UGiBuilder IDX Release 3.5.x

iBuilder User Guide iDX Release 3.5.
iBuilder User Guide
iDX Release 3.5.x
February 13, 2018

The information contained herein is proprietary and confidential to VT iDirect, Inc. (“VT iDirect”) and iDirect Government, LLC
(“iDirect Government”) and shall not be published, reproduced, copied, disclosed or used, in whole or part, for other than its
intended purpose without the express written consent of a duly authorized representative of VT iDirect or iDirect Government.
Copyright © 2018. VT iDirect, Inc., 13861 Sunrise Valley Drive, Suite 300, Herndon, VA 20171, USA.
All rights reserved. Reproduction in whole or in part without permission is prohibited. Information
contained herein is subject to change without notice. The specifications and information regarding the
products in this document are subject to change without notice. All statements, information and
recommendations in this document are believed to be accurate, but are presented without warranty of
any kind, express, or implied. Users must take full responsibility for their application of any products.
Trademarks, brand names and products mentioned in this document are the property of their respective
owners. All such references are used strictly in an editorial fashion with no intent to convey any
affiliation with the name or the product's rightful owner.
VT iDirect® is a global leader in IP-based satellite communications providing technology and solutions
that enable our partners worldwide to optimize their networks, differentiate their services and
profitably expand their businesses. Our product portfolio, branded under the name iDirect®, sets
standards in performance and efficiency to deliver voice, video and data connectivity anywhere in the
world. VT iDirect® is the world’s largest TDMA enterprise VSAT manufacturer and is the leader in key
industries including mobility, military/government and cellular backhaul.
Company Web site: www.idirect.net ~ Main Phone: 703.648.8000

TAC Contact Information: Phone: 703.648.8151 ~ Email: tac@idirect.net ~ Web site: tac.idirect.net
iDirect Government™, created in 2007, is a wholly owned subsidiary of iDirect and was formed to better
serve the U.S. government and defense communities.
Company Web site: www.idirectgov.com ~ Main Phone: 703.648.8118

TAC Contact Information: Phone: 703.648.8111 ~ Email: tac@idirectgov.com ~ Web site:
tac.idirectgov.com
Document Name: UG_iBuilder iDX 3.5_T0000783_Rev_G_02_13_18
ii iBuilder User Guide

iDX Release 3.5.x
Revision History
The following table shows all revisions for this document. To determine if this is the latest
revision, check the TAC Web site at http://tac.idirect.net.
Revision Date Updates

A September 30, 2016 Initial release for iDX 3.5.1
B February 28, 2017 iDX Release 3.5.2.0; changes include:
• Changed note under Figure 6-22; see Accelerated GRE Tunnels
on page 180.
• Changed Managing Telnet Access from Local Host Only on
page 18 and changed step 10 in Remote Information Tab on
page 161.
• Added CX780 to List of Supported Remotes in Appendix H. See
Supported Remotes on page 539.
• Added two notes in Mobile State on page 200.
• Added note under Figure 6-11 in Configuring LAN and
Management Interfaces on page 171.
• Added note under Configuring LAN and Management
Interfaces on page 171.
• Updated Appendix G Remote Locking in iBuilder User Guide to
include support for X5 modem; see Remote Locking on
page 535.
• Added note under Static Routes on page 177.
• Added note at the end of Adding SCPC Upstream Carriers on
page 83.
• Added note above Adding a Rule to an Application Profile or
Filter Profile on page 309.
C March 22, 2017 Updating document format.
D April 28, 2017 iDX Release 3.5.3.0; changes include:
• Updated Appendix G Remote Locking in iBuilder User Guide to
include support for X7 modem; see Remote Locking on
page 535.
• Changed note under Configuring LAN and Management
Interfaces on page 171.
• Removed note under Figure 6-22; see Accelerated GRE Tunnels
on page 180.
• Added note under Changes Made by an HNO During a VNO
Session on page 397.
iBuilder User Guide iii

iDX Release 3.5
Revision History
E August 15, 2017 iDX Release 3.5.4.0; changes include:

• Removed list of features and replaced with reference to
Features and Chassis Licensing Guide at Managing NMS
Licenses on page 60.
• Changed Figure 5-35 and added text about the Hysteresis
Logoff check box at Configuring Uplink Control Parameters on
page 153.
F February 5, 2018 Updates include:
• Added Note about CX780 support after Table 6-1 at iDirect
Remote Satellite Router Models on page 159.
• Added Note concerning Show carriers associated with other
line cards check box after Step 5 at Adding Multiple Receive
Carriers to a Line Card on page 128.
G February 13, 2018 Changed Caution about clamping a remote to a specific blade
at Using Static Routes with Multiple Protocol Processor Blades
on page 178.
iv iBuilder User Guide

iDX Release 3.5
Contents
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii

Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Contents Of This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv
Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxxv
Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxxv
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxvi
The iVantage Network Management System . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Chapter 1 iDirect System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3

System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
IP Network Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 2 Overview of the Network Management System for iBuilder . . 9

2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Required Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.3 Preparing Equipment in Advance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.4 Components of the Network Management System . . . . . . . . . . . . . . . . . . . . . 10
2.4.1 NMS Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.4.2 Server Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.5 Installing iBuilder, iMonitor, and iSite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.5.1 System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.5.2 Installation Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
iBuilder User Guide v

iDX Release 3.5
Contents
2.6 Launching iBuilder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.6.1 Logging On To Another NMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.6.2 Turning Off/On Security Enhancement . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.6.3 Managing Telnet Access from Local Host Only . . . . . . . . . . . . . . . . . . . . . 18
2.6.4 Multiple Users or PCs Accessing the NMS . . . . . . . . . . . . . . . . . . . . . . . . 19
2.6.5 Accepting Changes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.7 iBuilder Tree Folders and Pre-defined Components . . . . . . . . . . . . . . . . . . . . 21
2.7.1 Spacecraft Pre-defined Components . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.7.2 QoS Pre-defined Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.7.3 Components Pre-defined Components . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.7.4 Manufacturers Pre-defined Components . . . . . . . . . . . . . . . . . . . . . . . . 23
2.8 Using the iBuilder Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.8.1 Clicking on Elements and Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.8.2 Using the Docking Feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.8.3 Expanding the iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.8.4 Collapsing the iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.8.5 Sorting Columns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.8.6 Sorting the iBuilder Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.8.7 iBuilder Tree Elements, Folders and Menus . . . . . . . . . . . . . . . . . . . . . . 28
2.8.8 Using the Interface Toolbars and Menu Options . . . . . . . . . . . . . . . . . . . . 31
2.9 Customizing and Creating New Details Views. . . . . . . . . . . . . . . . . . . . . . . . . 40
2.9.1 Customizing Details Views for Configuration Reporting . . . . . . . . . . . . . . . 41
2.9.2 Creating Additional Filters for Customized Reporting . . . . . . . . . . . . . . . . 43
2.10 Working with Multiple Elements Simultaneously. . . . . . . . . . . . . . . . . . . . . . . 44
2.10.1 Working with Multiple Configurations and Image Files . . . . . . . . . . . . . . . 44
2.10.2 Modifying Parameters on Multiple Elements . . . . . . . . . . . . . . . . . . . . . . 45
2.11 Configuration Status of Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
2.11.1 What is a Configuration State? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
2.11.2 Possible Configuration States. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
2.11.3 Configuration State Transition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
2.11.4 Viewing Configuration States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
2.11.5 Reasons for Configuration State Changes . . . . . . . . . . . . . . . . . . . . . . . . 49
vi iBuilder User Guide

iDX Release 3.5
Contents
2.11.6 Configuration States and iMonitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

2.12 In Color versus Shaded Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
2.13 Database Numbering Convention. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
2.14 Viewing the Activity Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
2.15 Configuring Warning Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
2.15.1 Setting Global Warning Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
2.15.2 Customizing Warning Properties for Individual Network Elements . . . . . . . . 57
2.15.3 Clearing Customized Warning Properties . . . . . . . . . . . . . . . . . . . . . . . . 58
2.16 Managing NMS Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
2.16.1 Importing License Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
2.16.2 License Properties Tabs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
2.16.3 Exporting iBuilder Data for Licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . 63
2.16.4 Permanently Enabling Chassis License Download . . . . . . . . . . . . . . . . . . . 66
Chapter 3 Defining Hub RFT Components and the Satellite . . . . . . . . . . 69

3.1 Preparing the Hub RFT Components Folders . . . . . . . . . . . . . . . . . . . . . . . . . 69
3.1.1 Adding an Antenna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
3.1.2 Adding an Upconverter or Downconverter . . . . . . . . . . . . . . . . . . . . . . . 70
3.1.3 Adding a High Power Amplifier (HPA) . . . . . . . . . . . . . . . . . . . . . . . . . . 72
3.2 Adding a Spacecraft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
3.3 Adding a Transponder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
3.4 Adding Bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
3.5 Adding Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
3.5.1 Adding Downstream Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
3.5.2 Adding TDMA Upstream Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
3.5.3 Adding SCPC Upstream Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
3.5.4 Estimating the Information Rate for a DVB-S2 Carrier. . . . . . . . . . . . . . . . 87
Chapter 4 Defining Network Components . . . . . . . . . . . . . . . . . . . . . . . . 89

4.1 Adding a Teleport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
4.2 Adding a Backup Teleport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
4.3 Adding a Hub RFT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
4.4 Protocol Processors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
iBuilder User Guide vii

iDX Release 3.5
Contents
4.4.1 TRANSEC Protocol Processors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

4.4.2 Adding a Protocol Processor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
4.5 Configuring a Protocol Processor to Enable X7 Encrypted Multicast Fast Path on a
Second Demodulator98
4.5.1 Prerequisites for X7 Encrypted MCFP on a Second Demodulator . . . . . . . . . 99
4.6 Setting Warning Properties for Protocol Processor Blades . . . . . . . . . . . . . . . 100
4.7 Adding a Protocol Processor Blade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
4.8 Adding an SVN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
4.8.1 Overriding Automatically-Assigned SVN Addressing . . . . . . . . . . . . . . . . 104
4.8.2 Special VLAN/SVN Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
4.9 Configuring L2oS Hub Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
4.9.1 Configuring SDT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
4.9.2 Configuring L2SW Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
4.9.3 Configuring SVNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Chapter 5 Defining Networks, Line Cards, and Inroute Groups . . . . . . 117

5.1 iDirect Line Card Model Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
5.2 Adding a Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
5.3 Line Card Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
5.4 Adding a Transmit or Transmit and Receive Line Card. . . . . . . . . . . . . . . . . . 121
5.5 Adding Receive-Only (Rx-Only) Line Cards . . . . . . . . . . . . . . . . . . . . . . . . . 124
5.5.1 Adding Multiple Receive Carriers to a Line Card . . . . . . . . . . . . . . . . . . 128
5.6 Deleting a Line Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
5.7 Changing to an Alternate Downstream Carrier . . . . . . . . . . . . . . . . . . . . . . . 132
5.8 Defining a Standby Line Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
5.8.1 Overview of Line Card Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
5.8.2 Adding a Standby Line Card to a Network. . . . . . . . . . . . . . . . . . . . . . . 136
5.8.3 Managing Line Card Redundancy Relationships . . . . . . . . . . . . . . . . . . . 138
5.8.4 Swapping an Active and Standby Line Card. . . . . . . . . . . . . . . . . . . . . . 143
5.8.5 Line Card Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
5.9 Setting Warning Properties for Line Cards. . . . . . . . . . . . . . . . . . . . . . . . . . 145
5.10 Inroute Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
5.10.1 Adding an Inroute Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
viii iBuilder User Guide

iDX Release 3.5
Contents
5.10.2 Configuring Inroute Group Compositions . . . . . . . . . . . . . . . . . . . . . . . 151

5.10.3 Configuring Uplink Control Parameters . . . . . . . . . . . . . . . . . . . . . . . . 153
5.11 DVB-S2 Network Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
5.11.1 System Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
5.11.2 Configuring DVB-S2 Network Parameters . . . . . . . . . . . . . . . . . . . . . . . 156
5.11.3 Adjusting DVB-S2 Parameters for CCM Networks . . . . . . . . . . . . . . . . . . 157
Chapter 6 Configuring Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

6.1 iDirect Remote Satellite Router Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
6.2 Adding Remotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
6.3 Remote Information Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
6.3.1 Transmit and Receive Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
6.3.2 Customers and Distributors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
6.4 Remote IP Config Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
6.4.1 VLAN and LAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
6.4.2 Domain Name System (DNS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
6.4.3 Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . 175
6.4.4 RIPv2, Static Routes, Multicast Groups, Port Forwarding and NAT. . . . . . . 176
6.5 Remote Switch Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
6.6 Remote QoS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
6.6.1 QoS Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
6.6.2 Rate Shaping Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
6.6.3 Adaptive Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
6.6.4 EIR and MODCOD Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
6.6.5 Downstream and Upstream Distributor . . . . . . . . . . . . . . . . . . . . . . . . 198
6.7 Remote Geo Location Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
6.8 Remote VSAT Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
6.8.1 Configuring an ASCSignal Remote Transceiver . . . . . . . . . . . . . . . . . . . . 204
6.8.2 Configuring the Stacker Feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
6.9 Remote VSAT-2 Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
6.10 Remote L2oS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
6.10.1 Configuring SDT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
iBuilder User Guide ix

iDX Release 3.5
Contents
6.10.2 Configuring SVNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

6.10.3 Configuring Header Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
6.11 Setting Warning Properties for Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
6.12 Adding a Remote by Cloning an Existing Remote . . . . . . . . . . . . . . . . . . . . . 214
6.13 Roaming Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
6.13.1 Adding a Roaming Remote. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
6.13.2 Managing Roaming Remote Configuration. . . . . . . . . . . . . . . . . . . . . . . 217
6.13.3 Beam Switching for Roaming Remotes . . . . . . . . . . . . . . . . . . . . . . . . . 223
6.14 Enabling IP Packet Compression Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
6.14.1 TCP Payload Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
6.14.2 UDP Header Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
6.14.3 CRTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
6.14.4 UDP Payload Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
6.14.5 L2TP Payload Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Chapter 7 Configuring Quality of Service for iDirect Networks . . . . . . 229

7.1 Group QoS Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
7.1.1 QoS Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
7.1.2 Group QoS Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
7.1.3 QoS Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
7.1.4 Multicast Bandwidth Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
7.2 Configuring Group QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
7.2.1 The Group QoS User Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
7.2.2 Estimating Effective MIR and CIR for DVB-S2 Networks . . . . . . . . . . . . . . 252
7.2.3 Allocation Fairness Relative to CIR . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
7.2.4 Allocation Fairness Relative to MODCOD . . . . . . . . . . . . . . . . . . . . . . . 258
7.2.5 Adding a Bandwidth Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
7.2.6 Adding a Service Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
7.2.7 Working with Application Service Groups . . . . . . . . . . . . . . . . . . . . . . . 264
7.2.8 Working with Remote Service Groups . . . . . . . . . . . . . . . . . . . . . . . . . 282
7.2.9 Configuring Full-Trigger CIR for a Remote . . . . . . . . . . . . . . . . . . . . . . 291
7.3 Working with Group Profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
x iBuilder User Guide

iDX Release 3.5
Contents
7.3.1 Saving Group Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

7.3.2 Copying Group Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
7.3.3 Modifying Group Profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
7.3.4 Applying Group Profiles to Networks and Inroute Groups. . . . . . . . . . . . . 299
7.4 Application Profiles and Filter Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
7.4.1 Adding a Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
7.4.2 Copying a Profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
7.4.3 Adding an Application Profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
7.4.4 Adding a Filter Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
7.4.5 Adding a Rule to an Application Profile or Filter Profile . . . . . . . . . . . . . 309
Chapter 8 Configuring a Hub Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

8.1 Configuring the Chassis IP Address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
8.1.1 Setting the IP Address for a Chassis with an EDAS Controller Board . . . . . . 314
8.1.2 Setting the IP Address for a Chassis with a MIDAS Controller Board . . . . . . 314
8.2 Chassis Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
8.3 Configuring and Controlling the Hub Chassis . . . . . . . . . . . . . . . . . . . . . . . . 316
8.4 Configuring a Four-Slot Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
8.5 Sharing a 20 Slot Chassis in a Multi-NMS System . . . . . . . . . . . . . . . . . . . . . . 322
8.5.1 Sharing the Chassis Manager Server. . . . . . . . . . . . . . . . . . . . . . . . . . . 323
8.5.2 Configuring Chassis Slots for Access by Another NMS . . . . . . . . . . . . . . . 324
8.5.3 Duplicating the Chassis Configuration on the Second NMS . . . . . . . . . . . . 326
8.5.4 Pointing an NMS to the Local Chassis Manager. . . . . . . . . . . . . . . . . . . . 327
8.6 Changing a Chassis IP Address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
Chapter 9 Controlling Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

9.1 Activating and Deactivating Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
9.2 Moving Remotes Between Networks, Inroute Groups, and Line Cards . . . . . . . . 333
Chapter 10 Retrieving and Applying Saved and Active Configurations . 337

10.1 Configuration Options Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
10.2 Hub-side and Remote-side Options Files . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
10.3 Modifying, Deleting, and Viewing Configurations . . . . . . . . . . . . . . . . . . . . . 338
iBuilder User Guide xi

iDX Release 3.5
Contents
10.4 Retrieving Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

10.4.1 Retrieving a Single Saved or Active Configuration . . . . . . . . . . . . . . . . . 339
10.4.2 Retrieving Multiple Saved or Active Configurations . . . . . . . . . . . . . . . . 340
10.5 Comparing Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
10.6 Applying Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
10.6.1 Applying Multiple Configurations to Network Elements . . . . . . . . . . . . . . 344
10.6.2 Applying a Configuration to a Protocol Processor or Chassis. . . . . . . . . . . 347
10.6.3 Applying a Configuration to the Network . . . . . . . . . . . . . . . . . . . . . . . 347
10.6.4 Applying a Configuration to the Line Card . . . . . . . . . . . . . . . . . . . . . . 348
10.6.5 Applying a TCP or UDP Configuration to a Remote . . . . . . . . . . . . . . . . . 349
10.7 Configuration Changes on Roaming Remotes . . . . . . . . . . . . . . . . . . . . . . . . 350
10.7.1 Roaming Options File Generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
10.7.2 Pending Changes across Networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
10.7.3 Applying Changes to Roaming Remotes . . . . . . . . . . . . . . . . . . . . . . . . 352
Chapter 11 Upgrading Software and Firmware . . . . . . . . . . . . . . . . . . . . 353

11.1 Image Package Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
11.2 Upgrading with the Multicast Download Feature . . . . . . . . . . . . . . . . . . . . . 354
11.2.1 Multicast Download Using UDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354
11.2.2 Multicast Download Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
11.2.3 Selecting the Download Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 355
11.2.4 Multicast Download Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
11.2.5 Downloading an Image to Out of Network Remotes . . . . . . . . . . . . . . . . 360
11.2.6 Interactions with Other iBuilder Operations . . . . . . . . . . . . . . . . . . . . . 360
11.2.7 Resetting Remotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
11.3 Upgrading with the TCP Download Feature . . . . . . . . . . . . . . . . . . . . . . . . . 361
11.3.1 TCP Download Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
11.3.2 Selecting the Download Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 362
11.3.3 TCP Download Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
11.4 Upgrading Remotes Using Revision Server . . . . . . . . . . . . . . . . . . . . . . . . . . 367
11.4.1 How the Revision Server Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
11.4.2 When to Use the Revision Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
xii iBuilder User Guide

iDX Release 3.5
Contents
11.4.3 Starting the Revision Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

11.4.4 Controlling the Revision Server Real-Time Event Display . . . . . . . . . . . . . 371
11.4.5 Monitoring Upgrades Using the Revision Server Status Pane . . . . . . . . . . . 373
11.4.6 Cancelling an Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Chapter 12 Commissioning a Hub Line Card . . . . . . . . . . . . . . . . . . . . . . 377

12.1 Prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
12.2 Add the Line Card in iBuilder and Retrieve the Configuration . . . . . . . . . . . . . 378
12.3 Power on the Line Card. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
12.4 Determine the IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
12.5 Download the Image Packages and Options File . . . . . . . . . . . . . . . . . . . . . . 381
12.6 Connect the Transmit Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
12.7 Connect the Receive Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
12.8 Perform 1 dB Compression Point Test with the Satellite Operator . . . . . . . . . . 386
12.9 Set the Transmit Power for the Outroute with the Satellite Operator . . . . . . . 387
12.10 Connect to the LAN and Apply the Line Card Configuration . . . . . . . . . . . . . . 388
Chapter 13 Managing User Accounts and User Groups . . . . . . . . . . . . . . 389

13.1 Conversion of User Accounts During Upgrade Procedure . . . . . . . . . . . . . . . . 389
13.2 NMS User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
13.2.1 Visibility and Access for VNO User Groups . . . . . . . . . . . . . . . . . . . . . . 390
13.2.2 Visibility and Access for CNO User Groups . . . . . . . . . . . . . . . . . . . . . . 392
13.2.3 Creating and Managing VNO and CNO User Groups . . . . . . . . . . . . . . . . . 392
13.2.4 Setting Global Rate Limits for User Groups. . . . . . . . . . . . . . . . . . . . . . 395
13.2.5 Modifying per Node VNO Properties . . . . . . . . . . . . . . . . . . . . . . . . . . 396
13.2.6 Changes Made by an HNO During a VNO Session. . . . . . . . . . . . . . . . . . . 397
13.2.7 Sharing a Chassis Among Multiple VNO User Groups . . . . . . . . . . . . . . . . 398
13.2.8 Configuring VNO Access Rights for a Shared Chassis . . . . . . . . . . . . . . . . 401
13.2.9 Configuring VNO Access Rights for SCPC Return Channels . . . . . . . . . . . . 404
13.2.10 VNO Operations on Line Cards in SCPC Return Mode. . . . . . . . . . . . . . . . 405
13.3 Modifying Group QoS Settings for VNO User Groups . . . . . . . . . . . . . . . . . . . 407
13.3.1 Restricting VNO Access to GQoS Tab Only . . . . . . . . . . . . . . . . . . . . . . 407
13.3.2 Assigning Ownership of Group QoS Nodes to a VNO . . . . . . . . . . . . . . . . 409
iBuilder User Guide xiii

iDX Release 3.5
Contents
13.3.3 Setting VNO Permissions for Group QoS Nodes . . . . . . . . . . . . . . . . . . . 412

13.3.4 Viewing GQoS Nodes in a VNO Session . . . . . . . . . . . . . . . . . . . . . . . . . 414
13.3.5 Setting VNO Permissions for QoS Profiles . . . . . . . . . . . . . . . . . . . . . . . 414
13.4 Adding and Managing User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
13.4.1 Adding a User and Defining User Privileges . . . . . . . . . . . . . . . . . . . . . . 417
13.4.2 Modifying a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
13.4.3 Adding a User by Cloning a User’s Account . . . . . . . . . . . . . . . . . . . . . . 419
13.4.4 Viewing a User’s Account Properties . . . . . . . . . . . . . . . . . . . . . . . . . . 421
13.4.5 Deleting an Existing User’s Account . . . . . . . . . . . . . . . . . . . . . . . . . . 421
13.4.6 Managing Accounts from the Active Users Pane . . . . . . . . . . . . . . . . . . . 421
13.5 Changing Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
13.6 User Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
13.6.1 Super User and Guest Level Privileges . . . . . . . . . . . . . . . . . . . . . . . . . 426
13.6.2 Super User and Guest Privileges for VNOs. . . . . . . . . . . . . . . . . . . . . . . 426
13.7 Simultaneous Changes to the NMS Database . . . . . . . . . . . . . . . . . . . . . . . . 427
Chapter 14 Converting to Adaptive TDMA . . . . . . . . . . . . . . . . . . . . . . . . 429

14.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429
14.2 Prerequisites for Converting to Adaptive TDMA . . . . . . . . . . . . . . . . . . . . . . 429
14.3 Converting an Inroute Group to Adaptive TDMA . . . . . . . . . . . . . . . . . . . . . . 430
14.3.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
14.3.2 Configure Adaptive Parameters for Individual Remotes. . . . . . . . . . . . . . 430
14.3.3 Add the New TDMA Upstream Carriers . . . . . . . . . . . . . . . . . . . . . . . . . 431
14.3.4 Update Inroute Group Composition 1 . . . . . . . . . . . . . . . . . . . . . . . . . 433
14.3.5 Verify Network Performance Using IGC 1 . . . . . . . . . . . . . . . . . . . . . . . 436
14.3.6 Configure the Remaining IGCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
14.4 Verifying Adaptive Network Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
14.4.1 Verify Remote TDMA Initial Power . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
14.4.2 Verify Remote TDMA Maximum Power . . . . . . . . . . . . . . . . . . . . . . . . . 439
14.4.3 Monitor Adaptive TDMA Performance . . . . . . . . . . . . . . . . . . . . . . . . . 440
14.4.4 Carrier Grooming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
xiv iBuilder User Guide

iDX Release 3.5
Contents
Chapter 15 Converting a Network to TRANSEC . . . . . . . . . . . . . . . . . . . . 445

15.1 TRANSEC Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
15.2 TRANSEC Host Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
15.3 Reconfiguring the Network for TRANSEC. . . . . . . . . . . . . . . . . . . . . . . . . . . 447
15.4 Configuring the Initial ACC Keys on the Remotes . . . . . . . . . . . . . . . . . . . . . 450
15.5 Changing from TRANSEC to Non-TRANSEC . . . . . . . . . . . . . . . . . . . . . . . . . . 450
Appendix A Configuring a Distributed NMS Server . . . . . . . . . . . . . . . . . . 453

A.1 Prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
A.2 Distributed NMS Server Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
A.3 Logging On to iBuilder and iMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
A.4 Setting Up a Distributed NMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
A.5 Regenerating the Options Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
A.6 Granting Read Permissions to NMS 2 and NMS 3 . . . . . . . . . . . . . . . . . . . . . . 459
A.7 Assigning QoS Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
A.8 Configuring Database Backup and Restore . . . . . . . . . . . . . . . . . . . . . . . . . 461
A.9 Verifying Correct Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
A.10 Running the NAT Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
A.11 Managing a Distributed NMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
A.11.1 Enabling and Disabling Services for DNMS. . . . . . . . . . . . . . . . . . . . . . . 463
A.11.2 Executing DNMS Management Scripts. . . . . . . . . . . . . . . . . . . . . . . . . . 463
Appendix B Using the iDirect CA Foundry . . . . . . . . . . . . . . . . . . . . . . . . . 467

B.1 Accessing the CA Foundry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
B.2 Creating a Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
B.3 Logging On to a Certificate Authority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
B.4 Connecting to a Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
B.5 Bringing an Unauthorized Remote into a TRANSEC Network . . . . . . . . . . . . . . 471
B.6 Certifying a Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
B.7 Revoking a Remote’s Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Appendix C Managing TRANSEC Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

C.1 Configuring the ACC Key on a Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
iBuilder User Guide xv

iDX Release 3.5
Contents
C.2 Updating the DCC Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

C.3 Changing the DCC Key Update Frequency . . . . . . . . . . . . . . . . . . . . . . . . . . 480
C.4 Updating the ACC Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
C.5 Verifying the ACC Keys on an In-Network Remote . . . . . . . . . . . . . . . . . . . . 482
C.6 Identifying the Blade that Distributes TRANSEC Keys . . . . . . . . . . . . . . . . . . 485
Appendix D Global Key Distribution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

D.1 Reasons for Global Key Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
D.1.1 Distribution of ACC Keys to TRANSEC Networks . . . . . . . . . . . . . . . . . . . 487
D.2 Setting Up Global Key Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
D.2.1 Installing the GKD Server Software . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
D.2.2 Adding GKDs in iBuilder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
D.2.3 GKD Options Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
D.2.4 Creating a GKD Options File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
D.2.5 Certifying and Starting the GKD Server . . . . . . . . . . . . . . . . . . . . . . . . 494
D.3 Additional GKD Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
D.3.1 Logging On to the GKD Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
D.3.2 Changing the GKD Console Password . . . . . . . . . . . . . . . . . . . . . . . . . . 495
D.3.3 Determining the GKD Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
D.3.4 Viewing and Changing the Key Update Frequency . . . . . . . . . . . . . . . . . 498
D.3.5 Determining the Time of the Next Key Update . . . . . . . . . . . . . . . . . . . 499
D.4 Setting Up Global Key Distribution for Encrypted Multicast Fast Path on an X7 Second
Demodulator500
D.4.1 Configuring GKD for Encrypted Multicast Fast Path in Primary Networks . . 500
D.4.2 Configuring GKD for Encrypted Multicast Fast Path in Secondary Networks . 502
D.4.3 Creating a GKD Options File for MCFPE for X7 Remotes with a Second
Downstream Carrier505
Appendix E Configuring Networks for Automatic Beam Selection . . . . . 507

E.1 Configuring and Running the Map Server. . . . . . . . . . . . . . . . . . . . . . . . . . . 508
E.1.1 The Map Server Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . 508
E.1.2 Adding Beams to the Beam Map File . . . . . . . . . . . . . . . . . . . . . . . . . . 509
E.1.3 Running the Map Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
xvi iBuilder User Guide

iDX Release 3.5
Contents
E.2 Configuring Remotes for Automatic Beam Selection . . . . . . . . . . . . . . . . . . . 511

E.2.1 Configuring an Antenna Reflector for ABS . . . . . . . . . . . . . . . . . . . . . . 511
E.2.2 Configuring a Remote for ABS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
E.2.3 Changing the Minimum Look Angle . . . . . . . . . . . . . . . . . . . . . . . . . . . 516
E.3 Remote Custom Keys for Automatic Beam Selection . . . . . . . . . . . . . . . . . . . 516
E.3.1 Configuring the Network Acquisition Timers . . . . . . . . . . . . . . . . . . . . . 518
E.3.2 Changing the Download Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518
E.3.3 Muting a Remote’s Transmitter when Mapless. . . . . . . . . . . . . . . . . . . . 519
E.3.4 Changing the Time a Beam is Considered Unusable . . . . . . . . . . . . . . . . 519
E.3.5 Changing the GPS Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520
E.3.6 Enabling or Disabling Receive-Only Mode . . . . . . . . . . . . . . . . . . . . . . . 520
E.3.7 Enabling a Local Map Server on a Remote Modem . . . . . . . . . . . . . . . . . 520
E.4 Remote Console Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521
E.4.1 latlong . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521
E.4.2 tlev . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522
E.4.3 antenna debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523
E.4.4 beam debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524
E.4.5 beamselector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524
E.4.6 map debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526
E.4.7 map show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
E.4.8 map delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
Appendix F COTM Settings and Custom Keys . . . . . . . . . . . . . . . . . . . . . . 529

F.1 Maximum Speed for Remotes in an Inroute Group . . . . . . . . . . . . . . . . . . . . 529
F.2 COTM Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530
F.3 TDMA Upstream Acquisition Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530
F.4 Inroute Map Stale Timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
F.5 Minimum Symbol Rates for Mobile Remotes. . . . . . . . . . . . . . . . . . . . . . . . . 531
F.6 SCPC Upstream Acquisition Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532
F.7 FEC Blocks per Frame for Spread Spectrum SCPC Return Channels . . . . . . . . . 533
F.8 Guard Band for SCPC Return Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
F.9 Remote LFO Correction Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
iBuilder User Guide xvii

iDX Release 3.5
Contents
Appendix G Remote Locking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535

G.1 Soft Locking versus Hard Locking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
G.2 Locking an Evolution X3 Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536
G.2.1 Configuring the Network Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536
G.2.2 Setting a Soft Lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536
G.2.3 Removing a Soft Lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537
G.2.4 Setting a Hard Lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537
G.2.5 Checking Remote Lock Status on an Evolution X3 Remote . . . . . . . . . . . . 538
G.2.6 Non-Warranty RMA Required to Remove X3 Locks . . . . . . . . . . . . . . . . . 538
Appendix H Configuring Remote and PP Signaled Beam Switching . . . . 539

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
Supported Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
Configuring Remote Signaled Beam Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540
Configuring PP Signaled Beam Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544
Debug Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
Glossary of Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565
xviii iBuilder User Guide

iDX Release 3.5
Figures
Figure 1-1. Sample iDirect Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Figure 1-2. iDirect IP Architecture – Multiple VLANs per Remote. . . . . . . . . . . . . . . . . . . . . . 6
Figure 1-3. iDirect IP Architecture – VLAN Spanning Remotes . . . . . . . . . . . . . . . . . . . . . . . . 7
Figure 1-4. iDirect IP Architecture – Classic IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . 8
Figure 2-1. Windows 7 Start Menu Entries for NMS GUI Clients . . . . . . . . . . . . . . . . . . . . . . 14
Figure 2-2. iBuilder Login Information Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Figure 2-3. Detected Default Password Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Figure 2-4. Change Password Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Figure 2-5. Connecting iBuilder to Another NMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Figure 2-6. para_cfg.opt with Security Checking Turned Off . . . . . . . . . . . . . . . . . . . . . . 17
Figure 2-7. Clearing Automatically Accept Configuration Changes . . . . . . . . . . . . . . . . . . . 20
Figure 2-8. Accept Changes Button Indicating Configuration Change . . . . . . . . . . . . . . . . . . 20
Figure 2-9. Configuration Changes Pending Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Figure 2-10. iBuilder Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Figure 2-11. Bench Test Components in Initial iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . 21
Figure 2-12. QoS Subfolders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 2-13. Pre-defined Hub RFT Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 2-14. Pre-defined Remote Antenna Components . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Figure 2-15. Example of Entries in Manufacturers Folder . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Figure 2-16. iBuilder Main Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Figure 2-17. . Expand Tree Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 2-18. Expanded Tree with Child Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 2-19. Collapse Tree Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 2-20. Collapsed Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 2-21. Sorting Columns. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 2-22. Sort Preferences Dialog Box: Selecting Sort Order . . . . . . . . . . . . . . . . . . . . . . 27
Figure 2-23. Sort Preferences Dialog Box: Selecting the Sort Field . . . . . . . . . . . . . . . . . . . . 28
Figure 2-24. Fully-Expanded Network in the iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . 29
Figure 2-25. Fully-Expanded Folder in the iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Figure 2-26. iBuilder Tree Showing Elements with Insecure Passwords . . . . . . . . . . . . . . . . . 30
Figure 2-27. Adding a New Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 2-28. iBuilder Title Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 2-29. iBuilder Menu Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 2-30. iBuilder Toolbar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Figure 2-31. Selecting Search Criteria on Find Toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Figure 2-32. Find Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Figure 2-33. iBuilder View Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Figure 2-34. iBuilder Status Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
iBuilder User Guide xix

iDX Release 3.5
Figures
Figure 2-35. iBuilder Active Users Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Figure 2-36. iBuilder Legend Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Figure 2-37. Accept Configuration Changes Icon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Figure 2-38. Configuration Changes Pane. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Figure 2-39. Example of Configuration States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Figure 2-40. Selecting Details from the View Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Figure 2-41. Network Selected in Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 2-42. Result in Details View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 2-43. Network Selected in Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 2-44. Result in Details View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 2-45. Choose Details Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Figure 2-46. Selecting a Details Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Figure 2-47. View Details for Carrier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 2-48. Adding a Custom Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 2-49. Custom Report Modify Button. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 2-50. Custom Report Delete Button. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 2-51. Selecting the Parent Element for Group Editing. . . . . . . . . . . . . . . . . . . . . . . . 45
Figure 2-52. Selecting Multiple Elements for Group Editing . . . . . . . . . . . . . . . . . . . . . . . . . 46
Figure 2-53. Configuration States of an iDirect Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Figure 2-54. Modifying an Assigned Network Element. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Figure 2-55. New Teleport with System-Generated Number . . . . . . . . . . . . . . . . . . . . . . . . 51
Figure 2-56. Partial List of Activities Displayed in the Activity Log . . . . . . . . . . . . . . . . . . . . 51
Figure 2-57. Activity Log Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Figure 2-58. Ellipsis Button and Graphical Clock Display . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Figure 2-59. . Opening an Options File from the Activity Log. . . . . . . . . . . . . . . . . . . . . . . . . 53
Figure 2-60. . Copying Multiple Rows from the Activity Log. . . . . . . . . . . . . . . . . . . . . . . . . . 54
Figure 2-61. Modify Global Warning Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Figure 2-62. Modify Warning Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Figure 2-63. Warning Properties Tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Figure 2-64. Viewing the iBuilder License Toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Figure 2-65. Enabling Chassis License Download to Chassis Manager . . . . . . . . . . . . . . . . . . 61
Figure 2-66. Select License Type Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Figure 2-67. Selecting a License File for Import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 2-68. Accepting Changes Importing a License File . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 2-69. License Properties Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Figure 2-70. Selecting Export Data for Licensing on License Toolbar . . . . . . . . . . . . . . . . . . . 64
Figure 2-71. Selecting Data for Licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Figure 2-72. Saving Data for License Request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Figure 2-73. Sample License Request CSV file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Figure 2-74. para_cfg.opt with Chassis License Download Enabled . . . . . . . . . . . . . . . . . . . . 66
Figure 3-1. New Antenna Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
xx iBuilder User Guide

iDX Release 3.5
Figures
Figure 3-2. New Upconverter Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Figure 3-3. New HPA Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Figure 3-4. New Spacecraft Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Figure 3-5. Bandwidth Hierarchy in the iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Figure 3-6. Hub Transponder Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Figure 3-7. New Bandwidth Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Figure 3-8. New Downstream Carrier Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Figure 3-9. New TDMA Upstream Carrier Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Figure 3-10. Payload Size Field for Adaptive Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Figure 3-11. Selecting an Upstream Spreading Factor . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Figure 3-12. SCPC Upstream Carrier Icon in iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Figure 3-13. New SCPC Upstream Carrier Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Figure 3-14. MODCOD Distribution Calculator for DVB-S2 Carriers. . . . . . . . . . . . . . . . . . . . . 87
Figure 3-15. Calculating Estimated Information Rate for a DVB-S2 Network . . . . . . . . . . . . . . 88
Figure 4-1. Teleport Information Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Figure 4-2. Teleport Geo Location Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Figure 4-3. Configuring a Backup Teleport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Figure 4-4. Roaming Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Figure 4-5. Automated Configuration Downloader Dialog Box. . . . . . . . . . . . . . . . . . . . . . . 93
Figure 4-6. New Hub RFT Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Figure 4-7. New Protocol Processor Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Figure 4-8. Persistent Multicast Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Figure 4-9. Protocol Processor GKD Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Figure 4-10. Protocol Processor Blades Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Figure 4-11. Protocol Processor Blade Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Figure 4-12. Protocol Processor SVNs Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Figure 4-13. Protocol Processor Add/Edit SVN Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . 103
Figure 4-14. Overriding Automatically-Assigned SVN Addressing . . . . . . . . . . . . . . . . . . . . . 104
Figure 4-15. Protocol Processor SVN Tab with L2oS Enabled Checked . . . . . . . . . . . . . . . . . 105
Figure 4-16. Protocol Processor SVN Tab Showing CE Tag Transparent SVNs . . . . . . . . . . . . . 106
Figure 4-17. Protocol Processor MAC Address Aging Timeout . . . . . . . . . . . . . . . . . . . . . . . 108
Figure 4-18. Add/Edit SVN Dialog Box for Layer 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Figure 5-1. Network Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Figure 5-2. Persistent Multicast Group Dialog Box for a Network . . . . . . . . . . . . . . . . . . . 119
Figure 5-3. iBuilder Line Card Type Selections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Figure 5-4. New Transmit Line Card Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
iBuilder User Guide xxi

iDX Release 3.5
Figures
Figure 5-5. New Receive Line Card Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Figure 5-6. Single Channel TDMA Receive Mode Traffic Slot Warning . . . . . . . . . . . . . . . . . 127
Figure 5-7. Line Card Receive Properties: Multiple Channel Modes . . . . . . . . . . . . . . . . . . 128
Figure 5-8. Adding an Rx Line Card: Select Carrier Dialog Box . . . . . . . . . . . . . . . . . . . . . 128
Figure 5-9. Viewing Other Assigned Upstream Carriers . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Figure 5-10. Associating an SCPC Return Channel with a VNO User Group . . . . . . . . . . . . . . 130
Figure 5-11. Removing a Line Card from an Inroute Group . . . . . . . . . . . . . . . . . . . . . . . . 131
Figure 5-12. Removing a Line Card from the Hub RFT . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Figure 5-13. Deactivating a Line Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Figure 5-14. Setting a Line Card to Standby . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Figure 5-15. Swapping the Downstream Carriers: Initial Configuration . . . . . . . . . . . . . . . . 133
Figure 5-16. Selecting the New Alternate Downstream Carrier. . . . . . . . . . . . . . . . . . . . . . 133
Figure 5-17. Selecting the New Primary Downstream Carrier . . . . . . . . . . . . . . . . . . . . . . . 134
Figure 5-18. New Standby Line Card Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Figure 5-19. Sample Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Figure 5-20. Manage Line Card Redundancy Dialog Box: By Standby View . . . . . . . . . . . . . . 139
Figure 5-21. Manage Line Card Redundancy Dialog Box: By Active View. . . . . . . . . . . . . . . . 139
Figure 5-22. Assigning a Warm Standby Line Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Figure 5-23. Assigning a Cold Standby Line Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Figure 5-24. Removing a Cold Redundancy Relationship . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Figure 5-25. Choosing a New Active Line Card During Line Card Swap . . . . . . . . . . . . . . . . . 144
Figure 5-26. Line Card Swap Event Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Figure 5-27. Inroute Group Relationships in a TDMA Network . . . . . . . . . . . . . . . . . . . . . . 146
Figure 5-28. Inroute Group Information Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Figure 5-29. Carrier Grooming Pop-Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Figure 5-30. Assign Hub to Inroute Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Figure 5-31. Adding or Cloning an IGC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Figure 5-32. Editing the New IGC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Figure 5-33. Inroute Group Composition Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Figure 5-34. Selecting the MODCOD of an Adaptive Carrier in an IGC . . . . . . . . . . . . . . . . . 153
Figure 5-35. Inroute Group Uplink Control Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Figure 5-36. DVB-S2 Configuration Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Figure 6-1. Remote Information Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Figure 6-2. Detected Telnet access from local host only Dialog Box . . . . . . . . . . . . . . . . . 164
Figure 6-3. Remote Information Tab: Transmit and Receive Parameters for TDMA Remote . . 165
Figure 6-4. Remote Information Tab: Transmit and Receive Parameters for SCPC Remote. . . 166
Figure 6-5. SCPC Initial Power Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Figure 6-6. Remote Information Tab: Customer and Distributor Parameters . . . . . . . . . . . . 167
Figure 6-7. Add Customers Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Figure 6-8. Customers Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Figure 6-9. Entering Customer Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
xxii iBuilder User Guide

iDX Release 3.5
Figures
Figure 6-10. Sample VLAN Network Layout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Figure 6-11. Remote IP Config Tab: Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . 171
Figure 6-12. Remote IP Config Tab: Adding Layer 3 SVN . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Figure 6-13. Remote IP Config Tab: DNS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Figure 6-14. Remote IP Config Tab: DHCP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . 175
Figure 6-15. Remote IP Config Sub-Tabs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Figure 6-16. Remote IP Config Tab: Routes Sub-Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Figure 6-17. Remote IP Config Tab: Static Routes Sub-Tab . . . . . . . . . . . . . . . . . . . . . . . . 177
Figure 6-18. Add Static Route dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Figure 6-19. Deactivating a Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Figure 6-20. Remote IP Config Tab: Port Forwarding Sub-Tab . . . . . . . . . . . . . . . . . . . . . . 179
Figure 6-21. Add Port Forwarding Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Figure 6-22. Remote IP Config Tab: GRE Tunnels Sub-Tab. . . . . . . . . . . . . . . . . . . . . . . . . 180
Figure 6-23. GRE Tunnel Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Figure 6-24. Remote IP Config Tab: Multicast Group Sub-Tab . . . . . . . . . . . . . . . . . . . . . . 181
Figure 6-25. Persistent Multicast Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Figure 6-26. Remote Switch Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Figure 6-27. SVN/VLAN ID Assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Figure 6-28. Dedicating a Port to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Figure 6-29. Switch Tab with Dedicated VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Figure 6-30. Reconfiguring a Port with Assigned VLANs as a Trunk . . . . . . . . . . . . . . . . . . . 186
Figure 6-31. Selecting the Same Switch Setting for All Ports . . . . . . . . . . . . . . . . . . . . . . . 186
Figure 6-32. Port Properties Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Figure 6-33. Remote QoS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Figure 6-34. Remote QoS Tab: QoS Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Figure 6-35. Remote QoS Tab: Selecting a Filter Profile . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Figure 6-36. Remote QoS Tab: QoS Profile Select Dialog Box . . . . . . . . . . . . . . . . . . . . . . . 190
Figure 6-37. Remote QoS Tab: Multiple Service Profiles Assigned . . . . . . . . . . . . . . . . . . . . 191
Figure 6-38. Selecting an Upstream Remote Profile for an SCPC Remote . . . . . . . . . . . . . . . 192
Figure 6-39. Remote QoS Tab: Upstream and Downstream Rate Shaping . . . . . . . . . . . . . . . 192
Figure 6-40. Configuring Active, Idle and Dormant States . . . . . . . . . . . . . . . . . . . . . . . . . 195
Figure 6-41. Configuring Remote Adaptive Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Figure 6-42. Remote QoS Tab: EIR and MODCOD Parameters . . . . . . . . . . . . . . . . . . . . . . . 197
Figure 6-43. Remote QoS Tab: Downstream Distributor . . . . . . . . . . . . . . . . . . . . . . . . . 198
Figure 6-44. Remote Geo Location Tab: Settings for Stationary Remotes . . . . . . . . . . . . . . . 199
Figure 6-45. Remote Geo Location Tab: Settings for Mobile Remotes . . . . . . . . . . . . . . . . . 199
Figure 6-46. Remote VSAT Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Figure 6-47. Remote VSAT Tab with SeaTel ABS Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Figure 6-48. LNB Dialog Box: Selecting DC Voltage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Figure 6-49. LNB Dialog Box: Enabling 22 kHz Tone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Figure 6-50. Remote VSAT-2 Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
iBuilder User Guide xxiii

iDX Release 3.5
Figures
Figure 6-51. QoS Application: Multicast Fast Path Stream Number . . . . . . . . . . . . . . . . . . . 208
Figure 6-52. Remote L2oS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Figure 6-53. Adding Layer 2 SVN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Figure 6-54. CE Tag Transparent SVNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Figure 6-55. Remote MAC Address Aging Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Figure 6-56. L2oS Advanced Header Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Figure 6-57. Roaming Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Figure 6-58. Roaming Properties Update Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Figure 6-59. Modifying Shared Parameters of All Roaming Remote Instances . . . . . . . . . . . . 219
Figure 6-60. iBuilder View Menu: Collapse Details Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 220
Figure 6-61. iBuilder Details View with Collapsed Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 220
Figure 6-62. Modifying Shared Parameters of Multiple Roaming Remotes Instances . . . . . . . . 221
Figure 6-63. Add Multiple Roaming Remotes Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Figure 6-64. Add Roaming Remotes to Networks Dialog Box . . . . . . . . . . . . . . . . . . . . . . . 223
Figure 6-65. Using the Console beamselector Command . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Figure 6-66. Selecting Compression Types on the Remote Information Tab . . . . . . . . . . . . . 225
Figure 6-67. Enabling L2TP Payload Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Figure 7-1. Group QoS Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Figure 7-2. Application Service Group vs. Remote Service Group . . . . . . . . . . . . . . . . . . . 235
Figure 7-3. Application Service Group Subtree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Figure 7-4. Remote Service Group Subtree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Figure 7-5. SCPC Remote Upstream QoS Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Figure 7-6. Remote Based Mode vs. Application Based Mode . . . . . . . . . . . . . . . . . . . . . . 241
Figure 7-7. Selecting the QoS Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Figure 7-8. Selecting the Group QoS View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Figure 7-9. Group QoS: Group View. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Figure 7-10. Group QoS: Service Profile View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Figure 7-11. Group QoS: Service Profile-Remote View . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Figure 7-12. Remote Profile View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Figure 7-13. Group QoS: Remote View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Figure 7-14. Configured vs. Effective MIR and CIR before Estimation . . . . . . . . . . . . . . . . . 252
Figure 7-15. MODCOD Distribution Calculator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Figure 7-16. Calculating Estimated Information Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Figure 7-17. Calculating Information Rate Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Figure 7-18. Configured vs. Effective MIR and CIR after Estimation. . . . . . . . . . . . . . . . . . . 255
Figure 7-19. Effective MIR and CIR in the Group View . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Figure 7-20. Competing Service Groups without Allocation Fairness Relative to CIR . . . . . . . 256
Figure 7-21. Results of Selecting Allocation Fairness Relative to CIR on Parent . . . . . . . . . . . 257
Figure 7-22. Configured vs. Effective Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Figure 7-23. Results of Selecting Allocation Fairness Relative to Nominal MODCOD . . . . . . . . 258
Figure 7-24. Selecting Allocation Fairness Relative to Nominal MODCOD . . . . . . . . . . . . . . . 260
xxiv iBuilder User Guide

iDX Release 3.5
Figures
Figure 7-25. Bandwidth Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Figure 7-26. New Bandwidth Group in Group QoS Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Figure 7-27. Service Group Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Figure 7-28. New Application Service Group Inserted Into a Bandwidth Group . . . . . . . . . . . 264
Figure 7-29. QoS Application Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Figure 7-30. Selecting a User Multicast MODCOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Figure 7-31. New Application Inserted Into an Application Service Group . . . . . . . . . . . . . . 267
Figure 7-32. QoS Service Profile Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
Figure 7-33. Application Properties Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Figure 7-34. Multiple Service Profiles Assigned to a Single Remote . . . . . . . . . . . . . . . . . . . 272
Figure 7-35. Moving Remotes Between QoS Service Profiles . . . . . . . . . . . . . . . . . . . . . . . 274
Figure 7-36. Dragging a Remote Between QoS Service Profiles. . . . . . . . . . . . . . . . . . . . . . 275
Figure 7-37. Overriding Application Properties on Individual Remotes . . . . . . . . . . . . . . . . . 277
Figure 7-38. Example Downstream Multicast Application Profile and Rule . . . . . . . . . . . . . . 278
Figure 7-39. QoS Application Dialog Box: Selecting Multicast Fast Path . . . . . . . . . . . . . . . . 278
Figure 7-40. Selecting a Fast Path Application Profile for a Multicast Application . . . . . . . . . 279
Figure 7-41. Opening the Multicast Service Profile View . . . . . . . . . . . . . . . . . . . . . . . . . 280
Figure 7-42. Inserting a Multicast Service Profile into the Multicast Service Group . . . . . . . . 280
Figure 7-43. Selecting a Fast Path Application for a Multicast Service Profile . . . . . . . . . . . . 281
Figure 7-44. Assigning a Multicast Fast Path Service Profile to Remotes . . . . . . . . . . . . . . . 281
Figure 7-45. Remote Profiles Folder in iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Figure 7-46. Remote Profile Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Figure 7-47. Adding a Remote Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Figure 7-48. Application Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Figure 7-49. Rearranging Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Figure 7-50. Inserting an Application Profile into an Application . . . . . . . . . . . . . . . . . . . . 287
Figure 7-51. Rearranging Application Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Figure 7-52. Assigning a Remote Service Group on the Remote QoS Tab . . . . . . . . . . . . . . . 288
Figure 7-53. Moving Remotes Between Remote Service Groups . . . . . . . . . . . . . . . . . . . . . 290
Figure 7-54. Assigning Remote Profiles in the Remote Profile View . . . . . . . . . . . . . . . . . . 291
Figure 7-55. Dragging a Remote Between Remote Profiles . . . . . . . . . . . . . . . . . . . . . . . . 291
Figure 7-56. Determining Virtual Remote Numbers for Remote Applications. . . . . . . . . . . . . 292
Figure 7-57. Defining the Full Trigger CIR Custom Key . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Figure 7-58. Creating a QoS Group Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Figure 7-59. Viewing Properties of QoS Group Members . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Figure 7-60. iBuilder Tree: QoS Group Profile Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Figure 7-61. Copying a QoS Group Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
Figure 7-62. Modifying a QoS Group Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
Figure 7-63. Selecting a QoS Group Profile to Apply . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
Figure 7-64. Viewing Properties of QoS Group Members . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Figure 7-65. QoS Folders in iBuilder Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
iBuilder User Guide xxv

iDX Release 3.5
Figures
Figure 7-66. Preconfigured Downstream Filter Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . 302

Figure 7-67. New Profile in iBuilder Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
Figure 7-68. Clone As Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
Figure 7-69. Application Profile Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Figure 7-70. Add Service Level Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
Figure 7-71. Service Profile Rules Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Figure 7-72. Filter Profile Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Figure 7-73. Add Filter Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Figure 7-74. Application Profile Rules Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Figure 7-75. Selecting and Clearing the Show Protocols Name Check Box . . . . . . . . . . . . . . 310
Figure 7-76. Adding a Rule to a Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
Figure 7-77. Configuring an IPv6 Packet Classifier (L2oS Only) . . . . . . . . . . . . . . . . . . . . . . 312
Figure 8-1. Chassis Dialog Box: New 20-Slot Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Figure 8-2. Chassis Dialog Box: 20-Slot Chassis with Licensed Slots . . . . . . . . . . . . . . . . . . 317
Figure 8-3. Chassis Dialog Box: Selecting Assign Hub . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Figure 8-4. Assigning a Line Card to a Chassis Slot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
Figure 8-5. Chassis Dialog Box: Four-Slot Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319
Figure 8-6. Chassis Dialog Box: Four-Slot Chassis with Licensed Slots. . . . . . . . . . . . . . . . . 320
Figure 8-7. Turning On/Off the 10 MHz Reference on a Four-Slot Chassis . . . . . . . . . . . . . 321
Figure 8-8. Sharing a Hub Chassis Among Multiple Network Management Systems . . . . . . . . 322
Figure 8-9. Determining a Server MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
Figure 8-10. para_cfg.opt with Licensed Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Figure 8-11. para_cfg.opt Reconfigured to Share Slots 1 and 2 . . . . . . . . . . . . . . . . . . . . . 326
Figure 8-12. Locating the Chassis IP Address in para_cfg.opt . . . . . . . . . . . . . . . . . . . . . . . 328
Figure 9-1. Activating a Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Figure 9-2. Moving a Remote Between Networks or Inroute Groups . . . . . . . . . . . . . . . . . . 333
Figure 9-3. Moving a Remote from an Inroute Group to an SCPC Line Card . . . . . . . . . . . . . 335
Figure 10-1. Changes Pending Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
Figure 10-2. Viewing and Deleting Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
Figure 10-3. Options File Viewed in Notepad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
Figure 10-4. Multiple Configurations Retrieve Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . 341
Figure 10-5. Save As Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
Figure 10-6. Comparing the Active and Latest Configurations . . . . . . . . . . . . . . . . . . . . . . 343
Figure 10-7. Comparing Configurations: Differences Only . . . . . . . . . . . . . . . . . . . . . . . . . 344
Figure 10-8. Automated Configuration Downloader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
Figure 10-9. Viewing the Download Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Figure 10-10. Global NMS Options Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
Figure 11-1. Multicast Download Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Figure 11-2. Package Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Figure 11-3. Modems Section. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
Figure 11-4. Download Parameters Section (Remote Groups). . . . . . . . . . . . . . . . . . . . . . . 359
xxvi iBuilder User Guide

iDX Release 3.5
Figures
Figure 11-5. TCP Download Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

Figure 11-6. Selection Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Figure 11-7. Targets Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Figure 11-8. Options Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
Figure 11-9. Revision Server Duty Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Figure 11-10. Revision Server Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
Figure 11-11. Revision Server Realtime Display Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Figure 11-12. Revision Server: Stop All . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Figure 11-13. Revision Server: Start Highlighted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Figure 11-14. Revision Server: Stop Highlighted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Figure 11-15. Selecting Revision Server Status from the View Menu . . . . . . . . . . . . . . . . . . . 373
Figure 11-16. Revision Server Status Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Figure 11-17. Revision Server Details Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Figure 12-1. Chassis Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
Figure 12-2. Tera Terminal Serial Port Setup Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . 380
Figure 12-3. laninfo Command Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
Figure 12-4. iSite Main Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Figure 12-5. Creating a New Element in the iSite Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Figure 12-6. iSite Login Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
Figure 12-7. Download Package Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
Figure 12-8. Line Card Packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
Figure 12-9. Assigning the Downstream Carrier Power . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Figure 13-1. Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Figure 13-2. Group Dialog Box: Modifying a User Group . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Figure 13-3. Setting a VNO Element to Visible with Create Permission . . . . . . . . . . . . . . . . 394
Figure 13-4. . Setting a VNO Element to Visible Only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Figure 13-5. Setting a VNO Element to Owned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Figure 13-6. Setting Rate Limits for User Groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Figure 13-7. Making an Element Visible to Multiple VNOs . . . . . . . . . . . . . . . . . . . . . . . . . 396
Figure 13-8. Setting Element Permissions for a VNO . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Figure 13-9. Selecting a New VNO Owner for an Element . . . . . . . . . . . . . . . . . . . . . . . . . 397
Figure 13-10. VNO Full View: Owned Slots vs. Visible Slots . . . . . . . . . . . . . . . . . . . . . . . . . 398
Figure 13-11. HNO and VNO Views of Chassis Modify Screen . . . . . . . . . . . . . . . . . . . . . . . . 400
Figure 13-12. Chassis Modify: Attempting to Assign an Occupied Slot . . . . . . . . . . . . . . . . . . 401
Figure 13-13. Granting Chassis Rights to a VNO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Figure 13-14. Expanded Chassis in VNO Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Figure 13-15. Granting Control of Chassis Slots to a VNO . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Figure 13-16. VNO View of Manage Line Card Redundancy Screen . . . . . . . . . . . . . . . . . . . . 403
Figure 13-17. VNO Full View: SCPC Return Channels Shared by two VNOs . . . . . . . . . . . . . . . 404
Figure 13-18. Setting Ownership of an SCPC Return Channel . . . . . . . . . . . . . . . . . . . . . . . 405
Figure 13-19. Line Card Dialog Box: VNO User Selecting Configure Carriers . . . . . . . . . . . . . . 406
iBuilder User Guide xxvii

iDX Release 3.5
Figures
Figure 13-20. VNO with Network Visibility and GQoS Node Ownership . . . . . . . . . . . . . . . . . 407
Figure 13-21. VNO Network Menu with Owned GQoS Nodes but No Network Access . . . . . . . . . 408
Figure 13-22. VNO with Network Write Access and GQoS Node Ownership . . . . . . . . . . . . . . . 408
Figure 13-23. VNO Network Menu with Owned GQoS Nodes and Write Access to Network . . . . . 409
Figure 13-24. VNO Ownership of Partial Bandwidth Pool . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Figure 13-25. VNO View of Partially-Owned Bandwidth Pool . . . . . . . . . . . . . . . . . . . . . . . . 410
Figure 13-26. Request Property Access for GQoS Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Figure 13-27. Group Dialog Box: Viewing GQoS Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Figure 13-28. Selecting VNO Permissions for GQoS Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Figure 13-29. A Visible Bandwidth Group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Figure 13-30. An Owned Service Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Figure 13-31. VNO View of the Group QoS Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Figure 13-32. Setting VNO Visibility for a QoS Profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Figure 13-33. Enabling the Create Permission on a QoS Folder for a VNO User Group. . . . . . . . 416
Figure 13-34. Enabling the Write Permission for a QoS Profile. . . . . . . . . . . . . . . . . . . . . . . 417
Figure 13-35. User Dialog Box: Adding a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Figure 13-36. Change Password Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Figure 13-37. User Dialog Box: Cloning a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
Figure 13-38. Active Users Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Figure 14. Opening the Active Users Pane from the View Menu . . . . . . . . . . . . . . . . . . . . 422
Figure 15. User Account Options from the Active Users Pane . . . . . . . . . . . . . . . . . . . . . 423
Figure 13-1. Change Password Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
Figure 13-2. Detected Default Password Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Figure 13-3. Message Displayed if Another User Has Modified the Configuration . . . . . . . . . . 427
Figure 14-1. Configuring the Adaptive Parameters for a Remote . . . . . . . . . . . . . . . . . . . . 431
Figure 14-2. Configuring an Upstream TDMA Carrier as Adaptive . . . . . . . . . . . . . . . . . . . . 432
Figure 14-3. Selecting the Payload Block Size for Adaptive and Static Carriers . . . . . . . . . . . 432
Figure 14-4. Enabling Superburst for TDMA Upstream Carrier . . . . . . . . . . . . . . . . . . . . . . 432
Figure 14-5. Removing Existing Carriers from an Inroute Group . . . . . . . . . . . . . . . . . . . . . 434
Figure 14-6. Replacing an Upstream Carrier on a Single Channel Line Card . . . . . . . . . . . . . 434
Figure 14-7. Selecting Configure Carriers on a Multichannel Line Card . . . . . . . . . . . . . . . . 434
Figure 14-8. Replacing Upstream Carriers on a Multichannel Line Card . . . . . . . . . . . . . . . . 435
Figure 14-9. . Assigning the New Upstream Carrier to the Inroute Group . . . . . . . . . . . . . . . . 435
Figure 14-10. Changing the MODCOD of an Adaptive Carrier for an IGC . . . . . . . . . . . . . . . . . 436
Figure 14-11. Setting the Adaptive Parameters of an Inroute Group . . . . . . . . . . . . . . . . . . . 437
Figure 14-12. Adding an IGC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
Figure 14-13. Configuring Adaptive MODCODs for Remaining IGCs . . . . . . . . . . . . . . . . . . . . 437
Figure 14-14. Configuring Adaptive UCP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
Figure 14-15. Checking the Remote TDMA Initial Power . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
Figure 14-16. Checking and Modifying the Remote TDMA Maximum Power . . . . . . . . . . . . . . . 440
Figure 14-17. Clicking the Carrier Grooming (Debug Mode) Check Box . . . . . . . . . . . . . . . . . 442
xxviii iBuilder User Guide

iDX Release 3.5
Figures
Figure 14-18. Lock to Inroute for Carrier Grooming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443

Figure 14-19. Unlock the Remotes? Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Figure 15-1. Elements of a TRANSEC Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
Figure 15-2. Enabling TRANSEC for an Existing Network . . . . . . . . . . . . . . . . . . . . . . . . . . 448
Figure 15-3. Automated Configuration Downloader Dialog Box. . . . . . . . . . . . . . . . . . . . . . 449
Figure A-1. Sample Distributed NMS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
Figure A-2. Upstream Application Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Figure A-3. Edit Rule Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
Figure B-1. Logging On to the NMS Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Figure B-2. Initial CA Foundry Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Figure B-3. Exiting the CA Foundry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Figure B-4. Creating a New Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Figure B-5. Configuring the New Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Figure B-6. Logging On to a Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
Figure B-7. CA Foundry Status Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
Figure B-8. Certificate Authority Connected to a Host . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Figure B-9. Warning Message when Disabling Authentication . . . . . . . . . . . . . . . . . . . . . . 472
Figure B-10. Flushing a Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Figure B-11. CA Foundry Issuing a New X.509 Certificate . . . . . . . . . . . . . . . . . . . . . . . . . 474
Figure B-12. Determining the Derived ID in iBuilder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Figure B-13. Determining Certificates Issued by a CA . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Figure B-14. Listing of Issued Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Figure B-15. Revoking a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Figure B-16. Updating the Chain of Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Figure C-1. getGACCkey Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Figure C-2. Changing the DCC Key Update Frequency . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Figure C-3. Viewing the ACC Key Data Structure on the Protocol Processor. . . . . . . . . . . . . 482
Figure C-4. Creating a Secure Connection to a Remote Modem. . . . . . . . . . . . . . . . . . . . . 483
Figure C-5. Viewing the Key Roll Data Structure on a Remote Modem . . . . . . . . . . . . . . . . 484
Figure C-6. ACC Keys After Successful Key Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
Figure C-7. ACC Keys with Remote Not Updated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
Figure C-8. Determining the Network ID and Protocol Processor ID in iBuilder . . . . . . . . . . . 485
Figure C-9. Identifying the Multicast Blade for a Network . . . . . . . . . . . . . . . . . . . . . . . . 486
Figure D-10. Sample GKD Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Figure D-11. Verifying that the GKD Package is Installed on a Server. . . . . . . . . . . . . . . . . . 490
Figure D-12. Protocol Processor GKD Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Figure D-13. GKD Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Figure D-14. Protocol Processor Options File with GKD Node Definitions . . . . . . . . . . . . . . . 493
Figure D-15. Checking the Status of the GKD Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Figure D-16. Admin Password of Protocol Processor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Figure D-17. Admin Password in Protocol Processor Options File . . . . . . . . . . . . . . . . . . . . 496
iBuilder User Guide xxix

iDX Release 3.5
Figures
Figure D-18. kd status Command Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497

Figure D-19. ks status Command Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
Figure D-20. kd clients Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
Figure D-21. kd params Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
Figure D-22. kd keyroll next_update Command Example . . . . . . . . . . . . . . . . . . . . . 499
Figure D-25. Network Information Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Figure D-26. Protocol Processor Options File with GKD Node Definitions . . . . . . . . . . . . . . . 505
Figure E-1. Two Versions of map.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508
Figure E-2. OpenAMIP Reflector Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
Figure E-3. Gain Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512
Figure E-4. Remote VSAT Tab Default Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Figure E-5. Selecting a Remote Reflector for ABS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514
Figure E-6. Remote Antenna Settings with General ABS Fields . . . . . . . . . . . . . . . . . . . . . 514
Figure E-7. OpenAMIP, SeaTel and Orbit SBC Antenna Parameters . . . . . . . . . . . . . . . . . . 515
Figure E-8. Changing a Remote’s net_state_timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . 517
Figure E-9. latlong Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522
Figure E-10. tlev Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523
Figure E-11. antenna debug Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524
Figure E-12. beamselector list Command Example . . . . . . . . . . . . . . . . . . . . . . . . . . 526
Figure E-13. beamselector switch Command Example . . . . . . . . . . . . . . . . . . . . . . . . 526
Figure F-1. Setting the Maximum Speed for Remotes in an Inroute Group. . . . . . . . . . . . . . 529
Figure F-2. Remote Geo Location Tab: Selecting Avionics for COTM Type. . . . . . . . . . . . . . 530
Figure F-3. Determining a Remote’s Inroute ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
Figure F-4. Determining FEC Blocks per Frame . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
Figure G-5. Selecting Protocol Processor Stack to Modify. . . . . . . . . . . . . . . . . . . . . . . . . 542
Figure G-6. Protocol Processor Custom Tab Pane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542
Figure G-7. Hub Side Beam Switch Custom Keys in Different PP Stacks. . . . . . . . . . . . . . . . 543
xxx iBuilder User Guide

iDX Release 3.5
Tables
Table 2-1. Values for allow_default_passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Table 2-1. Toolbar Icons and Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Table 2-2. Configuration States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Table 5-1. Supported Line Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Table 5-1. Standby Line Card Model Type Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . 136
Table 5-2. Example: Calculating Operational SNR Thresholds . . . . . . . . . . . . . . . . . . . . . . 156
Table 6-1. Supported Satellite Routers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
Table 6-1. Availability of Remote QoS Parameters by Service Group Type and Mode . . . . . . . 193
Table 6-2. Custom Keys for a Stacked LNB Type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Table 13-1. User Types and Access Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425
Table 13-2. Custom Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425
Table E-1. Net State Timer Custom Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518
Table F-1. Minimum Symbol Rates for Upstream Carriers. . . . . . . . . . . . . . . . . . . . . . . . . 532
Table F-2. Sample rx_acqrange Custom Key Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 532
Table F-3. Guard Bands for SCPC Return Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
iBuilder User Guide xxxi

iDX Release 3.5
Tables
xxxii iBuilder User Guide

iDX Release 3.5
About This Guide
Purpose
The iBuilder User Guide provides detailed instructions for configuring iDirect networks using
the iBuilder client application of the iDirect Network Management System (NMS). For details
on monitoring iDirect networks, see the iMonitor User Guide.
Intended Audience
The iBuilder User Guide is intended for network operators, network architects, and other
personnel who operate or monitor iDirect networks. It is not intended for end users or field
installers.
Contents Of This Guide

This document contains the following major sections:
• The iVantage Network Management System
• iDirect System Overview
• Overview of the Network Management System for iBuilder
• Defining Hub RFT Components and the Satellite
• Defining Network Components
• Defining Networks, Line Cards, and Inroute Groups
• Configuring Remotes
• Configuring Quality of Service for iDirect Networks
• Configuring a Hub Chassis
• Controlling Remotes
• Retrieving and Applying Saved and Active Configurations
• Upgrading Software and Firmware
• Commissioning a Hub Line Card
• Managing User Accounts and User Groups
• Converting to Adaptive TDMA
• Converting a Network to TRANSEC
iBuilder User Guide xxxiii

iDX Release 3.5
Document Conventions
• Configuring a Distributed NMS Server

• Using the iDirect CA Foundry
• Managing TRANSEC Keys
• Global Key Distribution
• Configuring Networks for Automatic Beam Selection
• COTM Settings and Custom Keys
• Remote Locking
• Section Appendix H, Configuring Remote and PP Signaled Beam Switching
Document Conventions
This section illustrates and describes the conventions used throughout this document.
Convention Description Example
Command Used when the user is required to Type the command:
type a command at a command cd /etc/snmp/
line prompt or in a console.
Terminal Used when showing resulting crc report all
Output output from a command that was 8350.3235 : DATA CRC [ 1]
entered at a command line or on a 8350.3502 : DATA CRC [5818]
console. 8350.4382 : DATA CRC [ 20]
Screen Used when referring to text that 1. To add a remote to an inroute group, right-click
Reference appears on the screen on a the Inroute Group and select Add Remote.
Graphical User Interface (GUI). The Remote dialog box has a number of user-
Used when specifying names of selectable tabs across the top. The Information
commands, menus, folders, tabs, tab is visible when the dialog box opens.
dialogs, list boxes, and options.
Hyperlink Used to show all hyperlinked text For instructions on adding a line card to the
within a document or external network tree, see Adding a Line Card on
links such as web page URLs. page 108.
WARNING: A warning highlights an essential operating or maintenance procedure,

practice, condition, or statement which, if not strictly observed, could result in
injury, death, or long term health hazards.
CAUTION: A caution highlights an essential operating or maintenance procedure,

practice, condition, or statement which, if not strictly observed, could result in
damage to, or destruction of, equipment or a condition that adversely affects
system operation.
NOTE: A note is a statement or other notification that adds, emphasizes, or

clarifies essential information of special importance or interest.
xxxiv iBuilder User Guide

iDX Release 3.5
Getting Help
Getting Help
The iDirect Technical Assistance Center (iDirect TAC) and the iDirect Government Technical
Assistance Center (iDirectGov TAC) are available to provide assistance 24 hours a day, 365
days a year. Software user guides, installation procedures, FAQs, and other documents that
support iDirect and iDirectGov products are available on the respective TAC Web site:
• Access the iDirect TAC Web site at http://tac.idirect.net
• Access the iDirectGov TAC Web site at http://tac.idirectgov.com
The iDirect TAC may be contacted by telephone or email:
• Telephone: (703) 648-8151
• E-mail: tac@idirect.net
The iDirectGov TAC may be contacted by telephone or email:
• Telephone: (703) 648.8111
• Email: tac@idirectgov.com
iDirect and iDirectGov strives to produce documents that are technically accurate, easy to
use, and helpful to our customers. Please assist us in improving this document by providing
feedback. Send comments to:
• iDirect: techpubs@idirect.net
• iDirect Government: techpubs@idirectgov.com
For sales or product purchasing information contact iDirect Corporate Sales at the following
telephone number or email address:
• Telephone: (703) 648-8000
• Email: sales@idirect.net
Related Documents
The following iDirect documents are available at http://tac.idirect.net and may also contain
information relevant to this release. Please consult these documents for information about
installing and using iDirect’s satellite network software and equipment.
• iDX Release Notes
• iDX Software Installation Guide or Network Upgrade Procedure Guide
• iDX iMonitor User Guide
• iDX Technical Reference Guide
• iDX Installation and Commissioning Guide for Remote Satellite Routers
• iDX Features and Chassis Licensing Guide
• iDX Software Installation Checklist/Software Upgrade Survey
• iDX Link Budget Analysis Guide
• Terminal WUI User Guide
iBuilder User Guide xxxv

iDX Release 3.5
xxxvi iBuilder User Guide
iDX Release 3.5
The iVantage Network
Management System
iBuilder is a component of the iDirect iVantage Network Management System (NMS). The
iVantage NMS is a complete suite of tools for configuring, monitoring, and controlling iDirect
satellite networks.
The iVantage NMS consists of the following components:
• iBuilder enables rapid, intuitive configuration of any iDirect network. It allows you to
easily add components to your network, change your current configuration, and download
configuration and software to network elements. The iBuilder Revision Server provides
automated management of software and firmware upgrades for your remote modems.
The iBuilder Group QoS (GQoS) user interface allows advanced network operators a high
degree of flexibility in creating subnetworks and groups of remotes with various levels of
service tailored to their network requirements. The iBuilder User Guide provides detailed
instructions for using iBuilder to configure and manage your network.
• iMonitor provides network operators with detailed information on real-time and
historical performance of the network. Among its many capabilities, iMonitor allows you
to analyze bandwidth usage; view remote status; view network statistics; monitor
performance of networks, sub-networks and individual network elements; and manage
alarms, warnings and network events. Alarms, warnings and statistics can be forwarded as
SNMP traps. All events and performance statistics are automatically archived. Data
displayed on the iMonitor GUI can be exported directly into Excel for further analysis. A
Network Probe allows detailed investigation of network issues. The iMonitor User Guide
provides instructions for using iMonitor.
• iSite allows you to monitor and configure iDirect devices in the field. It includes several
features that aid in the remote commissioning process, including assistance for antenna
pointing, antenna look angle calculation, and cross polarization. An iSite API is available
for custom development. Remotes that support the iSite client do not support Web iSite.
• Web iSite is the Web-based version of iSite available for the latest generation of iDirect
remote modems, including the Evolution X1, X7 and e150. Web iSite can be used with any
supported Web browser; therefore, no client software is required. Remotes that support
Web iSite do not support the iSite GUI client discussed above.
• A Virtual Network Operator (VNO) license enables network operators to view and
manage only their own networks and remotes, independent of other operators delivering
services out of the same hub. The VNO package makes it possible to scale investments to
actual business growth, significantly reducing initial capital equipment expenses.
Configuring VNOs is described in the iBuilder User Guide.
iBuilder User Guide 1

iDX Release 3.5.x
• A Customer Network Observer (CNO) license grants filtered read-only iMonitor access,
allowing customers real-time and historical views into their own network performance
while maintaining overall network privacy. Configuring CNOs is described in the iBuilder
User Guide.
2 iBuilder User Guide

iDX Release 3.5.x
1 iDirect System Overview
This chapter presents a high-level overview of iDirect Networks. It provides a sample iDirect
network and describes the network architectures supported by iDirect.
System Overview
An iDirect network is a satellite network with a Star topology in which a Time Division
Multiplexed (TDM) broadcast downstream channel from a central hub location is shared by a
number of remote sites. Each remote transmits to the hub either on a shared Deterministic-
TDMA (D-TDMA) upstream channel with dynamic timeplan slot assignments or on a dedicated
SCPC return channel.
iDirect supports both traditional OSI Layer 3 TCP/IP networks and Layer 2 over Satellite (L2oS)
networks that transport Ethernet frames over the satellite link. iDX Release 3.3.1 introduced
the L2oS feature and iDX Release 3.3.3.1 introduced the Layer 2/Layer 3 Hybrid mode feature
to allow Layer 2 and Layer 3 functionality in the same network. For more information, refer
to the “Layer 2 over Satellite” chapter of the Technical Reference Guide.
The iDirect Hub equipment consists of one or more iDirect Hub Chassis with Universal Line
Cards, one or more Protocol Processors (PP), a Network Management System (NMS) and the
appropriate RF equipment. Each remote site consists of an iDirect broadband satellite router
and the appropriate external VSAT equipment.
TDMA upstream carriers are configured in groups called Inroute Groups. Multiple Inroute
Groups can be associated with one downstream carrier. Any remote configured to transmit to
the hub on a TDMA upstream carrier is part of an Inroute Group. The specific TDMA upstream
carrier on which the remote transmits at any given time is determined dynamically during
operation. A remote that transmits on a dedicated SCPC return channel is not associated with
an Inroute Group. Instead, the dedicated SCPC upstream carrier is directly assigned to the
remote and to the hub line card that receives the carrier.
Before iDX Release 3.2, all TDMA upstream carriers in an Inroute Group were required to have
the same symbol rate, modulation, and error coding. With the introduction of Adaptive TDMA
in iDX Release 3.2, the symbol rate and MODCOD of the carriers in an Inroute Group may vary
from carrier to carrier. Remotes in an Inroute Group move from carrier to carrier in real time
based on network conditions. Furthermore, with Adaptive TDMA, the individual carrier
MODCODs can adjust over time to optimize network performance for changing network
conditions. Adaptive TDMA allows for significantly less fade margin in the network design and
optimal use of upstream bandwidth during operation.

iDX Release 3.5
System Overview
Figure 1-1 shows an example of an iDirect network. The network consists of one downstream
carrier; two Inroute Groups providing the TDMA return channels for a total of 1200 remotes;
and three remotes transmitting dedicated SCPC return channels to the hub.
Figure 1-1. Sample iDirect Network
iDirect software has flexible controls for configuring Quality of Service (QoS) and other
traffic-engineered solutions based on end-user requirements and operator service plans.
Network configuration, control, and monitoring functions are provided by the integrated NMS.
The iDirect software provides numerous features, including:
• Packet-based and network-based QoS, including Layer 2 and Layer 3 packet classification
• TCP acceleration (IPv4)
• AES link encryption
• Multicast support
• End-to-end VLAN tagging
Layer 3 TCP/IP networks also support a long list of IP features, including DNS, DHCP, RIPv2,
IGMP, GRE tunneling, and cRTP. Layer 2 Ethernet-based networks provide Layer 3 protocol
transparency and simplified operation for applications such as Virtual Private Networks. For a

iDX Release 3.5
IP Network Architecture
complete list of available features in all iDirect releases, see the iDirect Software Feature
Matrix available on the TAC Web site.
The examples in this section apply to traditional iDirect TCP/IP networks which transport IPV4
traffic over the satellite link. Layer 2 networks, which transport Ethernet frames over
satellite, are discussed in the Technical Reference Guide. Since Layer 3 protocols are
transparent to a Layer 2 network, a Layer 2 network can support Layer 3 protocols (such as
IPv6 and BGP) that are not supported in an iDirect TCP/IP network.
An iDirect network interfaces to the external world through IP over Ethernet ports on the
Remote Satellite Routers and the Protocol Processor servers at the hub. The examples in
Figure 1-2 on page 6, Figure 1-3 on page 7, and Figure 1-4 on page 8 illustrate the IP level
configurations available to a network operator for Layer 3 networks.
The iDirect system allows a mix of networks that use traditional IP routing and VLAN based
configurations. This provides support for customers with conflicting IP address ranges. It also
allows multiple independent customers at individual remote sites by configuring multiple
VLANs on the same remote.

iDX Release 3.5
Figure 1-2. iDirect IP Architecture – Multiple VLANs per Remote

iDX Release 3.5
Figure 1-3. iDirect IP Architecture – VLAN Spanning Remotes

iDX Release 3.5
Figure 1-4. iDirect IP Architecture – Classic IP Configuration

iDX Release 3.5
2 Overview of the
Network Management
System for iBuilder
This chapter presents an overview of the iBuilder network management tool for configuring
iDirect networks. It contains the following sections:
• Introduction on page 9
• Required Information on page 10
• Preparing Equipment in Advance on page 10
• Components of the Network Management System on page 10
• Installing iBuilder, iMonitor, and iSite on page 13
• Launching iBuilder on page 14
• iBuilder Tree Folders and Pre-defined Components on page 21
• Using the iBuilder Interface on page 24
• Customizing and Creating New Details Views on page 40
• Working with Multiple Elements Simultaneously on page 44
• Configuration Status of Elements on page 46
• In Color versus Shaded Icons on page 50
• Database Numbering Convention on page 50
• Viewing the Activity Log on page 51
• Configuring Warning Properties on page 54
• Managing NMS Licenses on page 60
2.1 Introduction
iDirect’s Network Management System (the iVantage NMS) is a powerful suite of applications
and servers that provide complete control and visibility to all components of iDirect networks.
The NMS client/server system architecture consists of three series of components:
• Three NMS applications with Graphical User Interfaces (GUIs) for configuring and
monitoring iDirect networks
• A database that stores the data entered by and displayed to users
• A middleware tier that manages access to the database on behalf of user operations
This chapter provides information required to understand how iBuilder works and how to use
it as effectively as possible. This chapter discusses how to prepare for installation; how to use
the tools available in iBuilder; how to create, customize, and print reports; and how to

iDX Release 3.5
Required Information
determine the configuration status of network elements. For a description of all iVantage NMS
components see The iVantage Network Management System on page 1.
2.2 Required Information

Have the following information readily available when creating a new network.
• Spacecraft and carrier information, such as:
• Longitude (Geo location)
• Transponder translation frequency
• Hub Up/Down local oscillator
• LNB stability
• Carrier uplink and downlink frequencies
• FEC block sizes
• Data rates
• Overall IP architecture plan for hub components
• Geographic location of the hub
• Line Card serial numbers and slot numbers
• Number of inroute groups and inroutes per inroute group
• Line card serial numbers, model types, and configuration parameters
• Remote serial numbers, model types, and geographic locations
2.3 Preparing Equipment in Advance

The hub equipment must be installed and commissioned before configuring the network
elements. Specifically, ensure the following:
• The NMS Server is installed and its interface defined.
• The Protocol Processor blades are installed and configured.
• The Hub Chassis is installed and configured.
• Line cards are installed in the chassis with their IP addresses defined using iSite.
2.4 Components of the Network Management System

The NMS consists of several client/server components that work together to provide the
functions and views necessary to control iDirect networks. These components are briefly
discussed in the following two sections.
2.4.1 NMS Applications

The iDirect NMS provides three GUI clients, each of which performs specific functions for
networks operators, field installers, and end users.

iDX Release 3.5
Components of the Network Management System
iBuilder
The iBuilder application provides all configuration and control functions to network
operators. Configuration options consist of creating network elements (e.g. networks, line
cards, remotes) and specifying their operational parameters, such as QoS profiles or IP
addresses. Control options consist of applying the specified configurations to the actual
network elements, retrieving active configurations, resetting elements, and upgrading
element software and firmware.
iMonitor
The iMonitor application provides complete visibility to the real-time status and operational
data of network elements. “Status” refers to the real-time state of network elements, such as
OK, warning, or alarm. Operational data are captured in a variety of network statistical data
tables and displays, revealing, for example, IP traffic statistics, satellite link quality, and
hardware component operating values.
In addition to real-time visibility, iMonitor can retrieve historical statistics from the archive
database to analyze anomaly conditions and perform trend analyses. Refer to the iMonitor
User Guide for a complete list of real-time and historical data available through iMonitor.
iSite
The iSite application is used primarily for commissioning new sites and monitoring TDMA
remotes from the local LAN side. It contains functions to help installers calculate antenna
azimuth/elevation, perform antenna pointing, and put up a continuous wave (CW) carrier for
antenna peaking, cross-polarization and 1dB compression tests. It also provides configuration
and real-time state/statistical information for one or more remote units. Instead of
interacting with the NMS middleware, it connects directly to each remote to perform all of its
operations. iSite does not provide access to historical information. See the Installation and
Commissioning Guide for iDirect Satellite Routers for more on commissioning remotes using
iSite.
NOTE: End-users do not need iSite in order to receive or transmit data over
iDirect networks.
2.4.2 Server Components

The NMS server processes run on NMS Linux Server machines. There are a number of NMS
servers processes, each of which performs a specific set of back-end functions.
Configuration Server
The configuration server is the core component of the NMS server family. It manages access to
the configuration database, which contains all the network element definitions and their
operational parameters. Additionally, the configuration server provides most network control
functions (configuration apply, firmware download, resetting, etc.). The other servers also
use this server to determine what the network components are.

iDX Release 3.5
Components of the Network Management System
Real-time Data Server

The real-time data server collects network statistics about the various network elements.
These statistics include IP stats for each remote, remote status messages, timeplan slot
assignments, line card statistics, etc. The real-time data server logs these statistics in the
archive database and provides them to the GUI clients for real-time and historical display.
Event Server
The event server’s primary job is to generate warnings and alarms and send them to iMonitor
for display. Warnings and alarms are collectively known as “conditions”. The event server also
collects and archives all system events and provides them to iMonitor for display.
Latency Server
The latency server measures round-trip time, or latency, for every active remote in the
networks. These measurements are stored in the archive and provided to iMonitor for display.
NMS Controller Server

The control server manages the PP Controller Server processes running on the NMS server.
PP Controller Servers
The PP Controller processes control the samnc process on each PP blade.
Chassis Manager Server

The chassis manager server controls access to all hub chassis. The CM server only allows
access to chassis slots that have been licensed by iDirect.
SBC Server
The SBC server (sbcsvr) process interrogates the Cisco IOS software on X7-ER remotes to make
Ethernet interface link statistics available at iMonitor.
NMS Monitor Script

This simple script monitors all other servers and restarts them automatically if they terminate
abnormally. It records a log file of its activities and can be configured to send e-mail to
designated recipients when it restarts any of the other servers.
Consolidation Script
The consolidation process periodically consolidates records in the statistics archive to
preserve disk space on the server machine. Default consolidation parameters are already
entered into the configuration database; they can be tuned to particular storage
requirements if necessary.

iDX Release 3.5
Installing iBuilder, iMonitor, and iSite
Database Backup Script

This script runs nightly to back up the data in the NMS databases and copy them to the backup
NMS server. The database backup must be custom-configured for each customer site. An NMS
Database Replication feature can back up the databases on a per-transaction basis. This
provides near real-time backups of NMS data. For details, see the Technical Reference Guide.
Database Restore Script

This script runs nightly on the backup NMS server. It restores the primary NMS database into
the backup database for NMS failover purposes.
2.5 Installing iBuilder, iMonitor, and iSite

This section provides the system requirements and procedures for installing the Network
Management System components.
2.5.1 System Requirements

The NMS GUI clients are Windows PC-based applications that only run under the following
versions of Windows:
• Windows 7
• Windows 10
• Windows XP
No additional operating systems are supported. iDirect does not support server-based versions
of Windows.
NOTE: The iDirect clients may not operate correctly below screen resolution 1280
X 1024.
2.5.2 Installation Procedure

A single client installer .exe file, nms_clients_setup.exe, installs all three GUI clients. To
install the clients, copy the nms_clients_setup.exe file to the target PC, double-click it, and
follow the prompts.
By default, the clients are installed in the directory C:\Program Files(x86)\iDIRECT. The
installer automatically adds the appropriate entries in the Windows Start menu. To run an
iDirect NMS GUI client, click Start  All Programs  iDirect  NMS Clients <RelNo>, where
<RelNo> is the release number. The iBuilder, iMonitor, and iSite clients are displayed, along
with an Uninstall selection.

iDX Release 3.5
Launching iBuilder
Figure 2-1. Windows 7 Start Menu Entries for NMS GUI Clients
The iDirect clients may not operate correctly in the 32-bit version of Windows 7. If an iDirect
client experiences problems, configure it to run in Windows XP Service Pack 3 compatibility
mode as follows:
1. Right click the .exe file and select Properties.
2. Click the Compatibility tab.
3. Select Run this program in compatibility mode for: Windows XP (Service Pack 3).
4. Click OK.
2.6 Launching iBuilder

iBuilder is initially installed with two default accounts: admin and guest. The admin user has
full access privileges to all iBuilder functionality; the guest account has read-only access. The
passwords for these two accounts are identical to their associated user names. For
information on setting up user accounts, see Managing User Accounts and User Groups on
page 389.
NOTE: Because the use of default passwords opens iDirect network to attacks and
exposes a risk to customers, the NMS checks for the use of default password
credentials after their initial use.
NOTE: Access to the iDirect system is only allowed from a local host. Users who
require telnet access to iDirect devices (e.g., NMS servers, PP servers, or line
cards) must go through a local host.
1. To launch iBuilder, double-click the desktop shortcut or select it from the Windows Start
menu.
2. Enter the user name and password in the Login Information dialog box.

iDX Release 3.5
Launching iBuilder
Figure 2-2. iBuilder Login Information Dialog Box
If a default password is entered, a dialog pop-up box opens to warn the user to change
the default password. See Figure 2-3.
Figure 2-3. Detected Default Password Dialog Box
At this point, the user has the option to click the Change Now button or the OK button.
a. Click Change Now to open the Change Password dialog box to change the password.
See Figure 2-4.
Figure 2-4. Change Password Dialog Box

iDX Release 3.5
Launching iBuilder
b. Click OK to use the default password.
NOTE: The Detected Default Password dialog box opens each time the default
password is used unless the default password security check is turned off. See
Ea
Turning Off/On Security Enhancement on page 17.
NOTE: A user can also change the default password at a later time. Refer to
Changing Passwords on page 423.
3. Click the Server drop-down menu and select the IP address of the primary NMS Server
machine. If the IP address is not in the list, enter it in the Server box.
4. Click OK to log on to the NMS server.
NOTE: To log on, the iBuilder and NMS server versions must match. (For example,
version 3.0.0 of iBuilder can connect only to version 3.0.0 of the NMS server.)
The iBuilder application automatically connects to the NMS server processes that are required
to perform NMS functions. If this connection is lost, iBuilder automatically reconnects to the
servers when they become available.
2.6.1 Logging On To Another NMS Server

To log out of one NMS server and log on to another, proceed as follows:
1. Select FileLog On to open the Login Information dialog box. See Figure 2-5.
Figure 2-5. Connecting iBuilder to Another NMS Server
2. Enter the User Name, Password and Server IP Address of the second server.
NOTE: Entering a default password opens the Detected Default Password dialog
box to start the password security activity described in Launching iBuilder on
page 14.
3. Click OK.

iDX Release 3.5
Launching iBuilder
2.6.2 Turning Off/On Security Enhancement

Security checking on default passwords is the default behavior. To override this behavior,
perform the following steps:
1. Log on to the root account of the NMS server.
2. Change to the configuration server directory by entering the command:
cd /home/nms/cfg
3. Edit the file para_cfg.opt.
4. Add the following line at the beginning of the file:
[SECURITY_PARAM]
allow_default_passwords = value
5. Save the file and exit the editor.
NOTE: It is necessary to restart the configuration server (nmssvr) before the

changes take effect.
Figure 2-6 shows para_cfg.opt with all security checking turned off. Table 2-1 lists the values
available for allow_default_passwords and their corresponding effects on password
security checking.
Figure 2-6. para_cfg.opt with Security Checking Turned Off
Table 2-1. Values for allow_default_passwords
Value Security Level

0 Turn off all security checking
1 Turn on checking on users password
2 Turn on checking on remotes password
4 Turn on checking on PPs password

iDX Release 3.5
Launching iBuilder
Table 2-1. Values for allow_default_passwords
Value Security Level

8 Turn on checking on line cards password
15 Turn on checking on both users and devices
The value of allow_default_passwords is combinable. For example, to turn

on checking for users password and remotes password, the value will combine 1
from users password row with 2 from remotes password row (1+2= 3) so that
allow_default_passwords=3.
2.6.3 Managing Telnet Access from Local Host Only

Telnet access from local host only allows a user to limit telnet access to local hosts only for
security reasons. This is the default behavior for new remotes added to a network.
Turning telnet access to local hosts only on or off is done at the Remote Information tab with
the Telnet access from local host only check box.
A popup warning dialog box will appear whenever a remote is modified and the check box is
unchecked. Additionally, a security icon (“!”) will appear beside a remote in the iBuilder tree
to indicate the remote is insecure; see Figure 6-2 on page 164.
A user can also disable new remotes being created with the default behavior in order to
enable telnet continually.
A user can manage telnet access by modifying the value of check_telnetaccess in the
para_cfg.opt file as follows:
• Local telnet access is enabled for new remote; telnet warning is on: setting value = 0
• Local telnet access is disabled for new remote; telnet warning is on: setting value = 1
• Local telnet access is enabled for new remote; telnet warning is off: setting value = 2
• Local telnet access is disabled for new remote; telnet warning is off: setting value = 3
To manage telnet access from local host, perform the following steps:
1. Log on to the root account of the NMS server.
2. Change to the configuration server directory by entering the command:
cd /home/nms/cfg
4. Add the following line at the beginning of the file where value = 0, 1, or 2 as shown
above:
[SECURITY_PARAM]
check_telnetaccess = value

iDX Release 3.5
Launching iBuilder
NOTE: It is necessary to restart the configuration server (nmssvr) before the

changes take effect.
2.6.4 Multiple Users or PCs Accessing the NMS

Multiple users or multiple sessions can run simultaneously on the NMS. For example:
• Multiple simultaneous sessions of iBuilder and/or iMonitor can run on a single PC. These
versions may be connected to different servers or the same server.
• Multiple PCs may run the same session of iBuilder and/or iMonitor at any given time and
connect to the same server at the same time.
• Multiple iBuilder users can modify the configuration data base at the same time.
2.6.5 Accepting Changes

When two iBuilder users connect to the same NMS server and one of them modifies the
network configuration, by default the changes are automatically accepted in the other user’s
login session. This differs from earlier releases where a user was forced to accept the changes
made by other users.
Because the configuration database is not locked when a second user opens an iBuilder
configuration screen that another user has open, multiple users can modify the configuration
at the same time. If two users modify the same element at the same time and each user saves
the configuration, then the last user to save the configuration will overwrite the other user’s
changes. This loss of data will only occur if the same element is being modified by the two
users simultaneously.
To ensure that an iBuilder user knows when another user has modified the configuration, turn
on the Automatically accept changes functionality as follows:
1. Click the Edit menu and select Preferences.
2. Clear Automatically accept configuration changes (Figure 2-7).

iDX Release 3.5
Launching iBuilder
Figure 2-7. Clearing Automatically Accept Configuration Changes
CAUTION: If “Automatically accept configuration changes” is checked, you will

not be notified when another user changes the configuration.
When Automatically accept configuration changes is disabled (i.e., when the check box in
Figure 2-7 is cleared), then when another user changes the configuration or when you make a
change that affects other network elements, the Accept Changes button on the toolbar
changes color from gray to red. See Figure 2-8.
You cannot modify the configuration until you accept the changes. Accepting the changes
automatically refreshes the iBuilder view to reflect the latest configuration.
Figure 2-8. Accept Changes Button Indicating Configuration Change
An attempt to modify the network configuration without accepting changes results in the
following warning message:
Figure 2-9. Configuration Changes Pending Dialog Box
To view the changes before accepting them, select View  Configuration Changes (see
Configuration Changes Pane on page 38).

iDX Release 3.5
iBuilder Tree Folders and Pre-defined Components
To accept the changes and update the iBuilder display, click Accept Changes.
2.7 iBuilder Tree Folders and Pre-defined

Components
The iBuilder tree contains a number of pre-defined folders. See Figure 2-10. Some of these
folders contain pre-defined components that are described below.
Figure 2-10. iBuilder Tree
2.7.1 Spacecraft Pre-defined Components

Pre-configured components in the Spacecraft folder include Bench Test Components for I/F
Networks that were set up for testing purposes prior to shipping. Figure 2-11 shows the pre-
defined Bench Test components.
CAUTION: Do not modify or clone the Bench Test Spacecraft, Bench Test Inroute,
or Bench Test Outroute for a real network configuration. These should only be
used for testing purposes. Instead, create a new spacecraft and new carriers.
Figure 2-11. Bench Test Components in Initial iBuilder Tree

iDX Release 3.5
2.7.2 QoS Pre-defined Components

Pre-configured components in the QoS folder include Upstream and Downstream Filter
Profiles. For more information, see Configuring Quality of Service for iDirect Networks on
page 229.
Figure 2-12. QoS Subfolders
2.7.3 Components Pre-defined Components

The Components folder contains two folders with pre-defined components:
• HubRFt Components
• Remote Antenna Components
HubRFt Components Folder

The HubRFT Components folder contains the folders shown in Figure 2-13. Each contains
components previously configured with critical settings to establish the Hub RFT operational
parameters. For more information, see Chapter 3, Defining Hub RFT Components and the
Satellite on page 69.
Figure 2-13. Pre-defined Hub RFT Components

iDX Release 3.5
Remote Antenna Components

The Remote Antenna Components folder contains the folders shown in Figure 2-14. Each
contains components that are used when adding remotes to the network. For more
information, see Chapter 6, Configuring Remotes on page 159.
Figure 2-14. Pre-defined Remote Antenna Components
For instructions on how to add entries to folders, see Adding Entries to Folders on page 30.
2.7.4 Manufacturers Pre-defined Components

Pre-configured components in the Manufacturers folder include items that are selectable from
drop-down lists on various configuration dialog boxes within iBuilder. Figure 2-15 shows an
example of typical item in the Manufacturers folder.
Figure 2-15. Example of Entries in Manufacturers Folder

iDX Release 3.5
Using the iBuilder Interface
2.8 Using the iBuilder Interface

The following sections describe the toolbars and panes in the iBuilder main window See
Figure 2-16.
Figure 2-16. iBuilder Main Window
2.8.1 Clicking on Elements and Folders
Right-Clicking
Right-click an element or folder in the iBuilder tree to display a menu of operations that can
be performed on that element.

iDX Release 3.5
Double-Clicking vs. Single-Clicking

When navigating the iBuilder Tree:
• Single-click a plus (+) or minus (-) sign next to an element in the iBuilder Tree to expand
or contract the branches to the next level for that element or folder.
• Double-click any folder with a plus sign next to it to expand it to the next level.
• Double-click any network element or component in the iBuilder Tree to automatically
display its properties in read-only mode.
2.8.2 Using the Docking Feature

Docking is the ability to move an iBuilder pane to another position within iBuilder. You can
also detach a pane from iBuilder and place it elsewhere on the screen. Dockable panes have
double-ridge lines at the top of the pane.
To dock or detach an iBuilder pane, follow these steps:

1. Right-click the double-ridge lines of the pane and select Allow Docking.
2. Click and hold the double-ridge lines at the top of the pane and drag the pane to a new
position. Depending on its new position, the pane may change shape. The shape of the
new position will be outlined in iBuilder.
3. Release the mouse pointer to re-dock or detach the pane.
4. To detach a pane completely, double-click the double-ridge lines.
5. To move a detached pane, either click and drag, or right-click in the border at the top of
the pane and select Move.
6. To resize the pane, place the mouse pointer at the edges of the pane.
2.8.3 Expanding the iBuilder Tree

To expand the iBuilder Tree to view all of the child elements, select EditExpand Tree.

iDX Release 3.5
Figure 2-17. . Expand Tree Selection Figure 2-18. Expanded Tree with Child
Elements
2.8.4 Collapsing the iBuilder Tree

To collapse the iBuilder Tree to view only the top level elements, select EditCollapse Tree.
The tree will contract to show only the top level elements
Figure 2-19. Collapse Tree Selection Figure 2-20. Collapsed Tree

iDX Release 3.5
2.8.5 Sorting Columns

In any pane with columns, or list controls, sort the entries by the values in any column by
clicking the column heading. In Figure 2-21, the Active Users Pane has been sorted on Group
by clicking the column heading.
Figure 2-21. Sorting Columns
2.8.6 Sorting the iBuilder Tree

To sort the iBuilder Tree, follow these steps:
1. Right-click the double-ridge lines above the Tree pane and select Sort Tree or select
EditSort Tree.
2. The Sort Preferences dialog box is displayed.
Figure 2-22. Sort Preferences Dialog Box: Selecting Sort Order

iDX Release 3.5
3. Click the Sort items in drop-down list and select either Ascending or Descending.
4. Click the Sort items by drop-down list and select one of the options. The choices in the
Apply sort to field change depending on the selection in the Sort items by field.
5. When sorting by Name, select or clear the Names are case sensitive check box.
6. In the Apply Sort to field, select the element to sort on. Figure 2-23 shows the available
sort selections.
Figure 2-23. Sort Preferences Dialog Box: Selecting the Sort Field
7. Click OK to sort the iBuilder Tree.
NOTE: iBuilder remembers the selected sort preference after logging out and
logging on again.
2.8.7 iBuilder Tree Elements, Folders and Menus

The iBuilder Tree is the primary navigation tool in iBuilder. It contains all of the network
elements, structured hierarchically. Each element in the tree contains a context-sensitive
menu. By right-clicking a tree element, a submenu of options appears for configuring or
viewing various types of data and other information used for network operation.
Most elements and entries in the tree are necessary to operate the network. However, some
folders contain informational entries used for reference and record-keeping. Reference
folders include the Manufacturers folder, Operators folder, Distributors folder, and Customers
folder.
A plus sign (+) next to an element or folder in the tree indicates that additional elements,
folders, or informational entries exist below that level, or branch, of the tree. Click the plus
sign (+) to expand, or collapse, the element or folder to view the next level of the tree.

iDX Release 3.5
A minus sign (-) next to an element or folder indicates that the element or folder has been
completely expanded and has no other child entries below this level, or branch, in the tree,
other than the children that are currently visible.
In Figure 2-24, the NMS Network has been expanded as far as possible. The Network cannot
include children in another network; therefore, its only children are the line cards and the
Inroute Group. The Inroute Group is a parent element that can be expanded by clicking its
plus sign (+) to reveal its children elements (remotes) at the next level of the tree.
Figure 2-24. Fully-Expanded Network in the iBuilder Tree
In Figure 2-25, the QoS folder has been expanded as far as possible. The QoS folder cannot
include children in another folder on the same branch of the tree; therefore, its only children
are the Filter, Application, Remote and Group Profiles folders. These folders are parents to
the Downstream and Upstream folders that can be expanded by clicking their plus signs (+) to
reveal their subfolders or elements below them in the tree.
Figure 2-25. Fully-Expanded Folder in the iBuilder Tree
An exclamation point (!) next to an element indicates the element has a default password.
See Figure 2-26.

iDX Release 3.5
Figure 2-26. iBuilder Tree Showing Elements with Insecure Passwords
Adding Entries to Folders

Entries can be added to any folder, whether it has pre-defined entries in it or not. Selections
in these folders should be added before configuring other elements of the system, as the
information in the folders listed above will be requested in various configuration panes
throughout the system. An empty folder will result in no available selection for an entry when
a configuration dialog box requests it. For required fields, an element may remain
“Incomplete” until a component or subcomponent entry is created and added to the element.
Add additional entries to any folder by right-clicking on the folder and selecting the Add
function. For example, right-click Manufacturers and select Add Manufacturers.to open the
Manufacturer dialog box.

iDX Release 3.5
Figure 2-27. Adding a New Manufacturer
Canceling an Entry
Click Cancel in any of the dialog boxes to discard the current changes without saving.
However, canceling the configuration when the element is first added may result in an
unwanted new element in the iBuilder tree with a default name. To delete the element, right-
click the element in the tree and select Delete.
2.8.8 Using the Interface Toolbars and Menu Options
Title Bar
The Title bar identifies the name of the application (in this case, iBuilder) and the IP address
of the server to which iBuilder is connected.
Figure 2-28. iBuilder Title Bar
Menu Bar
The Menu bar at the top of the display provides access to log in, log out, quit, and other high-
level functions.
Figure 2-29. iBuilder Menu Bar

iDX Release 3.5
Toolbar
The Toolbar, shown in Figure 2-30, contains context-sensitive buttons used for a variety of
operations on a currently-selected element without using its context menu. Their functions
are described in Table 2-1.
Figure 2-30. iBuilder Toolbar
Table 2-1. Toolbar Icons and Functions
Toolbar Icon Function
Displays or hides the iBuilder Tree Menu hierarchy
Displays the Find dialog box
Opens the Modify Configuration dialog box of a selected parent element in the tree,
allowing creation of a new child element for that parent. If the selected element has no
child elements, this icon is displayed in gray and does not function.
Adds an element to the tree under the element currently selected. If no element can be
added under the selected element, the button is displayed in gray and does not function.
Displays the properties of the selected element in the tree in read-only mode
Opens the modify dialog box to view and edit the selected element in the tree.
Deletes the selected element in the tree. This function is not available if the selected
element has one or more child elements.
Compares two configurations
Applies multiple configurations
Applies a single configuration using TCP
Retrieves the Active Configuration

iDX Release 3.5
Table 2-1. Toolbar Icons and Functions (continued)
Toolbar Icon Function
Retrieves the Saved Configuration
Applies the network configuration using TCP
Retrieves the Active Network Configuration
Retrieves the Saved Network Configuration
Downloads firmware images to remote modems and line cards
Performs a multicast package download
Accepts any changes made to the system by another user. This feature is off by default.
For more information see Accepting Changes on page 19.
Displays the version number of the NMS as well as system information
Searching iBuilder
The Find toolbar provides the option to search the NMS for matching elements and display the
results in either the Network Tree View or the Results Window. This becomes increasingly
important as the network grows larger.
To search using the Find toolbar:
1. Select ViewFind Toolbar from the main menu.
2. Enter a string in the first box or click the drop-down arrow to select from earlier search
strings.
3. Select an element type in the second drop-down list.
4. Select a search type in the third drop-down list.
5. Select the screen area to search in the last drop-down list.
6. Click the Binoculars icon to begin the search.
The search in Figure 2-31 finds remotes in the iBuilder Tree with X1 in the name.

iDX Release 3.5
Figure 2-31. Selecting Search Criteria on Find Toolbar
Alternatively, search by clicking the Find (Binocular) button on the main toolbar. This opens a
dialog box that provides the same search options as the Find toolbar.
To search using the Find button:
1. Click the Find button on the main toolbar to open the Find dialog box (Figure 2-32).
Figure 2-32. Find Dialog Box
2. Enter a new search string or select from earlier search strings.

3. Select the Device Type, Where to search, and the Search Criteria (Figure 2-32).
4. Click the Find Next button repeatedly to find each successive matching element.
The example below uses the Find toolbar to search for a Remote by the Name of X5 9944 in
the Network Tree View.
The matching search result is highlighted in the iBuilder Tree.

iDX Release 3.5
View Menu
The View menu on the main menu toolbar displays or hides the toolbars and panes shown in
Figure 2-33. The same menu is available by right-clicking in the main iBuilder pane. If an
element is selected in the tree, the Properties option is also available.
Figure 2-33. iBuilder View Menu
Status Bar
The Status bar is located at the bottom of the iBuilder window and displays the user name of
the person who is currently logged in and what their server connection status is. On the
toolbar shown in Figure 2-34, the connection status is Ready.
Figure 2-34. iBuilder Status Bar
Connection Details on Status Bar Icon

Hover the mouse cursor over the PC icon next to the user name on the Status bar to view the
IP address of the NMS server that the client is currently connected to.

iDX Release 3.5
Active Users Pane

Select ViewActive Users to display the Active Users Pane. This pane contains a list of all
defined users, along with their permissions, user groups, and current log in status. The Active
Users option and usage is discussed in more detail in Managing Accounts from the Active
Users Pane on page 421.
Figure 2-35. iBuilder Active Users Pane
Legend Pane
The Legend pane displays the Configuration Status icons and their meanings. They are
organized by type of element as shown in Figure 2-36:

iDX Release 3.5
Figure 2-36. iBuilder Legend Pane

iDX Release 3.5
Configuration Changes Pane

If the auto-accept changes feature is disabled in the iBuilder Preferences, then if another user
changes the database, or if you made a change that results in subsequent changes that you
should be aware of, the Accept Configuration Changes icon on the toolbar becomes active.
Figure 2-37. Accept Configuration Changes Icon
NOTE: By default, the auto-accept changes feature is enabled in iBuilder and you
will not be notified if another user changes the configuration. See Accepting
Changes on page 19 for instructions on how to disable the auto-accept changes
feature.
To view the changes in iBuilder before accepting them, select Configuration Changes from
the View menu to display the Configuration Changes pane. Click the arrow to the left of each
item to see more detail. Figure 2-38 shows the changes that appear when another user
creates a new remote.
Figure 2-38. Configuration Changes Pane
To accept the changes, click the Accept Configuration Changes icon. This clears all entries
from the Configuration Changes Pane.
Configuration States
Configuration States are identified by both icons and color-coded words on either side of their
corresponding element in the network as shown in Figure 2-39. (Configuration Status is not
the same as Configuration State. Configuration Status is discussed in detail in Configuration
Status of Elements on page 46.) The legend details the meanings of the various icons and
color-coded words. (See Legend Pane on page 36.

iDX Release 3.5
Figure 2-39. Example of Configuration States
Properties View
The Properties view shows the properties of a selected element in the tree, in read-only
mode. To view properties via the View menu, click an element in the tree and select View 
Properties, or simply double-click the element.
Details
The NMS is shipped with predefined sets of details that may be viewed for any element in the
tree. Different elements have different predefined details. Use the Details view to sort, view
and print a number of details of all or some of the elements under the parent node selected in
the tree.
To view the details of an element’s children that reside at the next level down in the tree:
1. Select ViewDetails.
Figure 2-40. Selecting Details from the View Menu
2. Select an element in the tree to see the details of the child nodes one level down.
For example, click a Network in the tree (Figure 2-41) to view the details about the elements
under that network (such as line cards and Inroute Groups) that reside one level below the
network in the tree (Figure 2-42). Notice that the remote in the tree is not displayed in the

iDX Release 3.5
Customizing and Creating New Details Views
Details view since it is not on the same level as the line cards and inroute group. Also, the
details of the Network itself are not displayed.
Figure 2-41. Network Selected in Tree Figure 2-42. Result in Details View
To print a report of all the elements in the Details view, select FilePrint from the main
menu. To print a subset of the elements in the Details view, use CTRL-click or the Shift key to
select the elements to print. Once the elements are selected in the Details view, select
FilePrint. (To customize the details, see Customizing Details Views for Configuration
Reporting on page 41.)
Collapse Details Hierarchy with View Details

When used alone, selecting Details displays details about the children at the next level down
from the selected element but does not display any sub-elements beneath the children. For
example, the Details view of a Network displays the details about line cards and inroute
groups but does not display details about remotes, which are sub-elements of inroute groups
or line cards.
Select both ViewCollapse Details Hierarchy and ViewDetails to collapses, or flatten, the
hierarchy beneath a selected element in the tree. This displays the details of all children
elements at every level of the tree below the parent. Notice in Figure 2-44 that the remotes
in the network are now displayed in the Details view along with the line cards and the inroute
group.
Figure 2-43. Network Selected in Tree Figure 2-44. Result in Details View
2.9 Customizing and Creating New Details Views

The NMS provides the ability to customize a Details display with any set of details or to create
permanent new Details views that can be used with any element in the system.

iDX Release 3.5
2.9.1 Customizing Details Views for Configuration Reporting

The NMS is shipped with predefined sets of details that may be viewed for any given element
in the tree. To customize the Details view for any element:
1. Select an element in the iBuilder Tree.
2. Select ViewChoose Details from the Main Menu to open the Choose Details dialog box.
Figure 2-45. Choose Details Dialog Box
3. Click the Select filter for Details list drop-down list in the Choose Details dialog box.

iDX Release 3.5
Figure 2-46. Selecting a Details Filter
4. Select one of the filters. Each filter offers a different set of details. For example, the
Carrier filter offers a list of all the predefined details that can be viewed for a carrier.
When a filter is selected, the detail choices appear in the Choose Details dialog box.
Figure 2-46 shows the details for Carrier.
5. From the list of available choices, click the details to view for the selected element.
a. Click the Show All button to select all of the details with one click.
b. Click the Move Up and Move Down buttons to reorder the details from left to right on
the Details pane.
c. Click the Hide All button to clear all selected check boxes.

iDX Release 3.5
6. When finished customizing the view, click OK to save the list of details for this filter. The
saved list of details for the filter are retained by iBuilder.
7. In Figure 2-47, a carrier was selected in the tree. The user selected View  Choose
Details and Show All for the carrier filter to display all carrier filter parameters.
Figure 2-47. View Details for Carrier
2.9.2 Creating Additional Filters for Customized Reporting

Choose Details can create customized sets of details for generating and printing reports. To
create customized Detail or Details + Collapse Tree views, follow these steps:
1. Select View  Choose Details from the Main Menu. The Choose Details dialog box is
displayed. (See Figure 2-46 on page 42)
2. Select a list of details to display in the Details view by clicking the arrow in the Select
filter for details list drop-down menu at the bottom of the dialog box and choosing a set
of details from which to start.
3. Click the Plus (+) button to assign this custom filter a name. The Custom Report dialog
box is displayed. (Figure 2-48).
Figure 2-48. Adding a Custom Report
4. Type a name into the field and click OK. The buttons at the bottom of the Choose Details
pane change as shown below.
to:

iDX Release 3.5
Working with Multiple Elements Simultaneously
5. To modify the field selection for the filter, make changes to the detail selections for the
filter and click the Modify button shown in Figure 2-49.
Figure 2-49. Custom Report Modify Button
6. When the message appears asking to save the filter, enter a name for the filter and click
OK. A new filter is created.
7. To delete a filter, click the X button at the bottom of the Choose Details dialog box.
Figure 2-50. Custom Report Delete Button
8. Click OK to delete the filter.
2.10 Working with Multiple Elements Simultaneously

This section describes how to modify parameters on multiple elements at the same time and
how to work with multiple configurations and Image files.
2.10.1 Working with Multiple Configurations and Image Files

In chapter 10, “Retrieving and Applying Saved and Active Configurations‚” see the following
sections:
• Retrieving Configurations on page 339
• Applying Configuration Changes on page 344
In chapter 11, “Upgrading Software and Firmware‚” see the following sections:
• Multicast Download Using UDP on page 354
• Upgrading with the Multicast Download Feature on page 354
• Downloading an Image to Out of Network Remotes on page 360

iDX Release 3.5
Working with Multiple Elements Simultaneously
2.10.2 Modifying Parameters on Multiple Elements

The Group Edit feature allows modification of parameters on multiple elements
simultaneously as long as the elements are all the same type.
Rules for Group Edit

There are some rules and restrictions regarding the use of group editing:
1. Multiple elements can only be selected from the Details view. Multiple elements cannot
be selected from the iBuilder Tree. Select View  Details from the main menu to display
the Details pane.
2. All selected elements must be of the same type. For example, elements to be edited in a
group must all be remotes or all be line cards, etc. A remote and a line card cannot be
modified in the same Group Edit.
3. A group edit can only modify items that have the same value, or have no value yet
assigned to them. For example, a group of remotes can be assigned to a new Remote
Service Group if they are currently in the same Remote Service Group but not if they are
in different Remote Service Groups. Parameters that are typically unique to individual
elements (such as remote geographic location) usually cannot be modified by a group edit
since they are not identical.
Procedure for Group Editing

To perform a Group Edit, follow these steps:
1. Select ViewDetails from the iBuilder Main Menu. The Details pane is displayed to the
right of the iBuilder Tree.
2. Select the element in the iBuilder Tree that is the parent to the elements to be changed.
(For example, Inroute Group is the parent element for TDMA remotes.) The elements that
can be changed are listed in the Details pane.
Figure 2-51. Selecting the Parent Element for Group Editing

iDX Release 3.5
Configuration Status of Elements
In Figure 2-51, changes will be made to the remotes in an Inroute Group. Therefore, the
Inroute Group has been selected as the parent element. The child elements (all remotes
in the Inroute Group) are displayed in the Details pane.
NOTE: To edit multiple elements that are not under the same parent, select
ViewCollapse Detail Hierarchy from the main menu and select the Teleport in
the iBuilder Tree. All elements under the Teleport will appear in the Details view.
Click on the Type column in the Details pane to sort elements by type. Then
perform the remaining steps in this procedure.
3. Use Control (CTRL) + click or Shift + click to select the elements to change. In the
example in Figure 2-52, changes will be made to three remotes.
Figure 2-52. Selecting Multiple Elements for Group Editing
4. Right-click the Names of the selected elements in the Details pane and select Modify to
open the Configuration dialog box for those elements.
5. Make the group edit changes and click OK. The changes are saved in the database for
each selected element.
2.11 Configuration Status of Elements

Central to the operation of iDirect’s NMS is the concept of “configuration state”.
Configuration states represent elements of the network in terms of their condition. This
section describes the concept of configuration state and what it means for both iBuilder and
iMonitor.
2.11.1 What is a Configuration State?

iBuilder divides the configuration process into three steps:
1. Make changes to the database.
2. Review those changes by selecting Compare Configuration on the changed element (this
step is optional but recommended), and if necessary, make any necessary modifications.
3. Make the changes active in the network by applying changes to the modified elements
using the Apply Configuration or a multicast download feature.
This three-step change process gives the network operator ultimate control over operational
network components, because no change takes place without the operator initiating it.

iDX Release 3.5
However, it creates a situation where the NMS database is temporarily out-of-sync with the
actual network. This occurs after the operator has made database modifications, but before
they have been applied to the network.
To help operators easily manage this situation and others like it, iDirect implements the
concept of configuration state. Configuration states show the current configuration status of
key components of the network: Hub Chassis, individual networks, line cards, and remote
modems.
Using a specific modification as an example, we can see how configuration state changes over
time:
1. Remote “r_123” is configured, commissioned, and all previous changes have been
applied. Its configuration state is “Nominal”.
2. User changes the upstream QOS settings for remote r_123.
3. The configuration state for r_123 becomes “Changes Pending”.
4. User reviews the changes, determines they are correct, and then applies them to the
remote.
5. The configuration state for r_123 returns to “Nominal”.
NOTE: Remote and line card configuration state returns to “Nominal”

immediately after a new configuration file is applied; iBuilder does not attempt
to track whether or not the modem was reset. Be sure to reset remote modems or
line cards to activate all changes.
2.11.2 Possible Configuration States

Table 2-2 lists all of iBuilder’s configuration states and the network elements to which they
apply. See also:
• Legend Pane on page 36
• Configuration Changes Pane on page 38
• Configuration States on page 38
Table 2-2. Configuration States
Configuration Network
Definition
State Element
Nominal Network The element is completely configured, is alive in the network,
Chassis and there are no unapplied changes.
Line Card
Remote
Inroute Group
Protocol
Processor

iDX Release 3.5
Table 2-2. Configuration States (continued)
Configuration Network
Definition
State Element
Changes Network The element is completely configured and is alive in the
Pending Chassis network. There are changes in the database that have not
been applied.
Line Card
Remote
Protocol
Processor
Incomplete Network The element is only partially configured; one or more key
Chassis components of the configuration are unspecified (e.g. carriers,
IP address, serial number)
Line Card
Remote
Inroute Group
Protocol
Processor
Never Applied Network The element is completely configured but the configuration
Chassis has never been applied to the element.
Line Card
Remote
Protocol
Processor
Deactivated Remote The element was at one time active in the network, but it has
Line Card been deactivated.
Network

iDX Release 3.5
2.11.3 Configuration State Transition

The following diagram illustrates typical state transition for a remote modem in iBuilder from
creation to steady-state.
Figure 2-53. Configuration States of an iDirect Remote
An explanation of all configuration states for all elements, their meaning, and their
respective icons is available in iBuilder by selecting View  Legend from the main menu.
2.11.4 Viewing Configuration States

The current configuration state of each network element is indicated by the icon of that
element in the iBuilder tree. To also view the configuration state as color-coded words next to
the corresponding element, select ViewConfiguration Status from iBuilder’s main menu.
See also Configuration Changes Pane on page 38 and Configuration States on page 38.
2.11.5 Reasons for Configuration State Changes

Configuration states can change for a variety of reasons, including:
• You changed configuration. Whenever you change the configuration, the Changes
Pending icon is displayed beside all affected network elements.
• Someone else changed configuration. iBuilder supports multiple simultaneous user
sessions. If another user changes the configuration, your iBuilder Tree icons will change to
reflect the current configuration state.
• Someone changed a modem’s configuration directly. When a modem comes into the
network, the configuration server uploads the active configuration from the remote and
re-calculates configuration state. If this configuration is different from the latest iBuilder
configuration, iBuilder will display the Changes Pending icon for that modem. This can
happen if someone changes a modem’s configuration from the console or the iSite utility.
This potentially dangerous situation is flagged by the configuration state.

iDX Release 3.5
In Color versus Shaded Icons
2.11.6 Configuration States and iMonitor

The icon displayed in the iMonitor tree indicates the configuration state of an element:
• When a Chassis, Network, Hub, or Remote is “Incomplete”, iMonitor displays the
Incomplete icon.
• When a remote modem is “Deactivated” or “Never Applied”, iMonitor shows the
deactivated icon. In this case historical requests may still be made, since a deactivated
remote may have archived data.
• When a remote modem is either “Nominal” or “Changes Pending”, iMonitor’s real-time
state icons take over. The OK, Warning, or Alarm icon is displayed, depending on the
real-time status of the modem.
To view an explanation of the configuration states, their meanings, and their respective icons,
select ViewLegend from the iMonitor main menu.
2.12 In Color versus Shaded Icons

A colored icon in the iBuilder Tree for an element (such as a BUC, LNB, upconverter, etc.)
indicates that the element is being used by other elements in the network. Therefore,
performing configuration or control functions on that element can affect the elements that
use it. When such an element is modified, iBuilder displays a warning indicating the changes
will affect the configuration of other elements. Figure 2-54 shows a warning generated by
modifying the Minimum MODCOD of an assigned DVB-S2 carrier. Notice that the carrier icon is
in color, indicating that it is assigned to a line card.
Figure 2-54. Modifying an Assigned Network Element
As long as the icon is in color, the element cannot be deleted. If the icon next to an element
in the iBuilder Tree is displayed in gray, modifications will not affect other elements in the
network.
2.13 Database Numbering Convention

When an element is created, a sequence number is assigned to that element by the database.
The new element is added to the iBuilder Tree at the bottom of the list of like-elements on its
branch in the iBuilder tree. In Figure 2-55, a new teleport has been created by right-clicking
the Globe and selecting Add Teleport. This creates New Teleport #12 and automatically
opens the Modify Configuration dialog box. Changing the name in the dialog box
automatically changes the name in the tree. After exiting and logging back on to iBuilder, the
teleport moves from the bottom of the tree to the bottom of the list of teleports.

iDX Release 3.5
Viewing the Activity Log
Figure 2-55. New Teleport with System-Generated Number
The NMS database assigns a number to each element when it is created. The first teleport is
assigned the number 1. The second teleport is assigned the number 2, and so on. A similar
numbering scheme is used for every type of element. The first spacecraft is named New
Spacecraft #1, the first remote is named New Remote #1, and so on. This element number is
always associated with its original element in the database even if the name is changed. This
allows the NMS to keep track of each element, its relationships to other elements, and its
configuration parameters, for as long as the element exists.
When an element is deleted, the numbers of the elements created after it do not change. For
example, if there are five teleports, and teleport number 3 is deleted, teleport number 4
does not become teleport number 3. Teleport number 4 remains teleport number 4 forever. If
a sixth teleport is created, it becomes teleport number 6, not teleport number 3.
2.14 Viewing the Activity Log

iBuilder Users with the Manage Users permission (see page 425) can view the NMS Activity Log
by selecting the View Activity Log option from the View menu. The Activity Log shows the
time and details of iBuilder and iMonitor user activities (such as database modifications, user
logins, etc.) as well as activities such as modem resets and configuration uploads. A partial
list of Activities that can be displayed are show in Figure 2-56.
Figure 2-56. Partial List of Activities Displayed in the Activity Log

iDX Release 3.5
Follow these steps to view the Activity Log:

1. Select View Activity Log from the iBuilder View Menu to display the Activity Log dialog
box.
The Activity Log dialog box opens. (Figure 2-57)
Figure 2-57. Activity Log Dialog Box
2. In the Activity Log dialog box, enter a Start Time and an End Time. The Duration will be
calculated by iBuilder. (Alternatively, use the slider to adjust Duration. The slider
represents the offset between the Start Time and the End Time. Adjusting the Duration
with the slider automatically updates the End Time.)
NOTE: It is also possible to set the times by clicking the ellipsis buttons to the
right of Start Time and End Time to launch the clock display. Click the hour or
minute hand to select it. Then click the clock numbers to move the hand.

iDX Release 3.5
Figure 2-58. Ellipsis Button and Graphical Clock Display
3. In the Activity Name area of the dialog box, select all activities to view. (Use the Select
All and Clear All buttons to select or clear all activities.)
4. Click the Show Log button to display the activities in the List of Activities pane. (Also
click this button to refresh the display with recent activities if the End Time is set to a
future time.)
5. When viewing Activities, if the Activity Type is applied configuration, then the Details
column will contain a hyperlink to the options file that was applied. Click the hyperlink to
view the options file in Notepad.
Figure 2-59. . Opening an Options File from the Activity Log
6. To copy and paste multiple rows from the Activity Log List of Activities into another
Windows application such as Excel:
a. Select the data to copy. (Click to select a single row. Shift-click to select a range of
rows. Ctrl-click to select multiple, individual rows.)
b. Right-click in the window and select Copy or Copy without headers from the menu to
copy the data.

iDX Release 3.5
Configuring Warning Properties
Figure 2-60. . Copying Multiple Rows from the Activity Log
c. Paste the data into the Windows application.
2.15 Configuring Warning Properties

Warnings that indicate anomalous conditions on iDirect equipment are generated by the
iDirect network and displayed in iMonitor. The properties that determine how individual
warnings are generated can be customized for the following network elements:
• Line cards
• Remotes
• Protocol processors
There are two categories of warnings:
• Limit-based warnings are generated when either the high or low limit defined for the
warning is violated. A warning’s range can specify a low limit, a high limit or both.
• Boolean warnings have two states: the warning is either off or on. A boolean warning is
generated when the value being monitored by the warning changes from the nominal
state to the anomalous state. For example, if a line card loses the chassis backplane 10
MHz timing signal, then the BackplaneLost10MHz warning is generated for the line card.
The following operations are available when customizing warning properties:
• Enable or disable a warning.
• Set the upper and lower limits that determine when certain warnings are generated.
(Limit-based warnings only.)
• Configure a warning to be generated only when a limit is violated, or to be generated
each time a value changes when outside the normal operating range. (Limit-based
warnings only.)
All warning modifications are processed dynamically. The NMS processes do not need to be
restarted for the warning changes to take effect. For example, when a warning is disabled in
iBuilder, iMonitor automatically clears all currently active warnings of that type. Similarly if a

iDX Release 3.5
limit is changed such that some active warnings now fall in the normal range, those warnings
are automatically cleared.
NOTE: When upgrading from a pre-7.0 release, the installation drops current
warning definitions from the database and recreates them. Custom limits must be
redefined after the upgrade.
iBuilder allows modification of both global warning properties and warning properties of
individual network elements. The customized warning settings for an individual element
override the settings of the global warning. Changes to global warning settings apply only to
those elements that do not have their settings customized on an individual basis.
The behavior of the system with regard to global properties and individual overrides is as
follows:
• A warning whose properties have not been modified for an individual element uses the
global properties for that warning. In the event that the global properties of the warning
are modified, the new global properties will be used by the element.
• A warning whose properties have been modified for an individual element uses the
customized properties for that warning for that element. Changes to the global properties
of the warning have no effect on the warning properties configured for that element; the
element will continue to use the modified properties.
• When a warning that has been modified for an individual element is reset for that
element, any properties that were previously modified for the warning take on the
current, global values.
2.15.1 Setting Global Warning Properties

Global warning properties are configured from iBuilder’s Edit menu.
To set global warning properties for line cards, remotes or blades, follow these steps:
1. Click the Edit menu and select Global Warnings for the element type. In this example,
Global Warning for Linecards is selected from the menu.

iDX Release 3.5
The Modify Global Warning dialog box opens with all warnings appropriate to the
selected network element type.
Figure 2-61. Modify Global Warning Dialog Box
2. Select the Warning Type for the warning to be modified and click the Edit button.
3. Enter the new settings in the Modify Warning dialog box and click OK to save the
changes.

iDX Release 3.5
Figure 2-62. Modify Warning Dialog Box
The following warning parameters can be modified:

• The Limit Value setting determines the high or low limit of the normal range of values for
the network parameter being monitored. When this limit is crossed, a warning is
generated. Limit Type can only be changed for limit-based warnings. This field does not
apply to boolean warnings.
• The Send Value Change setting determines whether or not the warning will be generated
each time a value changes while that value is outside normal operating limits. If the
check box is selected, a new warning will be generated each time the abnormal value
changes. If the check box is cleared, a warning will be generated the first time an
abnormal value is detected, but not if the abnormal value changes. Send Value Change
property can only be changed for limit-based warnings. This field does not apply to
boolean warnings.
• The Enabled setting enables or disables the warning. If this check box is cleared, the
warning will not be generated.
NOTE: Changes to global warning settings do not affect warnings that have been
customized on the Warning Properties tab. Reset the customized warning to
return to the global settings. (See Clearing Customized Warning Properties on
page 58.)
2.15.2 Customizing Warning Properties for Individual Network

Elements
To customize warning properties for individual network elements, follow these steps:
1. Right-click the network element in the iBuilder Tree and select the appropriate Modify
option from the context menu.

iDX Release 3.5
2. When the dialog box for the network element opens, click the Warning Properties tab.
Figure 2-63. Warning Properties Tab
3. Select the Warning Type and click the Edit button.

4. Follow the procedure beginning with Step 2 in Setting Global Warning Properties on
page 55 to reconfigure the warning properties.
Warnings that have been customized are highlighted in bold text on the Warning Properties
tab. In the example, the BackplaneLost10MHz warning has been disabled for this specific line
card.
NOTE: Customized warning settings configured on the Warning Properties tab

apply only to the individual element being modified. These settings override the
global settings for the element being reconfigured. (For more details see
Configuring Warning Properties on page 54.)
2.15.3 Clearing Customized Warning Properties

The customized settings on the Warning Properties tab of an element override the global
settings for that element until the customized settings are cleared. To clear the customized
settings for a warning and return the warning to the global settings, follow these steps:
1. Right-click the network element in the iBuilder Tree and select the appropriate Modify
option from the context menu.
2. When the dialog box for the element opens, click the Warning Properties tab.
3. Select the warning to be cleared.

iDX Release 3.5
4. Click the Reset button at the bottom of the screen. The following dialog box opens:
5. Click OK in the dialog box. Then click OK on the Warning Properties tab. The warning
will be reconfigured with the global settings.

iDX Release 3.5
Managing NMS Licenses
2.16 Managing NMS Licenses

Chassis slots and certain features must be licensed to enable their configuration in iBuilder.
For information about the features that iBuilder requires licenses for, refer to the Features
and Chassis Licensing Guide.
Licensing chassis slots or any of the features listed above requires a license file from iDirect.
Use the iBuilder License Toolbar to import the license file to enable the configuration of the
chassis or feature on the iBuilder GUI.
This section describes how to import licenses after receiving a license file from iDirect. It also
describes how to generate a file that can be used to request feature licenses for existing
hardware. For more details on requesting and receiving licenses from iDirect, see the iDirect
Features and Chassis Licensing Guide.
Use the iBuilder License Toolbar to perform the procedures in this section. To display the
License Toolbar, select License Toolbar from the iBuilder View menu. The License Toolbar
consists of the two icons show in Figure 2-64: one for importing license files; the other for
exporting license data.
Figure 2-64. Viewing the iBuilder License Toolbar
2.16.1 Importing License Files

This section describes how to import feature licenses and chassis licenses into iBuilder.
By default, permission to download a chassis license file to the NMS Chassis Manager server
must be enabled before importing the license into iBuilder. (See Step 1 below.) This default
can be permanently changed by following the steps in Permanently Enabling Chassis License
Download on page 66.
To import a license file:
1. Only perform Step a through Step c when importing a chassis license file:
a. Open a PC terminal window.
b. Enter the command:
ssh <ip address>
where <ip address> is the IP address of the server running the NMS chassis
manager process.
c. Enter one of the following commands:
telnet localhost 15262
or

iDX Release 3.5
telnet 0 15262
d. At the Username prompt, log on to the chassis manager admin account. (The default
password is iDirect. Change this password.)
c. Enter the command:
download on
These steps are illustrated in Figure 2-65.
Figure 2-65. Enabling Chassis License Download to Chassis Manager
NOTE: To permanently enable license download to the Chassis Manager, follow

the procedure in Permanently Enabling Chassis License Download on page 66.
When this permission is permanently enabled, Step 1 and Step 7 of this procedure
are no longer required when importing a chassis license file.
2. Click the Import license files button on the iBuilder License Toolbar (Figure 2-64) to open
the Select License Type dialog box.
Figure 2-66. Select License Type Dialog Box
3. Select either Feature License or Chassis License and click OK.

4. In the Choose License Files dialog box, navigate to the folder containing the iDirect
license file and select the license file.

iDX Release 3.5
Figure 2-67. Selecting a License File for Import
5. Click the Open button to import the license file.

6. A message will appear indicating that the licenses have been successfully downloaded.
Click OK.
7. When importing a chassis license file, disable download on the chassis manager as
follows:
a. From the terminal window opened in Step 1, enter the following commands:
download off
update
b. Exit the telnet session.
8. If auto-accept changes is off, click the Accept Changes icon on the iBuilder main toolbar.
(See Accepting Changes on page 19 for details on turning off and on the feature for
automatically accepting changes.)
Figure 2-68. Accepting Changes Importing a License File

iDX Release 3.5
2.16.2 License Properties Tabs

Hardware elements that have optional feature licenses have a License Properties tab on
their iBuilder configuration screens. For example, line card and remote configuration screens
have License Properties tab, since features can be licensed for these elements. After
importing a feature license file, the licensed features appear on the License Properties tab
of the licensed hardware.
NOTE: Chassis configuration screens do not have a License Properties tab.
Figure 2-69 shows an example of a License Properties tab for an Evolution X5 remote.
Figure 2-69. License Properties Tab
Notice that the remote has been licensed for Inbound Spread Spectrum and Link Encryption.
(A Value of 1 indicates that the license has been enabled.) If no licenses have been imported,
the License Properties tab is blank.
2.16.3 Exporting iBuilder Data for Licensing

To license a feature on individual hardware elements (such as remotes or line cards), iDirect
requires the following information for each unit:
• Hardware Model Type
• Serial Number
• Derived ID (DID)
NOTE: For details on requesting licenses from iDirect, see the iDirect Features
and Chassis Licensing Guide.
iBuilder provides an automated method to generate a Comma Separated Values (CSV) file of
Serial Numbers, DIDs and Model Types for the elements to be licensed. This can be useful
when requesting licenses for a large number of existing hardware elements.
To export data for feature licenses from iBuilder:
1. Select a parent element in the iBuilder Tree that contains all of the hardware units to
license.
2. Click the Export Data for Licensing button on the iBuilder Licensing Toolbar.

iDX Release 3.5
Figure 2-70. Selecting Export Data for Licensing on License Toolbar
3. Click the Export Data for Licensing button in the License Toolbar to open the Data for
Licensing dialog box (Figure 2-71). In Figure 2-70, Network 8 was selected in the iBuilder
Tree before clicking the Export Data for Licensing button.
Figure 2-71. Selecting Data for Licensing
4. In the Data for Licensing dialog box, select all units that require a license.
5. Click the Save to File button to display the Save As dialog box.

iDX Release 3.5
Figure 2-72. Saving Data for License Request
6. Navigate to the folder where you want to save the CSV file and click the Save button.
Figure 2-73 shows an example of a license request CSV file opened in Microsoft Excel
containing information required for an iDirect license request.
Figure 2-73. Sample License Request CSV file

iDX Release 3.5
2.16.4 Permanently Enabling Chassis License Download

By default, permission to download a chassis license file to the NMS Chassis Manager server
must be enabled before importing the license into iBuilder. (This procedure is described in
Step 1 of Importing License Files on page 60.) This security feature guards against accidental
or malicious download of an incorrect chassis license file. To override this behavior and
permanently enable license download to the Chassis Manager, following these steps:
1. Log on to the root account of the NMS server machine that is running the Chassis Manager.
NOTE: SSH can not be used to log on directly to the root account of an NMS server
or Protocol Processor blade. Instead, use SSH to log on to another account such as
the iDirect account. Then enter su - from the command line to log on as root.
2. Change to the Chassis Manager directory by entering the command:

cd /home/nms/cm
4. Add the following line at the beginning of the file:
[DOWNLOAD]
enable = 1
This change to para_cfg.opt is illustrated in Figure 2-74.
Figure 2-74. para_cfg.opt with Chassis License Download Enabled

6. Enter the command:
ssh <ip address>
where <ip address> is the IP address of the server running the NMS chassis manager
process.
7. Enter one of the following commands:
or
telnet 0 15262
8. At the Username prompt, log on to the chassis manager admin account. (The default

iDX Release 3.5
9. Update the Chassis Manager with the new configuration by entering the command:
update
10. Return to the NMS server machine by entering the command:
exit
11. Log off of the NMS server machine.
License download to the Chassis Manager is now permanently enabled, even if the Chassis
Manager server process restarts.

iDX Release 3.5

iDX Release 3.5
3 Defining Hub RFT
Components and the
Satellite
This chapter contains the following sections for configuring the satellite, Hub RFT, and
satellite bandwidth required to operate iDirect networks:
• Preparing the Hub RFT Components Folders on page 69
• Adding a Spacecraft on page 73
• Adding a Transponder on page 74
• Adding Bandwidth on page 76
• Adding Carriers on page 77
3.1 Preparing the Hub RFT Components Folders

In order to configure the HUB RFT, you must select certain pre-defined subcomponents for
each field in the HUB RFT configuration dialog box. Expand the HUB RFT folder to see the
folders containing the subcomponents the listed below. These subcomponents have been
previously configured and contain critical settings used to establish the Hub RFT operational
parameters.
• Antenna
• Upconverter
• Downconverter
• High Power Amplifier (HPA)
Add entries to these folders and define the parameters of the components in advance so that
the appropriate information is in the drop-down lists on the Hub RFT configuration dialog box.
The procedures in this section explain how to configure these sub-components.
3.1.1 Adding an Antenna

Follow these steps to add an Antenna to the Hub RFT Components folder.
1. Under the Hub RFT Components folder, right-click the Antenna folder and select Add
Antenna.

iDX Release 3.5
Preparing the Hub RFT Components Folders
The new antenna appears in the iBuilder Tree with a system-generated name, and the
Antenna dialog box opens to the Information tab.
Figure 3-1. New Antenna Dialog Box
2. If desired, select a Manufacturer from the drop-down list. Items in this list were either
pre-defined or they were added to the folder earlier. See Adding Entries to Folders on
page 30.
3. In Manufacturer Part Number, enter a part number or name for the antenna.
4. Enter an iDirect Part Number for the antenna (optional).
5. Click OK. The new antenna appears in the iBuilder Tree under the antenna folder.
6. For additional antennas, repeat this procedure, assigning each new antenna a different
name.
3.1.2 Adding an Upconverter or Downconverter

Follow the steps in this section to add an upconverter or downconverter to the Hub RFT
Components folder.
NOTE: Be sure to enter the correct frequency translation values for all
upconverters and downconverters. The NMS uses these values to generate
network configurations.

iDX Release 3.5
1. Under the Hub RFT Components folder in the iBuilder Tree, right-click the Upconverter
or Downconverter folder, and select Add Upconverter or Add Downconverter.
The new upconverter or downconverter appears in the iBuilder Tree with a system-
generated name, and the appropriate dialog box opens to the Information tab. Figure 3-2
shows an upconverter being added. The procedure is the same for adding a
downconverter.
Figure 3-2. New Upconverter Dialog Box
2. In Manufacturer Part Number, enter a part number or name for the upconverter
(optional).
3. Enter a frequency in MHz in the Frequency Translation field. This information is provided
on the specifications sheet for the upconverter.
4. Select a Manufacturer for the Upconverter (optional).
5. Enter an iDirect Part Number for the Upconverter (optional).

iDX Release 3.5
6. Select ODU Tx DC Power and ODU Tx 10 MHz to tell the iDirect modem to supply DC
power and the 10 MHz clock. These settings are applicable when operating a small
teleport whose BUC and LNB are not built into the antenna.
NOTE: Older iDirect chassis and line cards do not provide these capabilities;
remote modems have these capabilities built into them. Four-slot chassis with
newer line cards support these functions but require additional configuration on
the four-slot chassis screen. See Configuring a Four-Slot Chassis on page 318 for
details.
7. Leave Spectral Inversion at Normal unless using C-band. If the local oscillator is higher in
frequency than the one being transmitted or received, then the spectrum must be
inverted.
8. Click OK. The new upconverter appears in the iBuilder Tree under the Upconverter
folder.
9. To add additional upconverters, repeat this procedure, assigning each upconverter a
different name.
10. Repeat these steps for all of the downconverters at the teleport.
3.1.3 Adding a High Power Amplifier (HPA)

Follow the steps in this section to add a High Power Amplifier (HPA) to the Hub RFT
Components folder.
1. Under the Hub RFT Components folder in the iBuilder Tree, right-click the HPA folder, and
select Add HPA.
The new HPA appears in the iBuilder Tree with a system-generated name, and the HPA
dialog box opens to the Information tab.
Figure 3-3. New HPA Dialog Box

iDX Release 3.5
Adding a Spacecraft
2. Select a Manufacturer for the HPA (optional).

3. In Manufacturer Part Number, enter a part number or name for the HPA.
4. Enter an iDirect Part Number for the HPA (optional).
5. Click OK. The new HPA appears in the iBuilder Tree under the HPA folder.
6. Repeat these steps for all of the HPAs at the teleport.
3.2 Adding a Spacecraft

1. To create a Spacecraft, right-click the Spacecraft folder and select Add Spacecraft.
A new spacecraft appears in the iBuilder Tree with a system-generated name, and the
Spacecraft dialog box opens to the Information tab.
Figure 3-4. New Spacecraft Dialog Box
2. Select the name of the Operator (usually the service provider) or select a configured
Operator from the drop-down menu.
3. In Spacecraft Name, enter a name for the spacecraft.

iDX Release 3.5
Adding a Transponder
4. Enter an Operator Reference Name. (Optional)

5. Enter the exact Longitude (between 0 and 180 degrees) of the satellite. This information
can be obtained from the satellite service provider.
6. To the right of the Longitude box, select the Hemisphere: E (East) or W (West).
7. Enter the Orbital Inclination. This is necessary only if the satellite is experiencing
instability or is coming to the end of its life cycle. The satellite provider can supply the
orbital inclination.
8. The Minimum Look Angle is applicable to mobile remote antennas. The Minimum Look
Angle configured here is used by all mobile remotes that do not have this setting
overridden on the Remote Geo Location tab. (See Remote Geo Location Tab on page 199.)
9. Maximum Skew represents the maximum angle of skew that a mobile remote’s antenna
can tolerate before it stops transmitting. The Maximum Skew configured here is used by
all mobile remotes that do not have this setting overridden on the Remote Geo Location
tab. (See Remote Geo Location Tab on page 199.)
10. A satellite with horizontal or vertical polarization may be skewed with respect to its
orbit. In Skew Polarization, enter the amount of skew of the spacecraft in degrees. Valid
values range from -45.0o to +45.0o.
11. Skew Margin is used to optimize the use of upstream carriers for mobile remotes in
Adaptive TDMA inroute groups using non-circular polarization. The value for this
parameter is determined during network design. When not applicable, it should be set to
the default value of 90o. The Skew Margin configured here is used by all mobile remotes
that do not have this setting overridden on the Remote Geo Location tab. (See Remote
Geo Location Tab on page 199.)
12. Click OK. The spacecraft appears in iBuilder Tree under the Spacecraft folder.
3.3 Adding a Transponder

A satellite transponder receives the carriers on the uplink frequencies and re-transmits them
on the downlink frequencies. Each transponder is configured under a spacecraft in iBuilder.
Bandwidth regions are then defined for each transponder. Upstream and downstream carriers
are then added to the bandwidth regions. This hierarchy is illustrated in Figure 3-5.
Figure 3-5. Bandwidth Hierarchy in the iBuilder Tree
Follow these steps to add a transponder:

1. Right-click the Spacecraft and select Add Transponder.

iDX Release 3.5
Adding a Transponder
The new transponder appears in the iBuilder Tree with a system-generated name, and the
Transponder dialog box (Figure 3-6) opens to the Information tab.
Figure 3-6. Hub Transponder Dialog Box
2. In Operator Reference Name, enter a name for the transponder to identify it in the
iBuilder Tree.
3. Translation Frequency can be obtained from the satellite provider. The frequency, in
MHz, is transponder specific. It is that frequency used to down convert the radio
frequency (RF) uplink to the RF downlink for retransmission from the satellite. The
Translation Frequency must be correct for iDirect networks to function correctly.

iDX Release 3.5
Adding Bandwidth
4. Enter the information for the remaining fields, which can also be obtained from the
service provider. This information is for reference purposes only.
5. Click OK. The new transponder is added to the iBuilder Tree under the Spacecraft.
3.4 Adding Bandwidth

A bandwidth region defines a specific portion of the satellite’s transponder within which
transmit and receive carriers are defined. At least one bandwidth region is required for each
transponder in order to create carriers. To add and define a bandwidth region, follow these
steps:
1. Right-click the transponder and select Add Bandwidth.
The new bandwidth entry appears in the iBuilder Tree with a system-generated name, and
the Bandwidth dialog box opens to the Information tab.
Figure 3-7. New Bandwidth Dialog Box
2. On the Information tab, in the Operator Reference Name box, enter a name to identify
the bandwidth in the iBuilder Tree.
3. Enter the Center Frequency, Bandwidth, and Power values, which can be obtained from
the service provider. This information is for reference purposes only.
4. Click OK. The bandwidth entry is added to the iBuilder Tree under the Transponder.

iDX Release 3.5
Adding Carriers
3.5 Adding Carriers

This section describes how to add both downstream and upstream carriers in iBuilder.
3.5.1 Adding Downstream Carriers

Each Network may have only one active Downstream (Outbound) Carrier. (An alternate
Downstream Carrier can be added to facilitate changing to a new carrier. See page 124.) iDX
Release 3.5 supports DVB-S2 downstream carriers only. Carrier parameters are determined as
part of the satellite link budget process. Obtain these parameters from the satellite provider.
To add a downstream carrier, follow these steps:
1. Right-click the bandwidth region for the transponder and select Add Downstream
Carrier.
The new carrier appears in the iBuilder Tree with a system-generated name, and the
Downstream Carrier dialog box opens to the Information tab.

iDX Release 3.5
Adding Carriers
Figure 3-8. New Downstream Carrier Dialog Box
2. Enter a Name for the downstream carrier.

3. Enter the Uplink Center Frequency of the downstream carrier.
4. The Downlink Center Frequency is automatically calculated based on the transponder
translation frequency.
5. In Power, enter a value for the transmit power. The default is -25 dBm.
6. Select the Carrier Spacing for this carrier. This is an optional field used to document the
total width of the carrier. It represents the occupied bandwidth plus the guard band
normalized by the symbol rate. For more information, see the discussion of DVB-S2 roll-
off factors in the chapter titled “Carrier Occupied Bandwidth” in the iDirect Technical
Reference Guide.
7. ACM (Adaptive Coding and Modulation) is automatically selected for Modulation. This is
the only available selection for DVB-S2 downstream carriers.
8. In the DVB-S2 Range section of the dialog box:

iDX Release 3.5
Adding Carriers
a. Select both a Minimum M ODCOD and a Maximum MODCOD. This defines the range of
MODCODs used on the downstream carrier.
NOTE: iDX Release 3.5 does not support CCM. To simulate CCM, select the same
Minimum MODCOD and Maximum MODCOD. If simulating CCM, adjust the DVB-S2
network parameters as described in Adjusting DVB-S2 Parameters for CCM
Networks on page 157.
b. Click the MODCOD Distribution button to estimate the Information Rate for the DVB-
S2 carrier based on the MODCODs that the remotes in this network are able to
receive. See Estimating the Information Rate for a DVB-S2 Carrier on page 87 for
details.
9. For Error Correction, LDCP BCH is automatically selected for all DVB-S2 carriers. For
information on the available FEC rates and modulation modes, see the iDirect Link Budget
Analysis Guide for this release.
10. In the Assigned to Line Card field, select a transmit line card for this carrier. If no line
card is available for selection, configure a new card or re-configure an existing card for
use by this carrier.
11. Enter the Symbol Rate for the DVB-S2 carrier. (You cannot enter a Transmission Rate or
Information Rate for DVB-S2 carriers.) The symbol rate for DVB-S2 carriers must be
between 1000 and 45000 ksym.
12. In Timeplan Parameters:
a. FEC Blocks per Frame is not applicable to DVB-S2 carriers.
b. Frame Length is automatically set to 125 ms.
13. Spreading Parameters cannot be selected. Spread Spectrum is not supported on DVB-S2
downstream carriers.
14. Click OK. The outbound carrier appears in the iBuilder Tree.
3.5.2 Adding TDMA Upstream Carriers

Remotes transmit data to the hub on upstream carriers. There are two types of upstream
carriers: TDMA Upstream Carriers and SCPC Upstream Carriers.
To add a TDMA Upstream Carrier:
1. Right-click Bandwidth, and select Add Upstream Carrier.
Upstream Carrier- TDMA dialog box opens to the Information tab.

iDX Release 3.5
Adding Carriers
Figure 3-9. New TDMA Upstream Carrier Dialog Box
2. Enter a Name for the TDMA upstream carrier.

3. Enter the Uplink Center Frequency of the upstream carrier.
4. The Downlink Center Frequency is automatically calculated based on the transponder
translation frequency.
5. Carrier Spacing is an optional field used to document the total width of the carrier. It
represents the occupied bandwidth plus the guard band normalized by the symbol rate.
On multichannel receive line cards, carrier spacing is enforced when upstream carriers
are assigned to the line card to prevent overlap. For more information on carrier spacing,
please see the chapter titled “Carrier Occupied Bandwidth” in the iDirect Technical
Reference Guide.
6. Select the Modulation for the carrier: BPSK, QPSK, 8PSK or Adaptive. Select Adaptive if
this carrier will be part of an Adaptive inroute group. Depending on the selection, the
next field will be either Modulation or Payload Size.
7. If BPSK, QPSK or 8PSK is selected in Modulation, the Error Correction field is displayed.
Select the combination of block size and FEC rate for the carrier.
NOTE: Only 2D 16-State Inbound Coding is supported in this release.

iDX Release 3.5
Adding Carriers
8. If Adaptive is selected in Modulation, the Payload Size field appears in place of the Error
Correction field (Figure 3-10). Select a Payload Size for the Adaptive carrier.
Figure 3-10. Payload Size Field for Adaptive Carriers
NOTE: The Payload Size must be identical for all carriers in the same inroute
group. For non-Adaptive carriers, the payload size is included in the Error
Correction field.
9. The Assigned to Line Card field is populated automatically when this carrier is assigned
to a hub line card in the Line Card dialog box.
10. Enter either a Transmission Rate, Information Rate, or Symbol Rate. Entering any of the
rate values will cause the remaining two rates to be automatically calculated.
NOTE: Only Symbol Rate is applicable to Adaptive carriers. The Transmission Rate
and Information Rate vary dynamically with the current MODCOD of the Adaptive
carrier. (See the chapter titled “Adaptive TDMA” in the iDirect Technical
Reference Guide for more information.)
Symbol Rate is related to Transmission Rate based on the selected Modulation as

follows:
• For BPSK, the Symbol Rate is equal to the Transmission Rate.
• For QPSK, the Symbol Rate is half the Transmission Rate.
• For 8PSK, the Symbol Rate is one third the Transmission Rate.
For example, if you enter 2800 kbps into the Transmission Rate box, the Symbol Rate
box is automatically calculated to be 2800 ksym for BPSK, 1400 for QPSK, or 933.33 ksym
for 8PSK.
NOTE: Evolution X1 and e150 remotes are not allowed to transmit on TDMA
upstream carriers larger than 4 Msps.
11. In the Timeplan Parameters section:

a. Frame Length is determined when the carrier is assigned to a line card in a network
with a downstream carrier. Frame Length is the size of the upstream frame in
milliseconds.
b. Select Enable Superburst to allow remotes to use the Superburst waveform to
acquire the network on this upstream carrier. (Use of Superburst is limited to
upstream carriers received by multichannel line cards or by receive-only eM1D1 line
cards.)
NOTE: See the chapter titled “Remote Acquisition” in the iDirect Technical
Reference Guide for details on Acquisition Slots and Superburst.

iDX Release 3.5
Adding Carriers
12. If using the iDirect Spread Spectrum feature with BPSK modulation, select a Spreading
Factor in the Spreading Parameters area of the dialog box. The following upstream
Spreading Factors can be selected:
• No Spreading
• COTM SF=2: Spreading factor of 2
Figure 3-11. Selecting an Upstream Spreading Factor
NOTE: The iDirect Spread Spectrum feature is only supported for BPSK
modulation. For more information, see the chapter titled “Spread Spectrum” in
the iDirect Technical Reference Guide.
NOTE: Spread Spectrum is not supported for upstream carriers received by XLC-M
or eM0DM line cards.
NOTE: Only Evolution e8350, e800, and e850mp remotes can transmit on
upstream carriers with Spreading Factor 16.
13. Click OK to save the TDMA upstream carrier definition.
3.5.2.1 Disabling Acquisition Slots on Specific Carriers

Users can disable acquisition slots on specific carriers; this may be useful when larger carriers
are set up using inclined orbit satellite bandwidth. It accomplishes this through the use of a
custom key that causes the Protocol Processor to disable acquisition on the selected carrier.
NOTE: The Acquisition Aperture is still present; however, it is not used for TDMA
acquisition slots on the selected carrier.
To disable the use of acquisition slots on specific carriers (e.g., high symrate or low symrate
carriers), create a network-level custom key in iBuilder as follows:
1. Right-click the network in the iBuilder Tree and select ModifyItem.
2. Click the Custom tab.
3. Enter the following Custom Key:
[INROUTE_x] //x = Inroute id

iDX Release 3.5
Adding Carriers
acq_disable=1
4. Click OK to save the changes.
5. Right-click the network in the iBuilder Tree and select Apply ConfigurationNetwork to
download the changes.
CAUTION: Before removing a carrier from an inroute group, first remove its
corresponding custom key and then remove the carrier.
Removing the carrier without first removing its corresponding custom key can
cause a network outage.
3.5.3 Adding SCPC Upstream Carriers

An SCPC upstream carrier provides a dedicated, high-bandwidth, return channel from a
remote to the hub without the additional overhead of TDMA. 9-Series, Evolution e8350, X5
and X3 remotes can transmit an SCPC return channel. An Evolution eM0DM or XLC-M line card
can receive as many as eight SCPC return channels.
To add an SCPC upstream carrier, follow these steps:
1. Right-click on the bandwidth region for the transponder and select Add Upstream SCPC
Carrier.
Upstream Carrier - SCPC dialog box opens to the Information tab.
NOTE: As shown in Figure 3-12, an SCPC upstream carrier is distinguished from a

TDMA upstream carrier by the “S” in the carrier icon in the iBuilder Tree.
Figure 3-12. SCPC Upstream Carrier Icon in iBuilder Tree

iDX Release 3.5
Adding Carriers
Figure 3-13. New SCPC Upstream Carrier Dialog Box
2. Enter a Name for the SCPC upstream carrier.

3. Enter the Uplink Center Frequency. The frequency assignment is provided as part of the
satellite link budget from the satellite provider.
4. The Downlink Center Frequency is automatically calculated when you click in the
Downlink Center Freq box, based on the transponder translation frequency.
5. Carrier Spacing is an optional field used to document the total width of the carrier. It
represents the occupied bandwidth plus the guard band normalized by the symbol rate.
On multichannel receive line cards, carrier spacing is enforced when upstream carriers
are assigned to the line card to prevent overlap. For more information on carrier spacing,
see the chapter titled “Carrier Occupied Bandwidth” in the iDirect Technical Reference
Guide.

iDX Release 3.5
Adding Carriers
NOTE: Additional Guard Band is required for SCPC return channels being
transmitted by some mobile remotes. See Guard Band for SCPC Return Channels
on page 534.
6. Select the Modulation for the carrier: BPSK, QPSK or 8PSK.

7. Select the type of Error Correction to be used for this carrier. Only 2D 16-State Coding is
supported for SCPC upstream carriers.
NOTE: For information on the available FEC rates and modulation modes, see the
iDirect Link Budget Analysis Guide for this release.
8. Enter either the Transmission Rate, Information Rate, or Symbol Rate. Entering any of
these values will cause the remaining rates and the Occupied Bandwidth to be
automatically calculated.
NOTE: Not all configurable Symbol Rates and Modulations are supported for some
mobile applications. See Minimum Symbol Rates for Mobile Remotes on page 531.
9. In Frame Parameters, the Frame Length and the number of FEC Blocks per Frame are
automatically calculated based on the selected Error Correction.
10. To use the iDirect Spread Spectrum feature, select a Spreading Factor in the Spreading
Parameters area of the dialog box. The following SCPC upstream Spreading Factors can
be selected:
• No Spreading
NOTE: The iDirect Spread Spectrum feature is only supported for BPSK
modulation. A Spreading Factor can only be selected if BPSK is selected in the
Modulation field. For more information, see the chapter titled “Spread Spectrum”
in the iDirect Technical Reference Guide.
NOTE: Spread Spectrum is not supported for upstream carriers received by XLC-M
or eM0DM line cards.
11. In the Uplink Control Parameters area of the dialog box (Figure 3-13 on page 84), specify
the Operating Margin and the three Power Adjust parameters. The Uplink Control
Parameters are defined as follows:

iDX Release 3.5
Adding Carriers
• The C/N Threshold is a read-only field automatically determined by the Modulation

and Error Correction selected for the carrier. The values in this field are determined
during hardware qualification and are documented in the Link Budget Analysis Guide.
• To calculate the Operating Margin, subtract the C/N Threshold from the Clear Sky
C/N provided by the Link Budget Analysis (LBA) for the network. The system adds the
Operating Margin to the C/N Threshold to arrive at the Nominal C/N for the carrier.
The Nominal C/N is the target C/N value of the SCPC upstream carrier as measured by
the hub line card. (This target C/N is represented by the dashed vertical line in the
green area of the graphical display in Figure 3-13.)
• The value entered for Below Nominal determines how far below the Nominal C/N the
receive signal can drop before the system increases the remote’s transmit power in
order to bring the C/N back into the operational range. (This is represented by the
green area to the left of the target C/N in the graphical display in Figure 3-13.)
• The value entered for Above Nominal determines how far above the Nominal C/N the
receive signal can rise before the system decreases the remote’s transmit power in
order to bring the C/N back into the operational range. (This is represented by the
green area to the right of the target C/N in the graphical display in Figure 3-13.)
• The Max Power Adjustment is the maximum change that the system will make to the
remote’s transmit power in a single adjustment. (This is represented by the two red
areas at the left and right ends of the graphical display in Figure 3-13.) If the change
required to reach the target C/N is less than or equal to the Max Power Adjustment,
then the system will adjust by that amount in a single step. If a larger change is
required, the system will make multiple adjustments to arrive at the target C/N.
NOTE: Click and drag the Power Adjust sliders to vary the C/N ranges and
automatically update the Power Adjust settings.
12. Click OK to save the SCPC Upstream carrier definition.
NOTE: If the SCPC return channel will be transmitted by a mobile remote, it may
be necessary to adjust the upstream acquisition range by configuring a custom
key on the receive line card once the carrier is assigned to a line card. See SCPC
Upstream Acquisition Range on page 532 for details.
NOTE: After creating an SCPC return carrier and associating the carrier with a
line card, the Modulation and FEC Blocks per Frame areas are grayed out; this
occurs even when there is no remote associated with the line card.
To work-around this issue, perform the following:
1. Create another carrier with the required configuration on the same frequency.
2. Move the remote to an inroute group.
3. De-select the carrier on the HLC menu.
4. Select the newly created carrier.
5. Return the remote to the carrier.

iDX Release 3.5
Adding Carriers
3.5.4 Estimating the Information Rate for a DVB-S2 Carrier

When configuring a DVB-S2 carrier with ACM, only the symbol rate and occupied bandwidth
are known. The Information Rate depends on the combination of MODCODs being received by
the remotes in the network at any time.
iBuilder includes a MODCOD Distribution Calculator for estimating the carrier Information
Rate for a DVB-S2 carrier. To use the MODCOD Distribution Calculator:
1. Click the MODCOD Distribution button on the DVB-S2 Downstream Carrier dialog box to
display the calculator. (See Figure 3-8 on page 78.)
Figure 3-14. MODCOD Distribution Calculator for DVB-S2 Carriers
Figure 3-14 shows an instance of the MODCOD Distribution Calculator. The range of the
MODCOD column is limited to the DVB-S2 Range defined for the carrier assigned to this
network. The Total row shows the totals for the columns.
2. Double-click the cells to enter estimates of either the percentages of traffic or the
Information Rates that will be transmitted on the different MODCODs for remotes
receiving this carrier.
Changing the percentages in the Distribution column causes the Information Rate for
each MODCOD to be automatically recalculated and the total displayed in the Total row.
Changing bit rates in the Information Rate column causes percentages in the Distribution
column to be automatically recalculated and the new total percentage is displayed in the
Total row.
Figure 3-15 shows the results of changing the percentages in the Distribution column.

iDX Release 3.5
Adding Carriers
Figure 3-15. Calculating Estimated Information Rate for a DVB-S2 Network
In the example in Figure 3-15, the network operator estimates that 20% of the remotes
typically receive 16APSK-4/5, 20% receive 16APSK-5/6, and the remaining 60% receive
16APSK-8/9 (the best MODCOD defined for the carrier). Based on this input, the calculator
determines the estimated Information Rate for the carrier to be 6532 kbps.
A variation of the MODCOD Distribution Calculator can be used to calculate the effective MIR
and CIR for Group QoS nodes. See Estimating Effective MIR and CIR for DVB-S2 Networks on
page 252 for details.

iDX Release 3.5
4 Defining Network
Components
The Teleport is the highest component in the iBuilder Tree hierarchy and represents the
facility where the antenna and, typically, the rest of the Hub equipment is housed. After
adding a Teleport, add a Protocol Processor (PP), Blades, Hub RFT, and Chassis to the iBuilder
Tree. This chapter discusses how to configure all of these elements except the chassis. Chassis
configuration is discussed in Configuring a Hub Chassis on page 313.”
This chapter contains the following sections:
• Adding a Teleport on page 89
• Adding a Backup Teleport on page 90
• Adding a Hub RFT on page 93
• Protocol Processors on page 94
• Adding a Protocol Processor Blade on page 101
• Setting Warning Properties for Protocol Processor Blades on page 100
• Adding an SVN on page 102
• Configuring L2oS Hub Parameters on page 105
4.1 Adding a Teleport

1. To add a Teleport, right-click the iDirect Globe at the top of the iBuilder Tree and select
Add Teleport.
The new teleport appears in the iBuilder Tree with a system-generated name, and the
Teleport dialog box opens to the Information tab.
Figure 4-1. Teleport Information Tab

iDX Release 3.5
Adding a Backup Teleport
2. On the Information tab, enter a name and a phone number for the Teleport facility.
3. Click the Geo Location tab.
Figure 4-2. Teleport Geo Location Tab
The Geo Location identifies precisely where the uplink facility (i.e., the Hub RFT) is
geographically located on the Earth. The teleport transmits the uplink signal to the
satellite and receives the downlink signal from the satellite.
NOTE: The Geo Location information must be accurately configured for a remote
to function correctly in an iDirect network.
4. Enter the exact Latitude and Longitude of the teleport. This information can be obtained
from the service provider or can be determined with a GPS device. Be sure to select the
correct hemisphere for each. Latitude represents North and South; longitude represents
East and West.
5. Click OK to save the settings. The Teleport appears in the iBuilder Tree.
4.2 Adding a Backup Teleport

As part of the iDirect Geographic Redundancy feature, iBuilder allows creation of a fully-
redundant backup teleport which can assume the role of the primary teleport in the event
that the primary teleport becomes unavailable.
NOTE: A Global NMS license is required to configure Geographic Redundancy. All

remotes in a geographically redundant system must be configured as roaming
remotes. See the iDirect Technical Reference Guide for a description of this
feature. See Roaming Remotes on page 216 for details on configuring remotes as
roaming remotes.
The procedure for configuring a backup teleport assumes that the primary teleport is already
operational and that the backup teleport has been installed. Generally, the iBuilder
configuration of the backup components should be identical to the configuration of the
primary teleport. During operation, any configuration changes made at the primary teleport
should also be made at the backup teleport. This can be accomplished using the NMS database

iDX Release 3.5
backup and restore utility described in the iDirect Technical Note NMS Redundancy and
Failover for this release.
NOTE: When using the same outbound carrier for both the primary and backup
teleports, the teleport operator must disable the backup transmitter while the
primary teleport is operational. In the event of failure of the primary site, the
teleport operator must enable the backup transmitter for the backup teleport to
become operational.
Using iBuilder at the primary teleport, follow these steps to configure the backup teleport
hub equipment and to add existing remotes to the backup teleport’s networks. The procedure
assumes that the primary teleport and the networks it controls are already configured in
iBuilder and operational.
1. Add the backup teleport by following the steps in the section Adding a Teleport on
page 89. Then configure all the components of the backup teleport, including:
• The Hub RFT (See Adding a Hub RFT on page 93)
• The Protocol Processor (See Protocol Processors on page 94)
• Protocol Processor Blades (See Adding a Protocol Processor Blade on page 101)
• Networks (See Adding a Network on page 118)
• Line Cards (See Adding a Transmit or Transmit and Receive Line Card on page 121)
• Inroute Groups (See Inroute Groups on page 146)
2. Right-click the backup teleport in the iBuilder Tree and select ModifyItem.
3. In the Backup NMS area of the Teleport dialog box, select Enabled (Figure 4-3).
Figure 4-3. Configuring a Backup Teleport
4. Enter the IP address (or addresses) of the NMS server(s) at the backup teleport.
5. Click OK to save the changes.)

iDX Release 3.5
NOTE: A distributed NMS requires up to three IP addresses for the NMS servers.
Unless there is a distributed NMS at the backup site, all three IP addresses should
be identical.
6. Add each remote to the backup teleport as follows:

a. Right-click the remote in the iBuilder Tree and select Add to Networks from the
menu to display the Roaming dialog box.
Figure 4-4. Roaming Dialog Box
b. In the Roaming dialog box, select the remote’s Network under the backup teleport.
c. Click OK to save the changes.
7. At this point, all remotes will have changes pending. Apply the changes for each network
as follows:
a. Right-click the network in the iBuilder Tree and select Apply Configuration
Multiple.
b. In the Automated Configuration Downloader dialog box, select all remotes and line
cards.

iDX Release 3.5
Adding a Hub RFT
Figure 4-5. Automated Configuration Downloader Dialog Box
c. Click the Start button.

8. Right-click the protocol processor and select Apply Configuration from the menu.
9. Click Yes in the confirmation dialog box to update the protocol processor and blades.
4.3 Adding a Hub RFT

Before defining the Hub RFT, define the elements in the Hub RFT Components folders. See
Defining Hub RFT Components and the Satellite on page 69.
1. To create a Hub RFT, right-click the Teleport and select Add Hub RFT.
The new Hub RFT appears in the iBuilder Tree with a system-generated name, and the
Hub RFT dialog box opens to the Information tab.

iDX Release 3.5
Protocol Processors
Figure 4-6. New Hub RFT Dialog Box
2. Enter a name for the Hub RFT, and then select the subcomponents for the Hub RFT from
each of the drop-down list boxes.
3. Select the Satellite to which this Hub RFT is assigned.
4. Click OK. The Hub RFT is added to the iBuilder Tree.
4.4 Protocol Processors

After adding the Hub RFT, create the Protocol Processor. The Protocol Processor configuration
defines general parameters that apply to the Protocol Processor server machines, which are
called blades. Protocol Processor blades are the hub servers responsible for processing,
routing and managing the upstream and downstream traffic. Add the Protocol Processor in
iBuilder before configuring the blades.
Networks can be expanded by adding multiple blades to the Protocol Processor. This
architecture provides both scalability and automatic failover. If a blade fails, its load is
automatically distributed across the remaining blades.
4.4.1 TRANSEC Protocol Processors

Transmission Security (TRANSEC) prevents an adversary from exploiting information available
in a communications channel without necessarily having defeated the encryption inherent in
the channel. Even if wireless transmission encryption is not compromised, by using basic
signal processing techniques taken from wireless transmission acoustics, information such as
timing and traffic volumes can be determined. This information could provide someone
monitoring the network a variety of information on unit activity.
iDirect achieves full TRANSEC compliance by presenting to an adversary eavesdropping on the
RF link a constant “wall” of fixed-size, strongly-encrypted (AES, 256 bit Key) traffic segments,
the frequency of which does not vary in response to network utilization. For a detailed

iDX Release 3.5
Protocol Processors
technical description of iDirect’s TRANSEC feature, see the iDirect Technical Reference
Guide.
NOTE: A license is required for all Protocol Processor blades and line cards that
use the TRANSEC feature. All blades must be licensed for TRANSEC in order to add
a TRANSEC protocol processor in iBuilder. For complete details on requesting and
installing iDirect licenses, see the iDirect Features and Chassis Licensing Guide.
To configure a TRANSEC network in iBuilder, first create one or more TRANSEC protocol
processors. All network elements that are subsequently created under a TRANSEC protocol
processor are part of the TRANSEC-compliant network.
TRANSEC networks require TRANSEC-capable remote and line card model types. For a list of
compatible model types, see TRANSEC Hardware Requirements on page 446.
All hosts in an iDirect TRANSEC network must have X.509 certificates issued by the iDirect
Certificate Authority (CA) Foundry. Hosts include NMS Servers, Protocol Processor blades,
TRANSEC line cards, TRANSEC remotes, and GKD Servers. Issue X.509 certificates before
creating the TRANSEC network. For details on the certification process, see Using the iDirect
CA Foundry on page 467.
4.4.2 Adding a Protocol Processor

Follow these steps to add a protocol processor:
1. To create a Protocol Processor, right-click the Teleport, and select Add Protocol
Processor. (To add a TRANSEC protocol processor, select either Add Protocol Processor or
Add TRANSEC Protocol Processor.)
The new Protocol Processor appears in the iBuilder Tree with a system-generated name,
and the Protocol Processor dialog box opens to the Information tab.

iDX Release 3.5
Protocol Processors
Figure 4-7. New Protocol Processor Dialog Box
2. On the Information tab, enter a Name for the Protocol Processor.

iDX Release 3.5
Protocol Processors
3. The User Password and Admin Password text boxes are empty. Specify alternate, secure
passwords.
NOTE: If a default password is entered, the Detected Default Password dialog box
opens to warn the user to change the default password. The dialog box opens
each time the default password is used unless the default password security check
is turned off. For more information, see Turning Off/On Security Enhancement
on page 17.
4. In Download Monitor Credentials, enter any value greater than one and less than four
billion. (This number is used for multicast firmware image download and can be
duplicated across multiple Protocol Processors. It is critical for communications between
the NMS and network elements.)
5. In Upstream Gateway, enter the IP address of the upstream router. This is the address of
the router interface connected to the upstream LAN segment.
6. Click Enabled RIPv2 to configure the Protocol Processor to advertise remote routes to the
upstream router using the RIPv2 protocol. This setting affects the default VLAN only.
7. Select the Upstream and Tunnel Interfaces. The tunnel is the LAN segment between the
Protocol Processor and the line cards.
8. Select TRANSEC Enabled to add a protocol processor for a new TRANSEC network.
(Selecting Add TRANSEC Protocol Processor from the iBuilder Tree automatically enables
this field.)
NOTE: Before selecting this option for an existing network, ensure that all
preliminary steps have been taken. Follow the procedure in Converting a Network
to TRANSEC on page 445 to convert an existing network to TRANSEC.
NOTE: TRANSEC Enabled only appears in the dialog box if a TRANSEC license is
installed on the Protocol Processor. Before deploying this feature, contact the
iDirect Technical Assistance Center (TAC).
9. Select L2oS Enabled to configure Layer 2 networks or Layer 2/Layer 3 Hybrid mode
networks containing Evolution X1 and/or Evolution X7 remotes under this Protocol
Processor.
10. A persistent multicast group is a multicast group that includes all remotes communicating
with this protocol processor. The protocol processor always forwards upstream multicast
traffic for a persistent multicast group.
To add a persistent multicast group, click Add in the Multicast Groups section of the
Information tab to open the Persistent Multicast Group dialog box.
Figure 4-8. Persistent Multicast Group Dialog Box

iDX Release 3.5
Configuring a Protocol Processor to Enable X7 Encrypted Multicast Fast Path on a Second Demodulator
11. Enter the Vlan Id and the IP Address of the multicast group.
NOTE: For more information, see the Technical Note titled “IP Multicast in
iDirect Networks.”
12. Under SI Table, enter a Multicast IP Address for system messages that are broadcast by
the Protocol Processor to the remotes. Select a multicast IP address that meets the
following conditions:
• The selected IP address must not conflict with any multicast IP addresses being used
by the networks.
• The tunnel switch must not filter out the selected multicast IP address.
• If there are multiple Protocol Processors that are not isolated on the LAN, then a
different Multicast IP Address must be configured for each Protocol Processor.
4.5 Configuring a Protocol Processor to Enable X7

Encrypted Multicast Fast Path on a Second
Demodulator
This section describes how to configure a Protocol Processor to enable Evolution X7 remotes
to receive encrypted Multicast Fast Path traffic on a second demodulator. A license is required
to enable the second receiver on an X7.
NOTE: When the local NMS manages the second downstream, configuring the
local Protocol Processor is not required. Configuring the Protocol Processor is
required when the second downstream is managed by another NMS or Protocol
Processor.
NOTE: An X7 remote can be configured to receive Multicast Fast Path traffic on a

separate outbound carrier using its second receiver. For more information, see
the Multicast Fastpath chapter in the Technical Reference Guide.
Additionally, see the following sections for additional information about configuring
an X7 remote to receive encrypted Multicast Fast Path traffic on a second
demodulator:
• Adding a Network on page 118
• Remote VSAT-2 Tab on page 207
• Setting Up Global Key Distribution for Encrypted Multicast Fast Path on an X7
Second Demodulator on page 500

iDX Release 3.5
Configuring a Protocol Processor to Enable X7 Encrypted Multicast Fast Path on a Second Demodulator
4.5.1 Prerequisites for X7 Encrypted MCFP on a Second

Demodulator
The following prerequisites are necessary before configuring a Protocol Processor to Enable X7
Encrypted Multicast Fast Path on a second demodulator:
NOTE: Link Encryption licenses are required on all Protocol Processor blades that
process encrypted Multicast Fast Path traffic.
• A Multicast Application Profile and associated rules for the multicast streams properly
configured in the Downstream Application folder. See Adding an Application Profile on
page 304.
• A Multicast Service Profile added to the Network Group QoS tab. See Configuring
Remotes for Multicast Fast Path on page 277.
NOTE: Record the number of the Multicast Fast Path Stream displayed on the
Multicast QoS Application dialog box. The stream number is required to enable
the multicast stream on the Evolution X7 remotes.
• A Persistent Multicast Group configured for each VLAN (including the default VLAN)
configured by the Multicast Fast Path Application Profile to carry the Multicast Fast Path
packets. See Adding a Network on page 118.
NOTE: Without a Persistent Multicast Group, the Protocol Processor will not
forward the Multicast traffic to the transmit line card for transmission on the
downstream carrier.
To configure a Protocol Processor to enable Evolution X7 remotes to receive encrypted

Multicast Fast Path traffic on a second demodulator:
1. At the Protocol Processor GKD tab, click Add to add a GKD server. See Adding GKDs in
iBuilder on page 490.
2. Check Enable GKD Server Keys.
3. Enter the Encryption and IV Expansion key names (obtained from the GKD server).
4. Click OK at the bottom of the tab. See Figure 4-9.

iDX Release 3.5
Setting Warning Properties for Protocol Processor Blades
Figure 4-9. Protocol Processor GKD Tab
5. Continue at the Network tab. See Adding a Network on page 118.
4.6 Setting Warning Properties for Protocol Processor

Blades
You can use iBuilder to modify both global properties of protocol processor blade warnings
and warning properties for all blades of individual protocol processors. To change the global
warning properties, select Global Warnings for Blades from the Edit menu. To change
warning properties for individual protocol processors, click the Warning Properties tab for
the protocol processor.
NOTE: When you override global blade warnings on the Protocol Processor
Warning Properties tab, the new settings are applied to all blades of that protocol
processor. You cannot override the settings for the individual blades of a protocol
processor.
For details on configuring warning properties for line cards, remotes and protocol processors,
please see Configuring Warning Properties on page 54.

iDX Release 3.5
Adding a Protocol Processor Blade
4.7 Adding a Protocol Processor Blade

The Protocol Processor level of the iBuilder Tree represents a set of one or more blades. If a
blade fails, its load is automatically distributed across the remaining blades.
Add a Blade to a Protocol Processor as follows:
1. Use either the Blades tab of the Protocol Processor or the iBuilder Tree context menu to
add a Blade. Both methods are shown here.
a. Right-click the Protocol Processor in the iBuilder Tree and select ModifyItem to
open the Protocol Processor dialog box.
b. Select the Blades tab.
Figure 4-10. Protocol Processor Blades Tab
c. Click the Add button to open the Protocol Processor Blade Dialog Box (Figure 4-11 on
page 102).
2. Alternatively, right-click the Protocol Processor in the iBuilder Tree and select Add Blade.
In either case, the Protocol Process Blade dialog box opens (Figure 4-11).

iDX Release 3.5
Adding an SVN
Figure 4-11. Protocol Processor Blade Dialog Box
3. Enter a Name for the blade.

4. Enter the Upstream Interface information for the default VLAN. (iBuilder will
automatically assign the Upstream Interface information for other existing VLANs.)
CAUTION: iBuilder incorrectly allows you to add more PPs than the number of
usable hosts per subnet in the VLAN; any invalid IP address will be broadcast. Be
sure to verify that only valid PPs are assigned to the VLAN.
5. Enter the Tunnel Interface information for the default VLAN.
4.8 Adding an SVN

This section explains how to configure SVNs for Layer 3 IPv4 networks. A Synthetic Virtual
Network (SVN) is a set of connected elements that use a common IP address space.
This information does not apply to Layer 2 over Satellite (L2oS) networks or Layer 2/Layer 3
Hybrid mode networks. For more information on these networks, refer to Configuring L2oS
Hub Parameters on page 105 and in Remote L2oS Tab on page 209.
Due to the distributed architecture of the Protocol Processor, all blades in a blade set
combine to form a single, logical, upstream interface. However, each blade must have a
distinct IP address for each SVN.
To add a SVN:
1. Right-click the Protocol Processor in the iBuilder Tree and select Modify  Item.

iDX Release 3.5
Adding an SVN
2. Select the SVNs tab in the Protocol Processor dialog box.
Figure 4-12. Protocol Processor SVNs Tab
3. Click Add to display the Add/Edit SVN dialog box.
Figure 4-13. Protocol Processor Add/Edit SVN Dialog Box
4. Enter an SVN ID. Valid SVN IDs range from 2 to 4094.

5. Enter an SVN Name.
6. Select Enable RIPv2 to advertise remote routes to the upstream router using the protocol
RIPv2.

iDX Release 3.5
Adding an SVN
7. In the Address Start field, specify the Upstream Interface IP Address to be used by the
first blade. iBuilder automatically enters the remaining IP addresses. (To override the
automatic addressing by following the procedure in the next section.)
8. Click OK. A new Upstream SVN Interface is now defined.
4.8.1 Overriding Automatically-Assigned SVN Addressing

After creating an SVN, you can modify the automatically-assigned addresses as follows:
1. On the SVNs tab (Figure 4-12 on page 103), select the row containing the ID and Name of
the interface and click Edit to view the SVN dialog box (Figure 4-13).
2. To change the automatically-assigned Upstream Interface addressing:
a. Select the Override Addresses check box.
b. Enter the IP addressing information as desired.
This is illustrated in Figure 4-14.
Figure 4-14. Overriding Automatically-Assigned SVN Addressing
If a new blade is subsequently added, all SVN end addresses will be automatically updated to
give the new blade the appropriate upstream interfaces, and the SVNs will be added to the
new blade.
4.8.2 Special VLAN/SVN Configuration

VLAN/SVN support requires one special configuration task, which must be done at the Linux
level on the Protocol Processor. To support VLAN, the upstream Ethernet port (eth0) of the
Protocol Processor must be configured with an MTU of 1504. This is done by typing “MTU =

iDX Release 3.5
Configuring L2oS Hub Parameters
1504” (without quotation marks) in the file /etc/sysconfig/network-

scripts/ifcfg-eth0. Once this is done, save the file. After saving the file, the network
services must be restarted with the following command: service network restart.
NOTE: If a line like this is already present for eth0, but contains a different value
(e.g. 1500), then edit the line to the above value. The MTU value can also be
checked by typing ifconfig at the prompt to display the MTU size.
CAUTION: Do not change the default MTU (1500) on the tunnel interface (eth1).
4.9 Configuring L2oS Hub Parameters

For more information on L2oS, refer to the “Layer 2 over Satellite” chapter of the Technical
Reference Guide.
NOTE: Configuring L2oS requires configuring L2oS hub-side parameters as well as

configuring L2oS remote-side parameters. This section describes configuring L2oS
hub parameters. For information on configuring L2oS remote parameters, see
Remote L2oS Tab on page 209.
The L2oS parameters for the hub are configured on the SVNs tab of the Protocol Processor
(Figure 4-15) when the L2oS Enabled check box is enabled on the Protocol Processor
Information tab as described in Protocol Processors on page 94.
Refer back to Figure 4-12 to see the SVNs tab before the L2oS Enabled check box is enabled.
It shows Layer 3 SVNs configured for a Layer 3 network only.
Figure 4-15. Protocol Processor SVN Tab with L2oS Enabled Checked

iDX Release 3.5
Figure 4-15 shows the SVNs tab after the L2oS Enabled check box is enabled. Note that it
shows both Layer 2 and Layer 3 SVNs. These SVNs were configured for a Layer 2/Layer 3
Hybrid network.
Note also that the SVNs tab has changed to allow SDT selection and L2SW Default selection.
(An SDT is a tag on each Ethernet frame that associates that packet with an SVN.) A user can
now add Layer 2 SVNs as well as Layer 3 SVNs.
Finally, note the grayed-out Reserved outer SVN ID for L3 check box and text box. This is
used with L2oS to provide an SVN ID that is reserved for Layer 3 traffic. For more information,
see Configuring SVNs on page 108.
NOTE: SVNs, whether Layer 2 or Layer 3, must be predefined in the SVNs tab
pane as shown in Figure 4-15 before they can be assigned to a remote.
Figure 4-16 shows the SVNs tab after the L2oS Enabled check box is enabled and Layer 2 SVNs
including CE Tag Transparent SVNs (indicated by _X) have been assigned.
Figure 4-16. Protocol Processor SVN Tab Showing CE Tag Transparent SVNs
To configure the L2oS hub parameters for networks under this Protocol Processor requires
performing the following:
• Configuring SDT
• Configuring L2SW Default
• Configuring SVNs

iDX Release 3.5
4.9.1 Configuring SDT

The SDT parameters determine if VLAN tagging or QinQ tagging is used on the hub connection
to the CE. Configure as follows:
1. In the SDT area of the SVN tab (see Figure 4-15):
a. For SDT Mode select VLAN or QinQ to indicate if VLAN tagging or QinQ tagging is used
on the connection between the Protocol Processor and the hub Customer Edge switch
or router.
b. Enter Ethertype 1. This field defaults to 0x8100 for VLAN Mode and 0x9100 for
QinQ Mode.
c. If Mode is QinQ, enter Ethertype 2. This field defaults to 0x8100.
NOTE: In a L2OS network with a hub configured in SDT mode QinQ, it is necessary
to change the PP eth0 interface MTU from 1504 to 1508 to support frames with
QinQ tags. For more information, see Changing MTU at Protocol Processor in L2oS
Network in the Technical Reference Guide.
4.9.2 Configuring L2SW Default

The L2SW Default parameters determine the default L2oS service mode. This service mode is
used for any SVN that does not have an Optional Override defined. Configure as follows:
1. In the L2SW Default area of the SVN tab (see Figure 4-15):
a. For Mode, select VPLS, VPWSEPC or VPWS. These are the default L2oS service modes
for this protocol processor. The selected L2oS service mode is used for any SVN that
does not have an Optional Override defined.
b. If the Default Mode is VPWSEPC, enter the MAC address to which the hub sends all
upstream Ethernet packets for all SVNs, unless an Optional Override applies. The
default for this field is 00:00:5E:00:52:13.
After the SDT parameters and L2SW default parameters have been set, it is necessary to
configure each SVN for Layer 2 or Layer 3 before they can be used by remotes.
Protocol Processor MAC Address Aging Timeout

The learned MAC addresses on the hub and the remote will both expire if the remote devices
with the MAC addresses have not transmitted for a specific duration. This default durations
are:
• 6 hours at the hub
• 5 minutes at the remote
To change the hub timeout, define the following hub-side custom key on the Protocol
Processor Custom tab pane:
[L2SW]
mac_aging_timeout_sec = x
where x = is a value from 1 to 65535 seconds.See Figure 4-17.

iDX Release 3.5
Figure 4-17. Protocol Processor MAC Address Aging Timeout
For information on learned MAC expiration at the remote, see Remote MAC Address Aging
Timeout on page 213.
4.9.3 Configuring SVNs

NOTE: SVN assignment for L2oS networks requires hub-side and remote-side
configurations. This section describes hub-side configuration; see Configuring
SVNs on page 210for remote-side configuration.
iDirect supports VLAN and QinQ SDT modes. Both modes support Layer 2 and Layer 3 Hybrid
mode SVN configurations as follows:
• VLAN mode supports the Layer 2/Layer 3 Hybrid mode.
• VLAN SDT Layer 2/Layer 3 Hybrid Mode on page 108
• QinQ mode supports a Layer 2/Layer 3 Hybrid mode and a Layer 2 only mode.
• QinQ SDT Layer 2 Mode on page 110
• QinQ SDT Layer 2/Layer 3 Hybrid Mode on page 112
• Customer Edge Tag Transparency (CE) Mode on page 115
VLAN SDT Layer 2/Layer 3 Hybrid Mode

Use the VLAN SDT mode to configure a Layer 2 or Layer 3 SVN.
Configuring a Layer 2 SVN

With the VLAN SDT mode selected, configure a Layer 2 SVN as follows:
1. In the Protocol Processor SVN tab, click Add to open an Add/Edit SVN dialog box. See
Figure 4-18.

iDX Release 3.5
Figure 4-18. Add/Edit SVN Dialog Box for Layer 2
2. At the SVN type pull-down menu, select L2.

3. Enter the SVN ID. Valid VLAN IDs range from 2 to 4094.
4. Enter the Name.
5. Select Forward SNAP LLC Frames Enabled to allow Logical Link Control (LLC) frames to
be transported over the satellite link in Layer 2 networks.
6. If desired, configure Optional Overrides to modify the Default Mode parameters for the
SVN as follows:
a. If desired, override the default service mode by selecting a different Mode for this
SVN: VPLS, VPWSEPC or VPWS.
b. If desired in VPWSEPC mode, enter a MAC Address in the MAC Address Rewrite field.
This is the MAC Address to which the Protocol Processor forwards all Ethernet frames
received over-the-air for this SVN.

With the VLAN SDT mode selected, configure a Layer 3 SVN as follows:
1. In the Protocol Processor SVN tab, click Add to open an Add/Edit SVN dialog box. See
Figure 4-19.

iDX Release 3.5

3. Click Add to display the Add/Edit SVN dialog box. See
4. Enter an SVN ID. Valid VLAN IDs range from 2 to 4094.
6. Select Enable RIPv2 to advertise remote routes to the upstream router using the
protocol RIPv2.
automatic addressing, Overriding Automatically-Assigned SVN Addressing on page 104.
QinQ SDT Layer 2 Mode

Use the QinQ SDT Layer 2 mode to configure a Layer 2 SVN.
Before continuing, ensure that the Reserved outer SVN ID check box is unchecked in the
Protocol Processor SVNs tab.

iDX Release 3.5

Configure a Layer 2 SVN as follows:
1. Click Add to open an Add/Edit SVN dialog box. See Figure 4-20.
L2 is automatically selected.
NOTE: In the QinQ SDT mode, when the Reserved outer SVN ID check box is
unchecked, only Layer 2 SVN types can be selected.

3. Enter the SVN ID (SP).
4. Enter the SVN ID (CE).
5. Enter the Name.

iDX Release 3.5
SVN as follows:
QinQ SDT Layer 2/Layer 3 Hybrid Mode

Use the QinQ SDT mode to configure a Layer 2 or Layer 3 SVN.
Before continuing, ensure that the Reserved outer SVN ID check box is checked in the
Protocol Processor SVNs tab and provide an SVN ID which is reserved for L3.
NOTE: When the Reserved outer SVN ID check box is checked, both Layer 2 and
Layer 3 SVN types can be configured.

With the QinQ SDT mode selected, configure a Layer 2 SVN as follows:

iDX Release 3.5

4. Enter the SVN ID (CE).
5. Enter the Name.
SVN as follows:

With the QinQ SDT mode selected, configure a Layer 3 SVN as follows:

iDX Release 3.5

3. Enter an SVN ID. Valid VLAN IDs range from 2 to 4094.
5. Select Enable RIPv2 to advertise remote routes to the upstream router using the protocol
RIPv2.
automatic addressing by following the procedure in the next section.)
Refer back to Figure 4-15 to see configured Layer 2 and Layer 3 SVNs.
NOTE: After SVNs are defined, the SDT Mode cannot be changed. However, the
L2SW Defaults can be changed. Any overrides under the L2SW Overrides column in
the SVN pane will change automatically.
NOTE: A user can also edit or remove an SVN from the predefined list before it
has been assigned to a remote with the Edit and Remove buttons in the SVNs tab.

iDX Release 3.5
Customer Edge Tag Transparency (CE) Mode

Use the Customer Edge Tag Transparency mode to configure Q-in-Q SVNs with the SP (outer)
tag only; the CE or inner tag configuration is not required.
Configure a CETT Layer 2 SVN as follows:
L2 is automatically selected.
NOTE: In the QinQ SDT mode, when the Reserved outer SVN ID check box is
unchecked, only Layer 2 SVN types can be selected.
2. Click CE tag transparency check box.

The SVN ID (CE) is disabled.
NOTE: Do not assign the SP ID an existing Layer 2 SVN or Layer 3 outer SVN ID.
4. Enter the Name.

iDX Release 3.5

iDX Release 3.5
5 Defining Networks, Line
Cards, and Inroute
Groups
This chapter explains how to add Hub Line Cards and Inroute Groups to the iBuilder Tree.
Before adding a Network, you must have already added a Protocol Processor.
This chapter contains the following sections:
• iDirect Line Card Model Types on page 118
• Line Card Types on page 120
• Adding a Transmit or Transmit and Receive Line Card on page 121
• Adding Receive-Only (Rx-Only) Line Cards on page 124
• Deleting a Line Card on page 130
• Changing to an Alternate Downstream Carrier on page 132
• Defining a Standby Line Card on page 134
• Setting Warning Properties for Line Cards on page 145
• Inroute Groups on page 146
• DVB-S2 Network Parameters on page 155
NOTE: A line card must be assigned to a hub chassis before it can become
operational. Until a line card is assigned to a hub chassis, the line card will be in
the incomplete state in the iBuilder Tree. See Configuring a Hub Chassis on
page 313 for details on assigning a line card to a chassis.

iDX Release 3.5
iDirect Line Card Model Types
5.1 iDirect Line Card Model Types

iDX Release 3.5 supports both TDMA and SCPC inbound carriers. It supports DVB-S2 outbound
carriers only. This section specifies the hub line cards available in this release to transmit and
receive those carriers.
The following line card Model Types are supported in this release.
Table 5-1. Supported Line Cards
• XLC-10 (Transmit-only) • eM0DM (Receive-only, Multichannel)
• XLC-11 (Transmit and Receive) • ULC-T
• XLC-M (Receive-only, Multichannel, • ULC-R
Narrowband TDMA Multichannel) • DLC-T
• eM1D1 (Transmit and Receive) • DLC-R
NOTE: Only Evolution XLC-M, eM0DM, and eM1D1 line cards can receive SCPC
inbound carriers.
5.2 Adding a Network

To create the network, follow these steps:
1. Right-click the Protocol Processor and select Add Network. The new network is added to
the iBuilder Tree with a system-generated name, and the Network dialog box opens to
the Information tab.
Figure 5-1. Network Dialog Box

iDX Release 3.5
Adding a Network
2. Enter a Name for the Network.

3. Select the IF Network check box only when creating an L-Band/Bench Test network. This
is critical for IF networks. It has the effect of setting all geographic locations to zero for
FSO calculations.
4. Inhibit Tx (When beam quality = 0) is only applicable when using the Automatic Beam
Selection feature for roaming remotes.
When this option is selected, remotes will not attempt to join this network when the
beam quality at the current location is zero. If a remote has already joined this network
and the beam quality becomes zero, the remote will stop transmitting and look for
another network to join. If another network with positive beam quality is available, then
the remote will join that network. (See Configuring Networks for Automatic Beam
Selection on page 507 for more information.)
NOTE: If you enable Inhibit Tx (When beam quality = 0) and the beam maps have
been designed to avoid unnecessary beam switching, it is possible that a remote
may mute its transmitter when you do not expect it. For questions, please contact
the TAC before enabling this feature.
5. To enable encryption for Multicast Fast Path streams, select Multicast Encryption.
NOTE: Link Encryption licenses are required for protocol processors and some
remote model types to use this feature. See the chapter on “Multicast Fast Path”
in the Technical Reference Guide for details.
6. To enable Multicast Overlay for Multicast Fast Path streams, select Multicast Overlay.
NOTE: Multicast Overlay is necessary when a second downstream to an X7 is

managed by another NMS or Protocol Processor. See the chapter on “Multicast
Fast Path” in the Technical Reference Guide for details.
7. To add a persistent Multicast Group to the network:

a. In the Multicast Groups section of the dialog box, click the Add button to display the
Persistent Multicast Group dialog box (Figure 5-2).
Figure 5-2. Persistent Multicast Group Dialog Box for a Network
b. In the Persistent Multicast Group dialog box, enter the VLAN Id and the multicast
Address for the persistent multicast group.

iDX Release 3.5
Line Card Types
c. Click OK in the Persistent Multicast Group dialog box.
8. Click OK in the Network dialog box to save the network configuration.

9. Once you have added remotes to your network, in the Remotes section of the screen, you
can activate or deactivate any remote in your network by selecting or clearing the
appropriate check box.
NOTE: A network must be deactivated before it can be deleted. When a network

is activated, a check mark is shown next to the Activate Network selection in the
iBuilder Tree context menu. To deactivate a network, right-click the network in
the tree and select Activate Network to remove the check mark. After applying all
resulting changes, you will be able to Delete the network.
Note:
5.3 Line Card Types

You must select a Line Card Type for each line card configured in iBuilder. The selected Line
Card Type limits the choice of Model Type. (For example, if Line Card Type is set to Receive
Line Card, XLC-10 cannot be selected as the Model Type since an XLC-10 is a transmit-only
line card. See iDirect Line Card Model Types on page 118 for a description of the available
line card Model Types.)
Figure 5-3 shows the Line Card Types that can be selected in iBuilder.
Figure 5-3. iBuilder Line Card Type Selections
The various Line Card Types as they appear in iBuilder are defined as follows:
• Transmit Line Card: Transmit-only line card. The line card can transmit an outbound
carrier, but cannot receive an inbound carrier.
• Receive Line Card: Receive-only line card. The line card can receive an inbound carrier,
but cannot transmit an outbound carrier.

iDX Release 3.5
Adding a Transmit or Transmit and Receive Line Card
• Transmit and Receive Line Card: The line card can transmit an outbound carrier and
receive an inbound carrier.
• Standby Line Card: The line card acts as a standby (spare) line card for one or more
active line cards in a chassis.
• Solo Transmit and Receive Line Card: A Transmit and Receive Line Card that is the only
active hub line card in a network. You cannot add additional Receive Line Cards to the
network if you select this option. A Solo line card can co-exist with other Solo line cards
or with one other Tx or Tx/Rx line card in a single Chassis Timing Group.
5.4 Adding a Transmit or Transmit and Receive Line

Card
Only one line card in each network can transmit a downstream carrier. This procedure
assumes that the downstream carrier to be assigned to this line card has already been
configured in iBuilder. See Adding Downstream Carriers on page 77.
To add a transmit line card or a transmit and receive line card, follow these steps:
1. Right-click the network and select Add Transmit Line Card.
The new line card is added to the iBuilder Tree with a system-generated name, and the
Line Card dialog box opens to the Information tab.

iDX Release 3.5
Figure 5-4. New Transmit Line Card Dialog Box
2. Enter a Name for the line card.

3. Select a Model Type. The selected model type must match the installed line card. (See
iDirect Line Card Model Types on page 118 for a list of line card model types available in
this release.)
4. Enter the Serial Number of the line card. A system-generated DID is displayed in the
Derived ID box.
NOTE: Serial numbers are not sufficient to uniquely identify remotes and line
cards. Serial numbers are unique within a particular model type, but can repeat
from one model type to another. Therefore a unique Derived ID (DID) is
automatically generated to avoid problems that would be caused by duplicate
serial numbers.
CAUTION: You must correctly specify both the serial number and the model type
for the line card to function properly. For example, an eM1D1 card configured as
an XLC-11 card will not operate in the network.

iDX Release 3.5
5. Select the Line Card Type from the drop-down menu. See Line Card Types on page 120
for options.
6. Select the Hub RFT that is associated with this network. This allows you to select the
appropriate carriers in Step 11.
7. If this is a Transmit and Receive Line Card, the Receive Mode field will appear on the
screen. Select the appropriate Receive Mode.
NOTE: A line card in Single Channel TDMA Receive Mode is not capable of
processing more than 600 traffic slots per TDMA frame. Therefore, a TDMA carrier
with more than 600 traffic slots per frame should never be assigned to any line
card configured for Single Channel TDMA Receive Mode. See page 125 for more
details.
8. Under LAN / MGMT IP Address, enter the IP Address, Subnet Mask, and Gateway used by
the NMS to communicate with the line card.
9. Under GIG0 IP Address:
a. Enter the IP address for downstream data from the protocol processor to the network.
b. Use the drop-down menu to set the Speed of your GIG0 port to 100 Mbps or 1000
Mbps.
NOTE: Your switch and chassis must support the selected port speed. (Older
iDirect chassis do not support 1000 Mbps.) Also, you must explicitly configure the
port speed on your switch to be the same as the port speed selected for the line
card. Do not set the switch to auto-negotiate.
passwords.
on page 17.
11. Select the Transmit Carrier associated with this line card. If this is a transmit/receive
line card, also select the Receive Carrier.
NOTE: You cannot modify a line card’s Model Type, Receive Mode, Serial Number,
or Line Card Type once a Receive Carrier is assigned to the line card. You must
unassign the carrier to change these fields. To unassign a receive carrier from a
line card, first remove the carrier from its inroute group or line card (in SCPC
return mode) and then select None in the Carrier Name field.

iDX Release 3.5
Adding Receive-Only (Rx-Only) Line Cards
12. If configuring an Alternate Downstream Carrier for this network, select that carrier in the
Alternate Transmit Properties area of the dialog box.
Configuring an alternate downstream carrier facilitates moving a network to a new
downstream carrier while minimizing the chance of stranding remotes in the process. See
Changing to an Alternate Downstream Carrier on page 132 for the procedure to move a
network from the current transmit carrier to the alternate downstream carrier.
NOTE: An alternate downstream carrier cannot be selected if the NMS server is

licensed for the Global NMS feature.
13. Click OK to save the line card configuration. The line card is added to the iBuilder Tree
under the Network.
NOTE: For details on deleting a line card, see Deleting a Line Card on page 130.
5.5 Adding Receive-Only (Rx-Only) Line Cards

There are two types of line cards that can be configured as receive-only line cards:
• A Single Channel Line Card can receive a single upstream carrier.
• An eM0DM Multichannel Line Card can receive as many as eight upstream carriers.
• An XLC-M Multichannel Line Card can receive as many as eight upstream carriers or as
many as 16 narrowband TDMA upstream carriers (up to 468 ksym/s).
In addition, there are two types of upstream carriers that can be received by a receive-only
line card:
• A TDMA upstream carrier
• An SCPC upstream carrier
The combination of the number and type of upstream carriers that a line card is capable of
receiving results in five possible receive modes for a receive-only line card:
• Single Channel TDMA
• Single Channel TDMA (Adaptive)
• Single Channel SCPC
• Multiple Channel TDMA
• Multiple Channel SCPC
The receive modes that can be selected in iBuilder for a receive-only line card depend on the
line card model type and licensing. The following restrictions apply to the receive mode
selection:
• Only Evolution XLC-M and eM0DM line cards can receive multiple upstream carriers.
• All upstream carriers received by an Evolution XLC-M or eM0DM line card must be the
same carrier type. You cannot configure a multichannel line card to receive both SCPC
and TDMA carriers at the same time.
• All TDMA upstream carriers received by a multichannel line card must be in the same
inroute group.

iDX Release 3.5
• All TDMA upstream carriers received by a multichannel line card must be on the same
transponder.
• All TDMA upstream carriers received by a multichannel line card must be configured for
the same type of acquisition bursts. Superbursts and traditional acquisition bursts cannot
be received simultaneously by the same line card. See Adding TDMA Upstream Carriers on
page 79 for details on selecting the carrier acquisition type.
• A multichannel line card cannot receive more than eight carriers with Superburst
acquisition enabled. Since Superburst and traditional acquisition bursts cannot be
received simultaneously by the same line card, an Evolution XLC-M line card receiving
more than eight narrowband carriers must use traditional acquisition.
• For a single channel line card to receive an Adaptive TDMA upstream carrier, the receive
mode must be set to Single Channel TDMA (Adaptive).
• A line card in Single Channel TDMA Receive Mode is not capable of processing more than
600 traffic slots per TDMA frame. Therefore, a TDMA carrier with more than 600 traffic
slots per frame should never be assigned to any line card configured for Single Channel
TDMA Receive Mode. This restriction only applies to Single Channel TDMA Receive Mode. It
does not apply to Single Channel TDMA (Adaptive) Receive Mode. Traffic slots per frame
are displayed in iBuilder on the Inroute Group Composition Dialog Box as shown in
Figure 5-33 on page 152.
• Only Evolution XLC-M, eM0DM, and eM1D1 line cards can receive SCPC upstream carriers.
• An Evolution eM1D1 line card receiving an SCPC upstream carrier must be configured as a
receive-only line card. It cannot be used as a Tx/Rx line card.
• Licenses are required to use Evolution XLC-M and eM0DM line cards in TDMA and SCPC
Multiple Channel modes for more than one channel. (See the iDirect Features and Chassis
Licensing Guide for details.)
• If an XLC-M line card has a narrowband multichannel license, individual upstream TDMA
carriers assigned to the line card cannot exceed 468 ksym/s.
or Line Card Type if a Receive Carrier is assigned to the Line Card.
To add a receive line card, follow these steps:

1. Right-click the Network and select Add Receive Line Card.
The new line card is added to the iBuilder Tree with a system-generated name, and the
Line Card dialog box opens to the Information tab.

iDX Release 3.5
Figure 5-5. New Receive Line Card Dialog Box
2. Enter a Name for the line card.

3. Select the Model Type of the line card. (See iDirect Line Card Model Types on page 118
for a list of available line card model types.)
4. Select the Receive Mode of your receive line card. (See page 124 for an explanation of
the available receive modes.)
5. Enter the Serial Number of the line card. A Derived ID (DID) is automatically generated.
6. Under LAN / MGMT IP Address, enter the IP Address, Subnet Mask, and Gateway used by
the NMS to communicate with the line card.
7. Enter the GIG0 IP Address.
passwords.

iDX Release 3.5
on page 17.
9. In Receive Properties, if you selected Single Channel TDMA mode or Single Channel
SCPC mode, select the Carrier associated with this line card.
NOTE: To enable Single Channel SCPC mode for an XLC-M line card, choose
Multiple Channel SCPC mode for Receive Properties, and select the Carrier
associated with the line card.
or Line Card Type once a Receive Carrier is assigned to the Line Card. You must
unassign the carrier to change these fields. To unassign a receive carrier from a
line card, first remove the carrier from its inroute group or SCPC line card and
then select None in the Carrier Name field.
NOTE: iBuilder does not allow an operator to assign a TDMA carrier with more
than 600 traffic slots per frame to a line card configured for Single Channel TDMA
Receive Mode and displays a warning if this is attempted (Figure 5-6). This
restriction only applies to Single Channel TDMA Receive Mode; it does not apply to
Single Channel TDMA (Adaptive) Receive Mode. The restriction usually limits the
symbol rate and MODCOD of the carrier that can be assigned to the line card.
The symbol rate, in a small percentage of cases, may still violate the maximum
rates identified in the link budget for various receive operating modes. For
information on this, see the symbol rate/MODCOD against minimum/maximum
operating limits identified in the "Upstream TDMA Modes and Throughput
Limitations" section of the iDX Release 3.5 Link Budget Analysis Guide.
10. To add your carriers in Multiple Channel TDMA mode or Multiple Channel SCPC mode,
follow the procedure in the next section, “Adding Multiple Receive Carriers to a Line
Card.”
11. Once you have added your carrier or carriers, click OK to save the line card configuration.
The receive line card is added to the iBuilder Tree under the Network.
Figure 5-6. Single Channel TDMA Receive Mode Traffic Slot Warning

iDX Release 3.5
5.5.1 Adding Multiple Receive Carriers to a Line Card

Follow the procedure in this section to add multiple carriers to an Evolution eM0DM or XLC-M
line card configured in Multiple Channel TDMA mode or Multiple Channel SCPC mode. (See
page 124 for restrictions on adding multiple carriers to your line cards.)
If you selected Multiple Channel TDMA Mode or Multiple Channel SCPC Mode, the Receive
Properties area of the line card dialog box changes to the tabular format shown in Figure 5-7.
Figure 5-7. Line Card Receive Properties: Multiple Channel Modes
Follow these steps to add upstream carriers:

1. Click the Configure Carriers button under Receive Properties (Figure 5-7) to open the
Select Carrier dialog box (Figure 5-8).
Figure 5-8. Adding an Rx Line Card: Select Carrier Dialog Box

iDX Release 3.5
Figure 5-8 shows the Select Carrier dialog box for a multichannel line card in Multiple
Channel SCPC mode. Notice that the line card is licensed for eight carriers and seven have
been selected.
2. Enter a Line Card Center Frequency. This is the downlink RF center frequency of a 36
MHz operational band. (The operational band must fall between 950 MHz and 2000 MHz
for an XLC-M or eM0DM line card.) All upstream carriers received by this line card must be
completely within the 36 MHz operational band, which is graphically represented at the
bottom of the dialog box. You will not be able to select carriers outside the band.
3. From the list of carriers, select the check box of each carrier that you want to assign to
the line card. As you select your carriers, the Composite Information Rate, Occupied
Bandwidth and Carriers Selected fields all update automatically. (Grey font in the table
indicates an unselectable carriers. A carrier may not be selectable for a number of
reasons. For example, you cannot select a carrier that is outside the 36 MHz band or a
carrier that is already assigned.)
NOTE: Since all TDMA carriers assigned to a multichannel line card are in the
same inroute group, you can only select TDMA carriers with the same payload
block size. See Adding an Inroute Group on page 147 for more information.
4. Each selected carrier is displayed on the graph as a vertical green or yellow bar. The
yellow bar represents the carrier currently selected (ID 11 in Figure 5-8.) If you attempt
to select a carrier that is outside the 36 MHz band, it will be displayed as a red bar.
5. Select Show carriers associated with other line cards to see TDMA and SCPC upstream
carriers in this line card’s frequency band that are assigned to other line cards. Carriers
assigned to other line cards appear as vertical orange bars in the graph (Figure 5-9).
NOTE: Selecting Show carriers associated with other line cards also shows
carriers assigned to other line cards on different networks.
Figure 5-9. Viewing Other Assigned Upstream Carriers
NOTE: Hover the cursor over any carrier in the graph to see details of that
carrier’s configuration.
6. To modify a carrier, double-click the carrier in the table, or select the row for the carrier
and click the Edit Carrier button.
7. If the line card is in Multiple Channel SCPC Mode, the User Group column appears on the
right side of the Select Carrier dialog box (Figure 5-8). In the User Group column, you
can associate a selected SCPC carrier with a return channel owned by the System user
group or by a VNO user group. Follow these steps:

iDX Release 3.5
Deleting a Line Card
a. Double-click the User Group field of the carrier.

b. Select the User Group from the drop-down menu (Figure 5-10).
Figure 5-10. Associating an SCPC Return Channel with a VNO User Group
The carrier is now assigned to one of the SCPC channels owned by the selected VNO
user group. The carrier automatically becomes visible to the VNO user group.
NOTE: Only VNO user groups that own channels on this SCPC line card appear in
the drop-down menu. For details on assigning SCPC return channels to VNO user
groups, see Configuring VNO Access Rights for SCPC Return Channels on page 404.
8. Click OK to save the carrier selections.
5.6 Deleting a Line Card

Follow the procedure in this section to delete a line card from iBuilder. This procedure applies
to both active line cards and failed line cards.
NOTE: When deleting an Rx-only line card, skip directly to Step 5 on page 131.
1. Right-click the inroute group of the line card to be deleted and select ModifyItem to
display the Inroute Group dialog box.
2. When deleting a Tx or Tx/Rx Line Card, remove all Rx line cards from the inroute group.
When deleting an Rx-only line card, remove only this line card from the inroute group.
To remove a line card from an inroute group:
a. Select the line card in the Line Cards area of the dialog box.
b. Click Remove (Figure 5-11).

iDX Release 3.5
Deleting a Line Card
Figure 5-11. Removing a Line Card from an Inroute Group
3. Click OK to save the changes to the inroute group.

4. If this is a Tx or Tx/Rx line card:
a. Right-click the line card and select ModifyConfiguration to display the Line Card
dialog box.
b. In the Hub RFT field of the dialog box, select None.
Figure 5-12. Removing a Line Card from the Hub RFT
c. Click OK to save the changes to the line card. The line card will automatically be
placed in the “deactivation pending” state.
5. If this is an Rx-only line card, right-click the line card and select Activate Line Card to
remove the check mark (Figure 5-13). This puts the Rx line card in the “deactivation
pending” state.
Figure 5-13. Deactivating a Line Card
6. Right-click the line card and select Apply ConfigurationReliable (TCP) to deactivate
the line card.
NOTE: It may not be possible to apply the changes if the line card has failed. In
that case, ensure that the failed line card is powered off or disconnected. Also,
power off the line card’s chassis slot in iBuilder. (See Configuring and Controlling
the Hub Chassis on page 316.)
CAUTION: A failed transmit line card may continue to transmit if not deactivated
or powered off.
7. If you were not able to deactivate the line card, you will not be able to delete it from
iBuilder unless you first set it to standby. To set the line card to standby:

iDX Release 3.5
Changing to an Alternate Downstream Carrier
a. Right-click the line card and select ModifyConfiguration to display the Line Card
dialog box.
b. In the Line Card Type field of the dialog box, select Standby.
Figure 5-14. Setting a Line Card to Standby
NOTE: Some Model Types cannot be changed to Standby. If Standby is not

available for your Model Type, select a Model Type that supports the Standby role
and then change the Line Card Type to Standby.
c. Click OK to save the line card changes.

8. Right-click the line card in the iBuilder Tree and select Delete.
9. Click OK in the confirmation dialog box to delete the line card.
5.7 Changing to an Alternate Downstream Carrier

Follow the steps in this section to change your primary downstream carrier to the alternate
downstream carrier configured for your transmit line card. This procedure assumes that:
• You have already configured your alternate downstream carrier on the Tx Line Card dialog
box. (See step Step 12 of Adding a Transmit or Transmit and Receive Line Card on
page 121.)
• You have ensured that all remotes in your network have received their options files
containing the alternate downstream carrier definition.
• You are ready to move your network to the new downstream carrier.
See the chapter titled “Alternate Downstream Carrier” in the iDirect Technical Reference
Guide for a description of this feature.
CAUTION: Remotes that have not been downloaded with the alternate
downstream carrier definition will be stranded. Site visits may be required to
recover those remotes.
When a remote rejoins a network configured with an alternate downstream carrier, it first
tries to acquire the last carrier it was receiving. When you follow the procedure in this
section, the old primary carrier is brought down and the new primary carrier begins
transmitting, forcing all remotes to lose lock and then try to rejoin the network. The remotes
first try to acquire the old active carrier before timing out and acquiring the new active
carrier. By default this timeout is set to five minutes (300 seconds). To shorten this timeout,

iDX Release 3.5
Changing to an Alternate Downstream Carrier
define the following remote-side custom key on the Remote Custom tab for each remote
before executing the procedure.
[BEAMS_LOCAL]
net_state_timeout = <timeout>
where <timeout> is the number of seconds that the remote tries to acquire the primary
carrier before switching to the alternate carrier.
The example in this section shows how to swap the current active carrier (DVB-S2 Down
1250) with the alternate carrier (DVB-S2 Down 1230). Figure 5-15 shows this initial
configuration. (To move to the alternate carrier without selecting a new alternate carrier,
select None in Step 2 of the procedure.)
Figure 5-15. Swapping the Downstream Carriers: Initial Configuration
Follow these steps to move your network to the alternate downstream carrier:
1. Right-click your transmit line card in the iBuilder Tree and select ModifyConfiguration.
2. In the Carrier Name field of the Alternate Transmit Properties section of the Line Card
dialog box, select the carrier that is currently defined as the active downstream carrier.
Figure 5-16. Selecting the New Alternate Downstream Carrier
3. In Carrier Name field of the Transmit Properties section of the Line Card dialog box,
select the carrier that was configured as the alternate downstream carrier as the new
primary downstream carrier.

iDX Release 3.5
Defining a Standby Line Card
Figure 5-17. Selecting the New Primary Downstream Carrier
4. Click OK to save your changes. The iBuilder Tree will show changes pending on your
transmit line card, receive line cards, and remotes (hub-side and remote-side).
5. Apply the changes to your transmit and receive line cards. Also apply the hub-side
changes to your remotes.
NOTE: To avoid applying the remote-side changes twice, wait until the remotes
have re-acquired the network on the new carrier before applying the remote-side
changes.
At this point, the remotes will lose the original primary carrier. Since they were last
locked to that carrier, they will attempt to re-acquire on the same carrier. After the
remotes timeout, they will search for their alternate carrier which is the new active
carrier. At that point, the remotes will rejoin the network.
6. Once the remotes have rejoined the network on the new active carrier, apply the remote-
side changes.
NOTE: Any remotes that were not in the network at the time of the carrier
change will acquire the new carrier when they re-acquire the network since that
carrier is still defined as their alternate carrier.
5.8 Defining a Standby Line Card

When standby line cards are configured in your network, the NMS can automatically detect
the failure of an operational line card and swap that card for a standby line card if one is
available. You are not required to configure any standby line cards. If a line card fails and
there is no standby backing it up, the NMS server will not attempt to initiate a failover.
5.8.1 Overview of Line Card Redundancy

Line card redundancy is defined by the relationship between a standby and an active line
card. An active line card is any line card configured to be active in your network under normal
operating conditions when no line card failures have occurred. An active line card can be any
of the following:
• A Tx (or Tx/Rx) line card configured to transmit the outbound carrier in an iDirect
network to the remote modems. (A Tx/Rx line card also receives a TDMA inroute
transmitted by the remotes in the network. Both Tx and Tx/Rx line cards are referred to
as Tx line cards in this section.)

iDX Release 3.5
• An Rx-only line card configured to receive one or more inbound TDMA carrier or one or
more inbound SCPC carriers transmitted by the remote modems in a network. (An Rx-only
line card does not transmit an outbound carrier. Rx-only line cards are referred to as Rx
line cards in this section.)
A standby line card is a line card that does not become operational until it is enabled by the
NMS to take over for an active line card. Line card switching can be automatic or manual,
depending on the configuration of the standby line card.
In the iDirect system, there are two types of relationships between standby and active line
cards:
• A warm standby is a line card that has been pre-configured with the same software and
configuration as an active line card. Because the configuration is pre-loaded, a line card
acting as a warm standby for an active line card provides the fastest recovery time
available. However, a line card can serve as a warm standby for only one active line card.
• A cold standby is not pre-loaded with the same configuration as the active line card. Since
the configuration must be downloaded from the NMS server to the line card before the
standby can become operational, a line card acting as a cold standby for an active line
card takes significantly longer to take over for a failed active line card. However, a line
card can serve as a cold standby for multiple active line cards.
Automatic failover occurs when the NMS fails to receive the expected heartbeat message
from the active line card. The following prerequisite conditions must be met in order for the
failover operation to proceed:
1. A standby line card must be configured in iBuilder for the network to back up the failed
line card.
2. The standby line card must be in the OK state (and accessible from the NMS) as
determined by the NMS event server.
3. A standby line card backing up a Tx or Tx/Rx line card must be in the same chassis as the
failed line card.
4. A standby line card backing up an Rx-only line card must be in the same chassis as the
failed line card.
5. The chassis must be accessible to the NMS through the TCP interface.
6. A standby line card must be a warm standby for at least one active line card. (There is no
requirement to establish any cold relationships.)
NOTE: When configuring a line card to backup a transmit line card, connect the
Tx IFL cable only after the standby line card configuration has been downloaded.
Once you have configured the line card, ensure that the cable is connected.
Default redundancy relationships are not established automatically when you configure
standby line cards for your networks. Therefore, once you have configured a standby line
card, you must explicitly configure the warm and cold redundancy relationships for that line
card on the chassis. (See Managing Line Card Redundancy Relationships on page 138 for
details.)
When you configure a standby line card in a network, you can limit the types of redundancy
relationships that an operator can configure for the line card using the Allow Failover For
field of the Standby Line Card dialog box. The following selections are available:

iDX Release 3.5
• None: The standby line card does not back up any active line cards. The line card cannot
be swapped (automatically or manually) for a failed line card until another selection is
made. The line card’s configuration will be labeled “incomplete” in the iBuilder Tree.
• All: The standby line card can be configured to act as a warm standby for one line card
and as a cold standby for any remaining line cards. (Typically the standby line card is
configured as a warm standby for the Tx line card and as a cold standby for Rx line cards.
This favors the most critical line card. In a multi-inroute, frequency-hopping network, the
failure of a receive-only line card results in diminished upstream bandwidth only; remotes
will automatically load-balance across the remaining receive line card(s) without
dropping out of the network. However, if the transmit line card fails, the entire network
will be out of service.)
• Tx Only: The standby line card can be configured to act only as a standby for the Tx (or
Tx/Rx) line card.
• Rx Only: The standby line card can be configured to act as a warm standby for one Rx (or
Tx/Rx) line card and as a cold standby for all remaining Rx line cards.
In general, a standby line card can only back up line cards of the same model type. Table 5-1
shows the line card model types that can act as standby for each active line card model type.
Table 5-1. Standby Line Card Model Type Compatibility
Active Line Card Required Standby Line Card

Model Type Model Type
eM1D1 eM1D1
eM0DM eM0DM
XLC-11 XLC-11
XLC-10 XLC-10
XLC-M XLC-M
NOTE: For a multichannel receive line card to back up another multichannel

receive line card, the backup line card must be licensed for at least as many
upstream channels as configured on the active line card.
5.8.2 Adding a Standby Line Card to a Network

Follow the procedure in this section to add a standby line card to a TDMA network:
1. Right-click your Network and select Add Standby Line Card to display the Line Card
dialog box.

iDX Release 3.5
Figure 5-18. New Standby Line Card Dialog Box
2. Enter a Name, Model Type, Serial Number, and LAN IP Address for the new line card.
3. Configure the GIG0 IP Address as required.
4. Make sure that Standby is selected for Line Card Type.
passwords.
on page 17.
6. Select the desired option in the Allow Failover For drop-down list. Four selections are
available in the menu:

iDX Release 3.5
• Select None to disable failover. You cannot configure redundancy relationships for
this standby line card if None is selected. Changing a standby line card’s selection to
None deletes any existing redundancy relationships.
• Select All to allow the standby line card to be configured to backup all transmit and
receive line cards.
• Select Tx Only to allow the standby line card to be configured to backup only your
transmit (or Tx/Rx) line card.
• Select Rx Only to allow the standby line card to be configured to backup only your
receive line cards. (This includes Tx/Rx line cards.)
7. Click OK to save the standby line card configuration.
8. Once you have defined your standby line card, follow the procedures in the next section
Section 5.8.3, Managing Line Card Redundancy Relationships to set up the line card’s
redundancy relationships.
5.8.3 Managing Line Card Redundancy Relationships

Before you can configure or modify the redundancy relationships among your active and
standby line cards, all line cards must be assigned to a chassis. Figure 5-19 shows a chassis
with assigned line cards. For details on configuring a chassis, see Configuring a Hub Chassis on
page 313.
Figure 5-19. Sample Chassis Configuration

iDX Release 3.5
Viewing Line Card Redundancy Relationships

Once the line cards have been added to the chassis, follow these steps to view the
redundancy relationships:
1. Right-click the chassis and select ModifyManage Line Card Redundancy to display the
Manage line card redundancy dialog box.
The default view (By Standby) of the Manage line card redundancy dialog box is shown in
Figure 5-20.
Figure 5-20. Manage Line Card Redundancy Dialog Box: By Standby View
This dialog box has two views. The default view (By Standby, shown in Figure 5-20) lists each
standby line card on the left. On the right of each standby, the dialog box lists each active
line card backed up by the standby line card, and the standby line card’s relationship (warm
or cold) to the active line card.
The second view (By Active, shown in Figure 5-21) lists the active line cards on the left and
each of their standby line cards on the right.
Figure 5-21. Manage Line Card Redundancy Dialog Box: By Active View
To switch between views, right-click anywhere in the dialog box and select a View from the
menu.

iDX Release 3.5
The dialog box is divided into virtual backplanes, organized by the assignments of the line
cards to the chassis. The dialog box also shows the physical slot numbers and the redundancy
relationships of all line cards in the chassis.
Configuring Line Card Redundancy Relationships

You can perform the following operations to configure the redundancy relationships among
your active and standby line cards:
• Assign a standby line card as a warm standby
• Assign a standby line card as a cold standby
• Dissociate a standby line card from all redundancy relationships
• Dissociate an active line card from a single cold standby relationship
You can reconfigure your line card redundancy relationships from either View in the Manage
Line Card Redundancy dialog box by right-clicking on an active or standby line card and
selecting the desired option from the context menu. The following sections explain how to
configure these relationships.
NOTE: A standby line card must be assigned as a warm standby for an active line
card before it can become a cold standby for any additional line cards.
Assigning a Warm Standby to an Active Line Card

Follow these steps to establish a warm redundancy relationship between an active line card
and a standby line card:
1. In the Manage Line Card Redundancy dialog box, right-click a standby line card and
select Assign as warm, or right-click an active line card and select Assign a warm
standby.
2. If there are any valid line cards available, a dialog box opens with a list of all valid
selections. Right-clicking a standby line card shows a list of available active line cards.
Right-clicking an active line card shows a list of available standby line cards. Figure 5-22
shows both views.

iDX Release 3.5
Figure 5-22. Assigning a Warm Standby Line Card
3. Select a line card from the list and click OK. iBuilder saves the configuration immediately.
4. Apply the changes to the standby line card by right-clicking the line card in the iBuilder
Tree menu and select Apply Configuration.
Assigning a Cold Standby to an Active Line Card

Follow these steps to establish a cold redundancy relationship between an active line and a
standby line card:
1. In the Manage Line Card Redundancy dialog box, right-click a standby line card and
select Assign as cold, or right-click an active line card and select Assign a cold standby.
2. If there are any valid line cards available, a dialog box opens with a a list of all valid
selections. Right-clicking a standby line card shows a list of available active line cards.

iDX Release 3.5
Right-clicking an active line card shows a list of available standby line cards. Figure 5-23
shows both views.
Figure 5-23. Assigning a Cold Standby Line Card
3. Select a line card from the list and click OK. iBuilder saves the configuration immediately.
NOTE: You do not need to apply the changes to the cold standby line card. A cold
standby is automatically downloaded when a failover occurs.
Removing a Warm Redundancy Relationship

Follow these steps to remove a warm redundancy relationship between an active line card
and a standby line card:
1. In the Manage Line Card Redundancy dialog box, right-click a standby line card.
2. Select Dissociate all from the menu. This will clear all of the standby line card’s
redundancy relationships.
NOTE: The only way to remove a warm relationship is to dissociate all

relationships from a standby line card. Therefore, once you remove a warm
relationship, you must recreate any cold relationships associated with that
standby line card after assigning a new warm relationship.

iDX Release 3.5
Removing a Cold Redundancy Relationship

Follow these steps to remove a cold redundancy relationship between an active line card and
a standby line card:
1. In the Manage Line Card Redundancy dialog box, right-click an active line card and
select Dissociate from standby from the menu.
2. In the Dissociate cold standby dialog box, select all standby line cards that you no longer
want to serve as cold standbys for the active line card. Then click OK. The standby line
card will not be selected to take over for the active line card in the event that the active
line card fails.
Figure 5-24. Removing a Cold Redundancy Relationship
5.8.4 Swapping an Active and Standby Line Card

Follow these steps to manually swap an active line card with a standby line card. Use the
same command to perform a manual failover to replace a failed active line card with a
standby line card. When you swap an operational line card with a standby line card, the line
cards swap roles and both slots remain powered on. However, if the original line card has
failed or if a problem occurs during the swap, the NMS will power off the slot of the failed line
card.
NOTE: In order to perform a manual swap, the standby line card must have a
redundancy relationship with the active line card.
1. Right-click the active line card and select Swap Line Card from the menu.

iDX Release 3.5
2. In the dialog box, select the standby line card that you want to be the new active line
card.
Figure 5-25. Choosing a New Active Line Card During Line Card Swap
3. Click OK to swap the line cards.

Figure Figure 5-26 shows the events you will see in iMonitor if the line cards are successfully
swapped.
Figure 5-26. Line Card Swap Event Sequence
5.8.5 Line Card Failover

Automatic failover occurs when the NMS fails to receive the expected heartbeat message
from the active line card. If this happens, the NMS changes the state of the active card to

iDX Release 3.5
Setting Warning Properties for Line Cards
failed and then attempts to perform a series of actions to switch the active and standby line
cards. Note that this series of actions will only succeed if the active line card has experienced
a temporary loss of communication with the NMS long enough to trigger the failover, but short
enough to allow the NMS to re-establish communication with the failed line card during the
course of these actions. Otherwise, the standby line card will take over for the failed active
line card, and the failed line card will be disabled.
NOTE: For line cards with an active GIG0 port, the NMS expects a heartbeat
message from both line card LAN ports.
The NMS performs the following actions to attempt to switch a failed active line card and a
standby line card:
1. The NMS monitors the standby line card to ensure that the standby remains operational.
2. The NMS establishes a TCP connection to the failed line card and reconfigures it to be a
standby line card.
3. The NMS establishes a TCP connection to the original standby line card and reconfigures it
to be the new active line card.
4. The NMS re-establishes all redundancy relationships for the new standby line card,
mirroring the redundancy configuration of the old standby as it existed before the
failover.
If all of the steps above are successful, you will see the same sequence of events in iMonitor
that you see when you manually swap line cards. See Figure 5-26 on page 144.
In many cases, the NMS will be unable to configure the failed line card to be the new standby
line card. If the NMS cannot connect to the failed line card, it will power off the chassis slot
of that line card. It will then re-configure the original standby to be the new active line card
to recover the network. At that point, the system will be operational, but the failed line card
will be in an interim state requiring recovery. You should call the TAC to assist you in
diagnosing the reason for the failure and to guide you through the recovery process.
If the line card experienced a hard failure or internal component failure, you will be
instructed to remove the failed card from the chassis and return it to iDirect for repair. Some
failures, such as those listed below, may be repaired on-site.
• Switch port failure
• LAN cable failure
• FPGA image load failure or runtime flash corruption
CAUTION: Do not power on the chassis slot of a failed line card unless the I/F Tx
and Rx cables are disconnected and you have recovered from the line card failure
condition.
5.9 Setting Warning Properties for Line Cards

You can use iBuilder to modify both global properties of line card warnings and warning
properties for individual line cards. To change global warning properties for line cards, select
Global Warnings for Linecards from the Edit menu. To change warning properties for
individual line cards, click the Warning Properties tab for the line card you want to modify.

iDX Release 3.5
Inroute Groups
For details on configuring warning properties for line cards, remotes and protocol processor
blades, please see Configuring Warning Properties on page 54.
5.10 Inroute Groups

An inroute group is a set of TDMA upstream carriers (inroutes) that are shared by remotes in
the inroute group. An iDirect network can contain multiple inroute groups. In iBuilder, a TDMA
upstream carrier must be assigned to a receive line card before that carrier can be added to
an inroute group. TDMA remotes are added to inroute groups in the iBuilder tree. Therefore,
an inroute group must be created before any TDMA remotes can be added to a network.
NOTE: A dedicated SCPC upstream carrier is assigned directly to the remote that
transmits that carrier. Therefore, an SCPC remote is not part of an inroute group.
(See Adding Remotes on page 160 for details on assigning an SCPC upstream
carrier to a remote.)
Figure 5-27 shows the relationship between upstream carriers, line cards, and inroute groups
in a TDMA-only network.
Network
Inroute Group 1 Inroute Group n

Inroute Group n
Tx/Rx -- or -- Rx Remotes
Remotes
Hub Line Card Remotes
Remotes
Inroute Carrier
(in Spacecraft folder in tree)
Figure 5-27. Inroute Group Relationships in a TDMA Network
The Protocol Processor selects in real time the inroute on which each remote transmits.
Remotes “hop” from one inroute to another either on frame boundaries or within the same
frame. This frequency hopping by remotes among the upstream carriers in an inroute group is
used for both Adaptive TDMA and for load balancing.
Adaptive TDMA allows the carriers in an inroute group to have different symbol rates and
MODCODs. The goal of frequency hopping in Adaptive TDMA is to select the most efficient
upstream carrier on which the remote can transmit and still remain in the network. This
optimizes the use of upstream bandwidth and prevents fading remotes from losing the
network.
Frequency hopping is also used to balance the load across the carriers in the inroute group.
The Protocol Processor analyzes upstream demand from all remotes and assigns timeplan slots
to achieve a balance of remote traffic across all the inroutes. For load balancing with
Adaptive TDMA, the Protocol Processor first attempts to allocate slots to a remote on a carrier
with the most suitable MODCOD and symbol rate for that remote under current conditions. If

iDX Release 3.5
Inroute Groups
no slots are available, slots may be assigned on a less-optimal carrier, provided the remote’s
bursts can be received at the hub on that carrier.
NOTE: Carrier Grooming can not be selected for an inroute group.
The specific rules regarding the assignment of TDMA upstream carriers to inroute groups are:
• All carriers in an inroute group must have the same payload block size.
• A carrier can only be assigned to a single inroute group.
• A line card’s carrier assignment cannot be changed if the carrier is assigned to an inroute
group. However, some of the carrier’s parameters can be modified.
A TDMA upstream carrier can be configured as either Static or Adaptive. Multiple Inroute
Group Compositions (IGCs) can be created per inroute group to optimize the carrier
definitions for different network conditions. (For details, see the chapter titled “Adaptive
TDMA” in the iDirect Technical Reference Guide.)
The specific rules regarding the use of Adaptive and Static carriers and the configuration of
IGCs are:
• Both Static and Adaptive carriers can be included in the same inroute group.
• An Adaptive carrier must be received by a multichannel line card or by an Evolution
eM1D1 line card in receive-only mode.
• Spread Spectrum carriers cannot be Adaptive.
• All inroute groups have at least one IGC.
• To configure multiple IGCs for an inroute group, at least one carrier must be Adaptive.
• A maximum of three IGCs can be configured for an inroute group.
• A different MODCOD can be selected for each Adaptive carrier in each IGC.
• The center frequency and symbol rate of an Adaptive carrier is the same for all IGCs.
• The MODCOD of a Static carrier is the same in all IGCs.
5.10.1 Adding an Inroute Group

To add an inroute group:
1. Right-click the Network in the iBuilder Tree and select Add Inroute Group.

iDX Release 3.5
Inroute Groups
The new inroute group is added to the iBuilder Tree with a system-generated name, and
the Inroute Group dialog box opens to the Information tab.
Figure 5-28. Inroute Group Information Tab
2. Enter a Name for the inroute group.

3. In the COTM section, enter a Maximum Speed for mobile remotes in this inroute group.
NOTE: A high-speed COTM license is required for mobile remotes that exceed 150
mph.
4. The Timeplan Parameters define the Acquisition Aperture and Guard Interval of TDMA
bursts:
a. The Acquisition Aperture is the length in microseconds of the window in which
remotes send acquisition bursts on the upstream carriers. The default value is
automatically calculated. Click Default to return to the default value.

iDX Release 3.5
Inroute Groups
b. The Guard Interval is the guard time in NCR ticks needed to account for symbol
timing uncertainty when the remotes transmit TDMA bursts. NCR ticks are used
internally by the system for network timing. The Guard Interval is translated into
microseconds on the screen. (See Figure 5-28.)
5. Shared Carrier Parameters are the same for all carriers in the inroute group. These
parameters are defined as follows:
a. Payload Size is a read-only field that shows the payload block size configured for the
carriers. Only carriers with the same payload size can be added to the inroute group.
b. Frame Length is a read-only field that shows the frame length of the upstream
carriers in the inroute group.
6. Adaptive Parameters determine how IGCs are selected for this inroute group. Adaptive
Parameters only need to be configured for inroute groups with multiple IGCs. For
additional information, see the chapter titled “Adaptive TDMA” in the Technical
Reference Guide.
a. Before selecting an IGC, the algorithm predicts the percentage of remotes currently
in the network that would drop out if that IGC were selected. If the predicted
percentage of remotes that would drop out exceeds the Allowed Dropout Factor,
that IGC will not be selected unless that IGC is the default IGC.
b. The Default IGC is the IGC that is selected if the Allowed Dropout Factor is exceeded
for all IGCs defined for the inroute group.
c. The Update Interval is the frequency (in seconds) with which the IGC selection
algorithm executes to select the optimal IGC for the current network conditions. The
algorithm may run more frequently if required by network performance. The default
is 60 seconds.
d. Under Selection Algorithm, check Enable Fixed IGC and select a specific IGC to lock
this inroute group to that IGC. When a fixed IGC is selected, other IGCs are not used.
Checking Enable Fixed IGC also enables the Carrier Grooming (Debug Mode) check
box.
e. Checking the Carrier Grooming (Debug Mode) check box opens the following pop-up:
Figure 5-29. Carrier Grooming Pop-Up
It also enables the Show Lock to Inroute check box and a Details pull-down list of
carriers at the Transmit Properties section of the Remote Information tab to use with
Carrier Grooming mode. See Carrier Grooming on page 441 for more information.

iDX Release 3.5
Inroute Groups
7. In the Line Cards section of the Information Tab, click Add to open the Assign Hub To
Inroute Group dialog box.
Figure 5-30. Assign Hub to Inroute Group Dialog Box
8. In the Assign Hub To Inroute Group dialog box, select the upstream carrier to be added
to this inroute group.
NOTE: All TDMA upstream carriers assigned to a multichannel line card must be in
the same inroute group.
9. Click OK to return to the Information tab of the inroute group.

10. Repeat Step 7 through Step 9 to add additional upstream carriers to the inroute group.
11. To add a new IGC, follow the procedure in the next section, “Configuring Inroute Group
Compositions.”
12. To configure the acquisition and uplink control parameters for the inroute group, follow
the procedure in Configuring Uplink Control Parameters on page 153.
13. Click OK to save the inroute group configuration.
NOTE: The Group QoS tab of the Inroute Group is discussed in Chapter 7,
Configuring Quality of Service for iDirect Networks.

iDX Release 3.5
Inroute Groups
5.10.2 Configuring Inroute Group Compositions

Inroute Group Compositions (IGCs) allow the MODCODs of the Adaptive carriers in an Inroute
Group to be automatically adjusted to suit current network conditions. The protocol
processor periodically evaluates all IGCs and selects the IGC that best matches the current
overall state of the system. Determining the number and composition of the IGCs for each
inroute group is part of the network design process.
NOTE: An inroute group in which all carriers are static has only one IGC since the
MODCODs of static carriers cannot change from one IGC to another. A single
default IGC is created automatically for each inroute group.
IGCs are numbered one through three. To add an IGC:

1. If the Information tab for the inroute group is not already open, right-click the inroute
group in the iBuilder Tree and select ModifyItem.
2. To add a new IGC, either:
a. Click Add IGC and select the next unused IGC number, or
b. Click Clone IGC and select an existing IGC to copy that IGC.
Figure 5-31. Adding or Cloning an IGC
3. Click Edit IGC and select the new IGC to open the Inroute Group Composition dialog box.
Figure 5-32. Editing the New IGC
Figure 5-33 shows the Inroute Group Composition dialog box. When editing an IGC, the IGC
number is shown in the screen title.

iDX Release 3.5
Inroute Groups
Figure 5-33. Inroute Group Composition Dialog Box
The Payload parameter is common to all carriers in all IGCs.

• Payload is the read-only payload block size in bytes for all upstream carriers in the
inroute group. It must be the same for all carriers in the inroute group. For Static
upstream carriers, this value is defined in the Error Correction field of the upstream
carrier dialog box. For Adaptive upstream carriers, this value is defined in the Payload
Size field of the upstream carrier dialog box. (See Adding TDMA Upstream Carriers on
page 79.)
Each row in the Inroute Group Composition dialog box represents a single upstream carrier
assigned to this Inroute Group. All carrier-specific parameters are read-only except for the
MODCOD. For Adaptive carriers, a different MODCOD can be selected for each IGC. Changing
the carrier MODCOD automatically updates the Information Rate, C/N0, and number of
Traffic Slots.
The carrier-specific parameters are defined as follows:
• ID is a system-generated identifier for the carrier that is consistent across all IGCs.
• Hub is the name of the receive line card to which the upstream carrier is assigned.
• Carrier is name of the upstream carrier.
• Type is the carrier type (Static or Adaptive) determined by the Modulation selected for
this upstream carrier in the upstream carrier dialog box. If Adaptive is selected for the
carrier Modulation, the Type is Adaptive. If a specific Modulation (such as BPSK) is
selected for this carrier, the Type is Static.
• Freq Uplink/Downlink shows both the Uplink Center Frequency and Downlink Center
Frequency in MHz configured for the carrier.
• The Information Rate is the carrier information rate in kbps.

iDX Release 3.5
Inroute Groups
• Symbol Rate is the carrier symbol rate in ksym/s.

• The MODCOD can only be changed for Adaptive carriers.
• For Static carriers, the MODCOD is determined by the Modulation and Error
Correction configured for the carrier. The MODCOD of a Static carrier is the same for
all IGCs and cannot be modified.
• For Adaptive carriers, select the carrier’s MODCOD for this IGC by clicking in the
MODCOD cell and selecting a MODCOD from the drop-down list.
Figure 5-34. Selecting the MODCOD of an Adaptive Carrier in an IGC
• Spreading Factor is the Spread Spectrum Spreading Factor selected for BPSK carriers. All
Spread Spectrum carriers are Static.
• C/N0 is the C/N threshold of the carrier as specified in the Link Budget Analysis Guide
adjusted for the Symbol Rate of the carrier and includes the M1 and M2 margins
configured for the inroute group. (See the next section for details.)
• Traffic Slots is the number of traffic slots per TDMA frame for this carrier.
5.10.3 Configuring Uplink Control Parameters

The parameters on the Uplink Control tab of the inroute group affect how remotes acquire
the network and how the uplink control process at the hub determines the transmit powers
and nominal carriers of the remotes that have joined the network. For more information, see
the chapters titled “Remote Acquisition,” “Uplink Control Process,” and “Adaptive TDMA” in
the Technical Reference Guide.
To configure the uplink control parameters for the inroute group:
1. If the Information tab for the inroute group is not already open, right-click the inroute
group in the iBuilder Tree and select ModifyItem.
2. In the Inroute Group dialog box, click the Uplink Control tab.

iDX Release 3.5
Inroute Groups
Figure 5-35. Inroute Group Uplink Control Tab
3. Any changes to the default Adaptive Parameters should be determined during network
design. These parameters are defined as follows:
• The Fade Slope Margin (M1) allows for the incremental fade that can occur during
the reaction time of the power control algorithm as well as the uncertainty in the
C/N0 estimations.
• The Hysteresis Margin (M2) is added to the Fade Slope Margin when determining
whether or not a remote should switch to an upstream carrier with a different
MODCOD and/or symbol rate. This margin prevents unnecessarily frequent switching
between carriers.
• The Measurement Spacing is the number of seconds between UCP measurements of
remote bursts by the hub during steady-state operation. During a fade, the UCP
algorithm automatically increases the remote’s update interval.
NOTE: During a fade, the number of upstream frames allocated to an idle remote
may exceed its configured Minimum Information Rate. This allows the remote to
transmit more frequent bursts for measurement by the Uplink Control Process.
• The Acquisition Margin (M3) is used to determine the initial nominal upstream carrier
for the remote based on the C/N of the acquisition burst. For more information, see
the section titled “Acquisition” in the “Uplink Control Process” chapter of the
Technical Reference Guide.
• The Hysteresis Logoff check box is used to enable or disable the hysteresis_logoff
parameter in the network options file for a given inroute group.
• Checking the check box enables the hysteresis_logoff parameter and sets the
value of the Logoff Interval to -1.
• Unchecking the check box disables the hysteresis_logoff parameter and sets the
value of the Logoff Interval to 120.
• The Logoff Interval shows the hysteresis_logoff interval in the network options file.

iDX Release 3.5
DVB-S2 Network Parameters
5.11 DVB-S2 Network Parameters

iBuilder allows the configuration of network-level parameters that control how a DVB-S2
network behaves when ACM is enabled for a downstream carrier.
These parameters affect the following two areas of ACM operation:
• The thresholds which determine a remote’s current MODCOD based on its reported Signal-
to-Noise Ratio (SNR)
• The behavior of the system during remote fade conditions
You can modify the following DVB-S2 parameters:
• Steady State Margin (Default: 0.5 dB): The margin added to the SNR thresholds measured
at hardware qualification to arrive at the operational SNR threshold during steady state
operation.
• Fast Fade Margin (Default: 1 dB): The additional margin added to the SNR thresholds
measured at hardware qualification to arrive at the operational threshold during a “fast
fade” condition. During a fade, this margin is added to the Steady State Margin.
• Fast Fade Threshold (Default: 0.5 dB): The drop in receive signal strength between two
consecutive SNR measurements by a remote that causes the remote to enter a “fast fade”
state. If, during steady state operation, a remote reports an SNR drop that is greater than
or equal to the Fast Fade Threshold, then the hub considers the remote to be in the fast
fade state.
• Fade Slope Threshold (Default: 0.3 dB per second): The rate of drop in receive signal
strength by a remote that causes the remote to enter a “fast fade” state. If, during
steady state operation, a remote’s SNR drops at a rate that is greater than or equal to the
Fade Slope Threshold, then the hub considers the remote to be in a fast fade state.
NOTE: These parameters apply to all remotes in an ACM network. You cannot
modify these settings for individual remotes.
5.11.1 System Operation

During steady state conditions, DVB-S2 remotes report their current SNR measurements to the
hub every five seconds. The hub monitors the SNR measurements of each remote. Using the
network settings for the Fast Fade Threshold and the Fade Slope Threshold, the hub
determines whether or not a remote has entered the fast fade state. If either the Fast Fade
Threshold or the Fade Slope Threshold is exceeded, the remote is placed in the fast fade
state. When in the fast fade state, the remote reports its current SNR to the hub every
second. Once the remote has stabilized and is no longer exceeding either of the above
thresholds, the hub returns the remote to the steady state condition. This typically takes a
few seconds due to processing time and transmission delay.
During hardware qualification of a DVB-S2 remote model type, SNR thresholds are determined
for each MODCOD that the remote can receive. Each threshold represents the minimum SNR
at which the remote can reliably receive the MODCOD. These thresholds are published in the
iDirect Link Budget Analysis Guide for this release.
In an operational network, the system adds margin to these SNR thresholds to ensure that the
remote can receive the outbound carrier with Quasi Error Free (QEF) performance. During

iDX Release 3.5
steady state operation, the Steady State Margin is added to the threshold. Additional margin,
Fast Fade Margin, is added during fast fade conditions at the remote.
In addition to the margin added to the SNR threshold during operation, the system must also
take into account the variance, or margin of error, associated with the remote’s SNR
measurement. To account for this margin of error, an additional 0.2 dB is added to the SNR
threshold. This margin of error cannot be changed.
As an example, consider an Evolution e8350 Satellite Router receiving a DVB-S2 outbound
carrier with a current MODCOD of 16PSK 3/4. This MODCOD has an SNR threshold of 10.8 dB,
determined at hardware qualification. Table 5-2 shows the operational SNR threshold below
which the hub changes the outbound frames transmitted to the remote to a lower MODCOD.
The table assumes the default settings for the Steady State Margin and Fast Fade Margin are
in effect.
Table 5-2. Example: Calculating Operational SNR Thresholds
Steady State Fast Fade

Conditions Conditions
SNR Threshold (From LBA) 10.8 dB 10.8 dB
Steady State Margin 0.5 dB 0.5 dB
Fast Fade Margin N/A 1.0 dB
Margin of Error 0.2 dB 0.2 dB
Operational SNR Threshold 11.5 dB 12.5 dB
Adding margin to increase the SNR threshold causes the system to behave more conservatively
by dropping to a lower MODCOD at a higher SNR threshold. For more information, see the Link
Budget Analysis Guide and the Technical Reference Guide for this release.
5.11.2 Configuring DVB-S2 Network Parameters

You can configure the DVB-S2 parameters at the network level of the iBuilder Tree.
CAUTION: Adjusting these parameters can adversely affect the performance of

your ACM network. Consult with iDirect before changing these settings in an
operational network.
To modify the DVB-S2 parameters for a network:

1. Right-click your Network in the iBuilder Tree and select ModifyDVB-S2 from the menu.

iDX Release 3.5
2. In the DVB-S2 Configuration dialog box, edit any settings you want to change.
Figure 5-36. DVB-S2 Configuration Dialog Box
The Steady State Margin and Fast Fade Margin must be greater than or equal to zero.
The Fast Fade Threshold and Fade Slope Threshold must be greater than zero.
NOTE: You can click Set to Default to return your network to the default settings.
3. Click OK to save the new settings

4. Right-click your DVB-S2 network in the iBuilder Tree and select Apply Configuration
Network to send the changes to the protocol processor.
5.11.3 Adjusting DVB-S2 Parameters for CCM Networks

The iDirect system simulates CCM on the DVB-S2 outbound carrier by setting the Minimum
MODCOD and Maximum MODCOD to the same value. (For details on configuring your DVB-S2
carrier, see Adding Downstream Carriers on page 77.) If your DVB-S2 carrier is configured for
CCM, adjust the DVB-S2 network parameters as follows:
• Set the Steady State Margin to 0.

iDX Release 3.5
• Set the Fast Fade Margin to 0.

• Set the Fast Fade Threshold to a large number (for example, 3 dB).
• Set the Fade Slope Threshold to a large number (for example, 3 dB).
These parameters are defined in DVB-S2 Network Parameters on page 155. The procedure for
configuring these parameters is documented in Configuring DVB-S2 Network Parameters on
page 156.
In addition to adjusting the DVB-S2 network parameters, add the following custom keys:
On the Custom Tab of each remote in the CCM network, enter the following Remote-Side
custom key:
[DVBS2]
override_acm_mon = 1
On the Custom Tab of the transmit line card transmitting the CCM carrier, enter the following
custom keys:
[DVBS2]
fill_frame_enable = 1
fill_frame_modcod = n
where n is the MODCOD index of the MODCOD selected for your DVB-S2 CCM carrier.
NOTE: MODCOD indexes are documented in the Link Budget Analysis Guide for
this release.

iDX Release 3.5
6 Configuring Remotes
Remote satellite routers provide IP or Ethernet connectivity between each remote LAN and
the hub. This chapter contains detailed procedures for configuring remotes to operate in
iDirect networks. The chapter contains the following sections:
• iDirect Remote Satellite Router Models on page 159
• Adding Remotes on page 160
• Remote Information Tab on page 161
• Remote IP Config Tab on page 169
• Remote Switch Tab on page 182
• Remote QoS Tab on page 188
• Remote Geo Location Tab on page 199
• Remote VSAT Tab on page 201
• Remote VSAT-2 Tab on page 207
• Remote L2oS Tab on page 209
• Setting Warning Properties for Remotes on page 214
• Adding a Remote by Cloning an Existing Remote on page 214
• Roaming Remotes on page 216
• Enabling IP Packet Compression Types on page 224
6.1 iDirect Remote Satellite Router Models

Table 6-1 lists all iDirect Satellite Routers supported in iDX Release 3.5.x.

iDX Release 3.5
Adding Remotes
Table 6-1. Supported Satellite Routers

• 900 • iConnex e800-FIPSL2
• 9350 • iConnex e850mp
• 950mp • iConnex e850mp-FIPSL2
• 980 • iConnex e850mp-IND with heat sink
• e8350 • iConnex e850mp-IND without heat sink
• e8350-48 • X1
• e8350-FIPSL2 • X3
• e8350-FIPSL2-48 • X5
• eP100 • X7
• iConnex e150 • X7-EC
• iConnex e800 • X7-ER
NOTE: CX780 remotes are no
longer supported in
Evolution software
releases.
6.2 Adding Remotes

The following information is required to add a remote in iBuilder: the IP addressing scheme of
the network; the specifications of all outdoor components; the configuration parameters to
be assigned to the remote; and the geographic location and hemisphere of the satellite.
The procedure for adding a remote assumes that the following elements have already been
configured in iBuilder:
• The network in which the remote will operate
• All parent elements of the network
• One or more Inroute Groups within the network (TDMA remotes only)
• All hardware elements (BUC, LNB, etc.) required by the remote
NOTE: An inroute group is not required for a remote that transmits an SCPC
upstream carrier to the hub. In the iBuilder Tree, an SCPC remote is added
directly to the line card that receives the remote’s upstream carrier.
Any iDirect remote that transmits to the hub on a TDMA upstream carrier must be assigned to
an inroute group. All remotes in the inroute group share the upstream carriers assigned to the
inroute group. The protocol processor assigns TDMA frame slots to individual remotes in real
time based on the each remote’s current bandwidth demand.
An SCPC remote transmits a dedicated SCPC return channel to a receive line card at the hub.
An SCPC remote is not a member of an inroute group. Instead, an SCPC remote is assigned to
its receive line card. For a line card to receive an SCPC upstream carrier, the line card must

iDX Release 3.5
Remote Information Tab
be configured in single channel or multiple channel SCPC mode. See Adding Receive-Only (Rx-
Only) Line Cards on page 124 for details.
NOTE: Only Evolution e8350, Evolution 9-Series, Evolution X5 and Evolution X3

remotes can transmit SCPC upstream carriers.
To add and configure remotes, follow these steps:

1. To add a remote to an inroute group, right-click the Inroute Group and select Add
Remote.
To add an SCPC remote, right-click the receive line card and select Add SCPC Remote
from the menu.
6.3 Remote Information Tab

The new remote is added to the iBuilder Tree with a system-generated name, and the Remote
dialog box opens to the Information tab.

iDX Release 3.5
Figure 6-1. Remote Information Tab
NOTE: The Switch tab appears only when configuring a remote with an eight-port
switch. See Remote Switch Tab on page 182.
1. Enter a Name for this remote.

2. Select the Model Type of the remote from the drop-down list. The selected model type
must match the actual hardware model.
3. Enter the Serial Number of the remote.

iDX Release 3.5
4. A system-generated Derived ID (DID) is automatically generated.
NOTE: Serial numbers are not sufficient to uniquely identify remotes and line
cards. Serial numbers are unique within a particular model type, but can repeat
from one model type to another. Therefore a unique Derived ID (DID) is
automatically generated to avoid potential problems caused by duplicate serial
numbers.
5. For TDMA remotes, the name of the remote’s Inroute Group is automatically displayed in
the Inroute Group field. This field is not applicable to SCPC remotes.
6. Enter a new User Password and Admin Password. The User Password provides access to
basic remote console commands. The Admin password provides administrator-level
access to all remote console commands. Specify alternate, secure passwords.
on page 17.
7. Select Active to make the Protocol Processor aware of this remote site once the remote
has been commissioned. A remote must be Active to join the network.
NOTE: To deactivate an active remote, clear the Active check box. A deactivated
remote is removed from the Protocol Processor’s current network configuration
while preserving the configuration in iBuilder.
8. Select MUSiC Box, Disable Tx PWM, Disable Authentication, and/or Link Encryption.
a. Select MUSiC Box if this remote site uses a Multi User Summing Chassis. The iDirect
MUSiC Box allows a common antenna/electronics platform to be shared across
multiple remotes at the same physical location. Selecting MUSiC Box overwrites VSAT
ODU settings that turn on the DC/10 MHz timing; instead, the MUSiC Box provides the
DC/10 MHz timing.
b. Select Disable Tx PWM to disable the Transmit Pulse Width Modulation on the remote
and enable console pointing mode. (With this box selected, installers are not required
to remove the transmit cable during antenna pointing.)
c. Select Disable Authentication to certify a previously-uncertified remote in a
TRANSEC network. For details, see Bringing an Unauthorized Remote into a TRANSEC
Network on page 471.
d. Select Link Encryption to encrypt the connection between the remote and the
protocol processor blade. Link Encryption can only be selected if it is supported for
this remote model type.
NOTE: Link Encryption is a licensed feature. A license file must be loaded on each
protocol processor blade that supports Link Encryption. For information on
obtaining these licenses, please contact the iDirect Technical Assistance Center
(TAC).
9. To enable Sleep Mode on the remote, select Sleep in and enter a value in seconds. If
Sleep Mode is enabled, the remote conserves power by disabling the 10 MHz reference
for the BUC after the specified number of seconds have elapsed with no remote

iDX Release 3.5
upstream data transmissions. A remote automatically wakes from Sleep Mode when
packets arrive for transmission on the upstream carrier, provided that Trigger Wakeup is
selected for the service level associated with the packets. (See Adding an Application
Profile on page 304 for details.)
NOTE: For Sleep Mode to work, the 10 MHz reference must be enabled for the
BUC assigned to the remote on the Remote VSAT Tab. The 10 MHz reference is
enabled by selecting ODU Tx 10 MHz in the BUC configuration dialog box.
NOTE: When enabling Sleep Mode, also edit the QoS Service Levels that apply to
the remote to ensure that “Trigger Wakeup” is only enabled for those Service
Levels that match customer traffic. If “Trigger Wakeup” is enabled for
management traffic, the constant flow of management traffic will prevent the
remote from entering Sleep Mode. See page 307 for details.
10. Check the Telnet access from local host only check box to allow telnet access from local
host only; uncheck the check box if it is necessary to have telnet access from an external
host.
• For existing remotes without this feature, the check box is unchecked by default.
• For cloned remotes (i.e., remotes cloned by right-clicking a remote and selecting
Clone or selecting Add to Networks under Roaming, or right-clicking an Inroute
Group and selecting Add Multiple Roaming Remotes), the check box setting follows
the source remote.
• For other new remotes, the check box is checked.
When modifying a remote, a popup warning dialog appears if Telnet access from local
host only is enabled but the check box is unchecked.
Figure 6-2. Detected Telnet access from local host only Dialog Box
Click on OK to apply changes without enabling telnet access from local host only; click
on Change Now to return to the Telnet access from local host only check box to check
the check box.
The popup warning dialog will continue to appear if the check box is unchecked.
Additionally, a security icon (“!”) appears beside a remote to indicate the remote is
insecure if telnet access is not limited to local host.

iDX Release 3.5
For information on turning the dialog box and security icon off, see Managing Telnet
Access from Local Host Only on page 18.
NOTE: Telnet access from local host only is disabled for TRANSEC mode and for X1
remotes.
11. In the Compression area of the dialog box, select any IP compression types to be used by
this remote. For details on the different types of compression available, see Enabling IP
Packet Compression Types on page 224.
6.3.1 Transmit and Receive Properties

This section discusses the transmit and receive parameters on the remote Information tab.
The Transmit Properties are different for TDMA remotes and SCPC remotes. Figure 6-3 shows
the Transmit Properties for a TDMA remote. Figure 6-4 on page 166 shows the Transmit
Properties for an SCPC remote.
Figure 6-3. Remote Information Tab: Transmit and Receive Parameters for TDMA Remote
1. Under Transmit Properties for a TDMA remote:

a. Enter the Symbol Rate, MODCOD, TDMA Initial Power, Spreading Factor and
Payload size of this remote’s Reference Carrier. For more information, see the
chapter titled “Adaptive TDMA” in the Technical Reference Guide.
NOTE: See the Installation and Commissioning Guide for Remote Satellite
Routers for details on determining the Reference Carrier Initial Power.
b. Click the Show Lock to Inroute check box to lock the remote to a single carrier
selected at the Details pull-down list.
This check box is only enabled when the Carrier Grooming mode is selected at the
Inroute Group Information tab. See Carrier Grooming on page 441 for more
information.

iDX Release 3.5
c. In TDMA Max Power, enter the maximum TDMA transmit power level in dBm as
determined during remote commissioning. The default is 0 dBm. This field is not
applicable if the remote is transmitting an SCPC upstream carrier.
e. If desired, record the 1dB Compression Point determined at remote commissioning.
This field is informational only.
Figure 6-4 shows the Transmit Properties of an SCPC remote.
Figure 6-4. Remote Information Tab: Transmit and Receive Parameters for SCPC Remote
2. To configure the Transmit Properties of an SCPC remote:

a. For Carrier Name, select the remote’s SCPC upstream carrier.
b. If desired, record the 1dB Compression Point determined at remote commissioning.
This field is informational only
c. Click Edit SCPC Initial Power to open the SCPC Initial Power dialog box (Figure 6-5).
Figure 6-5. SCPC Initial Power Dialog Box
NOTE: The initial power and maximum power must be configured for the SCPC
remote to become operational.
d. Enter the Initial Power and Max Power for the SCPC upstream carrier selected on the
Remote Information tab by double-clicking the cells and entering the values in dBm.
e. If this remote may transmit on other SCPC upstream carriers in the future, you can
also configure the initial power and maximum power for those carriers at this time.

iDX Release 3.5
f. Click OK to save the SCPC Initial Power and Max Power.

3. Under Receive Properties:
a. Carrier Name is a read-only field that displays the name of the downstream carrier
for the network.
b. The L-Band Frequency is calculated automatically once the LNB is assigned on the
VSAT tab. See Remote VSAT Tab on page 201.
c. For a receive-only remote, select Enabled under Rx Only. If Rx Only is enabled, no
return channel will be established by the remote and the remote will not transmit
under any circumstances.
Note: If you select Rx Only, Rx Only Multicast is enabled automatically.

d. You can enable Rx Only Multicast without enabling Rx Only. If Rx Only Multicast is
Enabled, the remote will receive multicast traffic even when no upstream return
channel is available. This allows remotes that are temporarily unable to transmit to
continue to receive multicast traffic.
e. If Rx Only Multicast is enabled, enter a Timeout in seconds or accept the default.
The timeout determines how often the multicast configuration data is sent to the
remote on the outbound carrier.
6.3.2 Customers and Distributors

This section discusses the Customer and Distributor parameters on the Remote Information
tab (Figure 6-6).
Figure 6-6. Remote Information Tab: Customer and Distributor Parameters
Configuring customers or distributors is completely optional. The following procedure adds a

customer. However, the procedure for adding customers and distributors is the same.
1. To add a Customer or a Distributor associated with the remote, click the button to the
right of the Name box to open a dialog box for adding customers or distributors.

iDX Release 3.5
Figure 6-7. Add Customers Dialog Box
If any customers or distributors have already been added to the NMS database, the names
appear in the list.
2. To the right of the dialog box, click Add to add another customer or distributor.
3. The Customer (or Distributor) dialog box opens.
Figure 6-8. Customers Dialog Box
4. Enter the Customer or Distributor Name and Phone Number.

5. Click OK to return to the previous dialog box.
6. Add additional Customers or Distributors if required.
7. Click OK to return to the Remote Information tab.
8. The new customer or distributor is added to the dialog box, as shown in Figure 6-9.

iDX Release 3.5
Remote IP Config Tab
Figure 6-9. Entering Customer Parameters
9. For customers, you can enter a Commission Date, Contract Number, and additional
information in the Site Notes box.
10. Click OK to close the dialog box and save the changes or click the IP Config tab to
continue configuring the remote.
6.4 Remote IP Config Tab

The IP Config tab consists of several individual panes and sub-tabs, each of which is displayed
and discussed in the following sections. iBuilder provides a wide range of IP configurations for
remotes accessible from the IP Config tab. All configurable IP parameters and all VLANs are
configured on this tab.
6.4.1 VLAN and LAN Information

iDirect Software supports end-to-end VLAN tagging. To implement this feature, the router or
switch that is upstream from the Protocol Processor must support IEEE 802.1Q (VLAN) tagging.
When multiple VLANs are present on the remote, a similar switch that is downstream from the
remote is also required.
A detailed, two-VLAN, multiple-remote example is shown in Figure 6-10. Management traffic
between the NMS and remote must be untagged and each remote must have a unique
Management IP address. Networks may contain a mixture of remote VLAN and traditional IP-
based remotes. Each remote must be configured to work in either traditional IP or VLAN
mode.

iDX Release 3.5
Figure 6-10. Sample VLAN Network Layout
The iDirect VLAN capability allows customers to use their existing IP addressing schemes.
Since all routing options (RIPv2 and static routing) are configurable per VLAN interface, the
end-to-end VLAN feature allows each end customer to have their own routing architecture
independent of other customers sharing the same physical network components.
There are two check boxes for configuration of the Routing Information Protocol (RIPv2) on
the remote: one for the LAN interface (eth0) and one for the for satellite interface (sat0).
(The sat0 interface is called the management interface when referring to the default VLAN.)
You can enable or disable RIPv2 independently on the two interfaces. Depending on the RIPv2
options selected, the remote behaves as follows:
• When RIPv2 is not enabled on either interface, RIP is completely disabled on the remote.
It does not send or receive any RIP updates.
• When RIPv2 is enabled on the LAN interface, the remote sends and receives RIP updates
over the LAN, updating its own IP routing table when new routing information is received.
• When RIPv2 is enabled on the satellite (or management) interface, the remote sends and
receives RIP updates over the satellite, updating its IP own routing table when new
routing information is received.
The remote does not relay RIP messages to other routers. Instead, it generates RIP messages
based on its own IP routing table.
NOTE: An Evolution X1 or e150 remote must use static routing to a single

gateway. RIPv2 is not supported on these model types.

iDX Release 3.5
Configuring LAN and Management Interfaces

This section discusses only the portion of the IP tab shown in Figure 6-11. You must select the
Interface sub-tab to configure the LAN and Management Interfaces for your VLANs.
NOTE: Previously, iBuilder allowed the configuration of more than eight VLANs for
X1, 9-Series, and 980 remotes although the configuration would not function
because the remotes do not support it. This is no longer allowed and an error
appears when an attempt is made to exceed the eight VLAN limit.
iBuilder also previously allowed the configuration of more than eight VLANs for
X3, X5, X7, and e8xxx remotes. To avoid upgrade issues, this is still allowed.
However, because these remotes function in an unsupported and untested way
that can lead to customer problems, a warning now appears indicating that the
configuration is not supported.
Figure 6-11. Remote IP Config Tab: Interface Configuration
NOTE: Once the GRE tunnel is enabled, the Tag Packets field disappears and the
packets are tagged.
The IP information for a remote is configurable per VLAN. Select a VLAN on the left side of
the dialog box. Then configure its IP addressing information on the Interface sub-tab.
1. The LAN Interface IP address represents the remote’s IP address on the selected VLAN.
a. Enter the IP Address and Subnet Mask.
b. Select Tag Packets to tag packets with the VLAN ID according to the IEEE 802.1Q
VLAN Tagging specification.
NOTE: VLAN tagging must be enabled in order to connect to the Ethernet side of
the default LAN from a hub PC. Ensure that Tag Packets is selected to enable this
capability for the selected VLAN.

iDX Release 3.5
c. If configuring an iConnex e800, select Port A or Port B as your LAN port.
NOTE: Changing the LAN port selection for an iConnex e800 from Port B to Port A
requires a remote reset for the change to take effect. Right-click the remote in
the iBuilder Tree and select Reset Remote to perform this operation.
2. The remote’s Management Interface (Sat) IP address represents the remote’s virtual
interface on the default VLAN. The NMS always communicates with the remotes using this
address. This address should not conflict with the LAN Interface addresses.
a. Selecting Same as LAN sets the Management Interface IP address to the LAN Interface
IP address. (The Gateway is always set to 0 and cannot be changed.)
NOTE: When you select a VLAN other than the default VLAN, the interface names
change. LAN Interface changes to ETH0 Interface. Management Interface changes
to SAT0 Interface.
Adding Layer 3 SVNs to a Remote

This section only discusses adding Layer 3 SVNs to Remotes. You must first define the SVN
Upstream Interface on the SVNs tab of the Protocol Processor. See Adding an SVN on page 102
for details.
Additional SVNs can be added and removed from a remote using the appropriate buttons
located in the VLAN area of the IP Config tab. The default VLAN is VLAN 1 (native VLAN) and
is based on the LAN Interface address.
Add a Layer 3 SVN to the remote as follows:
1. Click the Add button at the bottom of the VLAN area of the IP Config tab.
2. At the dialog box that opens, use the VLAN ID pull-down menu to select a previously
defined Layer 3 SVN. See Figure 6-12.
3. Click OK; the selected Layer 3 SVN will appear in the IP Config tab VLAN pane.

iDX Release 3.5
Figure 6-12. Remote IP Config Tab: Adding Layer 3 SVN
Once an SVN is added to the remote, it is added to the VLAN list, and the LAN and
Management Interfaces change to ETH0 and SAT0 Interface for the VLAN.
4. Click the Remove button (Figure 6-12) to delete an SVN. A warning message is displayed,
asking to confirm the deletion. VLAN 1 is the default VLAN and cannot be removed.
The VLAN ID is also considered in QoS Profiles. See section Adding an Application Profile on
page 304.
6.4.2 Domain Name System (DNS)

This section discusses only the DNS portion of the remote IP Config tab.

iDX Release 3.5
Figure 6-13. Remote IP Config Tab: DNS Configuration
1. You must select Enable Cache to configure the DNS settings.

2. To configure DNS, specify both primary and secondary IP addresses. Assigning DNS names
is optional.
3. The remaining items listed below are shown with default values. Modifications may be
made to these settings if desired.
• Cache Size - Set # of entries cache can hold
• Forward Queue Size - Maximum size of the forward queue
• Forward Timeout - Expiration time (in ms) for elements in the forward queue
DNS Operation
The DNS component functions as follows:
1. Clients on the remote network issue DNS queries to the DNS component.
2. The DNS searches its cache for a matching response.
3. If a matching response is found, the DNS replies with the cached response.
4. If a matching response is not found, the DNS performs the following:
a. Appends the query along with a timestamp to the forward queue.
b. Sends the query to its primary DNS server.
5. If a response is received within the time specified by the Forward Timeout parameter
the DNS performs the following:
a. Adds the response to its cache.
b. Forwards the response to the client.
c. Deletes the query from the forward queue.

iDX Release 3.5
6. If a response is not received within the time specified by the Forward Timeout
parameter, the DNS performs the following:
a. Forwards the query to the secondary name server.
b. Resets the timestamp associated with the forwarded query.
7. If a response is received within the time specified by the Forward Timeout parameter,
the DNS performs the items listed in Step 5 above.
8. If a response is not received within the time specified by the Forward Timeout
parameter, the DNS deletes the query from the forward queue.
6.4.3 Dynamic Host Configuration Protocol (DHCP)

This section discusses only the portion of the remote IP Config tab shown in Figure 6-14.
.
Figure 6-14. Remote IP Config Tab: DHCP Configuration
DHCP, including DHCP relay, is configurable on a per VLAN basis. In iBuilder, DHCP is disabled
by default.
To use an existing or separate DHCP server at your hub location:
1. Select Relay.
2. Enter the IP Address of your DHCP Server.
To enable the remote to act as the DHCP server:
1. Select Server to enable DHCP configuration entries.
2. Enter the Lease Duration or the amount of time before the address must be renewed.
3. Enter the Primary and Secondary DNS server addresses, and the Default Gateway.
4. Click the Add button to enter Client Address Ranges, which are the ranges of assignable
addresses. Multiple unique ranges may be assigned as desired.
5. To edit a Client Address Range:
a. Click the range in the table to highlight the range you want to change.

iDX Release 3.5
b. Select Edit.
c. Modify the range and click OK to save your changes.
6. To delete a Client Address Range:
a. Select a range in the table and click the Remove button, a warning message is
displayed, asking you to confirm the deletion.
b. Click OK to delete the range.
6.4.4 RIPv2, Static Routes, Multicast Groups, Port Forwarding

and NAT
This section discusses the following sub-tabs of the IP Config Tab:
• Routes, for configuring RIPv2 on the ETH0 and SAT0 interfaces
• Static Routes, for configuring IP addressing for your static routes
• Port Forwarding, for configuring port forwarding and NAT
• GRE Tunnels, for setting up GRE tunnels within the iDirect system
• Multicast Groups, for configuring a remote as a member of a persistent Multicast Group
Figure 6-15. Remote IP Config Sub-Tabs
RIPv2 (Routes Sub-Tab)

Click the Routes sub-tab to configure RIPv2 per VLAN for the LAN and/or Management
interface.
Figure 6-16. Remote IP Config Tab: Routes Sub-Tab
To configure RIPv2:
1. Select a VLAN in the left pane of the dialog box.

iDX Release 3.5
2. Select Enable RIPv2 for the ETH0 (LAN) interface and/or SAT0 (Management) interface
to enable RIPv2 over the satellite link for the selected VLAN.
NOTE: RIPv2 cannot be enabled on Evolution X1 or e150 remotes.
Static Routes
Click the Static Routes sub-tab to add, edit, or remove static routes. The default route across
the sat 0 interface is added automatically when you create a new remote. Do not delete this
route unless your remote routing scheme requires it.
NOTE:
• Static route redistribution to RIP is enabled by default for 9-series remotes.
• X7 remotes do not advertise static routes to RIP.
To add a Static Route:

1. Click the Add button.
Figure 6-17. Remote IP Config Tab: Static Routes Sub-Tab
The Add Static Route dialog box opens.
Figure 6-18. Add Static Route dialog Box

iDX Release 3.5
2. Enter an IP Address and Subnet Mask.

3. Enter the IP address of the Gateway.
4. Select the Interface.
5. Click OK to add the Static Route.
Using Static Routes with Multiple Protocol Processor Blades

Using static routes between an upstream router and a multiple-blade Protocol Processor
eliminates the need for RIPv2 on the upstream LAN. In order to ensure correct routes, you
must “clamp” remotes to one specific blade using a custom key. You must also add all static
routes to your upstream router.
CAUTION: When a remote is clamped to a specific blade, it will not re-acquire the
network if that blade fails and the blade's load will not be automatically
distributed across the remaining blades. The network will remain down until the
custom key(s) clamping the remote(s) are removed. At that point, the failed
blade's load will be distributed across the remaining blades.
To clamp a remote to a specific Protocol Processor blade:

1. Right-click the remote in the iBuilder tree and select ModifyItem.
3. Add the following entry to the Hub-Side section of the Custom tab:
[BLADE]
id = <blade ID>
NOTE: To determine a blade’s ID, select ViewDetails from iBuilder’s main menu
and click the blade. The blade’s ID is displayed in the ID column of the details
view.
4. Click OK to close the dialog.

5. Right-click the remote in the iBuilder tree and select Apply ConfigurationReliable
Hub-Side.
6. Right-click the remote and clear the Activate Remote check mark to deactivate it.
Figure 6-19. Deactivating a Remote
Hub-Side.
8. Right-click the remote again and select Activate Remote to return it to the network. The
check mark should re-appear.
Hub-Side.

iDX Release 3.5
To turn RIPv2 off for a Protocol Processor:

1. Right-click the Protocol Processor in the iBuilder tree and select ModifyItem.
2. Clear the check box labeled Enabled RIPv2.
4. Right-click the Protocol Processor and select Apply Configuration.
NAT and Port Forwarding

Click the Port Forwarding sub-tab to configure NAT and Port Forwarding on a per-VLAN basis.
NAT enables you to make the Management Interface public and the LAN interface private on
the remote, providing a way to have multiple private addresses represented by one public
address.
Figure 6-20. Remote IP Config Tab: Port Forwarding Sub-Tab
Port forwarding allows you to specify that IP packets with certain port numbers are forwarded
to private IP addresses behind the remote. For example, to run a web server on a PC with a
private IP address, specify http as the port start and port end; TCP as the protocol; and the
PC’s IP address in the IP address field.
1. Select a VLAN in the left pane of the dialog box.
2. Select the Enable NAT (Network Address Translation) check box. Then click Add to open
the Add Port Forwarding dialog box.

iDX Release 3.5
Figure 6-21. Add Port Forwarding Dialog Box
3. Select a Port Range Start and Port Range End for port forwarding.
4. Select a Protocol and specify an IP address.
5. Click OK to save your changes.
Accelerated GRE Tunnels

Click the GRE Tunnels sub-tab to configure your system to send GRE-tunneled data with TCP
acceleration across an iDirect network.
Figure 6-22. Remote IP Config Tab: GRE Tunnels Sub-Tab
Follow these steps to define a GRE Tunnel:

1. Click Add to open the GRE Tunnel dialog box.

iDX Release 3.5
Figure 6-23. GRE Tunnel Dialog Box
2. Specify the Hub Gateway and Remote Gateway endpoints for the tunnel.
NOTE: This procedure only sets up the GRE tunnel within the iDirect system. You
must still establish the actual GRE endpoints on both sides of the link for a GRE
tunnel to work. GRE endpoints must be configured upstream from the Protocol
Processor and downstream from the remote.
Multicast Groups
Click the Multicast Group sub-tab to add, edit, or remove a persistent Multicast Group. To
configure the remote to be a member of a persistent Multicast Group, follow these steps:
1. Click the Add button.
Figure 6-24. Remote IP Config Tab: Multicast Group Sub-Tab
The Persistent Multicast Group dialog box opens.

iDX Release 3.5
Remote Switch Tab
Figure 6-25. Persistent Multicast Group Dialog Box
2. Select the Interface: eth0 or sat0.

3. Enter an IP Address of the multicast group.
4. Click OK.
6.5 Remote Switch Tab

Use the Switch tab to associate each of the eight RJ45 LAN Ethernet ports located on the back
panel of some iDirect remote modems with specific VLANs. In Layer 3 networks, for a VLAN to
appear on the Switch tab, it must first be added to the remote on the Remote IP Config tab.
(See Adding Layer 3 SVNs to a Remote on page 172.) In Layer 2 networks, VLAN IDs can be
created in the VLAN Assignment dialog box of the Switch tab. The Switch tab is only displayed
for remote Model Types with an eight port switch.
By default, all VLAN ports are defined as trunks. When a port is defined as a trunk, all traffic
on any VLAN (including both user-defined VLANs and the default VLAN) can pass through the
port. All user-defined VLAN frames on trunk ports are tagged to explicitly identify the VLAN.
Default VLAN traffic passing through a trunk port is not tagged.
A port can also be dedicated to a single user-defined VLAN or to the default VLAN. A port
dedicated to a single VLAN is referred to as an Access Port. When a port is dedicated to a
VLAN, only traffic for that VLAN passes through the port. There is no VLAN tagging on a port
dedicated to a single VLAN, regardless of whether the port is dedicated to the default VLAN or
to a user-defined VLAN.
On Evolution X7 remotes only, multiple, specific VLANs can be assigned to a port. This is
called VLAN pruning. When an X7 LAN port is dedicated to multiple VLANs, traffic on any of
the assigned VLANs passes through the port. Other traffic is discarded.

iDX Release 3.5
Remote Switch Tab
On an X7 remote, an L2oS CE Tag Transparent SVN can be assigned to one port only.
• If some CE Tag non-transparent SVNs are assigned to port 6 and CE Tag Transparent SVN
10 is assigned to port 6, then all CE Tag non-transparent SVNs are removed from port 6.
• If CE Tag Transparent SVN 11 is assigned to port 1 and CE Tag non-transparent SVN 100 is
assigned to port 1, then CE Tag Transparent SVN 11 is unassigned and port 1 is moved to
CE Tag non-Transparency mode.
• If CE Tag Transparent SVN 10 is assigned to port 2 and new CE Tag Transparent SVN is
assigned to port 2, then CE Tag Transparent SVN 10 is unassigned
• If CE Tag Transparent SVN 10 is assigned to port 1 and CE Tag Transparent SVN 11 is
assigned to port 2, and then CE Tag Transparent SVN 10 is assigned to port 2, then port 1
would be assigned for all CE Tag non-transparent SVNs and SVN11 is unassigned.
For more information on l2oS CE Tag Transparent SVNs, refer to the Technical Reference
Guide.
The Switch tab allows you to perform the following operations:

• Dedicate a port to a specific VLAN
• Assign multiple VLANs to a port (Evolution X7 only)
• Assign a CE Tag Transparent SVN to a port (Evolution X7 only)
• Configure a port as a trunk (allow traffic on all VLANs to pass through the port)
• Specify the port speed and mode (full duplex or half duplex)
• Copy the table of switch settings to an external application such as a spreadsheet
To configure the eight port switch follow these steps:
1. Click the Switch tab to view the current assignment of VLANs to ports.
NOTE: CE Tag Transparent SVNs are indicated by an X attached to the SVN ID (for
example, 10_X) and are colored red.
Figure 6-26. Remote Switch Tab

iDX Release 3.5
Remote Switch Tab
NOTE: For X7-ER remotes, Port 1 and Port 2 are labeled as follows:
• Port 1 (Reserved-Cross Connect to 5921 Only)
• Port 2 (Reserved-Cross Connect to 5921 Only)
Port 1 and Port 2 are not used for VLAN assignment. The ports connect to the
single board computer (SBC) running the Cisco IOS 5921 routing software.
NOTE: For X7-EC remotes, Port 1 and Port 2 are labeled as follows:
(Reserved- Cross Connect to EC Applications Only)
Port 1 and Port 2 are not used for VLAN assignment. The ports connect to the
single board computer (SBC) running different application software.
The Switch tab contains two panes: the Port View (on the left), and the VLAN View (on
the right). In Layer 3 networks, only VLANs that have already been added to this remote
appear in the display.
By default, all ports are defined as trunks. Trunk ports display the word Yes in the All
VLANs row of the VLAN View. This default configuration is illustrated in Figure 6-26.
2. Use either the Port View or the VLAN View to assign a VLAN to a port. Both methods are
described here:
To use the Port View to assign a VLAN to a port:
a. In the Port View, right-click the port and select Assign VLAN from the menu to
display the dialog box.
NOTE: As an alternative, select the port and click the Assign VLAN button at the
bottom of the screen.
b. In the dialog box, select the VLAN ID of the VLAN to be assigned to the port. (In Layer
3 networks, the VLAN Name will be displayed automatically.)
c. In L2oS and Layer 2/Layer 3 Hybrid mode networks only, if the SVN/VLAN ID has not
yet been configured, enter the SVN/VLAN ID. The range of valid VLAN IDs is from 2 to
4094.

iDX Release 3.5
Remote Switch Tab
Figure 6-27. SVN/VLAN ID Assignment
NOTE: The ID pull-down list provides IDs for the Layer 2 SVNs that have been
assigned to the remote from the L2oS tab and the Layer 3 SVNs that have been
assigned at the IP Config tab.
NOTE: If a local Id is defined at the remote’s L2oS tab, the list will use local id
instead of global id.
d. Click OK.
To use VLAN View to assign a VLAN to a port:
a. In the VLAN View, right-click in the table cell representing the port of the VLAN you
want to configure.
b. Choose Select from the menu.
Both methods of assigning a VLAN to a port are illustrated in Figure 6-28.
Figure 6-28. Dedicating a Port to a VLAN
In the VLAN View, the word Yes is displayed for the VLAN in the column for the selected
port.

iDX Release 3.5
Remote Switch Tab
Figure 6-29. Switch Tab with Dedicated VLAN
NOTE: Double-click in any empty cell in the VLAN view to select that cell. The
word Yes will be displayed in that cell.
3. To reconfigure a port with VLANs assigned to be a trunk, do one of the following:

• In the Port View, right-click the port and select All VLANs from the menu.
• In the VLAN View, right-click in the column of the port in the All VLANs row and
select All VLANs from the menu.
Both methods are illustrated in Figure 6-30.
Figure 6-30. Reconfiguring a Port with Assigned VLANs as a Trunk
4. To select the same setting for all ports:

a. Right-click your choice in the VLAN column of the VLAN View
b. Select All from the menu.
The word Yes appears in all columns of the selected row. In Figure 6-31, Select All was
used to assign the default VLAN to all ports.
Figure 6-31. Selecting the Same Switch Setting for All Ports
5. By default, the port speed and port mode are automatically negotiated. Follow these
steps to disable auto-negotiation and select a port speed and port mode:

iDX Release 3.5
Remote Switch Tab
a. In the Port View, right-click the port and select Properties from the menu to open
the Properties dialog box.
Figure 6-32. Port Properties Dialog Box
b. In the Properties dialog box, select Off for Auto Negotiation.

c. Select a Speed for the port: 10 Mbps or 100 Mbps.
d. Select a Mode for the port: Full Duplex or Half Duplex.
CAUTION: The port settings must match the attached equipment. Mismatches in
either port speed or port mode will result in packet loss.
6. To copy a row (or all rows) from the VLAN View in order to paste the information into a
separate application such as a spreadsheet, follow these steps:
a. In the VLAN column, click the VLAN name (or click All VLANs) in the first column of
the row you want to select. This will highlight the name in the VLAN column. (Or press
Ctrl + A to select all rows in the table.)
b. Right-click on any of the selected entries in the first column; then select Copy or
Copy without headers from the menu.
c. Paste the row or rows into your target application.

iDX Release 3.5
Remote QoS Tab
6.6 Remote QoS Tab

The following sections describe how to configure Quality of Service (QoS) for remotes on the
Remote QoS tab. An example of the Remote QoS tab is shown in Figure 6-33.
Figure 6-33. Remote QoS Tab
6.6.1 QoS Profiles

Figure 6-34 shows the section of the Remote QoS tab used to assign upstream and downstream
Filter Profiles, Service Profiles and Remote Profiles to your Remotes.

iDX Release 3.5
Remote QoS Tab
Figure 6-34. Remote QoS Tab: QoS Profiles
Assigning a Filter Profile to a Remote

To assign a Filter Profile, select the desired profile from the Upstream QoS or Downstream
QoS drop-down Filter Profile list, as shown in Figure 6-35.
Figure 6-35. Remote QoS Tab: Selecting a Filter Profile
Filter Profiles are described in Application Profiles and Filter Profiles on page 301.
NOTE: You can click the Details button next to the Filter Profile drop-down menu
to view the configuration of the selected Filter Profile.
Assigning a Remote Profile or a Service Profile to a Remote

There are three additional types of Profiles that you can assign to a remote on the Remote
QoS tab: Remote Profiles, Service Profiles and Multicast Service Profiles. Each remote must
have either a single Remote Profile or one or more Service Profiles assigned for both
Downstream and Upstream traffic. Multicast Service Profiles are optional downstream profiles
that enable your remotes to use Multicast Fast Path Applications. (See Configuring Remotes
for Multicast Fast Path on page 277 for details.)
Remote Profiles are assigned to remotes that use Remote Service Groups. Service Profiles are
assigned to remotes that use Application Service Groups. See Configuring Quality of Service
for iDirect Networks on page 229 for detailed descriptions of Service Groups, Service Profiles,
and Remote Profiles.

iDX Release 3.5
Remote QoS Tab
NOTE: A remote that transmits a dedicated SCPC upstream carrier is not

associated with upstream Service Group. Instead, you must assign an upstream
Remote Profile directly to the SCPC remote. See Assigning an Upstream Remote
Profile to an SCPC Remote on page 191.
NOTE: A Remote Profile or Service Profile assigned to an Evolution X1 or e150

remote can have a maximum of 10 (total) Service Levels. Each Virtual Remote in
the assigned Profile can have a maximum of 5 Service Levels. Assigning a Profile to
an X1 or e150 that exceeds either of these limits will cause the remote state to
change to Incomplete in the iBuilder Tree.
Follow these steps to select a Service Group and Service Profile or Remote Profile, or a
downstream Multicast Service Profile, to a remote:
1. Click the Edit button next to the current Upstream or Downstream Service Group
assignment (Figure 6-34) to display the QoS Profile Select dialog box (Figure 6-36).
Figure 6-36. Remote QoS Tab: QoS Profile Select Dialog Box
2. To assign a Remote Profile:

a. In the QoS Group pane, select a Remote Service Group in the Service Group column.
b. In the Remote Profile pane, select a Remote Profile.
3. To assign an Application Service Profile, select a non-multicast Service Profile in the QoS
Group pane.
4. To assign a downstream Multicast Service Profile, select a Service Profile under the
Multicast Service Group. See Configuring Remotes for Multicast Fast Path on page 277 for
more information.

iDX Release 3.5
Remote QoS Tab
5. Click OK. The new assignments are displayed on the Remote QoS tab.
In rare cases, when using Application Service Groups, you may want to assign multiple
Downstream or Upstream Service Profiles to a single remote. If you select more than one
Service Profile, the last Service Profile that you select in the QoS Profile Select Dialog Box is
designated as the Primary Service Profile. The NMS and Default Applications from the Primary
Service Profile are used by the system. The NMS and Default Applications from other selected
Service Profiles are not used. For more information see Assigning Service Profiles to Remotes
on page 271.
NOTE: Unlike Service Profiles, only one Downstream and one Upstream Remote
Profile can be assigned to a Remote.
Figure 6-37 shows two Service Profiles assigned to a single remote in an Application Service
Group. Service Profile 1 is the Primary Service Profile. The Primary Service Profile is always
displayed in bold typeface on the GUI.
Figure 6-37. Remote QoS Tab: Multiple Service Profiles Assigned
Assigning an Upstream Remote Profile to an SCPC Remote

Follow these steps to assign an upstream Remote Profile to a remote configured to transmit a
dedicated SCPC upstream carrier to the hub:
1. Click the Edit button in the Upstream QoS area of the Remote QoS tab to open the QoS
Profile Select dialog box. (This is illustrated in Figure 6-38.

iDX Release 3.5
Remote QoS Tab
Figure 6-38. Selecting an Upstream Remote Profile for an SCPC Remote
2. In the QoS Profile Select dialog box, select an upstream Remote Profile.
3. Click OK.
6.6.2 Rate Shaping Configuration

This section discusses only the parameters of the QoS tab shown in Figure 6-39.
Figure 6-39. Remote QoS Tab: Upstream and Downstream Rate Shaping

iDX Release 3.5
Remote QoS Tab
Your ability to configure the Downstream and Upstream Rate Shaping parameters, as well as
Allocation Fairness Relative to CIR, depends on the type of Service Group selected in the
Service Group field (Figure 6-34) and the QoS Mode selected on the QoS tab of your Network
and Inroute Group. Since QoS Mode only applies to Application Service Groups, the selection
among the following three options determines which parameters you can configure here:
• Remote Service Groups
• Application Service Groups in Remote Based QoS Mode
• Application Service Groups in Application Based (or Application Scaled) QoS Mode.
For a detailed explanation of Service Group types and QoS Modes, see Configuring Quality of
Service for iDirect Networks on page 229.
Table 6-1 on page 193 shows which QoS parameters you can select on the Remote QoS tab
depending on which of the three options listed above is configured for the remote’s Network
(Downstream) or Inroute Group (Upstream). As noted in the table, you cannot configure EIR
on the Remote QoS tab unless it has been enabled for remotes in this remote’s Service Group
on the QoS tab of your DVB-S2 network.
NOTE: Upstream Rate Shaping parameters such as CIR and MIR are not applicable
to SCPC remotes at the remote level of the QoS tree, since all of the upstream
bandwidth is dedicated to the physical remote. However, you can select or clear
Allocation Fairness Relative to CIR to influence how bandwidth is distributed
among the Applications running on the remote.
Table 6-1. Availability of Remote QoS Parameters by Service Group Type and Mode
QoS Service Group Type Applicable Parameters: Applicable Parameters:

and Mode Downstream Upstream
Remote Service Groups Maximum Information Rate Maximum Information Rate
Committed Information Rate Committed Information Rate
Priority Priority
Cost Cost
EIR / EIR Minimum MODCOD* Minimum Information Rate
Allocation Fairness Relative to CIR Idle and Dormant States
Allocation Fairness Relative to CIR
Application Service Groups: Maximum Information Rate Maximum Information Rate
Remote Based Mode Committed Information Rate Committed Information Rate
EIR / EIR Minimum MODCOD* Minimum Information Rate
Idle and Dormant States
Application Service Groups: Maximum Information Rate Maximum Information Rate
Application Based Mode or Minimum Information Rate
Application Scaled Mode
Idle and Dormant States
* DVB-S2 Networks only. EIR must be enabled for the Service Group on the Network QoS tab
to select this option.

iDX Release 3.5
Remote QoS Tab
NOTE: For definitions of Priority, Cost, MIR, CIR, MIN, EIR, and Allocation Fairness
Relative to CIR, see QoS Properties on page 230.
Configuring MIR and CIR

Follow these steps to configure Downstream or Upstream Maximum Information Rate (MIR)
and/or Committed Information Rate (CIR):
1. For each setting (MIR and/or CIR) that you want to configure:
a. Select Enable.
b. Enter a value for the rate in kbps.
2. When using Remote Service Groups, you can change Downstream and Upstream Priority,
Cost and/or Allocation Fairness Relative to CIR for this remote if desired:
a. To change the remote’s Priority, select a new setting from the drop-down menu.
b. To change the remote’s Cost, enter a new value between 0 and 1.
c. To enable or disable Allocation Fairness Relative to CIR for Applications running on
this remote, select or clear the check box. (See Figure 6-33 on page 188.)
NOTE: If this remote is in a DVB-S2 ACM network, you can enable EIR on the
Downstream and select a Minimum MODCOD. See the EIR and MODCOD
Configuration on page 197 for details.
Configuring Minimum Information Rate and Idle and Dormant States

The Minimum Information Rate determines the minimum number of upstream TDMA slots
that will be allocated to a remote even if the remote is inactive. You can also select Enable
Idle and Dormant States on the Remote QoS tab to dynamically reduce the remote’s Minimum
Information Rate based on the length of time that the remote has no user traffic to transmit
on the upstream carrier.
Note: This feature is applicable only to remotes that transmit TDMA upstream
carriers. Enabling Idle and Dormant States has no effect on SCPC remotes.
If the Idle and Dormant States feature is enabled, the remote can be in one of three states:
Active, Idle or Dormant. Figure 6-40 shows the fields on the Remote QoS tab used to configure
this feature. The configuration of the remote’s Minimum Information Rate fields determine
the system behavior in the Active State. The configuration of the Idle and Dormant States
fields determine the system behavior in the other two states.

iDX Release 3.5
Remote QoS Tab
Figure 6-40. Configuring Active, Idle and Dormant States
For a detailed description of this feature, see the chapter titled “Remote Idle and Dormant
States” in the Technical Reference Guide.
NOTE: Minimum Information Rate must be greater than or equal to the Idle
Minimum Information Rate. Similarly, the Idle Minimum Information Rate must be
greater than or equal to the Dormant Minimum Information Rate.
NOTE: For remotes to remain in the network, Evolution remotes should transmit
at least 1 burst every 4 seconds. With a frame length of 125 ms, this translates
into a minimum of 1 slot every 32 frames. Unless explicitly permitted by the
network design, do not go below this limit for any state.
NOTE: A low Minimum Information Rate in any state may trigger Latency Warnings
for the remote in iMonitor. To prevent these warnings, increase the Latency
timeout for the remote on the Remote Warning Properties tab. See Setting
Warning Properties for Remotes on page 214 for details.
Follow these steps to enable Minimum Information Rate and/or Idle and Dormant States for
a remote:
1. To configure a Minimum Information Rate:
a. Select Enable.
b. Enter a Minimum Information Rate in kbps. As shown in Figure 6-40, the equivalent
slots/frame is automatically displayed when you click in another field on the screen.
NOTE: It is not required to configure a Minimum Information Rate to enable Idle

and Dormant States. If not configured, the Minimum Information Rate defaults to
one slot per frame, or 8 bursts per second for a 125 ms frame length, in the Active
State.
2. To configure Idle and Dormant States, select Enable Idle and Dormant States.
3. For both the Idle State and the Dormant State:
a. Enter the minimum frequency at which slots are allocated to the remote in that state
(in units of 1 slot per n frames). As shown in Figure 6-40, the equivalent Minimum
Information Rate is automatically displayed in kbps.

iDX Release 3.5
Remote QoS Tab
b. In Timeout, enter the number of seconds that the remote should remain in the
previous state with no upstream user traffic before entering this state.
NOTE: By default, only upstream user traffic triggers a state change from Idle
State or Dormant State to Active State. Upstream NMS traffic does not trigger a
state change by default. However, you can change these default settings by
selecting or clearing the Trigger State Change field in your upstream Service
Levels. See Adding an Application Profile on page 304 for details.
6.6.3 Adaptive Parameters

A remote’s Adaptive Parameters include Maximum Link Impairment and Carrier
Constraints. These optional parameters affect remotes in Adaptive Inroute Groups. Any
values entered in these fields should be determined during network design for Adaptive
networks.
Maximum Link Impairment determines to what extent the remote influences the selection of
the optimal Inroute Group Composition (IGC) for current network conditions. When
performing trial bandwidth assignment, the IGC selection algorithm treats any remote that
has faded in excess of its Maximum Link Impairment as if it were in clear sky conditions.
The Carrier Constraints limit the upstream carriers on which the remote is allowed to
transmit. No slots are allocated to a remote on any upstream carrier with a symbol rate lower
than the configured Minimum Symbol Rate. Similarly, no slots are allocated to a remote on
any upstream carrier which requires the remote’s bursts to be received at a C/N that exceeds
the configured Maximum C/N.
NOTE: The maximum C/N includes the Fade Slope Margin (M1) and the Hysteresis
margin (M2). For mobile terminals that use the map server feature, the
configured value refers to the edge of coverage and the actual value may be
adjusted automatically depending on the actual location.
Follow these steps to configure the Adaptive Parameters for this remote:
1. Click the Adaptive Parameters sub-tab on the Remote QoS tab to view the Adaptive
Parameters section.
Figure 6-41. Configuring Remote Adaptive Parameters
2. To configure the Maximum Link Impairment for this remote:

a. Select Enable.

iDX Release 3.5
Remote QoS Tab
b. Enter a fade value in dB.
NOTE: Maximum Link Impairment only affects IGC selection. It does not affect
the amount of bandwidth allocated to the remote.
3. Enter a Minimum Symbol Rate for the remote. The remote will not be allowed to
transmit on upstream carriers with symbol rates lower than the configured value.
4. Enter the Maximum C/N for the remote. The remote will not be allowed to transmit on
upstream carriers that require its TDMA bursts to exceed this C/N.
NOTE: The maximum C/N includes the Fade Slope Margin (M1) and the Hysteresis
margin (M2). For mobile terminals that use the map server feature, the
configured value refers to the edge of coverage and the actual value may be
adjusted automatically depending on the actual location.
6.6.4 EIR and MODCOD Configuration

This section discusses the parameters of the QoS tab shown in Figure 6-42.
Figure 6-42. Remote QoS Tab: EIR and MODCOD Parameters
The EIR and MODCOD sections of the dialog box apply only to remotes receiving a DVB-S2
outbound carrier with ACM enabled. Note the following:
• EIR is enabled for CIR allocations within the range defined by the Nominal MODCOD and
the EIR Minimum MODCOD defined for the remote.
• Allocation of physical bandwidth is held constant at the remote’s Nominal MODCOD when
the current MODCOD of the remote is below the EIR Minimum MODCOD.
• CIR and MIR allocations to the remote are capped at the remote’s Nominal MODCOD. A
remote may operate above its Nominal MODCOD, but CIR and MIR allocations are not
increased.
NOTE: You can only configure upstream and downstream CIR and downstream EIR
on the Remote QoS tab when using Remote Service Groups or when the QoS mode
for the Network is set to Remote Based. See QoS Modes on page 240 for more
information about QoS Modes.
NOTE: You cannot configure EIR on the Remote QoS tab unless EIR has been
enabled for remotes in this Service Group. This applies to both Remote Service
Groups and Application Service Groups in Remote Based Mode. The minimum
possible EIR MODCOD for the remote is also determined by the Service Group
configuration. See Adding a Service Group on page 262 for more information.

iDX Release 3.5
Remote QoS Tab
For remote’s in DVB-S2 ACM networks only:

1. Select a Nominal MODCOD for this remote. The Nominal MODCOD is the Reference
Operating Point for this remote. A remote may operate above its Nominal MODCOD, but it
will not be granted additional CIR or MIR.
2. Select a Maximum MODCOD for this remote. A remote never operates above its Maximum
MODCOD. By default, the Maximum MODCOD of a remote is the Maximum MODCOD of
the DVB-S2 carrier of the network. The Maximum MODCOD cannot be less than the
Nominal MODCOD.
NOTE: Do not select 16APSK or 32APSK as the Maximum MODCOD unless your
remote is using an internal PLL LNB.
3. To configure EIR on the DVB-S2 outbound carrier for a remote:

a. Select Enable in the EIR section of the dialog box.
b. Select a Minimum MODCOD. EIR will not be enforced when the remote receives a
MODCOD below the Minimum MODCOD.
6.6.5 Downstream and Upstream Distributor

This section discusses only the parameters of the QoS tab shown in Figure 6-43.
The Downstream Distributor is responsible for segmenting outbound packets for
transmission. The Upstream Distributor can only be configured for a remote that transmits an
SCPC return channel. The Upstream Distributor is responsible for segmenting inbound
packets for transmission on the SCPC upstream carrier.
Figure 6-43. Remote QoS Tab: Downstream Distributor
NOTE: Beginning with iDS Release 8.2, the TDMA upstream segment size is
automatically calculated by the system. You can no longer configure the TDMA
upstream segment size in iBuilder.
NOTE: The Downstream Distributor cannot be enabled on Evolution X1 or e150

remotes.
To change the Segment Size for the Downstream Distributor or Upstream Distributor:
1. Select Enable.
2. Enter a Segment Size.
See the chapter titled “QoS Implementation Principles” in the iDirect Technical Reference
Guide for more information about packet segmentation.

iDX Release 3.5
Remote Geo Location Tab
6.7 Remote Geo Location Tab

When commissioning a stationary remote, use the Geo Location tab to specify the geographic
location of the installation site. Geo location can be determined by using a GPS receiver.
Figure 6-44. Remote Geo Location Tab: Settings for Stationary Remotes
When commissioning a mobile remote, use the Geo Location tab to specify the remote’s
mobile settings.
Figure 6-45. Remote Geo Location Tab: Settings for Mobile Remotes
NOTE: Evolution X1 and e150 remotes cannot be used as mobile remotes.
Additional information on Mobile parameters is provided in Mobile State on page 200.

Follow these steps to configure a mobile remote:
1. Select Mobile.
2. Select the correct type of GPS Input for the remote: Manual, Antenna or Serial or NMEA.

iDX Release 3.5
Remote Geo Location Tab
The GPS Input selected determines the baud rate of the serial console interface to the
remote. For Serial or NMEA, change the Baud Rate and other serial interface parameters
as required.
3. Select Handshake Signaling to provide an input and output signal to the stabilizing
antenna through the serial console port.
4. Select Mobile Security to prevent the remote’s latitude and longitude location from being
transmitted to the NMS over the satellite link. With Mobile Security selected, it is not
possible to determine the remote’s location from the hub.
5. If required, change the Minimum Look Angle configured for this remote’s antenna by
selecting Override and entering a new angle. Select Inherit from Satellite to use the
value configured for the satellite. (See Adding a Spacecraft on page 73.)
6. If required, change the Maximum Skew configured for this remote’s antenna by selecting
Override and entering a new angle. This value represents the maximum angle of skew
that the antenna can tolerate before it stops transmitting. Select Inherit from Satellite
to use the value configured for the satellite. (See Adding a Spacecraft on page 73.)
7. If required, change the Skew Margin configured for this remote’s antenna by selecting
Override and entering a value in degrees. Skew Margin is used to optimize the use of
upstream carriers for mobile remotes using non-circular polarization in Adaptive systems.
Select Inherit from Satellite to use the value configured for the satellite. (See Adding a
Spacecraft on page 73.)
8. Select a COTM type: Maritime, Vehicular, or Avionics. This selection should be consistent
with the Maximum Speed configured for the remote’s inroute group.
mph. Avionics does not appear in the drop-down menu unless this feature license
has been imported into iBuilder for this remote. See Managing NMS Licenses on
page 60.
Mobile State
When the remote is configured as Mobile, it looks for GPS string on the serial console port to
provide its latitude and longitude information in the form of an NMEA string. It uses this
information to compute the FSD and acquire into the network.
Once a remote has been acquired into the network, the remote automatically sends its
latitude and longitude to the hub every 30 seconds. However, when Mobile Security is
selected, the remote will not send its current geographic location to the hub. Since the
remote requires this information to communicate with the hub, mobile remote users must
determine it and communicate it to the remote, enabling the remote to compute the FSD.
In the absence of a GPS receiver interface to the modem, you can supply the latitude and
longitude information manually through the serial console interface. You can also provide the
geographic location information for the hub through the iSite GUI. (The hub geographic
location is always sent as a broadcast message from the hub.)
The baud rate of a serial connection to a mobile remote depends on the GPS Input selected in
the Mobile area of the Geo Location tab. The baud rates and typical usage of these selections
are discussed here:

iDX Release 3.5
Remote VSAT Tab
• Manual (9600 baud): Select Manual when the port is not connected to a GPS receiver and
you want to manually set the latitude and longitude from the remote console. Selecting
Manual will cause the modem to save the latitude and longitude to flash memory. If you
select either of the other options, this information will not be saved to flash and will be
lost in the event that the remote resets.
• Serial or NMEA (4800 baud): Select Serial or NMEA when the port is connected to a GPS
receiver. The 4800 baud rate is a requirement of the NMEA protocol used by GPS to
communicate with the remote.
• Antenna (9600 baud): Select Antenna when using the iDirect Automatic Beam Selection
feature. If you select this option, the port must be connected to one of the mobile
antennas supported by iDirect. For more on this feature, see Configuring Networks for
Automatic Beam Selection on page 507.
NOTE: E8350 remotes have a separate serial port for GPS and are not affected by
configuration changes made at the Geo Location tab.
NOTE: X5 and X7 remotes accept Baud Rate configuration changes only; Data Bit,
Parity, or Stop Bit changes are not supported.
NOTE: The serial console interface is set to 9600 baud for non-mobile remotes.
Handshake signaling requires a stabilizing antenna and requires customers to build their own
electrical interface (converter) to communicate with the antenna. When Handshake
Signaling is enabled at the NMS, the mobile remote provides an input and output signal to the
stabilizing antenna through the serial console port. The output signal, or lock signal, indicates
the frame lock status of the receiver on the remote. The input signal TxMute is used to mute
the transmitter until the antenna pointing is completed.
The remote sends an RS-232 active signal on the console port DTR output (pin 2) while the
modem is trying to acquire the downstream carrier. Once the remote achieves TDM frame
lock, the DTR signal becomes inactive. This signal is intended to indicate to the auto-point
antenna equipment when to switch from coarse-tune to fine-tune mode.
The DSR input on the console port (pin 7) can be used as a “mute” function and will allow the
auto-point antenna equipment to delay acquisition transmit until the antenna has finished
pointing. Without this function, the modem may transmit as soon as it detects TDM frame
lock, before the antenna is properly pointed and polarized. Sending an RS-232 active level to
the DSR input enables the mute function.
6.8 Remote VSAT Tab

The remote VSAT tab (Figure 6-46) contains two sets of inter-related VSAT tabs. The top
contains tabs and drop-down list boxes for selecting the previously defined IFL, BUC,
Reflector Mount, Reflector, and LNB. The tabs on the bottom display configuration details for
the currently selected subcomponent. Switching between tabs enables users to review the
configuration of selected subcomponents on one screen. To add these subcomponents entries
to the NMS database, see Adding Entries to Folders on page 30.

iDX Release 3.5
Remote VSAT Tab
Figure 6-46. Remote VSAT Tab
NOTE: The Tx Key Line area of the Remote Antenna section of the VSAT Tab
(Figure 6-46) only appears when configuring Evolution e850mp, e150, or 9-Series
remotes.
NOTE: iDirect brand BUCs and LNBs are preconfigured in the Components folder
of the iBuilder Tree.

iDX Release 3.5
Remote VSAT Tab
NOTE: iBuilder supports a number of pre-configured Transceivers. Each

Transceiver is represented in the iBuilder Tree as both a BUC and an LNB. To select
a Transceiver for a remote, select the same Transceiver from both the BUC and
LNB drop-down lists on the VSAT tab. For information on selecting the frequency
band and polarization of ASCSignal Transceivers, see Configuring an ASCSignal
Remote Transceiver on page 204.
Enter the following information on the VSAT tab:
1. In the Remote Antenna area, select a BUC from the BUC drop-down menu. (When using a
Transceiver, select the Transceiver for both the BUC and LNB.)
NOTE: iBuilder filters the list of selectable BUCs based on the value configured
for the ODU Tx Oscillator field of the BUC components. Evolution X7 remotes
allow both 10 MHz and 50 MHz. All other remote model types require 10 MHz.
2. Select the LNB for this remote from the LNB drop-down menu.
NOTE: When selecting an iDirect PLL LNB, ensure that the LNB has the correct
selection for the 22 kHz tone in the LNB dialog box. Enable the 22 kHz tone to
select the high frequency band. Disable the 22 kHz tone to select the low
frequency band.
NOTE: An LNB Stacker configuration is available; see Configuring the Stacker

Feature on page 205. Also, see the Technical Reference Guide for a description of
the Stacker feature.
3. Select Boost LNB Supply Voltage to add 1 dB to the DC voltage configured for the LNB
selected in Step 2. (This field is only applicable for LNBs with ODU Rx DC Power
enabled.)
4. Selecting an IFL, Reflector Mount, and/or Reflector is optional.
5. The Approximate Cable Length should be set during the commissioning process. You can
record it here for reference.
6. The Transmit Key Line feature is only available for Evolution e850mp, e150, or 9-Series
remote terminals that support the transmit key line interface. Enabling Tx Key Line tells
the remote to provide a differential RS-485 signal to the BUC. This signal can be used to
conserve terminal power. To enable this feature:
a. Under Tx Key-line, select Enable.
b. Enter a BUC PA Warm-up Time from 0 to 1700 microseconds.
NOTE: See the Technical Reference Guide for a description of the Transmit Key
Line feature.

iDX Release 3.5
Remote VSAT Tab
7. The tabs on the lower half of the dialog box display the details of the components that
you have selected. Click OK to save your settings. The new remote is added to the
iBuilder Tree under the Inroute Group or line card.
NOTE: If using the iDirect Automatic Beam Selection feature, select a Reflector
that is configured with a controllable antenna. For controllable antennas, a
number of additional fields are shown on the right-hand side of the Remote
Antenna area of the VSAT tab. (See Figure 6-47 on page 204 for one example.) For
details on configuring these fields, see Configuring Networks for Automatic Beam
Selection on page 507.
Figure 6-47. Remote VSAT Tab with SeaTel ABS Fields
6.8.1 Configuring an ASCSignal Remote Transceiver

The XR3, XR3E, DR5 and DR7 Transceivers from ASCSignal appear in the iBuilder Tree under
the Remote Antenna Components folders for both the BUC and LNB as shown below.
To select the LNB frequency band and cross polarization for these Transceivers from the LNB
folder of the iBuilder Tree:
1. Right-click the Transceiver in the LNB folder and select ModifyItem.
2. In the LNB dialog box, select the correct ODU Rx DC Power and 22 kHz Tone settings for
the transceiver as follows:

iDX Release 3.5
Remote VSAT Tab
a. For a DRU15F16X or DRU17F16X, select 18V for ODU Rx DC Power for cross-
polarization. Select 13V for ODU Rx DC Power for co-polarization.
Figure 6-48. LNB Dialog Box: Selecting DC Voltage
NOTE: The DC Voltage can be increased by 1 Volt by selecting Boost LNB Supply
Voltage. See Step 3 on page 203.
b. The presence or absence of a 22 kHz tone determines the LNB frequency band
selected by the transceiver. Select Enable 22 kHz Tone for the high frequency band
(11.70 to 12.20 GHz). Clear the Enable 22 kHz Tone check box for the low frequency
band (10.70 to 11.70 GHz).
Figure 6-49. LNB Dialog Box: Enabling 22 kHz Tone
6.8.2 Configuring the Stacker Feature

The Stacker configuration allows a user to define an LNB that can deliver a primary and a non-
primary beam with different polarizations simultaneously on different IF sub-bands.
Enabling the Stacker feature requires defining the remote-side custom keys listed in Table 6-2
on the Remote Custom tab for each remote as in this example:
[FREQ_TRANS]
stacker_down_translation = 10050.000000
[SATELLITE]
stacker_primary_polarity = H

iDX Release 3.5
Remote VSAT Tab
Table 6-2. Custom Keys for a Stacked LNB Type
Default Value
Custom Key Group/Name Description Value Range
Process
#[FREQ_TRANS] When tuning the remote's Rx, if MHz, the LNB down_translation
#stacker_down_translation the beam being tuned has a translation
polarization different from frequency for
stacker_primary_polarity, the the 'non-primary'
remote will use polarity band.
stacker_down_translation
instead of down_translation.
Otherwise the previous beam-
based logic will apply.
[SATELLITE] If present, indicates the • V- vertical null
stacker_primary_polarity terminal has a Stacked • H - horizontal
antenna/LNB. When sending • L - left
the OpenAMIP 'P' command, the
• R - right
remote will always use the
stacker_primary_pol value, if it
exists. Otherwise the previous
beam-based logic will apply.

iDX Release 3.5
Remote VSAT-2 Tab
6.9 Remote VSAT-2 Tab

The VSAT-2 tab is only available for Evolution X7 remotes that are licensed for a second
receiver. The second receiver can receive Multicast Fast Path streams from a primary or
secondary network.The primary network refers to the iBuilder network in which the X7
remote is configured. The secondary network refers to another iDIrect network transmitting
the downstream carrier with the Multicast Fast Path traffic.
NOTE: A license is required to enable the second receiver on an X7-Series

satellite router. For more information, see the iDirect Features and Chassis
Licensing Guide.
NOTE: For information on configuring Multicast Fast Path streams from a

secondary network, see the chapter on “Multicast Fast Path” in the Technical
Reference Guide.
Additionally, see the following sections for additional information about configuring
an X7 remote to receive encrypted Multicast Fast Path traffic on a second
demodulator:
• Configuring a Protocol Processor to Enable X7 Encrypted Multicast Fast Path
on a Second Demodulator on page 98
• Setting Up Global Key Distribution for Encrypted Multicast Fast Path on an X7
Second Demodulator on page 500
To configure an Evolution X7 remote to receive Multicast Fast Path traffic on a second
demodulator, perform the following:
1. Click the VSAT-2 tab of the remote to open it. See Figure 6-50.
Figure 6-50. Remote VSAT-2 Tab

iDX Release 3.5
Remote VSAT-2 Tab
2. In the Receive Second Downstream section, select Enable.

3. Select the remote physical port, Rx1 in or Rx2 in, to provide the input to the 2nd
receiver.
a. If using Rx2 in, select the LNB for this remote from the LNB drop-down menu.
b. If using Rx2 in, optionally select Boost LNB Supply Voltage to add 1 v to the DC
voltage configured for the selected LNB.
4. Check Multicast FastPath Encryption.
NOTE: Link Encryption must be checked on the Remote Information tab.
5. In Rx Frequency, enter the downlink center frequency of the second downstream carrier.
6. Enter the Symbol Rate of the second downstream carrier.
7. In the Authorized Multicast Fast Path Streams section, select the stream numbers of the
Multicast Fast Path streams that this remote should forward to the local LAN.
NOTE: The stream numbers can be viewed in the Application dialog boxes of the
Multicast Fast Path Applications configured in the Group QoS tab of the second
network. Figure 6-51 illustrates this.
Figure 6-51. QoS Application: Multicast Fast Path Stream Number
8. Click OK to save the configuration changes.
NOTE: The IFL and BUC tabs at the bottom of the VSAT-2 screen display the
details of the selected components.

iDX Release 3.5
Remote L2oS Tab
6.10 Remote L2oS Tab

The L2oS feature and the Layer 2/Layer 3 Hybrid mode feature are described in the “Layer 2
over Satellite” chapter of the Technical Reference Guide.
NOTE: Configuring L2oS requires configuring L2oS hub-side parameters as well as

configuring L2oS remote-side parameters. This section describes configuring L2oS
remote-side parameters. For information on configuring L2oS hub-side
parameters, see Configuring L2oS Hub Parameters on page 105.
The L2oS tab is only displayed if the L2oS Enabled check box is checked on the Information
tab of the Protocol Processor controlling this remote’s network. Figure 6-52 shows the Remote
L2oS tab.
Figure 6-52. Remote L2oS Tab
NOTE: At the bottom of the L2oS tab, Enable BFD Proxy is disabled by default.
Bidirectional Forwarding Detection (BFD) is a network protocol used to detect
faults between two forwarding engines connected by a link. Refer to the Technical
Reference Guide for additional information.
Use this tab (Figure 6-52) to configure:

• Layer 2 settings
• SDT modes
• Header compression
The following sections provide information about configuring Layer 2 or Layer 3 SVNs:
• Configuring SDT
• Configuring SVNs

iDX Release 3.5
Remote L2oS Tab
• Configuring Header Compression
6.10.1 Configuring SDT

The SDT parameters determine if VLAN tagging, QinQ tagging, or no tagging is used on the
remote LAN connection(s) to the customer equipment. Configure as follows:
1. Enter the SDT parameters in the SDT section of the L2oS tab.
a. For Mode, select VLAN (default), QinQ, or Access.
NOTE: All three modes are available for X1 remotes; only VLAN mode is available
for X7 remotes.
b. If Mode is VLAN or QinQ, enter Ethertype 1. This field defaults to 0x8100 for VLAN
Mode and 0x9100 for QinQ Mode.
c. If Mode is QinQ, enter Ethertype 2. This field defaults to 0x8100.
6.10.2 Configuring SVNs

NOTE: SVN assignment for L2oS networks requires hub-side and remote-side
configurations. This section describes remote-side configuration; see Configuring
SVNs on page 108 for hub-side configuration.
This section describes how to configure SVNs. An SVN must be added to the remote before it
can be used.
NOTE: Both CE Tag Transparent SVNS and CE Tag Non-Transparent SVNs can be
assigned to the same remote. Refer to the Technical Reference Guide for
information.
NOTE: Layer 2 or Layer 3 SVNs must be predefined in the Protocol Processor SVNs
tab pane before they can be assigned to a remote. Refer to Configuring L2oS Hub
Parameters on page 105.
NOTE: For information on adding Layer 3 SVNs to the remote, see Adding Layer 3
SVNs to a Remote on page 172.
NOTE: An SVN assigned to an X7 remote can be either unassigned or assigned to a

single port or multiple ports.
A port can be assigned to only one CE Tag Transparent SVN or one or more Non-
Transparent SVNs.
NOTE: For X7 remotes, all eight ports are available for CE transparent SVNs.
However, if all eight ports are used for CE Tag Transparent SVNs, there will be no
access to the VLAN 1 on the remote LAN side; Web iSite will not work either. For
more information on assigning X7 ports, see Remote Switch Tab on page 182.

iDX Release 3.5
Remote L2oS Tab
Adding Layer 2 SVNs to the Remote

Use the SVNs portion of the Remote L2oS tab shown in Figure 6-52 to configure the set of
Layer 2 SVNs over which traffic flows on the satellite link to and from a remote.
To configure an SVN:
1. Click the Add button to open the SVN dialog box.
2. Click the SVN ID pull-down menu to select an SVN from the previously defined list of
SVNs for the remote. See Figure 6-53.
When an SVN is selected, it no longer appears in the pull-down list. After all the SVNs are
used, the pull-down list is empty.
Figure 6-53. Adding Layer 2 SVN
A CE Tag Transparent SVN is indicated by an X attached to the SVN ID (for example, 10_X)
as shown below.

iDX Release 3.5
Remote L2oS Tab
Figure 6-54. CE Tag Transparent SVNs
3. If desired, enter a Local Id. This is an optional SVN ID that remaps the SVN ID(s) on the
remote LAN to a different SVN ID.
iBuilder does not permit Local IDs to be configured for CE Tag Transparent SVNs.
For more information on local IDs, see the Layer 2 over Satellite chapter in the Technical
Reference Guide.
The following local IDs are available for the SDT modes:
• For VLAN mode, Local ID (SP) is available
• For QinQ mode, Local ID (SP) and Local ID (CE) are available
• For Access mode, no Local ID is available
NOTE: For X1 remotes, Local ID (SP) and Local ID (CE) are available. For X7
remotes, Local ID (SP) is available except for CE Tag Transparent SVNs (for these
SVNs, the traffic from the assigned ports would not have SP tags).
4. Select Enabled to enable this SVN. An SVN must be enabled to be used. A maximum of
eight SVNs can be enabled per remote.
5. Click OK to add the SVN to the list of SVNs in the SVNs pane.
NOTE: Unchecking Enable disables the SVN. No traffic is transmitted on a

disabled SVN.
NOTE: After an SVN is added to the SVNs pane, it can be changed by selecting the
SVN and clicking the Edit button. The SVN dialog box will open for making
changes.
NOTE: After an SVN is added to the SVNs pane, it can be removed by selecting
the SVN and clicking the Remove button.

iDX Release 3.5
Remote L2oS Tab
Remote MAC Address Aging Timeout

The learned MAC addresses on the hub and the remote will both expire if the remote devices
with the MAC addresses have not transmitted for a specific duration. This default durations
are:
• 6 hours at the hub
• 5 minutes at the remote
To change the remote MAC address aging timeout, define the following remote-side custom
key on the Remote-side configuration area of the Remote Custom tab.
[SDT]
mac_aging_timeout_sec = x
where x = is a value from 1 to 65535 seconds.See Figure 6-55.
Figure 6-55. Remote MAC Address Aging Timeout
For information on learned MAC expiration at the Protocol Processor, see Protocol Processor
MAC Address Aging Timeout on page 107.
6.10.3 Configuring Header Compression

Use the Header Compression section of the L2oS tab (see Figure 6-56) to select the types of
header compression to be applied to the Ethernet frames sent over-the-air.
NOTE: The L2oS Advanced header compression options are described in detail in
the chapter “Layer 2 over Satellite” of the Technical Reference Guide.

iDX Release 3.5
Setting Warning Properties for Remotes
Figure 6-56. L2oS Advanced Header Compression
1. At the Compression pull-down menu, select a header compression type: Disabled,

Simple, or Advanced.
• Disabled: No headers are compressed in the Ethernet frames.
• Simple: Only the Ethernet header is compressed. (Default)
• Advanced: Select Advanced to selectively enable the various ROHCv2 header
compression Profiles and/or Aggressive Compression. The set of Advanced Profiles
that can be enabled together is represented by the level of indentation in the
Profiles section of the Remote L2oS tab.
6.11 Setting Warning Properties for Remotes

You can use iBuilder to modify both global properties of remote warnings and warning
properties for individual remotes. To change global warning properties for remotes, select
Global Warnings for Remotes from the Edit menu. To change warning properties for
individual remotes, click the Warning Properties tab for the remote you want to modify.
For details on configuring warning properties for line cards, remotes and protocol processor
blades, please see Configuring Warning Properties on page 54.
6.12 Adding a Remote by Cloning an Existing Remote

You can either add a new remote by using the procedures in Adding Remotes on page 160 or
you can clone an existing remote to create another remote with a new name but the same
definition. The cloning feature is a quick and easy way to create several remotes with minor
differences, without having to configure each one from a blank configuration screen.
To clone an existing remote, follow the procedure below:
1. Right-click a Remote and select Clone.

iDX Release 3.5
Adding a Remote by Cloning an Existing Remote
2. Enter a new Name for the remote.

3. Modify any fields you want to change for the new remote.

iDX Release 3.5
Roaming Remotes
6.13 Roaming Remotes

Beginning with iDS Release 7.0, you can define mobile remotes that “roam” from network to
network around the globe. Roaming remotes are not constrained to a single location or
limited to any geographic region. Instead, by using the capabilities provided by the iDirect
“Global NMS” feature, you can configure your remote terminals to have true global access.
NOTE: Global NMS is a licensed feature. If you plan to define and track roaming
remotes in your network, please contact the iDirect Technical Assistance Center
(TAC).
The Global NMS feature allows remotes to move among networks on various transponders and
satellites, controlled from various hubs. To accomplish this, you must define the remote in all
of the networks in which it will be visible. For more information of the Global NMS feature,
see the chapter titled “Global NMS Architecture” in the iDirect Technical Reference Guide.
The set of parameters that defines a roaming remote falls into three categories:
• Parameters that must be the same in all networks: DID, passwords, and remote name.
iBuilder will not allow you to define these parameters inconsistently across networks for
the same remote.
• Parameters that must be different in each network. These consist mostly of internal
database IDs and references that are automatically established by iBuilder when the
remote is defined in multiple networks.
• Parameters that may be the same or different from network to network. These “don’t
care” parameters include everything not in the lists above. Examples are IP configuration,
QoS settings, initial transmit power values.
Once you define a roaming remote and add it to multiple networks, the “don’t care”
parameters will be identical in all networks. At that time, you can modify these parameters in
the different networks as desired. (See Managing “Don’t Care” Parameters on page 218).
6.13.1 Adding a Roaming Remote

To define a roaming remote, first create the remote in one of the target networks using the
procedure in Adding Remotes on page 160. Define this remote in the normal way for that
network, including setting IP parameters and features, VSAT components, rate limits, and
other settings.
Once you have added the remote to one network, follow these steps to add it to the
remaining networks:
1. Right-click the Remote in the iBuilder Tree and select Add to Networks in the Roaming
section of the remote menu.
The Roaming dialog box opens.

iDX Release 3.5
Roaming Remotes
Figure 6-57. Roaming Dialog Box
2. Select the appropriate check boxes to add the remote to one or more additional
networks.
NOTE: For purposes of redundancy, the Roaming Remote dialog box also allows
you to configure an SCPC remote in multiple networks by selecting line cards in
SCPC return mode.
3. Click OK to save your changes and close the dialog box. iBuilder automatically adds the
remote to the selected networks, copying the “don’t care” configuration items to the
new networks. You are free to modify the remote’s configuration in the other networks as
desired.
NOTE: When adding roaming remotes to networks, only networks in which the
remote is not currently configured are displayed in the dialog box.
NOTE: Evolution X1 and e150 remotes can be added to multiple networks to

support geographic redundancy. However, these remotes cannot be mobile
remotes.
6.13.2 Managing Roaming Remote Configuration

There are two primary ways to manage a roaming remote’s configuration across all of its
network instances. Each is described in the sections that follow.

iDX Release 3.5
Roaming Remotes
The Revision Server is completely compatible with roaming remotes. You may upgrade a
network even if a roaming remote is in another network. As long as IP connectivity is available
from the NMS to the remote, the remote will receive the download package (image and
options file), write it to flash memory, and reset. For details, see Upgrading Remotes Using
Revision Server on page 367.
Managing “Must be the Same” Parameters

You can modify the parameters that must be the same across all network instances of a
roaming remote by selecting Update Properties in the iBuilder Tree for that remote. When
you change a parameter in one network using the remote’s Update Properties dialog box,
iBuilder makes the same change to that remote in all of its networks.
Use the following procedure to change roaming remote parameters that must be the same in
all networks:
1. Right-click the Remote in the iBuilder Tree and select Update Properties in the Roaming
section of the remote menu.
2. Update the values in the Roaming Properties Update dialog box as desired.
Figure 6-58. Roaming Properties Update Dialog Box
3. Click OK to save your changes and close the dialog box. iBuilder updates the remote in all
of its networks.
Managing “Don’t Care” Parameters

You can change the value for a “don’t care” parameter on a roaming remote in a single
network by following the usual procedure: right-click the remote in the iBuilder Tree for the

iDX Release 3.5
Roaming Remotes
desired network and selecting Modify. This allows you to modify the remote’s parameters in
one network while leaving them unchanged in the others.
However, it is likely that many of a roaming remote’s “don’t care” parameters will be the
same from network to network. In those instances, iDirect recommends that you use iBuilder’s
Group Edit feature to modify the remote. Since this method allows you to modify shared
parameters on all instances of the remote at the same time, it is both easier and less error-
prone than making the changes one by one. For a general discussion of this feature, see
Working with Multiple Elements Simultaneously on page 44.
The procedure beginning on page 220 explains how to modify multiple instances of the same
remote using the iBuilder Details pane. Although you can use this method to modify any or all
instances of a remote, a more convenient method exists to modify all instances of the
remote.
To modify all instances of the same remote:
1. Right-click the Remote in the iBuilder Tree and select Modify All Instances in the
Roaming section of the menu.
2. In the Modify Configuration Object dialog box (Figure 6-59), change the remote
parameters that you want to modify.
Figure 6-59. Modifying Shared Parameters of All Roaming Remote Instances
NOTE: iBuilder will only allow you to modify “don’t care” parameters when
modifying multiple instances of the same remote.

iDX Release 3.5
Roaming Remotes
3. Click OK to save the changes to all instances of the remote.

The above procedure works only for all instances of a remote. You may want to modify
multiple, but not all, instances of a remote. Follow these steps to modify multiple instances
of the same remote:
1. Select View  Details from the iBuilder main menu to display the Details pane. The
Details pane is displayed to the right of the iBuilder Tree.
2. Select the top-level node in the iBuilder Tree.
3. Select View  Collapse Details Hierarchy from the iBuilder main menu.
Figure 6-60. iBuilder View Menu: Collapse Details Hierarchy
This option removes the hierarchical structure of the network elements and components
so they can all be shown in a single window.
Figure 6-61. iBuilder Details View with Collapsed Hierarchy

iDX Release 3.5
Roaming Remotes
4. In the Details View, select the Type column header to sort by element type. This will
group together all remotes, regardless of their networks.
5. If desired, select the Name column header to further sort by element name. This will
group together all instances of a roaming remote, since the remote has the same name in
all networks.
6. Select all desired instances of the Roaming Remote in the Details pane.
7. Place the mouse pointer over the remote names in the highlighted group.
8. Right-click and select Modify from the menu.
9. Modify the remote’s shared parameters as required. Only parameters that are common to
all network instances can be changed.
Figure 6-62. Modifying Shared Parameters of Multiple Roaming Remotes Instances
Adding Multiple Roaming Remotes to a Network

You can add multiple roaming remotes to a network in one operation by following these steps:
1. Right-click an inroute group in the iBuilder Tree and select Add Multiple Roaming
Remotes from the menu.

iDX Release 3.5
Roaming Remotes
The Add Multiple Roaming Remotes dialog box opens with a list of available remotes.
Figure 6-63. Add Multiple Roaming Remotes Dialog Box
NOTE: Remotes that already exist in more than one other network may be listed
multiple times.
2. Select the remotes you want to add to the network.
NOTE: When you select a remote instance from the list, other instances may be
invalidated. Invalid selections appear in red and an explanation is displayed in the
Comment column.
3. Click OK to add the selected remotes to the network.
Adding a Roaming Remote to Multiple Networks

You can add an existing roaming remote to multiple networks in one operation by following
these steps:
1. Right-click the remote in the iBuilder Tree and select Add to Networks from the menu.

iDX Release 3.5
Roaming Remotes
The Add Roaming Remotes to Networks dialog box opens with a list of available network
/ inroute group combinations.
Figure 6-64. Add Roaming Remotes to Networks Dialog Box
2. Select the network / inroute groups to which you want to add the remote.
NOTE: You can only select one inroute group in any network for the remote.
Invalid selections appear in red and an explanation is displayed in the Comment
column.
3. Click OK to add the remote to the selected network.
6.13.3 Beam Switching for Roaming Remotes

The decision of which network a particular roaming remote joins is made by the remote.
There are currently three beam selection methods supported by iDirect.
Automatic Beam Selection

Automatic beam selection is the most powerful and flexible way for remotes to roam from
network to network. It requires an auto-pointing antenna at the remote site, and a map
server process on the NMS.
The map server contains footprint information for all beams on all satellites in the global
network. It parcels out pieces of the map to remotes based on their current geographic
location. Depending on signal quality and location, the remote will either remain in the
current network or automatically switch to a higher-quality network.
For a technical description of the Automatic Beam Selection feature, see the iDirect
Technical Reference Guide. For details on configuring your network for Automatic Beam
Selection, see Configuring Networks for Automatic Beam Selection on page 507.

iDX Release 3.5
Enabling IP Packet Compression Types
Manual Beam Selection

Users at a remote terminal can command the remote to join a particular network using the
beamselector command, available from the remote’s console. The following figure shows the
command format and the output of the “list” option.
NOTE: Access to the iDirect system is only allowed from a local host. Instead of
using the telnet <ip address> command, users now must ssh to the server with
the ssh <ip address> command and then telnet to the console from the local host
using the telnet localhost <port number> command or the telnet 0 <port
number> command.
.
[RMT:2036] admin@telnet:10.0.150.7;1084
> beamselector
control Beam selector control command
list list known beams
mapsize print or change the map size request params
params stats | params | debug
switch switch to new beam
[RMT:2036] admin@telnet:10.0.150.7;1084
> beamselector list
3 is currently selected
3 = Beam_603_340000_GA
2 = Beam_906_64000_GB
1 = Beam_605_174000_GA
Figure 6-65. Using the Console beamselector Command
“Round Robin” Beam Selection

In the absence of both a map server and a beamselector command from the console, remotes
default to a round-robin selection algorithm. Using this method, a remote attempts to join
each network in turn until the remote has acquired a beam. Beams that cannot be acquired
are marked as unusable. The remote will not re-try an unusable beam until all other beams
have been tried. The order in which the remote tries each network is based on the perceived
quality of the network’s downstream carrier, as determined by the remote’s geographic
location relative to the satellite longitude.
6.14 Enabling IP Packet Compression Types

Four types of IP packet compression are supported in iDirect:
• TCP payload compression
• UDP header compression
• UDP payload compression
• CRTP (RTP header compression)
In addition, iDirect supports Layer 2 Tunneling Protocol (L2TP) payload compression using
custom keys. For details, see L2TP Payload Compression on page 227.
The following sections discuss these compression types.

iDX Release 3.5
Follow these steps to enable the first four compression types per remote on the remote
Information tab:
1. Right-click the Remote and select ModifyItem.
2. In the Compression area of the Information Tab, select each compression type that you
want to enable for the remote.
Figure 6-66. Selecting Compression Types on the Remote Information Tab
6.14.1 TCP Payload Compression

You can enable TCP payload compression on remotes to increase the available bandwidth for
TCP streams during periods of channel congestion. When enabled, the TCP streams are
compressed on both the downstream and upstream channels simultaneously. By default, TCP
payload compression is turned off.
TCP payload compression is activated only during times of congestion. If no congestion is
present, data passes through the compression layer unchanged. The compression ratio varies
depending on the amount of congestion and the nature of the TCP payload data.
Even during channel congestion, compression is not enabled under all circumstances. If a
remote’s CPU utilization is above 50 percent, TCP payload compression is automatically

iDX Release 3.5
disabled for all sessions. If CPU utilization is below 50 percent, a maximum of five TCP
sessions are compressed. If the number of sessions exceeds five, the additional sessions are
not compressed.
NOTE: TCP payload compression is available on the following remote model

types: Evolution e8350; Evolution X5; Evolution X7; and iConnex e800/e850mp
remotes.
6.14.2 UDP Header Compression

UDP header compression is performed on per-packet basis using zlib. Unlike TCP Payload
compression, it is not stream-based. UDP header compression is available for all iDirect
remote model types.
iDirect UDP header compression follows the specification in RFC 2508, Compressing
IP/UDP/RTP Headers for Low-Speed Serial Links. This RFC defines both CRTP (header
compression for RTP packets) and UDP header compression (for other UDP packets). When you
enable UDP header compression in iBuilder, only non-RTP headers are compressed for UDP
packets. To apply header compression to RTP packets, you must enable CRTP. (See CRTP on
page 226.)
The iDirect UDP header compression implementation is a simplex-based compression scheme
with the periodic retransmission of full headers to restore the compression state in the event
of error.
UDP Header Compression Performance Characteristics

You can expect the following performance characteristics for UDP header compression in
iDirect networks:
• The 28-byte header is typically reduced 8 bytes.
• The average compressed header size is 9.25 bytes.
• The reduction in header size is approximately 67 percent.
6.14.3 CRTP
Compression of RTP packet headers (CRTP) is performed on per-packet basis using zlib. Unlike
TCP Payload compression, it is not stream-based. CRTP is available for all iDirect remote
model types.
iDirect’s implementation of the CRTP algorithm follows the specification in RFC 2508,
Compressing IP/UDP/RTP Headers for Low-Speed Serial Links. This RFC defines both CRTP
(header compression for RTP packets) and UDP header compression (for other UDP packets).
When you enable CRTP in iBuilder, only RTP packet headers are compressed. To apply header
compression to other UDP packets, enable UDP header compression. (See UDP Header
Compression on page 226.)
The iDirect CRTP implementation is a simplex-based compression scheme with the periodic
retransmission of full headers to restore the compression state in the event of error. Correct
functionality of the CRTP implementation has been field-proven in multiple releases.

iDX Release 3.5
RTP Header Compression Performance Characteristics

You can expect the following performance characteristics for RTP header compression in
iDirect networks:
• The 40-byte header is typically reduced to 10 bytes.
• The average header size is 11.875 bytes.
The reduction in header size is approximately 70 percent.
6.14.4 UDP Payload Compression

iDirect’s UDP payload compression algorithm is similar to the algorithm used by iDirect for
TCP payload compression. (See Section 6.14.1, TCP Payload Compression for details.)
However, the implementation differs in the following significant areas:
• UDP payload compression is packet-based rather than session-based.
• The UDP payload compression algorithm always attempts to compress UDP packets prior
to transmission. Unlike TCP payload compression, it does not make dynamic decisions
based on congestion, system load, etc.
UDP payload compression is designed specifically for the GSM backhaul market. It is unlikely
that enabling UDP payload compression will have any noticeable benefit for standard voice
traffic, since this type of traffic normally cannot be compressed. iDirect does not recommend
enabling this compression feature for typical VoIP traffic; it will not increase channel capacity
and it will put unnecessary strain on the remote’s processor.
6.14.5 L2TP Payload Compression

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support applications such as
“Abis over IP” and Virtual Private Networks (VPNs). By default, L2TP payload compression is
disabled. You can enable L2TP payload compression for your remote as follows:
1. Right-click the remote in the iBuilder Tree and select ModifyItem.
3. Configure the following custom key in both the Hub-side Configuration area and the
Remote-side Configuration area of the Custom tab:
[L2TP]
passthru = 0
This is illustrated in Figure 6-67.

iDX Release 3.5
Figure 6-67. Enabling L2TP Payload Compression

5. Right-click the Remote and select Apply ConfigurationReliable Both (TCP) to apply the
changes.
You can disable L2TP payload compression by returning the passthru settings to the default
state:
[L2TP]
passthru = 1

iDX Release 3.5
7 Configuring Quality of
Service for iDirect
Networks
Quality of Service (QoS) refers to the classification and prioritization of traffic in order to
optimize the delivery of packets as they flow through an iDirect network. Attributes of a
connection that affect QoS include throughput, latency, jitter and packet loss, among others.
When available bandwidth is greater than demanded bandwidth, all bandwidth needs are met
and there is no requirement for a QoS algorithm designed to optimize network performance.
When demand exceeds bandwidth, however, the algorithm that divides the available
bandwidth to best accommodate the current demand becomes very important. Whether the
bandwidth is distributed equally or unequally, the distribution of available bandwidth in the
face of contention is subject to some sort of business model.
Group QoS (GQoS), introduced in iDS Release 8.0, enhances the power and flexibility of
iDirect’s QoS feature for TDMA networks. It allows advanced network operators a high degree
of flexibility in creating subnetworks and groups of remotes with various levels of service
tailored to the characteristics of the user applications being supported.
Because QoS and Group QoS are complex in nature, iDirect has designed a scheme that allows
the average operator to maintain the QoS configurations, while offering the flexibility for
advanced users to customize the Group QoS configuration to meet the requirements of more
complex QoS models. Creating NMS users with the “GQoS Planning” permission restricts Group
QoS configuration changes to designated operators. Users without this permission can view
Group QoS settings, but they cannot change them. (See chapter 13, “Managing User Accounts
and User Groups‚” for details on defining users.)
This chapter contains the following major sections:
• Group QoS Description on page 229
• Configuring Group QoS on page 244
• Working with Group Profiles on page 293
• Application Profiles and Filter Profiles on page 301
7.1 Group QoS Description

Group QoS is built on the Group QoS tree: a hierarchical construct within which containership
and inheritance rules allow the iterative application of basic allocation methods across groups
and subgroups. QoS properties configured at each level of the Group QoS tree determine how
bandwidth is distributed when demand exceeds availability.
Group QoS enables the construction of very sophisticated and complex allocation models. It
allows network operators to create network subgroups with various levels of service on the

iDX Release 3.5
Group QoS Description
same outbound carrier or inroute group. It allows bandwidth to be subdivided among

customers or service providers, while also allowing oversubscription of one group’s configured
capacity when bandwidth belonging to another group is available.
QoS properties and the Group QoS tree are described in detail in the next sections.
7.1.1 QoS Properties

Each node in the Group QoS tree has properties related to bandwidth allocation and
bandwidth requests. These properties are separately configured for each node in the tree.
How these properties are configured determines how available bandwidth is distributed
among groups of competing nodes in the tree. (Details of the tree structure are contained in
Group QoS Hierarchy on page 233.)
The Group QoS configuration properties that can be defined using iBuilder are described here.
• Priority: Priority defines the order in which bandwidth is exclusively allocated among
competing nodes. There are five priorities: Multicast (the highest priority, reserved for
outbound multicast traffic), followed by P1 through P4. All higher-priority bandwidth is
allocated before any lower-priority bandwidth is allocated. Note that cost-based traffic
and best-effort traffic have lower priorities than traffic with priorities Multicast through
P4.
• Cost: Cost is a QoS attribute used to apportion bandwidth among competing nodes at the
same priority when demand exceeds availability. When bandwidth is limited, the relative
costs of all competing nodes with the same priority are used to distribute the remaining
bandwidth. For example (ignoring CIR discussed below), a node configured with a cost
of.5 will receive twice as much bandwidth as a node configured with a cost of 1.
• Cost-Based: Cost-based traffic receives bandwidth allocation only after all priority
(Multicast through P4) traffic allocations have been made among competing nodes. As
with other priorities, if demand exceeds availability for cost-based traffic, the relative
costs of all competing nodes are used to apportion the remaining bandwidth.
• Best Effort: Best-effort traffic is allocated bandwidth only after all priority and cost-
based traffic allocations have been made among competing nodes. In other words, no
bandwidth is granted for best-effort traffic until all other demand has been met.
• Maximum Information Rate (MIR): MIR specifies the maximum amount of bandwidth that
will be allocated to a node, regardless of demand generated by the node. A node with MIR
set will never be granted more bandwidth than the configured MIR bit rate.
NOTE: The QoS bandwidth allocation algorithm does not strictly enforce MIR for
inroute traffic. Therefore, it is possible that a node may receive more bandwidth
than the configured maximum if free bandwidth is available. However, this does
not affect bandwidth allocations for competing nodes. Note that MIR is strictly
enforced for outbound traffic.
• Committed Information Rate (CIR): CIR specifies an amount of bandwidth that is allocated
to a node before additional (non-CIR) bandwidth is allocated to that node for traffic with
the same priority. At any priority level, all competing nodes are first granted their CIR
bandwidth to the extent possible. If CIR demand is met, additional demand exists, and
additional bandwidth is available, then the remaining (non-CIR) demand is met to the
extent possible.

iDX Release 3.5
• Sticky CIR: In general, CIR is redistributed each time bandwidth is requested in

accordance with the CIR levels configured for all competing nodes. Thus the amount of
CIR granted to a node may vary from one frame to the next during congestion, depending
on competing demand.
Rather than allocating new CIR based solely on current requests, Sticky CIR favors nodes
with previous CIR allocations as long as those nodes continue to request bandwidth. This
can reduce the allocation of CIR bandwidth to competing nodes. Sticky CIR is useful for
VoIP applications.
• Full-Trigger CIR: If you configure Full-Trigger CIR for a remote application, the remote
will be granted all of its configured CIR bandwidth whenever any CIR bandwidth is
requested. For example, if the remote is configured with 500 kbps of CIR but current
traffic requires only 10 kbps of bandwidth, the remote will be granted the full 500 kbps of
bandwidth even though it only requested 10 kbps.
NOTE: Unlike the other QoS properties described here, Full-Trigger CIR can only
be configured with a remote custom key. See Configuring Full-Trigger CIR for a
Remote on page 291 for details.
Note:
• Allocation Fairness Relative to CIR: If you select this option then, during contention for
bandwidth, bandwidth allocation is proportional to the configured CIR. This favors QoS
nodes with higher CIR settings, since those nodes are granted a larger portion of the
available bandwidth. If this option is not selected, bandwidth is allocated equally to
competing nodes until available bandwidth is exhausted. If selected, this option applies
to both CIR and best-effort bandwidth allocation. (See Allocation Fairness Relative to CIR
on page 256 for more details.)
NOTE: The above definition assumes that equal cost has been configured for
bandwidth on all competing nodes. Unequal cost will affect the proportions of
bandwidth allocated to each node regardless of whether or not Allocation Fairness
is selected.
• Enhanced Information Rate (EIR): EIR only applies to networks that use DVB-S2 with
Adaptive Coding and Modulation (ACM). ACM adjusts the modulation and coding (MODCOD)
of the outbound channel on a frame-by-frame basis depending on the current receive
capabilities of the individual remotes in the network.
EIR is enabled only within the range of MODCODs from the Nominal MODCOD configured
for a remote down to the EIR Minimum MODCOD configured for a remote application. (See
page 277.) Within this range, the system attempts to sustain the bandwidth allocations
required for the remote to meet its configured QoS information rates (CIR and MIR) even
as the encoding of the remote’s downstream data drops to lower MODCODs. This is
accomplished by increasing the bandwidth allocated to the remote application in order to
compensate for the additional bits required for error correction at the lower MODCODs.
When the remote’s current MODCOD is below the EIR minimum MODCOD, the system
ignores the current MODCOD status of the remote when allocating bandwidth. Instead,
physical bandwidth is allocated to the remote application as if it were receiving the
outbound carrier at the Remote’s Nominal MODCOD. Therefore, below the minimum
MODCOD, the system does not attempt to meet the CIR or MIR settings and the remote’s
information rate will decrease based on the satellite bandwidth required at the remote’s

iDX Release 3.5
nominal MODCOD. For more information on EIR, see the DVB-S2 chapter of the iDirect
Technical Reference Guide.
• Allocation Fairness Relative to Nominal MODCOD: This property only applies to networks
that use DVB-S2 with Adaptive Coding and Modulation (ACM). If you select this option,
bandwidth allocation is scaled to information rate at the Nominal MODCODs of the
remotes. This favors remotes configured with lower nominal MODCODs, since their
satellite bandwidth allocations must increase to achieve the same information rate as
remotes with higher MODCODs. If neither this option nor Allocation Fairness Relative to
Operating MODCOD is selected, satellite bandwidth is allocated without regard to
MODCOD. This favors remotes with higher MODCODs, since the higher the MODCOD, the
greater the information rate for the same amount of bandwidth.
• Allocation Fairness Relative to Operating MODCOD: This property only applies to networks
that use DVB-S2 with Adaptive Coding and Modulation (ACM). If you select this option,
bandwidth allocation is scaled to information rate at the operating MODCODs of the
remotes. This favors remotes currently operating at lower MODCODs, since their satellite
bandwidth allocations must increase to achieve the same information rate as remotes
operating at higher MODCODs. If neither this option nor Allocation Fairness Relative to
Nominal MODCOD is selected, satellite bandwidth is allocated without regard to MODCOD.
This favors remotes with higher MODCODs, since the higher the MODCOD, the greater the
information rate for the same amount of bandwidth.
MIR and CIR Bandwidth Calculation

All upstream CIR and MIR throughout the system are based on IP Data Rate.
NOTE: Unlike TDMA upstream MIR and CIR, downstream MIR and CIR are not based
on IP Data Rate. Downstream MIR and CIR are based on Information Rate.
Bandwidth Allocation Algorithm

The basic algorithm for allocating bandwidth among competing nodes is:
While bandwidth is available:
For each priority level competing for bandwidth:
If CIR demand exists:
Allocate bandwidth for CIR demand.
If non-CIR demand exists:
Allocate bandwidth for non-CIR demand.
Thus, any higher-priority traffic has the potential to starve lower-priority traffic, and CIR
configurations only affect how bandwidth is allocated among requests at the same priority.
Due to the risk of starvation of lower-priority traffic, iDirect recommends that you configure
MIR for higher-priority Applications when unequal priorities are competing for bandwidth.
Priorities are considered in the following order by the algorithm as long as bandwidth is
available:
• Multicast (Available only to Group QoS nodes in the Network Multicast Bandwidth Group)
• P1 through P4
• Cost-based

iDX Release 3.5
• Best-effort
For more details on iDirect’s QoS implementation, see the chapter titled “QoS
Implementation Principles” in the iDirect Technical Reference Guide.
7.1.2 Group QoS Hierarchy

The Group QoS tree is an organization of nodes into groups and subgroups for the purpose of
allocating bandwidth to each node based on the properties and rules that you configure for
your network’s bandwidth.
Figure 7-1 shows an example of a Group QoS tree. The elements shown in the diagram are
defined later in this section.
Bandwidth
Pool
Bandwidth Bandwidth
Group 1 Group 2
Application Application Application Remote Remote

Service Service Service Service Service
Group 1 Group 2 Group n Group 1 Group n
Application 1
Application 2
Application 3
Remote A Remote B
Application 4 Application 10
Remote 1 Remote 2 Remote 3 Application 6 Application 11
Application 7 Application 14
Figure 7-1. Group QoS Hierarchy
A node is a basic element in the Group QoS tree and can either be a terminating element or a
container for other nodes. Beginning at the highest (root) node in the Group QoS tree,
available bandwidth is allocated by that node to all subnodes based on operator-defined QoS
properties and the current demand as indicated by the subnodes.
Only terminating (leaf) nodes generate demand. As demand moves up the tree in the form of
bandwidth requests, each higher-level (parent) node aggregates demand from its subnodes
before passing it up in the form of its own request. All demand reaches the root in a single
request representing the total demand of all leaf nodes.

iDX Release 3.5
Bandwidth allocation begins at the root node and flows down the tree. Each node subdivides
its own allocation among its subnodes based only on the Group QoS properties of the
subnodes. Therefore each node competes for bandwidth only within its own node group (i.e.
the set of subnodes that share a parent node). Each Remote prioritizes the use of its allocated
bandwidth according to QoS properties configured for the different types of applications that
generated the demand in the first place. (See QoS Properties on page 230.)
The properties configured for a parent node supersede those of its subnodes when those
properties conflict. For example, the total maximum bandwidth granted to all nodes in a node
group will never exceed the maximum bandwidth configured for the parent node, regardless
of the configuration of its subnodes.
NOTE: For flexibility, the NMS does not attempt to enforce limits on subnodes
based on the properties of the parent node. For example, the total CIR configured
for a node group may exceed the CIR configured for the parent node. If CIR is
oversubscribed in this way, it is possible that all nodes will not receive their full
CIR allocations during times of heavy traffic.
Bandwidth Pool
A Bandwidth Pool represents the root of a Group QoS tree. Therefore, all other groups in the
tree are contained in the Bandwidth Pool. In iDirect, a Bandwidth Pool can be either an
Outroute or an Inroute Group.
Bandwidth Group
A Bandwidth Pool can be divided into multiple Bandwidth Groups. By defining Bandwidth
Groups, a network operator can subdivide an Outroute or Inroute Group into multiple QoS
groups, each with its own QoS properties.
A Network Operator might use multiple Bandwidth Groups to divide a Bandwidth Pool among
different Service Providers or Virtual Network Operators (VNOs). Bandwidth Groups can be
configured with CIR and MIR to enforce the desired division of the total bandwidth among the
Bandwidth Groups.
NOTE: The bandwidth allocation algorithm cannot guarantee that MIR configured
at the Bandwidth Group and Service Group levels will be met.
Service Group
Just as a Bandwidth Pool can be divided into multiple Bandwidth Groups, a Bandwidth Group
can be subdivided into multiple Service Groups, each with its own QoS properties.
There are two types of Service Groups, Application Service Groups and Remote Service
Groups. There are no restrictions on the types of Service Groups contained in a Bandwidth
Group. A Bandwidth Group may contain only Application Service Groups, only Remote Service
Groups, or both types of Service Groups.
An Application Service Group contains multiple Applications. Remotes assigned to an
Application Service Group share the bandwidth assigned to the various Applications in the
group.

iDX Release 3.5
When using Remote Service Groups, a remote becomes a container node for its Applications.
Each remote is configured with its own QoS properties such as MIR and CIR and independently
allocates that bandwidth to its Applications. Remote Service Groups allow you to configure
bandwidth for individual remotes and then assign multiple Applications to the remotes. The
bandwidth allocated to the Applications under a remote is taken from bandwidth granted to
the individual remote; it is not shared with other remotes as it is with Application Service
Groups. Note that this structure allows remotes to retain their QoS configuration when
moving between networks. See Moving Remotes Between Networks, Inroute Groups, and Line
Cards on page 333 for more information.
Figure 7-2 illustrates the difference between Application Service Groups and Remote Service
Groups.
Application Remote
Service Service
Group Group
Application 1
Application 2
Application 3
Remote 1 Remote 2 Remote 3
Application 4 Application 10 Application 14

Remote 1 Remote 2 Remote 3 Application 6 Application 11 Application 15
Application 7 Application 14 Application 16
Application Service Group: Bandwidth allocated to an Application Remote Service Group: Bandwidth allocated to a remote is
is shared by all remotes requesting bandwidth for that Application. shared by all Applications on that remote requesting bandwidth.
Figure 7-2. Application Service Group vs. Remote Service Group
Application Service Groups, along with the Applications they contain, are used to define
Service Profiles that are then assigned to remotes. This differs from Remote Service Groups,
in which Remotes are assigned to Service Groups and Applications are assigned directly to
remotes using Remote Profiles.
A Service Group might be used solely to partition the bandwidth of a Bandwidth Group among
sub-groups; or it might be used to differentiate groups by class of service. For example, an
operator or a VNO might further divide a Bandwidth Group into Service Groups and assign
each Service Group to a different customer, using CIR and MIR to enforce the desired division
of the total bandwidth among the Service Groups. Or a Service Provider might create Service
Groups to offer multiple levels of service, using a combination of Priority, Cost and CIR/MIR to
create tiered service.
NOTE: When upgrading from an iDirect release that did not support Group QoS
(pre-iDS 8.0) you can choose to upgrade to Application Service Groups or Remote
Service Groups. Select Remote Service Groups to best preserve your pre-8.0 QoS
functionality.

iDX Release 3.5
Application
Applications consist of the Service Levels and Rules defined to handle the various types of
traffic in your networks. Applications are defined by Application Profiles and are either
assigned to Application Service Groups or to Remotes in Remote Service Groups.
Like Bandwidth Groups and Service Groups, each Application is configured with QoS
properties. In addition, an Application is associated with one or more Upstream or
Downstream Application Profiles, containing Service Levels and Rules for that Application.
Upstream Application Profiles are associated with Inroute Groups to manage Inroute traffic.
Downstream Application Profiles are associated with Outroutes to manage Outroute traffic.
An Application Service Group contains two or more Applications. (An NMS Application and a
Default Application are required for every Application Service Group.) A Remote Service
Group does not contain Applications. Instead, a Remote Service Group contains remotes and
the remotes are assigned Applications.
Service Profile
Service Profiles are only used to define Applications for Application Service Groups. They are
not used to define Applications used directly by remotes in Remote Service Groups.
Like an Application Service Group, a Service Profile contains two or more Applications, each
of which consists of the Service Levels and Rules specified by their respective Application
Profiles. You can view a Service Profile as the implementation of an Application Service
Group. In other words, an Application Service Group provides a template from which you can
create your Service Profiles.
Service Profiles are assigned directly to Remotes that use Application Service Groups. When
you assign a Service Profile to a remote, the Applications contained in the Service Profile are
applied to the remote as Virtual Remotes.
When you create a new Application Service Group, you automatically create a default Service
Profile for the new group containing the NMS and Default Applications. (These two
Applications are part of every Application Service Group and Service Profile.) When you add
Applications to Application Service Groups, those Applications are added to the list of
Applications that you can select for the Service Profiles based on that Service Group. (See
Creating Service Profiles on page 267 for further details.)
Remote Profile
Remote Profiles are used to define Applications for remotes in Remote Service Groups or
remotes that transmit a dedicated SCPC upstream carrier. Remote Profiles are not used to
define Applications used by Application Service Groups.
A Remote Profile contains one or more Applications. Each Application in a Remote Profile is
built from one or more Application Profiles. Application Profiles contain the Service Levels
and Rules defined to handle the various types of traffic in your networks.
A Remote Profile is either an Upstream Remote Profile (built from Upstream Application
Profiles) or a Downstream Remote Profile (built from Downstream Application Profiles). When
you assign a Remote to a Remote Service Group for your Network or Inroute Group, you can
select the Remote Profile to be used by the remote.

iDX Release 3.5
An SCPC upstream carrier is dedicated to a single remote. Therefore, a remote that transmits
an SCPC upstream carrier is not part of any upstream Service Group. You assign the Upstream
Remote Profile directly to the remote on the Remote QoS tab. (See Group QoS and SCPC
Remotes on page 239 for further details.)
Application Profile
Application Profiles are fundamental building blocks of Group QoS. They define the
Applications that are used by Service Profiles and Remote Profiles. In addition to being
configured with QoS properties that determine packet scheduling, Application Profiles contain
one or more rules that determine which packets match the type of traffic defined by the
Application Profile. Rules specify boolean operations that are performed on individual fields
in packet headers to determine whether or not packets match Applications using the
Application Profile.
An Application Profile is typically used to categorize packets for a specific traffic type, such
as NMS traffic, Voice over IP (VoIP) traffic, etc. The Default Application Profile is used to
handle any traffic not explicitly defined by the other Application Profiles in a Service Profile.
Virtual Remote
When you assign a Service Profile or a Remote Profile to a remote, you are configuring the
remote with the complete set of the Applications specified in the profile. Each individual
Application running on a remote is called a “Virtual Remote.” The physical remote makes
independent requests for bandwidth for each of its Virtual Remotes in accordance with the
properties assigned to that Application.
NOTE: The concept of Virtual Remote does not apply to Multicast Applications.
Application Service Groups vs. Remote Service Groups

The figures in this section present a more detailed comparison of the Group QoS subtrees for
Application Service Groups and Remote Service Groups. See Configuring Group QoS on
page 244 for information regarding the Group QoS Views and Folders referenced in the
figures.

iDX Release 3.5
Application
Service Configured in the
Group GQoS Group View
Application 1
Added in the GQoS Application 2 Application Configured in the
Group View from Profiles Application Profiles Folder
Application Profiles
Application n
Configured in the GQoS

Service Profile
Service Profile View
Assigned in the GQoS
Service Profile Remote View
or Remote QoS Tab
Remote 1 Remote 2 Remote 3
Figure 7-3. Application Service Group Subtree
Figure 7-3 shows the Application Service Group subtree of the Group QoS hierarchy.
Applications are configured from Application Profiles and then added to the Group QoS
Application Service Group. These Applications are then used to create a Service Profile which
is assigned to remotes. The Applications in the Service Profile are implemented on the
remotes as Virtual Remotes.

iDX Release 3.5
Remote
Configured in the
Service
GQoS Group View
Group
Assigned in the GQoS

Remote Profile View or
Remote QoS Tab
Remote 1 Remote 2
Assigned in the GQoS Configured in the Remote

Remote Profile View or Remote Remote Profiles Folder from
Remote QoS Tab Profile 1 Profile 2 Application Profiles
Application 1 Application a
Application 2 Application b
Application n Application m
Figure 7-4. Remote Service Group Subtree
Figure 7-4 shows the Remote Service Group subtree of the Group QoS hierarchy. Remotes are
added directly to Remote Service Groups and configured with their own set of QoS properties
such as CIR, MIR, Priority, etc. Applications are configured from Application Profiles which are
used to build Remote Profiles. Remote Profiles are assigned to individual remotes. The
Applications in the Remote Profile are implemented on the remote as Virtual Remotes.
Group QoS and SCPC Remotes

iDirect supports two types of upstream carriers:
• A TDMA upstream carrier is shared by multiple remotes in an inroute group.
• An SCPC upstream carrier is dedicated to a single remote.
Like remotes that transmit TDMA upstream carriers, remotes that transmit SCPC upstream
carriers (called SCPC remotes) are part of an iDirect network and receive the shared outroute
associated with that network. Therefore, SCPC remotes are part of the network’s outroute
Bandwidth Pool just like any other remote in the network. There is no difference in how
downstream Group QoS is configured and applied to a TDMA remote or an SCPC remote.
However, because each SCPC remote transmits its own dedicated upstream carrier, SCPC
remotes are not part any inroute group and therefore are not associated with an inroute
group’s Bandwidth Pool. Since the upstream bandwidth is not shared with other remotes, an
SCPC remote is not part of a Service Group. Instead the entire upstream QoS tree for an SCPC
remote consists of the Remote, its Remote Profile, and the Applications associated with the
remote profile. This is illustrated in Figure 7-5.

iDX Release 3.5
SCPC
Remote
(Upstream)
Configured in the Remote

Remote Profiles Folder from
Profile Application Profiles
Application a
Application b
Application n
Figure 7-5. SCPC Remote Upstream QoS Tree
Bandwidth is allocated to the remote’s upstream Applications based on the properties and
rules defined for the selected Remote Profile. (See Remote Profiles on page 282 for
information on configuring remote profiles). Remote Profiles are assigned directly to SCPC
remotes on the Remote QoS tab. See Remote QoS Tab on page 188 for the steps to assign an
upstream Remote Profile to an SCPC remote.
7.1.3 QoS Modes

When configuring QoS for your outbound channels and inroute groups using Application
Service Groups, you can select one of three QoS modes:
• Remote Based
• Application Based
• Application Scaled
By selecting a QoS mode for your Networks and Inroute Groups in iBuilder, you can affect
upstream and downstream GQoS behavior, respectively. The behavior of each mode is
described here.
NOTE: QoS Modes only apply to Application Service Groups. Selecting a QoS mode
has no effect on Remote Service Groups. When using only Remote Service Groups,
it is not necessary to select a QoS mode for your Inroute Group or Network.
Remote Based Mode

Selecting Remote Based as the QoS mode provides pre-GQoS compatibility. It allows you to
configure all upstream and/or downstream rate shaping parameters on the QoS tab for each
remote. These parameters include Maximum Information Rate (MIR), Committed Information
Rate (CIR), Minimum Information Rate (MIN), and Enhanced Information Rate (EIR).

iDX Release 3.5
NOTE: As an alternative to remote based mode, consider using Remote Service

Groups. Remote Based mode has been retained to provide backward compatibility
with previous Group QoS releases and to address scalability issues in very large
networks. However, Remote Service Groups also allow you to configure QoS
properties for your individual remotes while providing additional flexibility as well
as portability of QoS profiles when remotes move between networks.
When operating in Remote Based QoS mode, you will define your QoS settings much like you
did in pre-8.0 releases. In other QoS modes, or when using Remote Service Groups, you define
multiple Applications per remote. These Applications run on the physical remote as “Virtual
Remotes.” Each Virtual Remote is responsible for bandwidth allocation for its own
application.
However, in Remote Based mode, remotes do not run multiple QoS Applications. Since the
concept of multiple Virtual Remotes is not applicable in this mode, you cannot define
individual request and allocation properties for Applications. Although Group QoS can be
configured for inroute groups and networks in Remote Based mode, all Group QoS Applications
are merged into a single Application in the remote-side and hub-side remote options files.
Therefore, Application properties such as MIR, CIR and Priority defined for new QoS
Applications are not used in Remote Based mode.
This is illustrated by Figure 7-6.
Figure 7-6. Remote Based Mode vs. Application Based Mode
When Remote Based QoS Mode is selected (top image), no properties (such as Priority and
Cost) are shown for the two Applications (NMS and Default). When Application Based is
selected, the GQoS Application Properties appear and can be configured by the operator. This
is true because Remote Based Mode collapses all Applications into a single Application that is

iDX Release 3.5
executed on the physical remote. To change properties such as Priority or Cost for Remote
Based traffic, configure these parameters per Service Level.
As in pre-8.0 releases, you define the QoS behavior of a remote in Remote Based mode by
creating Service Levels in QoS profiles. Service Levels contain Rules and matching criteria that
are compared in order to packets until a match is found. Once a packet matches a Rule, no
further comparisons are made.
Remote Based QoS differs from pre-8.0 QoS in that, rather than each remote being assigned a
single Traffic Profile, each remote is assigned a Service Profile derived from multiple
Application Profiles, each with its own list of Service Levels. (Application Profiles are similar
to pre-8.0 Traffic Profiles.) This means that the order in which Service Levels are applied to a
packet is determined by the order of the Applications in the Service Profile. If the packet does
not match any Service Levels in the first Application, it is compared to those in the second
Application, and so on, until a match is found. Therefore, it is very important that you add
new Applications to your Service Profiles so that the correct overall order of the Service
Levels is maintained across all Applications.
When you upgrade from a pre-8.0 release, Traffic Profiles currently assigned to remotes are
converted to Application Profiles. If you choose to upgrade to Application Service Groups,
those new Application Profiles are automatically included in new Service Profiles, and the
Service Profiles are assigned to those remotes that were using the equivalent Traffic Profiles.
(Traffic profiles not assigned to remotes are removed from the QoS folders.) After the
upgrade, you can assign these Service Profiles to remotes on the Remote QoS tab, the same
way you assigned Traffic Profiles to remotes prior to GQoS.
However, if you require a new Application Profile to be used by some of the remotes in your
network, you will need to create a new Service Profile that uses the new Application Profile,
and then assign the Service Profile to the Remotes. You must use the Group QoS feature to
create Service Profiles from Application Profiles. See the Creating Service Profiles on
page 267 for details.
Application Based Mode

Selecting Application Based as the QoS mode for a network or inroute group fully enables the
GQoS feature for your Application Service Groups. Although MIR and MIN configured on the
Remote QoS tab will be maintained, CIR will not. You can configure CIR at a number of levels
in the GQoS hierarchy. If you require different CIR settings for individual remotes, you must
override the general GQoS CIR configuration on your Virtual Remotes or switch to Remote
Service Groups. Configuring your Group QoS settings is discussed in detail in the remainder of
this chapter.
Application Scaled Mode

Application Scaled mode is intended for complex GQoS configurations that result in a large
number of Virtual Remotes executing on a single physical remote. For example, in networks in
which remotes provide service to multiple customers with different QoS requirements, the
large number of Virtual Remotes executing on each physical remote may degrade network
performance. In such cases, Application Scaled mode may be preferable to Application Based
mode.
Application Scaled mode is identical to Application Based mode with one exception.
Application Based mode results in a minimum of two Virtual Remotes for every physical

iDX Release 3.5
remote: NMS and Default. Each additional Virtual Remote increases the processing load on the
protocol processor and the remote during bandwidth allocation.
Application Scaled mode merges the NMS and Default Virtual Remotes into a single Virtual
Remote to improve performance. This merging is performed in the hub-side and remote-side
options files; not on the GUI. Therefore, even though these two Virtual Remotes are combined
on the protocol processor and on the remote, this is not visible on the iBuilder GUI. Both the
NMS and Default Applications (and Virtual Remotes) still appear on the GQoS screens.
NOTE: Although iBuilder still allows you to configure the NMS and Default
Applications in Application Scaled mode, the Default Application properties
override the NMS Application properties for any conflicting settings. Therefore,
changing the properties of the NMS Application to be different from those in the
Default Application has no effect in this mode, and can be misleading.
Setting the QoS Mode

In iBuilder, you can select the QoS mode for an Inroute Group or Outroute as follows:
1. Right-click the Inroute Group or Network in the iBuilder Tree and select ModifyItem.
2. Click the Group QoS tab.
3. Select the desired QoS Mode.
Figure 7-7. Selecting the QoS Mode

Selecting the QoS Mode for an Inroute Group is illustrated in Figure 7-7. The Network Group
QoS tab has an identical QoS Mode setting that applies to the Network’s outbound carrier. The
default QoS Mode is Remote Based.
NOTE: The QoS Mode selection only applies to Application Service Groups; it does
not apply to Remote Service Groups.
7.1.4 Multicast Bandwidth Group

A new default Bandwidth Group named Multicast is automatically created for every network.
This Bandwidth Group can be used to manage both the NMS and user multicast traffic on the
outbound carrier. The Multicast Bandwidth Group has the following characteristics:

iDX Release 3.5
Configuring Group QoS
• There is only one Multicast Bandwidth Group per Network. Therefore you cannot clone
the Multicast Bandwidth Group, insert additional multicast Bandwidth Groups, or delete
the Multicast Bandwidth Group.
• The Multicast Bandwidth Group must contain one and only one Application Service Group.
It cannot contain any Remote Service Groups. You cannot clone or delete the default
Application Service Group in the Multicast Bandwidth Group. You cannot insert additional
Service Groups under the Multicast Bandwidth Group.
• Like other Application Service Groups, the Application Service Group in the Multicast
Bandwidth Group contains two Applications by default: NMS and Default. The NMS
application is used for outbound multicast NMS traffic.
• By default, the Multicast Bandwidth Group, its Application Service Group, and the NMS
Application are assigned Multicast priority, the highest priority setting. This setting is only
available for the Multicast Bandwidth Group, its Service Group, and multicast
Applications.
• You cannot disable MIR for the Multicast Bandwidth Group. The minimum value that you
can set for Multicast MIR is 128 kbps.
• When configuring a DVB-S2 ACM network, you can select a different Multicast MODCOD for
each Application. By default, NMS multicast traffic is sent on the Minimum MODCOD of the
DVB-S2 carrier. To prevent user multicast traffic from accidentally consuming too much
downstream bandwidth, the Multicast MODCOD of the Default Application is set to the
Maximum MODCOD of the DVB-S2 carrier. See Adding Applications to Application Service
Groups on page 264 for details.
You can create new multicast Application Profiles and add new Applications for user multicast
traffic the same way that you add applications to other Bandwidth Groups. See Configuring
Group QoS on page 244 for details.
NOTE: You can enable Multicast Fast Path when configuring your user multicast
Applications. When Multicast Fast Path is enabled, downstream multicast packets
received by a remote are forwarded directly to the Ethernet by the remote
firmware. This bypasses software processing on the remote resulting in improved
throughput. For details on configuring Multicast Fast Path Applications and
assigning them to your remotes see Configuring Remotes for Multicast Fast Path
on page 277.
7.2 Configuring Group QoS

This section explains how to use iBuilder to configure Group QoS settings for your Networks
and Inroute Groups. You can define Group QoS parameters in four places in iBuilder:
• On the Network Group QoS tab, you can define Group QoS settings for an Outroute and
assign Group QoS Service Profiles and Remote Profiles to the remotes using that Outroute.
• On the Inroute Group QoS tab, you can define Group QoS settings for an Inroute Group and
assign Group QoS Service Profiles and Remote Profiles to the remotes using that Inroute
Group.
• In the Group Profile Upstream and Downstream folders of the iBuilder Tree, you can
create Group QoS profiles that you can later assign to your Networks and Inroute Groups
from the Group QoS tab.

iDX Release 3.5
• On the Remote QoS tab, you can define QoS properties for remotes using Remote Service
Groups or Application Service Groups in Remote Based QoS mode.
When you create a new Network or Inroute Group in the iBuilder Tree, the default
downstream or upstream group profile is used to automatically configure the default QoS
settings for the new bandwidth pool.
The default Group QoS configuration for a Network contains:
• Two default Bandwidth Groups, one named Multicast and one named Bandwidth
The default Group QoS configuration for an Inroute Group contains:
• A single Bandwidth Group named Bandwidth
The default Multicast Bandwidth Group contains a single default Application Service Group
named Application Service Group.
All non-Multicast default Bandwidth Groups contain two default Service Groups:
• An Application Service Group named Application Service Group
• A Remote Service Group named Remote Service Group
NOTE: When only using a single type of Service Group, you can delete the other
default Service Group. However, each Bandwidth Group is required to have at
least one Service Group of either type. Therefore, you cannot delete the last
Service Group in a Bandwidth Group.
Each default Application Service Group contains two default Applications:

• An Application named NMS to manage bandwidth for NMS traffic
• An Application named Default to manage all other bandwidth
The procedures in this section assume that you have already opened the Group QoS tab for
your Network or Inroute Group. Many of the same operations are also available when
configuring upstream or downstream Group Profiles. (See Working with Group Profiles on
page 293 for details on Group QoS profiles.)
To open the Group QoS tab:
1. Depending on the Bandwidth Pool you want to configure, right-click your Network or
Inroute Group in the iBuilder Tree and select ModifyItem.
2. When the dialog box opens, click the Group QoS tab.
7.2.1 The Group QoS User Interface

The Group QoS user interface allows you to configure and view all Group QoS settings for
Bandwidth Groups, Service Groups and Applications. It allows you to configure Service Profiles

iDX Release 3.5
and assign them to remotes that use Application Service Groups. It also allows you to assign
Remote Profiles to remotes that use Remote Service Groups.
The Group QoS User Interface has five views, described in the following sections:
• Group View
• Service Profile View
• Service Profile-Remote View
• Remote Profile View
• Remote View
To select any of the Group QoS views, right-click anywhere in the main area of the Group QoS
tab and select the view you want to display.
Figure 7-8. Selecting the Group QoS View
NOTE: Double-clicking a folder in the Application/Remote column provides a

convenient way to switch from the Group QoS Group View to the Service Profile
View or Remote Profile View for a specific Service Group. This is equivalent to
using the right-click menu to switch to the Service Profile View or Remote Profile
View and then selecting the Service Group in the Select Group drop-down menu.
(The Select Group drop-down menu is explained on page 249.)

iDX Release 3.5
Group View
The Group View shows the Group QoS Hierarchy (Bandwidth Groups, Service Groups,
Applications and Remotes) and the properties associated with each group in the tree. The
Group View illustrated in Figure 7-9 shows an Inroute Group with a single Bandwidth Group
divided into one Application Service Group (Appl SG 1) and one Remote Service Group (Rmt
SG 1).
Figure 7-9. Group QoS: Group View
Some characteristics of the illustrated Bandwidth Group are:

• A Maximum Information Rate (MIR) of 5 Mbps, with 3 Mbps configured for Appl SG 1 and 2
Mbps configured for Rmt SG 1.
• Since Appl SG 1 has an MIR that is higher than its Committed Information Rate (CIR), Appl
SG 1 can be granted bandwidth over its CIR limit if all of Rmt SG 1’s CIR demand is met
and additional bandwidth is available.
• Since Rmt SG 1 has an MIR equal to its CIR, Rmt SG 1 will never be granted more than its
configured CIR, even if additional bandwidth is available. (This may not always be the
case for upstream traffic. See the definition of CIR in QoS Properties on page 230.)
• For Appl SG 1, bandwidth is allocated in the following priority order:
• Bandwidth requested by the NMS Application is given the highest priority (P1).
Bandwidth will be allocated for all NMS traffic before bandwidth is given to any other
Application.
• Bandwidth requested by the VoIP Application is given the next priority (P2). Only after
all NMS traffic demand is met will VoIP bandwidth be allocated.
• Bandwidth requested by the TCP Application is given the next priority (Cost Based).
No TCP bandwidth will be allocated until all NMS and VoIP traffic demand is met.
• All remaining traffic is specified by the Default Application which is given a priority of
Best Effort. If bandwidth is available for the Service Group after all other traffic
demand has been satisfied, then Default demand will be met to the extent possible.

iDX Release 3.5
• For Rmt SG 1, all remote priorities and cost are equal. Therefore, bandwidth will be
distributed evenly to these remotes. Each remote has a CIR of 32 kbps and will never
receive more than its MIR of 128 kbps.
NOTE: In Figure 7-9, only three of five remotes in Rmt SG 1 are displayed in this
view because Maximum Remotes Displayed is set to 3. You can adjust the
maximum number of remotes displayed for each Remote Service Group by
changing the setting for Maximum Remotes Displayed and clicking the Set button.
For detailed information on all QoS properties see QoS Properties on page 230. For
information on how QoS properties are applied in the Group QoS hierarchy see Group QoS
Hierarchy on page 233.
Service Profile View

Only Application Service Groups use Service Profiles. Therefore, the Service Profile View
applies to Application Service Groups but not to Remote Service Groups. The Service Profile
View (Figure 7-10) shows all Service Profiles defined for each Bandwidth Group, and all
Applications defined for each Service Profile. It also shows the properties of each Application
and how those properties are currently assigned to remotes.
Figure 7-10. Group QoS: Service Profile View

iDX Release 3.5
NOTE: The Select Group drop down menu at the top of the Service Profile View,
the Remote Profile View, and the Service Profile - Remote View, allows you to
filter on the entire Bandwidth Pool, a specific Bandwidth Group, or a specific
Service Group for display in the main window.
Service Profile-Remote View

Only Application Service Groups use Service Profiles. Therefore, the Service Profile-Remote
View applies to remotes in Application Service Groups but not to remotes in Remote Service
Groups. The Service Profile-Remote View (Figure 7-11) shows all Service Profiles defined for
each Bandwidth Group, all remotes that use each Service Profile, and all Applications
assigned to each remote. It also displays all Service Levels configured for each Application.
Figure 7-11. Group QoS: Service Profile-Remote View

iDX Release 3.5
Remote Profile View

Only remotes in Remote Service Groups use Remote Profiles. Therefore, the Remote Profile
View applies to remotes in Remote Service Groups but not to remotes in Application Service
Groups. The Remote Profile View (Figure 7-12) shows all Remote Service Groups in each
Bandwidth Group and all remotes assigned to those Remote Service Groups. It also shows the
QoS properties configured for the remotes and the Remote Profile assigned to each remote.
NOTE: In addition to remotes in Remote Service Groups, Remotes that transmit

dedicated SCPC upstream carriers also use Remote Profiles to define their
upstream Applications. Upstream Remote Profiles are assigned to SCPC Remotes
on the Remote QoS tab. See Remote QoS Tab on page 188 for details.
You can assign remotes to a Remote Profile by selecting one or more the remotes and clicking
the check box of the profile in the Remote Profile-Upstream (or Downstream) pane at the
right of the screen. Clicking the Remote Profile column in the main area of the screen sorts
remotes by Remote Profile name within each Remote Service Group.
Figure 7-12. Remote Profile View
NOTE: A Remote Profile assigned to an Evolution X1 or e150 remote can have a

maximum of 10 (total) Service Levels. Each Virtual Remote in the assigned Profile
can have a maximum of 5 Service Levels. Assigning a Profile to an X1 or e150 that
exceeds either of these limits will cause the remote state to change to
Incomplete in the iBuilder Tree.

iDX Release 3.5
Remote View
The Remote View (Figure 7-13) shows all remotes in a Bandwidth Pool, and all Applications
and Service Levels assigned to each remote. The Remote View includes remotes in Application
Service Groups and remotes in Remote Service Groups. The Remote View groups the QoS
configuration by remote, allowing you to better understand how QoS processing will be
applied on any remote.
Figure 7-13. Group QoS: Remote View

iDX Release 3.5
7.2.2 Estimating Effective MIR and CIR for DVB-S2 Networks

When you configure a DVB-S2 carrier with ACM, only the symbol rate and occupied bandwidth
are known. The information rate depends on the combination of MODCODs being received by
the remotes in the network at any time. Therefore, when you configure CIR or MIR for a Group
QoS node, you are configuring the MIR or CIR based on the best MODCOD configured for the
DVB-S2 carrier. The true MIR or CIR limits for the GQoS node do not equal the configured CIR
or MIR unless all remotes or Virtual Remotes under the node are receiving the best MODCOD of
the carrier. Since even under ideal conditions, remote information rates are limited to their
Nominal (or Clear Sky) MODCOD, it is unlikely that the configured MIR or CIR is ever achieved
in an operational ACM network.
iBuilder includes a MODCOD Distribution Calculator that allows you to estimate the effective
Information Rate for your carrier or the effective MIR and CIR for individual Group QoS nodes.
You can access this calculator by clicking the MODCOD Distribution button on the
configuration dialog box for Bandwidth Groups, Service Groups or Applications. (The
calculator can also be accessed from the downstream carrier dialog box, allowing you to
estimate the effective Information Rate for the entire carrier.)
A variation of the MODCOD Distribution Calculator can be used to estimate the Information
Rate for a DVB-S2 carrier with ACM. See Estimating the Information Rate for a DVB-S2 Carrier
on page 87 for details.
The following example illustrates how to estimate the effective MIR and CIR for a Group QoS
node. Figure 7-14 shows the portion of a Group QoS node dialog box that displays the
Configured and Effective MIR and CIR for that node.
Figure 7-14. Configured vs. Effective MIR and CIR before Estimation
Notice in Figure 7-14 that initially the Configured MIR and CIR are equal to the Effective CIR
and MIR. By default, the calculator for the node assumes that all remotes receive the best
MODCOD of the assigned carrier.
1. Click the MODCOD Distribution button (Figure 7-14) to display the calculator
(Figure 7-15).

iDX Release 3.5
Figure 7-15. MODCOD Distribution Calculator
Figure 7-15 shows an instance of the MODCOD Distribution Calculator. The range of the
MODCOD column is limited to the DVB-S2 Range defined for the carrier assigned to this
network. The Total row shows the totals for the columns. The Network Best row shows
the configured MIR and CIR for the node.
2. Double-click the cells to enter either the percentages of traffic or the data rates that you
estimate will be transmitted on the different MODCODs for remotes under this node.
If you change the percentages in the MIR Distribution and CIR Distribution columns, the
Estimated MIR and Estimated CIR are automatically recalculated and the totals are
displayed in the Total row. If you change information rates in the Estimated MIR and
Estimated CIR columns, percentages in the MIR Distribution and CIR Distribution
columns are automatically recalculated and the new configuration totals are displayed in
the Network Best row.
Figure 7-16 shows the results of changing the percentages in the MIR Distribution and CIR
Distribution columns.

iDX Release 3.5
Figure 7-16. Calculating Estimated Information Rate
In the example in Figure 7-16, the satellite operator estimates that 20% of the remotes
typically receive 8PSK3/4, 20% receive 8PSK-5/6, and the remaining 60% receive 8PSK-8/9
(the best MODCOD defined for the carrier). The calculator maintains the configured
information rates at 512 kbps and 128 kbps while adjusting the effective information
rates to account for the traffic on the lower MODCODs.
Figure 7-17 shows the results of entering the Estimated MIR and Estimated CIR in kbps,
splitting the information rates evenly between the two best MODCODs
.
Figure 7-17. Calculating Information Rate Distribution

iDX Release 3.5
Notice in Figure 7-17 that the distribution percentages and the Network Best information
rates have been automatically adjusted to account for the variation in bandwidth
required by the different MODCODs to transmit the same information rate.
Figure 7-18 shows the results of the following the steps in the example.
Figure 7-18. Configured vs. Effective MIR and CIR after Estimation
In the top image in Figure 7-18, the totals for the Effective MIR and Effective CIR that were
recalculated by changing the percentages in the MIR Distribution and CIR Distribution
columns (Figure 7-16) have been updated in the dialog box. In the bottom image in
Figure 7-18, the totals for the Configured MIR and Configured CIR that were recalculated by
changing the Estimated MIR and Estimated CIR columns (Figure 7-17) have been updated in
the dialog box.
The estimated MIR and CIR, not configured MIR and CIR, are displayed in the Group QoS Group
View. This is illustrated in the MIR and CIR columns for Bandwidth Group 2 in Figure 7-19.
This is the result of saving the configuration in the top image of Figure 7-18.
Figure 7-19. Effective MIR and CIR in the Group View

iDX Release 3.5
Although effective MIR and CIR are only estimations based on the inputs to the MODCOD
Distribution Calculator, you can use iMonitor to monitor your DVB-S2 performance and refine
these estimations over time to more accurately reflect your actual network performance. See
the iMonitor User Guide for details on monitoring your DVB-S2 networks.
7.2.3 Allocation Fairness Relative to CIR

As described on page 231, selecting Allocation Fairness Relative to CIR causes bandwidth to
be allocated to subnodes in proportion to the configured CIR. This lowers the effective Cost of
bandwidth allocation to competing subnodes with higher CIR. Therefore, if this property is
selected on a parent Group QoS node, peer subnodes at the same priority level with different
CIR configurations display different Effective Costs on the Group QoS GUI.
Allocation Fairness Relative to CIR can be enabled at the Bandwidth Pool, Bandwidth Group,
Application Service Group and Remote Service Group levels of the Group QoS tree. When using
Application Service Groups in Application Based QoS Mode, it can also be enabled at the
Application level of the Group QoS tree. When using Remote Service Groups, it can also be
enabled for individual remotes on the Remote QoS tab.
If selected, Allocation Fairness Relative to CIR applies to both CIR allocation and to best-
effort bandwidth allocation. If additional bandwidth is available after all CIR requests have
been satisfied for competing nodes, the additional (best-effort) bandwidth distribution is also
proportional to the configured CIR. If a node has no CIR configured, the cost of its best-effort
bandwidth is identical to the cost calculated for the peer node with the lowest configured
CIR.
Figure 7-20 shows the Group View with two competing cost-based Application Service Groups
in BWG 1: Service Group 1 and Service Group 2.
Figure 7-20. Competing Service Groups without Allocation Fairness Relative to CIR
NOTE: The Allocation Fairness Relative to Bandwidth CIR check box in the Group
View (Figure 7-20) applies to competing Bandwidth Groups in this Bandwidth Pool.
Notice in Figure 7-20 that Service Group 1 has been granted 256 kbps of CIR while Service
Group 2 has been granted 128 kbps of CIR. Allocation Fairness Relative to CIR has not yet
been enabled for BWG 1. Therefore bandwidth allocation is not affected by the proportion of

iDX Release 3.5
CIR configured for each node and the Bandwidth % column and the Cost column are identical
for the two Service Groups.
Figure 7-21 shows the effect of selecting Allocation Fairness Relative to CIR for BWG 1.
Figure 7-21. Results of Selecting Allocation Fairness Relative to CIR on Parent
Since bandwidth allocation is now proportional to the configured CIRs for the two nodes, the
Bandwidth % for Service Group 1 (256 kbps of CIR) is now twice that of Service Group 2 (128
kbps of CIR). Also notice that the Cost column shows that the Service Group 1 bandwidth
allocation cost is half the cost of Service Group 2.
The difference between the Configured Cost and Effective Cost is displayed on the dialog
box of the competing subnodes. Figure 7-22 shows the Configured and Effective Costs for
Service Group 1 used in this example.
Figure 7-22. Configured vs. Effective Cost
For definitions of Cost and Allocation Fairness Relative to CIR, see QoS Properties on
page 230.

iDX Release 3.5
7.2.4 Allocation Fairness Relative to MODCOD

iDirect supports two types of Allocation Fairness Relative to MODCOD for DVB-S2 ACM
networks:
• Allocation Fairness Relative to Nominal MODCOD allocates downstream bandwidth
scaled to the Nominal MODCODs of the remotes. (This was called Allocation Fairness
Relative to MODCOD in earlier releases.)
• Allocation Fairness Relative to Operating MODCOD allocates downstream bandwidth
scaled to the current operating MODCODs of the remotes.
The QoS properties Allocation Fairness Relative to Nominal MODCOD and Allocation
Fairness Relative to Operating MODCOD are defined on page 232. These properties apply
only to downstream bandwidth allocated in DVB-S2 networks. These properties cannot be
configured for Inroute Groups.
For simplicity, this section assumes that configured costs and CIRs are equal when comparing
these two properties.
Allocation Fairness Relative to Nominal MODCOD

Allocation Fairness Relative to Nominal MODCOD adjusts bandwidth allocation based on the
configured nominal MODCOD of the remotes. As with Allocation Fairness Relative to CIR, this
scaling is accomplished by adjusting the effective cost of the sub-nodes. The new cost is
displayed on the Group QoS GUI.
Figure 7-23. Results of Selecting Allocation Fairness Relative to Nominal MODCOD
Figure 7-23 shows the results of selecting Allocation Fairness Relative to Nominal MODCOD
for a Remote Service Group containing two remotes with different nominal MODCODs.
Remote e8350 44444 is configured with a lower MODCOD (QPSK 3/4) than remote e8350
71217 (8PSK 8/9). This difference in nominal MODCOD is reflected in the lower effective cost
of bandwidth assigned to e8350 4444. All other things being equal, this cost adjustment
causes e8350 4444 to receive more raw satellite bandwidth (in symbols) than e8350 71217
in order to achieve the same information rate when both remotes are operating at their
nominal MODCODs.

iDX Release 3.5
A remote does not always receive the outbound carrier at its nominal MODCOD. When
Allocation Fairness Relative to Nominal MODCOD is enabled, the effective cost of bandwidth
is fixed based on the configured nominal MODCOD. Therefore, at a given symbol rate, the
remote’s information rate changes when the operating MODCOD of the remote changes. For
example, if a remote is operating below its nominal MODCOD, the remote’s information rate
is reduced relative to other remotes since the remote requires more bits for error correction
than at its nominal MODCOD.
Note that when Allocation Fairness Relative to Nominal MODCOD is enabled, the MODCOD
that a mobile remote receives may vary due to differences in beam quality at various
locations in the beam footprint. This can cause the information rate received by the remote
to vary even in clear sky conditions as the remote moves across the beam. This variation in
information rate can be avoided by selecting Allocation Fairness Relative to Operating
MODCOD.
Allocation Fairness Relative to Operating MODCOD

Allocation Fairness Relative to Operating MODCOD adjusts bandwidth allocation based on
the current operating MODCOD of the remotes. If a remote is operating at a MODCOD lower
than its nominal MODCOD, the information rate of the bandwidth allocated to the remote is
not reduced in comparison to other remotes. Instead, the symbol rate allocated to the remote
is increased resulting a reduction in bandwidth available to competing remotes.
Like Allocation Fairness Relative to Nominal MODCOD, Allocation Fairness Relative to
Operating MODCOD operates by adjusting the effective cost of bandwidth allocated to the
QoS subnodes for which this property is enabled. However, unlike Allocation Fairness
Relative to Nominal MODCOD, this cost adjustment is performed dynamically during
operation in order to vary the proportion of bandwidth the remote is allocated based on the
MODCOD it is currently receiving. Since the cost adjustment for Allocation Fairness Relative
to Operating MODCOD changes during operation, the adjusted cost cannot be displayed on
the Group QoS GUI in iBuilder.
Configuring Allocation Fairness Relative to Nominal or Operating

MODCOD
For a given QoS node, you can select either Allocation Fairness Relative to Nominal MODCOD
or Allocation Fairness Relative to Operating MODCOD, but not both. These options are
independent of Allocation Fairness Relative to CIR. That is, they can be selected whether or
not Allocation Fairness Relative to CIR is also selected.
In Remote Based QoS Mode, Allocation Fairness Relative to Nominal MODCOD or Allocation
Fairness Relative to Operating MODCOD can only be selected at the Application Service
Group level of the Group QoS tree. In Application Based QoS Mode, these properties can only
be defined at the Application level of the Group QoS tree. For Remote Service Groups, these
properties can only be defined at the Remote Service Group level of the Group QoS tree.
Figure 7-22 shows Allocation Fairness Relative to Nominal MODCOD selected for an
Application.

iDX Release 3.5
Figure 7-24. Selecting Allocation Fairness Relative to Nominal MODCOD
Like Allocation Fairness Relative to CIR, Allocation Fairness Relative to Nominal MODCOD
and Allocation Fairness Relative to Operating MODCOD apply to both CIR bandwidth
allocation and to best-effort bandwidth allocation.
For definitions of the different types of Allocation Fairness, see QoS Properties on page 230.
For details on configuring Group QoS Service Groups, see Adding a Service Group on page 262.
For details on configuring Group QoS Applications, see Adding Applications to Application
Service Groups on page 264.
7.2.5 Adding a Bandwidth Group

Each Bandwidth Pool (Network or Inroute Group) can contain multiple Bandwidth Groups.
To add a new Bandwidth Group:
1. In the Group View of the Group QoS tab, right-click an existing Bandwidth Group and
select Insert. (You can also select Modify to modify the Bandwidth Group or Clone to
insert a copy of the Bandwidth Group.)

iDX Release 3.5
2. In the Bandwidth Group dialog box, enter a Name for the new Bandwidth Group.
Figure 7-25. Bandwidth Group Dialog Box
NOTE: Group QoS nodes are divided into Allocation Properties and Request
Properties. (For example, see Figure 7-25.) Allocation Properties of Group QoS
nodes influence the behavior of the node on which they are configured when that
node is allocating bandwidth to its subnodes. Request Properties of Group QoS
nodes determine how the configured node requests its bandwidth.
3. Enter the properties you want to configure for the Bandwidth Group and click OK. (For
details on all Group QoS properties, see QoS Properties on page 230.)
4. When configuring Group QoS for a DVB-S2 network with CIR or MIR defined, click the
MODCOD Distribution button to estimate the effective rates for the network. See
Estimating Effective MIR and CIR for DVB-S2 Networks on page 252 for details. Configured
and effective cost are discussed in Allocation Fairness Relative to CIR on page 256.
Figure 7-26 shows a new Bandwidth Group inserted into the Group QoS tree for a Bandwidth
Pool.

iDX Release 3.5
Figure 7-26. New Bandwidth Group in Group QoS Tree
A new Bandwidth Group automatically includes one Remote Service Group and one
Application Service Group containing two Applications. Properties are assigned to these
subgroups based on the configuration of the default upstream or downstream Group Profile.
(See Working with Group Profiles on page 293 for a discussion of Group Profiles.)
7.2.6 Adding a Service Group

This section explains how to configure Service Groups under your Bandwidth Groups. A
Bandwidth Group may contain multiple Application Service Groups, multiple Remote Service
Groups, or both types of Service Group. To insert a new Service Group:
1. In the Group View of the Group QoS tab, right-click an existing Service Group and select
Insert Application Service Group or Insert Remote Service Group. (You can also select
Modify to modify the Service Group or Clone to insert a copy of a Service Group.)
2. In the Service Group dialog box, enter a Name for the new Service Group.

iDX Release 3.5
Figure 7-27. Service Group Dialog Box
3. Enter the properties you want to configure for the Service Group and click OK. (For
details on all Group QoS properties, see QoS Properties on page 230.)
MODCOD Distribution button to estimate the Effective rates for your network. See
Estimating Effective MIR and CIR for DVB-S2 Networks on page 252 for details.
Configured and Effective cost are discussed in Allocation Fairness Relative to CIR on
page 256. Allocation Fairness Relative to Nominal MODCOD and Allocation Fairness
Relative to Operating MODCOD are discussed on page 258.
5. For Service Groups, Enable EIR for Remotes in Group applies only to DVB-S2 networks.
For Application Service Groups, it only applies to Remote Based QoS mode. It can also be
selected for Remote Service Groups in a DVB-S2 network. Select this option to allow EIR to

iDX Release 3.5
be configured for physical remotes on the Remote QoS tab. (See Remote QoS Tab on
page 188.)
NOTE: Selecting Enable EIR for Remotes in Group allows a network administrator
with Group QoS permissions to allow or disallow the configuration of EIR for
physical remotes per Service Group in a DVB-S2 network. It also allows the
administrator to limit the value that can be set for the EIR Minimum MODCOD on
the physical remotes.
6. If you selected Enable EIR for Remotes in Group, also select the Minimum MODCOD
Allowed for the remotes in this Service Group. The selected MODCOD is the minimum
MODCOD that can be configured for the physical remote on the Remote QoS tab.
Figure 7-28 shows a new Application Service Group inserted into a Bandwidth Group in the
Group QoS tree.
Figure 7-28. New Application Service Group Inserted Into a Bandwidth Group
A new Application Service Group automatically contains two Applications, NMS and Default.
The properties of these Applications are assigned based on the configuration of the default
upstream or downstream Group Profile. (See Working with Group Profiles on page 293 for a
discussion of Group Profiles.)
7.2.7 Working with Application Service Groups

As described in the section Group QoS Hierarchy on page 233, there are two types of Service
Groups: Application Service Groups and Remote Service Groups. This section of this chapter
applies to Application Service Groups only. The procedures in this section explain how to add
Applications and Service Profiles to Application Service Groups; how to assign Service Profiles
to Remotes; and how to override Application properties on Virtual Remotes. When working
with Remote Service Groups, see Working with Remote Service Groups on page 282.
Adding Applications to Application Service Groups

Each Application Service Group can contain multiple Applications. This procedure shows how
to add Applications to your Application Service Groups.
1. In the Group View of the Group QoS tab, right-click an existing Application and select
Insert. (You can also select Modify to modify the Application or Clone to insert a copy of
the Application.)

iDX Release 3.5
2. In the QoS Application dialog box, enter a Name for the new Application.
Figure 7-29. QoS Application Dialog Box

iDX Release 3.5
3. You can only select Multicast Fast Path when configuring a downstream Multicast
Application.
NOTE: Selecting Multicast Fast Path improves performance by forwarding

multicast packets received by a remote directly from firmware to the Ethernet,
bypassing remote software processing. See Configuring Remotes for Multicast
Fast Path on page 277 for details.
4. Enter the properties you want to configure for the Application in the Request Properties
and Allocation Properties areas of the dialog box. These properties determine how
bandwidth is allocated for all remotes you configure to use this Application. (For details
on all Group QoS properties, see QoS Properties on page 230.)
MODCOD Distribution button to estimate the Effective rates for the network. See
Estimating Effective MIR and CIR for DVB-S2 Networks on page 252 for details.
Configured and Effective cost are discussed in Allocation Fairness Relative to CIR on
page 256. Allocation Fairness Relative to Nominal MODCOD and Allocation Fairness
Relative to Operating MODCOD are discussed on page 258.
6. Enable EIR for Remotes in Application applies only to DVB-S2 networks in Application
Based (or Application Scaled) QoS mode. Select this option to configure EIR for Virtual
Remotes using this Application.
7. If you selected Enable EIR for Remotes in Application, also select the Minimum MODCOD
Allowed. The selected MODCOD is the minimum MODCOD that can be configured for
remotes using this Application.
8. When configuring a Multicast Application for a DVB-S2 network, the Allocation Properties
display the Multicast MODCOD (Figure 7-30) rather than an EIR Minimum MODCOD. Select
a Multicast MODCOD for your Multicast Application.
Figure 7-30. Selecting a User Multicast MODCOD
9. In the Application Profiles area of the dialog box, select each Application Profile you
want to include in this Application. Each Application is specified by one or more
Application Profiles configured in the Application Profiles folder. (See section Adding an
Application Profile on page 304 for details.)
NOTE: You can use the arrow buttons to change the order of the
Application Profiles within an Application. First, select an Application Profile;
then click the buttons to move the Application up or down in the list.

iDX Release 3.5
NOTE: The order of Application Profiles within your Applications is important for
two reasons. First, once a rule in an Application Profile matches a packet, no
further classification of the packet is performed. Second, placing high-volume
Application Profiles higher in the list will reduce the amount of processing time
used to check seldom-matched rules.
10. Click OK when you have finished defining the Application.
Figure 7-31 shows a new Application for TCP inserted into an Application Service Group in the
Group QoS tree.
Figure 7-31. New Application Inserted Into an Application Service Group
Creating Service Profiles

Like an Application Service Group, a Service Profile contains one or more Applications. Each
Application consists of Service Levels and Rules specified by one or more Application Profiles.
(See Adding an Application Profile on page 304 for details on creating and editing Application
Profiles.)
When you create a new Application Service Group, you automatically create a default Service
Profile for the new group containing the NMS and Default Applications. These two Applications
are based on the Upstream or Downstream NMS and the Default Application Profiles. You can
modify the NMS and Default Application Profiles, but you cannot delete them.
The only Applications available to a Service Profile are those assigned to the corresponding
Service Group in the Group View, as described in Adding Applications to Application Service
Groups on page 264. However, adding an Application to a Service Group does not
automatically select that Application as part of any Service Profiles configured from that
Service Group. You must select the Applications manually. The following procedure shows how
to configure your Service Profiles.
1. Right-click anywhere on the Group QoS tab and select Service Profile View from the
menu.

iDX Release 3.5
NOTE: There is no default Multicast Service Profile. However, Multicast Service

Profiles are required to configure your remotes to use the Multicast Fast Path
feature. For information on creating and assigning Multicast Fast Path Service
Profiles, see Configuring Remotes for Multicast Fast Path on page 277.
2. Right-click the Service Profile and select Modify to display the QoS Service Profile dialog
box. You can also Clone or Modify existing Service Profiles, or Insert new Service Profiles
into the Group QoS tree.
3. In the QoS Service Profile dialog box, select each Application you want to add to the
Service Profile. If the Application contains more than one Application Profile, you can
individually select which Application Profiles you want to include.

iDX Release 3.5
Figure 7-32. QoS Service Profile Dialog Box
4. Click OK to save the Service Profile and return to the Group QoS tab.
NOTE: You can use the Add and Delete buttons (shown in Figure 7-32) to insert
Applications into the Service Group or remove Applications from the Service
Group without returning to the Group View.
Configuring Application Properties for Remotes

Once you have added an Application to your Service Profile, you can configure how the
Application is applied on the individual remotes that use that Service Profile. When you added
the Application in the Group View (see Adding Applications to Application Service Groups on
page 264), you were configuring how bandwidth is allocated for all remotes using that
Application. However, when you configure the properties of an Application in a Service
Profile, you are configuring the individual properties of each Virtual Remote configured to use
the Service Profile.
For example, you might define an MIR of 1000 kbps for an Application in the Group View to
limit the amount of bandwidth distributed for that Application to all remotes in a Service

iDX Release 3.5
Group. You might then define an MIR of 100 kbps for the Application in a Service Profile to
limit each remote using that Service Profile to 100 kbps for that Application.
Follow these steps to configure the QoS properties assigned to Virtual Remotes:
menu.
2. Under the Service Profile you want to change, right-click an Application and select
Modify from the menu.
3. In the Request Properties area of the dialog box, modify the properties you want to
change.

iDX Release 3.5
Figure 7-33. Application Properties Dialog Box
4. In the Allocation Properties, the EIR section of the dialog box applies only to DVB-S2
outbound carriers with ACM enabled. EIR is only enabled within the range defined by the
carrier’s Maximum MODCOD and the Minimum MODCOD entered here. (See page 231 for
the definition of EIR. See page 78 for details on configuring the MODCOD range of your
DVB-S2 carriers.)
5. Select Apply to All only if you want to apply these settings to all Virtual Remotes using
this Application. This will remove any overrides that were previously configured for
individual Virtual Remotes. If you do not select Apply to All, previously-defined overrides
are retained. (See Overriding Application Properties on Individual Remotes on page 275.)
Assigning Service Profiles to Remotes

Once you have created a Service Profile for a Network or an Inroute Group, you can then
assign the Service Profile to selected remotes in that Bandwidth Pool. By assigning different
Service Profiles to separate groups of remotes in a single Bandwidth Pool, you can control how
bandwidth is requested by and allocated for the remote groups.
Typically, you will only assign one Service Profile per remote. However, under rare
circumstances, you may want to assign more than one Service Profile to a single remote. You
can only assign multiple Service Profiles to a single remote if those Service Profiles are in
different Service Groups within the same Bandwidth Group or in different Bandwidth Groups.

iDX Release 3.5
You cannot configure a remote with more than one NMS or Default Application. If you choose
to assign multiple Service Profiles to a single remote, the NMS and Default Applications of the
new Service Profile will be applied to the remote in place of the NMS and Default Applications
that were previously applied. When you remove a Service Profile from a remote which had
multiple profiles assigned, then if the NMS and Default Applications were applied from that
profile, the remote will be re-assigned the NMS and Default Applications of the first Service
Profile in the Group QoS Profile View that is still assigned to the remote. Applications other
than NMS and Default should be unique across all Service Profiles assigned to a remote. If not,
only one of the identical Applications will be selected, overriding the duplicate Application.
Normally, an operator assigns Service Profiles to individual remotes on the Remote QoS tab.
(See Remote QoS Tab on page 188 for details.) Service Profiles assigned to a Remote are
displayed in the Upstream QoS and Downstream QoS sections of that tab. Figure 7-34 shows
two Service Profiles (SP 1 and SP 2) assigned to a single remote for an Inroute Group. (The
Service Profile shown in bold—called the Primary Service Profile—contains the NMS and
Default Applications applied to this remote.)
Figure 7-34. Multiple Service Profiles Assigned to a Single Remote
The remainder of this section describes how to assign Service Profiles to remotes from the
Group QoS Service Profile-Remote View. This method can be used by a Group QoS
administrator as an alternative to assigning Service Profiles to individual remotes on the
Remote QoS tab.
NOTE: A Service Profile assigned to an Evolution X1 or e150 remote can have a

maximum of 10 (total) Service Levels. Each Virtual Remote in the assigned Profile
can have a maximum of 5 Service Levels. Assigning a Profile to an X1 or e150 that
exceeds either of these limits will cause the remote state to change to
Incomplete in the iBuilder Tree.
To assign a Service Profile to a Remote:

1. Right-click anywhere in the Group QoS tab of a Network or Inroute Group and select
Service Profile-Remote View from the menu.

iDX Release 3.5
2. Right-click anywhere in the Service Profile-Remote View and select Expand Tree to view
the current Service Profile assignments.
3. Right-click the Service Profile you want to assign and select Assign/Unassign Remote.

iDX Release 3.5
4. In the Remote Select dialog box (Figure 7-35), select the remote or remotes you want to
assign. Use Ctrl-click or Shift-click to select multiple remotes.)
Figure 7-35. Moving Remotes Between QoS Service Profiles
5. Click the arrow keys to move remotes between the Available

Remotes pane and the Assigned Remotes pane. (The single-headed arrows move all
selected remotes between panes. The double-headed arrows move all remotes between
panes.)
6. Click OK to save the Service Profile assignments.
NOTE: If you re-assign a remote to a new Service Profile in a different Service

Group, its previous Service Profile is still assigned as well. You can follow steps
similar to those above to unassign the remote’s previously-assigned profile. If you
are not sure if you have assigned a remote to multiple Service Groups, expand the
tree in the Service Profile-Remote View and check the Remote column for
multiple assignments.

iDX Release 3.5
NOTE: You can also change the Service Profile assignments of remotes by
selecting remotes in the Service Profile-Remote View and dragging the remotes
between Service Profiles. Figure 7-36 shows remote e8350 32132 being dragged
from Appl Service Group 1/SP 1 to Appl Service Group 2/SP 2.
Figure 7-36. Dragging a Remote Between QoS Service Profiles
Overriding Application Properties on Individual Remotes

Normally, when you assign a Service Profile to a remote, the remote Applications (Virtual
Remotes) are assigned the properties of the Applications that you configured for the
Applications in the Service Profile. (See Configuring Application Properties for Remotes on
page 269.) However, you can override these Application properties for individual Virtual
Remotes in the Group QoS Service Profile View.
Follow these steps to override the QoS properties assigned to Virtual Remotes:
menu.

iDX Release 3.5
2. Under the Service Profile you want to change, right-click a Virtual Remote and select
Modify from the menu.
3. In the Request Properties area of the Properties dialog box, modify the properties you
want to change.

iDX Release 3.5
Figure 7-37. Overriding Application Properties on Individual Remotes
4. In the Allocation Properties area of the dialog box, you can override the EIR Minimum
MODCOD setting on the outbound for a remote receiving a DVB-S2 outbound. See
Configuring Application Properties for Remotes on page 269 for details.
5. Click OK to save your changes to the Virtual Remote.
Configuring Remotes for Multicast Fast Path

When you configure a remote to use a Multicast Fast Path Application, downstream multicast
packets that match the rules configured for the Fast Path Application are forwarded to the
Ethernet directly by the firmware running on the remote modem. This bypasses remote
software processing and improves throughput on the remote.
You can configure a maximum of 16 Multicast Fast Path Applications per network. Follow
these steps to configure a Multicast Fast Path Application and assign it to your remotes.
1. Follow the steps in Adding an Application Profile on page 304 to add a Downstream
Application Profile for a Multicast Fast Path Application. Edit the Service Level and Rule(s)
to ensure that the Priority, Destination IP Address, Subnet Mask, Port Range, and VLAN
Range are correctly configured for the Multicast Address(es) that you want the remotes to
receive.

iDX Release 3.5
Figure 7-38. Example Downstream Multicast Application Profile and Rule
2. In the Group View of the Group QoS tab for your network, right-click an existing
Application in the Application Service Group of your Multicast Bandwidth Group and
select Insert.
The QoS Application dialog box opens.
Figure 7-39. QoS Application Dialog Box: Selecting Multicast Fast Path

iDX Release 3.5
3. Enter a Name for your Multicast Fast Path Application.

4. Select the Multicast Fast Path check box as shown in Figure 7-39.
NOTE: The Stream Number is required to authorize Evolution X7 remotes in

another network to receive this Multicast Fast Path stream over their second
receivers. See Remote VSAT-2 Tab on page 207 for details.
5. Configure the remaining QoS properties for your Application as described in Adding
Applications to Application Service Groups on page 264.
6. In the Application Profiles area of the QoS Application dialog box (Figure 7-40), select
the downstream multicast Application Profile that you configured in Step 1.
Figure 7-40. Selecting a Fast Path Application Profile for a Multicast Application
7. Click OK to add the Multicast Fast Path Application to the Multicast Bandwidth Group and
return to the Group View.
8. In the Group View, double-click the Profiles folder for the Multicast Service Group to open
the Service Profile View for the Multicast Application Service Group.

iDX Release 3.5
Figure 7-41. Opening the Multicast Service Profile View
NOTE: If this is the first Multicast Service Profile configured for your network, the
Service Profile View for the Multicast Service Group will be empty.
9. If the Service Profile View is empty (Figure 7-42, left image), right-click anywhere in the
main window and select Insert from the menu. If there are existing Multicast Service
Profiles (Figure 7-42, right image), right-click an existing Service Profile and click Insert.
Figure 7-42. Inserting a Multicast Service Profile into the Multicast Service Group
10. In the QoS Service Profile dialog box:

a. Enter a Name for the Service Profile.
b. Select the Multicast Fast Path Application that you configured in the previous steps.

iDX Release 3.5
Figure 7-43. Selecting a Fast Path Application for a Multicast Service Profile
11. Click OK to return to the Service Profile View.

12. Right click anywhere in the Service Profile View and select Service Profile Remote View
from the menu.
13. In the Service Profile Remote View, right-click your Multicast Service Profile and select
Assign/Unassign Remote.
14. The Remote Select Dialog Box opens (Figure 7-44).
Figure 7-44. Assigning a Multicast Fast Path Service Profile to Remotes
15. In the Remote Select dialog box, select the Available Remotes (on the left) to which you
want to assign the Multicast Fast Path Service Profile.
16. Click the single arrow in the center of dialog box to move those remotes into the Assigned
Remotes area (on the right) of the dialog box.
17. Click OK to save the remote assignments and return to the Service Profile Remote View.
18. Click OK to save the Group QoS changes for your network. You should see changes pending
on your network and hub-side changes pending on your remotes.

iDX Release 3.5
19. Apply the changes to your network and remotes.
NOTE: Operators can also assign remotes to Multicast Service Groups on the
Remote QoS Tab. See Remote QoS Tab on page 188 for details.
20. Add a persistent multicast groups to your network for each VLAN (including the default
VLAN) configured by the Multicast Fast Path Application to carry the Multicast Fast Path
packets. Adding a Network on page 118 contains the steps for adding persistent multicast
groups to a network. For a complete description of multicast support in iDirect, see the
Technical Note titled IP Multicast in iDirect Networks.
NOTE: A remote will always forward Multicast Fast Path packets to the local LAN,
even if a persistent multicast group is not configured for the eth0 interface of the
remote. However, you should configure a persistent multicast group for your
Network to ensure that the protocol processor forwards the multicast packets to
the transmit line card for transmission on the downstream carrier.
7.2.8 Working with Remote Service Groups

As described in the section Group QoS Hierarchy on page 233, there are two types of Service
Groups: Application Service Groups and Remote Service Groups. This section of this chapter
applies to Remote Service Groups only. The procedures in this section explain how to
configure Remote Profiles; how to add remotes to Remote Service Groups; and how to assign
Remote Profiles to remotes. If you are working with Application Service Groups, see Working
with Application Service Groups on page 264.
Remote Profiles
A Remote Profile contains one or more Applications. Each Application in a Remote Profile is
built from one or more Application Profiles. Application Profiles contain the Service Levels
and Rules defined to handle the various types of traffic in your networks. (See Adding an
Application Profile on page 304 for details on creating and editing Application Profiles.)
Remote Profiles are created in the QoS folder of the iBuilder Tree under the Remote Profiles
folder. Two subfolders named Downstream and Upstream contain the Remote Profiles that
you can assign for your Networks and Inroute Groups, respectively. Figure 7-45 shows an
example of the Remote Profiles folder in the iBuilder Tree.
Figure 7-45. Remote Profiles Folder in iBuilder Tree

iDX Release 3.5
By default, there are two preconfigured Remote Profiles: Default Downstream Profile and
Default Upstream Profile. These default profiles are built from the NMS and Default
Application Profiles described on page 302. You can assign default Remote Profiles to your
remotes, but you cannot change them or delete them.
You can add, clone, modify and delete Remote Profiles in the same way that you perform
these operations for other profiles in the QoS folder. For instructions on how to perform these
operations, see page 302.
Remote Profiles are configured in the Upstream and Downstream Remote Profile dialog boxes.
An example of the Upstream Remote Profile dialog box is shown in Figure 7-46.
Figure 7-46. Remote Profile Dialog Box
As shown in Figure 7-46, the Remote Profile dialog box is divided into three sections.
In the top section of the dialog box, you can add new Applications and Application Profiles to
the Remote Profile. You also can drag the Applications or Application Profiles to change their
order. The order of the Applications and Application Profiles determines the order in which
the Service Levels are applied on Remotes assigned to this Remote Profile. Figure 7-46 shows

iDX Release 3.5
a Remote Service Group with two Applications, each containing two Application Profiles. The
QoS properties configured for the Applications are shown in the columns on the right.
The Service Levels pane of the dialog box shows the Service Levels configured for the
selected Application Profile. In Figure 7-46, the NMS Application Profile is selected in the top
section of the dialog box. Therefore, the Service Levels configured for the NMS are displayed
in the Service Levels section.
The Used By pane of the dialog box shows all remotes assigned to this Remote Profile. For
upstream profiles such as the one in figure Figure 7-46, the Inroute Group for each remote is
displayed in the second column. For downstream profiles, the Network containing each
remote is displayed in the second column.
You can perform the following operations on your Remote Profile:
• Add, Delete and Modify Applications
• Insert Application Profiles into Applications
• Delete Application Profiles from Applications
• Rearrange the order of Applications and of Application Profiles within Applications
• Move Application Profiles between Applications
The following rules apply when creating Remote Profiles
• Each Application in the Remote Profile must contain at least one Application Profile.
• The NMS Application Profile must be included in one Application within the Remote
Profile.
• The same Application Profile cannot be included more than once in a Remote Profile.
• The last Application Profile in the last Application of a Remote Profile must be the Default
Application Profile.
Adding a Remote Profile

Follow these steps to add a new Remote Profile to the iBuilder Tree:
1. Right-click the Upstream or Downstream folder under Remote Profiles and select Add
Downstream Remote Profile or Add Upstream Remote Profile from the menu.
The Remote Profile dialog box (Figure 7-47) opens.

iDX Release 3.5
Figure 7-47. Adding a Remote Profile
A new Remote Profile automatically contains a single Application built from the NMS and
Default Application Profiles.
2. Enter a Profile Name for your Remote Profile.
3. To add a new Application or Modify an existing Application:
a. Right-click an Application and select Add Application or Modify from the menu.
The Application dialog box opens (Figure 7-48).

iDX Release 3.5
Figure 7-48. Application Dialog Box
b. If this is a new Application, enter a Name for the Application.

c. In the Request Properties area of the Application dialog box, modify any QoS
properties you want to change for this Application. (For details on all Group QoS
properties, see QoS Properties on page 230.)
d. EIR applies only to Downstream Applications in DVB-S2 networks. Select Enable EIR to
configure EIR for this Application.
e. If you selected Enable EIR, also select the Minimum MODCOD Allowed. The selected
MODCOD is the minimum EIR MODCOD for this Application.
f. Click OK to save the changes.
NOTE: You can drag Applications to rearrange their order within a Remote Profile.

iDX Release 3.5
Figure 7-49. Rearranging Applications
4. To insert a new Application Profile into an existing Application:

a. Right-click the Application and select Insert Profile.
b. In the Choose Application Profile dialog box, select the Application Profile you want
to add to the Application.
Figure 7-50. Inserting an Application Profile into an Application
c. Click OK to insert the Application Profile.
NOTE: You can drag Application Profiles to rearrange their order within an
Application.
Figure 7-51. Rearranging Application Profiles

iDX Release 3.5
Assigning Remotes to Remote Service Groups

This section explains how to assign remotes to Remote Service Groups. When you assign a
remote to a Remote Service Group, you can also select the Remote Profile to be used by the
remote.
There are two ways to assign a remote to a Remote Service Group and select its Remote
Profile. Normally, an operator performs this function on the Remote QoS tab by clicking the
Edit button for the Upstream or Downstream Service Group and selecting the Remote Service
Group and Remote Profile (Figure 7-52). This method is discussed in more detail in the section
Remote QoS Tab on page 188.
Figure 7-52. Assigning a Remote Service Group on the Remote QoS Tab
This remainder of this section describes how to assign Remotes to Remote Service Groups
from the Group QoS Remote Profile View. This method can be used by a Group QoS
administrator as an alternative to assigning Service Profiles to individual remotes on the
Remote QoS tab.
To assign Remotes to a Remote Service Group:
1. Right-click anywhere in the Group QoS tab of a Network or Inroute Group and select
Remote Profile View from the menu.

iDX Release 3.5
2. Right-click anywhere in the Remote Profile View and select Expand Tree to view the
current Remote Service Group assignments.
3. Right-click the Service Profile you want to assign and select Assign/Unassign Remote.
4. In the Remote Select dialog box (Figure 7-53), select the remote or remotes you want to
assign. Use Ctrl-click or Shift-click to select multiple remotes.

iDX Release 3.5
Figure 7-53. Moving Remotes Between Remote Service Groups
5. Click the arrow keys to move remotes between the Available

Remotes pane and the Assigned Remotes pane. (The single-headed arrows move all
selected remotes between panes. The double-headed arrows move all remotes between
panes.)
6. Click OK to save the Remote Service Group assignments and return to the Remote Profile
View.
7. In the Remote Profile View, assign Remote Profiles to your remotes by selecting one or
more remotes in the pane on the left and then selecting a Remote Profile in the Remote
Profile pane on the right.

iDX Release 3.5
Figure 7-54. Assigning Remote Profiles in the Remote Profile View
NOTE: The Remote Profile column shows the Remote Profile assignments for all
remotes in the Remote Profile view. You can click the column header to sort by
Remote Profile within each Remote Service Group. In Figure 7-54, the last remote
displayed has not yet been assigned a Remote Profile.
NOTE: You can also change the Remote Service Group assignments of remotes by
selecting remotes in the Remote Profile View and dragging the remotes between
Remote Service Groups. Figure 7-55 shows remote e8350 42132 being dragged
from Remote Service Group 1 to Remote Service Group 2.
Figure 7-55. Dragging a Remote Between Remote Profiles
7.2.9 Configuring Full-Trigger CIR for a Remote

You can enable Full-Trigger CIR for any upstream application running on a remote (i.e., for
any Virtual Remote configured on the Group QoS tab of your Inroute Group). You cannot
enable Full-Trigger CIR for downstream applications. If Full-Trigger CIR is enabled for a Virtual
Remote, the Virtual Remote will be granted all of its configured CIR bandwidth whenever any
CIR bandwidth is granted to the Virtual Remote, regardless of the amount requested.
Full-Trigger CIR can only be enabled by configuring a hub-side custom key on the remote
Custom tab. Follow these steps to enable Full-Trigger CIR for a Virtual Remote:
1. Determine the Virtual Remote number by right-clicking anywhere on the Group QoS tab of
your Inroute Group and selecting Remote View from the menu.
2. Right-click anywhere in the Remote View and select Expand Tree to view all remotes
and their Applications.
3. Scroll down to the remote that you want to configure, and examine the Application
column in the Remote View. Each Application listed for a remote represents a Virtual
Remote. Virtual Remote numbers are assigned according to the order of the Applications.
In Figure 7-56, for Remote 3, NMS is Virtual Remote 1, VoIP is Virtual Remote 2, and
Default is Virtual Remote 3. Note the Virtual Remote number for the Application that you
want to configure for Full-Trigger CIR.

iDX Release 3.5
Figure 7-56. Determining Virtual Remote Numbers for Remote Applications
4. Right-click the remote in the iBuilder Tree and select ModifyItem.
5. In the Modify Configuration Object dialog box, click the Custom Tab. Then add a custom
key to the Hub-Side Configuration pane in the following format:
[UPSTREAM_VR_#]
full_cir_trigger = 1
where # is the Virtual Remote number determined in Step 3. Figure 7-57 shows the
custom key required to enable Full-Trigger CIR for Virtual Remote 2 on the remote being
configured.

iDX Release 3.5
Working with Group Profiles
Figure 7-57. Defining the Full Trigger CIR Custom Key

7. Right-click the remote in the iBuilder Tree and select Apply ConfigurationReliable
Hub-Side (TCP) to send the new configuration to the protocol processor.
7.3 Working with Group Profiles

Group Profiles allow you to apply the identical Group QoS configuration to multiple Networks
or Inroute Groups. They also enable you to work offline to develop Group QoS configurations
before assigning them to your Bandwidth Pools. A Group Profile contains the entire Group QoS
tree associated with a Bandwidth Pool.
Using Group Profiles, you can:
• Save the Group QoS configuration of an existing Bandwidth Pool to an Upstream or
Downstream Group Profile.
• Create copies of Group Profiles to use as templates for similar profiles
• Modify Group Profiles
• Replace the Group QoS configuration of any Bandwidth Pool with a Group Profile
The following sections explain how to create, modify, copy, and apply your Group Profiles.
There are two default Group Profiles: the Default Downstream Profile and the Default
Upstream Profile. When you add a Network to the iBuilder Tree, iBuilder automatically assigns
the Default Downstream Profile to the new Network. When you add an Inroute Group to the

iDX Release 3.5
iBuilder Tree, iBuilder automatically assigns the Default Upstream Profile to the new Inroute
Group. The contents of the default Group Profiles are described in Configuring Group QoS on
page 244. You can modify the default Group Profiles, but you cannot delete them.
7.3.1 Saving Group Profiles

Follow these steps to save the Group QoS configuration of an Inroute Group or Network to an
Upstream or Downstream Group Profile. The entire Group QoS tree associated with the
selected Bandwidth Pool will be saved to a Group Profile.
1. Right-click anywhere on the Group QoS tab and select Group View from the menu.
2. Right-click anywhere in the Group View and select Save to Profile to display the QoS
Group Profile dialog box.
3. In the QoS Group Profile dialog box, enter a name for your new Group Profile.

iDX Release 3.5
Figure 7-58. Creating a QoS Group Profile
4. You can view the properties of the various group members before saving the Group
Profile. To see the properties of a Bandwidth Group, Service Group or Application, select
its icon in the Group Hierarchy pane. The properties of that group member appear in the
Group Members pane.

iDX Release 3.5
Figure 7-59. Viewing Properties of QoS Group Members
5. To save the Group Profile, click OK in the QoS Group Profile dialog box. Then click OK in
main screen of the Group QoS tab.
Inroute Group QoS profiles are saved in the QoSGroup ProfilesUpstream folder of the
iBuilder Tree. Network Group QoS profiles are saved in the QoSGroup
ProfilesDownstream folder of the iBuilder Tree.
Figure 7-60. iBuilder Tree: QoS Group Profile Folders

iDX Release 3.5
7.3.2 Copying Group Profiles

You can use the “Clone” operation to create a copy of an Upstream or Downstream Group
Profile. You cannot copy Group Profiles between the Upstream and Downstream folders. You
can only create copies of Group Profiles within the original folder.
To create a copy of a Group Profile:
1. Right-click the Group Profile in the iBuilder Tree and select Clone from the menu. The
new profile is automatically created in the current folder (Upstream or Downstream) and
the Modify Configuration dialog box opens.
2. In the Modify Configuration Object dialog box, enter a Profile Name for the new Group
Profile.
Figure 7-61. Copying a QoS Group Profile
3. If desired, you can make changes to the Group Profile before you save it. See Configuring
Group QoS on page 244 for details on modifying the Group QoS configuration.

iDX Release 3.5
NOTE: Only the Group View and Service Profile View are available when working
with Group Profiles. The Service Profile-Remote View, Remote Profile View, and
Remote View, which appear on the Group QoS tab, are not applicable to Group
Profiles.
7.3.3 Modifying Group Profiles

To modify a Group Profile:
1. Right-click the Group Profile in the iBuilder Tree and select ModifyItem to display the
Modify Configuration Object dialog box.
2. In the Modify Configuration Object dialog box, make the desired changes to the Group
QoS configuration. See Configuring Group QoS on page 244 for details on modifying the
Group QoS configuration.
Figure 7-62. Modifying a QoS Group Profile
3. When finished, click OK to save the changes to your Group Profile.
NOTE: Only the Group View and Service Profile View are available when working
with Group Profiles. The Service Profile-Remote View, Remote Profile View, and
Remote View, which appear on the Group QoS tab, are not applicable to Group
Profiles.

iDX Release 3.5
7.3.4 Applying Group Profiles to Networks and Inroute Groups

You can replace the Group QoS configuration for a Bandwidth Pool by re-creating the Group
QoS tree for that Bandwidth Pool from a Group Profile. When you replace the Group QoS tree,
remotes that are part of the Bandwidth Pool are automatically reconfigured as follows:
• If the new Group QoS tree created from the Group Profile contains at least one
Application Service Group, then:
• All remotes in the Network or Inroute Group are assigned to the first Bandwidth Group
in the new Group QoS tree.
• All Remotes in the Network or Inroute are reconfigured to use the new Default Service
Profile of the first Service Group of the first Bandwidth Group. This includes remotes
that were previously assigned to Remote Service Groups.
• If the new Group QoS tree created from the Group Profile contains only Remote Service
Groups, then all remotes will be unassigned in the new Group QoS tree.
Once you have replaced the Group QoS configuration, if you are using Application Service
Groups, you can assign different Service Profiles to your remotes by following the steps in
Assigning Service Profiles to Remotes on page 271.
If you are using Remote Service Groups, you must assign the remotes to Remote Service
Groups in the new tree and re-select their Remote Profiles. See Assigning Remotes to Remote
Service Groups on page 288.
To replace the Group QoS configuration for a Network or Inroute Group with the configuration
specified in a Group Profile, follow these steps:
1. Right-click the Network or Inroute Group in the iBuilder Tree and select ModifyItem.
2. Click the Group QoS tab.
3. Right-click anywhere on the Group QoS tab and select Group View from the menu.
4. Right-click anywhere in the Group View and select Create From Profile to display the
QoS Group Profile dialog box.

iDX Release 3.5
5. In the QoS Group Profile dialog box, select the Group Profile you want to use for this
Bandwidth Pool. (Only Upstream Group Profiles can be selected for Inroute Groups. Only
Downstream Group Profiles can be selected for Networks.)
Figure 7-63. Selecting a QoS Group Profile to Apply
6. You can view the properties of the various group members before applying the Group
Profile to the Bandwidth Pool. To see the properties of a Bandwidth Group, Service Group
or Application, select its icon in the Group Hierarchy pane. The properties of that group
member will appear in the Group Members pane.

iDX Release 3.5
Application Profiles and Filter Profiles
Figure 7-64. Viewing Properties of QoS Group Members
7. When finished, click OK in the dialog box. Then click Yes in the confirmation dialog box to
replace the Group QoS configuration.
8. When using Application Service Groups, follow the steps in Assigning Service Profiles to
Remotes on page 271 to assign remotes to Service Profiles based on the Application
Service Groups of the new configuration.
9. When using Remote Service Groups, follow the steps in Assigning Remotes to Remote
Service Groups on page 288 to assign remotes to Remote Service Groups.
10. When finished, click OK at the bottom of the Group QoS tab to save your changes.
7.4 Application Profiles and Filter Profiles

Application Profiles consist of groups of Service Levels, collected together and given the name
of your choice. Each Service Level can be configured with QoS properties and a set of rules.
They determine how packets are filtered and prioritized.
NOTE: Remote Profiles are built from Application Profiles. Remote Profiles are
discussed in detail in Remote Profiles on page 282.

iDX Release 3.5
Application Profiles define the Group QoS Applications that you add to your Service Profiles or
Remote Profiles. You then assign the Service Profile or Remote Profile to your remotes using
the Group QoS tab for your Bandwidth Pools or the QoS tab for your remotes. (See Configuring
Group QoS on page 244 for details.)
Filter Profiles encapsulate a single filter definition. A Filter Profile contains a group of rules,
but no Service Levels. Filter Profiles are assigned on the Remote QoS tab.
Application Profiles, Remote Profiles and Filter Profiles are stored in separate folders in the
iBuilder Tree. They are not associated with a teleport; instead they are independent of any
network hierarchy, similar to spacecraft and antenna components. Figure 7-65 shows the
folders that store these profiles.
Figure 7-65. QoS Folders in iBuilder Tree
iBuilder contains a number of pre-configured Profiles to help you define various categories of
traffic. You can modify these pre-configured profiles to meet your needs; copy them to use as
templates for new profiles; or create your own profiles. A typical list of Downstream Filter
Profiles in the iBuilder Tree is shown in Figure 7-66.
Figure 7-66. Preconfigured Downstream Filter Folders
Preconfigured Application Profiles (Default Downstream, Default Upstream and NMS) are
automatically added to your Networks or Inroute Groups when created.
7.4.1 Adding a Profile

To add a new profile, right-click the Upstream or Downstream folder for the type of profile
you want to add and select the Add option. The title of the Add option will differ depending
on what type of profile you are adding: Upstream or Downstream.

iDX Release 3.5
A Modify Configuration dialog box opens to allow you to configure the profile you are adding.
Details are discussed in Adding an Application Profile on page 304 and Adding a Filter Profile
on page 308. Adding Remote Profiles is discussed in Adding a Remote Profile on page 284.
Once a Profile is configured and saved, it is added to the iBuilder Tree within its respective
folder. Figure 7-67 shows Group QoS Downstream Application Profiles in the iBuilder Tree.
Figure 7-67. New Profile in iBuilder Tree
NOTE: When a profile is being used, the icon in the iBuilder Tree is colored red
and the name is displayed in bold typeface.
7.4.2 Copying a Profile

You can copy a profile by right-clicking it and selecting Clone or Clone As from the menu. If
you select Clone, a copy of the selected profile is created in the same folder. You can then
edit the new profile to make changes.

iDX Release 3.5
If you select Clone As, the Clone As dialog box opens. The Clone As dialog box allows you
select a Direction for the copy of your profile. By selecting a Direction, you can copy a
Downstream profile to the Upstream folder, or an Upstream Profile to the Downstream folder.
Figure 7-68. Clone As Dialog Box
NOTE: Clone As is not available for Group QoS Profiles or Remote Profiles. You
cannot copy Group Profiles or Remote Profiles between the Upstream and
Downstream folders.
7.4.3 Adding an Application Profile

Application Profiles define the individual Applications that you include in your Service Groups,
Service Profiles, and Remote Profiles. Upstream Application Profiles are used on Inroute
Groups and on SCPC upstream carriers. Downstream Application Profiles are used on
downstream carriers.
To add an Application Profile, follow these steps:
1. In the iBuilder Tree, right-click the Downstream or Upstream folder under
QoSApplication Profiles and select Add Downstream Profile or Add Upstream Profile
from the menu.
You can also modify or copy an existing profile by right-clicking the profile and selecting Modify Item, Clone or Clone As from the menu. Clone creates a copy in the current folder.
Clone As allows you to copy profiles between the Downstream and Upstream folders.
2. After you have selected the operation you want from the menu, a dialog box opens.
(Figure 7-69 shows an Upstream Application Profile with multiple Service Levels. New
Application Profiles will be empty.)

iDX Release 3.5
Figure 7-69. Application Profile Dialog Box
Each Application Profile contains one or more Service Levels. Each Service Level can have
multiple Rules. When you select a Service Level in the Service Levels pane of the dialog
box, all Rules associated with that Service Level are displayed in the Rules pane.
The Used By pane shows which network elements and QoS groups are using this
Application Profile. For upstream Application profiles, remotes, Inroute Groups, Remote
Profiles and Service Profiles are displayed. For downstream profiles, remotes, Networks,
Remote Profiles and Service Profiles are displayed.
3. You can Add, Edit or Delete Service Levels by selecting the Service Level and clicking the
appropriate button. Figure 7-70 shows the Add Service Level dialog box. The Edit
Service Level dialog box is identical.

iDX Release 3.5
Figure 7-70. Add Service Level Dialog Box
4. Enter a Level Name for the Service Level.

5. Choose Reliable or Unreliable. If the Service Level is intended to match TCP traffic,
select Reliable. For all other traffic, select Unreliable.
6. Select Spoofing to enable TCP Acceleration. Spoofing applies to star TCP (Reliable)
traffic only. It does not apply to Unreliable traffic. Select Spoofing to enable it for TCP
traffic between the hub and remotes.
NOTE: TCP acceleration only works for IPv4 TCP packets. TCP acceleration is not
available for IPv6 traffic transported over an L2oS network.
7. By default, TDMA slots used by an application are grouped together in the frame for
transmission. If you select Reduce Jitter, the system will attempt to distribute the slots
as evenly as possible across the frame. Reduce Jitter should be selected for VoIP

iDX Release 3.5
applications. However, since it can decrease throughput, it should not be selected for
applications that are not jitter-sensitive.
8. Select or clear Drop Oldest First.
9. Select Trigger Wakeup to cause remotes to automatically exit Sleep Mode to transmit
incoming LAN packets on the upstream carrier if the packets match the Service Level
definition. Trigger Wakeup applies only to upstream profiles, and affects only remotes
that have Sleep Mode enabled. (See Adding Remotes on page 160.)
NOTE: If a remote in Sleep Mode receives traffic for transmission on the

upstream, and Trigger Wakeup is not selected for the traffic’s Service Level, then
the packets will be dropped and the remote will remain in Sleep Mode. A remote
will only wake from Sleep Mode if Trigger Wakeup is enabled for the traffic, or if
Sleep Mode is manually disabled for the remote on the remote Information tab.
10. Select Trigger State Change to cause remotes to automatically change from the Idle
State or Dormant State to the Active State when incoming packets for transmission on the
upstream carrier match the Service Level definition. (See Configuring Minimum
Information Rate and Idle and Dormant States on page 194.)
11. Select the method of Optimization for traffic matching this Service Level. Selecting
Maximum Efficiency instructs the software to allocate bandwidth as efficiently as
possible. Selecting Minimum Latency instructs the software not to hold onto partially
filled TDMA bursts but to release them immediately. For more details, see the chapter
titled “QoS Implementation Principles” in the iDirect Technical Reference Guide.
CAUTION: Selecting Minimum Latency can result in an increased number of

unused bytes per burst, significantly decreasing the upstream throughput for
remotes with this setting. Do not select Minimum Latency unless you are certain
that your application requires it.
12. Select the method of Scheduling to be used for this Service Level: Priority Queue, Cost-
Based, or Best Effort. If you select Priority Queue, then select the priority level from the
menu. If you select Cost-Based, then enter a cost value. For details on each scheduling
method, see the discussion of packet scheduling in the chapter titled “QoS
Implementation Principles” in the iDirect Technical Reference Guide.
13. Enter the Queue Depth.
14. Choose the Type of Service Marking you want.
15. Click OK to save this Service Level.
16. Use the Add, Edit and Delete Buttons in the Rules Pane to configure Rules for your
Service Profile. The steps for configuring Rules are covered in Adding a Rule to an
Application Profile or Filter Profile on page 309.
Figure 7-71. Service Profile Rules Pane

iDX Release 3.5
7.4.4 Adding a Filter Profile

You can define both Upstream and Downstream Filter Profiles. Like Application Profiles, Filter
Profiles can contain one or more rules that are used to classify transmit traffic. Unlike
Application Profiles, there are no Service Levels associated with Filter Profiles.
You can configure any remote with an Upstream Filter Profile, a Downstream Filter Profile, or
both. The rules configured for the assigned profile(s) are applied to any packets offered for
transmission on the upstream or received on the downstream before any other QoS processing
is performed.
Each filter profile can be configured with one or more rules. For a packet to be further
classified, it must match at least one of that filter profile’s rules. A rule is made up of one or
more comparisons between packet header fields and a known constant value specified by the
user. The system compares each rule in the order specified, and classifies the packet
according to the first rule that matches.
Follow these steps to add a Filter Profile:
1. Right-click the Filter Profiles folder under QoSUpstream or QoSDownstream in the
iBuilder Tree. Then select the Add Filter option from the menu to display the Filter
Profile dialog box (Figure 7-72).
Figure 7-72. Filter Profile Dialog Box
2. In the Filter Profile dialog box, click the Add button in the Rules pane to display the Add
Filter dialog box.

iDX Release 3.5
Figure 7-73. Add Filter Dialog Box
3. Follow the steps in Adding a Rule to an Application Profile or Filter Profile on page 309 to
configure a rule for this Filter Profile.
NOTE: There is a limit of 63 QoS service rules. If more than 63 service rules are
configured in iBuilder, the additional service rules are not honored. Traffic
matching these rules is classified as default traffic instead of priority traffic.
4. When you have finished adding Rules, click OK in the Filter Profile dialog box to save the
Filter Profile.
7.4.5 Adding a Rule to an Application Profile or Filter Profile

Each Application Profile or Filter Profile has one or more rules. A rule consists of one or more
clauses defining comparisons between packet header fields and the values specified by the
user. The system compares each rule in the order specified, and classifies the packet
according to the first rule that matches.
To add a rule, click the Add button in the Rules pane of the Application or Filter profile dialog
box. The Rules pane from an Application Profile dialog box is shown in Figure 7-74.

iDX Release 3.5
Figure 7-74. Application Profile Rules Pane
In the profile dialog box, the Rules pane displays all Rules configured for the Service Level
selected in the Service Level pane, along with the name of the selected Service Level. In the
Filter Profile dialog box, the Rules pane displays all Rules configured for the Filter Profile.
(See Adding an Application Profile on page 304 and Adding a Filter Profile on page 308 for
more details.)
When you select or clear the Show Protocol Names check box at the bottom of the dialog
box, the Rules pane toggles the displayed Rules between protocol names and numbers.
Figure 7-75 shows the result of selecting the check box (top) and of clearing the check box
(bottom) in the profile dialog box. Application and Filter Profile dialog boxes both provide the
same capability.
Figure 7-75. Selecting and Clearing the Show Protocols Name Check Box
Follow these steps to add a new rule for an Application or Filter Profile.
NOTE: Classifiers marked L2oS only in the descriptions below are used to classify
Ethernet frames in Layer 2 networks. These classifiers are not applicable to Layer
3 IPv4 networks. Other classifiers can be used in both Layer 2 and Layer 3
networks.
1. Click the Add button in the Rules pane to display the Add Rule dialog box.

iDX Release 3.5
Figure 7-76. Adding a Rule to a Profile
NOTE: When specifying rules, all comparisons specified (as indicated by the check
boxes on the left-hand side of the dialog box) must match for the rule to match a
packet.
2. Select the check boxes at the left to enable packet header fields for comparison by the
rule or filter. Then define the values and operators for each comparison as follows:
• Source IP and Destination IP address and Subnet Masks: The IP header field may be
equal to (=) or not equal to (<>) the value entered. The subnet mask is first applied to
the IP address in the packet, and then compared to the address specified in the filter.
• Source IPv6 and Destination IPv6 address and Subnet Masks (L2oS only): To enter an
IPv6 IP address:
• Select Source IPv6 or Destination IPv6 in the IP address drop-down list.
• Enter a valid IPv6 address / network prefix size (Figure 7-77).

iDX Release 3.5
Figure 7-77. Configuring an IPv6 Packet Classifier (L2oS Only)
• Source and Destination Port Ranges: Enter port range and mask. Select Same as
Source to configure the Destination Port Range to be identical to the Source Port
Range.
• SVN ID (L2oS only): This field refers to the SVN ID of the Ethernet frame. One or two-
part SVN IDs are allowed. Two-part SV IDs are used for QinQ tagging.
• SVN PCP (L2oS only): This field refers to the PCP (Priority Code Point) field of the SDT
in an Ethernet frame.
• DSCP, TOS, Precedence: If you select DSCP you cannot select TOS or Precedence. If
you select TOS or Precedence you cannot select DSCP.
• Protocol: The protocol of the packet can equal to (=) or not equal to (<>) the selected
protocol.
• Ethernet Type (L2oS only): This field refers to the outer-most Ethertype of the
Ethernet frame.
• Effective Ethernet Type (L2oS only): This field refers to the inner-most Ethertype
contained in the Ethernet frame.
• VLAN PCP (L2oS only): This field refers to the PCP field of the VLAN tag after the SDT
headers are removed.
• VID Ranges: VID Ranges can be equal to (=) or not equal to (<>) the value entered.
3. Click OK to save the filter or rule.

iDX Release 3.5
8 Configuring a Hub
Chassis
This chapter includes the following sections:

• Configuring the Chassis IP Address on page 313
• Chassis Licenses on page 315
• Configuring and Controlling the Hub Chassis on page 316
• Configuring a Four-Slot Chassis on page 318
• Sharing a 20 Slot Chassis in a Multi-NMS System on page 322
• Changing a Chassis IP Address on page 327
Note: Daisy Chaining of multiple Hub Chassis in a Chassis Group is no longer

supported. As an alternative, a single multichannel receive line card can
receive as many as 8 upstream carriers or 16 narrowband upstream carriers.
8.1 Configuring the Chassis IP Address

The interface between the Hub Chassis and the NMS is encapsulated in an IP-addressable
controller board. By communicating with the chassis controller board, the NMS server can
monitor the status of the chassis power supplies and fans, power on and off the chassis slots,
and change chassis SOF jumper settings.
There are two types of controller boards:
• The EDAS board, designed and manufactured by Intelligent Instruments, Inc.
• The newer iDirect MIDAS board
The steps for configuring the IP address of the chassis differ depending on the type of
controller board installed on the chassis. To set the IP address for the chassis, follow the
procedure in this section that applies to your type of chassis controller board.
NOTE: If you do not know if the chassis has an EDAS or MIDAS controller board,
attempt to follow Step 1 through Step 6 in Setting the IP Address for a Chassis
with a MIDAS Controller Board on page 314. If you have an EDAS controller board,
you will not be able to log on to the board using the MIDAS procedure.
NOTE: When changing the IP address of a chassis already configured in iBuilder,

you must update the Chassis Manager Server with the new IP address. See
Changing a Chassis IP Address on page 327 for details.

iDX Release 3.5
Configuring the Chassis IP Address
8.1.1 Setting the IP Address for a Chassis with an EDAS

Controller Board
To configure the IP address of a chassis with an EDAS board, the EDAS SYSCHECK utility must
be installed on your PC. The EDAS SYSCHECK utility is available on the TAC Web site.
Follow these steps to configure the IP address of a hub chassis with an EDAS board:
1. Ensure that the EDAS SYSCHECK program is installed on your PC.
2. Ensure that the hub chassis is powered on.
3. Ensure that you have a standard null modem serial cable.
4. Connect the serial cable from the serial port of your PC to the M&C Config Port on the
four slot chassis control module or the 20 slot chassis rear panel.
5. From the Start menu on your PC, run EDAS SYSCHECK.
6. In the EDAS SYSCHECK window, select the Program tab.
7. Select the correct COM port.
8. Click the Attach to EDAS button. This connects your PC to the EDAS board and displays
the current IP settings of the EDAS board.
9. Select the Configuration tab.
10. Set the appropriate IP address, subnet mask and default gateway values. The default
gateway should be your upstream router.
11. Re-select the Program tab.
12. Write each IP address value to the board by clicking the appropriate buttons.
CAUTION: Do not click the “Write Ethernet Address” Button. The Ethernet
Address field should never be modified.
13. Reset the EDAS board either by powering the hub chassis off and on, or by resetting only
the EDAS board.
NOTE: To reset the EDAS board without powering down a 20 slot chassis, remove
the EDAS board cover and disconnect and reconnect the power connector to the
board itself. To reset the EDAS board without powering down a four slot chassis,
press the “EDAS Reset” button on the chassis control module.
8.1.2 Setting the IP Address for a Chassis with a MIDAS

Controller Board
Follow these steps to configure the IP address of a hub chassis with a MIDAS board:
1. Ensure that the hub chassis is powered on.
2. Ensure that you have a standard null modem serial cable.
3. Connect the serial cable from the serial port of your PC to the M&C Config Port on the
four slot chassis control module or the 20 slot chassis rear panel.

iDX Release 3.5
Configuring the Chassis IP Address
4. Configure a serial terminal program (such as Tera Term under Windows or Minicom under
Linux) to match the serial settings on the MIDAS control module. The default settings are:
• Baud rate: 57600
• Data bits: 8
• Parity: None
• Stop bits: 1
• Flow Control: None
5. Press Enter in the terminal program to display the MIDAS login: prompt.
6. At the MIDAS login: prompt, type the MIDAS administrative login name and press Enter.
(The default administrative login name is admin.)
7. At the Password > prompt, type the administrative password and press Enter. (The
default administrative password is admin.)
8. To display the current IP settings, enter the command:
show ip config
9. At the admin > command line prompt, enter the command:
set ip <n.n.n.n>
where <n.n.n.n> is the IP address. For example, to set the IP address to 172.17.2.50,
enter the command set ip 172.17.2.50.
set mask <n.n.n.n>
where <n.n.n.n> is the subnet mask. For example, to set the subnet mask to
255.255.255.0, enter the command set mask 255.255.255.0.
set gateway <n.n.n.n>
where <n.n.n.n> is the gateway IP address. The default gateway should be your
upstream router. For example, to set the gateway IP address to 172.17.2.1, enter the
command set gateway 172.17.2.1.
reboot
The new IP settings will take effect on completion of the reboot.
13. To verify the IP settings, log on again and enter the following command:
show ip config

iDX Release 3.5
Chassis Licenses
8.2 Chassis Licenses

Chassis slots must be licensed before the chassis can be configured in iBuilder. If you have
received a license file from iDirect but have not yet imported the licenses, follow the
procedure in Importing License Files on page 60 before configuring the chassis.
NOTE: A hub line card must be assigned to a licensed chassis slot before it can be
activated.
A line card can be assigned to any free slot.
Until a line card is assigned to slot, the line card will be in the “incomplete” state
in the iBuilder Tree.
For information on licensing the chassis, see the iDirect Features and Chassis Licensing Guide
available on the TAC web page.
8.3 Configuring and Controlling the Hub Chassis

The Hub Chassis contains the line cards, power supplies, fans and Reference Clock Modules
(RCMs). There are two types of chassis: 20-slot chassis and four-slot chassis. Follow these
steps to create a 20-slot Chassis in iBuilder. Four-slot chassis configuration is discussed in
Configuring a Four-Slot Chassis on page 318.
1. Right-click the Teleport in the iBuilder Tree and select Add 20-Slot Chassis from the
menu.
The Chassis dialog box opens, containing one row for each slot and jumper. Rows are
arranged from top to bottom to mirror the chassis slots from left to right.

iDX Release 3.5
Configuring and Controlling the Hub Chassis
Figure 8-1. Chassis Dialog Box: New 20-Slot Chassis
2. If the chassis license has not been imported into iBuilder, follow the procedure in
Importing License Files on page 60.
3. Enter a Name for the new chassis.
4. Enter the six-digit Serial Number of the chassis and click the Validate SN button. The
Serial Number entered must match a chassis serial number in the chassis license file.
Once iBuilder has validated the chassis serial number, the read-only IP Address of the
chassis is displayed and all licensed slots and jumpers change from Off - Not Licensed to
Off - Licensed.

iDX Release 3.5
Configuring and Controlling the Hub Chassis
Figure 8-2. Chassis Dialog Box: 20-Slot Chassis with Licensed Slots
NOTE: The IP Address displayed in the Chassis Dialog Box must match the IP
Address configured for the chassis. See Configuring the Chassis IP Address on
page 313.
5. If the chassis contains an RCM, select RCM Installed.

6. To turn power on for specific slots, or to set jumpers, click the check boxes in the State
column. Power on all slots in which line cards are installed. A jumper row follows each
group of four slot rows. Do not select a jumper check boxes unless the network spans the
adjacent virtual backplanes.
7. To associate a configured line card with a specific slot, right-click the slot and select
Assign Hub from the menu.
Figure 8-3. Chassis Dialog Box: Selecting Assign Hub
NOTE: Select Free to indicate that no modems are installed in that slot. These
associations must reflect the actual physical layout of the chassis; iBuilder cannot
map logical associations to physical line card locations.
8. When you select Assign Hub, a drop-down list appears in the row, listing all of the line
cards that can be assigned to that slot. Select the line card installed in that slot.

iDX Release 3.5
Configuring a Four-Slot Chassis
Figure 8-4. Assigning a Line Card to a Chassis Slot
9. Click OK to save the changes. iBuilder will display “Changes Pending” for the Chassis in
the iBuilder Tree.
10. To activate the changes, right-click the Chassis and select Apply Configuration.
All chassis slots are powered on by default when the chassis is powered on. For this reason,
the configuration database is the sole keeper of slot power and jumper settings. When the
configuration server starts up, or after a reconnection to the chassis, it automatically applies
the chassis settings stored in the database, thus restoring the desired chassis state.
8.4 Configuring a Four-Slot Chassis

An iDirect four-slot chassis can be used as an alternative to a 20-slot chassis when fewer line
cards are required. As discussed in the previous section, a 20-slot chassis contains from one to
five independent groups of four slots per group. By enabling or disabling software jumpers
between groups, you can configure virtual backplanes to allow single networks to span
multiple groups of line cards.
The same concept applies to four-slot chassis. However, a four-slot chassis has a jumper
between each pair of slots, effectively allowing up to four “groups” with one slot per group.
Therefore you can allocate the four slots to virtual backplanes in any combination you choose.
A four-slot chassis actually has five slots. However, slot 5 cannot contain an active line card.
Slot 5 is available for testing only. You can configure, download and activate transmit and
receive line cards in slot 5, but because the output is attenuated, the slot can only be used
for configuration and testing.
NOTE: Although there is a jumper between slots 4 and 5, it cannot be enabled. In

a stand-alone four-slot chassis, that jumper is always disabled, isolating slot 5,
which is available only for configuration and testing.
Follow these steps to create a four-slot chassis in iBuilder:

1. Right-click the Teleport in the iBuilder Tree and select Add 4 Slot Chassis from the menu.

iDX Release 3.5
The Chassis dialog box opens, containing one row for each slot and jumper. Rows are
arranged from top to bottom to mirror the chassis slots.
Figure 8-5. Chassis Dialog Box: Four-Slot Chassis
2. Enter a Name for the new chassis.

3. Enter the six-digit Serial Number of your chassis and click the Validate SN button. The
Serial Number entered must match a chassis serial number in the chassis license file.
Once iBuilder has validated the chassis serial number, the read-only IP Address of the
chassis is displayed and all licensed slots and jumpers change from Off - Not Licensed to
Off - Licensed.
Figure 8-6. Chassis Dialog Box: Four-Slot Chassis with Licensed Slots

iDX Release 3.5
NOTE: The IP Address displayed in the Chassis Dialog Box must match the IP
Address configured for the chassis. See Configuring the Chassis IP Address on
page 313.
4. If the chassis contains a Reference Clock Module (RCM), select RCM Installed.
5. The Chassis Information area of the dialog box (see Figure 8-5) displays status
information about the IF Module (IFM) and Outdoor Power Modules (OPM) received from
the chassis.
6. The OPMs have the following configurable options:
a. Select BUC Voltage On to enable BUC voltage. These settings should be the same for
OPM A and OPM B.
b. Select LNB Voltage On to enable LNB voltage. These settings should be the same for
OPM A and OPM B.
NOTE: A four-slot chassis with four RF ports can only supply DC voltage to a BUC
or LNB on RF port 1. It cannot supply voltage on RF port 2, 3 or 4.
c. Select 22 kHz Tone On to enable the 22 kHz tone option. The 22 kHz tone capability
is for use with DiSEqC-compatible Universal LNBs. If this option is selected for one
OPM, it cannot be selected for the other.
d. If you have selected LNB Voltage ON, select one of the OPM-AB LNB Voltage options:
• Select Low to enable low LNB voltage (+14VDC at 500 mA)
• Select High to enable high LNB voltage (+19VDC at 500 mA). Typically, High is
selected. This is the default, standard setting.
7. The procedure to power on the slots, assign the line cards and set jumpers 1 through 3 is
identical to the procedure for a 20-slot chassis. Jumper 4 is controlled by the software.
See Configuring and Controlling the Hub Chassis on page 316 for details on assigning line
cards to slots and setting the jumpers.
8. You can configure line cards in a four slot chassis to supply the 10 MHz clock to the
upconverter, the downconverter, or both. Note the following:
• You must select ODU Tx 10 MHz on the upconverter screen or ODU Rx 10 MHz on the
downconverter screen for these selections to appear in the menu. See Adding an
Upconverter or Downconverter on page 70 for details.
• Only one line card per upconverter or downconverter can be selected for this
function. The upconverter and downconverter associated with each line card in this
chassis are shown in the Hub Assignment column.
• This feature is available on the following line card model types: eM1D1 (Tx and Rx);
XLC-11 (Tx and Rx); XLC-10 (Tx only); and XLC-M (Rx only).
To turn on or off the 10 MHz reference from a line card, right-click in the Tx-10 MHz
column (for the upconverter) or Rx-10 MHz column (for the downconverter) in the slot
containing the line card. Then select 10 MHz On/Off from the menu. The 10 MHz setting
will toggle between off and on.

iDX Release 3.5
Figure 8-7. Turning On/Off the 10 MHz Reference on a Four-Slot Chassis
CAUTION: If multiple iDirect networks share the same upconverter or

downconverter and one of the Tx (or Tx/Rx) line cards is configured to supply the
10 MHz clock, then failure of that line card will cause all networks sharing the
upconverter or downconverter to fail. Under these circumstances, iDirect strongly
recommends installing a Standby Line Card to back up the line card supplying the
10 MHz clock. See Defining a Standby Line Card on page 134 for details.
9. Click OK to save the changes. Elements requiring update will show changes pending in the
iBuilder Tree.
10. Apply the changes to the chassis and line cards as required.
NOTE: When changing the 10 MHz clock source from one line card to another,
apply the line card changes to the original clock source to turn off the 10 MHz
before applying the line card changes to the new clock source.

iDX Release 3.5
Sharing a 20 Slot Chassis in a Multi-NMS System
8.5 Sharing a 20 Slot Chassis in a Multi-NMS System

Some systems share a chassis with multiple Network Management Systems. For example, a
hub operator may want to allow a customer with his own NMS to configure or control specific
slots in a hub chassis. This section explains how to configure multiple Network Management
Systems to share a hub chassis.
NOTE: Only 20 slot chassis can be shared among multiple Network Management
Systems. Four slot chassis cannot be shared.
When multiple Network Management Systems share one or more chassis, a single NMS Chassis
Manager Server (CM Server) controls all access to the chassis. All NMS configuration servers
that share the chassis share the single CM Server.
The CM server only allows access to chassis slots that have been licensed by iDirect. An HNO
can share licensed slots with additional NMS configuration servers by including the MAC
addresses of the configuration server machines in a CM server configuration file named
para_cfg.opt.
Figure 8-8 on page 322 shows an example of an HNO NMS sharing a 20 slot chassis with VNO1
NMS and VNO2 NMS.
Figure 8-8. Sharing a Hub Chassis Among Multiple Network Management Systems

iDX Release 3.5
To share the chassis, the HNO first determines where to run the common Chassis Manager
Server and configures the HNO NMS accordingly. (For details on how to distribute the NMS
server processes across multiple server machines, see Configuring a Distributed NMS Server
on page 453.) The HNO must also obtain a chassis license from iDirect and use iBuilder to
import the license file. (See Importing License Files on page 60.)
Once the chassis is licensed, the HNO modifies the configuration file para_cfg.opt on the
Chassis Manager Server to allow the VNO NMS configuration servers to access specific chassis
slots. This is accomplished by adding the MAC address of the VNO’s NMS configuration server
machine for each slot that the VNO is allowed to access.
An excerpt from para_cfg.opt is shown in the upper left of Figure 8-8. In the figure, VNO 1 can
access slots 1 through 4 of the chassis with IP address 172.20.136.6, while VNO 2 can access
slot 5 through 8 of the chassis with IP address 172.20.136.6.
NOTE: All Network Management Systems sharing a chassis must have IP

connectivity to the machine on which the Chassis Manager Server is running.
The following three subsections show how to:

1. Configure a VNO NMS (NMS 2) to point to an HNO NMS (NMS 1)
2. Configure NMS 1 to share chassis slots with NMS 2
3. Duplicate NMS 1’s chassis configuration on NMS 2 to allow the VNO to manage its slots
The example assumes that the HNO NMS (NMS 1) has already been installed (including the
Chassis Manager) and that you now want to configure the VNO NMS (NMS 2) to share the
existing Chassis Manager Server. Although the example only shares the chassis with one
additional NMS, you can follow the same steps to configure additional Network Management
Servers to use slots in the same chassis.
8.5.1 Sharing the Chassis Manager Server

To share the Chassis Manager Server of NMS 1 with NMS 2:
1. Log on to the root account of the NMS 2 server machine.
2. Stop the NMS services on the server by entering the following command:
service idirect_nms stop
3. Run the script attach_extern_cm2nms.pl by entering the following command:
/home/nms/utils/db_maint/attach_extern_cm2nms.pl -db=nms
-xip=<ip address>
where <ip address> is the IP address of the external CM server machine.
4. Answer yes at the prompt:
Do you want to change Chassis Manager location?(yes/no)
5. Answer no at the prompt:

iDX Release 3.5
Do you want make system distributed?(yes/no)

6. If you use the Revision Server, answer yes at the following prompt. If not, answer no:
Do you run ‘revsvr’ on this computer?(yes/no)
7. Answer no at the prompt:
Do you run ‘osssvr’ on this computer?(yes/no)
8. Enter the following command to restart the NMS services:
service idirect_nms start
9. Enter the following command to verify that all server processes are running:
service idirect_nms status
10. The MAC address of this NMS configuration server machine is required to configure the
HNO’s Chassis Manager to share the chassis. To determine the MAC address, log on to the
NMS 2 configuration server machine and enter the following command:
ifconfig
In the example in Figure 8-9, the MAC address is the Hwadd on the first line of the
ifconfig command output.
Figure 8-9. Determining a Server MAC Address
8.5.2 Configuring Chassis Slots for Access by Another NMS

Now that you have configured your Chassis Manager Server for sharing, follow these steps to
allow a second NMS to access specific slots in a chassis. This example configures and licenses
the chassis in the database of NMS 1 and then assigns two slots for use by NMS 2.
1. If you have not already done so, using iBuilder on NMS 1, configure your chassis and
validate the chassis Serial Number. (See Configuring a Hub Chassis on page 313.)
2. Log on to the root account of the NMS server machine that is running the shared Chassis
Manager Server.
NOTE: SSH can not be used to log on directly to the root account of an NMS
server or Protocol Processor blade. Instead, use SSH to log on to another
account such as the iDirect account. Then enter su - from the command line
to log on as root.

cd /home/nms/cm

iDX Release 3.5

Each licensed chassis that is managed by this Chassis Manager Server is configured in
para_cfg.opt. Figure 8-10 shows an example of a 20 slot chassis as configured in
para_cfg.opt.
Figure 8-10. para_cfg.opt with Licensed Chassis
The 20 slot chassis in Figure 8-10 has Serial Number 700100 and IP address 192.168.76.16.
The rows for each slot contain the MAC addresses of the NMS configuration server
machines that can access the chassis. Zeros in a slot MAC address mean that the slot can
only be accessed by the licensed NMS.
5. For each slot you want to share with NMS 2, replace the zero MAC address with the MAC
address of the machine running NMS 2’s configuration server.
In Figure 8-11, slots 1 and 2 of the chassis with serial number 700100 have been
reconfigured for sharing with a configuration server machine whose MAC address is
00:14:5E:17:A8:AC.

iDX Release 3.5
Figure 8-11. para_cfg.opt Reconfigured to Share Slots 1 and 2
NOTE: You can enter more than one MAC address per slot. Separate each address
with a semicolon. For example: slot_1 = 00:11:25:A9:38:1E;00:21:52:C3:22:22
means that two additional configuration servers can access slot 1 of this chassis.
6. Once you have added the MAC address for each slot you want to share, save the file and
exit the editor.
ssh <ip address>
process.
telnet localhost <port number>
or
telnet 0 <port number>
10. Update the Chassis Manager with the new configuration by entering the command:
update
exit
8.5.3 Duplicating the Chassis Configuration on the Second NMS

Now that you have configured the Chassis Manager Server to share your chassis, you must
duplicate the chassis in the database of the NMS that is sharing the chassis. In this example,
NMS 2 is sharing a chassis that was originally licensed and configured on NMS 1. Therefore, you
would follow these steps on NMS 2:
1. Log on to iBuilder on NMS 2.
2. Add the chassis in iBuilder and validate the Serial Number. (See Configuring a Hub Chassis
on page 313 for details.)

iDX Release 3.5
Changing a Chassis IP Address
Make sure the Serial Number and any other common chassis parameters (such as RCM
Installed) are identical to the configuration on NMS 1.
3. Save the chassis in iBuilder.
4. Right-click the chassis in the iBuilder Tree and apply the chassis configuration.
You can now configure line cards on NMS 2 and assign those line cards to the slots you
configured for access from NMS 2’s configuration server MAC address.
NOTE: You can control which operations a VNO user on NMS 2 can perform on the
chassis by setting VNO access rights on the chassis and slots in NMS 2’s database.
For more information see Sharing a Chassis Among Multiple VNO User Groups on
page 398.
8.5.4 Pointing an NMS to the Local Chassis Manager

If an NMS is sharing an external Chassis Manager (i.e., a Chassis Manager Server running on
another NMS) and you want to reconfigure the NMS to use its local Chassis Manager (i.e., the
Chassis Manager Server running on this NMS), follow these steps on the local NMS server:
1. Log on to the root account of the NMS server machine.
2. Enter the following command to stop the NMS processes:
3. Delete the file /home/nms/utils/para_list.opt as follows:
rm /home/nms/utils/para_list
4. Restart the NMS processes:
Once you have reconfigured your NMS to use the local Chassis Manager, ensure that your
chassis licenses have been imported into iBuilder and that you have properly configured your
Chassis and validated the Chassis Serial Numbers. See Importing License Files on page 60 and
Configuring and Controlling the Hub Chassis on page 316 for details.
8.6 Changing a Chassis IP Address

When you request a chassis license from iDirect, you must include the IP address of your
chassis in the request. The IP address that you included in the license request is loaded into
the para_cfg.opt file of the NMS Chassis Manager Server when you import your chassis license
file. If you change the chassis IP address after you have loaded your chassis license, you must
update the Chassis Manager Server with the new IP address.
Follow this procedure to change the IP address of a chassis:
1. Perform the steps in Configuring the Chassis IP Address on page 313 to connect to the
chassis controller board and change the IP address of the chassis.

iDX Release 3.5
2. Log on to the root account of the NMS server machine that is running the Chassis Manager
Server.

cd /home/nms/cm
5. In para_cfg.opt, scroll down until you find the Serial Number and IP address of the chassis
that you want to change. Search for the section beginning [CHASSIS_IP_<nnnnnn>],
where <nnnnnn> is the chassis Serial Number. The IP address is located on the next line.
Figure 8-12. Locating the Chassis IP Address in para_cfg.opt
Figure 8-12 contains an excerpt from para_cfg.opt. In the figure, the chassis with Serial
Number 700100 has an IP address of 192.168.76.16.
6. Change the IP address of the chassis to the new IP address.
ssh <ip address>
process.
telnet localhost <port number>
or
telnet 0 <port number>
11. Update the Chassis Manager Server with the new IP address by entering the command:
update

iDX Release 3.5

exit
NOTE: The chassis IP address configured in para_cfg.opt takes precedence over

the IP address in the chassis license file. Therefore, if you reload the original
chassis license file, you do not need to re-edit para_cfg.opt.

iDX Release 3.5
9 Controlling Remotes
This chapter discusses the following topics:

• Activating and Deactivating Remotes on page 331
• Moving Remotes Between Networks, Inroute Groups, and Line Cards on page 333
9.1 Activating and Deactivating Remotes

Remotes may be activated and deactivated by selecting the remote you want to activate,
right-clicking on it, and selecting Activate Remote.
1. Select a deactivated remote, right-click, and then select Activate Remote.
Figure 9-1. Activating a Remote
The term Activation Pending is displayed in red text to the right of the remote being
activated. The term Changes Pending is displayed in red text to the right of its
corresponding network. For other states, see Step 4 on page 332.
2. Select the network in which the remote resides, right-click the network, and then select
Apply Configuration.

iDX Release 3.5
Activating and Deactivating Remotes
3. Click Yes to confirm the action.
4. Click OK to acknowledge that the configuration has been downloaded successfully.
If the remote has been acquired into the network, the term Nominal is displayed in blue
text to the right of both the remote and the network. If it has not been commissioned and
acquired into the network for the first time, the term Never Applied is displayed to the
right of the remote.
5. To deactivate an active remote, select an activated remote, right-click it, and select
Activate Remote. The check mark will be removed and the remote will become inactive.

iDX Release 3.5
Moving Remotes Between Networks, Inroute Groups, and Line Cards
9.2 Moving Remotes Between Networks, Inroute

Groups, and Line Cards
In iBuilder you can easily move remotes from one Inroute Group or Network to another. You
can also move remotes between Inroute Groups and Line Cards in SCPC Receive Mode, or
between two Line Cards in SCPC Receive Mode.
The first example explains how to move a TDMA remote between Networks or Inroute Groups.
The second example (starting on page 334) shows how to move a remote from an Inroute
Group to a line card in SCPC Receive Mode. For details on the different Receive Modes, see
Adding Receive-Only (Rx-Only) Line Cards on page 124.)
Follow these steps to move TDMA remotes between Networks or Inroute Groups:
1. Right-click the remote to be moved, and select Move from the menu.
The Move Remote dialog box opens.
Figure 9-2. Moving a Remote Between Networks or Inroute Groups

iDX Release 3.5
2. On the left side of the Move Remote dialog box, select the new Inroute Group for this
remote. The new Inroute Group can be in the same Network or in a different Network.
3. When moving the remote to a new network, in the Network QoS Tree section of the
dialog box, select either a Remote Service Group in the Service Group column or a
Service Profile from an Application Service Group in the Service Profile column.
4. In the Inroute Group QoS Tree section of the dialog box, select either a Remote Service
Group in the Service Group column or a Service Profile from an Application Service Group
in the Service Profile column.
5. If you selected a Remote Service Group for the new Network and/or Inroute Group, you
can also select new Remote Profiles in the Downstream and Upstream Remote Profile
sections of the dialog box.
NOTE: When moving a remote from one Remote Service Group to another, the
Remote Profile that was assigned to the remote in the original Service Group will
still be assigned in the new Service Group unless you select a new Remote Profile.
NOTE: An NMS Operator must have Group QoS permissions to select a new Remote
Profile while moving a remote. If you do not have Group QoS permissions, you will
not see the Remote Profile sections of the dialog box.
6. Click OK to move the remote. The remote is added to the iBuilder Tree under the new
Inroute Group.
You can also move remotes between Inroute Groups and Line Cards in SCPC Receive Mode, or
between two Line Cards in SCPC Receive Mode. This example shows how to move a remote
from an Inroute Group to a receive-only line card in SCPC Receive Mode.
1. Right-click the remote to be moved, and select Move from the menu.
The Move Remote dialog box opens.

iDX Release 3.5
Figure 9-3. Moving a Remote from an Inroute Group to an SCPC Line Card
2. On the left side of the Move Remote dialog box, select the Line Card that will receive the
remote’s SCPC upstream carrier.
3. When moving the remote to a new network, in the Network QoS Tree section of the
dialog box, select either a Remote Service Group in the Service Group column or a
Service Profile from an Application Service Group in the Service Profile column.
4. The SCPC Channel List section of the dialog box displays all available SCPC upstream
carriers assigned to the selected line card. Select the Channel ID of the SCPC upstream
carrier that you want to assign to this remote.
5. In the Upstream Remote Profiles section of the dialog box, select a Remote Profile.
NOTE: An NMS Operator must have Group QoS permissions to select a new Remote
Profile while moving a remote. If you do not have Group QoS permissions, you will
not see the Remote Profile sections of the dialog box.

iDX Release 3.5
6. You can change the remote’s Initial Power and Max Power by entering values in the fields
at the bottom of the dialog box. If these values have been pre-configured for the remote,
then the pre-configured values are displayed on the screen.
NOTE: The remote cannot become operational until the Initial Power and Max
Power are configured for the upstream carrier.
7. Click OK to move the remote. The remote is added to the iBuilder Tree under the receive
Line Card.

iDX Release 3.5
10 Retrieving and Applying
Saved and Active
Configurations
This chapter explains how to manage updates to the iBuilder configuration. It includes the
following sections:
• Configuration Options Files on page 337
• Hub-side and Remote-side Options Files on page 338
• Modifying, Deleting, and Viewing Configurations on page 338
• Retrieving Configurations on page 339
• Comparing Configuration Changes on page 342
• Applying Configuration Changes on page 344
• Configuration Changes on Roaming Remotes on page 350
10.1 Configuration Options Files

You can retrieve current configurations and save them on a PC as “Options” files. You can also
download (or apply) the Options files to other elements of the same type or to elements that
will be affected by a modified element’s new configuration. In addition, you can compare an
element’s “Saved” configuration its “Active” configuration.
Network elements such as remotes and Protocol Processors have both Active and Saved
configurations. The Saved configuration is the configuration that is stored in the NMS
database. The Active configuration is resident on the network element itself. When you
modify the configuration of an element, the Saved configuration is updated. When you Apply
the changes, the Saved configuration is sent to the element and loaded as the Active
configuration.
The iDirect NMS system knows which elements are dependent upon one another, so that if you
download an Options file to one element that affects the configuration of other elements in
the network, the system will automatically update those elements as well.
You can retrieve the configurations of the following elements:
• Protocol Processors (Active and Saved configurations)
• Networks (Active and Saved configurations)
• Chassis (Saved configuration only)
• Line Cards (Saved configuration only)
• Remotes (Active and Saved configurations)

iDX Release 3.5
Hub-side and Remote-side Options Files
NOTE: If a VNO user retrieves an options file, only elements owned by or visible
to that VNO are included.
10.2 Hub-side and Remote-side Options Files

Each remote has two separate Options files, each with Saved and Active versions. One remote
Options file, called the “remote-side” Options file, is sent to the remote. The other remote
Options file, called the “hub-side” Options file, is sent to the Protocol Processor to configure
the remote on the PP. When you modify a remote using iBuilder, the changes may affect the
remote-side Options file, the hub-side Options file, or both.
You can perform the following control operations on both types of remote Options files from
the remote level of the iBuilder Tree:
• Apply configuration changes
• Retrieve the active and saved configurations
• Compare the active configuration to the saved configuration
Separate versions of the “Changes Pending” icon indicate which of the remote Options files
has been affected by a change. There are three icon variations: remote-side only, hub-side
only, and both. The hub-side icon is referred to as “PP-Side” in Figure 10-1.
Figure 10-1. Changes Pending Icons
The following sections describe how to modify, retrieve, compare, and apply configurations
on remotes as well as on other network elements.
NOTE: The Dynamic Function Options Exchange (DFOE) protocol allows some
remote-side configuration changes to be dynamically applied. All remote hub-side
options groups beginning with 'RMT_' are sent from the Protocol Processor to the
remote using the DFOE protocol. For these options, you are no longer required to
apply remote-side changes to the remote and you will no longer see remote-side
changes pending in iBuilder.
10.3 Modifying, Deleting, and Viewing Configurations

You can modify your network configuration by right-clicking on the element in the tree that
you want to modify and selecting Modify from the menu. In cases where you can also modify
the VNO properties for an element, select Modify  Item to modify the element’s
configuration; select Modify  VNO to modify the VNO properties. Similarly, you can delete

iDX Release 3.5
Retrieving Configurations
or view the configuration of an element by selecting either Delete, View Properties, View
Properties  Item, or View Properties  VNO.
NOTE: You must deactivate a remote before you can delete it. When a remote is
activated, a check mark is shown next to the Activate Remote selection in the
iBuilder Tree for the remote. To deactivate a remote, right click the remote in the
iBuilder Tree and select Activate Remote to remove the check mark.
Figure 10-2 shows the iBuilder Tree menu selections for viewing and deleting a remote. Notice
that you cannot select Delete until a remote is deactivated.
Figure 10-2. Viewing and Deleting Remotes
10.4 Retrieving Configurations

When you make modifications to any element, iBuilder saves the modified configuration at
the NMS in the Saved Options file. To retrieve this latest version of the Options file and apply
it to one or more elements, you must use the “Retrieve Saved Configuration” function.
An Active Configuration is the configuration that is currently running on the element. By
retrieving it, you are creating an Options file with that current configuration and saving it on
your PC as an “.opt” file. You can then downloaded, or apply, this Options file to one or more
elements of the same type. For example, if you retrieve and save the current configuration of
a particular remote, you can then apply that configuration to one or more other remotes.
10.4.1 Retrieving a Single Saved or Active Configuration

To retrieve a saved or active configuration, follow these steps:
1. Right-click the element whose configuration you want to retrieve, select Retrieve, and
then select Active Configuration or Saved Configuration.
NOTE: In the case of remotes, the menu allows selection of either the hub-side or
the remote-side configuration for retrieval.

iDX Release 3.5
2. Navigate to the PC folder in which to save the options file and click Save.
3. The options file opens in Notepad allowing you to review the configuration parameters.
Figure 10-3. Options File Viewed in Notepad
10.4.2 Retrieving Multiple Saved or Active Configurations

You can simultaneously retrieve multiple saved or active configurations for remotes or hubs as
follows:

iDX Release 3.5
1. Right-click the Network element and select Retrieve Multiple. Then select either Active
Configurations or Saved Configurations.
This example shows Saved Configurations being selected. The procedure for retrieving
multiple Active Configurations is identical.
2. In the Multiple Configurations Retrieve dialog box, select the remotes and/or the hubs
for which you want to retrieve the configurations.
Figure 10-4. Multiple Configurations Retrieve Dialog Box
3. Click OK to open the Save As dialog box.

iDX Release 3.5
Comparing Configuration Changes
Figure 10-5. Save As Dialog Box
4. In the Save As dialog box, navigate to the location on your PC where you want to save the
configuration files.
5. Click Save.
iBuilder retrieves the selected configurations and copies them to the designated location.
Both the remote-side and hub-side options files will be retrieved and saved for all selected
remotes.
10.5 Comparing Configuration Changes

When you perform a Retrieve command, iBuilder automatically opens the Options file so you
can view the configuration. In addition, if you have made changes to an element, you can
compare the “Latest” configuration in iBuilder with the “Active” configuration currently
applied to that element. Once you are satisfied with the results, apply the configuration using
one of the methods in Applying Configuration Changes on page 344.
You can compare configurations for Protocol Processors, Chassis, Networks, Line Cards, and
Remotes using the following method. This example compares the active configuration that
was last applied to a remote with the remote’s latest configuration as stored in the NMS
database. Notice that the operator has configured a MUSiC Box for this remote, but has not
yet applied the changes.
To compare the active configuration of an element with its latest configuration, follow this
procedure:
1. Right-click the element in the iBuilder Tree and select Compare Configurations. In the
case of a remote, select Remote-Side or Hub-Side.

iDX Release 3.5
Comparing Configuration Changes
2. To view all configuration parameters in the dialog box, clear the Show differences only
check box. Note that differences are shown in red.
Figure 10-6. Comparing the Active and Latest Configurations
3. To view only the parameters that are different, select the Show differences only check
box.

iDX Release 3.5
Applying Configuration Changes
Figure 10-7. Comparing Configurations: Differences Only
10.6 Applying Configuration Changes

You can apply the latest configuration changes to multiple elements at the same time, which
greatly improves the management of your networks, especially as they grow. Whether you
want to download configurations to one or multiple Networks, Line Cards, or Remotes, you
can do so via the Automated Configuration Downloader dialog box, accessed from the
Network element in the iBuilder Tree. You can also use the TCP Download feature to
download Options files to multiple remotes and line cards. The TCP Download feature allows
you to download Image files also. For information about this feature, see chapter 11,
“Upgrading Software and Firmware.”
Maintenance Window Consideration

Be aware, however, that downloading configurations or images to multiple elements can take
a long time to complete and uses a lot of bandwidth. Therefore, you probably should establish
a maintenance window in which to make a large number of multiple changes.
Sequence of Download
When applying configurations to multiple elements, iBuilder treats each group of elements as
a batch, processing the batches in upstream order. Therefore, remotes are downloaded first,
followed by hub lines cards, and finally the network itself.
All elements of a batch must complete its download successfully before iBuilder will proceed
to the next batch. For example, if any remote in a given batch fails during the download
process, iBuilder will stop at the end of the remote batch and wait for your next command. It
will not download to any line cards or to the network. However, all elements within a single
batch are processed simultaneously, so a single remote failure will not stop the other remotes
from being downloaded. Also, if the reset button is selected on the dialog box, iBuilder
immediately sends a reset command to any remote that downloads successfully. If this
behavior is not desired, make sure you check the Don’t reset button (you can always select
“Reset only” at a later time).
10.6.1 Applying Multiple Configurations to Network Elements

To download configurations to one or several of these elements, follow these steps:
1. Right-click your Network and select Apply Configuration  Multiple. This launches the
Automated Configuration Downloader.

iDX Release 3.5
Figure 10-8. Automated Configuration Downloader
2. Select the options particular to your download. (These options are explained in the next
section.)
3. Click Start. The Status column shows that the configuration is downloading.

iDX Release 3.5
Figure 10-9. Viewing the Download Status
Automated Configuration Downloader Options

The Automated Configuration Downloader is divided into three main sections:
• Remotes
• Line Cards
• Network
Beside each entry is a check box that you can select to include that item in the download.
When you first launch the Automated Configuration Downloader, all Remotes that currently
have changes pending are automatically preselected. If a box is not checked, the
configuration will not be downloaded to the corresponding element.
In the Remotes pane are three additional options.
1. The Target options let you choose to download the remote-side options file, the hub-side
options file, or both.
2. The Protocol options let you choose between reliable (TCP) and push (UDP) delivery
methods. If all the modems in your list are currently acquired into the network, iDirect
recommends using the reliable delivery method.
3. The Reset options allow you to choose a reset action after the download completes. The
three choices are: Reset on success, Reset only, or Don’t reset.
• Reset on success automatically resets the modems after a successful download.
• Reset only resets the modems without a download being performed. This option is
useful if you previously selected Don’t reset, but now you want to reset the
downloaded modems.
• Don’t Reset does not reset the modem.
Stopping the Download

The stop command attempts to halt processing at the next appropriate step after its current
operation. iBuilder will not stop download operations that are currently in progress, but when
the current operation is finished, iBuilder will not continue to the next chosen step.
For example, assume you have selected a given remote and clicked the Reset on Success
button. If you click Stop in the middle of the download, the reset command will not be sent.
However, the current download will finish; iBuilder makes no attempt to halt a download in
the middle or to back out a downloaded configuration.

iDX Release 3.5
10.6.2 Applying a Configuration to a Protocol Processor or

Chassis
To apply configuration changes to a Protocol Processor or a Chassis, follow these steps. The
example shows the configuration being applied to the protocol processor, but the procedure is
the same for both.
1. Right-click the Protocol Processor or Chassis and select Apply Configuration.
2. When the message appears asking you to confirm the download, click Yes.
3. When the message appears indicating that the configuration has been downloaded
successfully, click OK.
10.6.3 Applying a Configuration to the Network

To apply the configuration at the Network level, follow these steps:
1. Right-click the Network and select Apply Configuration.

iDX Release 3.5
3. Wait while the configuration is applied.
After the configuration is applied to the Network, the status of the network changes from
Changes Pending to Nominal.
10.6.4 Applying a Configuration to the Line Card

1. Right-click the Line Card and select Apply Configuration.
2. When the message appears prompting you to confirm the download, click Yes.
When the download is complete and successful, a message appears, allowing you the
option of resetting the unit now or waiting and resetting it later.
3. Click Reset Now or Reset Later, depending upon your needs.

If you reset the remote now, a message appears, confirming that the unit was reset
successfully.

iDX Release 3.5
4. Click OK.
10.6.5 Applying a TCP or UDP Configuration to a Remote

When applying remote configurations, you may choose remote-side, hub-side, or both sides.
When you select both sides, iBuilder enforces the correct apply order: remote, then hub.
1. Right-click the remote whose configuration you want to be changed.
2. Select Apply Configuration, and then select Reliable Hub-Side (TCP), Reliable Remote-
Side (TCP), Reliable (Both), or Push Remote-Side with Reset (UDP). It is recommended
that you use TCP if possible.

iDX Release 3.5
Configuration Changes on Roaming Remotes
When the download is complete and successful, a dialog box appears, giving you the
option of resetting the remote now or waiting and resetting it later.
4. Click Reset Now or Reset Later, depending upon your needs.

If you reset the remote now, a message appears, confirming that the remote was reset
successfully.
5. Click OK. The remote’s status will return to nominal.
10.7 Configuration Changes on Roaming Remotes

The NMS maintains two options files for each non-roaming remote. One file resides on the
Protocol Processor and the other resides on the remote itself. Together, these two files
represent the configuration for a remote terminal in a single network. Roaming remotes
require a different set of options files. This section describes the options files associated with
roaming remotes and the implications of applying configuration changes to remotes that are
configured in multiple networks.
10.7.1 Roaming Options File Generation

Figure 10-10 illustrates the options files generated by the NMS for both non-roaming and
roaming remotes. Roaming remote options files are built as an extension to the normal two
file structure.

iDX Release 3.5
One Remote, One Network One Remote (global instance ), Multiple Networks
Remote Remote Remote Remote

Definition in Definition in Definition in Definition in
a Network Network 1 Network 2 Network 3
PP Options Remote PP Options

File Options File File Network 1
Remote
Options File
PP Options Network 1
File Network 2 Network 2
Network 3
PP Options
File Network 3
Figure 10-10. Global NMS Options Files
As with non-roaming remotes, the NMS sends a single options file to each roaming remote.
However, the NMS puts all the necessary parameters for each of the member networks into a
single remote options file.
The structure of the options file sent to the protocol processor has not changed. However, the
NMS generates a separate PP options file for each network a roaming remote belongs to.
10.7.2 Pending Changes across Networks

With a single remote options file now containing elements from multiple networks, a roaming
remote’s configuration can now change for one, many, or all networks the remote is a
member of. This leads to some differences when the NMS compares its own configuration files
to those resident on the Protocol Processor or the remote.
For changes to a single network affecting only the Protocol Processor options files for a
roaming remote:
• Only that specific network instance will show the Changes Pending icon
• Only comparisons performed on that network instance will show the differences
For changes that affect multiple networks, or changes to any remote consolidated options
file:
• Each network instance will show the Changes Pending icon
• Comparison operations from any of these networks will show the differences.

iDX Release 3.5
10.7.3 Applying Changes to Roaming Remotes

When you modify a roaming remote in one network, you can apply the changes to the remote
regardless of which network it is in. You do not need to wait until the remote is acquired into
the network with the pending changes.
As long as the NMS can route packets to the remote terminal, it will update the remote when
you apply the changes. However, the remote must be acquired into some network.
For example, if a remote is a member of Networks 1, 2 and 3, and is currently in Network 1,
you can make changes that affect Network 2 and apply them immediately.

iDX Release 3.5
11 Upgrading Software and
Firmware
An image package is a file that contains FPGA (Field Programmable Gated Array) firmware
images for a particular release and hardware platform. You can download images to remotes
or line cards using the Multicast Download feature, the TCP Download feature, or the Revision
Server. All three methods allow you to download both option files and image files to remotes
and line cards.
To upgrade from one version to another, schedule a maintenance window with your
customers. The time required for an upgrade varies based on the number of remotes you have
deployed. The upgrade process is described in the Network Upgrade Procedure for your
release. That document is specific to each release.
This chapter includes:
• Image Package Versions on page 353
• Upgrading with the Multicast Download Feature on page 354
• Resetting Remotes on page 361
• Upgrading with the TCP Download Feature on page 361
• Upgrading Remotes Using Revision Server on page 367
11.1 Image Package Versions

The embedded software and firmware for the iDirect NMS GUIs, NMS Servers, and Protocol
Processors are all released with the same version number. The NMS GUIs and NMS servers must
match in version number or you are not allowed to log on.
CAUTION: A mixed installation (i.e., one where not all components have the same
version) is not guaranteed to function properly.
A number of packages are installed on the NMS server during the upgrade. See the Network
Upgrade Procedure for your release for details.

iDX Release 3.5
Upgrading with the Multicast Download Feature
11.2 Upgrading with the Multicast Download Feature

The Multicast Download feature allows you to download images to multiple remotes or
multiple line cards in a network. However, images can only be downloaded to a single network
at a time. The Multicast Download feature uses UDP.
NOTE: Your upstream router must have multicast enabled before you can
multicast images to your line cards.
NOTE: Users can safely upgrade more than 150 remotes to a network at one time
without experiencing issues.
11.2.1 Multicast Download Using UDP

The Multicast Download operation is driven by the NMS Configuration Server, which spawns a
stand-alone command that resides on the NMS server machine. The protocol for packet
transmission exists entirely between the modems and the standalone command; the Protocol
Processor is not involved in any way, except to transmit multicast packets on the downstream
(and ACKs/NACKs on the upstream).
The multicast address used for package downloads is statically configured in all iDirect
equipment. Therefore, IGMP is not required by iDirect modems to process these update
messages. However, IGMP messages are advertised in case there is third party equipment that
requires dynamic updating.
A multicast download operation consists of two phases: the data transmission phase and the
flash phase. During the data transmission phase, the package is broken into multicast IP
packets, each of which is given a sequence number. All destination devices reassemble the
individual packets in order into the original image package. If a destination device misses a
packet, it will send a NACK back to the sender, at which point the sender re-winds to the
missed packet and begins re-sending. A remote will only NACK once; if it does not receive the
missing packet it gives up and sends a final NACK when it receives the last packet.
When reassembly is complete, the flash phase begins. Each individual component of the
package is extracted and written to the modem’s flash memory. After flashing is complete,
the modem resets automatically if the reset option was checked in iBuilder.
We refer to the protocol used for transmission as semi-reliable. It is reliable in that
destination devices will NACK missing packets, but only semi-reliable in that packets are not
re-sent forever. Also, the destination devices only NACK missing packets; a single ACK is sent
when all packets have been received, but no ACKs are sent during packet transmission.

iDX Release 3.5
11.2.2 Multicast Download Dialog Box

Figure 11-1 shows the Multicast Download dialog box.
Figure 11-1. Multicast Download Dialog Box
11.2.3 Selecting the Download Parameters

Use the Multicast Download dialog box to select an image to download to multiple remotes or
multiple line cards.
The Multicast Download dialog box is divided into the following sections described in the
paragraphs that follow:
• Package Section on page 356
• Modems Section on page 356

iDX Release 3.5
• Download Parameters Section on page 359
Package Section
Figure 11-2 shows the package section.
Figure 11-2. Package Section
The package section contains the following elements:

• Hardware drop-down list - Use to select the specific hardware to upgrade.
• Role - Indicates remote side or hub side
• Version drop-down list - Use to select the software version.
• Selected Package - Shows the most recently selected package for the selected
hardware.
• Package area - Shows the packages available for the hardware selected at the Hardware
drop-down list.
Modems Section
Figure 11-3 shows the Modems section.
NOTE: iBuilder does not allow you to download an image package to an

incompatible element. When you select a specific hardware element, only the
elements that correspond to that hardware type appear in the Remotes or Hubs
panes in the Modems section. For example, if you select the package for
Evolution X1 KA remotes, only X1 KA remotes appear in the Remotes pane. If you
select the package for Evolution line cards, only line cards appear in the Hubs
pane.
If you do not want to download the image package to a given remote or line card,
clear the check box next to it.

iDX Release 3.5
Figure 11-3. Modems Section
The Modems section contains a Remotes and Hubs section.
Remotes Section
The Remotes section contains the following elements:
• Remotes pull-down lists
• Select/Deselect - Use this pull-down list with the All pull-down list (directly below)
for additive and subtractive remote selection.
• All - Use this pull-down list with the Select/Deselect pull-down list (directly above)
• Nominal
• Changes Pending
• Deactivated
• RT WARNING
• RT ALARM
• Go button - Click Go to select remotes.
• Remote section pane shows the following:
• Name - Identifies a specific remote
• Status - Shows download status

iDX Release 3.5
• Flash started
• Flash complete
• Rebooting OS
• REMOTE HELLO
• R/T State - Indicates R/T state as:
• ALARM
• Deactivated
• WARNING
• OK
Hubs Section
The Hubs section contains the following elements:
• Hubs pull-down lists
for additive and subtractive line card selection.
for additive and subtractive line card selection.
• Nominal
• Changes Pending
• Deactivated
• RT WARNING
• RT ALARM
• Go button - Click Go to select line cards.
• Hubs section pane shows the following:
• Name - Identifies a specific line card
• Flash started
• Flash complete
• Rebooting OS
• REMOTE HELLO
• R/T State
• ALARM
• Deactivated
• WARNING
• OK

iDX Release 3.5
Download Parameters Section

Figure 11-4 shows the Download Parameters section.
Figure 11-4. Download Parameters Section (Remote Groups)
The Download Parameters section contains the following elements:

• Download Rate pull-down list - iBuilder automatically chooses an appropriate Download
Rate for the network; setting this rate higher is not recommended as it may cause the
download to fail.
• Reset check box - If selected, tells each remote to reset after the package has been
processed.
• Credentials - For reference purposes; should be left unchanged.
• Group Address - For reference purposes; should be left unchanged.
• Progress bar - Indicates download movement.
NOTE: At the Progress bar, download movement displays as 0 to 100% per group
of 150 remotes. Below the Progress bar, you will see an indication of which group
is being downloaded (e.g., 3 of 8). Each group has a separate Board Support
Package (BSP) and remote package.
11.2.4 Multicast Download Procedure

Follow these steps to perform a multicast download:
1. Right-click the Network and select Package DownloadMulticast. The Multicast
Download dialog box shown in Figure 11-1 is displayed.
2. Select the specific hardware item to upgrade (i.e. remotes or line cards).
3. Depending on whether the selected hardware is remote-side or hub-side, go to the
appropriate section of the Modems section to select or deselect the hardware.
4. Optionally, check the Reset check box to reset all remotes after the package has been
processed.
5. Click Go button.
6. Click Start to begin the download.

iDX Release 3.5
The Progress bar at the bottom of the dialog box indicates the status of the download.
Depending on the status of the download, you will see either Download Complete or
Download Incomplete. If you receive the latter message, this does not necessarily mean the
download failed; it simply means the sending application did not receive an ACK
(acknowledgement) from that destination device. This behavior is explained in the next
sections.
NOTE: For Multicast Download, remote option files are bundled together with the
remote package.
NOTE: At the Progress bar, download movement displays as 0 to 100% per group
of 150 remotes. Below the Progress bar, you will see an indication of which group
is being downloaded (e.g., 3 of 8). Each group has a separate Board Support
Package (BSP) and remote package.
11.2.5 Downloading an Image to Out of Network Remotes

You can download an image to remotes that are out of network. As long as the remote is
locked on the downstream carrier, it will receive the packets, reassemble the package, and
flash its contents. Make sure you set the reset flag if you multicast images to out-of-network
remotes.
Because the remotes are out-of-network and unable to send the final acknowledgement, the
iBuilder dialog box displays the Download Incomplete message after sending all packets.
If the remote is encrypted and out-of-network, you cannot perform a multicast download to
it. This is because the required key exchange cannot take place. The workaround in this
situation is to temporarily turn encryption off, send the package, and turn it back on after the
image has been downloaded.
11.2.6 Interactions with Other iBuilder Operations

The sequence of events during a multicast download is as follows:
1. The image package is broken into separate IP multicast packets.
2. Each packet is sent in order to the destination devices.
3. When all packets have been received, each destination device sends an acknowledgement
to the sender
4. The contents of the package are extracted and written to flash memory (a defragment
operation is performed automatically if necessary).
5. If the reset option was checked in iBuilder, each destination device resets.
After step 3, iBuilder and the NMS are “out of the loop”. iBuilder declares the download
complete, and the user is free to move on to other tasks; however, the destination devices are
not finished – they will take up to a minute to flash the package contents. For this reason, it is
wise to view destination device multicast activity in iMonitor, and wait until step 5 is
complete before continuing with other tasks in iBuilder. Destination devices send events into
the NMS indicating the progress of the multicast operation, and these events can be viewed in
an iMonitor events pane if the destination devices are in-network.

iDX Release 3.5
Upgrading with the TCP Download Feature
For example, consider the following sequence of events:

1. You send a package to a group of remotes.
2. When iBuilder declares the operation complete, you immediately send an options file to a
particular remote.
Because options files are also stored in flash memory, and the remote may still be flashing
package contents, the options file apply will “block” until the package flash is complete.
iBuilder, meanwhile, is waiting for a response to the options apply, and will probably time out
waiting for that response. The apply will work, but not until after iBuilder gives up waiting for
a response. iDirect recommends you wait until all multicast activity is complete before
performing additional tasks in iBuilder.
11.2.7 Resetting Remotes

After upgrading with the Multicast Download feature, all of the affected remotes in the
network must be reset in order to apply the modifications. You can perform a group reset or
an individual remote reset.
Group Reset
Use the Reset check box in the Download Parameters Section on page 359.
Individual Reset
Reset a remote as follows:
1. Right-click the remote, select Reset RemoteReliable (TCP).
2. When a message appears asking if you are sure, click Yes to confirm the reset.
A message appears confirming that the reset command has been issued. The success of
the reset is confirmed with a dialog box.
3. Click OK to acknowledge the confirmation.
11.3 Upgrading with the TCP Download Feature

The TCP Download feature allows you to download images to multiple remotes or multiple
line cards in a network. However, images and options files can only be downloaded to a single
network at a time.
NOTE: Users can safely upgrade more than 150 remotes to a network at one time
without experiencing issues.
11.3.1 TCP Download Dialog Box

Figure 11-5 shows the TCP Download dialog box.

iDX Release 3.5
Figure 11-5. TCP Download Dialog Box
11.3.2 Selecting the Download Parameters

Use the TCP Download dialog box to select an image to download to multiple remotes or
multiple line cards.
The TCP Download dialog box is divided into the following sections described in the
paragraphs that follow:
• Selection
• Targets

iDX Release 3.5
• Options
Selection Section
Figure 11-6 shows the Selection section.
Figure 11-6. Selection Section
The Selection section contains the following elements:

• Hardware drop-down list - Use to select the specific hardware to upgrade.
• Role - Indicates remote side or hub side (Why is this a drop-down?)
• Version drop-down list - Use to select the software version.
• Selected Package - Shows the most recently selected package for the selected
hardware.
• Package area - Shows the packages available for the hardware selected at the Hardware
drop-down list.

iDX Release 3.5
Targets Section
Note: iBuilder does not allow you to download an image package to an
incompatible element. When you select a specific hardware element, only the
elements that correspond to that hardware type appear in the Remotes or Line
Cards panes in the Target section. For example, if you select the package for
e8350 remotes, only e8350 remotes appear in the Remotes pane.
If you do not want to download the image package to a given remote or line card,
clear the check box next to it.
Figure 11-7 shows the Targets section.
Figure 11-7. Targets Section
The Targets section contains a Remotes and a Line Cards section.
Remotes Section
The Remotes section contains the following elements:
• Remotes pull-down lists
• Nominal

iDX Release 3.5
• Changes Pending
• Deactivated
• RT WARNING
• RT ALARM
• Go button - Click Go to select remotes.
• Information window shows the following:
• Name - Identifies a specific remote
• Flash started
• Flash complete
• Resetting...
• Reset
• Rebooting OS
• REMOTE HELLO
• R/T State
• ALARM
• Deactivated
• WARNING
• OK
Line Cards Section

The Line Cards section contains the following elements:
• Line Cards pull-down lists
• Nominal
• Changes Pending
• Deactivated
• RT WARNING
• RT ALARM
• Go button - click Go to select line cards.
• Information window shows the following:
• Name - identifies a specific line card

iDX Release 3.5

• Flash started
• Flash complete
• Resetting...
• Reset
• Rebooting OS
• REMOTE HELLO
• R/T State - indicates R/T state as:
• ALARM
• Deactivated
• WARNING
• OK
Options Section
The Options section provides the options shown in Figure 11-8.
Figure 11-8. Options Section
11.3.3 TCP Download Procedure

Follow these steps to perform a TCP download:
1. Right-click the Network and select Package DownloadTCP. The TCP Download dialog
box shown in Figure 11-5 is displayed.
2. Select the specific hardware item to upgrade.
3. Depending on whether the selected hardware is remote-side or hub-side, go to the
appropriate section of the Targets section to select or deselect the hardware.
4. Select the appropriate options.
5. Click Go button.
6. Click Start to begin the download.
NOTE: For the TCP Download features, remote option files are bundled together
with the remote package.

iDX Release 3.5
Upgrading Remotes Using Revision Server
11.4 Upgrading Remotes Using Revision Server

Prior to iDS Release 7.0, it was the responsibility of the network operator to ensure that all
remotes were successfully upgraded to the current version of their image files. The network
operator had to monitor the network to determine if any remotes failed to receive the initial
image upgrade. If so, the operator had to manually resend the image package until all
remotes were up-to-date.
Using iDirect’s Revision Server, you can configure the NMS to automatically upgrade remote
sites that have not yet received the latest download. Once you select a set of remotes to
upgrade, the Revision Server packages the current images and options files together (this
includes the BSP). It then periodically transmits the latest package to the selected remotes,
stopping only after all remotes in the list have successfully received their upgrades.
You can also use the Revision Server to send only options files, without reloading the images.
This allows you to change the configuration of one or more remotes and ensure that the
changes will be applied without further operator intervention.
The Revision Server has the following characteristics:
• The Revision Server can download multiple networks simultaneously.
• By default, the Revision Server uses up to 10 percent of the downstream bandwidth when
it is active. (However, you can modify the download rate when you launch an upgrade.)
• Once you start the Revision Server, it immediately begins to upgrade all the selected
remotes. If one or more remotes fail to receive the package during an upgrade cycle, the
revision server will automatically begin a new cycle to retransmit the package to those
remotes. (The time remaining before the next cycle is displayed on the Revision Server
dialog box.) Once all remotes in the list are upgraded, the revision server stops.
• You can command the Revision Server to stop upgrading one or more networks while the
upgrade is in progress.
• VNO users can use the Revision Server to download remotes as long as the VNO has the
necessary permissions or ownership of the appropriate network elements. Only remotes
that the VNO is allowed to download are displayed on the Revision Server GUI.
11.4.1 How the Revision Server Works

In order to decide which remotes require updates, the Revision Server determines the
versions of software and configuration (options file) currently loaded on each remote. It then
compares the versions on the remote to the latest versions for that remote as stored at the
NMS. Based on this comparison, the NMS assigns each remote a status of UpRev or DownRev.
An UpRev remote is up-to-date; i.e., it is loaded with an options file version and a software
version that match the versions configured at the NMS. A DownRev remote is a remote with
an options file version and/or software version that do not match the versions configured at
the NMS.
Under normal operation, the Revision Server sits in an idle state waiting for commands from
iBuilder. When commanded to perform an upgrade and/or options file application, it operates
in a specific duty cycle until its assigned tasks are complete or until it is commanded to stop
by an iBuilder user.
The Revision Server’s duty cycle is shown in Figure 11-9 on page 368. As the figure shows, the
Revision Server performs the following tasks for each cycle:

iDX Release 3.5
1. Compiles a list of DownRev remotes.

2. Creates a single package file containing the appropriate images (if upgrading) and options
files for all down-rev remotes.
3. Multicasts the package to the remotes using 10% of the downstream channel capacity.
4. Waits a calculated amount of time for the multicast to complete and for remotes to
receive the package and process it. (When a remote gets a complete package, it picks out
the images (if upgrading) and its own options file, writes the file(s) to flash, and resets.)
5. Returns to step 1. When the list of down-rev remotes reaches zero, the revision server
returns to the inactive state.
Figure 11-9. Revision Server Duty Cycle
11.4.2 When to Use the Revision Server

The Revision Server is useful both during network upgrades (when remotes require new image
packages) and during normal operations when applying configuration changes to a network.
There are two ways you can use the Revision Server to automate remote upgrades:

iDX Release 3.5
• Follow the manual upgrade procedure for all of your iDirect equipment, including
remotes. Then launch the Revision Server to upgrade any sites that were unreachable at
the time of the initial upgrade.
• Upgrade your hub equipment, including line cards and protocol processors, manually.
Then launch the Revision Server to upgrade all remote sites.
When changing remote configuration parameters, you can use the Revision Server to
automatically apply those changes by sending the updated options files to the remotes as they
become available in the network.
NOTE: The Revision Server will upgrade or downgrade your remotes to the iDirect
version that is currently running on your NMS Server. Therefore you should
upgrade the NMS servers, followed by your Protocol Processors, before starting a
Revision Server upgrade.
NOTE: You can use the Revision Server to upgrade to the new release provided
you are upgrading from iDS Release 5.05 or later.
11.4.3 Starting the Revision Server

To start the Revision Server, follow these steps:
1. Right-click the network in the iBuilder Tree and select Package Download  Revision
Server from the menu.
The Revision Server dialog box opens (Figure 11-10), including a list of all the remotes in
the network. Remotes with a status of DownRev have a different package version from
that of the NMS server. UpRev remotes are current.

iDX Release 3.5
Figure 11-10. Revision Server Dialog Box
2. In the Remotes section of the dialog box, select all remotes you want to upgrade by
clicking the check boxes. You can also click any of the following buttons to select remotes
for download:
• The Select All button selects all remotes in the network.
• The Select Down Rev button selects only remotes with a status of DownRev.
• The Select Active button selects only remotes that are currently acquired into the
network.
• The Changes Pending button selects all remotes with remote-side configuration
changes that have not yet been applied.
• The Clear All button clears the check boxes for all remotes in the network.
3. You can change the Download Rate specified in the Download Parameters section if
desired. By default, the download rate is calculated to be 10 percent of the downstream
information rate.
4. Select Options Files Only if you only want to send options files to the remotes. No image
files will be sent.
NOTE: The status of UpRev or DownRev is determined solely by the version string
of the image package. Therefore, remotes with an up-to-date package for which
the remote-side options files have not been applied will have a status of UpRev.

iDX Release 3.5
5. Click Start Upgrade to begin the upgrade process.

6. Once you have started the upgrade, you can observe the following real-time status in the
Revision Server dialog box:
• The Next Cycle counter will begin to count down, indicating the time remaining
before the Revision Server will restart the upgrade process for any remotes that are
not updated during this cycle.
• In the Remotes section of the dialog box, the status will change from DownRev to
UpRev when a remote has successfully received its upgrade.
• Status messages will be displayed in the Messages section of the dialog box, logging
the progress of the upgrade.
• Real-time events are displayed in the event pane at the bottom of the dialog box.
11.4.4 Controlling the Revision Server Real-Time Event Display

By default, all real-time events for up to five hundred remotes are displayed in the event
pane at the bottom of the Revision Server dialog box. If more than five hundred remotes are
being upgraded, only events for the first five hundred remotes are displayed.
This default behavior has two drawbacks during downloads of large networks:
• The large number of events may make it difficult for you to monitor them on the display.
• You can only see events for the first five hundred remotes.
To address these limitations, the Revision Server GUI allows you to change the Realtime
Display settings for the remotes being downloaded. By doing this, you can configure the set of
remotes for which events are displayed in the event pane. You can access these settings by
selecting remotes in the Remotes area of the dialog box and then choosing the option you
want from the Realtime Display menu.
Figure 11-11. Revision Server Realtime Display Menu
Figure 11-11 shows the Realtime Display options:

• Start Highlighted: Starts the event display for the highlighted remotes
• Stop Highlighted: Stops the event display for the highlighted remotes
• Start All: Starts the event display for all remotes
• Stop All: Stops the event display for all remotes
• Clear RT Display: Clears all events from the event pane at the bottom of the Revision
Server display
The following example shows how to stop viewing events from all remotes and begin viewing
events only from selected remotes. The procedure assumes you have selected all remotes for
download and are currently receiving events for all remotes.

iDX Release 3.5
1. Right-click in the Remotes area of the Revision Server dialog box and select Stop All from
the menu to stop events from all remotes.
Figure 11-12. Revision Server: Stop All
2. Highlight the remotes for which you want to view events. (Use Shift + click to highlight a
range of remotes. Use Ctrl + click to select multiple, individual remotes.)
3. Right-click any of the highlighted remotes in the Remotes area of the Revision Server
dialog box and select Start Highlighted from the menu.
Figure 11-13. Revision Server: Start Highlighted
NOTE: Only events from the highlighted remotes are added to the event pane at
the bottom of the Revision Server dialog box.
4. To begin viewing events from all remotes again, right-click in the Remotes area of the
Revision Server dialog box and select Start All from the menu.
As an alternative to Stop All followed by Start Highlighted, you can select all remotes you do
not want to monitor. Again, assuming you have selected all remotes for download and are
currently receiving events for all remotes:
1. Highlight the remotes for which you do not want to view events.
2. Right-click any of the highlighted remotes in the Remotes area of the Revision Server
dialog box and select Stop Highlighted from the menu.

iDX Release 3.5
Figure 11-14. Revision Server: Stop Highlighted
Events from the selected remotes are no longer added to the event pane at the bottom of the
Revision Server dialog box.
11.4.5 Monitoring Upgrades Using the Revision Server Status

Pane
The Revision Server Status pane displays the status of all current upgrades, as well as the
status of completed upgrades. To display the Revision Server Status pane, follow these steps:
1. Select Revserver Status from the View menu.
Figure 11-15. Selecting Revision Server Status from the View Menu
The Revision Server Status pane will appear in place of the iBuilder Tree, showing the
status of all upgrades that are in progress. Note that two tabs appear at the bottom of the
pane allowing you toggle between the iBuilder Tree (iBuilder Tree View tab) and the
Revision Server Status pane (Revision Server tab) as shown in Figure 11-16.

iDX Release 3.5
Figure 11-16. Revision Server Status Pane
2. To see the status of completed upgrades as well as current upgrades, select Show
historical information.

iDX Release 3.5
3. Click Details for any upgrade to see more information about that upgrade. This includes
the upgrade Status of each remote in the upgrade list.
Figure 11-17. Revision Server Details Display
11.4.6 Cancelling an Upgrade

To cancel a Revision Server upgrade:
1. Right-click the network in the iBuilder Tree and select Package Download  Revision
Server to launch the Revision Server dialog box.
2. Click the Stop Upgrade button to cancel the upgrade.

iDX Release 3.5

iDX Release 3.5
12 Commissioning a Hub
Line Card
This section provides instructions for commissioning iDirect line cards. It discusses the
following topics:
• Powering on the equipment
• Determining the IP address
• Downloading the initial image package and options file
• Performing the 1 dB compression test when necessary
• Setting the transmit power for the downstream carrier
12.1 Prerequisites
Before executing this procedure, the following tasks must have been performed at the hub:
• The physical teleport installation is complete.
• The hub antenna is pointed and the cross polarization test performed.
• The NMS client and server software are installed and running.
• The following components and network elements are configured in iBuilder:
• All hub equipment, satellite transponder bandwidth, and the upstream carrier to be
transmitted by this line card. (See Defining Hub RFT Components and the Satellite on
page 69.)
• All hub components in the iBuilder Tree. (See Defining Network Components on
page 89.)
• The iBuilder network in which this line card will operate. (See Defining Networks,
Line Cards, and Inroute Groups on page 117)
NOTE: If adding a new line card, the Tx Out, Rx In and Lan A ports should not be
connected at this time. Do not connect these cables until instructed to do so by
this procedure.

iDX Release 3.5
Add the Line Card in iBuilder and Retrieve the Configuration
12.2 Add the Line Card in iBuilder and Retrieve the

Configuration
Add the line card to the iBuilder Tree and configure the line card parameters in the options
file as follows:
1. Right-click the network in the iBuilder Tree and follow the procedure in Adding a
Transmit or Transmit and Receive Line Card on page 121 to configure the line card.
2. Right-click the network in the iBuilder Tree and select Apply  Network Configuration
from the menu.
NOTE: Do not apply the line card configuration at this time.
3. Right-click the line card in the iBuilder Tree and select Retrieve  Saved Configuration.
4. In the Save As dialog box, navigate to the folder on your PC in which you want to save
the options file. Then click the Save button to save the file to your PC.
5. After you save the options file, it is displayed in Notepad as a text file. You can review the
configuration before closing the Notepad window.
12.3 Power on the Line Card

Power on the line card as fol:
1. Insert the line card into the slot in the hub chassis.

iDX Release 3.5
Determine the IP Address
2. In iBuilder, right-click the chassis in the iBuilder Tree and select Modify  Item to open
the Chassis dialog box.
Figure 12-1. Chassis Dialog Box
3. In the State column, select the check box for the slot that contains the new line card. The
State of the slot changes from Off-Licensed to On-Licensed.
4. Right-click in the Hub Assignment column of the slot and select the line card.
5. Click OK to save the Chassis configuration.
6. Wait two minutes.
7. Right-click the Chassis in the iBuilder Tree and select Apply Configuration to power on
the slot.
12.4 Determine the IP Address

Determine the IP Address and subnet mask of the line card as follows:
NOTE: The default IP Address of a line card is 192.168.0.1, with a subnet mask of
255.255.255.0. If you already know the IP address, you can skip this section.
1. Connect a console cable from the COM1 port on your client PC to the console port on the
line card.
2. Using a terminal emulator program such as Tera Terminal or HyperTerminal, connect to
the line card with the following settings:
• 9600 bps
• 8 bits
• No parity

iDX Release 3.5
Determine the IP Address
• 1 stop bit
This is illustrated in Figure 12-2 using Tera Terminal.
Figure 12-2. Tera Terminal Serial Port Setup Dialog Box
3. Log in as:
Username: root
Password: <password>
Either iDirect or P@55w0rd! is the default password for the root account.
4. At the Linux prompt, type
telnet localhost
The Telnet login screen will appear.
5. Log in to the Telnet session as:
Username: admin
Password: <password>
Either iDirect or P@55w0rd! is the default password for the admin account.
6. At the Telnet prompt, type the following command to determine the IP Address and
subnet mask of the line card:
laninfo
The output of the laninfo command is shown in Figure 12-3.
Figure 12-3. laninfo Command Output

iDX Release 3.5
Download the Image Packages and Options File
7. Note the IP address and subnet mask. You will need this information when downloading
the image packages and options file.
12.5 Download the Image Packages and Options File

When installing a new line card, use iSite to download the image packages containing the
software and firmware before establishing connectivity with the NMS. (For information on
downloading images from iBuilder, see Upgrading Software and Firmware on page 353.)
These steps assume that your laptop is still connected to the console port of the line card and
that you have not yet connected your line card to the LAN.
1. Configure the IP address and subnet mask on your PC to be an IP address in the same
subnet as the IP address of the line card.
NOTE: The default IP Address of a line card is 192.168.0.1, with a subnet mask of
255.255.255.0.
2. Connect a cross-over Ethernet cable between the LAN port of the line card and your PC or
laptop.
3. Launch iSite. The main iSite screen will appear.

iDX Release 3.5
Figure 12-4. iSite Main Screen
4. Right-click the globe in the iSite Tree and select New. An Unknown element is added to
the iSite Tree.
Figure 12-5. Creating a New Element in the iSite Tree

iDX Release 3.5
5. Right-click the new element and select Login to display the Login dialog box.
Figure 12-6. iSite Login Dialog Box
6. Enter the IP Address of the line card and a password. (iDirect is the default password.)
7. Select Admin in the Login as section and click OK. The line card will appear in the iSite
Tree, replacing the unknown element.
8. In the iSite Tree, right-click the line card and select Download Package to display the
Download Package dialog box.

iDX Release 3.5
Figure 12-7. Download Package Dialog Box
9. In the Download Package dialog box:

a. Click the Open button to display the Open dialog box.
b. Navigate to the folder on the client PC that contains your iDirect hub line card
packages.

iDX Release 3.5
Figure 12-8. Line Card Packages
NOTE: You must download both packages to your line card, beginning with the
Board Support Package (BSP), followed by the hub package(s).
c. Select the Linux Board Support Package (BSP).

d. Click the Open button to return to the Package Download dialog box.
e. In the Download Package dialog box, select:
• Don’t check versions
• Download images only
• Don’t reset
f. Click the Start button to download the package.
g. Repeat Step a through Step f, but this time download the hub package(s) for your line
card model rather than the BSP.
10. After you have downloaded both packages, right-click the line card in the iSite Tree and
select Download Option From Disk to display the Open dialog box.
11. Navigate to the folder containing the options file that you saved from iBuilder when
executing step 4 of Section 12.2 on page 378. Then select the options file.
12. Click the Open button.
13. Click Yes to download the options file to the line card.
14. Right-click the line card in the iSite Tree and select Reset from the menu.
At this point the new line card configuration (including the new IP address) has been applied
and you will lose connectivity to the line card. Do not disconnect the console cable.

iDX Release 3.5
Connect the Transmit Ports
12.6 Connect the Transmit Ports

Connect the Tx/Rx or Tx-only line card transmit ports to the network as follows:
CAUTION: Connecting the transmit port of your line card will result in the
transmission of a carrier on the satellite. This step should only be performed
while on line with the satellite provider.
1. Connect the Tx coax patch cable to the line card’s Tx Out port.
2. Connect the Tx coax patch cable to the corresponding Tx patch panel port above the line
card slot.
12.7 Connect the Receive Ports

Connect the Tx/Rx or Rx-only line card receive ports to the network as follows:
1. Connect the Rx coax patch cable to the line card’s Rx In port.
2. Connect the Rx coax patch cable to the corresponding Rx patch panel port below the line
card slot.
12.8 Perform 1 dB Compression Point Test with the

Satellite Operator
This step determines the maximum transmit power level at which the line card operates
before starting to saturate the BUC. This test is not necessary if your teleport is using an SSPA
or a BUC with more than five watts of power. However, when using a BUC with five watts of
power or less, perform this test to ensure that you do not overdrive the BUC.
The 1 dB Compression Point test is performed at the direction of the satellite operator using a
CW carrier. The satellite operator should inform you of the transmit frequency for the test.
Perform the test as follows:
1. If you do not have a console connection to the line card, establish one now by following
the steps in Section 12.4 on page 379. (Note that the IP address that you configured for
the line card is now loaded on the line card. You may need to reconfigure the IP address
of your PC to match the new subnet.)
2. Set the transmit frequency of the line card by entering the command:
tx freq <fx>
where fx represents the L band frequency in MHz.
3. Set the initial transmit power of the line card by entering the command:
tx power <pwr>
where pwr represents the power setting in dBm. Begin with a low value such as -25 dBm
to minimize the chance of interfering with other carriers.
4. Turn on a CW signal by entering the command:
tx cw on

iDX Release 3.5
Set the Transmit Power for the Outroute with the Satellite Operator
At this point the satellite operator should see your signal.

5. While the satellite operator is observing your CW carrier, increase the transmit power in 1
dBm increments until a 1 dBm change in power no longer results in a corresponding 1 dBm
change in signal strength as measured by the satellite operator. The last point at which
the CW changes by 1 dB is the 1 dB compression point. This is maximum Tx power.
6. Disable the CW signal by entering the command:
tx cw off
12.9 Set the Transmit Power for the Outroute with the
Satellite Operator
Set the transmit power for the outroute as follows:
NOTE: The tx pn commands in these steps are used to transmit a modulated

carrier at the configured data rate, FEC rate, and modulation. The satellite
operator my request you to transmit a CW carrier rather than a modulated carrier.
In that case, replace the tx pn commands with tx cw on and tx cw off. Note,
however, that iDirect recommends using a modulated carrier to set the transmit
power.
NOTE: Whenever tx pn or tx cw commands are used, you must reset the line card
to restore normal operation. Be sure to follow the instructions in the next section
to reset your line card after applying the configuration.
1. If you do not have a console connection to the line card, establish one now by following
the steps in Section 12.4 on page 379.
2. Configure the line card to transmit at the frequency indicated by the satellite operator by
entering the command:
tx freq <fx>
where fx represents the L band frequency in MHz.
3. Configure the line card to transmit a signal with pseudo-random data by entering the
command:
tx pn on
4. Working with the satellite operator, adjust the transmit power to achieve the contracted
power at the satellite. To change the tx power to a new value, type:
tx power <pwr>
where pwr represents the power setting in dBm.
5. Disable the PN carrier by entering the command:
tx pn off
6. Open iBuilder and select the line card in the iBuilder Tree. Then select Modify 
Assigned Downstream Carrier from the context menu.
7. In the Downstream Carrier dialog box, enter the value for Power determined in step 4.

iDX Release 3.5
Connect to the LAN and Apply the Line Card Configuration
Figure 12-9. Assigning the Downstream Carrier Power
8. Exit the console window by entering the command:

exit
9. You can disconnect the console cable at this time.
12.10 Connect to the LAN and Apply the Line Card

Configuration
Connect the line card to the LAN and apply the updated configuration as follows:
1. Connect the Ethernet to the LAN A port on the line card.
2. In iBuilder, right-click the line card in the iBuilder Tree and select Apply  Configuration
from the menu. Select the option to Reset the line card.

iDX Release 3.5
13 Managing User Accounts
and User Groups
Prior to iDS Release 7.0, all user accounts were independent of one another. Beginning with
iDS Release 7.0, all users belong to one of a variable number of User Groups. Visibility of
network elements and access rights to those elements are now defined at the user group level
rather than for each user account. This chapter explains how to create and manage user
groups and user accounts, and how to define the permissions and access rights associated with
each. It discusses the following topics:
• Conversion of User Accounts During Upgrade Procedure on page 389
• NMS User Groups on page 390
• Modifying Group QoS Settings for VNO User Groups on page 407
• Adding and Managing User Accounts on page 417
• Changing Passwords on page 423
• User Privileges on page 424
• Simultaneous Changes to the NMS Database on page 427
13.1 Conversion of User Accounts During Upgrade

Procedure
When upgrading from a pre-7.0 release, the database conversion process, which runs
automatically when you upgrade the NMS server, performs the following actions on existing
user accounts:
• All non-VNO accounts are put into the System group automatically.
• For each VNO account, the upgrade creates a new user group and adds the user account
to it.
• Account permissions are maintained, but all VNO visibility settings are turned off. You
must use iBuilder to re-establish appropriate visibility for each user group.
CAUTION: As soon as possible after you upgrade from a pre-7.0 release, you must
re-define the visibility settings for each VNO user group. VNO users will be unable
to use the system until you have done this.

iDX Release 3.5
NMS User Groups
13.2 NMS User Groups

There are three types of NMS User Groups:
• The System User Group
• VNO (Virtual Network Operator) User Groups
• CNO (Customer Network Observer) User Groups
The System User Group provides specific permissions and access rights above all other groups.
Members of the system group are the Host Network Operators (HNOs), system administrators,
NOC managers, and other “super users” of the system.
All database items are visible to users in the system group, including all network elements
created by VNO users. Individual permissions of system users may vary from account to
account.
VNO users may create and manage their own QoS profiles, filter profiles, antenna
components, or any other network components, subject to permissions established at the
group level by the HNO.
VNO User Groups restrict visibility and access rights of group members based on the
permissions granted to the group. Creating and managing VNO User Groups is discussed in
detail later in this chapter.
CNO User Groups can be created to allow customers to monitor groups of network elements
without the ability to add new elements or modify the network in any way. CNO users are
restricted to iMonitor read-only access to the network elements that are visible to their CNO
User Group. They cannot log into iBuilder.
NOTE: VNO and CNO User Groups are licensed features. Before defining VNO or
CNO User Groups, please contact your iDirect Account Manager.
NOTE: The term HNO Administrator is used in the following sections to refer to a
System Group User with permissions to create and modify VNO User Groups.
13.2.1 Visibility and Access for VNO User Groups

iBuilder distinguishes between network elements (such as inroute groups and remotes) and
component folders (such as QoS and Filter folders) when applying rules for visibility and
access within a VNO User Group. Each is discussed separately in the following sections.
Visibility and Access for Network Elements

When setting network element visibility and access rights for VNO groups, it is important to
keep the following principles in mind:
• Visibility propagates up the tree, but not down the tree. For example if you make a
remote Visible to a User Group, members of the group will see that remote’s “parentage”
all the way to the up to the teleport element. However, if you set visibility at the teleport
level, group members will see only the teleport when they log in; they will not see any
elements underneath it.

iDX Release 3.5
NMS User Groups
• Visibility has three different levels of access rights. When you give visibility of an
element to a User Group, for example an inroute group, you have the following additional
access rights you can grant or revoke:
• Create access allows users to create new elements underneath this node. For
example, you can allow a user to create new remotes in an inroute group.
• Write access allows users to modify the contents of the element itself. For example,
a user with Write access to an inroute group could modify the inroute group to turn
off frequency hopping.
• Control access gives users the right to perform control operations on child elements
of the specified node. For example, users with Control access for an inroute group can
perform all control operations on remotes in that inroute group.
• Ownership is different from Visibility. When you set a node as Owned by a VNO group,
you are dedicating that node and all of its children to this VNO group exclusively (except
for system users, of course). No other VNO groups are able to see or interact with this
group in any way. Visibility to network elements, however, can be shared across multiple
VNOs.
• VNOs cannot see each other; System users see all. When a VNO creates a network
element, only the members of that group and the System User Group are able to see the
element. When the system group creates or owns a network element, no VNOs can see
this element unless they are granted visibility to it.
• User Groups are highly configurable. The implementation of VNO User Groups is quite
flexible; you can configure groups in a number of ways. However, unless you are careful
when configuring your user groups, this flexibility can result in unwanted results. It is
possible to give VNO User Groups various combinations of write and visibility access that
may create confusion in practice.
For example, giving a VNO Write access to an inroute group, without granting Control
access at the Network level, could result in a condition from which the VNO user is unable
to recover. In this example, a VNO user could modify the inroute group so that it sets the
Network to the “Changes Pending” state, yet be unable to apply the changes.
Visibility and Access for Components Folders

Visibility and access rights are handled differently for components folders than they are for
elements of the iBuilder Tree. The following options exist when setting up VNO group visibility
and access to components folders in the tree:
• Users see the contents of folders. In general, users in a VNO group can see the contents
of all component folders. However, they cannot change them or add new components.
• Users can add elements to some folders. VNO users can add Remote Antenna
Components, Operators, Distributors and Customers. Folder elements added by a VNO
user are owned by the VNO.
• QoS Profile folders are special. By default, VNO users cannot add or modify QoS filters
or QoS profiles. However, selecting the Create property on a QoS profile folder allows the
customer to create new entries in that folder. For more information, see Setting VNO
Permissions for QoS Profiles on page 414.
The rules for QoS visibility and control are:
• All VNO users see profiles created in the System User Group.

iDX Release 3.5
NMS User Groups
• Profiles created by VNO members are visible only to members of that VNO User Group and
the System User Group.
13.2.2 Visibility and Access for CNO User Groups

CNO User Groups have the following characteristics:
• CNO users can log in to iMonitor only. They cannot log in to iBuilder.
• Within iMonitor, CNO users can view all network elements that have been made Visible to
their CNO User Group. The rules of visibility propagation in the iBuilder Tree that apply to
VNOs also apply to CNOs. (See Visibility and Access for Network Elements on page 390).
• CNO users have no access rights other than the ability to view visible elements.
Specifically, Create, Write and Control access cannot be granted to CNO users.
• CNO users cannot use the iMonitor Probe or view the iMonitor Probe pane.
• CNO users cannot select the Connect command from the iMonitor GUI.
13.2.3 Creating and Managing VNO and CNO User Groups

You can manage User Groups and their users from iBuilder’s Network Tree View. When you add
or modify a User Group, the Group dialog box is displayed (Figure 13-1).
Figure 13-1. Group Dialog Box
The Information tab contains a Full View of the network tree in the left pane and the User
Group View in the right pane. Notice that the visibility and ownership properties of the tree

iDX Release 3.5
NMS User Groups
elements in the User Group View are color coded according to the key at the bottom of the
window.
Adding or Modifying a VNO or CNO User Group

To add or modify a new User Group:
1. To add a User Group, right-click the User Group folder in the iBuilder Tree and select
either Add VNO User Group or Add CNO User Group. To modify an existing User Group,
right-click the User Group’s name in the iBuilder Tree and select Modify. Both alternatives
are shown below.
2. In the Group dialog box, enter a Group Name for the User Group. If desired, you can also
change the Group Type and add a Description of the group.
Figure 13-2. Group Dialog Box: Modifying a User Group
3. On the Information tab of the dialog box, right-click on elements in the Full View to set
their visibility and permissions for the User Group.
The menu displays a check mark next to all access rights selected for this element. The
User Group View shows you which elements this group’s users will have access to, and
what their access rights will be. Figure 13-3, Figure 13-4, and Figure 13-5 show examples
of VNO User groups with various settings.

iDX Release 3.5
NMS User Groups
Figure 13-3. Setting a VNO Element to Visible with Create Permission
Figure 13-4. . Setting a VNO Element to Visible Only

iDX Release 3.5
NMS User Groups
Figure 13-5. Setting a VNO Element to Owned
NOTE: When configuring a CNO User Group, you can only select Visible from the
context menu. Other permissions in the list apply to VNO User Groups only.
13.2.4 Setting Global Rate Limits for User Groups

You can use the Properties tab of the Group dialog box to limit the maximum upstream and
downstream information rates for a User Group. When either or both of these fields is greater
than zero, a rate limit above the specified value cannot be configured for any remote under
the group’s control.
1. In the Group dialog box, select the Properties tab.
Figure 13-6. Setting Rate Limits for User Groups
2. To limit the downstream information rate, select the MaxDownstreamKbps check box and
enter the rate limit in kbps.

iDX Release 3.5
NMS User Groups
3. To limit the upstream information rate, select the MaxUpstreamKbps check box and
enter the rate limit in kbps.
In Figure 13-6, remotes created or controlled by members of the User Group are restricted to
a maximum of 256 kbps on the downstream and a maximum of 32 kbps on the upstream.
13.2.5 Modifying per Node VNO Properties

In addition to changing a VNO User Group’s properties directly, you can also modify multiple
VNO access rights for a particular element in the iBuilder Tree. To view or change all VNO
properties for an Inroute Group, for example:
1. Right-click the inroute group and select ModifyVNO.
2. To make the element visible to a VNO, select the check box next to the VNO name. (You
can also do this by selecting from the context menu as described in the next step.)
Figure 13-7. Making an Element Visible to Multiple VNOs

iDX Release 3.5
NMS User Groups
In Figure 13-7, the inroute group is visible to three different VNO groups. VNO1 and VNO2
can only view the Inroute Group. VNO3 can perform control operations such as applying
configuration changes.
3. To modify a VNO’s permissions for the selected element, right-click on the VNO name and
select the desired permissions from the menu.
Figure 13-8. Setting Element Permissions for a VNO
4. To change ownership of the selected element, click the arrow in the Owned by drop-
down menu and select a new group.
Figure 13-9. Selecting a New VNO Owner for an Element
13.2.6 Changes Made by an HNO During a VNO Session

If a VNO user is already logged on to iBuilder when an HNO administrator changes permissions
for the VNO User Group, a pop-up window is displayed to the VNO user with the following
message:

iDX Release 3.5
NMS User Groups
Clicking OK causes iBuilder to log out and then log back on to the VNO user session,
committing the configuration changes executed from the HNO’s administrative session.
NOTE: iBuilder will automatically log back on to the VNO user session to enable
the visibility to new items created under component folders by HNO users.
13.2.7 Sharing a Chassis Among Multiple VNO User Groups

Beginning with iDX Release 2.0, an HNO can assign VNOs access rights or ownership for
individual slots in a 20-slot or a four-slot chassis. This allows an HNO to share a single chassis
among multiple VNOs. It allows the VNOs to perform configuration and control operations on
some chassis slots while disallowing access to other slots.
Figure 13-10 shows two possible configurations of a chassis in the Full View of the Modify VNO
configuration screen. On the left, the first eight slots of a 20 slot chassis have been divided
between VNO 1 and VNO 2. VNO 1 owns slots 1 through 4. VNO 2 owns slots 5 through 8. On
the right, VNO 1 has been granted visibility to slots 1, 2 and 3 in a four-slot chassis, but no
visibility to slots 4 and 5.
Figure 13-10. VNO Full View: Owned Slots vs. Visible Slots
If a VNO has write access to a chassis, then a VNO operator can modify the chassis. The
operations that each VNO can perform on the chassis slots depend on the VNO’s access rights
to those slots.
• If the VNO owns a chassis slot, a VNO operator can power on and off the slot and assign a
line card to the slot.
• If the VNO owns all slots in two adjacent timing groups, a VNO operator can enable the
jumper between the timing groups. (This is subject to additional backplane checks.)
Ownership of all slots in both timing groups is required to set these jumpers.
• If the VNO has both write access and control access to a chassis slot, a VNO operator can
assign line cards to the slot and power on or off the slot.
• If the VNO has only write access to a chassis slot, a VNO operator can assign line cards to
the slot. However the VNO operator cannot power on or off the slot.

iDX Release 3.5
NMS User Groups
• If the VNO has only control access to a chassis slot, a VNO operator can power on or off
the slot. However the VNO operator cannot assign line cards to slot.
NOTE: A VNO must own a network and its line cards in order to manage line card
redundancy.
If two VNOs have write access to the same chassis, VNO users in both VNO user groups can
modify the chassis in iBuilder. However, on the chassis modify screen, each VNO sees only the
slot assignments of its own line cards or to line cards set to Visible for the VNO. A VNO
operator cannot see the line card assignments for line cards owned by another VNO.

iDX Release 3.5
NMS User Groups
Figure 13-11 shows two versions of the same Chassis Modify screen.
Figure 13-11. HNO and VNO Views of Chassis Modify Screen

iDX Release 3.5
NMS User Groups
In Figure 13-11, VNO 1 owns the line cards in slots 1 and 2 and VNO 2 owns the line cards in
slots 9 and 10. The top image in Figure 13-11 shows what the HNO sees when right-clicking the
chassis in the iBuilder Tree and selecting ModifyItem. Both VNO 1’s line cards and VNO 2’s
line cards are displayed to the HNO.
The bottom image in Figure 13-11 shows the same screen when a VNO 1 user is logged on to
iBuilder. Notice that VNO 1 cannot see the slot assignments for slots 9 and 10, since those line
cards are owned by VNO 2.
If a VNO owns a chassis slot, then iBuilder does not allow any other VNO to assign line cards to
that slot. Therefore, no conflicts can arise. However, if two VNOs have write access to the
same slot, the slot may be occupied by a line card owned by one VNO that cannot be seen by
the second VNO. In that case, if the second VNO attempts to assign a line card to the occupied
slot, iBuilder does not allow the assignment and displays an error message. Figure 13-12 show
the result when a VNO attempts to assign slot 1 when the slot is already occupied.
Figure 13-12. Chassis Modify: Attempting to Assign an Occupied Slot
13.2.8 Configuring VNO Access Rights for a Shared Chassis

The following procedure illustrates how an HNO might configure a chassis to be shared by two
VNOs. In this example, the HNO grants each VNO write and control access to the chassis and
control access to specific slots within the chassis. This allows each VNO to perform
redundancy operations on their own line cards and to power on and off the slots containing
their line cards. Since the HNO does not grant the VNOs write access to the timing groups, the
VNOs cannot change their slot assignments.
For details on configuring a chassis see Configuring a Hub Chassis on page 313. For details on
line card redundancy management see Managing Line Card Redundancy Relationships on
page 138.
NOTE: This example assumes that the VNOs have been granted ownership of their
respective networks and line cards. The VNOs must own these elements to
manage their line card redundancy.

iDX Release 3.5
NMS User Groups
1. Log on to iBuilder as an HNO administrator.

2. Under the User Groups folder in the iBuilder Tree, right-click the first VNO user group and
select Modify.
3. In the Full View section of the Modify Configuration screen for the VNO, expand the tree
to expose the chassis you want the VNOs to share.
4. Right-click the chassis and grant Visibility and Write and Control access to the VNO.
Figure 13-13. Granting Chassis Rights to a VNO
NOTE: Control access allows the VNO to apply configuration changes to the
chassis. For example, if the VNO enables or disables the power to a slot, the VNO
can then download the changes to the chassis.
5. Expand the chassis in the Full View to display the chassis slots.
Figure 13-14. Expanded Chassis in VNO Tree

iDX Release 3.5
NMS User Groups
6. Right-click each Slot that you want the VNO to use and grant Visibility and Control to the
VNO.
Figure 13-15. Granting Control of Chassis Slots to a VNO

8. Repeat these steps for the other VNO, granting chassis and slot access as desired.
Once the VNOs are configured according to this example, a VNO user can right-click the
shared chassis in the iBuilder Tree and select Modify. On the Chassis Modify screen:
• The VNO user can toggle on and off the power for line cards owned by the VNO, since
Control access has been granted for the slots. (See Figure 13-15.)
• The VNO user cannot change the slot assignments for line cards owned by the VNO, since
Write access has not been granted for the timing groups.
• The VNO user cannot view or modify the slot assignments for line cards owned by other
VNOs.
Because the VNOs in the example have ownership of their networks and line cards, a VNO user
can establish line card redundancy relationships and swap active and standby line cards, but
only for those line cards owned by the VNO. Figure 13-16 shows the Manage Line Card
Redundancy screen when logged on as VNO 1. VNO 2’s line cards are not displayed to the VNO
1 user.
Figure 13-16. VNO View of Manage Line Card Redundancy Screen
NOTE: If you are sharing a chassis among multiple Network Management Systems,
please see Sharing a 20 Slot Chassis in a Multi-NMS System on page 322.

iDX Release 3.5
NMS User Groups
13.2.9 Configuring VNO Access Rights for SCPC Return Channels

Beginning with iDX Release 3.0, some iDirect line card model types can be configured to
receive a single SCPC upstream carrier or multiple SCPC upstream carriers. The number of
SCPC carriers that a line card can receive depends on the line card model type, the selected
receive mode, and licensing. (See Adding Receive-Only (Rx-Only) Line Cards on page 124 for
details.)
An HNO can assign VNO ownership of individual SCPC return channels on a line card in single
or multiple channel SCPC receive mode. For multichannel line cards, this allows more than
one VNO to share the line card.
Figure 13-17 shows a multiple channel SCPC line card fully expanded in the Full View of the
Modify VNO configuration screen. In the figure, the first four channels of the line card are
owned by VNO 1 User Group and the last four channels are owned by VNO 2 User Group.
Figure 13-17. VNO Full View: SCPC Return Channels Shared by two VNOs
When one or more SCPC return channels are owned by a VNO, the line card is automatically
Visible to the VNO. The VNO can add remotes to the SCPC line card or move remotes between
SCPC line cards and inroute groups.
A VNO can own an SCPC return channel even when the channel has not been assigned an
upstream carrier or a remote. This allows VNO users to assign upstream carriers and remotes
to the VNO’s SCPC return channels without the assistance of the HNO.
NOTE: The HNO must make an SCPC upstream carrier Visible to the VNO before
the VNO can assign that carrier to an SCPC return channel or to a remote. A VNO
cannot own an upstream carrier.
NOTE: When the HNO assigns an SCPC return channel to a VNO user group, and
that channel is already associated with an SCPC upstream carrier, then the carrier
is automatically visible to the VNO user group. Furthermore, if the upstream
carrier is also assigned to a remote, then the VNO automatically owns the remote.

iDX Release 3.5
NMS User Groups
As an HNO, you can assign ownership of SCPC upstream channels to a VNO as follows:
1. Right-click the VNO user group in the iBuilder Tree and select Modify from the menu.
2. In the Full View, expand the line card to view the channels. Channels are numbered from
zero to seven.
3. Right-click the channels you want to assign to the VNO and select Owned (Figure 13-18).
The line card will automatically become Visible to the VNO, with Create permission.
Figure 13-18. Setting Ownership of an SCPC Return Channel
NOTE: If a VNO owns one or more channels on an SCPC line card, then you can
assign SCPC upstream carriers to the VNO when you select the carriers for the line
card. See Step 7 in Adding Multiple Receive Carriers to a Line Card on page 128
for details.
13.2.10 VNO Operations on Line Cards in SCPC Return Mode

When a VNO owns individual channels on a line card in SCPC return mode, a VNO user can:
• Assign SCPC upstream carriers to the line card
• Create remotes under the SCPC line card
• Move remotes from the SCPC line card to another SCPC line card with owned channels
• Move remotes between SCPC line cards and inroute groups that have the correct
permissions set
See Moving Remotes Between Networks, Inroute Groups, and Line Cards on page 333 for
details on moving remotes.
As a VNO user, if your VNO owns individual return channels on an SCPC multichannel line card,
then you can modify the SCPC carrier assignments as follows:
1. Right-click the line card in the iBuilder Tree and select Modify Carriers from the menu.
The Line Card dialog box opens in read-only mode.

iDX Release 3.5
NMS User Groups
2. In the Line Card dialog box, click the Configure Carriers button to open the Select
Carrier dialog box (Figure 13-19).
Figure 13-19. Line Card Dialog Box: VNO User Selecting Configure Carriers
When opened by a VNO user, the Select Carrier dialog box shows the SCPC upstream
carriers currently assigned to the line card and any additional carriers that the VNO user
can assign. Only carriers that are visible to the VNO are displayed.
3. To assign a new carrier to the line card, select the check box of the carrier. The User
Group is automatically updated with your VNO user group name.
NOTE: A VNO user cannot select more SCPC upstream carriers than the number of
SCPC return channels owned by the VNO.
4. To remove a carrier from the line card, clear the check box of the carrier. The User Group
is automatically cleared.
NOTE: A VNO user cannot change the line card center frequency.
5. Click OK in the Select Carrier dialog box to save the new carrier assignments.
6. Click OK in the Line Card dialog box to save the changes.

iDX Release 3.5
Modifying Group QoS Settings for VNO User Groups
13.3 Modifying Group QoS Settings for VNO User

Groups
Host Network Operators (HNOs) can selectively turn on or off different levels of Group QoS
(GQoS) configuration privileges for Virtual Network Operators (VNOs). Under a network or
inroute group, an HNO can set VNO permissions for the Bandwidth Pool, Bandwidth Groups
and Service Groups. An HNO can assign ownership or visibility to a VNO User Group for these
GQoS nodes. However, visible GQoS nodes cannot be assigned Create, Write or Control access.
13.3.1 Restricting VNO Access to GQoS Tab Only

If a VNO owns a GQoS node, the VNO can modify that node from the Group QoS tab of the
network or inroute group dialog box. However, unless the VNO also has write permission or
ownership for the network or inroute group itself, the VNO cannot modify parameters on
other tabs of the network or inroute group element.
For example, Figure 13-20 shows a VNO configured with Visibility to VNO 1 Network but no
additional permissions for the network. The VNO owns the Bandwidth Pool for the network,
including all Bandwidth Groups and Service Groups.
Figure 13-20. VNO with Network Visibility and GQoS Node Ownership
NOTE: Visibility is indicated by green text. Ownership is indicated by magenta

text. When ownership is assigned to a node, visibility is automatically granted to
all higher nodes in the tree necessary to reach the owned node.
As shown in Figure 13-21, when a VNO user right-clicks the network, the user can only select
ModifyGroup QoS but cannot select ModifyItem.

iDX Release 3.5
Figure 13-21. VNO Network Menu with Owned GQoS Nodes but No Network Access
When the VNO User selects ModifyGroup QoS, the network dialog box is displayed with all
tabs. However, the user can only modify owned QoS nodes on the Group QoS tab. The VNO
user cannot change anything on the Information tab or the Custom tab.
However, if the VNO has Write access to or Ownership of the network or inroute group, then a
VNO user can change any settings on the network or inroute group as well as on its owned
GQoS nodes. For example, Figure 13-22 shows the VNO from Figure 13-20 re-configured to add
Write and Control access to the network.
Figure 13-22. VNO with Network Write Access and GQoS Node Ownership
Because the VNO has been granted Write access to VNO 1 Network, a VNO user can select
both ModifyGroup QoS and ModifyItem from the network menu. This is illustrated in
Figure 13-23.

iDX Release 3.5
Figure 13-23. VNO Network Menu with Owned GQoS Nodes and Write Access to Network
When the VNO user selects ModifyItem for the network, the user can change the
configuration on the Information and Custom tabs as well as the configuration of its owned
GQoS nodes on the Group QoS tab.
13.3.2 Assigning Ownership of Group QoS Nodes to a VNO

By selectively assigning ownership of GQoS nodes to a VNO, the HNO can delegate the GQoS
configuration privileges for the branches under that node to the VNO. If a VNO owns a GQoS
Node, then VNO users can modify the node and create new subnodes. VNO users cannot
modify any parts of the bandwidth tree which are not owned by the VNO.
For example, Figure 13-24 shows a VNO with Ownership of Bandwidth Group 1 (and all its
subnodes) but no ownership of or visibility to Bandwidth Group 2.
Figure 13-24. VNO Ownership of Partial Bandwidth Pool
When a VNO user modifies the Group QoS settings for VNO 1 Network, the VNO user has
access to all nodes in Bandwidth Group 1 but cannot see or modify Bandwidth Group 2. This
is illustrated in Figure 13-25.

iDX Release 3.5
Figure 13-25. VNO View of Partially-Owned Bandwidth Pool
Notice in Figure 13-25 that the VNO user cannot see Bandwidth Group 2, since the VNO has
not been granted any permissions for that Bandwidth Group. However the VNO can see (and
modify) Bandwidth Group 1, since it is owned by the VNO.
NOTE: On the Group QoS tab, a VNO user can only see remotes assigned to a
Remote Service Group if those Remotes are Visible to or Owned by the VNO.
Some properties of Group QoS nodes (called Request Properties) affect how the parent node
allocates bandwidth among its subnodes. When a VNO is granted ownership of a Group QoS
node, the VNO can only modify the Request Properties of the node if the VNO has the right to
modify the parent node. If the VNO could modify the Request Properties of a node without
having permission to modify the parent node, then the VNO could change settings such as the
MIR and CIR granted to the owned node by the parent node, potentially at the expense of
competing nodes. Therefore, the ability to change the Request Properties of a Group QoS
node is dependent on permissions set for the parent.
An example is shown in Figure 13-26.

iDX Release 3.5
Figure 13-26. Request Property Access for GQoS Nodes
On the left side of Figure 13-26, the VNO owns Bandwidth Group 1 but does not have
ownership of the network’s Bandwidth Pool. Therefore, the VNO cannot modify the Request
Properties of Bandwidth Group 1. On the right side of Figure 13-26, the VNO owns
Bandwidth Group 1 and its parent node, the network’s Bandwidth Pool. Therefore, the VNO
can modify the Request Properties of Bandwidth Group 1.

iDX Release 3.5
13.3.3 Setting VNO Permissions for Group QoS Nodes

This section describes how to assign a VNO ownership or visibility to nodes and subnodes of a
Group QoS bandwidth pool.
To assign the VNO permissions to a GQoS node such as a Bandwidth Pool, Bandwidth Group or
Service Group to a VNO:
1. Log on to iBuilder as an HNO administrator, right-click the VNO User Group, and select
Modify.
2. In the Group dialog box (Figure 13-27), expand the Full View tree to expose the node or
nodes you want to assign to the VNO. Group QoS nodes are displayed in folders under
Networks and Inroute Groups. The top-level folder for the Group QoS Nodes is always
labeled Bandwidth Pool.
Figure 13-27. Group Dialog Box: Viewing GQoS Nodes

iDX Release 3.5
3. Grant the desired access by right-clicking the GQoS Node and selecting the desired
options. You can either select Owned or Visible for a GQoS node. However, if you select
Visible, you cannot select any additional access rights.
Figure 13-28. Selecting VNO Permissions for GQoS Nodes
Figure 13-29 shows a Visible Bandwidth Group (Bandwidth Group 1). VNO users can view
the Bandwidth Group 1 settings but cannot change them. VNO users in this VNO cannot
see Bandwidth Group 2.
Figure 13-29. A Visible Bandwidth Group
In Figure 13-30, the VNO owns Service Group 1under Bandwidth Group 1. Therefore,
Bandwidth Group 1 (and higher nodes) are automatically set to visible for the VNO. VNO
operators in this VNO cannot see Service Group 2.
Figure 13-30. An Owned Service Group
NOTE: An HNO cannot assign Create, Write or Control access to a VNO for a
Visible Group QoS node. For a VNO user to modify or control a Group QoS node,
the VNO must own the Group QoS node.

iDX Release 3.5
4. Click OK to save the changes to the VNO User Group configuration.
13.3.4 Viewing GQoS Nodes in a VNO Session

By logging on as a VNO user, the HNO can verify that the VNO permissions have been set
correctly. Using the example from the previous section as shown in Figure 13-30, a VNO User
with the Group QoS Planning permission should be able to create subnodes (such as GQoS
Applications) under Service Group 1 in Bandwidth Group 1. However, the VNO User should
have no visibility to Service Group 2 in Bandwidth Group 1.
Figure 13-31 shows the Group QoS tab for the network when logged on as a VNO user.
Figure 13-31. VNO View of the Group QoS Tree
Notice in Figure 13-31 that the VNO user can Modify Service Group 1 or Add Applications to
it. However, since the VNO does not own Bandwidth Group 1, the VNO user cannot Insert
additional Service Groups into Bandwidth Group 1 or Delete Service Group 1 from
Bandwidth Group 1. Notice also, that the VNO user cannot see Service Group 2 in Bandwidth
Group 1 (see Figure 13-30), since the VNO was not granted visibility to Service Group 2.
NOTE: Before VNO users can add new Applications to a Service Group, the
Application must first be created and then made Visible to the VNO User Group by
the HNO administrator. This is discussed in the next section.
13.3.5 Setting VNO Permissions for QoS Profiles

This section describes how an HNO administrator can perform the following tasks:
• Make individual QoS Profiles available to a VNO User Group or hide individual QoS Profiles
from a VNO User Group. (See Managing VNO Visibility to QoS Profiles on page 415.)
• Change QoS folder permissions to allow VNO Users to create their own Upstream or
Downstream profiles. (See Allowing VNO Users to Create QoS Profiles on page 416.)
• Change permissions on individual Filter Profiles to allow VNO Users to modify those
profiles. See (Allowing VNO Write Access to Individual Filter Profiles on page 416.)

iDX Release 3.5
For details on configuring the various types of QoS Profiles, see Configuring Group QoS on
page 244.
Managing VNO Visibility to QoS Profiles

When a profile is visible to a VNO User Group, the VNO Users in that group can select the
profile when configuring QoS for their Networks or Inroute Groups. For example, if an
Application Profile is visible to a VNO User Group, the VNO users in that group can add the
Application to the VNO’s Application Service Groups. Similarly, if a Remote Profile is visible to
the VNO User Group, VNO Users can assign the Remote Profile to their remotes. QoS profiles
that are not visible to a VNO User Group do not appear in the iBuilder Tree of the VNO users.
The example in this section illustrates how to make an Application Profile visible to a VNO
User Group. You can follow similar steps for other QoS Profile types to make them available
for use by VNO User Groups.
Modify to open the Group dialog box.
2. Expand the tree in the Full View pane to view the profile you want to modify in the
Downstream or Upstream folder under the Application Profiles folder.
3. In the Full View, right-click the Profile and select Visible from the menu.
Figure 13-32. Setting VNO Visibility for a QoS Profile
In Figure 13-32, VNO 1 Downstream Profile has been set to Visible for the VNO User Group.
Notice in the User Group View that in addition to the Default and NMS Downstream Profiles,
only VNO 1 Downstream Profile is available for use by this VNO. To remove a Visible Profile
from the User Group View, re-select the Visible permission from the menu to clear the check
mark.

iDX Release 3.5
NOTE: You can also right-click the QoS profile in the iBuilder Tree and select
ModifyVNO from the menu to easily make a profile visible to multiple VNOs at
the same time. See Modifying per Node VNO Properties on page 396 for more
information.
Allowing VNO Users to Create QoS Profiles

To allow VNO users to create their own profiles, you must select the Create permission for a
VNO User Group on the Upstream or Downstream folder for a QoS profile type.
The example in this section illustrates how to allow VNO users in a particular VNO User Group
to create Upstream Remote Profiles. You can follow similar steps for other QoS Profile types
to make them available for use by VNO User Groups.
2. Expand the tree in the Full View pane to view the Upstream and Downstream folders
under the Remote Profiles folder.
3. Right-click the Upstream folder and select Create from the menu.
Figure 13-33. Enabling the Create Permission on a QoS Folder for a VNO User Group
In Figure 13-33, the image on the left shows the VNO permissions set for the Upstream
Remote Profile folder by the HNO; the image on the right shows the VNO User’s right-click
menu for the same folder. As illustrated on the right of Figure 13-33, VNO users can now add
their own Upstream Remote Profiles. Any QoS profile created by a VNO User is owned by that
VNO User Group.
Allowing VNO Write Access to Individual Filter Profiles

VNO User Groups can also be granted write permission to individual Filter Profiles owned by
the System group. To allow VNO Users to modify a Filter Profile:

iDX Release 3.5
Adding and Managing User Accounts
2. Expand the tree in the Full View pane to view the profile you want to modify in the
Downstream or Upstream folder under the Filter Profiles folder.
3. Right-click the Profile in the Full View and select Write from the menu.
Figure 13-34. Enabling the Write Permission for a QoS Profile
In Figure 13-34, the image on the left shows the VNO permissions set for the Filter Profile by
the HNO; the image on the right shows the VNO User’s right-click menu for the Filter Profile.
As illustrated on the right of Figure 13-34, VNO users can now Modify the profile.
NOTE: Write permission cannot be granted to VNO User Groups for individual
Application Profiles or Remote Profiles. To allow VNO Users to define their own
Application Profiles and/or Remote Profiles, enable the Create permission as
discussed in Allowing VNO Users to Create QoS Profiles on page 416.
13.4 Adding and Managing User Accounts

You can create and manage User Accounts from the iBuilder’s Tree. Depending on your
permission level within the NMS, you can perform the following actions:
• Add new user
• Clone an existing user and change the name and some of the properties
• Delete a user
• Modify a user’s account
• View a user’s current properties
The next few sections explain these operations in detail.
13.4.1 Adding a User and Defining User Privileges

To add a new user to a User Group, follow the procedure below.

iDX Release 3.5
1. Right-click the User Group in the iBuilder Tree and select Add User.
2. When you select Add User, the User dialog box opens.
Figure 13-35. User Dialog Box: Adding a User
3. Enter a user name and click Change Password.
4. Enter and specify an alternate, secure password for this user.
on page 17.

iDX Release 3.5
5. If you click either the Super User or Guest check box, the permissions allowed for the
user level you selected appear with check marks next to them on the User dialog box, but
they are not selectable. These permissions may vary in accordance with the type of User
Group.
6. If you clear both of the main User Level boxes (Super User and Guest), the individual
permissions detailed in Table 13-2, Custom Privileges on page 425 become selectable.
Click the boxes next to the customized functions that you want to assign to the user.
7. Click OK to save the settings for the user account. The new user is added to the iBuilder
Tree under the User Group you selected.
13.4.2 Modifying a User

To modify a user account:
1. Right-click the User Name in the iBuilder Tree and select Modify  Item.
2. When the User dialog box opens, change the settings as desired. (For details, see Adding
a User and Defining User Privileges on page 417.)
13.4.3 Adding a User by Cloning a User’s Account

To clone a user in the same User Group:
1. Right-click the User Name in the iBuilder Tree and select Clone.

iDX Release 3.5
2. A new user is added to the iBuilder Tree and the User dialog box is displayed with settings
identical to the cloned user.
Figure 13-37. User Dialog Box: Cloning a User
3. Modify the Name and Password.
on page 17.
4. If desired, change the permissions.

For a detailed description of user permissions, see User Privileges on page 424.

iDX Release 3.5
13.4.4 Viewing a User’s Account Properties

To view a user’s account properties:
1. Right-click the User Name in the iBuilder Tree.
2. Select View Properties  Item.
3. View the properties of the user account.

4. Click the Close button at the top of the dialog box to exit the pane.
13.4.5 Deleting an Existing User’s Account

To delete a user from a User Group:
1. Right-click the User Name in the iBuilder Tree and select Delete.
2. Click Yes to confirm the deletion.
13.4.6 Managing Accounts from the Active Users Pane

In addition to managing users accounts from the iBuilder Tree, you can perform some of the
same operations from the Active Users pane. In addition, the Active Users pane allows you to
view the list of operators currently logged on to iBuilder and iMonitor.
The Active Users pane is a standard Microsoft Windows “dockable” display that you can
attach to any part of iBuilder’s main window; detach into its own window; or hide altogether.
When you first open the pane, it will appear on the right side of the NMS window. The last
setting you select is saved between iBuilder sessions.
The Active Users pane(Figure 13-38) has four columns. The columns display the Name,
Permissions, Group (User Group) and Logged On status for all users defined in the system.

iDX Release 3.5
The Logged On column indicates the logon session count for that user under both iBuilder and
iMonitor. This pane is updated in real time as values change.
Figure 13-38. Active Users Pane
To open the Active Users pane, Select View  View Active Users from the main menu.
Figure 14. Opening the Active Users Pane from the View Menu
Depending on your permission level within the NMS, you can perform the following actions:
• Delete a user
• Modify a user’s account
• View a user’s current properties

iDX Release 3.5
Changing Passwords
To perform any of these actions:

1. Right-click on any user in the Active Users pane. A list of the user management options
available from this pane is displayed.
Figure 15. User Account Options from the Active Users Pane
2. Select the desired operation from the menu.

3. For details, see the section indicated below for your menu selection:
• Delete: Deleting an Existing User’s Account on page 421
• Modify: Modifying a User on page 419
• View Properties: Viewing a User’s Account Properties on page 421
13.5 Changing Passwords

You can change your own password, regardless of what authorization level you are assigned.
Super Users and users with the Manage Users permission can see and change all user
passwords.
To change your password:
1. Select File  Change Password from the Main Menu to open the Change Password dialog
box.
2. Enter your current password in Old Password.

3. Enter your New Password before the change is processed.
4. Re-enter the new password in Confirm New Password.

iDX Release 3.5
User Privileges
5. Click OK. If a default password is entered, a dialog pop-up box opens to warn the user to
change the default password.
Figure 13-2. Detected Default Password Dialog Box
NOTE: Beginning with iDX Release 3.3.5.1, iDirect introduces NMS security
enhancements to discourage the use of default password credentials after their
initial use. It is important to change the passwords for the default user names as
soon as possible.
NOTE: Changes to user accounts take place immediately, i.e. you do not have to
“apply changes” for users. However, new settings for a specific user will not take
effect until the next login under that account. If the user is logged in while you
make changes, the old settings remain in effect for the remainder of that session.
13.6 User Privileges

The NMS allows users to be assigned a predetermined set of privileges or a custom-defined set
of privileges. There are two standard user levels: Super User and Guest. Both the standard
user levels and the custom-defined user level are described in detail in this chapter.
Initially, the Super User in the System group is the only user who can set up accounts. User
Groups and users can be added or deleted, and user privileges can be added or removed at
any time. For System and VNO users, a user’s privilege level is the same for both iMonitor and
iBuilder. For example, a user cannot be a Guest in iBuilder and a Super User in iMonitor. CNO
users have access to iMonitor only.
The NMS is shipped with a Super User and a Guest account already set up in the System User
Group. The Super User can then set up additional user groups and users and assign them to
have any of the following user levels:
• Super User
• Guest
• Individually-defined User
If the Super User sets up a user as one of the standard user levels, the NMS system
automatically generates a predetermined set of privileges for that user level. (See
Table 13-1.)

iDX Release 3.5
User Privileges
If the Super User sets up a user as a custom-defined user, the Super User can assign that user
any number of privileges from a list provided in the system. (See Table 13-2.)
Table 13-1. User Types and Access Privileges
Access User Name

Account Type Access Privileges
Level Password
Pre-Programmed Super User admin Access to the NMS database and all of its
by iDirect admin components within this user group, including the
ability to configure, modify, and delete anything in
the database owned by the group, including users
and their privileges. For System Super Users, ability
to perform these operations on other User Groups
as well.
Pre-Programmed Guest guest Read-only access to the NMS database and all of its
by iDirect guest components within this user group. System Guests
can read all User Group information.
Custom Custom Defined by See Table 13-2, Custom Privileges.
Defined by Defined Super User or
Super User else the VNO
Super User
must have
Manage Users
privilege
Table 13-2 lists the various privileges that can be granted or revoked for a custom-defined
user.
Table 13-2. Custom Privileges
NMS
Privilege Name Description
Application
Database Read The most basic privilege; allows retrieval of stored configuration iBuilder,
information. This is the only privilege Guest users are granted. iMonitor
You cannot grant or revoke this privilege from iBuilder.
Change Database Allows modification of configuration information. iBuilder
Download Allows download of firmware to line cards and remote modems. iBuilder
Firmware
Apply Allows application of configuration changes to networks, hub iBuilder
Configuration lines cards, and remote modems.
Reset Modem Allows remote and line card resets. iBuilder,
iMonitor
Manage Users Allows modification of user names and passwords. iBuilder
Edit Permissions Allows modification of user permission settings. iBuilder
Upload Allows retrieval of a remote modem’s or line card’s active iBuilder
Configuration configuration.

iDX Release 3.5
User Privileges
Table 13-2. Custom Privileges (continued)
NMS
Privilege Name Description
Application
Basic Probe Allows retrieval of real-time statistics in the Probe tab. iMonitor
Advanced Probe Allows all Probe functions (reset, connect, change tx power, iMonitor
etc.).
Customize Allows access to the “Custom” tab in the Remote Modify Dialog iBuilder
Configuration Box.
Password in Clear Controls whether or not an NMS user can see remote and protocol iBuilder
Text processor passwords in clear text.
Monitor Longterm Allows monitoring of long term statistics in iMonitor. iMonitor
Statistics
GQoS Planning Allows modifications to the Group QoS configuration for iBuilder
Networks, Inroute Groups and Group Profiles.
13.6.1 Super User and Guest Level Privileges

The two basic privilege levels are Super User (all privileges) and Guest (read-only).
• The Super User access level gives the user complete access to all features of the NMS, in
both iBuilder and iMonitor, that are available to the User Group in which the Super User is
defined.
• Guest access level provides read-only access to all parts of the network in iBuilder with
no ability to change data or download images. Guest access provides most functions in
iMonitor, with the following exceptions:
• Guest-level users cannot connect to remote modems.
• Guest-level users cannot exercise functions on the Probe tab of iMonitor’s remote
control panel.
13.6.2 Super User and Guest Privileges for VNOs

A user defined in a VNO as a Super User is able to see and operate on only those network(s)
that the Super User specifies, with the following additional restrictions. VNO Super Users can
add, modify or delete all remotes within their visible nodes. Generally, they are provided with
full remote management capability on these nodes.
1. They cannot create or modify any network components in the iBuilder Tree
(Spacecraft/Carriers, remote/hub antenna components, QoS Profiles).
2. They cannot create or modify Hub RFT or Hub Chassis records.
3. They cannot perform any operations on the Teleport or Protocol Processor entries in the
iBuilder Tree.
4. From the network level in the tree, they cannot perform multicast downloads, delete
networks, or create new line cards.
5. They can modify the network record, but only to activate/deactivate remotes.
6. They cannot see or modify acquisition or uplink control parameters.

iDX Release 3.5
Simultaneous Changes to the NMS Database
7. From the hub level in the tree, they cannot perform image downloads, nor can they
create or delete line cards.
A user defined in a VNO as Guest has read-only permissions to the nodes visible to a Super
User in that the VNO.
13.7 Simultaneous Changes to the NMS Database

Beginning with iDX Release 3.0, an iBuilder user is no longer prevented from modifying the
configuration database if another iBuilder user has already opened a modify dialog box.
Therefore, multiple users can update the configuration at the same time.
In addition, iBuilder no longer requires a user to accept other users changes before modifying
the configuration. Instead, by default, the other user’s changes are automatically accepted
without notification. However, an iBuilder user can disable the auto-accept changes feature
by selecting Preferences from the Edit menu and clearing the Automatically accept
configuration changes check box. (See Accepting Changes on page 19 for details on turning
off and on the feature for automatically accepting changes.)
With auto-accept changes off, if multiple users are changing the configuration at the same
time, and one user has saved configuration changes, then each subsequent user who attempts
to save changes is informed that another user has modified the configuration. The user
attempting to save the changes then has the option of either saving the changes or canceling
the transaction.
Figure 13-3 shows the message that you will see (with auto-accept changes off) if you attempt
to save your changes after another user has changed the configuration while you have any
modify dialog box open.
Figure 13-3. Message Displayed if Another User Has Modified the Configuration
CAUTION: You will only be notified of configuration changes if you have disabled
the feature to automatically accept configuration changes discussed in Accepting
Changes on page 19.
If you choose to save changes after being alerted that another user has modified the
configuration, then the changes made by the first user may be lost if you are both modifying
the same element. For example, if you and another user are modifying the same remote,
when the other user clicks OK to save the configuration, the modifications will not be

iDX Release 3.5
Simultaneous Changes to the NMS Database
reflected in your remote modify window. Therefore, when you save the remote configuration,
the fields changed by the first user will be overwritten with their previous values. To ensure
that you are not overwriting another user’s changes, you can cancel your changes and re-open
the dialog box.
NOTE: If you attempt to save configuration changes to a network element that

has been deleted, iBuilder will not be able to save your changes. You will see an
error message stating that iBuilder failed to save the configuration.

iDX Release 3.5
14 Converting to Adaptive
TDMA
This chapter explains how to convert an Inroute Group containing a uniform set of Static
TDMA upstream carriers to Adaptive TDMA.
• Overview on page 429
• Prerequisites for Converting to Adaptive TDMA on page 429
• Converting an Inroute Group to Adaptive TDMA on page 430
• Verifying Adaptive Network Operation on page 439
14.1 Overview
Adaptive TDMA allows Inroute Groups to contain upstream carriers with different MODCODs
and symbol rates. Adaptive TDMA also supports multiple Inroute Group Compositions (IGCs)
that vary the MODCODs of individual Adaptive carriers to adjust to changing network
conditions.
After upgrading from an earlier release to a release that supports Adaptive TDMA, all TDMA
upstream carriers in each Inroute Group are set to Static and the carrier definitions from the
previous release are not changed. This chapter explains how to convert an Inroute Group
containing all Static carriers with the same MODCOD and symbol rate to an Inroute Group
containing both Adaptive and Static carriers and multiple IGCs.
This chapter assumes that iDirect’s network planning tools have been used to fully define all
aspects of the Adaptive Inroute Group. Before converting an Inroute Group, read the chapter
titled “Adaptive TDMA” in the Technical Reference Guide and Adding an Inroute Group on
page 147.
14.2 Prerequisites for Converting to Adaptive TDMA

The following information is required to convert an Inroute Group to Adaptive TDMA. This
information should be provided as part of the Adaptive Network Design.
• A complete specification of the Adaptive Inroute Group, including:
• All upstream carrier parameters for both Adaptive and Static carriers
• Acquisition parameters per upstream carrier (SuperBurst or iDirect Traditional
Acquisition)
• The MODCODs of all Adaptive carriers in each IGC

iDX Release 3.5
Converting an Inroute Group to Adaptive TDMA
• All Shared Carrier Parameters and Adaptive Parameters of the Inroute Group
• For each remote in the Inroute Group:
• Any Carrier Constraints applicable to the remote (Minimum Symbol Rate and/or
Maximum C/N)
• Maximum Link Impairment for the remote, if specified by the design
In addition to the above specifications from the network design:
• All receive line cards required to support Adaptive TDMA should be installed,
configured in iBuilder, and operational.
• The carrier assignments per receive line card should be pre-determined.
• Line card model types, receive modes, and licensing must be correct for all receive
line cards that will receive Adaptive carriers.
• Line card model types and receive modes must be compatible with SuperBurst for line
cards that will receive carriers with SuperBurst acquisition enabled.
14.3 Converting an Inroute Group to Adaptive TDMA

This section documents one method for converting an existing Inroute Group of Static
upstream carriers to use Adaptive TDMA.
One goal of this procedure is to allow the remotes in the Inroute Group to remain operational
while the carrier definitions are changed to match the Adaptive Inroute Group definition. This
is accomplished by defining new TDMA carriers in iBuilder that match the Adaptive TDMA
design and systematically replacing the old carriers in the Inroute Group with the newly-
defined carriers.
14.3.1 Assumptions
This procedure assumes that:
• The new Inroute Group configuration has been completely specified using iDirect’s
network planning tools.
• The total occupied bandwidth of the Inroute Group has not changed.
• All line cards are installed, operational and capable of receiving the specified carriers.
• The reference carrier parameters, maximum power and initial power are set correctly for
remotes in the Inroute Group.
NOTE: A remote’s reference carrier parameters (including the TDMA Initial

Power) should not need to be adjusted if they have been correctly set for the
existing Inroute Group. The remote will adjust the initial power automatically if
acquiring on an inroute that does not match the reference carrier configuration.
14.3.2 Configure Adaptive Parameters for Individual Remotes

When using Adaptive TDMA, a specific remote in an Inroute Group may not be able to transmit
on all upstream carriers. Also, the range of MODCODs on which the remote can transmit may
be limited. These carrier constraints for individual remotes are determined during network
design.

iDX Release 3.5
Carrier constraints for remotes should be configured before changing the carriers to avoid
switching a remote to an inappropriate carrier.
The following iBuilder remote settings affect how an individual remote behaves when using
Adaptive TDMA:
• Carrier Constraints limit the minimum symbol rate of the remote’s upstream carrier and
the maximum C/N at which the remote’s bursts are allowed to be received. A remote will
not be assigned TDMA slots on upstream carriers that violate either of these constraints.
• Maximum Link Impairment affects how a fading remote affects the Inroute Group
Composition selection algorithm.
NOTE: For more information, see Adaptive Parameters on page 196.
Configure the adaptive parameters for an individual remote in the Adaptive Parameters area
of the Remote QoS tab as follows:
1. If a Maximum Link Impairment is specified by the network design for the remote:
a. Select Enable.
b. Enter the Maximum Link Impairment in dB.
2. Configure any Carrier Constraints specified by the network design:
a. Enter the Minimum Symbol Rate for carriers on which the remote can transmit.
b. Enter the Maximum C/N for the remote.
Figure 14-1. Configuring the Adaptive Parameters for a Remote

4. Right-click the remote in the iBuilder tree and apply the hub-side changes.
14.3.3 Add the New TDMA Upstream Carriers

Before making any changes to the Inroute Group, use iBuilder to configure the TDMA
Upstream Carriers required by the new network design. The procedure for adding a new TDMA
Upstream Carrier in iBuilder is documented in Adding TDMA Upstream Carriers on page 79.
Configure a new carrier as follows:
1. For Adaptive carriers, select Adaptive for Modulation. For Static carriers, select the
Modulation specified by the network design.

iDX Release 3.5
Figure 14-2. Configuring an Upstream TDMA Carrier as Adaptive
2. Ensure that the payload block size is the same for all carriers (Adaptive or Static) and that
the selection agrees with the network design. For Adaptive carriers, select the correct
block size in the Payload Size field. For Static carriers, select the correct FEC rate and
block size in the Error Correction field.
Figure 14-3. Selecting the Payload Block Size for Adaptive and Static Carriers
3. In the Timeplan Parameters area, select Enable Superburst to use Superburst

acquisition on the carrier. Clear the Enable Superburst check box to use traditional
acquisition bursts on the carrier.
Figure 14-4. Enabling Superburst for TDMA Upstream Carrier
NOTE: Only Multichannel Line Cards and Receive-Only eM1D1 Line Cards can
receive Superbursts. Do not enable Superburst unless the receive line card to
which this carrier will be assigned supports it. For more information, see the
“Remote Acquisition” chapter of the Technical Reference Guide.
NOTE: All upstream carriers received by a multichannel line card must be

configured for the same type of acquisition. Superbursts and traditional
acquisition bursts cannot be received simultaneously by the same line card.
Multichannel line cards that receive more than eight carriers cannot use
Superburst.

iDX Release 3.5
14.3.4 Update Inroute Group Composition 1

During the upgrade from an earlier release to a release that supports Adaptive TDMA, a single
Inroute Group Composition (IGC 1) is automatically created for each Inroute Group. After the
upgrade, the carrier definitions of the inroutes in IGC 1 are identical to the carriers defined
for the Inroute Group in the earlier release. All carriers in IGC 1 are Static carriers with the
same symbol rate and MODCOD.
This procedure replaces the Static, uniform carriers in IGC 1 with the new carriers specified
during network design and configured in the previous section. The goal is to maintain an
operational subset of inroutes throughout the process of converting IGC 1 to Adaptive TDMA.
The IGC definition from the network design selected to replace the existing IGC 1 should allow
the Inroute Group to operate efficiently under normal network conditions.
After re-designing the Inroute Group for Adaptive TDMA, the new carrier definitions may have
varying symbol rates and different center frequencies. This procedure assumes that the total
occupied bandwidth of the Inroute Group has not changed. However, even though the Inroute
Group may occupy the same total satellite bandwidth, the occupied bandwidth of the
individual new carriers may not match the old carriers.
CAUTION: Since the occupied bandwidth per carrier of the new inroutes may
differ from that of the existing inroutes, ensure that the entire carrier frequency
space (including guard band) is available before assigning each new carrier to the
Inroute Group. In some cases, this may require removing multiple carriers from
the Inroute Group and line card(s) before adding the new carrier.
NOTE: The steps in this section assume that all receive line cards are installed,
correctly configured, and operational.
Systematically replace the existing carriers in IGC 1 of the Inroute Group with the new
carriers as follows:
1. Select one or more existing carriers that can be replaced by a new carrier. Ensure that
replacing the old carrier(s) with the new carrier does not result in interference with other
existing carriers.
2. On the iBuilder Inroute Group Information tab, select the carrier(s) to be removed and
click Remove. (See Adding an Inroute Group on page 147 for more information.)

iDX Release 3.5
Figure 14-5. Removing Existing Carriers from an Inroute Group
3. On the Line Cards Information tab, replace the existing carrier(s) from receive line card(s)
with the new carrier.
NOTE: If the new carrier is an Adaptive carrier, it must be assigned to a

multichannel line card or to an Evolution eM1D1 in Single Channel TDMA
(Adaptive) Receive Mode.
Replace a receive carrier on a single channel line card as follows:
a. Click the arrow in the Carrier Name field under Receive Properties.
b. Select the new carrier from the drop-down menu.
Figure 14-6. Replacing an Upstream Carrier on a Single Channel Line Card
Replace receive carriers on a multichannel line card as follows:

a. Click Configure Carriers under Receive Properties.
Figure 14-7. Selecting Configure Carriers on a Multichannel Line Card

iDX Release 3.5
In the Select Carriers dialog box:

b. Clear the check box of the old upstream carrier(s). (See Figure 14-8 on the left.)
c. Select the check box of the new upstream carrier. (See Figure 14-8 on the right.)
Figure 14-8 illustrates replacing two carriers (Carriers 20 and 21) with a new carrier
(Carrier 13) on a multichannel line card.
Figure 14-8. Replacing Upstream Carriers on a Multichannel Line Card
d. Click OK to return to the Line Card Information tab.

e. Click OK to save the line card configuration.
4. On the Inroute Group Information tab:
a. Click Add in the Line Cards area of the Information tab.
b. Select the new carrier from the list of carriers.
c. Click OK to assign the new carrier to the Inroute Group.
Figure 14-9. . Assigning the New Upstream Carrier to the Inroute Group

iDX Release 3.5
5. If this carrier is an Adaptive carrier:

a. Click Edit IGC and select IGC #1.
b. Select the MODCOD for this carrier in this IGC as specified by the network design.
Figure 14-10. Changing the MODCOD of an Adaptive Carrier for an IGC
c. Click OK to save the IGC configuration.

6. Click OK to save the Inroute Group configuration.
7. Apply all pending changes to the network, line cards and remotes.
8. Repeat Step 1 through Step 7 until all the old carriers have been replaced with the new
carriers and all Adaptive carriers have the correct MODCODs for IGC 1.
14.3.5 Verify Network Performance Using IGC 1

At this point, the Inroute Group has a single IGC (IGC 1) configured to match one IGC in the
network design. The inroute group is only adaptive in so far as the carriers no longer have the
same symbol rates and MODCODs and constraints may have been imposed on some remotes
that limit the set of carriers on which they can transmit.
Before proceeding, monitor the performance of this IGC to ensure acceptable network
operation before configuring the remaining IGCs. In addition to normal network checks and
monitoring for network conditions, iMonitor provides graphs and statistics specific to
upstream performance. For details, see the iMonitor User Guide.
14.3.6 Configure the Remaining IGCs

Configure the remaining IGCs as follows:
1. On the Inroute Group Information tab, update the Adaptive Parameters (Figure 14-11) to
match the network design. (See Adding an Inroute Group on page 147.)

iDX Release 3.5
Figure 14-11. Setting the Adaptive Parameters of an Inroute Group
2. For each remaining IGC specified by the network design:

a. Click Add IGC and select the next IGC number.
b. Click Edit IGC and select the new IGC number.
Figure 14-12. Adding an IGC
c. Select the MODCOD for each Adaptive carrier as specified for this IGC.
Figure 14-13. Configuring Adaptive MODCODs for Remaining IGCs
d. Click OK to save the IGC configuration.

3. On the Uplink Control tab of the Inroute Group, ensure that all Adaptive Parameters
match the network design.

iDX Release 3.5
Figure 14-14. Configuring Adaptive UCP Parameters
4. Click OK to save the Inroute Group configuration.

5. Apply all pending changes to the network, line cards and remotes.

iDX Release 3.5
Verifying Adaptive Network Operation
14.4 Verifying Adaptive Network Operation

This section provides suggestions for verifying network operation when using Adaptive TDMA.
14.4.1 Verify Remote TDMA Initial Power

A remote’s TDMA Initial Power is the power with relation to the reference carrier at which the
remote transmits acquisition bursts. Once the remote joins the network, the remote’s power
is controlled by the UCP process running on the protocol processor. A remote with TDMA Initial
Power set too high may cause interference when attempting to join the network. A remote
with TDMA Initial Power set too low may be unable to join the network during a fade.
The recommended procedure for setting a remote’s TDMA Initial Power is contained in the
iDirect Satellite Router Installation and Commissioning Guide. iDirect recommends checking
the TDMA Initial Power settings and correcting them as required.
In clear sky conditions, use the iMonitor Probe to check the configured TDMA Initial Power and
remote transmit power in relation to the reference carrier. Verify that the margins match the
margins specified in the network design for acquisition bursts. If the settings do not match the
design, adjust the remote TDMA Initial Power in iBuilder.
Figure 14-15 shows the related sections of the iMonitor Probe and the iBuilder Remote
Information tab. In the figure, the remote is in the network and is currently transmitting to
the receive line card at -21.78 dBm with respect to the configured reference carrier. The
remote is configured to send acquisition bursts at -20 dBm when trying to acquire on a carrier
that matches the reference carrier. When acquiring on a carrier with a different
configuration, the remote automatically adjusts the transmit power of the acquisition burst
such that it is received by the hub at the correct C/N0.
Figure 14-15. Checking the Remote TDMA Initial Power
14.4.2 Verify Remote TDMA Maximum Power

A remote’s TDMA Maximum Power is the maximum power at which a remote is allowed to
transmit. This value is determined during remote commissioning and configured in iBuilder.
When using Adaptive TDMA, it is critical to set the TDMA Maximum Power correctly because of
the small operational margins and the need for remotes to vary their transmit powers as they
move between carriers with different power requirements.
If TDMA Maximum Power is set too low, the remote may never be assigned bandwidth on the
upstream carrier that it should use predominantly in clear sky conditions. If TDMA Maximum

iDX Release 3.5
Power is set too high, the remote may cause interference on upstream carriers during
operation. If either condition is observed, re-execute the procedure for determining the
correct TDMA Maximum Power and update the configuration in iBuilder.
The procedure for determining the TDMA Maximum Power is contained in the iDirect Satellite
Router Installation and Commissioning Guide. That procedure uses iSite or Web iSite and
assumes that the installer is present at the remote site. However, the iMonitor Probe can also
be used to execute the same general procedure since it provides similar capabilities for
transmitting a test carrier and adjusting the remote transmit power. Steps for using the
iMonitor Probe are contained in the iMonitor User Guide.
Figure 14-16 shows the section of the iMonitor Probe used to command the remote to transmit
a test carrier.
Figure 14-16. Checking and Modifying the Remote TDMA Maximum Power
14.4.3 Monitor Adaptive TDMA Performance

All of the iMonitor tools discussed in Verify Network Performance Using IGC 1 on page 436 can
be used to check performance of the fully-adaptive inroute group.
In addition:
• Use the Inroute Group Composition Usage display to look for discrepancies between actual
and expected usage of the IGCs configured for the inroute group. Verify that the usage
percentages correspond approximately to the predictions from the network design.
• The Inroute Group Composition Usage display also shows a time line graph of IGC usage.
The selected IGC should correspond to network conditions as predicted by the network
design. Adaptive Parameters for the Inroute Group can be adjusted in iBuilder to change
the behavior of the IGC selection algorithm.

iDX Release 3.5
• Assuming there is sufficient demand, use the Timeplan display to verify that slots are
being allocated efficiently on most or all carriers. Keep in mind that fade conditions and
constraints on individual remotes can affect bandwidth allocation.
• In addition to total capacity versus allocated slots, the Timeplan display shows a time line
graph of IGC usage. This shows how the capacity and slot allocations change when a new
IGC is selected.
• Use the Upstream C/N0 and Thresholds display to verify that the individual remotes
operate near the thresholds of the various carriers in the different IGCs. The Upstream
C/N0 and Thresholds display also shows the remote’s current nominal carrier. This should
correspond to the predictions from the network design for the current conditions. For
example, if in clear sky conditions the remote’s nominal carrier does not match the
design, the remote’s TDMA Maximum Power may be set too low or incorrect constraints
may be configured for the remote.
For further details, see the iMonitor User Guide, iBuilder User Guide, and Technical
Reference Guide.
14.4.4 Carrier Grooming

The Carrier Grooming mode prevents remotes from hopping carriers and isolates the remotes
in the inroute group to one carrier for troubleshooting purposes.
By default, the protocol processor operates in the frequency hopping mode. In this mode, a
remote is assigned time slots on all available carriers that are possible based on current link
budget, remote terminal capabilities, and regulatory constraints. The frequency hopping
mode results in an optimal usage of carriers. However, these multiple carriers make
troubleshooting carrier interference difficult and time consuming.
In Carrier Grooming mode, the protocol processor assigns a suitable carrier to each remote
and ensures that time slots for the remotes are allocated based on assigned grooming carriers
only.
This simplifies troubleshooting by preventing remotes from switching/hopping carriers and
allows a binary search to be done to find problem remotes.
Operation
When Carrier Grooming mode is first enabled, a list of suitable carriers is made and a remote
is randomly assigned to one of the carriers. The randomly chosen carrier is referred to as the
grooming carrier. The remote uses this grooming carrier until:
• The remote falls out of network and acquires back into network; another carrier is
chosen randomly.
• The grooming carrier is deleted or the line card servicing the remote stops working;
another carrier is chosen randomly.
• Carrier grooming is disabled because the user intends to return to frequency hopping
mode.
A user can also select a specific grooming carrier for a remote instead of using a randomly
assigned grooming carrier.

iDX Release 3.5
Enabling and Disabling Carrier Grooming

Carrier grooming is initiated at the Inroute Group Information tab as follows:
1. Under Selection Algorithm, click the Enable Fixed IGC check box.
Checking Enable Fixed IGC enables the Carrier Grooming (Debug Mode) check box.
2. Click the Carrier Grooming (Debug Mode) check box.
This opens pop-up box shown below.
Figure 14-17. Clicking the Carrier Grooming (Debug Mode) Check Box
3. Click OK at the pop-up box to enable the Carrier Grooming mode.

Each remote is now randomly assigned a carrier to act as a grooming carrier. The field is
displayed in the remote status.
Clicking the Carrier Grooming (Debug Mode) check box also enables the Lock to Inroute
check box at the Transmit Properties section of Remote Information tab.

iDX Release 3.5
Figure 14-18. Lock to Inroute for Carrier Grooming
4. Click the Lock to Inroute check box to lock a remote to a specific carrier selected at the
adjacent pull-down menu.
Click Details to view information about the selected carrier at the Upstream Carrier -
TDMA window. For information about the information shown at this window, see Adding
TDMA Upstream Carriers on page 79.
5. To exit Carrier Grooming mode and return to frequency hopping mode, uncheck the
Carrier Grooming (Debug Mode) check box. This opens the following dialog box.
Figure 14-19. Unlock the Remotes? Dialog Box
• Selecting No maintains the Carrier Grooming mode.

• Selecting Yes turns Carrier Grooming mode off, disables the Show Lock to Inroute check
box at the Remote Information tab, and regenerates the hub side options files.
At this point, it is necessary to apply the changes to the network.
6. Select the network in which the remote resides, right-click the network, and then select
Apply Configuration.

iDX Release 3.5

iDX Release 3.5
15 Converting a Network to
TRANSEC
Transmission Security (TRANSEC) prevents an adversary from exploiting information available

in a communications channel without necessarily having defeated the encryption inherent in
the channel. Even if wireless transmission encryption is not compromised, by using basic
signal processing techniques taken from wireless transmission acoustics, information such as
timing and traffic volumes can be determined. This information could provide someone
monitoring the network a variety of information on unit activity.
iDirect achieves full TRANSEC compliance by presenting to an adversary eavesdropping on the
RF link a constant “wall” of fixed-size, strongly-encrypted (AES, 256 bit Key) traffic segments,
the frequency of which does not vary in response to network utilization. For a detailed
technical description of iDirect’s TRANSEC feature, see the iDirect Technical Reference
Guide.
This chapter explains how to convert an existing iDirect network to use the TRANSEC feature.
Before converting to TRANSEC, all hardware in the network must be TRANSEC-compatible. In
addition, all TRANSEC line cards and Protocol Processor blades must be licensed by iDirect to
use the TRANSEC feature. If your blades are not licensed to use TRANSEC, contact the iDirect
Technical Assistance Center (TAC).
• TRANSEC Hardware Requirements on page 446
• TRANSEC Host Certification on page 446
• Reconfiguring the Network for TRANSEC on page 447
• Configuring the Initial ACC Keys on the Remotes on page 450
• Changing from TRANSEC to Non-TRANSEC on page 450
NOTE: A TRANSEC downstream carrier must be configured to simulate CCM; i.e.,

the Maximum MODCOD must equal the Minimum MODCOD. See Adding
Downstream Carriers on page 77 for details.
NOTE: A remote requires the current Network Acquisition Key (ACC Key) in
addition to an X.509 certificate to join a TRANSEC network. The initial ACC Keys
must be manually configured on the remote using a console command as part of
this procedure.

iDX Release 3.5
TRANSEC Hardware Requirements
NOTE: Time synchronization of server machines is essential for TRANSEC

networks. iDirect highly recommends that you use NTP to synchronize the time
among all NMS servers, Protocol Processor Blade servers and GKD servers in your
TRANSEC networks.
15.1 TRANSEC Hardware Requirements

All line cards and remote model types under a TRANSEC Protocol Processor must be TRANSEC-
compatible. If you attempt to convert a Protocol Processor to TRANSEC which has non-
TRANSEC elements in its sub-tree, iBuilder will disallow the conversion and generate an error
message. Therefore you must ensure that all installed model types support TRANSEC and are
correctly configured in iBuilder.
The following iDirect model types support TRANSEC:
• Evolution DLC line cards (DLC-T and DLC-R)
• Evolution eM1D1 line cards
• Evolution eM0DM line cards
• Evolution e8350 remotes
• Evolution 9-Series remotes (900, 950mp, 9350)
• iConnex e800, e800mp, e850mp remotes
NOTE: Evolution eM1D1 and eM0DM line cards must be licensed to operate in a
TRANSEC network. (See Managing NMS Licenses on page 60.) In addition, Protocol
Processor blades must be licensed for TRANSEC. For complete details on
requesting and installing iDirect licenses, see the iDirect Features and Chassis
Licensing Guide.
NOTE: TRANSEC is not supported on SCPC upstream carriers. Therefore, Evolution

eM1D1 or eM0DM line cards in SCPC receive mode cannot be part of a TRANSEC
network.
15.2 TRANSEC Host Certification

All hosts in an iDirect TRANSEC network must have X.509 certificates issued by the iDirect
Certificate Authority (CA) Foundry. Hosts include NMS Servers, Protocol Processor blades,
TRANSEC line cards, TRANSEC remotes, and GKD Servers. Since uncertified remotes will not
be allowed to join the network, issue the certificates before converting the network to
TRANSEC.
Follow this procedure to issue X.509 certificates to your TRANSEC hosts:
1. Follow the procedure in Accessing the CA Foundry on page 467 to log on to your NMS
Server and execute the CA Foundry.
2. If you have not created your Certificate Authority (CA), do so by following the procedure
in Creating a Certificate Authority on page 469.
3. Follow the procedure in Logging On to a Certificate Authority on page 470 to log on to
your CA.

iDX Release 3.5
Reconfiguring the Network for TRANSEC
4. Following the procedure in Certifying a Host on page 473, connect to each host in your
network and issue an X.509 certificate to the host from your CA. Issue certificates in the
following order:
a. Issue a certificate to each NMS Server.
b. Issue a certificate to each Protocol Processor blade in the sub-tree of the Protocol
Processor.
NOTE: After you issue a certificate to a Protocol Processor blade, you must
restart the iDirect service before it will take effect. After issuing the certificate,
log on to the root account of the blade and enter the command service
idirect_hpb restart.
c. Issue a certificate to each line card in the sub-tree of the Protocol Processor.
d. Issue a certificate to each remote in the sub-tree of the Protocol Processor.
Figure 15-1 illustrates a single TRANSEC sub-tree in the iBuilder Tree with one blade, one line
card and two remotes. All of those network elements, plus the NMS Servers, should be
certified before you convert to TRANSEC.
Figure 15-1. Elements of a TRANSEC Network
NOTE: Although it is more convenient and secure to certify your remotes before
TRANSEC is enabled, there may be times when you are required to certify a non-
TRANSEC remote over the air in an existing TRANSEC network. For details on how
to accomplish this, see Bringing an Unauthorized Remote into a TRANSEC
Network on page 471.
15.3 Reconfiguring the Network for TRANSEC

If you have not yet licensed your Protocol Processor blades and your eM1D1 line cards for
TRANSEC, contact the TAC to request your licenses. You cannot configure a TRANSEC network
until these licenses have been installed on your system. For more information, see Managing
NMS Licenses on page 60 and the iDirect Features and Chassis Licensing Guide available on
the TAC Web site.
CAUTION: Once you have converted your network to TRANSEC and applied the
changes, all remotes will be “out of network” until the current Network
Acquisition Key is configured on the remotes. This requires local access to each
remote.
Once you have ensured that all hardware is TRANSEC-compatible, all licenses are in place,
and you have issued certificates to all X.509 hosts, follow these steps to convert your network
to TRANSEC:

iDX Release 3.5
1. Ensure that the Minimum MODCOD and Maximum MODCOD of the DVB-S2 downstream
carrier are set to the same value. (See Adding Downstream Carriers on page 77.)
2. Ensure that Superburst acquisition is not enabled for any TDMA upstream carriers.
Superburst is not supported in TRANSEC networks.
3. Right-click the Protocol Processor in the iBuilder Tree and select ModifyItem.
The Protocol Processor dialog box opens with the Information tab selected.
Figure 15-2. Enabling TRANSEC for an Existing Network
4. Select TRANSEC Enabled.

5. Click OK to save the change. This will cause all elements under the Protocol Processor to
display pending changes in the iBuilder Tree.
6. For each network under the TRANSEC Protocol Processor, right-click the network icon and
select Apply ConfigurationMultiple to display the Automated Configuration
Downloader dialog box.

iDX Release 3.5
Figure 15-3. Automated Configuration Downloader Dialog Box
7. In the Automated Configuration Downloader dialog box, select the following options:
a. In the Remotes area of the dialog box:
• Select all remotes.
• Under Target, select Both.
• Under Protocol, select Reliable (TCP).
• Under Reset, select Reset on Success.
b. In the Line Cards area of the dialog box:
• Select all line cards with Status of Changes Pending.
• Under Protocol, select Reliable (TCP).
• Under Reset, select Reset on Success.
c. In the Network area of the dialog box, select your network.
8. Click the Start button to apply the changes to your network.
9. Repeat Step 6 through Step 8 for any remaining networks under your TRANSEC Protocol
Processor.
10. Right-click the Protocol Processor in the iBuilder Tree and select ApplyConfiguration.
11. In the confirmation dialog box, click Yes to confirm the change.
12. Configure the current ACC Keys on all remotes. (See the next section for details.)

iDX Release 3.5
Configuring the Initial ACC Keys on the Remotes
15.4 Configuring the Initial ACC Keys on the Remotes

A remote cannot acquire a TRANSEC outbound carrier until the current Network Acquisition
Keys (ACC Keys) have been manually configured on the remote. Therefore, after applying the
changes to your network, all remotes will be “out of network.” Follow the steps in
Configuring the ACC Key on a Remote on page 477 to determine the current ACC Key and to
configure the key on each remote in your network. Once a remote has the correct ACC Key, it
can join the TRANSEC network.
15.5 Changing from TRANSEC to Non-TRANSEC

By design, a remote that was in a TRANSEC network cannot join a non-TRANSEC network until
all secure data is removed from the remote by entering a remote console command.
Executing the console command removes all encryption keys, X.509 certificates, and the
remote options file from the remote modem.
When you remove the secure data from the remote, the iDirect application running on the
remote stops immediately and the remote loses the TRANSEC network. To bring the remote
into the non-TRANSEC network, you must locally install the remote’s new options file for the
non-TRANSEC network.
NOTE: This procedure requires physical access to the remote modem. It cannot
be performed from the NMS.
Before the local procedure in this section is executed at the remote site, the network
operator should perform the following steps while the remote is still in the TRANSEC network:
1. In iBuilder, move the remote to the non-TRANSEC network to generate the new remote
options file.
CAUTION: Do not apply the remote-side changes in iBuilder to move the remote
to the non-TRANSEC network until the secure data has been removed from the
remote. The remote must be in the TRANSEC network to remove the secure data.
2. Supply the non-TRANSEC remote options file to the on-site personnel who will remove the
secure data from the remote.
3. Follow the procedure in Revoking a Remote’s Certificate on page 474 to invalidate the
remote’s X.509 certificate.
The remaining steps in this section require physical access to the remote modem. The
procedure assumes that you have all of the following items available locally:
• A copy of the new (non-TRANSEC) options file
• A console connection to the remote modem
• Ethernet connectivity to the remote modem through the LAN port
• A secure copy client such as WinSCP installed on your laptop
Follow these steps to remove the secure data from the TRANSEC remote and to re-configure
the remote for the non-TRANSEC network:
1. Open a console session to the remote modem and log on to the root account of the
remote.

iDX Release 3.5
Changing from TRANSEC to Non-TRANSEC

telnet localhost
3. At the Username prompt, log on to the admin account.
4. At the command line prompt, enter the command:
csp enable
5. Enter the following command to remove all secure data:
zeroize all
At this point the main falcon application process will stop. However, falcon_monitor will
still be running.
6. Enter the following command to stop falcon_monitor. This prevents the remote from
automatically rebooting.
service idirect_falcon stop
7. Using WinSCP (or another secure client application), copy the non-TRANSEC options file to
the following path and file name on the remote modem:
/etc/idirect/falcon/falcon.opt
8. Enter the following command from the console session to reboot the remote:
reboot
The remote is now configured to join the non-TRANSEC network.

iDX Release 3.5
Changing from TRANSEC to Non-TRANSEC

iDX Release 3.5
Appendix A Configuring a
Distributed NMS Server
The NMS server processes can be distributed across multiple NMS server machines. The
primary benefits of machine distribution are improved server performance and better use of
disk space.
iDirect recommends a distributed NMS server configuration once the number of remotes being
controlled by a single NMS exceeds approximately 800.
A.1 Prerequisites
The prerequisites for setting up a Distributed NMS are:
• Four NMS servers, each installed with the same version of NMS software. Three of these
servers run various services and the fourth is a backup server. Existing systems with a
single Primary NMS server and a single Backup NMS server require two additional NMS
servers installed with the same version of software as the current Primary NMS.
NOTE: For information on setting up a Backup NMS server, see the iDirect
Technical Note “NMS Redundancy and Failover.”
• IP addresses for all additional NMS servers must be on the same subnet as the Primary and
Backup servers. These servers are on the upstream side. IP connectivity between all
servers is required.
• The MySQL database passwords must be identical on all NMS server machines of a
Distributed NMS. If the MySQL database passwords on the existing NMS server have been
changed from the default passwords, use the dbPasswd command to configure the same
passwords on the remaining servers.
• For NMS servers with private IP addresses that require external access for running iBuilder
and iMonitor, there are two options: configure a VPN system to allow access to the
servers; or NAT the private addresses to the public addresses and run the iDirect-provided
script on every client PC that will run iBuilder and iMonitor clients. See Running the NAT
Script on page 462 for the script.
A.2 Distributed NMS Server Architecture

The distributed NMS architecture matches the NMS server processes to server machines by
assigning groups of processes to individual machines. Server configuration is performed one
time using a special script distributed with the nms_servers installation package. Once

iDX Release 3.5
Logging On to iBuilder and iMonitor
configured, the distribution of server processes across machines remains unchanged unless
reconfigured. This is true even when upgrading to a new release.
The standard distribution scheme is shown in Figure A-1.
Figure A-1. Sample Distributed NMS Configuration
This configuration has the following process distribution for the main processes:
• NMS Server 1 (Primary) runs the configuration server (nmssvr) and MySql, the chassis
manager server (cmsrv), and the Protocol Processor controller process.
• NMS Server 2 (Auxiliary) runs only the Statistics server (nrdsvr).
• NMS Server 3 (Auxiliary) runs the Event server (evtsvr) and the Latency Server (latsvr).
The latsvr is not shown in Figure A-1.
NOTE: Not all distributed configurations are supported. For non-standard

configurations, contact the TAC.
A.3 Logging On to iBuilder and iMonitor

From the iBuilder or iMonitor user perspective, a distributed NMS server functions identically
to a single NMS server. Users provide a user name, password, and the IP address or Host Name
of the NMS configuration server to log in. On a DNMS, the configuration server stores the

iDX Release 3.5
Setting Up a Distributed NMS
location of all other NMS servers and provides this information to the iBuilder or iMonitor
client. Using this information, the client automatically establishes connections to the server
processes on the correct machines.
A.4 Setting Up a Distributed NMS

Setting up a distributed NMS requires the following:
• The setup script requires a data input file containing the IP addresses of all NMS servers
that will comprise the DNMS.
• X.509 certificates must be installed on all DNMS servers for the servers to communicate
during the setup procedure.
• The service idirect_nms_config must be running on all servers in order to run the setup
script. This service is also required when running scripts to manage the DNMS. This service
supports the following commands:
service idirect_nms_config status
service idirect_nms_config start
service idirect_nms_config stop
service idirect_nms_config restart
The script NMS-configuration-client.pl is executed on NMS 1 to configure a DNMS. The script
reads a data file containing the IP addresses of all the NMS server machines and then prompts
for the assignments of NMS processes to servers. After restarting the NMS services on all
servers, the DNMS becomes operational. The procedure in this section assumes that NMS
servers 1, 2, and 3 are installed as primary and NMS server 4 is installed as backup.
NOTE: The NMS server processes must be stopped briefly when setting up a
distributed NMS for an operational network.
NOTE: Step 7 and Step 8 of the following procedure are only required to retain
the historical statistics and events data in the NRD archive. If this is not required,
skip these steps.
To set up a Distributed NMS:

1. Log on to NMS 2 as root.
2. Execute the following commands to create the X.509 certificate:
cd /home/nms/utils/db_maint/
mkdir certs
cd certs
openssl req -x509 -nodes -newkey rsa:2048 -out cacert.pem
-outform PEM -days 1825 -keyout privkey.pem
3. Answer the prompts, or press Enter to accept the defaults.
4. Stop the NMS processes on the server by entering the following command:

iDX Release 3.5
5. Start the idirect_nms_config service by entering the following command:

6. Repeat Step 1 through Step 5 and on NMS 3.
7. To retain the NRD archive database, copy the database from NMS 1 to NMS 2 as follows:
a. Log on to NMS 2 as root.
b. On NMS 2, create a temporary directory for the database:
mkdir /var/tmpdb/
c. Grant access to new directory:
chmod 777 /var/tmpdb/
d. Log on to NMS 1 as root.
e. Change to the NRD Archive directory on NMS 1:
cd /var/lib/mysql/nrd_archive
f. On NMS 1, copy the database to the temporary directory on NMS 2:
scp * idirect@x.x.x.x:/var/tmpdb/
Where x.x.x.x represents the IP address of NMS 2.
g. On NMS 2, enter the following commands to move the NRD database files to the
correct directory and delete the temporary directory.
cd /var/lib/mysql/nrd_archive
rm -rf *.*
cd
mv /var/tmpdb/* /var/lib/mysql/nrd_archive/
chown -R mysql:mysql /var/lib/mysql/nrd_archive
rmdir /var/tmpdb/
8. Repeat all actions in Step 7 on NMS 3.
10. Execute the following commands to create the X.509 certificate:
mkdir certs
cd certs
openssl req -x509 -nodes -newkey rsa:2048 -out cacert.pem
-outform PEM -days 1825 -keyout privkey.pem
11. Answer the prompts, or press Enter to accept the defaults.
12. Return to the /home/nms/utils/db_maint/ directory:
13. In /home/nms/utils/db_maint/, create a data file named dnms_server_ip_list.cfg
listing the IP addresses of all NMS servers in order, beginning with NMS 1. Follow the
format in this example.

iDX Release 3.5
# list of NMS Server IP Addresses

192.168.76.82
192.168.76.80
192.168.76.65
NOTE: The following steps must be performed during a maintenance window. NMS
downtime will occur.
14. Stop the NMS services on NMS 1 by entering the following command:
15. Start the idirect_nms_config service on NMS 1 by entering the following command:
16. Run the DNMS conversion script by entering the following command:
/home/nms/utils/db_maint/NMS-configuration-client.pl
The DNMS conversion script prompts to select which processes will run on which servers. In a
standard configuration, nmssvr, nms_monitor, cmsvr, cntrl, revsvr, and snmpsvr run on
NMS 1; sbcsvr and nrdsvr runs on NMS 2; and the evtsvr and the latsvr run on NMS 3.
17. Enter the number of the respective NMS when prompted. Sample output containing the
prompts and resulting server assignments is shown below.
NOTE: If this NMS shares the Chassis Manager Server of an external NMS that is
not part of this DNMS, enter a 0 when prompted for the CM Server to skip that IP
address. The procedure to point a configuration server to an external CM Server is
described in Sharing the Chassis Manager Server on page 323.
===========================================================
List of IPs, where NMS installation was presented:
===========================================================
( 0) skip assignment
( 1) 192.168.76.82
( 2) 192.168.76.80
( 3) 192.168.76.65
NMS Config Client >>> Please enter index for MySql server
(use number in parentheses above)
1
NMS Config Client >>> Server MySql assigned to IP address
192.168.76.82
NMS Config Client >>> Please enter index for CFG server
1
NMS Config Client >>> Server CFG assigned to IP address
192.168.76.82
NMS Config Client >>> Please enter index for EVT server
3

iDX Release 3.5
Regenerating the Options Files
NMS Config Client >>> Server EVT assigned to IP address

192.168.76.80
NMS Config Client >>> Please enter index for NRD server
2
NMS Config Client >>> Server NRD assigned to IP address
192.168.76.80
NMS Config Client >>> Please enter index for LAT server
3
NMS Config Client >>> Server LAT assigned to IP address
192.168.76.65
NMS Config Client >>> Please enter index for SBC server
(use number in parentheses above or 0 to skip a server.)
1
<<<<<<<inputline : 1
NMS Config Client >>> Server SBC assigned to IP address
192.168.76.65
NMS Config Client >>> Please enter index for OSS server
1
NMS Config Client >>> Server OSS assigned to IP address
192.168.76.82
NMS Config Client >>> Please enter index for SKY server
0
NMS Config Client >>> Please enter index for CM server
1
NMS Config Client >>> Server CM assigned to IP address
192.168.76.82
NMS Config Client >>> storing to NMS table ServerConfiguration
18. Stop the idirect_nms_config service on NMS 1:
19. Start the NMS services on NMS 1:
20. Repeat Step 18 and Step 19 on NMS 2.
21. Repeat Step 18 and Step 19 on NMS 3.
A.5 Regenerating the Options Files

Regenerate the options files as follows:

iDX Release 3.5
Granting Read Permissions to NMS 2 and NMS 3

2. Enter the following command:
3. Enter the following Username and Password when prompted:
Username: admin
Password: iDirect
4. Enter the following commands:
cfg status recalc netmodem.*
cfg status recalc rmtdef.*
cfg status recalc netdef.*
cfg status recalc ppglobal.*
Note: Once these commands have been entered successfully, all the devices (remote,
HLC, network, PP) will display “Changes Pending” in iBuilder.
5. Launch iBuilder and apply the changes in the following order: all remotes, all Hub Line
Cards, network, and Protocol Processor.
CAUTION: Downtime will be incurred while devices reboot.
A.6 Granting Read Permissions to NMS 2 and NMS 3

After regenerating the options files, grant “read” permissions to NMS 2 and NMS 3 as follows:
1. Log on to NMS 1 and enter the following command:
mysql --exec=‘GRANT ALL ON *.* TO “root”@”x.x.x.x”’
2. On NMS 1, enter the following commands to flush the register:
mysql --exec=‘FLUSH PRIVILEGES’
3. On NMS 1, repeat Step 1 and Step 2, replacing x.x.x.x with the IP address of NMS 3.
4. On both NMS 2 and NMS 3, enter the following command from the command line prompt:
mysql --host=x.x.x.x
If this command immediately connects to the mysql prompt on NMS 1, then the new
permissions have been correctly configured on this server.
5. Restart the iDirect NMS services on each server sequentially, starting on NMS 1, by
entering the following command:
service idirect_nms restart

iDX Release 3.5
Assigning QoS Profiles
A.7 Assigning QoS Profiles

After setting up a distributed NMS, redirect IP packets for remote NMS traffic to the correct
NMS servers by modifying the NMS Service Levels in the Upstream and Downstream Application
Profiles.
For the NMS Upstream Application Profile, modify the Service Levels as follows:
• Assign the destination IP address for NMS_TCP to NMS 1
• Assign the destination IP address for NMS_UDP to NMS 2 and NMS 3
• Assign the destination IP address for NMS_ICMP to NMS 3
For the NMS Downstream Application Profile, modify the Service Levels as follows:
• Assign the source IP address for NMS_TCP to NMS 1
• Assign the source IP address for NMS_UDP to NMS 2 and NMS 3
• Assign the source IP address for NMS_ICMP to NMS 3
For each of the above Service Levels, (the Upstream Application Profile is shown in this
example) follow these steps to reassign the destination IP address of the upstream traffic:
1. In the iBuilder Tree, right-click the NMS Upstream Application Profile folder and select
Modify  Item to open the Upstream Application Profile dialog box.
Figure A-2. Upstream Application Dialog Box
2. In the Service Level area of the dialog box, select the appropriate Service Level for the
IP packet type. (NMS_UDP, NMS_TCP or NMS_ICMP).
3. In the Rules area of the dialog box, select the Rule for that traffic.
4. Click the Edit button to open the Edit Rule dialog box.

iDX Release 3.5
Configuring Database Backup and Restore
Figure A-3. Edit Rule Dialog Box
5. Change the Destination IP address and Subnet Mask to match the NMS server’s IP address
for this type of traffic. (Route TCP traffic to NMS 1; route UDP traffic to NMS 2; and route
ICMP traffic to NMS 3.)
6. Click OK to save the rule.
7. For the NMS_UDP Service Level, click Add in the Rules area of the dialog box to add a
second rule to route UDP traffic to NMS 3.
8. In the Edit Rule dialog box:
a. Configure Destination IP to be equal to the NMS 3 IP Address and Subnet Mask.
b. Configure Protocol to be equal to UDP.
c. Click OK to save the new rule.
9. Click OK to save the Application Profile.
10. In the iBuilder tree, apply all pending changes.
A.8 Configuring Database Backup and Restore

Configure all NMS Servers and the Backup Server to ensure that the databases are backed up
automatically on a periodic basis and that the Backup Server is configured to failover for the
Distributed NMS. This includes changes to the crontab file on all four servers as well as other
redundancy procedures.
To configure the servers for database backup and restore and to prepare the system for
failover, follow the DNMS procedures in the iDirect NMS Redundancy and Failover technical
note, which is available for download on the TAC Web site.
A.9 Verifying Correct Operation

After completing all configuration steps, the nmssvr, nrdsvr, evtsvr, cmsvr and latsvr should
all be running on the appropriate servers. To ensure proper operation, verify that no service is

iDX Release 3.5
Running the NAT Script
running on more than one server. Enter the following command on each server and verify that
the correct services are running:
ps -ef | grep svr | grep -vi mysql | grep -vi logger
A list of running services displays.
If a service is running on a server that it should not be, use the following command to kill the
service:
killall service
where service represents the name of the service
For example, if the evtsvr process is running on NMS 1, enter the following command to kill
the process:
killall evtsvr
A.10 Running the NAT Script

The iDirect NAT script translates private IP addresses to public IP address allowing iBuilder
and iMonitor to connect an external source. This section describes how to run the script for
iBuilder and iMonitor.
To run the script for iBuilder:
1. On a PC or laptop, open Note Pad.
2. Copy the following lines into Note Pad:
@ECHO OFF
SET ENV_NRD_NMSAPI_IPADDR=x.x.x.x
SET ENV_EVT_NMSAPI_IPADDR=x.x.x.x
Where x.x.x.x represents the IP address of NMS 3
SET ENV_LAT_NMSAPI_IPADDR=x.x.x.x
ibuilder.exe
3. Rename the Note Pad file to ibuilder.bat.
4. Save the file to the same directory where iBuilder is located.
To run the script for iMonitor:
1. On a PC or laptop, open Note Pad.
2. Copy the following lines into Note Pad:
@ECHO OFF
SET ENV_NRD_NMSAPI_IPADDR=x.x.x.x
SET ENV_EVT_NMSAPI_IPADDR=x.x.x.x

iDX Release 3.5
Managing a Distributed NMS
SET ENV_LAT_NMSAPI_IPADDR=x.x.x.x
imonitor.exe
3. Rename the Note Pad file to iMonitor.bat.
4. Save the file to the same directory where iMonitor is located.
A.11 Managing a Distributed NMS

Run all scripts to manage a Distributed NMS from the directory: /home/nms/utils/db_maint.
A.11.1 Enabling and Disabling Services for DNMS

Execute the following command prior to running any scripts to manage a Distributed NMS on
all servers:
When finished running scripts to manage a Distributed NMS, execute the following command
on all servers:
A.11.2 Executing DNMS Management Scripts

To verify the DNMS server configuration, including the server IP addresses, enter the following
mysql command on the primary NMS server. Sample output is show after the command.
# mysql -e"select * from ServerConfiguration" nms | grep MISCELLANEOUS
MISCELLANEOUS allow_ad_hoc 1
MISCELLANEOUS allow_fips 0
MISCELLANEOUS use_remote_active_flag 0
MISCELLANEOUS default_password iDirect
MISCELLANEOUS default_su_password P@55w0rd!
MISCELLANEOUS nms_server_ip
MISCELLANEOUS manage_tunnel_information 1
MISCELLANEOUS calculate_ppglobal_status 1
MISCELLANEOUS default_ppglobal_status Nominal
MISCELLANEOUS manage_remote_location 0
MISCELLANEOUS manage_remote_antenna 0
MISCELLANEOUS hub_sat_is_eth 1
MISCELLANEOUS manage_teleport_location 0
MISCELLANEOUS outroute_hub_has_rx_carrier 1
MISCELLANEOUS inroute_hub_has_tx_carrier 1
MISCELLANEOUS nms_nrd_server_ip 172.16.137.13
MISCELLANEOUS nms_evt_server_ip 172.16.137.14
MISCELLANEOUS nms_lat_server_ip 172.16.137.14
MISCELLANEOUS nms_ctl_server_ip 172.16.137.9
MISCELLANEOUS nms_cm_server_ip 172.16.137.9
MISCELLANEOUS nms_oss_server_ip 192.168.76.80

iDX Release 3.5
The various forms of the NMS-configuration-client.pl command are shown here. Typically, no
command arguments are required to configure a distributed NMS.
# ./NMS-configuration-client.pl –h
NMS-configuration-client.pl [-cd=NAME] [-ad=NAME]
[-udp=UDPPORT] [-bcast=BCASTADDRESS]
-cd : Change config database from [nms]
-ad : Change archive database from [nrd_archive]
-udp : Change default UDP port [70123]
-bcast: Change default bcast address[255.255.255.255]
-vvv : verbose mode level equals number or v(s)
-qos : reload service level QoS rules -- do not use it
-h : print help
The NMS-domain-commands.pl command stops, starts or restarts the NMS server processes
on all NMS machines. The command cab be executed on any of the server machines.
The various command forms are displayed by entering the -h option:
./NMS-domain-commands.pl -h
Usage:
NMS-domain-commands.pl [-udp=UDPPORT] [-exec="<command> <server
name> <server name> ..."
-udp : Change default UDP port [70123]
<command> is <start | stop | restart | reload | status >
<server name> is <nmssvr | evtsvr | nrdsvr | latsvr | cntrlsvr |
snmpsvr | nms_monitor>
For example, the following two commands show the status of NMS server processes. The first
example shows the status of all processes. The second example shows the status of the
nms_monitor process.
./NMS-domain-commands.pl -exec="status"
./NMS-domain-commands.pl -exec="status nms_monitor"
The following commands start, stop and restart server processes. The first example starts all
processes. The second example stops all processes. The third example starts the evtsvr
process. The final example restarts the latsvr process.
./NMS-domain-commands.pl -exec="start"
./NMS-domain-commands.pl -exec="stop"
./NMS-domain-commands.pl -exec="start evtsvr"
./NMS-domain-commands.pl -exec="restart latsvr"

iDX Release 3.5
An example of the output for NMS-domain-commands.pl script is presented below:

# ./NMS-domain-commands.pl -exec="status"
ip = 172.16.137.13, servers: nrdsvr nms_monitor
ip = 172.16.137.9, servers: nmssvr revsvr snmpsvr mapsvr nms_monitor
cntrlsvr
ip = 172.16.137.14, servers: evtsvr nms_monitor latsvr
+++++++++++++++++++++++++++++++++++++++++++++++++
Using configuration from MySQL NMS.ServerConfiguration table on
computer 127.0.0.1:
>>>>> 172.16.137.13:
nrdsvr (pid 30734) is running...
cmsvr (pid 6373) is running...
nms_monitor (pid 30755) is running...
>>>>> 172.16.137.14:
evtsvr (pid 18493) is running...
latsvr (pid 6917) is running...
nms_monitor (pid 6931) is running...
>>>>> 172.16.137.9:
nmssvr is stopped
revsvr is stopped
snmpsvr is stopped
cntrlsvr is stopped
nms_monitor is stopped

iDX Release 3.5

iDX Release 3.5
Appendix B Using the
iDirect CA Foundry
All hosts in an iDirect TRANSEC network must have X.509 public key certificates. Hosts include
NMS Servers, Protocol Processor blades, TRANSEC line cards, TRANSEC remotes, and GKD
Servers. Certificates are required to join an authenticated network. They serve to prevent
man-in-the-middle attacks and they add an additional safeguard against unauthorized
admission to the network. You can use the iDirect Certificate Authority (CA) utility (called the
CA Foundry) to issue the certificates for your TRANSEC network. For more information on the
iDirect TRANSEC feature, see the iDirect Technical Reference Guide.
This appendix contains the procedures required to issue and manage the X.509 certificates in
an iDirect TRANSEC network. It contains the following major sections:
• Accessing the CA Foundry on page 467
• Creating a Certificate Authority on page 469
• Logging On to a Certificate Authority on page 470
• Connecting to a Host on page 470
• Bringing an Unauthorized Remote into a TRANSEC Network on page 471
• Certifying a Host on page 473
• Revoking a Remote’s Certificate on page 474
NOTE: Time synchronization of server machines is essential for TRANSEC

networks. iDirect highly recommends that you use NTP to synchronize the time
among all NMS servers, Protocol Processor Blade servers and GKD servers in your
TRANSEC networks.
B.1 Accessing the CA Foundry

This section explains how to start the iDirect CA Foundry and how to use its operator
interface. The CA Foundry is copied to your NMS Server during the release installation or
upgrade procedure. Subsequent sections in this appendix explain the details of the specific CA
Foundry commands that you will need to certify your TRANSEC network.
NOTE: All certificates for a TRANSEC network must be generated by the same CA
foundry.

iDX Release 3.5
Accessing the CA Foundry
Start the CA Foundry as follows:

1. Log on to the root account of your NMS Server.
NOTE: SH can not be used to log on directly to the root account of an NMS server
the idirect account. Then enter su - from the command line to log on as root.
Figure B-1. Logging On to the NMS Server
2. At the command line prompt, enter the ca command to display the initial CA Foundry
menu shown in Figure B-2. Once you have created a CA and logged on to it, more menu
choices will become available.
Figure B-2. Initial CA Foundry Menu
3. Navigate in the CA Foundry as follows:

• For all menus (and sub-menus), use the arrow keys to change menu selections. The
current selection is indicated by the cursor.
• Press Enter to select any menu item.
• To terminate a command without completing it, press the F5 key. This will return
control to the menu at the top of the window.
• To exit the CA Foundry and return to the Linux command prompt, select Exit from the
menu, or press the F5 key when the top-level menu is active.
Figure B-3. Exiting the CA Foundry
For details on specific CA Foundry operations, see the remaining sections in this appendix.

iDX Release 3.5
Creating a Certificate Authority
B.2 Creating a Certificate Authority

Create a Certificate Authority (CA) to certify all hosts in your TRANSEC networks. iDirect does
not support a hierarchical “chain of trust” for CAs.
Follow these steps to create a new CA:
1. Start the CA Foundry according to the procedure in Accessing the CA Foundry on
page 467.
2. Using the arrow keys, select New CA from the top-level menu and press Enter.
Figure B-4. Creating a New Certificate Authority
3. When prompted, enter the information for your new CA. A CA name and password are
required. The remaining entries are optional.
Figure B-5. Configuring the New Certificate Authority
4. Press any key to continue. You will be automatically logged on to the new CA.

iDX Release 3.5
Logging On to a Certificate Authority
B.3 Logging On to a Certificate Authority

Follow these steps to log on to an existing CA:
1. Start the CA Foundry according to the procedure in Accessing the CA Foundry on
page 467.
2. Using the arrow keys, select Open CA from the top-level menu and press Enter to display
a menu of available CAs.
Figure B-6. Logging On to a Certificate Authority
3. Select the CA you want to open and press Enter.

4. Enter the CA’s password at the prompt to log on to the CA.
When logged on to a CA, a status bar is displayed at the bottom of the window. The status bar
displays the name of this CA; the CA that signed this CA’s certificate; and the IP address of the
connected host.
Figure B-7. CA Foundry Status Line
NOTE: Since chain-of-trust certification is not supported by iDirect, the CA

certificate should be displayed as Self-signed.
B.4 Connecting to a Host

Your CA must be connected to a host before you can perform any host operations. If desired,
you can first connect to the host by selecting Connect to Host from the CA Foundry’s Host
Operations menu and, once connected, select the specific host operation you want to
execute. Alternatively, you can simply select the host operation from the menu without

iDX Release 3.5
Bringing an Unauthorized Remote into a TRANSEC Network
connecting first. If not connected to a host, the CA Foundry will prompt for the required host
information and establish the connection before executing the operation.
NOTE: When certifying a new remote in a TRANSEC network, please see Bringing
an Unauthorized Remote into a TRANSEC Network on page 471. The remote must
have authentication disabled and it must be configured with the current Network
Acquisition Key before it can acquire the TRANSEC network.
Follow these steps to connect to a host:

1. Start the CA Foundry and log on to a CA according to the procedure on page 470.
2. Use the arrow keys to select Host Operation from the top-level menu and press Enter.
3. Select Connect to Host from the Host Operation menu and press Enter.
4. When prompted, enter the following host information:
a. Enter the IP address of the host to which you want to connect.
b. Unless you are connecting to a GKD Server, accept the default port number by
pressing Return. To connect to a GKD Server, enter port number 45010.
c. Enter the admin password of the host.
Figure B-8 shows an example of a successful attempt to connect to a host from a CA.
Figure B-8. Certificate Authority Connected to a Host
B.5 Bringing an Unauthorized Remote into a TRANSEC

Network
In general, it is best to certify your TRANSEC remotes over a direct LAN connection at the hub
before commissioning them in a TRANSEC network. When converting an existing network to
TRANSEC, certify the existing remotes over the air before enabling TRANSEC for the network
to avoid the necessity of connecting to unauthorized hosts over the TRANSEC link.
However, there may be times when you are required to issue certificates to uncertified
remotes over the air in an existing TRANSEC network. Therefore, iDirect provides a way for
you to disable authentication for a remote, allowing the uncertified remote to join the
TRANSEC network without checking its X.509 certificate. You can then certify the remote
using the CA Foundry. Once the remote is certified, immediately re-enable authentication for
the remote.
It is not possible to bring an unauthorized remote into a TRANSEC network without local
access to the remote for two reasons:
• The remote options file with the remote’s configuration for the TRANSEC network must be
transferred to on-site personnel for local download to the remote via iSite.

iDX Release 3.5
Bringing an Unauthorized Remote into a TRANSEC Network
• After the options file is loaded, the current Network Acquisition Keys must be configured
on remote before the remote can acquire the TRANSEC network. This requires access to
the remote console.
Once the remote options file (with authentication disabled) and the ACC Keys are present on
the remote, the remote will be able to acquire the TRANSEC network. At that point, you can
use the CA Foundry to connect to your remote over the air and issue the X.509 certificate.
Follow these steps to certify the remote in your TRANSEC network. This procedure assumes
that the remote has been configured in the TRANSEC network in iBuilder and that
Authentication has not yet been disabled on the GUI.
1. In iBuilder, right-click the remote in the iBuilder Tree and select ModifyItem to display
the Information tab of the remote configuration dialog box.
2. Select the Disable Authentication check box.
3. When the warning message appears, click Yes to confirm the change.
Figure B-9. Warning Message when Disabling Authentication
4. Click OK to save the change.

5. Right-click the remote in the iBuilder Tree and select Apply ConfigurationReliable Hub
Side (TCP) to download the configuration change to the Protocol Processor.
6. Right-click the remote in the iBuilder Tree and select RetrieveSaved Remote-Side
Configuration. Click the Save button in the Save As dialog box to save the remote options
file to disk.
7. Transfer the remote options file to on-site personnel outside of the iDirect network.
NOTE: As an alternative, you can wait and transfer the options file and the ACC
Key to the remote site at the same time. In either case, the options file must be
loaded onto the remote (Step 8) before the remote will accept the ACC Key
(Step 9).
8. Have the on-site personnel load the options file on the remote using iSite. The procedure
for downloading an options file using iSite is documented in the Installation and
Commissioning Guide for iDirect Satellite Routers.
9. Follow the procedure Configuring the ACC Key on a Remote on page 477 to retrieve the
current Network Acquisition Key from the hub and to configure it on the remote. Once the
remote has its ACC keys, it should acquire the TRANSEC network.

iDX Release 3.5
Certifying a Host
10. Use the CA Foundry to connect to the remote over the air and issue the X.509 certificate.
(See Certifying a Host on page 473 for details.)
11. Once the remote has its certificate, return to the remote configuration dialog box, clear
the Disable Authentication check box, and click OK.
12. Right-click the remote in the iBuilder Tree and select Apply ConfigurationReliable
Both (TCP) to download the configuration change.
B.6 Certifying a Host

All hosts in an iDirect TRANSEC network must have X.509 public key certificates. Hosts include
the following network elements:
• NMS Servers
• Protocol Processor blades
• TRANSEC line cards
• TRANSEC remotes
• GKD Servers
NOTE: After you issue a certificate to a Protocol Processor blade or a GKD server,
you must restart the iDirect service before it will take effect. After issuing the
certificate, log on to the root account of the blade or GKD server and enter the
command service idirect_hpb restart (blade) or service
idirect_gkd restart (GKD).
NOTE: Before certifying an auxiliary NMS server for a distributed NMS, log on to
the root account of the server and enter the command service idirect_nms
start nmssvr to start the nmssvr process. Once the auxiliary server has been
certified, stop the nmssvr process with the command service idirect_nms
stop nmssvr.
You can use the procedure in this section to certify a new host or to update the certificate on
an existing host. Your NMS Server must have IP connectivity to the host to issue a certificate.
Follow these steps to issue a certificate to a host.
2. Use the arrow keys to select Host Operation from the top-level menu and press Enter.
3. Select Flush Host from the menu and press Enter.

iDX Release 3.5
Revoking a Remote’s Certificate
Figure B-10. Flushing a Host
NOTE: Select Flush Host rather than Generate Host Key and Cert. The Flush Host
command performs all operations required to certify the host.
4. When prompted, enter the following host information:

a. Enter the number of days that you want the certificate to be valid. (The default is
3,650 days, or ten years.)
b. Enter the IP address of the host you want to certify.
c. If this is not a GKD Server, accept the default port number by pressing Return. If this is
a GKD Server, enter port number 45010.
d. Enter the password of the admin account of the host you want to certify.
NOTE: When certifying a TRANSEC line card, it is possible that the CA will time
out due to high CPU loading on the line card. If this happens, wait a few minutes
and execute the Flush Host command again.
The CA Foundry will issue a new X.509 certificate to the host, signed by your CA. Sample
output is shown in Figure B-11.
Figure B-11. CA Foundry Issuing a New X.509 Certificate
B.7 Revoking a Remote’s Certificate

The procedure in this section describes how to revoke a remote’s X.509 certificate and force
the remote to exit the TRANSEC network. Updating the Dynamic Network Keys twice at the
end of the procedure forces the remote to leave the network, since certificates are validated
after each key update. Updating the Network Acquisition Keys twice ensures that the remote
can no longer decrypt the acquisition data.
Follow these steps to revoke a remote’s X.509 certificate:

iDX Release 3.5
1. Using iBuilder, right-click the remote in the iBuilder Tree and select View
PropertiesItem.
2. Note the number in Derived ID field of the remote Information tab.
Figure B-12. Determining the Derived ID in iBuilder
4. Use the arrow keys to select Maintenance from the top-level menu and press Enter.
5. Select Show Issued Certs from the Maintenance menu and press Enter.
Figure B-13. Determining Certificates Issued by a CA
6. In the Subject field of the command output, note the highest CA serial number that
matches the DID determined in Step 1. (In the case that the CA has multiple certificates
for a single remote, the one with the highest serial number is the certificate currently in
use.)
Figure B-14. Listing of Issued Certificates
7. Select Revoke Certificate from the Maintenance menu and press Enter.

iDX Release 3.5
8. At the prompt, enter the serial number of the certificate to be revoked as determined in
Step 6 and press Enter. Sample output is shown in Figure B-15.
Figure B-15. Revoking a Certificate
9. For each Protocol Process Blade in the remote’s network:

a. Select Update Chain of Trust from the Host Operation menu and press Enter.
Respond to the prompts as follows:
• Enter the IP address of the blade.
• Accept the default port number by pressing Return.
• For host password, enter the password of the blade’s admin account.
Figure B-16 shows sample results of this command.
Figure B-16. Updating the Chain of Trust
The updated blades will no longer allow the remote to enter the TRANSEC network.
10. To ensure that the remote leaves the network immediately, force two updates of the
Dynamic Network Keys (DCC Keys). The procedure for updating the DCC Keys is
documented in Updating the DCC Keys on page 479.
11. To ensure that the remote’s Network Acquisition Keys (ACC Keys) are no longer valid,
force two updates of the ACC Keys. The procedure for updating the ACC Keys is
documented in Updating the ACC Keys on page 480.
CAUTION: Use great caution when updating the ACC Keys. Any remote that misses
two consecutive ACC Key updates will be stranded. A site visit is required to re-
configure the ACC keys on the remote.

iDX Release 3.5
Appendix C Managing
TRANSEC Keys
This appendix contains procedures for managing TRANSEC keys. It includes the following
major sections:
• Configuring the ACC Key on a Remote on page 477
• Updating the DCC Keys on page 479
• Changing the DCC Key Update Frequency on page 480
• Updating the ACC Keys on page 480
• Verifying the ACC Keys on an In-Network Remote on page 482
• Identifying the Blade that Distributes TRANSEC Keys on page 485
C.1 Configuring the ACC Key on a Remote

The current Network Acquisition Key (also called Acquisition Channel Ciphertext Key or ACC
Key) must be present on a remote before the remote can join a TRANSEC network. If the
remote does not have the current ACC key, it must be manually configured using a remote
console command.
The ACC Key must be manually configured on a remote under a number of circumstances. For
example:
• When commissioning a new remote in a TRANSEC network
• When moving an existing remote into a TRANSEC network
• When a remote in a TRANSEC network has missed two consecutive ACC Key updates
The current ACC Key must be determined at the hub and transferred to the remote modem.
The ACC Key is protected by a user-generated “passphrase” entered by the hub operator
when retrieving the key. The passphrase is required to update the key on the remote.
Transmitting the key and passphrase to the remote is done outside of the iDirect system. This
can be accomplished verbally (over a secure phone line) or through secure file transfer.
Before the key can be entered on the remote, you must retrieve the current key from the
Protocol Processor blade responsible for key distribution. To determine the current ACC key:
1. Follow the steps in Identifying the Blade that Distributes TRANSEC Keys on page 485 to
determine the Protocol Processor blade responsible for transmitting the ACC Keys to this
remote’s network.
2. Log on to the idirect account of the blade identified in Step 1.

iDX Release 3.5
Configuring the ACC Key on a Remote
3. At the command line, enter the following command:

4. At the prompt, log on to the admin account.
csp enable
key_ctrl getGACCkey DID passphrase
where DID is the unique remote identifier and passphrase is a string of any length.
NOTE: A remote’s DID is displayed on the Remote Information tab in iBuilder. The
passphrase will be required to update the ACC key on the remote modem.
The Protocol Processor displays a string consisting of three lines (or “segments”). This
string represents the ACC Key. The key as represented by the string is encrypted using the
Password-Based Key Derivation Function (PBKDF2) described in PKCS #5 v2.1: Password-
Based Cryptography Standard from RSA laboratories.
Figure C-1 shows sample output for the getGACCkey command.
Figure C-1. getGACCkey Command Example
7. Securely transfer the three string segments to the personnel responsible for entering the
new key on the remote modem.
To update the ACC Key on the remote modem:
1. From the console port, log on to the root account of the remote.
telnet localhost
4. At the command line prompt, enter the command:
csp enable
keyroll_mgr setACCKey

iDX Release 3.5
Updating the DCC Keys
6. At this point, you will be prompted for each of the three segments (lines) of the
encrypted key and the “passphrase” from Step 6 on page 478. Respond to each prompt
with the requested information. You can type uppercase Q to quit at any time.
7. When asked if you want to continue, enter:
Yes
You should see a message stating that the Network Acquisition Key has been updated. At
this point, if the TRANSEC network is up and the remote is certified, the remote should
acquire the outbound carrier.
8. Once the remote acquires the network, to check the status of the remote, enter the
remotestate command. Sample output is shown below.
remotestate
TX Power: -26.000000 dbm
TX Freq: 1115.000000 Mhz
FSD: 0
Assigned IGroup: 1
Assigned HDLC: 0xd
Assigned UID: 0x40 - 0x4e, 0x4f
TXer State: ON
RXer Lock: LOCKED
Modem State: In Network
Link Layer State: In Data Transfer
Transec: Up
NOTE: Step 8 assumes the remote already has its X.509 certificate for the
TRANSEC network. If not, the hub operator can now disable authentication for the
remote on the iBuilder Remote Information tab to allow the remote to join the
network the first time. Once it has acquired the network, the hub operator can
issue the certificate to the remote over the satellite link and then re-enable
authentication on the remote. See Bringing an Unauthorized Remote into a
TRANSEC Network on page 471 for details.
C.2 Updating the DCC Keys

This section describes the procedure for forcing updates of the Dynamic Network Keys (DCC
Keys) used for encryption of your TRANSEC network. Although keys are updated on a regular
basis, you may want to force Key updates (also called “key rolls”) after you have revoked a
remote’s X.509 certificate in order to force the remote to leave the network immediately.
Because of the specifics of iDirect’s key management protocol, you must update the DCC Keys
twice to ensure that a remote no longer has a valid key. For details on the TRANSEC key
management protocol, see the iDirect Technical Reference Guide.
Follow these steps to update the DCC Keys in a TRANSEC network:
determine the Protocol Processor blade responsible for distributing the DCC Keys to this
remote’s network. Note your Network ID from this procedure.
2. Log on to the idirect account of the blade identified in Step 1.
3. At the command line, enter the following command:

iDX Release 3.5
Changing the DCC Key Update Frequency

4. At the prompt, log on to the admin account.
5. Enter the following command to enable security commands:
csp enable
6. Enter the following command to update the DCC Keys:
key_ctrl net <net id> update
where <net id> is the network ID determined in Step 1.
7. You can repeat the Step 6 to ensure that no unauthorized hosts have a valid DCC Key.
C.3 Changing the DCC Key Update Frequency

By default, DCC Keys are automatically updated every eight hours. You can change the
frequency of the DCC Key update for a TRANSEC network by following these steps in iBuilder:
1. Right-click your TRANSEC network in the iBuilder Tree and select ModifyItem.
3. Enter the following Custom Key:
[TRANSEC]
dyn_key_update_time_sec = <Seconds>
where <Seconds> is the new DCC Key update frequency in seconds.
5. Right-click your network in the iBuilder Tree and select Apply ConfigurationNetwork to
download the changes.
The Custom Key in Figure C-2 changes the DCC Key update frequency to four hours.
Figure C-2. Changing the DCC Key Update Frequency
C.4 Updating the ACC Keys

This section describes the procedure for forcing updates of the Network Acquisition Keys (ACC
Keys) used for encryption of acquisition data in your TRANSEC network. By default, ACC Keys
are automatically updated every 28 days. When updating the ACC Keys, update the ACC Keys
twice to ensure that they are no longer present on a de-certified remote.

iDX Release 3.5
Updating the ACC Keys
For details on the TRANSEC key management protocol, see the iDirect Technical Reference
Guide.
CAUTION: Use great caution when updating the ACC Keys. Any remote that misses
two consecutive ACC Key updates will be stranded. A site visit is required to re-
configure the ACC keys on the remote.
NOTE: Even if a valid ACC Key is present on a de-certified remote, the remote
cannot send or receive traffic if you have performed two DCC Key updates.
When using Local Mode (ACC Keys generated by the Protocol Processor blades), you must
execute the ACC Key update from the blade that is generating your ACC Keys. If you have one
or more GKDs configured for your TRANSEC network, you must execute the ACC Key update
from the Master GKD. (For more information, see Global Key Distribution on page 487.)
Follow these steps to update the ACC Keys in a TRANSEC network:
1. If using Local Mode:
a. Follow the steps in Identifying the Blade that Distributes TRANSEC Keys on page 485
to determine the Protocol Processor blade responsible for key distribution.
b. Log on to the idirect account of the blade.
c. At the command line, enter the following command:
d. At the prompt, log on to the admin account.
2. If you have one or more GKDs configured for your TRANSEC network:
a. Log on to the root account of the Master GKD Server.
b. At the command line, enter the command:
telnet 0 46002
c. At the Username prompt, log on to the admin account. (The default password is
iDirect.)
3. On the GKD or the Protocol Processor blade responsible for generating the ACC Keys,
enter the following command to enable security commands:
csp enable
4. If this is a GKD Server, verify that this is the Master GKD by entering the command:
kd status
5. To update ACC Keys, enter the command:
kd keyroll update confirm
NOTE: The ACC Key update may take several minutes to complete. Therefore,
wait at least an hour before executing the kd keyroll update command a
second time.

iDX Release 3.5
Verifying the ACC Keys on an In-Network Remote
6. To ensure that no unauthorized hosts have a valid ACC Key, wait at least one hour and
repeat Step 5.
CAUTION: Any remote that misses two consecutive ACC Key updates will be
stranded. A site visit is required to re-configure the ACC keys on the remote.
C.5 Verifying the ACC Keys on an In-Network Remote

This section contains a procedure to ensure that a TRANSEC remote’s ACC Keys are
synchronized with the ACC Keys on the Protocol Processor blade that distributes the keys to
the remote. The procedure assumes that the remote has acquired the network and is
operational.
determine the Protocol Processor blade responsible for transmitting the ACC Keys to this
remote’s network.
2. At this point, you should be connected to the admin account of the iDirect application on
the blade responsible for key distribution. If not, follow these steps:
a. Log on to the idirect account of the blade.
b. At the command line, enter the following command:
c. At the prompt, log on to the admin account.
CSP enable
key_mgr net <Network> acc key
where <Network> is the network number that you identified for your remote in Step 1.
Figure C-3 shows sample output for the key_mgr command.
Figure C-3. Viewing the ACC Key Data Structure on the Protocol Processor

iDX Release 3.5
5. Note the number of the active key. (The active key is Key 0 in Figure C-3.)
NOTE: If you have one or more GKDs configured for your network, it is possible
that the ACC Keys have been updated on the Master GKD but have not yet been
accepted by the Protocol Processor blade. You can enter the kd keyroll show
command on the Master GKD to ensure that the active key on the GKD matches
the active key on the Protocol Processor blade.
6. From the root account of the NMS server, enter the following command to open a secure
connection the remote.
ssh <ip address>
where <ip address> is the IP address of the remote.
7. When prompted, enter the remote’s admin password.
8. Enter the following telnet command and log on with Username admin and the remote’s
admin password:
telnet localhost
Step 6 through Step 8 are illustrated in Figure C-4.
Figure C-4. Creating a Secure Connection to a Remote Modem

csp enable
10. Enter the following command to view the current key data structures:
keyroll_mgr key
Figure C-5 shows sample output of the keyroll_mgr key command.

iDX Release 3.5
Figure C-5. Viewing the Key Roll Data Structure on a Remote Modem
11. Compare the ACC Key output of the key_mgr command on the Protocol Processor (Step 4)
with the ACC Key output of the remote keyroll_mgr key command. The active key
numbers should be the same. In the example in Figure C-6, the remote has successfully
received the latest ACC Keys. Therefore the number of the active key on the Protocol
Processor (on the left) is identical to the number of the active key on the remote (on the
right).
Figure C-6. ACC Keys After Successful Key Update
If the ACC Keys were updated again and the remote had not yet received the new key, Key 1
would become the active key on the Protocol Processor but the remote active key would
remain the same. This is shown in Figure C-7.
Figure C-7. ACC Keys with Remote Not Updated

iDX Release 3.5
Identifying the Blade that Distributes TRANSEC Keys
C.6 Identifying the Blade that Distributes TRANSEC

Keys
Several procedures in this appendix require that you determine the Protocol Processor blade
responsible for propagating the TRANSEC Keys to the remotes and line cards in a TRANSEC
Network. When multiple blades are present, any blade may be assigned this function for a
specific network.
NOTE: The blade responsible for sending the TRANSEC keys to a network is always
the same blade that is responsible for multicast traffic for that network.
You must know both the Protocol Processor ID and the Network ID to determine the Protocol
Processor blade responsible for propagating the keys to your network. Follow these steps to
determine the IDs:
1. In iBuilder, select Details from the View Menu.
2. Select Collapse Details Hierarchy from the View Menu
3. Click your Teleport in the iBuilder Tree
4. Click the Type column heading in the Details View to sort elements by Type.
5. Scroll down until you find the IDs of both your network and your protocol processor. In
Figure C-8, the Network ID for TRANSEC Network 1 is 9. The Protocol Processor ID for
TRANSEC Protocol Processor is 2.
Figure C-8. Determining the Network ID and Protocol Processor ID in iBuilder
Once you have determined the Network ID and the Protocol Processor ID, you must identify
the Protocol Processor blade responsible for multicast traffic for your network. This is the
blade responsible for sending out the TRANSEC Keys.
Follow these steps to determine the blade that sends the TRANSEC Keys to your network:
1. Log on to the idirect account of your NMS server.
2. Enter the following command to connect to the pp_controller process for your protocol
processor.
telnet localhost <pp_controller port_number>
where <pp_controller port_number> is 15000 + the Protocol Processor ID. For the
example in Figure C-8, you would enter the command telnet localhost 15002, since

iDX Release 3.5
Identifying the Blade that Distributes TRANSEC Keys
the Protocol Processor ID is 2. if the Protocol Processor ID were 11, you would telnet to
port number 15011.
3. At the Username prompt, log on to the admin account of the Protocol Processor.
4. From the command line, enter the following command to determine the Tunnel Interface
IP Addresses of all blades responsible for multicast for this Protocol Processor:
blades query multicast
Sample output of this command is shown in Figure C-9. In the figure, the Tunnel Interface
IP Address (eth1) of the multicast blade for Network ID 9 is 192.168.77.230.
Figure C-9. Identifying the Multicast Blade for a Network
NOTE: This command returns the Tunnel Interface IP address of your blade, not
the Upstream Interface IP Address. You can view both IP Addresses on the Protocol
Processor Blade dialog box in iBuilder.

iDX Release 3.5
Appendix D Global Key
Distribution
Global Key Distribution is required to generate the Network Acquisition Keys (ACC Keys) used
by remotes to join TRANSEC networks. Global Key Distribution is also required to manage
Multicast Fast Path encryption keys for Evolution X7 remotes that receive encrypted Multicast
Fast Path traffic over a second demodulator. This appendix contains procedures for
configuring networks to use Global Key Distribution to generate either TRANSEC Network
Acquisition keys (ACC Keys) or Multicast Fast Path encryption keys and distribute them to the
Protocol Processors that require them. An instance of the Global Key Distribution software
application running on a Linux server is called a Global Key Distributor (GKD). A Linux server
running the GKD application is called a GKD Server.
This appendix includes the following major sections:
• Reasons for Global Key Distribution on page 487
• Setting Up Global Key Distribution on page 488
• Additional GKD Procedures on page 495
• Setting Up Global Key Distribution for Encrypted Multicast Fast Path on an X7 Second
Demodulator on page 500
NOTE: The same GKD Server cannot generate both TRANSEC ACC Keys and
Multicast Fast Path encryption keys.
D.1 Reasons for Global Key Distribution

This section explains why Global Key Distribution is required for TRANSEC networks.
D.1.1 Distribution of ACC Keys to TRANSEC Networks

All TRANSEC remotes must have the latest ACC Keys to join a TRANSEC network. By default,
for any TRANSEC network, the ACC keys are generated and distributed by the Protocol
Processor blade responsible for multicast in that network. However, you should override this
default behavior by configuring one or more GKDs to generate and synchronize the ACC Keys
for TRANSEC networks.
Once you have set up a TRANSEC network, no additional steps are required to enable the
Protocol Processor blades to generate the ACC Keys. (See Converting a Network to TRANSEC
on page 445 for details on enabling TRANSEC.) This default configuration in which the

iDX Release 3.5
Setting Up Global Key Distribution
Protocol Processor blades generate the ACC Keys is called Local Mode. However, Local Mode
should not be used due to the following limitations:
• In Local Mode, ACC Key management is not redundant across Protocol Processor blades.
Therefore, if the blade generating the ACC Keys for a TRANSEC network fails, the new
blade responsible for ACC Key generation for that network is not guaranteed to be
synchronized with the remotes. If the ACC Keys are not synchronized between the blade
and the remotes, remotes that are not in the network when the keys change cannot re-
acquire until the new keys have been manually configured on the remote. This requires
local access to those remotes.
Configuring GKDs for TRANSEC networks ensures that the ACC Keys are synchronized
across all blades that send the ACC Keys to the remotes. If a blade fails or the Protocol
Processor software restarts, the ACC keys do not change and local reconfiguration of
remotes that are out-of-network when the keys change is not required. In addition, GKD
redundancy prevents the keys from being regenerated if a GKD Server fails.
• Remotes that use iDirect’s Automatic Beam Selection (ABS) feature must be able to move
from network to network as they travel across the globe. If an ABS remote in one network
attempted to acquire a new network with different ACC Keys, acquisition would fail.
Therefore, ACC Keys must be the same on any network that the remote is allowed to join.
Synchronizing the ACC Keys across TRANSEC networks using GKD Servers allows ABS
systems to meet this requirement.
D.2 Setting Up Global Key Distribution

This section explains how to configure GKDs. Configuring multiple GKDs for TRANSEC networks
ensures redundant, synchronized management of ACC Keys across the networks. In iBuilder,
GKDs are configured per Protocol Processor. The same set of GKDs can be configured for
multiple Protocol Processors in the same NMS, or on multiple NMSs.
A system with three GKDs and four Protocol Processor blades that propagate those keys is
shown in Figure D-10.

iDX Release 3.5
Backup GKD Backup GKD
KeyDistributor KeyDistributor
Master GKD
KeySync KeySync
KeyDistributor
KeySync
PP Blade PP Blade
KeySync KeySync
PP Blade PP Blade
KeySync KeySync
Figure D-10. Sample GKD Network
In any established network of GKDs, there is only one Master GKD. The Master GKD is
responsible for generating the ACC Keys for all Protocol Processors that have that GKD
configured under it in iBuilder. All other GKDs (called Backup GKDs) are responsible for
synchronizing their keys with the Master GKD.
Each GKD is configured with a unique priority. The highest-priority GKD is the “configured
Master” GKD. If the configured Master GKD fails, the highest-priority Backup GKD becomes the
“promoted Master” GKD. When the configured Master GKD recovers, it resumes the function
of key generation and the promoted Master returns to the Backup role. Similarly, if a backup
GKD loses connectivity to the Master GKD and promotes itself to Master, it returns to Backup
status when connectivity to the configured Master GKD is restored.
A Protocol Processor blade responsible for distributing or using keys generated by a GKD
Server attempts to synchronize its keys with the Master GKD. However, if the blade cannot
communicate with the Master GKD, it may synchronize with a Backup GKD. If the blade cannot
communicate with any GKD, new keys are not generated for the network.
NOTE: In order to minimize the possibility that TRANSEC remotes do not have a
valid ACC Key, a Protocol Processor blade that has received a new ACC Key from a
GKD will not accept the next ACC Key for one hour. This one hour wait is not
enforced if key updates are performed manually using the kd keyroll update
confirm command. (See Updating the ACC Keys on page 480.)
The following sections explain how to install and run one or more GKDs.

iDX Release 3.5
D.2.1 Installing the GKD Server Software

The GKD Server software can reside on an existing NMS Server, Protocol Processor Blade
Server, or on a separate machine installed as an iDirect GKD Server. To install the GKD Server
software on a dedicated machine, burn and run an iDirect Kickstart CD and select GKD Server
at the installation prompt. For instructions, please see the Software Installation Guide for
New Hubs.
When configuring a GKD to run on an existing NMS or blade server, the GKD package should
already be installed on the server. To verify that the GKD package is installed on the target
machine, enter the following command from the root account of the server:
rpm -qa | grep gkd
Sample output of this command is shown in Figure D-11.
Figure D-11. Verifying that the GKD Package is Installed on a Server
D.2.2 Adding GKDs in iBuilder

After verifying that the GKD software is installed on the server, configure the GKDs in iBuilder
as follows:
1. Right-click the Protocol Processor in the iBuilder Tree and select ModifyItem from the
menu.
2. In the Protocol Processor dialog box, click the GKD tab.
Figure D-12. Protocol Processor GKD Tab
3. Click the Add button to open the GKD dialog box.

iDX Release 3.5
Figure D-13. GKD Dialog Box

4. In the GKD dialog box:
a. Enter the IP Address of the GKD Server.
b. Enter Port number 45001.
c. Enter a Priority for this GKD Server.
NOTE: When multiple GKDs are configured, the relative priorities of the GKDs
determine which active GKD will assume the roll of Master. The highest-priority
operational GKD serves as the Master GKD responsible for generating the keys.
5. Click OK in the GKD dialog box.

6. Repeat Step 3 and Step 4 for each additional GKD to be added to this Protocol Processor.
7. Click OK in the Protocol Processor dialog box to save the configuration.
NOTE: Wait until you have created the GKD options files and started the GKDs to
apply the changes to the Protocol Processor. (See Certifying and Starting the GKD
Server on page 494.)
D.2.3 GKD Options Files

You must create an options file for each GKD and copy the file to the GKD Server. Part of the
options file can be copied from the global options file for the Protocol Processor. The rest can
be created in any text editor. The procedure in this section demonstrates one way to create a
GKD options file. It assumes the GKDs has already been configured in iBuilder, allowing you to
cut and paste from the saved configuration in the options file.

iDX Release 3.5
The example uses a Protocol Processor configured in iBuilder with three GKDs. The options file
for the GKD with priority 30 is shown below.
[GKD_NODE_10]
connect_addr = INET;192.168.77.27;45001
priority = 10
[GKD_NODE_20]
priority = 20
[GKD_NODE_30]
priority = 30
[GKD_LOCAL_CFG]
priority = 30
Note the following points regarding the sample GKD options file:
• The GKD_NODE definitions give the IP address and port number for all GKD Servers in the
GKD network as configured in iBuilder. In this case there are three GKD Servers. These
GKD_NODE definitions must be included in the GKD options file of each GKD.
• All priorities in the GKD options file must match the priorities configured for the GKD in
iBuilder. Priorities must be unique. No two GKD Nodes in an options file can have the same
priority.
• All GKD_NODE numbers must match the priorities configured in iBuilder. For example,
GKD_NODE_20 must have priority = 20.
• The GKD_LOCAL_CFG definition at the end of the options file identifies this GKD. Since
GKD_LOCAL_CFG priority is 30 in the example, this is the options file for the GKD running
on 192.168.77.32. The options file for GKD_NODE_20 would be identical to this options
file except that the final line defining the GKD_LOCAL_CFG would be priority = 20.
• Since it has the highest priority, GKD_NODE_30 is the Configured Master for this group of
GKDs. In other words, if all three GKDs are operational and connected, GKD_NODE_30 will
always assume the role of Master GKD.
• TRANSEC GKD options files are backward-compatible with pre-iDX 3.2 iDirect releases
that supported Global Key Distribution of ACC keys. It is not necessary to change existing
GKD options files when upgrading to iDX Release 3.2 or later.
D.2.4 Creating a GKD Options File

The procedure in this section demonstrates one way to create a GKD options file. It assumes
that you have already configured the GKDs in iBuilder, allowing you to cut and paste from the
saved configuration of the options file generated for the Protocol Processor.
Since a GKD options file can be created in any text editor, there is no requirement to follow
the procedure in this example. However, retrieving the options file for the Protocol Processor
makes it possible to cut and paste the GKD_NODE definitions into the GKD options files rather
than typing them by hand. The procedure assumes that the three GKDs in the sample options
file have been configured as shown in Adding GKDs in iBuilder on page 490.

iDX Release 3.5
To create the GKD options file:

1. In the iBuilder Tree, right-click the Protocol Processor with the configured GKD and select
RetrieveSaved Configuration.
2. Click the Save button. The options file will open in Notepad.
3. Scroll down until you find the GKD_NODE definitions for the Protocol Processor.
Figure D-14. Protocol Processor Options File with GKD Node Definitions
4. Delete everything from the options file except the GKD_NODE definitions.
5. Add the following to the end of the options file:
[GKD_LOCAL_CFG]
priority = <This Node’s Priority>
where <This Node’s Priority> is the priority of the GKD that will use this options
file.
6. Select FileSave As and save the file in the folder of your choice with the name of your
choice.
7. Using WinSCP (or any other method) transfer the file to the idirect account of the GKD
Server machine.
8. Log on to the root account of the GKD Server identified by GKD_LOCAL_CFG.

iDX Release 3.5
9. Move the GKD options file to /etc/idirect/gkd/gkd_opts.opt. For example:

mv /home/idirect/gkd_opts_30.opt /etc/idirect/gkd/gkd_opts.opt
NOTE: Each GKD options file must be named gkd_opts.opt and must be present
in the directory /etc/idirect/gkd on the GKD Server.
To create the options files for the other two GKDs in the example, make two additional copies
of this options file and change the GKD_LOCAL_CFG definitions to match the priorities of the
other two GKDs.
D.2.5 Certifying and Starting the GKD Server

A GKD Server is an X.509 host. Therefore, you must issue an X.509 certificate to each GKD
Server. Unlike the other X.509 hosts in iDirect networks, enter port 45010 when prompted for
the port number rather than accepting the default port. You cannot certify the GKD until you
start the GKD service on the GKD Server.
After you have created the GKD options file and copied it to the GKD Server, follow these
steps to certify the GKD Server:
1. Log on to the root account of the GKD Server.
2. Enter the following command to start the GKD application:
service idirect_gkd start
3. Follow the procedure in Certifying a Host on page 473 to issue an X.509 certificate to the
GKD.
NOTE: When certifying a GKD Server, you must enter port 45010 when prompted
for the port number. Do not use the default port number.
4. The GKD must be restarted after it receives its certificate. Enter the following command
to restart the GKD:
service idirect_gkd restart
5. To run the GKD service automatically at startup, enter the command:
chkconfig idirect_gkd on
6. Check the status of the GKD service by entering the command:
service idirect_gkd status
Two processes (gkd and gkd_monitor) should be running.
Figure D-15. Checking the Status of the GKD Service

iDX Release 3.5
Additional GKD Procedures
7. In iBuilder, right-click the Protocol Processor in the iBuilder Tree and select Apply
Configuration to update the GKD configuration on the blades.
NOTE: After adding, modifying or removing a GKD, it is important to update all

GKD options files to match the new configuration and restart the GKD service on
all GKD Servers.
If this is the first time any GKD is being brought on line for this Protocol Processor, then when
you apply the changes to the Protocol Processor, the blade or blades that were responsible for
generating the keys for your networks will no longer have that responsibility. Instead, they
will request the keys from the Master GKD and forward them to the network.
In order not to strand remotes in TRANSEC networks, the blade will not accept more than one
new ACC Key per hour (by default) from the GKD. Therefore, a remote that is not in the
TRANSEC network at the time that the first GKD comes on line should still be able to acquire
the network for at least one hour. However, if that remote does not acquire the network by
the time the blade has synchronized both the current and next ACC Keys with the GKD, it will
be unable to acquire the network until its ACC Keys are manually updated. See Configuring
the ACC Key on a Remote on page 477.
D.3 Additional GKD Procedures

This section contains additional procedures that you may require to manage and monitor your
GKDs.
D.3.1 Logging On to the GKD Console

To log on to the GKD Console:
1. Log on to the root account of the GKD Server.
2. At the command line, enter the command:
NOTE: The default password is iDirect. You can change the password by following
the procedure in the next section.
D.3.2 Changing the GKD Console Password

As described in the previous section, you must log on to the GKD admin account to connect to
the GKD Console. The default password for the GKD admin account is iDirect. However, you
can change this password for any GKD by modifying the GKD options file.
The procedure in this section explains how to change the password to be the same as the
Admin Password configured for any Protocol Processor in iBuilder. To set a password that is
different from the Protocol Processor’s password, change the Admin Password in iBuilder and
save the configuration; follow the procedure below; then return the password in iBuilder to
the original setting.

iDX Release 3.5
The Admin Password is configured in iBuilder on the Information tab of the Protocol
Processor as shown in Figure D-16.
Figure D-16. Admin Password of Protocol Processor
To change the password of the GKD admin account to the Admin Password of an iBuilder
Protocol Processor:
1. In the iBuilder Tree, right-click the Protocol Processor and select RetrieveSaved
Configuration.
3. Scroll down until you find the [SECURITY] group.
Figure D-17. Admin Password in Protocol Processor Options File
4. Copy the information highlighted in Figure D-17 into the GKD options file. A sample GKD
options file is shown below.
[GKD_NODE_20]
priority = 20
[GKD_NODE_30]
priority = 30
[GKD_LOCAL_CFG]
priority = 20
[SECURITY]
admin_password =

iDX Release 3.5
$idi3$//kdd/$0bwUdQy2daA/d95g6/DC4KkVJ40091r0sdVSi0dqFy6lbSBO9zOiYA
qY8GtVYiCf08BricTpbNeF6C45UrNf03
5. Follow the procedure on page 493 to copy the GKD options file into the correct directory
on the GKD Server.
6. Restart the GKD service by entering the following command from the root account of the
GKD Server:
7. Follow the procedure in Logging On to the GKD Console on page 495 to verify that the
password change was successful.
D.3.3 Determining the GKD Status

You can use the commands in this section to determine status of your GKDs.
NOTE: The kd (Key Distributor) and ks (Key Synchronizer) commands

documented in this section are also available from the admin account of the
Protocol Processor blades. Typically kd commands are relevant if this GKD or
blade is generating keys; ks commands are relevant if this GKD or blade is
receiving keys.
1. Log on to the GKD Console. (See Logging On to the GKD Console on page 495.)
csp enable
3. Enter the kd status command to determine the Key Distributor status of this GKD,
including:
• The Node ID of this GKD. (The Node ID equals the priority of the GKD.)
• The Current State of this Key Distributor. (Master, Backup, Promoted Master, etc.)
• The number of clients (GKDs and blades) receiving keys from this GKD.
Figure D-18 shows an example of the kd status command executed on both a Master
GKD (on the left) and on a Backup GKD (on the right).
Figure D-18. kd status Command Examples
4. Enter the ks status command to determine the Key Synchronizer status of this GKD,
including:
• The Node ID of this GKD. (The Node ID equals the priority of the GKD.)
• The Current State of this Key Synchronizer.
• If the Key Synchronizer is connected, the IP Address of the GKD supplying the keys.

iDX Release 3.5
Figure D-19 shows an example of the ks status command executed on both a Master
GKD (on the left) and on a Backup GKD (on the right).
Figure D-19. ks status Command Examples
5. Enter the kd clients command to determine the IP Addresses of all clients receiving
keys from this GKD. Clients include both Backup GKDs and Protocol Processor blades
responsible for distributing the keys to the networks.
Figure D-20 shows an example of the kd clients command executed on a Master GKD
with two clients.
Figure D-20. kd clients Command Example
(REG) after the client IP address indicates that this client has registered with the GKD
Server. (UNREG) indicates that the client has not registered with the GKD Server. Only
registered clients will receive key updates. Under normal circumstances, clients will
always register with the GKD Server shortly after connecting and re-register periodically.
D.3.4 Viewing and Changing the Key Update Frequency

By default, the Master GKD updates the ACC Keys every 28 days. To display the time between
key updates:
1. Log on to the GKD Console. (See Logging On to the GKD Console on page 495.)
csp enable
3. To view the current key update frequency in seconds, enter:
kd params
Figure D-21 shows an example of the kd params command executed on a Master GKD. In
the example, the Key Update Frequency is 2419200 seconds which equals 28 days.
Figure D-21. kd params Command Example

iDX Release 3.5
To change the key update frequency:

1. From the root account of the GKD Server, edit the GKD options file. The GKD options file
always has the following path and file name:
/etc/idirect/gkd/gkd_opts.opt
2. Add the new key update frequency to the options file as shown below.
[GKD_COMMON]
keyroll_frequency_sec = <Seconds>
where <Seconds> is the new time between key updates in seconds.
3. Save the changes and exit the editor.
4. Restart the GKD service by entering the following command:
NOTE: Any parameter displayed by the kd params or ks params GKD console

commands can be modified by adding an entry under the [GKD_COMMON] group of
the options file.
The new key update frequency is not propagated to other GKDs. If a Backup GKD is promoted
to Master GKD, it will use its local setting unless you have also changed it in the options file of
the Backup GKD.
D.3.5 Determining the Time of the Next Key Update

To determine the time of the next scheduled key update:
1. Log on to the Master GKD Console. (See Logging On to the GKD Console on page 495.)
csp enable
3. To view the current key update frequency in seconds, enter:
kd keyroll next_update
Figure D-21 shows an example of the kd keyroll next_update command executed on a
Master GKD.
Figure D-22. kd keyroll next_update Command Example

iDX Release 3.5
Setting Up Global Key Distribution for Encrypted Multicast Fast Path on an X7 Second Demodulator
D.4 Setting Up Global Key Distribution for Encrypted

Multicast Fast Path on an X7 Second Demodulator
This section explains how to configure GKDs to manage the Multicast Fast Path encryption
keys for Evolution X7 remotes in primary and secondary networks that receive Multicast Fast
Path traffic over their second receivers.
NOTE: The primary network refers to the iBuilder network in which the X7 remote
is configured. The secondary network refers to the network transmitting the
downstream carrier with the Multicast Fast Path traffic. For information on
configuring GKDs for secondary networks, refer to the Technical Reference Guide.
D.4.1 Configuring GKD for Encrypted Multicast Fast Path in

Primary Networks
This section is applicable when setting up the GKD for encrypted Multicast Fast Path traffic to
Evolution X7 remotes over a primary network.
Setting up encrypted Multicast Fast Path traffic to Evolution X7 remotes over a primary
network requires iBuilder configuration only in the primary network of the X7 remotes.
• The procedure in this section assumes that:
• The GKD software has been installed on the GKD Server. (See Installing the GKD Server
Software on page 490.)
• The Evolution X7 remotes’ second receivers have been enabled and configured to receive
the Multicast Fast Path Streams in the primary network. (See Remote VSAT-2 Tab on
page 207.)
Protocol Processor Configuration
NOTE: If the second downstream is coming from a primary network’s NMS, no

configuration is necessary at the Protocol Processor tabs.
Configure the Protocol Processor as follows:

1. At the Protocol Processor GKD tab, add a GKD server as described in Adding GKDs in
2. Obtain the Encryption key and IV Expansion key names from the GKD server.
3. Check the Enable GKD Server Keys check box on the Protocol Processor GKD tab and
enter Encryption key and IV Expansion key. See Figure D-23.

iDX Release 3.5
4. Click OK to save the changes to the Protocol Processor.
Network Configuration
On the Network tabs, there is no action necessary if the second downstream is controlled by
the local NMS for the primary network.
X7 Remote Configuration
Configure the Remotes as follows:
1. On the Remote Information tab, enable Link Encryption.
2. On the Remote VSAT-2 tab, check Multicast FastPath Encryption.

iDX Release 3.5
D.4.2 Configuring GKD for Encrypted Multicast Fast Path in

Secondary Networks
This section is applicable when setting up the GKD for encrypted Multicast Fast Path traffic to
Evolution X7 remotes over a secondary network.
Setting up encrypted Multicast Fast Path traffic to Evolution X7 remotes over a secondary
network requires iBuilder configuration in both the primary and secondary networks of the X7
remotes.
The procedure in this section assumes that:
• The GKD software has been installed on the GKD Server. (See Installing the GKD Server
Software on page 490.)
• The Protocol Processors have been configured to use the GKD Servers. (See Adding GKDs
in iBuilder on page 490.)
NOTE: When setting up encrypted Multicast Fast Path traffic to Evolution X7

remotes over a secondary network, the same GKD must be created under the
Protocol Processors of both the primary and secondary networks.
• The Multicast Fast Path streams have been configured in the secondary network. (See
Configuring Remotes for Multicast Fast Path on page 277.)
NOTE: If the Multicast Fast Path stream is to be received only by the second
receivers of X7 remotes in the primary network, skip the step for assigning the
Service Profile to remotes when configuring the MCFP streams in the secondary
network.
• The Evolution X7 remotes’ second receivers have been enabled and configured to receive
the Multicast Fast Path Streams in the primary network. (See Remote VSAT-2 Tab on
page 207.)
NOTE: An Evolution X7’s primary and secondary networks may be managed by the
same Protocol Processor, by different Protocol Processors, or even by different
Network Management Systems.
Enabling both primary and secondary networks to receive the Multicast Fast Path encryption
keys from the GKD requires configuring the Protocol Processors, Networks, and Remotes for
both networks using iBuilder client.
Protocol Processor Configuration

Configure the Protocol Processor as follows:
1. At the Protocol Processor GKD tab, add a GKD server as described in Adding GKDs in
2. Obtain the Encryption key and IV Expansion key names from the GKD server.
3. Check the Enable GKD Server Keys check box on the Protocol Processor GKD tab and
enter Encryption key and IV Expansion key. See Figure D-23.
NOTE: If the second downstream is coming from a primary network’s NMS, no

configuration is necessary at the Protocol Processor tabs.

iDX Release 3.5
4. Click OK to save the changes to the Protocol Processor.
Network Configuration
Configure the Network as follows:
1. At the Network Information tab, click Multicast Encryption and Multicast Overlay. See
Figure D-25.

iDX Release 3.5
Figure D-25. Network Information Tab
2. Click OK.
NOTE: There is no action necessary at the Network Information tab if the second
downstream is controlled by the local NMS for the primary network.
X7 Remote Configuration
Configure the Remotes as follows:
1. Right-click the X7 remote in the secondary network and select ModifyItem from the
menu.
3. In the Hub-side Configuration pane, enter the following Custom Key:
[RMT_FASTPATH_RX2]
encryption = 1
base = 0xffe0
bitmap = 0x000X
Where, X represents the number of channels (in hex value; for instance, 0x0001 to
represent channel 1) where the remote will be receiving the Multicast Fast Path traffic.
4. In the Remote-side Configuration pane, enter the following Custom Key:
[ENC]
enc_enabled = 1
enc_mode = 6
5. Click OK to save the changes to the remote.

iDX Release 3.5
D.4.3 Creating a GKD Options File for MCFPE for X7 Remotes

with a Second Downstream Carrier
The procedure in this section assumes that the GKDs have been configured in iBuilder,
allowing users to cut and paste from the saved configuration of the options file generated for
the Protocol Processor.
Since a GKD options file can be created in any text editor, there is no requirement to follow
the procedure in this example. However, retrieving the options file for the Protocol Processor
makes it possible to cut and paste the GKD_NODE definitions into the GKD options files rather
than typing them by hand.
To create the GKD options file, perform the following:
1. In the iBuilder Tree, right-click the Protocol Processor with the configured GKD and
select RetrieveSaved Configuration.
3. Scroll down to the GKD_NODE definitions for the Protocol Processor.
Figure D-26. Protocol Processor Options File with GKD Node Definitions
4. Delete everything from the options file except the GKD_NODE definitions.
5. If creating a GKD options file for generating Multicast Fast Path Encryption keys, add the
following to the beginning of the options file:

iDX Release 3.5
[GKD_KEY_0]
gkd_key_name = multicast_pp1_tx_key
[GKD_KEY_1]
gkd_key_name = multicast_pp1_rx_key
[GKD_NODE_10]
priority = 10
connect_addr = INET;{Primary PP tunnel interface IP};45001
Where, {Primary PP tunnel interface IP} is the tunnel interface IP address of the PP on
the primary network.
NOTE: All instances of the gkd_key_type keys must be removed from the options
file as well.
6. Add the following to the end of the options file:

[GKD_LOCAL_CFG]
priority = <This Node’s Priority>
where <This Node’s Priority> is the priority of the GKD that will use this options
file.
7. Select FileSave As and save the file in the folder of your choice with the name of your
choice.
8. Using WinSCP (or any other method) transfer the file to the idirect account of the GKD
Server machine.
9. Log on to the root account of the GKD Server identified by GKD_LOCAL_CFG.
10. Move the GKD options file to /etc/idirect/gkd/gkd_opts.opt. For example:
mv /home/idirect/gkd_opts_30.opt /etc/idirect/gkd/gkd_opts.opt
NOTE: Each GKD options file must be named gkd_opts.opt and must be present in
the /etc/idirect/gkd directory on the GKD Server.
To create the options files for the other two GKDs in the example, make two additional copies
of this options file and change the GKD_LOCAL_CFG definitions to match the priorities of the
other two GKDs.

iDX Release 3.5
Appendix E Configuring
Networks for Automatic
Beam Selection
Beginning with iDS Release 7.0, iDirect remotes are no longer restricted to a single network.
Customers can define remotes that “roam” from network to network around the globe. These
roaming remotes are not constrained to a single location or limited to any geographic region.
Instead, by using the capabilities provided by the iDirect “Global NMS” feature, remote
terminals have true global IP access.
The decision of which network a particular remote joins is made by the remote. When joining
a new network, the remote must re-point its antenna to receive a new beam and tune to a
new outroute. Selection of the new beam can be performed manually (using remote modem
console commands) or automatically. This appendix documents the procedures for configuring
the Automatic Beam Selection (ABS) feature for mobile remotes. A technical description of
this feature is contained in the iDirect Technical Reference Guide.
NOTE: Evolution X1 and e150 remotes do not support Automatic Beam Selection.
This appendix contains the following major sections:

• Configuring and Running the Map Server on page 508
• Configuring Remotes for Automatic Beam Selection on page 511
• Remote Custom Keys for Automatic Beam Selection on page 516
• Remote Console Commands on page 521
NOTE: When using the iDirect TRANSEC feature for ABS networks, Global Key
Distribution is required to ensure that the Network Acquisition Keys are the same
for all networks. A remote cannot roam from one TRANSEC network to another
unless these keys are the same. See Global Key Distribution on page 487 for
details.

iDX Release 3.5
Configuring and Running the Map Server
E.1 Configuring and Running the Map Server

In an ABS system, a map server is responsible for managing the iDirect beam maps for the
remotes in its networks. The map server reads the beam maps and waits for map requests
from remote modems. The map server is not an NMS process; the map server runs as a
separate, stand-alone application.
The map server continues to be automatically installed on all NMS servers. It is also
automatically installed with installation or upgrade of a GKD server. Please see the Network
Upgrade Procedure or Hub Software Installation Guide for more details on installing iDirect
servers.
E.1.1 The Map Server Configuration File

A map server requires a valid configuration file called map.conf. On an NMS or a GKD server
machine, this file is typically located in the directory /etc/idirect/map.
Figure E-1 shows two versions of map.conf. The first is a typical map.conf file for beam maps
that use the Intelsat format for the conveyance beam map file. The second is a typical
map.conf file for beam maps that use the GXT format for the conveyance beam map
file.(Conveyance beam map files are discussed further in Adding Beams to the Beam Map File
on page 509.)
Figure E-1. Two Versions of map.conf

iDX Release 3.5
For most parameters in map.conf, the default settings are identical and can be left
unchanged for standard installations. However, note the following differences in Figure E-1:
• For Intelsat format, conveyance_file should be set to curr.in and
conveyance_format should be set to intelsat.
• For GXT format, conveyance_file should be set to Beams and conveyance_format
should be set to gxt_dir.
If ABS was already in use before upgrading to this release, map.conf should already exist on
the NMS server machine. When setting up ABS for the first time, use the template file
(/etc/idirect/map/map.conf.template) on the map server machine to create map.conf. Copy
the template file to map.conf and edit the file to comply with the format if necessary.
E.1.2 Adding Beams to the Beam Map File

To determine the best beam for the current remote location, the modem relies on a beam
map file that is downloaded to the remote and stored on the modem. iDirect provides a utility
that converts the beam information supplied by the satellite provider into a beam map file
that can be used by the iDirect system. Adding a new beam requires a new conveyance beam
map file from the satellite provider that includes all beams. For a detailed discussion of this
topic, see the iDirect Technical Reference Guide.
NOTE: This procedure is valid only if the map server process is running on an
iDirect server such as the NMS server or GKD server. It is not valid for a local map
server process co-located with the remote modem.
Execute the procedure in this section during the initial set up of the ABS feature. Re-execute
the procedure at any time to add a new beam to the beam map file.
NOTE: The beam name used in the conveyance beam map file must exactly match
the name of the network configured for that beam in iBuilder. For example, if a
beam name in the conveyance file is Beam_10, then the name configured in the
iBuilder Tree for the corresponding network must also be Beam_10.
The satellite provider delivers conveyance beam map files to the customer in a pre-defined
format. This format is defined in a specification document agreed upon between the beam
provider and iDirect. iDirect provides each ABS customer with a software utility that converts
the conveyance beam map files into a format that is usable by the map server. Once the
conversion is complete and the map server must be restarted, the new beam becomes
available for the map server to send to remotes using ABS.
Follow these steps to convert a conveyance beam map file from the satellite provider into the
map server format and make it available for use in your networks.
1. Log on to the map server machine as root.
2. Change to the map server directory:
cd /etc/idirect/map
3. If using the Intelsat format:
a. Copy the conveyance beam map file into the /etc/idirect/map directory using an
appropriate form of file transfer such as CD-ROM or WinSCP.
b. Enter the following command to copy the conveyance beam map file to the file name
curr.in:

iDX Release 3.5
cp <conveyance file name> curr.in

where <conveyance file name> is the name of the conveyance beam map file.
c. Run the newmap conversion utility by entering the following command at the
command line prompt:
newmap_intelsat
4. If using the GXT format:
a. If it does not exist, create the directory: /etc/idirect/map/Beams
b. Copy all conveyance beam map files and GXT data files into the
/etc/idirect/map/Beams directory using an appropriate form of file transfer such
as CD-ROM or WinSCP.
c. Run the newmap conversion utility by entering the following command at the
command line prompt:
newmap_gxt
5. Wait until the conversion is complete.
6. If the map server is already running, restart the map server by entering the following
command:
service idirect_map restart
E.1.3 Running the Map Server

After map.conf is correctly configured (The Map Server Configuration File on page 508) and
all beams have been added to the beam map (Adding Beams to the Beam Map File on
page 509), start the map server application from the root account.
Commands for starting, restarting, stopping, and checking the status of the map server are:
service idirect_map start
service idirect_map restart
service idirect_map stop
service idirect_map status
NOTE: To configure the idirect_map service to start automatically at boot time,

run the following command as the root user: chkconfig idirect_map on.

iDX Release 3.5
Configuring Remotes for Automatic Beam Selection
E.2 Configuring Remotes for Automatic Beam

Selection
In order to use iDirect’s Automatic Beam Selection (ABS) feature, configure the ABS remotes
to use either the OpenAMIP protocol (if supported by the Antenna Controller) or one of the
supported antennas listed below. The OpenAMIP protocol is defined in the document Open
Antenna — Modem Interface Protocol (AMIP) Specification.
In addition to OpenAMIP, the following antennas are supported:
• Orbit-Marine AL-7104
• Schlumberger Spacetrack 4000
• SeaTel DAC-97 (Also supports the DAC-03, DAC-2200, and DAC-2202)
This section explains how to configure ABS networks for use with OpenAMIP or any of the
supported antennas.
E.2.1 Configuring an Antenna Reflector for ABS

When configuring a remote in iBuilder for ABS, select an Antenna Reflector for a controllable
antenna on the Remote VSAT tab as described in Configuring a Remote for ABS on page 513.
The selected reflector must be configured to use a supported Antenna Controller. Reflectors
for all supported controllable antennas are pre-defined in the iBuilder database. You can also
create a new controllable antenna reflector by checking Controllable in the Reflector dialog
box and then selecting the Controller Type that is compatible with the antenna.
Figure E-2 shows an antenna reflector definition for an antenna controlled by the OpenAMIP
protocol. Notice in the figure that Controllable is selected, along with the OpenAMIP
Controller Type, indicating that the antenna can be controlled by the modem using
OpenAMIP.
Figure E-2. OpenAMIP Reflector Definition

iDX Release 3.5
Follow these steps to modify one of the pre-configured ABS antenna definitions:
1. In iBuilder, right-click the reflector in the Remote Antenna ComponentsReflector
folder and select ModifyItem to open the Reflector dialog box (Figure E-2).
2. Enter the Size of the Reflector in meters.
3. Enter the Offset Angle in degrees.
4. Select Controllable.
5. Select the Controller Type for the antenna.
6. On the right-hand side of the dialog box (Figure E-2) you can define multiple Elevation /
Gain pairs, each of which represents the variation in antenna gain for a specific satellite
elevation. You can enter as many as 91 values, one for each degree between zero and 90,
inclusive.
During beam acquisition, iDirect uses these data points to interpolate the gain variation
for the elevation at the remote’s current location. This gain variation is used in the
calculation of initial transmit power. (See the iDirect Technical Reference Guide for
details on how the initial transmit power is calculated.)
NOTE: Elevation / Gain pairs are only applicable to flat plate antennas with
multiple plates. For all other antenna types, leave this area blank. To configure
an applicable antenna, contact the antenna manufacturer for the correct data.
NOTE: When entering Elevation / Gain pairs, values must be added for both 0o
and 90o. If these two values are not included, some gain variations will be
undefined.
To add an Elevation / Gain pair:

a. Click the Add button to open the Gain dialog box.
Figure E-3. Gain Dialog Box
b. Enter the Elevation in whole degrees.

c. Enter the Gain, in dB, associated with the Elevation.
d. Click OK to save the changes.
NOTE: To modify or remove an existing Elevation / Gain pair, select the entry and
clicking the Edit or Delete button. (See Figure E-2.)

iDX Release 3.5
7. When using OpenAMIP, you can also define Skew Angle / Gain pairs (Figure E-2). Skew
angle gain affects the maximum emitted power spectral density.
Skew Angle / Gain pairs are configured in the same manner as Elevation / Gain pairs. (See
Step 6 on page 512.) The skew angle range is from zero to 90 degrees. As the configured
skew angle increases, the configured gain must decrease in value.
NOTE: Skew Angle / Gain pairs are only applicable to flat plate antennas using
the OpenAMIP antenna controller protocol.
8. When finished configuring the Reflector, click OK to save the changes.
E.2.2 Configuring a Remote for ABS

This section describes the ABS-specific fields on the Remote VSAT screen. In addition, ensure
that the mobile parameters are correctly configured for the remote as described in Remote
Geo Location Tab on page 199.
Follow these steps to configure a remote for Automatic Beam Selection:
1. In iBuilder, right-click the remote and select ModifyItem.
2. In the remote Modify Configuration dialog box, click the VSAT tab (Figure E-4).
Figure E-4. Remote VSAT Tab Default Fields
3. In the Remote Antenna section of the dialog box, enter the antenna components for the
antenna. (See Remote VSAT Tab on page 201 for details on configuring the fields shown in
Figure E-4.)
4. To enable ABS for this remote, select one of the following for the Reflector, as shown in
figure Figure E-5.
• OpenAMIP. (An open antenna controller protocol developed by iDirect.)
• DAC-97. (Used for any supported SeaTel DAC antenna controller: DAC-97 DAC-03,
DAC-2200, or DAC-2202)
• Spacetrack 4000 for Schlumberger Spacetrack 4000
• AL-7104 for the Orbit-Marine AL-7104

iDX Release 3.5
Figure E-5. Selecting a Remote Reflector for ABS
When a Reflector is selected that supports ABS, additional configuration fields appear in the
Remote Antenna section of the remote VSAT tab. Many of these fields apply to all ABS
antennas. Other fields apply only to specific antenna types or to antennas controlled by the
OpenAMIP protocol. The two columns on the right of Figure E-6 show the fields that apply to
all ABS antennas. Additional fields appear on the bottom right of the screen when you select
DAC-97, Al-7104 or OpenAMIP. Those additional fields are discussed later in this section.
Figure E-6. Remote Antenna Settings with General ABS Fields
NOTE: The ABS-specific fields appear on the right-hand side of this screen only
after a controllable Reflector is selected.
To configure the ABS-specific fields for the remote antenna:

1. Enter the IP address (Antenna Address) and port number (Antenna Port) of the antenna
on the remote LAN. This addressing is required for the remote modem to communicate
with the antenna controller.

iDX Release 3.5
2. The Hunt Frequency is the L-Band hunt frequency programmed into the antenna
controller. This frequency may be different for different instances of the roaming remote,
depending on the beam in which that remote instance is defined.
For Hunt Frequency, select Inherit From Downstream Carrier to automatically inherit
the remote’s L-Band receive frequency for each instance of the remote. Select Override
to enter a different value in MHz.
NOTE: Noise Reference Frequency is currently not used.
3. In Rx Polarization, select the polarization of the remote’s receive carrier.

4. In Tx Polarization, select the polarization of the remote’s transmit carrier.
5. Enter a value for Connect Timeout. This is the number of seconds the remote modem
waits to reconnect to the antenna controller if the connection is lost. The default timeout
is 30 seconds.
6. Enter the Init Tx Power Offset determined at commissioning for this remote.
The Init Tx Power Offset is used to adjust the transmit power of the remote during beam
acquisition based the EIRP budgeted for the link at the current location as received from
the beam map. The console command used to determine this value during commissioning
is described on page 525. For information on how this value is used during operation, see
the iDirect Technical Reference Guide.
Figure E-7 shows the additional fields that appear on the VSAT tab for antennas configured to
use OpenAMIP, DAC-97 and AL-7104, respectively.
Figure E-7. OpenAMIP, SeaTel and Orbit SBC Antenna Parameters
7. If you select a reflector configured to use the OpenAMIP controller type, the OpenAMIP
parameters shown on the left of Figure E-7 appear on the VSAT tab. To configure these
parameters:
a. In Tx Frequency, enter the center frequency of the transmit carrier.
b. In Tx Bandwidth, enter the width of you transmit carrier.
c. In Hunt Bandwidth, enter the width of the Hunt Frequency.
d. In Tx Local Oscillator, enter the frequency of your transmit local oscillator. This
should match the Frequency Translation field configured for the remote’s BUC.
e. In Rx Local Oscillator, enter the frequency of your receive local oscillator. This should
match the Frequency Translation field configured for the remote’s LNB.

iDX Release 3.5
Remote Custom Keys for Automatic Beam Selection
8. The SeaTel DAC controller type should be used for any of the four SeaTel antenna
controllers supported by the ABS feature. If you select a reflector configured to use the
SeaTel DAC controller type (such as DAC-97), the SeaTel parameters shown in the center
of Figure E-7 appear on the VSAT tab. To configure these parameters:
a. Select the LNB Voltage. This is the nominal voltage being supplied by external
equipment to the LNB. You can select either 13V or 18V. The default value is 18V.
b. Select 22 kHz Tone to tell the antenna controller to enable the 22 kHz tone to the
LNB.
c. DAC 97 distinguishes a SeaTel DAC-97 from the other supported SeaTel DAC variants
(DAC-03, DAC-2200, or DAC-2202). Select this check box only if using a DAC 97
antenna controller.
d. Enter the NID. This is the Network ID of the DVB-S2 carrier specified by the Hunt
Frequency and Hunt Polarity.
e. Enter a value for DVB_FEC. This is the FEC rate of the DVB carrier specified by the
Hunt Frequency and Hunt Polarity.
9. If you select a reflector configured to use the Orbit SBC controller type (such as AL-7104),
the Orbit SBC parameters shown on the right of Figure E-7 appear on the VSAT tab. To
configure these parameters:
a. Select the LNB Voltage. This is the nominal voltage being supplied by external
equipment to the LNB. You can select either 13V or 18V. The default value is 18V.
b. Select 22 kHz Tone to tell the antenna controller to enable the 22 kHz tone to the
LNB.
E.2.3 Changing the Minimum Look Angle

You are no longer required to define a custom key to change the minimum look angle for a
mobile remote. Instead, you can change the default minimum look angle used for all remote
antennas associated with a satellite on the Spacecraft dialog box. You can override this
setting for specific remotes on the Remote Geo Location Tab. See Adding a Spacecraft on
page 73 and Remote Geo Location Tab on page 199 for details.
If, for previous releases of the ABS feature, you have defined the remote-side min_look_angle
custom key for any remotes in your network, you should delete each custom key and override
the setting on the Remote Geo Location tab instead. This will prevent the custom key from
inadvertently overwriting your intended setting if you change the minimum look angle on the
Geo Location tab in the future.
E.3 Remote Custom Keys for Automatic Beam

Selection
There are a number of custom keys that you can define to control the behavior of your
remotes during Automatic Beam Selection. All the custom keys discussed here must be
configured in the Remote-side Configuration area of the remote Custom tab.
NOTE: In addition, for high-speed (greater than 150 mph) applications, a number
of custom keys and iBuilder settings should be set for your networks and remotes.
See COTM Settings and Custom Keys on page 529 for details.

iDX Release 3.5
NOTE: Custom keys in the [BEAMS_LOCAL] group only apply to the remote
instances on which they are defined. For a custom key in the [BEAMS_LOCAL]
group to apply to all instances of a remote, the custom key must be added to the
remote in each of the remote’s networks. See Configuring the Network
Acquisition Timers on page 518 and Changing the Download Timeout on page 518.
The general steps for configuring the custom keys defined in this section are:
1. In iBuilder, right-click the remote and select ModifyItem.
3. In the Remote-side Configuration section of the screen, configure the custom key. (See
the subsections below for definitions.)
5. Right-click the remote in the remote’s current network in the iBuilder Tree and select
Apply ConfigurationReliable Remote-Side (TCP).
The example in this figure changes the remote’s net_state_timeout (discussed below) to six
minutes. The same general steps can be used to define any of the custom keys described in
the remainder of this section.
Figure E-8. Changing a Remote’s net_state_timeout

iDX Release 3.5
E.3.1 Configuring the Network Acquisition Timers

The following custom keys determine how a remote behaves when it attempts, but fails, to
join a network:
Table E-1. Net State Timer Custom Keys
Custom Key Name Default Value Meaning

net_state_timeout 300 seconds Time the remote waits between attempts to switch
(5 minutes) if the remote fails to join the new network.
net_state_timeout_increment 300 seconds Time added to current value for net_state_timeout
(5 minutes) each time the remote fails to join the network.
net_state_timeout_max 3600 seconds The highest value net_state_timeout is allowed to
(60 minutes) reach when increments are added.
These timers work together as follows:

• After the first failure, the remote waits net_state_timeout before it again attempts to
join the network.
• After each subsequent failure, the remote adds net_state_timeout_increment to the
current value of net_state_timeout, successively increasing the wait time before each
new attempt.
• If net_state_timeout reaches net_state_timeout_max, the remote will not further
increase net_state_timeout.
• Once the remote successfully joins a network, the remote resets net_state_timeout to its
configured value.
To configure a net_state timer, enter a remote-side custom key of the form:
[BEAMS_LOCAL]
<custom key> = <timeout>
where <custom key> is one of the custom key names in Table E-1 and <timeout> is the
value of the timer, in seconds.
instances on which they are defined.
E.3.2 Changing the Download Timeout

The remote-side custom key download_timeout determines how long a remote will wait to
switch beams if an image download is in progress. The remote will not attempt to switch
unless one of the following conditions is true:
• The image download completes, or
• The download_timeout expires
The default value for download_timeout is 900 seconds (15 minutes).

iDX Release 3.5
To change the download timeout, enter a remote-side custom key of the form:
[BEAMS_LOCAL]
download_timeout = <timeout>
where <timeout> is the value of the download timeout, in seconds.
E.3.3 Muting a Remote’s Transmitter when Mapless

Remotes continue to transmit even without a beam map that covers its current location.
To change this default behavior for any remote, enter a remote-side custom key of the form:
[BEAMS_LOCAL]
mapless_mute = <value>
where a <value> of 1 tells the remote to stop transmitting when running without a
beam map. A <value> of 0 tells the remote to continue to transmit when running
without a beam map.
E.3.4 Changing the Time a Beam is Considered Unusable

A network (or beam) is considered unusable by a remote if an attempt to use it fails. By
default, a beam is considered unusable for a period of 60 minutes after the failure, or until all
visible beams are unusable. If the selected beam is unusable, the remote attempts to use
another beam, provided one or more usable beams are available.
You can change the length of time that a remote considers a beam to be unusable by entering
a remote-side custom key of the form:
[BEAMS_LOCAL]
beam_unuse_timeout = <timeout>
where <timeout> is the length of time after a failed attempt to use a beam that the
beam is considered unusable, in minutes.
To ensure that all beams get at least one chance to be acquired in a fair, round-robin order,
keep the value of the beam_unuse_timeout custom key set to 60 minutes or greater. With
incremental beam switch timeouts or a large number of beams, this value should be increased
above 60.
NOTE: Do not configure this value to be less than the hysteresis used in the beam
map.

iDX Release 3.5
E.3.5 Changing the GPS Interval

The remote-side custom key latlong_interval determines the interval between GPS updates
sent from the antenna controller to the remote modem. The default value for latlong_interval
is 300 seconds.
To change the latlong interval, enter a remote-side custom key of the form:
[MOBILE]
latlong_interval = <seconds>
where <seconds> is the value of the latlong interval, in seconds.
E.3.6 Enabling or Disabling Receive-Only Mode

By default, the receive-only mode feature is enabled for remotes in an ABS network. When
this feature is enabled, remotes are placed in receive-only mode automatically based on data
read from the beam map. A remote that has been placed in receive-only mode considers itself
“in network” if it is locked to the downstream carrier. A remote in receive-only mode does
not transmit, but it does receive and forward multicast traffic. For more information on
receive-only mode, see the iDirect Technical Reference Guide.
To disable or enable the receive-only mode feature on a remote, enter a remote-side custom
key of the form:
[BEAMS_LOCAL]
rxonly_enabled = <feature state>
where a value of 0 for <feature state> disables the receive-only mode feature and a value
of 1 for <feature state> enables the receive-only mode feature. Remotes configured with
rxonly_enabled = 0 will not enter receive-only mode, regardless of the EIRP value
received from the map or the state of the hardware mute signal.
NOTE: If you have entered a custom key of 0 to disable this feature on a remote,
you can re-enable the feature either by setting the custom key to 1 or by deleting
the custom key.
E.3.7 Enabling a Local Map Server on a Remote Modem

To use receive-only mode for a remote you must run the map server on a local processor
connected to the remote modem on the LAN side. To run the map server locally, you must
override the map server IP address in the remote options file with the IP address of the local
map server.
For each remote running a local map server, enter the following remote-side custom key to
define the local IP address of the map server process:

iDX Release 3.5
Remote Console Commands
[MAPSERVER_0]
hostname = <Ip Address>
port = <port number>
where <Ip Address> and <port number> are the local IP address and port number of the
local map server process.
CAUTION: You must apply this custom key to all instances of the remote.
For information on configuring and using a local map server, contact the iDirect TAC at (703)
648-8151.
E.4 Remote Console Commands

You can use the remote console commands described in this section to observe ABS operation
on individual remotes. Two of the commands (tlev and latlong) are applicable to all
iDirect remote modems. The remaining commands (beamselector, antenna debug, and
beam debug, map debug, map show, and map delete) are specific to the ABS feature.
NOTE: Access to the iDirect system is only allowed from a local host. Instead of
using the telnet <ip address> command, users now must ssh to the server with
the ssh <ip address> command and then telnet to the console from the local host
using the telnet localhost <port number> command or the telnet 0 <port
number> command.
E.4.1 latlong
The latlong command displays the current latitude and longitude of the remote. It also
displays the word muted if the current satellite is below the configured minimum look angle.
The precision of the values returned by the latlong command is greater than or equal to the
precision of the values returned to the remote by the antenna controller. (By contrast, the
precision sent to the NMS is in hundredths of a degree to maintain backward compatibility
with the location event format.) The latlong command is convenient when you do not want
to wait for the next location event, since the location event interval is set to five minutes by
default.
Syntax:
latlong
Example:
Figure E-9 shows an example of the latlong command.

iDX Release 3.5
Figure E-9. latlong Command Example
E.4.2 tlev
The tlev command sets or reads the system's global trace level.
Although there are seven trace levels, level 4 is the highest level that can be used effectively
under normal operations. At level 4, the various ABS state machines trace all state
transitions. Each time an event occurs, the name of the state machine, the current state, and
the name of the event are displayed on the screen. This provides the analyst with a clear view
of the sequence of events occurring in the software.
Syntax:
tlev Reads the trace level
tlev 0 Sets the trace level to normal, tracing critical events only.
tlev 4 Sets the trace level to the highest trace level that is practical during normal
operations
tlev 7 Sets the trace level too high to be usable during normal operations
Example:
Figure E-10 shows an example of the tlev command. The command in the example sets the
trace level to 4.

iDX Release 3.5
Figure E-10. tlev Command Example
E.4.3 antenna debug

The antenna debug command sets the trace level for the antenna client subsystem,
including the state machines. There are four different sets of traces, each with seven
different levels. In practice, except for rare debugging situations in the lab, antenna debug
should be used to either enable or disable all antenna traces.
Among other things, the antenna tracing displays all commands to the antenna and all
responses received from the antenna. These commands and responses can be understood by
reading the antenna controller documentation.
NOTE: The antenna debug command works for all types of antennas supported
by ABS. However, the tracing for each antenna type differs dramatically because
the controller interface for each antenna type is unique.
Syntax:
antenna debug 7 7 7 7 Enables all antenna traces
antenna debug 0 0 0 0 Disables all antenna traces
Spaces are required between digits when setting the trace level.
Example:
Figure E-11 shows the trace output after the antenna debug command has been issued to
enable all antenna tracing.

iDX Release 3.5
Figure E-11. antenna debug Command Example
E.4.4 beam debug

The beam debug command sets the trace level for the remote’s beam switch module only.
There are seven different trace levels.
Syntax:
beam debug 7 Enables all beam switch module traces
beam debug 0 Disables all beam switch module traces
E.4.5 beamselector
Depending on the command line argument, the beamselector command can be used for any
of the following purposes:
• To list the set of beams available to the remote
• To switch the remote from its current beam to a new beam
• To lock the remote to a specific beam during remote commissioning
• To determine the initial Tx power offset during remote commissioning
• To determine the current Tx power as read from the beam map
• To set the trace level of the beam switch module

iDX Release 3.5
When using the list argument, the command displays the beam number and the beam name
for each beam in the current set of beams available in the options file. It also indicates which
beam is currently selected and which, if any, of these available beams are unknown to the
map server that provided the current map. A beam that is in the options file but unknown to
the current map server is listed as “not in map.”
NOTE: “Not in map” indicates that the modem does not have a map from a map
server that knows about the beam. In other words, the name of the beam in the
options file does not match the name of any beam in the map being sent to the
modem by the map server.
When using the switch argument, the beamselector command allows the operator to
initiate a beam switch. For example, the command beamselector switch 5 commands
the modem to switch from its current beam to beam 5. Once the command is issued, the
remote will reset and attempt to use the new beam. The beam numbers may be determined
by issuing a beamselector list command.
This form of the command will not permit you to switch to a beam unless that beam is both in
the map and in the current options file. If you are sure you want to switch to a beam that is
unknown or that is not in the map, you must use the -f (or “force”) option.
Syntax:
beamselector list Displays all beams available to this remote as defined in the
remote options file.
beamselector switch <beam number> Switches the remote to the beam indicated
by beam number.
beamselector switch <beam number> -f Forces the remote to switch to the beam
indicated by beam number, even if that beam is not in the map.
CAUTION: Executing the beamselector switch command is a service-affecting

operation.
beamselector lock <beam number> Used during commissioning to prevent the

modem from attempting to switch beams every net_state_timeout when not
locked. (See Configuring the Network Acquisition Timers on page 518.) The modem
must be restarted after commissioning to return to normal operation.
beamselector txpower offset <initial Tx power> Used during commissioning
to determine the value to be entered for Init Tx Power Offset on the Remote VSAT
tab. (See Configuring a Remote for ABS on page 513.)
beamselector txpower gain Displays the tx power value for the remote’s current
location as read from the beam map.
Example:
Figure E-12 shows the results of the beamselector list command. The remote has four beams configured in its options file. Beam 2 is the current beam.
NOTE: The beam names displayed by this command are identical to the beam
names in the conveyance beam map file supplied by the satellite provider, as well
as to the corresponding network names configured in iBuilder.

iDX Release 3.5
Figure E-12. beamselector list Command Example
Figure E-13 shows the results of the beamselector switch command.
Figure E-13. beamselector switch Command Example
E.4.6 map debug

The map debug command sets the trace level for the remote’s map handling module only.
There are seven different trace levels.
Syntax:
map debug 7 Enables all beam switch module traces
map debug 0 Disables all beam switch module traces

iDX Release 3.5
E.4.7 map show

The map show command displays the header of the maplet currently residing on the remote.
Syntax:
map show Displays the current maplet header
E.4.8 map delete

The map delete command deletes the maplet currently residing on the remote.
Syntax:
map delete Deletes the current maplet

iDX Release 3.5

iDX Release 3.5
Appendix F COTM Settings
and Custom Keys
This appendix contains recommended iBuilder settings and custom keys for mobile remotes
using iDirect’s Communications On The Move (COTM) feature. Most of the material in this
appendix is only applicable to mobile remotes that attain speeds in excess of 150 mph.
However, some settings for SCPC return channels (starting on page 532) are also applicable to
other mobile remote types.
High-Speed COTM is a licensed feature that allows mobile remotes to travel at speeds up to
700 mph. This feature is only available for the following remote model types: Evolution
e8350, and iConnex e800/e850mp. For information on requesting and installing iDirect
licenses, see the iDirect Features and Chassis Licensing Guide. For details on importing
licenses into iBuilder, see Managing NMS Licenses on page 60.
NOTE: If a remote without a high-speed COTM license exceeds 150 mph, all user
traffic to the remote is stopped.
Some settings only apply to mobile remotes in TDMA networks (TDMA remotes) while some
settings only apply to mobile remotes that transmit SCPC return channels (SCPC remotes).
The applicable type of remote is noted in each description.
F.1 Maximum Speed for Remotes in an Inroute Group

iDirect supports high-speed mobile remotes up to a maximum velocity of 700 mph. For each
Inroute Group, configure the Maximum Speed that any remotes in the Inroute Group will
attain on the Remote Geo Location tab. For more information, see Remote Geo Location Tab
on page 199.
Figure F-1. Setting the Maximum Speed for Remotes in an Inroute Group

iDX Release 3.5
COTM Type
F.2 COTM Type

Applicable to: High-speed TDMA and SCPC remotes
The type of mobile remote is selectable on the Remote Geo Location tab. The remote-side
custom key mobile_remote_type required in earlier releases is no longer needed.
For high-speed mobile remotes, select Avionics as the COTM Type on the Remote Geo
Location tab. This configures the remote for high-speed mobility.
Figure F-2. Remote Geo Location Tab: Selecting Avionics for COTM Type
For more information, see Remote Geo Location Tab on page 199.
mph. Avionics does not appear in the drop-down menu unless this feature license
has been imported into iBuilder for this remote. See Managing NMS Licenses on
page 60.
NOTE: The COTM Type should be consistent with the Maximum Speed configured
for the remote’s inroute group.
F.3 TDMA Upstream Acquisition Range

Applicable to: High-speed TDMA remotes only
For networks with high-speed remotes, set the Stability of the Hub Downconverter to be
wider than the stability of the downconverter chain (e.g. PLL LNB or rack-mounted
downcoverter.) Increase the value as follows:
• 15 kHz wider for C Band
• 20 kHz wider for X Band

iDX Release 3.5
Inroute Map Stale Timeout
• 33 kHz wider for Ku Band

• 70 kHz wider for Ka Band
To modify this value:
1. Navigate to the folder: ComponentsHubRFT ComponentsDown Converter in the
iBuilder Tree.
2. Right-click the Downconverter for your hub and select ModifyItem.
3. Update the Stability field as required.
4. Click OK.
5. Apply the changes.
F.4 Inroute Map Stale Timeout

Applicable to: High-speed TDMA remotes only
When a TDMA remote locks onto the outbound carrier, it does not transmit any acquisition
bursts until it receives a Frequency Map Update. The timer controlling these updates is set to
20 seconds.
If a remote does not receive a new Frequency Map Update within the time period defined by
the Inroute Map Stale Timeout, the remote no longer considers the last frequency map to be
valid and will not transmit until a new Frequency Map Update is received.
Default settings:
• 30 seconds for all remote model types
For high-speed remotes experiencing frequent fades due to temporary blockage, iDirect
recommends changing this parameter to 60 seconds. To accomplish this, configure the
following custom key in the Remote-side Configuration area of the Remote Custom tab:
[OOB]
inroute_map_ttl_sec = 60
F.5 Minimum Symbol Rates for Mobile Remotes

Applicable to: TDMA and SCPC upstream carriers transmitted by mobile remotes.
Some configurable minimum symbol rates are not supported for TDMA and SCPC upstream
carriers transmitted by mobile remotes. Table F-1 shows the valid settings for each mobile
remote type for both Ku and Ka frequency bands. See Adding Carriers on page 77 for details
on configuring these carriers.
NOTE: Some upstream modulation modes have minimum symbol rate restrictions
above 128 ksps. See the Link Budget Analysis Guide for this release.

iDX Release 3.5
SCPC Upstream Acquisition Range
Table F-1. Minimum Symbol Rates for Upstream Carriers
Minimum Symbol Rate (ksps)
TDMA SCPC
Mobile Remote Maximum Speed Maximum
Type (mph) Acceleration (m/s2) Ku Band Ka Band Ku Band Ka Band
Maritime 30 5 128 256 128 256
Vehicular 150 10 256 512 256 512
Airplane 700 17 400 800 512 1024
F.6 SCPC Upstream Acquisition Range

Applicable to: SCPC return channels transmitted by all mobile remote types
For line cards in Multiple Channel SCPC return Mode or Single Channel SCPC Return Mode, you
must configure the rx_acqrange custom key on a per-channel basis. For each SCPC return
channel being received by the line card, configure the following custom key on the line card’s
Custom tab:
[INROUTE_id]
rx_acqrange = <Value>
where id is the inroute ID of the SCPC return channel and <Value> is determined from
Table F-2 based on the frequency band and the maximum speed of the remote.
Table F-2. Sample rx_acqrange Custom Key Settings
Acquisition Sweep Range (Hz)

Maximum
Speed (mph) C Band X Band Ku Band Ka Band
15 19000 26000 42000 63000
75 21000 29000 47000 73000
220 26000 36000 59000 98000
700 48000 64000 108000 200000
NOTE: Table F-2 assumes Hub LNB stability of 1 ppm or better and an elevation
angle of 10o.
To determine the inroute ID of an SCPC return channel in iMonitor:

1. Right-click the line card in the iMonitor tree and select Line Card Stats.
2. Click OK in the Select Line Cards dialog box.
3. In the HLC Traffic Graph window, select the SCPC channel of interest.
4. Click the second tab to view the tabular data and find the Inroute ID column.
The Inroute ID for the selected channel in Figure F-3 is 62.

iDX Release 3.5
FEC Blocks per Frame for Spread Spectrum SCPC Return Channels
Figure F-3. Determining a Remote’s Inroute ID
F.7 FEC Blocks per Frame for Spread Spectrum SCPC

Return Channels
Applicable to: Spread Spectrum SCPC return channels transmitted by high-speed mobile
remotes
You must configure the fec_blocks_per_frame custom key for each Spread Spectrum SCPC
return channel being transmitted by a high-speed remote. Add this custom key for each
carrier by following these steps.
1. Right-click the Spread Spectrum SCPC Upstream Carrier in the iBuilder Tree and select
ModifyItem.
2. In the Frame Parameters area of the SCPC Upstream Carrier dialog box, note the
number of FEC Blocks per Frame (Figure F-4).
Figure F-4. Determining FEC Blocks per Frame
3. Using iMonitor, follow the procedure on page 532 to determine the inroute ID of your SCPC
return channel.

iDX Release 3.5
Guard Band for SCPC Return Channels
4. In the iBuilder Tree, right-click the Network in which this carrier is used and select
ModifyItem.
5. In the Network dialog box, click the Custom tab.
6. Add the following custom key:
[INROUTE_id]
fec_blocks_per_frame = n
where id is the inroute ID of the SCPC return channel determined in Step 3 and n is:
floor (FEC Blocks per Frame / 4)
For example, if the number of FEC Blocks per Frame determined in Step 2 is 10, set
fec_blocks_per_frame to 2.
NOTE: Do not set fec_blocks_per_frame to a value that is less than 1.

8. Right-click your network in the iBuilder Tree and apply the configuration to your network.
F.8 Guard Band for SCPC Return Channels

Applicable to: SCPC return channels transmitted by vehicular and high-speed mobile remotes
Additional Guard Band is required for SCPC return channels transmitted by vehicular or high-
speed mobile remotes. The Guard Band values in Table F-3 should be added to 1.2*symbol
rate (or 1.2*chip rate for Spread Spectrum) to determine occupied bandwidth for these
mobile remotes.
Table F-3. Guard Bands for SCPC Return Channels
Guard Band (kHz)

Type of Maximum
Remote Speed (Km/h) C Band X Band Ku Band Ka Band
Vehicular 120 21 29 47 73
Train 350 26 36 59 98
Airplane 1280 48 64 108 200
F.9 Remote LFO Correction Algorithm

Applicable to: High-speed SCPC remotes only
For SCPC remotes, set the local frequency oscillator correction algorithm to 1. To accomplish
this, configure the following custom key in the Remote-side Configuration area of the
Remote Custom tab:
[LOCAL_FREQ_CTRL]
enable_algo = 1
lfo_correction_algo = 1

iDX Release 3.5
Appendix G Remote
Locking
The remote lock feature allows individual remotes to be locked to a particular network. Once
a remote is locked with a Network Key, it only functions in a network with the same key.
Remote Locking is supported on Evolution X1, X3, X5, X7, and e150 remotes. The procedure
for locking these remotes differs based on remote model type.
This appendix describes remote locking for Evolution X3 remotes and is applicable to X5 and
X7 remotes. Remote locking for Evolution X1 and Evolution e150 remotes is described in the
Web iSite User Guide.
The remote locking feature uses symmetric key generation when locking the remotes. A
unique and secure Locking Key is generated for each remote, using a combination of the
Network Key and a randomly generated Confirmation Word. Remote locking uses a
“hardening” option to permanently save the Locking Key on the remote.
Remote locking is similar to locking a cell phone to a cellular network. It is performed at the
operator’s own risk. Non-Warranty RMA charges (plus all shipping) apply to all remotes
returned to iDirect for the purpose of removing a network lock. Please refer to Non-Warranty
RMA Required to Remove X3 Locks on page 538.
NOTE: iDX Release 3.5.2 introduced support for remote locking on X7 remotes.
G.1 Soft Locking versus Hard Locking

For Evolution X3 remotes, Remote Locking includes the choice of two levels of remote locking
using the rmtlock console command:
• Soft Locks: The rmtlock engage command sets a Soft Lock on a remote. When the
command is first entered, a randomly-generated Confirmation Word is displayed on the
remote console. Re-entering the command with the Confirmation Word to confirm the
lock sets the Soft Lock on the remote. A remote locked with a Soft Lock can be unlocked.
A Soft Lock is removed by re-entering the rmtlock command with the disengage
option and providing the same Confirmation Word.

iDX Release 3.5
Locking an Evolution X3 Remote
• Hard Locks: Once a remote is “soft” locked to a network, entering the rmtlock
command irrevocably burns the remote’s Locking Key into the remote hardware using the
same Confirmation Word that was generated for the Soft Lock. After a Hard Lock has been
burned into the remote, only a Non-Warranty RMA hardware replacement can remove the
Hard Lock. Please refer to warning notes in Setting a Hard Lock on page 537.
NOTE: You must first Soft Lock an X3 remote to a network before you can Hard
Lock that remote.
G.2 Locking an Evolution X3 Remote

The general steps to lock an Evolution X3 remote to a network are:
1. Create the Network Key at the Network level in iBuilder, and apply the changes.
2. Open a console session to each remote that needs to be locked, and use the rmtlock
command at the remote console to configure a Soft Lock on the remote.
3. Enter the rmtlock command with the status argument to verify the status of the lock.
4. Enter the rmtlock command again at the remote console to configure the Hard Lock.
5. Enter the rmtlock command with the status argument to verify the status of the lock.
The procedures for performing these operations are detailed in the following sections.
NOTE: The Network Key is required to lock a remote to the network.
G.2.1 Configuring the Network Key

A Network Key must be configured before any remotes can be locked to a network. To create
the Network Key, configure the following custom key on the Network Custom tab in iBuilder:
[NETWORK_DEFINITION]
net_key = <Network Key>
where <Network Key> is a string of between 1 an 64 alphanumeric characters.
Propagate the key to all remotes in the network by applying the changes to the network.
During operation, if a locked remote receives a Network Key message containing a Network
Key that is different from the key set on the remote, the remote immediately stops sending
upstream messages.
If an Evolution X3 remote cannot join the network, the following message is displayed:
This Remote CANNOT operate in this network!
G.2.2 Setting a Soft Lock

To set a Soft Lock on a remote:
1. Enter the rmtlock command with the engage argument:
rmtlock engage <netkey>

iDX Release 3.5
Where <netkey> is the Network Key of the network to which the remote will be locked.
The following warning message is displayed, which includes the Confirmation Word:
The confirmation word is: DIFEWdsf
Please type:
rmtlock engage <netkey> <confirmation word>
to confirm.
WARNING: Remote lock will be engaged. Make sure the Network Key
is correct. Keep the confirmation word safe. If the remote has to
be disengaged, the confirmation word will be needed. If you lose
the confirmation word, you will not be able to disengage the
lock. In order to unlock the unit will have to be returned to
iDirect under Non-Warranty Repair.
You have 60 seconds to confirm it.
NOTE: As a convenience, you can enter the rmtlock verify command to

display the Network Key configured for the remote.
2. Record the Confirmation Word. The Confirmation Word is required to remove the Soft
Lock or to set a Hard Lock on the remote.
3. Within 60 seconds of performing Step 1, confirm the Soft Lock by re-entering the
rmtlock command followed by the Confirmation Word:
rmtlock engage <netkey> <confirmation word>
G.2.3 Removing a Soft Lock

To remove a Soft Lock on a remote, enter the rmtlock command with the disengage
argument followed by the Confirmation Word that was generated when the Soft Lock was set
on the remote:
rmtlock disengage <confirmation_word>
After executing this command, the remote is no longer locked to the network.
G.2.4 Setting a Hard Lock

You must set a Soft Lock on a remote before you can set a Hard Lock on that remote. The
Confirmation Word generated when setting the Soft Lock is required to set the Hard Lock. The
Network Key is not required to set the Hard Lock. Once the Hard Lock is set, the remote is
permanently locked to the network. You cannot remove the Hard Lock from the remote.
To set a Hard Lock on a remote:
1. Enter the rmtlock command with the burn argument:
rmtlock burn
The following warning message is displayed:
Please type:
rmtlock burn <confirmation word to confirm.

iDX Release 3.5
WARNING: Remote lock will be burned into the hardware. This lock
cannot be changed or removed once burned. In order to unlock the
unit will have to be returned to iDirect under Non-Warranty
Repair.
You have 60 seconds to confirm it.
CAUTION: The following command will permanently lock the remote to the
Network. Only a hardware replacement can reverse this lock.
2. Within 60 seconds of performing Step 1, repeat the rmtlock burn command with the
Confirmation Word appended. This is the Confirmation Word that was generated when you
set the Soft Lock on this remote.
rmtlock burn <confirmation_word>
CAUTION: If the Locking Key is “burned” into the remote hardware using the Hard
Lock option, the remote can only function in a network with the Network Key
associated with the Hard Lock. From this point forward, the lock is permanent
and the Locking Key can only be removed with a Non-Warranty RMA hardware
replacement.
G.2.5 Checking Remote Lock Status on an Evolution X3 Remote

To check the status of the locking state on the remote, enter the rmtlock command with the
status argument:
rmtlock status
This command displays the current locking state of the remote as one of the following:
engaged
not engaged
permanently engaged
G.2.6 Non-Warranty RMA Required to Remove X3 Locks

Losing the Confirmation Word for a Soft Lock or removing a Hard Lock on a remote requires
the remote modem to be returned to iDirect under Non-Warranty Repair.
• You must know the Confirmation Word to remove a Soft Lock. If you lose the Confirmation
Word, you will not be able to disengage the Soft Lock. In order to unlock the remote, you
must return it to iDirect for a Non-Warranty RMA hardware replacement.
• You cannot change or remove a Hard Lock on a remote. In order to unlock the remote, you
must return it to iDirect for a Non-Warranty RMA hardware replacement.
CAUTION: RMA and shipping charges apply to all remotes returned to iDirect for
the purpose of removing a network lock.

iDX Release 3.5
Appendix H Configuring
Remote and PP Signaled
Beam Switching
Introduction
This appendix provides information about configuring Remote Signaled and PP Signaled Beam
Switching features. These features provide improvements to beam switch time during remote
acquisition; refer to the Technical Reference Guide for more information.
This appendix contains the following sections:
• Supported Remotes on page 539
• Configuring Remote Signaled Beam Switching on page 540
• Configuring PP Signaled Beam Switching on page 544
• Debug Information on page 553
Supported Remotes
The following remotes support Remote Signaled and PP Signaled Beam Switching;
• 980
• iConnex eP100
• iConnex e850mp

iDX Release 3.5
Configuring Remote Signaled Beam Switching

This section describes how to configure Remote Signaled Beam Switching and contains the
following:
Custom Keys for Remote Signaled Beam Switching

This section lists the custom keys used with Remote Signaled Beam Switching.
Users must configure the following compulsory custom keys:
[SAPROXY]
mc_address
virtual_ip
[FOREIGN_SAPROXY]
saproxy_listen_address_1
……
saproxy_listen_address_n
In most cases, Remote Signaled Beam Switching works with the default values of the following
custom keys and users do not need to configure them. If there are issues, users will need to
add the custom keys in iBuilder with values based on the specific network.
[SAPROXY]
tls_client_timeout_sec = 180
mc_intf = eth0
vip_nic = eth0
vip_netmask = 255.255.255.0
foreign_listen_port = 6000
local_listen_port = 6400
Remote Signaled Beam Switching works with the default values of the following custom keys.
However, users may modify them as needed in iBuilder.
[SAPROXY]
enable_fast_beam_switch = 1
max_ttl_sec_in_bs_priority_queue = 40
bs_rd_normal_acq_slot_alloc_ratio = 5:3:2

iDX Release 3.5

Configure Remote Signaled Beam Switching as follows:
1. Use a text editor like Notepad to create the necessary custom keys similar to what is
shown below.
CAUTION: If the custom keys are not configured correctly, this may not work
properly and the PP will allocate the ACQ slot to the beam switching remote
using the slower round robin method.
NOTE: Compulsory custom keys are in bold font below.
[SAPROXY]
enable_fast_beam_switch = 1
mc_address = INET;239.9.9.1;6600
virtual_ip = 10.15.145.13.13
max_ttl_sec_in_bs_priority_queue = 40
mc_intf = eth0
vip_nic = eth0
vip_netmask = 255.255.255.0
[FOREIGN_SAPROXY]
saproxy_listen_address_1 = 10.15.145.14
NOTE: A foreign saproxy process is a non-local saproxy process. Insert as

necessary.
NOTE: If the group [FOREIGN_SAPROXY] is missing, this only works within the
teleport.
2. In iBuilder, select the PP stack to modify. See Figure G-5.

iDX Release 3.5
Figure G-5. Selecting Protocol Processor Stack to Modify
3. Paste the predefined customs keys into the Protocol Processor Custom tab pane. See
Figure G-6.
Figure G-6. Protocol Processor Custom Tab Pane
4. Click OK.
5. Right-click the PP stack and select Apply Configuration to apply the changes.
NOTE: Selecting Apply Configuration turns Remote Signaled Beam Switching on.
To turn it off, remove the predefined customs keys from the Protocol Processor
Custom tab pane or insert a # in front of each line of the predefined customs keys
to comment each line out.
If configuring the custom keys for another PP stack, perform steps 1 through 3 for each PP
stack while noting the following:

iDX Release 3.5
• The virtual IP address for each saproxy_listen_address is different in each PP stack

• The mc_address differs for each PP stack
See Figure G-7.
Figure G-7. Hub Side Beam Switch Custom Keys in Different PP Stacks

iDX Release 3.5
Configuring PP Signaled Beam Switching

This section describes how to configure PP Signaled Beam Switching features and contains the
following:
• Custom Keys for PP Signaled Beam Switching on page 544
• Configuring Stop Sweeping Remote In-Network (Elsewhere) on page 545
• Configuring RecentDrop from Local Network Sweep on page 548
• Configuring RecentDrop from Network Elsewhere on page 550
Custom Keys for PP Signaled Beam Switching

This section lists the custom keys that must be configured with each of the following features:
• Stop Sweeping Remote In-Network (Elsewhere)
• RecentDrop from Network Elsewhere
NOTE: RecentDrop from Local Network Sweep does not require these keys
because it is done within a SADA and does not require communication between PP
stacks/processes.
Users must configure the following compulsory custom keys:

[SAPROXY]
mc_address
virtual_ip
[FOREIGN_SAPROXY]
……
saproxy_listen_address_n
In most cases, the features work with the default values of the following custom keys and
users do not need to configure them. If there are issues, users will need to add the custom
keys in iBuilder with values based on the specific network.
[SAPROXY]
mc_intf = eth0
vip_nic = eth0
vip_netmask = 255.255.255.0

iDX Release 3.5
Feature-Specific Custom Keys

This section lists feature-specific custom keys for the two features listed above as well as the
RecentDrop from Local Network Sweep feature. Each feature works with the default values of
the custom keys below. However, users may modify them as needed in iBuilder.
Stop Sweeping Remote In-Network (Elsewhere)

[SAPROXY]
enable_stop_innet_rmt_acq = 1
publish_innet_rmts_interval_sec = 20
innet_rmt_status_timeout_sec = 25
RecentDrop from Local Network Sweep

[SAPROXY]
enable_recent_drop_rmt_priority_acq = 1
max_ttl_sec_in_rd_priority_queue = 300
NOTE: For the RecentDrop from Local Network Sweep feature, the remote must
be configured as Mobile in iBuilder.
RecentDrop from Network Elsewhere

[SAPROXY]
enable_recent_drop_rmt_priority_acq_all_beams = 1
Configuring Stop Sweeping Remote In-Network (Elsewhere)

Use this to stop acquisition invitations for remotes that are in-network; this permits more
acquisition invitations to out-of-network remotes.
Configure the Stop Sweeping Remote In-Network (Elsewhere) feature as follows:
shown below.
CAUTION: If the custom keys are not configured correctly, this feature may
not work properly and the PP will still sweep the remotes In-Network
(Elsewhere).

iDX Release 3.5
[SAPROXY]
virtual_ip = 10.15.145.13.13
mc_intf = eth0
vip_nic = eth0
vip_netmask = 255.255.255.0
[FOREIGN_SAPROXY]

necessary.
NOTE: If the group [FOREIGN_SAPROXY] is missing, this feature only works within
the teleport.

iDX Release 3.5
Figure G-6.
4. Click OK.
NOTE: Selecting Apply Configuration turns the Stop Sweeping Remote In-
Network (Elsewhere) feature on. To turn the feature off, remove the predefined
customs keys from the Protocol Processor Custom tab pane or insert a # in front of
each line of the predefined customs keys to comment each line out.
See Figure G-7.

iDX Release 3.5
Configuring RecentDrop from Local Network Sweep

Use this to permit more acquisition invitations in the same beam to a remote that falls out-of-
network.
Configure the RecentDrop from Local Network Sweep feature as follows:
shown below.
enable_recent_drop_rmt_priority_acq = 1
NOTE: The RecentDrop from Local Network Sweep feature can be configured with
the custom keys shown above if needed. Because the feature can be configured
within a single sada process, it does not need to communicate between PP stacks
and processes. See the configuration that follows.

iDX Release 3.5
Figure G-12.
4. Click OK.
NOTE: Selecting Apply Configuration turns the RecentDrop from Local Network
Sweep feature on. To turn the feature off, remove the predefined customs keys
from the Protocol Processor Custom tab pane or insert a # in front of each line of
the predefined customs keys to comment each line out.

iDX Release 3.5
Configuring RecentDrop from Network Elsewhere

Use this to permit faster acquisition invitations into all beams for a that remote falls out-of-
network.
Configure the RecentDrop from Local Network Sweep feature as follows:
shown below.
CAUTION: If the custom keys are not configured correctly, this feature may
not work properly and the PP will allocate ACQ slots to the remotes using the
slower round robin method.
[SAPROXY]
enable_recent_drop_rmt_priority_acq_all_beams = 1
virtual_ip = 10.15.145.13.13
mc_intf = eth0
vip_nic = eth0
vip_netmask = 255.255.255.0
[FOREIGN_SAPROXY]

necessary.

iDX Release 3.5
NOTE: If the group [FOREIGN_SAPROXY] is missing, this feature only works within
the teleport.
Figure G-14.
4. Click OK.

iDX Release 3.5
NOTE: Selecting Apply Configuration turns the RecentDrop from Network

Elsewhere feature on. To turn the feature off, remove the predefined customs
keys from the Protocol Processor Custom tab pane or insert a # in front of each
line of the predefined customs keys to comment each line out.
See Figure G-15.

iDX Release 3.5
Debug Information
Debug Information
This section contains stats/params/trace/debug commands useful for debugging beam switch
functionality from end to end and includes the following:
• Verify Link Status between Server and Clients on page 553
• Verify Beam Switch Message Flow on page 554
• Verify InNet Remote List Message Flow on page 555
• Verify ACQ Allocation Performance on page 555
For more information about PP processes, refer to the Technical Reference Guide.
NOTE: The stats and params that follow use bs as an acronym for beam switch
message.
NOTE: This section assumes the operator knows how to find the various PP
processes for a specific network or remote using process console commands.
Verify Link Status between Server and Clients

Debug the communication/link status between various servers and clients as follows.
1. At the SARMT process, use the saproxy_uconn (saproxy unicast connector) component to
check if SARMT/SADA has forwarded/sent the message to SAPROXY with all stats
including any init/reload/failure information.
[sarmt(1:9)] admin@telnet:::ffff:127.0.0.1;46693
> saproxy_uconn
Usage: saproxy_uconn stats|params|debug [on|off|level]
2. At the SAPROXY process, check the status of all the servers/clients/configurations.
[saproxy(1:1)] admin@telnet:::ffff:127.0.0.1;46235
> saproxy status
Reload success, all servers are up and running
3. At the SAPROXY process, use the console command below as necessary to debug non-
local PP stack clients, the TLS server and incoming connections (chanldlers) from the
non-local PP stack, and the network handled by the current PP stack.
> saproxy
Usage: saproxy status|stats|params|net_list|tls
[console|clients|chandlers]|debug [on|off|level]|test [*TESTING
ONLY*]
4. At the SADA process, check that the saproxy_mcintf component received the beam
switch message with all stats including any init/reload/failure.
[sada(1:5)] admin@telnet:::ffff:127.0.0.1;32890

iDX Release 3.5
Debug Information
> saproxy_mcintf
Usage: sap_mc_intf stats|params|debug [on|off|level]
Verify Beam Switch Message Flow

Verify beam switch message flow as follows.
NOTE: Use the rmt list console command to obtain a list of remote IDs and
the rmt id console command to select the remote.
1. Go to the SARMT process to generate a fake beam switch message from the SARMT
remote handler to the selected remote.
[sarmt(1:9)] admin@telnet:::ffff:127.0.0.1;46694 <NET:1
RMT:eP100.10101>
> rh SendBSMsg
Usage: SendBSMsg [net_id_to_switch]
2. Go to the SARMT process to check that Stats/Trace for the beam switch message is
received from remote (OOB message).
RMT:eP100.10101>
> rh stats | grep bs
3. Go to the SARMT process to check that Stats/Trace for the beam switch message is
forwarded to SAPROXY.
RMT:eP100.10101>
> saproxy_uconn stats
4. Go to the SAPROXY process to check that the Stats/Trace for the beam switch message
has been routed/distributed by UDP.
(If the network is found in the local PP stack, then the beam switch message is multicast
in the local PP stack by UDP; otherwise, the beam switch is forwarded by TLS to all non-
local PP stacks.)
> saproxy stats
5. Go to the SAPROXY process to check that the Stats/Trace for the beam switch message
has been routed/distributed to non-local saproxy processes by TLS.
(If network found in Local PP stack, then Multicast in Local PP stack else drop it.)
> saproxy stats
6. Go to the SADA process to check that SADA receives the Stats/Trace for beam switch
message.
[sada(1:5)] admin@telnet:::ffff:127.0.0.1;32894 <NET:6>

iDX Release 3.5
Debug Information
> saproxy_mcintf stats

[sada(1:5)] admin@telnet:::ffff:127.0.0.1;32894 <NET:6>
> da 5 da_stats
Verify InNet Remote List Message Flow

1. At the SADA process, check stats to see whether or not the SADA process is sending
InNetRmtListMsg with the defined interval publish_innet_rmts_interval_sec; also check
if there is any failure in sending the messages.
[sada(3:9)] admin@Internal: <NET:2>
> da 3 da_stats
> saproxy_uconn stats
2. At the SAPROXY process, check if it receives InNetRmtListMsg from Local SADA
processes; also check if it multicasts the messages to local SADA processes and forwards
the messages to non-local SAPROXY processes via TLS.
[saproxy(1:1)] admin@Internal:
> saproxy stats
3. At the SADA process, check the stats to see whether the SADA process receives
InNetRmtListMsg from SAPROXY; also check the timestamp of InNetRmtListMsg from
each SADA.
[sada(1:3)] admin@Internal: <NET:1>
> saproxy_mcintf stats
> da 1 fast_acq innet_foreign_publisher
Verify ACQ Allocation Performance

1. At the SADA process, check how ACQ slots are allocated across the different queues with
bs_rd_normal_acq_slot_alloc_ratio.
> da 3 fast_acq qs_acq_distrb
DA 3
Acq queues distribution [ Qb - Beam Switch, Qr - Recently Dropped,
Qn - Normal ] : Qb Qr Qn Qb Qr Qn Qb Qr Qb Qb // allocation with
Acq queues present flags bs[1] rd[1] normal[1]
2. At the SADA process, check which remotes are in each queue.
> da 3 fast_acq qs_rmt_distrb
DA 3
Q Manual Priority -
Qb Beam Switch – ep100.20698
Qr Recently Dropped – e8350.20139

iDX Release 3.5
Debug Information
Qn Normal - e8350.20140, e8350.20141, e8350.20142, e8350.20143,

e8350.20144
Q Elsewhere InNework - e8350.23561
3. At the SADA process, check if SADA allocates more slots for a remote in a higher priority
queue by examining ACQ slot allocation as shown below where Qb indicates beam switch
queue, Qr indicates Recent Dropped Queue, and Qn indicates normal queue.
In this example, the bs_rd_normal_acq_slot_alloc_ratio for inroute 1 is 5:3:2.
> da 3 acq 4
Qb inroute[ 6] ep100.20698
Qr inroute[ 6] e8350.20139
Qn inroute[ 6] e8350.20140
Qr inroute[ 6] e8350.20139
Qn inroute[ 6] e8350.20141
Qr inroute[ 6] e8350.20139
Qr inroute[ 6] e8350.20139
Qn inroute[ 6] e8350.20140
Qr inroute[ 6] e8350.20139
Qn inroute[ 6] e8350.20141
Qr inroute[ 6] e8350.20139
4. At the SADA process, provide the remote ID as shown below to see the last beam switch
acquisition message.
• BS_Rcv shows the epoch time that the remote received the beam switch message.
• in_network shows the epoch time that the remote joined the network.
• bs acq shows how long it has taken the remote to join the network after receiving
the beam switch message in seconds.
> da 3 remote eP100.20698 bs_timestamp

name BS_Rcv in_network bs acq
time
eP100.20698 1690118 1690147 29

iDX Release 3.5
Debug Information

iDX Release 3.5
Debug Information

iDX Release 3.5
Glossary of Terms
Acquisition A process whereby the satellite modem locks onto the proper satellite carrier.
ACU Antenna control unit.
ADC Analog-to-Digital Converter. A device that converts analog signals to a digital

representation.
Analog Method of signal transmission in which information is relayed by continuously altering
the wave form of the electromagnetic current. An analog signal is responsive to
changes in light, sound, heat and pressure. See also digital.
Antenna Device for transmitting and receiving radio waves. Depending on their use and
operating frequency, the form on an antenna can change from a single piece of wire to
a dish-shaped device.
Antenna Alignment The process of optimizing the orientation of a satellite antenna's main direction of
(pointing) sensitivity towards the satellite to maximize the received signal level and to minimize
the chance of receiving unwanted interference from other satellite systems.
Aperture A cross sectional area of the antenna which is exposed to the satellite signal.
Apogee Point in an elliptical satellite orbit that is farthest from the surface of the earth.
Asynchronous A communications strategy that uses start and stop bits to indicate the beginning and
end of a character, rather than using constant timing to transmit a series of characters.
Asynchronous methods are especially efficient when traffic comes in bursts (and not
regularly paced). Modems and terminals are asynchronous communications devices.
Attenuation Weakening, usually measured in decibels, of a signal (loss) that occurs as it travels
through a device or transmission medium (e.g. radio waves through the atmosphere).
Attitude Control The orientation of the satellite in relationship to the earth and the sun.
Azimuth The horizontal co-ordinate used to align the antenna to the satellite. See also
Elevation.
Bandwidth The amount of data a cable can carry; measured in bits per second (bps) for digital
signals, or in hertz (Hz) for analog signals. A voice transmission by telephone requires a
bandwidth of about 3000 cycles per channel (3 kHz). A TV channel occupies a
bandwidth of 6 million cycles per second (6 MHz) in terrestrial systems. In satellite
based systems a larger bandwidth of 17.5 to 72 MHz is used to spread or “dither” the
television signal in order to prevent interference.
Baud The number of times an electrical signal can be switched from one state to another
within a second.
Bit Error Rate The ratio of the number of information bits received in error to the total number of bits
(BER) received, averaged over a period of time. It is used as an overall measure of the quality
of a received digital bit stream.
Bit Rate The number of bits transmitted within a second (bps) in a digital communication.
Broadcast Sending a single message to all the nodes of a network.

iDX Release 3.5
C band Band of frequencies used for satellite and terrestrial communications. Most
communications satellites use a range from 4 to 6 gigahertz (billion cycles per second).
Requires larger ground antennas, usually twelve feet in diameter, for television
reception.
Capacity A proportion of the satellite’s bandwidth which is used to establish one or more
communication channel.
Carrier The basic radio, television, or telephony transmit signal. The carrier in an analog
signal.
Carrier Frequency The rate at which the carrier signal repeats, measured in cycles per second (Hertz).
This is the main frequency on which a voice, data, or video signal is sent. Microwave
and satellite communications transmitters operate between 1 to 14 GHz.
Channel A band of radio frequencies assigned for a particular purpose, usually for the
establishment of one complete communication link, or a path for an electrical signal.
Television signals require a 6 MHz frequency band to carry all the necessary picture
detail. Channel frequencies are specified by governmental agencies.
CIR See Committed Information Rate.
Coaxial Cable A transmission line in which the inner conductor is completely surrounded by an outer
conductor, so that the inner and outer conductor are coaxially separated. The line has a
wide bandwidth capacity which can carry several television channels and hundreds of
voice channels.
Collocated Two or more satellites occupying approximately the same geostationary orbital
(satellites) position. To a small receiving antenna the satellites appear to be exactly at the same
place. The satellites are kept several kilometers apart in space to avoid collision.
Committed The guaranteed network bandwidth availability.
Information Rate
(CIR)
Common Carrier An organization which operates communications circuits. Common carriers include the
telephone companies as well as the owners of the communications satellites.
Communications A satellite in Earth orbit which receives signals from an Earth station and retransmits
Satellite the signal to other Earth stations.
COMSAT Communication Satellite Corporation, the U.S. signatory for INTELSAT.
Continuous Wave Signal consisting of a single frequency especially used in testing satellite modems and
(CW) antennas.
Decibel (Db) The standard unit used to express the ratio of two power levels. It is used in
communications to express either a gain or loss in power between the input and output
devices.
Decoder A television set-top device that converts an electronically scrambled television picture
into a viewable signal.
Delay The time it takes for a signal to go from the sending station through the satellite to the
receiving station (around one-quarter of a second).
Demodulator A satellite receiver circuit which extracts or “demodulates” the desired signals from
the received carrier.
Digital Representation of information as bits of data for transmission. Digital communications
technology permits higher transmission speeds and a lower error rate than analog
technology. As an analog signal is received and amplified at each repeater station, any
noise is also amplified. A digital signal, however, is detected and regenerated (not
amplified), and any noise is lost unless it corresponds to a value that the regenerator
interprets as digital signal.

iDX Release 3.5
Dish Slang for parabolic antenna.
Downlink The part of the satellite communications link that involves signal retransmission from
the satellite and reception on the ground. See also Uplink.
Downstream Downstream carrier (synonymous to outbound carrier) is the carrier from the Hub to
Carrier the remote modem, via the satellite.
Duplex Two-way communications. The telephone line is full duplex in that both directions of
communication occur at the same time. Walkie-talkie communications is half-duplex–
only one party may transmit at a time.
Earth Station A combination of devices (antenna, receivers) used to receive a signal transmitted by
one or more satellites.
Elevation The upward tilt (vertical coordinate) of a satellite antenna measured in degrees,
required to align the antenna with the communications satellite. See also Azimuth.
Elliptical Orbit Orbits in which the satellite path describes an ellipse, with the Earth located at one
focus.
Encoder A device used to electronically alter a signal so that it can only be understood on a
receiver equipped with a special decoder.
Equatorial Orbit An orbit with a plane parallel to the Earth’s equator.
FEC Forward Error Correction is an error correction method that adds redundant bits to a
bit stream, so that the receiver can detect and correct errors in transmission.
FEC Block The basic FEC unit is a FEC block.
Feed 1) The transmission of video content from a distribution center.
2)The feed system of an antenna.
Focal Length Distance from the center feed to the center of the dish.
Footprint The geographic area over which a satellite antenna receives or directs its signals.
Free Slots Slots left in the dynamic sub-frame after all stream, guaranteed (CIR) and preemptive
bandwidth requests are satisfied. Free slots are allocated to all VSATs (up or down),
except the master, in a round-robin fashion.
Frequency The number of times that an alternating current goes through its complete cycle in one
second of time. One cycle per second is also referred to as one hertz.
Frequency A process designed to eliminate frequency interference between different satellite
Coordination systems or between terrestrial microwave systems and satellites.
Full duplex Transmission that occurs in both directions simultaneously over the communications
media (e.g. telephone).
Geostationary An satellite orbiting Earth at such speed that it appears to remain stationary with
satellite respect to the earth’s surface. See also Clarke Orbit.
Geosynchronous A satellite orbiting Earth at Earth’s rotational speed and at the same direction. A
satellite satellite in geosynchronous orbit is known as a geosynchronous or geostationary
satellite. The orbit is “synchronous” because the satellite makes a revolution in about
24 hours. The satellites are about 35,800 kilometers (22,350 miles) above Earth, and
they appear to be stationary over a location.
Ground Segment All the Earth stations that are operating within a particular satellite system or network.
Ground Station A radio station, on or near the surface of the Earth, designed to transmit or receive
to/from a spacecraft.

iDX Release 3.5
Guaranteed The capability for transmitting continuously and reliably at a specified transmission
Bandwidth speed. The guarantee makes it possible to send time-dependent data (such as voice,
video, or multimedia) over the line.
Guaranteed Slots Slots configured per VSAT and made available to that VSAT upon its request. When the
queue is depleted, these slots are taken away by the master and distributed to other
requesting VISNs as preemptive slots.
Guard Band A thin frequency band used to separate bands (channels) in order to prevent
(guardband) interference and signal leakage.
Guard Channel Unused frequency space between carriers that prevents adjacent carriers from
interfering each other.
Half Duplex A communications form in which transmissions can go in only one direction at a time.
With half-duplex operation, the entire bandwidth can be used for the transmission. In
contrast, full-duplex operation must split the bandwidth between the two directions.
High Band The upper part of the Ku band downlink frequency range, from 11.7 GHz to 12.75 GHz.
HPA High Power Amplifier. Earth station equipment that amplifies the transmit RF signal and
boosts it to a power level that is suitable for transmission over an earth-space link.
Hub RFT Hub Radio Frequency Terminal - Equipment that includes the antenna, U/C
(upconverter), D/C (downconverter) HPA, and LNA, which provides the up and down
conversion of signals in a satellite-based network.
IF Intermediate Frequency. The frequency range 70 to140 MHz used for the distribution of
satellite signals from the LNB at the dish to the user’s satellite receiver. It is always
used in direct-to-home systems and is the most suitable for distribution of digital
signals in communal systems – IF systems.
Inbound Carrier See Upstream Carrier.
Inclination The angle between the orbital plane of a satellite and the equatorial plane of the
Earth.
Indoor Unit (IDU) The satellite modem and indoor devices (in contrast to outdoor units, ODU).
Information Rate The user data rate including IP headers plus iDirect overhead. The downstream
overhead is approximately 2.75% of the information rate.
INTELSAT International Telecommunications Satellite Organization. Agency that operates a
network of satellites for international transmissions.
Interfacility Link The cable that connects the indoor unit with the outdoor unit.
(IFL)
Intermediate Generally, 70 MHz or 140 MHz.
Frequency (IF)
Ka band The frequency range from 18 GHz to 31 GHz.
Ku Band Frequency range from 10.9 GHz to 17 GHz, increasingly used by communications
satellites. Requires smaller ground antennas, usually four feet (1.2 meter) in diameter.
L-Band The frequency range from 0.5 GHz to 1.5 GHz.
LNA Low Noise Amplifier – The preamplifier between the antenna and the earth station
receiver. For maximum effectiveness, it should be located as near the antenna as
possible, and is usually attached directly to the antenna receive port.
LNB Low Noise Block Converter is the converter on the down link that takes the Ku, Ka, or C-
Band signal from the satellite and converts it to a lower frequency (L-band) signal that
can be fed through the IFL cable to the modem.

iDX Release 3.5
Low Earth Orbit Satellites that are not stationary from a fixed point on earth and have the lowest orbit
(LEO) satellite of all communication satellites. Most handset-to-satellite systems are based on LEO
satellites using L-Band.
Low Noise The preamplifier between the antenna and the Earth station receiver. For maximum
Amplifier (LNA) effectiveness, it must be located as near the antenna as possible, and is usually
attached directly to the antenna receive port.
Margin The amount of signal in dB by which the satellite system exceeds the minimum levels
required for operation.
Multiplexing Techniques that allows a number of simultaneous transmissions to travel over a single
circuit.
ODU Outdoor unit, such as an antenna dish.
Outbound Carrier See Downstream Carrier.
Passband The range of frequencies handled by a satellite translator or transponder.
Perigee The point in a satellite’s orbit where it is closest to Earth.
Polarization Design technique used to increase the capacity of the satellite transmission channels by
reusing the satellite transponder frequencies.
QPSK (Quadrature Digital modulation scheme used in transmission communications to allow increased
Phase Shift Keying) sending capacity.
Rain Outage Loss of signal at Ku or Ka Band frequencies due to absorption and increased sky noise
temperature caused by heavy rainfall.
Satellite A sophisticated electronic communications relay station orbiting 22,237 miles above
the equator moving in a fixed orbit at the same speed and direction of the Earth (about
7,000 m.p.h. east to west).
Satellite The use of geostationary orbiting communication satellites to relay transmission from
Communications one Earth station to another or to several Earth stations. It takes only three satellites to
cover the whole Earth.
Satellite Pass Segment of orbit during which the satellite “passes” nearby and in the range of a
particular ground station.
Shared hub Satellite communications operations center that is shared among several separate
network users; often used for VSAT operations.
Single-Channel- Data is transmitted by a single source to the satellite continuously on a
Per-Carrier (SCPC) dedicated satellite carrier. The SCPC carrier can be received by a single
location (point-to-point link) or multiple locations (point-to-multipoint link).
SNR Signal to Noise Ratio - In analog and digital communications, signal-to-noise ratio, (S/N
or SNR), is a measure of signal strength relative to background noise. The ratio is
usually measured in decibels (dB).
Spillover Satellite signal that falls on locations outside the beam pattern’s defined edge of
coverage.
Subcarrier In satellite television transmission, the video picture is transmitted over the main
carrier. The corresponding audio is sent via an FM subcarrier. Some satellite
transponders carry as many as four special audio or data subcarriers.
Symbol Rate Symbol Rate refers to the number of symbols that are transmitted in one second. From
the symbol rate, you can calculate the bandwidth (total number of bits per second) by
multiplying the bits per symbol times the symbol rate.
TDM (Time Division A type of multiplexing where two or more channels of information are transmitted over
Multiplexing) the same link by allocating a different time interval (“slot” or “slice”) for the
transmission of each channel. (i.e. the channels take turns to use the link.)

iDX Release 3.5
TDMA (Time A communications technique that uses a common channel (multipoint or broadcast) for
Division Multiple communications among multiple users by allocating unique time slots to different
Access) transmission sources.
Transmission A protocol developed for the Internet to get data from one network device to another;
Control Protocol TCP uses a retransmission strategy to ensure that data will not be lost in transmission.
(TCP)
Transmission Rate Includes all over-the-air data. This includes the user data (information rate), iDirect
overhead, and FEC encoding bits.
Transponder A device in a communications satellite that receives signals from the earth, translates
and amplifies them on another frequency, and then retransmits them.
UHF Ultra High Frequency. Band in the 500-900 MHz range, including TV channels 14 through
83.
Uplink The Earth station used to transmit signals to a satellite and the stream of signals going
up to the satellite.
Upstream Upstream carrier (synonymous to inbound carrier) is the carrier from the remote
modem to the Hub, via the satellite.
Carrier
VHF Very High Frequency, Refers to electromagnetic waves between approximately 54 MHz
and 300 MHz.
VSAT Very Small Aperture Terminal. Means of transmission of video, voice, and data to a
satellite. Used in business applications.

iDX Release 3.5
Index
A antenna 65
antenna, adding 65
ABS applying changes to roaming remotes 324
see Automatic Beam Selection applying configurations 316
accelerated GRE tunnels 160 Automatic Beam Selection 461– 480
accepting changes adding beams to a network 463
automatically accepting changes 13 adding elevation / gain pairs for flat plate
enabling accept changes button 13 antennas 466
acquisition aperture 132 adding skew angle / gain pairs for flat plate anten-
activating nas using OpenAMIP 467
remotes 303 antenna reflector definition 465
changing the GPS interval 474
active users pane 385
changing the minimum look angle 470
activity log 47– 50 changing the usable beam timeout 473
copying data from 49 configuring a local mapserver IP address 474
list of selectable activities 47 configuring a remote for 467
viewing 48 configuring hunt frequency 469
adaptive TDMA configuring the initial tx power offset 469
acquisition margin (M3) 137 determining a remote’s initial tx power offset 479
adaptive parameters of inroute group 133 determining beam numbers 479
adding adaptive carriers to an inroute group 396 disabling or enabling the rx-only feature 474
configuring adaptive parameters per remote 175 forcing a beam switch 478
configuring uplink control parameters 137 IP address of antenna 468
converting an inroute group to adaptive TDMA 394 muting the remote transmitter when mapless 473
converting to adaptive TDMA 393 reading the tx power from the beam map 479
enabling superburst 77 remote console commands 475
fade slope margin (M1) 137 setting download timeout 472
goal of frequency hopping in adaptive TDMA 130 setting network acquisition timers 472
hysteresis margin (M2) 137 setting OpenAMIP parameters 469
inroute group composition setting Orbit SBC parameters 470
allowed dropout factor for IGC selection 133 setting SeaTel DAC parameters 470
carrier-specific IGC parameters 136 setting up the configuration file 462
configuring IGCs 134 starting the map server 464
default IGC 133 supported antennas 465
enabling a fixed IGC 133 Automatic Beam Switching
selecting a carrier’s MODCOD for an IGC 136 see Automatic Beam Selection
update frequency for IGC selection 133
measurement spacing 137
prerequisites for converting to adaptive TDMA 394 B
selecting adaptive modulation 77
selecting carrier payload size 77 bandwidth
static vs. adaptive TDMA carriers 131 adding 72
updating an inroute group composition 397 beam selection
verifying network operation after conversion 403 see beam switching for mobile remotes; Automatic
Beam Selection
beam selection for roaming remotes 195
before you start
information needed 8
preparing equipment 8

iDX Release 3.5
Index
blades chassis 293

adding 94 LNB voltages supplied by chassis 293
BUC selecting high or low LNB voltage 293
use of slot 5 291
adding to a remote 182
installing 8
button permanently enabling chassis license downloads 63
accept changes 14 rules for assigning line cards to slots 290
right mouse 25 setting the IP address 285
sharing slots on more than one NMS 295
validating a chassis license 289
C
chassis groups
CA Foundry 429– 444 not supported in this release 285
connecting to a host 432 choose details
creating a CA 431 feature 37
creating a certificate authority 431 cloning
executing 63, 430 remotes 187
issuing host certificates 435 user accounts 383
logging on to a CA 432
CNO User Groups
navigating in 430
revoking host certificates 436 adding and modifying 357
visibility and access 356
carrier
commissioning line cards
acquisition aperture 132
adding downstream carriers 73 See hub commissioning 341
adding SCPC upstream carriers 78 comparing configurations 314
adding TDMA upstream carriers 75 components
assigning upstream carriers to inroute groups 134 bench test 16
defining an alternate downstream carrier 109 folders 16
guard interval 133 QoS folders 16
information rate 77 remote antenna components 17
large block 77
compression
rules for assigning TDMA carriers to inroute
groups 131 CRTP performance characteristics 199
small block 77 enabling compression types on remotes 196
switching to an alternate downstream carrier 117 L2TP payload compression 199
symbol rate 77 RTP header compression performance
transmission rate 77 characteristics 199
uplink/downlink center frequency 74, 76, 80 TCP payload compression 197
UDP header compression 198
certificate authority, creating 431
UDP header compression performance
chassis characteristics 198
adding the initial hub chassis 285 UDP payload compression 199
assigning line cards to slots 290 UDP payload compression compared to TCP payload
configuring and controlling 288 compression 199
EDAS vs. MIDAS controller boards 285 configuration changes 34
four-slot chassis
configuration state 42
configuring 291
enabling 10 MHz clock on a tx line card 293 changing 45
enabling 22 kHz tone 293
enabling BUC voltage 293
enabling LNB voltage 293
limitation on DC voltage supplied by 4-IF

iDX Release 3.5
Index
configuration, simultaneous changes 390 downloading

configurations concurrently to remotes and hub 326
changes on roaming remotes 322 images
comparing 314 TCP 330
deleting 310 interactions 329
downloading multicast 326
canceling 318 multiple images 326
chassis 319 out of network remotes 328
line card 320 using revision server 331
network 319 downloading configurations 316
protocol processor 319 canceling 318
using revision server 331 chassis 319
modifying 310 line card 320
saving network 319
TCP vs. UDP 321 protocol processor 319
status 42 DVB-S2
uploading last modified vs. existing 311
adjusting CCM network parameters 140
uploading multiple modified vs. existing 312
configuring a remote’s maximum MODCOD 177
viewing 310
configuring a remote’s nominal MODCOD 177
context menu button 25 configuring network parameters 139
converters estimating effective CIR and MIR for ACM
adding 66 outbound 224
COTM estimating information rate for ACM outbound 83
see remotes, mobile remotes fast fade algorithm 138
line card model types supported 103
CRTP 198
network-level parameters defined 138
CRTP performance characteristics 199 selecting a MODCOD range for ACM 75
customers
adding 150
listing on remotes 149 E
elements 15
D
daisy chaining of chassis F
not supported in this release 285 find toolbar 29
database, simultaneous changes 390 Firmware
deactivating downloading to remotes and line cards 326
remote 303 folders 15
details adding entries 19
choosing 37 BUCs 15
choosing details feature 37 component 16
creating sets of 37 customers 16
view 35 distributors 15– 16
DHCP 155 empty 16
distributors Hub RFT components 16
adding 150 LNBs 15
listing on remotes 149 manufacturers 15
operators 16
DNS 154
QoS profiles 15
downconverter 65 reference information 18
adding 66 remote antenna components 15

iDX Release 3.5
Index
four-slot chassis applications 238

see chassis, four-slot chassis Committed Information Rate defined 202
frequency hopping 130 configuring a remote’s maximum MODCOD 177
configuring a remote’s nominal MODCOD 177
frequency translation 67
configuring bandwidth allocation fairness relative
to nominal MODCOD 230
G configuring bandwidth allocation fairness relative
to operating MODCOD 231
geo location configuring group QoS settings for VNO user
remotes 178 groups 371
cost defined 202
GKD
cost-based traffic defined 202
bringing a GKD online for the first time 456 default and NMS applications for remotes with mul-
changing a GKD’s password 456 tiple service profiles 244
configuring in iBuilder 452 default applications in service profiles 239
defined 449 effective cost with allocation fairness relative to
determining the clients of a GKD 459 CIR 228
determining the time of the next key update 460 enabling EIR for remotes in group for remote based
installing 451 mode or remote service groups 235
installing a GKD options file on a server 455 Enhanced Information Rate (EIR) described 203
kd status and ks status commands 458 estimating effective CIR and MIR for DVB-S2 ACM
logging on 456 outbound 224
starting a GKD 455 for SCPC remotes 211
GRE tunnels 160 full-trigger CIR defined 203
Group Edit group view applications vs. service profile view
procedure for group edits 41 applications 241
rules and restrictions on group edits 41 group view example 219
Maximum Information Rate defined 202
Group QoS
multicast bandwidth group 215
see also QoS operations on remote profiles 256
allocation fairness relative to nominal or operating preconfigured application profiles 273
MODCOD 230 priority defined 202
allocation properties vs. request properties 233 QoS properties defined 202
allowing VNO users modify filter profiles 380 relationship between information rate and IP data
allowing VNO users to create QoS profiles 380 rate 204
application scaled QoS mode vs. application based remote profiles described 254
QoS mode 214 selecting a multicast MODCOD 238
application service groups vs. remote service setting VNO permissions for QoS profiles 378
groups 207, 210 Sticky CIR defined 203
assigning ownership of QoS nodes to VNO user tree structure 205
groups 373 views 218
assigning remotes to remote service groups in re- visibility of QoS profiles for VNO users 379
mote profile view 259 VNO configuration of request properties on owned
bandwidth allocation algorithm 205 QoS node 375
bandwidth allocation fairness relative to CIR 203
guard interval for TDMA carriers 133
bandwidth allocation fairness relative to Nominal
MODCOD 204 guest user 389
bandwidth allocation fairness relative to Operating
MODCOD 204
H
bandwidth allocation for SCPC return channels 212
best-effort traffic defined 202 high power amplifier See HPA
changing properties on individual remotes 247
HPA 65
changing the order of application profiles within
adding 68

iDX Release 3.5
Index
hub commissioning 341 iVantage NMS components xxxiii

1 dB compression test 350
downloading line cards using iSite 345
setting IP address on line card 343
L
setting tx power on line card 351
LAN
Hub RFT
interface 153
adding 89 remotes 151– 154
Hub RFT Components 65 large block 77
latitude
I teleport 86
Layer 2 Over Satellite (L2oS)
iBuilder adding a VLAN ID to the X7 switch 164
description 9 adding SVNs to a remote 185
installing 11 classifying IPv6 packets in Layer 2 networks 282
iDirect network architecture example 2 configuring a remote local ID for an SVN 186
Idle and Dormant States configuring L2oS header compression 186
configuring 173 configuring L2oS hub parameters 100
triggering state changes 175, 278 configuring the hub VLAN or QinQ Ethertypes 100
configuring the MAC address of the upstream switch
images 325
for VPWSEPC 101
downloading 326 configuring the remote L2oS parameters 184
interactions 329 configuring the remote SDT parameters 185
out of network 328 configuring the remote VLAN or QinQ
TCP 330 Ethertypes 185
downloading multiple units 326 enabling networks for L2oS 93
UDP multicast 326 overriding the default service mode settings at the
iMonitor hub 101
description 9 selecting the hub SDT mode 100
information rate 77 selecting the L2oS operating mode 100
inroute group compositions 134 legend 32
inroute groups licenses
adaptive parameters defined 133 exporting data for feature license requests 59
adding 130 importing license files 57
assigning upstream carriers 134 license properties tab 59
configuring the maximum speed of remotes 132 license toolbar 56
description 130 list of features licensed in iBuilder 56
frequency hopping 130 permanently enabling chassis license downloads 63
setting acquisition aperture for carriers 132 sharing chassis slot licenses on more than one
setting the guard interval for TDMA carriers 133 NMS 295
shared TDMA carrier parameters 133 validating a chassis license 289
static vs. adaptive carriers 131 line cards
installation adding
NMS applications 11 receive 109
standby 119
interface
transmit 107
using NMS GUI 21 transmit/receive 107
IP configuration on remotes 151– 161 adding a TDMA standby line card 121
iSite 9 adding receive carriers to a multichannel line
using to download a line card 345 card 112
commissioning See hub commissioning
downloading using iSite 345
enabling 10 MHz clock from the four-slot chassis

iDX Release 3.5
Index
screen 293 N
failure recovery 128
managing redundancy relationships 122 NAT 156
multichannel line card operational frequency network architecture example 2
band 113 network tree, See tree
NMS failover algorithm 129
networks
performing manual switchover or failover 127
prerequisites for automatic failover 119 adding 104
receive carrier types 109 deactivating 106
receive mode restrictions 110 inroute groups
receive modes 109 adding 130
receive-mode licenses required 110 assigning upstream carriers 134
receive-only line card types 109 description 130
rules for assignment to chassis slots 290 line cards
selectable line card types in iBuilder 106 adding receive 109
selecting carriers for multichannel line cards 113 adding transmit 107
setting tx power 351 adding transmit/receive 107
solo Tx/Rx line card described 106 NMS
supported model types 103 applications 8
TRANSEC-compatible model types 408 distributed NMS server 415
types of redundancy relationships 119 iVantage NMS components xxxiii
LNB main components 7
adding to a remote 182 multiple users accessing 13
servers used 9
logging in 12
setting up a distributed environment 417
passwords 12
to other servers 13
longitude O
spacecraft 70
teleport 86 ODU Tx 10 MHz 68
ODU Tx DC power 68
options files 309
M hub-side and remote-side 310
main toolbar 29 orbital inclination 70
management interface 153
mobile remotes P
See remotes: mobile remotes 179
setting the maximum speed for an inroute packet segmentation
group 481 setting a downstream segment size 177
modifying panes
accepting changes 13 active users 32, 385
multicast fast path choose details 37
configuring 249 configuration changes 34
defined 216 details 35
enabling encryption 105 legend 32
selecting for a GQoS application 238 network tree, See tree
See also dialog boxes
passwords 12, 387
properties
viewing element 35

iDX Release 3.5
Index
protocol processor receive-only remotes, configuring 149

adding 90 remote locking
blades 94 checking an X3 remote lock status 490
installing 8 configuring a remote lock on an X3 remote 487
TRANSEC support for 90 configuring the network key 488
removing a soft lock on an X3 remote 489
returning a remote for lock removal 490
Q setting a hard lock on an X3 remote 489
setting a soft lock on an X3 remote 488
QoS
soft locks vs. hard locks 487
remotes 143
Committed Information Rate defined 202
cost-based traffic defined 202 activating 303– 304
Maximum Information Rate defined 202 adaptive parameters
see also Group QoS configuring maximum C/N 176
assigning a filter profile to a remote 168 configuring maximum link impairment 175
assigning a remote profile to a remote 168 configuring minimum symbol rate 176
assigning a service profile to a remote 168 adding 144– 200
assigning multiple service profiles to a remote 170 antenna 182
bandwidth allocation fairness relative to CIR 203 applying configurations 321
bandwidth allocation fairness relative to Nominal cloning 187
MODCOD 204 configuring
bandwidth allocation fairness relative to Operating prerequisites for adding a remote 144
MODCOD 204 configuring adaptive parameters 175
best-effort traffic defined 202 configuring RIPv2 on 152
configuring a remote’s maximum MODCOD 177 customers 149– 150
configuring a remote’s nominal MODCOD 177 deactivating 303– 304
configuring EIR for a physical remote 176 deactivating before deleting 310
configuring Idle and Dormant States 173 DHCP 155
configuring Minimum Information Rate 173 distributors 149– 150
cost defined 202 DNS 154
custom key for full-trigger CIR 263 downloading
Enhanced Information Rate (EIR) described 203 using revision server 331
for SCPC remotes 211 downloading configurations
full-trigger CIR defined 203 out of network 328
normal CIR vs. sticky CIR vs. full-trigger CIR 202 enabling link encryption 146
preconfigured profiles 273 enabling Transmit Key Line on an e850mp 182
priority defined 202 geo location 178
QoS properties defined 202 information tab 145– 151
remote parameters by service group type and QoS IP configuration 151– 161
mode 172 LAN 151– 154
remote QoS Tab 167 LAN "same as" option 153
sticky CIR defined 203 LAN interface 153
listing customers 149
listing distributors 149
R management interface 153
mobile remotes
receive line card additional guard band for SCPC return
adding 109 channels 486
receive properties automatic beam selection for 195
configuring COTM types 482
remotes 147
configuring the default maximum skew 70
configuring the default minimum look angle for

iDX Release 3.5
Index
remote antennas 70 cards 305

configuring the default skew margin 70 multicast groups 162
configuring the skew polarization 70 MUSiC Box 146
GPS Input settings defined 179 NAT 156
handshake signaling 180 passwords 146
high-speed COTM configuration 481 port forwarding 159
inroute map stale timeout for high-speed TDMA receive properties 147
remotes 483 receive-only
LFO correction angle for SCPC mobile configuring for 149
remotes 486 rx-only multicast 149
minimum symbol rates for mobile remotes 483 remote antenna 182
overriding the maximum skew for a remote resetting 329
antenna 179 roaming remotes 188– 196
overriding the minimum look angle for a remote adding multiple remotes to a network 193
antenna 179 adding remotes to multiple networks 194
overriding the skew margin for a remote applying changes 324
antenna 179 beam selection for 195
security setting 179 configuration changes 322
selecting the COTM type 179 managing configuration of 189
spread spectrum blocks per frame for high-speed modifying all instances 191
SCPC remotes 485 modifying multiple instances 192
TDMA upstream acquisition range for high-speed options files for 322
remotes 482 pending changes across networks 323
upstream acquisition range for SCPC return selecting a BUC 182
channels 484 selecting an LNB 182
model type 146 serial number 146
moving between inroute groups and line cards 306 serial number, system-generated 146
moving between networks, inroute groups and line sleep mode
enabling 146
triggering wakeup 278
static routes 156
supported model types 143
switch tab 162– 166
copying data to a spreadsheet 166
dedicating a port to a VLAN 163
default settings 163
setting a port as a trunk 165
setting the port speed and port mode 165
TRANSEC-compatible model types 408
transmit properties 147
reference carrier parameters 147
SCPC initial power 148
SCPC max power 149
TDMA max power 148
VLAN 151– 154
VSAT 180
requirements
system 11
resetting 329
retrieving configurations
modified vs. existing 312
multiple 312
single
last modified vs. existing 311

iDX Release 3.5
Index
revision server 331– 340 status bar 31

cancel ling an upgrade 340 super user 389
controlling real-time events 336 switch, eight-port: see remote: switch tab
duty cycle explained 332 symbol rate 77
real-time display options 336
symbol rate vs. transmission rate 77
starting 334
status pane 338 system requirements 11
using to download remotes 331
when to use 333
T
right mouse button 25
right-click TCP payload compression 197
menu options 30 TCP vs. UDP download 318
RIP, see RIPv2 teleport 85– 88
RIPv2 152, 157– 158 adding 85
roaming remotes, see remotes: roaming remotes adding a backup 86
latitude 86
longitude 86
RTP header compression performance
characteristics 199 toolbars
configuration changes 34
details 35
S find 29
icons 29
saving configurations legend 32
TCP vs. UDP 321 license toolbar 56
SCPC upstream carriers, configuring uplink control main 29
parameters 81 main menu 30
servers 9 status bar 31
view menu 30
sleep mode
transceiver
enabling on remotes 146
triggering wakeup on remotes 278 selecting frequency band and cross pol mode 183
selecting on the remote VSAT tab 182
small block 77
supported models 182
spacecraft 69– 70
TRANSEC
adding 69
bringing a GKD online for the first time 456
longitude 70
CA Foundry, See CA Foundry
spectral inversion 68 certifying an unauthorized remote 433
spread spectrum certifying hosts before converting to TRANSEC 408
selecting a TDMA upstream spreading factor 78 changing a GKD’s password 456
selecting an SCPC upstream spreading factor 81 changing DCC key update frequency 442
static routes 156 changing the ACC key update frequency 459
comparing hub and remote ACC keys 444
status
configuring ACC keys on a remote 439
elements 42 configuring GKDs in iBuilder 452
converting a network to TRANSEC 407
converting remotes to non-TRANSEC 412
description 407
determining the clients of a GKD 459
determining the network ID 447
determining the time of the next ACC key

iDX Release 3.5
Index
update 460 uplink/downlink center frequency 74, 76, 80

enabling on protocol processor 91 User Groups
example of a TRANSEC sub-tree 409 CNO user groups 356
finding the blade that distributes keys 447 NMS user groups 354
GKD defined 449 VNO user groups 356
GKD kd status and ks status commands 458
users
GKD options file example 453
installing a GKD 451 active users pane 385
installing a GKD options file on a server 455 adding user accounts 381
key distribution requirements for ABS 450 changing passwords 387
line card and remote model types supported 408 cloning user accounts 383
local mode for ACC key distribution 449 conversion during upgrade 353
logging on to a GKD 456 deleting user accounts 385
protocol processor described 90 guest 389
starting a GKD 455 levels of 388
updating ACC keys 442 managing 387
updating DCC keys 441 modifying user accounts 381, 383
multiple 13
translation frequency 71
permissions 387
transmission rate 77 privileges
Transmit Key Line, enabling on e850mp 182 defined 387
transmit line card predetermined 387– 388
adding 107 simultaneous access to the NMS database 390
transmit properties super user 389
types 388
remotes 147
viewing user accounts 384
transmit/receive line card VNO guest 389
adding 107 VNO super user 389
transponder
adding 70
V
tree
elements 15 VLAN
elements and folders 25 adding 96
folders 15 default vs. upstream 153
tree view, See tree on eight-port switch: see remote: switch tab
treebar, See tree remotes 151– 154
upstream interface 96
VNO guest, see users: VNO guest
U VNO super user, see users: VNO super user
UDP payload compression 199 VNO User Groups
up converter 65 access rights for SCPC return channels 368
adding and modifying 357
upconverter
allowing VNO users modify filter profiles 380
adding 66 allowing VNO users to create QoS profiles 380
upgrade assistant assigning ownership of QoS nodes 373
See revision server assigning ownership of SCPC return channels 369
uplink control parameters configuration of request properties on owned QoS
acquisition margin (M3) 137 node 375
configuring adaptive UCP parameters 137 configuring group QoS settings 371
configuring for SCPC upstream carriers 81 creating and managing 356
fade slope margin (M1) 137 modifying visibility and access 360
hysteresis margin (M2) 137 setting permissions for QoS profiles 378
measurement spacing 137 setting rate limits 359
sharing a chassis among multiple VNO user

iDX Release 3.5
Index
groups 363 windows, See panes

visibility and access 354 See also dialog boxes
visibility of QoS profiles 379
VNO operations on line cards in SCPC return
mode 369 X
VSAT 180
X.509 certificates
issuing to hosts 435
W revoking from hosts 436
warning properties 50– 55

categories of warnings 50
clearing customized properties 54
configurable properties 50
customizing for specific network elements 53
distinguishing customized warnings 54
global vs. customized 51
of line cards 129
of protocol processors 94
of remotes 187
setting global properties for network elements 51

iDX Release 3.5
Index

iDX Release 3.5
iDirect
13861 Sunrise Valley Drive, Suite 300
Herndon, VA 20171-6126
+1 703.648.8000
+1 866.345.0983
www.idirect.net
Advancing a Connected World

UGiBuilder IDX Release 3.5.x

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

UGiBuilder IDX Release 3.5.x

Uploaded by

Copyright:

Available Formats

iBuilder User Guide iDX Release 3.5.

iBuilder User Guide

iDX Release 3.5.x

February 13, 2018

Company Web site: www.idirect.net ~ Main Phone: 703.648.8000

Company Web site: www.idirectgov.com ~ Main Phone: 703.648.8118

Document Name: UG_iBuilder iDX 3.5_T0000783_Rev_G_02_13_18

ii iBuilder User Guide

Revision Date Updates

iBuilder User Guide iii

E August 15, 2017 iDX Release 3.5.4.0; changes include:

iv iBuilder User Guide

About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii

The iVantage Network Management System . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Chapter 1 iDirect System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3

Chapter 2 Overview of the Network Management System for iBuilder . . 9

iBuilder User Guide v

2.6 Launching iBuilder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

vi iBuilder User Guide

2.11.6 Configuration States and iMonitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Chapter 3 Defining Hub RFT Components and the Satellite . . . . . . . . . . 69

Chapter 4 Defining Network Components . . . . . . . . . . . . . . . . . . . . . . . . 89

iBuilder User Guide vii

4.4.1 TRANSEC Protocol Processors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Chapter 5 Defining Networks, Line Cards, and Inroute Groups . . . . . . 117

viii iBuilder User Guide

5.10.2 Configuring Inroute Group Compositions . . . . . . . . . . . . . . . . . . . . . . . 151

Chapter 6 Configuring Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

iBuilder User Guide ix

6.10.2 Configuring SVNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Chapter 7 Configuring Quality of Service for iDirect Networks . . . . . . 229

x iBuilder User Guide

7.3.1 Saving Group Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

Chapter 8 Configuring a Hub Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

Chapter 9 Controlling Remotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

Chapter 10 Retrieving and Applying Saved and Active Configurations . 337

iBuilder User Guide xi

10.4 Retrieving Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

Chapter 11 Upgrading Software and Firmware . . . . . . . . . . . . . . . . . . . . 353

xii iBuilder User Guide

11.4.3 Starting the Revision Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

Chapter 12 Commissioning a Hub Line Card . . . . . . . . . . . . . . . . . . . . . . 377

Chapter 13 Managing User Accounts and User Groups . . . . . . . . . . . . . . 389

iBuilder User Guide xiii

13.3.3 Setting VNO Permissions for Group QoS Nodes . . . . . . . . . . . . . . . . . . . 412

Chapter 14 Converting to Adaptive TDMA . . . . . . . . . . . . . . . . . . . . . . . . 429

xiv iBuilder User Guide

Chapter 15 Converting a Network to TRANSEC . . . . . . . . . . . . . . . . . . . . 445

Appendix A Configuring a Distributed NMS Server . . . . . . . . . . . . . . . . . . 453

Appendix B Using the iDirect CA Foundry . . . . . . . . . . . . . . . . . . . . . . . . . 467

Appendix C Managing TRANSEC Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

iBuilder User Guide xv

C.2 Updating the DCC Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Appendix D Global Key Distribution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

Appendix E Configuring Networks for Automatic Beam Selection . . . . . 507

xvi iBuilder User Guide

E.2 Configuring Remotes for Automatic Beam Selection . . . . . . . . . . . . . . . . . . . 511

Appendix F COTM Settings and Custom Keys . . . . . . . . . . . . . . . . . . . . . . 529

iBuilder User Guide xvii

Appendix G Remote Locking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535

Appendix H Configuring Remote and PP Signaled Beam Switching . . . . 539

Glossary of Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559

xviii iBuilder User Guide

Figure 1-1. Sample iDirect Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4