manualshive.com logo in svg

H3C SR6600 SPE-FWM, Command Reference Manual

Share
Download
H3C SR6600 SPE-FWM Command Reference Manual Download Page 134

 

126 

Parameters 

v1

: Specifies SNMPv1. 

v2c

: Specifies SNMPv2c. 

user-name

: User name, a case-sensitive string of 1 to 32 characters. 

group-name

: Group name, a case-sensitive string of 1 to 32 characters. 

acl 

acl-number

: Specifies a basic ACL to filter NMSs by source IPv4 address. The

 acl-number

 argument 

represents a basic ACL number in the range of 2000 to 2999. Only the NMSs with the IPv4 addresses 
permitted in the ACL can use the specified username (community name) to access the SNMP agent. 

acl ipv6 

ipv6-acl-number

: Specifies a basic ACL to filter NMSs by source IPv6 address. The

 

ipv6-acl-number

 argument represents a basic ACL number in the range of 2000 to 2999. Only the NMSs 

with the IPv6 addresses permitted in the ACL can use the specified username (community name) to 
access the SNMP agent. 

Usage guidelines 

Make sure you have created the SNMPv1 or SNMPv2c group.  
When you create an SNMPv1 or SNMPv2c user, the system automatically creates a read-only 

community that has the same name as the SNMPv1 or SNMPv2c username. To change the access right 
of this community to write access, use the 

snmp-agent community

 command or the 

snmp-agent group

 

v1

 | 

v2c

 } command. To display the SNMPv1 and SNMPv2c communities created in this way, use the 

display snmp-agent community

 command.  

The 

snmp-agent usm-user

 { 

v1

 | 

v2c

 } command enables managing SNMPv1 and SNMPv2c users in the 

same  way  as  managing  SNMPv3  users.  It  does  not  affect  the  way  of  configuring  SNMPv1  and 
SNMPv2c communities on the NMS.  
This command is supported only in non-FIPS mode. 

Examples 

# Add the user 

userv2c

 to the SNMPv2c group 

readCom

 so an NMS can use the protocol SNMPv2c and 

the read-only community name 

userv2c

 to access the SNMP agent. 

<Sysname> system-view 

[Sysname] snmp-agent sys-info version v2c 

[Sysname] snmp-agent group v2c readCom 

[Sysname] snmp-agent usm-user v2c userv2c readCom 

# Add the user 

userv2c

 in the SNMPv2c group 

readCom

 so only the NMS at 1.1.1.1 can use the protocol 

SNMPv2c and read-only community name 

userv2c

 to access the SNMP agent. 

<Sysname> system-view 

[Sysname] acl number 2001 

[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 

[Sysname-acl-basic-2001] rule deny source any 

[Sysname-acl-basic-2001] quit 

[Sysname] snmp-agent sys-info version v2c 

[Sysname] snmp-agent group v2c readCom 

[Sysname] snmp-agent usm-user v2c userv2c readCom acl 2001 

Related commands 

 

display snmp-agent community  

 

snmp-agent group

 

Summary of Contents for SR6600 SPE-FWM

Page 1: ... and Monitoring Command Reference Hangzhou H3C Technologies Co Ltd http www h3c com Software version SR6600X CMW520 R3103 SR6602 CMW520 R3103 SR6602X_MCP CMW520 R3103 SR6600 CMW520 R3103 RPE SR6600 CMW520 R3103 RSE Document version 20130222 C 1 12 ...

Page 2: ...ngine SecPath SecCenter SecBlade Comware ITCMM and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the property of their respective owners Notice The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensure accuracy of the contents but all stateme...

Page 3: ...result 21 display nqa statistics 25 filename 31 frequency 31 history record enable 32 history record keep time 32 history record number 33 http version 34 mode 34 next hop 35 nqa 36 nqa agent enable 36 nqa agent max concurrent 37 nqa schedule 37 operation FTP operation view 38 operation HTTP operation view 39 operation interface 39 password FTP operation view 40 probe count 41 probe packet interva...

Page 4: ...ion commands 69 display ntp service sessions 69 display ntp service status 73 display ntp service trace 74 ntp service access 75 ntp service authentication enable 76 ntp service authentication keyid 77 ntp service broadcast client 78 ntp service broadcast server 78 ntp service in interface disable 79 ntp service max dynamic sessions 80 ntp service multicast client 80 ntp service multicast server 8...

Page 5: ...mp agent trap enable 120 snmp agent trap if mib link extended 122 snmp agent trap life 123 snmp agent trap queue size 124 snmp agent trap source 124 snmp agent usm user v1 v2c 125 snmp agent usm user v3 127 MIB configuration commands 130 display mib style 130 mib style 130 RMON configuration commands 132 display rmon alarm 132 display rmon event 133 display rmon eventlog 135 display rmon history 1...

Page 6: ...ut active 181 ip netstream timeout inactive 182 reset ip netstream statistics 182 IPv6 NetStream configuration commands 184 display ipv6 netstream cache 184 display ipv6 netstream export 188 display ipv6 netstream template 189 enable 192 ipv6 netstream 193 ipv6 netstream aggregation 193 ipv6 netstream export host 194 ipv6 netstream export rate 196 ipv6 netstream export source 196 ipv6 netstream ex...

Page 7: ...228 reset trapbuffer 228 terminal debugging 229 terminal logging 229 terminal monitor 230 terminal trapping 231 Flow logging configuration commands 232 display userlog export 232 reset userlog flow export 233 reset userlog flow logbuffer 234 userlog flow export host 235 userlog flow export host ipv6 236 userlog flow export source ip 237 userlog flow export timestamps localtime 238 userlog flow exp...

Page 8: ...vi Index 254 ...

Page 9: ... outbound interface of the request c count Specifies the number of times that an ICMP echo request is sent which ranges from 1 to 4294967295 and defaults to 5 f Discards packets larger than the MTU of a given interface which means the ICMP echo request is not allowed to be fragmented h ttl Specifies the TTL value for an ICMP echo request which ranges from 1 to 255 and defaults to 255 i interface t...

Page 10: ...ply received If this keyword is not provided the system does not display non ICMP echo reply mt topology name Specifies the topology name which is a case sensitive string of 1 to 31 characters To verify whether two nodes of a topology can reach each other specify the name of the topology to which the two nodes belong You cannot specify both a topology name and an MPLS L3VPN at the same time vpn in...

Page 11: ... 1 1 2 2 bytes 56 Sequence 2 ttl 254 time 1 ms Reply from 1 1 2 2 bytes 56 Sequence 3 ttl 254 time 1 ms Reply from 1 1 2 2 bytes 56 Sequence 4 ttl 254 time 1 ms Reply from 1 1 2 2 bytes 56 Sequence 5 ttl 254 time 1 ms 1 1 2 2 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 1 41 205 ms The output shows the following The destination in VPN 1 was rea...

Page 12: ...ansmitted 4 packet s received 20 00 packet loss round trip min avg max 1 12 29 ms Test whether the device with an IP address of 1 1 2 2 is reachable The route information is displayed Sysname ping r 1 1 2 2 PING 1 1 2 2 56 data bytes press CTRL_C to break Reply from 1 1 2 2 bytes 56 Sequence 1 ttl 254 time 53 ms Record Route 1 1 2 1 1 1 2 2 1 1 1 2 1 1 1 1 Reply from 1 1 2 2 bytes 56 Sequence 2 tt...

Page 13: ...e whether a segment is lost disordered or repeated ttl TTL value in the ICMP reply time Response time Record Route Routers through which the ICMP echo request passed They are displayed in inversed order The router with a smaller distance to the destination is displayed first 1 1 2 2 ping statistics Statistics on data received and sent in the ping operation 5 packet s transmitted Number of ICMP ech...

Page 14: ...efaults to 2000 host IPv6 address or host name of the destination which is a string of 1 to 46 characters i interface type interface number Specifies an outbound interface by its type and number This parameter can be used only when the destination address is the link local address and the specified outbound interface must have a link local address For more information about the configuration of li...

Page 15: ...ms Reply from 2001 1 bytes 56 Sequence 3 hop limit 64 time 20 ms Reply from 2001 1 bytes 56 Sequence 4 hop limit 64 time 4 ms Reply from 2001 1 bytes 56 Sequence 5 hop limit 64 time 16 ms 2001 2 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 4 25 62 ms The hop limit field in this prompt information has the same meaning as the ttl field in the pro...

Page 16: ...ime of the reply packet of a probe packet which ranges from 1 to 65535 milliseconds and defaults to 5000 milliseconds host IP address or host name a string of 1 to 255 characters of the destination Usage guidelines After having identified network failure with the ping command use the tracert command to determine the failed nodes Output from the tracert command includes IP addresses of all the Laye...

Page 17: ...class of service CoS TTL TTL value S MPLS supports multiple levels of labels Value 1 indicates that the label is at the bottom of the label stack and value 0 indicates that the label is not at the bottom of the label stack tracert ipv6 Use tracert ipv6 to view the path the IPv6 packets traverse from source to destination Syntax tracert ipv6 f first ttl m max ttl p port q packet number vpn instance...

Page 18: ...unreachable or sending ICMP timeout destination unreachable packets is disabled To abort the tracert operation during the execution of the command press Ctrl C Examples View the path the packets traverse from source to destination with IPv6 address 2001 1 Sysname tracert ipv6 2001 1 traceroute to 2001 1 30 hops max 60 bytes packet press CTRL_C to break 1 2001 1 3 ms 1 ms 19 ms View the path the pa...

Page 19: ...ault level of the debugging all command Different debugging commands may have different default levels Configure the debugging terminal debugging and terminal monitor commands first to display detailed debugging information on the terminal For more information about the terminal debugging and terminal monitor commands see Information center configuration commands Examples Enable IP packet debuggin...

Page 20: ...o not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display all enabled debugging functions Sysname display debugging IP packet debugging is on Related commands debugging ...

Page 21: ...The evaluation of voice quality depends on users tolerance for voice quality For users with higher tolerance for voice quality use the advantage factor command to configure the advantage factor When the system calculates the ICPIF value the specified advantage factor is subtracted to modify ICPIF and MOS values so that both the objective and subjective factors are considered when you evaluate voic...

Page 22: ...voice codec type g729a data fill Use data fill to configure the string to be filled in the payload of each probe packet Use undo data fill to restore the default Syntax data fill string undo data fill Default The string is the hexadecimal number 00010203040506070809 Views ICMP echo operation view UDP echo operation view UDP jitter operation view voice operation view Default command level 2 System ...

Page 23: ...abcd to be filled in the payload of an ICMP echo request Sysname system view Sysname nqa entry admin test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp echo data fill abcd data size Use data size to configure the size of the payload in each ICMP echo request of the ICMP echo operation or in each UDP packet of the UDP echo UDP jitter or voice operation Use undo data size to rest...

Page 24: ... description any NQA operation view Use description to configure a description for an NQA operation such as the operation type or purpose Use undo description to remove the description Syntax description text undo description Default No description is configured for an NQA operation Views Any NQA operation view Default command level 2 System level Parameters text Specifies a case sensitive string ...

Page 25: ...min test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp echo destination ip 10 1 1 1 destination port Use destination port to configure the destination port number for the operation Use undo destination port to remove the destination port number Syntax destination port port number undo destination port Default No destination port number is configured for the operation Views TCP ...

Page 26: ...ressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage ...

Page 27: ...operation is specified the monitoring results of all reaction entries of all NQA operations are displayed The admin name argument represents the name of the administrator who creates the NQA operation and is a case insensitive string of 1 to 32 characters The operation tag argument represents the operation tag and is a case insensitive string of 1 to 32 characters item number Displays the current ...

Page 28: ...t Monitored performance metric Threshold Type Threshold type Checked Num Number of targets that have been monitored for data collection Over threshold Num Number of threshold violations Table 6 Description of the threshold monitoring fields Monitored performance metric Threshold type Collect data in Checked Num Over threshold Num probe duration accumulate Probes after the group starts Number of fi...

Page 29: ...Use display nqa result to display the result of the specified NQA operation Syntax display nqa result admin name operation tag begin exclude include regular expression Views Any view Default command level 1 Monitor level Parameters admin name operation tag Displays the results of the specified NQA operation If no operation is specified the results of all operations are displayed The admin name arg...

Page 30: ...sum 32 Positive SD average 15 Positive DS average 16 Positive SD square sum 1189 Positive DS square sum 640 Min negative SD 8 Min negative DS 1 Max negative SD 24 Max negative DS 30 Negative SD number 4 Negative DS number 7 Negative SD sum 56 Negative DS sum 99 Negative SD average 14 Negative DS average 14 Negative SD square sum 946 Negative DS square sum 1495 One way results Max SD delay 22 Max D...

Page 31: ...m 0 Negative DS square sum 0 One way results Max SD delay 0 Max DS delay 0 Min SD delay 0 Min DS delay 0 Number of SD delay 0 Number of DS delay 0 Sum of SD delay 0 Sum of DS delay 0 Square sum of SD delay 0 Square sum of DS delay 0 SD lost packet s 0 DS lost packet s 0 Lost packet s for unknown reason 1000 Voice scores MOS value 0 99 ICPIF value 87 Table 7 Command output Field Description Destina...

Page 32: ... to source Negative SD number Number of negative jitters from source to destination Negative DS number Number of negative jitters from destination to source Negative SD sum Sum of absolute values of negative jitters from source to destination Negative DS sum Sum of absolute values of negative jitters from destination to source Negative SD average Average absolute value of negative jitters from sou...

Page 33: ... of 1 to 32 characters The operation tag argument represents the operation tag and is a case insensitive string of 1 to 32 characters Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all l...

Page 34: ...tive SD average 1 Positive DS average 2 Positive SD square sum 709 Positive DS square sum 1937 Min negative SD 2 Min negative DS 1 Max negative SD 10 Max negative DS 1 Negative SD number 81 Negative DS number 94 Negative SD sum 556 Negative DS sum 191 Negative SD average 6 Negative DS average 2 Negative SD square sum 4292 Negative DS square sum 967 One way results Max SD delay 5 Max DS delay 5 Min...

Page 35: ...er 3 Positive DS number 2 Positive SD sum 18 Positive DS sum 2 Positive SD average 6 Positive DS average 1 Positive SD square sum 134 Positive DS square sum 2 Min negative SD 3 Min negative DS 1 Max negative SD 9 Max negative DS 1 Negative SD number 4 Negative DS number 2 Negative SD sum 25 Negative DS sum 2 Negative SD average 6 Negative DS average 1 Negative SD square sum 187 Negative DS square ...

Page 36: ...sults UDP jitter test results available only in UDP jitter operation Voice results Voice test results available only in voice operation RTT number Number of response packets received Min positive SD Minimum positive jitter from source to destination Min positive DS Minimum positive jitter from destination to source Max positive SD Maximum positive jitter from source to destination Max positive DS ...

Page 37: ... delay Maximum delay from source to destination Max DS delay Maximum delay from destination to source Min SD delay Minimum delay from source to destination Min DS delay Minimum delay from destination to source Number of SD delay Number of delays from source to destination Number of DS delay Number of delays from destination to source Sum of SD delay Sum of delays from source to destination Sum of ...

Page 38: ...mber of probe failures in the counting interval consecutive Probes in the counting interval Number of finished probes in the counting interval Number of probe failures in the counting interval RTT accumulate Packets sent in the counting interval Number of packets sent in the counting interval Number of packets of which the round trip time exceeds the threshold in the counting interval average N A ...

Page 39: ...P client as config txt Sysname system view Sysname nqa entry admin test Sysname nqa admin test type ftp Sysname nqa admin test ftp filename config txt frequency Use frequency to specify the interval at which the NQA operation repeats If the operation is not completed when the interval is reached the next operation does not start Use undo frequency to restore the default Syntax frequency interval u...

Page 40: ...rd enable undo history record enable Default The history records of an NQA operation are not saved Views Any NQA operation view Default command level 2 System level Usage guidelines To view the history records of the NQA operation use the display nqa history command If the history records saving function is disabled the system does not save the history records of the NQA operation and the existing...

Page 41: ... operation as 100 minutes Sysname system view Sysname nqa entry admin test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp echo history record keep time 100 history record number Use history record number to configure the maximum number of history records that can be saved in an NQA operation Use undo history record number to restore the default Syntax history record number numbe...

Page 42: ...TTP operation Use undo http version to restore the default Syntax http version v1 0 undo http version Default HTTP 1 0 is used in the HTTP operation Views HTTP operation view Default command level 2 System level Parameters v1 0 Uses HTTP version 1 0 Examples Configure the HTTP operation to use the HTTP version 1 0 Sysname system view Sysname nqa entry admin test Sysname nqa admin test type http Sy...

Page 43: ... next hop for the ICMP echo operation Use undo next hop to remove the next hop IP address Syntax next hop ip address undo next hop Default No next hop IP address is configured for the ICMP echo operation Views ICMP echo operation view Default command level 2 System level Parameters ip address Specifies the IP address of the next hop Usage guidelines If multiple paths exist between the source and d...

Page 44: ...ng of 1 to 32 characters excluding hyphens all Removes all NQA operations Usage guidelines If the operation type has been configured for the operation this command directly places you to NQA operation view You cannot enter the operation view or the operation view of a scheduled NQA operation Examples Create an NQA operation with administrator name admin and operation tag test and enter NQA operati...

Page 45: ... NQA client can simultaneously perform a maximum of 40 operations Views System view Default command level 2 System level Parameters number Specifies the maximum number of operations that the NQA client can simultaneously perform The value range is 1 to 500 Examples Configure the maximum number of operations that the NQA client can simultaneously perform as 5 Sysname system view Sysname nqa agent m...

Page 46: ...conds in the range of 1 to 2147483647 forever Performs the operation until you stop it with the undo nqa schedule command Usage guidelines You cannot enter the operation view or operation view of a scheduled NQA operation To view the current system time use the display clock command Examples Configure the scheduling parameters for the operation with the administrator name admin and operation tag t...

Page 47: ...ault Syntax operation get post undo operation Default The operation type is get Views HTTP operation view Default command level 2 System level Parameters get Gets data from the HTTP server post Transfers data to the HTTP server Examples Specify the operation type for the HTTP operation as post Sysname system view Sysname nqa entry admin test Sysname nqa admin test type http Sysname nqa admin test ...

Page 48: ... a packet to release the obtained IP address Examples Specify the interface GigabitEthernet 2 0 1 to perform the DHCP operation Sysname system view Sysname nqa entry admin test Sysname nqa admin test type dhcp Sysname nqa admin test dhcp operation interface gigabitethernet 2 0 1 password FTP operation view Use password to configure a password used to log in to the FTP server Use undo password to r...

Page 49: ...unt to restore the default Syntax probe count times undo probe count Default An operation performs one probe Views DHCP operation view DNS operation view DLSw operation view FTP operation view HTTP operation view ICMP echo operation view SNMP operation view TCP operation view UDP echo operation view UDP jitter operation view Default command level 2 System level Parameters times Specifies the probe...

Page 50: ...n the probe Use undo probe packet interval to restore the default Syntax probe packet interval packet interval undo probe packet interval Default The interval is 20 milliseconds Views UDP jitter operation view voice operation view Default command level 2 System level Parameters packet interval Specifies the interval for sending packets in the range of 10 to 60000 milliseconds Examples Configure th...

Page 51: ... waiting for a response in the UDP jitter or voice operation Use undo probe packet timeout to restore the default Syntax probe packet timeout packet timeout undo probe packet timeout Default The response timeout time in the UDP jitter operation is 3000 milliseconds and the response timeout time in the voice operation is 5000 milliseconds Views UDP jitter voice operation view Default command level ...

Page 52: ... DLSw ICMP echo SNMP TCP or UDP echo operation Usage guidelines This command is not available for the UDP jitter or voice operation Examples Configure the probe timeout time for the DHCP operation as 10000 milliseconds Sysname system view Sysname nqa entry admin test Sysname nqa admin test type dhcp Sysname nqa admin test dhcp probe timeout 10000 reaction checked element icpif Use reaction checked...

Page 53: ...exceeds the upper threshold the state of the reaction entry is set to over threshold If it is below the lower threshold the state is set to below threshold Once the state of the reaction entry changes a trap message is generated and sent to the NMS Sysname system view Sysname nqa entry admin test Sysname nqa admin test type voice Sysname nqa admin test voice reaction 1 checked element icpif thresh...

Page 54: ...ate reaction entry 1 for monitoring the average destination to source jitter of UDP jitter packets Set the upper threshold to 50 milliseconds and the lower threshold to 5 milliseconds Before the NQA operation starts the initial state of the reaction entry is invalid After the operation the average destination to source jitter is checked If it exceeds the upper threshold the state of the reaction e...

Page 55: ...nge of 1 to 500 lower threshold Specifies the lower threshold in the range of 1 to 500 It must not be greater than the upper threshold action type Specifies what action to be triggered The default action is none none Specifies the action of only displaying results on the terminal display trap only Specifies the action of displaying results on the terminal display and meanwhile sending SNMP trap me...

Page 56: ...threshold values in milliseconds upper threshold Specifies the upper threshold in the range of 0 to 3600000 lower threshold Specifies the lower threshold in the range of 0 to 3600000 It must not be greater than the upper threshold Usage guidelines Only successful probe packets are monitored Failed probe packets are not counted No actions can be configured for a reaction entry of monitoring one way...

Page 57: ...ifies the maximum number of lost packets in the operation The value is in the range of 1 to 15000 for the UDP jitter operation and 1 to 60000 for the voice operation action type Specifies what action to be triggered The default action is none none Specifies the action of only displaying results on the terminal display trap only Specifies the action of displaying results on the terminal display and...

Page 58: ...mum number of threshold violations The value is in the range of 1 to 15 average Specifies to check the average operation duration consecutive consecutive occurrences Specifies the number of consecutive threshold violations after the NQA operation starts The value is in the range of 1 to 16 threshold value Specifies threshold values in milliseconds upper threshold Specifies the upper threshold in t...

Page 59: ... monitoring the duration time of ICMP echo operation Set the upper threshold to 50 milliseconds and the lower threshold to 5 milliseconds Before the NQA operation starts the initial state of the reaction entry is invalid After the operation the probe duration is checked against the threshold range If the consecutive threshold violations exceed 10 the state of the entry is set to over threshold If ...

Page 60: ...he lower threshold the state of the entry is set to below threshold Once the state of the reaction entry changes a trap message is generated and sent to the NMS Sysname system view Sysname nqa entry admin test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp echo reaction 1 checked element probe fail threshold type accumulate 10 action type trap only Create reaction entry 2 for mo...

Page 61: ...nes The collaboration function is not supported by the UDP jitter or voice operation Examples Create reaction entry 1 If the number of consecutive probe failures reaches 3 collaboration is triggered Sysname system view Sysname nqa entry admin test Sysname nqa admin test type tcp Sysname nqa admin test tcp reaction 1 checked element probe fail threshold type consecutive 3 action type trigger only R...

Page 62: ...ate reaction entry 1 for monitoring the average round trip time of UDP jitter probe packets Set the upper threshold to 50 milliseconds and lower threshold to 5 milliseconds Before the NQA operation starts the initial state of the reaction entry is invalid After the operation the average packet round rip time is checked If it exceeds the upper threshold the state is set to over threshold If it is b...

Page 63: ...he range of 1 to 15 The system counts the number of consecutive probe failures for each operation so multiple traps might be sent test complete Sends a trap to indicate that the operation is completed test failure cumulate probe failures Sends a trap if the total number of probe failures in an operation is greater than or equal to cumulate probe failures The value for cumulate probe failures is in...

Page 64: ...rget domain1 route option bypass route Use route option bypass route to enable the routing table bypass function to test the direct connectivity to the direct destination Use undo route option bypass route to disable the routing table bypass function Syntax route option bypass route undo route option bypass route Default The routing table bypass function is disabled Views DLSw operation view DNS o...

Page 65: ...nterface is configured for ICMP echo request packets Views ICMP echo operation view Default command level 2 System level Parameters interface type interface number Specifies an interface by its type and number Usage guidelines If you configure both the source interface command and the source ip command the source ip command takes effect Examples Specify the primary IP address of interface GigabitE...

Page 66: ...lines If you configure both the source interface command and the source ip command the source ip command takes effect If you configure the source interface command but not the source ip command for the ICMP echo operation the IP address of source interface is used as the source IP address of the ICMP echo request packet Examples Configure the source IP address of the ICMP echo packets as 10 1 1 1 ...

Page 67: ...ime expires Use undo statistics hold time to restore the default Syntax statistics hold time hold time undo statistics hold time Default The hold time of statistics groups is 120 minutes Views DLSw operation view DNS operation view FTP operation view HTTP operation view ICMP echo operation view SNMP operation view TCP operation view UDP echo operation view UDP jitter operation view voice operation...

Page 68: ...ups that can be saved in the range of 0 to 100 To disable collecting statistics set the value to 0 Usage guidelines When the number of statistics groups saved reaches the upper limit and a new statistics group is to be saved the earliest statistics group is deleted This command is not supported by DHCP operation Examples Configure the NQA to save up to 5 statistics groups for the ICMP operation Sy...

Page 69: ...lecting the test result statistics of the ICMP echo operation as 2 minutes Sysname system view Sysname nqa entry admin test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp echo statistics interval 2 tos Use tos to specify the ToS value in the IP packet header of probe packets Use undo tos to restore the default Syntax tos value undo tos Default The ToS value in the IP packet head...

Page 70: ...tem level Parameters value Specifies the TTL for probe packets in the range of 1 to 255 Usage guidelines After you configure the route option bypass route command the TTL for probe packets is 1 and the ttl command does not take effect Examples Configure the TTL for probe packets as 16 Sysname system view Sysname nqa entry admin test Sysname nqa admin test type icmp echo Sysname nqa admin test icmp...

Page 71: ...tion as FTP and enter FTP operation view Sysname system view Sysname nqa entry admin test Sysname nqa admin test type ftp Sysname nqa admin test ftp url Use url to specify the website URL for the HTTP operation to visit Use undo url to remove the specified website URL Syntax url url undo url Views HTTP operation view Default command level 2 System level Parameters url Specifies the website URL for...

Page 72: ... in to the FTP server The username is a case sensitive string of 1 to 32 characters Examples Configure the login username as administrator Sysname system view Sysname nqa entry admin test Sysname nqa admin test type ftp Sysname nqa admin test ftp username administrator Related commands password operation vpn instance ICMP echo operation view Use vpn instance to apply the ICMP echo operation to the...

Page 73: ...tus begin exclude include regular expression Views Any view Default command level 1 Monitor level Parameters Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match th...

Page 74: ...a server enable to enable the NQA server Use undo nqa server enable to disable the NQA server Syntax nqa server enable undo nqa server enable Default The NQA server is disabled Views System view Default command level 2 System level Examples Enable the NQA server Sysname system view Sysname nqa server enable Related commands nqa server tcp connect nqa server udp echo display nqa server status nqa s...

Page 75: ...onfiguration is invalid Examples Configure a TCP listening service to enable the NQA server to listen and respond on the IP address 169 254 10 2 and port 9000 Sysname system view Sysname nqa server tcp connect 169 254 10 2 9000 Related commands nqa server enable display nqa server status nqa server udp echo Use nqa server udp echo to configure a UDP echo listening service to enable the NQA server ...

Page 76: ...erent from those of an existing UDP listening service The IP address must be that of an interface on the NQA server Otherwise the configuration becomes invalid Examples Configure a UDP listening service to enable the NQA server to listen and respond on the IP address 169 254 10 2 and port 9000 Sysname system view Sysname nqa server udp echo 169 254 10 2 9000 Related commands nqa server enable disp...

Page 77: ...Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display brief information about all NTP sessions Sysname display ntp service sessions source reference stra reach poll now offset delay disper 12345 127 127 1 0 127 127 1 0 3 1 64 33 0 0 0 0 0 0 note 1 source master 2 source peer 3...

Page 78: ...ce 12345 1 Clock source selected by the system namely the current reference source 2 Stratum level of the clock source is less than or equal to 15 3 This clock source has survived the clock selection algorithm 4 This clock source is a candidate clock source 5 This clock source was created by a configuration command Total associations Total number of associations Display detailed information about ...

Page 79: ...hentication valid The clock source is valid which means the clock source meet the following requirements it has passed the authentication and is being synchronized its stratum level is valid its root delay and root dispersion values are within their ranges invalid The clock source is invalid unsynced The clock source has not been synchronized or the value of the stratum level is invalid reference ...

Page 80: ...lock relative to the reference clock root delay Roundtrip delay from the local device to the primary reference source in milliseconds root disper Maximum error of the system clock relative to the primary reference clock in milliseconds reach Reachability count of the clock source 0 indicates that the clock source is unreachable sync dist Synchronization distance relative to the upper level clock i...

Page 81: ...r expression Views Any view Default command level 1 Monitor level Parameters Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression i...

Page 82: ...is the IP address of the local clock Nominal frequency Nominal frequency of the local system hardware clock in Hz Actual frequency Actual frequency of the local system hardware clock in Hz Clock precision Precision of the system clock Clock offset Offset of the system clock relative to the reference source in milliseconds Root delay Roundtrip delay from the local device to the primary reference so...

Page 83: ...rver 133 1 1 1 stratum 1 offset 0 506500 synch distance 0 03429 refid LOCL The output shows an NTP server chain for server 127 0 0 1 Server 127 0 0 1 is synchronized to server 133 1 1 1 and server 133 1 1 1 is synchronized to the local clock source Table 14 Command output Field Description server IP address of the NTP server stratum Stratum level of the corresponding system clock offset Clock offs...

Page 84: ...ize its clock to that of the local device but does not permit the peer devices to perform control query acl number Specifies a basic ACL number in the range of 2000 to 2999 Usage guidelines From the highest NTP service access control right to the lowest one are peer server synchronization and query When a device receives an NTP request it matches against the access control right in this order and ...

Page 85: ... authentication key is set Views System view Default command level 3 Manage level Parameters keyid Specifies an authentication key ID in the range of 1 to 4294967295 cipher Sets a ciphertext key simple Sets a plaintext key This key will be saved in cipher text for security purposes value Specifies the MD5 authentication key string This argument is case sensitive If simple is specified it is a stri...

Page 86: ...entication keyid 10 authentication mode md5 BetterKey Related commands ntp service reliable authentication keyid ntp service broadcast client Use ntp service broadcast client to configure the device to operate in NTP broadcast client mode and use the current interface to receive NTP broadcast packets Use undo ntp service broadcast client to remove the configuration Syntax ntp service broadcast cli...

Page 87: ...and the default is 3 Examples Configure the device to operate in broadcast server mode and send NTP broadcast messages on GigabitEthernet 2 0 1 using key 4 for encryption and set the NTP version to 3 Sysname system view Sysname interface gigabitethernet 2 0 1 Sysname GigabitEthernet2 0 1 ntp service broadcast server authentication keyid 4 version 3 ntp service in interface disable Use ntp service ...

Page 88: ...ociation is a temporary association created by the system during operation A dynamic association is removed if the system fails to receive messages from it over a specific long time In client server mode for example when you carry out a command to synchronize the time to a server the system creates a static association and the server just responds passively upon the receipt of a message rather tha...

Page 89: ...icast server Use ntp service multicast server to configure the device to operate in NTP multicast server mode and use the current interface to send NTP multicast packets Use undo ntp service multicast server to remove the configuration Syntax ntp service multicast server ip address authentication keyid keyid ttl ttl number version number undo ntp service multicast server ip address Default The dev...

Page 90: ...ss Views System view Default command level 3 Manage level Parameters ip address IP address of the local clock which is 127 127 1 u where u is the NTP process ID that is in the range of 0 to 3 If you do not specify ip address it defaults to 127 127 1 0 stratum Specifies the stratum level of the local clock in the range of 1 to 15 The default is 8 Usage guidelines The stratum level of a clock define...

Page 91: ...nterface Use ntp service source interface to specify the source interface for NTP messages Use undo ntp service source interface to restore the default Syntax ntp service source interface interface type interface number undo ntp service source interface Default No source interface is specified for NTP messages and the system uses the IP address of the interface determined by the matched route as t...

Page 92: ...p address IP address of the symmetric passive peer It must be a unicast address rather than a broadcast address a multicast address or the IP address of the local clock peer name Host name of the symmetric passive peer a string of 1 to 20 characters authentication keyid keyid Specifies the key ID to be used for sending NTP messages to the peer where keyid is in the range of 1 to 4294967295 priorit...

Page 93: ...rver is designated for the device Views System view Default command level 3 Manage level Parameters vpn instance vpn instance name Specifies the MPLS L3VPN to which the NTP server belongs where vpn instance name is a case sensitive string of 1 to 31 characters If the NTP server is on the public network do not specify this option ip address IP address of the NTP server It must be a unicast address ...

Page 94: ...command removes the NTP server with the IP address of ip address in the specified VPN If you do not include vpn instance vpn instance name in this command the command removes the NTP server with the IP address of ip address in the public network Examples Designate NTP server 10 1 1 1 for the device and configure the device to run NTP version 3 Sysname system view Sysname ntp service unicast server...

Page 95: ... to 2 0 to 3 for SR6604 0 to 5 for SR6608 0 to 9 for SR6616 0 to 13 for SR6604 X 0 to 15 for SR6608 X 0 to 19 for SR6616 X self node Displays channel information for the local node Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression a...

Page 96: ...command level 1 Monitor level Parameters node node id Displays the link status of the node specified by the node id argument The following matrix shows the value ranges for the node id argument SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6 616 X 0 to 1 0 to 2 0 to 3 for SR6604 0 to 5 for SR6608 0 to 9 for SR6616 0 to 13 for SR6604 X 0 to 15 for SR6608 X 0 to 19 for SR6616 X self node ...

Page 97: ...he value ranges for the node id argument SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6 616 X 0 to 1 0 to 2 0 to 3 for SR6604 0 to 5 for SR6608 0 to 9 for SR6616 0 to 13 for SR6604 X 0 to 15 for SR6608 X 0 to 19 for SR6616 X self node Displays multicast group information for the local node Filters command output by specifying a regular expression For more information about regular expr...

Page 98: ...xpression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a cas...

Page 99: ...tistics for the local node Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified...

Page 100: ...y view Default command level 1 Monitor level Parameters node node id Displays the IPC performance statistics for the node specified by the node id argument The following matrix shows the value ranges for the node id argument SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6 616 X 0 to 1 0 to 2 0 to 3 for SR6604 0 to 5 for SR6608 0 to 9 for SR6616 0 to 13 for SR6604 X 0 to 15 for SR6608 X ...

Page 101: ...data packets Statistics for packets sent successfully Peak 10Sec 1Min 5Min Total Data 1 1 1 0 80 Statistics for packets received successfully Peak 10Sec 1Min 5Min Total Data 1 1 1 0 82 Statistics for packets acknowledged Peak 10Sec 1Min 5Min Total Data 1 1 1 0 78 Table 20 Command output Field Description Peak Peak rate in pps average rate is computed every 10 seconds and the greatest average rate ...

Page 102: ...on Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display output queue information f...

Page 103: ...e statistics Syntax ipc performance enable node node id self node channel channel id undo ipc performance enable node node id self node channel channel id Default IPC performance statistics is disabled Views User view Default command level 1 Monitor level Parameters node node id Enables IPC performance statistics for the node specified by the node id argument The following matrix shows the value r...

Page 104: ...s node node id Clears the IPC performance statistics for the node specified by the node id argument The following matrix shows the value ranges for the node id argument SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6 616 X 0 to 1 0 to 2 0 to 3 for SR6604 0 to 5 for SR6608 0 to 9 for SR6616 0 to 13 for SR6604 X 0 to 15 for SR6608 X 0 to 19 for SR6616 X self node Clears the IPC performanc...

Page 105: ...ut by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifie...

Page 106: ...he NMSs in the community to the device Only the NMSs with the IP addresses permitted in the ACL can access the device with the community name Storage type Storage type volatile Settings are lost when the system reboots nonVolatile Settings remain after the system reboots permanent Settings remain after the system reboots and can be modified but not deleted readOnly Settings remain after the system...

Page 107: ... groups Examples Display information about all SNMP groups Sysname display snmp agent group Group name groupv1 Security model v1 noAuthnoPriv Readview ViewDefault Writeview no specified Notifyview no specified Storage type nonVolatile Group name groupv3 Security model v3 noAuthnoPriv Readview ViewDefault Writeview no specified Notifyview no specified Storage type nonVolatile Table 23 Command outpu...

Page 108: ... match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines The local SNMP engine ID uniquely identifies the SNMP engine of the SNMP agent in an SNMP domain Every SNMP agent has one SNMP engine to provide services for sending and recei...

Page 109: ...ing of 1 to 256 characters Usage guidelines If you do not specify any parameter the command displays all MIB views Examples Display all MIB views Sysname display snmp agent mib view View name ViewDefault MIB Subtree iso Subtree mask Storage type nonVolatile View Type included View status active View name ViewDefault MIB Subtree snmpUsmMIB Subtree mask Storage type nonVolatile View Type excluded Vi...

Page 110: ...n For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensit...

Page 111: ...ors in the process of decoding Number of messages that had ASN 1 or BER errors during decoding Messages passed from the SNMP entity Number of messages sent by the SNMP agent SNMP PDUs which had badValue error status Number of SNMP PDUs with a badValue error SNMP PDUs which had genErr error status Number of SNMP PDUs with a genErr error SNMP PDUs which had noSuchName error status Number of PDUs wit...

Page 112: ...NMP version of the SNMP agent Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specif...

Page 113: ... that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display the trap queue configuration and usage status Sysname display snmp agent trap queue Queue name SNTP Queue size 100 Message number 6 Table 26 Command output Field D...

Page 114: ...to enable or disable the trap function of a module For a module that has multiple sub modules the trap status is enable if the trap function of any of its sub modules is enabled Examples Display the modules that can generate traps and their trap status Sysname display snmp agent trap list acfp trap enable bfd trap enable bgp trap enable configuration trap enable flash trap enable mpls trap enable ...

Page 115: ...ow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines This command displays only SNMPv3 users that you have created by using the snmp agent usm user v3 command To display SNMPv1 or SNMPv2c...

Page 116: ...s are enabled Views Interface view Default command level 2 System level Usage guidelines For an interface to generate linkUp linkDown traps when its state changes you must also enable the linkUp linkDown trap function globally by using the enable snmp trap updown command Examples Enable GigabitEthernet 2 0 1 to send linkUp linkDown SNMP traps to 10 1 1 1 in the community public Sysname system view...

Page 117: ...alculate password command Examples Enable the SNMP agent Sysname system view Sysname snmp agent snmp agent calculate password Use snmp agent calculate password to convert a plaintext key to an encrypted key for authentication or encryption in SNMPv3 Syntax In non FIPS mode snmp agent calculate password plain password mode 3desmd5 3dessha md5 sha local engineid specified engineid engineid In FIPS m...

Page 118: ...ey to an encrypted key for AES or DES encryption used in conjunction with SHA 1 authentication local engineid Uses the local engine ID to calculate the encrypted key For engine ID related configuration see the snmp agent local engineid command specified engineid Uses a user defined engine ID to calculate the encrypted key engineid Specifies an SNMP engine ID as a hexadecimal string It must compris...

Page 119: ...te a MIB view use the snmp agent mib view command acl acl number Specifies a basic ACL to filter NMSs by source IP address The acl number argument represents a basic ACL number in the range of 2000 to 2999 In the specified community only the NMSs with the IP addresses permitted in the ACL can access the SNMP agent acl ipv6 ipv6 acl number Specifies a basic ACL to filter NMSs by source IPv6 address...

Page 120: ... to read and set the MIB objects in the system subtree OID 1 3 6 1 2 1 1 Sysname system view Sysname snmp agent sys info version v1 v2c Sysname undo snmp agent mib view ViewDefault Sysname snmp agent mib view included test system Sysname snmp agent community write wr sys acc mib view test Related commands snmp agent mib view snmp agent group Use snmp agent group to create an SNMP group and specify...

Page 121: ...Specifies a trap MIB view The view name argument represents a MIB view a string of 1 to 32 characters The system sends traps to the users in the specified group for the objects included in the MIB view By default no notify view is configured which means the agent does not send traps to the NMS acl acl number Specifies a basic ACL to filter NMSs by source IPv4 address The acl number argument repres...

Page 122: ...ers in the range of 10 to 64 All zero and all F strings are invalid Usage guidelines An SNMP engine ID uniquely identifies an SNMP entity in an SNMP managed network Make sure the local SNMP engine ID is unique within your SNMP managed network to avoid communication problems If you have configured SNMPv3 users change the local SNMP engine ID only when necessary The change can void the SNMPv3 userna...

Page 123: ...e logging SNMP SET operations Sysname system view Sysname snmp agent log set operation snmp agent mib view Use snmp agent mib view to create or update a MIB view Use undo snmp agent mib view to delete a MIB view Syntax snmp agent mib view excluded included view name oid tree mask mask value undo snmp agent mib view view name Default The system creates the ViewDefault view when the SNMP agent is en...

Page 124: ...r default MIB view records you can create up to 16 unique MIB view records After you delete the default view with the undo snmp agent mib view command you can create up to 20 unique MIB view records Be cautious with deleting the default MIB view The operation blocks access to any MIB object on the device from NMSs that use the default view Examples Include the mib 2 OID 1 3 6 1 subtree in the mibt...

Page 125: ... SNMP versions Use undo snmp agent sys info contact and undo snmp agent sys info location to restore the default Use undo snmp agent sys info version to disable an SNMP version Syntax In non FIPS mode snmp agent sys info contact sys contact location sys location version all v1 v2c v3 undo snmp agent sys info contact location version all v1 v2c v3 In FIPS mode snmp agent sys info contact sys contac...

Page 126: ... trap address udp domain ip address ipv6 ipv6 address udp port port number vpn instance vpn instance name params securityname security string v1 v2c v3 authentication privacy undo snmp agent target host trap address udp domain ip address ipv6 ipv6 address params securityname security string vpn instance vpn instance name In FIPS mode snmp agent target host trap address udp domain ip address ipv6 i...

Page 127: ...entication key and privacy key when you create the SNMPv3 user Usage guidelines You can specify up to 20 trap target hosts Make sure the SNMP agent uses the same UDP port number as the target host for traps If udp port port number is not specified UDP port 162 is used by default Port 162 is the SNMP specified port used for receiving traps and is used by most NMSs including IMC and MIB Browser Make...

Page 128: ...xbadpkt ifstatechange iftxretransmit lsdbapproachoverflow lsdboverflow maxagelsa nbrstatechange originatelsa vifcfgerror virifauthfail virifrxbadpkt virifstatechange viriftxretransmit virnbrstatechange pim candidatebsrwinelection electedbsrlostelection interfaceelection invalidjoinprune invalidregister neighborloss rpmappingchange standard authentication coldstart linkdown linkup warmstart system ...

Page 129: ...e bootstrap router C BSR in bootstrap router BSR election electedbsrlostelection Traps for losing the BSR election interfaceelection Traps for the election of a new DR or DF on an interface invalidjoinprune Traps for receiving invalid join or prune packets invalidregister Traps for receiving invalid registration packets neighborloss Traps for the lost of a neighbor rpmappingchange Traps for the ch...

Page 130: ...tion Related commands snmp agent target host enable snmp trap updown snmp agent trap if mib link extended Use snmp agent trap if mib link extended to configure the SNMP agent to send extended linkUp linkDown traps Use undo snmp agent trap if mib link extended to restore the default Syntax snmp agent trap if mib link extended undo snmp agent trap if mib link extended Default The SNMP agent sends st...

Page 131: ... Examples Extend standard linkUp linkDown traps Sysname system view Sysname snmp agent trap if mib link extended snmp agent trap life Use snmp agent trap life to configure the holding time of the traps in the queue Use undo snmp agent trap life to restore the default holding time of traps in the queue Syntax snmp agent trap life seconds undo snmp agent trap life Default The holding time of SNMP tr...

Page 132: ... into the trap sending queue when generated The size of the queue determines the maximum number of the traps that can be stored in the queue When the size of the trap sending queue reaches the configured value the newly generated traps are saved into the queue and the earliest ones are discarded Examples Set the maximum number of traps that can be stored in the trap sending queue to 200 Sysname sy...

Page 133: ...onfigure the IP address of a particular interface as the source IP address of the trap make sure the interface already exists and that it has a legal IP address If the configured interface does not exist the configuration fails If the specified IP address is illegal the configuration becomes invalid When a legal IP address is configured for the interface the configuration automatically becomes val...

Page 134: ...nmp agent community command or the snmp agent group v1 v2c command To display the SNMPv1 and SNMPv2c communities created in this way use the display snmp agent community command The snmp agent usm user v1 v2c command enables managing SNMPv1 and SNMPv2c users in the same way as managing SNMPv3 users It does not affect the way of configuring SNMPv1 and SNMPv2c communities on the NMS This command is ...

Page 135: ...nvert its plaintext form to the hexadecimal form To set auth password and priv password in plaintext do not specify this keyword authentication mode Specifies an authentication algorithm MD5 is faster but less secure than SHA For more information about these algorithms see Security Configuration Guide md5 Specifies the MD5 authentication algorithm sha Specifies the SHA 1 authentication algorithm a...

Page 136: ...d Usage guidelines You must create an SNMPv3 user for the agent and the NMS to use SNMPv3 You must create an SNMP group before you assign an SNMP user to the group Otherwise the user cannot take effect after it is created An SNMP group can contain multiple users It defines SNMP objects accessible to the group of users in the MIB view and specifies whether to enable authentication and privacy funct...

Page 137: ...r testUser to the SNMPv3 group testGroup Configure the security model as authentication and privacy the authentication algorithm as MD5 the privacy algorithm as DES56 the plain text authentication key as authkey and the plain text privacy key as prikey Sysname system view Sysname snmp agent group v3 testGroup privacy Sysname snmp agent usm user v3 testUser testGroup authentication mode md5 authkey...

Page 138: ... the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines Two MIB styles are available on the device new and compatible After obtaining the MIB style you can select matched H3C network management software based on the MIB style Examples Di...

Page 139: ...rprise ID 201 1 new Specifies the MIB style of the device as H3C new In this style both sysOID and private MIB are located under the H3C enterprise ID 25506 Usage guidelines The configuration takes effect only when the device reboots Examples Change the MIB style of the device to compatible Sysname system view Sysname mib style compatible Sysname quit Sysname display mib style Current MIB style ne...

Page 140: ... Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display all RMON alarm...

Page 141: ... node corresponding to the MIB node alarmVariable Sampling interval Sampling interval in seconds corresponding to the MIB node alarmInterval Rising threshold Alarm rising threshold corresponding to the MIB node alarmRisingThreshold When the sampling value is greater than or equal to this threshold a rising alarm is triggered Falling threshold Alarm falling threshold corresponding to the MIB node a...

Page 142: ...st time the event occurred the elapsed time since system initialization startup in seconds Examples Display the RMON event table Sysname display rmon event EventEntry 1 owned by user1 is VALID Description null Will cause log trap when triggered last triggered at 0days 00h 02m 27s Table 30 Command output Field Description EventEntry Event entry corresponding to the MIB node eventIndex owned by Even...

Page 143: ...match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines If entry number is not specified the command displays log information for all event entries If you use the rmon event command to configure the system to log an event when the event is triggered the event is recorded into the RMON log You can use t...

Page 144: ...ber begin exclude include regular expression Views Any view Default command level 1 Monitor level Parameters interface type interface number Specifies an interface by its type and number Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expres...

Page 145: ... broadcast packets 1 multicast packets 6 CRC alignment errors 0 undersize packets 0 oversize packets 0 fragments 0 jabbers 0 collisions 0 utilization 0 Sampled values of record 3 dropevents 0 octets 1001 packets 9 broadcast packets 1 multicast packets 7 CRC alignment errors 0 undersize packets 0 oversize packets 0 fragments 0 jabbers 0 collisions 0 utilization 0 Sampled values of record 4 dropeven...

Page 146: ...time they are saved into the cache dropevents Dropped packets during the sampling period corresponding to the MIB node etherHistoryDropEvents octets Number of octets received during the sampling period corresponding to the MIB node etherHistoryOctets packets Number of packets received during the sampling period corresponding to the MIB node etherHistoryPkts broadcastpackets Number of broadcasts re...

Page 147: ...ommand output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expressi...

Page 148: ...s greater than or equal to this threshold Falling threshold Alarm falling threshold An event is triggered when the sampled value is less than or equal to this threshold linked with event Event index associated with the private alarm When startup enables How can an alarm be triggered This entry will exist Lifetime of the entry which can be forever or span the specified period Latest value Count res...

Page 149: ...insufficient resources 0 Packets received according to length 64 0 65 127 0 128 255 0 256 511 0 512 1023 0 1024 1518 0 Table 34 Command output Field Description EtherStatsEntry Entry of the statistics table which corresponds to MIB node etherStatsIndex VALID Entry status VALID The entry is valid UNDERCREATION The entry is invalid The display rmon command can display invalid entries but the display...

Page 150: ...face during the statistical period corresponding to the MIB node etherStatsDropEvents Packets received according to length Incoming packet statistics by packet length for the statistical period 64 Number of 64 byte packets The value is stored in the MIB node etherStatsPkts64Octets 65 127 Number of 65 to 127 byte packets The value is stored in the MIB node etherStatsPkts65to127Octets 128 255 Number...

Page 151: ... event entry1 argument is 0 to 65535 If 0 is specified the alarm does not trigger any event falling threshold threshold value2 event entry2 Sets the falling threshold where threshold value2 represents the falling threshold in the range of 2147483648 to 2147483647 and event entry2 represents the index of the event triggered when the falling threshold is reached The value range for the event entry2 ...

Page 152: ...on alarm 1 1 3 6 1 2 1 16 1 1 1 4 1 10 absolute rising threshold 5000 1 falling threshold 5 2 owner user1 1 3 6 1 2 1 16 1 1 1 4 is the OID of the leaf node etherStatsOctets It represents the incoming packet statistics in bytes for interfaces In this example you can use etherStatsOctets 1 to replace the parameter 1 3 6 1 2 1 16 1 1 1 4 1 where 1 indicates the serial number of the interface statist...

Page 153: ...g of 1 to 127 characters that can contain spaces Usage guidelines When creating an event entry you can define the actions that the system takes when the event is triggered by its associated alarm in the alarm table The system can log the event send a trap do both or do neither at all depending on your configuration You cannot create an entry that has the same event description event type log trap ...

Page 154: ...st packets in a sampling period You can successfully create a history control entry even if the specified bucket size exceeds the history table size supported by the device However the effective bucket size will be the actual value supported by the device To view the configuration result use the display rmon history command You can configure multiple history control entries for one interface but m...

Page 155: ...he value range for the event entry1 argument is 0 to 65535 where 0 means no corresponding event is triggered and no event action is taken when an alarm is triggered falling threshold threshold value2 event entry2 Sets the falling threshold where threshold value2 represents the falling threshold in the range of 2147483648 to 2147483647 and event entry2 represents the index of the event triggered wh...

Page 156: ...ysname rmon prialarm 1 1 3 6 1 2 1 16 1 1 1 6 1 100 1 3 6 1 2 1 16 1 1 1 5 1 BroadcastPktsRatioOfGE2 0 1 10 absolute rising threshold 80 1 falling threshold 5 2 entrytype forever owner user1 1 3 6 1 2 1 16 1 1 1 6 1 is the OID of the node etherStatsBroadcastPkts 1 and 1 3 6 1 2 1 16 1 1 1 5 1 is the OID of the node etherStatsPkts 1 1 indicates the serial number of the interface statistics entry Th...

Page 157: ...t of cumulative traffic statistics collected up to the present time for an interface Statistics include number of collisions CRC alignment errors number of undersize or oversize packets number of broadcasts number of multicasts number of bytes received and number of packets received The statistics are cleared at a reboot To display the RMON statistics table use the display rmon statistics command ...

Page 158: ...r expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters U...

Page 159: ...statistics Use reset sampler statistics to clear the running information of a sampler including the counter total number of packets processed and selected Syntax reset sampler statistics sampler name Views User view Default command level 1 Monitor level Parameters sampler name Specifies the sampler name a case insensitive string of 1 to 32 characters Usage guidelines With no sampler name specified...

Page 160: ...et is selected for each sampling varies packet interval rate Specifies the sampling rate The sampling rate is calculated using the formula 2 to the nth power where n is the rate value The value range for the rate argument is 1 to 16 Usage guidelines This command is effective for all cards on the following routers SR6604 X SR6608 X and SR6616 X routers SR6604 SR6608 and SR6616 routers that have RPE...

Page 161: ...ing group group id all local remote destination remote source begin exclude include regular expression Views Any view Default command level 2 System level Parameters group id Specifies the number of the mirroring group in the range of 1 to 4 all Displays all mirroring groups local Displays local mirroring groups remote destination Displays remote destination groups remote source Displays remote so...

Page 162: ...ring group 9 type remote destination status active monitor port GigabitEthernet2 0 6 remote probe vlan 1901 Table 36 Command output Field Description mirroring group Number of the mirroring group type Type of the mirroring group local remote source or remote destination status Status of the mirroring group active or inactive mirroring port Source port mirroring group Use mirroring group to create ...

Page 163: ... mirroring group group id mirroring port mirroring port list both inbound outbound Default No source port is configured for any mirroring group Views System view Default command level 2 System level Parameters group id Number of a local or remote source group in the range of 1 to 4 The mirroring group specified by the group id argument must already exist mirroring port list Specifies a list of sou...

Page 164: ...itethernet 2 0 1 both Create remote source group 2 configure GigabitEthernet 2 0 2 as a source port of the mirroring group and configure the mirroring group to monitor the bidirectional traffic of the port Sysname system view Sysname mirroring group 2 remote source Sysname mirroring group 2 mirroring port gigabitethernet 2 0 2 both Related commands mirroring group mirroring group monitor egress Us...

Page 165: ...urce group 2 and configure port GigabitEthernet 2 0 2 as its egress port in interface view Sysname system view Sysname mirroring group 2 remote source Sysname interface gigabitethernet 2 0 2 Sysname GigabitEthernet2 0 2 mirroring group 2 monitor egress Related commands mirroring group mirroring group monitor port Use mirroring group monitor port to configure a port for a local or remote destinatio...

Page 166: ...itor port Sysname system view Sysname mirroring group 2 remote destination Sysname mirroring group 2 monitor port gigabitethernet 2 0 2 Related commands mirroring group mirroring group remote probe vlan Use mirroring group remote probe vlan to specify a VLAN as the remote probe VLAN for a remote source or destination mirroring group Use undo mirroring group remote probe vlan to remove the remote p...

Page 167: ...sname mirroring group 2 remote destination Sysname mirroring group 2 remote probe vlan 20 Related commands mirroring group mirroring port Use mirroring port to assign the current port to a local or remote source group as a source port Use undo mirroring port to remove the current port from the mirroring group Syntax mirroring group group id mirroring port inbound outbound both undo mirroring group...

Page 168: ...me system view Sysname mirroring group 2 remote source Sysname interface gigabitethernet 2 0 2 Sysname GigabitEthernet2 0 2 mirroring group 2 mirroring port both monitor port Use monitor port to assign the current port to a local or remote destination group as the monitor port Use undo monitor port to remove the current port from the mirroring group Syntax mirroring group group id monitor port und...

Page 169: ... GigabitEthernet2 0 1 monitor port Create remote destination group 2 and configure GigabitEthernet 2 0 2 as its monitor port Sysname system view Sysname mirroring group 2 remote destination Sysname interface gigabitethernet 2 0 2 Sysname GigabitEthernet2 0 2 monitor port Related commands mirroring group ...

Page 170: ...ecified by its type and number Usage guidelines The device only supports mirroring traffic to one destination interface In a same traffic behavior the new configuration overwrites the previous one Mirroring outgoing traffic to interfaces only supports known unicasts and does not support broadcasts multicasts or unknown unicasts This command is supported only when SAP interface modules are operatin...

Page 171: ... Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines The following matrix shows t...

Page 172: ...X SR6616 X routers Display information about the NetStream entries in the cache Sysname display ip netstream cache verbose slot 0 IP netstream cache information Stream active timeout in minutes 30 Stream inactive timeout in seconds 30 Stream max entry number 10000 IP active stream entry number 3 MPLS active stream entry number 0 IP stream entry been counted 3 MPLS stream entry been counted 0 Last ...

Page 173: ...LS flows in the cache IP Stream entries been counted Number of IP flows that are counted MPLS Stream entries been counted Number of MPLS flows that are counted Last statistics reset time This field is an absolute time and will not change with the system time It is displayed only when the reset ip netstream statistics command is executed Otherwise the value for this field is Never IP packet size di...

Page 174: ...formation about the active flows in the current cache including destination MAC address destination VLAN ID source MAC address and source VLAN ID TopLblType IP MASK Lbl Exp S List Information about the active MPLS flows in the current cache including type of the labels at the top of the label stack IP address and mask associated with the label and label list A label consists of three fields Label ...

Page 175: ...ersion 5 exported UDP datagram number failed 16 0 Version 9 exported stream number 20 Version 9 exported UDP datagram number failed 2 0 MPLS export information Stream source interface GigabitEthernet2 0 0 Stream destination VPN instance VPN1 Stream destination IP UDP 10 10 0 10 30000 Version 9 exported stream number 20 Version 9 exported UDP datagram number failed 2 0 AS aggregation export informa...

Page 176: ...at Version 8 exported UDP datagram number failed Number of UDP packets that are sent in version 8 format number of packets not successfully sent display ip netstream template Use display ip netstream template to view configuration and status information about the NetStream flow record template Syntax display ip netstream template slot slot number begin exclude include regular expression Views Any ...

Page 177: ...es 2 Added stream templates 2 as outbound template Template ID 3258 Packets 0 Last template export time Never Field count 14 Field type Field length byte Flows 4 Out packets 8 Out bytes 8 First switched 4 Last switched 4 Source AS 4 Destination AS 4 Input SNMP 4 Output SNMP 4 Direction 1 Sampling algorithm 1 PAD 1 PAD 1 Sampling interval 4 as inbound template Template ID 3257 Packets 0 Last templa...

Page 178: ...plate A packet may contain multiple flows and different flows may use different templates Therefore the number of packets is in fact the number of flows Last template export time Time when the last flow record template was exported Field count Total number of fields in a template Field type Type of the fields contained in the flow record template Field length byte Length of the field in byte Flows...

Page 179: ...pecified interface Use undo ip netstream to disable NetStream on the specified interface Syntax ip netstream inbound outbound undo ip netstream inbound outbound Default NetStream is disabled on an interface Views Interface view Default command level 3 Manage level Parameters inbound Enables NetStream for incoming traffic outbound Enables NetStream for outgoing traffic Examples Enable NetStream for...

Page 180: ... protocol port aggregation by protocol number source port and destination port source prefix Specifies the source prefix aggregation by source AS number source address mask length source prefix and inbound interface index tos as Specifies the ToS AS aggregation by ToS source AS number destination AS number inbound interface index and outbound interface index tos bgp nexthop Specifies the ToS BGP n...

Page 181: ...ress or destination UDP port number is configured in system view or aggregation view Views System view NetStream aggregation view Default command level 3 Manage level Parameters ip address Specifies a destination IP address for NetStream data export udp port Specifies a destination UDP port number for NetStream data export in the range of 0 to 65535 vpn instance vpn instance name Specifies an MPLS...

Page 182: ...ples Configure the destination address for NetStream data export as 172 16 105 48 with port 5000 Sysname system view Sysname ip netstream export host 172 16 105 48 5000 Related commands ip netstream aggregation ip netstream export source ip netstream export rate Use ip netstream export rate to configure the limit on the NetStream data export rate Use undo ip netstream export rate to remove the Net...

Page 183: ...ds that you connect the network management interface to the NetStream server and configure it as the source interface Examples Configure the source interface for NetStream data export as GigabitEthernet 2 0 0 Sysname system view Sysname ip netstream export source interface gigabitethernet 2 0 0 Related commands ip netstream aggregation ip netstream export v9 template refresh rate packet Use ip net...

Page 184: ...ersion 9 templates again to the NetStream server Sysname system view Sysname ip netstream export v9 template refresh rate packet 100 Related commands ip netstream export v9 template refresh rate time ip netstream export v9 template refresh rate time Use ip netstream export v9 template refresh rate time to configure the refresh interval for NetStream version 9 templates so that the templates are se...

Page 185: ...cord data about AS information Use ip netstream export version 9 to export NetStream data in version 9 format and choose whether to record data about AS and BGP next hop information Statistics about BGP next hop can be exported in version 9 format only Use undo ip netstream export version to restore the default Syntax ip netstream export version 5 origin as peer as ip netstream export version 9 or...

Page 186: ...tream collects statistics about all IPv4 packets passing through the interface Views Interface view Default command level 3 Manage level Parameters acl acl number Specifies an ACL number in the range of 2000 to 3999 inbound Filters incoming traffic outbound Filters outgoing traffic Usage guidelines The NetStream filtering function is not effective on MPLS packets If NetStream filtering and samplin...

Page 187: ... max entries Specifies maximum number of entries that the cache can save The value range is 1000 to 620000 aging Ages out the entries in the cache when the maximum number is reached disable caching Disables creation of a new entry when the maximum number is reached Usage guidelines The following matrix shows the command and router compatibility Command SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X...

Page 188: ...unt IP fields label position1 Specifies the position of the first label in the label stack in the range of 1 to 6 label position2 Specifies the position of the second label in the label stack in the range of 1 to 6 label position3 Specifies the position of the third label in the label stack in the range of 1 to 6 Usage guidelines The ip netstream mpls command enables statistics collection of MPLS ...

Page 189: ...Use ip netstream timeout active to set the aging timer for active flows This timer applies to NetStream traditional data flows Use undo ip netstream timeout active to restore the default Syntax ip netstream timeout active minutes undo ip netstream timeout active Default The aging timer is 30 minutes for active flows Views System view Default command level 3 Manage level Parameters minutes Sets the...

Page 190: ...eters seconds Sets the aging timer in seconds for inactive flows in the range of 10 to 600 Usage guidelines You can configure both the aging timer for active flows and the aging timer for inactive flows When either timer for a flow expires the flow is aged out The time precision is 10 seconds Examples Set the aging timer to 60 seconds for inactive flows Sysname system view Sysname ip netstream tim...

Page 191: ...he cache takes several minutes and the system does not perform NetStream data collection during this process Examples Age out and export all NetStream data and clear the cache Sysname reset ip netstream statistics This process may take a few minutes Netstream statistic function is disabled during this process ...

Page 192: ...ation Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines The following matrix sh...

Page 193: ...0 0x0 RAGG1 1 I 824 MPLS BGP 0 48 0 0 0 1 1028 0 1 TcpFlag 16 DstMask 64 SrcMask 64 DstAS 0 SrcAS 0 Nexthop 30 2 BgpNexthop OutVRF 0 InVRF 0 SamplerMode 0 SamplerInt 0 Active 13 Bytes Pkt 1490 IP 30 2 1025 20 CE 1000 6 0 0x0 RAGG1 1 I 803 MPLS BGP 0 48 0 0 0 1 1028 0 1 TcpFlag 16 DstMask 64 SrcMask 64 DstAS 0 SrcAS 0 Nexthop 30 2 BgpNexthop OutVRF 0 InVRF 0 SamplerMode 0 SamplerInt 0 Active 13 Byt...

Page 194: ...ackets Active sec Idle sec Streams Sec Sec stream stream stream MPLS 77000 5535 1 4718 60 0 Type DstIP Port SrcIP Port Pro TC FlowLbl If Direct Pkts DstMAC VLAN SrcMAC VLAN TopLblType IP MASK Lbl Exp S List IP 30 2 1025 20 C7 1000 6 0 0x0 RAGG1 1 O 271 MPLS UNKNOWN 0 0 0 0 0 1 1028 0 1 TcpFlag 16 DstMask 64 SrcMask 64 DstAS 0 SrcAS 0 Nexthop D01 102 BgpNexthop FFFF 303 303 OutVRF 0 InVRF 0 Sampler...

Page 195: ...ream entries been counted Number of free MPLS flows that are counted IPL2 stream entries been counted Number of free IP and Layer 2 flows that are counted Last statistics reset time This field is an absolute time and will not change with the system time It is displayed only when the reset ipv6 netstream statistics command is executed Otherwise the value for this is Never IPv6 packet size distribut...

Page 196: ...ent the code field The value for the source port is set to 0 and does not indicate any statistics DstMAC VLAN SrcMAC VLAN Layer 2 information about the active flows in the cache including destination MAC address destination VLAN ID source MAC address and source VLAN ID TopLblType IP MASK Lbl Exp S List Information about the active MPLS flows in the cache including type of the labels at the top of ...

Page 197: ... 16 0 AS aggregation export information Stream source interface GigabitEthernet2 0 0 Stream destination VPN instance VPN1 Stream destination IP UDP 10 10 0 10 30000 Version 9 exported stream number 16 Version 9 exported UDP datagram number failed 2 0 Table 41 Command output Field Description IPv6 export information Statistics about IPv6 NetStream data export in version 9 Stream source interface So...

Page 198: ... exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines The following matrix shows the option and router compatibility Option SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6616 X sl...

Page 199: ...8 In bytes 8 First switched 4 Last switched 4 Source AS 4 Destination AS 4 Input SNMP 4 Output SNMP 4 IP protocol version 1 Direction 1 Sampling algorithm 1 PAD 1 Sampling interval 4 IPv6 outbound template Template ID 3305 Packets 0 Last template export time Never Field count 27 Field type Field length byte Out packets 8 Out bytes 8 First switched 4 Last switched 4 Input SNMP 4 Output SNMP 4 IPv6 ...

Page 200: ...am templates Number of templates that have been created after the system starts AS outbound template Information about the AS template in the outbound direction AS inbound template Information about the AS template in the inbound direction Packets Number of packets sent using the template A packet may contain multiple flows and different flows may use different templates The number of packets is i...

Page 201: ... Default IPv6 NetStream is disabled on an interface Views Interface view Default command level 3 Manage level Parameters inbound Filters incoming IPv6 traffic outbound Filters outgoing IPv6 traffic Examples Enable IPv6 NetStream for incoming traffic on interface GigabitEthernet 2 0 0 Sysname system view Sysname interface gigabitethernet 2 0 0 Sysname GigabitEthernet2 0 0 ipv6 netstream inbound ipv...

Page 202: ...ation by source AS number source address mask length source prefix and inbound interface index Usage guidelines In IPv6 NetStream aggregation view you can perform the following tasks Enable or disable the specific IPv6 NetStream aggregation Configure the source interface destination IP address and destination port for IPv6 NetStream data export Examples Set the IPv6 NetStream aggregation mode as A...

Page 203: ...estination address and destination UDP port number configured in aggregation view takes precedence over those configured in system view If no destination address or destination UDP port number is configured in aggregate view those configured in system view apply Up to four different destination addresses including addresses in different VPNs can be configured in one aggregation view If you have co...

Page 204: ...t rate limit applies to each card As the aging timer is different the configuration may not be very accurate on a multi CPU device Examples Allow 10 packets at most to be exported per second Sysname system view Sysname ipv6 netstream export rate 10 ipv6 netstream export source Use ipv6 netstream export source to configure the source interface for IPv6 NetStream data export Use undo ipv6 netstream ...

Page 205: ... packets are sent Use undo ipv6 netstream export v9 template refresh rate packet to restore the default Syntax ipv6 netstream export v9 template refresh rate packet packets undo ipv6 netstream export v9 template refresh rate packet Default Version 9 templates are sent every 20 packets Views System view Default command level 3 Manage level Parameters packets Specifies the number of packets that are...

Page 206: ...nutes Specifies the refresh interval in minutes that the device waits after IPv6 NetStream version 9 templates are sent to the NetStream server It is in the range of 1 to 3600 Usage guidelines Version 9 is template based and supports user defined formats so the NetStream device needs to send the new template to the NetStream server for an update If the version 9 format is changed on the NetStream ...

Page 207: ...Ss bgp nexthop Exports statistics about BGP next hops Usage guidelines An IPv6 NetStream entry for a flow records the source IPv6 address and destination IPv6 address and two AS numbers for each IP address You can configure which AS numbers to be exported as the source AS and destination AS Examples Configure the device to export IPv6 NetStream data in version 9 format and record the number of AS ...

Page 208: ... X SR6616 X ipv6 netstream max entry Yes Yes Yes on routers with the MCP MPU No Examples Set the maximum entries in the cache to 5000 Sysname system view Sysname ipv6 netstream max entry 5000 Disable creation of a new entry when the upper limit is reached Sysname system view Sysname ipv6 netstream max entry disable caching Age out the entries when the upper limit is reached Sysname system view Sys...

Page 209: ...nactive flows This timer applies to only NetStream traditional data flows Use undo ipv6 netstream timeout inactive to restore the default Syntax ipv6 netstream timeout inactive seconds undo ipv6 netstream timeout inactive Default The aging timer is 30 seconds for inactive flows Views System view Default command level 3 Manage level Parameters seconds Sets the aging time in seconds for inactive flo...

Page 210: ...System level Usage guidelines When you execute the command messages appear telling you that the process of clearing the cache takes several minutes and the system does not perform NetStream during this process Examples Age out and export all IPv6 NetStream data and clear the cache Sysname reset ipv6 netstream statistics This process may take a few minutes Netstream statistic function is disabled d...

Page 211: ...ined name For information about configuring a channel name see info center channel name Table 43 Information channels for different output destinations Output destination Information channel number Default channel name Console 0 console Monitor terminal 1 monitor Log host 2 loghost Trap buffer 3 trapbuffer Log buffer 4 logbuffer SNMP module 5 snmpagent Web interface 6 channel6 Log file 9 channel9 ...

Page 212: ...urce module NAME Name of the source module default means all modules are allowed to output system information but the actual modules depend on the device model ENABLE Indicates whether log output is enabled Y or N LOG_LEVEL Log information severity See Table 45 for details ENABLE Indicates whether trap output is enabled Y or N TRAP_LEVEL Trap information severity See Table 45 for details ENABLE In...

Page 213: ...pped messages 0 overwritten messages 740 channel number 4 channel name logbuffer Trap buffer enabled max buffer size 1024 current buffer size 256 current messages 216 dropped messages 0 overwritten messages 0 channel number 3 channel name trapbuffer logfile channel number 9 channel name channel9 syslog channel number 6 channel name channel6 Information timestamp setting log date trap date debug da...

Page 214: ...e Specifies the number of latest log messages to be displayed in the range of 1 to 1024 slot slot number Specifies a card by its slot number Filters command output by specifying a regular expression For more information about regular expressions see Fundamentals Configuration Guide begin Displays the first line that matches the specified regular expression and all lines that follow exclude Display...

Page 215: ...dropped messages Overwritten messages Number of overwritten messages when the buffer size is not big enough to hold all messages the latest messages overwrite the old ones Current messages Number of current messages display logbuffer summary Use display logbuffer summary to display the summary of the log buffer Syntax display logbuffer summary level severity slot slot number begin exclude include ...

Page 216: ...04 SR6608 SR6616 SR6604 X SR6608 X SR6616 X router Display the summary of the log buffer Sysname display logbuffer summary SLOT EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 3 0 0 0 0 16 0 1 0 Table 47 Command output Field Description SLOT Slot number of the card EMERG Represents emergency See Table 45 for details ALERT Represents alert See Tabl...

Page 217: ...y Examples Display the contents of the log file buffer Sysname display logfile buffer 27091414 Aug 7 08 04 02 470 2009 Sysname IFNET 4 INTERFACE UPDOWN Trap 1 3 6 1 6 3 1 1 5 4 linkUp Interface 983040 is Up ifAdminStatus is 1 ifOperStatus is 1 display logfile summary Use display logfile summary to display the log file configuration Syntax display logfile summary begin exclude include regular expre...

Page 218: ...on Views Any view Default command level 1 Monitor level Parameters reverse Displays trap entries chronologically with the most recent entry at the top Without this keyword the command displays trap entries chronologically with the oldest entry at the top size buffersize Specifies the number of latest trap messages to be displayed in the range of 1 to 1024 Filters command output by specifying a reg...

Page 219: ...Down ifAdminStatus is 1 ifOperStatus is 2 Aug 7 08 39 53 302 2009 Sysname SHELL 4 LOGIN Trap 1 3 6 1 4 1 2011 10 2 2 1 1 3 0 1 h3cLogIn login from VTY Aug 7 08 43 25 583 2009 Sysname CFGMAN 4 TRAP 1 3 6 1 4 1 2011 10 2 4 2 1 h3cCfgManEventlog configure changed EventIndex 1 CommandSource 2 ConfigSource 4 ConfigDestination 2 Table 49 Command output Field Description Trapping buffer configuration and...

Page 220: ...annel name Use info center channel name to name a channel Use undo info center channel to command to restore the default name for a channel Syntax info center channel channel number name channel name undo info center channel channel number Default See Table 43 for information about default channel names and channel numbers Views System view Default command level 2 System level Parameters channel n...

Page 221: ...of 0 to 9 channel name Specifies a channel by its name a default name or a self defined name For information about configuring a channel name see info center channel name Usage guidelines The info center console channel command takes effect only when the information center has been enabled with the info center enable command Examples Specify the console output channel as channel 0 Sysname system v...

Page 222: ...w Default command level 2 System level Usage guidelines System information can be sent to a log host in H3C or UNICOM format For more information see Network Management and Monitoring Configuration Guide Examples Set the UNICOM format for system information sent to a log host Sysname system view Sysname info center format unicom info center logbuffer Use info center logbuffer to configure informat...

Page 223: ...le command Examples Output system information to the log buffer through channel 4 and set the log buffer size to 50 Sysname system view Sysname info center logbuffer size 50 info center logfile enable Use info center logfile enable to enable the log file feature Use undo info center logfile enable to disable the log file feature Syntax info center logfile enable undo info center logfile enable Def...

Page 224: ...runs out of memory new logs cannot be written into the log file Use undo info center logfile overwrite protection to disable log file overwrite protection When the size of the log file reaches the upper limit or the storage device runs out of memory the device deletes the old logs in the log file and writes new logs into the log file Syntax info center logfile overwrite protection all port powerdo...

Page 225: ...rs size Specifies the maximum storage space reserved for a log file in the range of 1 to 10 MB Examples Set the maximum storage space reserved for a log file to 6 MB Sysname system view Sysname info center logfile size quota 6 info center logfile switch directory Use info center logfile switch directory to configure the directory where a log file is saved Syntax info center logfile switch director...

Page 226: ...ters vpn instance vpn instance name Specifies an MPLS L3VPN by its name a case sensitive string of 1 to 31 characters If the log host is on the public network do not specify this option ipv6 host ipv6 address Specifies the IPv6 address of a log host host ipv4 address Specifies the IPv4 address of a log host port port number Specifies the port number of the log host The value range is 1 to 65535 an...

Page 227: ...ysname info center loghost ipv6 1 1 info center loghost source Use info center loghost source to specify the source IP address for output log information Use undo info center loghost source to restore the default Syntax info center loghost source interface type interface number undo info center loghost source Default The source IP address of output log information is the primary IP address of the ...

Page 228: ...e FTP server by using the username ftp The following log information is displayed on the log host the DevIP 2 2 2 2 field identifies the source IP address 189 May 31 05 38 14 2003 Sysname 10FTPD 5 FTPD_LOGIN l DevIP 2 2 2 2 User ftp 192 168 1 23 has logged in successfully info center monitor channel Use info center monitor channel to configure the monitor channel The system uses this channel to ou...

Page 229: ... by its number in the range of 0 to 9 channel name Specifies a channel by its name a default name or a self defined name For information about configuring a channel name see the info center channel name command Examples Output system information to the SNMP module through channel 6 Sysname system view Sysname info center snmp channel 6 Related commands display snmp agent info center source Use inf...

Page 230: ...output rule set by using the default keyword If you use the default keyword to set an output rule for all the modules without specifying the debug log and trap keywords the default output rules for the modules are used See Table 50 for more information about default output rules If you use the module name argument to set the output rule for a module without specifying the debug log and trap keywor...

Page 231: ...ll supported modules Disabled Debug Enabled Informatio nal Disabled Debug Log file All supported modules Enabled Debug Enabled Debug Disabled Debug Examples Output VLAN module s trap information with a severity level of at least emergency to channel console All other system information cannot be output to this channel Sysname system view Sysname info center source default channel console debug sta...

Page 232: ...is example Apr 29 08 12 44 71 2007 Sysname IFNET 4 LINK UPDOWN GigabitEthernet2 0 1 link status is UP Enter configuration to complete the display current configuration command and press the Enter key to execute the command Enable synchronous information output and then save the current configuration enter interactive information Sysname system view Sysname info center synchronous Info center synch...

Page 233: ...ntax info center timestamp debugging log trap boot date none undo info center timestamp debugging log trap Default The timestamp format for system information is date Views System view Default command level 2 System level Parameters debugging Sets the timestamp format for debug information log Sets the timestamp format for log information trap Sets the timestamp format for trap information boot Se...

Page 234: ...rver by using the username ftp the log information generated is as follows May 30 05 36 29 579 2003 Sysname FTPD 5 FTPD_LOGIN User ftp 192 168 1 23 has logged in successfully Configure the timestamp format for log information as none Sysname system view Sysname info center timestamp log none At this time if you log in to the FTP server by using the username ftp the log information generated is as ...

Page 235: ...e undo info center trapbuffer to disable information output to the trap buffer Syntax info center trapbuffer channel channel number channel name size buffersize undo info center trapbuffer channel size Default The system outputs information to the trap buffer through channel 3 trapbuffer and the maximum buffer size is 256 Views System view Default command level 2 System level Parameters size buffe...

Page 236: ...uency command The directory for the log file can be specified using the info center logfile switch directory command Views Any view Default command level 2 System level Usage guidelines The system clears the log file buffer after saving logs from the buffer to the log file automatically or manually Examples Save logs in the log file buffer into the log file Sysname logfile save reset logbuffer Use...

Page 237: ... debug information execute the terminal monitor and terminal debugging commands enable information center enabled by default and finally use a debugging command to enable the related debugging The configuration of this command is only valid for the current connection between the terminal and the device If a new connection is established the display of debugging information on the terminal restores...

Page 238: ...nal logging is off terminal monitor Use terminal monitor to enable the monitoring of system information on the current terminal Use undo terminal monitor to disable the monitoring of system information on the current terminal Syntax terminal monitor undo terminal monitor Default Monitoring of the system information is enabled on the console and disabled on the monitor terminal Views User view Defa...

Page 239: ...ap information on the current terminal is enabled Views User view Default command level 1 Monitor level Usage guidelines To view the trap information execute the terminal monitor and terminal trapping commands and then enable the information center enabled by default The configuration of this command is only valid for the current connection between the terminal and the device If a new connection i...

Page 240: ... match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Usage guidelines The following matrix shows the option and router compatibility Option SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6616 X slot slot number No Yes Yes Yes Before us...

Page 241: ...not configured this field does not appear Address of log server IP address and port number of the log server VPN instance VPN instance to which the flow logging server belongs You can specify a VPN instance only for an IPv4 log server Total logs UDP packets exported Total number of flow logs exported and total number of the UDP packets carrying these flow logs a UDP packet may carry multiple flow ...

Page 242: ...ffer slot slot number Views User view Default command level 2 System level Parameters slot slot number Specifies a card by its slot number Usage guidelines The system saves flow logs in the cache before exporting them to the information center or log server Clearing flow logs in the cache might cause loss of log information Use this command with caution Before executing this command make sure the ...

Page 243: ...gging server udp port Specifies the UDP port number of the flow logging server in the range of 0 to 65535 slot slot number Specifies a card by its slot number Usage guidelines To output flow logs in UDP packets you must specify a flow logging server Otherwise the flow logs cannot be exported To avoid collision with general UDP port numbers use UDP port numbers in the range 1025 to 65535 The specif...

Page 244: ...1 2 3 6 and port 2001 on the IPv4 log server 1 2 3 7 Sysname system view Sysname userlog flow export slot 2 host 1 2 3 6 2000 Sysname userlog flow export slot 2 host 1 2 3 7 2001 Related commands userlog flow export host ipv6 userlog flow export host ipv6 Use userlog flow export host to configure the IPv6 address and UDP port number of the log server Use the undo userlog flow export host command t...

Page 245: ...tely You can specify at most two log servers of the same type or different types There are three types of log servers the VPN flow logging server the IPv4 flow logging server and the IPv6 flow logging server If you have already specified two servers for an interface card you must delete one to specify a new one If you specify a new server that has the same IP address as but has different other inf...

Page 246: ...ted commands userlog flow export host userlog flow export timestamps localtime Use userlog flow export timestamps localtime to configure the device to timestamp flow logs in the local time Use undo userlog flow export timestamps localtime to restore the default Syntax userlog flow export timestamps localtime undo userlog flow export timestamps localtime Default Exported flow logs are time stamped ...

Page 247: ...System level Parameters version number Specifies the flow logging version number 1 or 3 Usage guidelines If you configure the flow logging version multiple times only the most recent configuration takes effect Examples Set the flow logging version to 3 0 Sysname system view Sysname userlog flow export version 3 userlog flow syslog Use userlog flow syslog to export flow logs to the information cent...

Page 248: ...same time the system automatically exports the flow logs to the information center Exporting flow logs to the information center occupies device storage space Use this export approach only if there are a small amount of logs Examples Export flow logs to the information center Sysname system view Sysname userlog flow syslog ...

Page 249: ...begin Displays the first line that matches the specified regular expression and all lines that follow exclude Displays all lines that do not match the specified regular expression include Displays all lines that match the specified regular expression regular expression Specifies a regular expression a case sensitive string of 1 to 256 characters Examples Display the sFlow configuration and operati...

Page 250: ...g Remaining lifetime of the sFlow collector If the sFlow collector never ages out this field displays N A Size Maximum length of the sFlow data portion in an sFlow packet Description Description of the sFlow collector sFlow Port Information Information about the sFlow enabled ports Interface sFlow enabled interface CID ID of the target collector for receiving the counter sampling data Interval s C...

Page 251: ...n IPv6 address for the sFlow agent Usage guidelines H3C recommends that you manually configure an IP address for the sFlow agent Only one IP address can be specified for the sFlow agent on the device Examples Specify IP address 10 10 10 1 for the sFlow agent Sysname system view Sysname sflow agent ip 10 10 10 1 sflow collector Use sflow collector to configure parameters for an sFlow collector Use ...

Page 252: ...er configured the system does not save its configuration in the configuration file By default the sFlow collector never ages out Examples Specify sFlow collector 2 s destination IP address as 3 3 3 1 port number as the default description as netserver aging time as 1200 seconds and maximum length of the sFlow data portion as 1000 bytes Sysname system view Sysname sflow collector 2 ip 3 3 3 1 descr...

Page 253: ...or 2 on GigabitEthernet 4 0 0 for counter sampling Sysname system view Sysname interface gigabitethernet 4 0 0 Sysname GigabitEthernet4 0 0 sflow counter collector 2 sflow flow collector Use sflow flow collector to specify an sFlow collector for flow sampling Use undo sflow flow collector to remove the sFlow collector for flow sampling Syntax sflow flow collector collector id undo sflow flow colle...

Page 254: ... be copied in the range of 18 to 512 Examples Set the maximum number of bytes that can be copied to 60 on GigabitEthernet 4 0 1 Sysname system view Sysname interface gigabitethernet 4 0 1 Sysname GigabitEthernet4 0 1 sflow flow max header 60 sflow sampling mode Use sflow sampling mode to specify the packet sampling mode Use undo sflow sampling mode to restore the default Syntax sflow sampling mode...

Page 255: ...e sflow sampling rate to specify the number of packets out of which flow sampling will sample a packet on an interface Use undo sflow sampling rate to disable sampling Syntax sflow sampling rate rate undo sflow sampling rate Views Interface view Default command level 2 System level Parameters rate Specifies the number of packets out of which flow sampling will sample a packet on the interface The ...

Page 256: ...6 ipv6 address undo sflow source ip ipv6 Default No source IP address is specified for sFlow packets Views System view Default command level 2 System level Parameters ip ip address Specifies the source IPv4 address of sFlow packets ipv6 ipv6 address Specifies the source IPv6 address of sFlow packets Examples Specify the source IPv4 address of sFlow packets as 10 0 0 1 Sysname system view Sysname s...

Page 257: ...ation port Displays gateway mode forwarding entries by destination port protocol Displays gateway mode forwarding entries by protocol type ip address mask length Specifies an IP address in dotted decimal notation and the mask The value range for the mask length argument is 1 to 32 port number Specifies a TCP or UDP port number in the range of 0 to 65535 tcp Displays gateway mode forwarding entries...

Page 258: ...02 202 2 1025 UDP GE0 1 GE0 2 65621544 222 222 222 135 1075 202 202 202 2 1025 UDP GE0 1 GE0 2 65621544 222 222 222 238 1077 202 202 202 2 1025 UDP GE0 1 GE0 2 65621544 Total found 3 items Display the gateway mode forwarding entries by destination IP address 202 202 202 2 24 H3C display gateway mode forwarding cache destination ip 202 202 202 2 24 Gateway mode Forwarding cache Source IP Port Dest ...

Page 259: ...teway mode undo gateway mode Default The router operates in normal mode Views System view Default command level 2 System level Parameters None Usage guidelines To validate gateway mode you must restart the router after you execute the gateway mode command The display current configuration command does not show information about gate mode configuration To view the current and the next startup opera...

Page 260: ... the option and router compatibility Option SR6602 SR6602 X SR6604 SR6608 SR6616 SR6604 X SR6608 X SR6616 X slot slot number No No Yes when using the RPE X1 or RSE X1 MPU No when using the MCP MPU Yes Examples Display the gateway mode forwarding entries of the router by destination IP address 202 202 202 2 24 H3C display gateway mode forwarding cache destination ip 202 202 202 2 24 Gateway mode Fo...

Page 261: ...teway mode Forwarding cache Source IP Port Dest IP Port Pro In_If Out_If Bytes 222 222 222 91 1031 202 202 202 2 1025 UDP GE0 0 1 GE0 0 2 0 222 222 223 100 1094 202 202 202 2 1025 UDP GE0 0 1 GE0 0 2 0 222 222 225 9 1111 202 202 202 2 1025 UDP GE0 0 1 GE0 0 2 0 Total found 3 items ...

Page 262: ... summary 209 display mib style 130 display mirroring group 153 display nqa history 18 display nqa reaction counters 19 display nqa result 21 display nqa server status 65 display nqa statistics 25 display ntp service sessions 69 display ntp service status 73 display ntp service trace 74 display rmon alarm 132 display rmon event 133 display rmon eventlog 135 display rmon history 136 display rmon pri...

Page 263: ...out active 181 ip netstream timeout inactive 182 ipc performance enable 95 ipv6 netstream 193 ipv6 netstream aggregation 193 ipv6 netstream export host 194 ipv6 netstream export rate 196 ipv6 netstream export source 196 ipv6 netstream export v9 template refresh rate packet 197 ipv6 netstream export v9 template refresh rate time 198 ipv6 netstream export version 9 199 ipv6 netstream max entry 199 i...

Page 264: ...g flow export 233 reset userlog flow logbuffer 234 resolve target 55 rmon alarm 142 rmon event 144 rmon history 145 rmon prialarm 146 rmon statistics 148 route option bypass route 56 S sampler 151 sflow agent 242 sflow collector 243 sflow counter collector 245 sflow counter interval 244 sflow flow collector 245 sflow flow max header 246 sflow sampling mode 246 sflow sampling rate 247 sflow source ...

Page 265: ...userlog flow export host ipv6 236 userlog flow export source ip 237 userlog flow export timestamps localtime 238 userlog flow export version 239 userlog flow syslog 239 username FTP operation view 64 V vpn instance ICMP echo operation view 64 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands