OLT XML Interface

Overview

The OLT configuration data, in its entirety, is contained in the OLT XLM Interface. An OLT XML Interface document, produced by the system, contains all data necessary to function as a restore point for an OLT. An OLT XML interface document can be edited, to customize the configuration, to update or initialize an OLT for a specific deployment or purpose. This guide documents the format and definition of the OLT XML Interface.

How to use this Document

This document is designed to be a reference guide. It provides details about the information contained in the OLT XML interface, an overview of the interface structure, and definitions for each of its components. You can refer to this guide as needed to understand or edit an OLT XML interface document.

This document is logically divided into sections that define related OLT configuration components or functional topics. Dependent elements are presented in the same section, when possible. Each section formally defines the relevant XML elements, describes the element relationships and documents the configuration data formats and options.

Each section, in the document, has the following format:

Section Title

Following the section title is a brief summary of the section content, including:

The configuration modeled by the XML elements documented in the section
The components of the provisoning model defined by the elements
A detailed description of the configuration data stored in each element
How the XML elements relate to provide system configuration
The location of the elements relative to the general stucture of the XML interface

Definition

The "Definition" sub-section contains the formal definition of each XML element using XML Schema Definition Language (XSD). XSD is recommended, by the World Wide Web Consortium (W3C), to describe the structure and constrain the contents of XML documents. Tellabs uses XSD to define the elements, attributes, and data types used in the OLT XML Interface, in accordance with this recommendation. Basic knowledge of XSD is required to understand this section. A brief introduction to XSD, and its use in defining the OLT XML Interface, is presented in the "XML Schema Definition Language (XSD)" section of this document. A more thorough treatment of XSD can be found on the WC3 - XML Schema Tutorial website.

Example

The "Example" sub-section displays example XML code, for each element, as it will appear in an XML document.

Contents and Attributes

The "Contents and Attributes" section provides a description of the data stored in the contents (inluding contained elements) and attributes for each XML element. This includes its purpose, valid values, and dependencies.

General Structure

Multiple files, containing the OLT XML Interface, are produced by the system in response to operational events. Each file is a well-formed XML document that conforms to the XML schema defined by the Tellabs XSD. With respect to the OLT interface, the files differ only in the location of the root element.

Root Element

XML code forms a tree structure. The root node, for the OLT Interface data, is the <RestoreFile> XML element. The location of this element is dependent upon the parser that created the file. There are two common XML files produced by the system; the Backup File, created when the OLT database is backed up, and the Restore File, created when the OLT database is restored. In the Restore File, the <RestoreFile> element is the root node of the XML document. In the Backup File, the <RestoreFile> element is a child of the document root node: <EmsCompositeBackup>.

Backup File

In a Backup File, the root element for the OLT data is a child of the document root node.

<?xml version="1.0" encoding="UTF-8"?> <tcfg:EmsCompositeBackup xmlns:tcfg="http://www.tellabs.com/FullSchema"> <tcfg:tcfgConfig srcHost="7.13.96.107" schemaVersion="SCHEMA_V002900" ... > ... </tcfg:tcfgConfig> <ems:RestoreFileR29 srcHost="7.13.96.107" schemaVersion="SCHEMA_V002900" ... > ... </ems:RestoreFileR29> </tcfg:EmsCompositeBackup>

Restore File

In a Restore File, the root element for the OLT data is the document root node.

<?xml version="1.0" encoding="UTF-8"?> <ems:RestoreFileR29 srcHost="7.13.96.107" schemaVersion="SCHEMA_V002900" ... > ... </ems:RestoreFileR29>

Element Naming Conventions

The format of element names, in the XML file, needs clarification. There are components of the name associated with namespaces and versioning. To illustrate the format, we can look at the root XML element, <RestoreFile>:

The name of this element is "RestoreFile", however, the name used in the XML file is "ems:RestoreFileR29". The difference is a result of strategies used to solve problems related to namespaces and versioning.

Namespaces

XML namespaces are used to provide uniquely named elements and attributes in an XML document. An XML document may contain element or attribute names from more than one XML vocabulary. If each vocabulary is given a namespace, the ambiguity between identically named elements or attributes can be resolved. A name space is a URI that typically refers to a resource under the control of the author or organization defining the vocabulary.

Tellabs uses the XML Schema Definition Language (XSD) to define XML structures and data types. Using XSD, namespaces are resolved using the <schema> element, which is the root element for all XSD documents. This element has attributes that specify tags assigned to different namespaces. The <schema> element is discussed in the XML Schema section, later in this document. For now, just know that elements, defined in different vocabularies, are assigned different tags to eliminate ambiguity.

Versioning

As technology changes and features are added, data definitions change. However, data must be preserved for backwards compatability. For example, if new software is released for hardware, a management system should still support hardware running an older verson. Data is versioned, so that systems running different software version can be supported.

For the OLT XML interface, versioning is handled by adding a version tag to the end of the XML element name. This allows for the existance of multiple versions of the data in the same XSD. When the data changes, a new schema definition is released and any data structures that have changed are assigned a new version. Not all data structures change with each new schema release and only those that change recieve a new version tag. This means there are different version tags for different elements within the same schema. The version tags are important because all versions of the element exist in the XSD, but only one is valid for use in an XML document produced under a particular schema.

Attribute Order

Attribute order is irrelevant in XML. The order found in any particular document is dependent on the XML parser that created it. The order of the attributes shown in the examples, in this document, match the order they are defined in the XSD. This is for convenience and readability. The order of the attributes found in actual XML files will vary.

XML Schema Definition Language (XSD)

The XML Schema Definition Language (XSD) defines the structure and data types for XML documents. It defines the elements, attributes, and data types that conform to the recommendations of the document, "W3C XML Schema Definition Language (XSD) 1.1 Part 1: Structures", published by the World Wide Web Consortium (W3C). This is the current standard schema language for all XML documents and data. The OLT XML interface is defined by the Tellabs XSD document which extends the definitions found in the "http://www.w3.org/2001/XMLSchema" namespace published by the W3C.

An understanding of the basics of XSD and the specifics of the Tellabs schema is key to understanding the XML definitions presented in this document. The following sections provide an overview of XSD and the standard schema components extended by the Tellabs XSD.

The <schema> Element

The <schema> element is the root element of every XML Schema Document (XSD) and is required. The <schema> element, in the Tellabs XSD, is shown below:

<xs:schema xmlns:ems = "http://www.tellabs.com/EmsNe" attributeFormDefault = "unqualified" elementFormDefault = "qualified" targetNamespace = "http://www.tellabs.com/EmsNe" xmlns:xs = "http://www.w3.org/2001/XMLSchema"> ... </xs:schema>

All Tellabs XSD definitions are found between the the start and end tag of this <schema> element. The following table discusses the meaning of the attributes and values for the <xs:schema> element defined in the Tellabs XSD.

Attribute/Value	Description
`xmlns:ems = "http://www.tellabs.com/EmsNe"`	Some elements and data types used in the schema are defined in the "http://www.tellabs.com/EmsNe" namespace. These should be prefixed with the tag: "ems:"
`attributeFormDefault = "unqualified"`	Attributes from the target namespace ("http://www.tellabs.com/EmsNe") are not required to be namespace qualified.
`elementFormDefault = "qualified"`	Elements from the target namespace ("http://www.tellabs.com/EmsNe") must be namespace qualified.
`targetNamespace = "http://www.tellabs.com/EmsNe"`	Elements defined by this schema belong to the "http://www.tellabs.com/EmsNe" namespace.
`xmlns:xs = "http://www.w3.org/2001/XMLSchema"`	Some elements and data types used in the schema are defined in the "http://www.w3.org/2001/XMLSchema" namespace. These should be prefixed with the tag: "xs:"

Inherited Schema

The Tellabs XSD inherits from and extends the definitions found in the "http://www.w3.org/2001/XMLSchema" namespace, designed by the W3C. There are many data types, elements, and constraints defined in this name space. This section describes the components used, in the Tellabs XSD, to define the OLT XML interface.

Primitives

The schema namespace "http://www.w3.org/2001/XMLSchema" defines many built-in primitive datatypes. The Tellabs XSD uses only those listed in the table below.

Primitive	Description
xs:string	The xs:string datatype represents character strings in XML.
xs:boolean	The xs:boolean datatype supports the mathematical concept of binary logic. It can have the legal values {true, false, 1, 0}.
xs:int	The xs:int datatype is derived from xs:long and can store a 32 bit signed integer.
xs:base64Binary	The xs:base64Binary datatype stores Base64-encoded binary data. For base64Binary data the entire binary stream is encoded using the Base64 Alphabet (a-z,A-Z,0-9,+,/,=,<white space>). No other characters are allowed. This datatype is used in the OLT XML Interface, to hold encrypted data.
Note: As defined in the schema declaration, `xmlns:xs = "http://www.w3.org/2001/XMLSchema"`, these datatypes use the xs: prefix tag.

Indicators

Indicators allow control over the order, occurrence and grouping of child elements. The Tellabs XSD uses the following indicators defined in the "http://www.w3.org/2001/XMLSchema" namespace.

Indicator	Description
<xs:sequence>	The <xs:sequence> element is an order indicator. It specifies that child elements must occur (in an XML document) in the same order they appear in the definition. <xs:element name="ExampleElement" type="ems:ExampleElement" /> <xs:complexType name="ExampleElement"> <xs:sequence> <xs:element name="ChildElementA" type="ems:SomeDefinedTypeA" /> <xs:element name="ChildElementB" type="ems:SomeDefinedTypeB" /> <xs:element name="ChildElementC" type="ems:SomeDefinedTypeC" /> </xs:sequence> <xs:attribute name="Attribute1" type="xs:string" use="required" /> </xs:complexType> For the element defined above, XML documents are required to list the child elements in the exact order defined.
minOccurs	The minOccurs indicator is an occurrence indicator that specifies the minimum number of times an element can occur within a group or order indicator element. It is an attribute of <xs:element>. <xs:sequence> <xs:element name="ChildElementA" type="ems:SomeDefinedTypeA" /> <xs:element name="ChildElementB" type="ems:SomeDefinedTypeB" minOccurs="0"/> <xs:element name="ChildElementC" type="ems:SomeDefinedTypeC" /> </xs:sequence> In the sequence defined above, ChildElementB can be absent. All other elements must be present exactly once (see defaults in notes).
maxOccurs	The maxOccurs indicator is an occurrence indicator that specifies the maximum number of times an element can occur within a group or order indicator. It is an attribute of <xs:element>. <xs:sequence> <xs:element name="ChildElementA" type="ems:SomeDefinedTypeA" /> <xs:element name="ChildElementB" type="ems:SomeDefinedTypeB" minOccurs="0" maxOccurs="5" /> <xs:element name="ChildElementC" type="ems:SomeDefinedTypeC" /> </xs:sequence> In the sequence defined above, ChildElementB can be absent, or have up to 5 instances. All other elements must be present exactly once (see defaults in notes).
Notes: For all "Order" and "Group" indicators (any, all, choice, sequence, group name, and group reference) the default value for maxOccurs and minOccurs is 1. The indicator "maxOccurs" can be assigned the special value "unbounded". This allows for an unlimited number of instances of the child element within the sequence. As defined in the schema declaration: `xmlns:xs = "http://www.w3.org/2001/XMLSchema"`, the sequence indicator uses the xs namespace prefix.

Elements

The Tellabs XSD uses the following elements defined in the "http://www.w3.org/2001/XMLSchema" namespace.

Element	Description
<xs:simpleType>	Defines a simple type, which determines the constraints on and information about the values of elements with text-only content. Simple types are defined by deriving them from existing simple types (built-in data types and derived simple types). A simple type cannot contain elements and cannot have attributes. In the Tellabs XSD, all simple types are enumerations derived from <xs:simpleType>. <xs:simpleType name="ExampleSimpleType"> ... </xs:simpleType>
<xs:restriction>	Defines constraints on an <xs:simpleType> definition. The <xs:restriction> element has the required attribute, base, which specifies the primitive type or <xs:simpleType> element to be constrained. The content of an <xs:restriction> is a constraint element which limits the values base can assume. In the Tellabs XSD, all simple types are enumerations derived from <xs:simpleType> using <xs:restriction> to specify an xs:string datatype. <xs:simpleType name="ExampleSimpleType"> <xs:restriction base="xs:string"> ... </xs:restriction> </xs:simpleType>
<xs:enumeration>	An <xs:enumeration> element allows the definition of a list of possible values for the base datatype in an <xs:restriction> element. Each possible value of base is specified in a seperate <xs:enumeration> element. The values of the <xs:enumeration> must belong to the value space of the base datatype. In the Tellabs XSD, all simple types are enumerations derived from <xs:simpleType>, using <xs:restriction> to specify an xs:string datatype where the values are constrained by <xs:enumeration> elements. <xs:simpleType name="ExampleEnumTypeElem"> <xs:restriction base="xs:string"> <xs:enumeration value="eEnumValue1" /> <xs:enumeration value="eEnumValue2" /> <xs:enumeration value="eEnumValue3" /> </xs:restriction> </xs:simpleType>
<xs:element>	An <xs:element> is an element used to define an XML element. The following example shows two simple XML elements created using the <xs:element> schema definition: <xs:element name="NewSimpleStringElem" type="xs:string> <xs:element name="NewSimpleIntElem" type="xs:integer> Note: In the example above, the simple elements <NewSimpleStringElem> and <NewSimpleIntElem> will be created in the "http://www.tellabs.com/EmsNe" namespace and name must be prefixed with ems: in an XML document (i.e., <ems:NewSimpleStringElem> and <ems:NewSimpleIntElem>
<xs:complexType>	An <xs:complexType> is an element used to define a complex data type. Complex data types are those types that contain attributes and/or child elements. An XML element can be defined by a strategy that uses named types. This approach names a simpleType or complexType definition and points to it in the type attribute of an element definition. The named type can define all structure, content, and attributes for the element. In the Tellabs XSD, all elements are created using this strategy. <xs:element name="NewComplexElement" type="ems:NewComplexElement" /> <xs:complexType name="NewComplexElement"> <xs:sequence> <xs:element name="intList" type="xs:int" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> Note: In the example above, the complex type <NewComplexElement> is created in the "http://www.tellabs.com/EmsNe" namespace and its name must be prefixed with ems:in the type attribute assignment for the new element (`... type="ems:NewComplexElement" ...`). Additionally, the element defined by <xs:element> is created in the same target namespace and must be prefixed appropriately in an XML document (<ems:NewComplexElement>)
<xs:attribute>	An attribute declaration associates a name with a type definition. An <xs:attribute> element defines attributes for <xs:schema> and <xs:complexType> elements and are children of these elements. An <xs:attribute> element has many attributes defined in the W3C namespace, used to specify and constrain attribute definition. In the Tellabs XSD, the only attributes of <xs:attribute> used are name, type and use. <xs:element name="NewComplexElement" type="ems:NewComplexElement" /> <xs:complexType name="NewComplexElement"> <xs:sequence> <xs:element name="intList" type="xs:int" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="stringAttribute" type="xs:string" use="required" /> <xs:attribute name="intAttribute" type="xs:int" use="required" /> </xs:complexType>
Notes: Elements and types inherited from the namespace "http://www.w3.org/2001/XMLSchema", will use the xs: prefix (e.g.,<xs:simpleType>). This is based on the attribute, `xmlns:xs = "http://www.w3.org/2001/XMLSchema"`, specified in the <xs:schema> element definition in the XSD. Elements and types defined or inherited from the namespace "http://www.tellabs.com/EmsNe" will use the ems: prefix (e.g.,<ems:NewComplexElement>). This is based on the fragments: `xmlns:ems = "http://www.tellabs.com/EmsNe"` and `targetNamespace = "http://www.tellabs.com/EmsNe"`in the <xs:schema> element definition in the XSD.

XML Interface Configuration Elements

The OLT XML interface is an XML tree composed of elements and types that store data used to model OLT configuration. This configuration is used to customize OLT behavior for a specific deployment. The stucture and building blocks (types and elements) that form the OLT XML interface are defined by the Tellabs XSD.

Each element and type that make up the OLT XML configuration interface is discussed in following sections.

Restore File (Root element)

The <RestoreFile> XML element is the root node for all OLT configuration data. It contains a sequence of the the top level elements in the OLT XML interface. It also has attributes that store data regarding the XML document (i.e, IDL schema/version, effective date, description, etc.)

All children of the <RestoreFile> element contain other elements and types, defined elsewhere in the XSD.

Definition

	
			<xs:element name="RestoreFileR29" type="ems:RestoreFileR29" /> <xs:complexType name="RestoreFileR29"> <xs:sequence>  The greyed out elements in the sequence below are deprecated.  <xs:element ref="ems:EMSSpecificInfo" minOccurs="0" /> <xs:element ref="ems:DSLlineR5" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:DSLBondingGroupConfig" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:DSLProfileR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ESLProfileR6" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:MulticastProfile"minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:IGMPProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ManagedElementR7" minOccurs="0" /> <xs:element ref="ems:SoftwareMgrConf" minOccurs="0" /> <xs:element ref="ems:PMMgrConf" minOccurs="0" /> <xs:element ref="ems:SecMgrConfR8" minOccurs="0" /> <xs:element ref="ems:EthPortMgrConfR3" minOccurs="0" /> <xs:element ref="ems:ConnectionMgrConfR1" minOccurs="0" /> <xs:element ref="ems:SecurityBanner" minOccurs="0" /> <xs:element ref="ems:TCASettings" minOccurs="0" /> <xs:element ref="ems:MulticastConfR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:RNATConf" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:SIPAgentProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:SIPDialPlan" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:IGMPConf" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:EthPortR2" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:CircuitPackR14" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:AlarmSeverityAssignmentProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:AlarmConf" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:CrossConnectR6" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ConnectionProfileR12" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ConnectionFilterProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:UserAccountConfR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ShelfConfR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ESLLineR5" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ExtDS1LineR4" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:VOIPLineR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:SubscriberLineConfig" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:GPONConfR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:InterfaceConfigR5" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:VLANAssignmentR1Table" minOccurs="0" /> <xs:element ref="ems:VLANPropertiesTableR4" minOccurs="0" /> <xs:element ref="ems:QueueSizeProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:EquipmentProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ACLConfR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:SNMPConfR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:OLTDefaultSettings" minOccurs="0" /> <xs:element ref="ems:STPConfigR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:PoEProfileR2" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ACLProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:BridgeProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:CreationProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:NACProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:PAEProfileR2" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:PONProfileR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:RadiusProfile" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:RSTPProfileR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:ServiceProfileR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:LLDPProfileR3" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:LLDPBridgeConfR1" minOccurs="0" /> <xs:element ref="ems:TrustedHostConfigR1" minOccurs="0" /> <xs:element ref="ems:OCSPConfig" minOccurs="0" /> <xs:element ref="ems:DNSConfig" minOccurs="0" /> <xs:element ref="ems:ProtectionGroupR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:PONTemplate" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:CircuitPackTemplate" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:PacketMonitorConfig" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:UserRolePrivileges" minOccurs="0" maxOccurs="unbounded" /> <xs:element ref="ems:SyslogConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="createdDate" type="xs:string" use="required" /> <xs:attribute name="srcHost" type="xs:string" use="required" /> <xs:attribute name="schemaVersion" type="xs:string" use="required" /> <xs:attribute name="description" type="xs:string" use="required" /> </xs:complexType>
		

Content and Attributes

RestoreFile

<EMSSpecificInfo>	Used only by the EMS, not included in the file sent to the OLT
<ESLProfile>	Stores the configuration data for the physical attributes (speed, hold time, MDIX, max rate and burst size, control frames, etc.) of an Ethernet subscriber port. This profile also controls access violations and Dynamic ARP Inspection (DAI) behavior for the port.
<IGMPProfile>	The profile used for the OLT IGMP proxy. Only one <IGMPProfile> element named "default", is allowed.
<ManagedElement>	Stores high level configuration data for the OLT (location, timezone, name, etc.) It contains a list of DNS hosts, a list of NTP peers and configuration for the Tconfig server if used.
<SoftwareMgrCfg>	Stores the system level configuration used to manage the OLT firmware. Currently this holds only the autodownload status.
<PMMgrConf>	Configuration for Performance Monitoring (PM). Includes, enabling/disabling the reporting of metrics over SNMP, client configuration and interval specification.
<SecMgrConf>	Configuration of security settings. This includes the settings for local Command Line Interface (CLI) users (login credentials, banners, sessions, access, etc.) as well as enabling/disabling 802.1x authentication for the system.
<EthPortMgrConf>	Default uplink port configuration. Includes settings for LACP priority, bridge mode and aging and global Dynamic ARP Inspection (DAI) configuration.
<ConnectionMgrConf>	Stores the system level configuration used to perform VLAN Translation. It holds the mappings used to perform VLAN translation for reserved VLANs as well as protocol specific requirements, specifically for Transparent LAN Service (TLS).
<SecurityBanner>	The security banner displayed when logging into Panorama or the cli interface of the OLT.[0-1]
<SIPAgentProfile>	Stores configuration data used to allow the SIP agent to work with a SIP server in managing VoIP calls. A reference to a <SIPAgentProfile> (by name) is stored in the <VOIPLine> element.
<SIPDialPlan>	Stores configuration data that defines a SIP Dial plan used for VoIP calls. It establishes the permitted sequences of digits dialed on subscriber lines or on subscriber premises equipment. A reference to a <SIPDialPlan> (by name) is stored in the <VOIPLine> element.
<EthPort>	Configuration for uplink and IO ports. There will be 1 element for each uplink and IO port on the OLT. Controls admin state, link aggregation and link trap notification.
<CircuitPack>	Configuration for each circuit pack defined in the system. A circuit pack is a component that contains customer facing ethernet endpoints. This can be an ONT, ESU, IO Card or other device.
<UserAccountConf>	Configuration for all CLI user accounts that have been created.
<ShelfConf>	Stores the configuration data for the OLT shelf. This includes the shelf name (TID) and type.
<ESLLine>	Stores all configuration data for an ethernet port. This element contains multiple Ethernet port profiles, as child elements. Each profile stores configuration data for a specific facet of the port. The XML interface stores an <ESLLine element> for each Ethernet subscriber port that exists in the LAN.
<VOIPLine>	The top level element for VoIP configuration data. A seperate element for each VoIP capable ethernet port is defined in the XML interface. Only specific ONTs support VoIP lines. If a VoIP connection is not provisioned for a VoIP capable port, the element will be present in the interface, but it will be empty and its attributes will be set to the default values.
<GPONConf>	List of PON port configuration elements.
<InterfaceConfig>	Configuration of the LAN external interfaces. This includes LAG and linear interfaces.
<VLANAssignmentTable>	Configuration of the VLAN to interface assignments.
<VLANPropertiesTable>	Configuration of the VLANs carried on the network.
<EquipmentProfile>	Stores the configuration data used to define Quality of service (QoS) management for equipment in the PON network.
<ACLConf>	Stores the provisioning data for system level ACLs. These ACLs apply to the OLT globally or on a card level.
<SNMPConf>	Configuration of Simple Networkmanagement Protocol (SNMP) functionality. This includes the version, users, traps and events reported by the SNMP agent.
<OLTDefaultSettings>	Stores various OLT level configuration data. This element contains a list of <NameValue> elements to store the parameters and associated values. The following parameters are stored in this element: SYSTEM_PERSONALITY (enterprise), ESL_CREATION_PROFILE_NAME (template used to configure Ethernet ports used in ONT auto-configuration), ONT_CREATION_PROFILE_NAME (template used to configure the ONT if auto-configuration is enabled).
<STPConfig>	List of Spanning Tree Protocol (STP) configuration for NET interfaces and bridges. Includes STP configuration for the spanning tree common instance and the specific instance of Muliple Spannning Tree (MST), if used, for each interface and the OLT bridge.
<PoEProfile>	Stores the configuration data that controls the power-over-ethernet capabilities of an Ethernet subscriber port.
<ACLProfile>	Stores the configuration data that defines the Access Contol Lists (ACL) applied to an Ethernet subscriber port. An ACL is used to manage the traffic allowed on an ethernet port.
<CreationProfile>	A <CreationProfile> is a template used to automatically configure newly "discovered" ethernet ports. A template is not configuration data, but data used to generate configuration data. The template data is evaluated and applied when auto-configuration is enbled and a new, "eligible" ONT is detected.
<NACProfile>	Stores configuration data that defines Network Access Control (NAC) for an Ethernet subscriber port. NAC defines all aspects of network access, incuding user/device authentication, VLAN and ACL assignment, and number of devices permitted. NAC also controls port behavior when an access violation is detected.
<PAEProfile>	Stores configuration data that controls user/device authentication for an Ethernet subscriber port. Port Authentication Entity interacts with Authentication entities to authenticate users/devices and gather policies enforced by Network Access Control (NAC).
<PONProfile>	Configuration elements that make up the profiles used to configure PON ports.
<RadiusProfile>	Stores configuration data that controls communications with RADIUS and NAS servers used in authentication and policy enforcement for an Ethernet subscriber port.
<RSTPProfile>	Stores configuration data that defines spanning tree port configuration (edge port, path costs, priority, etc) and participation, as well as violation handling and remediation an Ethernet subscriber port.
<ServiceProfile>	Stores configuration data used to define a service applied to an Ethernet subscriber port. This data defines the VLAN, protocols and traffic shaping rules enforced for connections using the service.
<LLDPProfile>	Stores configuration data that controls participation in Link Layer Discovery Protocol (LLDP) for an Ethernet subsriber port. This configuration defines the processing (None, Tx, Rx, Tx/Rx), timing, and content of LLDPDUs for the port. Customization of this configuration provides a mitigation path for issues caused by devices using non-standard implementations.
<LLDPBridgeConf>	Stores the global LLDP configuration data for all OLT bridge ports.
<TrustedHostConfig>	Stores the configuration data for the Trusted Host feature. Trusted Host restricts the visibity of and access to the OLT, to hosts specifically listed in the trusted host table. It also provides specific protocol limitations.
<OCSPConfig>	Stores the OLT level OCSP configuration data. Online Certificate Status Protocol (OCSP) is an Internet protocol used to manage X.509 digital certificates in a public key infrastructure.
<DNSConfig>	Stores the Domain Name Server (DNS) configuration data for the OLT.
<ProtectionGroup>	Configuration elements that define all PON Protection Groups (PPG) implemented by the OLT. A PPG is an instance of Type B PON protection against PON port failure or unexpected isolation.
<CircuitPackTemplate>	Template used to automatically configure newly "discovered" ONTs. A template is not configuration data, but data used to generate configuration data. The template data is evaluated and applied when auto-configuration is enbled and a new, "eligible" ONT is detected.
<SyslogConfig>	Top level configuration element that defines Syslog. It contains other elements used to configure the destinations, facilities and filters.
createdDate	Date the XML file was created.
srcHost	IP Address/DNS Name of the OLT
schemaVersion	IDL Schema version of the software running on the OLT/EMS
description	Description of the XML file. This includes information about the EMS host and the reason the file was created.

System Level Configuration

These elements store configuration data that defines the OLT at a system level.

Managed Element

The <ManagedElement> element stores the high level configuration for the OLT. This configuration defines the OLT as an entity and is not limited to any sub-system or functionality. This configuration data includes location, timezone, name, etc. It also contains a list of DNS hosts, a list of NTP peers, and the configuration for Tconfig server if is used.

Definition

	
			ManagedElement  <xs:element name="ManagedElementR7" type="ems:ManagedElementR7" /> <xs:complexType name="ManagedElementR7"> <xs:sequence> <xs:element name="dnsHostsList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="ntpPeerList" type="ems:NTPPeerR1" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="tserverconf" type="ems:TConfigServerConf" minOccurs="0" /> </xs:sequence> <xs:attribute name="managedElementId" type="xs:string" use="required" /> <xs:attribute name="nodeId" type="xs:int" use="required" /> <xs:attribute name="timeZone" type="xs:string" use="required" /> <xs:attribute name="location" type="xs:string" use="required" /> <xs:attribute name="wirelineCenter" type="xs:string" use="required" /> <xs:attribute name="systemType" type="xs:string" use="required" /> <xs:attribute name="clliCode" type="xs:string" use="required" /> <xs:attribute name="startMACAddr" type="xs:string" use="required" /> <xs:attribute name="endMACAddr" type="xs:string" use="required" /> <xs:attribute name="streetAddress" type="xs:string" use="required" /> <xs:attribute name="comments" type="xs:string" use="required" /> <xs:attribute name="startingPairCount" type="xs:int" use="required" /> <xs:attribute name="pairGainId" type="xs:string" use="required" /> <xs:attribute name="useDaylightSavings" type="xs:boolean" use="required" /> <xs:attribute name="reportAlarms" type="xs:boolean" use="required" /> <xs:attribute name="securityBanner" type="xs:string" use="required" /> <xs:attribute name="autoDownload" type="xs:boolean" use="required" /> <xs:attribute name="locType" type="ems:NELocation" use="required" /> <xs:attribute name="telnetCliIPaddress" type="xs:string" use="required" /> <xs:attribute name="telnetCliIPPort" type="xs:int" use="required" /> <xs:attribute name="voicecableid" type="xs:string" use="required" /> <xs:attribute name="voicestartingpaircount" type="xs:int" use="required" /> </xs:complexType>  NTPPeer  <xs:element name="NTPPeerR1" type="ems:NTPPeerR1" /> <xs:complexType name="NTPPeerR1"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="peerName" type="xs:string" use="required" /> <xs:attribute name="keyId" type="xs:int" use="required" /> <xs:attribute name="keyPhrase" type="xs:base64Binary" use="required" /> <xs:attribute name="encryptionType" type="xs:int" use="required" /> </xs:complexType>  TConfigServerConf  <xs:element name="TConfigServerConf" type="ems:TConfigServerConf" /> <xs:complexType name="TConfigServerConf"> <xs:attribute name="tconfigServerAddress" type="xs:string" use="required" /> <xs:attribute name="tconfigServerPort" type="xs:int" use="required" /> <xs:attribute name="configMethod" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:ManagedElementR7 managedElementId="corp-bldg1-olt1" nodeId="7" timeZone="US_Eastern" location="" wirelineCenter="" systemType="MX-IPTV" clliCode="" startMACAddr="" endMACAddr="" streetAddress="" comments="" startingPairCount="0" pairGainId="" useDaylightSavings="false" reportAlarms="true" securityBanner="" autoDownload="true" locType="eRDT" telnetCliIPaddress="172.10.1.200" telnetCliIPPort="8023" voicecableid="" voicestartingpaircount="0" > <ems:dnsHostsList> corp.dns.dallas </ems:dnsHostsList> ... <ems:ntpPeerList adminState="eUNLOCKED" peerName="pool.ntp.org" keyId="0" keyPhrase="" encryptionType="0" /> ... <ems:tserverconf tconfigServerAddress="" tconfigServerPort="3000" configMethod="242" /> </ems:ManagedElementR7>
		

Content and Attributes

ManagedElement

<dnsHostsList>	List ^[0-N] of DNS Host names.
<ntpPeerList>	<NTPPeer> list ^[0-N]
<tserverconf>	<TConfigServerConf> ^[Optional]
managedElementId	Globally unique name of the Managed Element.
nodeId	Node id used in a ring/transport configuration.
timeZone	Local time zone (CST, EST, MST, PST, etc.)
location	User-defined value identifying the geographical location of the system.
wirelineCenter	User-defined value identifying the wire center for VGW elements.
systemType	The managed element product/type name. Use the value: "MX-IPTV"
clliCode	Common Language Information Services Identifier used within the North American telecommunications industry to specify the location and function of telecommunications equipment
startMACAddr	*Deprecated*. Use the value: "blank ("")"
endMACAddr	*Deprecated*. Use the value: "blank ("")"
streetAddress	The street address of the OLT.
comments	Other, user defined, comments relevant to system identification.
startingPairCount	Deprecated. Previously used in DSL. Use the value: blank ("")
pairGainId	Deprecated. Previously used in DSL. Use the value: blank ("")
useDaylightSavings	Enable (true) / Disable (false) observation of Daylight Saving Time for the Time Zone.
reportAlarms	Enable (true) / Disable (false) alarm reporting. If disabled, alarms are generated, but are noted pushed to the consumer.
securityBanner	Security Login banner (limit of 20 lines and 1K characters) displayed on successful login to Panorama or the OLT CLI interface. Each line of the banner must be separated by a new-line character.
autoDownload	Enable (true) / Disable (false) automatic download of software to newly installed ONTs.
locType	See <NELocation> in the Simple Types Dictionary.
telnetCliIPaddress	IP address of the Panorama server managing the system
telnetCliIPPort	Port used for management communications.
voicecableid	Voice Only CableId (up to 10 characters)
voicestartingpaircount	Voice only Starting Pair Count

NTPPeer

adminState	<AdminState> - See definition in the Simple Types Dictionary section.
peerName	IP Address or DNS name of the NTP server.
keyId	The Key ID used for Message Authentication Code (MAC) authentication to the NTP server. Valid values are 0 - 32767. The value 0 is used for unsecured NTP.
keyPhrase	A hashed value of a string of random characters (A-Z, a-z, 0-9) used for Message Authentication Code (MAC) authentication to the NTP server. Use the value blank ("") for unsecured NTP.
encryptionType	The hashing algorithm used for Message Authentication Code (MAC) authentication to the NTP server. Supported values are: 0 (Unsecured), 1 (MD5), and 2 (SHA-1).

TConfigServerConf

tconfigServerAddress	IP address of the TConfig server
tconfigServerPort	Port used for TConfig communications
configMethod	Configuration method for voice applications. Use the value "242" if using TConfig with voice applications.

Software Manager

Stores the system level configuration used to manage the OLT firmware. Currently this holds only the autodownload status.

Definition

	
			SoftwareMgrConf  <xs:element name="SoftwareMgrConf" type="ems:SoftwareMgrConf" /> <xs:complexType name="SoftwareMgrConf"> <xs:attribute name="autoDownload" type="xs:boolean" use="required" /> </xs:complexType>
		

Example

<ems:SoftwareMgrConf autoDownload="true"/>

Content and Attributes

SoftwareMgrConf

autoDownload	Enable("true")/Disable ("false") the automatic downloading of software to newly installed system components.

PM Manager

The elements in this section store the system level configuration for OAM Performance Monitoring.

Definition

	
			PMMgrConf  <xs:element name="PMMgrConf" type="ems:PMMgrConf" /> <xs:complexType name="PMMgrConf"> <xs:attribute name="enablePM" type="xs:boolean" use="required" /> <xs:attribute name="ipAddr" type="xs:string" use="required" /> <xs:attribute name="httpUserName" type="xs:string" use="required" /> <xs:attribute name="httpUserPasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="httpPort" type="xs:int" use="required" /> <xs:attribute name="httpNEUserName" type="xs:string" use="required" /> <xs:attribute name="httpNEUserPasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="numIntervalsToReport" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:PMMgrConf numIntervalsToReport="8" httpNEUserPasswd="ODAzM2M3MjZiYjcyOGYyYjg4M2UxODU2ZGM4NmEzNTc=" httpNEUserName="pmuser" httpPort="8080" httpUserPasswd="" httpUserName="" ipAddr="0.0.0.0" enablePM="true"/>
		

Content and Attributes

PMMgrConf

enablePM	Enable("true") / Disable ("false") PM data collection and reporting.
ipAddr	The IP Address of the remote PM Server.
httpUserName	The user name for the remote PM Server HTTP account.
httpUserPasswd	The password of the remote PM Server HTTP account.
httpPort	The HTTP port to use in PM communications.
httpNEUserName	The user name of the internal HTTP server that responds to externel PM queries.
httpNEUserPasswd	The password of the internal HTTP server that responds to externel PM queries.
numIntervalsToReport	The number of historic intervals to report in PM queries and notifications.

Security Manager

The elements in this section store the security settings for users connecting to the OLT CLI (Command Line Interface).

Definition

SecMgrConf <xs:element name="SecMgrConfR8" type="ems:SecMgrConfR8" /> <xs:complexType name="SecMgrConfR8"> <xs:sequence> <xs:element name="radiusProfileConfigList" type="ems:RadiusProfileConfig" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="craftLoginRadiusAuthenticationProtocol" type="xs:int" use="required" /> <xs:attribute name="agingPeriodForAdmin" type="xs:int" use="required" /> <xs:attribute name="agingPeriodForNonAdmin" type="xs:int" use="required" /> <xs:attribute name="primaryAuthenticatorIP" type="xs:string" use="required" /> <xs:attribute name="secondaryAuthenticatorIP" type="xs:string" use="required" /> <xs:attribute name="systemAuthControl8021X" type="ems:AdminState" use="required" /> <xs:attribute name="displayLastLogonStatus" type="xs:boolean" use="required" /> <xs:attribute name="inactivityAgingPeriodForAdmin" type="xs:int" use="required" /> <xs:attribute name="inactivityAgingPeriodForNonAdmin" type="xs:int" use="required" /> <xs:attribute name="allowableFailedLoginsForAdmin" type="xs:int" use="required" /> <xs:attribute name="allowableFailedLoginsForNonAdmin" type="xs:int" use="required" /> <xs:attribute name="minTimeBtwnPswdChngForAdmin" type="xs:int" use="required" /> <xs:attribute name="minTimeBtwnPswdChngForNonAdmin" type="xs:int" use="required" /> <xs:attribute name="maxActiveSessionsForAdmin" type="xs:int" use="required" /> <xs:attribute name="maxActiveSessionsForNonAdmin" type="xs:int" use="required" /> <xs:attribute name="numberOfGraceLogins" type="xs:int" use="required" /> <xs:attribute name="graceLoginDays" type="xs:int" use="required" /> <xs:attribute name="sessionLogoutDuration" type="xs:int" use="required" /> <xs:attribute name="inactivityTimeout" type="xs:int" use="required" /> <xs:attribute name="passwordHistoryDepth" type="xs:int" use="required" /> <xs:attribute name="allowRootAccessByAdministrators" type="xs:boolean" use="required" /> <xs:attribute name="allowRootAccessLocalOnly" type="xs:boolean" use="required" /> <xs:attribute name="maxAllowableFailedLoginPort" type="xs:int" use="required" /> <xs:attribute name="loginPortLockOutTime" type="xs:int" use="required" /> <xs:attribute name="displayUserName" type="xs:boolean" use="required" /> <xs:attribute name="maxPwdLength" type="xs:int" use="required" /> <xs:attribute name="minPwdLength" type="xs:int" use="required" /> <xs:attribute name="minAdminPwdLength" type="xs:int" use="required" /> <xs:attribute name="requiredUpperCase" type="xs:int" use="required" /> <xs:attribute name="requiredLowerCase" type="xs:int" use="required" /> <xs:attribute name="pwdNumAlpha" type="xs:int" use="required" /> <xs:attribute name="pwdNumDigits" type="xs:int" use="required" /> <xs:attribute name="pwdNumSpecials" type="xs:int" use="required" /> <xs:attribute name="maxCharRepeats" type="xs:int" use="required" /> <xs:attribute name="userNameCheck" type="xs:boolean" use="required" /> <xs:attribute name="enableTelnet" type="xs:boolean" use="required" /> <xs:attribute name="minDiffCharsInPassword" type="xs:int" use="required" /> <xs:attribute name="enablePlaintextSshAuthentication" type="xs:boolean" use="required" /> <xs:attribute name="enableSshAgentForwarding" type="xs:boolean" use="required" /> </xs:complexType> <xs:element name="RadiusProfileConfig" type="ems:RadiusProfileConfig" /> <xs:complexType name="RadiusProfileConfig"> <xs:attribute name="radiusProfileName" type="xs:string" use="required" /> </xs:complexType>

Example

	
			<ems:SecMgrConfR8 systemAuthControl8021X="eLOCKED" craftLoginRadiusAuthenticationProtocol="1208067764" enableTelnet="false" userNameCheck="false" maxCharRepeats="0" pwdNumSpecials="1" pwdNumDigits="1" pwdNumAlpha="1" requiredLowerCase="0" requiredUpperCase="0" minAdminPwdLength="8" minPwdLength="6" maxPwdLength="12" displayUserName="true" minDiffCharsInPassword="0" enableSshAgentForwarding="false" enablePlaintextSshAuthentication="true" allowRootAccessLocalOnly="false" allowRootAccessByAdministrators="true" displayLastLogonStatus="true" maxAllowableFailedLoginPort="3" loginPortLockOutTime="60" sessionLogoutDuration="60" passwordHistoryDepth="8" numberOfGraceLogins="3" graceLoginDays="30" minTimeBtwnPswdChngForNonAdmin="24" minTimeBtwnPswdChngForAdmin="24" maxActiveSessionsForNonAdmin="4" maxActiveSessionsForAdmin="4" inactivityTimeout="15" inactivityAgingPeriodForNonAdmin="90" inactivityAgingPeriodForAdmin="90" allowableFailedLoginsForNonAdmin="3" allowableFailedLoginsForAdmin="3" agingPeriodForNonAdmin="60" agingPeriodForAdmin="30" secondaryAuthenticatorIP="0.0.0.0" primaryAuthenticatorIP="0.0.0.0"> <ems:radiusProfileConfigList radiusProfileName="172.28.152.202"/> </ems:SecMgrConfR8>
		

Content and Attributes

SecMgrConf

<radiusProfileConfigList>	<RadiusProfileConfig> list ^[0-N]. This is a list of RADIUS servers used to authenticate CLI users.
craftLoginRadiusAuthenticationProtocol	Protocol used in RADIUS authentication of CLI users. Supported values are: 0 (None) - RADIUS authentication of CLI users is disabled. 1 (PAP) - Password Authentication Protocol 2 (CHAP) - Challenge Handshake Authentication Protocol 3 (MSCHAPv1) - Microsoft Challenge Handshake Authentication Protocol (Version 1) 4 (MSCHAPv2) - Microsoft Challenge Handshake Authentication Protocol (Version 2) 5 (EAP-MD5) - Extensible Authentication Protocol using MD5 hash function 6 (EAP-TLS) - Extensible Authentication Protocol using TLS 7 (EAP-TTLS) - Extensible Authentication Protocol using tunneled TLS 8 (EAP-MSCHAPv2) - Extensible Authentication Protocol using Microsoft Challenge Handshake Authentication Protocol (Version 2) 9 (PEAP) - Protected Extensible Authentication Protocol 10 (EAP-PAP-TTLS) - Extensible Authentication Protocol using Password Authentication Protocol over tunneled TLS 11 (EAP-CHAP-TTLS) - Extensible Authentication Protocol using Challenge Handshake Authentication Protocol over tunneled TLS 12 (EAP-MSCHAPv1-TTLS) - Extensible Authentication Protocol using Microsoft Challenge Handshake Authentication Protocol (Version 1) over tunneled TLS 13 (EAP-MSCHAPv2-TTLS) - Extensible Authentication Protocol using Microsoft Challenge Handshake Authentication Protocol (Version 2) over tunneled TLS 14 (EAP-MD5-TTLS) - Extensible Authentication Protocol using MD5 hash function over tunneled TLS
agingPeriodForAdmin	The time (in days), for an administrative user, until a newly assigned password expires. This is the default value applied to newly created users. The valid range is from 0 - 180. A value of 0 disables password aging.
agingPeriodForNonAdmin	The time (in days), for a non-administrative user, until a newly assigned password expires. This is the default value applied to newly created users. The valid range is from 0 - 180. A value of 0 disables password aging.
primaryAuthenticatorIP	IP address of the primary RADIUS Authentication server.
secondaryAuthenticatorIP	IP address of the secondary RADIUS Authentication server.
systemAuthControl8021X	Globally, enable/disable 802.1x authentication for the OLT. See definition in Simple Type Defs section.
displayLastLogonStatus	Enable("true") / Disable ("false") display of last logon status, on successful login.
inactivityAgingPeriodForAdmin	The time (in days) of inactivity, for an administrative user, until a newly assigned password expires. The valid range is from 0 - 180. A value of 0 disables inactivity aging.
inactivityAgingPeriodForNonAdmin	The time (in days) of inactivity, for a non-administrative user, until a newly assigned password expires. The valid range is from 0 - 180. A value of 0 disables inactivity aging.
allowableFailedLoginsForAdmin	The number of consecutive failed login attempts, for an administrative user, allowed before the lockout period is applied. The valid range is from 2 - 5. The default value is 3.
allowableFailedLoginsForNonAdmin	The number of consecutive failed login attempts, for an administrative user, allowed before the lockout period is applied. The valid range is from 2 - 5. The default value is 3.
minTimeBtwnPswdChngForAdmin	The minimum time (in hours), for an administrative user, between allowed password changes. The valid range is from 0 - 240. The default value is 24.A value of 0 disables this check.
minTimeBtwnPswdChngForNonAdmin	The minimum time (in hours), for a non-administrative user, between allowed password changes. The valid range is from 0 - 240. The default value is 24.A value of 0 disables this check.
maxActiveSessionsForAdmin	The maximumum number of active CLI sessions allowed for an adminisrative user. The valid range is from 0 - 6. The default value is 4. A value of 0 allows an unlimited number of active sessions.
maxActiveSessionsForNonAdmin	The maximumum number of active CLI sessions allowed for a non-adminisrative user. The valid range is from 0 - 6. The default value is 4. A value of 0 allows an unlimited number of active sessions.
numberOfGraceLogins	The number of grace logins allowed after a password has expired. The valid range is from 0 - 3. The default value is 0.
graceLoginDays	The number of days that grace logins are allowed after a password has expired. The valid range is from 0 - 30. The default value is 7.
sessionLogoutDuration	Time (in minutes) that a user is prohibited from accessing the CLI after exceeding the login failure limit. The default value is 1.
inactivityTimeout	Time (in minutes) before a session is automatically terminated due to inactivity. The default value is 1.
passwordHistoryDepth	The number of passwords rembered for a user. A password that is remembered cannot be reused. The valid range is from 1 - 15. The default value is 8.
allowRootAccessByAdministrators	Enable("true") / Disable ("false") administrative users to access the OLT operating system.
allowRootAccessLocalOnly	Enable("true") / Disable ("false") OLT OS access from only a local CLI connection.
maxAllowableFailedLoginPort	The number of consecutive failed login attempts, on a single port (regardless of user), before the lockout period is applied.
loginPortLockOutTime	Time (in minutes) that a port (regardless of user) is prohibited from accessing the CLI after the login failure limit is exceeded. The default value is 1.
displayUserName	Display("true") / Hide ("false") user name on successful CLI login.
maxPwdLength	The maximum number of characters allowed in a password. This is the default value applied to newly created users. The valid range is from 12 - 32.
minPwdLength	The minimum number of characters required in a password. This is the default value applied to newly created users. The valid range is from 4 - 15.
minAdminPwdLength	The minimum number of characters required in a password for an administrative user. This is the default value applied to newly created users. The valid range is from 4 - 15.
requiredUpperCase	The minimum number of upper case alpha characters [A-Z] required in a user password. This is the default value applied to newly created users.
requiredLowerCase	The minimum number of lower case alpha characters [a-z] required in a user password. This is the default value applied to newly created users.
pwdNumAlpha	The minimum number of alpha characters [A-Z \| a-z] required in a user password. This is the default value applied to newly created users.
pwdNumDigits	The minimum number of digits [0-9] required in a user password. This is the default value applied to newly created users.
pwdNumSpecials	The minimum number of special characters *[! @ # $ % ^ & ( ) _ +, etc.]** required in a user password. This is the default value applied to newly created users.
maxCharRepeats	The maximum number of times a character can be repeated in a user password. This is the default value applied to newly created users.
userNameCheck	Enable("true") / Disable ("false") check for user name in password. If enabled the password will be disallowed if it contains the user name either forwards or backwards.
enableTelnet	Enable("true") / Disable ("false") CLI access using telnet. If disabled access is allowed only using SSH.
minDiffCharsInPassword	The minimum number of unique characters required in a valid user password.
enablePlaintextSshAuthentication	Enable("true") / Disable ("false") SSH authentication using plain text.
enableSshAgentForwarding	Enable("true") / Disable ("false") SSH agent forwarding.

RadiusProfileConfig

radiusProfileName	The IP address or DNS name of a RADIUS server.

Ethernet Port Manager

The elements in this section store the OLT bridge configuration.

Definition

EthPortMgrConf <xs:element name="EthPortMgrConfR3" type="ems:EthPortMgrConfR3" /> <xs:complexType name="EthPortMgrConfR3"> <xs:sequence> <xs:element name="daiGlobalConfig" type="ems:DAIGlobalConfig" /> </xs:sequence> <xs:attribute name="lacpPriority" type="xs:int" use="required" /> <xs:attribute name="bridgeAgePeriod" type="xs:int" use="required" /> <xs:attribute name="bridgeMode" type="xs:int" use="required" /> </xs:complexType> DAIGlobalConfig <xs:element name="DAIGlobalConfig" type="ems:DAIGlobalConfig" /> <xs:complexType name="DAIGlobalConfig"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="loggingAdminState" type="ems:AdminState" use="required" /> <xs:attribute name="loggingType" type="xs:int" use="required" /> <xs:attribute name="destinationMACCheck" type="xs:boolean" use="required" /> <xs:attribute name="sourceMACCheck" type="xs:boolean" use="required" /> <xs:attribute name="arpIPCheck" type="xs:boolean" use="required" /> <xs:attribute name="ipSourceProtect" type="xs:boolean" use="required" /> </xs:complexType>

Example

	
			<ems:EthPortMgrConfR3 bridgeMode="1" bridgeAgePeriod="300" lacpPriority="32768"> <ems:daiGlobalConfig loggingAdminState="eUNLOCKED" adminState="eLOCKED" sourceMACCheck="true" loggingType="1" ipSourceProtect="true" destinationMACCheck="true" arpIPCheck="true"/> </ems:EthPortMgrConfR3>
		

Content and Attributes

EthPortMgrConf

<daiGlobalConfig>	<DAIGlobalConfig>
lacpPriority	The global system LACP priority. The valid range is from 1 - 65535. The default value is 53248.
bridgeAgePeriod	The age period (in seconds) for the bridge. The aging time is the length of time, in seconds, that an entry can remain in the forwarding table. An entry expires from the forwarding table when it reaches the specified aging time. The default value is 300
bridgeMode	The OLT bridge mode. Currently, the only valid value is 1 (802.1Q)

DAIGlobalConfig

adminState	Enable/Disable DAI for the OLT. See definition in the Simple Types Dictionary section.
loggingAdminState	Enable/Disable DAI logging. See definition in the Simple Types Dictionary section.
loggingType	Indicates the type of DAI messages logged. Supported values are: 0 - Log all DAI messages. 1 - Log only DAI deny messages. 2 - Log only DAI permit messages.
destinationMACCheck	Enable("true") / Disable ("false") bridge level DAI inspection of destination MAC. Checks the destination MAC address in the Ethernet header against the target MAC address in ARP body.
sourceMACCheck	Enable("true") / Disable ("false") bridge level DAI inspection of source MAC. Checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.
arpIPCheck	Enable("true") / Disable ("false") bridge level DAI inspection of ARP IP. Checks the ARP body for invalid and unexpected IP addresses including addresses 0.0.0.0, 255.255.255.255, and all IP multicast addresses.
ipSourceProtect	Enable("true") / Disable ("false") bridge level IP source protection. Checks the IP source address and MAC source address in a packet sent from a host, attached to an untrusted access interface on the device, against entries stored in the DHCP snooping database

Connection Manager

Stores the system level configuration used to perform VLAN Translation. It holds the mappings used to perform VLAN translation for reserved VLANs as well as protocol specific requirements, specifically for Transparent LAN Service (TLS).

When providing Transparent LAN service, it is important to ensure there is no conflict between the VLAN used at the customer's remote switch and the VLAN used to transport the traffic on the PON. This is done by mapping the customers VLAN (C-LAN) to the subscriber VLAN (S-VLAN) used on the PON. This mapping allows for VLAN translation on any port connected to the customer site (including uplinks).

Definition

	
			ConnectionMgrConf  <xs:element name="ConnectionMgrConfR1" type="ems:ConnectionMgrConfR1" /> <xs:complexType name="ConnectionMgrConfR1"> <xs:sequence> <xs:element name="mappedVlanList" type="ems:InternalVlanMapping" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="filterVlanMappingList" type="ems:ProtocolFilterVlanMapping" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  InternalVlanMapping  <xs:element name="InternalVlanMapping" type="ems:InternalVlanMapping" /> <xs:complexType name="InternalVlanMapping"> <xs:attribute name="reservedVlanId" type="xs:int" use="required" /> <xs:attribute name="mappedVlanId" type="xs:int" use="required" /> <xs:attribute name="linkAggregateGroupId" type="xs:int" use="required" /> </xs:complexType>  ProtocolFilterVlanMapping  <xs:element name="ProtocolFilterVlanMapping" type="ems:ProtocolFilterVlanMapping" /> <xs:complexType name="ProtocolFilterVlanMapping"> <xs:attribute name="ipoeVlanId" type="xs:int" use="required" /> <xs:attribute name="pppoeVlanId" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:ConnectionMgrConfR1> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4000" reservedVlanId="4000"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4001" reservedVlanId="4001"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4002" reservedVlanId="4002"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4003" reservedVlanId="4003"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4004" reservedVlanId="4004"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4005" reservedVlanId="4005"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4006" reservedVlanId="4006"/> <ems:mappedVlanList linkAggregateGroupId="1" mappedVlanId="4007" reservedVlanId="4007"/> </ems:ConnectionMgrConfR1>
		

Content and Attributes

ConnectionMgrConf

<mappedVlanList>	<InternalVlanMapping> list ^[0-N].
<filterVlanMappingList>	<ProtocolFilterVlanMapping> list ^[0-N].

InternalVlanMapping

reservedVlanId	The reserved VLAN ID.
mappedVlanId	The VLAN that the reserved VLAN is mapped to.
linkAggregateGroupId	LAG name for Translation. The VLAN should be translated on any port in the LAG.

ProtocolFilterVlanMapping

ipoeVlanId	The C-VLAN used for IPoE transportation within the PON.
pppoeVlanId	The S-VLAN used for PPPoE transportation to the customer site.

The security banner is customer-specific information applicable to the entire Panorama PON network or OLT-specific information. This information is displayed before entering the Telnet session username and password.

The security banner is typically used to insert a legal warning against misuse of the system. Additionally, most organizations want the user to accept a legal statement before proceeding to the login process. The success or failure of this activity is logged.

The login banner file is ASCII text. By default, the banner is blank.

Definition

	
			SecurityBanner  <xs:element name="SecurityBanner" type="ems:SecurityBanner" /> <xs:complexType name="SecurityBanner"> <xs:attribute name="loginBanner" type="xs:string" use="required" /> </xs:complexType>
		

Example

<ems:SecurityBanner loginBanner=""/>

Content and Attributes

SecurityBanner

loginBanner	The ASCII text displayed when an SSH connection is established with the OLT.

Shelf

The <ShelfConf> element stores the configuration data for the OLT shelf. This includes the shelf name (TID) and type.

Definition

ShelfConf <xs:element name="ShelfConfR1" type="ems:ShelfConfR1" /> <xs:complexType name="ShelfConfR1"> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="shelfType" type="ems:ShelfType" use="required" /> <xs:attribute name="shelfTid" type="xs:string" use="required" /> <xs:attribute name="pairGainId" type="xs:string" use="required" /> <xs:attribute name="startingPairCount" type="xs:int" use="required" /> <xs:attribute name="numPairs" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:ShelfConfR1 numPairs="672" startingPairCount="0" pairGainId="" shelfTid="VOIPWORLD-1150" shelfType="eMDS4" aid="MDS1"/>
		

Content and Attributes

ShelfConf

aid	Access Identifier (AID) of the OLT shelf. Use the value "MDS1"
shelfType	Specifies the OLT shelf type. See definition in the Simple Types Dictionary
shelfTid	The OLT Target Identifier (TID). The TID uniquely identifies the OLT within the network domain.
pairGainId	Deprecated. Set the value to blank ("").
startingPairCount	Deprecated. Set the value to "0".
numPairs	Deprecated. Set the value to "672".

OLT Default Settings

The <OLTDefaultSettings> element stores miscellaneous OLT level configuration. The element contains a list of <NameValue> elements to store the parameters and associated values. The following parameters are stored in this element:

SYSTEM_PERSONALITY - Specifies the personality of the OLT. This parameter is deprecated but required. Use the value "enterprise".
ESL_CREATION_PROFILE_NAME - Specifies the template used to configure the access ports used in ONT auto-configuration. Set the value to the name of the appropriate template profile.
ONT_CREATION_PROFILE_NAME - Specifies the template used to configure the ONT if auto-configuration is enabled. Set the value to the name of the appropriate template profile.

Definition

OLTDefaultSettings <xs:element name="OLTDefaultSettings" type="ems:OLTDefaultSettings" /> <xs:complexType name="OLTDefaultSettings"> <xs:sequence> <xs:element name="defaultValuesList" type="ems:NameValue" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>

Example

	
			<ems:OLTDefaultSettings> <ems:defaultValuesList paramValue="enterprise" paramName="SYSTEM_PERSONALITY"/> <ems:defaultValuesList paramValue="default" paramName="ESL_CREATION_PROFILE_NAME"/> <ems:defaultValuesList paramValue="Auto-Template-Mod202" paramName="ONT_CREATION_PROFILE_NAME"/> </ems:OLTDefaultSettings>
		

Content and Attributes

OLTDefaultSettings

<defaultValuesList>	<NameValue> list ^[0-N]

Spanning Tree

The elements in this section store the spanning tree configuration for the OLT bridge and net interfaces.

Definition

	
			STPConfig  <xs:element name="STPConfigR1" type="ems:STPConfigR1" /> <xs:complexType name="STPConfigR1"> <xs:sequence> <xs:element name="cistBridgeConfig" type="ems:CISTBridgeConfig" minOccurs="0" /> <xs:element name="mstiBridgeConfig" type="ems:MSTIBridgeConfig" minOccurs="0" /> <xs:element name="cistPortConfig" type="ems:CISTPortConfigR1" minOccurs="0" /> <xs:element name="mstiPortConfig" type="ems:MSTIPortConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="id" type="xs:int" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType>  CISTBridgeConfig  <xs:element name="CISTBridgeConfig" type="ems:CISTBridgeConfig" /> <xs:complexType name="CISTBridgeConfig"> <xs:attribute name="protocolVersion" type="xs:int" use="required" /> <xs:attribute name="maxAge" type="xs:int" use="required" /> <xs:attribute name="helloTime" type="xs:int" use="required" /> <xs:attribute name="forwardDelay" type="xs:int" use="required" /> <xs:attribute name="priority" type="xs:int" use="required" /> <xs:attribute name="holdCount" type="xs:int" use="required" /> <xs:attribute name="maxHops" type="xs:int" use="required" /> <xs:attribute name="configurationName" type="xs:string" use="required" /> <xs:attribute name="configurationRevision" type="xs:int" use="required" /> <xs:attribute name="filterDatabaseAgingTime" type="xs:int" use="required" /> </xs:complexType>  MSTIBridgeConfig  <xs:element name="MSTIBridgeConfig" type="ems:MSTIBridgeConfig" /> <xs:complexType name="MSTIBridgeConfig"> <xs:attribute name="priority" type="xs:int" use="required" /> </xs:complexType>  CISTPortConfig  <xs:element name="CISTPortConfigR1" type="ems:CISTPortConfigR1" /> <xs:complexType name="CISTPortConfigR1"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="pathCost" type="xs:int" use="required" /> <xs:attribute name="internalPathCost" type="xs:int" use="required" /> <xs:attribute name="priority" type="xs:int" use="required" /> <xs:attribute name="helloTime" type="xs:int" use="required" /> <xs:attribute name="pointToPoint" type="xs:int" use="required" /> <xs:attribute name="edgePort" type="xs:boolean" use="required" /> <xs:attribute name="restrictedRole" type="xs:boolean" use="required" /> <xs:attribute name="restrictedTCN" type="xs:boolean" use="required" /> <xs:attribute name="autoEdgePort" type="xs:boolean" use="required" /> </xs:complexType>  MSTIPortConfig  <xs:element name="MSTIPortConfig" type="ems:MSTIPortConfig" /> <xs:complexType name="MSTIPortConfig"> <xs:attribute name="priority" type="xs:int" use="required" /> <xs:attribute name="pathCost" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:STPConfigR1 aid="MDS1" id="0"> <ems:cistBridgeConfig protocolVersion="3" priority="53248" maxHops="20" maxAge="20" holdCount="6" helloTime="2" forwardDelay="15" filterDatabaseAgingTime="300" configurationName="00:C0:9B:02:0B:9F" configurationRevision="0"/> </ems:STPConfigR1> <ems:STPConfigR1 id="0" aid="NET1"> <ems:cistPortConfig autoEdgePort="true" internalPathCost="2000" restrictedTCN="false" restrictedRole="false" pointToPoint="0" edgePort="false" helloTime="2" priority="128" pathCost="2000" adminState="eUNLOCKED"/> </ems:STPConfigR1> <ems:STPConfigR1 id="0" aid="NET2"> <ems:cistPortConfig autoEdgePort="true" internalPathCost="2000" restrictedTCN="false" restrictedRole="false" pointToPoint="0" edgePort="false" helloTime="2" priority="128" pathCost="2000" adminState="eUNLOCKED"/> </ems:STPConfigR1>
		

Content and Attributes

STPConfig

<cistBridgeConfig>	<CISTBridgeConfig> list ^[0-1]
<mstiBridgeConfig>	<MSTIBridgeConfig> list ^[0-1]
<cistPortConfig>	<CISTPortConfig> list ^[0-1]
<mstiPortConfig>	<MSTIPortConfig> list ^[0-1]
id	Specifies the spanning tree instance. Supported values are 0 - 4095. A value of 0 specifies the sole instance in STP/RSTP or the common instance in MSTP, Any other value ( 1 - 4095) specifies an MSTP instance.
aid	The Access Identifier (AID) of the element to which the configuration applies. Supported values are: MDS1 - Specifies the OLT bridge. NET[1-12] - Specifies an OLT uplink interface.

CISTBridgeConfig

protocolVersion	Specifies the spanning tree protocol. Supported alues are: 0 (STP), 1 (RSTP), and 2 (MSTP).
maxAge	The maximum time (in seconds) before a bridge port saves its BPDU information. Supported values are 6 - 40. The default value is 20.
helloTime	The interval (in seconds) between BPDU transmissions. Supported values are 1 - 2. The default value is 2.
forwardDelay	The time (in seconds) spent in the listening and learning state. Supported values are 1 - 2. The default value is 2.
priority	The bridge priority for the OLT. The switch with the lowest priority becomes the root bridge. Supported values are 0 - 61440, in increments of 4096. The default value is 32768.
holdCount	The maximum number of BPDUs that can be sent per second. Supported values are 1 - 10. The default value is 6.
maxHops	The maximum number of bridges, in an MST region, that a BPDU can traverse before it is discarded. The switch inserts this value into BPDUs that it sends out as the root bridge. Supported values are 6 - 40. The default value is 20.
configurationName	The name that uniquely identifies this configuration. The default value is the Target Identifier (TID) of the OLT.
configurationRevision	Specifies the revision number for the MST region in which the switch resides. All switches within an MST region must have identical revision numbers. This value is used to differentiate between region configurations. Supported values are 0 - 65535. The default value is 0.
filterDatabaseAgingTime	The time (in seconds) before an entry in the BPDU filtering database is aged out. Supported values are 0 - 65535. The default value is 300.

MSTIBridgeConfig

priority	The bridge priority for the OLT. The switch with the lowest priority becomes the root bridge. Supported values are 0 - 61440, in increments of 4096. The default value is 32768.

CISTPortConfig

adminState	Enable("true") / Disable ("false") spanning tree participation on the port.
pathCost	The relative cost of sending network traffic through the port towards the root bridge. The default path cost for an interface is based on the maximum speed of the interface. You can manipulate this value (increase the path cost) to discourage it from becoming part of the designated path away from the root.
internalPathCost	The relative cost of sending spanning tree traffic through the port to adjacent bridges within a spanning tree region. Internal path cost applies only to those interfaces in the common instance of MSTP.
priority	The relative port priority in a spanning tree instance. The lower the number the higher the priority. The system is more likely to select interfaces with lower numeric values to carry network traffic. Valid values are 0 - 240 in increments of 16. The default value is 128.
helloTime	Duration (in seconds) between each bridge protocol data unit (BPDU) that is sent on a port. Valid values are 1 - 10. The default value is 2.
pointToPoint	Point-to-point port designation. A point to point link is a port connected directly to another RSTP switch. Valid values are: 0 (Auto) - The switch automatically checks if the port is connected to a point-to-point link, then sets the status as Open or Closed. 1 (Off) - The port is designated as not connected to a point-to-point link. 2 (On) - The port is designated as connected to a point-to-point link.
edgePort	Enable("true") / Disable ("false") the port as a spanning tree edge port. If enabled, the port will go directly to the forwarding state. If disabled, the port will transition through the standard Spanning-Tree states (Blocking, Listening, Learning and Forwarding). A port should be set as an edge port when it is unlikely to recieve BPDUs from a connected device. If a port will use LLDP on VoIP phones, it should be set as an edge port.
restrictedRole	Prevent ("true") / Allow ("false") the port to generate topology change notifications (TCN).
restrictedTCN	Prevent ("true") / Allow ("false") the port to connect to a spanning tree root
autoEdgePort	Enable("true") / Disable ("false") auto-edge for the port. If enabled, the port will go directly to the forwarding state on link. If disabled, the port will transition through the standard Spanning-Tree states (Blocking, Listening, Learning and Forwarding). Auto-edge should be reserved for ports where it is unlikely that a device transmitting spanning-tree BPDUs will be connected.

MSTIPortConfig

pathCost

The relative cost of sending network traffic through the port towards the root bridge. You can manipulate this value (increase the path cost) to discourage it from becoming part of the designated path away from the root. The valid range and default path cost values is based on the maximum speed of the interface:

100Mbps: 200000 - 2000000, default = 200000
1Gbps: 20000 - 200000, default = 20000
10Gbps: 200 - 20000, default = 2000

priority

The relative port priority in a spanning tree instance. The lower the number the higher the priority. The system is more likely to select interfaces with lower numeric values to carry network traffic. Valid values are 0 - 240 in increments of 16. The default value is 128.

ACL

The elements discussed in this section store the provisioning data for system level ACLs. These ACLs apply to the OLT globally or on a card level.

Definition

	
			ACLConf  <xs:element name="ACLConfR1" type="ems:ACLConfR1" /> <xs:complexType name="ACLConfR1"> <xs:sequence> <xs:element name="filterList" type="ems:ACLFilterR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType>  ACLFilter  <xs:element name="ACLFilterR1" type="ems:ACLFilterR1" /> <xs:complexType name="ACLFilterR1"> <xs:sequence> <xs:element name="sourceMACAddrList" type="ems:ACLSourceMACAddrIPInfoR1" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="destinationIPv4List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="destinationIPv6List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="destinationMacList" type="ems:ACLMacAddrInfo" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="filterName" type="xs:string" use="required" /> <xs:attribute name="vlanId" type="xs:int" use="required" /> <xs:attribute name="filterPriority" type="xs:int" use="required" /> <xs:attribute name="maxMACAddr" type="xs:int" use="required" /> <xs:attribute name="ipProtocol" type="xs:int" use="required" /> <xs:attribute name="ethertype" type="xs:int" use="required" /> <xs:attribute name="ipTTL" type="xs:int" use="required" /> <xs:attribute name="ipDSCP" type="xs:int" use="required" /> <xs:attribute name="newDSCP" type="xs:int" use="required" /> <xs:attribute name="tos" type="xs:int" use="required" /> <xs:attribute name="l4SourcePort" type="xs:int" use="required" /> <xs:attribute name="l4SourcePortRangeLower" type="xs:int" use="required" /> <xs:attribute name="l4SourcePortRangeUpper" type="xs:int" use="required" /> <xs:attribute name="l4DestPort" type="xs:int" use="required" /> <xs:attribute name="l4DestPortRangeLower" type="xs:int" use="required" /> <xs:attribute name="l4DestPortRangeUpper" type="xs:int" use="required" /> <xs:attribute name="ipv4Flags_mf" type="xs:int" use="required" /> <xs:attribute name="ipv4Flags_df" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_urg" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_ack" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_psh" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_rst" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_syn" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_fin" type="xs:int" use="required" /> <xs:attribute name="isFloodable" type="xs:boolean" use="required" /> <xs:attribute name="pbit" type="xs:int" use="required" /> <xs:attribute name="action" type="xs:int" use="required" /> <xs:attribute name="committedInfoRate" type="xs:int" use="required" /> <xs:attribute name="committedBurstSize" type="xs:int" use="required" /> <xs:attribute name="peakInfoRate" type="xs:int" use="required" /> <xs:attribute name="peakBurstSize" type="xs:int" use="required" /> </xs:complexType>  ACLSourceMACAddrIPInfo  <xs:element name="ACLSourceMACAddrIPInfoR1" type="ems:ACLSourceMACAddrIPInfoR1" /> <xs:complexType name="ACLSourceMACAddrIPInfoR1"> <xs:sequence> <xs:element name="sourceIPv6List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="sourceIPv4List" type="ems:ACLSourceIPv4" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="srcMACAddress" type="xs:string" use="required" /> <xs:attribute name="macMaskBits" type="xs:int" use="required" /> <xs:attribute name="srcMACAddrAuthorized" type="xs:boolean" use="required" /> <xs:attribute name="maxIPAddr" type="xs:int" use="required" /> </xs:complexType>  ACLIpAddrInfo  <xs:element name="ACLIpAddrInfo" type="ems:ACLIpAddrInfo" /> <xs:complexType name="ACLIpAddrInfo"> <xs:attribute name="ipAddress" type="xs:string" use="required" /> <xs:attribute name="maskNumBits" type="xs:int" use="required" /> </xs:complexType>  ACLMacAddrInfo  <xs:element name="ACLMacAddrInfo" type="ems:ACLMacAddrInfo" /> <xs:complexType name="ACLMacAddrInfo"> <xs:attribute name="macAddress" type="xs:string" use="required" /> <xs:attribute name="macMaskBits" type="xs:int" use="required" /> </xs:complexType>  ACLSourceIP  <xs:element name="ACLSourceIPv4" type="ems:ACLSourceIPv4" /> <xs:complexType name="ACLSourceIPv4"> <xs:attribute name="srcIPv4Address" type="xs:string" use="required" /> <xs:attribute name="srcMaskNumBits" type="xs:int" use="required" /> <xs:attribute name="leasedIpAddress" type="xs:boolean" use="required" /> </xs:complexType>
		

Example

	
			<ems:ACLConfR1 name="MDS1"> <ems:filterList filterName="Deny-DHCP-Offer" vlanId="0" filterPriority="1" maxMACAddr="-1" ipProtocol="17" ethertype="2048" ipTTL="-1" ipDSCP="-1" newDSCP="-1" tos="-1" l4SourcePort="67" l4SourcePortRangeLower="-1" l4SourcePortRangeUpper="-1" l4DestPort="-1" l4DestPortRangeLower="-1" l4DestPortRangeUpper="-1" ipv4Flags_mf="2" ipv4Flags_df="2" tcpFlags_urg="2" tcpFlags_ack="2" tcpFlags_psh="2" tcpFlags_rst="2" tcpFlags_syn="2" tcpFlags_fin="2" isFloodable="false" pbit="-1" action="1" committedInfoRate="0" committedBurstSize="0" peakInfoRate="0" peakBurstSize="0" > <ems:sourceMACAddrList srcMACAddress="" macMaskBits="48" srcMACAddrAuthorized="false" maxIPAddr="0" /> </ems:filterList> </ems:ACLConfR1>
		

Content and Attributes

ACLConf

<filterList>	<ACLFilter> list ^[0-1]
name	The AID of the device to which this ACL applies.

ACLFilter

<sourceMACAddrList>	<ACLSourceMACAddrIPInfo> list ^[1-N]
<destinationIPv4List>	<ACLIpAddrInfo> list ^[0-N]
<destinationIPv6List>	<ACLIpAddrInfo> list ^[0-N]
<destinationMacList>	<ACLMacAddrInfo> list ^[0-N]
filterName	Name of the filter. The name is unique within the filter set.
vlanId	The VLAN the filter is applied to. The filter will be used for packets only on this VLAN. A value of zero (0) indicates the filter is VLAN agnostic.
filterPriority	Specifies the priority of the filter within the set of up to 8 filters per profile. Valid priorities are 1-8 where: priority 1 is the highest priority and 8 is the lowest priority. The filters are evaluated in order, based on this priority.
maxMACAddr	The maximum MAC addresses criteria of the filter. The maximum value is 8 and -1 indicates no maximum is specified.
ipProtocol	The IANA assigned Internet Protocol Number criteria of the filter. This value is only relevant for Extended ACLs. Valid values are any valid IANA IP protocol number. The filter specifically allows for: 1 (ICMP), 6 (TCP), 17 (UDP). Other valid values are document on the IANA Protocol Numbers website. The value -1 indicates protocol is ignored in match decisions.
ethertype	The IANA assigned Ethertype criteria of the filter. Valid values are any valid IANA Ethertype number in decimal notation. The values: 2048 (IPv4) and 2054 (ARP) are valid values for both Basic and Extended ACLs. All other ethertypes are valid only for Extended ACLs. Valid Ethertype numbers are documented on the IANA IEEE 802 Numbers website.
ipTTL	Specifies the Time-To-Live (in milliseconds) criteria of the filter. This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
ipDSCP	Specifies the differentiated services code point (DSCP) criteria of the filter. This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
newDSCP	Specifies the adjusted differentiated services code point (DSCP) criteria of the filter. The adjusted DSCP is the value of the DSCP field in the packet after applying DSCP mapping (if appropriate). This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
tos	*Deprecated*. Use the value -1 to indicate this component is ignored in match decisions. Prior to its deprecation, this value specified the type of service (ToS) criteria of the filter. The ToS field was an 8 bit field in an IP packet, where the 3 most significant bits (msb) represented precedence (0-7), the next 3 msb represented the TOS and the 2 least signicant bits were unused. This field is no longer used in ACL matching. and has been replaced with differentiated services code point (DSCP) criteria.
l4SourcePort	Specifies the layer 4 protocol,source port criteria of the filter when a single source port is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. The value -1 indicates this component is ignored in match decisions.
l4SourcePortRangeLower	Specifies the first, layer 4 protocol, source port criteria of the filter when a source port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be less than the value of the "l4SourcePortRangeUpper" attribute. The value -1 indicates this component is ignored in match decisions.
l4SourcePortRangeUpper	Specifies the last, layer 4 protocol, source port match component of the filter when a source port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be greater than the value of the "l4SourcePortRangeLower" attribute. The value -1 indicates this component is ignored in match decisions.
l4DestPort	Specifies the, layer 4 protocol, destination port match component of the filter when a single destination port is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. The value -1 indicates this component is ignored in match decisions.
l4DestPortRangeLower	Specifies the first, layer 4 protocol, destination port match component of the filter when a destination port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be less than the value of the "l4DestPortRangeUpper" attribute. The value -1 indicates this component is ignored in match decisions.
l4DestPortRangeUpper	Specifies the last, layer 4 protocol, destination port match component of the filter when a destiation port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be greater than the value of the "l4DestPortRangeLower" attribute. The value -1 indicates this component is ignored in match decisions.
ipv4Flags_mf	Specifies the More Fragments (MF) flag critera of the filter. This field is relevant only in Extended ACLs where the ethertype criteria is set to IPv4. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
ipv4Flags_df	Specifies the Don't Fragments (DF) flag critera of the filter. This field is relevant only in Extended ACLs where the ethertype critera is set to IPv4. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_urg	Specifies the TCP, Urget Pointer (URG) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_ack	Specifies the TCP, Acknowledgement (ACK) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_psh	Specifies the TCP, Push (PUSH) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_rst	Specifies the TCP, Reset (RST) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_syn	Specifies the TCP, Synchronization (SYN) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_fin	Specifies the TCP, Final (FIN) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
isFloodable	Specifies the Destination Lookup Failure mode critera of the filter. This field is relevant only in Extended ACLs. The value "true" means that the packet is floodable, where "false" means that it is not.
pbit	Specifies the 802.1P, Priority Code Point, critera of the filter. This field is relevant only in Extended ACLs. This is a 3 bit field in the header sometimes referred to as the priority bit (pbit). This field is used to implement class of service (CoS). Valid values are -1 through 7 where: O = Best Effort 1 = Background 2 = Excellent Effort 3 = Critical Applications 4 = Video 5 = Voice 6 = Internetwork control 7 = Network control The value (-1) indicates this component is ignored in match decisions.
action	Specifies the action to take if a packet matches this filter. Valid values are: 0 (permit), 1 (deny), 2 (Police/SrTCM) and 3 (Police/TrTCM). The permit action is available for both Basic and extended ACLs and permits a matched packet to pass. The deny action is available only for extended ACLs and drops matched packets. The remaining actions are policing actions that are also only relevant for extended ACLs. These actions compare port traffic statistics with filter settings to make the permit/deny decision. The policing criteria used depends on the action type specified. For a single rate, three color meter, police action (Police/SrTCM), the filter uses the limitations configured for the Committed Information Rate (CIR), Committed Burst Size (CBS), and Extended Burst Size (EBS) to make its decision. For a two rate, three color meter, police action (Police/TrTCM), the filter uses the limitations configured for the Committed Information Rate (CIR), Committed Burst Size (CBS), Peak Information Rate (PIR), Peak Burst Size (PBS) and Extended Burst Size (EBS) to make its decision.
committedInfoRate	The Committed Information Rate (CIR), in Kbps, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 10240. A value of 0, indicates this component is ignored in match decisions.
committedBurstSize	The Committed Burst Size (CIR), in Bytes, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 4096. A value of 0, indicates this component is ignored in match decisions.
peakInfoRate	The Peak Information Rate (PIR), in Kbps, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 10240. A value of 0, indicates this component is ignored in match decisions.
peakBurstSize	This value, measured in Bytes, doubles as both the Peak Burst Size (PBS) and Extended Burst Size (EBS) as limitations used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 4096. A value of 0, indicates this component is ignored in match decisions.

ACLSourceMACAddrIPInfo

<sourceIPv6List>	<ACLIpAddrInfo> list ^[0-N]
<sourceIPv4List>	<ACLSourceIPv4> list ^[0-N]
srcMACAddress	A string that specifies a source MAC address. A blank value means "Any MAC".
macMaskBits	The number of bits masked when comparing the MAC address.
srcMACAddrAuthorized	Specifies weather the source MAC must be Authorized (true).
maxIPAddr	The maximum number of IP Addresses that can be bound to the source MAC.

ACLMACAddrInfo

macAddress	A string that specifies a MAC Address.
macMaskBits	The number of bits masked when comparing the MAC address.

ACLIpAddrInfo

ipAddress	A string that specifies an IP Address.
maskNumBits	Number of bits to use in the subnet mask for comparison.

ACLSourceIPv4

srcIPv4Address	A string that specifies an IPv4 Address.
srcMaskNumBits	Number of bits to use in the subnet mask for comparison.
leasedIpAddress	Specifies whether the IP address is leased (true) or static (false)

IGMP

The <IGMPProfile> element, holds the configuration for the OLT IGMP proxy. This is the IGMP configuration for all interfaces that are IGMP enabled. Only one IGMPProfile, named "default", is allowed.

Definition

	
			IGMPProfile  <xs:element name="IGMPProfile" type="ems:IGMPProfile" /> <xs:complexType name="IGMPProfile"> <xs:attribute name="profileName" type="xs:string" use="required" /> <xs:attribute name="maxMessageRate" type="xs:int" use="required" /> <xs:attribute name="serviceTimeout" type="xs:int" use="required" /> <xs:attribute name="maxAllowedGroups" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:IGMPProfile serviceTimeout="5" maxMessageRate="10" maxAllowedGroups="16" profileName="default"/>
		

Content and Attributes

IGMPProfile

profileName	The name of the profile. Only "default" is allowed.
maxMessageRate	The maximum number of IGMP packets transmitted in one second by an interface. This limits the transmission rate of IGMP packets. The valid range is 1 - 20. The default value is 10.
serviceTimeout	The time (in minutes) before IGMP service will be disabled for an interface after the last response to an IGMP query. The valid range is 1 - 60. The default value is 5.
maxAllowedGroups	The maximum number of allowed Joined Multicast Groups. The valid range is 1 - 48. The default value is 16.

LLDP Bridge

The LLDP Bridge element holds the LLDP configuration for all OLT bridge ports.

Definition

	
			LLDPBridgeConf  <xs:element name="LLDPBridgeConfR1" type="ems:LLDPBridgeConfR1" /> <xs:complexType name="LLDPBridgeConfR1"> <xs:attribute name="adminStatus" type="xs:int" use="required" /> <xs:attribute name="msgTxHoldMultiplier" type="xs:int" use="required" /> <xs:attribute name="msgTxInterval" type="xs:int" use="required" /> <xs:attribute name="reinitDelay" type="xs:int" use="required" /> <xs:attribute name="txDelay" type="xs:int" use="required" /> <xs:attribute name="notificationInterval" type="xs:int" use="required" /> <xs:attribute name="medFastStartRepeatCount" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:LLDPBridgeConfR1 medFastStartRepeatCount="4" txDelay="2" reinitDelay="2" notificationInterval="5" msgTxInterval="30" msgTxHoldMultiplier="4" adminStatus="3"/>
		

Content and Attributes

LLDPBridgeConf

adminStatus	The LLDP operating mode for all OLT bridge ports. Valid values are: 0 = Disabled - Bridge ports do not send or receive LLDPDUs. 1 = Enabled (Tx Only) - Bridge ports send but do not receive LLDPDUs. 2 = Enabled (Rx Only - Bridge ports receive but do not send LLDPDUs. 3 = Enabled (Tx/Rx) - Bridge ports send and receive LLDPDUs.
msgTxHoldMultiplier	The number of transmit intervals (msgTxInterval) used to calculate the TTL for LLDPDUs. The TTL for an LLDPDU is equal to: msgTxInterval x msgTxHoldMultiplier. The valid range is 1 - 100. The default value is 4.
msgTxInterval	The time (in seconds) between LLDPDU transmissions when there are no changes to the local LLDP MIB. The valid range is 1 - 3600. The default value is 30.
reinitDelay	The time (in seconds) between when LLDP is disabled on a port, until it will honor a request to re-enable LLDP. The valid range is 1 - 10. The default value is 2.
txDelay	The time (in seconds) between LLDPDU transmission when initiated by changes in the local LLDP MIB. The valid range is 1 - 8192. The default value is 2.
notificationInterval	The time (in seconds) to wait before sending SNMP trap notifications when changes occur in the local LLDP MIB. The valid range is 5 - 3600. The default value is 5.
medFastStartRepeatCount	The number of LLDP packets sent during the LLDP-MED fast-start period. The fast-start feature enables a device to initially advertise itself at a faster rate, for a limited time, when an LLDP-MED endpoint has been newly detected. This feature is important within a VoIP network, where rapid availability is crucial. The valid range is 1 - 100. The default value is 4.

Trusted Host

The <TrustedHostConfig> element stores the configuration for the Trusted Host feature. Trusted Host restricts the visibity of and access to the OLT, to hosts specifically listed in the trusted host table. It also provides specific protocol limitations.

Definition

	
			TrustedHostConfig  <xs:element name="TrustedHostConfigR1" type="ems:TrustedHostConfigR1" /> <xs:complexType name="TrustedHostConfigR1"> <xs:sequence> <xs:element name="trustedHosts" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="enableTrustedHost" type="xs:boolean" use="required" /> <xs:attribute name="enableGroupIcmpEchoReply" type="xs:boolean" use="required" /> <xs:attribute name="enabledIcmpDestintationUnreachable" type="xs:boolean" use="required" /> <xs:attribute name="icmpRateLimit" type="xs:int" use="required" /> <xs:attribute name="interfaceName" type="xs:string" use="required" /> </xs:complexType>
		

Example

	
			<ems:LLDPBridgeConfR1 medFastStartRepeatCount="4" txDelay="2" reinitDelay="2" notificationInterval="5" msgTxInterval="30" msgTxHoldMultiplier="4" adminStatus="3"/>
		

Content and Attributes

TrustedHostConfig

<trustedHosts>	List ^[0-N] of trusted host names (IP Address or Domain Name)
enableTrustedHost	Enable("true") / Disable ("false") the Trusted Host feature.
enableGroupIcmpEchoReply	Enable("true") / Disable ("false") ICMP echo reply for the OLT. The echo reply message is an ICMP message generated in response to an echo request. This message is a valuable tool used in basic network troubleshooting. However, ICMP echo reply messages can be exploited in certain types of service attacks. If ICMP echo reply is disabled, the OLT will not respond to ICMP echo request messages.
enabledIcmpDestintationUnreachable	Enable("true") / Disable ("false") ICMP destination unreachable messages. The destination unreachable message is an ICMP message generated when ICMP messages cannot be delivered to intended recipients. This message is a valuable tool used in basic network troubleshooting. However, ICMP destination unreachable messages can be exploited in certain types of service attacks. If ICMP destination unreachable is disabled, the OLT will not send ICMP destination unreachable messages.
icmpRateLimit	The maximum number of ICMP egress messages allowed per second. ICMP is a valuable tool used in basic network troubleshooting. However, if not limited, it can be exploited in denial of service attacks. Limiting the number of ICMP messages can be used to mitigate this risk. Supported values are in the range of 0 - 1000. The default value is "0", which disables ICMP rate limiting.
interfaceName	The interface controlled by the Trusted Host configuration. Currently, this value must be set to "bvi1".

OSCP

The Online Certificate Status Protocol (OCSP) is an Internet protocol used to manage X.509 digital certificates in a public key infrastructure. The <OSCPConfig> element stores the OLT level OCSP configuration.

Definition

OCSPConfig <xs:element name="OCSPConfig" type="ems:OCSPConfig" /> <xs:complexType name="OCSPConfig"> <xs:attribute name="ocspServerAddress" type="xs:string" use="required" /> <xs:attribute name="ocspPollingFreq" type="xs:int" use="required" /> <xs:attribute name="useOCSPServerAddress" type="xs:boolean" use="required" /> <xs:attribute name="enableOCSP" type="ems:AdminState" use="required" /> </xs:complexType>

Example

	
			<ems:OCSPConfig enableOCSP="eLOCKED" useOCSPServerAddress="false" ocspServerAddress="" ocspPollingFreq="24"/>
		

Content and Attributes

OCSPConfig

ocspServerAddress	The IP address of the OSCP server used to check the revocation status of a certificate in the PKI infrastructure. Based on the response from the server, connectivity is allowed or denied. The OCSP server can be the certificate authority (CA) that issues a certificate or a designated authorized responder. Certificate Authorities (CA) are a core part of the digital trust infrastructure that issues and manages digital certificates used to verify the identity of public key subjects.
ocspPollingFreq	The interval (in hours) between polls used to check the revocation status of certificates. The default value is "24".
useOCSPServerAddress	Enable("true") / Disable ("false") using the ocspServerAddress for certificate validation.
enableOCSP	Enable/Disable the use of OSCP. See the definition in the Simple Types Dictionary section of this document.

DNS

Stores the Domain Name Server (DNS) configuration for the OLT.

Definition

DNSConfig <xs:element name="DNSConfig" type="ems:DNSConfig" /> <xs:complexType name="DNSConfig"> <xs:sequence> <xs:element name="dnsHostsList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="defaultDomainList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="queryTimeout" type="xs:int" use="required" /> </xs:complexType>

Example

	
			DNSConfig  <ems:DNSConfig adminState="eUNLOCKED" queryTimeout="5"> <ems:dnsHostsList>10.50.0.100</ems:dnsHostsList> <ems:defaultDomainList>tellabs.network</ems:defaultDomainList> </ems:DNSConfig>
		

Content and Attributes

DNSConfig

<dnsHostsList>	List ^[0-N] of DNS server IP addresses
<defaultDomainList>	List ^[0-N] of default domain names to use in resolving DNS host names
adminState	Enable/Disable using DNS. See definition in the Simple Types Dictionary section of this document.
queryTimeout	The time (in seconds) before a DNS lookup request times out. The supported range is 1 - 120. The default value is 5.

User Accounts

The elements in this section store the configuration for the individual CLI users.

Definition

UserAccountConf <xs:element name="UserAccountConfR3" type="ems:UserAccountConfR3" /> <xs:complexType name="UserAccountConfR3"> <xs:sequence> <xs:element name="roles" type="xs:string" minOccurs="1" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="userName" type="xs:string" use="required" /> <xs:attribute name="userPasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="encryptionType" type="ems:EncryptionTypeR1" use="required" /> <xs:attribute name="enabledAccount" type="xs:boolean" use="required" /> <xs:attribute name="agingPeriodForUser" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:UserAccountConfR3 agingPeriodForUser="180" encryptionType="eSHA_ONEWAY" userName="sbennett" enabledAccount="true" userPasswd="NDVBMUVFQjJDNzhFRkNCRDU3RDk2QTE3RERENjJGMjkzMDQxRkY4Qg=="> <ems:roles>Administrator</ems:roles> </ems:UserAccountConfR3> <ems:UserAccountConfR3 agingPeriodForUser="0" encryptionType="eSHA_ONEWAY" userName="admin" enabledAccount="true" userPasswd="NDVBMUVFQjJDNzhFRkNCRDU3RDk2QTE3RERENjJGMjkzMDQxRkY4Qg=="> <ems:roles>Administrator</ems:roles> </ems:UserAccountConfR3> <ems:UserAccountConfR3 agingPeriodForUser="180" encryptionType="eSHA_ONEWAY" userName="mguerra" enabledAccount="true" userPasswd="OUQ2RDdGNUVENzU5RDU4NjU2QzRBNTM3QjhBNTgwQTU2N0IyMkVFMg=="> <ems:roles>Administrator</ems:roles> </ems:UserAccountConfR3> <ems:UserAccountConfR3 agingPeriodForUser="30" encryptionType="eSHA_ONEWAY" userName="tlabDiag42" enabledAccount="true" userPasswd="MzZFNENFNDIyQzE3QUY0QzI5QjgyNTlBNDhEMjI4NzhFQjNGMDFBOA=="> <ems:roles>Administrator</ems:roles> </ems:UserAccountConfR3>
		

Content and Attributes

UserAccountConf

<roles>	list ^[0-N] of user role names. The roles define the user capabilities. Valid values are: Administrator - System administrator SecurityAdministrator - Security Administrator user Maintenance - Maintenance user ReadOnly - Read Only user
userName	The user name for this CLI user.
userPasswd	The encrypted password for this CLI user.
encryptionType	The methodology used to encrypt the user password. Valid values are: 1 - Message Digest Algorithm (MD5) - one way 2 - Data Encryption Standard (DES) symmetric-key algorithm 3 - Secure Hash Algorithm 1 (SHA1) - one way
enabledAccount	Enable/Disable this CLI user. See definition in the Simple Types Dictionary section of this document.
agingPeriodForUser	The time (in days) before a password change is required for this user. The supported range is 1 - 180.

Bridge Ports

The <EthPort> element stores the configuration for a bridge port on the OLT. These ports are OLT uplink or PON ports.

Definition

EthPort <xs:element name="EthPortR2" type="ems:EthPortR2" /> <xs:complexType name="EthPortR2"> <xs:attribute name="isLinkAggGroup" type="xs:boolean" use="required" /> <xs:attribute name="linkAggregateGroupId" type="xs:int" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="userLabel" type="xs:string" use="required" /> <xs:attribute name="enableLinkTrapNotification" type="xs:boolean" use="required" /> </xs:complexType>

Example

	
			<ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-1"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-2"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-3"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-4"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eUNLOCKED" linkAggregateGroupId="20" isLinkAggGroup="true" aid="MDS1-ESUA-5"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eUNLOCKED" linkAggregateGroupId="20" isLinkAggGroup="true" aid="MDS1-ESUA-6"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-1"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-2"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-3"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-4"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eUNLOCKED" linkAggregateGroupId="20" isLinkAggGroup="true" aid="MDS1-ESUB-5"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="Face Plate Port" adminState="eUNLOCKED" linkAggregateGroupId="20" isLinkAggGroup="true" aid="MDS1-ESUB-6"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-IO1"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUA-IO1-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-IO2"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUA-IO2-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-IO3"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUA-IO3-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUA-IO4"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUA-IO4-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-IO1"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUB-IO1-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-IO2"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUB-IO2-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-IO3"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUB-IO3-IO"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="IO Port" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="true" aid="MDS1-ESUB-IO4"/> <ems:EthPortR2 enableLinkTrapNotification="false" userLabel="" adminState="eUNLOCKED" linkAggregateGroupId="0" isLinkAggGroup="false" aid="MDS1-ESUB-IO4-IO"/>
		

Content and Attributes

EthPort

isLinkAggGroup	Specifies that this port is (true) / is not (false) part of a link aggregation group.
linkAggregateGroupId	The ID of the LAG this port is part of. 0 .. 20 ???
adminState	Enable/Disable this port. See definition in the Simple Types Dictionary section of this document.
aid	The AID of the port.
userLabel	String description of the port.
enableLinkTrapNotification	Enable (true) / disable (false) link trap notifications for this port.

VLANs

VLAN Properties Table

The VLAN Properties Table is a collection of VLANs authorized for use on the network. Only traffic tagged with VLANs defined in this table are allowed to traverse the LAN. Packets for all other VLANs will be dropped on ingress.

The VLAN Properties Table configuration is modeled by the the <VLANPropertiesTable> XML element. This element contains a sequence of <VLANProperties> elements. Each <VLANProperties> element defines the configuration for a single VLAN.

Definition

	
			VLANPropertiesTable  <xs:element name="VLANPropertiesTableR4" type="ems:VLANPropertiesTableR4" /> <xs:complexType name="VLANPropertiesTableR4"> <xs:sequence> <xs:element name="vlanPropertiesList" type="ems:VLANPropertiesR4" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  VLANProperties  <xs:element name="VLANPropertiesR4" type="ems:VLANPropertiesR4" /> <xs:complexType name="VLANPropertiesR4"> <xs:attribute name="vlanId" type="xs:int" use="required" /> <xs:attribute name="domain" type="xs:int" use="required" /> <xs:attribute name="aclMode" type="xs:int" use="required" /> <xs:attribute name="mstIndex" type="xs:int" use="required" /> <xs:attribute name="bridgeType" type="xs:int" use="required" /> <xs:attribute name="mvrpVlanType" type="xs:int" use="required" /> <xs:attribute name="description" type="xs:string" use="required" /> <xs:attribute name="enableDAI" type="xs:boolean" use="required" /> </xs:complexType>
		

Example

	
			<ems:VLANPropertiesTableR4> <ems:vlanPropertiesList vlanId="300" domain="1" aclMode="0" mstIndex="0" bridgeType="2" mvrpVlanType="1" description="GUEST NET" enableDAI="false"/> ... </ems:VLANPropertiesTableR4>
		

Content and Attributes

VLANPropertiesTable

<vlanPropertiesList>	<VLANProperties> list ^[0-N]

VLANProperties

vlanId	The VLAN number. Valid values range from 1 - 4094, excluding the 10 VLANs (4000 - 4007, 4011, and 4012) reserved for internal use.
domain	Used for multi-tenant applications, to prevent VLANs from being assigned to multiple domains. Always use the value "1".
aclMode	Defines the types of ACLs that can be used with the VLAN and the default action taken when a packet on that VLAN does not match an ACL rule. The following values are valid: 0 = Disable All ACLs - ACLs cannot be used with the VLAN. 1 = Basic ACL Default Deny - Only Basic ACLs can be used with the VLAN. All traffic is denied unless explicitly permitted by an ACL rule. 2 = Extended Default Deny - Basic and Extended ACLs can be used with the VLAN. All traffic is denied unless explicitly permitted by an ACL rule. 3 = Extended Default Permit - Basic and Extended ACLs can be used with the VLAN. All traffic is permitted unless explicitly denied by an ACL rule.
mstIndex	This is the instance of the spanning tree for the VLAN if using Multiple Spanning Tree. Typically, the value will be "1" for the common instance (CIST). A value of "0" means that the VLAN is not a participant in spanning tree loop prevention.
bridgeType	Defines the basic bridging behavior for the VLAN. The following values are valid: 0 = TLS - Transparent LAN Service provides Ethernet transport between remote Ethernet networks. It is called "transparent" because the connected networks are viewed as one contiguous network by the customer. 2 = Full Bridging - Typical Enterprise networking type of bridge behavior. The Full Bridging option bridges any type of traffic and is a standard L2 bridge. 4 = Private - Prevents bridging of the VLAN with the local area network. Traffic originating on the LAN is force-forwarded out the network uplink ports.
mvrpVlanType	*Deprecated*. Use the value "1". Defines the VLAN's Multiple VLAN Registration Protocol (MVRP) type. MVRP is an L2 messaging protocol that automates the creation and management of virtual LANs.
description	Text field that provides a user description for the VLAN. The value can be any meaningful text to aid in network administration.
enableDAI	Enable (True) / Disable (False) Dynamic ARP Inspection (DAI) for the VLAN. DAI is a security feature that validates the MAC/IP binding in ARP packets to protect against certain network attacks.

VLAN Assignment Table

The VLAN Assignment Table is collection of VLAN to interface mappings. It is defined in the <VLANAssignmentTable> XML element. This element contains a sequence of <VLANAssignment> elements. Each <VLANAssignment> element maps a VLAN to a NET interface and defines how the VLAN is managed by that interface. A VLAN can be assigned to more than one uplink interface.

Definition

	
			VLANAssignmentTable  <xs:element name="VLANAssignmentR1Table" type="ems:VLANAssignmentR1Table" /> <xs:complexType name="VLANAssignmentR1Table"> <xs:sequence> <xs:element name="vlanAssignmentList" type="ems:VLANAssignmentR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  VLANAssignment  <xs:element name="VLANAssignmentR1" type="ems:VLANAssignmentR1" /> <xs:complexType name="VLANAssignmentR1"> <xs:attribute name="interfaceAID" type="xs:string" use="required" /> <xs:attribute name="vlanId" type="xs:int" use="required" /> <xs:attribute name="domain" type="xs:int" use="required" /> <xs:attribute name="tagStyle" type="xs:int" use="required" /> <xs:attribute name="mrpRegistrarAdminControl" type="xs:int" use="required" /> <xs:attribute name="svid" type="xs:int" use="required" /> <xs:attribute name="isIPMCSource" type="xs:boolean" use="required" /> <xs:attribute name="enableIGMPProxy" type="xs:boolean" use="required" /> <xs:attribute name="isForceForward" type="xs:boolean" use="required" /> <xs:attribute name="priorityProfile" type="xs:string" use="required" /> <xs:attribute name="description" type="xs:string" use="required" /> </xs:complexType>
		

Example

	
			<ems:VLANAssignmentR1Table> <ems:vlanAssignmentList interfaceAID="NET1" vlanId="1" domain="1" tagStyle="1" mrpRegistrarAdminControl="3" svid="1" isIPMCSource="false" enableIGMPProxy="false" isForceForward="false" priorityProfile="default" description="" /> ... <ems:VLANAssignmentR1Table>
		

Content and Attributes

VLANAssignmentTable

<vlanAssignmentList>	<VLANAssignment> list ^[0-N]

VLANAssignment

interfaceAID	The AID of a NET interface that will carry the VLAN. A NET interface is logical uplink composed of one or more physical uplink ports. A valid AID is NETX where X is an integer that uniquely identifies the interface. A VLAN can be mapped to multiple NET interfaces, but it cannot be mapped to the same interface more then once. NET interfaces are defined by the <InterfaceConfig> XML element.
vlanId	The VLAN number. Valid VLANs are those defined in the VLAN Properties Table. A VLAN can be mapped to multiple interfaces, but it cannot be mapped to the same interface more then once. Valid values range from 1 - 4094, excluding the 10 VLANs (4000 - 4007, 4011, and 4012) reserved for internal use.
domain	Used for multi-tenant applications to prevent VLANs from being assigned to multiple domains. Always use the value "1".
tagStyle	*Deprecated.This value is used to support 802.1ad "QinQ" tagging. Use the value "1". [+] Show More [-] Hide IEEE 802.1ad is an Ethernet networking standard informally known as "QinQ" as an amendment to IEEE standard IEEE 802.1Q. The 802.1ad standard is also known as provider bridging and stacked VLANs. The original 802.1Q specification allows a single Virtual Local Area Network (VLAN) header to be inserted into an Ethernet frame. QinQ allows multiple VLAN tags to be inserted into a single frame (tag stack). A VLAN tag uses the tag protocol identifier (TPID) field, contained in the VLAN Tag of an Ethernet Frame, to identify the protocol type of the tag. When VLANs are stacked in 802.1ad, there are two VLAN tags in the Ethernet Frame; the outer VLAN tag is used for the Service VLAN (S-VLAN) and the inner one the customer VLAN (C-VLAN). Physically, the S-VLAN tag appears first in the Ethernet frame and the C-VLAN tag second. The values of the tagstyle*attribute are important when 802.1ad is supported. The following values are used: - For "Edge" ports (NET's of type Downlink and LPE) the tag style specifies the number of tags in the frame: 1 - Single - No stacked tag. 2 - Stacked tag - Double tag SV around NV. - For "Network" ports (NET's of type Uplink or Transport) the tag style specifies the meaning of the outer TPID: 3 - Stacked tag with the outer tag specifying the C-VLAN 4 - Stacked tag with the outer tag specifying the S-VLAN
mrpRegistrarAdminControl	*Deprecated.*This value is used to support Multiple VLAN Registration Protocol (MVRP). Use the value "1".
svid	*Deprecated.*This value is used to support 802.1ad "QinQ" tagging. Use the value "1".
isIPMCSource	*Deprecated*. Use the value "false"
enableIGMPProxy	Enable ("true") / Disable ("false") IGMP proxy for this VLAN on the mapped interface.
isForceForward	*Deprecated*. Use the value "false". Bridging decisions are now determined by the bridge type defined in the service profile.
priorityProfile	The name of the DiffServe Code Point (DSCP) profile assigned to the interface in this assignment.
description	Text field to name or describe the VLAN/interface association. Since a VLAN can appear on more than one interface a meaningful description can be useful for network management tasks.

Interfaces

The <InterfaceConfig> element defines an upstream, external interface. This element can define a Link Aggregation Group (LAG), linear (NET), or Ring interface.

Definition

	
			InterfaceConfig  <xs:element name="InterfaceConfigR5" type="ems:InterfaceConfigR5" /> <xs:complexType name="InterfaceConfigR5"> <xs:sequence> <xs:element name="interfaceType" type="xs:int" /> <xs:element name="lagConfig" type="ems:LAGInterfaceConfigR5" minOccurs="0" /> <xs:element name="ringConfig" type="ems:RingInterfaceConfigR2" minOccurs="0" /> <xs:element name="linearConfig" type="ems:LinearInterfaceConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType>  LAGInterfaceConfig  <xs:element name="LAGInterfaceConfigR5" type="ems:LAGInterfaceConfigR5" /> <xs:complexType name="LAGInterfaceConfigR5"> <xs:sequence> <xs:element name="portsList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="lacpConfig" type="ems:LACP" minOccurs="0" maxOccurs="1" /> </xs:sequence> <xs:attribute name="description" type="xs:string" use="required" /> <xs:attribute name="dscpProfileName" type="xs:string" use="required" /> <xs:attribute name="lagSpeed" type="xs:int" use="required" /> <xs:attribute name="hashAlgorithm" type="xs:int" use="required" /> <xs:attribute name="pvid" type="xs:int" use="required" /> <xs:attribute name="pvidPriority" type="xs:int" use="required" /> <xs:attribute name="pauseFrames" type="xs:boolean" use="required" /> </xs:complexType>  LACP  <xs:element name="LACP" type="ems:LACP" /> <xs:complexType name="LACP"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="lacpWaitTimer" type="xs:int" use="required" /> <xs:attribute name="lacpTimer" type="ems:LACPTimer" use="required" /> <xs:attribute name="lacpMode" type="ems:LACPMode" use="required" /> </xs:complexType>  RingInterfaceConfig  <xs:element name="RingInterfaceConfigR2" type="ems:RingInterfaceConfigR2" /> <xs:complexType name="RingInterfaceConfigR2"> <xs:attribute name="ringName" type="xs:string" use="required" /> <xs:attribute name="ringId" type="xs:int" use="required" /> <xs:attribute name="waitToRestore" type="xs:int" use="required" /> <xs:attribute name="controlVLAN" type="xs:int" use="required" /> <xs:attribute name="controlPriority" type="xs:int" use="required" /> <xs:attribute name="bwFailureThreshold" type="xs:int" use="required" /> <xs:attribute name="eastLAG" type="xs:string" use="required" /> <xs:attribute name="westLAG" type="xs:string" use="required" /> <xs:attribute name="rplLAG" type="xs:string" use="required" /> </xs:complexType>  LinearInterfaceConfig  <xs:element name="LinearInterfaceConfig" type="ems:LinearInterfaceConfig" /> <xs:complexType name="LinearInterfaceConfig"> <xs:attribute name="aidLAG" type="xs:string" use="required" /> <xs:attribute name="linearType" type="xs:int" use="required" /> </xs:complexType>
		

NET Interface

A NET interface is an external interface that connects the the Optical LAN to the the network in the upstream direction. A NET interface is defined by the <InterfaceConfig> element.

Definition

InterfaceConfig <xs:element name="InterfaceConfigR5" type="ems:InterfaceConfigR5" /> <xs:complexType name="InterfaceConfigR5"> <xs:sequence> <xs:element name="interfaceType" type="xs:int" /> <xs:element name="linearConfig" type="ems:LinearInterfaceConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType> LinearInterfaceConfig <xs:element name="LinearInterfaceConfig" type="ems:LinearInterfaceConfig" /> <xs:complexType name="LinearInterfaceConfig"> <xs:attribute name="aidLAG" type="xs:string" use="required" /> <xs:attribute name="linearType" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:InterfaceConfigR5 adminState="eUNLOCKED" aid="NET1"> <ems:interfaceType>6</ems:interfaceType> <ems:linearConfig aidLAG="LAG1" linearType="4" /> <ems:InterfaceConfigR5>
		

Content and Attributes

When defining a NET Interface, an <interfaceConfig> element contains the child elements <interfaceType> and <linearConfig>.

<InterfaceConfig>

<interfaceType>	Specifies the interface type. Valid values are: 1 (LAG) and 6 (Linear).
<linearConfig>	<LinearInterfaceConfig>
adminState	See definition in the Simple Types Dictionary section of this document.
aid	The access identifier (aid) is the Tellabs proprietary ID for the interface. Valid values are NET1...NET(N).

aidLAG	The AID of the LAG assigned to this net Interface. Valid values are LAG1...LAG(N).
linearType	*Deprecated. Use the value "4" (uplink*)

Link Aggregation Group (LAG) Interface

A LAG is a bonding of physical ports together to create a single logical port. A LAG is defined by the <interfaceConfig> element.

Definition

	
			InterfaceConfig  <xs:element name="InterfaceConfigR5" type="ems:InterfaceConfigR5" /> <xs:complexType name="InterfaceConfigR5"> <xs:sequence> <xs:element name="interfaceType" type="xs:int" /> <xs:element name="lagConfig" type="ems:LAGInterfaceConfigR5" minOccurs="0" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType>  LAGInterfaceConfig  <xs:element name="LAGInterfaceConfigR5" type="ems:LAGInterfaceConfigR5" /> <xs:complexType name="LAGInterfaceConfigR5"> <xs:sequence> <xs:element name="portsList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="lacpConfig" type="ems:LACP" minOccurs="0" maxOccurs="1" /> </xs:sequence> <xs:attribute name="description" type="xs:string" use="required" /> <xs:attribute name="dscpProfileName" type="xs:string" use="required" /> <xs:attribute name="lagSpeed" type="xs:int" use="required" /> <xs:attribute name="hashAlgorithm" type="xs:int" use="required" /> <xs:attribute name="pvid" type="xs:int" use="required" /> <xs:attribute name="pvidPriority" type="xs:int" use="required" /> <xs:attribute name="pauseFrames" type="xs:boolean" use="required" /> </xs:complexType>  LACP  <xs:element name="LACP" type="ems:LACP" /> <xs:complexType name="LACP"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="lacpWaitTimer" type="xs:int" use="required" /> <xs:attribute name="lacpTimer" type="ems:LACPTimer" use="required" /> <xs:attribute name="lacpMode" type="ems:LACPMode" use="required" /> </xs:complexType>
		

Example

	
			<ems:interfaceConfigR5 adminState="eUNLOCKED" aid="LAG2"> <ems:interfaceType>1</ems:interfaceType> <ems:lagConfig description="" dscpProfileName="" lagSpeed="3" hashAlgorithm="2" pvid="1" pvidPriority="0" pauseFrames="true" > <ems:portsList>MDS1-ESUB-6</ems:portsList> <ems:portsList>MDS1-ESUB-5</ems:portsList> <ems:lacpConfig adminState="eUNLOCKED" lacpWaitTimer="2" lacpTimer="eSHORTTIMER" lacpMode="eACTIVE" > </ems:lagConfig> </ems:interfaceConfigR5>
		

Content and Attributes

When defining a LAG Interface, an <InterfaceConfig> element contains the child elements, <interfaceType> and <lagConfig>. The <lagConfig> element defines the LAG and is the parent of a sequence of <portsList> elements and a <lacpConfig> element. The <portsList> element defines a physical port in the LAG. The <lacpConfig> element defines the behavior of the Link Aggregation Control protocol for the LAG.

InterfaceConfig

<interfaceType>	Specifies the interface type. Valid values are: 1 (LAG) and 6 (Linear).
<lagConfig>	<LAGInterfaceConfig>
adminState	See definition in the Simple Types Dictionary section of this document.
aid	The access identifier is the Tellabs proprietary id for the interface. For LAGs, the values are LAG1... LAG(N).

LAGInterfaceConfig

<portsList>	A list ^[0-N] of the AIDs of physical uplinks that are in the LAG interface
<lacpConfig>	<LACP>^[Optional]
description	The user defined label for the LAG interface.
dscpProfileName	Name of the Diff Services Code Point profile assigned to the LAG interface.
lagSpeed	The speed of the LAG interface. This is the speed of the individual linear interfaces that make up the LAG.
hashAlgorithm	Hashing algorithm used to distribute traffic accross the physical links in the LAG. Valid values are: 0 = Source MAC 1 = Destination MAC 2 = Source and Destination MAC (default) 3 = Source IP 4 = Destination IP 5 = Source and Destination IP
pvid	The Port VLAN ID. This is the VLAN id that will be assigned to any untagged frames entering the switch on this LAG.
pvidPriority	Priority of the PVID.
pauseFrames	Enable (true) / Disable (false) the use of pause frames to control buffering on the interface.

LACP

adminState	See definition in the Simple Types Dictionary section of this document.
lacpWaitTimer	The time (in seconds), LACP waits to aggregate the physical links. A value of zero (0), results in immediate aggregation. The default value is two (2) seconds.
lacpTimer	See definition in the Simple Types Definition section of this document.
lacpMode	See definition in the Simple Types Definition section of this document.

Equipment

The Equipment XML elements store the configuration data for individual system components that define how they function in specific deployment.

Circuit Pack

Historically, a circuit pack is a circuit board that contains the logic, memory, and switching circuitry for a telecommunications system. This term has persisted for networking companies with telecommunications roots. Today, a Circuit Pack is network component that has ports and a switching fabric. Circuit Packs are configurable, interchangeable units that can be replaced and moved from one system to another. Edge Switch Units (ESUs), IOCards (QOIU7, OIU8), and ONTs are all examples of circuit packs. The elements in this section hold the configuration data to define circuit pack operation according to function, capabilities, and deployment needs.

Definition

	
			CircuitPack  <xs:element name="CircuitPackR14" type="ems:CircuitPackR14" /> <xs:complexType name="CircuitPackR14">  The greyed out elements in the sequence below are deprecated.   Only ONTs are assigned configs in the CircuitPack element. IO cards and Edge cards do not have configs.  <xs:sequence> <xs:element name="eqpProfileAssignmentList" type="ems:EquipmentProfileAssignment" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="supportedCardGroupType" type="ems:SupportedCardGroupType" /> <xs:element name="installedCardGroupType" type="xs:int" /> <xs:element name="nccConfig" type="ems:NCCCircuitPackConfigR2" minOccurs="0" /> <xs:element name="nvcConfig" type="ems:NVCCircuitPackConfigR2" minOccurs="0" /> <xs:element name="ontConfig" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="diuConfig" type="ems:DIUCircuitPackConfigR1" minOccurs="0" /> <xs:element name="tduConfig" type="ems:TDUCircuitPackConfigR1" minOccurs="0" /> <xs:element name="amuConfig" type="ems:AMUCircuitPackConfig" minOccurs="0" /> <xs:element name="bbcConfig" type="ems:BBCCircuitPackConfig" minOccurs="0" /> <xs:element name="ndcConfig" type="ems:NDCCircuitPackConfig" minOccurs="0" /> <xs:element name="sfu000Config" type="ems:SFU000CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu010Config" type="ems:SFU010CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu210RFConfig" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu211Config" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu240ETSIConfig" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu240ETSINORFConfig" type="ems:SFU210ETSINORFCircuitPackConfigR2" minOccurs="0" /> <xs:element name="sfu729Config" type="ems:ONTGenericCircuitPackConfigR2" minOccurs="0" /> <xs:element name="sfu120Config" type="ems:ONTGenericCircuitPackConfigR2" minOccurs="0" /> <xs:element name="bbc7Config" type="ems:BBC7CircuitPackConfig" minOccurs="0" /> <xs:element name="esu30Config" type="ems:ESU30CircuitPackConfigR1" minOccurs="0" /> <xs:element name="nmcConfig" type="ems:NMCCircuitPackConfigR1" minOccurs="0" /> <xs:element name="sfu040Config" type="ems:SFU040CircuitPackConfigR2" minOccurs="0" /> <xs:element name="onu812Config" type="ems:ONU812CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu2402ETSIConfig" type="ems:SFU2402ETSICircuitPackConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="locationName" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> </xs:complexType>
		

Example

	
			Example for an ESU (Edge Switch unit)  <ems:CircuitPackR14 locationName="" adminState="eUNLOCKED" aid="MDS1-ESUA"> <ems:supportedCardGroupType>eSG_ESU2</ems:supportedCardGroupType> <ems:installedCardGroupType>253</ems:installedCardGroupType> </ems:CircuitPackR14>  Example for an IO Card  <ems:CircuitPackR14 locationName="" adminState="eUNLOCKED" aid="MDS1-IO4"> <ems:supportedCardGroupType>eSG_PON_4</ems:supportedCardGroupType> <ems:installedCardGroupType>251</ems:installedCardGroupType> </ems:CircuitPackR14>  Example for an ONT  <ems:CircuitPackR14 locationName="ONT142R" adminState="eUNLOCKED" aid="MDS1-4-1-4"> <ems:eqpProfileAssignmentList profileType="2" profileName="tsw_dscp"/> <ems:supportedCardGroupType>eSG_ONT142R</ems:supportedCardGroupType> <ems:installedCardGroupType>330</ems:installedCardGroupType> <ems:sfu120Config ledHoldTime="0" rangeFailWaitTimePOTS="12" forcedStopMode="false" configLock="true" ontId="4" registrationId="000000" serialNum="IPHO005191C9"> <ems:hostConf ipAssignmentMode="0" arcMode="true" userpasswd="tellabs1" username="tellabs" deviceId="142R-ont" voicectrlPersonality="3"> <ems:sipConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> <ems:rtpConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> </ems:hostConf> <ems:powerShedding videoOverlaySheddingInterval="900" pwrRestoreTimerResetInterval="30" dataSheddingInterval="900"/> <ems:poeConfig externalBBUPowerAvailable="40" poeUsageThreshold="99" externalPowerAvailable="75" arcMode="false"/> <ems:rfCfg arcMode="false" overloadThreshold="5" degradedThreshold="-19" acRestoreWaitTime="1" acFailWaitTime="30" rangeFailWaitTime="48" agcSetting="-12" adminState="eLOCKED"/> </ems:sfu120Config> </ems:CircuitPackR14>
		

Content and Attributes

CircuitPack

<eqpProfileAssignmentList>	<EquipmentProfileAssignment> list ^[0-N].
<supportedCardGroupType>	See <SupportedCardGroupType> in the Simple Types Dictionary.
<installedCardGroupType>	A number that specifies the actual card type installed. If this value does not agree with the enumerated type contained in the <supportedCardGroupType> element, the system will report an Equipment Mismatch alarm. Valid values are: 72 = ONT729GP 73 = ESU32 74 = OIU8 76 = OIU2 240 = ESU1 244 = OFA 251 = QOIU7 252 = ESU30 253 = ESU2 256 = Empty Slot 313 = ONT704 314 = ONT705 316 = ONT709 317 = ONT729GP 318 = ONT705GR 319 = ONT709GP 320 = ONT714G 323 = ONT120 324 = ONT140 330 = ONT142R 333 = ONT180 334 = ONT205 335 = ONT131W 336 = ONT121W 337 = ONT121WX 338 = ONT248 339 = ONT140CL 340 = ONT202 341 = ONT224
<ontConfig>	<ONTCircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT7O2.
<sfu240ETSIConfig>	<ONTCircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT705.
<sfu240ETSINORFConfig>	<SFU210ETSINORFCircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT704.
<sfu729Config>	<ONTGenericCircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT729GP
<sfu120Config>	<ONTGenericCircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT of any type other than: ONT7O2, ONT704, ONT705, ONT709, or ONT729GP.
<sfu040Config>	<SFU040CircuitPackConfig> list ^[0-1]. Use this element if the circuit pack defines an ONT709.
adminState	See definition in the Simple Types Definition section of this document
aid	The AID of the circuit pack.

ONT Configs

The elements in this section store the configuration data for ONT identification, operation and ONT specific capabilities. The configuration data for each ONT will vary according to its capabilities, which include VoIP, Power-Shedding, PoE and RF Video.

An ONT is a circuit pack and all ONT configuration data is contained by a <CircuitPack> XML element. The ONT specific configuration data is stored in an ONT configuration element (appropriate for the ONT type) contained by the <CircuitPack> element. The ONT configuration element element stores configuration data common to all ONTs (Serial Number, ID on PON, LED hold-time, EStop mode, etc.) as attributes. It may also contain additional configuration elements according to the ONT capabilities:

<VOIPHostConfiguration> - stores the configuration data to support VoIP capabilities; including SIP participation.
<PowerSheddingConfig> - stores the configuration data to support power-shedding capabilities. Power-shedding is a strategy for conserving batter life, by reducing power consumption, when power to a constant source is lost.
<PoEConfig> - stores the configuration data to support PoE capabilities; including alarms, and available power adjustments.
<rfCfg> - stores the configuration data to support RF Video overlay capabilities.

Definition

	
			ONTCircuitPackConfig  <xs:element name="ONTCircuitPackConfigR3" type="ems:ONTCircuitPackConfigR3" /> <xs:complexType name="ONTCircuitPackConfigR3"> <xs:sequence> <xs:element name="hostConf" type="ems:VOIPHostConfigurationR3" /> <xs:element name="rfCfg" type="ems:RFVideoConfig" /> </xs:sequence> <xs:attribute name="serialNum" type="xs:string" use="required" /> <xs:attribute name="registrationId" type="xs:string" use="required" /> <xs:attribute name="ontId" type="xs:string" use="required" /> <xs:attribute name="configLock" type="xs:boolean" use="required" /> <xs:attribute name="forcedStopMode" type="xs:boolean" use="required" /> <xs:attribute name="rangeFailWaitTimePOTS" type="xs:int" use="required" /> </xs:complexType>  SFU210ETSINORFCircuitPackConfig  <xs:element name="SFU210ETSINORFCircuitPackConfigR2" type="ems:SFU210ETSINORFCircuitPackConfigR2" /> <xs:complexType name="SFU210ETSINORFCircuitPackConfigR2"> <xs:sequence> <xs:element name="hostConf" type="ems:VOIPHostConfigurationR3" /> <xs:element name="powerShedding" type="ems:PowerSheddingConfig" /> </xs:sequence> <xs:attribute name="serialNum" type="xs:string" use="required" /> <xs:attribute name="registrationId" type="xs:string" use="required" /> <xs:attribute name="ontId" type="xs:string" use="required" /> <xs:attribute name="configLock" type="xs:boolean" use="required" /> <xs:attribute name="forcedStopMode" type="xs:boolean" use="required" /> <xs:attribute name="rangeFailWaitTimePOTS" type="xs:int" use="required" /> </xs:complexType>  ONTGenericCircuitPackConfig  <xs:element name="ONTGenericCircuitPackConfigR2" type="ems:ONTGenericCircuitPackConfigR2" /> <xs:complexType name="ONTGenericCircuitPackConfigR2"> <xs:sequence> <xs:element name="hostConf" type="ems:VOIPHostConfigurationR3" /> <xs:element name="powerShedding" type="ems:PowerSheddingConfig" /> <xs:element name="poeConfig" type="ems:PoEConfigR1" /> <xs:element name="rfCfg" type="ems:RFVideoConfig" /> </xs:sequence> <xs:attribute name="serialNum" type="xs:string" use="required" /> <xs:attribute name="registrationId" type="xs:string" use="required" /> <xs:attribute name="ontId" type="xs:string" use="required" /> <xs:attribute name="configLock" type="xs:boolean" use="required" /> <xs:attribute name="forcedStopMode" type="xs:boolean" use="required" /> <xs:attribute name="rangeFailWaitTimePOTS" type="xs:int" use="required" /> <xs:attribute name="ledHoldTime" type="xs:int" use="required" /> </xs:complexType>  SFU040CircuitPackConfig  <xs:element name="SFU040CircuitPackConfigR2" type="ems:SFU040CircuitPackConfigR2" /> <xs:complexType name="SFU040CircuitPackConfigR2"> <xs:sequence> <xs:element name="poeConfig" type="ems:PoEConfigR1" /> <xs:element name="powerShedding" type="ems:PowerSheddingConfig" /> </xs:sequence> <xs:attribute name="serialNum" type="xs:string" use="required" /> <xs:attribute name="registrationId" type="xs:string" use="required" /> <xs:attribute name="ontId" type="xs:string" use="required" /> <xs:attribute name="configLock" type="xs:boolean" use="required" /> <xs:attribute name="forcedStopMode" type="xs:boolean" use="required" /> </xs:complexType>  VOIPHostConfiguration  <xs:element name="VOIPHostConfigurationR3" type="ems:VOIPHostConfigurationR3" /> <xs:complexType name="VOIPHostConfigurationR3"> <xs:sequence> <xs:element name="sipConf" type="ems:NetworkConfiguration" /> <xs:element name="rtpConf" type="ems:NetworkConfiguration" /> </xs:sequence> <xs:attribute name="voicectrlPersonality" type="xs:int" use="required" /> <xs:attribute name="deviceId" type="xs:string" use="required" /> <xs:attribute name="username" type="xs:string" use="required" /> <xs:attribute name="userpasswd" type="xs:string" use="required" /> <xs:attribute name="arcMode" type="xs:boolean" use="required" /> <xs:attribute name="ipAssignmentMode" type="xs:int" use="required" /> </xs:complexType>  NetworkConfiguration  <xs:element name="NetworkConfiguration" type="ems:NetworkConfiguration" /> <xs:complexType name="NetworkConfiguration"> <xs:attribute name="ipaddress" type="xs:string" use="required" /> <xs:attribute name="gatewaymask" type="xs:string" use="required" /> <xs:attribute name="gatewayip" type="xs:string" use="required" /> <xs:attribute name="dnsprimary" type="xs:string" use="required" /> <xs:attribute name="dnssecondary" type="xs:string" use="required" /> <xs:attribute name="vlanid" type="xs:int" use="required" /> <xs:attribute name="cfi" type="xs:int" use="required" /> <xs:attribute name="prot802_1p" type="xs:int" use="required" /> </xs:complexType>  PowerSheddingConfig  <xs:element name="PowerSheddingConfig" type="ems:PowerSheddingConfig" /> <xs:complexType name="PowerSheddingConfig"> <xs:attribute name="pwrRestoreTimerResetInterval" type="xs:int" use="required" /> <xs:attribute name="dataSheddingInterval" type="xs:int" use="required" /> <xs:attribute name="videoOverlaySheddingInterval" type="xs:int" use="required" /> </xs:complexType>  PoEConfig  <xs:element name="PoEConfigR1" type="ems:PoEConfigR1" /> <xs:complexType name="PoEConfigR1"> <xs:attribute name="poeUsageThreshold" type="xs:int" use="required" /> <xs:attribute name="arcMode" type="xs:boolean" use="required" /> <xs:attribute name="externalPowerAvailable" type="xs:int" use="required" /> <xs:attribute name="externalBBUPowerAvailable" type="xs:int" use="required" /> </xs:complexType>  RFVideoConfig  <xs:element name="RFVideoConfig" type="ems:RFVideoConfig" /> <xs:complexType name="RFVideoConfig"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="agcSetting" type="xs:int" use="required" /> <xs:attribute name="rangeFailWaitTime" type="xs:int" use="required" /> <xs:attribute name="acFailWaitTime" type="xs:int" use="required" /> <xs:attribute name="acRestoreWaitTime" type="xs:int" use="required" /> <xs:attribute name="degradedThreshold" type="xs:int" use="required" /> <xs:attribute name="overloadThreshold" type="xs:int" use="required" /> <xs:attribute name="arcMode" type="xs:boolean" use="required" /> </xs:complexType>
		

Example

	
			<ems:CircuitPackR14 locationName="ONT142R" adminState="eUNLOCKED" aid="MDS1-4-1-4"> <ems:eqpProfileAssignmentList profileType="2" profileName="default"/> <ems:supportedCardGroupType>eSG_ONT142R</ems:supportedCardGroupType> <ems:installedCardGroupType>330</ems:installedCardGroupType>  ONTGenericCircuitPackConfig  <ems:sfu120Config ledHoldTime="0" rangeFailWaitTimePOTS="12" forcedStopMode="false" configLock="true" ontId="4" registrationId="000000" serialNum="IPHO005191C9"> <ems:hostConf ipAssignmentMode="0" arcMode="true" userpasswd="tellabs1" username="tellabs" deviceId="142R-ont" voicectrlPersonality="3"> <ems:sipConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> <ems:rtpConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> </ems:hostConf> <ems:powerShedding videoOverlaySheddingInterval="900" pwrRestoreTimerResetInterval="30" dataSheddingInterval="900"/> <ems:poeConfig externalBBUPowerAvailable="40" poeUsageThreshold="99" externalPowerAvailable="75" arcMode="false"/> <ems:rfCfg arcMode="false" overloadThreshold="5" degradedThreshold="-19" acRestoreWaitTime="1" acFailWaitTime="30" rangeFailWaitTime="48" agcSetting="-12" adminState="eLOCKED"/> </ems:sfu120Config> </ems:CircuitPackR14>
		

Content and Attributes

ONTCircuitPackConfig

<hostConf>	<VOIPHostConfiguration>
<rfCfg>	<RFVideoConfig>
serialNum	The ONT serial number.
registrationId	Not Supported. This is the registration ID when not using the ONT serial number as the ONT password. Use the value "000000".
ontId	The identification number of the ONT, relative to others on the same PON port. Valid values are 1-64.
configLock	A boolean value (true/false) that specifies the mutability of the ONT configuration. To alter the ONT configuraion, this value must be set to "false".
forcedStopMode	Enter(true)/Exit(false) the ONT "forced stop" mode. If the ONT is in the "forced stop" mode, the OLT will not attempt to communicate with or range it. The ONT will not be allowed to connect to the network.
rangeFailWaitTimePOTS	The time (in seconds) before battery power is denied to the POTs ports when an ONT fails to range or loses connectivity to the OLT. This delay keeps the ports powered during brief outages. This helps to prevent setting off attached buglar alarms. The valid range is "0-360", in 10 second increments. The default value is "120".

SFU210ETSINORFCircuitPackConfig

<hostConf>	<VOIPHostConfiguration>
<powerShedding>	<PowerSheddingConfig>
serialNum	The ONT serial number.
registrationId	Not Supported. This is the registration ID when not using the ONT serial number as the ONT password. Use the value "000000".
ontId	The identification number of the ONT, relative to others on the same PON port. Valid values are "1-64".
configLock	A boolean value (true/false) that specifies the mutability of the ONT configuration. To alter the ONT configuraion, this value must be set to "false".
forcedStopMode	Enter(true)/Exit(false) the ONT "forced stop" mode. If the ONT is in the "forced stop" mode, the OLT will not attempt to communicate with or range it. The ONT will not be allowed to connect to the network.
rangeFailWaitTimePOTS	The time (in seconds) before battery power is denied to the POTs ports when an ONT fails to range or loses connectivity to the OLT. This delay keeps the ports powered during brief outages. This helps to prevent setting off attached buglar alarms. The valid range is "0-360", in 10 second increments. The default value is "120".

ONTGenericCircuitPackConfig

<hostConf>	<VOIPHostConfiguration>
<powerShedding>	<PowerSheddingConfig>
<poeConfig>	<PoEConfig>
<rfCfg>	<RFVideoConfig>
serialNum	The ONT serial number.
registrationId	Not Supported. This is the registration ID when not using the ONT serial number as the ONT password. Use the value "000000".
ontId	The identification number of the ONT, relative to others on the same PON port. Valid values are "1-64".
configLock	A boolean value (true/false) that specifies the mutability of the ONT configuration. To alter the ONT configuraion, this value must be set to "false".
forcedStopMode	Enter(true)/Exit(false) the ONT "forced stop" mode. If the ONT is in the "forced stop" mode, the OLT will not attempt to communicate with or range it. The ONT will not be allowed to connect to the network.
rangeFailWaitTimePOTS	The time (in seconds) before battery power is denied to the POTs ports when an ONT fails to range or loses connectivity to the OLT. This delay keeps the ports powered during brief outages. This helps to prevent setting off attached buglar alarms. The valid range is "0-360", in 10 second increments. The default value is "120".
ledHoldTime	The amount of time (in seconds) the OLT LEDs remain illuminated after a transition. Valid values are "0-65535". Setting this value to "0" causes the LEDs to remain illuminated indefinately. The default value is "120".

SFU040CircuitPackConfig

<poeConfig>	<PoEConfig>
<powerShedding>	<PowerSheddingConfig>
serialNum	The ONT serial number.
registrationId	Not Supported. This is the registration ID when not using the ONT serial number as the ONT password. Use the value "000000".
ontId	The identification number of the ONT, relative to others on the same PON port. Valid values are "1-64".
configLock	A boolean value (true/false) that specifies the mutability of the ONT configuration. To alter the ONT configuraion, this value must be set to "false".
forcedStopMode	Enter(true)/Exit(false) the ONT "forced stop" mode. If the ONT is in the "forced stop" mode, the OLT will not attempt to communicate with or range it. The ONT will not be allowed to connect to the network.

VOIPHostConfiguration

<sipConf>	<NetworkConfiguration>
<rtpConf>	<NetworkConfiguration>
voicectrlPersonality	Defines the voice mode for all ports on the ONT (Voice Gateway or Soft Switch). This determines whether the ONT SIP ATAs (if used) will use a Tellabs Voice Gateway or a Softswitch. If using the Tellabs Configuration Server (TConfig) application to manage SIP provisioning, select Soft Switch. Valid values are "2" (Voice Gateway) and "3" (Softswitch).
deviceId	A unique name that serves as the ONT hostname. This identifies the ONT in softswitch communications. This attribute is only relevant when voicectrlPersonality is set to "Softswitch". Up to 24 ASCII characters are allowed. The value must match that provisioned on the Softswitch.
username	Defines the SIP user name used for authentication between the ONT and the Softswitch. This attribute is only relevant when voicectrlPersonality is set to "Softswitch". Up to 24 ASCII characters are allowed. The value must match that provisioned on the Softswitch.
userpasswd	Defines the SIP password used for authentication between the ONT and the Softswitch. This attribute is only relevant when voicectrlPersonality is set to "Softswitch". Up to 24 ASCII characters are allowed. The value must match that provisioned on the Softswitch.
arcMode	Enable(true)/Disable(false) the reporting of POTS alarms for the ONT.
ipAssignmentMode	Specifies how the ONT acquires an IP address for SIP messaging. Valid values are "0" (DHCP) and "1" (Static). If static assignment is selected, the IP Address must be stored in the ipaddress attribute of the <sipConf> element.

NetworkConfiguration

ipaddress	The IP Address of the ONT Analog Telephone Adaptor (ATA) to use in setting up VoIP calls.
gatewaymask	The netmask to use when communicating with the Voice Gateway. This attribute is only relevant when the voicectrlPersonality attribute in the <VOIPHostConfiguration> element is set to "Voice Gateway.
gatewayip	The IP Address of the Voice Gateway. This attribute is only relevant when the voicectrlPersonality attribute in the <VOIPHostConfiguration> element is set to "Voice Gateway".
dnsprimary	The IP Address of the primary Domain Name Server(DNS).
dnssecondary	The IP Address of the secondary Domain Name Server(DNS).
vlanid	The VLAN used for voice on the ONT SIP ATA. Valid values range from "1-4094", excluding the 10 VLANs (4000-4007, 4011, and 4012) reserved for internal use.
cfi	Deprecated.Conanonical Form Indicator for VoIP. Use the value "1"
prot802_1p	The Class of Service(COS) or Priority Code Point(PCP), used for SIP and RTP in VoIP calls. Valid values are "0-7" as defined by the 802.1P standard. The default value is "7"; the highest priority defined.

PowerSheddingConfig

pwrRestoreTimerResetInterval	Time delay (in seconds) before resetting the power shedding timers when full power to the ONT is restored. The valid range is "0-64980". The default value is "30" and the value "0" means disabled.
dataSheddingInterval	Time delay (in seconds) before shutting down data services after AC power is lost. This sheds power consumption, preserving battery life for essential services. The valid range is "0-64980". The default value is "30". The value "1" means start shedding immediately and the value "0" means never shed.
videoOverlaySheddingInterval	Time delay (in seconds) before shutting down video overlay services after AC power is lost. This sheds power consumption, preserving battery life for essential services. The valid range is "0-64980". The default value is "30". The value "1" means start shedding immediately and the value "0" means never shed.

PoEConfig

poeUsageThreshold	The PoE usage level, above which the system will emit a threshold crossing alert. This value is expressed as a percentage of Nominal PoE Power (External power less ONT base power and any losses). Any alerts will be processed but propagation depends on the value of the "arcMode" attribute.
arcMode	Enable(true)/Disable(false) reporting PoE alarms for the ONT.
externalPowerAvailable	The power available (in watts) to the ONT from the power supply. This is a configurable value and not a status. The number should be based on the expected available power given the ONT type, the power supply model, and the power source (AC, DC, local, remote, etc.).
externalBBUPowerAvailable	The power available (in watts) to the ONT from the battery backup unit (BBU), if deployed. This is a configurable value and not a status. The number should be based on the expected available power given the ONT type and the BBU model used.

RFVideoConfig

adminState	Enable(true)/Disable(false) the RF Video port on the ONT.
agcSetting	Value (in dB) of the ONT Automatic Gain Control(AGC) setting. AGC is a regulating circuit used to maintain a suitable output signal amplitude, despite input amplitude variation. The valid range is "-10" through "-10", in increments of 1.
rangeFailWaitTime	The delay (in hours) before RF Video services are disable when an ONT loses its range with the OLT. The valid range is "0 - 72", in increments of 1. The default value is "48". The value "0" disables the timer and video services are never disabled on range failure.
acFailWaitTime	The delay (in seconds) before RF Video services are disable when the ONT loses A/C power. Valid values are "0 - 1800" in increments of 30. The default value is "30". The value "0" disables the timer and video services are never disabled on A/C power loss.
acRestoreWaitTime	The delay (in seconds) before RF Video services are restarted after A/C power has been restored. Valid values are "0 - 1800" in increments of 30. The default value is "30". if set to "0" video services are immediately restored when A/C power is restored.
degradedThreshold	The minimum signal degrade value (in dBm), below which the system will generate an RF Video Signal Degrade alarm. Valid values are in the range "-5" through "-12", in increments of 0.5. The default value is "-9.5".
overloadThreshold	The maximum signal degrade value (in dBm), above which the system will generate an RF Video Signal Degrade alarm. Valid values are in the range "0" through "6", in increments of 0.5. The default value is "2.5".
arcMode	Enable(true)/Disable(false) reporting video alarms for the ONT.

Profiles

Equipment profiles store the configuration data used to define Quality of service (QoS) management for equipment in the PON network.

[+] Show More

[-] Hide

QoS involves strategies to optimize network performance by managing delay, jitter (delay variation), bandwidth, and packet loss. The QoS strategy can vary by the QoS objectives for the traffic type and the technology involved. This can result in different QoS approaches for different devices, VLANs, and traffic directions.

One QoS strategy (for Layer 2 switches) involves the mapping of Differentiated Services Code Point (DSCP) Class of Service (CoS) values (found in Layer 3 IP headers) to 802.1p priorities (stored in the Layer2 Ethernet Frame). This mapping can use various algorithms to optimize performance.

Queueing is a technique used to implement the QoS strategy. In queueing, Ethernet frames are held in queues for processing. The number and depth of the queues can be adjusted to achieve the desired QoS. This can result in seperate queue configurations for different devices, VLANs, and traffic directions.

Definition

	
			EquipmentProfileAssignment  <xs:element name="EquipmentProfileAssignment" type="ems:EquipmentProfileAssignment" /> <xs:complexType name="EquipmentProfileAssignment"> <xs:attribute name="profileName" type="xs:string" use="required" /> <xs:attribute name="profileType" type="xs:int" use="required" /> </xs:complexType>  EquipmentProfile  <xs:element name="EquipmentProfileR1" type="ems:EquipmentProfileR1" /> <xs:complexType name="EquipmentProfileR1"> <xs:sequence> <xs:element name="profileType" type="xs:int" /> <xs:element name="deviceEdgeQueue" type="ems:DeviceEdgeQueue" minOccurs="0" /> <xs:element name="dscpMap" type="ems:DSCPMapProfile" minOccurs="0" /> </xs:sequence> <xs:attribute name="profileName" type="xs:string" use="required" /> </xs:complexType>  DeviceEdgeQueue  <xs:element name="DeviceEdgeQueue" type="ems:DeviceEdgeQueue" /> <xs:complexType name="DeviceEdgeQueue"> <xs:sequence> <xs:element name="devSpecificEdgeQueueList" type="ems:DeviceSpecificEdgeQueue" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  DeviceSpecificEdgeQueue  <xs:element name="DeviceSpecificEdgeQueue" type="ems:DeviceSpecificEdgeQueue" /> <xs:complexType name="DeviceSpecificEdgeQueue"> <xs:sequence> <xs:element name="devType" type="xs:int" /> <xs:element name="tellabs7XXSFU" type="ems:Tellabs7XXSFUEdgeQueue" minOccurs="0" /> </xs:sequence> </xs:complexType>  Tellabs7XXSFUEdgeQueue  <xs:element name="Tellabs7XXSFUEdgeQueue" type="ems:Tellabs7XXSFUEdgeQueue" /> <xs:complexType name="Tellabs7XXSFUEdgeQueue"> <xs:sequence> <xs:element name="pbitToQueueMappingTable" type="ems:ValueMap" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="downStreamQueueSizeTable" type="ems:QueueSize" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="upstreamUntaggedSubscriberQueueSizeTable" type="ems:QueueSize" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="upstreamTaggedSubscriberQueueSizeTable" type="ems:QueueSize" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  DSCPMapProfile  <xs:element name="DSCPMapProfile" type="ems:DSCPMapProfile" /> <xs:complexType name="DSCPMapProfile"> <xs:sequence> <xs:element name="mapList" type="ems:DSCP_PbitMapping" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="profileNumber" type="xs:int" use="required" /> </xs:complexType>  DSCP_PbitMapping  <xs:element name="DSCP_PbitMapping" type="ems:DSCP_PbitMapping" /> <xs:complexType name="DSCP_PbitMapping"> <xs:attribute name="dscpVal" type="xs:int" use="required" /> <xs:attribute name="pbitVal" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			Example: CircuitPack for an ONT with a Profile Assignment  <ems:CircuitPackR14 locationName="ONT142R" adminState="eUNLOCKED" aid="MDS1-4-1-4"> <ems:eqpProfileAssignmentList profileType="2" profileName="tsw_dscp"/>  EquipmentProfileAssignment   <ems:supportedCardGroupType>eSG_ONT142R</ems:supportedCardGroupType> <ems:installedCardGroupType>330</ems:installedCardGroupType> <ems:sfu120Config ledHoldTime="0" rangeFailWaitTimePOTS="12" forcedStopMode="false" configLock="true" ontId="4" registrationId="000000" serialNum="IPHO005191C9"> <ems:hostConf ipAssignmentMode="0" arcMode="true" userpasswd="tellabs1" username="tellabs" deviceId="142R-ont" voicectrlPersonality="3"> <ems:sipConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> <ems:rtpConf prot802_1p="6" cfi="1" vlanid="2992" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> </ems:hostConf> <ems:powerShedding videoOverlaySheddingInterval="900" pwrRestoreTimerResetInterval="30" dataSheddingInterval="900"/> <ems:poeConfig externalBBUPowerAvailable="40" poeUsageThreshold="99" externalPowerAvailable="75" arcMode="false"/> <ems:rfCfg arcMode="false" overloadThreshold="5" degradedThreshold="-19" acRestoreWaitTime="1" acFailWaitTime="30" rangeFailWaitTime="48" agcSetting="-12" adminState="eLOCKED"/> </ems:sfu120Config> </ems:eqpProfileAssignmentList> </ems:CircuitPackR14>  EquipmentProfile  <ems:EquipmentProfileR1 profileName="tsw_dscp"> <ems:profileType>2</ems:profileType> <ems:dscpMap profileNumber="1"> <ems:mapList pbitVal="1" dscpVal="0"/> <ems:mapList pbitVal="1" dscpVal="1"/> <ems:mapList pbitVal="1" dscpVal="2"/> <ems:mapList pbitVal="1" dscpVal="3"/> <ems:mapList pbitVal="0" dscpVal="4"/> <ems:mapList pbitVal="0" dscpVal="5"/> <ems:mapList pbitVal="6" dscpVal="6"/> ... <ems:mapList pbitVal="0" dscpVal="63"/> </ems:dscpMap> </ems:EquipmentProfileR1>
		

Content and Attributes

EquipmentProfileAssignment

profileName	The name of the assigned profile.
profileType	The type of the assigned profile. Supported values are 1 = Edge Queue (defines number and depth of QoS queues) 2 = DSCP Map (DSCP to pbit mapping)

EquipmentProfile

<profileType>	The profile type. Supported values are 1 = Edge Queue (defines number and depth of QoS queues) 2 = DSCP Map (DSCP to pbit mapping)
<deviceEdgeQueue>	<DeviceEdgeQueue> ^[0-1].
<dscpMap>	<DSCPMapProfile> ^[0-1].
profileName	The unique name of the profile.

DeviceEdgeQueue

<devSpecificEdgeQueueList>	<DeviceSpecificEdgeQueue> ^[0-N].

DeviceSpecificEdgeQueue

<devType>	Set value to "1" (TELLABS_7XX_SFU)
<tellabs7XXSFU>	<Tellabs7XXSFUEdgeQueue> ^[0-1].

Tellabs7XXSFUEdgeQueue

<pbitToQueueMappingTable>	<ValueMap> list ^[0-N]. A list of pbit to queue mappings. See definition in Common Elements Dictionary section of this document.
<downStreamQueueSizeTable>	<QueueSize> list ^[0-N]. A list of queue number and queue size pairings for downstream traffic QoS. See definition in Common Elements Dictionary section of this document.
<upstreamUntaggedSubscriberQueueSizeTable>	<QueueSize> list ^[0-N].A list of queue number and queue size pairings for upstreamed untagged traffic QoS. See definition in Common Elements Dictionary section of this document.
<upstreamTaggedSubscriberQueueSizeTable>	<QueueSize> list ^[0-N].A list of queue number and queue size pairings for upstreamed tagged traffic QoS. See definition in Common Elements Dictionary section of this document.

DSCPMapProfile

<mapList>	<DSCP_PbitMapping> list ^[0-N]. See definition in Common Elements Dictionary section of this document.
profileNumber	An index to this profile.

DSCP_PbitMapping

<dscpVal>	The DSCP value that maps to a pbit value.
<pbitVal>	The pbit value that maps to a DSCP value.

PON Ports

PON port configuration, profiles and protection groups are defined by various XML elements.

The configuration for a specific PON port is defined in a <GPONConf> element. This element contains attributes that define the physical configuration of the PON port as well as the name of a <PONProfile> element that defines the ports configured behavior.

The <PONProfile>element contains a list of <ProtectionGroup> elements that define the PON Protection Groups (PPGs) in which the PON port participates.

The <ProtectionGroup> element contains, as children, a list of <ProtectionGroupMapping> elements that map the correlated ONTs in the PON Protection Group.

Definition

	
			GPONConf  <xs:element name="GPONConfR3" type="ems:GPONConfR3" /> <xs:complexType name="GPONConfR3"> <xs:sequence> <xs:element name="protectionGroups" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="userLabel" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="enableFEC" type="xs:boolean" use="required" /> <xs:attribute name="upBERFailThreshold" type="xs:int" use="required" /> <xs:attribute name="upBERMaintThreshold" type="xs:int" use="required" /> <xs:attribute name="driftWindowThreshold" type="xs:int" use="required" /> <xs:attribute name="cpeThreshold" type="xs:int" use="required" /> <xs:attribute name="passwordAutoLearn" type="xs:boolean" use="required" /> <xs:attribute name="ponReach" type="xs:int" use="required" /> <xs:attribute name="ponProfileName" type="xs:string" use="required" /> </xs:complexType>  ProtectionGroup  <xs:element name="ProtectionGroupR1" type="ems:ProtectionGroupR1" /> <xs:complexType name="ProtectionGroupR1"> <xs:sequence> <xs:element name="ontMappings" type="ems:ProtectionGroupMapping" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="grpName" type="xs:string" use="required" /> <xs:attribute name="grpType" type="xs:int" use="required" /> <xs:attribute name="secret" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="tidA" type="xs:string" use="required" /> <xs:attribute name="ipA" type="xs:string" use="required" /> <xs:attribute name="ponA" type="xs:string" use="required" /> <xs:attribute name="tidB" type="xs:string" use="required" /> <xs:attribute name="ipB" type="xs:string" use="required" /> <xs:attribute name="ponB" type="xs:string" use="required" /> <xs:attribute name="primary" type="xs:string" use="required" /> <xs:attribute name="waitToRestore" type="xs:int" use="required" /> <xs:attribute name="vid" type="xs:int" use="required" /> </xs:complexType>  ProtectionGroupMapping  <xs:element name="ProtectionGroupMapping"= type="ems:ProtectionGroupMapping" /> <xs:complexType name="ProtectionGroupMapping"=> <xs:attribute name="ontA" type="xs:int" use="required" /> <xs:attribute name="ontB" type="xs:int" use="required" /> </xs:complexType>  PONProfile  <xs:element name="PONProfileR3" type="ems:PONProfileR3" /> <xs:complexType name="PONProfileR3"> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="enableUnexpectedQuarantineAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableRangeLocking" type="xs:boolean" use="required" /> <xs:attribute name="enableAcquisitionLocking" type="xs:boolean" use="required" /> <xs:attribute name="enableAutoAssignment" type="xs:boolean" use="required" /> <xs:attribute name="enableRoamingLock" type="xs:boolean" use="required" /> <xs:attribute name="autoAssignmentMinONTId" type="xs:int" use="required" /> <xs:attribute name="autoAssignmentMaxONTId" type="xs:int" use="required" /> <xs:attribute name="enableFEC" type="xs:boolean" use="required" /> <xs:attribute name="upBERFailThreshold" type="xs:int" use="required" /> <xs:attribute name="upBERMaintThreshold" type="xs:int" use="required" /> <xs:attribute name="ponReach" type="xs:int" use="required" /> <xs:attribute name="enableAutoConversion" type="xs:boolean" use="required" /> <xs:attribute name="enablePathProtection" type="xs:boolean" use="required" /> <xs:attribute name="enableAutoDisable" type="xs:boolean" use="required" /> <xs:attribute name="enableExcessiveArrivalViolation" type="xs:boolean" use="required" /> <xs:attribute name="upstreamCIRThreshold" type="xs:int" use="required" /> <xs:attribute name="upstreamEIRThreshold" type="xs:int" use="required" /> <xs:attribute name="downstreamCIRThreshold" type="xs:int" use="required" /> <xs:attribute name="downstreamEIRThreshold" type="xs:int" use="required" /> <xs:attribute name="integrationPeriod" type="xs:int" use="required" /> <xs:attribute name="periodsToMonitor" type="xs:int" use="required" /> <xs:attribute name="enableUpstreamCIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableDownstreamCIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableUpstreamEIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableDownstreamEIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="ponType" type="xs:int" use="required" /> </xs:complexType>
		

PON Profile

A PON Profile contains the configuration data for a PON port. This configuration is used to customize PON port characteristics and desired behavior under operating conditions. A PON Profile is global, within the scope of the Panorama PON management system, and can be assigned to PON ports on any managed OLT.

A PON Profile is defined by the <PONProfile> XML element. The list, of all <PONProfile> elements is stored in a reference contained by the <RestoreFile> root node.

Definition

	
			PONProfile  <xs:element name="PONProfileR3" type="ems:PONProfileR3" /> <xs:complexType name="PONProfileR3"> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="enableUnexpectedQuarantineAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableRangeLocking" type="xs:boolean" use="required" /> <xs:attribute name="enableAcquisitionLocking" type="xs:boolean" use="required" /> <xs:attribute name="enableAutoAssignment" type="xs:boolean" use="required" /> <xs:attribute name="enableRoamingLock" type="xs:boolean" use="required" /> <xs:attribute name="autoAssignmentMinONTId" type="xs:int" use="required" /> <xs:attribute name="autoAssignmentMaxONTId" type="xs:int" use="required" /> <xs:attribute name="enableFEC" type="xs:boolean" use="required" /> <xs:attribute name="upBERFailThreshold" type="xs:int" use="required" /> <xs:attribute name="upBERMaintThreshold" type="xs:int" use="required" /> <xs:attribute name="ponReach" type="xs:int" use="required" /> <xs:attribute name="enableAutoConversion" type="xs:boolean" use="required" /> <xs:attribute name="enablePathProtection" type="xs:boolean" use="required" /> <xs:attribute name="enableAutoDisable" type="xs:boolean" use="required" /> <xs:attribute name="enableExcessiveArrivalViolation" type="xs:boolean" use="required" /> <xs:attribute name="upstreamCIRThreshold" type="xs:int" use="required" /> <xs:attribute name="upstreamEIRThreshold" type="xs:int" use="required" /> <xs:attribute name="downstreamCIRThreshold" type="xs:int" use="required" /> <xs:attribute name="downstreamEIRThreshold" type="xs:int" use="required" /> <xs:attribute name="integrationPeriod" type="xs:int" use="required" /> <xs:attribute name="periodsToMonitor" type="xs:int" use="required" /> <xs:attribute name="enableUpstreamCIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableDownstreamCIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableUpstreamEIRAlarm" type="xs:boolean" use="required" /> <xs:attribute name="enableDownstreamEIRAlarm"= type="xs:boolean" use="required" /> <xs:attribute name="ponType"= type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:PONProfileR3 name="Standard" enableUnexpectedQuarantineAlarm="false" enableRangeLocking="false" enableAcquisitionLocking="false" enableAutoAssignment="false" enableRoamingLock="false" autoAssignmentMinONTId="0" autoAssignmentMaxONTId="0" enableFEC="false" upBERFailThreshold="-4" upBERMaintThreshold="-6" ponReach="1" enableAutoConversion="true" enablePathProtection="true" enableAutoDisable="false" enableExcessiveArrivalViolation="true" upstreamCIRThreshold="90" upstreamEIRThreshold="90" downstreamCIRThreshold="90" downstreamEIRThreshold="90" integrationPeriod="1" periodsToMonitor="3" enableUpstreamCIRAlarm="true" enableDownstreamCIRAlarm="true" enableUpstreamEIRAlarm="true" enableDownstreamEIRAlarm="true" ponType="1" />
		

Content and Attributes

PONProfile

name	The name of the profile.
enableUnexpectedQuarantineAlarm	Enable(true)/Disable(false) ONT quarantine alarms. ONTs might be quarantined if Auto Disable (enableAutoDisable) is disabled and: - Range Locking (enableRangeLocking) is enabled and the round trip delay drifts outside the window - Excessive Arrival Violation (enableExcessiveArrivalViolation) is enabled and excess arrivals are detected
enableRangeLocking	Enable(true)/Disable(false) ONT range locking. Range locking uses round trip times to establish a relative distance measurment for the ONT. It also determines an acceptable round trip window for ONT messages. If round trip times drift outside of this window, alarms and quarantine can be triggered.
enableAcquisitionLocking	Enable(true)/Disable(false) discovery of unexpected ONTs.
enableAutoAssignment	Enable(true)/Disable(false) auto assignment of ONT IDs for unexpected ONTs. ONTs are considered unexpected if detected but not configured on a PON port. If auto assignment is enabled, unexpected ONTs are assigned the next available ID between the configured minimum (autoAssignmentMinONTId) and maximum (autoAssignmentMaxONTId).
enableRoamingLock	Deprecated. Use the value "false".
autoAssignmentMinONTId	The minimum ONT ID that can be assigned to an unexpected ONT. ONTs are considered unexpected if detected but not configured on a PON port, This value is used when ONT Auto Assignment (enableAutoAssignment) is enabled. Valid values are 1-32 and must be less than the maximum ONT ID (autoAssignmentMaxONTId)
autoAssignmentMaxONTId	The maximum ONT ID that can be assigned to an unexpeced ONT. ONTs are considered unexpected if detected but not configured on a PON port. This value is used when ONT Auto Assignment (enableAutoAssignment) is enabled. Valid values are 1-32 and must be greater than the minimum ONT ID (autoAssignmentMinONTId)
enableFEC	Enable(true)/Disable(false) Forward Error Correction (FEC) on the PON. FEC is used to control data transmission errors over unreliable or noisy communication channels. Typically this adds 3 dB to the PON SNR, but lowers the data rate about 12% due to overhead.
upBERFailThreshold	The upstream Bit Error Rate (BER) at which the link is declared failed. The bit error rate (BER) is the percentage of bits that have errors relative to the total number of bits received in a transmission. The threshold is expressed as ten to a negative power.
upBERMaintThreshold	The upstream Bit Error Rate (BER) at which the link is declared in need of maintenance. The bit error rate (BER) is the percentage of bits that have errors relative to the total number of bits received in a transmission. The threshold is expressed as ten to a negative power.
ponReach	The maximum distance an ONT, connected to this PON port, can be physically seperated from the OLT. Valid values are: "0" (30Km) and "1" (20km).
enableAutoConversion	Enable(true)/Disable(false) auto conversion of mismatched ONTs. An ONT is considered mismatched if it has been configured on the PON, but the detected type does not match the configured type. If auto conversion is enabled, the system will attempt to convert the ONT configuration to conform with the detected type. If disabled, no conversion is attempted, the ONT is placed in the unexped list, and an ONT mismatch alarm is raised.
enablePathProtection	Enable(true)/Disable(false) path protection in PPG failover behavior. If enabled and the PON participates in a protection group, PON port isolation will force a failover to the alternative (Primary/Protect) PON port.
enableAutoDisable	Enable(true)/Disable(false) automatic disabling of ONTs when triggered by configurable fault conditions.
enableExcessiveArrivalViolation	Enable(true)/Disable(false) violation alarms for ONTs with excess arrival rates. If Auto Disable (enableAutoDisable) is enabled, the ONT will be disabled when excess arrivals are detected.
upstreamCIRThreshold	Rate (in percentage) of committed upstream bandwidth, used to monitor for threshhold violations.
upstreamEIRThreshold	Rate (in percentage) of excess upstream bandwidth used to monitor for threshhold violations. Excess bandwidth is total bandwidth less committed bandwidth.
downstreamCIRThreshold	Rate (in percentage) of committed downstream bandwidth, used to monitor for threshhold violations.
downstreamEIRThreshold	Rate (in percentage) of excess downstream bandwidth, used to monitor for threshhold violations. Excess bandwidth is total bandwidth less committed bandwidth.
integrationPeriod	Time period (in minutes) used in TCA integration.
periodsToMonitor	Number of time periods used in TCA integration.
enableUpstreamCIRAlarm	Enable(true)/Disable(false) upstream Committed Information Rate (CIR) threshold alarms.
enableDownstreamCIRAlarm	Enable(true)/Disable(false) downstream Committed Information Rate (CIR) threshold alarms.
enableUpstreamEIRAlarm	Enable(true)/Disable(false) upstream Excess Information Rate (EIR) threshold alarms.
enableDownstreamEIRAlarm	Enable(true)/Disable(false) downstream Excess Information Rate (EIR) threshold alarms.
ponType	The configured type of the PON port. Valid Values are: 1 (GPON) and 3 (XGS-PON)

PON Port

A PON port is defined by the <GPONConf> XML element. The list of all <GPONConf> elements is stored in a reference contained by the <RestoreFile> root node.

Definition

GPONConf <xs:element name="GPONConfR3" type="ems:GPONConfR3" /> <xs:complexType name="GPONConfR3"> <xs:sequence> <xs:element name="protectionGroups" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="userLabel" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="enableFEC" type="xs:boolean" use="required" /> <xs:attribute name="upBERFailThreshold" type="xs:int" use="required" /> <xs:attribute name="upBERMaintThreshold" type="xs:int" use="required" /> <xs:attribute name="driftWindowThreshold" type="xs:int" use="required" /> <xs:attribute name="cpeThreshold" type="xs:int" use="required" /> <xs:attribute name="passwordAutoLearn" type="xs:boolean" use="required" /> <xs:attribute name="ponReach" type="xs:int" use="required" /> <xs:attribute name="ponProfileName" type="xs:string" use="required" /> </xs:complexType>

Example

	
			<ems:GPONConfR3 aid="MDS1-2-2" userLabel="" adminState="eUNLOCKED" enableFEC="true" upBERFailThreshold="-4" upBERMaintThreshold="-6" driftWindowThreshold="3" cpeThreshold="3" passwordAutoLearn="false" ponReach="1" ponProfileName="StandardXGSPON" > <ems:protectionGroups>PPG_OT1_2-2_TO_OT2_2-2</ems:protectionGroups> ... </ems:GPONConfR3>
		

Content and Attributes

GPONConf

<protectionGroups>	A list ^[0-N] of strings that specify the names of <ProtectionGroup> elements, in which the PON port participates.
aid	Access Identifier of the PON port. This is a string with the format: MDS1-<slot>-<port> where: slot = the physical slot, in the OLT chasis, where the PON card is installed port = the id of the PON port locatation on the PON card
userLabel	User defined string that provides an descriptive label for the PON port.
adminState	See definition in the Simple Types Dictionary sectin of this document.
enableFEC	Enable(true)/Disable(false) forward error correction for the PON port.
upBERFailThreshold	The upstream traffic Bit Error Rate (BER) above which the PON port is considered to be failed. The bit error rate (BER) is the percentage of bits that have errors relative to the total number of bits received in a transmission. The threshold is expressed as ten to a negative power.
upBERMaintThreshold	The upstream traffic Bit Error Rate (BER) above which the PON port is considered to be degraded. The bit error rate (BER) is the percentage of bits that have errors relative to the total number of bits received in a transmission. The threshold is expressed as ten to a negative power.
driftWindowThreshold	Specifies the tolerance to round trip packet delay. When an ONT is ranged, a drift window is calculated based on packet round-trip times. The threshold is a measure of the tolerance to the number of packets that fall outside of this window. If the drift exceeds the threshold for an ONT, re-ranging is required.
cpeThreshold	Specifies the number of consecutive drift corrections of can occur for an ONT before an alarm is raised. The default value is 3 and should not be modified.
passwordAutoLearn	Enable(true)/Disable(false) using the ONT serial number as the ONT password. This default value is enabled (true) and should not be changed. If set to disabled (false), the registration ID is used as the ONT password. This is currently unsupported.
ponReach	The maximum distance an ONT, connected to this PON port, can be physically seperated from the OLT. Valid values are: 0 (30km) and 1 (20km).
ponProfileName	The name of the PON profile assigned to this PON port.

Protection Group

A PON Protection Group (PPG) is an instance of Type B PON protection implemented by the OLT. A PPG provides redundancy to protect against PON port failure or unexpected isolation.

A PPG is defined by the <ProtectionGroup> element. This element specifies the primary and protect PON ports and the values for all configurable options for the PPG. It contains as children, a list of <ProtectionGroupMapping> elements.

The <ProtectionGroupMapping> element maps an ONT number on the primary PON to the correlated ONT number on the protect PON.

Definition

ProtectionGroup <xs:element name="ProtectionGroupR1" type="ems:ProtectionGroupR1" /> <xs:complexType name="ProtectionGroupR1"> <xs:sequence> <xs:element name="ontMappings" type="ems:ProtectionGroupMapping" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="grpName" type="xs:string" use="required" /> <xs:attribute name="grpType" type="xs:int" use="required" /> <xs:attribute name="secret" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="tidA" type="xs:string" use="required" /> <xs:attribute name="ipA" type="xs:string" use="required" /> <xs:attribute name="ponA" type="xs:string" use="required" /> <xs:attribute name="tidB" type="xs:string" use="required" /> <xs:attribute name="ipB" type="xs:string" use="required" /> <xs:attribute name="ponB" type="xs:string" use="required" /> <xs:attribute name="primary" type="xs:string" use="required" /> <xs:attribute name="waitToRestore" type="xs:int" use="required" /> <xs:attribute name="vid" type="xs:int" use="required" /> </xs:complexType> ProtectionGroupMapping <xs:element name="ProtectionGroupMapping" type="ems:ProtectionGroupMapping" /> <xs:complexType name="ProtectionGroupMapping"> <xs:attribute name="ontA" type="xs:int" use="required" /> <xs:attribute name="ontB" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:ProtectionGroupR1 grpName="PPG_OT1_1-1_TO_OT2_1-1" grpType="2" secret="" adminState="eUNLOCKED" tidA="corp-bldg1-olt1" ipA="172.10.1.101" ponA="MDS1-1-1" tidB="corp-bldg1-olt2" ipB="172.10.1.102" ponB="MDS1-1-1" primary="A" waitToRestore="60" vid="100" > <ems:ontMappings ontA="1" ontB="1" /> <ems:ontMappings ontA="2" ontB="2" /> <ems:ontMappings ontA="3" ontB="3" /> ... </ems:ProtectionGroupR1>
		

Content and Attributes

ProtectionGroup

<ontMappings>	<ProtectionGroupMapping> list ^[0-N]
grpName	Name of the protection group. User defined string that uniquely identifies the PPG for an OLT.
grpType	The type of PON protection (A-D) provided by the group based on ITU-T standards. The value used should be two (2), which equates to PON Protection Type B.
secret	Secret used for encryption of messages between PPGs located on seperate systems.
adminState	See definition in the Simple Types Dictionarysection of this document.
tidA	The Target Identifier (TID) of the OLT on which PON port A (ponA) is located. The TID is a string that uiquely identifies the OLT.
ipA	The IP Address of the OLT on which PON port A (ponA) is located.
ponA	The PON port Access Identifier (AID) of one of the participants in a PPG. The PON port specifier will fill the role (Primary or Protect), determined by the primary atribute in the <ProtectionGroup> element. A valid PON port AID has the format: *MDS1-<slot>-<port>* where: <slot> = The slot number, of the OLT chassis, where the PON card is installed. <port> = The number of the PON port on the PON card.
tidB	The Target Identifier (TID) of the OLT on which PON port B (ponB) is located. The TID is a string that uiquely identifies the OLT.
ipB	The IP Address of the OLT on which PON port B (ponB) is located.
ponB	The PON port Access Identifier (AID) of one of the participants in a PPG. The PON port specifier will fill the role (Primary or Protect), determined by the primary atribute in the <ProtectionGroup> element. A valid PON port AID has the format: *MDS1-<slot>-<port>* where: <slot> = The slot number, of the OLT chassis, where the PON card is installed. <port> = The number of the PON port on the PON card.
primary	Defines the roles of each PON port in this protection group. Valid values are A or B. If A is selected, PON port A (ponA) will act as the primary PON while PON port B (ponB) will serve as the protect PON.
waitToRestore	When the protect PON in a PPG has taken over as master, the primary PON can return to active management on recovery. This is the delay (in seconds) between primary PON port recovery and restoration to master status. This value is only valid for PON ports located on QOIU7 PON cards. For all other cards, fail over is non-revertive. The default value is 60 seconds.
vid	The Sync Channel VLAN. This VLAN is used for messaging used to keep configuration and status syncronized between the participants in a PON Protection Group (PPG). This synchronization allows for non-service-affecting failover and reversion. Valid values are any VLAN provisioned on at least one ethernet port subtending from the PON ports in the PPG.

ProtectionGroupMapping

ontA	The number of an ONT on PON port A. This ONT is mapped to ontB in this element, which is an ONT on PON port B. Valid values are 1-32 for GPON protection groups and 1-64 for XGPON protection groups.
ontB	The number of an ONT on PON port B. This ONT is mapped to ontA in this element, which is an ONT on PON port A. Valid values are 1-32 for GPON protection groups and 1-64 for XGPON protection groups.

Ethernet Subscriber Lines

An Ethernet Subscriber Line is an Ethernet port, subtending from the OLT, where devices are connected to gain access to the network. All configuration data for an Ethernet Subscriber Line is contained in the <ESLLine> XML element. This element contains various Ethernet port profiles as child elements. Each Ethernet port profile stores the configuration data for a specific facet of the port. There is a seperate element for each Ethernet port in the LAN. The list of all <ESLLine> elements is contained by reference in the root node.

The following Ethernet port profiles are used to store the configuration data for an Ethernet port:

ESL Profile - configuration of the physical layer of a port.
PoE Profile - configuration of the Power-over-Ethernet options of a port.
ACL Profile - Access Control Lists to be applied to a port.
Service Profile - Ethernet services that can be provided by a port.
NAC Profile - configuration of access and policy requirements for devices connected to a port.
PAE Profile - configuration of authorization procedures for devices connected to a port.
RSTP Profile - configuration of spanning tree participation and options for a port.
LLDP Profile - configuration of the Link Layer Discovery Protocol options for a port.

ESL Line

An ESL Line stores all configuration data for an ethernet port. It is defined by the <ESLLine> XML element. This element contains various Ethernet port profiles as child elements. Each Ethernet port profile stores the configuration data for a specific facet of the port. There is a seperate <ESLLine> element for each Ethernet port in the LAN. The list of all <ESLLine> elements is contained by reference in the root node.

Definition

ESLLine <xs:element name="ESLLineR5" type="ems:ESLLineR5" /> <xs:complexType name="ESLLineR5"> The greyed out elements are deprecated <xs:sequence> <xs:element name="authConfig" type="ems:PAEAuthConfigR1" /> </xs:sequence> <xs:attribute name="poePortType" type="xs:string" use="required" /> <xs:attribute name="nacProfileName" type="xs:string" use="required" /> <xs:attribute name="lldpProfileName" type="xs:string" use="required" /> <xs:attribute name="rstpProfileName" type="xs:string" use="required" /> <xs:attribute name="paeProfileName" type="xs:string" use="required" /> <xs:attribute name="bridgeProfileName" type="xs:string" use="required" /> <xs:attribute name="poeProfileName" type="xs:string" use="required" /> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="userLabel" type="xs:string" use="required" /> <xs:attribute name="lldpMedLocation" type="xs:string" use="required" /> <xs:attribute name="dot1PortNumber" type="xs:int" use="required" /> <xs:attribute name="profileName" type="xs:string" use="required" /> </xs:complexType>

Example

	
			<ems:ESLLineR5 poePortType="default" nacProfileName="CISCO_AP_XG_V100" lldpProfilename="WAP" rstpProfilename="default" paeProfileName="PAE_Disabled" bridgeProfilename="default" poeProfileName="PoE_Enabled" aid="ETH1-1-1-5-5" adminState="eUNLOCKED" userLabel="WAP-26-BF-F5" lldpMedLocation="" dot1PortNumber="285" profileName="WAP_Gen_2500M" />
		

Content and Attributes

ESLLine

poePortType	... Steve Jenkins ...
nacProfileName	The name of the NAC Profile (<NACProfile>) assigned to the port.
lldpProfileName	The name of the LLDP Profile (<LLDPProfile>) assigned to the port.
rstpProfileName	The name of the RSTP Profile (<RSTPProfile>) assigned to the port.
paeProfileName	The name of the PAE Profile (<PAEProfile>) assigned to the port.
bridgeProfileName	*Deprecated.* Use the value "Default"
poeProfileName	The name of the PoE Profile (<PoEProfile>) assigned to the port.
aid	Access Identifier of the Ethernet port. This is a string with the format, ETH1-<slot>-<pon>-<ont>-<port> where: slot = the physical slot, in the chasis, where the PON card is installed pon = the id of the PON port on the PON card ont = the number of the ONT on the PON port port = the number of the ethernet port on the ONT
adminState	See definition in the Simple Types Dictionary section of this document.
userLabel	User defined string that provides a meaningful name or description for the port.
lldpMedLocation	... Steve Jenkins ...
dot1PortNumber	iFIndex? - Steve Jenkins
profileName	The name of the Ethernet Port Profile (<ESLProfile>) assigned to the port.

ESL Profile

An ESL Profile contains the configuration data for an Ethernet port. This configuration is used to customize port characteristics and desired behavior under operating conditions. An Ethernet Port Profile is global, within the scope of the Panorama PON management system, and can be assigned to any Ethernet port on any managed OLT.

An ESL Profile is defined by the <ESLProfile> XML element. It stores configuration data for the physical attributes (speed, hold time, MDIX, max rate and burst size, control frames, etc.) for an ethernet port. The profile also controls access violations and Dynamic ARP Inspection (DAI) behavior for the port.

The list, of all <ESLProfile> elements is stored in a reference contained by the <RestoreFile> root node.

Definition

ESLProfile <xs:element name="ESLProfileR6" type="ems:ESLProfileR6" /> <xs:complexType name="ESLProfileR6"> <xs:attribute name="profileName" type="xs:string" use="required" /> <xs:attribute name="lineSpeed" type="ems:LineSpeedR1" use="required" /> <xs:attribute name="autoMdixMode" type="ems:AutoMdixMode" use="required" /> <xs:attribute name="maxRxRate" type="xs:int" use="required" /> <xs:attribute name="maxRxBurstSize" type="xs:int" use="required" /> <xs:attribute name="maxTxRate" type="xs:int" use="required" /> <xs:attribute name="maxTxBurstSize" type="xs:int" use="required" /> <xs:attribute name="enablePauseControlRx" type="xs:boolean" use="required" /> <xs:attribute name="enablePauseControlTx" type="xs:boolean" use="required" /> <xs:attribute name="maxMACS" type="xs:int" use="required" /> <xs:attribute name="linkTrapNotification" type="xs:int" use="required" /> <xs:attribute name="enableLinkFlapViolation" type="xs:boolean" use="required" /> <xs:attribute name="enableLoopbackViolation" type="xs:boolean" use="required" /> <xs:attribute name="enableMaxMacViolation" type="xs:boolean" use="required" /> <xs:attribute name="phyHoldTime" type="xs:int" use="required" /> <xs:attribute name="daiTrustState" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:ESLProfileR6 profileName="Facilities_Gen" lineSpeed="eAUTODETECT_1000" autoMdixMode="eENABLED" maxRxRate="0" maxRxBurstSize="0" maxTxRate="0" maxTxBurstSize="0" enablePauseControlRx="true" enablePauseControlTx="true" maxMACS="16" linkTrapNotification="2" enableLinkFlapViolation="true" enableLoopbackViolation="true" enableMaxMacViolation="true" phyHoldTime="5" daiTrustState="1" />
		

Content and Attributes

ESLProfile

profileName	Globally unique name of the profile.
lineSpeed	The data rate of the physical link. See definition in the Simple Types Dictionary section of this document.
autoMdixMode	See definition in the Simple Types Dictionary section of this document.
maxRxRate	The downstream Committed Information Rate (CIR), in Kbps. Valid values are multiples of 64 Kbps. If set to 0, there is no rate limit.
maxRxBurstSize	The downstream maximum burst size in bytes. If set to 0, there is no burst size limit
maxTxRate	The upstream Committed Information Rate (CIR), in Kbps. If set to 0, there is no rate limit.
maxTxBurstSize	The upstream maximum burst size in bytes. If set to 0, there is no burst size limit
enablePauseControlRx	Enable(true)/Disable(false) the use of pause control frames on recieve.
enablePauseControlTx	Enable(true)/Disable(false) the use of pause control frames on transmit.
maxMACS	Maximum number of concurrently learned MACs allowed on the port. This value can be over-ridden by the Ethernet port's configuration if its value is lower than specified here.
linkTrapNotification	Defines how Link LOS events are handled. Valid values are: 0 (Disable) - Disable processing Link LOS events. No trap is sent. 1 (IfMib) - Enable processing Link LOS events. Traps are sent using the standard defined in the GPON IfMib which requires an SNMP client to query for additional details. 2 (Generic) - Enable processing Link LOS events. Traps are sent using a generic trap where the SNMP client is not required to query the MIB for additional details.
enableLinkFlapViolation	Enable(true)/Disable(false) event handling for link flap violations detected on the port. The action taken depends on settings in the NAC Profile assigned to the port.
enableLoopbackViolation	Enable(true)/Disable(false) event handling for loopback violations detected on the port. The action taken depends on settings in the NAC Profile assigned to the port.
enableMaxMacViolation	Enable(true)/Disable(false) event handling for Max MAC violations detected on the port. The action taken depends on settings in the NAC Profile assigned to the port.
phyHoldTime	The amount of time (in seconds), after link LOS, that Phy Link status is maintained. If the link is not restored within the time specified, the Ethernet PHY is forced link-down. Special values are 0 (immediate) and -1 (never). The default value is 5 seconds.
daiTrustState	If DAI is enabled, a trust state is associated with each port in the system. Packets arriving on untrusted ports are validated by DAI. DAI validation is skipped for trusted ports. Valid values are:0 (Trusted) and 1 (Untrusted)

PoE Profile

A PoE profile is a profile used to configure the power over ethernet behavior of an ethernet port on the LAN. It is defined by the <PoEProfile> XML element. This is a global profile within the scope of the Panorama PON management system. The list of all <PoEProfile> elements is stored in the reference contained by the <RestoreFile> root node.

Definition

PoEProfile <xs:element name="PoEProfileR2" type="ems:PoEProfileR2" /> <xs:complexType name="PoEProfileR2"> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="poePortAdminEnable" type="ems:AdminState" use="required" /> <xs:attribute name="poePortPowerPairs" type="xs:int" use="required" /> <xs:attribute name="poePortPowerPriority" type="xs:int" use="required" /> <xs:attribute name="poeHoldTime" type="xs:int" use="required" /> <xs:attribute name="poePowerOverride" type="xs:int" use="required" /> </xs:complexType>

Example

	
			<ems:PoEProfileR2 name="default" poePortAdminEnable="eUNLOCKED" poePortPowerPairs="1" poePortPowerPriority="1" poeHoldTime="5" poePowerOverride="0" />
		

Content and Attributes

POEProfile

name	Globally unique name of the profile.
poePortAdminEnable	See definition in the Simple Types Dictionary section of this document.
poePortPowerPairs	The power pairs used to provide PoE. Valid values are 1 (Alternative A) and 2 (Alternative B).
poePortPowerPriority	The priority of the port when PoE shedding is necessary. Valid values, in increasing priority, are 1 (Low), 2 (High) and 3 (Critical)
poeHoldTime	The duration (in seconds) during which PoE continues to be supplied to the port when a link LOS occurs. A value of 0, means immediate, while -1 means never stop supplying PoE.
poePowerOverride	Allows the port to override the PoE specified by the physical handshake or LLDP negotiation with the powered device (PD). The value is the number of watts of PoE to provide. A value of 0, indicates no override should occur.

ACL Profile

An ACL profile is used to define the Access Contol List (ACL) used to control the traffic allowed on an ethernet port. It is defined by the <ACLProfile> XML element. This is a global profile within the scope of the Panorama PON management system. The list of all <ACLProfile> elements is stored in a reference contained by the <RestoreFile> root node.

An <ACLProfile> XML element contains a sequence of <ACLFilter> XML elements. An <ACLFilter> element defines a rule inside the access control list. Each rule defines the criteria used to evaluated a packet to make an accept/deny decision. The filters are evaluated in order, based on the filter priority. If any filter evaluates to deny, the evaluation is teminated and the packet is dropped. If no filter evaluates to deny, the action taken is determined by the default behavior of the VLAN's ACL mode. Depending on the filter type, the <ACLFilter> element may contain child elements that define source and destination MAC/IP addresses to use in the packet evaluation.

Definition

	
			ACLProfile  <xs:element name="ACLProfile" type="ems:ACLProfile" /> <xs:complexType name="ACLProfile"> <xs:sequence> <xs:element name="filterList" type="ems:ACLFilterR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="enableMergedMAC" type="xs:boolean" use="required" /> <xs:attribute name="enableMergedIP" type="xs:boolean" use="required" /> <xs:attribute name="enableMergedVID" type="xs:boolean" use="required" /> </xs:complexType>  ACLFilter  <xs:element name="ACLFilterR1" type="ems:ACLFilterR1" /> <xs:complexType name="ACLFilterR1"> <xs:sequence> <xs:element name="sourceMACAddrList" type="ems:ACLSourceMACAddrIPInfoR1" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="destinationIPv4List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="destinationIPv6List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="destinationMacList" type="ems:ACLMacAddrInfo" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="filterName" type="xs:string" use="required" /> <xs:attribute name="vlanId" type="xs:int" use="required" /> <xs:attribute name="filterPriority" type="xs:int" use="required" /> <xs:attribute name="maxMACAddr" type="xs:int" use="required" /> <xs:attribute name="ipProtocol" type="xs:int" use="required" /> <xs:attribute name="ethertype" type="xs:int" use="required" /> <xs:attribute name="ipTTL" type="xs:int" use="required" /> <xs:attribute name="ipDSCP" type="xs:int" use="required" /> <xs:attribute name="newDSCP" type="xs:int" use="required" /> <xs:attribute name="tos" type="xs:int" use="required" /> <xs:attribute name="l4SourcePort" type="xs:int" use="required" /> <xs:attribute name="l4SourcePortRangeLower" type="xs:int" use="required" /> <xs:attribute name="l4SourcePortRangeUpper" type="xs:int" use="required" /> <xs:attribute name="l4DestPort" type="xs:int" use="required" /> <xs:attribute name="l4DestPortRangeLower" type="xs:int" use="required" /> <xs:attribute name="l4DestPortRangeUpper" type="xs:int" use="required" /> <xs:attribute name="ipv4Flags_mf" type="xs:int" use="required" /> <xs:attribute name="ipv4Flags_df" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_urg" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_ack" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_psh" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_rst" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_syn" type="xs:int" use="required" /> <xs:attribute name="tcpFlags_fin" type="xs:int" use="required" /> <xs:attribute name="isFloodable" type="xs:boolean" use="required" /> <xs:attribute name="pbit" type="xs:int" use="required" /> <xs:attribute name="action" type="xs:int" use="required" /> <xs:attribute name="committedInfoRate" type="xs:int" use="required" /> <xs:attribute name="committedBurstSize" type="xs:int" use="required" /> <xs:attribute name="peakInfoRate" type="xs:int" use="required" /> <xs:attribute name="peakBurstSize" type="xs:int" use="required" /> </xs:complexType>  ACLSourceMACAddrIPInfo  <xs:element name="ACLSourceMACAddrIPInfoR1" type="ems:ACLSourceMACAddrIPInfoR1" /> <xs:complexType name="ACLSourceMACAddrIPInfoR1"> <xs:sequence> <xs:element name="sourceIPv6List" type="ems:ACLIpAddrInfo" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="sourceIPv4List" type="ems:ACLSourceIPv4" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="srcMACAddress" type="xs:string" use="required" /> <xs:attribute name="macMaskBits" type="xs:int" use="required" /> <xs:attribute name="srcMACAddrAuthorized" type="xs:boolean" use="required" /> <xs:attribute name="maxIPAddr" type="xs:int" use="required" /> </xs:complexType>  ACLIpAddrInfo  <xs:element name="ACLIpAddrInfo" type="ems:ACLIpAddrInfo" /> <xs:complexType name="ACLIpAddrInfo"> <xs:attribute name="ipAddress" type="xs:string" use="required" /> <xs:attribute name="maskNumBits" type="xs:int" use="required" /> </xs:complexType>  ACLMacAddrInfo  <xs:element name="ACLMacAddrInfo" type="ems:ACLMacAddrInfo" /> <xs:complexType name="ACLMacAddrInfo"> <xs:attribute name="macAddress" type="xs:string" use="required" /> <xs:attribute name="macMaskBits" type="xs:int" use="required" /> </xs:complexType>  ACLSourceIP  <xs:element name="ACLSourceIPv4" type="ems:ACLSourceIPv4" /> <xs:complexType name="ACLSourceIPv4"> <xs:attribute name="srcIPv4Address" type="xs:string" use="required" /> <xs:attribute name="srcMaskNumBits" type="xs:int" use="required" /> <xs:attribute name="leasedIpAddress" type="xs:boolean" use="required" /> </xs:complexType>
		

Example

	
			<ems:ACLProfile name="BYPASS_UNLIMITED_MACS">enableMergedMAC="false" enableMergedIP="false" enableMergedVID="false" <ems:filterList filterName="BYPASS_UNLIMITED_MACS" vlanId="0" filterPriority="1" maxMACAddr="32" ipProtocol="-1" ethertype="1286" ipTTL="-1" ipDSCP="-1" newDSCP="-1" tos="-1" l4SourcePort="-1" l4SourcePortRangeLower="-1" l4SourcePortRangeUpper="-1" l4DestPort="-1" l4DestPortRangeLower="-1" l4DestPortRangeUpper="-1" ipv4Flags_mf="2" ipv4Flags_df="2" tcpFlags_urg="2" tcpFlags_ack="2" tcpFlags_psh="2" tcpFlags_rst="2" tcpFlags_syn="2" tcpFlags_fin="2" isFloodable="false" pbit="-1" action="0" committedInfoRate="10240" committedBurstSize="0" peakInfoRate="0" peakBurstSize="0" > <ems:sourceMACAddrList srcMACAddress="" macMaskBits="48" srcMACAddrAuthorized="false" maxIPAddr="0" /> </ems:filterList> </ems:ACLProfile>
		

Content and Attributes

ACLProfile

<filterList>	<ACLFilter> list ^[0-N]
name	The name of the ACL Profile.
enableMergedMAC	Enable(true)/Disable(false) auto-provisioning of static MACs into an acl profile.
enableMergedIP	Enable(true)/Disable(false) auto-provisioning of static IPs into an acl profile.
enableMergedVID	Enable(true)/Disable(false) auto-provisioning of static VLANs into an acl profile.

ACLFilter

<sourceMACAddrList>	<ACLSourceMACAddrIPInfo> list ^[1-N]
<destinationIPv4List>	<ACLIpAddrInfo> list ^[0-N]
<destinationIPv6List>	<ACLIpAddrInfo> list ^[0-N]
<destinationMacList>	<ACLMacAddrInfo> list ^[0-N]
filterName	Name of the filter. The name is unique within the filter set.
vlanId	The VLAN the filter is applied to. The filter will be used for packets only on this VLAN. A value of zero (0) indicates the filter is VLAN agnostic.
filterPriority	Specifies the priority of the filter within the set of up to 8 filters per profile. Valid priorities are 1-8 where: priority 1 is the highest priority and 8 is the lowest priority. The filters are evaluated in order, based on this priority.
maxMACAddr	The maximum MAC addresses criteria of the filter. The maximum value is 8 and -1 indicates no maximum is specified.
ipProtocol	The IANA assigned Internet Protocol Number criteria of the filter. This value is only relevant for Extended ACLs. Valid values are any valid IANA IP protocol number. The filter specifically allows for: 1 (ICMP), 6 (TCP), 17 (UDP). Other valid values are document on the IANA Protocol Numbers website. The value -1 indicates protocol is ignored in match decisions.
ethertype	The IANA assigned Ethertype criteria of the filter. Valid values are any valid IANA Ethertype number in decimal notation. The values: 2048 (IPv4) and 2054 (ARP) are valid values for both Basic and Extended ACLs. All other ethertypes are valid only for Extended ACLs. Valid Ethertype numbers are documented on the IANA IEEE 802 Numbers website.
ipTTL	Specifies the Time-To-Live (in milliseconds) criteria of the filter. This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
ipDSCP	Specifies the differentiated services code point (DSCP) criteria of the filter. This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
newDSCP	Specifies the adjusted differentiated services code point (DSCP) criteria of the filter. The adjusted DSCP is the value of the DSCP field in the packet after applying DSCP mapping (if appropriate). This value is only relevant for Extended ACLS. The value -1 indicates this component is ignored in match decisions.
tos	*Deprecated*. Use the value -1 to indicate this component is ignored in match decisions. Prior to its deprecation, this value specified the type of service (ToS) criteria of the filter. The ToS field was an 8 bit field in an IP packet, where the 3 most significant bits (msb) represented precedence (0-7), the next 3 msb represented the TOS and the 2 least signicant bits were unused. This field is no longer used in ACL matching. and has been replaced with differentiated services code point (DSCP) criteria.
l4SourcePort	Specifies the layer 4 protocol,source port criteria of the filter when a single source port is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. The value -1 indicates this component is ignored in match decisions.
l4SourcePortRangeLower	Specifies the first, layer 4 protocol, source port criteria of the filter when a source port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be less than the value of the "l4SourcePortRangeUpper" attribute. The value -1 indicates this component is ignored in match decisions.
l4SourcePortRangeUpper	Specifies the last, layer 4 protocol, source port match component of the filter when a source port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be greater than the value of the "l4SourcePortRangeLower" attribute. The value -1 indicates this component is ignored in match decisions.
l4DestPort	Specifies the, layer 4 protocol, destination port match component of the filter when a single destination port is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. The value -1 indicates this component is ignored in match decisions.
l4DestPortRangeLower	Specifies the first, layer 4 protocol, destination port match component of the filter when a destination port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be less than the value of the "l4DestPortRangeUpper" attribute. The value -1 indicates this component is ignored in match decisions.
l4DestPortRangeUpper	Specifies the last, layer 4 protocol, destination port match component of the filter when a destiation port range is specified. This value is only relevant for Extended ACLS. Valid values are the port numbers assigned by IANA for transport protocols. These ports are documented on the IANA Service Name and Transport Protocol Port Number Registry web site. This value must be greater than the value of the "l4DestPortRangeLower" attribute. The value -1 indicates this component is ignored in match decisions.
ipv4Flags_mf	Specifies the More Fragments (MF) flag critera of the filter. This field is relevant only in Extended ACLs where the ethertype criteria is set to IPv4. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
ipv4Flags_df	Specifies the Don't Fragments (DF) flag critera of the filter. This field is relevant only in Extended ACLs where the ethertype critera is set to IPv4. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_urg	Specifies the TCP, Urget Pointer (URG) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_ack	Specifies the TCP, Acknowledgement (ACK) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_psh	Specifies the TCP, Push (PUSH) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_rst	Specifies the TCP, Reset (RST) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_syn	Specifies the TCP, Synchronization (SYN) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
tcpFlags_fin	Specifies the TCP, Final (FIN) flag critera of the filter. This field is relevant only in Extended ACLs where the IP protocol critera is set to TCP. Valid values are 0 (Unset) and 1 (Set). The value 2 indicates this component is ignored in match decisions.
isFloodable	Specifies the Destination Lookup Failure mode critera of the filter. This field is relevant only in Extended ACLs. The value "true" means that the packet is floodable, where "false" means that it is not.
pbit	Specifies the 802.1P, Priority Code Point, critera of the filter. This field is relevant only in Extended ACLs. This is a 3 bit field in the header sometimes referred to as the priority bit (pbit). This field is used to implement class of service (CoS). Supported values range from -1 to 7, where: O = Best Effort 1 = Background 2 = Excellent Effort 3 = Critical Applications 4 = Video 5 = Voice 6 = Internetwork control 7 = Network control The value (-1) indicates this component is ignored in match decisions.
action	Specifies the action to take if a packet matches this filter. Valid values are: 0 (permit), 1 (deny), 2 (Police/SrTCM) and 3 (Police/TrTCM). The permit action is available for both Basic and extended ACLs and permits a matched packet to pass. The deny action is available only for extended ACLs and drops matched packets. The remaining actions are policing actions that are also only relevant for extended ACLs. These actions compare port traffic statistics with filter settings to make the permit/deny decision. The policing criteria used depends on the action type specified. For a single rate, three color meter, police action (Police/SrTCM), the filter uses the limitations configured for the Committed Information Rate (CIR), Committed Burst Size (CBS), and Extended Burst Size (EBS) to make its decision. For a two rate, three color meter, police action (Police/TrTCM), the filter uses the limitations configured for the Committed Information Rate (CIR), Committed Burst Size (CBS), Peak Information Rate (PIR), Peak Burst Size (PBS) and Extended Burst Size (EBS) to make its decision.
committedInfoRate	The Committed Information Rate (CIR), in Kbps, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 10240. A value of 0, indicates this component is ignored in match decisions.
committedBurstSize	The Committed Burst Size (CIR), in Bytes, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 4096. A value of 0, indicates this component is ignored in match decisions.
peakInfoRate	The Peak Information Rate (PIR), in Kbps, is a limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 10240. A value of 0, indicates this component is ignored in match decisions.
peakBurstSize	This value, measured in Bytes, doubles as both the Peak Burst Size (PBS) and Extended Burst Size (EBS) as limitation used in policing action (Police/SrTCM and Police/TrTCM) match decisions. These actions are only supported by extended ACLs. The default value is 4096. A value of 0, indicates this component is ignored in match decisions.

ACLSourceMACAddrIPInfo

<sourceIPv6List>	<ACLIpAddrInfo> list ^[0-N]
<sourceIPv4List>	<ACLSourceIPv4> list ^[0-N]
srcMACAddress	A string that specifies a source MAC address. A blank value means "Any MAC".
macMaskBits	The number of bits masked when comparing the MAC address.
srcMACAddrAuthorized	Specifies weather the source MAC must be Authorized (true).
maxIPAddr	The maximum number of IP Addresses that can be bound to the source MAC.

ACLMACAddrInfo

macAddress	A string that specifies a MAC Address.
macMaskBits	The number of bits masked when comparing the MAC address.

ACLIpAddrInfo

ipAddress	A string that specifies an IP Address.
maskNumBits	Number of bits to use in the subnet mask for comparison.

ACLSourceIPv4

srcIPv4Address	A string that specifies an IPv4 Address.
srcMaskNumBits	Number of bits to use in the subnet mask for comparison.
leasedIpAddress	Specifies whether the IP address is leased (true) or static (false)

Service Profile

A service profile is used to specify the shape of the traffic carried on an ethernet port. It is defined by the <ServiceProfile> XML element. A service profile is global within the scope of the Panorama PON management system, and can be used by all OLTs managed by the Panorama PON Manager instance. The list of all <ServiceProfile> XML elements is stored in a reference contained by the root node <RestoreFile> XML element.

Each <ServiceProfile> XML element contains a <TrafficDescriptor> XML element and a <ServiceRateParams> XML element. It can also contain a list of <LLDPNetworkPolicy> XML elements. Each of these elements is used in the specification and shaping of traffic carried on the ethernet port.

The <TrafficDescriptor> XML element defines the general features of the traffic carried on the ethernet port. This includes the network and subsciber VLANs, circuit IDs, remoted IDs and the name of any associated ACL profiles.

The <ServiceRateParams> XML element contains an <UpstreamTrafficDescriptor>XML element and a <DownstreamTrafficDescriptor> XML element. These XML elements contain a set of service attributes characterizing the contracted flow parameters and quality of service (QoS) objectives.

The <UpstreamTrafficDescriptor> XML element defines the traffic flow and objectives in the upstream direction. It can contain an <UpstreamPONTrafficDescriptor> XML element or an <UpstreamClassTrafficDescriptor> XML element, which define the flow and objectives in accordance with; ITU xPON standards or, ATM (Asynchronous Transfer Mode) service class, respectively.

The <DownstreamTrafficDescriptor> defines the traffic flow and objectives in the downstream direction.

Definition

	
			ServiceProfile  <xs:element name="ServiceProfileR3" type="ems:ServiceProfileR3" /> <xs:complexType name="ServiceProfileR3"> <xs:sequence> <xs:element name="trafficDesc" type="ems:TrafficDescriptorR7" /> <xs:element name="serviceParams" type="ems:ServiceRateParamsR1" /> <xs:element name="lldpNetworkPolicy" type="ems:LLDPNetworkPolicy" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="nvid" type="xs:int" use="required" /> <xs:attribute name="svid" type="xs:int" use="required" /> <xs:attribute name="cidFmt" type="xs:string" use="required" /> <xs:attribute name="ridFmt" type="xs:string" use="required" /> <xs:attribute name="aclProfileName" type="xs:string" use="required" /> </xs:complexType>  TrafficDescriptor  <xs:element name="TrafficDescriptorR7" type="ems:TrafficDescriptorR7" /> <xs:complexType name="TrafficDescriptorR7"> <xs:attribute name="trafficType" type="ems:TrafficTypeR4" use="required" /> <xs:attribute name="vlanPriority" type="xs:int" use="required" /> <xs:attribute name="etherType" type="ems:EtherTypeR2" use="required" /> <xs:attribute name="dhcpIntermediateAgent" type="xs:boolean" use="required" /> <xs:attribute name="pppoEIntermediateAgent" type="xs:boolean" use="required" /> <xs:attribute name="virtualMac" type="xs:boolean" use="required" /> <xs:attribute name="downstreamFlowEncrypt" type="xs:boolean" use="required" /> <xs:attribute name="pbitMode" type="xs:int" use="required" /> </xs:complexType>  ServiceRateParams  <xs:element name="ServiceRateParamsR1" type="ems:ServiceRateParamsR1" /> <xs:complexType name="ServiceRateParamsR1"> <xs:sequence> <xs:element name="upstream" type="ems:UpstreamTrafficDescriptor" /> <xs:element name="downstream" type="ems:DownstreamTrafficDescriptor" /> </xs:sequence> </xs:complexType>  UpstreamTrafficDescriptor  <xs:element name="UpstreamTrafficDescriptor" type="ems:UpstreamTrafficDescriptor" /> <xs:complexType name="UpstreamTrafficDescriptor"> <xs:sequence> <xs:element name="upstreamDescriptorType" type="xs:int" /> <xs:element name="upPONDesc" type="ems:UpstreamPONTrafficDescriptor" minOccurs="0" /> <xs:element name="upClassDesc" type="ems:UpstreamClassTrafficDescriptor" minOccurs="0" /> </xs:sequence> </xs:complexType>  UpstreamPONTrafficDescriptor  <xs:element name="UpstreamPONTrafficDescriptor" type="ems:UpstreamPONTrafficDescriptor" /> <xs:complexType name="UpstreamPONTrafficDescriptor"> <xs:attribute name="additionalBandwidthEligibility" type="xs:int" use="required" /> <xs:attribute name="bestEffortWeight" type="xs:int" use="required" /> <xs:attribute name="bestEffortPriority" type="xs:int" use="required" /> <xs:attribute name="upstreamMaximumBandwidth" type="xs:int" use="required" /> <xs:attribute name="upstreamAssuredBandwidth" type="xs:int" use="required" /> <xs:attribute name="upstreamFixedBandwidth" type="xs:int" use="required" /> </xs:complexType>  UpstreamClassTrafficDescriptor  <xs:element name="UpstreamClassTrafficDescriptor" type="ems:UpstreamClassTrafficDescriptor" /> <xs:complexType name="UpstreamClassTrafficDescriptor"> <xs:attribute name="upstreamCommitedBurstSize" type="xs:int" use="required" /> <xs:attribute name="upstreamExcessBurstSize" type="xs:int" use="required" /> <xs:attribute name="upStreamSustainedRate" type="xs:int" use="required" /> <xs:attribute name="upStreamPeakRate" type="xs:int" use="required" /> <xs:attribute name="upstreamPbit" type="xs:int" use="required" /> <xs:attribute name="classOfService" type="xs:int" use="required" /> </xs:complexType>  DownstreamTrafficDescriptor  <xs:element name="DownstreamTrafficDescriptor" type="ems:DownstreamTrafficDescriptor" /> <xs:complexType name="DownstreamTrafficDescriptor"> <xs:attribute name="downstreamCommitedBurstSize" type="xs:int" use="required" /> <xs:attribute name="downstreamExcessBurstSize" type="xs:int" use="required" /> <xs:attribute name="downstreamSustainedRate" type="xs:int" use="required" /> <xs:attribute name="downStreamPeakRate" type="xs:int" use="required" /> <xs:attribute name="downstreamPbit" type="xs:int" use="required" /> <xs:attribute name="enablePbitSpecific" type="xs:boolean" use="required" /> <xs:attribute name="policingRank" type="xs:int" use="required" /> <xs:attribute name="classOfService" type="xs:int" use="required" /> </xs:complexType>  LLDPNetworkPolicy  <xs:element name="LLDPNetworkPolicy" type="ems:LLDPNetworkPolicy" /> <xs:complexType name="LLDPNetworkPolicy"> <xs:attribute name="lldpRemoteNetworkPolicyDSCP" type="xs:int" use="required" /> <xs:attribute name="lldpRemoteNetworkPolicyApplicationType" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:ServiceProfileR3 name="PRINTER_V126" nvid="126" svid="-1" cidFmt="%TID% eth %SHELF%/%SLOT%/%PON%/%ONT%/1/%PORT%" ridFmt="%TID%" aclProfileName="DEFAULT"> <ems:trafficDesc trafficType="eN_TO_N" vlanPriority="0" etherType="eTRANSPARENT" dhcpIntermediateAgent="false" pppoEIntermediateAgent="false" virtualMac="false" downstreamFlowEncrypt="true" pbitMode="0" /> <ems:serviceParams> <ems:upstream> <ems:upstreamDescriptorType>1</ems:upstreamDescriptorType> <ems:upClassDesc upstreamCommitedBurstSize="2" upstreamExcessBurstSize="2" upStreamSustainedRate="10240" upStreamPeakRate="1244160" upstreamPbit="0" classOfService="4" /> </ems:upstream> <ems:downstream downstreamCommitedBurstSize="2" downstreamExcessBurstSize="2" downstreamSustainedRate="5120" downStreamPeakRate="10000000" downstreamPbit="0" enablePbitSpecific="false" policingRank="1" classOfService="4" /> </ems:serviceParams> <ems:lldpNetworkPolicy lldpRemoteNetworkPolicyDSCP="0" lldpRemoteNetworkPolicyApplicationType="0"/> </ems:ServiceProfileR3>
		

Content and Attributes

ServiceProfile

<trafficDesc>	<TrafficDescriptor>
<serviceParams>	<ServiceRateParams>
<lldpNetworkPolicy>	<LLDPNetworkPolicy> list ^[0-N]
name	Name of the service profile
nvid	The Network VLAN ID for the service. The Network VLAN will be used to carry traffic using this service between the edges of the Optical LAN. This VLAN tag is applied to traffic on ingress and removed on egress.
svid	The subscriber VLAN ID for the service. This VLAN is used for tagged traffic. A value of -1 indicates this service carries untagged traffic.
cidFmt	The format of the Circuit ID. The format allows the use of variables (delimited by %) that are expanded at run time. The default Circuit ID is: %TID% eth %SHELF%/%SLOT%/%PON%/%ONT%/1/%PORT%.
ridFmt	The format of the Remote ID. The format allows the use of variables (delimited by %) that are expanded at run time. The default Circuit ID is: %TID%.
aclProfileName	The name of the ACL Profile associated with this service.

TrafficDescriptor

trafficType	The traffic type provided by the service on an ethernet port. See definition in the Simple Types Dictionary section of this document.
vlanPriority	The quality of service (QOS) priority that for untagged traffic in the upstream direction. Values range from 0 (lowest priority) through 7 (highest priority). The default is 0; use this for data connections. Set the VLAN Priority to 5 for voice connections.
etherType	Specifies the bridging protocol used in routing packets through the LAN. See definition in the Simple Types Dictionary section of this document.
dhcpIntermediateAgent	Enable(true)/Disable(false) DHCP Option 82, to allow a DHCP Relay Agent to insert circuit−specific information (cid and rid) into DHCP requests.
pppoEIntermediateAgent	Enable(true)/Disable(false) PPPoE Intermediate Agent (PPPoE IA). This agent is deployed between a PPPoE server and PPPoE clients. It helps the PPPoE server identify and authenticate clients by adding subscriber line specific information to PPPoE discovery packets from clients before forwarding them to the PPPoE server.
virtualMac	Deprecated. Use the value "false".
downstreamFlowEncrypt	Enable(true)/Disable(false) encryption of traffic between the Optical Line Terminal (OLT) and downstream Optical Network Terminals (ONTs)
pbitMode	Specifies the 802.1p priority marking mode used to prioritize traffic for QoS (quality of service) purposes. There are 3 allowed modes: 0 (Static) - Use the vlan priority as the pbit priority 1 (Copy) - Use the pbit priority specified in the packet on ingress 2 (DSCP Mapped) - Map the vlan priority to the priority specified in the DSCP profile.

ServiceRateParams

<upstream>	<UpstreamTrafficDescriptor>
<downstream>	<DownstreamTrafficDescriptor>

UpstreamTrafficDescriptor

<upstreamDescriptorType>	An integer used to specify the upstream traffic shaping strategy for this service: 0 (Priority Based) - the descriptor contained by this element is an <UpstreamPONTrafficDescriptor> used to allocate bandwidth based on ITU-T xPON standards using specific parameters to share bandwidth accross the PON. 1 (Class Based) - the descriptor contained by this element is an <UpstreamClassTrafficDescriptor> used to allocate bandwidth based on ATM standards using specific parameters to share bandwidth within the traffic class.
<upPONDesc>	<UpstreamPONTrafficDescriptor>^[Optional]
<upClassDesc>	<UpstreamClassTrafficDescriptor>^[Optional]

UpstreamPONTrafficDescriptor

additionalBandwidthEligibility	Specifies the eligibility for additional bandwidth requested for connections using this service. Supported Values are: 0 (None) - no request for additional bandwidth. 1 (Non-Assured - NA) - request non-assured additional bandwidth. 2 (Best Effort - BE) - request best-effort additional bandwidth.
bestEffortWeight	Specifies the weight (in percent) give to best effort requests for additional bandwidth. The supported range is 0-100. This value is only relevant if additionalBandwidthEligibility = 2 (Best Effort). If not, set the value to "0". Best effort weight and priority are used by the DBA algorithm to calculate eligibility for additional bandwidth.
bestEffortPriority	Specifies the priorty for best effort requests for additional bandwidth. The supported range is 0-8. This value is only relevant if additionalBandwidthEligibility = 2 (Best Effort). If not, set the value to "0". Best effort weight and priority are used by the DBA algorithm to calculate eligibility for additional bandwidth.
upstreamMaximumBandwidth	The maximum bandwidth (in Mbps) requested for connections using this service. The supported range is from 10 - 1000 for a GPON port and 10 - 10,000 for an XGPON port. Set the value to "0" if additionalBandwidthEligibility is set to "0" (None). Otherwise, the value must be greater than upstreamAssuredBandwidth.
upstreamAssuredBandwidth	The assured bandwidth (in Mbps) requested for connections using this service. The supported range is from 10 - 1000 for a GPON port and 10 - 10,000 for an XGPON port. This value is only relevant if additionalBandwidthEligibility is set to 2 (Best Effort). Otherwise, the value must be less than than upstreamMaximumBandwidth. Assured bandwith is provided when needed, but is not carved out of the total PON bandwidth. The excess of assured bandwidth over fixed, can be allocated elsewhere when not being used and must be managed by the DBA mechanism.
upstreamFixedBandwidth	The fixed bandwidth (in Mbps) requested for connections using this service. The supported range is from .512 - 1000 for a GPON port and .512 - 10,000 for an XGPON port. This bandwidth is carved out of the total PON bandwidth. It cannot be used for other ports even when this port is not transmiting.

UpstreamClassTrafficDescriptor

upstreamCommitedBurstSize	The maximum window size (in msec) for upstream committed bursts. A committed burst is tranmission at a rate greater than the sustained rate (upStreamSustainedRate) but no greater than the peak rate (upStreamPeakRate). The default value is 2.
upstreamExcessBurstSize	The maximum window size (in msec) for upstream excess bursts. An excess burst is tranmission at a rate equal to the peak rate (upStreamPeakRate) plus any excess available bandwidth. The default value is 2.
upStreamSustainedRate	The assured upstream bandwidth (in Kbps) for the ethernet port. This rate is guaranteed and is carved out of the bandwith available for other ports on the same PON. This value can range from 512 to the maximum upstream bandwidth of the PON port (1024000: GPON / 10240000:XGPON) in increments of 512. This value cannot be greater than the upstream peak rate. The default value is 5120.
upStreamPeakRate	The peak upstream bandwidth (in Kbps) for the ethernet port. This is the maximum rate of transmission allowed for the port. Bandwidth in excess of the upstream sustained rate is not guaranteed and will be granted (up to the peak upstream rate) when excess bandwidth is available. This additional bandwidth allows for traffic bursts. The value can range from 512 to the maximum upstream bandwidth of the PON port (1024000:GPON / 10240000:XGPON) in increments of 512. This value cannot be less than the upstream sustained rate. The default value is the maximum upstream bandwidth of the PON port.
upstreamPbit	*Deprecated*, Use the value of zero (0).
classOfService	Specifies the service class used for upstream traffic. Valid values are: 1 (CBR2) - Constant Bit Rate (non-real-time). Used for traffic where there is an inherent reliance on time synchronization between the source and destination. 2 (CBR1) - Constant Bit Rate (real-time). Used for traffic where there is an inherent reliance on time synchronization between the source and destination. CBR1 is considered "real-time" CBR because it reduces, to a minimum, any jitter and latency still present in CBR2. CBR1 should be used for applications where real time precision is required. 3 (nrt-VBR) - Non-Real-Time Variable Bit Rate. Used for traffic for which there is no inherent reliance on time synchronization between the source and destination, but there is a need to attempt guaranteed bandwidth and latency. 4 (UBR) - Unspecified Bit Rate. Used for traffic for which there is no reliance on time synchronization between the source and destination.

DownstreamTrafficDescriptor

downstreamCommitedBurstSize	The maximum window size (in msec) for downstream committed bursts. A committed burst is tranmission at a rate greater than the sustained rate (downStreamSustainedRate) but no greater than the peak rate (downStreamPeakRate). The default value is 2.
downstreamExcessBurstSize	The maximum window size (in msec) for downstream excess bursts. An excess burst is tranmission at a rate equal to the peak rate (downStreamPeakRate) plus any excess available bandwidth. The default value is 2.
downstreamSustainedRate	The assured downstream bandwidth (in Kbps) for the ethernet port. This rate is guaranteed and is carved out of the bandwith available for other ports on the same PON. The value can range from 512 to the maximum downstream bandwidth of the PON port (1024000:GPON / 10240000:XGPON) in increments of 512. This value cannot be greater than the downstream peak rate. The default value is 5120.
downStreamPeakRate	The peak downstream bandwidth (in Kbps) for the ethernet port. This is the maximum rate of transmission allowed for the port. Bandwidth in excess of the downstream sustained rate is not guaranteed and will be granted (up to the peak downstream stream rate) when excess bandwidth is available. This additional bandwidth allows for traffic bursts. The value can range from 512 to the maximum downstream bandwidth of the PON port (1024000:GPON / 10240000:XGPON) in increments of 512. This value cannot be less than the downstream sustained rate. The default value is the maximum downstream bandwidth of the PON port.
downstreamPbit	The 802.1p priority used in downstream traffic shaping. This value is only relevant when enablePbitSpecific is set to "true" (rate shaping on 802.1p priority enabled). Supported values are 0 - 7, with 7 being the highest priority (default is 0).
enablePbitSpecific	Enable(true)/Disable(false) the use of 802.1p priority in shaping downstream traffic on the port. If this value is false, shaping will be done for the entire VLAN.
policingRank	DEFINITION OF ATTRIBUTE AND LIST OF VALID VALUES
classOfService	Specifies the service class used for downstream traffic. Valid values are: 1 (CBR2) - Constant Bit Rate (non-real-time). Used for traffic where there is an inherent reliance on time synchronization between the source and destination. 2 (CBR1) - Constant Bit Rate (real-time). Used for traffic where there is an inherent reliance on time synchronization between the source and destination. CBR1 is considered "real-time" CBR because it reduces, to a minimum, any jitter and latency still present in CBR2. CBR1 should be used for applications where real time precision is required. 3 (nrt-VBR) - Non-Real-Time Variable Bit Rate. Used for traffic for which there is no inherent reliance on time synchronization between the source and destination, but there is a need to attempt guaranteed bandwidth or latency. 4 (UBR) - Unspecified Bit Rate. Used for traffic for which there is no reliance on time synchronization between the source and destination.

LLDPNetworkPolicy

lldpRemoteNetworkPolicyDSCP

The DSCP value included in the LLDP-MED, "Network Policy" TLV. This value informs neighbors how they must mark application data transmitted on this service. This can help to ensure quality of service for the application traffic. This value is only relvant if the <LLDPProfile>, assigned to the port, has LLDP and the LLDP-MED, "Network Policy" TLV enabled.

lldpRemoteNetworkPolicyApplicationType

The Application type included in the LLDP-MED, "Network Policy" TLV. This value is especially important when working with VoIP phones. LLDP and LLDP Med are used by switches to perform automatic configuration of the VoIP VLAN on VoIP phones during the boot cycle. For most VoIP phones the value should be set to "1" (Voice). This value is only relvant if the <LLDPProfile>, assigned to the port, has LLDP and the LLDP-MED, "Network Policy" TLV enabled.

NAC Profile

A Network Access Control (NAC) profile is used to configure access control for the ethernet port. It is defined by the <NACProfile> XML element. A NAC profile is global within the scope of the Panorama PON management system, and can be used by all OLTs managed by the Panorama PON Manager instance. The list of all <NACProfile> XML elements is stored in a reference contained by the root node; <RestoreFile> XML element.

Definition

	
			NACProfile  <xs:element name="NACProfile" type="ems:NACProfile" /> <xs:complexType name="NACProfile"> <xs:sequence> <xs:element name="defaultVlanConfig" type="ems:NACDefaultVLANConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="paeDynServiceConfig" type="ems:NACPAEDynamicServiceConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="bypassConfig" type="ems:NACBypassConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="dhcpConfig" type="ems:NACDHCPConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="guestVlanConfig" type="ems:NACGuestVLANConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="webAuthConfig" type="ems:NACWebAuthConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="authFailConfig" type="ems:NACAuthFailConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="radiusSerNrActConfig" type="ems:NACSerialNrActivationRADIUSConfig" minOccurs="0" maxOccurs="1" /> <xs:element name="httpSerNrActConfig" type="ems:NACSerialNrActivationHTTPConfig" minOccurs="0" maxOccurs="1" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="enableAccessViolationAutoDisable" type="xs:boolean" use="required" /> <xs:attribute name="accessViolationAutoEnableTimeout" type="xs:int" use="required" /> <xs:attribute name="maxMACs" type="xs:int" use="required" /> <xs:attribute name="isDefaultVlanEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isPAEDynamicServiceEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isMACBypassEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isDHCPEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isGuestVlanEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isWebAuthEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isAuthFailEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isRADIUSSerialNrEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isHTTPSerialNrEnabled" type="xs:boolean" use="required" /> </xs:complexType>  NACDefaultVLANConfig  <xs:element name="NACDefaultVLANConfig" type="ems:NACDefaultVLANConfig" /> <xs:complexType name="NACDefaultVLANConfig"> <xs:sequence> <xs:element name="svcProfileNames" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  NACPAEDynamicServiceConfig  <xs:element name="NACPAEDynamicServiceConfig" type="ems:NACPAEDynamicServiceConfig" /> <xs:complexType name="NACPAEDynamicServiceConfig"> <xs:attribute name="isWolEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isFilterIdEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isVLANEnabled" type="xs:boolean" use="required" /> <xs:attribute name="isTunnelEnabled" type="xs:boolean" use="required" /> </xs:complexType>  NACBypassConfig  <xs:element name=">NACBypassConfig" type="ems:NACBypassConfig" /> <xs:complexType name="NACBypassConfig"> <xs:attribute name="startupDelay" type="xs:int" use="required" /> <xs:attribute name="authMethodConfig" type="xs:int" use="required" /> <xs:attribute name="usernameFormat" type="xs:string" use="required" /> <xs:attribute name="passwordFormat" type="xs:string" use="required" /> </xs:complexType>  NACDHCPConfig  <xs:element name="NACDHCPConfig" type="ems:NACDHCPConfig" /> <xs:complexType name="NACDHCPConfig"> <xs:attribute name="vid" type="xs:int" use="required" /> <xs:attribute name="startupDelay" type="xs:int" use="required" /> <xs:attribute name="serverIP" type="xs:string" use="required" /> <xs:attribute name="ifcIP" type="xs:string" use="required" /> <xs:attribute name="giaddr" type="xs:string" use="required" /> <xs:attribute name="nextHop" type="xs:string" use="required" /> <xs:attribute name="serviceProfile" type="xs:string" use="required" /> </xs:complexType>  NACGuestVLANConfig  <xs:element name="NACGuestVLANConfig" type="ems:NACGuestVLANConfig" /> <xs:complexType name="NACGuestVLANConfig"> <xs:sequence> <xs:element name="svcProfileNames" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="startupDelay" type="xs:int" use="required" /> </xs:complexType>  NACWebAuthConfig  <xs:element name="NACWebAuthConfig" type="ems:NACWebAuthConfig" /> <xs:complexType name="NACWebAuthConfig"> <xs:attribute name="startupDelay" type="xs:int" use="required" /> <xs:attribute name="serviceProfileName" type="xs:string" use="required" /> </xs:complexType>  NACAuthFailConfig  <xs:element name="NACAuthFailConfig" type="ems:NACAuthFailConfig" /> <xs:complexType name="NACAuthFailConfig"> <xs:attribute name="startupDelay" type="xs:int" use="required" /> <xs:attribute name="serviceProfileName" type="xs:string" use="required" /> </xs:complexType>  NACSerialNrActivationRADIUSConfig  <xs:element name="NACSerialNrActivationRADIUSConfig" type="ems:NACSerialNrActivationRADIUSConfig" /> <xs:complexType name="NACSerialNrActivationRADIUSConfig"> <xs:attribute name="usernameFormat" type="xs:string" use="required" /> <xs:attribute name="passwordFormat" type="xs:string" use="required" /> <xs:attribute name="isLabelEnabled" type="xs:boolean" use="required" /> </xs:complexType>  NACSerialNrActivationHTTPConfig  <xs:element name="NACSerialNrActivationHTTPConfig" type="ems:NACSerialNrActivationHTTPConfig" /> <xs:complexType name="NACSerialNrActivationHTTPConfig"> <xs:attribute name="url" type>="xs:string" use="required" /> <xs:attribute name="isHTTPSecure" type="xs:boolean" use="required" /> <xs:attribute name="certificate" type="xs:string" use="required" /> <xs:attribute name="requestMethod" type="xs:int" use="required" /> <xs:attribute name="parserMethod" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:NACProfile name="Arista-WAP_V300_301_701_722_774" enableAccessViolationAutoDisable="true" accessViolationAutoEnableTimeout="300" maxMACs="255" isDefaultVlanEnabled="true" isPAEDynamicServiceEnabled="false" isMACBypassEnabled="false" isDHCPEnabled="false" isGuestVlanEnabled="false" isWebAuthEnabled="false" isAuthFailEnabled="false" isRADIUSSerialNrEnabled="false" isHTTPSerialNrEnabled="false" > <ems:defaultVlanConfig> <ems:svcProfileNames>WAP_V301</ems:svcProfileNames> <ems:svcProfileNames>WAP_V722</ems:svcProfileNames> <ems:svcProfileNames>WAP_V300</ems:svcProfileNames> <ems:svcProfileNames>Wireless_Mgmt_V701</ems:svcProfileNames> </ems:defaultVlanConfig> <ems:paeDynServiceConfig isWolEnabled="false" isFilterIdEnabled="false" isVLANEnabled="false" isTunnelEnabled="false"/> <ems:bypassConfig startupDelay="30" authMethodConfig="0" usernameFormat="" passwordFormat=""/> <ems:dhcpConfig vid="0" startupDelay="0" serverIP="" ifcIP="" giaddr="" nextHop="" serviceProfile=""/> <ems:guestVlanConfig startupDelay="90"/> <ems:webAuthConfig startupDelay="0" serviceProfileName=""/> <ems:authFailConfig serviceProfileName="" startupDelay="0"/> <ems:radiusSerNrActConfig usernameFormat="" passwordFormat="" isLabelEnabled="false"/> <ems:httpSerNrActConfig url="" isHTTPSecure="false" certificate="" requestMethod="2" parserMethod="2"/> </ems:NACProfile>
		

Content and Attributes

NACProfile

<defaultVlanConfig>	<NACDefaultVLANConfig> ^[Optional]
<paeDynServiceConfig>	<NACPAEDynamicServiceConfig> ^[Optional]
<bypassConfig>	<NACBypassConfig> ^[Optional]
<dhcpConfig>	<NACDHCPConfig> ^[Optional]
<guestVlanConfig>	<NACGuestVLANConfig> ^[Optional]
<webAuthConfig>	<NACWebAuthConfig> ^[Optional]
<authFailConfig>	<NACAuthFailConfig> ^[Optional]
<radiusSerNrActConfig>	<NACSerialNrActivationRADIUSConfig> ^[Optional]
<radiusSerNrActConfig>	<NACSerialNrActivationHTTPConfig> ^[Optional]
name	Name of the NAC Profile.
enableAccessViolationAutoDisable	Enable(true)/Disable(false) auto disable of port on access violation.
accessViolationAutoEnableTimeout	The duration (in seconds) to keep a port disabled when an access violation occurs.
maxMACs	The maximum number of MAC addresses that can be learned on the port. If MACs learned, would exceed the maximum, an access violation is raised.
isDefaultVlanEnabled	Enable(true)/Disable(false) default services on the port when a device is attached. The default services are applied to the port if authentication is disabled. If port authentication is enabled, the default services are dynamically applied in response to the values returned by the port authentication entity.
isPAEDynamicServiceEnabled	Enable(true)/Disable(false) 802.1x port authentication and dynamic service application.
isMACBypassEnabled	Enable(true)/Disable(false) MAC bypass authentication for devices that do not use 802.1x. Dynamically apply the correct services when a device is authenticated.
isDHCPEnabled	Enable(true)/Disable(false) DHCP configuration through the authentication server.
isGuestVlanEnabled	Enable(true)/Disable(false) application of guest services to the port if authentication (802.1x and/or MAC bypass) is disabled or has timed out.
isWebAuthEnabled	Enable(true)/Disable(false) application of guest services through Web re-deirect authentication.
isAuthFailEnabled	Enable(true)/Disable(false) application of a specified service to the port on authentication (802.1x and/or MAC bypass) failure.
isRADIUSSerialNrEnabled	Depricated. Use the value "false".
isHTTPSerialNrEnabled	Depricated. Use the value "false".

NACDefaultVLANConfig

<svcProfileNames>	List ^[0-N] of Service Profile names.

NACPAEDynamicServiceConfig

isWolEnabled	Enable(true)/Disable(false) wake on LAN (WoL), to allow dormant PCs to be powered when the switch receives a specific Ethernet frame.
isFilterIdEnabled	Enable(true)/Disable(false) dynamic service application based on the Filter TLVs returned from the port authentication entity.
isVLANEnabled	Enable(true)/Disable(false) dynamic service application based on the VLAN ID parsed from the tunnel TLVs returned by the port authentication entity.
isTunnelEnabled	Enable(true)/Disable(false) parsing of the tunnel attributes from the tunnel TLVs returned by the port authentication entity.

NACBypassConfig

startupDelay	Time (in seconds) to delay MAC bypass authentication for devices that do not use 802.1x. The default value is 30. It is recommended that this period be set to at least 30 seconds, unless 802.1x is not enabled. The delay allows 802.1x clients a chance to authenticate prior to attempting MAC bypass.
authMethodConfig	Method used to authenticate device MAC addresses. Valid values are: 1: PAP (MAC as Credentials) - use the unencrypted device MAC address to authenticate using the Password Authentication Protocol. 2: EAP-MD5 (MAC as Credentials) - use the MD5 hash of the device MAC address to authenticate using the Extensible Authentication Protocol. 3: EAP-MD5 (specify username/password) - use the MD5 hash of a username and password to authenticate using the Extensible Authentication Protocol. The value zero (0), indicates that MAC Bypass is disabled.
usernameFormat	The username used for authentication if the authentication method used is: EAP-MD5 (specify username/password).
passwordFormat	The password used for authentication if the authentication method used is: EAP-MD5 (specify username/password).

NACDHCPConfig

*** This element is depricated but required - use default values for all attributes. ***

vid	The default value for this attribute is "0".
startupDelay	The default value for this attribute is "0".
serverIP	The default value for this attribute is blank ("").
ifcIP	The default value for this attribute is blank ("").
giaddr	The default value for this attribute is blank ("").
nextHop	The default value for this attribute is blank ("").
serviceProfile	The default value for this attribute is blank ("").

NACGuestVLANConfig

<svcProfileNames>	List ^[0-N] of Service Profile names.
startupDelay	Time (in seconds) to delay application of guest services, if enabled. The default value is 90. It is recommended that this period be greater than the MAC bypass delay, unless neither 802.1x nor MAC Bypass is enabled. This delay provides time for 802.1x authentication and the MAC bypass to authenticate prior to applying guest services.

NACWebAuthConfig

*** This element is depricated but required - use default values for all attributes. ***

startupDelay	The default value for this attribute is "0".
serviceProfileName	The default value for this attribute is blank ("").

NACAuthFailConfig

startupDelay	Time (in seconds) to wait after authentication failure before applying the quarantine service to the port. Use the value "0".
serviceProfileName	Service profile to apply to the port in the event of authentication failure.

NACSerialNrActivationRADIUSConfig

*** This element is depricated but required - use default values for all attributes. ***

usernameFormat	The default value for this attribute is blank ("")
passwordFormat	The default value for this attribute is blank ("")
isLabelEnabled	The default value for this attribute is "false"

NACSerialNrActivationHTTPConfig

*** This element is depricated but required - use default values for all attributes. ***

url	The default value for this attribute is blank ("")
isHTTPSecure	The default value for this attribute is "false"
certificate	The default value for this attribute is blank ("")
requestMethod	The default value for this attribute is "0"
parserMethod	The default value for this attribute is "0"

PAE Profile

A PAE (Port Authentication Entity) Profile is a profile that stores the configuration settings related to user authentication and access for an Ethernet port. It is defined by the <PAEProfile> XML element. This element is globally defined within the scope of the Panorama PON management system and can be assigned to ethernet ports on any managed OLT. The list of all <PAEProfile> elements is stored in a reference contained by the <RestoreFile> root node.

Definition

PAEProfile <xs:element name="PAEProfileR2" type="ems:PAEProfileR2" /> <xs:complexType name="PAEProfileR2"> <xs:sequence> <xs:element name="radiusProfileList" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="startPAE" type="xs:boolean" use="required" /> <xs:attribute name="linkLossUnAuthenticate" type="xs:boolean" use="required" /> <xs:attribute name="adminControlledDir" type="xs:int" use="required" /> <xs:attribute name="operControlledDir" type="xs:int" use="required" /> <xs:attribute name="authControlledPortControl" type="xs:int" use="required" /> <xs:attribute name="quietPeriod" type="xs:int" use="required" /> <xs:attribute name="txPeriod" type="xs:int" use="required" /> <xs:attribute name="suppTimeout" type="xs:int" use="required" /> <xs:attribute name="serverTimeout" type="xs:int" use="required" /> <xs:attribute name="maxReq" type="xs:int" use="required" /> <xs:attribute name="reAuthPeriod" type="xs:int" use="required" /> <xs:attribute name="reAuthEnabled" type="xs:boolean" use="required" /> <xs:attribute name="keyTransmissionEnabled" type="xs:boolean" use="required" /> <xs:attribute name="maxAuthorizedMAC" type="xs:int" use="required" /> <xs:attribute name="autoDisableOnACLViolation" type="xs:boolean" use="required" /> </xs:complexType>

Example

	
			<ems:PAEProfileR2 name="default" adminState="eLOCKED" startPAE="true" linkLossUnAuthenticate="true" adminControlledDir="1" operControlledDir="1" authControlledPortControl="3" quietPeriod="60" txPeriod="30" suppTimeout="30" serverTimeout="30" maxReq="2" reAuthPeriod="3600" reAuthEnabled="true" keyTransmissionEnabled="false" maxAuthorizedMAC="1" autoDisableOnACLViolation="false" > <ems:radiusProfileList>dot1x-default</ems:radiusProfileList> </ems:PAEProfileR2>
		

Content and Attributes

PAEProfile

<radiusProfileList>	List ^[0-N] of RADIUS Profile names.
name	The name of the PAE Profile.
adminState	See definition in the Simple Types Dictionary section of this document.
startPAE	Enable(true)/Disable(false) forced re-authentication when the port fails and recovers.
linkLossUnAuthenticate	Enable(true)/Disable(false) unathentication of all devices on the port when a link loss occurs.
adminControlledDir	Specifies how a port handles traffic before it successfully authenticates a client and enters the authenticated state. A value of 1 (Both) specifies the port blocks traffic in both directions and is the default, while a value of 2 (Rx) specifies that only recieved traffic is dropped.
operControlledDir	Deprecated. Use the value "1".
authControlledPortControl	Specifies the administrative control used for port authorization. Supported values are: 1 (ForceAuthorized) - Authentication is disabled and the port is automatically authorized without authentication 2 (ForceUnauthorized) - Port remains in the unauthenticated state and ignores any clients. 3 (Auto) - Authentication is enabled and the port is initially unauthorized. The port must authorize via client authentication.
quietPeriod	Period of time (in seconds) when a port does not attempt client authentication. This follows a failed authentication exchange. The value can range from 0 - 65535. The default value is 60.
txPeriod	Period of time (in seconds) the port waits to retransmit the next EAPOL (Extensible Authentication Protocol over LAN) PDU (Protocol Data Unit) during an authentication session. The value can range from 0 - 65535. The default value is 30.
suppTimeout	Period of time (in seconds) the switch waits for a supplicant response to an EAP (Extensible Authentication Protocol) request. If the supplicant does not respond within the configured time frame, the session times out. The value can range from 0 - 65535. The default value is 30.
serverTimeout	Period of time (in seconds) the switch waits for a server response to an authentication request. If there is no response within the configured time frame, the switch assumes that the authentication attempt has timed out. If the maximum number of requests has been exceeded, the authentication session will be terminated, otherwise, a new request will be sent to the server. The value can range from 0 - 65535. The default value is 30.
maxReq	The number of authentication attempts that must time-out before authentication fails and the authentication session ends. The value can range from 1 - 10. The default value is 2.
reAuthPeriod	Period of time (in seconds) after which connected clients must be re-authenticated. The value can range from 30 - 4294957285. The default value is 3600.
reAuthEnabled	Enable(true)/Disable(false) forced re-authentication after the re-authentication period has elapsed for a connected client.
keyTransmissionEnabled	Enable(true)/Disable(false) transmission of a encryption key during authentication sessions with the specified server. This key must match the key used on the RADIUS server.
maxAuthorizedMAC	Maximum number of supplicants allowed to authenticate on the port. Authentication attempts that, if successful, would exceed this number will be rejected and an access violation will be raised.
autoDisableOnACLViolation	Enable(true)/Disable(false) auto-disable of the port if an access violation is detected.

RSTP Profile

A RSTP (Rapid Spanning Tree Protocol) Profile stores the configuration settings related to loop detection and remediation for an Ethernet port. It is defined by the <RSTPProfile> XML element. This element is globally defined within the scope of the Panorama PON management system and can be assigned to ethernet ports on any managed OLT.

The <RSTPProfile> XML element has attributes to configure spanning tree participation, protection and violation handling for the port. It contains a <CISTPortConfig> child element to customize port specific spanning tree attributes. The list of all <RSTPProfile> elements is stored in a reference contained by the <RestoreFile> root node.

Definition

RSTPProfile <xs:element name="RSTPProfile1" type="ems:RSTPProfile1" /> <xs:complexType name="RSTPProfile1"> <xs:sequence> <xs:element name="stpConfig" type="ems:CISTPortConfig1" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="enableTCNNotification" type="xs:boolean" use="required" /> <xs:attribute name="enableRootProtectNotification" type="xs:boolean" use="required" /> <xs:attribute name="enableBPDUGuardViolation" type="xs:boolean" use="required" /> <xs:attribute name="enableAutoEdge" type="xs:boolean" use="required" /> </xs:complexType> CISTPortConfig <xs:element name="CISTPortConfigR1" type="ems:CISTPortConfigR1" /> <xs:complexType name="CISTPortConfigR1"> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="pathCost" type="xs:int" use="required" /> <xs:attribute name="internalPathCost" type="xs:int" use="required" /> <xs:attribute name="priority" type="xs:int" use="required" /> <xs:attribute name="helloTime" type="xs:int" use="required" /> <xs:attribute name="pointToPoint" type="xs:int" use="required" /> <xs:attribute name="edgePort" type="xs:boolean" use="required" /> <xs:attribute name="restrictedRole" type="xs:boolean" use="required" /> <xs:attribute name="restrictedTCN" type="xs:boolean" use="required" /> <xs:attribute name="autoEdgePort" type="xs:boolean" use="required" /> </xs:complexType>

Example

	
			<ems:RSTPProfileR1 name="default" enableTCNNotification="false" enableRootProtectNotification="false" enableBPDUGuardViolation="true" enableAutoEdge="true"> <ems:stpConfig adminState="eLOCKED" pathCost="20000" internalPathCost="20000" priority="128" helloTime="2" pointToPoint="0" edgePort="false" restrictedRole="true" restrictedTCN="true" autoEdgePort="true"/> </ems:RSTPProfileR1>
		

Content and Attributes

RSTPProfile

<stpConfig>	<CISTPortConfig>
name	The name of the profile
enableTCNNotification	Enable(true)/Disable(false) raising alarms when network topology changes are detected on the port.
enableRootProtectNotification	Enable(true)/Disable(false) notification of restricted role events.
enableAutoEdge	Enable(true)/Disable(false) auto-edge for the port. If enabled, the port will go directly to the forwarding state on link. If disabled, the port will transition through the standard Spanning-Tree states (Blocking, Listening, Learning and Forwarding). Auto-edge should be reserved for ports where it is unlikely that a device transmitting spanning-tree BPDUs will be connected.

CISTPortConfig

adminState	Enable(true)/Disable(false) spanning tree participation on the port.
pathCost	The relative cost of sending network traffic through the port towards the root bridge. The default path cost for an interface is based on the maximum speed of the interface. You can manipulate this value (increase the path cost) to discourage it from becoming part of the designated path away from the root.
internalPathCost	The relative cost of sending spanning tree traffic through the port to adjacent bridges within a spanning tree region. Internal path cost applies only to those interfaces in the common instance of MSTP.
priority	The relative port priority in a spanning tree instance. The lower the number the higher the priority. The system is more likely to select interfaces with lower numeric values to carry network traffic. Supported values are 0 - 240 in increments of 16. The default value is 128.
helloTime	Duration (in seconds) between each bridge protocol data unit (BPDU) that is sent on a port. Valid values are 0 - 10. The default value is 2.
pointToPoint	Point-to-point port designation. A point to point link is a port connected directly to another RSTP switch. Valid values are: 0 (Auto) - The switch automatically checks if the port is connected to a point-to-point link, then sets the status as Open or Closed. 1 (Off) - The port is designated as not connected to a point-to-point link. 2 (On) - The port is designated as connected to a point-to-point link.
edgePort	Enable(true)/Disable(false) the port as a spanning tree edge port. If enabled, the port will go directly to the forwarding state. If disabled, the port will transition through the standard Spanning-Tree states (Blocking, Listening, Learning and Forwarding). A port should be set as an edge port when it is unlikely to recieve BPDUs from a connected device. If a port will use LLDP on VoIP phones, it should be set as an edge port.
restrictedRole	Prevent (true) / Allow (false) the port to generate topology change notifications (TCN).
restrictedTCN	Prevent (true) / Allow (false) the port to connect to a spanning tree root
autoEdgePort	Enable(true)/Disable(false) auto-edge for the port. If enabled, the port will go directly to the forwarding state on link. If disabled, the port will transition through the standard Spanning-Tree states (Blocking, Listening, Learning and Forwarding). Auto-edge should be reserved for ports where it is unlikely that a device transmitting spanning-tree BPDUs will be connected.

LLDP Profile

An LLDP Profile stores Link Layer Discovery Protocol configuration for an Ethernet port. This configuration allows for the exchange of identification and capabilities with directly connected devices. This can aid in negotiating link, data and power requirements to facilitate network connectivity. The configuration can customized port LLDP behavior to overcome issues with devices using non-standard protocol implementations.

An LLDP Profile is defined by the <LLDPProfile> XML element. This element is globally defined within the scope of the Panorama PON management system and can be assigned to Ethernet ports on any managed OLT. Each <LLDPProfile> element is stored by reference in the <RestoreFile> root node.

Definition

	
			LLDPProfile  <xs:element name="LLDPProfileR3" type="ems:LLDPProfileR3" /> <xs:complexType name="LLDPProfileR3"> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="adminStatus" type="xs:int" use="required" /> <xs:attribute name="lldpNotifyEnable" type="xs:boolean" use="required" /> <xs:attribute name="portDesc" type="xs:boolean" use="required" /> <xs:attribute name="sysName" type="xs:boolean" use="required" /> <xs:attribute name="sysDesc" type="xs:boolean" use="required" /> <xs:attribute name="sysCap" type="xs:boolean" use="required" /> <xs:attribute name="mgmtAddress" type="xs:boolean" use="required" /> <xs:attribute name="portVlan" type="xs:boolean" use="required" /> <xs:attribute name="vlanName" type="xs:boolean" use="required" /> <xs:attribute name="protoVlan" type="xs:boolean" use="required" /> <xs:attribute name="protocol" type="xs:boolean" use="required" /> <xs:attribute name="macPhy" type="xs:boolean" use="required" /> <xs:attribute name="powerViaMDI" type="xs:boolean" use="required" /> <xs:attribute name="linkAgg" type="xs:boolean" use="required" /> <xs:attribute name="maxFrameSize" type="xs:boolean" use="required" /> <xs:attribute name="medCapabilities" type="xs:boolean" use="required" /> <xs:attribute name="medNetworkPolicy" type="xs:boolean" use="required" /> <xs:attribute name="medLocation" type="xs:boolean" use="required" /> <xs:attribute name="medExtendedPSE" type="xs:boolean" use="required" /> <xs:attribute name="medExtendedPD" type="xs:boolean" use="required" /> <xs:attribute name="medInventory" type="xs:boolean" use="required" /> <xs:attribute name="medNotifyEnable" type="xs:boolean" use="required" /> <xs:attribute name="medLocationTemplate" type="xs:string" use="required" /> <xs:attribute name="locationSource" type="xs:int" use="required" /> <xs:attribute name="locationType" type="xs:int" use="required" /> <xs:attribute name="chassisIdSource" type="xs:int" use="required" /> <xs:attribute name="portIdSource" type="xs:int" use="required" /> <xs:attribute name="portIdTemplate" type="xs:string" use="required" /> <xs:attribute name="enableStpHold" type="xs:boolean" use="required" /> <xs:attribute name="stpHoldTime" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			&tl;ems:LLDPProfileR3 name="default" adminStatus="0" lldpNotifyEnable="false" portDesc="false" sysName="false" sysDesc="false" sysCap="false" mgmtAddress="false" portVlan="false" vlanName="false" protoVlan="false" protocol="false" macPhy="false" powerViaMDI="false" linkAgg="false" maxFrameSize="false" medCapabilities="false" medNetworkPolicy="false" medLocation="false" medExtendedPSE="false" medExtendedPD="false" medInventory="false" medNotifyEnable="false" medLocationTemplate="" locationSource="0" locationType="0" chassisIdSource="0" portIdSource="0" portIdTemplate="" enableStpHold="false" stpHoldTime="0"/>
		

Content and Attributes

LLDPProfile

name	The name of the LLDP Profile
adminStatus	The LLDP administrative status for the port. Valid values are: 0 = [Disabled] - Do not transmit LLDPDUs. Do not process received LLDPDUs. 1 = [Tx Only] - Transmit LLDPDUs. Do not process received LLDPDUs. 2 = [Rx Only] - Do not transmit LLDPDUs. Process received LLDP PDUs. 3 = [Enabled Tx and RX] - Transmit LLDP PDUs. Process received LLDPDUs.
lldpNotifyEnable	Enable(true)/Disable(false) peer notification of changes to standard TLVs.
portDesc	Enable(true)/Disable(false) sending the optional, standard TLV, "Port Description", in LLDP messages.
sysName	Enable(true)/Disable(false) sending the optional, standard TLV, "System Name", in LLDP messages.
sysDesc	Enable(true)/Disable(false) sending the optional, standard TLV, "System Description", in LLDP messages.
sysCap	Enable(true)/Disable(false) sending the optional, standard TLV, "System Capabilities", in LLDP messages.
mgmtAddress	Enable(true)/Disable(false) sending the optional, standard TLV, "Management Address", in LLDP messages.
portVlan	Enable(true)/Disable(false) sending the 802.1, organizationally specific TLV, "Port VLAN ID", in LLDP messages.
vlanName	Enable(true)/Disable(false) sending the 802.1, organizationally specific TLV, "VLAN Name", in LLDP messages.
protoVlan	Enable(true)/Disable(false) sending the 802.1, organizationally specific TLV, "Port And Protocol VLAN ID", in LLDP messages.
protocol	Enable(true)/Disable(false) sending the 802.1, organizationally specific TLV, "Protocol Identity", in LLDP messages.
macPhy	Enable(true)/Disable(false) sending the 802.3, organizationally specific TLV, "MAC/PHY Configuration/Status", in LLDP messages.
powerViaMDI	Enable(true)/Disable(false) sending the 802.3, organizationally specific TLV, "Power Via MDI", in LLDP messages.
linkAgg	Enable(true)/Disable(false) sending the 802.3, organizationally specific TLV, "Link Aggregation", in LLDP messages.
maxFrameSize	Enable(true)/Disable(false) sending the 802.3, organizationally specific TLV, "Maximum Frame Size", in LLDP messages.
medCapabilities	Enable(true)/Disable(false) sending the LLDP-MED TLV, "LLDP-MED Capabilities", in LLDP messages.
medNetworkPolicy	Enable(true)/Disable(false) sending the LLDP-MED TLV, "Network Policy", in LLDP messages.
medLocation	Enable(true)/Disable(false) sending the LLDP-MED TLV, "Location Identification", in LLDP messages.
medExtendedPSE	Enable(true)/Disable(false) sending the LLDP-MED TLV, "Extended Power via MDI (PSE)" [power supplying equipment], in LLDP messages.
medExtendedPD	Enable(true)/Disable(false) sending the LLDP-MED TLV, "Extended Power via MDI (PD)" [powered device], in LLDP messages.
medInventory	Enable(true)/Disable(false) sending the LLDP-MED TLVs, "Inventory Management" TLV in LLDP messages. This TLV set includes the hardware, firmware and software revisions as well as the serial number, manufacturer, model and asset ID.
medNotifyEnable	Enable(true)/Disable(false) peer notification of changes to LLDP-MED TLVs.
medLocationTemplate	The template used for the LLDP-MED TLV, "Location Identification" when the locationSource attribute is set to "Template". The value used for the template is dependent on the value of the locationType attribute: Civic Address - The template should evaluate to a civic address. It should be composed of civic address fields in the form: %CA-x¹%, %CA-x²%, -, %CA-x^N% where x is one of the civic address variables: CTRY - Country STA - State MCN - City STN - Street Name BLDG - Building HNO - House Number FLOOR - Floor in the Building ROOM - Room number in the Building LOC - Additional location information, i.e. South Wing NAM - Name ECS ELIN - The template should evaluate to an Emergency Call Service Emergency Location Identifier Number. This is a phone number that routes an emergency call to the local public safety answering point (PSAP) which can be use to call back the emergency caller. This is done by setting the portIdSource attribute in the <ELSLine> element to CID/AgentId and using the template value %PORT%.
locationSource	The source of the data used for the LLDP-MED TLV, "Location Identification", when included in LLDP messages. Valid values are: 0 = [Port AID] - the value specified in the aid attribute of the <ESLLine> element. 1 = [Port User Label] - the value specified in the userLabel attribute of the <ESLLine> element. 2 = [Port LLDP-MED Location] - the value specified in the lldpMedLocation attribute of the <ESLLine> element. 3 = [Template] - the value created by expanding the template stored in the medLocationTemplate attribute of this element.
locationType	The type of location provided in the LLDP-MED TLV, "Location Identification" when included in LLDP messages. Supported values are: 0 = [Unknown] - use if the location type is not any of the values defined below. 1 = [Coordinate Based] - use if the location specifies a logical location based on system components (i.e., TID, SLOT, PON, ONT, ...) 2 = [Civic Address] - use if the location specifies a Civic Address (i.e., CTRY (Country), STA (State), MCN (City), STN (Street Name), HNO (House Number), ...). 3 = [ECS-ELIN] - use if the location specifies an ECS-ELIN. An ECS-ELIN is an Emergency Call Service (ECS) location determined by the Emergency Location Identifier Number (ELIN).
chassisIdSource	The source to use for the value of the required, standard TLV, "Chassis ID". Supported values are: 1 = OLT User Label(TID)/Chassis 2 = Port User Label/ifAlias 3 = ONT User Label/Port 4 = MAC Address 5 = IP/Network Address 6 = Port AID/ifName
portIdSource	The source to use for the value of the required, standard TLV, "Port ID". Valid values are: 1 = Port User Label/ifAlias 2 = ONT User Label/Port 3 = MAC Address 4 = IP/Network Address 5 = Port AID/ifName 6 = CID/Agent Circuit ID 7 = Template/Local
portIdTemplate	The template to use for the required, standard TLV, "Port ID", when the port id source is set to "Template/Local". It supports the variables: %TID%,%SLOT%,%PON%,%ONT%,%PORT%,%AID%,%PORT-LABEL%,%ONT-LABEL%,%PON-LABEL%.
enableStpHold	Enable(true)/Disable(false) a delay in transmitting LLDP messages. If LLDP is configured to include voice VLAN information in the LLDP-MED "Network Policy" TLV, this delay allows a device the time to get its configuration from other sources (e.g., DHCP or 802.1x).
stpHoldTime	Specifies the time (in seconds) to delay sending LLDP messages. This value is only valid when enableStpHold is set to "true".

RADIUS Profile

The elements in this section store configuration data used to manage interaction with RADIUS and DAC (Daynamic Authorization Client) servers for authentication and policy enforcement for an Ethernet subscriber port.

<RadiusProfile> - the top level element; stores a sequence of one or more RADIUS servers (<RADIUSConfigInfo>) and a desciminator (<RADIUSDiscriminator>). The RADIUS servers form a cluster with one active server and up to three fail-over servers for redundancy. The descriminator is a set of rules used to determine which authentification requests to process.
<RADIUSConfigInfo> - stores the configuration data for a single RADIUS server. This data defines the location, protocol ports, credentials and role (RADIUS or NAS) of the server.
<RADIUSDiscriminator> - stores data used to filter an authentication request. It defines a set of MAC address matching rules used to evaluated the MAC in a request.

The <RadiusProfile> element is not contained directly by the <ESLLine> element. Instead, a list of <RadiusProfile> elements is contained by the <PAEProfile> element, which is contained by the <ESLLine> element.

[+] Show More

[-] Hide

RADIUS Servers, Authentication and Policy

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect to and use a network service. RADIUS is often the protocol used for 802.1X authentication. It can also be used in MAC Authentication Bypass (MAB) for devices that do not have an 802.1x supplicant installed.

In addition to authentication, a RADIUS server can provide specific TLVs to define customized network access and policy. This includes:

VLANs to be carried on a port
ACLs to apply to a port
A User Label to apply to a port
DHCP configuration for a port

The RADIUS configuration data, allows the OLT to work with stand alone RADIUS servers and Windows Policy Server using a RADIUS server backend. Additionally, the same configuration data allows the OLT to work with many of the policy management appliances deployed in today's networks (Cisco ISE, Aruba ClearPass, ForeScout CounterACT, etc). These appliances all implement a Policy Server that uses a RADIUS server backend. The same RADIUS configuration data can be used with these Policy Engines to enable advanced policy features including:

Profiling - identifing a device and assigning it a role so appropriate profiles are applied upon reauthentication
Posturing - checking device health before granting it full access to the network
Web Auth / Self Registration - redirecting all web session requests, forcing the user to perform a Web Login to gain access.
Guest MAC Auth Service - granting limited access to Guest users and devices for a configured duration.
Guest Web Auth Service - using web authentication to allow Guest users to create an account to gain limited access for a configured duration.
Change of Authorization (COA) - using an extension to the RADIUS protocol to allow policy changes and force re-authentication.

Change of Authorization (CoA) and Dynamic Authorization Client (DAC)

Definitions

Network Access Server (NAS) - The device providing access to the network.
Dynamic Authorization Extensions (DAE) - A RADIUS extension that provides two new messages (Change-of-Authorization and Disconnect) that can be sent, unsolicited, to the NAS.
Dynamic Authorization Client (DAC) - The entity originating Change of Authorization (CoA) Requests or Disconnect-Requests. It is common, but not necessary for the DAC to be co-resident with the RADIUS authentication server.
Dynamic Authorization Server (DAS) - The entity receiving CoA-Request or Disconnect-Request packets. The DAS may be a NAS or a RADIUS proxy.

Discussion

The RADIUS protocol, defined in [RFC2865], does not support unsolicited messages sent from the RADIUS server to the Network Access Server (NAS). However, there are instances in which it is desirable for session changes to be made, without requiring the NAS to initiate the exchange. For example:

If the user changes authorization level, it may require that authorization attributes be added/deleted from the user session.
It may be desirable for administrators to be able to terminate user session(s) in progress.

To overcome this limitation, several vendors have implemented additional RADIUS commands to enable unsolicited messages to be sent to the NAS. An extension to RADIUS called Dynamic Authorization Extensions (DAE) to RADIUS [RFC5176] documents these changes, but does not specify them as a standard. DAE supplies two additional Radius messages:

Change-of-Authorization (CoA): used to modify an already-authenticated session
Disconnect (DM): used to disconnect an already-authenticated session

To accommodate DAE and its incorporation into many Policy Engines (ISE/Clearpass/Forescout, etc.), the RADIUS Profile has been versioned to provide storage for a second cluster of RADIUS servers. These servers are DAC servers used to originate CoA and DM messages. Typically, these entries will be the same Policy Engine addresses entered in the RADIUS server cluster (so they should be in the same order). There is also a new attribute to store the UDP port used for DAC server communications (defaulted to 3799).

Definition

	
			RadiusProfile  <xs:element name="RadiusProfile" type="ems:RadiusProfile" /> <xs:complexType name="RadiusProfile"> <xs:sequence> <xs:element name="discriminator" type="ems:RADIUSDiscriminator" /> <xs:element name="radiusConfigInfolist" type="ems:RADIUSConfigInfo" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="redundancymode" type="xs:int" use="required" /> </xs:complexType>  RADIUSDiscriminator  <xs:element name="RADIUSDiscriminator" type="ems:RADIUSDiscriminator" /> <xs:complexType name="RADIUSDiscriminator"> <xs:sequence> <xs:element name="aidSelectorList" type="ems:AIDSelector" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="ouiMacDiscriminator" type="ems:SourceMACR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  RADIUSConfigInfo  <xs:element name="RADIUSConfigInfo" type="ems:RADIUSConfigInfo" /> <xs:complexType name="RADIUSConfigInfo"> <xs:attribute name="ipAddress" type="xs:string" use="required" /> <xs:attribute name="nasUDPPort" type="xs:int" use="required" /> <xs:attribute name="serverUDPPort" type="xs:int" use="required" /> <xs:attribute name="daeUDPPort" type="xs:int" use="required" /> <xs:attribute name="sharedKey" type="xs:base64Binary" use="required" /> <xs:attribute name="eventTimeStampWindow" type="xs:int" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="daeAdminState" type="ems:AdminState" use="required" /> </xs:complexType>
		

Example

	
			<ems:RadiusProfile redundancymode="0" name="sdb_test"> <ems:discriminator> <ems:ouiMacDiscriminator macMaskNumBits="24" address="00:40:40:00:00:00"/> <ems:ouiMacDiscriminator macMaskNumBits="24" address="00:40:00:00:00:00"/> <ems:ouiMacDiscriminator macMaskNumBits="24" address="00:01:23:00:00:00"/> <ems:ouiMacDiscriminator macMaskNumBits="24" address="00:c1:d1:00:00:00"/> </ems:discriminator> <ems:radiusConfigInfolist sharedKey="ZTZjMmFkMjhlNGFiYzRiN==" serverUDPPort="1812" nasUDPPort="1812" ipAddress="172.28.6.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eLOCKED" adminState="eUNLOCKED"/> <ems:radiusConfigInfolist sharedKey="ZTZjMmFkMjhlNGFiYzRiN==" serverUDPPort="3799" nasUDPPort="1812" ipAddress="172.28.6.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eUNLOCKED" adminState="eLOCKED"/> <ems:radiusConfigInfolist sharedKey="Nzc1ZDczNjg3MjdmOTFkYj=" serverUDPPort="1812" nasUDPPort="1812" ipAddress="172.28.7.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eLOCKED" adminState="eUNLOCKED"/> <ems:radiusConfigInfolist sharedKey="Nzc1ZDczNjg3MjdmOTFkYj=" serverUDPPort="3799" nasUDPPort="1812" ipAddress="172.28.7.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eUNLOCKED" adminState="eLOCKED"/> <ems:radiusConfigInfolist sharedKey="NyYTNiYjk0BmTg3MMjdmd==" serverUDPPort="1812" nasUDPPort="1812" ipAddress="172.28.8.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eLOCKED" adminState="eUNLOCKED"/> <ems:radiusConfigInfolist sharedKey="NyYTNiYjk0BmTg3MMjdmd==" serverUDPPort="3799" nasUDPPort="1812" ipAddress="172.28.8.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eUNLOCKED" adminState="eLOCKED"/> <ems:radiusConfigInfolist sharedKey="yYTNiYjk0MTUmYTg3MjdmO=" serverUDPPort="1812" nasUDPPort="1812" ipAddress="172.28.9.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eLOCKED" adminState="eUNLOCKED"/> <ems:radiusConfigInfolist sharedKey="yYTNiYjk0MTUmYTg3MjdmO=" serverUDPPort="3799" nasUDPPort="1812" ipAddress="172.28.9.99" eventTimeStampWindow="0" daeUDPPort="3799" daeAdminState="eUNLOCKED" adminState="eLOCKED"/> </ems:RadiusProfile>
		

Content and Attributes

RadiusProfile

<discriminator>	<RADIUSDiscriminator>
<radiusConfigInfolist>	<RADIUSConfigInfo> list ^[0-N]
name	The unique name of this profile.
redundancymode	The redundany mode of the RADIUS servers defined in <radiusConfigInfolist>. This attribute exists because the configuration model was designed to accommodate an implentation where the RADIUS servers in the cluster could load share in a round-robin fashion. Currently the implementation supports only fail-over redundancy. The only valid value for this attribute is "0" (FailOver).

RADIUSDiscriminator

<aidSelectorList>	* Deprecated *
<ouiMacDiscriminator>	<SourceMAC> list ^[0-N] - list of SourceMAC elements for filtering authentication requests. See definition in the Common Elements section. If the MAC Address in a recieved authentication request matches one of the filters, the OLT will forward the request to the active RADIUS server in <radiusConfigInfolist> contained by the <RadiusProfile> element.

RADIUSConfigInfo

ipAddress	The IP address or Host name of this RADIUS server.
nasUDPPort	The UDP port used in NAS (Network Access Server) communications (default = "1812"). Change of Authentication (CoA) functionality requires an extention to the RADIUS protocol. As a result, a RADIUS server may act as a NAS server which implements the RADIUS Dynamic Authorization Extensions (DAE). The values stored in the adminState and daeAdminState attributes determine the role of the server.
serverUDPPort	The UDP port used in RADIUS communications (default = "3799").
daeUDPPort	The UDP port used in DAE (Dynamic Authorization Extensions) communications (default = "3799"). Change of Authentication (CoA) functionality requires an extention to the RADIUS protocol. As a result, a RADIUS server may act as a NAS server which implements the RADIUS Dynamic Authorization Extensions (DAE). The values stored in the adminState and daeAdminState attributes determine the role of the server.
sharedKey	A key term or phrase shared by the OLT and RADIUS server. Any printable character is allowed and the key can be any length. This value is the Base64 representation of the encrypted key.
eventTimeStampWindow	A time (in seconds) used by DAE for synchronization. Change of Authentication (CoA) functionality requires an extention to the RADIUS protocol. As a result, a RADIUS server may act as a NAS server which implements the RADIUS Dynamic Authorization Extensions (DAE). The values stored in the adminState and daeAdminState attributes determine the role of the server. If the RADIUS server is defined as a NAS server, a NAS message, must be recieved within this synchronization window to be processed. The default value is "300".
adminState	See the definition in the Simple Types Dictionary section of this document. Change of Authentication (CoA) functionality requires an extention to the RADIUS protocol. As a result, a RADIUS server may act as a NAS server which implements the RADIUS Dynamic Authorization Extensions (DAE). This attribute, in conjunction with the daeAdminState attribute, determines the role of the server. If this attribute is set to "eLOCKED", it is defined as a NAS server. If set to "eUNLOCKED", it is defined as a RADIUS server.
daeAdminState	See the definition in the Simple Types Dictionary section of this document. Change of Authentication (CoA) functionality requires an extention to the RADIUS protocol. As a result, a RADIUS server may act as a NAS server which implements the RADIUS Dynamic Authorization Extensions (DAE). This attribute, in conjunction with the adminState attribute, determines the role of the server. If this attribute is set to "eLOCKED", it is defined as a RADIUS server. If set to "eUNLOCKED", it is defined as a NAS server.

VoIP Line

The elements in this section store the configuration data to support Voice over IP (VoIP) on VoIP capable Ethernet ports.

<VOIPLine> - The top level element for VoIP configuration data. A seperate element for each VoIP capable ethernet port is defined in the XML interface. Only specific ONTs support VoIP lines. If a VoIP connection is not provisioned for a VoIP capable port, the element will be present in the interface, but it will be empty and its attributes will be set to the default value.

<SIPAgentProfile> - Stores configuration data used to allow the SIP agent to work with a SIP server in managing VoIP calls. A reference to a SIPAgentProfile (by name) is stored in the VOIPLine element.

<SIPDialPlan> - Stores configuration data that defines a SIP Dial plan used for VoIP calls. It establishes the permitted sequences of digits dialed on subscriber lines or on subscriber premises equipment. A reference to a SIPDialPlan (by name) is stored in the VOIPLine element.

Definition

	
			VOIPLine  <xs:element name="VOIPLineR3" type="ems:VOIPLineR3" /> <xs:complexType name="VOIPLineR3">  The greyed out elements in the sequence below are deprecated. <xs:sequence> <xs:element name="supportedCardGroupType" type="ems:SupportedCardGroupType" /> <xs:element name="gsfn" type="ems:GSFNValue" /> <xs:element name="scu1Config" type="ems:SCU1CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu41Config" type="ems:SCU41CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu4Config" type="ems:SCU4CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu3Config" type="ems:SCU3CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu52Config" type="ems:SCU52CardGroupLineAttr" minOccurs="0" /> <xs:element name="dcu37Config" type="ems:DCU37CardGroupLineAttr" minOccurs="0" /> <xs:element name="dcu33Config" type="ems:DCU33CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu13Config" type="ems:SCU13CardGroupLineAttr" minOccurs="0" /> <xs:element name="scu57Config" type="ems:SCU57CardGroupLineAttrR1" minOccurs="0" /> <xs:element name="potsConfig" type="ems:POTSCardGroupLineAttr" minOccurs="0" /> </xs:sequence> <xs:attribute name="aid" type="xs:string" use="required" /> <xs:attribute name="adminstate" type="ems:AdminState" use="required" /> <xs:attribute name="agentprofilename" type="xs:string" use="required" /> <xs:attribute name="dialplanname" type="xs:string" use="required" /> <xs:attribute name="useraor" type="xs:string" use="required" /> <xs:attribute name="displayname" type="xs:string" use="required" /> <xs:attribute name="username" type="xs:string" use="required" /> <xs:attribute name="userpasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="nailedup" type="xs:boolean" use="required" /> <xs:attribute name="echocancellation" type="xs:boolean" use="required" /> <xs:attribute name="comfortnoisegeneration" type="xs:boolean" use="required" /> <xs:attribute name="silencesuppression" type="xs:boolean" use="required" /> <xs:attribute name="rxgain" type="xs:int" use="required" /> <xs:attribute name="txgain" type="xs:int" use="required" /> </xs:complexType>  SIPAgentProfile  <xs:element name="SIPAgentProfileR1" type="ems:SIPAgentProfileR1" /> <xs:complexType name="SIPAgentProfileR1"> <xs:attribute name="profileName" type="xs:string" use="required" /> <xs:attribute name="regexptime" type="xs:int" use="required" /> <xs:attribute name="reghdstrtTime" type="xs:int" use="required" /> <xs:attribute name="retryTimeout" type="xs:int" use="required" /> <xs:attribute name="retryAttempt" type="xs:int" use="required" /> <xs:attribute name="proxysrvr" type="xs:string" use="required" /> <xs:attribute name="hostparturi" type="xs:string" use="required" /> <xs:attribute name="registrar" type="xs:string" use="required" /> <xs:attribute name="registrarPort" type="xs:int" use="required" /> <xs:attribute name="sftSwitchType" type="xs:int" use="required" /> <xs:attribute name="userName" type="xs:string" use="required" /> <xs:attribute name="userPasswd" type="xs:base64Binary" use="required" /> </xs:complexType>  SIPDialPlan  <xs:element name="SIPDialPlan" type="ems:SIPDialPlan" /> <xs:complexType name="SIPDialPlan"> <xs:attribute name="planname" type="xs:string" use="required" /> <xs:attribute name="criticaldialtimeout" type="xs:int" use="required" /> <xs:attribute name="partialdialtimeout" type="xs:int" use="required" /> <xs:attribute name="digitmapexp" type="xs:string" use="required" /> </xs:complexType>
		

Example

	
			<ems:VOIPLineR3 agentprofilename="" dialplanname="" userpasswd="" useraor="" username="" txgain="-20" rxgain="-40" silencesuppression="true" comfortnoisegeneration="true" echocancellation="true" nailedup="false" displayname="" adminstate="eLOCKED" aid="CS1-4-1-1-1"> <ems:supportedCardGroupType>eSG_SFU_R2</ems:supportedCardGroupType> <ems:gsfn>e2LS</ems:gsfn> </ems:VOIPLineR3>
		

Content and Attributes

VOIPLine

<supportedCardGroupType>	<SupportedCardGroupType> - See definition in the Simple Types Dictionary section of this document.
<gsfn>	<GSFNValue> - See definition in the Simple Types Dictionary section of this document.
aid	The Access Identifier (AID) of the VoIP line, in the format CS1-w-x-y-z, where: w = MDS slot (1-16, dependent on shelf type) x = IO port (1-4 for QOIU7 / 1-8 for OIU8) y = ONT ID (1-32 for GPON port / 1-64 for XGPON port) z = VoIP port (1-24, dependent on ONT type)
adminstate	The administrative state of the VoIP connection <AdminState> See definition in the Simple Types Dictionary section of this document. The default value is "eLOCKED".
agentprofilename	The name of the SIP Agent profile (<SIPAgentProfile>) used by this VoIP line. The default value is blank ("").
dialplanname	The name of the SIP Dial Plan (<SIPDialPlan>) used by this VoIP line. The default value is blank ("").
useraor	The SIP Address-of-Record (AOR) for the line. The AOR is the SIP Uniform Resource Identifier (URI) that represents the public identity of the line. It is coordinated with the value configured on the softswitch. The AOR points to a domain with a location service that can map the URI to another URI where the user might be available. Typically, the location service is populated through the SIP Registration process. The AOR often contains the line Directory Number (DN) but it is not required. The following is an example of a SIP AOR: Format: sip:<phone number>@<switch IP address or hostname> Example sip:8175551234@provider.com The default value is blank ("").
displayname	DEFINITION OF ATTRIBUTE AND LIST OF VALID VALUES The default value is blank ("").
username	The username used in SIP authentication. If the softswitch has authentication enabled, it may challenge the initiator to authenticate. This attribute is included in the authentication digest. The default value is blank ("").
userpasswd	The DES encrypted password used in SIP authentication. If the softswitch has authentication enabled, it may challenge the initiator to authenticate. This attribute is included in the authentication digest. The default value is blank ("").
nailedup	Create (true-default) / Do Not Create (false) a persistent, "nailed-up" connection between the SIP server and agent. This allows the agent to handle multiple interactions without dropping the connection to the server. Nailed-up connections are often used by agents using a legacy PSTN phone or connected to a 3rd party PBX though a gateway or SIP trunk.
echocancellation	Enable (true-default) / Disable (false) application of echo cancellation algorithm.
comfortnoisegeneration	Enable (true-default) / Disable (false) generation of comfort noise during periods of silence suppression (see silencesuppression attribute). Comfort noise makes a VoIP call feel more like a traditional POTS call.
silencesuppression	Enable (true-default) / Disable (false) silence suppression during a VoIP call. Silence suppression reduces bandwith usage by not transmitting data when one of the parties is not speaking. If silence suppression is enabled, comfort noise should be generated, during periods of silence, to make the call seem more natural. The use of comfort noise generation is determined by the comfortnoisegeneration attribute value.
rxgain	This attribute provides a gain value (in dB) for the received signal. The gain is used to maintain a suitable signal amplitude, despite input amplitude variation. This attribute applies only to ONTs that are configured to use Voice Gateway for voice services. The receive gain can range from -12dB to +6dB in 0.1dB increments. This translates to supported values in the range of -120 (-12.0dB) to 60 (+6.0dB). The default value is -40 (-4.0dB).
txgain	This attribute provides a gain value (in dB) for the transmit signal. The gain is used to maintain a suitable signal amplitude, despite input amplitude variation. This attribute applies only to ONTs that are configured to use Voice Gateway for voice services. The transmit gain can range from -12dB to +6dB in 0.1dB increments. This translates to supported values in the range of -120 (-12.0dB) to 60 (+6.0dB). The default value is -20 (-2.0dB).

SIPAgentProfile

profileName	The unique name of this profile
regexptime	The time (in seconds) proposed by the agent as the duration of a SIP line registration. This value is included in the header of a REGISTER request sent from the agent to the server. The registration will expire if a new REGISTER request is not sent for the line within this time.
reghdstrtTime	The time (in seconds) prior to registration expiration, when the agent will attempt to re-register the line.
retryTimeout	The time (in seconds) between registration retries after a failed registration. Supported values range from 0 - 65535. When set to 0, the agent does not retry registration.
retryAttempt	The number of failed line registrations the agent will tolerate before giving up.
proxysrvr	The Address of the SIP Proxy Server. The SIP proxy server is the initial point of entry for SIP messages that flow into and out of the enterprise. The SIP proxy acts as a surrogate for SIP application servers within the enterprise. It is also responsible for establishing outbound connections to remote domains on behalf of SIP clients that reside within the proxy domain.
hostparturi	DEFINITION OF ATTRIBUTE AND LIST OF VALID VALUES
registrar	The URI for the SIP Registrar Server. A registrar is a server that accepts REGISTER requests and places the information contained in them into the location service for the domain it handles. Syntax: [user]@[host] In the case of a Registrar URI, the user portion is usually not present and instead only the domain name that the Registrar serves is present: Example: provider.com:5060
registrarPort	The port used for messages sent to the SIP Registrar Server. The default value is 5060.
sftSwitchType	The type of the soft switch used by the SIP Agent for this profile. Supported values are: 1 = BroadSoft 2 = Voice Gateway 3 = Central Office Terminal 4 = Subscriber 5 = Softswitch
userName	The username usid in SIP authentication. If the softswitch has authentication enabled, it may challenge the initiator to authenticate. This attribute is included in the authentication digest.
userPasswd	The DES encrypted password used in SIP authentication. If the softswitch has authentication enabled, it may challenge the initiator to authenticate. This attribute is included in the authentication digest.

SIPDialPlan

planname	The name of this SIP Dial Plan.
criticaldialtimeout	The time (in seconds) allowed between digits on "incomplete entries". This value applies as long as the dialed digits do not match any digit sequences in the dial plan. Unless the user enters another digit within this time period, the entry is evaluated as incomplete, and the call is rejected.
partialdialtimeout	The time (in seconds) allowed between digits on "complete entries". This value applies when the dialed digits match at least one digit sequence in the dial plan. Unless the user enters another digit within this time period, the entry is evaluated. If it is valid, the call proceeds. If it is invalid, the call is rejected.
digitmapexp	The Dial Plan Digit-Map. A dial plan digit-map, establishes the permitted sequences of digits dialed on subscriber lines or on subscriber premises equipment. The syntax of the digit map is described by the DigitMap rule in the formal description of the protocol (RFC-2705). A Digit-Map, according to this syntax, is defined either by a string or list of strings. Each string is an alternative numbering scheme, specified either as a set of digits, timers, or a regular expression.

Templates

Templates are a collection of data used to automatically configure newly discovered network devices and components. Templates are not configuration data, but, rather, data used to generate configuration data. Templates can be used to provide plug-and-play capability. They do this though automatic configuration of newly detected ONTs and Ethernet ports.

Templates do not affect pre-existing or manually over-ridden configuration. They are applied to new components only when enabled and only when relevant.

This section discusses the elements used to store the template data.

Ethernet Port

Ethernet ports can be automatically configured using templates. This funtionality is triggered when auto-configuration is enabled and a new Ethernet port is "detected". This feature uses filter matching elements (<AIDSelector>) to select and catagorize the ports. It then uses rule (<CreationRule>) and profile (<CreationProfile>) elements to apply the appropriate configuration.

This section discusses the elements that store the template data used to configure Ethernet ports.

Definition

CreationProfile <xs:element name="CreationProfileR1" type="ems:CreationProfileR1" /> <xs:complexType name="CreationProfileR1"> <xs:sequence> <xs:element name="rules" type="ems:CreationRuleR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> </xs:complexType> CreationRule <xs:element name="CreationRuleR1" type="ems:CreationRuleR1" /> <xs:complexType name="CreationRuleR1"> <xs:sequence> <xs:element name="aidSelector" type="ems:AIDSelector" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="eslInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="bridgeInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="lldpInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="nacInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="paeInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="poeInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="rstpInitialProfileName" type="xs:string" use="required" /> <xs:attribute name="igmpInitialProfileName" type="xs:string" use="required" /> </xs:complexType>

Example

	
			<ems:CreationProfileR1 name="DMW-1150-125-56-ONT205"> <ems:rules adminState="eUNLOCKED" eslInitialProfileName="DMW-Corp-Long-Hold-Time" igmpInitialProfileName="default" rstpInitialProfileName="DMW-CORP-RSTP-ENABLED" poeInitialProfileName="DMW-CORP-PoE-Enabled-No-Touchy" paeInitialProfileName="CORP-PAE-Enabled" nacInitialProfileName="DMW-Cisco-DV-MAB-PAE-FID" lldpInitialProfileName="Corporate-LLDP-Phone" bridgeInitialProfileName=""> <ems:aidSelector rulePriority="0" count="32" groupType="84" aidFirst="ETH1-10-3-*-*"/> </ems:rules> <ems:rules adminState="eUNLOCKED" eslInitialProfileName="DMW-Corp-Long-Hold-Time" igmpInitialProfileName="default" rstpInitialProfileName="DMW-CORP-RSTP-ENABLED" poeInitialProfileName="DMW-CORP-PoE-Enabled-No-Touchy" paeInitialProfileName="CORP-PAE-Enabled" nacInitialProfileName="DMW-Cisco-DV-MAB-PAE-FID" lldpInitialProfileName="Corporate-LLDP-Phone" bridgeInitialProfileName=""> <ems:aidSelector rulePriority="0" count="4" groupType="76" aidFirst="ETH1-10-1-*-*"/> </ems:rules> </ems:CreationProfileR1>  Default Creation Profile - (Name is "default" and No Rules)  <ems:CreationProfileR1 name="default">
		

Content and Attributes

CreationProfile

<rules>	<CreationRule> list ^[0-N]
name	A string that uniquely identifies the creation rule.

CreationRule

<aidSelector>	<AIDSelector> - This is a filter matching object used to determine if the rule should be applied to a specific Ethernet port. See definition in the Common Elements section.
adminState	<AdminState> - Specifies if the rule can be applied. See definition in the Simple Types Dictionary
eslInitialProfileName	The name of the <ESLProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked..
bridgeInitialProfileName	* Deprecated * use the value blank ("")
lldpInitialProfileName	The name of the <LLDPProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.
nacInitialProfileName	The name of the <NACProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.
paeInitialProfileName	The name of the <PAEProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.
poeInitialProfileName	The name of the <POEProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.
rstpInitialProfileName	The name of the <RSTPProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.
igmpInitialProfileName	The name of the <IGMPProfile> to apply to the port. The profile is applied only if the port matches the aidSelector element and the adminState attribute is set to eUnlocked.

ONT

ONTs can be automatically configured using templates. This funtionality is triggered when auto-configuration is enabled and a new ONT is detected. This feature uses template (<CircuitPackTemplate>), rule (<CircuitPackTemplateRule>), and configuration (<ONTGenericCircuitPackConfig>) elements to selectively and automatically apply the appropriate configuration.

This section discusses the elements that store the template data used to configure ONTs.

Definition

	
			CircuitPackTemplate  <xs:element name="CircuitPackTemplate" type="ems:CircuitPackTemplate" /> <xs:complexType name="CircuitPackTemplate"> <xs:sequence> <xs:element name="rules" type="ems:CircuitPackTemplateRule" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> </xs:complexType>  CircuitPackTemplateRule  <xs:element name="CircuitPackTemplateRule" type="ems:CircuitPackTemplateRule" /> <xs:complexType name="CircuitPackTemplateRule">  The greyed out elements in the sequence below are deprecated.  <xs:sequence> <xs:element name="initialProfileAssignment" type="ems:EquipmentProfileAssignment" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="supportedCardGroupType" type="ems:SupportedCardGroupType" /> <xs:element name="nccConfig" type="ems:NCCCircuitPackConfigR2" minOccurs="0" /> <xs:element name="nvcConfig" type="ems:NVCCircuitPackConfigR2" minOccurs="0" /> <xs:element name="ontConfig" type="ems:ONTCircuitPackConfigR3" /> <xs:element name="diuConfig" type="ems:DIUCircuitPackConfigR1" minOccurs="0" /> <xs:element name="tduConfig" type="ems:TDUCircuitPackConfigR1" minOccurs="0" /> <xs:element name="amuConfig" type="ems:AMUCircuitPackConfig" minOccurs="0" /> <xs:element name="bbcConfig" type="ems:BBCCircuitPackConfig" minOccurs="0" /> <xs:element name="ndcConfig" type="ems:NDCCircuitPackConfig" minOccurs="0" /> <xs:element name="sfu000Config" type="ems:SFU000CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu010Config" type="ems:SFU010CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu210RFConfig" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu211Config" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu240ETSIConfig" type="ems:ONTCircuitPackConfigR3" minOccurs="0" /> <xs:element name="sfu240ETSINORFConfig" type="ems:SFU210ETSINORFCircuitPackConfigR2" minOccurs="0" /> <xs:element name="sfu729Config" type="ems:ONTGenericCircuitPackConfigR2" minOccurs="0" /> <xs:element name="sfu120Config" type="ems:ONTGenericCircuitPackConfigR2" minOccurs="0" /> <xs:element name="bbc7Config" type="ems:BBC7CircuitPackConfig" minOccurs="0" /> <xs:element name="esu30Config" type="ems:ESU30CircuitPackConfigR1" minOccurs="0" /> <xs:element name="nmcConfig" type="ems:NMCCircuitPackConfigR1" minOccurs="0" /> <xs:element name="sfu040Config" type="ems:SFU040CircuitPackConfigR2" minOccurs="0" /> <xs:element name="onu812Config" type="ems:ONU812CircuitPackConfig" minOccurs="0" /> <xs:element name="sfu2402ETSIConfig" type="ems:SFU2402ETSICircuitPackConfig" minOccurs="0" /> </xs:sequence> <xs:attribute name="initialAdminState" type="ems:AdminState" use="required" /> </xs:complexType>
		

Content and Attributes

Example

	
			<ems:CircuitPackTemplate name="FF-Template-140"> <ems:rules initialAdminState="eUNLOCKED"> <ems:initialProfileAssignment profileType="2" profileName="default"/> <ems:supportedCardGroupType>eSG_SFU120</ems:supportedCardGroupType> <ems:sfu120Config ledHoldTime="0" rangeFailWaitTimePOTS="12" forcedStopMode="false" configLock="false" ontId="" registrationId="" serialNum=""> <ems:hostConf ipAssignmentMode="0" arcMode="true" userpasswd="" username="" voicectrlPersonality="0" deviceId=""> <ems:sipConf prot802_1p="6" cfi="1" vlanid="2" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> <ems:rtpConf prot802_1p="6" cfi="1" vlanid="2" dnssecondary="0.0.0.0" dnsprimary="0.0.0.0" gatewayip="0.0.0.0" gatewaymask="0.0.0.0" ipaddress="0.0.0.0"/> </ems:hostConf> <ems:powerShedding videoOverlaySheddingInterval="0" pwrRestoreTimerResetInterval="0" dataSheddingInterval="0"/> <ems:poeConfig externalBBUPowerAvailable="0" poeUsageThreshold="99" externalPowerAvailable="30" arcMode="false"/> <ems:rfCfg arcMode="false" overloadThreshold="5" degradedThreshold="-19" acRestoreWaitTime="0" acFailWaitTime="0" rangeFailWaitTime="48" agcSetting="-4" adminState="eLOCKED"/> </ems:sfu120Config> </ems:rules> ... </ems:CircuitPackTemplate>name="default">
		

CircuitPackTemplate

<rules>	<CircuitPackTemplateRule> list ^[0-N]
name	A string that uniquely identifies the template.

CircuitPackTemplateRule

<initialProfileAssignment>	<EquipmentProfileAssignment> list ^[0-N] - See definition in the Common Elements section.
<supportedCardGroupType>	<SupportedCardGroupType> - See definition in the Simple Types Dictionary
<ontConfig>	<ONTCircuitPackConfig> - See definition in the Equipment section.
<sfu240ETSIConfig>	<ONTCircuitPackConfig> - See definition in the Equipment section.
<sfu240ETSINORFConfig>	<SFU210ETSINORFCircuitPackConfig> - See definition in the Equipment section.
<sfu729Config>	<ONTGenericCircuitPackConfig> - See definition in the Equipment section.
<sfu120Config>	<ONTGenericCircuitPackConfig> - See definition in the Equipment section.
<sfu040Config>	<SFU040CircuitPackConfig> - See definition in the Equipment section.
<initialAdminState>	See definition in the Simple Types Dictionary

SNMP

Simple Network Management Protocol (SNMP) is a protocol used in network management to monitor and manage network devices. SNMP provides access to the system status and configuration data stored in supported management information bases (MIBs). Configuration data for the OLT SNMP agent is stored in the XML elements discussed in this section.

Definition

	
			SNMPConf  <xs:element name="SNMPConfR1" type="ems:SNMPConfR1" /> <xs:complexType name="SNMPConfR1"> <xs:sequence> <xs:element name="snmpEngineId" type="ems:SNMPEngine" minOccurs="0" /> <xs:element name="snmpUser" type="ems:SNMPUser" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="targetParam" type="ems:SNMPTargetParam" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="trapHost" type="ems:SNMPTrapHostR1" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType>  SNMPEngine  <xs:element name="SNMPEngine" type="ems:SNMPEngine" /> <xs:complexType name="SNMPEngine"> <xs:attribute name="formatOctet" type="xs:base64Binary" use="required" /> <xs:attribute name="engineIDFormatSpecific" type="xs:base64Binary" use="required" /> </xs:complexType>  SNMPUser  <xs:element name="SNMPUser" type="ems:SNMPUser" /> <xs:complexType name="SNMPUser"> <xs:attribute name="snmpCommStr" type="xs:string" use="required" /> <xs:attribute name="securityName" type="xs:string" use="required" /> <xs:attribute name="securityModel" type="xs:int" use="required" /> <xs:attribute name="securityLevel" type="xs:int" use="required" /> <xs:attribute name="privProtocol" type="xs:int" use="required" /> <xs:attribute name="authProtocol" type="xs:int" use="required" /> <xs:attribute name="authpasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="privpasswd" type="xs:base64Binary" use="required" /> <xs:attribute name="publicSNMP" type="xs:string" use="required" /> </xs:complexType>  SNMPTargetParam  <xs:element name="SNMPTargetParam" type="ems:SNMPTargetParam" /> <xs:complexType name="SNMPTargetParam"> <xs:attribute name="mpModel" type="xs:int" use="required" /> <xs:attribute name="securityName" type="xs:string" use="required" /> <xs:attribute name="paramName" type="xs:string" use="required" /> <xs:attribute name="storeType" type="xs:int" use="required" /> </xs:complexType>  SNMPTrapHost  <xs:element name="SNMPTrapHostR1" type="ems:SNMPTrapHostR1" /> <xs:complexType name="SNMPTrapHostR1"> <xs:attribute name="trapHostName" type="xs:string" use="required" /> <xs:attribute name="trapHostPort" type="xs:int" use="required" /> <xs:attribute name="addressName" type="xs:string" use="required" /> <xs:attribute name="tdomain" type="xs:string" use="required" /> <xs:attribute name="timeout" type="xs:int" use="required" /> <xs:attribute name="retrycount" type="xs:int" use="required" /> <xs:attribute name="taglist" type="xs:string" use="required" /> <xs:attribute name="trapType" type="xs:int" use="required" /> <xs:attribute name="paramName" type="xs:string" use="required" /> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> </xs:complexType>
		

Example

	
			<ems:SNMPConfR1> <ems:snmpEngineId engineIDFormatSpecific="Ny4xMy45Ni4xMDc=" formatOctet="AQ=="/> <ems:snmpUser securityModel="3" securityLevel="1" privProtocol="1" authProtocol="1" publicSNMP="admins" securityName="TrafficCop" snmpCommStr="gp0nr0ck$" privpasswd="" authpasswd=""/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="TLTC1"/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="TLTC2"/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="PAIN1"/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="PAIN2"/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="MELA1"/> <ems:targetParam securityName="gp0nr0ck$" storeType="1" mpModel="2" paramName="MELA2"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="MELA1" addressName="172.28.138.143" trapHostName="MELA1"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="MELA2" addressName="172.28.138.144" trapHostName="MELA2"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="PAIN1" addressName="172.28.139.238" trapHostName="PAIN1"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="PAIN2" addressName="172.28.139.239" trapHostName="PAIN2"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="TLTC1" addressName="172.28.140.166" trapHostName="TLTC1"/> <ems:trapHost adminState="eLOCKED" trapType="2" trapHostPort="162" tdomain="" taglist="" timeout="30" retrycount="3" paramName="TLTC2" addressName="172.28.140.167" trapHostName="TLTC2"/> </ems:SNMPConfR1>
		

Content and Attributes

SNMPConf

<snmpEngineId>	<SNMPEngine> list ^[0-1]
<snmpUser>	<SNMPUser> list ^[0-N]
<targetParam>	<SNMPTargetParam> list ^[0-N]
<trapHost>	<SNMPTrapHost> list ^[0-N]

SNMPEngine

formatOctet

This attribute is the value for the fifth octet of the snmpEngineID as defined in the IETF document; RFC-3411 (An Architecture for Describing Simple Network Management Protocol Management Frameworks). Per the standard, the value of this octet dictates the format of the remaining octets in the ID. This attribute is a Base64 encoded string representation of the hex value defined by the standard. The following values are supported:

"AQ==" (1) - indicates the remaining octets in the engine ID should be treated as an IPv4 address (4 octets). Use this value if using the OLT IP address as the unique identifier for the SNMP Engine, and the address is IPv4.
"Mg==" (2) - indicates the remaining octets in the engine ID should be treated as an IPv6 address (16 octets). Use this value if using the OLT IP address as the unique identifier for the SNMP Engine, and the address is IPv6.
"BA==" (4) - indicates the remaining octets in the engine ID should be treated as an administratively assigned string (max 27 octets). Use this value if using a customized string as the unique identifier for the SNMP Engine.

engineIDFormatSpecific

The format specific portion of the Engine ID, determined by the formatOctet attribute. This attribute is a Base64 encoded representation of the string used to uniquely identify the OLT SNMP Engine. Once you have determined the Engine ID string, you can use an online site to convert it from a string to the Base64 representation.

The following examples illustrate valid values based on example Engine IDs:

OLT IPv4 Address [ formatOctet: "AQ==" (1) ]:

- given the IP Address: 172.28.152.202

- use the value: "MTcyLjI4LjE1Mi4yMDI="
OLT IPv6 Address [ formatOctet: "Mg==" (2) ]:

- given the IP Address: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

- use the value: "MjAwMTowZGI4Ojg1YTM6MDAwMDowMDAwOjhhMmU6MDM3MDo3MzM0="
User Defined String [ formatOctet: "BA==" (4) ]:

- given the ID string: "SDBTest"

- use the value: "MTcyLjI4LjE1Mi4yMDI="

SNMPUser

snmpCommStr	The community string used for authentication when the Security Model is set to V1 or V2C. This attribute is not relevant if the Security Model is set to USM.
securityName	The string that identifies the SNMP user. It is passed as a parameter in all SNMP messages and operations for this user.
securityModel	The security model used for authentication and encryption for the user. Options are either Community-based security (SNMPv1 or SNMPv2C) or User Security Model (SNMPv3): 1 = USM - SNMPv3 User Security Model(USM) 2 = V1 - Community string based security model for SNMPv1 3 = V2C - Community string based security model for SNMPv2c
securityLevel	The level of security for SNMP messages and operations for the user. This is expressed in terms of whether or not authentication and/or privacy are provided. This attribute is only relevant when the Security Model is set to USM. Valid values are: 1 = NOAUTH_NOPRIV - No encrypted authentication or payload. 2 = AUTH_NOPRIV - Encrypted authentication, no encryption of payload. 3 = AUTH_PRIV - Encrypted authentication and payload.
privProtocol	The protocol used to encrypt messages when the Security Model is set to USM and the Security Level is set to AUTH_PRIV. Valid values are: 1 = None - No encryption provided. 2 = CBC-DES - Payload is encrypted using CBC-DES. 3 = AES-128 - Payload is encrypted using AES-128.
authProtocol	The protocol used to encrypt the authentication keys when the Security Model is set to USM and the Security Level is set to AUTH_NOPRIV or AUTH_PRIV. Valid values are: 1 = None - No encryption provided. 2 = HMAC-MD5-95 - Authentication keys are encrypted using HMAC-MD5-95. 3 = HMAC-SHA-96 - Authentication keys are encrypted using HMAC-SHA-96.
authpasswd	The password to be used in the hash message authentication code (HMAC). This attribute is only relevant when the Security Model (securityModel) is set to USM (1), the Security Level (securityLevel) is set to AUTH_NOPRIV (2) or AUTH_PRIV (3), and the Athentication Protocol (authProtocol) is not set to None (1). The password must be at least eight characters long.
privpasswd	The password used to create the encryption key for payload encryption. This attribute is only relevant when the Security Model (securityModel) is set to USM (1), the Security Level (securityLevel) is set to AUTH_PRIV (3), and the Privacy Protocol (privProtocol) is not set to None (1). The password must be at least eight characters long.
publicSNMP	The user role. This role defines the user's access to the SNMP MIB. Supported values are: "admins", "readUsers", and "writeUsers".

SNMPTargetParam

mpModel	The SNMP Version used for sending notifications to a target. Supported Values are: 1 (SNMPv1), 2 (SNMPv2c), and 3 (SNMPv3).
securityName	The string that identifies the user name of a target. This attribute must match the securityName attribute of an <SNMPUser> element defined in the XML interface document.
paramName	The name used to identify this target parameter. This name will be used when configuring the trap hosts.
storeType	Specifies the persistence used for this target parameter. An objects persistence determines whether associated data survives a reboot of the SNMP agent. Currently, the only supported value for this attribute is: 1 (non-volatile).

SNMPTrapHost

trapHostName	A label for the trap host. A trap host is a destination for the traps/notifications sent by the SNMP agent.
trapHostPort	The UDP port number used for sending SNMP messages to this host. The default value is 162.
addressName	The IP address where the trap or inform is to be sent. Both IPv4 and IPv6 addresses are supported.
tdomain	* Deprecated * - use the value blank ("").
timeout	The time (in milliseconds) to wait for a response from the target before notification packets are retransmitted. The default value is 30.
retrycount	The number of times to re-send notifications if not acknowledged by the target. The default value is 3.
taglist	* Deprecated * - use the value blank ("").
trapType	The notification method used for this trap host. Supported values are: 1 = Trap - Traps are unacknowledged messages so delivery cannot be determined. No retries are allowed. 2 = Notification - Notifications are acknowledged and can be retried if necessary.
paramName	The target parameters used by this trap host. The value of this attribute must match the paramName attribute of an <SNMPTargetParam> element defined in the XML interface document.
adminState	Enable/Disable sending SNMP messages to this trap host. See the definition in the Simple Types Dictionary secion of this document.

SysLog

SysLog is a standard protocol used to send log and event messages to an external server for monitoring and review. The configuration for the SysLog feature is stored, in the OLT XML Interface, in four distinct XML elements:

<SyslogConfig>: is the top level configuration element for SysLog. It stores the admin state (enabled/disabled) of the SysLog feature and contains a sequence of <SyslogDestination> elements as children.
<SyslogDestination>: holds the configuration related to an individual SysLog server. It stores the admin state (enabled/disabled), address, protocol, port and other information needed by the SysLog to send messages to this server. It contains a sequence of <SyslogFacility> and <SyslogFilter> elements as children.
<SyslogFacility>: represents the machine process (e.g., kernel, system, security/authorization, etc.) generating the SysLog messages. The configuration stored in this element provides instructions for which facility and class logs to forward to the specified server.
<SyslogFilter>: holds the configuration that determines which log class message IDs will be sent by SysLog to the specified server.

SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.

Definition

	
			SyslogConfig  <xs:element name="SyslogConfig" type="ems:SyslogConfig" /> <xs:complexType name="SyslogConfig"> <xs:sequence> <xs:element name="destinations" type="ems:SyslogDestination" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> </xs:complexType>  SysLogDestination  <xs:element name="SyslogDestination" type="ems:SyslogDestination" /> <xs:complexType name="SyslogDestination"> <xs:sequence> <xs:element name="auxFacilityMappings" type="ems:SyslogFacility" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="filters" type="ems:SyslogFilter" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="adminState" type="ems:AdminState" use="required" /> <xs:attribute name="address" type="xs:string" use="required" /> <xs:attribute name="protocol" type="xs:int" use="required" /> <xs:attribute name="secure" type="xs:int" use="required" /> <xs:attribute name="port" type="xs:int" use="required" /> <xs:attribute name="othersFacility" type="xs:int" use="required" /> </xs:complexType>  SysLogFacility  <xs:element name="SyslogFacility" type="ems:SyslogFacility" /> <xs:complexType name="SyslogFacility"> <xs:attribute name="logClass" type="xs:string" use="required" /> <xs:attribute name="facility" type="xs:int" use="required" /> </xs:complexType>  SysLogFilter  <xs:element name="SyslogFilter" type="ems:SyslogFilter" /> <xs:complexType name="SyslogFilter"> <xs:sequence> <xs:element name="msgIds" type="xs:int" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="logClass" type="xs:string" use="required" /> <xs:attribute name="level" type="xs:int" use="required" /> </xs:complexType>
		

Example

	
			<ems:SyslogConfig adminState="eUNLOCKED"> <ems:destinations adminState="eUNLOCKED" address="172.28.152.53" protocol="17" secure="0" port="514" othersFacility="23"> <ems:auxFacilityMappings logClass="ALARM" facility="23"/> </ems:destinations> <ems:destinations adminState="eUNLOCKED" address="192.168.86.42" protocol="6" secure="2" port="6514" othersFacility="23"> <ems:auxFacilityMappings logClass="AUTH" facility="4"/> <ems:filters logClass="AUTH" level="1"> <ems:msgIds>4097</ems:msgIds> <ems:msgIds>4098</ems:msgIds> <ems:msgIds>4099</ems:msgIds> </ems:filters> </ems:destinations> </ems:SyslogConfig>
		

Content and Attributes

SyslogConfig

<destinations>	<SyslogDestination> list ^[0-N]. Each destination represents a specific SysLog server
adminState	Enable / Disable the SysLog feature. See definition in the Simple Types Dictionary section of this document.

SyslogDestination

<auxFacilityMappings>	<SyslogFacility> list ^[0-N]
<filters>	<SyslogFilter> list ^[0-N]
adminState	Enable (eUNLOCKED) / Disable (eLOCKED) sending messages to this SysLog server. See definition in the Simple Types Dictionary section of this document.
address	The IP address or DNS name of the server.
protocol	The transport layer protocol used when sending messages to this SysLog server: 6 = TCP or Transparent (depending on the value of the secure attribute). 17 = UDP
secure	Works in conjunction with the "protocol" attribute to determine the transport layer protocol used when sending SysLog messages to this server. If "protocol" is set to "6", a "secure" a value of "0" results in TCP transport while a value of "2", results in Transparent transport. The "secure" attribute is unused if "protocol" is set to "17" (UDP), and should be set to "0".
port	The port to use when sending the SysLog messages to this server. The default values are "514" for UDP and "6514" for TCP and Transparent.
othersFacility	Specifies the Tellabs application facility. Set to "23".

SyslogFacility

logClass	The class or type of event (AUTH,ALRM,ACL,etc.) to be sent from this facility. SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.
facility	The machine process (e.g., kernel, system, security/authorization, etc.). SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.

SyslogFilter

<msgIds>	<xs:int> list ^[0-N] of SysLog message IDs forwarded by this filter. SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.
logClass	The class or type of event (AUTH, ALRM, ACL, etc.) forwarded by this filter. SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.
level	The log level (emergency(0), alert(1), critical(2), etc.) forwarded by this filter. SysLog facilities, classes, levels, and message IDs are documented in the Engineering App Note, ENG-010555: Using Syslog with OLAN.

Common Elements Dictionary

The following XML elements are used throuout the XML interface to hold common configuration data. These elements are contained (as child elements) by other complex XML elements defined in the Tellabs XSD.

An <AIDSelector> element defines a selector rule used in various templates to perform automated configuration. This element stores configuration attributes that define its priority, starting AID (Access Identifier), count (number of objects to create) and type (type of object to create).

	
			AIDSelector  <xs:element name="AIDSelector" type="ems:AIDSelector" /> <xs:complexType name="AIDSelector"> <xs:attribute name="rulePriority" type="xs:int" use="required" /> <xs:attribute name="aidFirst" type="xs:string" use="required" /> <xs:attribute name="count" type="xs:int" use="required" /> <xs:attribute name="groupType" type="xs:int" use="required" /> </xs:complexType>
		

rulePriority	The priority of this AIDSelector rule. Rules are evaluated in monotonic lower-to-higher priority in criteria matching.
aidFirst	Defines a template used to identify the starting AID for the rule applies to. It has the following format: Blank ("") - matches any AID MDS1 - matches any OLT MDS1-IOslot - matches any IO card in slot [s] (ex: MDS1-IO1) MDS1-slot-pon - matches a pon port on an IO card in IO Slot[slot], PON Port[pon] (ex: MDS1-1-1) MDS1-slot-pon-ont - matches an ONT connected to IO Slot[slot], PON Port[pon], ONT[ont] (ex: MDS1-1-1-1) MDS1-slot-pon-ont-eth - matches an ethernet IO Slot[slot], PON Port[pon], ONT[ont], Ethernet Port[eth] (ex: MDS1-1-1-1-1) Wild cards are permissible (asterisks "") to allow for dynamic matching and can be used in place of any IO Slot, PON Port, ONT or Ethernet Port variable. The following examples illustrate wild card matching: MDS1- - matches any IO card MDS1-1-* - matches any PON Port on an IO Card in slot 1. MDS1--4- - matches any ONT connected to PON Port 4, on any IO Card. MDS1--4-3- - matches any Ethernet Port on ONT 3, connected to PON Port 4, on any IO Card. MDS1---- - matches any Ethernet Port.
count	The count specifies the range of aids (starting with the AID matching the aidFirst template) to which the rule should be applied. This range applies to the lowest common denominator AID type specified by the aidFirst template. Supported values will vary with the aidFirst template and deployed system. For example: Given the aidFirst template: MDS1-2-4-3-1, a count value of 4 would match the following set of Ethernet Port AIDs: MDS1-2-4-3-1, MDS1-2-4-3-2, MDS1-2-4-3-3, MDS1-2-4-3-4 Given the aidFirst template: MDS1-2-4-1, a count value of 4 would match the following set of ONT AIDs: MDS1-2-4-1, MDS1-2-4-2, MDS1-2-4-3, MDS1-2-4-4
groupType	Specifies the supported group type of the equipment nearest to the AID specified by the aidFirst template. This value further refines the matching criteria for the rule. For example: Given the aidFirst template: MDS1-2-4-3-1, a count value of 4 would match the following set of Ethernet Port AIDs: MDS1-2-4-3-1, MDS1-2-4-3-2, MDS1-2-4-3-3, MDS1-2-4-3-4 The evaluation would then compare the ONT type, on wich the ports are located, with the groupType attribute. If the types do not match, the Ethernet Ports will not be considered to match the rule.

An <EquipmentProfileAssignment> element is used to stoe a configuration profile and its type. It can be used generically to store configuration data for various system components. The Tellabs XSD uses his element to store edge queue profiles for network edge equipment as well as DSCP mapping profiles for ONTs.

	
			EquipmentProfileAssignment  <xs:element name="EquipmentProfileAssignment" type="ems:EquipmentProfileAssignment" /> <xs:complexType name="EquipmentProfileAssignment"> <xs:attribute name="profileName" type="xs:string" use="required" /> <xs:attribute name="profileType" type="xs:int" use="required" /> </xs:complexType>
		

profileName	A string that, in conjunction with the profileType attribute, uniquely identifies the profile.
profileType	Specifies the profile type. Supported values are: 1 (Device Edge Queue) and 2 (DSCP Mapping)

An <NameValue> element is used to store configuration data generically. The name component identifies the configuration type and the value component stores the parameter value.

	
			NameValue  <xs:element name="NameValue" type="ems:NameValue" /> <xs:complexType name="NameValue"> <xs:attribute name="paramName" type="xs:string" use="required" /> <xs:attribute name="paramValue" type="xs:string" use="required" /> </xs:complexType>
		

paramName	Specifies the type or name of the configuration stored in the element.
paramValue	Specifies of the value assigned to the configuration type or name.

A <QueueSize> element is used to store queue configuration data.

	
			QueueSize  <xs:element name="QueueSize" type="ems:QueueSize" /> <xs:complexType name="QueueSize"> <xs:attribute name="queueNum" type="xs:int" use="required" /> <xs:attribute name="queueSize" type="xs:int" use="required" /> </xs:complexType>
		

queueNum	Specifies the queue number.
queueSize	Specifies the queue size.

A <SourceMAC> element is used to specify an IPV4 MAC address, used in filtering profiles. It holds a complete MAC address as well as the number of bits to use in filter matching.

	
			SourceMAC  <xs:element name="SourceMACR1" type="ems:SourceMACR1" /> <xs:complexType name="SourceMACR1"> <xs:attribute name="address" type="xs:string" use="required" /> <xs:attribute name="macMaskNumBits" type="xs:int" use="required" /> </xs:complexType>
		

address	An IPv4 MAC address.
macMaskNumBits	The number of bits to use in filter matching. Supported values are in the range 1 - 48.

A <ValueMap> element generically maps one value to another.

	
			ValueMap  <xs:element name="ValueMap" type="ems:ValueMap" /> <xs:complexType name="ValueMap"> <xs:attribute name="mapFrom" type="xs:int" use="required" /> <xs:attribute name="mapTo" type="xs:int" use="required" /> </xs:complexType>
		

mapFrom	The value to map from.
mapTo	The value to map to.

Simple Types Dictionary

The following simple types are defined in the Tellabs XSD. These types are all enumerations, used in various elements thoughout the OLT XML interface.

AdminState

The AdminState element is an enumeration used to specify the admininistrative state of a feature or object. The administrative state is configuration data as opposed to the operational state, which is based on status. The administrative state has two possible values: locked and unlocked. When an object is locked, it is administratively removed from service. When unlocked, it is administratively placed in service.

eLOCKED	The feature or object is administratively disabled.
eUNLOCKED	The feature or object is administratively enabled.

AutoMdixMode

The AutoMdixMode element is an enumeration used to specify the ability to detect and adapt to the MDI/MDIX (medium-dependent interface/MDI crossover) mode of the subtending device.

eENABLED	Enable detection of and adaptation to the MDI/MDX mode of the subtending device.
eDISABLED	Disable detection of and adaptation to the MDI/MDX mode of the subtending device.

EncryptionType

The EncryptionType element is an enumeration used to specify the algorithm used for data encryption.

eMD5_ONEWAY	Encryption uses the MD5 message-digest algorithm.
eDES_TWOWAY	Encryption uses the Data Encryption Standard symmetric-key algorithm.
eSHA_ONEWAY	Encryption uses the Secure Hashing Algorithm.

EtherType

The EtherType element is an enumeration used to specify the bridging protocol used in traversing the LAN. EtherType is used as the basis of 802.1Q VLAN tagging, encapsulating packets from VLANs for transmission multiplexed with other VLAN traffic over an Ethernet trunk.

eNOTAPPLICABLE	No EtherType Specified
eIPOE	Internet Protocol over Ethernet (IPoE), delivers IP payloads (IPv4,IPv6) over an access network using bridged Ethernet.
ePPPOE	* Deprecated *
eIPOE_PPPOE	* Deprecated *
ePPPOA	* Deprecated *
ePPPOE_PPPOA	* Deprecated *
eIPOE_PPPOE_PPPOA	* Deprecated *
eTRANSPARENT	Transparent bridging, transports all protocols.

GSFNValue

The supported Generic Signaling Function for SIP.

e2EAE	2 Wire E&M
e2EBE	2 Wire E&M
e2ECE	2 Wire E&M
e2EAM	2 Wire E&M
e2EBM	2 Wire E&M
e2ECM	2 Wire E&M
e4EAE	4 Wire E&M
e4EBE	4 Wire E&M
e4ECE	4 Wire E&M
e4EAM	4 Wire E&M
e4EBM	4 Wire E&M
e4ECM	4 Wire E&M
e4EY	4 Wire Tandem / Looped
e4EX	4 Wire Tandem / Non-Looped
e4EYA	4 Wire Tandem / Looped / FXO
e4EYB	4 Wire Tandem / Looped / FXS
e4EXA	4 Wire Tandem / Non-Looped / FXO
e4EXB	4 Wire Tandem / Non-Looped / FXS
e2NO	2 Wire Transmit Only
e4NO	4 Wire Transmit Only w/o sealing
e4LO	4-wire Loop Start FXO
e4LS	4-wire Loop Start FXS
e4GO	4-wire Ground Start FXO
e4LOX	4-wire Loop Start FXO (Reverse Sig)
e4LSX	4-wire Loop Start FXS (Reverse Sig)
e4GOX	4-wire Ground Start FXO (Reverse Sig)
e4GSX	4-wire Ground Start FXS (Reverse Sig)
e4LR
e4NOS	4-wire Transmit Only (w/ sealing)
e2LO	2-wire Loop Start FXO
e2LS	2-wire Loop Start FXS
e2GO	2-wire Ground Start FXO
e2GS	2-wire Ground Start FXS
e2RVO
e2RVT
e2LR
e2NOS	2-wire Transmit Only (w/ sealing)
e4DX	4-wire Duplex
eLUNT
eLUNTS
eLULT
eLULTS
e2BR
eUVG	Universal Voice Grade
e4DU	4-wire DDS (Office)
e4DO	4-wire DDS (DS0)
e4GS
e4LRA
e4LRB
e2LRA
e2LRB
e2COINO	2-wire COIN Office
e2COINT	2-wire COIN Subscriber

LACPMode

The LACPMode element is an enumeration used to specify the port state for LACP negotiation.

eACTIVE	Set port to active state. Port initiates negotiation with remote ports by sending LACP packets.
ePASSIVE	Set port to passive state. Port responds to LACP packets but does not initiate negotiation.

LACPTimer

The LACPMode element is an enumeration used to specify the length of the timer used in LACP. This timer is used to control how often connected devices on a LAG interface exchange LACP PDUs.

eLONGTIMER	Use the long LACP timer (30 seconds)
eSHORTTIMER	Use the short LACP timer (1 second)

LineSpeed

Specifies the line speed for a port.

e10BASET	10 Mbit/s
e100BASET	100 Mbit/s
e1000BASET	1000 Mbit/s (1 Gbit/s)
eAUTODETECT_100	Autodetect speed - max 100 Mbit/s
eAUTODETECT_1000	Autodetect speed - max 1000 Mbit/s (1 Gbit/s)
e2500BASET	Autodetect speed - max 2500 Mbit/s (2.5 Gbit/s)
e10000BASET	Autodetect speed - max 10000 Mbit/s (10 Gbit/s)

NELocation

Legacy location information related to telecommunications system used in the public switched telephone network (PSTN) or in large enterprises. The location used for modern access sytems is always RDT.

eCOT	* Deprecated * Central Office Terminal - equipment is located at the cental office of a telephone exchange.
eDRT	Remote Distribution Terminal - equipment is located remotely.

PerceivedSeverity

Specifies alarm severity for generation and reporting purposes.

eCRITICAL	The alarm is critical.
eMAJOR	The alarm is major.
eMINOR	The alarm is minor.
eNOTALARMED	The alarm will not be generated.
eNOTREPORTED	The alarm is generated but will not be reported.

SecAttribute

Specifies the type of user involved in a system event. This type is used in logging security messages involving system access and modification.

eEMSUSER	The user has accessed or modified the system from the Panorama application.
eCRAFTUSER	The user has accessed or modified the system from the CRAFT port.
eTELNETUSER	The user has accessed or modified the system from a telnet/ssh connection.

ShelfType

Specifies the OLT shelf type.

eEASMX	* Deprecated *
eMDS3	* Deprecated *
eMDS4	* Deprecated *
eOCS	* Deprecated *
eONU24	* Deprecated *
eONU96	* Deprecated *
eMDS7	* Deprecated *
eONU48	* Deprecated *
eSHGPONONU	* Deprecated *
eSH1131	Tellabs® OLT1131.
eSH1134	Tellabs® FlexSym OLT1134 or Tellabs® FlexSym OLT6.
eSHOLT1	Tellabs® OLT1.
eSHBOLT	Tellabs® BOLT OLT.
eSHOLTMINI	Tellabs® OLT-mini.
eSHOLTMINIPLUS	Tellabs® OLT-mini Plus.
eSHOLTMINIPLUS	Tellabs® OLT-mini Plus.
eUMC1000	Tellabs® 1000 Multiservice Access Platform (MSAP)

SubscriberLineType

The subcriber line type for a port.

eSL_MOCA	* Deprecated * (MoCA)Multimedia over Coax Alliance(MoCA) - uses coaxial cables
eSL_ESL	Ethernet Subscriber Line(ESL) - ethernet port
eSL_DSL	* Deprecated * Digital Subscriber Line(DSL) - digital data over telephone lines
eSL_DS1	* Deprecated * Digital Signal 1 (DS1) + US digital telephone standard
eSL_VOICE	Voice over Intenet Protocol (VoIP)

SupportedCardGroupType

An enumerated value that specifies the card type (Optical Line Card, Edge Switch Unit or ONT) supported in the current context:

eSG_BLANKSLOT	Intentionally Blank Slot, NE will create CP
eSG_NOTPROV	This card is not provisioned.
eSG_EFA	EFA Fan Unit
eSG_ESU	ESUX (ESU32)
eSG_ESU2	ESU2
eSG_ESU30	ESU30
eSG_PON_4	QOIU7
eSG_PON_8	OIU8
eSG_SFU_R2	ONT702
eSG_SFU040	ONT709
eSG_SFU728	ONT728, ONT728GP
eSG_SFU729	ONT729
eSG_SFU729GP	ONT729GP
eSG_SFU120	ONT120W, ONT120C
eSG_SFU140	ONT140W, ONT140C
eSG_SFU240_ETSI	ONT705
eSG_SFU240_ETSI_NORF	ONT704
eSG_ONT121W	ONT121W
eSG_ONT121WX	ONT121WX
eSG_ONT131W	ONT131W, 131WX
eSG_ONT140CL	ONT140CL
eSG_ONT142R	ONT142R
eSG_ONT180	ONT180C
eSG_ONT205	ONT205C
eSG_ONT248	ONT248
eSG_ONT202	ONT202
eSG_ONT224	ONT224
eSG_ONT742G	ONT742G
eSG_ONT742GR	ONT742GR
eSG_XPON2P4	OIU2

The followng additional enumerated values are defined but deprecated:

eSG_ONU_4: QOIU512, 513
eSG_EDS1_4: DIU4
eSG_DSL_4: QDC14
eSG_ESL_4: QDC16
eSG_POTS_4: QCU402
eSG_EDS1_16: DIU16
eSG_POTS_24: NVC1
eSG_DSL_16: NDC1, NDC7
eSG_TDU: TDU1,TDU7
eSG_NCC_VOIP:
eSG_NCC_TDM: TDM,NCC1
eSG_AMU: AMU1, AMU7
eSG_BBC: BBC12, BB13
eSG_SPECIALS_4: NB Specials
eSG_SCU52: SCU52, SCU521
eSG_SCU3: SCU3
eSG_SCU4: SCU4
eSG_SCU13: SCU13,SCU131
eSG_SCU41: SCU41
eSG_DCU33: DCU33
eSG_DCU37: DCU37
eSG_SCU1: SCU1
eSG_CTU: CTU1,CTU7
eSG_SFU: ONT702
eSG_OIU77: OIU77
eSG_OMU99: OMU99
eSG_OPU29: OPU29
eSG_OIU9: OIU9X (92,94,95,96,99)
eSG_DSL_6: HDC6
eSG_EIU: EIU
eSG_DCU10: DCU10
eSG_DCU36: DCU36
eSG_SCU57: SCU57
eSG_OFA1: OFA1,OFA7
eSG_RSC: RSC1, RSC2, RSC3
eSG_DTU: DTU1
eSG_PWR: LPC, NPC
eSG_MFA: MFA, MFA7
eSG_SFU_R1:
eSG_SCU57_R1:
eSG_EDS1_4_R1:
eSG_POTS_24_R1:
eSG_EDS1_16_R1:
eSG_NCC_VOIP_R1:
eSG_SFU010: ONT701
eSG_SFU211: ONT712 w/ MoCA
eSG_SFU000: GPON ONU
eSG_SFU210RF: ONT703
eSG_SCU12: SCU12
eSG_SCU22: SCU22
eSG_BBC7: BBC7
eSG_DSL_POTS_24: NMC
eSG_DSL_24: NDC2, NDC3
eSG_SFU210_ETSI_NORF:
eSG_SFU210_ETSI:
eSG_SFU2402_ETSI: ONT734
eSG_E1_16: DIU17 for E1
eSG_ONU812_808: ONU812, ONU808
eSG_SFUBASIC: Generic ONT
eSG_SFU070: ONT701
eSG_XPON2P4P:

TrafficType

The traffic type provided by a particular service on an ethernet port. The following service types are defined:

eTLS	Transparent LAN Service
eIPTV	Internet Protocol television
eISP	Internet Service Protocol
eISP_IPTV	Internet Service Protocol + Internet Protocol television
eEXT_DS1	Extension DS1
eVOIP	Voice over Internet Protocol
eISP_1_TO_1	One to One Internet Services Protocol
eN_TO_N	N to N
eN_TO_N_IPTV	N to N + Internet Protocol television
eVLAN_TRUNK	VLAN Trunking (Allows up to 25 VLANs on the port)
eVLAN_TRUNK_IPTV	VLAN Trunking + Internet Protocol television

Overview

How to use this Document

General Structure

Root Element

Element Naming Conventions

Namespaces

Versioning

Attribute Order

XML Schema Definition Language (XSD)

The <schema> Element

Inherited Schema

Elements

XML Interface Configuration Elements

Restore File (Root element)

Content and Attributes

System Level Configuration

Managed Element

Software Manager

PM Manager

Security Manager

Ethernet Port Manager

Connection Manager

Security Banner

Shelf

OLT Default Settings

Spanning Tree

ACL

IGMP

LLDP Bridge

Trusted Host

OSCP

DNS

User Accounts

Bridge Ports

VLANs

VLAN Properties Table

VLAN Assignment Table

Interfaces

NET Interface

Link Aggregation Group (LAG) Interface

Equipment

Circuit Pack

ONT Configs

Profiles

PON Ports

PON Profile

PON Port

Protection Group

Ethernet Subscriber Lines

ESL Line

ESL Profile

PoE Profile

ACL Profile

Service Profile

NAC Profile

PAE Profile

RSTP Profile

LLDP Profile

RADIUS Profile

RADIUS Servers, Authentication and Policy

Change of Authorization (CoA) and Dynamic Authorization Client (DAC)

VoIP Line

Templates

Ethernet Port

ONT

SNMP

SysLog

Common Elements Dictionary

Simple Types Dictionary