47.1. Tunneling proprietary protocols

The Abilis supports two types of virtual tunneling, which can be applied to different level 2 links:

Both virtual tunnels support several operation modes:

47.1.1. Link check

Link check allows to automatically manage an eventual “True link backup” (onto ISDN line) in case of failure of the permanent VPN connection. When activating a packet voice or IP tunnel, Abilis checks continuously the link using the parameters below:

LLOG

Link Check logging activation/deactivation.

LMPX

Activates the multiplexing of DATA, “Link-Check”, VOICE frames type [NO: Abilis MPX multiplexing isn't active; YES: Abilis MPX multiplexing is active only for the data protocols LAPB and LINK-FR; EXT: Abilis MPX multiplexing is active for ANY data protocol]. The default value is YES;

LC

Enables/disables the use of the “Link-Check” protocol, and consequently the transmission of “Link-check” frames. The link-check protocol is automatically disabled when MPX:NO.

[Note]Note

With LC:NO the “true link backup” is disabled. The default value is YES.

LCR

Enables and selects the cryptography to be applied on the frames passing through the resource. Cryptography can be selectively applied to the different traffic types (VOICE and DATA). [NO: no cryptography is applied; DATA: cryptography is applied only on DATA traffic type; VOICE: cryptography is applied only on VOICE traffic type; ALL: cryptography is always in use, whatever is the traffic data type].

LCRKEY

Selects the key to be used for cryptography operations. Users can choose either the default key supplied by the system (LCRKEY:DFT), or one of the keys defined in the cryptography keys table, in which case the numeric value (from 1 to 63) corresponding to the desired LCRKEY has to be specified. If the configured value refers to a missing LCRKEY it will be shown inside square brackets (e.g. CRKEY:[5] means that the key number 5 isn't present in the table). If the parameter LCR is set to NO, the value of LCRKEY is useless.

LT1

Maximum time to wait for a Link-Check “probe” acknowledge. If this time elapses without receiving the acknowledge the “probe” is immediately repeated, as a result “not acknowledged probes” are repeated every LT1 milliseconds [200..15000 ms]. The default is 3000;

LT3

This is the time interval between a correctly sent and acknowledged Link-Check “probe” and the next one to send while the link is regularly working (e.g. P-LINK state is READY) [600..45000 ms]. It has relationships with the parameter LT1: and it has to satisfy the simple rule: LT3 > LT1 * 2. The default is 9000;

LN2

Sets the maximum number of Link-Check “probes” retransmission [1..99]. The default is 3.

[Tip]Tip

Refer to chapter Section 47.5, “Appendix - LN2 parameter” to have more information about LN2 parameter.

LCOMP

Set the compression type to use for an IP resource with subtype AIPT[-BCK], DL[-BCK], ML, BCH. Data Compression is available only under licence.[NO: compression not active, LZO1X: is often the best choice of all, LZO1B: is good with a large blocksize or with very redundant data, LZO1F: s good with a small blocksize or with binary data]

These parameters are in the link section:

[10:42:48] ABILIS_CPX:d p ip-5

RES:Ip-5 - Not Saved (SAVE CONF), Not Refreshed (INIT) ------------------------
       - IP over IP (Abilis tunnel) (AIPT) ------------------------------------
New    DESCR:
       OPSTATE:UP             LOG:NO                 STATE-DETECT:NORMAL
                              LINK-FRAG:AIPT         LINK-FRAGSIZE:1480
       IPADD:000.000.000.000  MASK:255.255.255.255   NEIGH:000.000.000.000
       REDIS:YES     HIDE:NO         RP:NONE            IPSEC:NO       VRRP:NO
       NAT:NO                        DIFFSERV:NO        DDNS:NO
       OUTBUF:100    OUTQUEUE:FAIR   MTU:1500
       OUTSPL:NO
       INBUF:0                       mru:1500           SRCV:NO
       - TRFA section ---------------------------------------------------------
       TRFA:NO
       - Link -----------------------------------------------------------------
       LLOG:DS       LMPX:YES         LC:YES         LCOMP:NO      LCR:NO
       LT1:3000      LT3:9000         LN2:3                        LCRKEY:DFT
       - IP Tunnel ------------------------------------------------------------
       MODE:EXT      V-OPT:NO         D-TOS:0-N      V-TOS:0-D     C-TOS:0-D  
       MPX:YES       RS-BUF:100                      V-TOUT:100    V-RED:NONE
       PATH:SINGLE   LOCPORT:2105     REMPORT:2100   CR:NO         CRKEY:DFT
       OUT:AUTO
       LOCIP:R-ID (192.168.000.201)   REMIP:#

The Abilis sends a link-check every LT3 msec. If there's no response, Abilis sends it again every LT1 msec for LN2 times. Using the default values it can take from 9 to 18 seconds to consider the link down.

The default values can be changed using the syntax:

  • s p pv-<id> par:<value> for a PV tunnel

  • s p ip-<id> par:<value> for an AIPT tunnel.

[Tip]Tip

LT1 parameter has relationships with the parameter T1: and it has to satisfy the simple rule: T3 > T1 * 2.