mint

Profile Config Commands

Configures MiNT protocol parameters required for MiNT creation and adoption

MiNT links are required for adoption of a device (APs, wireless controller, and service platform) to a controller. The MiNT link is created on both the adoptee and the adopter. WiNG provides several commands to configure MiNT links and establish adoption for both IPv4 and IPv6 addresses.

Supported on the following devices:

Syntax

mint [dis|inter-tunnel-bridging|level|link|mlcp|rate-limit|spf-latency|tunnel-across-extended-vlan|tunnel-controller-load-balancing]
mint dis [priority-adjustment <-255-255>|strict-evis-reachability]
mint inter-tunnel-bridging
mint level 1 area-id [<1-16777215>|<NUMBER-ALIAS-NAME>]
mint link [force|ip|listen|vlan]
mint link force ip [<IPv4>|<IPv6>] [<1-65535> level 2|level 2] {adjacency-hold-time <2-600>|cost <1-10000>|hello-interval <1-120>|ipsec-secure {gw [<IP>|<HOST-NAME>]}}
mint link [listen ip [<IPv4>|<IPv6>|<HOST-ALIAS-NAME>]|vlan <1-4094>] {adjacency-hold-time <2-600>|cost <1-10000>|hello-interval <1-120>|ipsec-security {gw [<IP>|<HOST-NAME>]}|level [1|2]}
mint link ip [<IPv4>|<IPv6>|<HOST-ALIAS-NAME>] {<1-65535>|adjacency-hold-time <2-600>|cost <1-10000>|hello-interval <1-120>|ipsec-security {gw [<IP>|<HOST-NAME>]}|level [1|2]}
mint mlcp [ip|ipv6|vlan]
mint rate-limit level2 [link|mlcp]
mint rate-limit level2 [link [ip [<IPv4>|<IPv6>] <1-65535>|vlan <1-4094>]|mlcp [ip|ipv6|vlan]] rate <50-1000000> max-burst-size <2-1024> {red-threshold [background|best-effort|video|voice] <0-100>}
mint spf-latency <0-60>
mint tunnel-across-extended-vlan
mint tunnel-controller-load-balancing level1

Parameters

mint dis [priority-adjustment <-255-255>|strict-evis-reachability]
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
dis priority-adjustment <-255-255> Sets the relative priority for the router to become DIS (designated router)
  • priority-adjustment – Sets priority adjustment added to base priority

The Designated IS (DIS) priority adjustment is the value added to the base level DIS priority to influence the DIS election. A value of +1 or greater increases DISiness.

  • <-255-255> – Specify a value from -255 - 255. The default is 0.

Higher numbers result in higher priorities

strict-evis-reachability Enables reaching EVI (Ethernet Virtualization Interconnect) election winners through MiNT. This option is enabled by default.
mint inter-tunnel-bridging
mint Configures MiNT protocol parameters required for MiNT link creation, adoption and communication
inter-tunnel-bridging Enables forwarding of broadcast multicast (BCMC) packets between devices communicating via Level 2 MiNT links. When enabled, MiNT tunnels across Level 2, adopted access points are bridged. One of the advantages of inter-tunnel bridging is the enabling of roaming between these access points. This option is disabled by default.

If enabling this option, use ACLs to filter unwanted BCMC traffic.

mint level 1 area-id [<1-16777215>|<NUMBER-ALIAS-NAME>]
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
level 1 Configures local MiNT routing settings
  • 1 – Configures local MiNT routing level
area-id [<1-16777215>| <NUMBER-ALIAS-NAME>] Specifies the level 1 routing area identifier. Use one of the following options to specify the area ID:
  • <1-16777215> – Specify a value from 1 - 16777215.
  • <NUMBER-ALIAS-NAME> – Specify a number alias (should be existing and configured). Aliases are configuration items that can be defined once and used in different configuration contexts. For more information on creating a number alias, see alias.
mint link force ip [<IPv4>|<IPv6>] [<1-65535> level 2|level 2] 
{adjacency-hold-time <2-600>|cost <1-10000>|hello-interval <1-120>|ipsec-security {gw [<IP>|<HOST-NAME>]}}
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
link force Creates a MiNT routing link as a forced link
  • force – Forces a MiNT routing link to be created even if not necessary
ip [<IPv4>|<IPv6>] Creates a MiNT tunnel over UDP/IPv4 or IPv6

Use this keyword to specify the IP address (IPv4 or IPv6) used by peers for inter-operation when supporting the MINT protocol.

  • <IPv4> – Specify the MiNT tunnel peer‘s IPv4 address.
  • <IPv6> – Specify the MiNT tunnel peer‘s IPv6 address.

After specifying the MiNT peer‘s address, configure the following MiNT link parameters: UDP port, adjacency-hold-time, cost, hello-interval, IPSec security gateway, and routing level.

<1-65535> level 2 Optional. Specifies a custom UDP port for MiNT links. Specify the port from 1 - 65535.
  • level – Specifies the routing level
    • 2 – Configures level 2 inter-site MiNT routing
adjacency-hold-time <2-600> Optional. Specifies the adjacency lifetime after hello packets cease
  • <2-600> – Specify a value from 2 - 600 seconds. The default is 46 seconds.
cost <1-100000> Optional. Specifies the link cost in arbitrary units
  • <1-100000> – Specify a value from 1 - 100000. The default is 100.
hello-interval <1-120> Optional. Specifies the interval, in seconds, between successive hello packets
  • <1-120> – Specify a value from 1 - 120 seconds. The default is 15 seconds.
ipsec-security {gw [<IP>|<HOST-NAME>]} Optional. Enables IPSec secure peer authentication on the MiNT link connection (link). This option is disabled by default.
  • gw [<IP>|<HOSTNAME>] – Optional. Configures the IPSec secure gateway. When enabling IPSec, you can optionally specify the IPSec secure gateway‘s numerical IP address or administrator defined hostname.
mint link [listen ip [<IPv4>|<IPv6>|<HOST-ALIAS-NAME>]|vlan <1-4094>] 
{adjacency-hold-time <2-600>|cost <1-10000>|hello-interval <1-120>|
level [1|2]|ipsec-security {gw [<IP>|<HOST-NAME>]}}
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
link listen ip [<IPv4>|<IPv6>| <HOST-ALIAS-NAME>] Creates a MiNT routing link
  • listen – Creates a MiNT listening link
    • ip – Creates a MiNT listening link over UDP/IP or IPv6
      • <IPv4> – Specify the IPv4 address of the listening UDP/IP link.
      • <IPv6> – Specify the IPv6 address of the listening UDP/IP link.
      • <HOST-ALIAS-NAME> – Specify the host alias identifying the MiNT link address. The host alias should existing and configured.

UDP/IP links can be created by configuring a matching pair of links, one on each end point. However, that is error prone and does not scale. So UDP/IP links can also listen (in the TCP sense), and dynamically create connected UDP/IP links when contacted. The typical configuration is to have a listening UDP/IP link on the IP address S.S.S.S, and for all the APs to have a regular UDP/IP link to S.S.S.S.

link vlan <1-4094> Enables MiNT routing on VLAN
  • vlan – Defines a VLAN ID used by peers for inter-operation when supporting the MINT protocol.
    • <1-4094> – Select VLAN ID from 1 - 4094.
adjacency-hold-time <2-600> This parameter is common to the ‘listen‘ and ‘vlan‘ parameters:
  • adjacency-hold-time <2-600> – Optional. Specifies the adjacency lifetime after hello packets cease
    • <2-600> – Specify a value from 2 - 600 seconds. The default is 46 seconds.

For MiNT VLAN routing, the default is 13 seconds.

cost <1-100000> This parameter is common to the ‘listen‘ and ‘vlan‘ parameters:
  • cost <1-100000> – Optional. Specifies the link cost in arbitrary units
    • <1-100000> – Specify a value from 1 - 100000. The default is 100.

For MiNT VLAN routing, the default is 10.

hello-interval <1-120> This parameter is common to the ‘listen‘ and ‘vlan‘ parameters:
  • hello-interval <1-120> – Optional. Specifies the interval, in seconds, between successive hello packets
    • <1-120> – Specify a value from 1 - 120. The default is 15 seconds.

For MiNT VLAN routing the default is 4 seconds.

level [1|2] This parameter is common to the ‘listen‘ and ‘vlan‘ parameters:

Optional. Specifies the routing levels for this routing link. The options are:

  • 1 – Configures local routing
  • 2 – Configures inter-site routing
ipsec-security {gw [<IP>| <HOST-NAME>]} This parameter is common to the ‘listen‘ and ‘vlan‘ parameters:
  • ipsec-security – Optional. Enables IPSec secure peer authentication on the MiNT connection (link). This option is disabled by default.
    • gw [<IP>|<HOSTNAME>] – Optional. Configures the IPSec secure gateway. When enabling IPSec, you can optionally specify the IPSec secure gateway‘s numerical IP address or administrator defined hostname.
mint link ip [<IPv4>|<IPv6>|<HOST-ALIAS-NAME>] {<1-65535>|adjacency-hold-time <2-600>|
cost <1-10000>|hello-interval <1-120>|level [1|2]|ipsec-security {gw [<IP>|<HOST-NAME>]}}
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
link ip [<IPv4>|<IPv6>| <HOST-ALIAS-NAME>] Creates a MiNT routing link
  • ip – Creates a MiNT tunnel over UDP/IP or IPv6

Use this keyword to specify the IP address (IPv4 or IPv6) used by peers for inter-operation when supporting the MINT protocol.

  • <IPv4> – Specify the IPv4 address used by peers.
  • <IPv6> – Specify the IPv6 address used by peers.
  • <HOST-ALIAS-NAME> – Specify the host alias identifying the MiNT tunnel peer‘s address. The host alias should existing and configured.
<1-65535> Select the peer UDP port from 1 - 65535.
adjacency-hold-time <2-600> Optional. Specifies the adjacency lifetime after hello packets cease
  • <2-600> – Specify a value from 2 - 600 seconds. The default is 46 seconds.
cost <1-100000> Optional. Specifies the link cost in arbitrary units
  • <1-100000> – Specify a value from 1 - 100000. The default is 100.
hello-interval <1-120> Optional. Specifies the interval, in seconds, between successive hello packets
  • <1-120> – Specify a value from 1 - 120. The default is 15 seconds.
level [1|2] Optional. Specifies the routing levels for this routing link. The options are:
  • 1 – Configures local routing
  • 2 – Configures inter-site routing
ipsec-security {gw [<IP>| <HOST-NAME>]} Optional. Enables IPSec secure peer authentication on the MiNT connection (link). This option is disabled by default.
  • gw [<IP>|<HOSTNAME>] – Optional. Configures the IPSec secure gateway. When enabling IPSec, you can optionally specify the IPSec secure gateway‘s numerical IP address or administrator defined hostname.
mint mlcp [ip|ipv6|vlan]
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
mlcp [ip|ipv6|vlan] Configures the MLCP using the IP address or VLAN. MLCP is used to create a UDP/IP link from the device to a neighbor. The neighboring device does not need to be a wireless controller or service platform, it can be another access point with a path to the wireless controller or service platform.
  • vlan – Enables MLCP over layer 2 (VLAN) links
  • ip – Enables MLCP over layer 3 (UDP/IP) links. When enabled, allows adoption over IPv4 address.
  • ipv6 – Enables MLCP over layer 3 (UDP/IPv6) links. When enabled, allows adoption over IPv6 address.
mint rate-limit level2 [link [ip [<IPv4>|<IPv6>] <1-65535>|vlan <1-4094>]|
mlcp [ip|ipv6|vlan]] rate <50-1000000> max-burst-size <2-1024> 
{red-threshold [background|best-effort|video|voice] <0-100>}
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
mint rate-limit level2 Applies rate limits on extended VLAN traffic

Excessive traffic can cause performance issues on an extended VLAN. Excessive traffic can be caused by numerous sources including network loops, faulty devices, or malicious software.

Rate limiting reduces the maximum rate sent or received per wireless client. It prevents any single user from overwhelming the wireless network, and also provides differential service for service providers. Uplink and downlink rate limits are usually configured on a RADIUS server using vendor specific attributes. Rate limits are extracted from the RADIUS server‘s response. When such attributes are not present, the settings defined on the controller, service platform or access point are applied. You can set separate QoS rate limit configurations for data types transmitted from the network (upstream) and data transmitted from a wireless clients back to associated radios (downstream).

link [ip <IPv4/IPv6> <1-65535>| vlan <1-4094>] Configures rate limit parameters applicable for all statically configured MiNT links on level2. Select the link-type as ‘IP‘ or ‘VLAN‘.
  • ip <IPv4/IPv6> – Configures rate limits for MiNT link traffic over UDP/IP
    • <IPv4/IPv6> – Specify the MiNT peer‘s IPv4 or IPV6 address in the A.B.C.D and X:X::X:X formats respectively.
      • <1-65535> – Configures the virtual port used for rate limiting traffic. Specify the UDP port from 1 - 65535.
  • vlan <1-4094 – Configures rate limits for MiNT link traffic on specified VLAN
    • <1-4094> – Specify the VLAN ID from 1 - 4094.
mlcp [ip|ipv6|vlan] Configures rate limit parameters applicable for MLCP

MLCP creates a UDP/IP link from the device to a neighbor. The neighboring device does not need to be a controller or service platform, it can be an access point with a path to the controller or service platform.

  • ip – Configures rate-limits for MLCP over UDP/IPv4 links
  • ipv6 – Configures rate-limits for MLCP over UDP/IPv6 links
  • vlan – Configures rate-limits for MLCP over VLAN links
rate <50-1000000> Configures the rate limit from 50 - 1000000 Kbps

This limit constitutes a threshold for the maximum number of packets transmitted or received (from all access categories). Traffic exceeding the defined rate is dropped and a log message is generated. The default setting is 5000 Kbps.

max-burst-size <2-1024> Configures the maximum burst size from 0 - 1024 Kbytes

Smaller the burst size, lesser is the probability of the upstream packet transmission resulting in congestion for the WLAN‘s client destinations. By trending the typical number of ARP, broadcast, multicast and unknown unicast packets over a period of time, the average rate for each access category can be obtained. Once a baseline is obtained, add a 10% margin (minimally) to allow for traffic bursts. The default burst size is 320 Kbytes.

red-threshold [background|best-effort|video|voice] <0-100> Optional. Configures the RED (random early detection) threshold (as a percentage) for the following traffic types:
  • background – Configures the RED threshold for low priority background traffic. Background packets are dropped and a log message generated if the rate exceeds the set value. Background traffic consumes the least bandwidth of any access category, so this value can be set to a lower value once a general upstream rate is known by the network administrator (using a time trend analysis). The default setting is 50%.
  • best-effort – Configures the RED threshold for low priority best-effort traffic. Best-effort packets are dropped and a log message generated if the rate exceeds the set value. Best effort traffic consumes little bandwidth, so this value can be set to a lower value once a general upstream rate is known by the network administrator (using a time trend analysis).The default setting is 50%.
  • video – Configures the RED threshold for high priority video traffic. Video packets are dropped and a log message generated if the rate exceeds the set value. Video traffic consumes significant bandwidth, so this value can be set to a higher value once a general upstream rate is known by the network administrator (using a time trend analysis).The default setting is 25%.
  • voice – Configures the RED threshold for high priority voice traffic. Voice packets are dropped and a log message generated if the rate exceeds the set value. Voice applications consume significant bandwidth, so this value can be set to a higher value once a general upstream rate is known by the network administrator (using a time trend analysis).The default setting is 0%.
    • <0-100> – After selecting the traffic type, specify the RED threshold from 0 - 100%.
mint spf-latency <0-60>
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
spf-latency <0-60> Specifies the latency of SPF routing recalculation

This option allows you to set the latency of routing recalculation option (within the Shortest Path First (SPF) field). This option is disabled by default.

  • <0-60> – Specify the latency from 0 - 60 seconds.
mint tunnel-across-extended-vlan
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
tunnel-across-extended-vlan Enables tunneling of MiNT protocol packets across an extended VLAN. This setting is disabled by default.
mint tunnel-controller-load-balancing level1
mint Configures MiNT protocol parameters required for MiNT link creation and adoption
tunnel-controller-load-balancing level1 Enables load balancing of MiNT extended VLAN traffic across tunnels
  • level1 – Enables balancing of load of a tunnel wireless controller or service platform over VLAN links

Example

nx9500-6C8809(config-profile-default-nx5500)#mint level 1 area-id 88

nx9500-6C8809(config-profile-default-nx5500)#mint link ip 1.2.3.4 level 2

nx9500-6C8809(config-profile-default-nx5500)#show context
profile nx5500 default-nx5500
 mint link ip 1.2.3.4 level 2
 mint level 1 area-id 88
 bridge vlan 1
--More--
nx9500-6C8809(config-profile-default-nx5500)#

nx9500-6C8809(config-device-84-24-8D-1B-B9-0C)#show context
ap7522 84-24-8D-1B-B9-0C
 use profile default-ap7522
 use rf-domain default
 hostname ap7522-1BB90C
 no staging-config-learnt
nx9500-6C8809(config-device-84-24-8D-1B-B9-0C)

nx9500-6C8809(config-device-84-24-8D-1B-B9-0C)#mint inter-tunnel-bridging

nx9500-6C8809(config-device-84-24-8D-1B-B9-0C)#show context
ap7522 84-24-8D-1B-B9-0C
 use profile default-ap7522
 use rf-domain default
 hostname ap7522-1BB90C
 no staging-config-learnt
 mint inter-tunnel-bridging
nx9500-6C8809(config-device-84-24-8D-1B-B9-0C)#

Related Commands

no Disables or reverts settings to their default