set service

Purpose

Used to:

• Enable and disable network services.
• Change the network port on which a given service listens.
• Display the entire service table, or an entry in the service table.

Caution on enabling and disabling services

CAUTION! Exercise caution in enabling and disabling network services, particularly disabling them. Changing certain settings can render your Digi device inaccessible. For example, if you disable Advanced Digi Discovery Protocol (ADDP), the device will not be discovered on a network, even if it is actually connected. If you disable HTTP and HTTPS, the Web interface can be disabled. Disabling basic services such as Telnet, and Rlogin, can make the command-line interface inaccessible.

Required permissions

For Digi products with two or more users, permissions must be set to set permissions s-service=read to display settings, and set permissions s-services=rw to display and configure settings. See set permissions for details on setting user permissions for commands.

Syntax

Enable/disable network services or change network port for service

set service [range=range]
  [state={on|off}]
  [ipport=network_port]
  [keepalive={on|off}]
  [nodelay={on|off}]
  [delayed_ack=0-1000]
  [reduced_buffer={on|off}]

Display service table or entries in the table

set service [range=range]

Options

range=range

Used to specify the index of the network service to which the rest of the command’s options apply. This range varies among Digi devices. Enter set service to display the index numbers for the network services on your Digi device. For more information on using this option, see Index numbers and changing default port numbers.

state={on|off}

Used to enable or disable a given network service.

ipport=network port

Used to change the network port on which a given network service listens. See Supported network services and their default network port numbers for more information on the network services available.

keepalive={on|off}

Indicates whether or not TCP keepalives will be sent for specified range of network services. If set to on, keepalives will be sent, if it is off, keepalives will not be sent.

Configurable TCP keepalive parameters, for example, how many keepalives to send and when to send them, are configured globally via the set network command (see set network).

nodelay={on|off}

 

Used to allow unacknowledged or smaller-than-maximum-segment-sized data to be sent for the specified range of network services.

The nodelay option disables Nagle’s algorithm, which is on by default, for some TCP services. The purpose of Nagle's algorithm is to reduce the number of small packets sent. The algorithm establishes not sending outgoing data when there is either unacknowledged sent data, or there is less-than-maximum segment size (typically around 1500 bytes for Ethernet) worth of data to be sent. While this algorithm allows for efficient data transmission, there are times when it is desirable to disable it.

delayed_ack=0-1000

The time, in milliseconds, to delay sending ACK packets in response to received data for the specified range of network services. The default is 200 milliseconds.

Setting this option to 0 (zero) sends an ACK packet back acknowledge the received data immediately. Setting it to any other value means that the ACK packet will be sent after the specified time. If the network services generate new data during that time, the ACK packet will be sent along with the data packet.

You can use this setting to avoid congestion and reduce network traffic, However, do not change this option from its default setting unless you have a solid understanding of network services and data transmission, or have been instructed to make the change.

reduced_buffer={on|off}

The reduced buffer feature limits the amount of data that can be passed through the system to as close to a single byte at a time as is possible for the socket services. This causes throughput to drop considerably. The intended use is for extremely low baud rate applications. Because Digi devices normally buffer a great deal of data, it is possible for a remote client to timeout waiting for the Digi device to complete the transmission at the end of the “session.” Artificially limiting the amount of internal buffering by setting reduced_buffer to on dramatically reduces the amount of time between a remote client requesting that the Digi device close a connection and the Digi device’s ability to acknowledge that it is to close the connection.

Supported network services and their default network port numbers

The following table shows the network services controlled by the set services command, the services provided, and the default network port number for each service.

In Digi devices that have multiple serial ports, the network port number defaults for various services are set based on the following formula:

base network port number + serial port number

For example, the Telnet Passthrough service is set to network port 2001 for serial port 1, 2002 for serial port 2, 2003 for serial port 3, and so on.

If you change a network port for a particular service, that is the only network port number that changes. That change does not carry over to the other network ports. For example, if you change the network port number Telnet Passthrough from 2001 to 3001, that does not mean that the other network ports will change to 3002, 3003, and so on.

There are two types of network services available:

• Basic services, which are accessed by connecting to a particular well-known network port.
• Passthrough services, in which a particular serial port is set up for a particular type of service. To use the service, users must both use the correct protocol and specify the correct network port. For example, assuming default service ports and using a Linux host, here is how a user would access the SSH and Telnet passthrough services:

#> ssh -l fred digi16 -p 2501

#> telnet digi16 2101

Service	Services Provided	Default Network Port Number
ADDP	Advanced Digi Discovery Protocol, also known as Device Discovery. Provides discovery of Digi devices on a network.	2362
Encrypted (Secure) RealPort	Secure Ethernet connections between COM or TTY ports and device servers or terminal servers.	1027
HTTP	Hypertext Transfer Protocol, also known as Web Server. Provides access to web pages for configuration that can be secured by requiring a user login.	80
HTTPS	Hypertext Transfer Protocol over Secure Socket Layer), also known as Secure Web Server. Provides access to web pages for configuration that can be secured by requiring a user login, with encryption for greater security.	443
LPD	Line Printer Daemon. Provides network printing over a serial port.	515
Modem Emulation Pool (pmodem)	Allows the Digi device to emulate a modem. Modem emulation sends and receives modem responses to the serial device over the Ethernet instead of Public Switched Telephone Network (PSTN). Telnet processing can be enabled or disabled on the incoming and outgoing modem-emulation connections. The pmodem service is for connecting to whatever serial port will answer.	50000
Modem Emulation Passthrough	Allows the Digi device to emulate a modem. This service is for dialing in to a particular serial port that has been set up for modem emulation.	50001
RealPort	A virtual connection to serial devices, no matter where they reside on the network.	771
Rlogin	Remote login service. Allows users to log in to the Digi device and access the command-line interface via Rlogin.	513
Rsh	Remote shell service. Allows users to log in to the Digi device and access the command-line interface via Rsh.	514
SSH	Secure Shell service. Allows users secure access to log in to the Digi device and access the command-line interface.	22
SSH Passthrough	Accessing a specific serial port set up for SSH.	2501
Secure Socket Service	Authentication and encryption for Digi devices.	2601
Serial/UDP Server (UDP Passthrough)	Allows raw data to be passed between the serial port and User Datagram Protocol (UDP) datagrams on the network.	2101
SNMP	Managing and monitoring the Digi device through Simple Network Management Protocol. If you want to run SNMP, but in a more secure manner, note that SNMP allows for “sets” to be disabled.This securing is done in SNMP itself, not through this command.	161
TCP Echo	Transmission Control Protocol echo. Used for testing the ability to send and receive over a TCP connection, similar to a ping.	7
Telnet	Allows users an interactive Telnet session to the Digi device’s command-line interface.	23
Telnet Passthrough	Allows a Telnet connection directly to the serial port, often referred to as reverse Telnet.	2001
TCP Passthrough	Transmission Control Protocol passthrough. Allows a raw socket connection directly to the serial port, often referred to as reverse sockets.	2101
UDP Echo	Used for testing the ability to send and receive over a User Datagram Protocol (UDP) connection, similar to a ping.	7
VNC Client Listen Daemon	Remote access to a computer on the network or internet using the VNC (Virtual Network Computing) protocol. VNC server software must be installed on the remote computer.	5500
VNC Server	Allows users to remotely view what is currently displayed on the screen using a standard VNC client (viewer).	5900

Index numbers and changing default port numbers

An index number is assigned to each of these services. The index numbers assigned can vary over time. If you want to change the network port number for a service, enter a set service or show service command to display the current index number assigned to all services. Locate the service for which you want to change the network port number, and note the index number for the service. Enter a set service command, specify that index number for the range option, and the new network port number for the ipport option.

For example, to change the network port number for the Telnet basic service from its default port number of 23 to 100, enter the following set service command:

#> set service

The command output displays services defined in and their current network port number assignments:

#> set service
Service Configuration :
index state ipport keepalive nodelay dlyd-ack                         service
     1   off      7       off     off      200                TCP Echo Service
     2   off      7        na      na      200                UDP Echo Service
     3    on     22       off     off      200                     SSH Service
     4    on     23       off     off      200                  Telnet Service
    16    on     80        na      na      200                    HTTP Service
    17    on    161        na      na      200                    SNMP Service
     5    on    443        na      na      200                   HTTPS Service
    19   off    513       off     off      200                  Rlogin Service
    20   off    514       off     off      200                     Rsh Service
    13   off    515       off     off      200             Line Printer Daemon
    12    on    771       off      na      200                RealPort Service
     6    on   1027       off      na      200      Encrypted RealPort Service
     7    on   2001       off     off      200          Telnet Server (Port 1)
     8    on   2101       off     off      200             TCP Server (Port 1)
     9    on   2101        na      na      200      Serial/UDP Server (Port 1)
    18    on   2362        na      na      200                    ADDP Service
    10    on   2501       off     off      200             SSH Server (Port 1)
    11    on   2601       off     off      200  Secure Socket Service (Port 1)
    21   off   4401        on     off      200            Socket Tunnel Server
    14    on  50000        na      na      200          Modem Emulation (Pool)
    15    on  50001       off     off      200        Modem Emulation (Port 1)

Note that the index number assigned to the Telnet basic service is 4. Next, specify 4 for the index number for the range option, and the new network port number for the ipport option:

#> set service range=4 ipport=100

Examples

Disable service

#> set service range=1 state=off

Change the network port (ipport) of a service

#> set service range=1 ipport=500

Displaying the service table

In this example, the set service command displays the entire service table.

#> set service

Displaying an entry in the service table

In this example, the set service command displays a range of entries in the service table.

#> set service range=2-4

Allow outgoing data that is unacknowledged or less than maximum segment size

#> set service ra=5 nodelay=on

See also

• revert: The revert service command reverts the settings configured by this command.
• set network
• set passthrough for information on network services and applications that are enabled and disabled by default when a Digi device is configured for IP passthrough.
• show: The show service command shows the current network service settings in a Digi device.
• For descriptions of Remote Manager and related settings, see set xbee, set mgmtglobal, and set mgmtnetwork.
• For more information on SureLink Link Integrity Monitoring tests, see set surelink.
• For ConnectPort X2 gateways, the RealPort network service can be used to directly access the XBee RF module on the gateway. Doing so requires enabling the RealPort service using this command. See Direct Access communication with the XBee RF module on ConnectPort X2 gateways.