The configuration of IP service category

List of IP service operations

Managing IP connection

Configurating performance parameters

Configuring IP on WAN

The check and maintenance of the IP network

This chapter introduces the configuration of IP optional service. If you want to know the detailed method of using the IP service command mentioned in this chapter, please refer to “IP service command” section.

 

List of IP service operations

You can configure the below-listed optional IP service:

Managing IP connection

Configurating performance parameters

C onfiguring IP on WAN

The check and maintenance of the IP network

 

These operations are not necessary, yet carried out according to the requirement of network.

Managing IP connection

IP provides a series of services to control and manage IP connection. Most of these services are provided by ICMP. ICMP packets are normally sent to the host computer or other routers when the router or the accessing server find IP head of packet errors. ICMP is mainly defined by RFC 792.

If you want to manage the different aspects of IP connection, you should execute the following related operations:

Sending ICMP unreachable packet

Sending ICMP redirected packet

Sending ICMP mask reply packet

Support path MTU detection

Setting the maximum transmission unit (MTU) of IP

Allow IP source router

Allow route cache of IP

Allow route cache of IP on the same interface

Sending ICMP unreachable packet

If the system receives a packet , but find it impossible to deliver it to the destination, for example, there is no corresponding route, it will send a ICMP unreachable packet to the source host computer. This function of the system is turned on by default.

 If this function is turned off, the user can turn it on with the following command under interface configuring model.     

command

 Purpose

ip unreachables

The function of sending ICMP unreachable packet.

                       

Sending ICMP redirected packet

Sometimes, the host computer did not select the best router, so the router that receives the packet detect that, according to the route list, it should re-send the packet from the interface that receives it, and then forward it to the other router on the same network . Under this situation, the router will inform the source host computer to directly send the packet of the destination address to the other router, without passing the host computer. Redirect packet requires the source host computer to change from the original route to the more direct route suggested by the packet. Many operating systems of the host computer will add a host computer router in the list of routes. But, the router would rather trust the information from the router protocol, so it will not add a host computer router according to this information.

 This function is turned on by default. But if hot backup router protocol on this interface is configured on this interface, then this function will be automatically turned off. If the configuration of hot backup router protocol is cancelled, this function will not be automatically turned on.

 If this function is turned off, the user can turn the function of sending ICMP redirect packet on with the following command under interface configuration model:

command

 Purpose

ip redirects

Allow to send ICMP redirected packet.

Sending ICMP mask reply packet

Sometimes the host computer should know the network mask, for the sake of this information, the host computer can send ICMP mask request packet. If the router can confirm the mask of this host computer, it will reply ICMP mask reply packet. The router will send ICMP mask reply packet under default status.

If ICMP mask request packet is demanded to be sent, the user could use the following command under interface configuration model.

command

 Purpose

ip mask-reply

Sending ICMP mask reply packet.

 

Support path MTU detection

 The system support IP path MTU detection mechanism defined by RFC 1191. IP path MTU detection enables the host computer to dynamically detect and adapt Maximum transmit unit (MTU) length from different paths. Sometimes, the router finds the length of received IP packet is larger than the MTU configuration set on the packet forwarding interface, and requires to fragment the IP packet, but this IP packet’s “unfragment” position is setting, the packet can not be fragmented, so the packet can only be discarded. Here, the router will send ICMP packet to inform the host computer why the forwarding failed, and forward MTU on the interface. The host computer will  reduce the length of packet to this target address, in order to  meet the minimum MTU of this path.

If one link in the path is disconnected, other path will be employed for transmitting the packet. the minimum MTU of it may be different from the original path. Here, the router will inform the source host computer the MTU of new path. If possible, the user should adopt the minimum MTU in the path to encapsulate IP packet to the greatest extent. Hence, it can avoid fragment, and can send minimum amount of packet, consequently enhance the efficiency of communication.

  Corresponding host computer should first support IP path MTU detection, then, it can adjust the length of IP packet to be delivered according to the information from the router, in order to avoid fragment in the process of forwarding.  

Setting the maximum transmission unit (MTU) of IP

 Every interface has one default IP Maximum transmission unit, which is the maximum IP packet length permitted to send. If the IP packet length exceeds this value, the router will fragment the packet

The  change of the MTU value of the interface will affect the IP MTU value of the interface. If IP MTU equals the MTU, change MTU, and IP MTU will automatically adjust to the new MTU value. But, change IP MTU will not affect MTU. IP MTU  cannot be bigger than the MTU set on the current interface. All devices on the same physical medium should have same protocol MTU to enable normal communication.

If the user wants to set the IP MTU on specific interface, the following command shall be used under interface configuration model.

 

command

Purpose

ip mtu bytes

Setting IP MTU of the interface

 

Allow IP source router

 The router checks every packet’s IP header option, it supports IP header options defined by RFC 791: strict source routingloose source routing, record routing and time stamp. If option errors are detected, it will send ICMP parameter issue packet to the host computer and discard the packet. If errors are found in the source routing process, the router will send ICMP unreachable (source route failure) packet to the host computer.

IP allows host computer to designate the router of IP network where packets passess.  , this is called the source router, it can be specified in the source route option of IP header options. The router should forward the IP packet according to this option, or discard these packets for the sake of safety, and send ICMP unreachable (source router failure) packet to the source host computer.  Router default supports source router. .

If the function of IP source router is turned off, the user can use the following command to allow IP source router under global configuration  model:

command

 Purpose

ip source-route

Allow IP source router.

 

Allow route cache of IP

 The route cache of IP uses route cache to forward IP packets. When forwarding the first packet towards certain destination address, the system looks up in the route table and, and forward packets according to the router. Then, this router will be saved in the route cache, all the packets to this host computer, then, will be forwarded directly according to the route in the cache rather than looking it up in the route table. The system does not form route cache according to ICMP packets and broadcasting packets, because theses packets are not sent continually. If the cache is not used, it will be deleted quickly due to its overtime.

The route cache may not be suitable for the retransmission from high speed medium to low speed link (64K or less), because it will speed up  retransmission speed and the packets will be more quickly stocked on the low speed interface, more packets will be discarded. Under this situation, the user should prohibit IP route cache on the low speed interface. The system will execute load sharing according to source address/destination address. If many network routes exist, route cache guarantees the packets from the same source address/destination address to use the same route, but forwarded packets from different source address/destination address may be sent from multiple routes, thus, the balance load sharing is achieved. i

In order to allow or prohibit route cache , the user can use the following command under interface configuration model.

command

Purpose

ip route-cache

Allow route cache (to forward IP packet is transmitted by using router cache ).

no ip route-cache

Prohibit route cache; the system will execute load sharing on every packet.

 

Allow route cache of IP on the same interface

The user can allow IP route cache on the same interface, which is, the recipient interface is identical to the sending interface. Normally,  it is not recommended to invoke  this function, because it conflicts with the function of redirecting of the router. If the user has a not fully connected network, such as FR, this function can be invoked on the FR interface. For example, router A,B,C jointly forms an FR network, but physical links only exist between A-B and B-C, the communication between A and C should be transferred through B: A-B-C, B receives A’s packet from one DLCI of the interface, and then sends the packet to C through another DLCI from the same interface.

In order to allow route cache of IP on the same interface, the user can use the following command under interface configuration model:

command

Purpose

ip route-cache same-interface

Allow route cache of IP packets when the sending interface is identical to the recipient interface.

 

Configurating performance parameters

When configurating IP performance, the user should execute the following operations.

Setting TCP connection latency time

Setting TCP window size

Setting TCP connection latency time

 When the router is making TCP connection, if no links have been set up after the TCP connection latency time is over, the router will consider the connection as a failure, and feedback the result to the upper-level application. The user may set the TCP connection latency time, the default value of the system is 75 seconds. This configuration has nothing to do with the TCP connection transferred from the router, it just relates to the TCP connection set up by the  router.

The following commands are used for setting TCP connnection latency time under global configuration model:

command

Purpose

ip tcp synwait-time seconds

Set the TCP connection latency time.

 

Setting TCP window size

The default TCP window size is 2000 bytes. If the user want to change the default window size, he/she can use the following command under global configuration  model:

command

Purpose

ip tcp window-size bytes

Setting TCP window size.

 

Configuring IP on WAN

The user can configure IP network on X.25, FR and PPP networks. If he/she wants to configure IP on these WANs, such as configure address mapping, etc. he/she can refer to related documents.

 

The check and maintenance of the IP network

To check and maintain the network, the user should execute the following operations:

Clearing the cache, list and database

Clearing TCP connection

Showing the system and network statistics

Showing debug information

Clearing the cache, list and database

The user can clear all contents of certain cache, list or database. If the user thinks the statistics of certain cache, list or database is incorrect, it should be deleted.

The following command is used to clear incorrect items:  

command

Purposes 

clear tcp statistics

Clearing TCP statistics.

 

Clearing TCP connection

If the  certain TCP connection needs to be closed off, the following command can be used:  

command

Purpose

clear tcp {local host-name port remote host-name port | tcb address}

Clearing certain TCP connection. (TCB is TCP control block)

Showing the system and network statistics

The system can show contents of cache, list and database. This information can help to analyze condition of system resource  utilization and to solve network problems.

The user can use the following command under managing status.  Specific method of using these commands  can be referred to Chapter of “IP service command”

命令Command

Objective

show ip access-lists name

Showing the content of certain or all access list.

show ip cache [prefix mask] [type number]

Showing the route cache used for quick change of IP packets.

show ip sockets

Showing all socket information of the router.

show ip traffic

Showing the statistics of IP Protocol.

show tcp

Showing all information of TCP connection situation

show tcp brief

Showing brief information of TCP connection situation

show tcp statistics

Showing TCP statistics.

show tcp tcb

Showing information of certain TCP connection situation

 

Showing debug information

When the network encounters problems, the user can use command “debug”, to request the system to show the debug information.

The user can use the following command under management status. The speicif method of using these commands can be referred to the chapter of “IP Service Commands”.  

Command

 Purpose

debug arp

Showing the interactive information of Address resolution protocol (ARP)

debug ip icmp

Showing the interactive information of internet control packets protocol (ICMP)

debug ip raw

Showing the received and sent internet protocol (IP) packets.

debug ip packet

Showing the interactive information of internet protocol (IP)

debug ip tcp

Showing the interactive information of Transmission Control Protocol (TCP).

debug ip udp

Showing the interactive information of User data package protocol (UDP).