Embedded switch CLI for wireless LOM Package configuration
Use this information to set configuration of wireless LOM package.
Use UCI (Unified Configuration Interface) to configure wireless LOM package core services.
User name: oper
Password: (use the same password as XCC)
Configuration display
To show the configuration of system wireless function, use the commands below:
- sudo uci show → Show entire system configuration
- sudo uci show config_profile → Show specific configure profile of all interfaces
- sudo uci show config_profile.interface → Show configure profile of specific interface
- sudo uci show config_profile.interface.configName → Show specific configure setting
| Configure profile | Description |
|---|---|
| dhcp | DHCP and DNS setting |
| firewall | firewall (NAT), packet filter, and port forwarding setting |
| network | Switch, interface, and route configuration |
| wireless | Wireless settings and wifi network definition |
| Interface name | Description |
|---|---|
| mgmt_xcc_lan | Management Port of XCC access |
| edge_lan | Downlink ports |
| cloud_wan | Uplink ports (Wireline) |
| x86_lan | Dedicated internal 10Gb port to the OS (in Windows is called “LOM1-Switchboard”) |
| lte_wan | 4G LTE port |
| wifi_lan_ap | WLAN port (AP mode) |
| wifi_wan_sta | WLAN port (Station mode) |
Commands example:
- sudo uci show network
- sudo uci show network.edge_lan
- sudo uci show network.edge_lan.ipaddr
Configuration setting
Syntax
|
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
name | string | no | none | Dhcp pool name. |
ignore | boolean | no | 0 | Specifies whether dnsmasq should ignore this pool if set to 1. |
interface | logical interface name | yes | none | Specifies the interface associated with this DHCP address pool; must be one of the interfaces defined in /etc/config/network. |
start | integer | yes | 100 | Specifies the offset from the network address of the underlying interface to calculate the minimum address that may be leased to clients. It may be greater than 255 to span subnets. |
limit | integer | yes | 150 | Specifies the size of the address pool (e.g. with start=100, limit=150, maximum address will be .249). |
leasetime | string | yes | 12h | Specifies the lease time of addresses handed out to clients, for example 12h or 30m |
dynamicdhcp | boolean | no | 1 | Dynamically allocate client addresses, if set to 0 only clients present in the ethers files are served. |
force | boolean | no | 0 | Forces DHCP serving on the specified interface even if another DHCP server is detected on the same network segment. |
dhcp_option | list of strings | no | none | The ID dhcp_option here must be with written with an underscore. It will be translated to –dhcp-option, with a hyphen, as ultimately used by dnsmasq. Multiple option values can be given for this network-id, with a a space between them and the total string between ””. E.g. '26,1470' or 'option:mtu, 1470' that can assign an MTU per DHCP. Your client must accept MTU by DHCP for this to work. Or “3,192.168.1.1 6,192.168.1.1” to give out gateway and dns server addresses. |
ra | string | no | none | Specifies whether Router Advertisements should be enabled (server), relayed (relay) or disabled (disabled). |
dhcpv6 | string | no | none | Specifies whether DHCPv6 server should be enabled (server), relayed (relay) or disabled (disabled). |
ndp | string | no | none | Specifies whether NDP should be relayed relay or disabled none. |
ra_management | integer | no | 1 | RA management mode : no M-Flag but A-Flag (0), both M and A flags (1), M flag but not A flag (2). |
ra_default | integer | no | 0 | Default router lifetime in the RA message will be set if default route is present and a global IPv6 address (0) or if default route is present but no global IPv6 address (1) or neither of both conditions (2). |
dns | string | no | none | Announced DNS servers. |
domain | string | no | none | Announced DNS domains. |
Commands example:
Configure a DHCPv4 server listening on the downlink /internal link to x86/ WiFi AP/dedicated management ports |
|---|
For downlink ports, IP assignment range :1~100
|
For internal link (to X86) , IP assignment range :1~100(preset 5 no x86_lan interface): 1~100
|
For WiFi AP mode (Except for preset 4 due to WiFi is configured to station mode): 1~100
|
For dedicated management port, IP assignment range :1~100
|
Configure IP related setting (Profile: network)
Syntax
|
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
interface | string | yes | none | Logical interface name you want to create. |
ifname | string | yes | none | physical interface name on the device |
ipaddr | ip address | yes, if no ip6addr is set. | none | IP address. It could be a list of ipaddr , that is: several ipaddresses will be assigned to the interface. If, instead of a list, several ipaddr are specified as options, only the last is applied. |
netmask | netmask | yes, if no ip6addr is sets | none | Netmask. |
gateway | ip address | no | none | Default gateway. |
broadcast | ip address | no | none | Broadcast address (autogenerated if not set). |
dns | list of ip addresses | no | none | DNS server(s). |
ip6assign | prefix length | no | none | Delegate a prefix of given length to this interface (Barrier Breaker and later only). |
ip6hint | prefix hint (hex) | no | none | Hint the subprefix-ID that should be delegated as hexadecimal number (Barrier Breaker and later only) |
ip6ifaceid | ipv6 suffix | no | ::1 | Allowed values: 'eui64', 'random', fixed value like '::1:2'. When IPv6 prefix (like 'a:b:c:d::') is received from a delegating server, use the suffix (like '::1') to form the IPv6 address ('a:b:c:d::1') for this interface. Useful with several routers in LAN. |
auto | boolean | no | 0 for proto none, else 1 | Specifies whether to bring up interface on boot. |
force_link | boolean | no | 1 for protocol static, else 0 | Specifies whether ip address, route, and optionally gateway are assigned to the interface regardless of the link being active ('1') or only after the link has become active ('0'); when set to '1', carrier sense events do not invoke hotplug handlers |
macaddr | mac address | no | none | Override MAC address of this interface. |
mtu | number | no | none | Override the default MTU on this interface. |
metric | integer | no | 0 | Specifies the default route metric to use. |
Commands example:
| Modify base IP of downlink /internal link to x86/ WiFi AP/dedicated management ports | |
|---|---|
Configure downlink port to 192.168.71.254
| |
Configure internal link(to X86) to 192.168.73.254(preset 5 has no x86_lan interface):
| |
Configure WiFI ports (AP mode,preset 4 is station mode): 192.168.74.254
| |
Configure dedicated management port to 192.168.70.254
|
Remove eth3 and eth6 edge_lan:
# show interfaces in edge ports sudo uci show network.edge_lan.ifname
# Remove eth3 and eth6 from edge_lan.ifname sudo uci set network.edge_lan.ifname='eth1' sudo uci commit sudo /etc/init.d/network restart |
Configure Wireless setting (WLAN)
The wifi-device refer to physical radio devices present on the system. The options present in this section describe properties common across all wireless interfaces on this radio device, such as channel.
Syntax
|
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
type | string | yes | (auto detected) | The type is determined on firstboot during the initial radio device detection - it is usually not required to change it. |
hwmode | string | no | 11n | Selects the wireless protocol to use, possible values are 11b, 11g, and 11a. Note that 11ng and 11na are not available options |
htmode | string | no | HT40 | Specifies the channel width in 802.11n and 802.11ac mode, possible values are: HT20, HT40-, HT40+, HT40, or VHT20, VHT40, VHT80, VHT160, NOHT disables 11n |
disabled | boolean | no | 1 | Disables the radio adapter if set to 1. Removing this option or setting it to 0 will enable the adapter |
channel | integer (1-11) | yes | 11 | Specifies the wireless channel to use. |
Commands example:
To enable wireless function in 802.11n mode, set default channel to 11
|
Wireless Interface
Syntax
|
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
network | string | yes | wifi_lan_ap | Specifies the network interface to attach the wireless to.Possible values are wifi_lan_ap,wifi_wan_sta. |
mode | string | yes | ap | Selects the operation mode of the wireless network interface controller. Possible values are ap, sta. |
ssid | string | yes | hodaka_ap | The broadcasted SSID of the wireless network and for managed mode the SSID of the network you’re connecting to |
encryption | string | yes | psk2 | Wireless encryption method. 1.AP mode: WPA2 personal only, value : psk2 2.Station mode: WPA2 Enterprise and Personal. |
key | integer or string | yes | user defined | In any WPA-PSK mode, this is a string that specifies the pre-shared passphrase from which the pre-shared key will be derived. The clear text key has to be 8-63 characters long. If a 64-character hexadecimal string is supplied, it will be used directly as the pre-shared key instead. IIn any WPA-Enterprise AP mode, this option has a different interpretation. |
WPA Enterprise (client mode)
Listing of Client related options for WPA Enterprise:
| Name | Default | Description |
|---|---|---|
eap_type | (none) | Defines the EAP protocol to use, possible values are tls for EAP-TLS and peap or ttls for EAP-PEAP |
auth | MSCHAPV2 | “auth=PAP”/PAP/MSCHAPV2 - Defines the phase 2 (inner) authentication method to use, only applicable if eap_type is peap or ttls |
identity | (none) | EAP identity to send during authentication |
password | (none) | Password to send during EAP authentication |
ca_cert | (none) | Specifies the path the CA certificate used for authentication |
client_cert | (none) | Specifies the client certificate used for the authentication |
priv_key | (none) | Specifies the path to the private key file used for authentication, only applicable if eap_typeis set to tls |
priv_key_pwd | (none) | Password to unlock the private key file, only works in conjunction with priv_key |
Commands example:
To configure wireless to station mode, and connect to AP which SSID is Hoda-WF2G-TEST with WPA2 personal.
|
To configure wireless to station mode, and connect to AP which SSID is Hoda-WF2G-TEST with WPA2 enterprise.
|
Configure LTE setting
Syntax
|
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
apn | string | yes | internet | Used APN |
pincode | number | no | (none) | PIN code to unlock SIM card |
username | string | no | (none) | Username for PAP/CHAP authentication |
password | string | no | (none) | Password for PAP/CHAP authentication |
auth | string | no | chap | Authentication type: pap, chap, both, none |
pdptype | string | no | IPV4 | Used IP-stack mode, IP (for IPv4), IPV6 (for IPv6) or IPV4V6 (for dual-stack) |
plmn | number | no | (none) | First three digits are the mcc (mobile country code) and the last three digits are the mnc (mobile network code), for example if plmn=338020, then the mcc is 338 and the mnc is 020 |
Commands example:
|
Configuration import and export
Back up embedded switch configuration to local PC. # Generate backup sudo sysupgrade -b /tmp/backup.tar.gz ls /tmp/backup.tar.gz
# Download backup scp oper@192.168.70.254://tmp/backup.tar.gz ./ |
Restore previously saved embedded switch configuration from local PC. # Upload backup scp backup.tar.gz oper@192.168.70.254://tmp/backup.tar.gz
# Restore backup ls /tmp/backup.tar.gz sudo sysupgrade -r /tmp/backup.tar.gz
sudo reboot |
Upgrade firmware of embedded switch
Connect your laptop to BMC management port, and configure ip of laptop to "192.168.70.xxx" .
Transfer image from client to switch board by scp:
[Linux OS] $> scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ./se350-hyl403g-r378-bd144013.bin.sign oper@192.168.70.254://tmp/
[Windows OS] .\pscp.exe -scp .\se350-hyl403g-r378-bd144013.bin.sign oper@192.168.70.254://tmp/
Update FW in CLI of switch board: (all settings will be reset to factory default if "sudo sysupgrade -n") $> sudo sysupgrade /tmp/se350-hyl403g-r378-bd144013.bin.sign
Static route for remote configuration on embedded switch
If cloud ports are active, the default gateway obtained from cloud ports will overwrite existing default gateway of embedded switch. User will not be allowed to connect to embedded switch ip remotely (from different ip segment) due to network traffic back to management port will be redirected to cloud ports. Following example demonstrates how to add "static route" to allow remote configuration to embedded switch ip when the cloud ports are active.
#.If ip domain of management port is "172.18.x.x", with default gateway "172.18.221.254".
#.To force traffic targets to 172.18.0.0/16 & 10.0.0.0/8 to go through gateway 172.18.221.254
sudo uci set network.rtmgmt1=route
sudo uci set network.rtmgmt1.interface='mgmt_xcc_lan'
sudo uci set network.rtmgmt1.target='172.18.0.0'
sudo uci set network.rtmgmt1.netmask='255.255.0.0'
sudo uci set network.rtmgmt1.gateway='172.18.221.254'
sudo uci set network.rtmgmt2=route
sudo uci set network.rtmgmt2.interface='mgmt_xcc_lan'
sudo uci set network.rtmgmt2.target='10.0.0.0'
sudo uci set network.rtmgmt2.netmask='255.0.0.0'
sudo uci set network.rtmgmt2.gateway='172.18.221.254'
sudo uci commit
sudo /etc/init.d/network restart