98/09/25

_______________________ ComOS 3.8 Release Note for PortMaster 3



________________ Introduction

The new Lucent Remote Access (formerly Livingston Enterprises) ComOS(R)
3.8 software release is now released for the PortMaster(R) 3 Integrated
Access Server.  This release note applies only to the PortMaster 3.
This release is provided at no charge to all Lucent customers.
This release note documents commands and features added between ComOS
release 3.7.2 and ComOS 3.8 on the PortMaster 3, including V.90
dial-in support.

ComOS 3.8 will be the last release supporting the old "True Digital
V.34 Cards."  Starting with ComOS 3.9, only the "True Digital 56K
Cards" will be supported.

See "Limitations" for more information before upgrading.

You must use PMconsole(TM) 3.5.3 or PMVision(TM) 1.2 or later when
upgrading to ComOS 3.8.  If you are running Microsoft Windows 95 or
Windows NT 4.0, you must use PMconsole for Windows 3.5.1.4 or PMVision
1.2 or later.  Read "Upgrade Instructions" thoroughly before
upgrading.  Use PMVision 1.2 or later when configuring ComOS 3.8.



_______________ Contents

Introduction
Bugs Fixed in ComOS 3.8
New Features in ComOS 3.8
	V.90 Support
	T1 Card Support
	R2 Signaling Support
	Asynchronous Multilink PPP via Modem Connection
	Multilink PPP Packets No Longer Fragment for NEC Aterm
	X.75 Support for European ISDN
	Fractional ISDN
	ISDN Unnumbered Plan
	ISDN Call Progress
	IPXCP Support
	Longer Filters
	Alternate RADIUS and ChoiceNet Ports
	RADIUS Authentication before Call Acceptance on PRI (Call-Check)
	RADIUS Class Support
	RADIUS LE-Advice-of-Charge
	RADIUS LE-Terminate-Detail
	Bandwidth Allocation Control Protocol (BACP) Support
	Ethernet Subinterfaces
	OSPF Support over PPP Dialup
	New Command "show route to-dest <Ipaddress>"
	SNMP Modem Table
	SNMP Traps and Alarm Management
	Detailed Ptrace
	PMVision Support
	Command Line Context-Sensitive Help
	Updated Help
	Lastcall Command
	Reset Modem Command
	"show <M0>" Command Displays Card Type
How to Use RADIUS Call-Check
R2 Signaling Configuration
T1 Card Configuration
	Clocking
	Fractional T1 Configuration
	T1 Configuration
	Frame Relay Configuration
	Point-to-Point Configuration
	LED Indication
	Troubleshooting the T1 Card
	Limitations of the T1 Card
Limitations in ComOS 3.8
	RADIUS Server 2.0.1 Incompatibility
	No V.22 on V.34 Card
	Downgrading to ComOS 3.5 Loses Ether0 IP Address
Upgrade Instructions
Technical Support



_______________ Bugs Fixed in ComOS 3.8

Any bugs introduced in ComOS 3.8 beta software that were fixed in 
ComOS 3.8b21 are also fixed in ComOS 3.8, and are not listed here.

* On non-USA switch types, the PortMaster failed to generate a busy
signal when resources (such as modems or ports) were not available to
take the call.  Instead of sending "Call Proceeding" after every SETUP
message received, the PortMaster 3 now sends "Call Proceeding" just
before accepting the call, after allocating necessary resources.

* The ISDN session layer has been improved to solve a problem,
occurring in Europe, with the PRI line not coming up.

* Reboots caused by synchronous ports are fixed.  These reboots are
indicated by a console message mentioning BLOCK_STATE_ACTIVE in an
assertion failure.

* Reboots due to a panic caused by memory corruption are fixed.

* V.120 buffer management is fixed.  In a previous release, V.120 was
incapable of handling large packets. As a result, when you logged in to
the command line interface using V.120 and used the "show session" or
"show all" command, the output was truncated.

* The forward slash (/) character is now permitted in usernames in the
location table, usable with both PAP and CHAP.

* RADIUS State attributes containing the NUL character in
access-challenges are no longer truncated at the NUL when returned in
the next access-request.

* The PortMaster 3 now supports odd or even parity and 7 or 8 data bits
on the "True Digital 56K Card."

* Statistics for the T1 card now update every second instead of every 
10 seconds.

* When ChoiceNet(R) downloads a filter into the PortMaster, it no
longer generates a RADIUS Administrative-User start and stop record.
However, PMconsole logins by PMconsole, PMVision, or pmcommand still
generate RADIUS Administrative-User records, if RADIUS accounting is
turned on.

* The PortMaster no longer generates a RADIUS accounting start record
when a user with a Port-Limit of 1 tries to bring up a second B
channel.

* Channelized T1 no longer reports a 50Kbps connection when a client
reports 48Kbps.

* V.34 support in the "True Digital 56K Card" is improved.  A V.34
renegotiation and/or retrain problem is fixed, improving V.34
throughput.  V.34 connect rates have been improved.

* A problem with the assigned pool is fixed.  In previous releases, if
you were using assigned pool addresses for both IP and IPX, the
PortMaster freed the address twice, resulting in duplicate addresses
being assigned.

* Choosing rlogin from a RADIUS menu and then exiting from the host no
longer causes the PortMaster to print "Invalid login" and return to the
login: prompt instead of the menu.  This bug was introduced in 
ComOS 3.7 and fixed in ComOS 3.8.

* In ComOS 3.8, the first 8 characters of the username in the local
user table are matched against the first 8 characters of the username
entered by the user. (Use RADIUS for authentication if usernames longer
than 8 characters are desired.) Before ComOS 3.8, the command line
interface allowed an administrator to create a username longer than 8
characters in the local user table, but compared only the first 8
characters to the first 8 characters of the username entered by a
user.  Starting in ComOS 3.8b13, the command line interface limits
usernames to a maximum of 8 characters, and the PortMaster compared the
entire username to the entire username entered by the user. As a
result, existing usernames longer than 8 characters failed at login.
In ComOS 3.8, the command line interface limits usernames to a maximum
of 8 characters, and the PortMaster compares the first 8 characters of
the username in the local user table to the first 8 characters of the
username entered by the user.

* Stac LZS compression in conjunction with Multichassis PPP (MCPPP) no
longer causes network buffer loss and the resultant unexpected halts in
the PortMaster 3.

* The PortMaster 3 no longer gets stuck sending and receiving
RESET_REQUEST and RESET_ACKNOWLEDGEMENT packets used in Stac LZS
compression to resynchronize the compressor and the decompressor.

* If you receive cause code 17 (User Busy) after entering an "atdt"
command attached to a port, the message "BUSY" now appears instead of
the misleading "NO CARRIER" message displayed by previous releases.

* V.8bis tone has been improved. The volume of the V.8bis tone has been
lowered, to allow some of the older 14.4Kbps modems to connect more
reliably.

* A problem that caused modems to become stuck in the TEST state has
been fixed.  In previous releases, this problem caused "dead air" (a
user dialed in and received no tones) on u-law circuits (such as in the
United States), and caused "Ring No Answer" on a-law circuits.

* The problem of "show all" reporting the wrong connection speed has
been fixed.  In previous releases, a "show all" might show the speed
"64000" or "56000" depending on how the port was configured for ISDN,
instead of the speed the user had connected at.

* Dial-out locations using PPP sometimes failed to connect to remote
systems, and "show session" reported direction as "IN" before
disconnecting.  This problem is fixed.

* Previously, an upgrade might create a null Ethernet incoming route
filter, and filter out all inbound Ethernet traffic.  This problem is
fixed.

* Previously, data-over-voice (DOV) calls incremented the total number
of calls on a modem but did not increment the total connects, making
the statistics invalid.  This problem has been fixed.  Data-over-voice
calls no longer increment the total number of calls on a modem.

_______

The following bugs were fixed in ComOS interim release 3.7.2c3 and are
fixed in ComOS release 3.8 as well:

* During system startup, the Stac LZS compression card on the
PortMaster 3 sometimes failed to initialize.   This problem is now
fixed.

* When Redhat Linux incorrectly sent out-of-window TCP data on a Telnet
or rlogin session from the PortMaster, the PortMaster was temporarily
reporting a large window size that was confusing Linux.   The
PortMaster now properly advertises a window size of zero (0) until the
TCP window is emptied, for better interoperability with versions of
Linux that have this problem.

* Previously, when the ISDN device driver ran out of receive buffers,
an error condition occurred that caused an immediate system reboot.
This symptom was reported as "random reboots" and generally sent the
console message "munich_next_rd: NO BLOCKS" just before the PortMaster
rebooted.  Running out of receive buffers is now properly handled, and
no longer causes a reboot.

* The modem code for the "True Digital 56K Card" has been improved.
- A software condition that caused the modem to not generate initial
  modem tones during the answer sequence has been fixed.
- Interoperability problems with several V.34 modems have been fixed.
- The occasional failure to properly complete self-test has been fixed.
- A problem that caused many rate renegotiations, and which sometimes
  resulted in disconnection, has been fixed.

* A "No Tone" problem has been fixed.  Previously, dial-in users were
sometimes inappropriately disconnected during port cleanup.  The
message "m_comio_save != NULL" appeared on the console to identify the
problem.  For example, suppose a user connected to port S0 allocated
modem (DSP) M0, but then disconnected at the same time another user
dialed in on S1.  Because the modem was already back in the ready
state, S1 allocated M0.   However, when S0 ran its cleanup process, it
reinitialized M0 and disconnected the user on S1 before he heard any
tones.

* If <M0> is active when "set <M0> on" is entered on the command line,
the modem used to suspend service for a minute or two.  This problem is
fixed.

* The LAPM code in the modems has been improved with regard to the LAPM
timer and the Echo Canceller training.



_______________ New Features in ComOS 3.8

The following commands and features have been added in ComOS 3.8.


	V.90 Support

ComOS 3.8 supports the ITU standard V.90.  V.90 is now supported for
Lucent, 3Com, and Rockwell chipset client modems dialing in.  V.90 is
supported for a-law and u-law.

ITU-T V.90 support inside the PortMaster 3 has been extensively tested
with 3Com, Rockwell (both 1MEG and 2MEG), and Lucent chipset client
modems.  Modem test results show connection rates and throughput speeds
to be competitive.  Due to the complicated interoperability issues of
modems, if you encounter a problem, verify that the dial-in client
modem is running the latest firmware available from the modem vendor.
If the issue persists, contact our technical support staff for further
assistance.

V.90 is not supported for dial-out.  The maximum analog dial-out speed
is 33600bps for V.34, K56flex, and V.90.


	T1 Card Support

The PortMaster 3 T1 card (PM3-SYNC-T1) is now supported; see "T1 Card
Configuration" below for more information.


	R2 Signaling Support

R2 signaling is now supported for certain countries.  See "R2 Signaling
Configuration" below for more information.


	Asynchronous Multilink PPP via Modem Connection

The PortMaster 3 now supports Multilink PPP (MP) connections per RFC
1717 over asynchronous PPP dialup connections.


	Multilink PPP Packets No Longer Fragment for NEC Aterm

Because the NEC Aterm ISDN terminal adapter (TA) does not accept
fragmented Multilink PPP (MP) packets, ComOS now detects this during
negotiation and sends only nonfragmented frames.


	X.75 Support for European ISDN

X.75 is now supported for European ISDN.  X.75 handles a 2048-byte
block size, for better interoperability with European terminal
adapters.


	Fractional ISDN

PortMaster 3 line0 and line1 can be configured for fractional ISDN
service, where supported by the telephone company:

set <Line0> isdn-fractional
set group <Number> channel <Channel-list>
save all
reboot

You can configure as many groups as needed.  Group 1 is used for ISDN.
The D channel is assumed to be in its regular time slot, and must not
be listed as part of any channel group.  Other groups can be defined
for use as fractional T1 PPP or Frame-Relay.  Example:

Command> set line0 isdn-fractional
line0 changed to isdn-fractional E1
Command> set line0 group 1 channel 1 2 3 4 5 6 7
line0 channel list for group 1 changed
Command> show line0

----------------------	line0 - E1 ISDN-Fractional  ---------------
  Status: UP	     Framing: ESF	 Encoding: B8ZS	      PCM: a-law

	 Channel
  Group	 Speed	  Channels
  -----	 ------- ---------------------------------------------------
  1	 ISDN	  1 2 3 4 5 6 7
 
  Receive Level: +2dB to -7.5dB
 
  Alarms				Violations
  -----------------------------		-----------------------------
  Blue			      0		Bipolar			    0
  Yellow		      0		CRC Errors		    0
  Receive Carrier Loss	      0		Multiframe Sync		    0
  Loss of Sync		      0


	ISDN Unnumbered Plan

The ISDN number plan and type are information passed to the switch on
outbound calls.  These values inform the switch what kind of call is
being placed and where the call is to be routed.  Usually (especially
in Europe), you must use the "unknown, unknown" plan so the switch will
make the decision, but in some cases you must set a specific number
plan and number type.  You can display the current ISDN number plan and
type with the "show global" command.

set isdn-numberplan <Plan>

Plan
   0 unknown
   1 ISDN E.164
   2 Telephony E.163
   7 National
   8 Private

set isdn-numbertype <Type>

Type
   0 unknown
   1 International
   2 National
   4 Local


	ISDN Call Progress

In previous releases, the PortMaster 3 answered the call before some
older switches were ready to set up end to end.  The PortMaster 3 now
acknowledges the call from the switch and waits 150ms before
proceeding, for improved interoperability.


	IPXCP Support

IPXCP negotiation is now supported in addition to IPXWAN negotiation,
on PPP connections.  Novell uses IPXWAN, but Microsoft still uses 
IPXCP.

The PortMaster tries IPXCP first, and if the remote device does not
allow network number negotiation in IPXCP, then the PortMaster tries
IPXWAN.   If the network number is successfully negotiated via IPXCP,
then IPXWAN negotiation is skipped.


	Longer Filters

The PortMaster 3 now supports a maximum of 256 filter rules per
filter.   An error message is generated when the number of filter rules
exceeds the limit.


	Alternate RADIUS and ChoiceNet Ports

The UDP port to send RADIUS authentication, RADIUS accounting, and
ChoiceNet requests is now configurable.  Different ports can be
specified for the primary and secondary servers:

 set authentic <Ipaddress> [<Port>]
 set alternate <Ipaddress> [<Port>]
 set accounting [2] <Ipaddress> [<Port>]
 set choicenet [2] <Ipaddress> [<Port>]

The <Port> value is optional, and if not specified defaults to 1645 for
RADIUS, 1646 for RADIUS accounting, and 1647 for ChoiceNet, the same as
in previous releases.  A value of 0 is treated as the default.  The
Lucent Remote Access RADIUS server, radiusd, uses the -p flag to
specify the UDP port for listening for RADIUS authentication requests.
The server listens for RADIUS accounting requests on the next higher
port.

The Lucent Remote Access ChoiceNet server, filterd, uses the -p flag to
specify the UDP port for listening for ChoiceNet requests.  The default
is port 1647.


	RADIUS Authentication before Call Acceptance on PRI (Call-Check)

After receiving the command "set call-check on", the PortMaster 3 sends
a RADIUS access-request for any incoming call before accepting the
call.  The PortMaster 3 expects to receive one of the following
replies: 1) a RADIUS access-accept with attributes, to accept the call
and provide the indicated service (such as connecting the user via a
netdata connection to a given host and TCP port), 2) a RADIUS
access-accept with no attributes to accept the call and perform the
usual RADIUS authentication, or 3) a RADIUS access-reject to reject the
call.

The following command enables or disables the call-check feature:

 set call-check on | off

If call-check is enabled, the "show global" command displays the
words "(Call Check Enabled)" after the ISDN switch type.

If call-check is enabled but no RADIUS support is configured, all
dial-in users receive either a busy condition or dead air.

The dictionary on the RADIUS server must include this entry:

VALUE		Service-Type	Call-Check	10

NOTE: The value 129 used for Call-Check-User in beta dictionaries has
been obsoleted and should be removed from the dictionary if present.

The call-check feature is supported for both modem calls and ISDN
calls.

For more information, see "How to Use RADIUS Call-Check" below.


	RADIUS Class Support

A RADIUS access-accept packet can now return Class (attribute 25, a
string).  The PortMaster then sends the unmodified Class attribute in
the accounting-request packets for that session.  To use Class with
RADIUS server 1.16, 2.0, or 2.0.1, update the dictionary to
include the following entry:

ATTRIBUTE	Class			25	string

RADIUS server 2.1 already includes the Class attribute in its dictionary.


	RADIUS LE-Advice-of-Charge

LE-Advice-of-Charge is a RADIUS vendor-specific attribute included in
the RADIUS Accounting stop packet, containing the Advice of Charge
information (if any) provided on the ISDN D channel by the telephone
company.  It requires RADIUS server 2.1 (or another RADIUS server with
support for vendor-specific attributes).  

If you are running an earlier RADIUS server you should refer to "RADIUS
Server 2.0.1 Incompatibility" later in this release note.


	RADIUS LE-Terminate-Detail

LE-Terminate-Detail is a RADIUS vendor-specific attribute included in
RADIUS Accounting Stop records generated by ComOS 3.8, that contains a
detailed description of the reason for session termination (like the
one sent to syslog).  It requires RADIUS server 2.1 (or another RADIUS
server with support for vendor-specific attributes).

If you are running an earlier RADIUS server you should refer to "RADIUS
Server 2.0.1 Incompatibility" later in this release note.


	Bandwidth Allocation Control Protocol (BACP) Support

BACP has been implemented in accordance with RFC 2125.

Because BACP and the Bandwidth Allocation Protocol (BAP) are both
negotiated protocols, no special commands are needed to turn them on.
The only requirement for use of BAP and BACP is setting directory
numbers on all the serial ports so that the PortMaster can offer a
second number to the client dialing in.  Use the following command to
set a directory number:

set <S10> directory <Number>

Replace <S10> with an ISDN port and <Number> with the access telephone
number for that port.

Example:

Command> set s0 directory 5105551234

BACP supports local exchange telephone numbers.

If a long-distance BACP user is configured to dial a local exchange
telephone number, the PortMaster now checks the Called-Station-Id when
a second channel is requested.  In this configuration, the directory
numbers should not be set.


	Ethernet Subinterfaces

Multiple logical Ethernet interfaces are now allowed on one Ethernet
port, for situations that require them.

The MAC address and packet filters for subinterfaces are the same as
for the primary interface.  IPX, RIP, OSPF, and route filters are not
supported on the subinterfaces.

Ethernet subinterfaces can be viewed, but not modified, with the
ifconfig command, because the Ethernet subinterfaces are rebuilt every
time a new subinterface is added.

Example:

add subinterface <Name>
delete subinterface <Name>
show table subinterface
set subinterface <Name> port <Ether0>
set subinterface <Name> address <Ipaddress> | <Ipaddress>/<NM>
set subinterface <Name> netmask <Netmask>
set subinterface <Name> broadcast high | low
 
 add subinterface <Name>
 
This command adds a subinterface entry to the subinterface table.  The
<Name> is used to reference the subinterface configuration in the
subinterface table, and has a maximum length of 11 characters.
It is not the name of the interface or the port the subinterface is
associated with.

Command> add subinterface enet2
New subinterface enet2 successfully added

The following command removes a subinterface entry from the table:

 delete subinterface <Name>

The following command displays the subinterface table:

Command> show subinterface

Subinterface Interface Addr   Netmask	       Broadcast Addr   Port Name 
------------ ---------------- ---------------- ---------------- ---------
enet2	     192.168.55.6     255.255.255.0    192.168.55.255	ether0

The following command associates the subinterface configuration with a
physical port:

 set subinterface <Name> port <Ether0>

Command> set subinterface enet2 port ether0 
enet2 changed from  to ether0

The following command sets the IP address or an IP address and netmask
for the subinterface:

 set subinterface <Name> address <Ipaddress> | <Ipaddress>/<NM>

Command> set subinterface enet2 address 192.168.55.6 
enet2 changed from 0.0.0.0 to 192.168.55.6

Command> set subinterface enet2 address 192.168.55.6/27 
enet2 changed from 192.168.55.6/24 to 192.168.55.6/27

The following command sets the netmask in dotted decimal notation for the
subinterface configuration.  This command is not needed if you set the
netmask using the classless interdomain routing (CIDR) notation (/xx)
in the "set subinterface address" command.

 set subinterface <Name> netmask <Netmask>

Command> set subinterface enet2 netmask 255.255.255.0 
enet2 netmask changed from 0.0.0.0 to 255.255.255.0

The following command sets the broadcast address for the subinterface:

 set subinterface <Name> broadcast high | low

Command> set subinterface enet2 broadcast high
enet2 broadcast address changed from low to high

The new subinterface is displayed in the "ifconfig" output.  The
interface name is system generated.
 
 ifconfig
 
Command> ifconfig
ether0: flags=16<IP_UP,IPX_DOWN,BROADCAST,OSPF>
	inet 172.16.110.68 netmask fffffff0 broadcast 172.16.110.64
	area 0.0.0.64 ospf-state DROTHER mtu 1500

et01: flags=106<IP_UP,IPX_DOWN,BROADCAST,PRIVATE>
	inet 192.168.55.6 netmask ffffff00 broadcast 192.168.55.255 mtu 1500


	OSPF Support over PPP Dialup

OSPF support has been added to locations and network user profiles, for
use only as dialup backup to leased lines or Frame Relay.  OSPF is now
supported on Frame Relay subinterfaces as well.

Example:

Netuser OSPF commands:

set netuser <Name> ospf on|off
set netuser <Name> ospf cost <1-65535>
set netuser <Name> ospf hello-interval <10-120>
set netuser <Name> ospf dead-time <40-1200>
set netuser <Name> ospf point-to-multipoint | nbma | wan-as-stub-ptmp
set netuser <Name> accept-rip on | off
set netuser <Name> route-filter in | out <Filtername>
Example: 
Command> set netuser test ospf on
	Username: test			 Type: Dial-in Network User
Address: Negotiated	     Netmask: 255.255.255.255
	Protocol: PPP		      Options: Quiet, Compression
	MTU: 1500	       Async Map: 00000000
 Port Limit: 30		     Idle Timeout: 0 minutes
	OSPF: on
OSPF accept-rip: off
 OSPF cost: 1
OSPF Hello Int: 10
OSPF Dead Time: 40
OSPF(WAN Type): nbma
route-filter
	incoming:
	outgoing:

Location OSPF commands:

set location <Name> ospf on|off
set location <Name> ospf cost <1-65535>
set location <Name> ospf hello-interval <10-120>
set location <Name> ospf dead-time <40-1200>
set location <Name> ospf point-to-multipoint | nbma | wan-as-stub-ptmp
set location <Name> accept-rip on | off
set location <Name> route-filter in | out <Filtername>

Command> show location test
Location: test			   Type: Manual
 Destination: Negotiated	    Netmask: 255.255.255.255
Protocol: PPP			Options: Quiet, VJ-Comp, Analog
	Group: 1		   Max Ports: 1
Idle Timeout: 0 minutes		  High Mark: 0 bytes
	Mtu: 1500		 Async Map: 00000000
Username: test1		       Password: test1
	Telephone: 5551212
	OSPF: on
OSPF accept-rip: on
OSPF cost: 1
OSPF Hello Int: 10
OSPF Dead Time: 40
OSPF(WAN Type): nbma


	New Command "show route to-dest <Ipaddress>"
 
This command shows the route in the routing table that is used to
forward an IP packet with a destination address of <Ipaddress>.
This command is useful for debugging routing problems.

show route to-dest <Ipaddress>
 
Example:
 
The "show routes" command shows the complete routing table for this
PortMaster:
 
Command> show routes
Destination	   Mask Gateway		     Source  Flag Met  Interface
-----------------  ---- -------------------- ------- ---- ---  ---------
0.0.0.0		    0	172.16.110.2	    local   NS	   1  ether0
172.16.110.64	   27	172.16.110.4	    rip	    ND	   2  ether0
172.16.0.0	   27	172.16.110.9	    rip	    ND	   3  ether0
172.16.110.0	   27	172.16.110.3	    local   NL	   1  ether0
192.168.32.0	   24	172.16.110.9	    rip	    ND	   2  ether0
10.0.0.0	    8	172.16.110.9	    rip	    ND	   3  ether0

Use "show route to-dest" to look for the particular route in the
routing table that would forward an IP packet with a destination
address of 172.16.110.68:

Command> show route to-dest 172.16.110.68
Destination	   Mask Gateway		     Source  Flag Met  Interface
-----------------  ---- -------------------- ------- ---- ---  ---------
172.16.110.64	    27	 172.16.110.4	     rip     ND	    2  ether0

The displayed route above is a network route with a 27-bit subnet
mask.  The route covers IP addresses 172.16.110.64 through
172.16.110.95.  The PortMaster displayed this route because
172.16.110.68 is a member of this subnet.

In the following example, the default route is the route used to
forward the packet:

Command> show route to-dest 192.168.10.2
Destination	   Mask Gateway		     Source  Flag Met  Interface
-----------------  ---- -------------------- ------- ---- ---  ---------
0.0.0.0		     0	 172.16.110.2	     local   NS	    1  ether0


	SNMP Modem Table

Support is included for a new SNMP MIB to display the information
output by the "show modem" command.  The MIB is available from
ftp://ftp.livingston.com/pub/le/snmp/le38.mib.


	SNMP Traps and Alarm Management

A trap is a notification of an event.  An alarm is an instance of a
trap.  If SNMP is on and a reader is specified, the reader gets traps
for failures in PRI lines, modems, channelized T1 lines, and T1 cards.
The MIB for the traps is available from
ftp://ftp.livingston.com/pub/le/snmp/le38trap.mib.

NOTE: The 8-modem "True Digital V.34 Card" generates an alarm for
the 9th and 10th modems that do not exist.  This alarm can be ignored.

show alarms [<Alarm-id>]
clear alarms all | <Alarm-id>

Example:

Command> show alarms
Alarm Id    Age	   Severity   Alarm Message
--------   ------  ---------  ------------------------------------------
4763864	    19:11      0      T1 line(0) down
4764168	    19:09      0      Modem failure: card(0) modem(8)
4772816	    19:09      0      Modem failure: card(0) modem(9)

Command> show alarm 4763864
------------------------ Alarm Details --------------------------
Alarm Id: 4763864		Alarm Message: T1 line(0) down
Age in minutes:	 19:11		Alarm repeated: 1 times
Severity: 0			Reported: SNMP

Command> clear alarm 4763864
Command> show alarm
Alarm Id    Age	   Severity   Alarm Message
--------   ------  ---------  ------------------------------------------
4764168	    19:11      0      Modem failure: card(0) modem(8)
4772816	    19:11      0      Modem failure: card(0) modem(9)

Command> clear alarm all
Command> show alarm
Alarm Id    Age	   Severity   Alarm Message
--------   ------  ---------  ------------------------------------------

The "show alarms" command displays a list of each trap that occurred,
except that each recurring trap is summarized and identified by an
asterisk (*). This handling of duplicates is similar to a recurring
message in syslog.  For now, "Reported" is always SNMP and "Severity"
is always 0.


	Detailed Ptrace

A detailed version of ptrace now displays the Ethernet frame for any
packet matching the filter specified with the ptrace command.  This
command does not work with PPP or Frame Relay packets, and can display
garbage after the end of the packet for UDP packets.

ptrace <Filtername> dump <0-1514>

Command> add filter u
New Filter successfully added
Command> set filter u 1 permit udp
Filter u updated
Command> ptrace u dump 128
Packet Tracing Enabled
IN  ether0 UDP from 172.16.110.4.520 to 172.16.110.0.520
ffffffff ffff00c0 05001228 08004500 005c0db9 0000ff11 0000ac10 6e04ac10
6e000208 02080048 2b580201 00000002 0000ac10 6e400000 00000000 00000000
00010002 0000c0a8 37000000 00000000 00000000 00020002 0000c0a8 0a000000
00000000 00000000 0002c392 e5e50000 00000000 00000000 00000000 04813200
IN  ether0 UDP from 172.16.110.9.520 to 172.16.110.31.520
ffffffff ffff00c0 05031d8a 08004500 0034416e 0000ff11 0000ac10 6e09ac10
6e1f0208 02080020 ed5d0201 00000002 0000ac10 6ec00000 00000000 00000000
00018d45 fe356330 61382030 61303030 30303020 30303030
IN  ether0 UDP from 172.16.110.5.520 to 172.16.110.31.520
ffffffff ffff00c0 050028ce 08004500 007022b0 0000ff11 0000ac10 6e05ac10
6e1f0208 0208005c dfd10201 00000002 0000ac10 6e600000 00000000 00000000
00020002 0000ac10 6ee80000 00000000 00000000 00010002 0000ac10 6ee00000
00000000 00000000 00010002 0000ac10 6e500000 00000000 00000000 0002ce43
Command> ptrace
Packet Tracing Disabled 


	PMVision Support

ComOS 3.8 supports PMVision, the new Java graphical user interface
to ComOS.  PMVision release 1.2 or later is recommended.


	Command Line Context-Sensitive Help

The command line parser has been improved, and the help system has been
updated and improved.  Context-sensitive help is now available; you can
enter a question mark (?) at any point on the command line and press
Return to get a list of the keywords or values that can be entered at
that point.  Keywords use capitals to indicate the shortest permitted
abbreviation.  The "!!" command now repeats the last command (except
for any "?" in it), and you can include additional information to
complete the command.

Example:

Command> set snmp ?
ON OFf Readcommunity Writecommunity
Command> !! readcommunity ?
set snmp  readcommunity ?
 string256  NONE <CR>
Command> !! public
set snmp  readcommunity  public
SNMP read community changed to: public


	Updated Help

 
Online help from the "help" command has been updated to include all
current commands.
Example:
Command> help
add           - Add entry to table         ptrace     - Trace packet traffic
attach        - Connect direct to port     quit|exit  - Quit Console
clear         - Clear SNMP alarm           reboot     - Restart the system
delete        - Remove entry from table    reset      - Reset session/port
dial          - dial to a location         rlogin     - Establish rlogin session
erase         - Erase element of FLASH     save       - Save current config
help          - list available commands    set        - Set configuration
ifconfig      - View/configure interface   show       - Show configuration
ip|ipx        - Sets the environment       telnet     - Establish Telnet session
max pmconsole - Pmconsole session limit#   ping       - Send ICMP packet to Dest
tftp          - Transfer file from host    pmlogin    - Establish PMD session
traceroute    - Use ICMP to detect route   !!         - Repeat last command
version       - Display ComOS version

Use "help [command]" for more ...


	Lastcall Command

This command is now available for both the "True Digital V.34 Card" and
"True Digital 56K Card."  It was available for only the 56K Card in
ComOS 3.7.2c3.

Use this command to hot-swap a modem card without disconnecting users.
If the modem M0 is active, you can enter the command "set m0 lastcall"
to force the modem into ADMIN mode as soon as the user logs out.  If no
user is logged in on the modem when the command is given, the modem
immediately enters the ADMIN state.

Because this ADMIN mode is not saved, a reboot returns the modem to
normal operation.  The "set m0 on" command returns the modem to normal
operation without affecting the current user.

The modem status displayed by the "show <M0>" and "show modems"
commands is ACT(LC) instead of ACTIVE, to show that the modem status is
Active (Last Call), until the current user logs out.

If circuits are available to the PortMaster 3 but no modems are
available, the PortMaster 3 sends a User Busy signal back to the
telephone company when another call comes in.  As a result, the
user receives a busy signal instead of being forwarded to the next line
in the hunt group.   To prevent this behavior, the telephone company
might be able to configure the line for "forward when busy."


	Reset Modem Command

The "reset <M0>" command has been added, to reset the modem and reload
its DSP code.  The "set <M0> on" command performs the same functions
and places the modem in READY state.


	"show <M0>" Command Displays Card Type

The "show <M0>" command now displays the card type -- either
"ADI Chipset" for the "True Digital V.34 Card" or "Lucent Chipset" for
the "True Digital 56K Card."

If the card type is Lucent Chipset, "show <M0>" does not provide
"Connection Failures" information.



_______________ How to Use RADIUS Call-Check

After receiving the command "set call-check on", the PortMaster 3 sends
a RADIUS access-request for any incoming call before accepting the
call.  The PortMaster 3 expects to receive one of the following
replies: 1) a RADIUS access-accept with attributes, to accept the call
and provide the indicated service (such as connecting the user via a
netdata connection to a given host and TCP port), 2) a RADIUS
access-accept with no attributes to accept the call and perform the
usual RADIUS authentication, or 3) a RADIUS access-reject to reject the
call.

set call-check on | off

This command enables or disables the call-check feature.

If call-check is enabled, the "show global" command displays the words
"(Call Check Enabled)" after the ISDN switch type.

If call-check is enabled but no RADIUS support is configured, all
dial-in users receive either a busy condition or dead air.

The dictionary on the RADIUS server must include this entry:

VALUE		Service-Type	Call-Check	10

NOTE: The value 129 used for Call-Check-User in beta dictionaries
has been obsoleted and should be removed from the dictionary if
present.

The call-check feature is supported for both modem calls and ISDN
calls.

Call-check is available on the PortMaster 3 to allow an ISP to check
the telephone number before answering the call.   Typical applications
might be to hang up and call the user back with no charge incurred for
connecting the user in the first place, or to limit the number of
people who can call a given number.  (Both require changes to the
RADIUS server as well.)  

Call-check also allows the redirection of a call to support virtual
points of presence (POPs).  If a customer calls one number, you
authenticate normally.  If he calls a different number, you accept the
call but forward all data through a netdata (TCP clear) connection to
an IP address and port of your choosing, where some other process
handles the user.

The PortMaster sends an access-request packet to the RADIUS server with
a User-Name set to be the Calling-Station-Id and a Service-Type of
Call-Check.  All the usual information is included in the packet,
except the User-Password or CHAP-Password is not included, because the
call has not been accepted yet, and the user has provided no login and
password.

The following three examples show possible user entries:

# Send back an access-accept to ask for login & password for this user.
# He will need a usual user entry as well.

9255551112	Service-Type = Call-Check, Calling-Station-Id = "9255551112", Called-Station-Id = "5553333"

fred	Auth-Type = System
	Service-Type = Framed-User,
	Framed-Protocol = PPP

# Do not accept calls from this phone number.
9255551113	Service-Type = Call-Check, Calling-Station-Id = "9255551113", Auth-Type = Reject

# Redirect calls to 5552222 to host via netdata.
DEFAULT Service-Type = Call-Check, Calling-Station-Id = "9255551111", Called-Station-Id = "5552222"
	Service-Type = Login-User,
	Login-IP-Host = virtual.edu.com,
	Login-Service = TCP-Clear,
	Login-TCP-Port = 2000



_______________ R2 Signaling Configuration

Use the following procedure to configure the PortMaster 3 to support
R2 signaling on an E1 line.

R2 signaling for the PortMaster 3 has been tested in Argentina, Brazil,
Chile, Israel, Mexico, Panama, Philippines, Romania, Russia, South
Africa, Tunisia, Turkey, United Kingdom, and Venezuela.

Both analog modem and 56Kbps ISDN data dial-in calls are supported.
Dial-out is not supported. R2 is not supported on the T1 card.

1. Obtain line parameters from the telephone company, and then enter
commands in the following order to set up R2 signaling. Replace 
<Line0> with either line0 or line1.

Command> set <Line0> inband
Command> set <Line0> signal r2generic | mfr2 <Profile>
Command> set <Line0> framing crc4 | fas
Command> set <Line0> encoding hdb3 | ami
Command> save all

New commands are explained below. See the "PortMaster Command Line
Reference" for descriptions of other commands.

2. Insert the line connector (RJ-48c) from the telephone company into
the line0 or line1 port, and enter the "reboot" command.

3. Enter the "show line0" command to verify the configuration. This
example illustrates MFR2 signaling with profile 0, Frame Alignment
Signaling (FAS) framing, and high-density bipolar 3 (HDB3) encoding.

Command> show line0
----------------------  line0 - E1 Inband DS0         ---------------

  Status: UP   F1    Framing: FAS        Encoding: HDB3       PCM: a-law

  Signaling: MFR2    Profile: 0
 
                       Violations
                       -----------------------------
                       Bipolar                     0
                       CRC4                        0
                       E-bit                       0
                       FAS bit                     0
 
You enable R2 signaling on a per-line basis using one of the two
following commands.  Most setups use MFR2 profile 0.

 set <Line0> signaling r2generic
 set <Line0> signaling mfr2 <Profile>

Replace <Line0> with either line0 or line1, and <Profile> with an
integer that is dependent on the country and switch. Generic R2
signaling (r2generic) provides line signaling with all inband tone
signaling disabled. If the telephone company provides inband tone
signaling, you must set the MFR2 profile as follows:

Profile		Country
-------		------------
  0		ITU-T standard, Argentina
  1		Mexico1
  2		Brazil and Tunisia
  3		Venezuela
  4		Mexico2

Most countries use profile 0, the ITU-T standard.  Profile 4 can be
used wherever profile 1 is used in Mexico, but not vice versa. Profile
4 is a subset of profile 1 and is used with switches that do not
support caller ID.

See ITU Reference Q.422 for Standard R2 signaling, and Q.441 and
Q.442 for Multi-frequency (MFR2) signaling.



_______________ T1 Card Configuration

You can install one T1 card (PM3-SYNC-T1) in any available modem slot
of a PortMaster 3 running ComOS 3.8 or later.  Only one T1 card is
supported in the PortMaster 3.  If you install additional T1 cards,
they are ignored.

The T1 card operates the same way as leased line connections on
built-in ports on the PortMaster 3, with a few exceptions.  The T1 card
is identified as "line2" and has the same settings as line0 and line1.
Unused settings are ignored.  All line framing and encoding types are
supported.  Valid line types are "T1" and "Fractional".   (Setting ISDN
defaults to T1 operation.) When set to fractional, the T1 card supports
only one line group.  In this case, the card uses the first line group
detected (numerically) for configuration.  The fractional line group
supports any number of time slots and also supports 56Kbps channels.

When you install the T1 card, a new port is added to the list of active
ports in the "show all" command.  In a single PRI PortMaster 3, the new
port is W24; in a two-PRI PortMaster 3, it is W48.

If the Stac LZS compression card is present in the PortMaster 3, you
can enable Stac compression for the T1 card.

The T1 card cannot be used for PRI or channelized T1.  The T1 card
does not support E1 or R2.


	Clocking

The T1 card uses the following new command, which is valid only for
line2:

 set line2 clock internal | external

When you select "internal", the built-in 1.544MHz crystal drives the
line.  You can use this setting for dry wire or back-to-back
connections.  When you select "external" (the default), the built-in
CSU/DSU extracts the clock signal from the line.


	Fractional T1 Configuration

To configure the card for fractional T1, use the following command:

 set line2 fractional

To set the channel group for fractional T1, use the following command:

 set line2 group <Cgroup> channel <Channel-list>

<Cgroup> is a group number from 1 to 63, or use the "none" keyword to
unassign channels.  <Channel-list> is a list of channels from 1 to 24,
separated by spaces.  The channel numbers do not have to be contiguous.

To set the channel rate to 56Kbps or 64Kbps for a channel group, use
the following command:

 set line2 group <Cgroup> 56k | 64k

Note that 56Kbps is typically used for D4 framing, while 64Kbps is used
for other framing types.  64Kbps is the default.

 save all
 reboot


	T1 Configuration

To configure the card for full T1, use the following commands:

 set line2 t1
 save all
 reboot


	Frame Relay Configuration

Refer to the "Using Frame Relay" chapter of the "PortMaster
Configuration Guide".


	Point-to-Point Configuration

Refer to the "Configuring a Synchronous WAN Port" chapter of the
"PortMaster Configuration Guide".


	LED Indication

The LED indication of the T1 card is the same as for line0 and line1 of
the PortMaster 3.

Red light only -- CSU/DSU is not synchronized with switch and/or remote
end.

Red light and green light -- CSU/DSU is up and synchronized.  WAN port
is idle or connecting.

Green light only -- Port is established and fully operational.


	Troubleshooting the T1 Card

Use the "show line2" command to display the status of the line.
If you have not installed the T1 card correctly, the "show line2"
command displays the following error message:

line2 is not available

In this case, remove the card, wait 5 seconds, and reinsert the card
carefully.

When the card is pulled out, the console displays the message:

"Card Service: Stopping wancard in slot 0"

When the card is inserted, the console displays the following message:

Card Service: Starting wancard in slot 0
WANCTL version 0.0
WANCTL: sync_init - found device

The "show alarms" command detects when line2 goes down (for example, if
the T1 cable is pulled out).  It does not show an alarm if the card is
removed.

Command> show alarms
Alarm Id    Age	   Severity   Alarm Message
--------   ------  ---------  ------------------------------------------
2851352		0      0      T1 line(2) down
   
Command> show alarm 2851352
------------------------ Alarm Details --------------------------
Alarm Id: 2851352		Alarm Message: T1 line(2) down
Age in minutes:	     0		Alarm repeated: 1 times
Severity: 0			Reported: SNMP


	Limitations of the T1 Card

The T1 card is hot-swappable.  However, after pulling the card out from
the PortMaster 3 slot you must wait a few seconds before reinserting
it.  If you pull the card out and reinsert it immediately, the
PortMaster 3 might lock up.  Turn the power off and on to fix this
problem.



_______________ Limitations in ComOS 3.8


	RADIUS Server 2.0.1 Incompatibility

RADIUS server 2.0.1 and earlier releases do not support Vendor-Specific
attributes properly.  To use RADIUS Server 2.0.1 with ComOS 3.8 you
must add the following line to the dictionary file and kill and restart
radiusd.

ATTRIBUTE	Vendor-Specific		26	string

RADIUS accounting stop records in the accounting detail file will then
show LE-Advice-of-Charge and LE-Terminate-Detail attributes (if
present) like this:

	Vendor-Specific = ""
	Request-Authenticator = Unverified

The RADIUS accounting stop record in the detail file for ComOS 3.8 will
be (falsely) identified as having an unverified Request-Authenticator,
this indicator should be ignored.

RADIUS server 2.1 supports Vendor-Specific attributes properly and does
not have this problem.  At the time of this release note, RADIUS server
2.1b6 is available in open beta.


	No V.22 on V.34 Card

V.22 is no longer supported on the "True Digital V.34 Card" and
will not be supported in future releases.


	Downgrading to ComOS 3.5 Loses Ether0 IP Address

If the PortMaster is downgraded from ComOS release 3.8 to ComOS 3.5 or
ComOS 3.7.2c3, the Ether0 address is lost and must be reconfigured.  To
reconfigure, attach a console to the C0 port and enter the "set ether0
address <Ipaddress>" command, followed by "save all" and "reboot".



_______________ Upgrade Instructions

WARNING! YOU MUST USE PMINSTALL VERSION 3.5.3 OR LATER TO PERFORM THIS
UPGRADE! If you are upgrading using PMconsole for Windows, you must use
PMconsole for Windows 3.5.1.4 or later.   You can also perform this
upgrade using PMVision 1.2 or later, or the pmupgrade from PMTools
4.0.

*** CAUTION!  If the upgrade fails, do NOT reboot!  Contact Lucent  ***
*** Remote Access Technical Support without rebooting.  	    ***

The upgrade process on the PortMaster 3 erases the configuration area
from nonvolatile memory and saves the current configuration into
nonvolatile memory.   Never interrupt the upgrade process, or loss of
configuration information can result.  This upgrade does not otherwise
affect your stored configuration in the PortMaster.

The installation software can be retrieved by FTP from
ftp://ftp.livingston.com/pub/le/software/System/Tarfile.tar.Z.  Replace
System and Tarfile.tar.Z with the names of the files.  You can retrieve
the upgrade image at the same time. The following example shows an
administrator retrieving pmupgrade and the PortMaster 3 upgrade image:

umask 22
mkdir /usr/portmaster
cd /usr/portmaster
ftp ftp.livingston.com
 (Enter anonymous)
 (Enter your email address; it will not echo.)
	binary
	cd /pub/le/software/java
	get pmtools40b2.txt
	get pmtools40b2_unix.tar
	cd /pub/le/upgrades
	get pm3_3.8
	quit

(Follow the instructions in pmtools40b2.txt to install and run
pmupgrade.)

PMconsole 3.5.1.4 for Windows 95 and Windows NT 4.0 is available on
ftp://ftp.livingston.com/pub/le/software/pc/pmw3514.exe in a
self-extracting file.  Transfer that file via FTP, run the file to
install PMconsole for Windows, move the upgrade file into the data
directory, run PMconsole for Windows, and click the Upgrade icon.

PMconsole for the following operating systems can be found under
ftp://ftp.livingston.com/pub/le/software/:

bsdi/pm_3.5.3_BSDOS_2.0.tar.Z		BSD/OS 2.0 and 2.1
sgi/pm_3.5.3_IRIX_5.2.tar.Z		SGI IRIX 5.2
linux/pm_3.5.3_Linux.tar.Z		Linux 1.2.13 ELF
rs6000/pm_3.5.3_RS6000_4.1.tar.Z	RS6000 AIX 4.1
alpha/pm_3.5.3_alpha_T3.0.tar.Z		Digital Alpha OSF/1 T3.0
hp/pm_3.5.3_hp9000_10.01.tar.Z		HP 9000 HP/UX 10.01
sun4/pm_3.5.3_sun4.tar.Z		SunOS 4.1.4, 5.5.1 on Sparc
sun86/pm_3.5.3_sun86_5.5.tar.Z		Solaris x86 2.5.1
pc/pmw3514.exe				Windows 95 and Windows NT 4.0
java/pmvision12.tar			Java on UNIX
java/pmvision12.zip			Java on Windows 95 and NT

See ftp://ftp.livingston.com/pub/le/software/java/pmvision12.txt for
installation instructions for the PMVision 1.2, or use PMVision
1.2b4 or PMVision 1.3b3 if release 1.2 is not on the FTP site yet.

The following upgrade image is available at
ftp://ftp.livingston.com/pub/le/upgrades/:

ComOS		Upgrade Image	Product
_________	_____________	_____________________________________
3.8		pm3_3.8		PortMaster 3

You must add the following three lines to your RADIUS dictionary before
running ComOS 3.8.  If upgrading from a ComOS 3.8 beta release, you
must also modify your RADIUS users file to use Call-Check instead of
Call-Check-User.  Then kill and restart radiusd.

ATTRIBUTE	Class			25	string
ATTRIBUTE	Vendor-Specific		26	string
VALUE		Service-Type	Call-Check	   10

If you are running the Lucent Remote Access RADIUS Server 2.1, the
above attributes are already included in your dictionary file, along
with the following vendor-specific attributes:

VENDOR          Livingston      307
ATTRIBUTE       LE-Terminate-Detail     2       string  Livingston
ATTRIBUTE       LE-Advice-of-Charge     3       string  Livingston

________________________________________________________________________


	Copyright and Trademarks

Copyright 1998 Lucent Technologies. All rights reserved.

PortMaster, ComOS, and ChoiceNet are registered trademarks of Lucent
Technologies, Inc. RADIUS ABM, PMVision, PMconsole, and IRX are
trademarks of Lucent Technologies, Inc. ProVision is a service mark of
Lucent Technologies, Inc. All other marks are the property of their
respective owners.


	Notices

Lucent Technologies, Inc. makes no representations or warranties with
respect to the contents or use of this publication, and specifically
disclaims any express or implied warranties of merchantability or
fitness for any particular purpose. Further, Lucent Technologies, Inc.
reserves the right to revise this publication and to make changes to
its content, any time, without obligation to notify any person or
entity of such revisions or changes.


	Contacting Lucent Remote Access Technical Support

Lucent Technologies Remote Access Business Unit (previously Livingston
Enterprises) provides technical support via voice, fax, electronic
mail, or through the World Wide Web at http://www.livingston.com/.
Please specify that you are running ComOS 3.8 when reporting problems
with this release.
 
Internet service providers (ISPs) and other end users in Europe, the
Middle East, Africa, India, and Pakistan should contact their
authorized Lucent Remote Access sales channel partner for technical
support; see http://www.livingston.com/International/EMEA/distributors.html.

For North and South America and Asia Pacific customers, technical
support is available Monday through Friday from 7 a.m. to 5 p.m. U.S.
Pacific Time (GMT -8).  Dial 1-800-458-9966 within the United States
(including Alaska and Hawaii), Canada, and the Caribbean, or
1-925-737-2100 from elsewhere, for voice support. Otherwise, fax to
1-925-737-2110, or send email to support@livingston.com
(asia-support@livingston.com for Asia Pacific customers).
