manualshive.com logo in svg

H3C S5500-HI Switch Series, Fundamentals Configuration Manual

The H3C S5500-HI Switch Series is a high-performance network switch designed to meet the demands of today's business networks. Get the most out of your switch by downloading the Fundamentals Configuration Manual for free from manualshive.com. This comprehensive manual provides detailed instructions on how to configure your switch for optimal performance.

Share
Download
background image

 

48 

To do… 

Use the command… 

Remarks 

Enter the default 
ISP domain 
view 

domain

 

domain-name

 

Apply the 
specified AAA 

scheme to the 
domain 

authentication default

 

hwtacacs-scheme

 

hwtacacs-scheme-name

 

local

 ] |

 local

 | 

none

 | 

radius-scheme

 

radius-scheme-name

 

local

 ] }

 

Configure the 
authentication 
mode 

Exit to system 
view 

quit 

Optional 
By default, the AAA scheme is 

local

If you specify the local AAA scheme, 

perform the configuration concerning local 

user as well. If you specify an existing 
scheme by providing the 

radius

-

scheme-name

 argument, perform 

the following configuration as well: 

 

For RADIUS and HWTACACS 
configuration, see 

Security 

Configuration Guide

 

Configure the username and password 
on the AAA server. (For more 

information, see 

Security Configuration 

Guide

.) 

Create a local user and enter local 
user view 

local-user 

user-name

 

Required 
By default, no local user exists. 

Set the local password 

password

 { 

cipher

 |

 

simple

 } 

password

 

Required 
By default, no local password is set. 

Specify the command level of the 
local user 

authorization-attribute 
level 

level

 

Optional 
By default, the command level is 0. 

Specify the service type for the 
local user 

service-type

 

ssh

  

Required 
By default, no service type is specified. 

Return to system view 

quit 

— 

Create an SSH user, and specify 
the authentication mode for the 

SSH user 

ssh user

 

username

 

service-type stelnet 

authentication-type 

password

 | { 

any

 | 

password-publickey

 | 

publickey

 } 

assign

 

publickey

 

keyname

 } 

Required 
By default, no SSH user exists, and no 
authentication mode is specified. 

Configure common settings for VTY 
user interfaces 

— 

Optional 
See “

Configuring common settings for VTY 

user interfaces (optional)

.” 

 

 

NOTE:  

This chapter describes how to configure an SSH client by using 

password

 authentication. For more 

information about SSH and how to configure an SSH client by using publickey, see 

Security Configuration

Guide. 

 

After you enable command authorization or command accounting, you need to perform the following 

configuration to make the function take effect: 

 

Create a HWTACACS scheme, and specify the IP address of the authorization server and other 
authorization parameters. 

 

Reference the created HWTACACS scheme in the ISP domain. 

Summary of Contents for S5500-HI Switch Series

Page 1: ...H3C S5500 HI Switch Series Fundamentals Configuration Guide Hangzhou H3C Technologies Co Ltd http www h3c com Software version Release 5101 Document version 6W100 20111031...

Page 2: ...re Secware Storware NQA VVG V2 G Vn G PSPT XGbus N Bus TiGem InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the...

Page 3: ...ical support Documentation feedback Audience This documentation is intended for Network planners Field technical support and servicing engineers Network administrators working with the S5500 HI Switch...

Page 4: ...alls attention to important information that if not understood or followed can result in data loss data corruption or damage to hardware or software IMPORTANT An alert that calls attention to essentia...

Page 5: ...e transceiver modules Pluggable SFP SFP XFP Transceiver Modules Installation Guide Describe the installation and replacement of SFP SFP XFP transceiver modules Software configuration Configuration gui...

Page 6: ...Technical support customer_service h3c com http www h3c com Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...

Page 7: ...en display 10 Filtering output information 11 Configuring user privilege and command levels 14 Introduction 14 Configuring a user privilege level 14 Switching user privilege level 17 Modifying the lev...

Page 8: ...68 HTTP login example 68 HTTPS login example 69 NMS login 72 NMS login overview 72 Configuring NMS login 72 NMS login example 73 User login control 76 User login control overview 76 Configuring login...

Page 9: ...Renaming a file 100 Copying a file 100 Moving a file 100 Deleting a file 100 Restoring a file from the recycle bin 101 Emptying the recycle bin 101 Managing directories 101 Displaying directory infor...

Page 10: ...19 Hotfix configuration task list 122 Configuration prerequisites 122 Installing a patch in one step 122 Installing a patch step by step 123 Uninstalling a patch step by step 125 Displaying and mainta...

Page 11: ...the power saving function 156 Enabling the power saving function 156 Configuring power saving status 157 Configuring the port status detection timer 157 Configuring temperature thresholds for a device...

Page 12: ...ethods Command conventions Command conventions help you understand command meanings Commands in product manuals comply with the conventions listed in Table 1 Table 1 Command conventions Convention Des...

Page 13: ...cated commands can be understood using Table 1 as a reference Undo form of a command The undo form of a command restores the default disables a function or removes a configuration Almost all configura...

Page 14: ...you automatically enter user view where Device name is displayed You can perform limited operations in user view for example display operations file operations and Telnet operations To perform further...

Page 15: ...lp Enter a question mark to access online help See the following examples 1 Enter in any view to display all commands available in this view as well as brief descriptions of the commands For example S...

Page 16: ...or back one character Left arrow key or Ctrl B The cursor moves one character space to the left Right arrow key or Ctrl F The cursor moves one character space to the right Tab If you press Tab after e...

Page 17: ...command aliases When you enter a command alias the system displays and saves the command in its original format instead of its alias In other words you can define and use a command alias but the comma...

Page 18: ...Hotkeys reserved by the system Hotkey Function Ctrl A Moves the cursor to the beginning of the current line Ctrl B Moves the cursor one character to the left Ctrl C Stops performing a command Ctrl D...

Page 19: ...ously but not submitted Follow these steps to enable redisplaying of commands previously entered but not submitted To do Use the command Remarks Enter system view system view Enable redisplaying of en...

Page 20: ...inal you need to use Ctrl P or Ctrl N because they are defined differently and the up and down arrow keys are invalid The commands saved in the history command buffer are in the same format in which y...

Page 21: ...ch screen pauses after it is displayed Perform one of the following operations to proceed Action Function Press Space Displays the next screen Press Enter Displays the next line Press Ctrl C Stops the...

Page 22: ...the keyword exclude and equals the keyword include The following definitions apply to the begin exclude and include keywords begin Displays the first line that matches the specified regular expression...

Page 23: ...x refers to the sequence number starting from 1 from left to right of the character group before If only one character group appears before index can only be 1 if n character groups appear before inde...

Page 24: ...line containing user interface to the last line in the current configuration the output information depends on the current configuration Sysname display current configuration begin user interface user...

Page 25: ...this level will be restored to the default settings Commands at this level include debugging terminal refresh and send 2 System Provides service configuration commands including routing configuration...

Page 26: ...ege level the user privilege level depends on the default configuration of the authentication server Example of configuring a user privilege level by using AAA authentication parameters Authenticate u...

Page 27: ...level for users logged in through the AUX user interface is 3 and that for users logged in through the VTY interfaces is 0 Follow these steps to configure the user privilege level under a user interf...

Page 28: ...tion Users can switch to a different user privilege level temporarily without logging out and terminating the current connection After the privilege level switching users can continue to configure the...

Page 29: ...r by using the local password first and if no password for privilege level switching is set for the user logged in from the AUX user interface the privilege level is switched directly for the user log...

Page 30: ...e user privilege level the information you need to provide varies with combinations of the user interface authentication mode and the super authentication mode Table 6 Information entered for user pri...

Page 31: ...password attempts For more information about user interface authentication see the chapter CLI login Modifying the level of a command All the commands in a view default to different levels The admini...

Page 32: ...Displaying and maintaining CLI To do Use the command Remarks Display defined command aliases and the corresponding commands display command alias begin exclude include regular expression Available in...

Page 33: ...e through SSH To do so log in to the device through the console port and complete the following configuration Enable the SSH function and configure SSH attributes Configure the IP address of the VLAN...

Page 34: ...ages and monitors users that log in via the console port The type of the console port is EIA TIA 232 DCE VTY virtual type terminal user interface Used to manage and monitor users that log in via VTY A...

Page 35: ...ring Relative numbering allows you to specify a user interface or a group of user interfaces of a specific type The number format is user interface type number The following rules of relative numberin...

Page 36: ...erform configurations to increase device security and manageability Logging in through the console port Logging in through the console port is the most common login method and is also the first step t...

Page 37: ...ble into your device To disconnect the PC from the device first unplug the RJ 45 connector and then the DB 9 connector 2 Launch a terminal emulation program such as HyperTerminal in Windows XP or Wind...

Page 38: ...27 Figure 5 Connection description Figure 6 Specify the serial port used to establish the connection...

Page 39: ...t POST A prompt such as H3C appears after you press Enter as shown in Figure 8 Figure 8 Configuration page 4 Execute commands to configure the device or check the running status of the device To get h...

Page 40: ...ration Remarks None Configure not to authenticate users For more information see Configuring none authentication for console login Configure to authenticate users by using the local password Password...

Page 41: ...e through the console port without authentication and have user privilege level 3 after login Configure common settings for console login Optional See Configuring common settings for console login opt...

Page 42: ...nd have user privilege level 3 after login Set the local password set authentication password cipher simple password Required By default no local password is set Configure common settings for console...

Page 43: ...n the user privilege level A user is authorized a command level not higher than the user privilege level With command authorization enabled the command level for a login user is determined by both the...

Page 44: ...al user service type terminal Required By default no service type is specified Configure common settings for console login Optional See Configuring common settings for console login optional After you...

Page 45: ...number Configure the baud rate speed speed value Optional By default the transmission rate is 9600 bps Transmission rate is the number of bits that the device transmits to the terminal per second Conf...

Page 46: ...e type of terminal display terminal type ansi vt100 Optional By default the terminal display type is ANSI The device supports two types of terminal display ANSI and VT100 H3C recommends you to set the...

Page 47: ...ing table shows the configuration requirements of Telnet login Object Requirements Configure the IP address of the VLAN interface and make sure the Telnet server and client can reach each other Telnet...

Page 48: ...lnet login configurations for different authentication modes Authentication mode Configuration Remarks None Configure not to authenticate users For more information see Configuring none authentication...

Page 49: ...evel for login users on the current user interfaces user privilege level level Required By default the default command level is 0 for VTY user interfaces Configure common settings for VTY user interfa...

Page 50: ...ntication mode password Required By default authentication mode for VTY user interfaces is password Set the local password set authentication password cipher simple password Required By default no loc...

Page 51: ...ration requirements Configuration procedure Follow these steps to configure scheme authentication for Telnet login To do Use the command Remarks Enter system view system view Enable Telnet telnet serv...

Page 52: ...on the HWTACACS server If both command accounting and command authorization are enabled only the authorized and executed commands are recorded on the HWTACACS server Exit to system view quit Enter th...

Page 53: ...of the commands that the users can access depends on the user privilege level defined in the AAA scheme When the AAA scheme is local the user privilege level is defined by the authorization attribute...

Page 54: ...lt Enable the current user interface s to support either Telnet SSH or both of them protocol inbound all ssh telnet Optional By default both protocols are supported The configuration takes effect next...

Page 55: ...the command triggers another task the system does not end the user connection until the task is completed A Telnet command is usually specified to enable the user to automatically telnet to the speci...

Page 56: ...s or source interface is specified The source IPv4 address is selected by routing Logging in through SSH Secure Shell SSH offers an approach to log into a remote device securely By providing encryptio...

Page 57: ...authentication and have user privilege level 3 after login For information about logging in to the device with the default configuration see Configuration requirements Configuration procedure Follow...

Page 58: ...hecks whether the command is authorized If yes the command can be executed Enable command accounting command accounting Optional By default command accounting is disabled The accounting server does no...

Page 59: ...and level of the local user authorization attribute level level Optional By default the command level is 0 Specify the service type for the local user service type ssh Required By default no service t...

Page 60: ...ugh the console port without authentication and have user privilege level 3 after login For information about logging in to the device with the default configuration see Configuration requirements Fig...

Page 61: ...s properly Administrator side The telephone number of the remote modem connected to the console port of the remote switch is obtained The console port is correctly connected to the modem Configuration...

Page 62: ...r AT V to display the configuration results NOTE The configuration commands and the output for different modems may be different For more information see your modem s user guide 4 Launch a terminal em...

Page 63: ...52 Figure 20 Connection Description Figure 21 Enter the phone number...

Page 64: ...and device execute the ATH command on the terminal to terminate the connection between the PC and modem If you cannot execute the command on the terminal enter AT and then press Enter When you are pro...

Page 65: ...Keep your username and password If you lose your local password log in to the device from the console port to display or modify the password If you lose your remote password contact the administrator...

Page 66: ...ion for modem login To do Use the command Remarks Enter system view system view Enter one or more AUX user interface views user interface aux first number last number Specify the none authentication m...

Page 67: ...ystem view Enter one or more AUX user interface views user interface aux first number last number Specify the password authentication mode authentication mode password Required By default the modem lo...

Page 68: ...the default configuration see Configuration requirements Configuration procedure Follow these steps to configure scheme authentication for modem login To do Use the command Remarks Enter system view...

Page 69: ...e command accounting command accounting Optional By default command accounting is disabled The accounting server does not record the commands executed by users Command accounting allows the HWTACACS s...

Page 70: ...ng you need to perform the following configuration to make the function take effect Create a HWTACACS scheme and specify the IP address of the authorization server and other authorization parameters R...

Page 71: ...te speed speed value Optional By default the baud rate is 9600 bps Transmission rate is the number of bits that the device transmits to the terminal per second Configure the parity check mode parity e...

Page 72: ...he value is none The switch supports the none flow control mode only Configure the type of terminal display terminal type ansi vt100 Optional By default the terminal display type is ANSI The device su...

Page 73: ...be lower than the transmission rate of the modem Otherwise packets may be lost Displaying and maintaining CLI login To do Use the command Remarks Display information about the user interfaces that ar...

Page 74: ...and Remarks Lock the current user interface lock Available in user view By default the current user interface is not locked Send messages to the specified user interfaces send all num1 aux vty num2 Av...

Page 75: ...u can define a certificate attribute based access control policy to allow legal clients to access the device securely and prohibit unauthorized clients To log in to the device through the web interfac...

Page 76: ...word Required By default no password is configured for the local user Specify the command level of the local user authorization attribute level level Required No command level is configured for the lo...

Page 77: ...L negotiation Because the application process takes much time the SSL negotiation often fails and the HTTPS service cannot be started normally In that case you need to execute the ip https enable comm...

Page 78: ...Specify the web service type for the local user service type web Required By default no service type is configured for the local user Exit to system view quit Create a VLAN interface and enter its vi...

Page 79: ...192 168 0 58 and the subnet mask as 255 255 255 0 Sysname interface vlan interface 999 Sysname VLAN interface999 ip address 192 168 0 58 255 255 255 0 Sysname VLAN interface999 quit Create a local us...

Page 80: ...ugh the web interface HTTPS login example Network requirements As shown in Figure 29 to prevent unauthorized users from accessing the device configure the device as the HTTPS server and the host as th...

Page 81: ...Create RSA local key pairs Device public key loc al create rsa Retrieve the CA certificate from the certificate issuing server Device pki retrieval certificate ca domain 1 Request a local certificate...

Page 82: ...sera service type web Device luser usera authorization attribute level 3 2 Configure the host to act as the HTTPS client On the host run the IE browser and then enter http 10 1 2 2 certsrv in the addr...

Page 83: ...figure the IP address of the VLAN interface Make sure the device and the NMS can reach each other Device Configure SNMP settings NMS Configure the NMS For more information see your NMS manual Configur...

Page 84: ...SNMP community snmp agent community read write community name acl acl number mib view view name Configure an SNMP group snmp agent group v1 v2c group name read view read view write view write view not...

Page 85: ...a user to the SNMP group Sysname snmp agent usm user v3 managev3user managev3group 2 Configure the NMS a On the PC launch the browser and enter http 192 168 3 104 8080 imc in the address bar suppose t...

Page 86: ...e device through the iMC For example query device information or configure device parameters NOTE The SNMP settings on the iMC must be the same as those configured on the device If not the device cann...

Page 87: ...denied source IP addresses source MAC addresses and destination IP addresses Configuring source IP based login control over Telnet users Basic ACLs match the source IP addresses of packets so you can...

Page 88: ...L and enter its view or enter the view of an existing advanced ACL acl ipv6 number acl number match order config auto Required By default no advanced ACL exists Configure rules for the ACL rule rule i...

Page 89: ...lnet client and server are not in the same subnet Source MAC based login control configuration example Network requirements As shown in Figure 33 configure an ACL on the Device to permit only incoming...

Page 90: ...match the source IP addresses of packets so you can use basic ACLs to implement source IP based login control over NMS users Basic ACLs are numbered from 2000 to 2999 For more information about ACL s...

Page 91: ...up name acl acl number snmp agent usm user v3 user name group name cipher authentication mode md5 sha auth password privacy mode 3des aes128 des56 priv password acl acl number Required You can associa...

Page 92: ...login control over web users Basic ACLs match the source IP addresses of packets so you can use basic ACLs to implement source IP based login control over web users Basic ACLs are numbered from 2000...

Page 93: ...igure 35 configure the device to allow only web users from Host B to access Figure 35 Network diagram Configuration procedure Create ACL 2000 and configure rule 1 to permit packets sourced from Host B...

Page 94: ...en the FTP client is behind a firewall PASV mode Passive mode in which the FTP client initiates a data connection request This mode is unavailable when the server side does not allow the client to con...

Page 95: ...ry for an FTP user The device does not support anonymous FTP for security reasons You must set a valid username and password By default authenticated users can access the root directory of the device...

Page 96: ...t source command applies to all FTP connections while the one specified with the ftp command applies to the current FTP connection only Follow these steps to establish an IPv4 FTP connection To do Use...

Page 97: ...ir remotefile localfile Optional Query a directory or file on the remote FTP server ls remotefile localfile Optional Change the working directory of the remote FTP server cd directory Optional Return...

Page 98: ...ied file on the remote FTP server permanently delete remotefile Optional Set the file transfer mode to ASCII ascii Optional ASCII by default Set the file transfer mode to binary binary Optional ASCII...

Page 99: ...onnection see Establishing an FTP connection To do Use the command Remarks Terminate the connection to the FTP server without exiting FTP client view disconnect Optional Equal to the close command Ter...

Page 100: ...nary ftp binary 200 Type set to I Download the system software image file newest bin from the PC to the device Download the system software image file newest bin from the PC to the root directory of t...

Page 101: ...g data to the storage medium after a file is transferred to the memory This prevents the existing file on the FTP server from being corrupted in the event that an anomaly such as a power failure occur...

Page 102: ...name Required No local user exists by default and the system does not support FTP anonymous user access Assign a password to the user password simple cipher password Required Assign the FTP service t...

Page 103: ...clear the memory or use the delete unreserved file url command to delete the files not in use and then perform the following operations 1 Configure the IRF fabric FTP server Create an FTP user accoun...

Page 104: ...in system software image file for next startup of all the member switches Sysname boot loader file newest bin slot all main This command will set the boot file of the specified board Continue Y N y Th...

Page 105: ...94 To do Use the command Remarks Display detailed information about logged in FTP users display ftp user begin exclude include regular expression Available in any view...

Page 106: ...receives data from the server and then sends the acknowledgement to the server In a normal file uploading process the client sends a write request to the TFTP server sends data to the server and rece...

Page 107: ...filename destination filename that exists in the target directory the original file is not overwritten If file download fails due to network disconnection or other reasons the original file still exi...

Page 108: ...me vpn instance vpn instance name Optional Available in user view NOTE If there is not primary IP address configured on the source interface no TFTP connection can be established If you use the tftp c...

Page 109: ...irectory of the storage medium on a slave device with the member ID 2 Sysname tftp 1 2 1 1 get newest bin slot2 flash newest bin Upload a configuration file config cfg to the TFTP server Sysname tftp...

Page 110: ...er in the current working directory path represents the folder name You can specify multiple folders indicating a file under a multi level folder 1 to 135 characters test a cfg indicates a file named...

Page 111: ...s can be displayed Available in user view Renaming a file To do Use the command Remarks Rename a file rename fileurl source fileurl dest Required Available in user view Copying a file To do Use the co...

Page 112: ...view Emptying the recycle bin To do Use the command Remarks Enter the original working directory of the file to be deleted cd directory Optional If the original directory of the file to be deleted is...

Page 113: ...s in the recycle bin in the current directory Managing storage media Managing the space of a storage medium When the space of a storage medium becomes inaccessible you can use the fixdisk command to r...

Page 114: ...Repair bad blocks fixdisk device Required Available in user view Checking files After files are written to the NAND flash memory use the following commands together to check the content of these files...

Page 115: ...marks Enter system view system view Set the file system operation mode file prompt alert quiet Optional The default is alert File system management examples Display the files and the subdirectories in...

Page 116: ...105 Sysname cd Display the current working directory Sysname pwd flash...

Page 117: ...iguration of the device you can use the display default configuration command NOTE Factory default configuration may differ from the default settings of commands and vary with switch models Startup co...

Page 118: ...sing the main startup configuration file If the main startup configuration file is corrupted or lost the devices starts up using the backup startup configuration file Devices supporting main and backu...

Page 119: ...w these steps to configure the configuration file auto save function To do Use the command Remarks Enter system view system view Enable configuration file auto save slave auto update config Optional E...

Page 120: ...e file must comply with the format of the configuration file on the current device H3C recommends that you use the configuration file generated by using the backup function You can apply configuration...

Page 121: ...0080620archive_2 cfg The saved configuration files are numbered automatically from 1 to 1 000 with an increment of 1 If the serial number reaches 1 000 it restarts from 1 If you change the file path o...

Page 122: ...u set a comparatively small value for the file number argument if the available memory space is small Enabling automatic saving of the running configuration You can configure the system to save the ru...

Page 123: ...n rollback configuration replace file filename Required CAUTION Configuration rollback may fail if one of the following situations is present if a command cannot be rolled back the system skips it and...

Page 124: ...TFTP server Follow the step below to back up the startup configuration file To do Use the command Remarks Back up the startup configuration file to the specified TFTP server backup startup configurat...

Page 125: ...oring a configuration file make sure that the server is reachable the server is enabled with TFTP service and the client has read and write permission After execution of the command use the display st...

Page 126: ...s used at this and the next system startup display startup begin exclude include regular expression Available in any view Display the valid configuration under the current view display this by linenum...

Page 127: ...hip Figure 41 Relationship between the Boot ROM and the system software images Software upgrade methods You can upgrade both Boot ROM and system software at the Boot menu or at the command line interf...

Page 128: ...irectory of the device s storage media by using FTP or TFTP 2 Specify the Boot ROM image to be used at the next boot at the CLI 3 Reboot the device to make the specified Boot ROM image take effect The...

Page 129: ...used at the next boot of the master and slaves may be different but the versions of the files must be the same otherwise a slave will reboot by using the master s system software image and join the I...

Page 130: ...ommon patches always include the functions of the previous temporary patches The patch type only affects the patch loading process The system deletes all of the temporary patches before it loads the c...

Page 131: ...p between patch state changes and command actions NOTE Information about patch states is saved in file patchstate on the Flash H3C recommends that you do not operate this file IDLE state Patches in ID...

Page 132: ...te Patches in ACTIVE state have run temporarily in the system and become DEACTIVE after system reboot For the seven patches in Figure 44 if you activate the first five patches their states change from...

Page 133: ...e system cannot locate the patch file and the hotfixing operation fails The name is in the format of patch_PATCH FLAG suffix bin The PATCH FLAG is pre defined The value of the version field using the...

Page 134: ...tion Specifies the name of the patch package file Provide this option when you install a patch package file NOTE The patch matches the software version If you install a patch file by specifying the di...

Page 135: ...atch install yyy command the patch file location automatically changes from xxx to yyy Loading a patch file Loading the correct patch files is the basis of other hotfixing operations If you install a...

Page 136: ...lling a patch step by step Step by step patch uninstallation task list Task Remarks Stopping running patches Required Deleting patches Required Stopping running patches When you stop running a patch t...

Page 137: ...you uninstall all patches by using the undo patch install command in one operation Software upgrade configuration examples Immediate upgrade configuration example Network requirement As shown in Figu...

Page 138: ...tftp 2 2 2 2 get soft version2 bin File will be transferred in binary mode Downloading file from remote TFTP server please wait TFTP 10058752 bytes received in 141 second s File downloaded successful...

Page 139: ...free Flash space of the device is large enough to store the patch files Before upgrading the software use the save command to save the current system configuration Details not shown Load the patch fil...

Page 140: ...enario you can use ISSU to upgrade system software of each IRF member switch to ensure non stop forwarding or reduce down time for users connected to Switch A Switch B and Switch C Figure 49 IRF netwo...

Page 141: ...r switches that have not been upgraded with the issu run switchover command Check whether all the IRF member switches have been upgraded Yes No ISSU upgrade cannot be performed Unknown Download the ne...

Page 142: ...ou reboot the specified slave switch with the issu load command the system automatically creates a configurable version rollback timer When you use the compatible ISSU method If you do not execute the...

Page 143: ...n saved to the configuration file Display the running status of each IRF member switch display device Required Before performing ISSU make sure that all the member switches of the IRF fabric are in no...

Page 144: ...ers system view system view Check whether the new system software image is compatible with the current system software image display version comp matrix file upgrading filename Required Configuring IS...

Page 145: ...ber argument provided in this command must be the same as that specified in the issu load command When this command is executed the rollback timer becomes invalid which means system software cannot be...

Page 146: ...tion after the reboot process completes Upgrade all the IRF member switches that have not been upgraded in one operation issu run switchover slot slot number Required The slot number argument provided...

Page 147: ...after executing the issu load command the new rollback timer does not take effect for this ISSU process Displaying and maintaining ISSU To do Use the command Remarks Display information about the roll...

Page 148: ...oups Ports in aggregation group 1 connect to Switch A ports in aggregation group 2 connect to Switch B and ports in aggregation group 3 connect to Switch C On Switch A create aggregation group 1 that...

Page 149: ...g link aggregation 1 Configure the IRF fabric Create three dynamic aggregation groups 1 2 and 3 IRF system view IRF interface bridge aggregation 1 IRF Bridge Aggregation1 link aggregation mode dynamic...

Page 150: ...IRF interface GigabitEthernet 1 0 3 IRF GigabitEthernet1 0 3 port link aggregation group 3 IRF GigabitEthernet1 0 3 quit IRF interface GigabitEthernet 2 0 3 IRF GigabitEthernet2 0 3 port link aggrega...

Page 151: ...tion mode dynamic SwitchB Bridge Aggregation3 quit Add ports GigabitEthernet 1 0 1 GigabitEthernet 1 0 2 and GigabitEthernet 1 0 3 that connect to IRF member switches to aggregation group 3 correspond...

Page 152: ...al The output shows that all IRF member switches are in normal state 2 Check whether the current system software images on IRF member switches are the same If not the ISSU upgrade cannot be performed...

Page 153: ...of each IRF member switch If not the ISSU upgrade cannot be performed Verify whether the new system software image soft version2 bin has been saved to the Flash of the master IRF dir Directory of fla...

Page 154: ...ved the current configuration to mainboard device successfully Slot 2 Save next configuration file successfully Slot 3 Save next configuration file successfully Configuration is saved to device succes...

Page 155: ...up boot app is flash Slot 2 The current boot app is flash soft version2 bin The main boot app is flash soft version2 bin The backup boot app is flash Slot 3 The current boot app is flash soft version1...

Page 156: ...ill coexist after the new master the slave switch specified with the issu load command is rebooted causing network faults Upgrade the specified slave switch the new master after the upgrade which is s...

Page 157: ...The main boot app is flash soft version2 bin The backup boot app is flash Slot 3 The current boot app is flash soft version2 bin The main boot app is flash soft version2 bin The backup boot app is fl...

Page 158: ...t on the network Network management depends on an accurate system time setting because the timestamps of system messages and logs use the system time In a small sized network you can manually set the...

Page 159: ...summer offset is beyond the daylight saving time range the original system time does not change After you disable the daylight saving setting the system time automatically decreases by summer offset d...

Page 160: ...ck zone offset outside the daylight saving time range Original system clock zone offset summer offset clock timezone zone time add 1 clock summer time ss one off 1 00 2005 1 1 1 00 2005 8 8 2 System c...

Page 161: ...em view Set the time zone clock timezone zone name add minus zone offset Optional Universal time coordinated UTC time zone by default Set a daylight saving time scheme Set a non recurring scheme clock...

Page 162: ...CLI Message input modes The system supports single line input and multiple line input for configuring a banner 1 Single line input In single line input mode all banner information is input in the sam...

Page 163: ...ollowing commands System system view System header shell AHave a nice day Please input banner content and quit with the character A System prompt Please input the Password A Configuration procedure Fo...

Page 164: ...the startup configuration file and the main system software image file If the main system software image file has been corrupted or does not exist the device cannot reboot You must re specify a main s...

Page 165: ...uts an empty character string when there is no default character string Job configuration approaches You can configure jobs in a non modular or modular approach Use the non modular approach for a one...

Page 166: ...nterface view and Vlan interfacex for VLAN interface view The time ID time id must be unique in a job If two time and command bindings have the same time ID the one configured last takes effect Schedu...

Page 167: ...u can disable Boot ROM access so the users can access only the CLI You can also set a Boot ROM password the first time you access the Boot menu to protect the Boot ROM To view Boot ROM accessibility s...

Page 168: ...ort or you press the Mode button the device automatically switches to the wake up status so that you can check the LED statuses When the device is in wake up status if no data is being exchanged on th...

Page 169: ...the event and outputs a log message and a trap When the device temperature reaches the alarming threshold the device logs the event and outputs a log message and a trap repeatedly Follow these steps...

Page 170: ...l to make a confirmation within 30 seconds or enter N to cancel the operation Verifying and diagnosing transceiver modules NOTE Support for the pluggable transceivers and the transceiver type depends...

Page 171: ...unning data for multiple modules The display diagnostic information command equals this set of commands display clock display version display device and display current configuration To do Use the com...

Page 172: ...xpression Available in any view Display power module information display power slot slot number power id begin exclude include regular expression Available in any view Display the mode of the last reb...

Page 173: ...tion file name TFTP server IP address and DNS server IP address to the device TFTP server Saves files needed in automatic configuration The device gets the files needed from the TFTP server such as th...

Page 174: ...erver and the configuration file name 2 After getting related parameters the device sends a TFTP request to obtain the configuration file from the specified TFTP server and executes the configuration...

Page 175: ...mmand Reference The temporary configuration is removed by executing the corresponding undo commands For more information about DHCP see Layer 3 IP Services Configuration Guide Principles for selecting...

Page 176: ...iguration The configuration file specified by the Option 67 or file field in the DHCP response The host name file which is named network cfg The host name file stores mappings between IP addresses and...

Page 177: ...ts host name it requests the configuration file with the same name from the TFTP server If all the above operations fail the device requests the default configuration file from the TFTP server TFTP re...

Page 178: ...ce to a unicast packet and forward the unicast packet to the specified TFTP server For more information about UDP Helper see Layer 3 IP Services Configuration Guide Executing the configuration file Af...

Page 179: ...vilege and command levels 14 Controlling the CLI display 10 Current network status and requirements analysis 137 D Deleting a startup configuration file 1 13 Device management overview 147 Device soft...

Page 180: ...grade configuration examples 126 Software upgrade methods 1 16 Software upgrade through a system reboot 1 17 Specifying a startup configuration file 1 13 T TFTP client configuration example 97 TFTP ov...

Reviews:

No comments

Related manuals for S5500-HI Switch Series

D-Link DSL-G2562DG Quick Start Manual preview
DSL-G2562DG
Brand: D-Link Pages: 2
Eaton Network Card-MS User Manual preview
Network Card-MS
Brand: Eaton Pages: 89
Patton electronics SMARTNODE 4900 Getting Started Manual preview
SMARTNODE 4900
Brand: Patton electronics Pages: 75
Patton electronics RocketLink-G 3088/I Getting Started Manual preview
RocketLink-G 3088/I
Brand: Patton electronics Pages: 61
Patton SmartNode 5200 Quick Start Manual preview
SmartNode 5200
Brand: Patton Pages: 12
Patton SL4020 Getting Started Manual preview
SL4020
Brand: Patton Pages: 84
Patton OnSite 3210 Series User Manual preview
OnSite 3210 Series
Brand: Patton Pages: 110
Patton electronics 4900 Series Specification Sheet preview
4900 Series
Brand: Patton electronics Pages: 2
Patton electronics SMARTNODE 4110 Series User Manual preview
SMARTNODE 4110 Series
Brand: Patton electronics Pages: 78
Patton electronics SMARTNODE 4552 Quick Start Manual preview
SMARTNODE 4552
Brand: Patton electronics Pages: 8
ADTRAN 617600026F1 Quick Start Manual preview
617600026F1
Brand: ADTRAN Pages: 9
ForeScout CounterACT Quick Installation Manual preview
CounterACT
Brand: ForeScout Pages: 28
WaiLan DeltaFire 500 User Manual preview
DeltaFire 500
Brand: WaiLan Pages: 27
Ravpower RD-WD009 User Manual preview
RD-WD009
Brand: Ravpower Pages: 27
Billion BiPAC 7301VGP User Manual preview
BiPAC 7301VGP
Brand: Billion Pages: 120
Swann NVRx-7300 series Quick Start Manual preview
NVRx-7300 series
Brand: Swann Pages: 9
Hunter Pro-C Series Programming Instructions preview
Pro-C Series
Brand: Hunter Pages: 2
Tripp Lite WEBCARDLX Owner'S Manual preview
WEBCARDLX
Brand: Tripp Lite Pages: 34

Brands by name

Popular brands

Load more brands