Adtran's Netvanta 1224STR Extends Reach to LAN

Not Just a Pretty Faceplate

The 1224STR is more than just ports for "gozinta" and "gozouta." Adtran included managed Layer 2 functionality, a stateful inspection firewall, VLAN and spanning tree support, link aggregation and, of course, port mirroring.

All these features don't mean a thing if you ain't got an easy-to-configure operating system. Adtran's is the culmination of years of work and offers both CLI and HTTP configuration options. The CLI can be accessed through the console port on the back of the unit or through telnet. The CLI commands resemble those found in Cisco's IOS.

For those not familiar with IOS or looking for a way to configure that router without getting carpal tunnel syndrome, HTTP is the way to go, and the way I chose. For my testing, I configured an IP address from the console port and finished configuration using a Web browser.

The browser interface is nicely laid out and includes dummy options for configuring the unit for the first time. I quickly created two VLANs, and assigned computers and IP telephones to them. Adtran has made everything about configuring the ports easy. Instead of setting configurations for each port individually, you select specific ports, or all ports at once, and then configure a template line. When you click Apply, the template line configuration is applied to all selected ports.

Frame relay PVCs are just as simple to configure, and the unit can be connected to a frame relay switch or act as one--convenient when you want to connect two 1224STRs back to back. PPP setup is just as easy, with settings for authentication and port IP address.

Routing is handled in software, but because it is only routing a DS-1's worth of data (1.544 Mbps), the unit is more than capable of routing at WAN wire speed. The 1224STR supports RIP v1, v2 or static routes. I'd like to see at least OSPF added, and while I'm wishing, BGP support would be even better.The 1224STR has 32 MB of RAM for operation and 16 MB of Flash memory for OS images. It also includes 16 MB of RAM for port buffer memory.

More Than a Router

Firewalls are a necessity, and Adtran's Firewall Wizard is a great place to start. The wizard creates a secure gate by blocking all incoming traffic from the WAN side, unless otherwise specified. If you have servers on your internal network that need to be accessed remotely, just specify the type of service and the address of the server associated with that service. The firewall worked as advertised by blocking specified inbound traffic and letting requests to my Web server pass through unabated.

For internal security, Adtran lets you create Security Zones that specify what type of traffic can come and go from listed VLANs. This may keep the office hacker from gaining access to your accounting department, as long as they are on separate VLANs. The 1224STR is designed for smaller networks that don't require routing between multiple VLANs at wire speed. The unit handled the cross VLAN traffic that I threw at it, but Adtran admits it won't handle 24 ports of 100-Mbps routing. This should be available in future products that integrate a full Layer 3 switch.

For redundant paths, Spanning Tree setup was simple, with costs applied to individual interfaces. The 1224STR supports rapid (802.1w) or legacy (802.1d) protocols with link type automagically determined, forced to share or peer-to-peer.On the administration side, port statistics can be viewed for both the WAN and LAN ports from the Web interface. The number of stats shown varies depending on the interface--Ethernet or DS-1--and includes in and out packets, errors and discards. The DS-1 interface also displays Layer 1 stats. Graphs are not available, but the data is presented clearly. Any down ports of LOS states are displayed in red.

Adtran will be adding PoE (Power over Ethernet) capabilities later this summer and full Layer 3 switching within the next 12 months. For those of you needing a bit more than 10/100 ports, you can expect to see a true gigabit switch with 24 gigabit ports within the next year as well.

As with all Adtran products, tech support and firmware updates are free and require no maintenance contract. The 1224 will support two firmware images--primary and secondary--to be stored at the same time. If the 1224 series is built like Adtran's CSU/DSUs, I expect these routers to work like tanks for years.

Darrin Woods is a Network Computing contributing editor. He has worked as a WAN engineer for a telecom carrier. Write to him at [email protected].

0