot import a routing table from an FTP server.

3. Click Submit to import the file and store a copy of it in the Sequence Reducer’s flash memory. You return to the Local routes page.

Enabling Router BalancingRouter balancing is a local load balancing policy that enables a Sequence Reducer to use up to four different gateways for sending reduced data to a destination with equal cost paths.

For example, in Figure 3-19 Sequence Reducer B advertises it’s local network (N2) to Sequence Reducer A. Sequence Reducer A identifies two gateways to get to N2, and both routes have equal cost paths. Using a router balancing policy, Sequence Reducer A can use the two gateways on a per-destination, per-packet (i.e., round-robin), or flow-based basis.

Figure 3-19 Configuring Load Balancing Policies

When a Sequence Reducer identifies two or more gateways (with a maximum of 4) that can be used to route data to a destination with equal cost paths, the common routes are grouped in the Local routes page (Figure 3-20).

Figure 3-20 Local Routes Page Listing Common Routes with Equal Cost Paths

When two or more gateways can be used for a destination with equal cost paths, the routes are grouped together.


Where to Go Next

To enable Router balancing, follow these steps:

1. On the Local Routes page, click Router Balancing.

The Local routes > Router balancing page opens (Figure 3-21).

Figure 3-21 Configuring Router Balancing

2. Choose a load balancing policy for how the Sequence Reducer should transmit reduced data to two or more gateways. You can use any of the following policies:

– Fixed. (Default) All traffic is directed to one of the available routers. No load balancing.

– Per-destination. Traffic is distributed over available routers based on destination IP address.

– Per-packet. Traffic is distributed over available routers on a per-packet basis (i.e., round robin).

– Flow based. Traffic is distributed over available routers based on source and desti-nation IP addresses and ports.


Where to Go NextNow that you have set up the Sequence Reducer, you can configure policy settings for the device. For more information, refer to the next chapter, “Configuring Policies for the Sequence Reducer” on page 57.


Where to Go Next


Chapter 4 Configuring Policies for the Sequence Reducer

This chapter describes how to configure basic and advanced policy settings for a Peribit Sequence Reducer and Sequence Reducer community.

� “Configuring Basic Policies” in the next section.

� “Configuring Advanced Policies” on page 70.

Configuring Basic PoliciesThis section describes the basic policies that you configure for the Sequence Reducer, and covers the following topics:

� “Configuring End Points for the Peribit Community” in the next section.

� “Configuring Registration Server Settings” on page 59.

� “Configuring Reduction Subnets” on page 62.

� “Setting Community Topology Parameters” on page 64.

� “Managing Applications” on page 66.

� “Filtering Data Reduction by Source and Destination” on page 69.

Configuring End Points for the Peribit CommunityAfter installing the Sequence Reducer into your network and providing the registration server information to the device, the Sequence Reducer attempts to form reduction tunnels with other Peribit devices in the community. Each Sequence Reducer within a Peribit community is considered an end point.

If reduction subnets have been defined or discovered by the Sequence Reducers in the Peribit community, each Sequence Reducer reduces and assembles data from one another by default. You can change this configuration so that the Sequence Reducer does not assemble data from other Sequence Reducers, and/or only reduces data destined for a select number of other Sequence Reducers in the Peribit community.

Most often, the formation of reduction tunnels with all Peribit devices in the community is successful. However, in very large Peribit communities of Sequence Reducers, you may want to designate a Sequence Reducer as a Hub if you expect it to reduce and assemble data from a number of other Sequence Reducers in the Peribit community.

This feature sets a reduction tunnel formation priority to this device. Other Sequence Reducers within the Peribit community will detect the Hub classification, and attempt to create a reduction tunnel to it before creating reduction tunnels with other Peribit devices. Note that the Peribit community registration server does not necessarily have to be a Hub.

Chapter 4 Configuring Policies for the Sequence Reducer � 57

Configuring Basic Policies

To configure end points in a Peribit community, follow these steps:

1. Click Policies in the menu frame, and then click End points in the left-hand navigation frame.

The End points page opens (Figure 4-1).

Figure 4-1 Configuring End Points

2. By default, the Sequence Reducer assembles data from all other Sequence Reducers in the Peribit community. If you do not want this Sequence Reducer to assemble reduced data from other Sequence Reducers, deselect the “Enable this device to ASSEMBLE traffic from all other Peribit devices” option.

3. By default, the Sequence Reducer reduces data destined for all other Sequence Reducers in the Peribit community. If you do not want this Sequence Reducer to reduce data for other Sequence Reducers, deselect the Reduce option.

Otherwise, choose one of the following options:

– All discovered Peribit devices. The Sequence Reducer reduces data destined for all other Sequence Reducers (default).

– ONLY Peribit devices designated as hubs. The Sequence Reducer only reduces data destined to Peribit devices designated as a hub

– ONLY checked Peribit devices below. The Sequence Reducer only reduces data destined for specific Peribit devices in the list.



If you choose to have this Sequence Reducer only reduce data destined for specific Peribit devices in the list, this Sequence Reducer will only reduce traffic destined for reduction subnets associated with these devices. All other traffic is passed through without reduction.

Note the following about the Sequence Reducer device list:

– To quickly access another Sequence Reducer, click the IP address from the list and enter the administrator user name and password for the device.

– The Hub and Tunnel Status columns contain icons that represent the following:

– The Description column may contain messages pertaining to lost connections or unknown connections.


Configuring Registration Server SettingsWhen you install two or more Sequence Reducers into your network, a Peribit community of devices is formed. Within the Peribit community, you must designate one Sequence Reducer as the registration server. The registration server stores the network information of all Peribit devices within a community. Every Sequence Reducer periodically contacts the registration server to obtain information about other devices within the community.

During the Quick Setup, you assigned a password to the registration server. When you set up additional Sequence Reducers, you supply each Peribit device with the IP address and password of the registration server.

If you are logged in to the registration server, you can change the password of the registration server, or designate a different Peribit device as the registration server. You can also assign a secondary registration server to act as a backup should the primary registration server experience a disruption.

Table 4-1 End Points Icon Description

Tunnel Status Description

Hub — This Sequence Reducer has been designated as a hub in the Peribit community. For more information on designating a Sequence Reducer as a Hub, refer to “Setting Community Topology Parameters” on page 64.

Tunnel Established — A reduction tunnel is properly established between this Sequence Reducer and the corresponding Sequence Reducer (IP address/Device Name).

No Tunnel Established — No reduction tunnel has been established between this Sequence Reducer and the corresponding Sequence Reducer (IP address/Device Name).

Broken Tunnel — Sequence Reducer’s tunnel status is broken because of a policy setting or an error.

Unknown connection — The Sequence Reducer’s tunnel status is unknown or a session has not been established because of a policy setting or an error.



To view and configure registration server settings, follow these steps:

1. Click Policies in the menu frame, and then click Registration server in the left-hand navigation frame.

The Registration server page opens (Figure 4-2).

Figure 4-2 Configuring Registration Server Settings

2. If you want to change the password of the registration server, select Change registration server password, and then enter the old and new passwords in the appropriate fields.

NOTE: Changing the registration server password temporarily disrupts communication with other Peribit devices within the community. If you change the password of the registration server, you must update the registration server password on all other Peribit devices.

3. To designate a secondary registration server that acts as a backup should the primary fail, select Change SECONDARY registration server, select Use IP address, and then enter the IP address of another Peribit device in the field. To remove a secondary registration server from the Peribit Community, select No secondary registration server.

4. To designate a different Sequence Reducer as the registration server, select Transfer registration server designation to another device, and then enter the IP address of the Peribit device in the field.

5. If this device is the registration server or the secondary registration server, you can view a list of devices that report to this registration server by clicking Reporting Devices.



The Reporting devices page opens (Figure 4-3).

Figure 4-3 Viewing a List of Reporting Devices within a Peribit Community

The Reporting devices page lists all of the Sequence Reducers that are reporting to this Peribit community registration server.

Note the following about the Reporting Devices page:

– The Reduction and Assembly columns indicate that the Peribit Sequence Reducer has the Reduction and/or Assembly engines activated. (For more information on activating or deactivating the Sequence Reducer’s reduction and assembly engines, refer to “Configuring End Points for the Peribit Community” on page 57.)

– The Duties column contains icons that represent the following:

– The Last Registration column displays the time and day the Sequence Reducer contacted the Peribit community registration server for configuration and policy infor-mation.

6. Click Back to return to the Registration server page.


Table 4-2 Duties Column Icon Description

Duty icon Description

Hub icon — Signifies that this Sequence Reducer is designated as a Hub. For more information on designating a Sequence Reducer as a Hub, refer to “Set-ting Community Topology Parameters” on page 64.

Registration Server icon — Signifies that this device is the Registration Server for the Peribit community.

Secondary Registration Server icon — Signifies that this device is the Sec-ondary Registration Server for the Peribit community.



Configuring Reduction SubnetsAfter you install a Sequence Reducer into your network, route discovery mechanisms within the device collect IP subnet information on the Local side of the Sequence Reducer. This subnet information is stored in the Sequence Reducer, and then advertised to other Sequence Reducers within the Peribit community. In some instances, you may only want to advertise specific subnets as targets for data reduction.

For example, Figure 4-4 shows four Sequence Reducers in the network, and each Sequence Reducer has detected two subnets on its Local side. The Sequence Reducer advertises all of the local subnets to the other devices in the Peribit community. However in this example, you may want to specify that data destined for Subnet D1 is not reduced.

Figure 4-4 Selecting Specific Subnets for Data Reduction

To configure this setting, you log in to the Sequence Reducer associated with Router D and deselect Subnet D1 from the Reduction Subnet list so that it is not advertised to the other Sequence Reducers. Data that originates from other subnets and is destined for Subnet D1 passes through the Peribit community without reduction. Data that is destined for Subnet D2 is still reduced through the Sequence Reducer associated with Router D.

To specify which Local subnets are advertised to other Sequence Reducers within the Peribit community as targets for data reduction, follow these steps:

1. Click Policies in the menu frame, and then click Reduction subnets in the left-hand navigation frame.



The Reduction subnets page opens (Figure 4-5).

Figure 4-5 Configuring Reduction Subnets

NOTE: If there are 4000 or more reduction subnets for a single Sequence Reducer, it may take considerable time to load all of the reduction subnets into the Web console. In this instance, it is recommended that you use the CLI to view and/or configure the reduction subnet policies. For more information, refer to “Configuring Reduction Subnets” on page 129.

2. In the Reduction subnets page, choose one of the following parameters for the reduction subnet list:

– Advertise All subnets. Advertises all subnets in the list to all other the Sequence Reducers in the Peribit community.

– Advertise checked subnets ONLY. Advertises only subnets that are selected in the list to other Sequence Reducers in the Peribit community.

– Advertise all subnets EXCEPT checked. Advertises all subnets in the list except those that are checked to the other Sequence Reducers in the Peribit community.

3. If you choose to advertise specific subnets as targets for reduction, select the subnets according to the parameter you selected (Advertise checked subnets, or Advertise all subnets except checked).




Setting Community Topology ParametersWhen you create a Peribit community of devices, you can select the community topology setting that best describes your network. The community topology setting ensures that a Sequence Reducer’s resources are efficiently used to reduce and assemble data between devices.

One type of community topology is a Mesh topology, where multiple devices are intercon-nected with one another and can reduce and assemble data.

Figure 4-6 Deploying Sequence Reducers in a Mesh Topology

Another type of community topology is a Hub and Spoke topology, where a central location (Hub) can reduce and assemble data to and from all other Sequence Reducers in the Peribit community. By default, the spoke devices only reduce data to the Hub Sequence Reducer. However, this setting can be changed from the End Points page. For more information, refer to “Configuring End Points for the Peribit Community” on page 57.

Figure 4-7 Deploying Sequence Reducers in a Hub and Spoke Topology

During the initial configuration for the Sequence Reducer (Quick Setup), you selected a community topology setting for the device. You also selected a range of numbers that represent the number of Peribit devices in the community (Hub and Mesh only). Using the Web console, you can review and make changes to the community topology setting for the Sequence Reducer.



To review and make changes to the community topology setting for the Sequence Reducer, follow these steps.

1. Click Policies in the menu frame, and then click Community topology in the left-hand navigation frame.

The Community topology page opens (Figure 4-8).

Figure 4-8 Reviewing and Changing the Community Topology Settings

2. On the Topology page, choose one of the following topology settings for the Sequence Reducer:

– To designate this Sequence Reducer as a hub in a Hub and Spoke topology, select Hub and then select a range for the number of devices in the Peribit community.

– To designate this Sequence Reducer as a spoke in a Hub and Spoke topology, select Spoke.

NOTE: If you designate this Sequence Reducer as a Spoke, this Sequence Reducer will only reduce data from other Sequence Reducers that are designated as a Hub (by default).

To change this default setting, refer to “Configuring End Points for the Peribit Community” on page 57. On the End Points page, you can enable reduction from all Peribit devices or Peribit devices selected in the list.

– If this Sequence Reducer is part of a Mesh topology, select Mesh and then select a range for the number of devices in the Peribit community.




Managing ApplicationsThe Application management page lists defined applications—default application definitions, and custom application definitions—for the Sequence Reducer. Using this list, you can select the applications for which data is reduced.

The Sequence Reducer has definitions for 14 applications by default. However, you can define up to 256 application definitions. Application definitions are created by port number(s) or by source and destination IP address(es).

This list also enables you to select the applications that are identified in the Web console’s Monitor pages. These statistics report the amount of data reduction for monitored applications, as well as the amount of data that was not reduced. You can select up to 40 applications for monitoring purposes.

NOTE: For more information on monitoring reduction statistics, refer to Chapter 6, “Viewing Results”.

To manage applications for the Sequence Reducer, follow these steps:

1. Click Policies in the menu frame, and then click Application management in the left-hand navigation frame.

The Application management page opens (Figure 4-9).

Figure 4-9 Managing Applications for Reduction and Monitor Statistics

2. Viewing and/or changing an application’s definition. You can view and/or change an application’s definition by clicking on the application name. TheApplication definitions > Edit page opens and displays the application definition infor-mation (e.g., application name, application traffic identification).



3. Select applications for reduction. By default, the Sequence Reducer will attempt to reduce data from all applications running over TCP/UDP in your IP network (except HTTPS, SNTP, and SSH). If you want to configure the Sequence Reducer to only reduce data from specific applications, or if you want to reduce HTTPS, SNTP, and SSH data, select the check box next to the application name in the Reduce column.

NOTE: Data from the applications that are not selected passes through the Sequence Reducer without reduction.

4. Select applications for monitoring statistics. By default, all monitored applications are identified within the statistics. Known applications are identified by name, while unknown applications are identified as “Others”. If you want to configure which applications are included in the Web console’s Monitor pages, select the check box next to the application name in the Monitor column.

5. Deleting Applications. To delete an application, click the Delete button next to the appli-cation name.

Defining New Applications

When you define a new application, you can assign a port number (or list of numbers) for the application or source and destination IP addresses. You can create up to 256 application defini-tions on the Sequence Reducer.

1. To define a new application, click New.

The Application management > New application page opens (Figure 4-10).

Figure 4-10 Defining New Applications

2. To define a new application, enter a name for the application.



NOTE: The following alpha-numeric characters are allowed in the application name:

1234567890 abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ

3. Perform one of the following:

– To define the application by port number, select this option and then enter a destination port number, a series of comma-separated port numbers, or a range of destination port numbers separated by a hyphen (-).

NOTE: For a list of common application port numbers, refer to Appendix E, “Common Application Port Numbers”.

– To define the application by Source/Destination IP address pairs, select this option and then enter the source and destination IP addresses in the respective fields. You can also include the subnet mask with the IP address. In addition, an asterisk (*) can be used as a wild card for the IP address.

Up to five source and destination IP address pairs can be defined for an application.

4. Click Submit to activate the application. To restore the original parameters, click Cancel.

Viewing Application Definitions

You can view a list of application definitions, which show the application name and the port number or source/destination information.

1. To view a list of defined applications, click Definitions on the Application management page.

The Application management > Definitions page opens (Figure 4-11).

Figure 4-11 Viewing a List of Defined Applications



2. After reviewing the list of defined applications, click Back.

3. On the Application management page, click Submit to activate any changes. To restore the original parameters, click Reset.

Filtering Data Reduction by Source and DestinationBy default, the Sequence Reducer will attempt to reduce (and assemble) data from all source and destination locations. If you want to control data reduction between specific source and destination locations, you can create a source/destination filter so that data passes through the Sequence Reducer without reduction.

For example, if there is a subnet in your network for which data should not be reduced, create a “Do not reduce” filter using the appropriate IP address in the Source field and an asterisk (*) in the destination field. All data originating from this subnet and going to any destination will not be reduced.

To define new source and destination subnets, follow these steps:

1. Click Policies in the menu frame, and then click Source/Destination filter in the left-hand navigation frame.

The Source/Destination filter page opens (Figure 4-12).

Figure 4-12 Filtering Data Reduction by Source and Destination

2. In the Source/Destination filter page, select the type of source/destination filter you want to create.

– Off (default). The Sequence Reducer will reduce data originating from any source and going to any destination.


Configuring Advanced Policies

– Reduce data between the following source/destination pairs ONLY. The Sequence Reducer will only reduce data originating from the defined source and destined to the defined destination.

– DO NOT reduce data between the following source/destination pairs. The Sequence Reducer will attempt to reduce all data except data originating from the defined source, and destined to the defined destination.

NOTE: Application filter policies may also affect data reduction for the Sequence Reducer. For more information on creating application filter policies, refer to “Managing Applications” on page 66.

3. Enter the IP address and subnet mask of the data source. The IP address can be either a range of network addresses or a host address.

4. Enter the IP address and subnet mask for the data destination.

NOTE: You can use an asterisk (*) as a wildcard for the IP address of the data source or data destination. If you use a wildcard for the IP address, the subnet mask field must be blank. You can also specify a single end point by entering the IP address of the host and “255.255.255.255” as the subnet mask.


Configuring Advanced PoliciesThis section describes the advance policies that you configure for the Sequence Reducer. The advanced policies are hidden from the left-hand navigation frame until you click the Advanced link.

The advanced policies include the topics:

� “Viewing Remote Route Information” in the next section.

� “Configuring Load Balancing Policies” on page 72.

� “Setting Default Assemblers” on page 74.

� “Setting the Preferred Assemblers” on page 76.

� “Configuring Tunnel Mode Settings” on page 77.

Viewing Remote Route InformationThe Remote routes page lists the available reduction subnets from other Sequence Reducers within the Peribit community. This list can help you determine the Peribit device that assembles data for a specific network, as well as the cost value for the network route.

To display the remote routes, follow these steps:

1. Click Policies in the menu frame, click Advanced to display the advanced policies in the left-hand navigation frame, and then click Remote routes.



The Remote routes page opens (Figure 4-13).

Figure 4-13 Displaying and Updating Remote Routes

This list can help you determine the Peribit device that assembles data for a specific network, as well as the cost value for the network route.

The Validate Advertised Routes feature enables the Sequence Reducer to send a validation packet to each of the advertised remote network routes. This validation packet ensures that the remote Sequence Reducer is in the path from the Sequence Reducer performing the test to the advertised remote network.

By default, the setting is disabled. It is recommended that this setting only be enabled when the validity of a network route is uncertain. When remote route validation is enabled, the default setting is for advertised remote network routes to be validated hourly.

NOTE: If you plan to enable Load Balancing policies (as described in “Configuring Load Balancing Policies” on page 72), it is strongly recommended that you do not enable the Validate Advertised Routes feature.

2. To change the remote route validation to a more frequent or less frequent setting, use the drop-down menu at the bottom of the page. You can also fetch advertised remote network routes instantly by clicking Fetch Now.




Configuring Load Balancing PoliciesThe Load Balancing policy enables two or more Sequence Reducers to share the load of assembling reduced data to a common destination with equal cost paths.

For example, in Figure 4-14 Sequence Reducer A advertises a local route to Subnet 2. In the same network, Sequence Reducer B also advertises a local route to Subnet 2. Sequence Reducer C recognizes these two remote routes to Subnet 2 and both routes have an equal cost path.


In this example, if Sequence Reducer C recognizes two or more remote routes to a common destination with equal cost paths, the common routes are grouped in the Remote routes page (Figure 4-15).

Figure 4-15 Remote Routes Page Listing Common Routes with Equal Cost Paths

When a remote route of a common destination and equal cost path is identified, load balancing (or preferred assembler) policies can be applied.

NOTE: For more information on preferred assembler polices, refer to “Setting the Preferred Assemblers” on page 76.

To configure load balancing policies for the Sequence Reducer, follow these steps.

1. Click Policies in the menu frame, click Advanced to display the advanced policies in the left-hand navigation frame, and then click Load balancing.

Common destinations with equal cost paths



The Load balancing page opens (Figure 4-16).


2. Choose a load balancing policy for how you want data to be transmitted to a destination with equivalent Peribit reduction tunnels. You can use any of the following policies:

� Off. (Default) All traffic is routed to one of the available tunnels. No load balancing.

� Per-destination. Traffic is distributed over available tunnels based on destination IP address.

� Per-packet. Traffic is distributed over available tunnels on a per-packet basis (i.e., round robin).

� Flow based. Traffic is distributed over available tunnels based on source and destination IP addresses and ports.

NOTE: The load balancing policies are also applied if you have configured two or more default assemblers. For more information on configuring default assemblers, refer to “Setting Default Assemblers” on page 74.




Setting Default AssemblersThe default assemblers feature can simplify remote route administration of Peribit Sequence Reducers. By designating a Sequence Reducer as a default assembler for a particular location, you ensure that a Peribit reduction tunnel is established from remote sites to this location.

Designating a Sequence Reducer as a default assembler requires that you change some of configuration settings on the Sequence Reducers in the Peribit community. Therefore, it is important that you understand which Sequence Reducers will use a default assembler, and which local routes will be included in the default assemblers advertised subnets.

For example, Figure 4-17 shows a remote site with only one outbound connection — to the corporate network. Normally, the remote site’s Sequence Reducer (Peribit B) would have to learn each route that is advertised by the corporate network’s Sequence Reducer (Peribit A) and store each route in its remote routes table.

However, instead of having the Peribit B learn each advertised remote route in the corporate network, you can designate Peribit A as the default assembler on Peribit B.

The next task is to change a few configuration settings on the corporate Sequence Reducer. In this example, you must log in to Peribit A and change the default gateway from the router on the Remote side, to the switch on the Local side. This ensures that Peribit A efficiently routes the data to the proper subnet within the corporate network. You must also create a static Local route on Peribit A to each of the other Sequence Reducers in the Peribit community (Peribit B in this example). For more information on changing network settings and creating static routes, refer to Chapter 3, “Setting up the Sequence Reducer”.

Figure 4-17 Setting a Default Assembler

In addition, you can create an exclude list of individual hosts or subnets so that data destined for these locations is not reduced by the default assembler. For example, if you do not want data destined for subnet S4 to be reduced, you add subnet S4’s IP address in the Exclude List on Peribit B so that data passes through the device without reduction. You can list up to six default assemblers on a Sequence Reducer. However, if you list more than one default assembler, load balancing policies are applied.



NOTE: For more information on setting load balancing policies, refer to “Configuring Load Balancing Policies” on page 72.

To create a list of default assemblers, follow these steps.

1. Click Policies in the menu frame, click Advanced to display the advanced policies in the left-hand navigation frame, and then click Default assemblers in the left-hand navigation frame.

The Default assemblers page opens (Figure 4-8).

Figure 4-18 Creating a Default Assembler List

2. To set a default assembler so that data destined for a remote site is assured of reduction, enter the IP address of the remote Sequence Reducer(s) in the Default Assemblers list. Up to six default assemblers can be entered (one per line). If the Load Balancing policy is “off,” the precedence of the Default Assembler is based on their order in the list.

3. To exclude a host or subnet from data reduction by the default assembler, enter the host’s IP address or enter the IP address and subnet mask separated by a slash (/) for a subnet.

NOTE: These exclusions only apply if the default assembler is the Sequence Reducer that would be used for this traffic.




Setting the Preferred AssemblersIf your Peribit community has two (or more) Sequence Reducers that can reach a single subnet, and no other policies apply, traffic will be routed to one of the tunnels on an arbitrary basis. However, you can designate one or more Sequence Reducers as a Preferred Assembler(s). By designating a Preferred Assembler, you give assembly precedence to a Sequence Reducer — thus creating a preferred network path for a destination when more than one path exists.

For example, in Figure 4-19, data from Subnet 1 has two network paths of equal cost value to Subnet 2. The “Peribit A” Sequence Reducer has designated the “Peribit B” Sequence Reducer as a Preferred Assembler for data destined to Subnet 2.

Figure 4-19 Designating a Preferred Assembler

While the Peribit A Sequence Reducer can send data to the “Peribit C” Sequence Reducer if needed, it’s Preferred Assembler is “Peribit B”.

NOTE: If the Load Balancing policy is set to anything other than “Off,” then it will override this policy. For more information on setting a load balancing policy, refer to “Configuring Load Balancing Policies” on page 72.

To create a list of default assemblers, follow these steps.

1. Click Policies in the menu frame, click Advanced to display the advanced policies in the left-hand navigation frame, and then click Preferred assemblers in the left-hand navigation frame.

The Preferred assemblers page opens (Figure 4-8).

Figure 4-20 Creating Preferred Assemblers



2. To set a Preferred Assembler, enter the IP address of the remote Sequence Reducer in the Preferred Assemblers list. Up to 80 Preferred assemblers can be entered (one per line).


Configuring Tunnel Mode SettingsWhen you create a Peribit community of Sequence Reducers, the devices in the community form reduction tunnels. These reduction tunnels are a means by which the reduced data is transported from one Sequence Reducer to another. By default, reduced data is transmitted between Peribit devices as a single flow — using the Sequence Reducer’s IP address as the data source and 3577 as the destination port number.

NOTE: For Peribit reduction tunnel purposes, a flow constitutes a sequence of data packets from a single source IP address and port number, to a single destination IP address and port number.

Using the Web console’s Tunnel mode page, you can configure how the traffic appears while it transmitted through the Peribit reduction tunnel.

About Multi-flow Emulation

In certain router configurations, WAN bandwidth is proportionately distributed among various network applications that produce data — a service known as Weighted Fair Queueing (WFQ). Traffic from these applications is differentiated by source IP address and port number plus destination IP address and port number. This ensures that the applications that produce heaviest amounts of traffic do not govern the bandwidth available across the WAN.

Because the Sequence Reducer normally sends its reduced data packets to the edge router as a single flow, the data packets from the Sequence Reducer may not maximize the benefits of WFQ on a router.

However, if your network routers use WFQ, you can enable multi-flow emulation on the Sequence Reducer. With Multi-flow emulation, the Sequence Reducer generates its reduction packets with various source port numbers, thus creating unique flows. When the reduced packets reach the router, each packet is assigned a unique queue and then fairly transmitted through the router.

About Application Visibility

As previously discussed, the Sequence Reducer (by default) sends its data packets through the reduction tunnel as a single flow, using its IP address as the source and 3577 as the destination port number. If you use performance monitoring tools to collect and view statistics on devices in your network, the network devices that fall within the Peribit reduction tunnel may show that the largest amount of traffic is generated from the Sequence Reducer.

The Application Visibility feature retains the data packets’ original source and destination port number through the Peribit reduction tunnel. This feature enables you to use your network performance tools to collect realistic statistics on the devices within the Peribit reduction tunnel.



Guidelines for Choosing a Tunnel Mode Setting

Table 4-3 offers recommendations for Tunnel Mode settings base upon your network require-ments.

NOTE: Multi-flow Emulation and Application Visibility features reduce packet aggregation, thus affecting the reduction in number of packets.

To configure the tunnel mode settings of the Peribit Community, follow these steps.

1. Click Policies in the menu frame, click Advanced to display the advanced policies in the left-hand navigation frame, and then click Tunnel mode in the left-hand navigation frame.

The Tunnel mode page opens (Figure 4-21).

Figure 4-21 Configuring Tunnel Mode Settings

2. In the Tunnel mode page, select a setting based upon your network requirements.

If you choose Multi-flow emulation, enter the number of flows to be supported (between 256 and 1024). The default is 256 flows.


Table 4-3 Guidelines for choosing a Tunnel Mode setting

Requirement Recommended Setting

No requirement for distributing bandwidth equally among appli-cations or sources. No requirement for identifying traffic source or destination within Peribit reduction tunnel for monitoring pur-poses.

Use Standard mode

Using WFQ on routers to proportionately distribute among various network application flows that produce data.

Use Multi-flow Emulation

Using performance monitoring tools to monitor traffic on devices within the Peribit reduction tunnel. Must be able to determine original source and destination port number from data that traverses through reduction tunnel.

Use Application Visibility


Where to Go Next

Where to Go NextAfter configuring policies for the Sequence Reducer, proceed to the next chapter, Chapter 5, “Applying QoS Policies for the Sequence Reducer”.


Where to Go Next


Chapter 5 Applying QoS Policies for the Sequence Reducer

This chapter describes how to use the Peribit Sequence Reducer’s tools through the Web console, and covers the following topics:

� “Configuring Application QoS Policies” in the next section.

� “Managing Bandwidth for Peribit End Points and Other Network Paths” on page 83.

� “Creating Application Classes for Bandwidth Management” on page 87.

� “Assigning Applications to Application Classes” on page 90.

Configuring Application QoS PoliciesWithin the header of an IP packet is an 8-bit field called the DiffServ field (DS field). The DS field is divided into three parts; a 3-bit IP field used to determine priority, a 3-bit Network Characteristics field used to determine the level of service, and a 2-bit field that is unused or reserved (except for experimental use in Explicit Congestion Notification [ECN]).

Within the DS field, eight levels of priority can be established for data packets — from 0 to 7, with 7 considered the highest priority.

Peribit’s Application Quality of Service (QoS) feature utilizes the IP Precedence field to:

� Preserve IP Precedence settings established by other QoS devices within your network.

� Improve the precedence levels of data packets through the Peribit reduction tunnel by setting the priority bits.

� Preserve Peribit assigned precedence levels of data packets after the packets leave the Peribit reduction tunnel.

� Reduce higher priority traffic first, creating priority queues for data reduction.

NOTE: If data packets also include drop precedence settings (DiffServ), Peribit’s Application QoS feature uses the lowest drop precedence value in the header of the reduced packet.

The Application QoS page enables you to customize your QoS requirements in multiple ways.

Preserve QoS Information in the Reduction Tunnel — The Sequence Reducer recognizes DS field settings in data packets and does not alter the precedence settings established by other QoS devices (in preserve mode). While Packets with precedence settings greater than 0 do not receive preferential queueing from the Sequence Reducer, they are not grouped with packets of different priority settings.

Promote QoS Information in the Reduction Tunnel — The Sequence Reducer promotes the precedence setting of application data for its transmission through the reduction tunnel. For example, if you have established precedence settings for data from certain applications, you can improve these precedence settings for reduction tunnel purposes.

Chapter 5 Applying QoS Policies for the Sequence Reducer � 81

Configuring Application QoS Policies

Furthermore, you can use Peribit’s Application QoS feature to create new precedence settings for data from applications that are recognized by the Sequence Reducer. For example, if all data that traverses through your network currently receives the same precedence, but you want to take advantage of Peribit’s Application QoS feature to improve the transmission of data from specific applications through the reduction tunnel, you can create an application priority setting for Peribit reduction tunnel purposes.

Preserve assigned priorities after assembly — When reduced data is assembled by a Sequence Reducer, promoted (or created) precedence settings by the Sequence Reducer are preserved in the data packets and transmitted to the Local Area Network (LAN).

Reduce higher priority traffic first — The Sequence Reducer creates eight priority queues, and depending on the precedence setting established, the packet falls into one of these eight queues. Higher priority queue traffic is reduced and transmitted before lower priority data.

To configure the Application QoS policies, follow these steps:

1. Click QoS in the menu frame, and then click Application QoS in the left-hand navigation frame.

The Application QoS page opens (Figure 5-1).

Figure 5-1 Configuring Application QoS Policies

2. To enable Application QoS so that IP precedence settings are preserved and/or promoted, select Preserve/Promote QoS information in the reduction tunnel, and then follow these steps:

a. If you only want to preserve the precedence settings through the reduction tunnel, proceed to Step 3.


Managing Bandwidth for Peribit End Points and Other Network Paths

b. To prioritize the reduction of data so that traffic with higher precedence settings is reduced before traffic with lower precedence settings, select Reduce higher priority traffic first.

c. To improve (or create) precedence settings for data through the reduction tunnel, select the application and assign a priority level. All data originating from this application will receive a higher priority setting.

d. If you use Peribit’s Application QoS feature to improve (or create) the precedence setting for one or more applications, you can preserve this setting for the assembled data (i.e., after it leaves the reduction tunnel) by selecting Preserve assigned priorities after assembly.

NOTE: If an application’s packet has a priority setting from a QoS device that differs from the setting in the Application QoS page, the higher of the two is honored.


Managing Bandwidth for Peribit End Points and Other Network PathsSequence Reducers within a Peribit community form reduction tunnels between devices. The reduction tunnel is a path (or paths) over which reduced data traverses across the Wide Area Network (WAN). Normally, a Sequence Reducer reduces data and sends it across the WAN without policies or restrictions on bandwidth usage.

When data is sent from one network end point to another, WAN bandwidth can become heavily consumed by traffic to a particular destination (e.g., the public Internet). This behavior can deplete WAN resources for mission-critical applications and allow heavy bandwidth usage for less critical network traffic.

Peribit’s bandwidth management feature enables you to set guaranteed and maximum levels of WAN bandwidth allocated over WAN links.

By setting guaranteed and maximum bandwidth usage levels, you ensure that WAN links always have enough bandwidth for mission-critical, site-to-site reduced traffic. You also ensure that less critical traffic does not impede the available WAN bandwidth.

To manage the bandwidth for network paths, you log in to a Sequence Reducer’s Web console and set the remote interface rate limit. The remote interface rate limit is a number in Kilobits Per Second (Kbps) and should typically match your subscribed WAN circuit speed. For example, if you have a T1 WAN circuit, you would enter 1500 Kbps as the remote interface speed.

Next, you review the table of Sequence Reducers (by IP address and name) and select those for which you want to manage bandwidth. Make a note of the WAN circuit speed for the remote location(s). After selecting the Sequence Reducers for bandwidth management, you enter a number in the Guaranteed and Maximum fields.

There is also a Default option which enables you to set guaranteed and maximum bandwidth levels for data that either passes through the Sequence Reducer without reduction (e.g., to a location without another Sequence Reducer), or for reduced data destined for another Sequence Reducer that is not selected in the bandwidth management table.

NOTE: The Guaranteed number (or sum total of the Guaranteed numbers) that you enter cannot exceed 80% of the remote interface rate.



For example, Figure 5-2 shows Peribit A with a WAN circuit speed of 10 Mbps. It also shows three destinations via the WAN with varying circuit speeds. Note that the sum of the remote destination circuit speeds is less than 80% of Peribit A’s WAN circuit speed.

In this example, you log in to Peribit A, select the IP address/name associated with Peribit B, and enter 1500 in the Guaranteed and Maximum fields. Next, select the IP address/name associated with Peribit C and enter 3000 in the Guaranteed and Maximum fields. Finally, you use the Default category to manage bandwidth for destination without a Peribit Sequence Reducer. For this example, you could enter 1500 in the Guaranteed and Maximum fields. Note that you could enter a number in the Maximum field that is less than the WAN circuit speed to limit the amount of bandwidth allocated to a specific destination.

Figure 5-2 Bandwidth Management Scenario 1

The above example shows how to use the bandwidth management feature for a Peribit Sequence Reducer with a WAN circuit speed greater than the combined destination WAN circuit speeds.

However, you may have an instance where a Sequence Reducer’s WAN circuit speed is less than the combined destination WAN circuit speeds. For example, Figure 5-3 shows Peribit A with a WAN circuit speed of 1.5 Mbps. It also shows three destinations via the WAN with varying circuit speeds. Note that the sum of the remote destination circuit speeds is greater than 80% of Peribit A’s WAN circuit speed.

Figure 5-3 Bandwidth Management Scenario 2

In this example, you can proportionately distribute the bandwidth between Peribit B, Peribit C, and the Default destination by using the following formula:

Where:

S1 = Source WAN circuit speed (Peribit A)D1 = Destination WAN circuit speedD2 = Destination WAN circuit speedD3 = Destination WAN circuit speed

S1 0.8× Destination WAN Circuit SpeedD1+D2+D3

-----------------------------------------------------------------------------



To enable the bandwidth management, follow these steps:

1. Click QoS in the menu frame, and then click Bandwidth management in the left-hand navigation frame.

The Bandwidth management page opens (Figure 5-4).

Figure 5-4 Allocating Bandwidth Between Peribit Devices

2. Select Enable Outbound Bandwidth Management.

3. In the Remote interface rate limit field, enter the link speed setting for the subscribed WAN service. The Remote interface rate limit should typically match the router’s setting. The number must be between 8 and 100000 Kbps.

4. To allocate bandwidth for data destined to one or more Peribit devices within the community, select the Sequence Reducer’s IP address and enter a Guaranteed and Maximum number in the appropriate fields. If you do not enter a value in the Guaranteed and Maximum fields, the Guarantee is 0 Kbps and the Maximum is 100% of the Remote interface rate limit.

5. If you want to manage bandwidth for data that passes through the Sequence Reducer without reduction or for reduced data destined for another Sequence Reducer that is not selected in the table, enter a Guaranteed and Maximum number in the Default row.

IMPORTANT: The Guaranteed number (or sum total of the Guaranteed numbers) that you enter cannot exceed 80% of the remote interface rate limit. Entering a maximum value of less than 100% has the effect of rate limiting traffic to maintain less than the maximum.

6. If you are satisfied with the bandwidth management policies, click Submit. If you want to configure exclusion policies for bandwidth management, continue to the next step.



7. After configuring bandwidth management, you can exclude one or more networks or hosts from bandwidth management policies. If you exclude a network or host from the bandwidth management policies, data can be reduced by the Sequence Reducer but sent to the WAN without restrictions on bandwidth usage. To exclude networks or hosts from bandwidth management policies, click Exclusions.

The Bandwidth management > Exclusions page opens (Figure 5-5).

Figure 5-5 Excluding Networks or Hosts from Bandwidth Management Policies

8. Select DO NOT impose bandwidth limits on data between the following pairs.

9. Enter a local network or host in the Between LAN side network field. Next enter a remote network or host in the And WAN side network field.

10. Click Add.



Creating Application Classes for Bandwidth Management

Creating Application Classes for Bandwidth ManagementAfter you have enabled Outbound Bandwidth Management for the Sequence Reducer, you can define guaranteed and maximum limits of bandwidth usage for up to 14 standard application classes. You then assign applications to these classes so that the traffic from these applications is constrained to the class limits you have defined.

NOTE: For more information on assigning applications to traffic classes, refer to “Assigning Applications to Application Classes” in the next section..

The guaranteed and maximum limits for the application classes use the remote interface setting in the Bandwidth Management page. Bandwidth limits are expressed as a percentage of the maximum bandwidth allocated to each end point. For a given class, you enter a guaranteed and maximum percentage of bandwidth usage available.

For example, you may want to use an application class for business-critical application data (e.g., thin-client, database traffic, etc.). Using Application Class 1, you might enter a guaranteed bandwidth limit of 50% and a maximum bandwidth limit of 100%. Then from the Application Assignment page, you assign the business-critical applications to Application Class 1.

In this scenario, traffic from the business-critical applications are allocated a minimum of 50% of the available WAN bandwidth (as defined in the Bandwidth Management page) whenever there is data for their class.

Similarly, you may want to use an application class for low-priority application data (e.g., HTTP Web traffic, etc.). Using Application Class 10, you might enter a guaranteed bandwidth limit of 0% and a maximum bandwidth limit of 10%. Then from the Application Assignment page, you assign the low-priority applications to Application Class 10.

In this scenario, traffic from the low-priority applications is not guaranteed a fixed amount of bandwidth and is limited to a maximum of 10% of the available bandwidth at all times.

In addition to the 14 standard application classes, there is also a Low Latency class. The Low Latency class is a high-priority traffic class that takes precedence over all other application classes. If your WAN transmits time-sensitive data (e.g., VoIP, streaming video), you may want to use the Low Latency class for this traffic.

Because traffic assigned to the Low Latency class always takes precedence over the traffic assigned to other application classes, there is no guaranteed limit assignment for the Low Latency class. However, it is strongly recommended that you enter a maximum limit of bandwidth usage for the Low Latency class. The maximum limit should correlate with the amount of traffic that is sent from the time-sensitive applications.

Review the bandwidth requirement settings for your time-sensitive application(s) (e.g., the H323 gatekeeper, VoIP equipment, etc.) and determine the total amount of bandwidth needed across all applications and tunnels. Calculate the percentage of the total bandwidth this consti-tutes. After monitoring network usage, you can adjust the percentage value for the Low Latency class as needed.

IMPORTANT: Entering a large value for the Low Latency maximum limit can impact the guaranteed limits for other application classes. Therefore, caution should be taken as to not exceed the needs of the time-sensitive applications.

You can also create guaranteed and maximum bandwidth settings for a Default class. The Default class is a generic class for application data that is not assigned to a class defined by the Sequence Reducer.



Table 5-1 provides an example of setting application class assignments based upon business priority.

NOTE: If more than one application is assigned to a specific class, the guaranteed and maximum settings apply to the cumulative traffic of all applications belonging to the class, not necessarily distributed evenly among them.

To use the application classes for bandwidth management, follow these steps:

1. Click QoS in the menu frame, and then click Application classes in the left-hand navigation frame.

The Application classes page opens (Figure 5-6).

Figure 5-6 Creating Application Classes for Bandwidth Management

Table 5-1 Example of Setting Application Classes Based on Business Priority

Data Type Class Lower and Upper Limits Application Types

Time-Sensitive Data Low Latency

Maximum: 30% Time-sensitive data, e.g., VoIP, streaming video, etc.

High-Priority Data 1 Guaranteed: 40%Maximum: 100%

Business-critical data, e.g., thin-client or data-base transactions.

Medium-Priority Data 2 Guaranteed: 20%Maximum: 100%

Moderately used applications that can be queued below business-critical application data.

Low-Priority Data 3 Guaranteed: 5%Maximum: 30%

Less critical applications that should not absorb available bandwidth which could cause high and medium priority applications to be starved.

All other Data Default Guaranteed: 15%Maximum: 100%

Data from applications that is not assigned to a class defined by the Sequence Reducer.



2. On the Application classes page, you can use up to 14 standard classes for bandwidth management. Enter a Guaranteed and Maximum bandwidth limit in the appropriate fields for one or more classes. The Guaranteed bandwidth limit is the minimum amount of bandwidth that is allocated to a particular class at any time. The Maximum bandwidth limit is the maximum amount of bandwidth allocated to a class.

3. You can also set guaranteed and maximum bandwidth limits for a Default class. The Default class is a generic class for application data that is not assigned to a class defined by the Sequence Reducer. This class represents the best-effort traffic.

You can view which applications are assigned to a particular class by clicking the class number in the Application Class column.

4. If your WAN transmits time-sensitive data (e.g., VoIP, streaming video), you may want to use the Low Latency class for this traffic. The Low Latency class is a high-priority traffic class that takes precedence over all other application classes.


Review the bandwidth requirement settings for your time-sensitive application(s) (e.g., the H323 gatekeeper, VoIP equipment, etc.) and determine the total amount of bandwidth needed across all applications and tunnels. Calculate the percentage of the total bandwidth this constitutes. After monitoring network usage, you can adjust the percentage value for the Low Latency class as needed.

IMPORTANT: Entering a large value for the Low Latency maximum limit can impact the guaranteed limits for other application classes. Therefore, caution should be taken as to not exceed the needs of the time-sensitive applications.


After configuring bandwidth limits for application classes, assign one or more applications to the classes so that data from the application(s) is guaranteed a minimum percentage of bandwidth. For more information on assigning applications to a class, refer to “Assigning Applications to Application Classes” in the next section.


Assigning Applications to Application Classes

Assigning Applications to Application ClassesAfter creating application classes, you can assign one or more applications to a class so that data from the application(s) is guaranteed a minimum percentage of bandwidth, and is constrained to the maximum bandwidth limits you assign on the Application classes page.

The Application assignment page lists the applications defined by the Sequence Reducer. The Sequence Reducer has 14 applications defined by default, but you can define up to 256 appli-cation definitions.

NOTE: For more information on managing and defining new applications, refer to “Managing Applications” on page 66.

To assign one or more applications to an application class, follow these steps:

1. Click QoS in the menu frame, and then click Application assignment in the left-hand navigation frame.

The Application assignment page opens (Figure 5-7).

Figure 5-7 Assigning Applications to Application Classes

2. On the Application assignment page, use the Class drop-down menu to select a class assignment for a particular application.

NOTE: If more than one application is assigned to a specific class, the guaranteed and maximum settings apply to the cumulative traffic of all applications belonging to the class, not necessarily distributed evenly among them. Entering a maximum value of less than 100% has the effect of rate limiting traffic to maintain less than the maximum.


Where to Go NextAfter applying Peribit QoS policies to the Sequence Reducer, proceed to the next chapter, Chapter 6, “Viewing Results”.


Chapter 6 Viewing Results

This chapter describes how to view the reduction, bandwidth, and traffic statistics of a Peribit Sequence Reducer device. It covers the following topics:

� “Reduction Statistics” in the next section.

� “Outbound Bandwidth Statistics” on page 99.

� “Inbound Bandwidth Statistics” on page 101.

� “Traffic Statistics” on page 102.

Reduction StatisticsThis section describes the reduction statistics in the Monitor pages of the SRS Web console. There are four types of reduction statistics:

� “Throughput Statistics” in the next section.

� “Data Reduction Statistics” on page 93.

� “Application Detail Statistics” on page 96.

� “Application Summary Statistics” on page 97.

� “Traffic Characterization Statistics” on page 98.

Throughput StatisticsThe Throughput statistics page includes a Throughput line graph, and a Burst Throughput line graph. These statistics help you gauge the speed of traffic that is entering and exiting the Sequence Reducer.

To view the Throughput statistics, follow these steps:

1. Click Monitor in the menu frame, and then click Reduction in the left-hand navigation frame.

2. In the Statistic drop-down menu, choose Throughput.

3. Choose the time period for the report, and click Submit.

The Throughput page opens.

Chapter 6 Viewing Results � 91

Reduction Statistics

Figure 6-1 Throughput Graph

Note the following about the Throughput graph:

� The Data In line (grey line) shows the throughput of data into the Sequence Reducer’s Reduction engine.

� The Data Out line (yellow line) shows the throughput of data out of the Sequence Reducer’s Reduction Engine.

� The Data In + Passthrough line (blue line) shows the throughput of data into the Sequence Reducer’s Reduction engine, plus data that passes through the Sequence Reducer without reduction. If you have filter settings that affect data reduction (e.g., application filters that do not reduce data for certain applications), this line indicates the average throughput of unreduced data.

Figure 6-2 Burst Throughput Graph

Note the following about the Burst Throughput graph:

� The Data In line (grey line) shows the burst throughput of data into the Sequence Reducer’s Reduction Engine.

� The Data In + Passthrough line (blue line) shows the burst throughput of data into the Sequence Reducer’s Reduction Engine plus the data that is passed through the Sequence Reducer without reduction. If you have filter settings that affect data reduction (e.g., appli-cation filters that do not reduce data for certain applications), this line indicates the combined average throughput of reduced and unreduced data.

NOTE: .To print the Throughput graphs, select Printer Friendly Format and click Submit. The Throughput page opens in a new browser window, from which you can use the browser’s Print function to print the page.



Data Reduction StatisticsThe Data Reduction page is composed of a Summary table, a Percentage Reduction graph, a Bytes graph, and a Packets graph. These statistics help you gauge the amount of data that traverses through the Peribit Sequence Reducer.

Data Reduction is the percentage of bytes that have undergone data reduction based on the following formula:

To view data reduction statistics, follow these steps:

1. Click Monitor in the menu frame, and then click Reduction in the left-hand navigation frame

2. In the Statistic pull-down menu, choose Data Reduction.

3. Choose the time period for the report, and click Submit.

The Data Reduction page opens.

Figure 6-3 Data Reduction Summary Table

Note the following about the Data Reduction Summary table:

� Peak Data Reduction is a percentage measurement of the highest amount of reduction in a five-second interval for the selected time period.

� Total Data Reduction is a percentage measurement of reduced data for the selected time period.

� Total Bytes Into Reduction Engine is the number of bytes that have been targeted for reduction for the selected time period.

� Total Bytes Out of Reduction Engine is the number of bytes out of the Sequence Reducer after data reduction for the selected time period.

� Total Bytes Passed Through is the number of bytes that have passed through the Sequence Reducer without being reduced in the selected time period.

% of Reduction =

Bytes In - Bytes OutBytes In

------------------------------------------------- x 100



Figure 6-4 Percentage Reduction Graph

Note the following about the Percentage Reduction graph:

� The x axis of the graph represents the time elapsed for the selected time period (e.g., hourly).

� The y axis of the graph represents the amount of reduction as a percentage of the total number of bytes in.

Figure 6-5 Data Reduction Bytes Graph

Note the following about the Bytes graph:

� The x axis of the Bytes graph represents the time elapsed.

� The y axis shows the total number of megabytes that have traversed through the Sequence Reducer.

� Pass Through bytes (if enabled) represents data that has passed through the Sequence Reducer without processing.

� Data Out bytes are output bytes of the reduction engine.

� Data Reduced represents the number of bytes reduced by the Sequence Reducer.



Figure 6-6 Data Reduction Packets Graph

Note the following about the Packets graph:

� The x axis of the Packets graph represents the time elapsed.

� The y axis shows the reduction in the number of packets sent as a percentage of packets in.

� Pass Through packets (if enabled) represents data that has passed through the Sequence Reducer without processing.

� Data Out packets are output packets of the reduction engine.

� Data Reduced represents the number of packets reduced by the Sequence Reducer.

NOTE: To print the Data Reduction statistics, select Printer Friendly Format and click Submit. The Data Reduction page opens in a new browser window, from which you can use the browser’s Print function to print the page.



Application Detail StatisticsThe Application Detail page shows the data percentage reduction achieved per application between two or more Sequence Reducers.

To view application detail statistics, follow these steps:


2. In the Statistic pull-down menu, choose Application Detail.

3. Choose the time period for the report, and then click Submit.

The Application Detail page opens.

Figure 6-7 Application Reduction Details

Note the following about the Application Detail page:

� The Application Name column lists the applications selected for monitoring by the Sequence Reducer.

� The Percent Traffic column shows the amount of traffic generated by the application relative to the total amount of traffic for the specific time period.

� The Percentage Reduction column shows an application’s reduction totals for the specific time period.

� The Bytes In and Bytes Out columns show the amount of data (in bytes) that an appli-cation is sending to and from the Sequence Reducer.



Application Summary StatisticsThe Application Summary page contains a Percent Traffic by Application pie chart, a Percent Data Reduction by Application bar chart, and a Data Reduction by Application graph. These statistics show the top 10 monitored applications in terms of input data volume.

To view application summary statistics, follow these steps:


2. In the Statistic pull-down menu, choose Application Summary.


The Application Summary page opens.

Figure 6-8 Percent Traffic By Application Pie Chart

The Percent Traffic by Application pie chart shows a percentage breakdown of traffic by monitored applications (up to a maximum of 10 applications). Moving the mouse cursor over the application displays the percentage of traffic.

Figure 6-9 Percent Data Reduction Graph

Note the following about the Percent Data Reduction graph:

� The X axis represents the percentage of reduction.

� The Y axis lists each application.



Figure 6-10 Data Reduction By Application Graph

Note the following about the Data Reduction By Application graph.

� The X axis represents the total amount of data per application, separated into the data reduced and data out portions.

� The Y axis lists each application.

NOTE: To print the Application Summary statistics, select Printer Friendly Format and click Submit. The Application Summary page opens in a new browser window, from which you can use the browser’s Print function to print the page.

Traffic Characterization StatisticsThe Traffic Characterization page shows a Summary table and a Bytes Reduced/Assembled graph. These statistics show the amount of data the Sequence Reducer processes and SENDS to other devices in the Peribit community, versus the amount of data it RECEIVES from the other Sequence Reducers in the Peribit community.

To view the traffic characterization statistics, follow these steps:


2. In the Statistic pull-down menu, choose Traffic Characterization.


The Traffic Characterization page opens.

Figure 6-11 Traffic Characterization Summary Table

The summary table shows the total number of bytes into the Reduction and Assembly engines, the total number of bytes out of the Reduction and Assembly engines, and shows a comparison of a Reduction/Assembly ratio.


Outbound Bandwidth Statistics

Figure 6-12 Traffic Characterization Bytes Reduced/Assembled Chart

Note the following about the Bytes Reduced/Assembled chart

� The x axis of the Bytes Reduced / Assembled graph represents the time.

� The y axis represents the total megabytes processed by the Sequence Reducer.

� Bytes Into Reduction represents the total megabytes processed by the Sequence Reducer Reduction Engine.

� Bytes Out of Assembly represents the total megabytes aggregated by the Sequence Reducer Assembly Engine.

NOTE: To print the Traffic Characterization statistics, select Printer Friendly Format and click Submit. The Traffic Characterization page opens in a new browser window, from which you can use the browsers Print function to print the page.

Outbound Bandwidth StatisticsIf you have enabled Bandwidth Management for the Sequence Reducer, the Outbound Bandwidth page enables you to view the effective throughput of data based upon the guaranteed and maximum levels you created for destinations and application classes.

To view the Outbound Bandwidth Statistics page, follow these steps:

1. Click Monitor in the menu frame, and then click Outbound Bandwidth in the left-hand navigation frame.

2. Choose a destination from the Destination drop-down menu, and then choose a class from the Classes drop-down menu.



Outbound Bandwidth Statistics

The Outbound Bandwidth page opens (Figure 6-13).

Figure 6-13 Outbound Bandwidth Statistics

� The first graph shows two horizontal lines representing the guaranteed and maximum levels for the selected class. Note the following about this graph.

– The Data In line (grey line) represents all data that was classified by bandwidth management.

– The Data Out line (yellow line) represents the amount of data that was sent across the WAN after being processed by the Sequence Reducer.

– The Data Dropped line (red line) represents the amount of data that was dropped by the Sequence Reducer due to the bandwidth utilization restrictions (maximum level) applied to the destination or application class.

– Use the Zoom Scroller to proportionately zoom-in on the graph.

� The Dropped Bytes and Dropped packets bar charts provide details on the number of bytes/packets that were dropped by the Sequence Reducer due to the bandwidth utilization restrictions (maximum level) applied to the destination or application class.

Zoom Scroller


Inbound Bandwidth Statistics

Inbound Bandwidth StatisticsIf you have enabled Inbound Bandwidth Management for the Sequence Reducer (using the CLI), the Inbound bandwidth page enables you to view the effective throughput of data based upon the maximum levels you created for the four classes (i.e., Reduced, Intranet, TCP, and Default).

To view the Inbound Bandwidth Statistics page, follow these steps:

1. Click Monitor in the menu frame, and then click Inbound Bandwidth in the left-hand navigation frame.

2. Choose a class from the Classes drop-down menu.


The Inbound bandwidth page opens (Figure 6-13).

Figure 6-14 Inbound Bandwidth Utilization Statistics

� The first graph shows a horizontal line representing the maximum level for the selected class. Note the following about this graph.

– The Data In line (grey line) represents all data that was classified by bandwidth management.

Zoom Scroller


Traffic Statistics

– The Data Out line (yellow line) represents the amount of data that was sent to the LAN after being processed by the Sequence Reducer.

– The Data Dropped line (red line) represents the amount of data that was dropped by the Sequence Reducer due to the bandwidth utilization restrictions (maximum level) applied to the inbound bandwidth class.

– Use the Zoom Scroller to proportionately zoom-in on the graph.

� The Dropped Bytes and Dropped packets bar charts provide details on the number of bytes/packets that were dropped by the Sequence Reducer due to the bandwidth utilization restrictions (maximum level) applied to the inbound bandwidth class.

Traffic StatisticsThis section describes the traffic statistics in the Monitor pages of the SRS Web console. There are three types of traffic statistics:

� “Viewing Top Traffic” in the next section.

� “Traffic by Port” on page 106.

� “Viewing Pass-Through Traffic” on page 104.

Viewing Top TrafficThe Top Traffic data collection tool enables you to view the most active hosts/networks and their data communication levels across the WAN. When you start a collection session, the Sequence Reducer listens and stores host, port, protocol, byte count, and packet count infor-mation on a per flow basis.

NOTE: A flow constitutes data sent and/or received from a single source IP address and port number, to a single destination IP address and port number using the same protocol (TCP or UDP).

You can collect top traffic statistics on an hourly basis (up to 24 hours), or by manually clicking Start and Stop. During the collection, the Top Traffic utility maintains the 65,000 most active flows. The SRS Web console displays the top 50 flows, but the complete list can be exported to a file in CSV format.

You can filter Top Traffic statistics to specific network segments by entering a subnet mask. In addition, you can enable or disable the collection of Source and/or Destination port numbers for a broader view of top traffic. If the Source or Destination port number is 1024 or below, the Sequence Reducer automatically resolves the port number with the IANA description. However, you can change this behavior so that the Sequence Reducer attempts to resolve all registered IANA port numbers.

To view the Top Traffic page, follow these steps:

1. Click Monitor in the menu frame, click Traffic in the left-hand navigation frame, and then click Top Traffic.


Traffic Statistics

The Top Traffic page opens (Figure 6-15).

Figure 6-15 Top Traffic Statistics

2. To specify a data collection period, enter a value in the Data collection period field (1-24). You can also stop the data collection at any time by clicking Stop.

3. To filter data collection by subnet, enter a subnet mask in the Subnet mask field. If you do not enter a subnet mask, data is collected by IP address.

4. By default, the Top Traffic utility collects Source and Destination port numbers, which generates a new flow for each unique Source IP address and port number and Destination IP address and port number. For a broader view of the most active hosts, you can disable the collection of Source and/or Destination port numbers.

5. Click Start to start the data collection process.

6. When the specified data collection period has ended, or if you click Stop during the data collection process, the results are shown in the Top Traffic page.

7. The Top Traffic report attempts to resolve an application’s port number from an IANA description file embedded in system. By default, the Sequence Reducer will resolve “well-known” port numbers (up to 1024). However, you can change this behavior so that the Sequence Reducer attempts to resolve all registered IANA port numbers. To do so, select Show names for all registered ports and click Show. Note that this is a view-time option and is not resolved during data collection.


Traffic Statistics

8. For a detailed view of top sending addresses or ports, or top receiving address or ports, you can sort/filter the results by choosing an option from the drop-down menu and clicking Show.

Figure 6-16 Sorting Results by Top Sending Addresses

After viewing the Top Traffic results, you can click Clear to clear the file from the Sequence Reducer’s memory and regain system resources, or click Export to export the file to CSV format.

Viewing Pass-Through TrafficThe Pass-Through Traffic page allows you to view the top 50 destination subnets for which data has passed through the Sequence Reducer without reduction because there is not an identified remote Sequence Reducer to assemble the data. These statistics enable you to analyze pass-through data, which can help you improve data reduction by refining filters on the Sequence Reducer or changing reduction tunnel routing behavior.

To view Pass-through traffic, follow these steps:

1. Click Monitor in the menu frame, click Traffic in the left-hand navigation frame, and then click Pass-through Traffic.


Traffic Statistics

The Pass-through page opens (Figure 6-17).

Figure 6-17 Viewing Pass-Through Traffic

2. Enter the subnet mask for which you want to view traffic. Next, enter a data collection period (in hours). The maximum number of hours is 24.

3. Click Start. The Traffic by subnet engine will collect the data for the time period specified in the Data collection period field. You can close the browser window or choose another item in the Web console’s left-hand navigation or menu frame. After the data collection period is complete, the Traffic by subnet page shows the network address and the respective bytes and packets into the Sequence Reducer.

To view the traffic by subnet information before the data collection time period is complete, click Stop. The results and the time period for data collection are displayed.

After reviewing the pass-through traffic, click Clear to clear the Traffic by subnet information.


Where to Go Next

Traffic by PortThe Traffic by port page allows you to view the top 50 ports for which data has been reduced by the Sequence Reducer but is not classified as a defined application. These statistics enable you to analyze reduced data from the Sequence Reducer that is not affiliated with a defined application, and can help you refine application filters or application QoS policies.

To view reduced traffic by application port, follow these steps:

1. Click Monitor in the menu frame, click Traffic in the left-hand navigation frame, and then click Traffic by Port.

The Traffic by port page opens (Figure 6-18).

Figure 6-18 Viewing Reduced Traffic by Port Data

If the Source or Destination port number is 1024 or below, the Sequence Reducer automatically resolves the port number with the IANA description.

NOTE: A CLI command enables the Sequence Reducer to resolve all port numbers registered with IANA. For more information, refer to “Configure Monitored Applications Command” on page 142. You can also enable this setting in the Top Traffic report.

2. After reviewing the reduced traffic by port, choose another item in the Web console’s left-hand navigation or menu frame.

Where to Go NextAfter reviewing this chapter, refer to Chapter 7, “Maintaining and Managing the Sequence Reducer” for information on maintaining and managing the Sequence Reducer.


Chapter 7 Maintaining and Managing the Sequence Reducer

This chapter describes how to maintain the Peribit Sequence Reducer through the Web console.

� “Maintaining the Sequence Reducer through the Web Console” in the next section.

� “Managing the Sequence Reducer through the Web Console” on page 115.

Maintaining the Sequence Reducer through the Web ConsoleThis section describes how to maintain the Sequence Reducer through the Web console, and covers the following topics:

� “Saving the Device Configuration” in the next section.

� “Displaying the Running Configuration” on page 109.

� “Loading a Device Configuration File” on page 109.

� “Loading a Boot Image” on page 110.

� “Clearing Application Monitoring Statistics” on page 111.

� “Setting the Device to the Factory Default Configuration” on page 112.

� “Rebooting the Sequence Reducer” on page 113.

Saving the Device ConfigurationAfter you set configuration parameters for the Sequence Reducer, you should save the config-uration file to preserve the settings for the device. You can save the configuration file in the Sequence Reducer’s Flash memory, or to another location such as an FTP or TFTP server. Should the Sequence Reducer experience a problem where you must restore the factory default settings, loading a saved configuration file will restore the device to its original settings for your network.

NOTE: A Sequence Reducer’s configuration file contains unique and specific information for the device, such as IP network settings. Therefore, you can not load the configuration file from one Sequence Reducer onto another Sequence Reducer.

To save the configuration of a Peribit Sequence Reducer, follow these steps:

1. Click Maintenance in the menu frame, and then click Save configuration in the left-hand navigation frame.

Chapter 7 Maintaining and Managing the Sequence Reducer � 107

Maintaining the Sequence Reducer through the Web Console

The Save configuration page opens (Figure 7-1).

Figure 7-1 Saving a Sequence Reducer’s Configuration

2. In the Save configuration page, perform one of the following:

– Save the current configuration to the Sequence Reducer’s Flash memory. You can select the default configuration file name (“startup.cfg”), or enter a file name of your choice. The file name must not exceed eight characters, and can not include the file extension (e.g., “mystart1”). Click Save to continue.

NOTE: If you reboot the Sequence Reducer, the system uses “startup.cfg” as the configuration file. Therefore, you should use this file name for the configuration file you intend to use regularly.

– Save the current configuration to the disk of a local machine in your network. Select this option, and then click Save. Choose to save the file to disk.

– Save the current configuration to a TFTP server in your network. Select this option, and then enter the IP address of a TFTP server. Next, enter the path and file name(e.g., /peribit/config_save.cfg). Click Save to continue.

– Save the current configuration to an FTP server in your network. Select this option, and then enter the IP address of an FTP server. Next, enter the path and file name(e.g., /peribit/config_save.cfg). If the FTP server does not accept anonymous user access, enter a user name and password with read/write privileges to the server. Click Save to continue.

3. After saving the Sequence Reducer’s configuration, you can reboot the device and reload the configuration settings if necessary.



Displaying the Running ConfigurationYou can view the running configuration of the Sequence Reducer through the Web console. The Display configuration page displays all of the configuration parameters and specific device information for the Sequence Reducer.

To view the running configuration, follow these steps:

1. Click Maintenance in the menu frame, and then click Display configuration in the left-hand navigation frame.

The Display configuration page opens (Figure 7-2).

Figure 7-2 Displaying the Parameters of the Running Configuration

2. After reviewing the parameters of the running configuration, choose another item in the Web console’s left-hand navigation or menu frame.

Loading a Device Configuration FileLoading a device configuration file enables you to maintain optimal performance for the Sequence Reducer without having to re-administer configuration information.


To load a configuration file, follow these steps:

1. Click Maintenance in the menu frame, and then click Load configuration in the left-hand navigation frame.



The Load configuration page opens (Figure 7-3).

Figure 7-3 Loading a Configuration File

NOTE: Verify that the configuration file contains the correct configuration for the Sequence Reducer. Loading an improper configuration file can have adverse effects on the Sequence Reducer and the Peribit community.

2. Select the source for the configuration file (including location and file name), and then click Load.

3. If the new configuration file changes the Sequence Reducer’s IP address, you must reboot the device to activate the new configuration settings. Refer to “Rebooting the Sequence Reducer” on page 113 for more information.

Loading a Boot ImageTo accommodate system software upgrades, the Web console enables you to load a new boot image of the SRS operating system. Loading a new boot image of the system software does not erase configuration parameters (e.g., IP network settings, Local Route information) stored in the “startup.cfg” file. All configuration information is preserved.

To load a boot image from the web console, follow these steps:

1. Click Maintenance in the menu frame, and then click Load boot image in the left-hand navigation frame.



The Load boot image page opens (Figure 7-4).

Figure 7-4 Loading a Boot Image to the Sequence Reducer

2. Select the appropriate source for the software image (including location and file name), and then click Load.

NOTE: If you are downgrading the boot image to a version lower than SRS 3.1, verify that Allow image downgrade is selected.

3. You must reboot the device to activate the new system software. Refer to “Rebooting the Sequence Reducer” on page 113 for more information.

Clearing Application Monitoring StatisticsYou can remove the Application Monitoring statistics on the Sequence Reducer through the Web console.

To clear the Application Monitoring statistics, follow these steps:

1. Click Maintenance in the menu frame, and then click Clear monitor stats in the left-hand navigation frame.



The Clear monitor stats page opens (Figure 7-5).

Figure 7-5 Clear Application Monitoring Statistics

2. To clear the Application Monitoring Statistics, click Clear.

Setting the Device to the Factory Default ConfigurationYou can erase all device configuration information, including reduction statistics and network address information, by restoring the factory default configuration.

NOTE: Setting the Sequence Reducer to its factory default configuration removes all data, configuration information, and log files. It also disrupts Peribit Reduction Tunnels associated with this device. Before you set the device to the factory default configuration, it is strongly recommended that you back up your configuration file to another location. Refer to “Saving the Device Configuration” on page 107 for more information. In addition, you will need to reboot this Sequence Reducer after setting it to its factory default configuration, therefore you must have physical access to the device.

To set the device to the factory default configuration, follow these steps:

1. Click Maintenance in the menu frame, and then click Set to factory default in the left-hand navigation frame.



The Set to factory default page opens (Figure 7-6).

Figure 7-6 Restoring the Factory Default Configuration Settings

2. Before you set the device to its factory default configuration, verify that other Sequence Reducers within the Peribit Community are not affected while this device is offline. You need to reboot this Sequence Reducer after setting it to its factory default configuration, therefore you must have physical access to the device.

3. To set the factory default configuration for this Sequence Reducer, click Set to Default.

4. Viewing the Sequence Reducer’s front panel, wait until the LCD screen reads:

“Factory Default. Power System Off”

5. Unplug the power cable from the back of the Sequence Reducer and then plug the cable back in.

Rebooting the Sequence ReducerIf you load a new boot image of the system software to the Sequence Reducer, you must reboot the device. After rebooting the device, the Sequence Reducer will use the configuration infor-mation within the “startup.cfg” file, and the current boot image loaded into the system.

In addition, you can reboot a Sequence Reducer in Safe Mode operation. Safe Mode operation keeps the Sequence Reducer powered on, but all traffic is passed through without reduction.

To reboot the Sequence Reducer, follow these steps:

1. Click Maintenance in the menu frame, and then click Reboot in the left-hand navigation frame.



The Reboot page opens (Figure 7-7).

Figure 7-7 Rebooting the Sequence Reducer

2. On the Reboot page, do one of the following:

– To perform a standard reboot of the Sequence Reducer, click Reboot.

– To reboot the Sequence Reducer in Safe Mode, click Safe Mode.

– Safe Mode operation keeps the Sequence Reducer powered on, but all traffic is passed through without reduction.


Managing the Sequence Reducer through the Web Console

Managing the Sequence Reducer through the Web ConsoleThis section describes how to use the Peribit Sequence Reducer’s tools through the Web console, and covers the following topics:

� “Pinging a Network Device” in the next section.

� “Running a Traceroute to a Network Device” on page 116.

� “Viewing and Saving a System Log File” on page 117.

� “Viewing the Access Control Log File” on page 118.

� “Exporting Performance Data” on page 118.

� “Creating a Diagnostic File” on page 119.

Pinging a Network DeviceYou can use the Ping utility of the Web console to verify connections to other Peribit Sequence Reducers, or other network devices.

To use the Ping utility, follow these steps:

1. Click Tools in the menu frame, and then click Ping in the left-hand navigation frame.

The Ping page opens (Figure 7-8).

Figure 7-8 Using the Ping Utility in the SRS Web Console

2. In the destination field, enter a qualified IP address of a Peribit Sequence Reducer or other network device.

3. Enter the size of the data transmission you want to send to the device, and the number of times you want to contact the device (optional).

4. Click Submit to Ping the device. The results are shown in the Web console.



Running a Traceroute to a Network DeviceYou can use the traceroute utility of the Web console to determine the number of router hops and the route taken from the Sequence Reducer to another network device. This tool can help you determine the point in your network that may be causing a connection failure.

To use the traceroute utility, follow these steps:

1. Click Tools in the menu frame, and then click Traceroute in the left-hand navigation frame.

The Traceroute page opens (Figure 7-9).

Figure 7-9 Using Traceroute to Determine the Network Path to a Device

2. Enter the IP address of the destination device, and the maximum number of router hops to search for that device.

3. Click Submit. The results of the traceroute, including the IP address of each device within the path are displayed.



Viewing and Saving a System Log FileThe Sequence Reducer system log files can be displayed in the Web console. You can also download these log files to a local machine for reviewing in a third-party application.

NOTE: If your network uses a dedicated Syslog server, you can configure the Sequence Reducer to send messages to the Syslog server. Refer to “Enabling Syslog Reporting” on page 44 for more information.

To view and download system and access control log files, follow these steps:

1. Click Tools in the menu frame.

2. To display the system log in the web console, click Display system log in the left-hand navigation frame.

The current system log is displayed in the Web console.

3. To download a system log file for a specific time period, click Save system log in the left-hand navigation frame.

The Save system log page opens (Figure 7-10).

Figure 7-10 Saving the System Log file for the Running Configuration

Each system log file is limited to 1 MB in size. If a log file exceeds the 1 MB limit, the file is archived into first entry time files. For example pnlog contains the most recent system log file data, and pnlog5 contains the oldest data. When six system log files exist, the oldest system log file is deleted and the other files are renamed accordingly.

4. Click the file name next to the first entry time for the log file you want to download. Choose to save the file to disk, and then in the Save As dialog box, navigate to a directory to save the log file.

5. Click OK to save the System log file.



Viewing the Access Control Log FileThe Access Control log file contains information about user access to the Sequence Reducer. This log file records the IP address of the workstation used to access the Sequence Reducer, as well as the time and day of the activity.

To view and download an access control log file, follow these steps:

1. Click Tools in the menu frame.

2. To display the access control log in the web console, click Display access control log in the left-hand navigation frame.

The access control log is displayed in the Web console.

Exporting Performance DataYou can export performance data of a Sequence Reducer for a selected time period. This performance data, similar to the data displayed in the Monitor page of the SRS Web console, is saved in comma-separated variable (CSV) format. The CSV file can then be imported into a spreadsheet program (e.g., Microsoft Excel) or other data evaluation program.

To export data to CSV format, follow these steps:

1. Click Tools in the menu frame, and then click Export data in the left-hand navigation frame.

The Export data page opens (Figure 7-11).

Figure 7-11 Exporting Performance Data to CSV Format

2. In the Export Data page, select a time period for the performance data.

If you select All, the CSV file includes Reduced Data by Application Port, Pass-through Data by Subnet, and Bandwidth statistics.

NOTE: Refer to Appendix D, “Understanding Exported Data Results” for a description of each column and table in the CSV data file.

3. In the Save As dialog box, navigate to a directory to save the CSV file.



Creating a Diagnostic FileIf you experience problems with your Sequence Reducer, you can generate a diagnostic file to send to Peribit’s support team. The diagnostic file contains current configuration, filter settings, system information, and most recent log files for the Sequence Reducer. By completing the form on the Diagnostic file page, contact information will be included with the diagnostic file. After generating the diagnostic file and saving it to a local disk, you can email it to [email protected].

To create a diagnostic file and send it to Peribit support, follow these steps:

1. Click Tools in the menu frame, and then click Diagnostic file in the left-hand navigation frame.

The Diagnostic file page opens (Figure 7-12).

Figure 7-12 Creating a Diagnostic file for Peribit Support

2. Complete the form so that contact information is included with the diagnostic file.

3. Click Submit to generate the diagnostic file.

4. In the Save as dialog box, choose to save the file to a local machine that has network and email access.

Email the diagnostic file as an attachment to [email protected]. A Peribit support represen-tative will review your diagnostic file and will contact you.


Where to Go Next

Where to Go NextAfter reviewing this maintenance and management chapter, continue to the next section Chapter 8, “Using the Sequence Reducer’s CLI”. Also, you should review the Appendix sections of this Operator’s Guide.


Chapter 8 Using the Sequence Reducer’s CLI

This chapter describes how to set up and configure the Sequence Reducer from the CLI. It covers the following topics:

� “Accessing the Sequence Reducer’s CLI” in the next section.

� “Logging In to the Sequence Reducer from the CLI” on page 122.

� “CLI Basics” on page 123.

� “CLI Show Commands” on page 123.

� “Top-Level CLI Commands” on page 125.

� “CLI Configure Commands” on page 131.

� “Other CLI Commands” on page 159.

Accessing the Sequence Reducer’s CLIThe Sequence Reducer’s CLI allows you to configure the device for optimal performance. There are two methods for accessing the CLI:

� Using a Secure Shell Program from a Remote Workstation

� Using a Terminal Connected to the Serial Port

Using a Secure Shell Program from a Remote WorkstationSecure Shell (SSH) is an application program that provides authentication and encryption capabilities for secure Internet communications. You can download SSH client software from the following site:

http://www.openssh.com

Because there are many different types of SSH applications available, it is recommended that you read the instructions for your specific SSH application.

Using a Terminal Connected to the Serial PortThe Sequence Reducer has a serial port through which you can connect a terminal device to the unit. You can then use a terminal emulation program (e.g., TeraTerm, HyperTerminal) to log into the Sequence Reducer’s CLI and enter configuration commands.

To connect the Sequence Reducer to a terminal, attach a serial cable from the back of the Sequence Reducer’s serial port to the serial port of the terminal station (as shown in Figure 8-1).

Chapter 8 Using the Sequence Reducer’s CLI � 121

Logging In to the Sequence Reducer from the CLI

Figure 8-1 Connecting a Terminal to the Sequence Reducer’s Serial Port

The Sequence Reducer’s serial port is of type RS-232 (AT-compatible) with a male, DB-9 connector. You should use a female/female DB-9 crossover cable (e.g., null-modem cable). The SR-20 Sequence Reducer ships with a crossover cable.

On the terminal, verify the following serial port settings:

� Baud rate: 9600 bps

� Data bits: 8

� Parity: none

� Stop bits: 1

� Flow control: none

� Smooth-scroll: disabled

Logging In to the Sequence Reducer from the CLIUse the following user name and password to log into the CLI for the first time:

� User name = admin

� Password = peribit

To change the default password, refer to “Configure Security Command” on page 153.


CLI Basics

CLI BasicsNote the following about the Sequence Reducer’s CLI:

� CLI commands are lower-case sensitive.

� The “running” configuration is the configuration under which the Peribit box is currently functioning. The “candidate” configuration is a staged configuration and may be different from the “running” configuration. It only takes effect if you type “commit” in the CLI.

� After logging in to the Sequence Reducer’s CLI, you can display a menu of commands by typing “?” at the CLI command prompt.

� To view the all of the settings for the running configuration, type the following:

show -run all

� To view a specific configuration setting, type the following:

show -run <configuration setting>

For example:

show -run ip

Typing show <configuration setting>, without the “-run” shows the configu-ration setting for the candidate configuration.

CLI Show Commands

Table H-1 CLI Show Commands

Show Description

access-log Show management access log

all Show all system configuration information

application Show application definition

arp Display ARP entries

bandwidth Show bandwidth parameters

clock Display time related parameters

connection Show list of current reducer connections

console Show console (serial) port parameters

contact Show contact information for this system

filter Display the filter

import-route-table Display import route table information

interface Show network interface parameters

ip Display the IP parameters

license Show license information

location Show location description for this system


CLI Show Commands

log Display system log

mon-apps Show list of monitored applications

multi-node Show multi-node parameters

multi-node-status Show the status of multi-node configuration (master node only)

ospf Display OSPF parameters

packet-capture Show packet capture parameters

qos Show QoS parameters

reduction Show reduction status

reduction-subnet Show reduction subnet status

reg-detail Show detailed information about the registration database

reg-server Display registration server parameters

reg-summary Show summary information about the registration database

remote-routes Show remote route information

rip Display RIP parameters

route Display routing table

route-poll Display routing poll table

security Display security related parameters

snmp Display SNMP related parameters

sntp Display SNTP related parameters

syslog Show Syslog parameters

system Show general system information

system-name Display the system’s name

top-talker Show top-talker parameters

uptime Show system uptime

version Show version information

Table H-1 CLI Show Commands (Continued)

Show Description


Top-Level CLI Commands

Top-Level CLI CommandsThis section describes the top-level CLI commands for the Sequence Reducer and covers the following topics:

� “Commit Command” in the next section.

� “Import Route Table Command” on page 126.

� “Load Config Command” on page 126.

� “Packet Capture Command” on page 127.

� “Reboot Command” on page 128.

� “Rollback Command” on page 128.

� “Save Config Command” on page 129.

� “Set Command” on page 129.

� “Shutdown Command” on page 129.

� “Source Command” on page 130.

� “Support Command” on page 130.

� “Upgrade Command” on page 130.

Commit CommandThe Commit command enables you to switch the “candidate” configuration to the “running” configuration. The candidate configuration is a staged configuration and may be different from the “running” configuration. It only takes effect if you type “commit” in the CLI. The running configuration is the configuration under which the Peribit box is currently functioning.

To commit the candidate configuration as the running configuration, type:

commit



Import Route Table CommandIf the router that is connected to the REMOTE port of the Sequence Reducer is a Cisco router, you can import the router’s Routing Table into the Sequence Reducer. This feature populates the Sequence Reducer’s Local routes table with the routes from the routes table file from the Cisco router.

For example, if you log in to a Cisco router and type “show ip route”, a list of routes is displayed. These routes can be imported into the Sequence Reducer’s Local Routes table.

Note that the routing table must be from a router within the Sequence Reducer’s local subnet, and it is preferable that you use the routing table from the router that is connected to the Sequence Reducer’s REMOTE port. Before you import the Routing Table into the Sequence Reducer, you must export the Routing Table file from your Cisco router and save it to an FTP or TFTP server.

The Sequence Reducer will recognize the following routes from the Cisco router:

S - Static routes, O - OSPF derived, C - Connected routes, I - IGRP derived, D - EIGRP routes, E - EGP derived, I - IS-IS derived, R - RIP derived

NOTE: The Sequence Reducer will not import BGP routes.

1. To import a Cisco router’s Routing Table from an FTP or TFTP server to the Sequence Reducer, type:

import-route-table route-file ftp://<ip address>[:<user>:<pass>]/<path & file name> <IP address of the Cisco router>

or:

import-route-table route-file tftp://<ip address>/<path & file name> <IP address of the Cisco router>

The routing table is stored in the Sequence Reducer’s Flash memory and is applied to the “candidate” configuration.

2. To delete the last imported route table file, type:

import-route-table delete

3. To commit the candidate configuration as the running configuration, type:

commit

Load Config CommandLoading a device configuration file enables you to maintain optimal performance for the Sequence Reducer without having to re-administer configuration information.


1. To load a device configuration file, type:

load-config <filename>

Where <filename> is the name of the configuration file (up to 8 characters in length) without the “.cfg” extension.

2. Type “y” to confirm loading the configuration file.



Packet Capture CommandThe Packet Capture feature enables you to perform a raw data capture from the Sequence Reducer’s LOCAL or REMOTE interfaces (or both). The packet capture information can be used for more detailed troubleshooting. After capturing the data, you can export the file for parsing. The data can then be viewed via a protocol analyzer program or hardware. The packet capture’s file format is either “libpcap” or “snoop”.

NOTE: Packet captures are logged in the Access Log file.

1. To start the Packet Capture, type:

packet-capture start interface <local:remote:both> size <non-zero value greater than 4096>

Where <local:remote:both> is the interface setting for collecting data and <size> is a value greater than 4096 and is the size of the trace in bytes.

2. You can also configure optional parameters for the packet capture, for example:

packet-capture start interface both size 10000 packets <number:capture all> format <libpcap:snoop> snaplen <max size> savetime <time>

Where:

packets <number> is the maximum number of packets to capture. The default is “capture all”.

format <libpcap:snoop> is the file format. The default is “libpcap”.

snaplen <max size> is a number from 0-65535 and is the maximum captured length of each packet. The default is 1514. Note that 0 equals “capture entire packet.”

savetime <time> is the time in seconds the trace will be available in memory after it is completed. The default is “3600”.

3. To stop a packet capture, type:

packet-capture stop

4. To copy a packet capture to an FTP or TFTP server, type:

packet-capture copy ftp://<ip address>[:<user>:<pass>]/<path & file name>

or:

packet-capture copy tftp://<ip address>/<path & file name> <IP address of the Cisco router>

5. You can also configure optional parameters for the packet capture copy, for example:

packet-capture copy ftp://192.168.55.182[:user:password]/directory/file01 startpkt <number> numpkts <number>

Where:

startpkt <number> is the starting packet number. The default is “0”.

numpkts <number> is the number of packets to copy in addition to the start packet. The default is “0” for “all packets”.

6. To delete packet capture data, type:

packet-capture delete



Reboot CommandIf you load a new boot image of the system software to the Sequence Reducer, you must reboot the device. After rebooting the device, the Sequence Reducer will use the configuration infor-mation within the “startup.cfg” file, and the current boot image loaded into the system. Alter-natively, you can reboot the Sequence Reducer in Safe Mode. Safe Mode operation keeps the Sequence Reducer powered on, but all traffic is passed through without reduction.

1. To immediately reboot the system, type:

reboot

2. To reboot the system in Safe mode, type:

reboot -safe-mode

3. Type “y” to confirm that you want to reboot.

Rollback CommandThe Rollback feature enables you to use a previous version of the SRS operating system on the Sequence Reducer (i.e., SRS 2.1). To rollback to a previous version of SRS, you must have the “.bin” file installed on an FTP or TFTP server in your network.

Before you rollback to a previous version of SRS software, note the following:

� SR-20 Sequence Reducers only support SRS 3.0 or greater.

� SRS 3.1 introduces new features and some changes to functionality. If you rollback to a version of SRS before 3.1, you will lose the statistics and functionality available in 3.1.

� It is strongly recommended that you save the Sequence Reducer configuration file before you use the rollback command.

1. To rollback to a previous version of SRS, type:

rollback ftp://<ip address>[:<user>:<pass>]/<path and name of the SRS file>

or:

rollback tftp://<ip address>/<path and name of the SRS file>

2. Type “y” to confirm that you want to rollback.



Save Config CommandAfter you set configuration parameters for the Sequence Reducer, you should save the config-uration file to preserve the settings for the device. When you save the configuration file through the CLI, it is stored in the Sequence Reducer’s Flash memory. You can also save the configuration file to an external source (such as an FTP or TFTP server) through the Web Console. For more information on saving the configuration file through the Web console, refer to “Saving the Device Configuration” on page 107.


1. To save the configuration file with the default name, type:

save-config


2. To save the configuration file with another name, type:


A maximum of 8 characters may be used. Do not include the file name extension(e.g., “.txt)

3. Type “y” to confirm saving the configuration file.

Set CommandTo help you manage the Sequence Reducers in your Peribit community, you can set device information, such as a name and administrator contact information.

1. To set a device name, type:

set system-name <device name>

2. To set an administrator contact name, type:

set contact <contact name, phone, etc.>

3. To set a location for the device, type:

set location <location>

Shutdown CommandIf you need to power off the Sequence Reducer and stop operation, you can use the Shutdown command before removing the power cord.

1. To use the Shutdown command, type:

shutdown

2. Type “y” to confirm the shutdown.



Source CommandThe Source command enables you to execute commands from a configuration file that you create as though they were typed interactively.

To use the source command, type:

source -echo <config file path/name without “.cfg” extension>

Support CommandYou can create a diagnostic file containing the current configuration, system information, filter settings, and all logs for the Sequence Reducer. You can then email this file to Peribit Support to assist in the diagnosis of problems.

1. To create a diagnostic file and copy it to an FTP or TFTP server, type:

support export <label> ftp://<ip address:username:password>/<path & file name>

or:

support export <label> tftp://<ip address>/<path & file name>

2. Press Enter.

3. Type a description for the file and press Enter.

4. Type “.” on a line by itself and press Enter.

5. When the Peribit command prompt returns, the file was successfully created and sent to the TFTP or FTP server. You can now make a copy of the file and send it to [email protected].

Upgrade CommandTo accommodate system software upgrades, the CLI enables you to easily load a new boot image of the Sequence Reducer (SRS) operating system from a TFTP or FTP server.

NOTE: Upgrading system software does not erase configuration information stored in the “startup.cfg” file. Configuration information is preserved.

1. To upgrade system software from an FTP or TFTP server, type:

upgrade ftp://<ip address:username:password/path and file name

or:

upgrade tftp://<ip address>/path and file name

2. Type “y” to confirm upgrading the system software.


CLI Configure Commands

CLI Configure Commands� “Configure Application Command” in the next section.

� “Configure ARP Command” on page 132.

� “Configure Bandwidth Command” on page 133.

� “Configure Clock Command” on page 138.

� “Configure Console Command” on page 138.

� “Configure Filter Command” on page 139.

� “Configure Interface Command” on page 140.

� “Configure IP Command” on page 141.

� “Configure License Command” on page 142.

� “Configure Monitored Applications Command” on page 142.

� “Configure Multi-Node Command (SR-50 & SR-55 Only)” on page 143.

� “Configure OSPF Command” on page 143.

� “Configure QoS Command” on page 143.

� “Configure Reduction Command” on page 145.

� “Configure Reduction Subnets Command” on page 149.

� “Configure Registration Server Command” on page 150.

� “Configure Remote Routes Command” on page 151.

� “Configure RIP Command” on page 151.

� “Configure Route Command” on page 152.

� “Configure Route Poll Command” on page 153.

� “Configure Security Command” on page 153.

� “Configure SNMP Command” on page 155.

� “Configure SNTP Command” on page 156.

� “Configure Syslog Command” on page 157.

� “Configure Top Talker Command” on page 158.



Configure Application CommandUsing the Application command, you can display a list of the default and custom applications for the Sequence Reducer. You can also add applications to or remove applications from this list. When you define a new application, you can assign a port number (or list of port numbers) for the application, or assign a source and destination IP address(es).

1. Type the following command to enter the configure application mode:

config application

2. To add an application based on source and destination information, type:

add-addr-pair <application name> <from address>-<to address>

You can add an entire subnet by including the subnet mask, for example:

add-addr-pair app1 10.10.45.0/255.255.255-10.10.20.0/255.255.255

Up to five source and destination IP address pairs can be defined for an application. You can also use an asterisk (*) as a wild-card (e.g., *-10.10.45.200).

3. To add an application based on port number, type:

add-port <application name> <port list without spaces>

NOTE: The port number list is a comma-separated list without spaces (e.g., 135,1450), or a range of port numbers separated by a hyphen (e.g., 67-68).

4. To remove an application from the list, type:

remove <application name>

Configure ARP CommandThe ARP command enables the Sequence Reducer to communicate with devices that do not respond to Address Resolution Protocol (ARP) requests. Using the ARP command, you can configure static ARP entries that map the IP addresses of those devices to their MAC addresses.

1. To view a list of static and dynamic ARP entries, type:

show arp

2. Type the following command to enter the configure arp mode:

config arp

3. To add a new static ARP entry, type

add <IP address> <ethernet address> <local:remote>

Where <IP address> is the IP address, <ethernet address> is the MAC address, and <local:remote> is either the Sequence Reducer’s LOCAL or REMOTE interface.

4. To remove all dynamic ARP entries, type:

flush

5. To remove a static ARP entry, type:

remove <IP address>



Configure Bandwidth CommandPeribit Sequence Reducers can manage outbound data out of the Sequence Reducer’s Remote interface and inbound data into the Sequence Reducer’s Remote interface.

About Outbound Bandwidth Management

Peribit’s outbound bandwidth management feature enables you to allocate guaranteed and maximum levels of WAN bandwidth for data that is reduced by the Peribit Sequence Reducer, as well as for data that passes through the Sequence Reducer without reduction.

By setting guaranteed and maximum bandwidth usage levels, you ensure that Peribit reduction tunnels always have enough bandwidth for mission-critical reduction and assembly. You also ensure that low-priority traffic does not impede the available WAN bandwidth.

After you have enabled bandwidth management for the Sequence Reducer, you can use up to 14 standard application classes and define guaranteed and maximum limits for bandwidth usage and set a queue length value for packets. You can then assign applications to these classes so that data from these applications is constrained to the class limits you have assigned.

In addition to the 14 standard application classes, there is also a Low Latency class. The Low Latency class is a high-priority traffic class that takes precedence over all other application classes. If you have time-sensitive data across your WAN (e.g., VoIP, streaming video), you may want to use the Low Latency class for this traffic.


Review the bandwidth requirement settings for your time-sensitive application(s) (e.g., the H323 gatekeeper, VoIP equipment, etc.) and determine the total amount of bandwidth needed across all applications and tunnels. Calculate the percentage of the total bandwidth this consti-tutes. After monitoring network usage, you can adjust the percentage value for the Low Latency class as needed.

NOTE: Entering a large value for the Low Latency maximum limit can impact the guaranteed limits for other application classes. Therefore, caution should be taken as to not exceed the needs of the time-sensitive applications.

You can also create guaranteed and maximum bandwidth settings for a Default class. The Default class is a generic class for application data that is not assigned to a class defined by the Sequence Reducer.

Defining guaranteed and maximum limits for a traffic class works with the remote interface setting in the Bandwidth Management page. Bandwidth limits are expressed as a percent of the maximum bandwidth allocated to each end point. For a given class, you enter a guaranteed and maximum percentage of bandwidth usage available.



Table 8-2 provides an example of setting application class assignments based upon business priority.

NOTE: If more than one application is assigned to a specific class, the guaranteed and maximum settings apply to the cumulative traffic of all applications belonging to the class, not necessarily distributed evenly among them.

How to Configure Outbound Bandwidth Management

To configure outbound bandwidth management, follow these steps:

1. Type the following command to enter the configure bandwidth mode:

config bandwidth

2. To set the remote interface speed setting, type:

set remote-intf-speed <number>

Where <number> is a number between 8 and 100000 (in Kbps). The remote interface setting should typically match the router’s setting.

3. To allocate bandwidth for data destined to other Peribit devices within the community, type:

bw-allocation add <IP address> <guaranteed> <maximum>

Where <IP address> is the IP address of the destination Sequence Reducer, <guaranteed> is the guaranteed amount of bandwidth in Kbps for this destination, and <maximum> is the maximum amount of bandwidth in Kbps for this destination.

4. If you want to manage bandwidth for data that passes through the Sequence Reducer without reduction or for reduced data destined for another Sequence Reducer that is not selected in the table, type:

bw-allocation set-default <guaranteed> <maximum>

Where <guaranteed> is the guaranteed amount of bandwidth in Kbps for the default desti-nation, and <maximum> is the maximum amount of bandwidth in Kbps for the default destination.

5. To remove a Sequence Reducer from the bandwidth allocation list, type:

bw-allocation remove <IP address>

Table 8-2 Example of Setting Application Classes Based on Business Priority

Data Type Class Lower and Upper Limits Application Types

Time-Sensitive Data Low Latency

Maximum: 30% Time-sensitive data, e.g., VoIP, streaming video, etc.

High-Priority Data 1 Guaranteed: 40%Maximum: 100%

Business-critical data, e.g., thin-client or data-base transactions.

Medium-Priority Data 2 Guaranteed: 20%Maximum: 100%

Moderately used applications that can be queued below business-critical application data.

Low-Priority Data 3 Guaranteed: 5%Maximum: 30%

Less critical applications that should not absorb available bandwidth which could cause high and medium priority applications to be starved.

All other Data Default Guaranteed: 15%Maximum: 100%

Data from applications that is not assigned to a class defined by the Sequence Reducer.



6. After configuring bandwidth management, you can exclude one or more networks or hosts from bandwidth management policies. If you exclude a network or host from the bandwidth management policies, data can be reduced by the Sequence Reducer but sent to the WAN without restrictions on bandwidth usage. To exclude networks or hosts from bandwidth management policies, type:

excl-filter add <LAN Side Network>[/<Mask>]-<WAN Side Network>[/<Mask>]

Where <LAN Side Network> is local network or host and <WAN Side Network> is a remote network or host.

7. To create a bandwidth allocation (application) class, type:

bw-class set <class> <guaranteed limit 0% to 100%> <maximum limit 0% to 100%>

Where <class> is a number from 1-14, Low Latency or Default. Also, <guaranteed> is the guaranteed amount of bandwidth (by percentage), and <maximum> is the maximum amount of bandwidth (by percentage). Note that the Low Latency class does not use the guaranteed limit.

8. You can specify a packet queue length for an application class. The queue length deter-mines how many packets can be queued in a session before they are dropped. The default queue length for packets in the standard application classes and the Default class is 80. The default queue length for packets in the Low Latency class is 512. To change the packet queue length for an application class, type:

bw-class-qlen class-id <class id> queue-len <1-512 : default>

Where <class id> is an application class 1-14, Default, or Low Latency. The “queue-len” size can be a numeric value from 1 to 512 packets or Default.

9. You can specify a packet age-out time for an application class. The age-out time deter-mines how long a packet will remain queued before being dropped by the Sequence Reducer. The default age-out setting for standard application classes and the Default class is “no limit.” The default age-out setting for the Low Latency class is 50 milliseconds. To change the packet age-out time settings for an application class, type:

bw-class-ageout class-id <class id> ageout <2-5000 : default : nolimit>

Where <class id> is an application class 1-14, Default, or Low Latency. The age-out value can be a numeric value from 2 to 5000 milliseconds, Default, or no limit.

IMPORTANT: Do not use the age-out command for a class that contains TCP traffic.

Also, if a numeric “age-out” value has been set for a class, the queue length has no effect.

10. To map one or more applications to a bandwidth allocation class, type:

app-class-map <application name> <class id>

Where <application name> is the name of the application, and <class id> is the bandwidth allocation class id number (from 0-14) or Low Latency.

11. To enable the “Default” destination to use application classes, type:

def-use-app-class <on:off>

12. To enable outbound bandwidth management, type:

bw-mgmt on



About Inbound Bandwidth Management

Peribit’s inbound bandwidth management feature enables you to control the pace of incoming WAN traffic destined to a Local Area Network (LAN). The inbound bandwidth manager contains four types of traffic classes — Reduced, Intranet, TCP, and Default. Each of the four classes is assigned a percentage of the remote interface rate limit (i.e., remote interface speed) and a queue length for packets (optional). Incoming data is identified by the Sequence Reducer and then limited to the bandwidth and queue settings for the class.

For example, in Figure 8-2 you enable inbound bandwidth management on Peribit A and set the remote interface rate limit to 1500 Kbps (1.5 Mbps). You then set a maximum bandwidth percentage and queue length to one or more of the four available classes. In this example, you might set the maximum bandwidth percentage for TCP class to 20% and the maximum bandwidth percentage for the Default class to 10%. This ensures that mission-critical data to Peribit A’s local network is not impeded by less critical data from the public Internet.

Figure 8-2 Configuring Inbound Bandwidth Management

Table 8-3 describes the four classes for inbound bandwidth management.

NOTE: The Intranet class requires a user-defined list of source IP address and subnet mask pairs. You may want to use the Top Traffic report to assist with creating the list. For more information, refer to “Viewing Top Traffic” on page 102.

Table 8-3 Inbound Bandwidth Management Classes

Class Purpose

Reduced Used for reduced data originating from other Sequence Reducers.

Intranet Uses a user-defined list of source IP address and Subnet Mask pairs. This class is used to control data from locations that do not have a Sequence Reducer.

TCP Used for TCP traffic that does not fall into the Reduced class or Intranet class.

Default Used for all other data that does not fall into the Reduced, Intranet, or TCP classes.



How to Configure Inbound Bandwidth Management

To configure inbound bandwidth management, follow these steps:

1. Type the following command to enter the configure bandwidth mode:

config bandwidth

2. To set the remote interface speed setting, type:

inbound remote-intf-limit <number>

Where <number> is a number between 8 and 100000 (in Kbps). The remote interface limit should match the router’s interface setting.

3. The Reduced Class is used to control the pace of reduced data originating from other Sequence Reducers. To configure the bandwidth limit and queue length (optional) for the Reduced Class, type:

inbound class-reduced max-bw <percentage 0-100> queue-len <number 1-512>

Where <percentage 0-100> is a percentage of the remote interface rate limit (i.e., remote interface speed). Note that a maximum percentage value of “0” means that all traffic will be dropped, and a maximum percentage value of 100% effectively disables inbound bandwidth management for the class. Also, <number 1-512> is the queue length for this class. The queue length setting is optional. The default setting is 40.

4. The Intranet Class uses a user-defined list of source IP address and Subnet Mask pairs. This class is used to control data from locations that do not have a Sequence Reducer.

a. To create a list of source IP address and subnet mask pairs to be used for the Intranet class, type:

inbound define-intranet add <IP Address/Subnet Mask>

b. To allocate bandwidth for the Intranet Class, type:

inbound class-intranet max-bw <percentage 0-100> queue-len <number 1-512>


c. To remove a source IP address and subnet mask pair from the Intranet class, type:

inbound define-intranet remove <IP Address/Subnet Mask>

5. The TCP class is used for TCP traffic that does not fall into the Reduced class or Intranet class. To configure the bandwidth limit and queue length (optional) for the TCP Class, type:

inbound class-tcp max-bw <percentage 0-100> queue-len <number 1-512>




6. The Default class is used for all other data that does not fall into the Reduced, Intranet, or TCP classes.To configure the bandwidth limit and queue length (optional) for the Default Class, type:

inbound class-default max-bw <percentage 0-100> queue-len <number 1-512>


7. To enable inbound bandwidth management, type:

inbound bw-mgmt on

Configure Clock CommandIf your network uses an NTP server to provide a common time base for devices within your network, refer to “Configure SNTP Command” on page 156.

If your network does not use an NTP server, you should manually configure the time settings for each Sequence Reducer within your Peribit community. The time settings for Sequence Reducers are propagated to system log files, which can help you troubleshoot problems if they arise.

1. Type the following command to enter the configure clock mode:

config clock

2. To set the data and time, type:

set time <YYYYMMDDhhmm>

For example, to set the time to 12:30 p.m. March 16, 2003, type:

set time 200303161230

3. To set the time zone for the device, type:

set time-zone <offset>

Where <offset> is in the format “hh:mm” and is offset from GMT. This value can be a negative number (e.g., “-08:00”).

4. To set daylight savings time on (if applicable), type:

set daylight-saving on

Configure Console CommandThe Sequence Reducer has a DB9 Console port on the back of the device. You can configure the baud rate for the device. By default the baud rate is 9600.

1. Type the following command to enter the configure console mode:

config console

2. To configure the console port’s baud rate, type:

set baud-rate <number>



Configure Filter CommandBy default, the Sequence Reducer will attempt to reduce all data from any application running over TCP or UDP in your IP network (except HTTPS, SNTP, and SSH). If you want to configure the Sequence Reducer to only reduce data from specific applications or protocols, you can create a filter through the CLI. With the Filter command, you can also set precedence to applications defined by Source/Destination IP address, and disable the reduction of packet fragments.

NOTE: To add applications to this list, refer to “Configure Application Command” on page 132.

1. Type the following command to enter the configure filter mode:

config filter

2. To add applications to the filter list, type:

add application <application name>

3. To add source destination addresses to the filter list, type:

add address-pair <from IP address>[/mask]-<to IP address>[/mask]

NOTE: An asterisk (*) may be used as a wildcard for the IP address. In this case, the subnet mask must be blank.

4. To remove an application from the filter list, type:

remove application <application name>

5. To remove an address pair from the list, type:

remove address-pair <from IP address>[/mask]-<to IP address>[/mask]

6. With a list of filtered applications, set the mode of the list to “none,” which ignores the list and reduces data for all applications, “include,” which only reduces data from the applica-tions in the list, or “exclude,” which excludes data from the applications in the list from being reduced. Type the following command:

set mode-applications <off:include:exclude>

7. If you have data that you do not want to be reduced from a particular source and/or to particular destination, you can create a source and destination filter so that data passes through the Sequence Reducer without being reduced.

set mode-address-pair <off:include:exclude>

8. If you have applications defined by Source/Destination IP address and applications defined by Port, precedence is given to applications defined by port (default). However, you can give precedence to the applications defined by IP address(es). To do so, type:

set ip-addr-precedence <on:off>

9. By default, the Sequence Reducer will reduce packet fragments. However, you can disable this behavior so that packet fragments are passed through the Sequence Reducer by default. To do so, type:

set ip-fragments <on:off>



10. By default, the Sequence Reducer attempts to reduce all TCP and UDP data. You can change this behavior so that the Sequence Reducer only reduces data from specific protocols.

set ip-protocol <enable:disable> <protocol>

Where <protocol> is a value from 0-255, IP, IpinIP, TCP, UDP, XTP, GRE, L2TP or any combination of this list.

NOTE: Disabling reduction for TCP and/or UDP may dramatically impact Sequence Reducer performance.

Configure Interface CommandThe CLI enables you to view the negotiated NIC parameters, and to manually configure the interface speed and duplex mode settings (if required). In addition, you can configure loss of link connectivity settings for the Local and Remote interfaces. This feature enables the Sequence Reducer to act upon a link failure from a device on either the Local or Remote side of the Sequence Reducer by turning off the adjacent interface.

You can also view detailed interface statistics to assist in diagnosing errors with either the LOCAL or REMOTE interfaces. After viewing the statistics, you can clear them from the Sequence Reducer’s memory.

1. Type the following command to enter the configure interface parameters mode:

config interface

2. To set the speed and duplex mode setting for the Local interface, type:

set speed-duplex local <auto:10-half:10-full:100-half:100-full> and <1000-full) for the SR-55.

3. To set the speed and duplex mode setting for the Remote interface, type:

set speed-mode remote <auto:10-half:10-full:100-half:100-full> and <1000-full) for the SR-55.

4. With the Local link propagation feature enabled, if the switch should fail, the Sequence Reducer will turn off its Remote interface so that the router knows of the loss of connec-tivity with the switch.

To enable link status propagation from the Local interface to the Remote interface, type:

set propagate-failure local-to-remote on

5. With the Remote link propagation feature enabled, if the router should fail, the Sequence Reducer will turn off its Local interface so that the switch detects a loss of connectivity with the router.

To enable link status propagation from the Remote interface to the Local interface, type:

set propagate-failure remote-to-local on

6. If you have enabled the link status propagation for the Local interface to the Remote interface. Set the down time for which a propagated failure should apply for the other interface. Type the following:

set down-time local-to-remote <seconds:forever>

Where <seconds> is the length of time for the interface to be shut down, the default is 15 seconds. Or, you can type “forever” for the interface to be shut down indefinitely.



7. If you have enabled the link status propagation for the Remote interface to the Local interface. Set the down time for which a propagated failure should apply for the other interface. Type the following:

set down-time remote-to-local <seconds:forever>

Where “seconds” is the length of time for the interface to be shut down, the default is 15 seconds. Or, you can type “forever” for the interface to be shut down indefinitely.

8. To view detailed interface statistics, type:

show interface -verbose

Detailed statistics for the Sequence Reducer’s LOCAL and REMOTE interfaces is displayed.

9. To clear these statistics, type:

reset-stats <local:remote>

Where <local:remote> is either the LOCAL or REMOTE interface statistics.

Configure IP CommandPeribit Sequence Reducers require an IP address, subnet mask information, and a default gateway so that they can be identified by and communicate with other devices within your network. During the Sequence Reducer installation process, you entered this network infor-mation for the device. If you need to change any of these settings, you can use the following CLI commands.

1. Type the following command to enter the configure IP parameters mode:

config ip

2. To set the IP address for the device, type:

set ip-address <ip address>

3. To set the Subnet Mask for the device, type:

set subnet-mask <subnet mask>

4. To set the default gateway for the device, type:

set default-gateway <gateway ip address>

NOTE: If you change the Sequence Reducer’s IP address or Subnet Mask, you must reboot the device. Changing the Default Gateway does not require a reboot.



Configure License CommandEach Peribit Sequence Reducer requires a permanent license key for operation. The license key determines the throughput levels for the device, and properly registers the product with Peribit Networks.By default, the Sequence Reducer uses a 30-day evaluation license. Upon expiration of the evaluation license, the Sequence Reducer will stop reducing data.

The Sequence Reducer’s license key is determined by the unique serial number assigned to each Peribit device. You can find the serial number for your Sequence Reducer on the back of the device.

When the Sequence Reducer is powered on, it will attempt to detect its unique serial number. You can view the Sequence Reducer’s license key using the CLI. If the Sequence Reducer cannot detect its serial number, you can manually enter it.

After you have the Sequence Reducer’s unique serial number, you can obtain a license key for the device through Peribit’s Online License Key server. The License Key server is accessible by clicking the Online Service button in the License Key page of the Web console, or by going to http://license.peribit.com. If you do not have Internet access, please call Peribit Support at1-866-Peribit (866-737-4248) or +1-408-330-5600 and obtain a license key.

1. Type the following to enter the config license key mode:

config license

2. To enter a new license key, type the following:

set license-key <new license key>

Configure Monitored Applications CommandYou can view reduction statistics that are achieved on a per application basis. These statistics report the amount of data reduction for monitored applications, as well as the amount of data that was not reduced. By default, all reduced data from applications is identified within the statistics. Known applications are identified by name, while applications without an appli-cation monitoring definition are identified as “Other”. Using the CLI, you can create a filter for the Monitor page, so that statistics concentrate only on select applications.

1. Type the following command to enter the configure monitored application mode:

config mon-apps

2. To add an application to the list, type:

add <application name>

NOTE: You can create a space-separated list of applications. If an application name contains spaces, enclose the entire name in quotes.

3. To remove an application from the monitoring list, type:


4. The Sequence Reducer’s Web console attempts to resolve an application’s port number from an IANA description file embedded in system. By default, the Sequence Reducer will resolve “well-known” port numbers (up to 1024). However, you can change this behavior so that the Sequence Reducer attempts to resolve all registered IANA port numbers. To do so, type:

set port-map all



Configure Multi-Node Command (SR-50 & SR-55 Only)In multi-node configuration, Peribit Sequence Reducers work in conjunction with one another to provide greater reduction of data on higher-speed or heavily congested networks. For more information on installing and administering Sequence Reducers in multi-node configuration, refer to Appendix A, “Installing Multi-Node Configuration”.

Configure OSPF CommandIf your network uses OSPF, you can enable OSPF support on the Sequence Reducer. The OSPF routes on the local side of the Sequence Reducer are discovered and added to the Local Routes table.

1. Type the following command to enter the configure OSPF mode:

config ospf

2. To enter an OSPF Area ID, type:

set area <IP address in dotted-decimal notation or a number>

3. To set OSPF authorization settings, type:

set auth-type crypt or password or none

4. If you set OSPF authorization settings to “crypt,” set MD5 Key-ID and Encryption Key authentication by typing:

set crypt <key-id> <passkey>

5. If you set OSPF authorization settings to “password”, type:

set password <password>

A maximum of 15 characters can be used for a password.

6. To enable OSPF, type:

set ospf on

Configure QoS CommandPeribit’s Application Quality of Service (QoS) feature utilizes the IP Precedence field to:

� Preserve IP Precedence settings established by other QoS devices within your network.

� Improve the precedence levels of data packets through the Peribit reduction tunnel by setting the priority bits.

� Preserve Peribit assigned precedence levels of data packets after the packets leave the Peribit reduction tunnel.

� Reduce higher priority traffic first, creating priority queues for data reduction.

NOTE: If data packets also include drop precedence settings (DiffServ), Peribit’s Application QoS feature uses the lowest drop precedence value in the header of the reduced packet.



The QoS command enables you to customize your QoS requirements in multiple ways.

Preserve QoS Information in the Reduction Tunnel — The Sequence Reducer recognizes DS field settings in data packets and does not alter the precedence settings established by other QoS devices (in preserve mode). While Packets with precedence settings greater than 0 do not receive preferential queueing from the Sequence Reducer, they are not grouped with packets of different priority settings.

Promote QoS Information in the Reduction Tunnel — The Sequence Reducer promotes the precedence setting of application data for its transmission through the reduction tunnel. For example, if you have established precedence settings for data from certain applications, you can improve these precedence settings for reduction tunnel purposes.

Furthermore, you can use Peribit’s Application QoS feature to create new precedence settings for data from applications that are recognized by the Sequence Reducer. For example, if all data that traverses through your network currently receives the same precedence, but you want to take advantage of Peribit’s Application QoS feature to improve the transmission of data from specific applications through the reduction tunnel, you can create an application priority setting for Peribit reduction tunnel purposes.

Preserve assigned priorities after assembly — When reduced data is assembled by a Sequence Reducer, promoted (or created) precedence settings by the Sequence Reducer are preserved in the data packets and transmitted to the Local Area Network (LAN).

Reduce higher priority traffic first — The Sequence Reducer creates eight priority queues, and depending on the precedence setting established, the packet falls into one of these eight queues. The data receives a higher priority queue in the Sequence Reducer, and is reduced and transmitted before lower priority data.

1. Type the following command to enter the configure QoS mode:

config qos

2. By default, the Sequence Reducer’s QoS policy is set to equal priority. To enable ToS priority on the Sequence Reducer, type:

set mode tos-priority

3. With ToS priority mode set, you can enable Priority Queue for the QoS policy. To do so, type:

set priority-queue on

4. You can also preserve Peribit assigned precedence levels of data packets after the packets leave the Peribit reduction tunnel. To do so, type:

set preserve-assign-tos on

5. If you have enabled Application QoS, you can create an applications list and assign priority levels so that data from the applications is treated with precedence. To create an applications list and set priority levels, type:

add <application name> <priority level>

The priority level is an integer where 0 is the lowest and 7 is the highest priority.



NOTE: If your network uses a QoS device, and you only want to preserve the precedence settings through the Peribit reduction tunnel, you do not need to create an applications list and set priority levels to match the QoS device’s configuration. However, you can improve the precedence settings of application data through the Peribit reduction tunnel by assigning a higher priority.

If an application’s packet has a priority setting from a QoS device that differs from the setting in the application list, the higher of the two is honored.

6. To remove an application from the list, type:


Configure Reduction CommandThe Reduction command enables you to configure many aspects of the Sequence Reducer’s reduction and assembly engines.

1. Type the following command to enter the configure reduction mode:

config reduction

2. The Sequence Reducer’s Assembly engine is enabled to assemble reduced data back to its original form. If you do not want this Sequence Reducer to assemble reduced data from other devices in the Peribit community, disable this Sequence Reducer’s Assembly engine by typing:

set assembler off

3. The Sequence Reducer’s Reduction engine is enabled to reduce data and then send it through the Peribit reduction tunnel. If you do not want this Sequence Reducer to reduce data, disable the Sequence Reducer’s Reduction engine by typing:

set reducer off

4. The Sequence Reducer attempts to form reduction tunnels with all other devices in the Peribit community. To create a list of specific Sequence Reducers for the establishment of reduction tunnels, type:

set assembler-list <IP address of Sequence Reducer>

To add multiple IP addresses, space-separate each address in the list.

5. Set the mode of this Sequence Reducer to communicate with all devices within the Peribit community, or only those in the assembler list by typing:

set assembler-mode <all:list>

6. Dynamic Resource Allocation enhances a Sequence Reducer’s reduction performance on low-speed WAN links (e.g., 128 Kbps). During good network conditions (e.g., low CPU load), the Sequence Reducer attempts to perform even greater reduction of data, without compromising latency or packet loss. This improvement to the Sequence Reducer’s reduction engine is transparent, and is enabled by default. However, you can be disable Dynamic Resource Allocation to SRS 2.1 reduction mode if desired. To do so, type

set reduction-mode standard

NOTE: It is strongly recommended that Bandwidth Management is enabled on the Sequence Reducer, and that the maximum bandwidth speed for each remote Sequence Reducer is properly set. For more information, refer to “Configure Bandwidth Command” on page 133.



7. The Loss Recovery feature enables the Sequence Reducer to immediately resend a packet if it becomes lost during transmission to another Sequence Reducer. This feature can improve data transmission speed through the reduction tunnel because the data does not have to be resent from the original source device. By default, Loss Recovery is disabled. To enable Loss Recovery, type:

set loss-recovery on

NOTE: Dynamic Resource Allocation must be enabled for Loss Recovery to work. Dynamic Resource Allocation is enabled by default.

8. To create a list of one or more default assemblers, type:

set def-assembler-list <SR IP address(es)>

For more than one default assembler, space-separate the IP addresses. Up to six default assemblers can be added.

9. To add a subnet to be excluded from the default assembler(s), type:

add excl-subnet-list <IP address>/<subnet mask>

10. To remove a subnet from the exclude list, type:

remove excl-subnet-list <IP address>/<subnet mask>

11. The “heartbeat” is a small transmission between Sequence Reducers that acknowledges communication of Peribit devices within the community. You can adjust the heartbeat frequency at which UDP communication packets are sent between Sequence Reducers. By default UDP keepalives are sent every 5 seconds, but you can change this frequency to a value between 1 and 300 seconds.

To set the heartbeat frequency (in seconds), type:

set heartbeat-frequency <number between 1 and 300>

NOTE: Every Sequence Reducer within the Peribit community must have the same heartbeat frequency settings.

12. If a Sequence Reducer fails to receive a response from its “heartbeat” communication packet, a second heartbeat packet is sent. If the second heartbeat packet fails to generate a response, the Sequence Reducer puts data communication between the devices in pass-through mode (i.e., data is not reduced). If three consecutive heartbeat packets fail to generate a response, the Sequence Reducer will disable the reduction tunnels between the two devices. After three minutes, the Sequence Reducer will attempt to reestablish the reduction tunnel. In addition to adjusting the heartbeat frequency, you can adjust the frequency of unacknowledged heartbeat packets that affects the pass-through or disabling the reduction tunnel. To do so, type:

set heartbeat-misses passthru <any positive number>

and

set heartbeat-misses disconnect <any positive number greater than the passthru number>



13. If your default gateway is on the LAN side of the Sequence Reducer, you can disable the LAN-WAN check. The LAN-WAN check is a safety feature against routing misconfigura-tions. You should only disable the check if absolutely necessary.

set lan-wan-check <on:off>

14. The Load Balancing policy enables two or more Sequence Reducers to share the trans-mission of reduced data to a common destination with equal cost paths.

When a remote route of a common destination and equal cost path is identified, load balancing policies take effect. The default load balancing policy is Off. However, you can use any of the following policies:

– Off. All traffic is routed to one of the available tunnels. No load balancing.

– Per-packet. Traffic is distributed over available tunnels on a per-packet basis (i.e., round robin).

– Per-destination. Traffic is distributed over available tunnels based on destination IP address (default).

– Per-Flow. Traffic is distributed over available tunnels based on source and destination IP addresses and ports.

To enable a load balancing property, type:

set lb-policy <off:per-packet:per-dest:per-flow>

15. The tunnel mode configuration options let you configure how the traffic appears while it is being transmitted through the Peribit reduction tunnel. Note the following about the tunnel mode options:

– Standard. The Sequence Reducer’s reduced data is transmitted between Peribit devices as a single flow — using the Sequence Reducer’s IP address as the data source and 3577 as the destination port number.

– Multi-flow emulation. The Sequence Reducer generates its reduction packets with various source port numbers, thus creating unique flows. When the reduced packets reach the router, each packet is assigned a unique queue and then fairly transmitted through the router.

– Application Visibility. The Sequence Reducer retains the data packet’s original source and destination port number through the Peribit reduction tunnel. This feature enables you to use your network performance tools to collect realistic statistics on the devices within the Peribit reduction tunnel.

To set the tunnel mode parameters, type:

set tunnel-mode <standard:multi-flow:visibility>

If you set the tunnel mode parameter to multi-flow, type the following:

set max-flows <integer between 256 and 1024>



16. The Max Meta Packet Size command enables you to configure the packet size of Peribit’s meta packet. In most environments, you will not need to modify the maximum meta packet size. However, if your network has a device on the WAN side of the Sequence Reducer that adds to the packet (e.g., a VPN device) and thus increases the size of the packet, you may want to reduce the maximum meta packet size from its default of 1500 bytes to avoid packet fragmentation by the router. Before you adjust the maximum meta packet size, verify the approximate number of bytes that are added to the Peribit meta packet by your network device (e.g., VPN device).

To set the maximum meta packet size, type:

set max-meta-pkt-size <number between 576 and 1500>

17. You can also adjust the meta-packet wait time. By default, the amount of time the Sequence Reducer holds its meta-packet of reduced data is dynamically based upon the Round-Trip Time (RTT) to the destination device. However, you can adjust this behavior to an absolute time, or to an amount of time that is a percentage of the RTT. To do so, type

set meta-packet-wait <mode>

Where <mode> is default, absolute-time, or rtt.

If you enter “absolute-time” as the mode, enter an amount of time (in 2 ms increments) for the meta-packet to wait before transmitting across the network. By default, this setting is 8 ms. For example,

set meta-packet-wait absolute-time 4

If you enter “rtt” as the mode, enter a percentage number that will be calculated by the RTT and used to hold the meta-packet before being transmitted across the network. For example,

set meta-packet-wait rtt percent-rtt 15

In addition to the RTT percentage, you can set an upper limit for which a packet will be held (in 2 ms. increments). The default is 8 ms. For example,

set meta-packet-wait rtt percent-rtt 15 limit 20

18. By default, the Sequence Reducer reduces and groups data from multiple packets and transmits a single meta-packet across the network. In addition to reducing the amount of data that is sent across the network, this behavior reduces the number of packets. In rare, extremely latency-sensitive networks, you may want to disable this behavior so that data is reduced on a per-packet basis and transmitted across the network. While the Sequence Reducer will reduce the amount of data destined for the WAN, the number of packets will not be reduced.

set multi-packet off

19. If your Peribit community has two (or more) Sequence Reducers that can reach a single subnet, and no other policies apply, traffic will be routed to one of the tunnels on an arbitrary basis. However, you can designate a particular Sequence Reducer as a Preferred Assembler. By designating a Preferred Assembler, you give assembly precedence to a Sequence Reducer — thus creating a preferred network path for a destination when more than one path exists. To designate one or more (up to 80) Preferred Assemblers, type:

set pref-assembler-list <space separated list of SR IP addresses>



20. If you configure this Sequence Reducer to only reduce data destined to a select number of other Peribit devices, this Sequence Reducer will only reduce traffic destined for reduction subnets associated with these device. All other traffic is passed through without reduction.

To set this Sequence Reducer as a Hub to ensure that reduction tunnels are created to this Sequence Reducer from other Sequence Reducers in the Peribit community, type:

set topology-type <hub:mesh:spoke>

21. To set the community topology size to which this Sequence Reducer belongs, type:

set topology-size <number between 0-5 depending on the topology type>

Hub & spoke. 0 = 0-20, 1 = 21-40, 2 = 41-60, 3 = 61-80, 4 = 81-100, 5 = 101-120

Mesh. 0 = 0-20, 1 = 21-35, 2 = 36-50, 3 = 51-60, 4 = 61-70, 5 = 71-80

22. Sequence Reducers in a Peribit community frequently contact each other for routing updates, dictionary synchronization, and other purposes. This communication is achieved by sending small TCP packets between the devices. By default, these packets are sent across the network with normal priority. In heavily congested networks, these communi-cation packets may be dropped from the queue. To set the ToS setting for Peribit reduced packets, type:

set tos-bit <number between 0 and 255>

Configure Reduction Subnets CommandAfter you install a Sequence Reducer into your network, route discovery mechanisms within the device collect IP subnet information on the Local side of the Sequence Reducer. This subnet information is stored in the Sequence Reducer, and then advertised to other Sequence Reducers within the Peribit community. In some instances, you may only want to advertise specific subnets as targets for data reduction.

To configure the Sequence Reducer so that only specific subnets are advertised as targets for reduction, you create an Enabled list and a Disabled list of local IP subnets. If your network uses RIP or OSPF, local IP subnets can be dynamically discovered. You can also manually enter local IP subnets so that they are identified by the SR-50. After creating a list of Enabled and/or Disabled subnets for the Sequence Reducer, you set the mode for the lists: All, Include, or Exclude.

For example, you may have 5 IP subnets in the Enabled list and 1 IP subnet in the Disabled list. If the mode is set to “Include,” the 5 subnets in the Enabled list are advertised, the subnet in the Exclude list is not advertised. However, if the mode is set to “Exclude,” the 5 subnets in the Enabled list are not advertised, but the subnet in the Exclude list is advertised. If the mode is set to “All,” all subnets are advertised and the lists are ignored.

1. Type the following command to enter the configure reduction subnet mode:

config reduction-subnet

2. To add entries to the Enabled list of reduction subnets, type:

add enable <IP address/subnet mask>

3. To add entries to the Disabled list of reduction subnets, type:

add disable <IP address/subnet mask>

4. To remove entries from the Enabled list of reduction subnets, type:

remove enable <IP address/subnet mask>



5. To remove entries from the Disabled list of reduction subnets, type:

remove disable <IP address/subnet mask>

NOTE: If a subnet exists in both the Enabled and Disabled lists, the entry will be disabled.

6. To set the mode for the list, type:

set mode <all:include:exclude>

7. The Sequence Reducer can detect networks on the remote side of the device and advertise the network to other Sequence Reducers in the Peribit community. To allow networks discovered on the remote interface as reduction subnets, type:

set wan-reduction-subnet on

NOTE: Please allow 10 minutes for the remote network to be displayed in the End Points list. After the network is displayed, you must advertise the network to other Sequence Reducers in the Peribit community.

8. Before committing these changes, you should verify the mode and the subnets listed in the Reduction Subnet list. Type

show reduction-subnet

Configure Registration Server CommandWhen you install two or more Sequence Reducers into your network, a Peribit community of devices is formed. Within the Peribit community, you must designate one Sequence Reducer as the registration server. The registration server stores the network information of all Peribit devices within a community. Every Sequence Reducer periodically contacts the registration server to obtain information about other devices within the community.

If you are logged in to the registration server, you can change the password of the registration server, or designate a different Peribit device as the registration server. You can also assign a secondary registration server to act as a backup should the primary registration server experience a disruption.

1. Type the following command to enter the configure registration server mode:

config reg-server

2. To set the IP address of the registration server, type:

set ip-address <registration server IP address>

If you want to designate this Sequence Reducer as a registration server, enter the IP address of this device. If this Sequence Reducer is not the registration server, enter the IP address of the current (or future) registration server, and enter the registration server password.

NOTE: If this Sequence Reducer is not the registration server, and you have not yet configured the registration server for the Peribit community, enter the IP address of the Sequence Reducer that will be the registration server and enter the default password, “peribit”.

3. You can also assign a secondary registration server to act as a backup should the primary registration server experience a disruption. To set the IP address of the secondary regis-tration server, type:

set sec-ip-address <secondary registration server IP address>



4. To set the registration server password, type:

set password <registration server password>

Configure Remote Routes CommandYou can use the Routes command to view the available reduction subnets from other Sequence Reducers within the Peribit community. This list can help you determine the Peribit device that assembles data for a specific network, as well as the cost value for the network route.

1. Type the following command to enter the configure remote route mode:

config remote-route

2. The Validate Advertised Routes feature enables the Sequence Reducer to send a validation packet to each of the advertised remote network routes. This validation packet ensures that the remote Sequence Reducer is in the path from the Sequence Reducer performing the test to the advertised remote network.

By default, the setting is disabled. It is recommended that this setting only be enabled when the validity of a network route is uncertain. The default setting for advertising remote network routes is “hourly”. However, you can change this configuration to a more frequent or less frequent setting by using the “frequency” command. To change the frequency, type:

set frequency <once:3600:7200:10800:86400>

The set frequency command is in seconds.

3. To validate advertised remote routes, you can send a validation packet to each of the network routes. By default, the setting is disabled. It is recommended that this setting only be enabled when the validity of a network route is uncertain. To change the validation configuration, type:

set validation <on:off>

NOTE: If you plan to enable Load Balancing policies, it is strongly recommended that you do not enable the Validate Advertised Routes feature.

Configure RIP CommandIf your network uses RIP, you can enable RIP support on the Sequence Reducer. The RIP routes on the local side of the Sequence Reducer are discovered and added to the Local Routes table.

1. Type the following command to enter the configure RIP mode:

config rip

2. To set RIP authorization settings, type:

set auth-type password or none

3. To set a password for RIP authentication, type:

set password <password>

NOTE: A maximum of 15 characters can be used for a password.



4. To set the version of RIP (either 1 or 2), type:

set version 1 or 2

5. To enable RIP, type:

set rip on



Configure Route CommandWhen you install a Peribit Sequence Reducer into your network, routing information for devices on the Local side is collected using standard routing protocols. A reduction subnet map, which lists subnet points available from this Peribit device, is created and embedded in the SRS operating system. These local routes are then advertised to other Sequence Reducers within the Peribit community.

1. Type the following command to enter the configure route mode:

config route

2. To add a new static route, type:

add <ip address> mask <subnet mask> gateway <gateway IP address> cost <cost>

NOTE: Use dotted-decimal notation for the IP address, mask, and gateway.

<cost> is an optional value from 0 to 65535. If not set, the default is 1000.

3. To remove a static route, type:

delete <ip address> mask <mask>

4. To set the precedence between static routes and dynamic routes, type:

set precedence static or dynamic

5. You can also configure a local route load balancing policy. The local route load balancing policy, “Router Balancing” enables a Sequence Reducer to use up to four gateways for sending reduced data to a destination with equal cost paths.

For example, in Figure 8-3 Sequence Reducer B advertises it’s local network (N2) to Sequence Reducer A. Sequence Reducer A identifies two gateways to get to N2, and both routes have equal cost paths. Using a router balancing policy, Sequence Reducer A can use the two gateways on a per-destination, per-packet (i.e., round-robin), or flow-based basis.

Figure 8-3 Configuring the Local Router Load Balancing Policy

To configure the local route load balancing policy, type:

set lb-policy <off:per-packet:per-dest:per-flow>

Where:

Off. (Default) All traffic is directed to one of the available routers. No load balancing.

Per-destination. Traffic is distributed over available routers based on destination IP address.

Per-packet. Traffic is distributed over available routers on a per-packet basis (i.e., round robin).

Flow based. Traffic is distributed over available routers based on source and destination IP addresses and ports.



Configure Route Poll CommandAnother method of obtaining dynamic routes for the Sequence Reducer is to obtain a routing table from a Cisco router. The Sequence Reducer periodically checks the routing table to keep Peribit Reduction tunnels updated with dynamic routing topologies.

To obtain a routing table from a Cisco router, the router must be configured to allow Remote Shell Protocol (rsh) access by the Peribit Sequence Reducer. The rsh protocol allows a user or device to execute commands on a remote system without having to log in to the system. For more information on enabling rsh on your Cisco router, refer to the Cisco IOS documentation.

1. Type the following command to enter the configure route poll mode:

config route-poll

2. To set the IP address of the Cisco router, type:

set remote-host <IP address of the Cisco router>

3. The default port number is 514. To change the port number for data transmission, type:

set remote-port <port number between 1 and 1024>

4. To set the local user name, type:

set local-user <user name>

5. To set the remote user name, type:

set remote-user <user name>

6. To set the route poll mode (i.e., enable route poll), type:

set mode rsh

7. The default frequency is every five minutes. To change the frequency for the route poll, type:

set frequency <integer in minutes>

8. The default remote command is “show ip route.” To change the remote command, type:

set remote-command <string, 128 characters or less. Use quote if there are spaces>

Configure Security CommandTo ensure secure access to the Sequence Reducer, you can configure security settings for the device. The security settings include changing the default administrator password, restricting operator access to the device, locking front-panel access to the device, and disabling the Web console.

1. Type the following command to enter the configure security mode:

config security

2. To change the administrator password, type:

set password

and then press Enter. Type the current password and press Enter. Next, type the new password and press Enter.



3. You can secure front-panel access to the SR-50 and SR-55 Sequence Reducers by enabling the locking mechanism through the CLI. Locking the front panel prevents anyone from rebooting, resetting, or making IP configuration changes to the Sequence Reducer via the front panel keypad and LCD. To lock front-panel access to the Sequence Reducer, type:

set front-panel off

4. You can enable read-only access for the SRS Web console so that a user can view all pages of the Web console, but cannot make any configuration changes. To enable read-only access to the Web console, type:

set readonly-access on

For read-only access, the default user name is “user” and the default password is “peribit.”

5. After you enable read-only access. you can change the default password for read-only access. To do so type:

readonly-password

and then press Enter. Type the current password and press Enter. Next, type the new password and press Enter.

6. To disable Web console access to the Sequence Reducer, type:

set web off

If you disable Web access, one click access to the device via CMS is also disabled. If you use Central Management System (CMS) to manage devices in your Peribit community, you can disable the Sequence Reducer’s Web console, but enable the Sequence Reducer to be managed via the CMS Web console. To do so, type:

set web cmsonly

7. You can restrict operator access to the Sequence Reducer by creating an Include and/or Exclude list of individual IP addresses (or of IP addresses plus subnet mask) so that access to the device is restricted based on these values. By default, the Include and Exclude lists are empty. If you enter an address in the include list, only administrator-level operators may log in to this device from the address listed. If you enter an address (or address plus subnet) in the Exclude list, access to device from the address (or address plus subnet) listed is denied.To add a client IP address that is allowed access to this device, type:

add allow-ip-address <ip-address>

or:

add allow-ip-address <ip-address/subnet mask>

To add multiple IP addresses, space-separate each address in the list.

To add a client IP address that is not allowed access to this device, type:

add deny-ip-address <ip-address>

or:

add deny-ip-address <ip-address/subnet mask>



8. To remove a client IP address from the list of users allowed access to the device, type:

remove allow-ip-address <ip-address>

or:

remove allow-ip-address <ip-address/mask in dotted-decimal notation>

To remove a client IP address from the list of users not allowed access to the device, type:

remove deny-ip-address <ip-address>

or:

remove allow-ip-address <ip-address/mask in dotted-decimal notation>

Configure SNMP CommandPeribit Sequence Reducers support SNMP, and use the Management Information Base(MIB) II public objects, and Peribit’s Private MIB objects. Peribit’s Private MIB allows you to use your Network Management System (NMS) to review statistics on the benefits of the Sequence Reducer to your network. In addition, enabling SNMP Traps on a a Peribit Sequence Reducer allows the device to send traps and alarms to the NMS as they occur.

1. Type the following command to enter the configure snmp mode:

config snmp

The command prompt now includes: (config-snmp).

2. To turn SNMP on, type:

set snmp on

3. To enter a read community string, type:

set read-community <string>

If the string value has spaces, enter it with double quotes (e.g., “read string”).

4. To enter a write community string, type:

set write-community <string>

If the string value has spaces, enter it with double quotes (e.g., “write string”).

5. To enable SNMP Traps, type:

set trap on

6. To enter a trap community string, type:

set trap-community <string>

If the string value has spaces, enter it with double quotes (e.g., “trap string”).

7. To enter a trap destination, type:

set trap-destination <ip address of destination device>

If you have more than one trap destination, space-separate the list of IP addresses.

NOTE: For a complete list and description of Traps generated by the Sequence Reducer, refer to Appendix C, “SNMP Traps and Syslog Messages” on page 177.



Configure SNTP CommandPeribit Sequence Reducers support the Network Time Protocol (NTP). An SNTP server provides a common time base for devices within your network. If your network utilizes SNTP, you can enable this feature for a Sequence Reducer through the CLI.

If your network does not use an SNTP server, you should manually configure the time settings for each Sequence Reducer within your Peribit community. For more information, refer to “Configure Clock Command” on page 138.

NOTE: Before enabling SNTP, you should verify that the time zone settings for the Sequence Reducer are correct. You can use the “show clock” command to view the time zone settings. For information on changing the time zone settings, refer to “Configure Clock Command” on page 138.

To enable SNTP on this device, perform the following steps:

1. At the CLI command prompt, type the following:

show sntp

The SNTP settings, including status, server IP address, and update interval, are displayed.

2. Type the following command to enter the configure SNTP mode:

config sntp

3. The command prompt now includes: (config-sntp).

4. To set the SNTP server address, type:

set ip-address <ip address of the SNTP server>

5. To set the update, type:

set interval <integer in minutes>

For example, set interval 1440 updates the time every 24 hours.

6. To add a secondary SNTP server if the primary should fail, type:

set sec-ip-address <ip address of the secondary SNTP server>

7. To enable SNTP, type:

set sntp on



Configure Syslog CommandPeribit Sequence Reducers can send Syslog messages to one or more Syslog servers. A Syslog server allows you to centrally log and analyze configuration events and system error messages such as interface status, security alerts, and environmental conditions.

1. Type the following command to enter the configure syslog mode:

config syslog

The command prompt now includes: (config-syslog).

2. To enable Syslog, type:

set syslog on

3. To enter the IP address of syslog server(s), type

set destination <IP address of syslog server(s)>

For more than one syslog server, space-separate the IP addresses. Up to five syslog servers can be added.

4. To set the severity of messages uploaded to Syslog server, type:

set severity C E and/or I

Do not include spaces between the letters.

The letters C E and I equate to:

– Critical. Critical error messages about software or hardware malfunctions.

– Error. Error message, such as License expired.

– Information. Informational messages, such as reload requests and low-process stack messages.

NOTE: For a description of Syslog messages generated by the Sequence Reducer, refer to Appendix C, “SNMP Traps and Syslog Messages” on page 177.



Configure Top Talker CommandThe Top Talker command enables you to collect data on the most active hosts and their data communication levels across the WAN. When you start a collection session, the Sequence Reducer listens and stores host, port, protocol, byte size, and packet size information on a per flow basis.

NOTE: A flow constitutes data sent and/or received from a single source IP address and port number, to a single destination IP address and port number.

You can collect top traffic statistics on an hourly basis (up to 24 hours), or by manually starting and stopping the process. During the collection, the Top Talkers utility maintains the 65,000 most active flows.

You can filter Top Traffic statistics to specific network segments by entering a subnet mask. In addition, you can enable or disable the collection of Source and/or Destination port numbers for a broader view of top traffic. If the Source or Destination port number is 1024 or below, the Sequence Reducer automatically resolves the port number with the IANA description.

1. Type the following to enter the config Top Talker mode:

config top-talker

2. To specify a data collection period (from 1 to 24 hours), type:

data-collect-period <number from 1-24)

3. By default, the Top Traffic utility collects Source and Destination port numbers, which generates a new flow for each unique Source IP address and port number and Destination IP address and port number. For a broader view of the most active hosts, you can disable the collection of Source and/or Destination port numbers.

filter set source-port <on:off>

and/or

filter set destination-port <on:off>

4. To filter data collection to a specific subnet, type:

filter set subnet-mask <subnet mask>

5. To start the data collection process, type:

capture on

When the specified data collection period has ended, or if you turn off the capture during the data collection process, the results are shown in the Top Traffic page of the SRS Web console.

6. After viewing the Top Traffic results, you can export the statistics file to CSV format and then delete statistics from the Sequence Reducer’s memory. To do so, type:

export <ftp://<ip address>[:<user>:<pass>]/<path>

or

export <tftp://<ip address>/<path>

and then:

delete


Other CLI Commands

Other CLI CommandsThis section describes other Sequence Reducer configuration commands available through the CLI, and covers the following topics:

� “Viewing System and Access Control Log Files” in the next section.

� “Setting the Device to the Factory Default Configuration” on page 159.

� “Using the Ping Utility” on page 160.

� “Using the Traceroute Utility” on page 160.

Viewing System and Access Control Log FilesSystem and Access Control log files for the running configuration can be displayed in the CLI. The SR-50 stores 6 System log files, and 6 Access Control log files. Each system log file cannot exceed 1Mb in size. Each Access Control log file cannot exceed 20Kb in size. Depending on the amount of information that collects in the log files, each log file may be used for a single day, or today and the previous five days.

To view the system and access control log file, follow these steps:

1. To view the system log file, type:

show log [n]

Where [n] is the number of the log file. This parameter is optional. For example,

show log 2

displays the third of six log files.

2. To view the access control log file, type:

show access-log [n]

Where [n] is the number of the log file. This parameter is optional. For example,

show access-log 3

displays the fourth of six log files.

Setting the Device to the Factory Default ConfigurationYou can restore the Sequence Reducer to the factory default configuration through the CLI. When you restore the device to the factory default configuration, all configuration settings and reduction statistics will be reset, including the network address information for the device.

NOTE: Before you set the device to the factory default configuration, you should save your configuration file to an FTP or TFTP server. Refer to “Save Config Command” on page 129. for more information.

To set the device to the factory default configuration, follow these steps:

1. At a Peribit command prompt, type.

load factory-default

2. Type “y” to confirm setting the device to the factory default configuration.


Where to Go Next

Using the Ping UtilityYou can use the Ping utility to verify connections to other Peribit devices, or other devices within your network.

To ping a Peribit device or other network device, type:

ping <ip address>

The results are displayed in the CLI.

Using the Traceroute UtilityYou can use the trace route utility to determine the number of router hops and the route taken from the current Peribit device to another device within your network. This tool can help you determine the point in your network that is causing a connection failure.

To run a trace route to a Peribit device or other network device, type:

traceroute <ip address>

The trace route results are displayed in the CLI.

Where to Go NextAfter using CLI to setup and configure the Sequence Reducer, refer to the following appen-dices:

� Appendix C, “SNMP Traps and Syslog Messages”

� Appendix D, “Understanding Exported Data Results”


Where to Go Next


Appendix A Installing Multi-Node Configuration

This appendix describes how to install the Peribit SR-50 and SR-55 Sequence Reducers in multi-node configuration. It covers the following topics:

� “About Multi-Node Configuration” in the next section.

� “Before You Begin” on this page.

� “Installing Two Sequence Reducers in Multi-Node Configuration” on page 163.

NOTE: Multi-node configuration is not supported with SR-20 Sequence Reducers.

About Multi-Node ConfigurationPeribit Sequence Reducers have the ability to work in conjunction with one another to provide greater reduction of data on higher-speed or heavily congested networks. This type of configu-ration is called multi-node configuration. (Figure 1-1).

Figure 1-1 Installing Two Sequence Reducers in Multi-Node Configuration

In multi-node configuration, one Sequence Reducer is designated as the Master, and another Sequence Reducer is designated as the Last. The Master connects its Local interface to the switch (or other aggregating device) and its Remote interface to the LAN interface of the other (Last) Sequence Reducer. The Last Sequence Reducer connects its WAN interface to the edge router.

When multi-node is enabled, you cannot enable Bandwidth Management on either device in the multi-node configuration.

Before You BeginBefore you install and configure a Peribit Sequence Reducer into your network, note the following guidelines:

� Ensure sufficient power is available for the Sequence Reducer. Supply circuits should be protected by a maximum 20A circuit breaker.

� Ensure there is ample space and lighting for the Sequence Reducer. You need enough space to insert 2 CAT-5 UTP Ethernet data cables and 1 power cord into the back of the chassis, and the proper lighting to see LED’s on the Ethernet data ports that indicate link and speed.

� Ensure a minimum of six inches clearance in the front and back of the chassis. Since the Sequence Reducer pulls air for cooling from the front panel, do not install the Sequence Reducer behind another device where warm or hot air may be circulated. There are no ventilation requirements above or below the Sequence Reducer.

Appendix A Installing Multi-Node Configuration � 161

Before You Begin

� Do not stack paper materials or other heavy equipment units on top of the Sequence Reducer.

� For rack-mount installations, identify adequate rack space for a 2U form factor device.

� Reserve an IP address and identify the default gateway for the Sequence Reducer. The default gateway is the next hop on the Remote side of the Peribit Sequence Reducer.

� Obtain a license key for the Sequence Reducer. The license key determines the throughput levels for the device, and properly registers the product with Peribit Networks. To obtain a permanent license key, go to http://license.peribit.com.

� Identify Peribit Sequence Reducer system administrators. Make a note of workstation IP addresses (if static), and/or subnet(s) from which administrators will access the Peribit devices.

� If your network architecture restricts specific ports along the communication path between Peribit devices, ensure ports 3577 and 3578 are open for TCP and UDP data transmission.

� Identify a 10/100 (SR-50) or 10/100/1000 (SR-55) Ethernet LAN port for the Sequence Reducer that transmits data to your WAN router. This port is typically from an aggregation switch, or from another LAN device connected directly to the router. Direct fiber inter-faces are currently not supported. If your LAN transmits data to your WAN router via fiber links, you will need to use a fiber optic media converter to convert to an RJ-45 interface.

� Identify the TX/RX polarity (MDI/MDI-X) of the device interfaces to which the Sequence Reducer will connect its Ethernet interfaces. This information will be useful for deter-mining the kind of cable (straight-through or crossover) that will be needed for wiring the Sequence Reducer.

� Identify all application servers that exist in any of the reduction subnets defined on the Sequence Reducer and note the TCP/UDP port number on which the application listens for clients or peer servers. Also, identify which of those applications may be encrypting or compressing their communications with clients and/or peer servers.

� Log in to the router that will be on the WAN side of the Sequence Reducer and make a note of the interface settings (i.e., speed and duplex mode).

� If your network uses OSPF with password authentication for OSPF peers/hosts, note the password used, as well as the OSPF Area ID into which the Sequence Reducer will be introduced.

� If your network uses OSPF with MD5 key authentication for OSPF peers/hosts, note the key ID and key used, as well as the OSPF Area ID into which the Sequence Reducer will be introduced.

� If your network uses RIP with password authentication for RIP peers/hosts, note the password used.



Installing Two Sequence Reducers in Multi-Node Configuration

Installing Two Sequence Reducers in Multi-Node ConfigurationThis section describes how to install two Sequence Reducers in Multi-Node configuration and covers the following topics:

� “Hardware Installation for Multi-Node Configuration” in the next section.

� “Configuring Network Settings for Multi-Node Configuration” in the next section.

� “Running Quick Setup for Multi-Node Configuration” on page 168.

� “Displaying the Status of Multi-Node Configuration” on page 171.

Hardware Installation for Multi-Node ConfigurationTo install two Sequence Reducers in multi-node configuration follow these steps:

1. Set up the Master and Last Sequence Reducer chassis.

– If you plan to install the Sequence Reducers in a 19-inch device rack, install the supplied brackets (front panel forward) to the sides of the devices with the countersunk screws provided in the kit. Next, install the chassis into your network device rack (Figure 1-2).

Figure 1-2 Installing the Sequence Reducer into a 19-inch Device Rack

– If you plan to install the Sequence Reducers on a desktop, place each chassis upside down on a smooth, flat surface. Next, install the supplied rubber feet in the marked areas on the bottom of the chassis. Finally, place the chassis on a desktop or on top of another device so that all four rubber feet are securely mounted to the flat surface.

2. Connect the network cables.

IMPORTANT: Do not connect power to either Sequence Reducer until Step 4.

The SR-50 is configured with two 10/100 Ethernet interfaces. The SR-55 is configured with two 10/100/1000 Ethernet interfaces. These RJ-45 ports are labeled REMOTE and LOCAL on the back of the chassis.



Depending on the type of cable (straight-through or crossover) that currently connects a switch (or other aggregating device) to the edge router in your network, perform one of the following:

– If the connection from the router to the LAN device uses a straight-through cable, use a straight-through cable to connect the local device (within the Subnet) to the LOCAL port on the Master Sequence Reducer. Then use a straight-through cable to connect the Remote port of the Master Sequence Reducer to the Local port of the Last Sequence Reducer. Finally, use a straight-through cable to connect the router to the REMOTE port of the Last Sequence Reducer.

– If the connection from the router to the LAN device uses a crossover cable, use a crossover cable to connect the LAN device (within the Subnet) to the LOCAL port on the Master Sequence Reducer. Then use a straight-through cable to connect the Remote port of the Master Sequence Reducer to the Local port of the Last Sequence Reducer. Finally, use a straight-through cable to connect the router to the REMOTE port of the Last Sequence Reducer.


Using a straight-through ca-ble, connect the WAN port ofthe Last Sequence Reducerto the router.

Using a straight-through ca-ble, connect the WAN port ofthe Master Sequence Re-ducer to the Local port of theLast Sequence Reducer.

Using a straight-through orcross over cable, connectthe Local port of the MasterSequence Reducer to theswitch (or other aggregatingdevice).



3. With the power off for both of the Sequence Reducers, verify connectivity between devices on both sides of the Master and Last Sequence Reducers.

In the event of a power loss, the Sequence Reducers maintain a hard-wire pass through connectivity. You must verify the connectivity between the devices to ensure the correct network cables are used.



4. After verifying connectivity between devices on both sides of the Master and Last Sequence Reducers, connect the power cable to the back of the Master Sequence Reducer chassis.

Plug in the power cord to the back of the Master Sequence Reducer chassis, and then connect the power cord to the local power source (Figure 1-4).



5. With the Master Sequence Reducer’s power on and the Last Sequence Reducers power off, verify connectivity between devices on both sides of the Master and Last Sequence Reducers again.

6. Connect the power cable to the back of the Last Sequence Reducer chassis.

Plug in the power cord to the back of the Last Sequence Reducer chassis, and then connect the power cord to the local power source.

7. With both the Master and Last Sequence Reducer’s power on, verify connectivity between devices on both sides of the Master and Last Sequence Reducers again.

If the connection test fails, toggle the MDI/MDI-X button (SR-50 only) for the port that does not have the LINK LED illuminated.



Configuring Network Settings for Multi-Node ConfigurationAfter you have installed and powered on the Master and Last Sequence Reducers, the next step is to configure network settings for each device.

The Sequence Reducer’s front-panel keypad and LCD enable you to program and view network address information assigned to the device. Figure 1-5 describes the front panel keypad and LCD of the Sequence Reducer.

Figure 1-5 Sequence Reducer Front Panel Keypad and LCD

After you power on the Sequence Reducers, the “Peribit Networks” message appears in the front panel LCD.

To configure the network settings for the Sequence Reducers, follow these steps:

1. On the Master Sequence Reducer, press the Enter button (center button) to initiate the programming.

2. At the “Select Setup Network_” prompt in the LCD, press Enter.

You are prompted to enter network address information for the device.

3. Use the front-panel keypad to assign an IP address, the subnet mask, and the default gateway for the Sequence Reducer as follows:

– Use the up and down arrow buttons to display a number (between 0-9).

– Use the left and right arrow buttons to move to the previous or next character.

– Use the center button (Enter) to make a selection.

NOTE: The default gateway is typically the next hop on the Remote side of the Sequence Reducer. There can be an exception if you plan to designate a Sequence Reducer as a Default Assembler. After installing the Sequence Reducer, review “Setting Default Assemblers” on page 74 for more information.

Front Panel LCD

LEDs:- Power- Fault- Pass through

Key pad



4. By default, the Sequence Reducer’s Ethernet interfaces are set to auto-negotiate the speed and duplex mode. However, if the router on the WAN side of the Sequence Reducer has the speed and duplex mode manually set, it is strongly recommended that you configure the Local and/or Remote interface settings. To manually configure the Sequence Reducer’s interfaces from the front panel, follow these steps:

a. Use the down arrow to show the Config Local IF (Interface) Settings menu option.

b. Press the center (Enter) button to select this option.

c. Use the down arrow to show the desired interface setting (e.g., 10/Half, 10/Full, 100/Half, 100/Full). If you are installing a Peribit SR-55, you can also select 1000/Full.

d. Use the down arrow to show the Config Remote IF (Interface) Settings menu option.

e. Press the center (Enter) button to select this option.

f. Use the down arrow to show the desired interface setting (e.g., 10/Half, 10/Full, 100/Half, 100/Full). If you are installing a Peribit SR-55, you can also select (1000/Full).

NOTE: After installation, you can change the Sequence Reducer’s interface settings from the Web console or CLI if needed.

5. After entering network address and interface information, choose to Commit and Save the device configuration.

6. Check the LEDs next to the Ethernet ports (Figure 1-6).

Figure 1-6 Checking the Link LEDs


– If the LINK LEDs do not light, toggle the MDI/MDI-X button(s) (SR-50 only, the SR-55 does not have MDI/MDI-X buttons).

– The other green LEDs for the REMOTE and LOCAL ports indicate 100 Mbps (SR-50) or 100/1000 Mbps (SR-55) connectivity.

7. Repeat these steps for the Last Sequence Reducer.



Running Quick Setup for Multi-Node ConfigurationAfter powering on the Peribit Sequence Reduces and configuring network settings, the next step is to go to a workstation within the network, and log in to the Master and Last Sequence Reducer via a the terminal emulation program (e.g., TeraTerm, HyperTerminal) to run the Quick Setup program.

NOTE: You can also log in to the Sequence Reducer via the console port on the back of the device and use a terminal emulation program.

1. Start the terminal emulation program and enter the IP address of the Master Sequence Reducer. At the User name and Password prompts, type admin for the user name and peribit for the password.

You are now prompted to enter the IP address for the Peribit community registration server.

Within a Peribit community, at least one Sequence Reducer must be designated as a regis-tration server. While all Sequence Reducers are capable of transferring data to one another, the registration server stores information about each device within a Peribit community. All Sequence Reducers within the Peribit community contact the registration server for information on the other devices.

In a multi-node configuration, it is recommended that neither the Master nor the Last Sequence Reducer be designated as the registration server.

2. Type the IP address of the current (or future) Sequence Reducer registration server and press Enter. Next, type the registration server password and press Enter.

NOTE: If you have not yet configured the Sequence Reducer registration server, enter the IP address reserved for the registration server and the default password, “peribit”. After setting up the registration server, you should change the default password for security purposes.

3. You are now prompted to change the default password for the administrator user. Note that the default password is “peribit”. For security purposes, you should change this password to restrict unauthorized users from configuring this device.

At the prompt, enter a new administrator password, and then press Enter.

4. Enable multi-node configuration for the Master Sequence Reducer:

a. At the Peribit command prompt, type:

show multi-node

The multi-node parameters are displayed.

---------------------------------------------------------------10.10.25.240# show multi-node

multi-node: off

Master IP: 0.0.0.0--------------------------------------------------------------

b. To configure multi-node parameters, type:

config multi-node

The command prompt now includes (config-multi-node).



c. Configure this Sequence Reducer as the Master by typing:

set master-ip <ip address of the Master Sequence Reducer>

d. Enable multi-node configuration on this Sequence Reducer by typing:

set multi-node on

Multi-node configuration for the Master Sequence Reducer is enabled.

The required parameters are now configured. Type exit to exit the multi-node configu-ration.

5. You should now commit and save the configuration. To commit and save the configuration file with the default name and location, type:

commit

and then type:

save-config





6. Type “y” to confirm saving the running configuration as the startup configuration.

7. Type exit to close the terminal emulation session for the Master Sequence Reducer.

With the Master Sequence Reducer properly set up for multi-node configuration, the next step is to log in to the Last Sequence Reducer via a terminal emulation program (e.g., TeraTerm, HyperTerminal), and set up multi-node parameters.

1. Start the terminal emulation program and enter the IP address of the Last Sequence Reducer. At the User name and Password prompts, type admin for the user name and peribit for the password.

You are now prompted to enter the IP address for the Peribit community registration server.

2. Type the IP address of the current (or future) Sequence Reducer registration server and press Enter. Next, type the registration server password and press Enter.

NOTE: If you have not yet configured the Sequence Reducer registration server, enter the IP address reserved for the registration server and the default password, “peribit”. After setting up the registration server, you should change the default password for security purposes.

3. You are now prompted to change the default password for the administrator user. Note that the default password is “peribit”. For security purposes, you should change this password to restrict unauthorized users from configuring this device.

At the prompt, enter a new administrator password, and then press Enter.



4. Enable multi-node configuration for the Last Sequence Reducer:

a. At the Peribit command prompt, type:

show multi-node

The multi-node parameters are displayed.

---------------------------------------------------------------10.10.25.240# show multi-node

multi-node: off

Master IP: 0.0.0.0

--------------------------------------------------------------

b. To configure multi-node parameters, type:

config multi-node

The command prompt now includes (config-multi-node).

c. Configure this Sequence Reducer as the Last in the multi-node configuration by speci-fying the Master Sequence Reducer’s IP address. At the command prompt, type:

set master-ip <ip address of the Master Sequence Reducer>

d. Enable multi-node on this Sequence Reducer by typing:

set multi-node on

Multi-node configuration for the Last Sequence Reducer is enabled.

The required parameters are now configured. Type exit to exit the multi-node configu-ration.

5. You should now commit and save the configuration. To commit and save the configuration file with the default name and location, type:

commit

and then type:

save-config





6. Type “y” to confirm saving the running configuration as the startup configuration.

The Sequence Reducers are now configured for multi-node operation.

IMPORTANT: Both the Master and the Last Sequence Reducer must have the exact same policy configurations.

7. Type exit to end the terminal emulation session for the Last Sequence Reducer



Displaying the Status of Multi-Node ConfigurationAfter you have set up the Sequence Reducers in multi-node configuration, you can view the status of the multi-node configuration through the Master Sequence Reducer’s CLI.

1. Log in to the Master Sequence Reducer via a the terminal emulation program (e.g., TeraTerm, HyperTerminal).

2. At the CLI command prompt, type show multi-node-status.

A detailed status report for the multi-node configuration is displayed

-------------------------------------------Multi-node Status:Number of nodes: 2IP address of last node: 10.10.25.240IP address of master node: 10.10.26.240Overall instant rate: 36380Average rate overall: 72788Average rate per node: 36394Previous pass through: 0Current pass through: 0Master node active status: onMaster node average rate: 34344Master node instant rate: 33662Master node pass through: 0Last node active status: onLast node average rate: 38444Last node instant rate: 39646Last node pass through: 0Number of flows processed in master node: 104Number of flows processed in last node: 152Total number of flows: 256----------------------------------------------

Figure 1-7 Example of a multi-node configuration status

The multi-node status report shows the configuration of the multi-node devices, the average rate (in packets per second), the instant rate (in packets per second) and the number of flows processed by each node.

3. Type exit to end the terminal emulation session for the Master Sequence Reducer, or use other commands to configure policies for the Sequence Reducer.

IMPORTANT: Both the Master and the Last Sequence Reducer must have the exact same policy configurations.

After installing and configuring the Sequence Reducers for multi-node configuration, you should enter permanent license keys for the Master and Last Sequence Reducers. The license key determines the throughput levels for the device, and properly registers the product with Peribit Networks. For information on entering a license key for the Sequence Reducer, refer to “Configure License Command” on page 142.

In addition, you should review the reduction subnet settings. By default the local subnet on which the Sequence Reducer is installed is not advertised to the other Sequence Reducers in the Peribit community. As a result, data destined for this subnet is not reduced even if there are Sequence Reducers in the path. For more information on configuring reduction subnets, refer to “Configuring Reduction Subnets” on page 129.


Appendix B Sequence Reducer Specifications

This appendix lists the technical specifications of the Peribit Sequence Reducers and covers the following topics:

� “SR-20 Specifications” in the next section.

� “SR-50 & SR-55 Specifications” on page 175.

SR-20 Specifications

Table 2-1 SR-20 Specifications

Product Features SR-20

Protocols supported Any IP-based traffic

Operator-defined pass-through filter By application (port number) or address. Passes native (non-reduced) data at wire speed

System

Network interfaces 2 auto-sensing 10/100BaseT Ethernet ports (RJ-45)

Operator interfaces Local serial port, remote CLI, and web-based GUI

On-board storage Flash - no spinning media

Performance

Effective throughput gains Up to 10 times

Throughput Up to 2 Mbps — Supports WAN speeds ranging from 128K to E1

Quality of Service (QoS)

Honor and preserve TOS/DiffServ priority bits

Retain settings and optionally prioritize per TOS/Diffserv values

Set QoS priority bits Up to 8 priority queues supported, configurable by operator

Bandwidth allocation Percentage-based bandwidth allocation for up to 15 configurable classes

Management & Monitoring

SNMP SNMPv2c, MIB II, and Peribit Enterprise MIB

Statistical monitoring Real-time and Historical

Statistics export CSV format

Syslog support Yes

Power AC power 110-230v, 47-63Hz, 150w Max or 510 BTU/hr.

Upgrades

Network upgradable Via FTP and TFTP

Enclosure – Rack Mountable 1 RU

Appendix B Sequence Reducer Specifications � 173

SR-20 Specifications

Fault-tolerant Non-Stop OperationAuto switch-to-wire on any power, hardware, or software failure condition

High Availability Transparently supports HSRP and VRRP

Security

Controlled access lists Yes

SSH access For CLI access — only secured access allowed remotely

HTTPS (SSL) For Web-based access — only secured access allowed via the Web

Operating Environment

Temperature C to C

Humidity Less than 90% relative humidity, non-condensing

Dimensions and Weight

Height 45 mm (1.8 in.): 1rack unit

Width 435 mm (17.1 in.)

Depth 363 mm (14.3 in.)

Weight 8.6 kg (19 lb.)

Regulations

Emissions FCC Class A, EN 55022 Class A, EN 55024 Immunity

Safety CSA C22.2 No. 950 M95, UL 1950 3 Edition, EN 60950

Table 2-1 SR-20 Specifications (Continued)

5° 40°


SR-50 & SR-55 Specifications


Table 2-2 SR-50 & SR-55 Specifications

Product Features SR-50 & SR-55

Protocols supported Any IP-based traffic

Operator-defined pass-through filter Yes, by application or address. Passes native (non-reduced) data at wire speed.

System

Network interfaces SR-50: 2 auto-sensing 10/100BaseT Ethernet portsSR-55: 2 auto-sensing 10/100/1000BaseT Ethernet ports

Operator interfaces Front keypad and LCD display, local serial, SSH, and SSL Web-based GUI

On-board Flash storage Yes, no spinning media

Performance

Effective throughput gains Up to 10 times

Throughput Up to 45 Mbps — Supports WAN speeds ranging from NxDSO to T3

Quality of Service (QoS)

Honor and preserve TOS/DiffServ priority bits Yes, retain settings and optionally prioritize per TOS/DiffServ values

Set QoS priority bits Yes (optional), up to 8 priority queues supported, config-urable by operator

Management & Monitoring

SNMP Yes, SNMPv2c, MIB II and Peribit Enterprise MIB

Statistical monitoring Yes, Real-time and Historical

Statistics export Yes, CSV format

Syslog Yes

Power AC power 110-230v, 47-63Hz, 150w Max or 510 BTU/hr.

Upgrades

Network upgradable Yes, via FTP or TFTP

Enclosure – Rack Mountable Yes, 2 RU

Fault Tolerant, Non-Stop OperationYes, auto switch-to-wire on any power, hardware, or software failure condition

High Availability Yes, transparently supports HSRP and VRRP configurations

Security

Password protected access Yes

Controlled access lists Yes

SSH support Yes

HTTPS (SSL) Yes

Appendix B Sequence Reducer Specifications � 175


Operating Environment

Temperature C to C

Humidity Less than 90% relative humidity, non-condensing

Dimensions and Weight

Height 88 mm (3.44 in.): 2 rack units

Width 435 mm (17.1 in.)

Depth 425 mm (16.7 in.)

Weight 9.2 kg (20.2 lb.)

Regulations

Emissions FCC Class A, EN 55022 Class A, EN 55024 Immunity

Safety CSA C22.2 No. 950 M95, UL 1950 3 Edition, EN 60950

Table 2-2 SR-50 & SR-55 Specifications (Continued)

5° 40°


Appendix C SNMP Traps and Syslog Messages

This appendix describes the SNMP Traps generated by the Sequence Reducer, and describes the messages that are sent by the Sequence Reducer to a Syslog server (if configured).

SNMP TrapsTable C-1 lists the generic traps supported by Peribit SRS software.

Table C-2 lists the enterprise specific traps supported by Peribit SRS software.

Table C-1 Generic SNMP Traps

Trap Description

Cold Start The Sequence Reducer was restarted.

LAN Link Up Indicates the Sequence Reducer’s Local interface link has been established.

LAN Link Down Indicates the Sequence Reducer’s Local interface link has failed.Verify that the link state change was not due to a network error.

WAN Link Up Indicates the Sequence Reducer’s Remote interface link has been established.

WAN Link Down Indicates the Sequence Reducer’s Remote interface link has failed.Verify that the link state change was not due to a network error.

Table C-2 Enterprise-specific SNMP Traps

Event Description/Recommended Action

pnCommonEventInFailSafeMode Indicates that the Sequence Reducer was restarted in Safe Mode. Safe Mode operation keeps the Sequence Reducer powered on, but all traffic is passed through without reduction.

pnCommonEventLicenseExpired Software license has expired. Data reduction/assembly has been disabled. Please contact Peribit Networks at+1-866-737-4248 (866-PERIBIT) to obtain a permanent license

pnCommonEventThruputLimitExceeded Exceeded licensed throughput. Please contact Peribit Networks at+1-866-737-4248 (866-PERIBIT) to obtain a new license with speed configured to a higher value.

pnCommonEventLicenseWillExpire Software license will expire soon. If you are using an evaluation license, contact Peribit Networks at +1-866-737-4248 (866-PERIBIT) to obtain a permanent license.

pnSrEventRipAuthFailure Indicates that a RIP packet received from a device could not be authenticated. Check the authentication information on the Sequence Reducer and the device.

Appendix C SNMP Traps and Syslog Messages � 177

SNMP Traps

178

pnCommonEventLoginFailure Verify the user is authorized to administer the Sequence Reducer. Any unauthorized access should be treated as a serious problem.

pnCommonEventFaultTolerantPassThrough An anomalous health condition was detected. It would have subsequently triggered hardware pass through mode followed by a reboot.

pnSrEventReducerBufferOverflow The Sequence Reducer’s reduction input buffer is approaching full capacity.

pnSrEventReducerSessionClosed The Sequence Reducer’s reducer session to the device described in pnCommonEventDescr was terminated.

pnSrEventAssemblerSessionClosed The Sequence Reducer’s assembler session to the device described in pnCommonEventDescr was terminated.

pnSrEventReducerSessionOpened The Sequence Reducer’s reducer session to the device described in pnCommonEventDescr was opened.

pnSrEventAssemblerSessionOpened The Sequence Reducer’s assembler session to the device described in pnCommonEventDescr was opened.

PnSrEventPrimaryRegServerUnreachable The primary registration server is currently unreachable.

PnEvent SecondaryRegServerUnreachable The secondary registration server is currently unreachable.

pnCommonEventFanFailure A cooling fan inside the device has failed. The 'pnCommonEventDescr' object has the name of the fan that failed.

pnCommonEventFanSpeedVariation The speed of a cooling fan inside the device is either too low or too high. The 'pnCommonEventDescr' object has the name of the fan that has the problem.

pnCommonEventFanOk A cooling fan inside the device that had previously failed or whose speed variation was high is now working properly. The 'pnCommonEventDescr' object has the name of the fan that has recovered.

pnSrEventMultiNodeMasterUp The system designated as the 'master' of a multi-node configuration came up. This notification is generated by thesystem that's designated as the 'master' of the multi-node.

Note that the corresponding Down notification is generated by the designated 'master-backup' of the same multi-node.

pnSrEventMultiNodeMasterDown The system designated as the 'master' of a multi-node configuration is currently down. This notification is generated by the system that's designated as the 'master-backup' of the same multi-node.

Note that the corresponding Up notification is generated by the designated 'master' of the same multi-node.

Table C-2 Enterprise-specific SNMP Traps (Continued)


� Sequence Reducer Operator’s Guide

Syslog Messages

Syslog MessagesTable C-3 lists the Syslog messages generated by the Sequence Reducer with SRS software.

pnSrEventSuperNodeLastUp The system designated as the 'last-node' of a multi-nodecame up. This notification is generated by the system that's designated as the 'last-node' of the multi-node.

Note that the corresponding Down notification is generated by the designated 'master' of the same multi-node.

pnSrEventSuperNodeLastDown The system designated as the 'last-node' of a multi-nodeis currently down. This notification is generated by thesystem that's designated as the 'master' of thesame multi-node.

Note that the corresponding Up notification is generated by the designated 'last-node' of the same multi-node.

pnCommonEventInterfaceSpeedMismatch A mismatch is detected between the local and remote interface settings. This can happen due to a mismatch in the local and remote interface speed or mode.

pnCommonEventInterfaceSpeedOk A mismatch previously detected between the local and remote interface settings is now resolved. The local and remote interface speed and mode are matched.

Table C-2 Enterprise-specific SNMP Traps (Continued)


Table C-3 Syslog Messages

Message ID 101: PN_LIC_LICENSE_ID

Message License will expire on <date>

Message Type Informational

Recommended ActionOnce the license expires, please contact Peribit Networks at +1-866-737-4248(866-PERIBIT) to obtain a new license.

Message ID 102: PN_LIC_SPEED_THRESHOLD_EXPIRED_ID

Message Exceeded licensed throughput

Message Type Error

Recommended ActionContact Peribit Networks at +1-866-737-4248 (866-PERIBIT) to obtain a new license with speed configured to a higher value


Syslog Messages

180

Message ID 103: PN_LIC_LICENSE_EXPIRED_ID

Message License expired, Data reduction/assembly has been disabled

Message Type Error

Recommended Action Contact Peribit Networks at 866 737-4248 (866-PERIBIT) to obtain a new license

Message ID 602: PN_ROUTING_RIP_AUTH_FAIL

Message“RIP Authentication failed from <IPAddr>”, where <IPAddr> is the ip address of the machine for which we could not authenticate the packet


Recommended ActionThis message indicates that a packet received from <IPAddr> could not be authenticated. Check the authentication info on the Peribit device and the <IPAddr> machine.

Message ID 902: PN_REDUCER_PASSTHRU_INFO_ID

Message SR: Connection state set to pass through for ip=<ip address>.

Message Type Informational.

Recommended Action Heartbeats are missed for device <ip address>.

Message ID 904: PN_REDUCER_OVERFLOW_INFO_IND

Message SR: Reducer buffer is reaching full capacity


Recommended ActionIf the situation persists, reduce the traffic entering the reducer. Appropriate traffic filter may also be used to reduce the amount of packets to be processed by reducer.

Message ID 903: PN_REDUCER_END_SESSION_INFO_ID

Message SR: Session closed - ip=<ip address> sesid=<id>.


Recommended ActionReducer session to device <ip address> has ended. If this is not user triggered action such as policy change or reboot, then check network connectivity to the device. The log file on the system provides additional information.

Message ID 1002: PN_ASSEMBLER_END_SESSION_INFO_ID

Message SA: Session closed - ip=<ip address> sesid=<id>.


Recommended ActionAssembler session to device <ip address> has ended. If this is not user triggered action such as policy change or reboot, then check network connectivity to the device. The log file on the system provides additional information

Table C-3 Syslog Messages (Continued)


Syslog Messages

Message ID 1102: PN_REGISTER_PRIMARY_SELFREG_ERROR_ID

Message REG: Self registration failed. IP=<ip address>.

Message Type Error

Recommended Action Check the network connectivity to primary registration server <ip address>.

Message ID 1103: PN_REGISTER_SEC_SELFREG_ERROR_ID

Message REG: Self registration failed for secondary registration server. IP=<ip address>.

Message Type Error

Recommended Action Check the network connectivity to secondary registration server <ip address>.

Message ID 1104: PN_REGISTER_PRIMARY_SELFREG_INFO_ID

Message REG: Self registration completed. IP=<ip address>.


Recommended Action None

Message ID 1105: PN_REGISTER_SEC_SELFREG_INFO_ID

Message REG: Self registration completed for secondary registration server. IP=<ip address>.



Message ID 1106: PN_REGISTER_PASSWORD_MISMATCH_ERROR_ID

Message REG: Registration failed. Password mismatch. IP=<ip address>

Message Type Error

Recommended ActionThe device <ip address> does not have the correct registration server password. It can be corrected from CLI or Web UI.

Message ID 1202: PN_BRIDGE_GENERIC_HARDENING_ERROR_ID

Message Health monitor detected anomalous system condition

Message Type Error

Recommended Action

The health monitoring system detected an unexpected error condition. The health monitoring system will take corrective action and attempt to restore proper operating condition, including if necessary performing a system reset. Please contact Peribit Networks technical support at 1-866-PERIBIT to further analyze the anomaly.



Syslog Messages

182

Message ID 1203: PN_BRIDGE_LOCAL_LINK_UP_INFO_ID

Message Local interface: Link Up, <speed>, <duplex mode>



Message ID 1204: PN_BRIDGE_LOCAL_LINK_DOWN_INFO_ID

Message Local interface: Link Down


Recommended Action Verify that the link state change was not due to a network error.

Message ID 1205: PN_BRIDGE_REMOTE_LINK_UP_INFO_ID

Message Remote interface: Link Up, <speed>, <duplex mode>



Message ID 1206: PN_BRIDGE_REMOTE_LINK_DOWN_INFO_ID

Message Remote interface: Link Down


Recommended Action Verify that the link state change was not due to a network error.

Message ID 1207: PN_BRIDGE_INTF_SPEED_MISMATCH_ERROR_ID

Message Interface speed/mode mismatch. Local Interface: <>. Remote Interface: <>.


Recommended ActionCheck the Local and Remote Interface settings on the device and ensure that they are matched

Message ID 1208: PN_BRIDGE_INTF_SPEED_OK_INFO_ID

Message Interface speed/mode OK. Local Interface: <>. Remote Interface: <>.


Recommended Action None.

Message ID 1702: PN_MGMT_STARTUP_CONFIG_SAVED_ID

Message SaveStartupConfig: Saved successfully


Recommended Action Verify that someone authorized to configure the system saved the configuration.



Syslog Messages

Message ID 1703: PN_MGMT_CONFIG_SAVE_FAILURE_ID

Message SaveConfig: Cannot save <module> settings: status=<status>

Message Type Error

Recommended ActionContact Peribit support Contact Peribit Networks at 866 737-4248 (866-PERIBIT) with the information.

Message ID 1802: PN_INIT_IN_SAFE_MODE_ID

Message Safe-mode suspend: case 2

Message Type Critical Error*

Recommended Action

Contact Peribit support.

* Note that this message is also sent if you explicitly reboot the system into Safe Mode from the Web user interface or the Command Line Interface (CLI).

Message ID 1803: PN_INIT_COLD_START_ID

Message Cold Start


Recommended ActionIf the Sequence Reducer restarted unexpectedly, please investigate the reason. Contact Peribit support if there seems to be a problem.

Message ID 1902: PN_SECURITY_LOGIN_FAILURE_ID

Message Login failed: access=<method> user=<name> IP=<ip-addr>

Message Type Error

Recommended Action

The message has the access method (CONSOLE|SSH|WEB) and the IP address of the client (for SSH and WEB). You can check if the user is authorized to configure this system. Since CONSOLE access requires physical access to the system, any unauthorized CONSOLE access should be treated as a serious problem.

Message ID 1903: PN_SECURITY_LOGIN_SUCCESS_ID

Message Login ok: access=<method> user=<name> IP=<ip-addr>


Recommended ActionPlease verify that the person who logged in was someone authorized to configure the system.

Message ID 2002: PN_FAN_FAILURE_ERROR

Message Fan Error (Cpu or Chassis fan not operational).

Message Type Error

Recommended Action Cpu or Chassis fan may not be working. May have to replace the fan in the system.



Syslog Messages

184

Message ID 2003: PN_FAN_SPEED_VARIATION_ERROR

Message Fan Speed Error (Cpu or Chassis speed variation).

Message Type Error

Recommended ActionThis message indicates that change in fan speed was noticed. May have to replace the fan in the system.

Message ID 2004: PN_FAN_OK

MessageFan OK (Cpu or Chassis).Fan OK (Cpu or Chassis fan speed normal)

Message Type Info

Recommended ActionThis message indicates the CPU or Chassis fan has recovered from a previous failure, such as fan speed variation or fan failure error. No action is required.

Message ID 2102: PN_MULTINODE_MASTER_NODE_UP_ID

Message SR: Multi-Node Master Node is Up

Message Type INFO

Recommended Action This message indicates that the master node is up. No action.

Message ID 2103: PN_MULTINODE_MASTER_NODE_DOWN_ID

Message SR: Multi-Node Master Node is Down

Message Type ERROR

Recommended ActionThis message indicates that the master node of the multi-node configuration is down. If this node has not been taken down intentionally, please check the running configuration and the network connectivity for problems.

Message ID 2104: PN_MULTINODE_LAST_NODE_UP_ID

Message SR: Multi-Node Last Node is Up

Message Type INFO

Recommended Action This message indicates that the last node is up. No action is required.

Message ID 2105 (PN_MULTINODE_LAST_NODE_DOWN_ID)

Message SR: Multi-Node Last Node is Down

Message Type ERROR

Recommended ActionThis message indicates that the last node of the multi-node configuration is down. If this node has not been taken down intentionally, please check the running configuration and the network connectivity for problems.



Appendix D Understanding Exported Data Results

This appendix describes the three sections of the CSV export of a Peribit’s Sequence Reducer’s statistical data, and covers the following sections:

� “General Device Information” on this page.

� “System Session Statistics” on page 186.

� “Reduction Session Statistics” on page 188.

� “Application Session Statistics” on page 188.

� “Inbound Traffic By Port Statistics” on page 189.

� “Bandwidth Management Statistics” on page 189.

General Device InformationTable D-1 describes the general device CSV exported information.

Table D-1 General Device Information

Parameter Description

Device IP The IP address of the Sequence Reducer from which the statistics were exported.

Software version The version of Sequence Reducer software that was running on the device when the statistics were exported.

Serial number The serial number of the Sequence Reducer from which the statistics were exported.

License speed The speed for which the Sequence Reducer was licensed when the statistics were exported.

Section header The identification of the time period for which the following statistics were exported.

IP address of Sequence Reducer The IP address of the Sequence Reducer from which the statistics were exported.

Date and time (local time) The local date and time at which the report was generated.

Date and time (GMT time) The Greenwich Mean Time (GMT) at which the report was generated.

Peak interval = 5 The peak statistics are calculated over 5 second intervals.

Appendix D Understanding Exported Data Results � 185

System Session Statistics

186

System Session StatisticsTable D-2 describes the system session CSV exported statistics.

Table D-2 System Session Statistics


Start Time The start time for statistics generation.

End Time The end time for statistics generation.

Bytes Into AE Total number of bytes that entered the Sequence Reducer Assembly Engine for the selected time period.

Bytes Out AE Total number of bytes out of the Sequence Reducer Assembly Engine after assembly for the selected time period.

Packets Into AE Total number of packets into the Sequence Reducer Assembly Engine for the selected time period.

Packets Out AE Total number of packets that exited the Assembly Engine of the Sequence Reducer after assembly for the selected time period.

Resvd 1 Reserved

Bytes Out OOB Total number of out-of-band bytes sent to the control channel for the selected time period.

Bytes PT NO AE Total number of bytes that passed through the Sequence Reducer without reduction due to no corresponding Assembly Engine (Sequence Reducer) for the selected time period.

Packets PT NO AE Total number of packets that passed through the Sequence Reducer without reduction due to no corresponding Assembly Engine (Sequence Reducer) for the selected time period.

Bytes PT By Filter Total number of bytes that passed through the Sequence Reducer without reduction due to a manually configured filter (such as an application filter) for the selected time period.

Packets PT By Filter Total number of packets that passed through the Sequence Reducer without reduction due to a manually configured filter (such as an application filter) for the selected time period.

OfPt Bytes(Overflow Pass-through)

Total number of bytes that passed through the Sequence Reducer without reduction due to device buffer overflow for the selected time period.

OfPt Packets(Overflow Pass-through)

Total number of packets that passed through the Sequence Reducer without reduction due to device buffer overflow for the selected time period.

Bytes PT NO SR Total number of bytes that passed through the Sequence Reducer without reduction due to a disabled reduction engine on this device.

Packets PT NO SR Total number of packets that passed through the Sequence Reducer without reduction due to a disabled reduction engine on this device.

Bytes PT NON-IP Total number of non-IP bytes that passed through the Sequence Reducer without reduction (e.g., IPX, etc.) for the selected time period.

Packets PT NON-IP Total number of non-IP packets that passed through the Sequence Reducer without reduction (e.g., IPX, etc.) for the selected time period.

Bytes PT IP-Other Total number of IP bytes that passed through the Sequence Reducer without reduction because the protocols were not configured for reduction.


System Session Statistics

Packets PT IP-Other Total number of IP packets that passed through the Sequence Reducer without reduction because the protocols were not configured for reduction.

Bytes PT SR Total number of bytes that passed through the Sequence Reducer without reduction because the source address is the address of another Sequence Reducer in the same Peribit community.

Packets PT SR Total number of packets that passed through the Sequence Reducer without reduction because the source address is the address of another Sequence Reducer in the same Peribit community.

Bytes PT SR-Hash Total number of bytes that passed through the Sequence Reducer without reduction because the device is part of a reduction cluster and the data will be processed by another Sequence Reducer.

Packets PT SR-Hash Total number of packets that passed through the Sequence Reducer without reduction because the device is part of a reduction cluster and the data will be processed by another Sequence Reducer.

Bytes PT IpFrag Total number of bytes that passed through the Sequence Reducer without reduction because the device is not enabled to reduce IP fragments.

Packets PT IpFrag Total number of packets that passed through the Sequence Reducer without reduction because the device is not enabled to reduce IP fragments.

Bytes PT License Total number of bytes that passed through the Sequence Reducer without reduction because the throughput level determined by the device’s license is exceeded.

Packets PT License Total number of packets that passed through the Sequence Reducer without reduction because the throughput level determined by the device’s license is exceeded.

Bytes PT Tunneled Only Total number of bytes that passed through the Sequence Reducer without reduction.

Packets PT Tunneled Only Total number of packets that passed through the Sequence Reducer without reduction.

Bytes PT L2Mcast Total number of Layer 2 Multicast bytes that passed through the Sequence Reducer.

Packets PT L2Mcast Total number of Layer 2 Multicast packets that passed through the Sequence Reducer.

TP Bytes In (throughput) The number of bytes into the Sequence Reducer Reduction Engine at the peak five-second interval of data input1.

TP Bytes Out (throughput) The number of bytes out of the Sequence Reducer Reduction Engine at the peak five-second interval of data input.

TP Bytes PT (throughput) The number of bytes that passed through the Sequence Reducer at the peak five-second interval of data input.

TP Packets In (throughput) The number of packets into the Sequence Reducer Reduction Engine at the peak five-second interval of data input.

TP Packets Out (throughput) The number of packets out of the Sequence Reducer Reduction Engine at the peak five-second interval of data input.

TP Packets PT (throughput) The number of packets that passed through the Sequence Reducer at the peak five-second interval of data input.

Resvd 2 Reserved

Table D-2 System Session Statistics (Continued)


Reduction Session Statistics

188

Reduction Session StatisticsTable D-3 describes the reduction session CSV exported statistics.

Application Session StatisticsTable D-4 describes the application session CSV exported statistics.

Resvd 3 Reserved

Peak % Rdn The maximum data reduction rate for any five second interval within the selected time period. Peak percentage reduction is calculated by the following formula:

Rsv H1 through Rsv H20 Reserved

1. Data input is the number of IP bytes into the Sequence Reducer from the LOCAL port.

Table D-2 System Session Statistics (Continued)

105 x

Bytes In - Bytes OutBytes In

------------------------------------------------- = Peak % Reduction

Table D-3 Reduction Session Statistics




Dst Ip(Destination IP Address)

The IP address of the Sequence Reducer that receives reduced data from this Sequence Reducer device.

Packets In The total number of packets into this Sequence Reducer that have been identi-fied for reduction and addressed for the Sequence Reducer listed with the des-tination IP address for the selected time period.

Packets Out The total number of packets out of this Sequence Reducer after reduction and addressed for the Sequence Reducer listed with the destination IP address for the selected time period.

Table D-4 System Session Statistics




App Id The application from which the data was received (e.g., FTP, HTTP, Lotus Notes).

Dst Ip The IP address of the Sequence Reducer that receives reduced data from this Sequence Reducer device.

Bytes In The total number of bytes into the device that have been identified for reduc-tion, and addressed for the Sequence Reducer listed with the destination IP address and application ID for the selected time period.

Bytes Out The total number of bytes out of this Sequence Reducer after reduction, and addressed for the Sequence Reducer listed with the destination IP address and application ID for the selected time period.


Inbound Traffic By Port Statistics

Inbound Traffic By Port StatisticsWhen exporting all data from the Sequence Reducer (by selecting Tools, Export Data, All), Inbound traffic by port statistics are collected in the CSV file. Table D-5 describes the Inbound traffic by port statistics.

Bandwidth Management StatisticsTable D-6 describes the bandwidth management statistics, which a Sequence Reducer assembles per application class for each reduction tunnel.

Table D-6 Bandwidth Management Statistics

Table D-5 Inbound Traffic By Port Data


Src Port The inbound data’s source port number.

Bytes In The total number of reduced bytes of the corresponding packets from the source port, but not defined as a monitored application.

Packets In The total number of reduced packets from the source port into the Sequence Reducer, but not defined as a monitored application.

Dst Port The inbound data’s destination port number.

Bytes In The total number of reduced bytes of the corresponding packets to the destina-tion port, but not defined as a monitored application.

Packets In The total number of reduced packets to the destination port into the Sequence Reducer, but not defined as a monitored application.




Allocation Outbound bandwidth management: The IP address of the destination assembler or the default allocation.

Inbound bandwidth management: The parameter is Inbound.

Class Outbound bandwidth management: The bandwidth class ID, which is a collection of applications that a user has mapped to the class.

Inbound bandwidth management: One of the four pre-defined classes (i.e., Reduced, Intranet, TCP or Default).

Bytes In Outbound bandwidth management: The total number of application bytes into the Sequence Reducer.

Inbound bandwidth management: The total number of bytes into the Remote interface of the Sequence Reducer by class.

Bytes Out Outbound bandwidth management: The total number of application bytes out of outbound bandwidth management.

Inbound bandwidth management: the total number of bytes out of inbound bandwidth management.


Bandwidth Management Statistics

190

Bytes Dropped Outbound bandwidth management: The total number of application bytes dropped by the bandwidth management feature.

Inbound bandwidth management: The total number of bytes dropped by the bandwidth management feature.

Packets In Outbound bandwidth management: The total number of application packets into the Sequence Reducer.

inbound bandwidth management: The total number of packets passed into the Sequence Reducer by inbound bandwidth management.

Packets Out Outbound bandwidth management: The total number of application packets transmitted by the Sequence Reducer. (The total number does not include meta packetization.)

Inbound bandwidth management: The total number of packets out of inbound bandwidth management.

Packets Dropped Outbound bandwidth management: The total number of application packets dropped by the bandwidth management feature.

Inbound bandwidth management: The total number of packets dropped by the bandwidth management feature.


Appendix E Common Application Port Numbers

The following table lists common application port numbers, as listed by the Internet Assigned Numbers Authority (IANA, http://www.iana.org/assignments/port-numbers).

Note: Peribit Sequence Reducers reserve port numbers 3577 and 3578 for TCP and UDP data transmission.

Table E-1 Common Application Port Numbers

Keyword Port Number Protocol Description

ftp-data 20 TCP/UDP File Transfer [Default Data]

ftp 21 TCP/UDP File Transfer [Control]

ssh 22 TCP/UDP Secure Shell Protocol

telnet 23 TCP/UDP Telnet

smtp 25 TCP/UDP Simple Mail Transfer

dns 53 TCP/UDP Domain Name Server

tftp 69 TCP/UDP Trivial File Transfer

www-http 80 TCP/UDP World Wide Web HTTP

kerberos 88 TCP/UDP Kerberos

pop3 110 TCP/UDP Post Office Protocol - Version 3

sunrpc 111 TCP/UDP SUN Remote Procedure Call

nntp 119 TCP/UDP Network News Transfer Protocol

netbios-ns 137 TCP/UDP NETBIOS Name Service

netbios-dgm 138 TCP/UDP NETBIOS Datagram Service

netbios-ssn 139 TCP/UDP NETBIOS Session Service

imap2 143 TCP/UDP Interim Mail Access Protocol v2

snmp 161 TCP/UDP SNMP

snmptrap 162 TCP/UDP SNMPTRAP

clearcase 371 TCP/UDP Clearcase

legent-1 373 TCP/UDP Legent Corporation

legent-2 374 TCP/UDP Legent Corporation

ldap 389 TCP/UDP Lightweight Directory Access Protocol

Appendix E Common Application Port Numbers � 191

192

https 443 TCP/UDP https MCom

netnews 532 TCP/UDP readnews

lotusnotes 1352 TCP/UDP Lotus Notes

ms-sql-s 1433 TCP/UDP Microsoft-SQL-Server

ms-sql-m 1434 TCP/UDP Microsoft-SQL-Monitor

watcom-sql 1498 TCP/UDP Watcom-SQL

orasrv 1525 TCP/UDP oracle

ccmail 3264 TCP/UDP cc:mail/lotus

Table E-1 Common Application Port Numbers (Continued)


Glossary

access control list

List of IP addresses from which an administrator can login to a Sequence Reducer.

assembly Process by which a Sequence Reducer re-assembles reduced traffic into its original form.

authorization code

A password that gives a user access to a remote or local computer network.

auto-negotiation A protocol that enables Ethernet systems at the end of a twisted-pair or optical fiber segment to negotiate configuration parameters such as speed, half or full-duplex mode, and use of flow control.

bandwidth The amount of data that can be sent through a network connection, measured in bits per second (bps).

bridge A device that partitions a network into separate segments. The bridge allows a packet to be transmitted from one segment to the other only if it is addressed to a host on the other segment.

CLI See command line interface.

command line interface (CLI)

A method of configuring the Sequence Reducer by typing in commands via the local serial interface or remote SSH session.

end-point Sequence Reducer in a Peribit community. When you install the Sequence Reducer into your network, the device’s auto-discovery function locates all other Sequence Reducer within a Peribit community and exchanges network information with each device.

filter Operator defined IP addresses or TCP port numbers that determine valid addresses or applica-tions for reduction processing. A single filter or a list of filters can be defined for each system.

full-duplex A mode of operation that enables a pair of systems connected by a link to transmit frames to one another at the same time.

gateway A device that connects and forwards packets between computers or different networks. See also, router.

half-duplex A mode of operation that allows only a single station to successfully transmit a frame at a given time.

hardwarepass-through

Hardware-driven process by which all traffic is passed through the Sequence Reducer at wire-speed. It is invoked automatically upon disruption.

HTTP HyperText Transfer Protocol. The protocol most often used to transfer information from World Wide Web servers to browsers.

ICMP Internet Control Message Protocol. An Internet Protocol used to communicate between devices on a network to manage errors and generate control messages.

Interior Gateway Protocol (IGP)

A group of protocols that provide routing information to the routers within an autonomous network.

Internet Protocol (IP)

The protocol that is used to route a data packet from its source to its destination over the Internet.

IP address A numeric address, such as 10.10.187.22, assigned to every device on the network.

Glossary � 193

IP subnet mask A numeric address, such as 255.255.0.0, used to define an IP subnet or to determine member-ship of an IP address in an IP subnet.

IP subnet A group of IP addresses defined by the IP address and IP subnet mask pair, such as 10.10.0.0/255.255.0.0.

keypad The Sequence Reducer keypad consists of five buttons: Left, Right, Up, Down, and Enter. It allows a local operator to scroll through menus shown on the front-panel LCD and enter commands (SR-50 and SR-55 only).

latency The time necessary for a packet of data to travel from a source to a destination across a network.

LCD The Sequence Reducer front panel display that can serve as the initial user interface for a local operator (SR-50 and SR-55 only).

local connection Connection made directly to Sequence Reducer by an attached computer via the Sequence Reducer serial interface.

local port Ethernet port on the back of the Sequence Reducer chassis. Use to connect to a LAN aggre-gating switch. See also, remote port.

log A record of Sequence Reducer activity. Logs are recorded for system information, perfor-mance, backup, and recovery.

MIB Management Information Base. A database containing ongoing configuration information and statistics of a device in a network. MIBs are used with SNMP.

MTU Maximum Transmission Unit. The largest size packet that can be transmitted by a device on a network.

operator interface

The front-panel keypad and LCD, a local terminal via the serial interface, a remote terminal via the web console, or a remote terminal via the ssh.

OSPF Open Shortest Path First. An interior gateway protocol that routes messages according to the least expensive path.

packet A unit of data formatted for transmission on a network. Data is broken down into packets for sending over a packet switched network. Each packet has a header containing its source, desti-nation, other control information, and a payload of data to be transmitted.

pass-through mode

A function of the Sequence Reducer that passes through data at wire-speed upon device disrup-tion or overflow.

Peribit community

Two or more Sequence Reducers with a common Sequence Reducer registration server. Each Sequence Reducer must belong to a Peribit community.

ping A program used to test whether a particular network destination is online, by sending an Internet control message protocol (ICMP) echo request and waiting for a response.

reduction rate The rate of data reduction in percentage of a Sequence Reducer node.

reduction subnet

Specific subnets within your network to be included or excluded by the Sequence Reducer.

registration server

The Sequence Reducer registration server stores the network information of all Sequence Reducer within a Peribit community. Each device remains in contact with the registration server to obtain information about other devices. One Sequence Reducer within a Peribit community must be designated as the registration server.


remote port Ethernet port on the back of the Sequence Reducer chassis. Used to connect to WAN router Ethernet port. See also, local port.

response time The time it takes for a host to respond to a user command.

RIP See Routing Information Protocol.

round-trip time (RTT)

The time it takes to send a packet to a remote host and receive a response; used to measure delay on a network at a given time.

router Specialized computer that forwards data packets between networks. Routers can exchange information about their network connectivity (or accessibility) with neighboring network routes using standard routing protocols. This information is used by the router to determine an optimal path for a packet being forwarded.

Routing Infor-mation Protocol (RIP)

An interior gateway protocol used in IP networks.

secure shell A program for secure remote login to a Sequence Reducer.

Simple Network Management Protocol (SNMP)

The Internet standard protocol for network management software.

Simple Network Time Protocol (SNTP)

A protocol that can synchronize clocks on local computers with time clocks on the Internet.

softwarepass-through

Software-driven process by which a Sequence Reducer device transparently passes packets through the system in lieu of processing (reducing).

ssh see secure shell.

static IP address A permanent IP address for a client, server, or other network device.

Switch A networking device that sends packets directly to a port associated with a given network address.

TCP Transmission Control Protocol. The most common Internet transport layer protocol, defined in RFC 793. TCP is connection-oriented and stream-oriented, and provides for reliable communi-cation over packet-switched networks.

tunneling Encapsulating one type of packet inside the data field of another packet.

User Datagram Protocol (UDP)

User Datagram Protocol. UDP is connectionless and does not guarantee reliable communica-tion; the application itself must process any errors and check for reliable delivery. Defined in RFC 768.

warm reboot A re-boot of the Sequence Reducer without powering off the unit.

Web Console A method for configuring and monitoring the statistics of the Peribit Sequence Reducer using an HTML browser.

Glossary � 195

Index

Aaccess control log file

viewing, CLI 159viewing, web 117

administrator passwordchanging 45default 23, 168, 169

administrator user name, default 23, 168, 169application classes

assigning applications 90creating 87

application port numbers, common 191application QoS 81application summary statistics

data reduction by application 98percent data reduction 97percent traffic by application 97

application visibility 77applications, selecting for reduction 66ARP, configuring 132assemblers, default 74

Bbandwidth management, configuring 83baud rate, settings 23boot image, loading 110browser support 30buttons

front panel 28, 166MDI/MDI-X 24, 29, 167

bytes graph 94bytes reduced/assembled 99

Cchassis, setup 20, 25, 163community topology 64configuration file

displaying 109loading 109saving 107setting to default 159setting to the default 112

crossover cable 21, 25, 163CSV, interpreting results 185

Ddata reduction statistics

bytes graph 94formula 93packets graph 95peak data reduction 93viewing 93

default assemblers 74default gateway

description 28, 166setting 37setting, front panel 28, 166

default password 23, 168, 169default user name 23, 168, 169deployment, examples 14device configuration 109

loading 109saving 107setting to default 159setting to the default 112

DiffServ, preserving settings 81dynamic resource allocation (DRA), configuring 145

Eend points, configuring 57ethernet ports, connecting the cables 21, 25, 163exporting data

interpreting results 185through the web 118

Ffactory default configuration 112, 159filters

configuring application, web 66source/destination 69

fragments, reducing 139front panel

securing 48using the buttons 28, 166

Hheartbeat, setting the frequency 146

Index � 197

IIANA port map 102, 142installation

pre-install tasks 19, 161SR-20 20SR-50 & SR-55 25

interface settings, configuring 38IP address

configuring 37setting, front panel 28, 166

LLEDs, checking 24, 29, 167license key, entering 41LINK LED 24, 29, 167load balancing, configuring 72, 147loading a boot image 110local routes, configuring 49, 152log files

CLI 159web 117

logging inCLI 122web console 35

loss recovery, enabling 146

MMDI/MDI-X buttons 24, 29, 167mesh configuration, support for 15meta packet

adjusting the wait time 148configuring the size 148

multi-flow emulation, about 77multi-packet, configuring 148

Nnetwork cables, connecting 21, 25, 163network interface, configuring 38network settings, configuring 37NTP, configuring 31, 156

Ooperator access, securing 46

Ppacket capture, using 127packet fragments, reducing 139packets graph 95password

changing administrator 45default 23, 168, 169registration server 60

peak data reduction 93percent data reduction 97percent traffic by application 97performance data, exporting 118point-to-multipoint configuration 15port numbers, common application 191power cable, connecting 22, 27, 165pre-installation tasks 19, 161

QQoS

application 81application classes 87assigning applications 90bandwidth management 83

Rrack-mount installation 20, 25, 163rebooting the device 113reduction subnets

configuring 62filtering source/destination 69

registration serverconfiguring 30, 59password 31purpose 30, 168secondary 59, 150

remote routes, viewing 70restricting access to the device 46RIP, configuring 53route validation, web 71routes, configuring 49, 152


Ssample topologies 14secondary registration server 59, 150securing front panel access 48serial number, locating 41serial port, settings 23, 121setting up the chassis 20, 25, 163SNMP

configuring 43list of traps 177

SNTP, configuring 31, 156source/destination subnets 69specifications, device 173SSH

downloading 121using 23, 168, 169, 171

star configuration, support for 15static routes, adding 50statistics

exporting 118interpreting CSV 185

straight-through cable 21, 25, 163subnet mask

setting 37setting, front panel 28, 166

subnets, reduction 62support

browser 30technical 11

switch-to-wire 14Syslog

configuring 44list of messages 177

system log fileCLI 159web 117

system software, upgrading 110

Ttechnical support 11terminal emulation program 23, 168, 169, 171time settings 31, 156top talker, configuring 102, 158topology

choosing 64sample 14

ToS bit, configuring 149ToS, preserving 81traffic characterization statistics

bytes reduced/assembled 99summary 98

trapsconfiguring 43list of 177

Uuser name, default 23, 168, 169

Vvalidating routes 71VPN configuration 16

Wweb console

browser support 30logging in 30, 35understanding 36

Index � 199

Traceroute Copyright License

Copyright (c) 1990, 1993

The Regents of the University of California. All rights reserved.

This code is derived from software contributed to Berkeley by Van Jacobson. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of condi-tions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgement:

This product includes software developed by the University of California, Berkeley and its contributors.

4. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

� 201

202

OpenSSL Copyright License

Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of condi-tions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgment:

“This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)”

4. The names “OpenSSL Toolkit” and “OpenSSL Project” must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected].

5. Products derived from this software may not be called “OpenSSL” nor may “OpenSSL” appear in their names without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

“This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)”

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ̀ `AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Original SSLeay License

Copyright (C) 1995-1998 Eric Young ([email protected])

All rights reserved.

This package is an SSL implementation written by Eric Young ([email protected]).

The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are aheared to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson ([email protected]).


Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used.

This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

All advertising materials mentioning features or use of this software must display the following acknowledgement:

“This product includes cryptographic software written by Eric Young ([email protected])”

The word 'cryptographic' can be left out if the routines from the library being used are not cryptographic related :-).

If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement:

“This product includes software written by Tim Hudson ([email protected])”

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The licence and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution licence [including the GNU Public Licence.]

GNU GENERAL PUBLIC LICENSE

Version 2, June 1991

Copyright (C) 1989, 1991 Free Software Foundation, Inc.

59 Temple Place - Suite 330, Boston, MA 02111-1307, USA

Everyone is permitted to copy and distribute verbatim copies

of this license document, but changing it is not allowed.

Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too.

� 203

204

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things.

To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.

We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.

Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations.

Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all.

The precise terms and conditions for copying, distribution and modification follow.

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The “Program”, below, refers to any such program or work, and a “work based on the Program” means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term “modification”.) Each licensee is addressed as “you”.

Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.

1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.

You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.

2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:

a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.

b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.


c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.

Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.

In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.

3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.

If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.

4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.

5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.

� 205

206

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.

If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.

It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.

This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.

8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.

9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.

Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and “any later version”, you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.

10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

NO WARRANTY

11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.


12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

How to Apply These Terms to Your New Programs

If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.

To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.

one line to give the program's name and an idea of what it does.

Copyright (C) yyyy name of author

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this when it starts in an interactive mode:

Gnomovision version 69, Copyright (C) year name of author

Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.

The hypothetical commands ̀ show w' and ̀ show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than ̀ show w' and ̀ show c'; they could even be mouse-clicks or menu items--whatever suits your program.

You should also get your employer (if you work as a programmer) or your school, if any, to sign a “copyright disclaimer” for the program, if necessary. Here is a sample; alter the names:

Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker.

signature of Ty Coon, 1 April 1989

Ty Coon, President of Vice

This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License.

� 207

208

peribit seq reducer operators guide sr_31_og

Documents