NDEC Modules of H3C Series Routers
I. Preface
Network data encryption card module is primarily used for router data flow encryption. It implements IPSec with encryption feature, where encryption service is enabled by the encryption card.
II. Introduction to Modules
NDEC is the short of Network Data Encryption Card. NDEC supports IPSec protocol and provides high performance and high reliable encryption feature for routers through the encryption process of hardware expedited IP packets.
When inserting NDEC module, router main process unit fulfills the routing and forwarding of IP packets, and enables VPN with encryption feature. The encryption is performed by the encryption card.
III. Module Appearance
NDEC module appearance is shown as follows:
The front panel of network data encryption module is shown as follows:
NDEC module panel
NDEC module indicator implication
Indicator |
Implication |
RUN |
Extinguished: the module is not started, the module does not work or severe hardware failure. Fast flashing (4Hz): hardware initiation does not succeed. Slow flashing (2s light and 2s extinguished): hardware initiation succeeds, but normal software initiation process cannot be started. Light constantly: software initiation failed. The module cannot operate services. |
ACT |
Fast flashing: the module gets into upload state. Light constantly: the module fails to upload. Non-periodically fast flashing: the module works well and receives/sends data from/to host. Extinguished: the module works well and receives/sends no data from/to host. |
SPEED |
Lighted: the module boots system after power on. Extinguished: the module works well. |
DENY |
Fast flashing: the module software fails to apply memory and cannot operate services. Extinguished: the module works well. |
IV. Module Interface Cable
NDEC has no foreign interface and cables.
V. Module Interface Attributes
Attribute |
Description |
Protocol |
IPSec |
Maximum connections supported by IPSec currently |
100 |
Hardware enablement algorithm |
Key algorithm (DES, 3DES, AES, QC5, Blowfish, Cast-128, SkipJack) Authentication algorithm (MD5, SHA-1 hash algorithm) |
VI. Troubleshooting Modules
Solution: all indicators should fast light one time when starting. If not, this means the module or some hardware on the module did not power on. Please examine whether the system power is connected correctly.
If system power works, the fuse may burn out or CPLD (Complex Programmable Logic Device) may wrong. Please contact Huawei-3Com agent.
Solution: all indicators should fast light one time when starting, and then extinguished immediately. This means the module processor works. If all indicators is lighting, it means the system bus did not work or CPLD is exceptional.
Solution: RUN should flash, not light constantly when the module works. If so, this means the module powers on but did not work. The module may be forced to reset. If there is other 1-2 indicators lighting (If ACT lights, or SPEED lights or DENY lights),this indicates the encryption card failed. Or the host failed. RUN becomes lighting after flashed several times, this means initiation failed.
Solution: RUN fast flashing means the module initiates. And it is fast flashing until the initiation is completed. At this point if DENY flashes occasionally, this means memory failure, please contact Huawei-3COM agent. If SPEED lights occasionally during this period, this means system boot failure, please examine system configuration or contact Huawei-3Com agent.
Solution: RUN slow flashing means the module gets into an offline state. You should examine whether the router configuration is right and supports encryption card.
Solution: ACT flashing means the module upgrades firmware. ACT lighting means software upgrade failed, you should upgrade software again. If the problem still exists, please contact Huawei-3COM agent.
Solution: DENY flashing means the module performance or the capacity cannot meet the encryption requirement at the moment. This is due to the technology specification limitation of the current version of encryption module, not a hardware/software fault. Please contact Huawei-3Com agent as required, upgrading to encryption module with higher processing capability.
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作