manualshive.com logo in svg

Huawei Quidway S3526, Getting Started

Introducing the Huawei Quidway S3526 - an advanced network switch designed to enhance connectivity. Begin your journey with the S3526 by easily accessing the comprehensive "Getting Started" manual for free download from manualshive.com. Unleash the full potential of this product with detailed instructions at your fingertips.

Share
Download
background image

Command Manual - QoS/ACL 
Quidway S3500 Series Ethernet Switches  

Chapter 1  ACL Commands

 

Huawei Technologies Proprietary 

1-33 

 

  Note: 

During self-defining flow-template configuration, if you configured any of the three 

parameters: dport, sport or tcp-flag, you must configure the ip-protocol parameter at the 

same time. Otherwise, the flow template fails to operate. 

If you need to define the rule of layer 2 ACL by using parameter tagged or untagged, 

you are required to configure the ethernet-protocol parameter in self-defining 

flow-template configuration. 

 

A flow template is defined by default, which includes the quintuple of source IP, 

destination IP, source TCP/UDP port, destination TCP/UDP port, IP protocol code. 

You cannot modify or delete the default flow template, but those you have defined. 

For the related command, see 

display

 

flow-template

Example 

# Define a flow template which classifies traffic by source and destination IP addresses, 

source and destination TCP/UDP ports, DSCP domain in the IP packet header. 

[Quidway] flow-template user-defined ip-protocol sip dip sport dport dscp 

1.3.8  packet-filter  

Syntax 

I. Command Format in System View 

packet-filter

 

inbound

 

acl-rule

 

interface

 {

 interface-list 

|

 all 

undo

 

packet-filter

 

inbound

 

acl-rule

 

interface

 {

 interface-list 

|

 all 

II. Command Format in Ethernet Port View 

packet-filter

 

inbound

 

acl-rule

 

undo

 

packet-filter

 

inbound

 

acl-rule

 

View 

System view/Ethernet Port view 

Parameter 

acl-rule

: the rule of ACL,

 

only the rules including these elements defined in template 

can be sent to target hardware and referenced for such QoS functions as packet 

filtering, traffic policing, priority re-labeling. Otherwise, the rules cannot be activated on 

the hardware. The ACL combined mode is following. 

Summary of Contents for Quidway S3526

Page 1: ...ing Started 2 Port 3 VLAN 4 Network Protocol 5 Routing Protocol 6 Multicast 7 QoS ACL 8 Integrated Management 9 STP 10 Security 11 Reliability 12 System Management 13 Auto Detecting 14 Appendix Quidway S3500 Series Ethernet Switches Command Manual ...

Page 2: ... purchase the products from the sales agent of Huawei Technologies Co Ltd please contact our sales agent If you purchase the products from Huawei Technologies Co Ltd directly Please feel free to contact our local office customer care center or company headquarters Huawei Technologies Co Ltd Address Administration Building Huawei Technologies Co Ltd Bantian Longgang District Shenzhen P R China Post...

Page 3: ...bridge Tellwin Inmedia VRP DOPRA iTELLIN HUAWEI OptiX C C08iNET NETENGINE OptiX iSite U SYS iMUSE OpenEye Lansway SmartAX infoX and TopEng are trademarks of Huawei Technologies Co Ltd All other trademarks and trade names mentioned in this manual are the property of their respective holders Notice The information in this manual is subject to change without notice Every effort has been made in the p...

Page 4: ...ation Quidway S3526E Ethernet Switch Installation Manual It provides information for the system installation Quidway S3526 FM FS Ethernet Switches Installation Manual It provides information for the system installation Quidway S3552 Ethernet Switch Installation Manual It provides information for the system installation Quidway S3526C S3526E FM S3526E FS Ethernet Switches Installation Manual It pro...

Page 5: ...ces the commands used for configuring QoS ACL z Integrated Management This module introduces the commands used for integrated management z STP This module introduces the commands used for configuring STP z Security This module introduces the commands used for configuring 802 1X AAA RADIUS HABP and system guard z Reliability This module introduces the commands used for configuring VRRP z System Man...

Page 6: ...face The keywords of a command line are in Boldface italic Command arguments are in italic Items keywords or arguments in square brackets are optional x y Alternative items are grouped in braces and separated by vertical bars One is selected x y Optional alternative items are grouped in square brackets and separated by vertical bars One or none is selected x y Alternative items are grouped in brac...

Page 7: ...hree keys should be pressed concurrently Key1 Key2 Press the keys in turn For example Alt A means the two keys should be pressed in turn V Mouse operation Action Description Select Press and hold the primary mouse button left mouse button by default Click Select and release the primary mouse button without moving the pointer Double Click Press the primary mouse button twice continuously and quickl...

Page 8: ...Huawei Technologies Proprietary Note Comment Tip Knowhow Thought Means a complementary description ...

Page 9: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Getting Started ...

Page 10: ...play users 1 6 1 1 8 flow control 1 7 1 1 9 free user interface 1 7 1 1 10 header 1 8 1 1 11 history command max size 1 10 1 1 12 idle timeout 1 10 1 1 13 language mode 1 11 1 1 14 lock 1 11 1 1 15 parity 1 12 1 1 16 protocol inbound 1 13 1 1 17 quit 1 13 1 1 18 return 1 14 1 1 19 screen length 1 14 1 1 20 send 1 15 1 1 21 service type 1 15 1 1 22 set authentication password 1 17 1 1 23 shell 1 18...

Page 11: ...This command with the password parameter indicates to perform local password authentication that is you need to configure a login password using the set authentication password cipher simple password command This command with the scheme parameter indicates to perform authentication of local or remote username and password The type of the authentication depends on your configuration For detailed in...

Page 12: ... telnet command on the terminal which will connect the user to a designated device automatically By default auto run is disabled Caution z If you execute this command the user interface can no longer be used to perform routine configurations on the local system Therefore use caution when using this command z Ensure that you will be able to log into the system in some other way to cancel the config...

Page 13: ... the user level settings and the command level settings on the user interface If the two types of settings differ z For the users using AAA RADIUS authentication the commands they can use are determined by the user level settings For example if a use is set to level 3 and the command level on the VTY 0 user interface is level 1 he or she can only use the commands of level 3 or lower when logging i...

Page 14: ...the default bits of the AUX Console This command can only be performed in AUX user interface view By default the value is 8 Example Configure the data bits of AUX Console port to 7 bits Quidway ui aux0 databits 7 1 1 5 display history command Syntax display history command View Any view Parameter None Description Using display history command command you can view the saved history commands For the...

Page 15: ... the relational information of user interface 0 Quidway display user interface 0 Idx Type Tx Rx Modem Privi Auth F 0 AUX 0 9600 3 N Current user interface is active F Current user interface is active and work in async mode Idx Absolute index of user interface Type Type and relative index of user interface Privi The privilege of user interface Auth The authentication mode of user interface A Authen...

Page 16: ...er interface Example Display the information of the current user interface Quidway display users UI Delay Type Ipaddress Username F 0 AUX 0 00 00 00 Table 1 2 Output description of the display users command Field Description F Current user interface is in use and work in asynchronous mode UI Number of the first list is the absolute number of user interface Number of the second list is the relative...

Page 17: ...rt Using undo flow control command you can restore the default flow control mode By default the value is none That is no flow control will be performed This command can only be performed in AUX user interface view Example Configure software flow control on AUX Console port Quidway ui aux0 flow control software 1 1 9 free user interface Syntax free user interface type number View User view Paramete...

Page 18: ...ame and password shell User conversation established header the information output after user conversation has been established If authentication is required it is prompted after the user passes authentication incoming Login header the information output after a Modem user logs in If authentication is required it is prompted after the user passes authentication In this case no shell information is...

Page 19: ...different this initial character pairs with the ending character and is the header contents 3 There are many characters in the first line and the initial character is identical with the ending character this initial character is not the header contents Example Configure the header of setting up a session Mode 1 Input in one line Quidway header shell SHELL Hello Welcome The starting and ending char...

Page 20: ...ing from 0 to 256 By default the size is 10 that is 10 history commands can be saved Description Using history command max size command you can configure the size of the history command buffer Using undo history command max size command you can restore default size of the history command buffer Example Set the history buffer to 20 namely saving 20 history commands Quidway ui aux0 history command m...

Page 21: ...set to 10 minutes Example Configure the timeout value to 1 minute on the AUX user interface Quidway ui aux0 idle timeout 1 0 1 1 13 language mode Syntax language mode chinese english View User view Parameter chinese Configures the language environment of command line interface as Chinese english Configures the language environment of command line interface as English Description Using language mod...

Page 22: ...rk none odd space undo parity View User interface view Parameter even Configures to perform even parity mark Configures to perform mark parity none Configures not to perform parity odd Configures to perform odd parity space Configures to perform space parity Description Using parity command you can configure the parity mode on AUX Console port Using undo parity command you can restore the default ...

Page 23: ...iption Using the protocol inbound command you can configure the protocols supported by a designated user interface By default the user interface supports Telnet and SSH protocols For the related commands see user interface vty Example Configure SSH protocol supported by VTY0 user interface Quidway ui vty0 protocol inbound ssh 1 1 17 quit Syntax quit View Any view Parameter None Description Using q...

Page 24: ... from system view Quidway quit Quidway 1 1 18 return Syntax return View System view or above Parameter None Description Using return command you can return to user view from a view other than user view Combination key Ctrl Z performs the same function with the return command For the related command see quit Example Return to user view from system view Quidway return Quidway 1 1 19 screen length Sy...

Page 25: ...displayed on the terminal screen The screen length 0 command is used to disable this function Example Configure the lines that can be displayed on a screen as 20 lines Quidway ui aux0 screen length 20 1 1 20 send Syntax send all number type number View User view Parameter all Configures to send message to all user interfaces type Specifies the user interface type which can be aux or vty number Spe...

Page 26: ...pe command you can configure which level of command a user can use after logon Using undo service type command you can restore the default level of command a user can use after logon Commands are classified into four levels namely visit level monitoring level system level and management level They are introduced as follows z Visit level Commands of this level involve command of network diagnosis t...

Page 27: ...ironment ping Ping function quit Exit from current command view super Privilege specified user priority level telnet Establish one TELNET connection tracert Trace route function 1 1 22 set authentication password Syntax set authentication password cipher simple password undo set authentication password View User interface view Parameter cipher Configure encrypted text password simple Configure pla...

Page 28: ...dem or Telnet If no password has been set the following prompt will be displayed Login password has not been set Example Configure the local authentication password on VTY 0 to huawei Quidway ui vty0 set authentication password simple huawei 1 1 23 shell Syntax shell undo shell View User interface view Parameter None Description Using shell command you can enable terminal service of a user interfa...

Page 29: ...inal after logon Connection to host lost 1 1 24 speed Syntax speed speed value undo speed View User interface view Parameter speed value Specifies the transmission rate on the AUX Console port in bit s which can be 300 600 1200 4800 9600 19200 38400 57600 or 115200 The default rate is 9600bit s Description Using speed command you can configure the transmission rate on the AUX Console port Using un...

Page 30: ...ts on the AUX Console port Quidway ui aux0 stopbits 2 1 1 26 super Syntax super level View User view Parameter level User level ranging 0 to 3 The default value is 3 Description Using super command you can enable the user to change to user level from the current user level If the user has set the super password level level simple cipher password then user password of the higher level is needed or ...

Page 31: ...y the input A plain text password is a sequential character string of no more than 16 digits for example huawei918 The length of an encrypted password must be 24 digits and in encrypted text for example TT8F Y 5SQ Q MAF4 1 Description Using super password command you can configure the password for changing the user from a lower level to a higher level In order to prevent unauthorized users from il...

Page 32: ...tion Using sysname command you can configure the hostname of the switch Using undo sysname command you can restore the default hostname Changing the hostname of the switch will affect the prompt of command line interface For example if the hostname of the switch is Quidway the prompt in user view will be Quidway Example Configure the hostname of switch to Switch Quidway sysname Switch Switch 1 1 2...

Page 33: ... of the remote switch service port Designates the TCP port on the remote switch providing Telnet service ranging from 0 to 65535 Description Using telnet command you can log in to another switch from the current one via telnet for remote management To terminate the Telnet logon press Ctrl By default when the service port is not specified the default telnet port number is 23 For the related command...

Page 34: ... Quidway ui0 5 1 1 32 user privilege level Syntax user privilege level level undo user privilege level View User interface view Parameter level Specifies which level of command a user can use after logon from the specifically user interface ranging from 0 to 3 Description Using user privilege level command you can configure which level of command a user can use after logon from the specifically us...

Page 35: ...ter you telnet from VTY 0 user interface to the switch you will view the terminal only displays commands at level 0 Quidway User view commands cluster Run cluster command language mode Specify the language environment ping Ping function quit Exit from current command view super Privilege specified user priority level telnet Establish one TELNET connection tracert Trace route function ...

Page 36: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Port ...

Page 37: ...able 1 11 1 1 14 loopback detection enable 1 12 1 1 15 loopback detection interval time 1 13 1 1 16 loopback detection per vlan enable 1 13 1 1 17 mdi 1 14 1 1 18 port access vlan 1 15 1 1 19 port hybrid pvid vlan 1 15 1 1 20 port hybrid vlan 1 16 1 1 21 port link type 1 17 1 1 22 port trunk permit vlan 1 18 1 1 23 port trunk pvid vlan 1 18 1 1 24 reset counters interface 1 19 1 1 25 shutdown 1 20...

Page 38: ...Command Manual Port Quidway S3500 Series Ethernet Switches Table of Contents Huawei Technologies Proprietary ii 3 1 2 port isolate uplink port vlan 3 1 ...

Page 39: ...fies the maximum bandwidth of the broadcast traffic on Ethernet port It ranges from 1 to 100 for 100Mbit s port in Mbit s Description Using broadcast suppression command you can configure the broadcast traffic size enabled on port Once the broadcast traffic exceeds the value set by the user the system will discard some broadcast to ensure network service so that the traffic ratio of broadcast is m...

Page 40: ...on lanswitch interface 1 1 3 display interface Syntax display interface interface_type interface_type interface_num interface_name View Any view Parameter interface_type Specifies the port type interface_num Specifies the port number interface_name Specifies the port name in the interface_name interface_type interface_num format For parameter description refer to the interface command Description ...

Page 41: ...MAX ratio 100 PVID 1 Mdi type auto Port link type access Tagged VLAN ID none Untagged VLAN ID 1 Last 5 minutes input 0 packets sec 0 bytes sec Last 5 minutes output 0 packets sec 0 bytes sec input total 0 packets 0 bytes 0 broadcasts 0 multicasts input normal packets bytes broadcasts multicasts input 0 input errors 0 runts 0 giants throttles 0 CRC 0 frame overruns 0 aborts 0 ignored parity errors ...

Page 42: ...h the duplex mode and the rate are set to auto negotiation The rate of 100Mbps and the mode of full duplex are adopted after negotiating with its peer Flow control is not supported Port flow control state The Maximum Frame Length Maximum length of the Ethernet frames that can pass through the port Broadcast MAX ratio Port broadcast storm suppression ratio PVID Port default VLAN ID Mdi type Cable t...

Page 43: ...output errors 0 underruns buffer failures aborts 0 deferred 0 collisions 0 late collisions lost carrier no carrier The statistics information of input output packets and errors on this port 1 1 4 display loopback detection Syntax display loopback detection View Any view Parameter None Description Using display loopback detection command you can view whether the port loopback detection has been ena...

Page 44: ...nterval is 30 seconds There is no port existing loopback link No port is in the loopback state 1 1 5 display port Syntax display port hybrid trunk View Any view Parameter hybrid Display Hybrid port Trunk Display Trunk port Description Using display port command you can view the ports in the current system whose link type is Hybrid or Trunk If there is any such port display the corresponding port n...

Page 45: ...t auto negotiation mode By default the duplex attribute is auto For the related command see speed Example Configure the Ethernet port Ethernet0 1 as auto negotiation attribute Quidway Ethernet0 1 duplex auto 1 1 7 flow constrain Syntax flow constrain time value flow value bps pps undo flow constrain time value flow value bps pps View Ethernet port view Parameter time value Time interval to detect ...

Page 46: ...idway system view System View return to User View with Ctrl Z Quidway interface ethernet0 1 Quidway Ethernet0 1 flow constrain 10 5000 pps 1 1 8 flow constrain method Syntax flow constrain method shutdown trap undo flow constrain method View Ethernet port view Parameter shutdown Disables the port and sends trap messages trap Sends trap messages only Description Use the flow constrain method comman...

Page 47: ...flow control command you can enable flow control feature on the Ethernet port to avoid discarding data packets due to congestion Using undo flow control command you can disable flow control feature By default flow control on the Ethernet port is disabled Example Enable flow control on Ethernet0 1 Quidway Ethernet0 1 flow control 1 1 10 flow interval Syntax flow interval interval undo flow interval...

Page 48: ...the rear panel and the port number can only be 1 For S3526 FM and S3526 FS Ethernet Switches the slot number ranges from 0 to 4 Slot 0 contains the fixed Ethernet ports provided by the switch and the port number ranges from 1 to 12 Slot 1 or 2 represents the extended Ethernet ports provided by the two extended modules on front panel respectively and the port number range from 1 to 6 Slot 3 or 4 re...

Page 49: ... he must first use this command to enter the Ethernet port view Example Enter the Ethernet0 1 port view Quidway interface ethernet0 1 1 1 12 loopback Syntax loopback external internal View Ethernet port view Parameter external External loop test internal Internal loop test Description Using loopback command you can configure the Ethernet port to perform the loopback test to check whether the Ether...

Page 50: ...on that is when the system finds out that port on a certain VLAN on Trunk or Hybrid port is looped back it only reports the Trap information The Trunk or Hybrid port is still operates in the normal state By default loopback detection controlled function on Trunk or Hybrid port is enabled Note that this command has no effect on Access ports Example Enable the port loopback detection controlled func...

Page 51: ...ection interval time time undo loopback detection interval time View System view Parameter time Specifies the interval of monitoring external loopback conditions of the port It ranges from 5 to 300 measured in seconds By default the interval is 30 seconds Description Using loopback detection interval time command you can configure detection interval for the external loopback condition of each port...

Page 52: ...on Trunk and Hybrid ports Example Configure the detection interval for the external loopback condition of each port to 10 seconds Quidway Ethernet0 1 loopback detection per vlan enable 1 1 17 mdi Syntax mdi across auto normal undo mdi View Ethernet port view Parameter across The network cable type is cross over cable auto The network cable will be recognized whether it is straight through cable or...

Page 53: ...IEEE802 1Q ranging from 2 to 4094 Description Using port access vlan command you can join the access port to a specified VLAN Using undo port access vlan command you can cancel the access port from the VLAN The use condition of this command is the VLAN indicated in vlan_id must exist Example Join Ethernet0 1 port to VLAN3 VLAN3 has existed Quidway Ethernet0 1 port access vlan 3 1 1 19 port hybrid ...

Page 54: ...fault VLAN of the hybrid port Ethernet0 1 to 100 Quidway Ethernet0 1 port hybrid pvid vlan 100 1 1 20 port hybrid vlan Syntax port hybrid vlan vlan_id_list tagged untagged undo port hybrid vlan vlan_id_list View Ethernet port view Parameter vlan_id_list vlan_id_list vlan_id1 to vlan_id2 1 10 specifies which VLAN the hybrid port will be added to It can be discrete The vlan_id ranges from 1 to 4094 ...

Page 55: ...ess Configure the port as access port hybrid Configure the port as hybrid port trunk Configure the port as trunk port Description Using port link type command you can configure the link type of Ethernet port Using undo port link type command you can restore the port as default status i e access port You can configure three types of ports concurrently on the same switch but you cannot switch betwee...

Page 56: ...runk port to all VLANs Description Using port trunk permit vlan command you can join trunk port to specified VLAN Using undo port trunk permit vlan command you can cancel trunk port from specified VLAN Trunk port can belong to multiple VLANs If the port trunk permit vlan command is used many times then the VLAN enabled to pass on trunk port is the set of these vlan_id_list This command can be used...

Page 57: ...1 to 100 Quidway Ethernet0 1 port trunk pvid vlan 100 1 1 24 reset counters interface Syntax reset counters interface interface_type interface_type interface_num interface_name View User view Parameter interface_type Specifies the port type interface_num Specifies the port number interface_name Specifies the port name in the interface_name interface_type interface_num format For parameter descript...

Page 58: ...shutdown View Ethernet port view Parameter None Description Using shutdown command you can disable the Ethernet port Using undo shutdown command you can enable the Ethernet port By default the Ethernet port is enabled Example Enable Ethernet port Ethernet0 1 Quidway Ethernet0 1 undo shutdown 1 1 26 speed Syntax z For 100M Ethernet port this command is in the following format speed 10 100 auto z Fo...

Page 59: ...ure Ethernet port Ethernet0 1 port speed as 10Mbps Quidway Ethernet0 1 speed 10 1 1 27 virtual cable test Syntax virtual cable test View Ethernet port view Parameter None Description Using virtual cable test command you can get the information of the cable test in 5 seconds The test information includes the condition of the cable open or short and the distance between the ethernet port and the cab...

Page 60: ... Using vlan vpn enable command you can enable port VLAN VPN Using undo vlan vpn command you can disable port VLAN VPN By default the port VLAN VPN is disabled Note that if anyone of GVRP GMRP STP 802 1x NTDP and NDP has been enabled on a port VLAN VPN cannot be enabled on it S3552G S3552P S3528G S3528P S3552F Ethernet Switches support this configuration in S3500 series switches Example Enable VLAN...

Page 61: ...ion port group Description Using display link aggregation command you can view the related information on aggregation port If the master port number of an aggregation is specified information on this link aggregation will be displayed If the master port number is not specified information of all link aggregations will be displayed For the related command see link aggregation Example Display the re...

Page 62: ...ending on the source address and destination MAC address ingress Configures that the sub ports in the link aggregation share outgoing load on the port depending on the source MAC addresses master_port_num Master port number in link aggregation all all aggregated ports Description Using link aggregation command you can configure a series of ports to aggregation port and the port with the smallest p...

Page 63: ...tches Chapter 2 Ethernet Port Link Aggregation Commands Huawei Technologies Proprietary 2 3 Example Configure outgoing load balance on the port depending on the source and destination MAC addresses Quidway link aggregation ethernet0 1 to ethernet0 2 both ...

Page 64: ...rt isolate enable Syntax port isolate enable undo port isolate enable View VLAN view Parameter None Description Using port isolate enable command you can enable port L2 isolation in a VLAN Using undo port isolate enable command you can disable port L2 isolation By default port L2 isolation is not enabled in a VLAN that is L2 forwarding is available between the ports in a VLAN Example Enable port L...

Page 65: ...efault no uplink port is configured Note that z After port L2 isolation is enabled in a VLAN then you are allowed to configure a port as uplink port You can only configure one uplink port in a VLAN z You must first restore the uplink port to common isolated port before deleting it from the VLAN z If a Trunk port is set as uplink port then you are recommended to set that all VLAN are allowed to pas...

Page 66: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual VLAN ...

Page 67: ...lan vlan 1 9 1 2 3 port hybrid protocol vlan vlan 1 10 1 2 4 protocol vlan 1 11 Chapter 2 Isolate User Vlan Configuration Commands 2 1 2 1 isolate user vlan Configuration Commands 2 1 2 1 1 display isolate user vlan 2 1 2 1 2 isolate user vlan 2 2 2 1 3 isolate user vlan enable 2 3 Chapter 3 GARP GVRP Configuration Commands 3 1 3 1 GARP Configuration Commands 3 1 3 1 1 display garp statistics 3 1 ...

Page 68: ...Command Manual VLAN Quidway S3500 Series Ethernet Switches Table of Contents Huawei Technologies Proprietary ii 4 1 2 subvlan 4 3 4 1 3 supervlan 4 3 ...

Page 69: ...ID of the VLAN e g VLAN 0001 The default description character string of VLAN interface is the interface name e g Vlan interface1 Interface Description Using description command you can configure a description for the current VLAN or VLAN interface Using undo description command you can restore the default description of current VLAN or VLAN interface For the related command see display vlan displ...

Page 70: ...on about VLAN interface 1 Quidway display interface vlan interface 1 Vlan interface1 current state DOWN Line protocol current state DOWN IP Sending Frames Format is PKTFMT_ETHNT_2 Hardware address is 00e0 fc07 4101 Internet Address is 10 1 1 1 24 Primary Description Vlan interface1 Interface The Maximum Transmit Unit is 1500 1 1 3 display vlan Syntax display vlan vlan_id all static dynamic View An...

Page 71: ...isplay the information about VLAN1 Quidway display vlan 1 VLAN ID 1 VLAN Type static Route interface not configured Description HUAWEI Tagged Ports none Untagged Ports Ethernet0 1 Ethernet0 2 Ethernet0 3 1 1 4 interface vlan interface Syntax interface vlan interface vlan_id undo interface vlan interface vlan_id View System view Parameter vlan_id ID of VLAN interface ranging from 1 to 4094 Descript...

Page 72: ...sses for an VLAN interface so that it can be connected to several subnets Among these IP addresses one is the primary IP address and all others are secondary The relationship between primary and secondary addresses is z When you configure a primary IP address for an interface which already has a primary IP address the newly configured one will replace the old one z If you input undo ip address com...

Page 73: ...e hello 1 1 7 port Syntax port interface_list undo port interface_list View VLAN view Parameter interface_list list of Ethernet ports to be added to or deleted from a certain VLAN expressed as interface_list interface_type interface_num interface_name to interface_type interface_num interface_name 1 10 interface_type is interface type interface_numis interface number and interface_name is interfac...

Page 74: ...tion Using shutdown command you can disable the VLAN interface Using undo shutdown command you can enable the VLAN interface By default when all Ethernet ports are in DOWN status in VLAN interface the VLAN interface is in DOWN status i e disabled status When there is one or more Ethernet ports in VLAN interface are in UP status the VLAN interface is UP This command can be used to start interface a...

Page 75: ...vlan command you can enter VLAN view If the specified VLAN is not created create it first Using undo vlan command you can cancel the specified VLAN VLAN 1 is default VLAN and cannot be deleted For the related commands see display vlan Example Enter the view of VLAN 1 Quidway vlan 1 1 1 10 vlan enable disable Syntax vlan enable disable View System view Parameter enable Enable VLAN features of equip...

Page 76: ...rface Syntax display protocol vlan interface interface type interface num interface name to interface type interface num interface name all View Any view Parameter interface_type interface_num interface_name to interface_type interface_num interface_name Specifies ports You can specify multiple sequential ports with the to parameter instead of specifying only one port interface_name specifies port...

Page 77: ...100 3 mode snap etype 0x0abc 100 5 mode llc dsap 0xac ssap 0xbd 1 2 2 display protocol vlan vlan Syntax display protocol vlan vlan vlan id to vlan id all View Any view Parameter vlan id Displays the protocol information of the specific VLAN ranging from 1 to 4094 all Displays the protocol information of all VLANs Description Using the display protocol vlan vlan command you can view the protocol in...

Page 78: ...or deleted from protocol_index Value of the protocol index ranging from 0 to 6 It must be smaller than protocol_end protocol_end End value of the protocol index ranging form 0 to 6 all All protocols Description Using the port hybrid protocol vlan vlan command you can associate a protocol based VLAN with the specified port Using the undo port hybrid protocol vlan vlan command you can delete the ass...

Page 79: ...ging from 600 to FFFF llc dsap dsap_id ssap ssap_id Logical link control protocol based VLAN dsap_id is the destination service access point ranging from 0 to FF ssap_id is source service access point ranging from 0 to FF snap etype etype_id SNAP Sub Network Access Protocol based protocol etype_id is the Ethernet type of the incoming packet ranging from 600 to FFFF protocol_index Protocol index va...

Page 80: ...Chapter 1 VLAN Configuration Commands Huawei Technologies Proprietary 1 12 Example Specify VLAN 3 to be based on IP protocol Quidway vlan3 protocol vlan ip Specify VLAN 5 to be based on the 123 34 56 0 network segment Quidway vlan5 protocol vlan ip 123 34 56 0 ...

Page 81: ... Description Using display isolate user vlan command you can view the mapping relationship and the ports identifying the mapping relationship between isolate user vlan and Secondary VLAN For the related command see isolate user vlan enable isolate user vlan Example Display the mapping relationship between isolate user vlan and Secondary VLAN Quidway display isolate user vlan Isolate user VLAN Vlan...

Page 82: ...user vlan_num secondary secondary_vlan_numlist to secondary_vlan_numlist View System view Parameter isolate user vlan_num VLAN ID of isolate user vlan ranging from 1 to 4094 secondary_vlan_numlist VLAN ID of Secondary vlan ranging from 1 to 4094 Description Using isolate user vlan command you can associate isolate user vlan to Secondary vlan and establish the mapping relationship between isolate u...

Page 83: ...idway isolate user vlan 10 secondary 2 to 5 9 2 1 3 isolate user vlan enable Syntax isolate user vlan enable undo isolate user vlan enable View VLAN view Parameter None Description Using isolate user vlan enable command you can configure the type of one VLAN as isolate user vlan Using undo isolate user vlan enable command you can cancel the isolate user vlan type of one VLAN By default the type of...

Page 84: ...nings and value range read command parameters description of Port in this document 1 10 Representing the repeatable times of parameters 1 is the minimal and 10 is the maximal Description Using display garp statistics command you can view the GARP statistics information including the number of received sent packet and the number of discarded packet by GVRP GMRP etc Example Display the GARP statisti...

Page 85: ...nd value range read command parameters description of Port in this document 1 10 Representing the repeatable times of parameters 1 is the minimal and 10 is the maximal Description Using display garp timer command you can view the value of GARP timer including Hold timer Join timer Leave timer and LeaveAll timer For the related command see garp timer garp timer leaveall Example Show GARP timer on E...

Page 86: ...essage will starts Leave timer If the entity receives no Join message before the timer goes timeout it will deregister the attribute information timer_value Value of GARP hold timer join timer and leave timer in centisecond The step is 5 centiseconds The range is according to the following rule the value of Join timer should be no less than the doubled value of Hold timer and the value of Leave ti...

Page 87: ...ll timer is started and the new cycle begins For the related command see display garp timer Example Set GARP LeaveAll timer as 1s Quidway garp timer leaveall 100 3 1 5 reset garp statistics Syntax reset garp statistics interface interface_list View User view Parameter interface_list Specifies a list of Ethernet ports on which the GARP statistics information will be cleared expressed as interface_l...

Page 88: ...nterface type interface_num is interface number and interface_name is interface name For their meanings and value range read command parameters description of Port in this document 1 10 Representing the repeatable times of parameters 1 is the minimal and 10 is the maximal Description Using display gvrp statistics command you can view the GVRP statistics information of all the Trunk ports including...

Page 89: ...us information about GVRP Quidway display gvrp status GVRP is enabled 3 2 3 gvrp Syntax gvrp undo gvrp View System view Ethernet port view Parameter None Description Using gvrp command you can enable GVRP Using undo gvrp command you can restore the GVRP to default mode i e disable GVRP By default GVRP is disabled This command can be used to enable disable global GVRP in System view or enable disab...

Page 90: ...gister or deregister VLAN dynamically forbidden Deregisters all VLANs except VLAN 1 and disables to create or register any other VLAN on the port normal Enable to create register and deregister VLAN on the port manually or dynamically Description Using gvrp registration command you can configure GVRP registration type Using undo gvrp registration command you can restore the default type By default...

Page 91: ... supervlan Syntax display supervlan supervlan id View Any view Parameter supervlan id ID of Super VLAN range from 1 to 4094 Description Using display supervlan command you can view the mapping relationship between Super VLAN and Sub VLAN and the ports identified mapping relationship super VLAN and sub VLAN For the related commands see supervlan subvlan Example view the mapping relationship between...

Page 92: ...N Type static It is a Sub VLAN Route Interface not configured Description VLAN 0003 Name VLAN 0003 Broadcast MAX ratio 100 Tagged Ports none Untagged Ports Ethernet0 3 VLAN ID 4 VLAN Type static It is a Sub VLAN Route Interface not configured Description VLAN 0004 Name VLAN 0004 Broadcast MAX ratio 100 Tagged Ports none Untagged Ports Ethernet0 4 VLAN ID 5 VLAN Type static It is a Sub VLAN Route I...

Page 93: ...n commmand you can cancel the mapping relationship between sub VLAN and super VLAN Note that z The sub VLAN must exist before you creat mapping between the sub VLAN and the super VLAN z After creating mapping between the sub VLAN and the super VLAN you can still add or delete Ethernet ports to from the sub VLAN z When using the undo subvlan command without parameter you can remove the mapping betw...

Page 94: ...logies Proprietary 4 4 View VLAN view Parameter None Description Using supervlan commmand you can set current VLAN to super VLAN Using undo supervlan commmand you can cancel the super VLAN type of current VLAN For the related commands see display supervlan Example Set the VLAN 2 to super VLAN Quidway vlan2 supervlan ...

Page 95: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Network Protocol ...

Page 96: ...imer probe 2 4 2 1 7 arp static 2 5 2 1 8 arp timer aging 2 6 2 1 9 debugging arp packet 2 6 2 1 10 display arp 2 7 2 1 11 display arp probe 2 8 2 1 12 display arp source suppression 2 9 2 1 13 display arp timer aging 2 10 2 1 14 reset arp 2 10 2 2 Gratuitous ARP Configuration Commands 2 11 2 2 1 arp send gratuitous enable 2 11 2 2 2 gratuitous arp learning enable 2 12 Chapter 3 ARP Proxy Configur...

Page 97: ...rver 6 3 6 2 2 dhcp server dns list 6 4 6 2 3 dhcp server domain name 6 5 6 2 4 dhcp server expired 6 6 6 2 5 dhcp server forbidden ip 6 7 6 2 6 dhcp server ip pool 6 8 6 2 7 dhcp server nbns list 6 8 6 2 8 dhcp server netbios type 6 9 6 2 9 dhcp server option 6 10 6 2 10 dhcp server ping 6 11 6 2 11 dhcp server static bind 6 12 6 2 12 display dhcp server conflict 6 13 6 2 13 display dhcp server e...

Page 98: ...p relay statistics 6 37 Chapter 7 DHCP Snooping Configuration Commands 7 1 7 1 DHCP Snooping Configuration Commands 7 1 7 1 1 dhcp snooping 7 1 7 1 2 dhcp snooping trust 7 2 7 1 3 display dhcp snooping 7 2 7 1 4 display dhcp snooping trust 7 3 Chapter 8 BOOTP Client Configuration Commands 8 1 8 1 1 debugging bootp client 8 1 8 1 2 display bootp client 8 1 8 1 3 ip address bootp alloc 8 2 Chapter 9...

Page 99: ...ies Proprietary iv 10 1 3 display ip socket 10 3 10 1 4 display ip statistics 10 4 10 1 5 display tcp statistics 10 6 10 1 6 display tcp status 10 7 10 1 7 reset ip statistics 10 8 10 1 8 reset tcp statistics 10 8 10 1 9 tcp timer fin timeout 10 9 10 1 10 tcp timer syn timeout 10 9 10 1 11 tcp window 10 10 ...

Page 100: ...er None Description Using display ip host command you can view all the host names and the corresponding IP addresses Example Display all hosts name and corresponding IP address of the hosts Quidway display ip host Host Age Flags Address es My 0 static 1 1 1 1 Aa 0 static 2 2 2 4 1 1 2 display ip interface Syntax display ip interface interface type interface number View Any view Parameter interface...

Page 101: ...255 The Maximum Transmit Unit 1500 bytes input packets 0 bytes 0 multicasts 0 output packets 0 bytes 0 multicasts 0 DHCP packet deal mode global 1 1 3 ip address Syntax ip address ip address mask mask length sub undo ip address ip address mask mask length sub View VLAN interface view or LoopBack interface view Parameter ip address IP address of VLAN interface mask Corresponding subnet mask mask le...

Page 102: ...address Note that the VLAN interface cannot be configured with the secondary IP address if its IP address is set to be allocated by BOOTP or DHCP For the related command see display ip interface Example Configure the IP address of interface VLAN interface 1 as 202 38 10 66 and subnet mask as 255 255 255 0 Quidway vlan interface1 ip address 202 38 10 66 255 255 255 0 1 1 4 ip host Syntax ip host ho...

Page 103: ...rk Protocol Quidway S3500 Series Ethernet Switches Chapter 1 IP Address Configuration Commands Huawei Technologies Proprietary 1 4 Example Set Lanswtich1 s IP address to be 202 38 0 8 Quidway ip host Lanswitch1 202 38 0 8 ...

Page 104: ...oes not learn the ARP entry where the MAC address is multicast MAC address Using undo arp check enable command you can disable the checking of ARP entry that is the device learns the ARP entry where the MAC address is multicast MAC address By default the checking of ARP entry is enabled that is the device does not learn the ARP entry where the MAC address is multicast MAC address Example Configure...

Page 105: ... 10 2 requiring ARP timed probing on VLAN interface 1 Quidway Vlan interface1 arp probe ip 202 38 10 2 2 1 3 arp source suppression cache Syntax arp source suppression cache cache value undo arp source suppression cache View System view Parameter cache value the number of source IP addresses to be suppressed ranging from 2 to 1024 The default value is 16 Description Using arp source suppression ca...

Page 106: ...he packets with the same source IP address on the port if a host on the network continuously sends the IP packets whose destination IP address cannot be resolved and the traffic within five seconds exceeds the predefined threshold When the time interval 5 seconds is reached the system resumes processing of IP packets This feature can effectively prevent malicious attacks By default ARP source addr...

Page 107: ... display arp source suppression In S3500 Series Ethernet Switches only S3552G S3552P S3528G S3528P and S3552F supports this command Example Configure the maximum number of ARP requests within 5 second interval is 100 Quidway arp source suppression limit 100 2 1 6 arp timer probe Syntax arp timer probe time undo arp timer probe View VLAN interface view Parameter time Interval of ARP timed probing w...

Page 108: ...ace type is port type and interface number is port number For details about interface type interface number and interface name refer to the Port Command Manual Description Using arp static command you can configure the static ARP mapping entries in an ARP mapping table Using undo arp static command you can cancel a static ARP mapping entry from the ARP table By default the mapping table of the sys...

Page 109: ...ng time undo arp timer aging View System view Parameter aging time Aging time of dynamic ARP aging timer which is in the range of 1 to 1440 minutes By default the aging time is 20 minutes Description Using arp timer aging command you can configure the dynamic ARP aging timer Using undo arp timer aging command you can restore the default dynamic ARP aging time For the related command see display ar...

Page 110: ...0e0 fc00 3500 sender_ip_addr 10 110 91 159 target_eth_addr 0000 0000 0000 target_ip_addr 10 110 91 193 0 771584 ARP 8 S1 arp_rcv Receive an ARP Packet operation 2 sender_eth_addr 0050 ba22 6fd7 sender_ip_addr 10 110 91 193 target_eth_addr 00e0 fc00 3 500 target_ip_addr 10 110 91 159 Table 2 1 Output description of the debugging arp packet display Field Description operation Kind of ARP packets 1 A...

Page 111: ...e Display all the ARP entries Quidway display arp IP Address MAC Address VLAN ID Port Name Aging Type 10 1 1 2 00e0 fc01 0102 N A N A N A Static 10 110 91 175 0050 ba22 6fd7 1 Ethernet0 1 20 Dynamic 2 entries found Table 2 2 Output description of the display arp display Field Description IP Address IP address of the ARP mapping entry MAC Address MAC address of the ARP mapping entry VLAN ID VLAN to...

Page 112: ...g information on the interface VLAN1 Quidway display arp probe interface vlan interface 1 Interface Vlan interface1 Probe Timer 5 seconds Probe IP address 10 110 50 1 Table 2 3 Output description of the display arp probe display Field Description Interface Vlan interface1 VLAN interface Probe Timer Interval of ARP timed probing Probe IP address IP address requiring ARP timed probing 2 1 12 display...

Page 113: ...aging timer For the related command see arp timer aging Example Display the current setting of the ARP map aging timer Quidway display arp timer aging Current ARP aging time is 10 minute s 2 1 14 reset arp Syntax reset arp dynamic static interface interface type interface number interface name View User view Parameter dynamic Clear the dynamic ARP mapping entries static Clear the static ARP mappin...

Page 114: ...ation Commands Note This chapter only applies to S3552G S3552P S3528G S3528P S3552F S3526E S3526E FM S3526E FS and S3526C in S3500 series switches 2 2 1 arp send gratuitous enable Syntax arp send gratuitous enable undo arp send gratuitous enable View System view Parameter None Description Use the arp send gratuitous enable command to enable gratuitous ARP packet sending thus checking for the IP ad...

Page 115: ...ble the gratuitous ARP packet sending on the switch Quidway A QuidwayA system view System View return to User View with Ctrl Z QuidwayA undo arp send gratuitous enable 2 2 2 gratuitous arp learning enable Syntax gratuitous arp learning enable undo gratuitous arp learning enable View System view Parameter None Description Use the gratuitous arp learning enable command to enable gratuitous ARP packe...

Page 116: ...nterface interface type interface number View Any view Parameter interface type Specifies the port type interface number Specifies the port number Description Use the display arp proxy command to view the ARP proxy status enabled or disabled See arp proxy enable for related configuration Example Display the ARP proxy status of interface VLAN 2 Quidway display arp proxy 3 1 2 arp proxy Syntax arp p...

Page 117: ...ands Huawei Technologies Proprietary 3 2 Description Use the arp proxy enable command to enable ARP proxy Use the undo arp proxy enable command to disable ARP proxy See display arp proxy for related configuration Example Enable the ARP proxy of VLAN 2 virtual interface Quidway Vlan interface2 arp proxy enable ...

Page 118: ...p client all error event packet undo debugging dhcp client all error event packet View User view Parameter all All DHCP client debugging error DHCP client error including packet unrecognizable debugging event DHCP client event including address allocation and data update debugging packet DHCP client packet debugging Description Using the debugging dhcp client command you can enable DHCP client deb...

Page 119: ...etailed information about address allocation at DHCP client Quidway display dhcp client verbose DHCP client statistic information Vlan interface1 Current machine state BOUND Alloced IP 169 254 0 2 255 255 0 0 Alloced lease 86400 seconds T1 43200 seconds T2 75600 seconds Lease from 2002 09 20 01 05 03 to 2002 09 21 01 05 03 Server IP 169 254 0 1 Transaction ID 0x3d8a7431 Default router 2 2 2 2 DNS ...

Page 120: ...cription Using the ip address dhcp alloc command you can configure VLAN interface to obtain IP address using DHCP Using the undo ip address dhcp alloc command you can remove the configuration By default the VLAN interface doest not obtain IP address using DHCP Example Configure VLAN interface to obtain IP address using DHCP Quidway Vlan interface1 ip address dhcp alloc ...

Page 121: ...interface view Parameter None Description Using address check enable command you can enable the security features of DHCP relay and enable the user address validity check on VLAN interface Using address check disable command you can disable the security features of DHCP relay and disable the user address validity check on VLAN interface By default the switch disables DHCP security features functio...

Page 122: ...ip dhcp server display dhcp server display dhcp server interface vlan interface Example Enable DHCP relay debugging Quidway debugging dhcp relay 0 7200205 DHCP 8 dhcp_debug From client to DHCP Server Interface VLAN Interface 1 ServerGroupNo 0 Type dhcp request ClientHardAddress 0010 dc19 695d DHCP ServerIpAddress 192 168 1 2 0 7200230 DHCP 8 dhcp_debug From DHCP Server to client Interface VLAN Int...

Page 123: ... static Syntax dhcp security static ip_address mac_address undo dhcp security ip_address View System view Parameter ip_address User IP address mac_address User MAC address Description Using dhcp security static command you can configure a user IP address for DHCP Server group Using undo dhcp security command you can cancel a user IP address of DHCP Server group You can use the display dhcp securit...

Page 124: ...rface Using undo dhcp server command you can cancel the VLAN interface from its native DHCP Server group For the related command see dhcp server ip display dhcp server display dhcp server interface vlan interface debugging dhcp relay Example Add VLAN Interface 1 to DHCP Server group1 Quidway Vlan interface1 dhcp server 1 5 1 5 dhcp server detect Syntax dhcp server detect undo dhcp server detect Vi...

Page 125: ...ss of the slave DHCP Server in the group Description Using dhcp server ip command you can configure the IP address of DHCP Server adopted by the DHCP Server group Using undo dhcp server ip command you can cancel the IP addresses all the DHCP Servers in DHCP Server group For the related command see dhcp server display dhcp server debugging dhcp relay Example Configure IP addresses of the master sla...

Page 126: ...f2b2 Static 3 3 3 3 0005 5d02 f2b3 Dynamic 2 dhcp security item s found Table 5 2 Output description of the display dhcp security display Field Description IP Address IP address of the DHCP Server group MAC Address User MAC address of DHCP Server group IP Address Type Type of user address table entry including dynamic address entry and static address entry 5 1 8 display dhcp server Syntax display ...

Page 127: ... of the display dhcp server display Field Description The first IP address of DHCP Server group 0 IP address of the master DHCP Server in DHCP Server group 0 The second IP address of DHCP Server group 0 IP address of the slave DHCP Server in DHCP Server group0 Messages from this server group Number of packets that DHCP relay received from this DHCP Server group Messages to this server group Number...

Page 128: ...erver interface vlan interface Syntax display dhcp server interface vlan interface vlan id View Any view Parameter vlan id VLAN interface Description Using display dhcp server interface vlan interface command you can view the information of the DHCP Server group corresponding to VLAN interface For the related command see dhcp server display dhcp server debugging dhcp relay Example View the informa...

Page 129: ...tches 6 1 DHCP Public Configuration Commands 6 1 1 dhcp enable Syntax dhcp enable undo dhcp enable View System view Parameter None Description Using the dhcp enable command you can enable the DHCP service Using the undo dhcp enable command you can disable the DHCP service By default the DHCP service is enabled Only after the DHCP service is enabled can other DHCP configurations take effect This co...

Page 130: ...lobal address pool interface Configured to send DHCP messages to the local DHCP server where addresses are to be allocated from the appropriate VLAN interface address pool relay Configured to relay DHCP messages to an external DHCP server where addresses are to be allocated interface vlan interface vlan_id to vlan interface vlan_id Specifies VLAN interfaces all All VLAN interfaces Description Usin...

Page 131: ...ou can disable the function By default pseudo DHCP server detection is disabled Example Enable pseudo DHCP server detection Quidway dhcp server detect 6 2 DHCP Server Configuration Commands 6 2 1 debugging dhcp server Syntax debugging dhcp server all error event packet undo debugging dhcp server all error event packet View User view Parameter all All DHCP server debugging error Debugging of the DH...

Page 132: ... address pool on the current VLAN interface dhcp server dns list ip address ip address undo dhcp server dns list ip address all Following is the command for configuring in system view a DNS server address list in DHCP address pools on multiple VLAN interfaces dhcp server dns list ip address ip address interface vlan interface vlan_id to vlan interface vlan_id all undo dhcp server dns list ip addre...

Page 133: ...Syntax Following is the command for configuring in VLAN interface view the domain name to be allocated to the DHCP clients using the DHCP address pool on the current VLAN interface dhcp server domain name domain name undo dhcp server domain name Following is the command for configuring in system view the domain name to be allocated to the DHCP clients using the DHCP address pools on multiple VLAN ...

Page 134: ...in name vlan interface1 com 6 2 4 dhcp server expired Syntax Following is the command for configuring in VLAN interface view the address lease duration to be adopted by the DHCP address pool on the current VLAN interface dhcp server expired day day hour hour minute minute unlimited undo dhcp server expired Following is the command for configuring in system view the address lease duration to be ado...

Page 135: ...pired unlimited 6 2 5 dhcp server forbidden ip Syntax dhcp server forbidden ip low ip address high ip address undo dhcp server forbidden ip low ip address high ip address View System view Parameter low ip address The lowest IP address forbidden in automatic address allocation high ip address The highest IP address forbidden in automatic address allocation which cannot be lower than low ip address ...

Page 136: ...he dhcp server ip pool command you can create a DHCP address pool and access the DHCP address pool view Using the undo dhcp server ip pool command you can delete the specified address pool By default no DHCP global address pool is created For the related command see dhcp enable Example Create DHCP address pool 0 Quidway dhcp server ip pool 0 Quidway dhcp 0 6 2 7 dhcp server nbns list Syntax Follow...

Page 137: ...Using the dhcp server nbns list command you can remove one or all NetBIOS server addresses from the VLAN interface DHCP address pool s By default no NetBIOS server address is configured If you configure NetBIOS server list for multiple times the latest NetBIOS server list will replace the previous one For the related commands see nbns list and dhcp server netbios type Example Assign the NetBIOS se...

Page 138: ...nodes with the peer to peer communications mechanism Description Using the dhcp server netbios type command you can configure NetBIOS node type of the clients using the specified VLAN interface DHCP address pool s Using the undo dhcp server netbios type command you can delete the configuration of NetBIOS node type in the specified VLAN interface DHCP address pool s By default clients are h nodes F...

Page 139: ...string such as hh or hhhh ip address ip address ip address Up to eight IP addresses separated by spaces interface vlan interface vlan_id to vlan interface vlan_id Specifies VLAN interfaces all All VLAN interfaces Description Using the dhcp server option command you can configure a DHCP option for the specified VLAN interface DHCP address pool s Using the undo dhcp server option command you can del...

Page 140: ...undo dhcp server ping command you can restore the default settings Example Allow the DHCP server to send up to ten ping packets and wait 500 milliseconds default for the response to each ping Quidway dhcp server ping packets 10 6 2 11 dhcp server static bind Syntax dhcp server static bind ip address ip address mac address mac address undo dhcp server static bind ip address ip address mac address m...

Page 141: ...dhcp server conflict all ip ip address View Any view Parameter all All IP addresses ip address Specifies an IP address Description Using the display dhcp server conflict command you can view the statistics information about DHCP address conflict For the related command see reset dhcp server conflict Example Display the statistics information about DHCP address conflict Quidway display dhcp server ...

Page 142: ...ls Description Using the display dhcp server expired command you can view information of expired leases in DHCP address pools After all the available addresses in a DHCP address pool are allocated the DHCP server allocates addresses in the expired leases to clients Example Display information of expired leases in DHCP address pools Quidway display dhcp server expired all Global pool IP address Har...

Page 143: ...tion of unallocated IP addresses Example Display ranges of the available addresses in DHCP address pools Quidway display dhcp server free ip IP Range from 1 0 0 0 to 2 2 2 1 IP Range from 2 2 2 3 to 2 255 255 255 IP Range from 4 0 0 0 to 4 255 255 255 IP Range from 5 5 5 0 to 5 5 5 0 IP Range from 5 5 5 2 to 5 5 5 255 6 2 15 display dhcp server ip in use Syntax display dhcp server ip in use ip ip ...

Page 144: ...ation of DHCP address bindings Quidway display dhcp server ip in use all Global pool IP address Hardware address VlanId Lease expiration Type Interface pool IP address Hardware address VlanId Lease expiration Type 6 6 6 1 00e0 fc00 1501 1 Feb 4 2005 07 00 49 AM Auto COMMITTED Table 6 3 Description of the output of display dhcp server ip in use Field Description Global pool Information of address b...

Page 145: ...the DHCP server Quidway display dhcp server statistics Global Pool Pool Number 5 Binding Auto 0 Manual 1 Expire 0 Interface Pool Pool Number 1 Binding Auto 1 Manual 0 Expire 0 Boot Request 6 Dhcp Discover 1 Dhcp Request 4 Dhcp Decline 0 Dhcp Release 1 Dhcp Inform 0 Boot Reply 4 Dhcp Offer 1 Dhcp Ack 3 Dhcp Nak 0 Bad Messages 0 Table 6 4 Description of the output of display dhcp server statistics F...

Page 146: ... sent by the DHCP server to clients Bad Messages Number of messages with errors 6 2 17 display dhcp server tree Syntax display dhcp server tree pool pool name interface vlan interface vlan_id all View Any view Parameter pool pool name Name of a global address pool If no address pool is specified all the global address pools apply interface vlan interface vlan_id Specifies a per interface DHCP addr...

Page 147: ...address 00e0 00fc 0001 Parent node 5 option 1 ip address 255 255 0 expired 1 0 0 option 58 hex 00 00 A8 C0 option 59 hex 00 00 00 3C Pool name 7 network 10 10 1 64 mask 255 255 255 192 PrevSibling node 5 option 1 ip address 255 0 0 0 gateway list 2 2 2 2 dns list 1 1 1 1 domain name 444444 nbns list 3 3 3 3 expired 1 0 0 option 58 hex 00 00 A8 C0 option 59 hex 00 00 00 3C Table 6 5 Description of ...

Page 148: ...e another subnet on the same natural network segment The order of sibling nodes depends on the order in which they are configured PrevSibling node which is the previous sibling node of the current node Option DHCP option expired Address lease duration indicated by days hours and minutes gateway list Egress gateways allocated to DHCP clients dns list DNS servers allocated to DHCP clients domain nam...

Page 149: ...ss pool 0 Quidway dhcp server ip pool 0 Quidway dhcp 0 dns list 1 1 1 254 6 2 19 domain name Syntax domain name domain name undo domain name View DHCP address pool view Parameter domain name Domain name to be assigned to DHCP clients using the global DHCP address pool which is a string of 3 to 50 characters Description Using the domain name command you can specify the domain name to be assigned to...

Page 150: ... Description Using the expired command you can specify the duration that addresses in the global DHCP address pool can be leased Using the undo expired command you can restore the default address lease duration used by the DHCP address pools By default address lease duration is one day The lease duration can be extended up to the year 2106 For the related commands see dhcp server ip pool and dhcp ...

Page 151: ...will replace the previous one Example Assign the egress gateway with the IP address 10 110 1 99 to global DHCP address pool 0 Quidway dhcp server ip pool 0 Quidway dhcp 0 gateway list 10 110 1 99 6 2 22 nbns list Syntax nbns list ip address ip address undo nbns list ip address all View DHCP address pool view Parameter ip address IP address of NetBIOS server You can configure up to eight IP address...

Page 152: ... node Peer to peer mode where NetBIOS nodes get their hostname IP maps by communicating with the NetBIOS server m node Mixed m mode where NetBIOS nodes are p nodes with the broadcast feature h node Hybrid h mode where NetBIOS nodes are b nodes with the peer to peer communications mechanism Description Using the netbios type command you can configure NetBIOS node type of the clients using the globa...

Page 153: ...the configured IP address range for dynamic allocation By default no IP address range is configured for dynamic allocation Each DHCP address pool can have only one network segment If the network command is configured for multiple times the latest configuration replaces the previous one For the related commands see dhcp server ip pool and dhcp server forbidden ip Example Use 192 168 8 0 24 as the a...

Page 154: ... related commands see dhcp server ip pool and dhcp server option Example Define the hexadecimal strings 0x11 and 0x22 with the code 100 in the global DHCP address pool Quidway dhcp server ip pool 0 Quidway dhcp 0 option 100 hex 11 22 6 2 26 reset dhcp server conflict Syntax reset dhcp server conflict ip ip address all View User view Parameter ip address Clears the statistics information about addr...

Page 155: ...t is not specified all VLAN interface address pools apply Description Using the reset dhcp server ip in use command you can clear DHCP dynamic address bindings information For the related command see display dhcp server ip in use Example Clear binding information of the address 10 110 1 1 Quidway reset dhcp server ip in use ip 10 110 1 1 6 2 28 reset dhcp server statistics Syntax reset dhcp server...

Page 156: ...ription Using the static bind ip address command you can configure the IP address to be used in a static binding Using the undo static bind ip address command you can delete the IP address in a binding By default no IP address is bound statically The commands static bind ip address and static bind mac address must be used in pairs to statically bind an IP address with a MAC address For the related...

Page 157: ... to statically bind a MAC address with an IP address For the related commands see dhcp server ip pool and static bind ip address Example Bind the MAC address 0000 e03f 0305 with the IP address 10 1 1 1 using the mask 255 255 255 0 Quidway dhcp 0 static bind ip address 10 1 1 1 mask 255 255 255 0 Quidway dhcp 0 static bind mac address 0000 e03f 0305 6 3 DHCP Relay Configuration Commands 6 3 1 addre...

Page 158: ...terface1 dhcp relay security address check enable Quidway Vlan interface1 address check dhcp relay disable 6 3 2 address check no matched Syntax address check no matched enable address check no matched disable View VLAN interface view Parameter None Description Use the address check no matched enable command to inhibit unknown machines from passing through the DHCP security check Use the address c...

Page 159: ...rror event packet client mac mac address undo debugging dhcp relay error event packet client mac mac address View User view Parameter error Debugging on DHCP relay errors such as unknown messages event DHCP relay event debugging packet Debugging on transmitted and received packets by the DHCP relay client mac mac address MAC address of DHCP client Description Using the debugging dhcp relay command...

Page 160: ...the DHCP relay the DHCP server releases the IP address from the IP in use address pool and moves it to the lease expired queue Normally this address will experience some time before participating in allocation again For the client however this address is not released and will be used until its lease really expires Example Request the DHCP server at 10 110 91 174 to release the IP address 192 2 2 2...

Page 161: ..._address mac_address static undo dhcp relay security ip_address View System view Parameter ip_address IP address in an IP MAC map entry for security check in DHCP relay mac_address MAC address in the IP MAC map entry for security check in DHCP relay Description Using the dhcp relay security command you can configure an IP MAC map entry for security check in DHCP relay Using the undo dhcp relay sec...

Page 162: ... VLAN interfaces Quidway display dhcp relay address all Vlan interface1 DHCP Relay Address Relay Address 0 10 1 1 1 6 3 8 display dhcp relay statistics Syntax display dhcp relay statistics View Any view Parameter None Description Using the display dhcp relay statistics command you can view the statistics information about DHCP relay Example Display the statistics information about DHCP relay Quidw...

Page 163: ...ng the display dhcprelay security command you can view information of address map used for security check by DHCP relay Example Display information of the address map used for security check by DHCP relay Quidway display dhcprelay security IP Address MAC Address IP Address Type 1 1 1 1 00e0 0000 0000 Static 6 3 10 ip relay address Syntax Following is the command for configuring in VLAN interface v...

Page 164: ...ied VLAN interface s relay packets Using the undo ip relay address command you can delete the configured DHCP server address to which the specified VLAN interface s relay packets Example Configure the DHCP server address 202 38 1 2 to which VLAN interface 1 relays packets Quidway Vlan interface1 ip relay address 202 38 1 2 6 3 11 ip relay address cycle Syntax ip relay address cycle undo ip relay a...

Page 165: ...idway ip relay address cycle 6 3 12 reset dhcp relay statistics Syntax reset dhcp relay statistics View User view Parameter None Description Using the reset dhcp relay statistics command you can clear the statistics information about DHCP relay For the related command see display dhcp relay statistics Example Clear the statistics information about DHCP relay Quidway reset dhcp relay statistics ...

Page 166: ...nooping Configuration Commands 7 1 1 dhcp snooping Syntax dhcp snooping undo dhcp snooping View System view Parameter None Description Use the dhcp snooping command to enable DHCP snooping function on the switch Use the undo dhcp snooping command to disable this function By default DHCP snooping function is not enabled Related command display dhcp snooping Note that You must first disable DHCP rel...

Page 167: ...you can configure a trusted port Using undo dhcp snooping trust command you can restore the trusted port as distrusted By default the switch ports are set as distrusted For the related command see display dhcp snooping trust Example Configure Ethernet0 1 as a trusted port Quidway Ethernet0 1 dhcp snooping trust 7 1 3 display dhcp snooping Syntax display dhcp snooping View Any view Parameter None D...

Page 168: ...type IP Address User IP address allocated by the DHCP server MAC Address MAC address Lease Lease time of the IP address VLAN VLAN where the switch port for the user belong Interface The switch port to which the user is connected 7 1 4 display dhcp snooping trust Syntax display dhcp snooping trust View Any view Parameter None Description Using display dhcp snooping trust command you can view the st...

Page 169: ...l Network Protocol Quidway S3500 Series Ethernet Switches Chapter 7 DHCP Snooping Configuration Commands Huawei Technologies Proprietary 7 4 dhcp snooping trust become effective Interface Trusted Ethernet0 1 Trusted ...

Page 170: ...es switches 8 1 1 debugging bootp client Syntax debugging bootp client undo debugging bootp client View User view Parameter None Description Using the debugging bootp client command you can enable BOOTP client debugging Using the undo debugging bootp client command you can disable BOOTP client debugging By default BOOTP client debugging is disabled Example Enable BOOTP client debugging Quidway deb...

Page 171: ...rface1 Allocated IP 169 254 0 2 255 255 0 0 Transaction ID 0x3d8a7431 Mac Address 00e0 fc0a c3ef Table 8 1 Display information description of display bootp client Field Description Vlan interface1 Configure VLAN interface 1 to obtain IP address using BOOTP Transaction ID XID filed value in BOOTP packet 8 1 3 ip address bootp alloc Syntax ip address bootp alloc undo ip address bootp alloc View VLAN...

Page 172: ...uidway S3500 Series Ethernet Switches Chapter 8 BOOTP Client Configuration Commands Huawei Technologies Proprietary 8 3 Example Configure VLAN interface 1 to obtain IP address using BOOTP Quidway Vlan interface1 ip address bootp alloc ...

Page 173: ...ment function Using undo am enable command you can disable the function By default Access management function disabled When using the access management function It is recommended to cancel the static ARP configuration to ensure that the binding of IP address and Ethernet switch take effect If you have configured the static ARP for an IP address in the current port IP address pool from some other p...

Page 174: ...ool is allowed to be forwarded on Layer 3 via the port of the switch Using undo am ip pool command you can cancel the access management IP pool of the port By default All the IP address pools for access control on the port are null and all the packets are permitted through Note that if the IP address pool to be configured contains the IP addresses configured in the static ARP at other ports then t...

Page 175: ...the specified port and some other port group Using undo am isolate command you can cancel the Layer 2 isolation on the port By default The isolation port pool is null and the packets are allowed to be forwarded between the specified port and all other ports on Layer 2 The port isolation is bidirectional Isolating the port itself does not make any sense Example Isolate Ethernet0 1 from Ethernet0 2 ...

Page 176: ...umber mac addr mac View System view Parameter interface name Specifies the port name in the interface name interface type interface number format interface type Specifies the port type interface number Specifies the port number For parameter description refer to the interface command mac MAC address ip IP address Description Using am user bind command you can bind port IP address and MAC address U...

Page 177: ...o 10 times Description Using display am command you can view the current access management configurations on part or all of the ports Example Display the access management configurations on Ethernet0 1 and Ethernet0 2 Quidway display am ethernet0 1 ethernet0 2 Ethernet0 1 Status disabled IP Pools NULL Isolate Ports Ethernet0 2 Ethernet0 2 Status disabled IP Pools NULL Isolate Ports Ethernet0 1 Tab...

Page 178: ... number format interface type Specifies the port type interface number Specifies the port number For parameter description refer to the interface command mac MAC address ip IP address Description Using display am user bind command you can view Port IP address and MAC address binding information Note that S3526E S3526C switches support this command Example Display binding information of Ethernet0 1...

Page 179: ...port isolate uplink port vlan Syntax port isolate uplink port vlan vlan id undo port isolate uplink port vlan vlan id View Ethernet port view Parameter vlan id ID of the VLAN to which the uplink port belongs ranging from 1 to 4094 Description Using the port isolate uplink port vlan command you can configure the port as an uplink port Using the undo port isolate uplink port vlan command you can can...

Page 180: ...idway S3500 Series Ethernet Switches Chapter 9 Access Management Configuration Commands Huawei Technologies Proprietary 9 8 Example Configure the port Ethernet1 0 1 as an uplink port Quidway Ethernet1 0 1 port isolate uplink port vlan 1 ...

Page 181: ...the forwarding information base The information includes destination address mask length next hop current flag timestamp and outbound interface Example Display the summary of the Forwarding Information Base Quidway display fib Destination Mask Nexthop Flag Interface 127 0 0 0 8 127 0 0 1 D InLoopBack0 Table 10 1 Description of the output information of the display fib command Field Description Fla...

Page 182: ... display icmp statistics Input bad formats 0 bad checksum 0 echo 5 destination unreachable 0 source quench 0 redirects 0 echo reply 10 parameter problem 0 timestamp 0 information request 0 mask requests 0 mask replies 0 time exceeded 0 Output echo 10 destination unreachable 0 source quench 0 redirects 0 echo reply 5 parameter problem 0 timestamp 0 information reply 0 mask requests 0 mask replies 0...

Page 183: ...on request packets mask requests Number of input output mask request packets mask replies Number of input output mask reply packets information reply Number of output information reply packets time exceeded Number of time exceeded packets 10 1 3 display ip socket Syntax display ip socket socktype sock type task id socket id View Any view Parameter sock type The type of a socket tcp 1 udp 2 raw ip ...

Page 184: ... 153 17 82 1121 sndbuf 8192 rcvbuf 8192 sb_cc 0 rb_cc 0 socket option SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE socket state SS_ISCONNECTED SS_PRIV SS_ASYNC Table 10 3 Output description of the display ip socket display Field Description SOCK_STREAM The socket type Task The ID of a task socketid The ID of a socket Proto The protocol number used by the socket sndbuf The sending buffer ...

Page 185: ...ment input 0 output 0 dropped 0 fragmented 0 couldn t fragment 0 Reassembling sum 0 timeouts 0 Table 10 4 Description of the output information of the display ip statistics command Field Description sum Sum of input packets local Number of received packets whose destination is the local device bad protocol Number of packets with wrong protocol number bad format Number of packets in bad format bad ...

Page 186: ...e Description Using display tcp statistics command you can view the statistics information about TCP packets The statistics information about TCP packets are divided into two major kinds which are Received packets and Sent packets And each kind of packets are further divided into different kinds such as window probe packets window update packets duplicate packets and out of order packets Some stat...

Page 187: ...ackets 0 Sent packets Total 665 urgent packets 0 control packets 5 including 1 RST window probe packets 0 window update packets 2 data packets 618 8770 bytes data packets retransmitted 0 0 bytes ACK only packets 40 28 delayed Retransmitted timeout 0 connections dropped in retransmitted timeout 0 Keepalive timeout 0 keepalive probe 0 keepalive timeout so connections disc onnected 0 Initiated connec...

Page 188: ...tcp status display Field Description Local Add port Local IP address local port Foreign Add port Remote IP address remote port State State of the TCP link 10 1 7 reset ip statistics Syntax reset ip statistics View User view Parameter None Description Using reset ip statistics command you can reset the IP statistics information For the related commands see display ip interface display ip statistics...

Page 189: ... value in second with the value ranging from 76 to 3600 By default 675 seconds Description Using tcp timer fin timeout command you can configure the TCP finwait timer Using undo tcp timer fin timeout command you can restore the default value of the TCP finwait timer When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2 the finwait timer is enabled If the switch does not receive FIN p...

Page 190: ...onse packet is not received For the related command see tcp timer fin timeout tcp window Example Configure the TCP synwait timer value as 80 seconds Quidway tcp timer syn timeout 80 10 1 11 tcp window Syntax tcp window window size undo tcp window View System view Parameter window size The size of the transmission and receiving buffers measured in kilobytes KB whose value ranges from 1 to 32 By def...

Page 191: ...Command Manual Network Protocol Quidway S3500 Series Ethernet Switches Chapter 10 IP Performance Configuration Commands Huawei Technologies Proprietary 10 11 Quidway tcp window 3 ...

Page 192: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Routing Protocol ...

Page 193: ...lay ip routing table statistics 1 12 1 1 9 display ip routing table verbose 1 13 1 2 Static Route Configuration Commands 1 15 1 2 1 ip route static 1 15 1 2 2 ip route static default preference 1 17 Chapter 2 RIP Configuration Commands 2 1 2 1 RIP Configuration Commands 2 1 2 1 1 checkzero 2 1 2 1 2 default cost 2 2 2 1 3 display rip 2 2 2 1 4 filter policy export 2 3 2 1 5 filter policy import 2 ...

Page 194: ...3 1 15 display ospf brief 3 12 3 1 16 display ospf cumulative 3 13 3 1 17 display ospf error 3 15 3 1 18 display ospf interface 3 18 3 1 19 display ospf lsdb 3 19 3 1 20 display ospf nexthop 3 21 3 1 21 display ospf peer 3 22 3 1 22 display ospf request queue 3 24 3 1 23 display ospf retrans queue 3 25 3 1 24 display ospf routing 3 26 3 1 25 display ospf vlink 3 27 3 1 26 filter policy export 3 28...

Page 195: ...8 debugging bgp 4 7 4 1 9 default local preference 4 8 4 1 10 default med 4 9 4 1 11 display bgp group 4 9 4 1 12 display bgp network 4 10 4 1 13 display bgp paths 4 11 4 1 14 display bgp peer 4 12 4 1 15 display bgp routing table 4 14 4 1 16 display bgp routing table as path acl 4 15 4 1 17 display bgp routing table cidr 4 17 4 1 18 display bgp routing table community 4 18 4 1 19 display bgp rout...

Page 196: ...only 4 39 4 1 47 peer reflect client 4 40 4 1 48 peer route policy 4 40 4 1 49 peer route update interval 4 41 4 1 50 peer timer 4 42 4 1 51 reflect between clients 4 42 4 1 52 reflector cluster id 4 43 4 1 53 refresh bgp 4 44 4 1 54 reset bgp 4 44 4 1 55 reset bgp dampening 4 45 4 1 56 reset bgp flap info 4 45 4 1 57 reset bgp group 4 46 4 1 58 summary automatic 4 46 4 1 59 timer 4 47 4 1 60 undo...

Page 197: ... 15 if match community 5 12 5 1 16 if match cost 5 12 5 1 17 if match interface 5 13 5 1 18 if match ip next hop 5 14 5 1 19 if match tag 5 15 5 1 20 ip ip prefix 5 15 5 1 21 route policy 5 16 Chapter 6 Route Capacity Configuration Commands 6 1 6 1 Route Capacity Configuration Commands 6 1 6 1 1 display memory 6 1 6 1 2 display memory limit 6 2 6 1 3 memory auto establish disable 6 3 6 1 4 memory ...

Page 198: ...y Commands of the Routing Table 1 1 1 display ip routing table Syntax display ip routing table View Any view Parameter None Description Using display ip routing table command you can view the routing table summary This command displays routing table information in summary form Each line represents one route The contents include destination address mask length protocol preference metric next hop an...

Page 199: ...isplay ip routing table acl Syntax display ip routing table acl acl number acl name verbose View Any view Parameter acl number the number of basic ACL ranging from 2000 to 2999 acl name the basic ACL name introduced via names verbose With the parameter this command displays the verbose information of both the active and inactive routes that passed filtering rules Without the parameter this command...

Page 200: ...e output information see Table 1 1 Display the verbose information of the active and inactive routes that are filtered through basic acl 2000 Quidway display ip routing table acl 2000 verbose Routes matched by access list 2000 Generate Default no Active Route Last Active Both Next hop in use Summary count 2 Destination 10 1 1 0 Mask 255 255 255 0 Protocol DIRECT Preference 0 NextHop 10 1 1 2 Inter...

Page 201: ...onfiguration Commands Huawei Technologies Proprietary 1 4 Field Description Protocol Routing protocol Preference Routing preference Nexthop Next hop address Interface Output interface through which the data packet destined for the destination network segment is sent Vlinkindex Virtual link index ...

Page 202: ...destination change For more details refer to the specific routing protocols Int The route is discovered by interior gateway protocol IGP NoAdvise The routing protocol does not redistribute NoAdvise route when it redistributes routes based on the policy NotInstall The routing protocol generally selects the route with the highest precedence from its routing table then places it in its core routing t...

Page 203: ...ecified destination address With different parameters the output of command is different The following is the output description for different forms of this command z display ip routing table ip_address If destination address ip_address has corresponding route in natural mask range this command will display all subnet routes or only the route best matching the destination address ip_address is dis...

Page 204: ...tocol Static Preference 60 NextHop 2 1 1 1 Interface 2 1 1 1 LoopBack1 Vlinkindex 0 State Int ActiveU Static Unicast Age 3 47 Cost 0 0 Destination 169 0 0 0 Mask 255 254 0 0 Protocol Static Preference 60 NextHop 2 1 1 1 Interface 2 1 1 1 LoopBack1 Vlinkindex 0 State Int ActiveU Static Unicast Age 3 47 Cost 0 0 There are no corresponding routes in the natural mask range only displaying the longest ...

Page 205: ...the end mask1 mask2 IP address mask length in dotted decimal notation or integer form It ranges from 0 to 32 when it is presented in integer verbose With the verbose parameter this command displays the verbose information of both the active and inactive routes Without the parameter this command only displays the summary of active routes Description Using display ip routing table ip_address1 ip_add...

Page 206: ...efix list this command will display the verbose information of all active and inactive routes with the parameter verbose and it will display the summary of all active routes without the parameter verbose Example Display the summary of the active route that is filtered ip prefix list abc2 Quidway ip ip prefix abc2 permit 10 1 1 0 24 less equal 32 Quidway display ip routing table ip prefix abc2 Rout...

Page 207: ...rotocol protocol inactive verbose View Any view Parameter inactive With the parameter this command displays the inactive route information Without the parameter this command displays the active and inactive route information verbose With the verbose parameter this command displays the verbose route information Without the parameter this command displays the route summary protocol the parameter has...

Page 208: ...1 102 1 1 1 32 DIRECT 0 0 127 0 0 1 InLoopBack0 127 0 0 0 8 DIRECT 0 0 127 0 0 1 InLoopBack0 127 0 0 1 32 DIRECT 0 0 127 0 0 1 InLoopBack0 DIRECT Routing table status inactive Summary count 1 Destination Mask Protocol Pre Cost Nexthop Interface 100 100 1 1 32 DIRECT 0 0 100 100 1 1 LoopBack0 View the static routing table Quidway display ip routing table protocol static STATIC Routing tables Summar...

Page 209: ...e 1 3 Description of information generated by the command display ip routing table radix Field Description INET Address suite inodes Number of nodes routes Number of routes 1 1 8 display ip routing table statistics Syntax display ip routing table statistics View Any view Parameter None Description Using display ip routing table statistics command you can view the statistics of routing information ...

Page 210: ... 0 0 O_ASE 0 0 0 0 0 O_NSSA 0 0 0 0 0 AGGRE 0 0 0 0 0 Total 4 4 4 0 0 Table 1 4 Description of information generated by the command display ip routing table statistics Field Description Proto Routing protocol route Number of routes active Number of active routes added Number of added routes after the router is rebooted or the routing table is cleared last time deleted Number of deleted routes such...

Page 211: ...le information Quidway display ip routing table verbose Routing Tables Generate Default no Active Route Last Active Both Next hop in use Destinations 4 Routes 4 Holddown 0 Delete 0 Hidden 0 Destination 10 153 25 0 Mask 255 255 255 0 Protocol DIRECT Preference 0 NextHop 10 153 25 200 Interface 10 153 25 200 Vlan interface1 State Int ActiveU Retain Unicast Age 33 42 Cost 0 0 Destination 10 153 25 20...

Page 212: ...p address mask mask length interface name gateway address preference preference value reject blackhole undo ip route static ip address mask mask length interface name gateway address preference preference value View system view Parameter ip address Destination IP address in dotted decimal notation mask Mask mask length Mask length Since 1 s in the 32 bit mask are required to be consecutive the mas...

Page 213: ...tant applications All the following routes are static routes z Reachable route A normal route is of this type That is the IP packet is sent to the next hop via the route marked by the destination It is a common type of static routes z Unreachable route When a static route to a destination has the reject attribute all the IP packets to this destination will be discarded and the originating host wil...

Page 214: ...of static routes which will be the preference value of the static route if its preference is not specified when configured Its default value is 60 Description Using ip route static default preference command you can configure the default preference value of static routes Using undo ip route static default preference command you can restore the default value A static route s preference will be the ...

Page 215: ...heckzero undo checkzero View RIP view Parameter None Description Using checkzero command you can check the zero field of RIP 1 packet Using undo checkzero command you can disable the checking of the zero fields By default RIP 1 performs the zero field checking According to the protocol RFC1058 specifications some fields in RIP 1 packets must be zero called zero fields With the checkzero command th...

Page 216: ... default value If no specific routing cost is specified when importing the route of another routing protocol with the import route command the importing will be performed with the default routing cost specified with the default cost command For the related commands see import route Example Set the default routing cost of the imported route of another routing protocol to 3 Quidway rip default cost ...

Page 217: ...er No destination address of a transmission is specified Network 10 0 0 0 Enable RIP on network segment 10 0 0 0 2 1 4 filter policy export Syntax filter policy acl number ip prefix ip prefix name route policy route policy name export routing protocol undo filter policy acl number ip prefix ip prefix name route policy route policy name export routing protocol View RIP view Parameter acl number Acc...

Page 218: ...ertised Only the routing information passing the filtration can be advertised For the related commands see acl filter policy import ip ip prefix Example Filter the advertised route information according to ACL 2000 Quidway rip filter policy 2000 export 2 1 5 filter policy import Syntax filter policy gateway ip prefix name import undo filter policy gateway ip prefix name import filter policy acl nu...

Page 219: ...g to the received global routing information Using undo filter policy import command you can disable filtering to the received global routing information By default RIP does not filter the received routing information For the related commands see acl filter policy export ip ip prefix Example Configure the filtering of the global routing information according to acl 2000 Quidway rip filter policy 2...

Page 220: ...her protocols into RIP Using undo import route command you can cancel the routes imported from other protocols By default RIP does not import any other route The import route command is used to import the route of another protocol by using a certain cost value RIP regards the imported route as its own route and transmits it with the specified cost value This command can greatly enhance the RIP cap...

Page 221: ...fied network segment RIP won t receive or forward route on interfaces of non specified network segments The undo network command is similar to the undo rip work command in terms of function But they are not identical Their similarity is that the interface using either command will not receive transmit RIP routes The difference between them is that in the case of undo rip work other interfaces will...

Page 222: ...ination address of the peer device Using undo peer command you can cancel the set destination address By default do not send RIP packet to any destination RIP exchanges routing information with non broadcasting networks in unicast view This command specifies the sending destination address to fit some non broadcast networks Usually it is not recommended to use this command Example Specify the send...

Page 223: ...ng policy The preference will finally determine the routing algorithm to obtain the optimal route in the IP routing table This command can be used to modify the RIP preference manually Example Specify the RIP preference as 20 Quidway rip preference 20 2 1 11 reset Syntax reset View RIP view Parameter None Description Using reset command you can reset the system configuration parameters of RIP When...

Page 224: ...o the interfaces is not restricted by enabling disabling RIP Note Note that the interface parameters configured previously would be invalid when RIP is disabled Example Enable the RIP and enter the RIP view Quidway rip Quidway rip 2 1 13 rip authentication mode Syntax rip authentication mode simple password md5 type usual nonstandard key id key id key string key string undo rip authentication mode...

Page 225: ...ancel the RIP 2 authentication RIP 1 does not support authentication There are two RIP authentication modes simple authentication and MD5 cipher text authentication for RIP 2 When MD5 cipher text authentication mode is used there are two types of packet formats One of them is that described in RFC 1723 which was brought forward earlier The other format is the one described specially in RFC 2082 Th...

Page 226: ... control the receipt and the transmission of RIP packets respectively on an interface The former command equals the functional combination of the latter two commands For the related commands see rip output rip work Example Specify Vlan interface 1 not to receive RIP packets Quidway Vlan interface1 undo rip input 2 1 15 rip metricin Syntax rip metricin value undo rip metricin View Interface view Pa...

Page 227: ...ditional route metric added when transmitting a packet ranging from 1 to 16 By default the value is 1 Description Using rip metricout command you can configure the additional route metric to the route when an interface transmits RIP packets Using undo rip metricout command you can restore the default value of this additional route metric For the related commands see rip metricin Example Set the ad...

Page 228: ...y on an interface The former command equals the functional combination of the latter two commands For the related commands see rip input rip work Example Disable the interface Vlan interface 1 to transmit RIP packets Quidway interface Vlan interface 1 Quidway Vlan interface1 undo rip output 2 1 18 rip split horizon Syntax rip split horizon undo rip split horizon View Interface view Parameter None ...

Page 229: ... interface Using undo rip version command you can restore the default value of RIP packet version on the interface By default the interface RIP version is RIP 1 RIP 1 transmits packets in broadcast mode while RIP 2 transmits packets in multicast mode by default When running RIP 1 the interface only receives and transmits RIP 1 broadcast packets and receives RIP 2 broadcast packets but does not rec...

Page 230: ...ing undo rip work command you can disable the running of RIP on an interface By default RIP is run on an interface This command is used in cooperation with rip input rip output and network commands Refer to the usage guideline of the related commands For the related commands see network rip input rip output Example Disable the interface Vlan interface 1 to run the RIP Quidway interface Vlan interf...

Page 231: ...raffic on the network as well as to reduce the size of the routing table RIP 1 does not support subnet mask Forwarding subnet route may cause ambiguity Therefore RIP 1 uses route summarization all the time If RIP 2 is used route summarization function can be disabled with the undo summary command when it is necessary to broadcast the subnet route For the related commands see rip version Example Se...

Page 232: ... OSPF Area view Parameter ip address Network segment address mask Network mask advertise Advertise only the summarized route not advertise Do not advertise routes matching the specified IP address and mask Description Using abr summary command you can configure the route aggregation on the area border router Using undo abr summary command you can disable the function of route aggregation on the ar...

Page 233: ... 66 48 120 0 0 0 0 255 Quidway ospf area 0 0 0 1 abr summary 66 48 0 0 255 255 0 0 3 1 2 area Syntax area area id undo area area id View OSPF view Parameter area id ID of the OSPF area which can be a decimal integer or in IP address format Description Using area command you can enter OSPF Area view Using undo area command you can cancel the designated area Example Enter OSPF Area 0 view Quidway os...

Page 234: ...R this command summarizes the imported Type 5 LSAs in the summary address range When NSSA is configured this command will also summarize the imported Type 7 LSAs in the summary address range If the local router acts as both an ABR and a router in the NSSA this command summarizes Type 5 LSAs transformed from Type 7 LSAs If the router is not the router in the NSSA the summarization is disabled For t...

Page 235: ...ntication mode Example Specify the OSPF area 0 to support MD5 cipher text authentication Quidway ospf area 0 Quidway ospf area 0 0 0 0 authentication mode md5 3 1 5 default cost Syntax default cost value undo default cost View OSPF view Parameter value Default routing cost of external route imported by OSPF ranging from 0 to 16777214 By default its value is 1 Description Using default cost command...

Page 236: ...outes Using undo default interval command you can restore the default value of the default interval of redistributing external routes Because OSPF can import the external routing information and broadcast it to the entire autonomous system and importing routes too often will greatly affect the performances of the device it is necessary to specify the default interval for the protocol to import ext...

Page 237: ... as 200 Quidway ospf default limit 200 3 1 8 default tag Syntax default tag tag undo default tag View OSPF view Parameter tag Default tag ranging from 0 to 4294967295 Description Using default tag command you can configure the default tag of OSPF when it redistributes an external route Using undo default tag command you can restore the default tag of OSPF when it redistributes the external route W...

Page 238: ...efault type when OSPF redistributes external routes By default the external routes of type 2 are imported OSPF specifies the two types of external routing information The command described in this section can be used to specify the default type when external routes are imported For the related commands see default tag Example Specify the default type as type 1 when OSPF imports an external route Q...

Page 239: ...oute advertise always cost value type type value route policy route policy name undo default route advertise always cost type route policy View OSPF view Parameter always The parameter will generate an ase lsa which describes the default route and advertise it if the local router is not configured with the default route If this parameter is not set the local router cannot import the ase lsa which ...

Page 240: ...ate default route For the related commands see import route Example If local route has no default route the ase lsa of default route will be generated otherwise it won t be generated Quidway ospf default route advertise The ase lsa of default route will be generated and advertised to OSPF route area even the local router has no default route Quidway ospf default route advertise always 3 1 12 displ...

Page 241: ...tra i Inter A ASBR B ABR S SumASBR Destination Area Cost Nexthop Interface IA 2 2 2 2 0 0 0 0 10 10 153 17 89 Vlan interface1 Table 3 1 Description of information generated by the command display ospf abr asbr Field Description Destination Router ID of the ABR or ASBR Area Area where the router is connected with ASBR Cost The routing overhead value of the route Nexthop Nexthop address to the desti...

Page 242: ...imported routes Quidway display ospf asbr summary Total summary address count 2 Summary Address net 168 10 0 0 mask 255 254 0 0 tag 1 status Advertise The Count of Route is 0 Summary Address net 1 1 0 0 mask 255 255 0 0 tag 100 status DoNotAdvertise The Count of Route is 0 Table 3 2 Description of information generated by the command display ospf asbr summary Field Description net Destination netw...

Page 243: ...xternal 150 Default ASE parameters Metric 1 Tag 0 0 0 1 Type 2 SPF computation count 16 Area Count 1 Nssa Area Count 0 Area 0 0 0 0 Authtype none Flags SPF scheduled Interface 201 1 1 4 Vlan interface1 Cost 1 State DR Type Broadcast Priority 1 Designated Router 201 1 1 4 Backup Designated Router 201 1 1 3 Timers Hello 10 Dead 40 Poll 0 Retransmit 5 Transmit Delay 1 Table 3 3 Description of informa...

Page 244: ...PF computation count since OSPF is enabled Area Count Areas for connection to this router Nssa Area Count Number of NSSA areas SPF scheduled SPF scheduled flag Interface Interface name belonging to this area Cost Cost of routes State State information Type Network type of OSPF interface Priority Priority Designated Router IP address of designated router DR Backup Designated Router IP address of ba...

Page 245: ... State Update 6 7 Link State Ack 6 5 ASE 3 Checksum Sum 195FC LSAs originated by this router Router 11 Net 2 SumNet 5 SumASB 3 ASE 2 LSAs Originated 23 LSAs Received 5 Area 0 0 0 0 Neighbors 1 Interfaces 1 Spf 4 Checksum Sum 19260 rtr 2 net 1 sumasb 0 sumnet 1 Area 0 0 0 1 Neighbors 0 Interfaces 1 Spf 4 Checksum Sum DFC0 rtr 1 net 0 sumasb 1 sumnet 1 Routing Table Intra Area 2 Inter Area 0 ASE 0 T...

Page 246: ...hbors Number of neighbors in this area Interfaces Number of interfaces in this area Spf Number of SPF computation count in this area Area rtr net sumasb sumnet Number of all LSAs in this area Intra Area Number of intra area routes Inter Area Number of inter area routes Routing Table ASE Number of external routes 3 1 17 display ospf error Syntax display ospf error View Any view Parameter None Descr...

Page 247: ...LS REQ empty request 0 LS REQ wrong request 0 LS UPD neighbor state low 0 LS UPD newer self generate LSA 0 LS UPD LSA checksum bad 0 LS UPD received less recent LSA 0 LS UPD unknown LSA type 0 OSPF routing next hop not exist 0 DD MTU option mismatch Table 3 5 Description of information generated by the command display ospf error Field Description IP received my own packet Received my own packet OS...

Page 248: ...t LS ACK packet asynchronous neighbor state LS ACK wrong ack Link state acknowledgment packet ack error LS ACK duplicate ack Link state acknowledgment packet ack duplication LS ACK unknown LSA type Link state acknowledgment packet unknown LSA type LS REQ neighbor state low Link state request LS REQ packet LS REQ empty request Link state request packet empty request LS REQ wrong request Link state ...

Page 249: ...Vlan interface1 Cost 1 State BackupDR Type Broadcast Priority 1 Designated Router 10 110 10 1 Backup Designated Router 10 110 10 2 Timers Hello 10 Dead 40 Poll 0 Retransmit 5 Transmit Delay 1 Table 3 6 Description of information generated by the command display ospf interface Field Description Cost Cost of the interface State State of the interface state machine Type Network type of OSPF Priority ...

Page 250: ...he database information of Network LSA nssa View the database information of NSSA external LSA router View the database information of Router LSA summary View the database information of Summary Net LSA ip address Link state ID in IP address format originate router ip address View the database information of the LSA generator self originate View the database information of self originated LSA Desc...

Page 251: ...153 18 0 1 1 1 1 1006 36 80000002 1 Ase List ASE 10 153 16 0 2 2 2 2 798 36 80000002 1 Uninitialized ASE 10 153 17 0 2 2 2 2 623 36 80000003 1 Uninitialized ASE 10 153 17 0 1 1 1 1 1188 36 80000002 1 Ase List Table 3 7 Description of information generated by the command display ospf lsdb Field Description Type Type of the LSA LinkStateID Link state ID of the LSA AdvRouter Router ID of the router o...

Page 252: ...of the router originating the LSA ls age Age of the LSA len Length of the LSA seq Sequence number of the LSA chksum Checksum of the LSA Options Options of the LSA Net mask Network mask E type Type of external route Forwarding Address Forwarding address Tag Tag 3 1 20 display ospf nexthop Syntax display ospf nexthop View Any view Parameter None Description Using display ospf nexthop command you can...

Page 253: ...s using the next hop Intf Addr IP address of the interface to the next hop Intf Name The interface to the next hop 3 1 21 display ospf peer Syntax display ospf peer brief View Any view Parameter None Description Using display ospf peer command you can view the information about OSPF peer Using display ospf peer brief command you can view the brief information of every peer in OSPF mainly the peer ...

Page 254: ...val the peer will be considered to be invalid Neighbor has been up for 01 14 14 Time of neighbor connection View the brief information of every peer Quidway display ospf peer brief Neighbor Statistics Area ID Down Attempt Init 2 Way ExStart Exchange Loading Full Total 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 1 0 0 0 0 0 0 0 1 1 Total 0 0 0 0 0 0 0 2 2 Table 3 11 Description of information generated by the ...

Page 255: ...hange It indicates that OSPF router sends DD packet to its neighbor routers to exchange link state information Loading In this state OSPF router requests neighbor routers based on the updated link state information from neighbor routers and its expired information and waits for response from neighbor routers Full It indicates that database synchronization between the routers that have established ...

Page 256: ...1 1 1 3 Link State ID of the LSA AdvRouter Router ID of the router originating the LSA Sequence Sequence number of the LSA used to discover old and repeated LSAs Age Age of the LSA 3 1 23 display ospf retrans queue Syntax display ospf retrans queue View Any view Parameter None Description Using display ospf retrans queue command you can view the information about the OSPF retransmission queue Exam...

Page 257: ...Address of the interface on the network segment Area Area number of OSPF Type Type of the LSA LSID Link State ID of the LSA AdvRouter Router ID of the router originating the LSA 3 1 24 display ospf routing Syntax display ospf routing View Any view Parameter None Description Using display ospf routing command you can view the information about OSPF routing table Example View the routing information...

Page 258: ...uter advertising the route Area Area ID Intra Area Number of intra area routes Inter Area Number of inter area routes ASE Number of external routes NSSA Number of NSSA routes 3 1 25 display ospf vlink Syntax display ospf vlink View Any view Parameter None Description Using display ospf vlink command you can view the information about OSPF virtual links Example View OSPF virtual links information Q...

Page 259: ...ead neighbors Poll Interval of poll Timers Retransmit Interval of retransmitting LSA Transmit Delay Delay time of transmitting LSA 3 1 26 filter policy export Syntax filter policy acl number ip prefix ip prefix name export routing protocol undo filter policy acl number ip prefix ip prefix name export routing protocol View OSPF view Parameter acl number Access control list number ip prefix name Nam...

Page 260: ...lter policy acl number ip prefix ip prefix name gateway ip prefix name import View OSPF view Parameter acl number Access control list number used for filtering the destination addresses of the routing information ip prefix name Name of address prefix list used for filtering the destination addresses of the routing information gateway ip prefix name Name of address prefix list used for filtering th...

Page 261: ...rce routing protocol that can be imported At present it includes direct rip bgp and static cost value Specify the cost of imported route type value Specify the cost type of imported external routes The value ranges from 1 to 2 The default value is 2 tag value Specify the value of tag for imported external routes route policy route policy name Configure only to import the routes matching the specif...

Page 262: ...to which the interface belongs Using undo network command you can cancel the interface running OSPF By default the interface does not belong to any area With the two parameters ip address and ip mask one or more interfaces can be configured as an area To run the OSPF protocol on one interface the master IP address of this interface must be in the range of the network segment specified by this comm...

Page 263: ...nction By default NSSA area is not configured For all the routers connected to the NSSA area the command nssa must be used to configure the area as the NSSA attribute The default route advertise parameter is used to generate default type 7 LSA No matter whether there is route 0 0 0 0 in routing table on ABR type 7 LSA default route will be generated always Only when there is route 0 0 0 0 in routi...

Page 264: ...tocol Quidway router id 10 110 1 8 Quidway ospf Quidway ospf 3 1 32 ospf authentication mode Syntax ospf authentication mode simple password md5 key id key undo ospf authentication mode simple md5 View Interface view Parameter simple password Character string not exceeding 8 characters using plain text authentication key id ID of the authentication key in MD5 authentication mode in the range from ...

Page 265: ...e Set the area 1 where the network segment 131 119 0 0 of Interface Vlan interface 1 is located to support MD5 cipher text authentication The authentication key identifier is set to 15 and the authentication key is Huawei Quidway ospf area 1 Quidway ospf area 0 0 0 1 network 131 119 0 0 0 0 255 255 Quidway ospf area 0 0 0 1 authentication mode md5 Quidway Vlan interface1 ospf authentication mode m...

Page 266: ... ospf dr priority command you can configure the priority for electing the designated router on an interface Using undo ospf dr priority command you can restore the default value The priority of the interface determines the qualification of the interface when the designated router is elected The interface with higher priority will be considered first when the vote collision occurs Example Set the p...

Page 267: ... when sending DD packets i e the actual MTU value of the interface is written in Example Set interface Vlan interface 3 to write MTU value area when sending DD packets Quidway interface Vlan interface 3 Quidway Vlan interface3 ospf mtu enable 3 1 36 ospf network type Syntax ospf network type broadcast nbma p2mp p2p undo ospf network type View Interface view Parameter broadcast Change the interface...

Page 268: ...specify the interval of sending polling hello packets before the adjacency of the neighboring routers is formed Configure the interface type to nonbroadcast on a broadcast network without multi access capability Configure the interface type to p2mp if not all the routers are directly accessible on an NBMA network Change the interface type to p2p if the router has only one peer on the NBMA network ...

Page 269: ... Hello seconds The dead seconds for the routers on the same network segment must be identical For the related commands see ospf timer hello Example Set the peer dead on the interface Vlan interface 1 to 80 seconds Quidway interface Vlan interface 1 Quidway Vlan interface1 ospf timer dead 80 3 1 38 ospf timer hello Syntax ospf timer hello seconds undo ospf timer hello View Interface view Parameter ...

Page 270: ... Description Using ospf timer poll command you can configure the poll Hello packet interval on NBMA and p2mp network Using undo ospf timer poll command you can restore the default poll interval On the NBMA and p2mp network if a neighbor is invalid the Hello packet will be transmitted regularly according to the poll seconds You can configure the poll seconds to specify how often the interface trans...

Page 271: ...the peer within the LSA retransmit this LSA will be re transmitted This command can change the interval of re transmitting LSA However according to RFC2328 the LSA retransmit between adjacent routers should not be set too short Otherwise unexpected re transmission will be caused Example Specify the retransmit for LSA transmitting between the interface Vlan interface 1 and the adjacent routers to 1...

Page 272: ...e Vlan interface 1 Quidway Vlan interface1 ospf trans delay 3 3 1 42 peer Syntax peer ip address dr priority dr priority number undo peer ip address View OSPF view Parameter ip address IP address of the neighboring point dr priority number Priority value represents the corresponding priority value of the network neighbor The range is from 0 to 255 The default value is 1 Description Using peer comm...

Page 273: ...dynamic routing protocols could be running on a router there is the problem of routing information sharing among routing protocols and selection Therefore a default preference is specified for each routing protocol When a route is identified by different protocols the protocol with a high preference will play a decisive role Example Specify the preference of an imported external route of the AS as...

Page 274: ...ommand you can cancel the router ID that has been set By default if the LoopBack interface address exists the system chooses the LoopBack address with the greatest IP address value as the router ID if no LoopBack interface configured then the address of the physical interface with the greatest IP address value will be the router ID Router ID is a 32 bit unsigned integer that uniquely identifies a ...

Page 275: ...ter silent interface type Specify the interface type silent interface number Specify the interface number Description Using silent interface command you can disable an interface to transmit OSPF packet Using undo silent interface command you can restore the default setting By default the interface is enabled to transmit OSPF packet You can use this command to disable an interface to transmit OSPF ...

Page 276: ...s ID of OSPF The command is applied to all current OSPF processes if you do not specify a process ID ifstatechange virifstatechange nbrstatechange virnbrstatechange ifcfgerror virifcfgerror ifauthfail virifauthfail ifrxbadpkt virifrxbadpkt txretransmit viriftxretransmit originatelsa maxagelsa lsdboverflow lsdbapproachoverflow Types of TRAP packets that the switch produces in case of OSPF anomalies...

Page 277: ...schedule interval command you can restore the default setting According to the Link State Database LSDB the router running OSPF can calculate the shortest path tree taking itself as the root and determine the next hop to the destination network according to the shortest path tree By adjusting SPF calculation interval network frequently changing can be restrained which may lead to that too many ban...

Page 278: ...w Parameter route id Router ID of virtual link peer hello seconds Interval that router transmits hello packet It ranges from 1 to 8192 seconds This value must equal the hello seconds value of the router virtually linked to the interface The default value is 10 seconds retransmit seconds Specify the interval for re transmitting the LSA packets on an interface It ranges from 1 to 8192 seconds The de...

Page 279: ...command you can create and configure a virtual link Using undo vlink peer command you can cancel an existing virtual link According to RFC2328 the OSPF area should be connected with the backbone network You can use vlink peer command to keep the connectivity Virtual link can be regarded as a common interface that uses OSPF so that you can easily understand why to configure the parameters such as h...

Page 280: ...cribed in the other parts of the manual 4 1 BGP Configuration Commands Note For the commands defining routing policies in BGP refer to the Routing Policy of the next chapter 4 1 1 aggregate Syntax aggregate address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name undo aggregate address mask as set attribute policy ro...

Page 281: ...yword carefully when many AS paths need to be aggregated for the frequent change of routes may lead to route vibration detail suppressed This keyword does not establish any aggregated route but it restrains the advertisement of all the specific routes If only some specific routes are to be restrained use the peer filter policy command carefully suppress policy Create an aggregated route with this ...

Page 282: ...fferent as med Syntax compare different as med undo compare different as med View BGP view Parameter None Description Using compare different as med command you can enable comparison of MED values from different AS neighboring routes when determining the best route Using undo compare different as med command you can disable the comparison By default it is disabled to compare the MED attribute valu...

Page 283: ...on is first dividing the AS domain into several smaller sub ASs and each sub ASs remains full connected These sub ASs form a confederation Key BGP attributes of the route such as next hop MED local preference are not discarded across each sub ASs The sub ASs still look like a whole from the point of view of a confederation although these sub ASs have EBGP relations This can assure the integrality ...

Page 284: ...nstandard command you can configure the router to be compatible with routers not following RFC1965 Using undo confederation nonstandard command you can disable this function By default it is in accordance with RFC1965 For the related commands see confederation id confederation peer as Example AS100 contains routers following nonstandard which is composed of two sub ASs 64000 and 65000 Quidway bgp ...

Page 285: ... confederation and each AS uses fully meshed network The confederation appears as a single AS to the routers outside it For the related commands see confederation nonstandard confederation id Example Configure the confederation contains AS 2001 and 2002 Quidway bgp confederation peer as 2000 2001 4 1 7 dampening Syntax dampening half life reachable half life unreachable reuse suppress ceiling rout...

Page 286: ...mands see reset bgp dampening reset bgp flap info display bgp routing table dampened display bgp routing table flap info Example Quidway bgp dampening 15 15 1000 2000 10000 4 1 8 debugging bgp Syntax debugging bgp all event normal keepalive open packet route refresh update receive send verbose undo debugging bgp all event normal keepalive open packet route refresh update View User view Parameter a...

Page 287: ...ugging bgp command you can disable the debugging functions Example Enable the information debugging of BGP packets Quidway debugging bgp packet 4 1 9 default local preference Syntax default local preference value undo default local preference View BGP view Parameter value Default local preference to be configured The range is 0 to 4294967295 By default its value is 100 Description Using default lo...

Page 288: ...value MED value to be specified The range is 0 to 4294967295 By default the med value is 0 Description Using default med command you can configure the default system metric Using undo default med command you can restore the default metric of the system In the case that all other conditions are the same the system first selects the route with the smaller MED value as the external route of the auton...

Page 289: ... policy filter policy no export policy acl no export policy ip prefix no import policy route policy no import policy filter policy no import policy acl no import policy ip prefix no default route produce Table 4 2 Description of information generated by the command display bgp group Field Description Group Name of peer group type Type of peer group IBGP or EBGP as number AS number of peer group me...

Page 290: ...en configured Quidway display bgp network Network Mask Route policy 133 1 1 0 255 255 255 0 None 112 1 0 0 255 255 0 0 None Table 4 3 Description of information generated by the command display bgp network Field Description Network Network address Mask Mask Route policy Configured route policy 4 1 13 display bgp paths Syntax display bgp paths as regular expression View Any view Parameter as regula...

Page 291: ...e updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway protocol EGP Origin INC Short for INCOMPLETE indicates that the original source of the route information is u...

Page 292: ...xport policy ip prefix no export policy filter policy no export policy acl no import policy route policy no import policy ip prefix no import policy filter policy no import policy acl no default route produce Table 4 5 Description of information generated by the command display bgp peer verbose Field Description Peer IP address of peer and port number used by the peer to establish TCP connection L...

Page 293: ...g table command you can view all the BGP routing information Example Display all the BGP routing information Quidway display bgp routing table Flags valid best D damped H history I internal S aggregate suppressed Dest Mask Next hop Med Local pref Origin As path 129 1 1 0 24 5 5 5 5 IGP 600 129 1 2 0 24 5 5 5 5 IGP 600 129 1 3 0 24 5 5 5 5 IGP 600 129 1 4 0 24 5 5 5 5 IGP 600 129 1 5 0 24 5 5 5 5 I...

Page 294: ...es that the route updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway protocol EGP Origin INC Short for INCOMPLETE indicates that the original source of the route ...

Page 295: ...Mask Pref Next Hop Med Local pref Origin As path 1 1 1 0 24 256 10 10 10 1 0 IGP 200 1 1 2 0 24 256 10 10 10 1 0 IGP 200 1 1 3 0 24 256 10 10 10 1 0 IGP 200 2 2 3 0 24 256 10 10 10 1 0 INC 200 4 4 4 0 24 256 10 10 10 1 0 INC 200 9 9 9 0 24 256 10 10 10 1 0 INC 200 10 10 10 0 24 256 10 10 10 1 0 IGP 200 22 1 0 0 16 256 200 1 7 2 100 INC 200 88 1 0 0 16 60 0 0 0 0 IGP Table 4 7 Description of inform...

Page 296: ...on is unknown learned by other methods BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE As path AS path attribute of route which records all AS areas that the route passes With it route loop can be avoided 4 1 17 display bgp routing table cidr Syntax display bgp routing table cidr View Any view Parameter None Description Using display bgp routing table cidr comma...

Page 297: ...ther sub ASs whole match Configure to display the exactly matched routes Description Using display bgp routing table community command you can view the routing information related to the specified BGP community number in the routing table Example Display the routing information matching BGP community number 11 22 Quidway display bgp routing table community 11 22 Flags valid best D damped H history...

Page 298: ...g BGP community list 1 Quidway display bgp routing table community list 1 Flags valid best D damped H history I internal S aggregate suppressed Destination Mask Pref Next hop Med Local Pref Origin As Path 1 1 1 0 24 256 10 10 10 1 0 IGP 200 1 1 2 0 24 256 10 10 10 1 0 IGP 200 1 1 3 0 24 256 10 10 10 1 0 IGP 200 2 2 3 0 24 256 10 10 10 1 0 INC 200 4 4 4 0 24 256 10 10 10 1 0 INC 200 9 9 9 0 24 256 ...

Page 299: ...ry history I internal interior gateway protocol S aggregate suppressed suppressed D The valid and damped route Dest Mask The dampened route to the destination network 11 1 0 0 Source The nexthop of the route Damping li mit The time before dampening turns invalid and the route can be reused Origin attribute of route which indicates that the route updates its origin relative to the route originating...

Page 300: ...erent origin as command you can view routes that have different source autonomous systems Example View the routes that have different source ASs Quidway display bgp routing table different origin as Flags valid best D damped H history I internal S aggregate suppressed Destination Mask Pref Next hop Med Local Pref Origin As Path 10 10 10 0 24 0 10 10 10 2 0 IGP 10 10 10 0 24 256 10 10 10 1 0 IGP 20...

Page 301: ...ap info Quidway display bgp routing table flap info Flags valid best D damped H history I internal S aggregate suppressed Dest Mask Source Keepup time Damping limit Flap times Origin As path D 11 1 0 0 16 133 1 1 2 48 1 20 30 4 IGP 200 Table 4 9 Description of information generated by the command display bgp routing table flap info Item Description Flags State flags valid valid best selected D dam...

Page 302: ...GP protocols as INCOMPLETE As path AS path attribute of route which records all AS areas that the route passes With it route loop can be avoided 4 1 23 display bgp routing table peer Syntax display bgp routing table peer peer address advertised received network address mask statistic View Any view Parameter peer address Specifies the peer to be displayed advertised Routing information advertised b...

Page 303: ...ion Description Using display bgp routing table regular expression command you can view the routing information matching the specified AS regular expression Example Display the routing information matched with 200 Quidway display bgp routing table regular expression 200 Flags valid best D damped H history I internal S aggregate suppressed Destination Mask Pref Next hop Med Local Pref Origin Path 1...

Page 304: ... filter can be advertised by BGP Using undo filter policy export command you can cancel the filtration to the advertised routes By default filtration to the received routing information is not configured If the parameter protocol is specified only the imported route generated by the specified protocol is filtered and the imported routes generated by other protocols are not affected If the paramete...

Page 305: ... information By default filtration to the received routing information is not configured This command can be used to filter the routes received by BGP and determines whether to add the routes to the BGP routing table Example Use ACL 2000 to filter the routing information received by BGP Quidway bgp filter policy 2000 import 4 1 27 group Syntax group group name undo group group name View BGP view P...

Page 306: ...rip and static at present med med value Specify the MED value loaded by a redistributes route ranging from 0 to 4294967295 route policy route policy name Specify a route policy Description Using import route command you can import routes of other protocols Using undo import route command you can cancel redistributing routes of other protocols By default BGP does not import routes of other protocol...

Page 307: ...nn internet no export subconfed no advertise no export ip community list adv comm list number permit deny as regular expression undo ip community list basic comm list number adv comm list number View System view Parameter basic comm list number Number of the basic community list ranging from 1 to 99 adv comm list number Number of the advanced community list ranging from 100 to 199 permit Permit th...

Page 308: ...n Quidway ip community list 6 permit no export subconfed 4 1 31 network Syntax network ip address address mask route policy route policy name undo network ip address address mask route policy route policy name View BGP view Parameter ip address Network address that BGP advertises address mask Mask of the network address route policy name Route policy applied to advertised routes Description Using ...

Page 309: ...For the related commands see if match community list apply community Example Transmit community attribute to the peer group name test Quidway bgp peer test advertise community 4 1 33 peer allow as loop Syntax peer group name peer address allow as loop number undo peer group name peer address allow as loop View BGP view Parameter group name Specify name of the peer group peer address Specify IP add...

Page 310: ...s number The AS number of the peer peer group the range is 1 to 65535 Description Using peer as number command you can configure the AS number of peer group peer Using undo peer as number command you can delete the AS number of peer group peer By default no peer group peer and AS number are configured Example Specify the peer AS number for the peer test as 100 Quidway bgp peer test as number 100 4...

Page 311: ...L of the peer group test Quidway bgp peer test as path acl 3 export 4 1 36 peer connect interface Syntax peer group name peer address connect interface interface name undo peer group name peer address connect interface interface name View BGP view Parameter group name Specified peer group peer address IP address of the peer interface name Interface name Description Using peer connect interface com...

Page 312: ...Description Using peer default route advertise command you can configure a peer peer group to generate a default route for a peer Using undo peer default route advertise command you can cancel the existing configuration By default a peer peer group does not import the default route For this command no default route needs to exist in the routing table A default route is sent unconditionally to a pe...

Page 313: ...commands see display current configuration display bgp routing table peer display bgp routing table group Example Configure the description information of the peer whose name is group1 as beijing1 Quidway bgp peer group1 description beijing1 4 1 39 peer ebgp max hop Syntax peer group name peer address ebgp max hop ttl undo peer group name peer address ebgp max hop View BGP view Parameter group nam...

Page 314: ...eer group peer address IP address of a peer which specifies a certain peer Description Using peer enable command you can enable the specified peer peer group and disable it by using undo peer enable command By default BGP peer peer group is enabled If the specified peer peer group is disabled the router will not exchange routing information with the specified peer peer group Example Disable the sp...

Page 315: ...related commands see acl Example Set the filter policy list of a peer group test Quidway bgp peer test filter policy 2000 export 4 1 42 peer group Syntax peer peer address group group name undo peer peer address group group name View BGP view Parameter group name Specify the name of the peer group peer address Specify the IP address of the peer Description Using peer group command you can add a pe...

Page 316: ... the route received by the specified peer peer group export Apply the filtering policy on the route transmitted to the specified peer peer group Description Using peer ip prefix command you can configure the route filtering policy of the peer peer group based on the ip prefix Using undo peer ip prefix command you can cancel the route filtering policy of the peer peer group based on the ip prefix B...

Page 317: ...it will take its own address as the next hop Quidway bgp peer test next hop local 4 1 45 peer password Syntax peer group name peer address password cipher simple password undo peer group name peer address password View BGP view Parameter group name Name of the peer group peer address IP address of the peer in dotted decimal format cipher Displays the configured password in cipher text mode simple ...

Page 318: ...e peer should be consistent with the peer group Example Adopt MD5 authentication on the TCP connection set up between the local router at 10 1 100 1 and the peer router at 10 1 100 2 Quidway bgp peer 10 1 100 2 password simple huawei Perform the similar configuration on the peer Quidway bgp peer 10 1 100 1 password simple huawei 4 1 46 peer public as only Syntax peer group name peer address public...

Page 319: ...eer group name peer address reflect client View BGP view Parameter group name Name of peer group peer address IP address of the peer Description Using peer reflect client command you can configure a peer peer group as the route reflector client Using undo peer reflect client command you can cancel the existing configuration For the related commands see reflect between clients reflector cluster id ...

Page 320: ...licy association Example Apply the Route policy named test policy to the route coming from the peer peer group test Quidway bgp peer test route policy test policy export 4 1 49 peer route update interval Syntax peer group name peer address route update interval seconds undo peer group name peer address route update interval View BGP view Parameter group name Specify the name of the configured peer...

Page 321: ...ress IP address of the peer keepalive interval Keepalive interval to be specified The range is 1 to 65535 By default its value is 60 seconds holdtime interval Holdtime interval to be specified The range is 3 to 65535 By default its value is 180 seconds Description Using peer timer command you can configure the timers for a peer peer group Using undo peer timer command you can restore the timer to ...

Page 322: ... Quidway bgp undo reflect between clients 4 1 52 reflector cluster id Syntax reflector cluster id cluster id address undo reflector cluster id View BGP view Parameter cluster id Specify the cluster ID of the route reflector with the range from 1 to 4294967295 address Used as the interface address of the route reflector s cluster ID Description Using reflector cluster id command you can configure t...

Page 323: ...tion with a specified BGP peer group import Refresh the routes learned from the peers Description Using refresh bgp peer address command you can refresh general BGP routes When BGP routing policy changes it is required to re compute associated route information This command can refresh general BGP routes Example Refresh all BGP routes Quidway refresh bgp all 4 1 54 reset bgp Syntax reset bgp all p...

Page 324: ...gp all 4 1 55 reset bgp dampening Syntax reset bgp dampening network address mask View User view Parameter network address Network IP address related to the clearing attenuation information mask Network mask Description Using reset bgp dampening command you can reset the attenuation information of a route and release the suppression of a suppressed route For the related commands see dampening disp...

Page 325: ... mask Description Using reset bgp flap info command you can reset the flap info of a route For the related commands see dampening Example Reset the flap info of all the routes that go through filter list 10 Quidway reset bgp flap info as path acl 10 4 1 57 reset bgp group Syntax reset bgp group group name View User view Parameter group name Specify the name of the peer group Description Using rese...

Page 326: ...formation can be reduced Example Make the auto aggregation of the sub network routes Quidway bgp summary automatic 4 1 59 timer Syntax timer keep alive keepalive interval hold holdtime interval undo timer View BGP view Parameter keepalive interval Set the interval time value for keepalive time The range is 1 to 65535 By default its value is 60 seconds holdtime interval Set the interval time value ...

Page 327: ...efault BGP doesn t synchronize with IGP If the local BGP is not set synchronous with the IGP and the next hop of the learned BGP route is reachable the local BGP will add this BGP route into its routing table immediately after it learns the route rather than waiting till the IGP also learns the route This command means BGP does not synchronize with IGP in current system You need not configure it f...

Page 328: ...1 IP Routing Policy Configuration Commands The above describes the configuration commands in the routing policy which are independent of any specific routing protocol 5 1 1 apply as path Syntax apply as path as number 1 as number 2 as number 3 undo apply as path View Route policy view Parameter as number 1 as number n AS number to be added Description Using apply as path command you can configure ...

Page 329: ...association outside but can advertises to other sub ASs additive Additional known community attribute none Deleted route community attribute Description Using apply community command you can configure the set BGP community attribute of Route policy Using undo apply community command you can cancel the set BGP community attribute By default BGP community attribute is not set For the related command...

Page 330: ...the apply sub statement For the related commands see if match interface if match acl if match ip prefix if match ip next hop if match cost if match tag route policy apply ip next hop apply local preference apply origin and apply tag Example Define one apply sub statement When it is used for setting route information attribute it sets the route metric value of route information as 120 Quidway route...

Page 331: ...w Route policy view Parameter ip address The next hop address Description Using apply ip next hop command you can configure the next hop address of route information This command is one attribute apply sub statements of Route policy Using undo apply ip next hop command you can cancel the apply sub statement By default no apply sub statement is defined When it is used for setting route information ...

Page 332: ... the apply sub statement For the related commands see if match interface if match acl if match ip prefix if match ip next hop if match cost if match tag route policy apply ip next hop apply local preference apply origin and apply tag Example Apply the local preference level of route information as 130 when this apply sub statement is used for setting route information attribute Quidway route polic...

Page 333: ...attribute it sets the route source of BGP route information as igp Quidway route policy apply origin igp 5 1 8 apply tag Syntax apply tag value undo apply tag View Route policy view Parameter value Specifies the tag value of route information Description Using apply tag command you can configure to set the tag area of OSPF route information This command is one of attribute apply sub statements of ...

Page 334: ...xample Display the information of the address prefix list named as p1 Quidway display ip ip prefix p1 name index conditions ip prefix mask GE LE p1 10 permit 10 1 0 0 16 17 18 Table 5 1 Description of information generated by the command display ip ip prefix Field Description name Name of ip prefix index Internal sequence number of ip prefix conditions Mode permit or deny ip prefix mask Address an...

Page 335: ... 0 denied 0 Table 5 2 Description of information generated by the command display route policy Field Description Route policy Name of ip prefix Information of the route policy with mode configured as permit and node as 10 if match prefixlist p1 The configured if match clause apply cost 100 Apply routing cost 100 to the routes matching the conditions defined by if match clause matched Number of rou...

Page 336: ...ation meeting some conditions can be advertised Then the filter policy command can be used to set the filtering conditions for the routing information to be advertised Only the routing information passing the filtration can be advertised For the related commands see filter policy import Example Define the filtering rules for advertising the routing information of RIP Only the routing information p...

Page 337: ...may be required that only the routing information meeting some conditions can be received Then the filter policy command can be used to set the filtering conditions for the routing information to be advertised Only the routing information passing the filtration can be received For the related commands see filter policy export Example Define the filtering rule for receiving routing information of R...

Page 338: ...ement Quidway route policy if match ip prefix p1 5 1 14 if match as path Syntax if match as path acl number undo if match as path View Route policy view Parameter acl number AS path based access control list number ranging from 1 to 199 Description Using the if match as path command you can match the AS path domain of the BGP routing information using the undo if match as path command you can canc...

Page 339: ...do if match community command you can cancel the match of the community attribute This if match sub statement of route policy is used to filter BGP routing information The match condition is specified according to the community attributes of the routing information For the related commands see route policy ip community list Example A community list numbered as 1 is defined first allowing the auton...

Page 340: ...policy apply ip next hop apply local preference apply cost apply origin apply tag Example A if match sub statement is defined which allows the routing information with routing cost 8 to pass this if match sub statement Quidway route policy if match cost 8 5 1 17 if match interface Syntax if match interface interface name interface type interface number undo if match interface View Route policy vie...

Page 341: ... is 2000 to 2999 ip prefix name Specify the name of the prefix address list used for filtration Description Using if match ip next hop command you can configure one of the match rules of route policy on the next hop address of the routing information Using undo if match ip next hop command you can cancel the setting of ACL matching condition Using undo if match ip next hop ip prefix command you ca...

Page 342: ...tch ip prefix if match ip next hop if match cost route policy apply ip next hop apply cost apply local preference apply origin and apply tag Example Define one if match sub statement and enable the OSPF route information whose value of tag is 8 to pass the if match sub statement Quidway route policy if match tag 8 5 1 20 ip ip prefix Syntax ip ip prefix ip prefix name index index number permit den...

Page 343: ...ne of its items which can also be deleted with undo ip ip prefix command By default there s no address prefix list The address prefix list is used for IP address filtering An address prefix list may contain several items and each item specifies one address prefix range The inter item filtering relation is OR i e passing an item means passing the filtering of this address prefix list Not passing th...

Page 344: ... filtration or route policy One Route policy comprises of some nodes and each node comprises of some match and apply sub statements The if match sub statement defines the match rules of this node and the apply sub statement defines the actions after passing the filtration of this node The filtering relationship between the if match sub statements of the node is and i e all if match sub statements ...

Page 345: ...view the memory setting Example Display the current memory setting Quidway display memory System Total Memory bytes 34189056 Total Used Memory bytes 18692804 Used Rate 54 The displayed information is described specifically in the following table Table 6 1 The description for the information displayed by the display memory command Item Description System Total Memory bytes The total number of the E...

Page 346: ...ons and whether or not the current system is in the emergent state Example Display the current memory setting and state information Quidway display memory limit Current memory limit configuration information system memory safety 4 MBytes system memory limit 2 MBytes auto establish enabled Free Memory 14798060 Bytes The state information about connection The times of disconnect 0 The times of recon...

Page 347: ... the Ethernet switch is 0 The current state Normal The current state is normal If entering the emergent state the system will display Exigence 6 1 3 memory auto establish disable Syntax memory auto establish disable View System view Parameter None Description Using memory auto establish disable command you can disable the routing protocol connection that is forcibly disconnected to recover automat...

Page 348: ...nd the routing protocol connection that is forcibly disconnected to recover automatically when the idle memory of the Ethernet switch reaches this value By default when the idle memory of the Ethernet switch recovers to a safety value connections of all the routing protocols will always recover when the idle memory of the Ethernet switch reduces to a lower limit the connection will be disconnected...

Page 349: ...ng memory safety safety value command you can configure the safety value of the Ethernet switch idle memory If you use the memory auto establish enable command the default configuration the routing protocol connection that is forcibly disconnected will automatically recover when the idle memory of the Ethernet switch reaches this value The safety value in the command must be more than the current ...

Page 350: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Multicast ...

Page 351: ...g group policy 2 5 2 1 8 igmp snooping host aging time 2 7 2 1 9 igmp snooping max response time 2 8 2 1 10 igmp snooping router aging time 2 9 2 1 11 reset igmp snooping statistics 2 9 Chapter 3 Multicast Common Configuration Commands 3 1 3 1 Multicast Common Configuration Commands 3 1 3 1 1 debugging multicast forwarding 3 1 3 1 2 debugging multicast kernel routing 3 1 3 1 3 debugging multicast ...

Page 352: ...debugging pim sm 5 4 5 1 6 display pim bsr info 5 5 5 1 7 display pim interface 5 5 5 1 8 display pim neighbor 5 6 5 1 9 display pim routing table 5 7 5 1 10 display pim rp info 5 8 5 1 11 pim 5 9 5 1 12 pim bsr boundary 5 10 5 1 13 pim dm 5 10 5 1 14 pim sm 5 11 5 1 15 pim timer hello 5 12 5 1 16 register policy 5 12 5 1 17 spt switch threshold 5 13 5 1 18 static rp 5 14 Chapter 6 Multicast VLAN ...

Page 353: ...t packet GMRP packet Description Using debugging gmrp command you can enable GMRP debugging Using undo debugging gmrp you can disable GMRP debugging Example Enable GMRP event debugging Quidway debugging gmrp event GMRP Max number of GMRP entries reached Table 1 1 Description of information generated by the command debugging gmrp event Field Description GMRP Max number of GMRP entries reached Maxim...

Page 354: ...n view the statistics information about GMRP This command is used for displaying the statistics information about GMRP including the list of ports with GMRP enabled GMRP status information GMRP failed registrations and last origin of GMRP packet data unit PDU Example Display the statistics information about GMRP on Ethernet 0 1 Quidway display gmrp statistics interface Ethernet 0 1 GMRP statistics...

Page 355: ... view Ethernet port view Parameter None Description Using gmrp command you can enable global GMRP or enable GMRP on a port Using undo gmrp command you can configure the GMRP back to the default setting namely disabled By default GMRP is disabled Executed in system view this command will enable the global GMRP After performing this command in Ethernet port view GMRP will be enabled on a port Before...

Page 356: ...y igmp snooping configuration command you can view the IGMP Snooping configuration information This command is used to display the IGMP Snooping configuration information of the switch The information displayed includes whether IGMP Snooping is enabled router port timeout maximum response timeout of a query and the member port timeout For the related command see igmp snooping Example Display the I...

Page 357: ...command you can view the IP multicast groups and MAC multicast groups under VLAN This command displays the IP multicast group and MAC multicast group information of a VLAN or all the VLAN where the Ethernet switch is located It displays the information such as VLAN ID router port IP multicast group address member ports in the IP multicast group MAC multicast group MAC multicast group address and t...

Page 358: ...tistics information about IGMP Snooping of Ethernet switch It displays the information such as number of received general IGMP query packets received IGMP specific query packets received IGMP Version 1 and Version 2 report packets received IGMP leave packets and error packets and sent IGMP specific query packets For the related command see igmp snooping Example Display statistics information about...

Page 359: ...nooping Quidway igmp snooping enable 2 1 5 igmp snooping fast leave Syntax igmp snooping fast leave undo igmp snooping fast leave View Ethernet port view Parameter None Description Using the igmp snooping fast leave command you can enable the function of fast removing a port from a multicast group Using the undo igmp snooping fast leave command you can cancel this configuration By default the fast...

Page 360: ... 1 igmp snooping fast leave 2 1 6 igmp snooping group limit Syntax igmp snooping group limit limit undo igmp snooping group limit View Ethernet port view Parameter limit The maximum number of multicast groups on a port in the range of 0 to 1000 The default value is 1000 Description Using igmp snooping group limit command you can set the maximum number of multicast groups permited on a port Using u...

Page 361: ...allowed the switch then adds the port to the forward port list of the multicast group otherwise it drops the IGMP report packet and no data flow then will be sent to this port Thus the switch can control users multicast program ordering User defined ACL rule is a multicast address or multicast address range 224 0 0 1 to 239 255 255 255 z If the rule is set as permit the port can be added to the gr...

Page 362: ...Configure ACL 2001 to deny the accessing to multicast group 225 0 0 0 225 255 255 255 and permit the accessing outside the range z Configure ACL Quidway acl number 2001 Quidway acl basic 2001 rule deny source 225 0 0 0 0 0 0 255 Quidway acl basic 2001 rule permint source any z Create VLAN 2 and add Ethernet 0 2 to it Quidway vlan 2 Quidway vlan2 port Ethernet 0 2 z Set the filtering of IGMP Snoopi...

Page 363: ...e Set the aging time to 300 seconds Quidway igmp snooping host aging time 300 2 1 9 igmp snooping max response time Syntax igmp snooping max response time seconds undo igmp snooping max response time View System view Parameter seconds Maximum response time for a query ranging from 1 to 100 and measured in seconds By default 10 Description Using igmp snooping max response time command you can confi...

Page 364: ...o igmp snooping router aging time command you can restore the default value The port here refers to the Ethernet switch port connected to the router The Layer 2 Ethernet switch receives general query packets from the router via this port The timer should be set to about 2 5 times of the general query period of the router For the related command see igmp snooping igmp snooping max response time Exa...

Page 365: ...Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Commands Huawei Technologies Proprietary 2 10 For the related command see igmp snooping Example Clear IGMP Snooping statistics information Quidway reset igmp snooping statistics ...

Page 366: ...warding View User view Parameter None Description Using debugging multicast forwarding command you can enable multicast packet forwarding debugging functions Using undo debugging multicast forwarding command you can disable the debugging functions By default the debugging function is disabled Example Enable multicast packet forwarding debugging functions Quidway debugging multicast forwarding 3 1 ...

Page 367: ...tatus forwarding Syntax debugging multicast status forwarding undo debugging multicast status forwarding View User view Parameter None Description Using debugging multicast status forwarding command you can enable multicast forwarding status debugging functions Using undo debugging multicast status forwarding command you can disable the debugging functions Example Enable multicast forwarding statu...

Page 368: ... table For the related command see display multicast routing table Example View the multicast forwarding table information Quidway display multicast forwarding table Multicast Forwarding Cache Table Total 2 entries 00001 4 4 4 4 224 2 254 84 iif Vlan interface1 0 oifs Matched 240 pkts 11288 bytes Wrong If 0 pkts Forwarded 232 pkts 11288 bytes 00002 4 4 4 4 224 2 149 17 iif Vlan interface1 1 oifs L...

Page 369: ...ulticast routing table group address mask mask mask length source address mask mask mask length incoming interface interface type interface number register View Any view Parameter group address Multicast group address used to specify a multicast group and display the corresponding routing table information of the group The value ranges from 224 0 0 0 to 239 255 255 255 source address Unicast IP ad...

Page 370: ...ptime 00 02 57 Timeout in 123 sec Upstream interface Vlan interface1 4 4 4 6 Downstream interface list NULL Matched 3 entries Table 3 2 Description of information generated by the command display multicast routing table Field Description Multicast Routing Table Multicast routing table Total 3 entries 3 entries in total 4 4 4 4 224 2 149 17 s g Uptime 00 15 16 Timeout in 272 sec Upstream interface ...

Page 371: ...In 0 pkts 0 bytes Out 0 pkts 0 bytes 2 Interface Vlan interface1 TTL 1 LclAddr 4 4 4 6 RmtAddr 0 0 0 0 In 16 pkts 18691 bytes Out 0 pkts 0 bytes 3 Interface Vlan interface2 TTL 1 LclAddr 2 2 2 4 RmtAddr 0 0 0 0 In 0 pkts 0 bytes Out 0 pkts 0 bytes Total 3 multicast vif s Table 3 3 Description of information generated by the command display multicast vif Field Description Interface Vlan interface1 ...

Page 372: ...ew Parameter None Description Using multicast routing enable command you can enable IP multicast routing Using undo multicast routing enable command you can disable IP multicast routing By default IP multicast routing is disabled For the related commands see pim dm and pim sm Example Enable IP multicast routing Quidway system view Quidway multicast routing enable ...

Page 373: ...ging information of IGMP event host debugging information of IGMP host packet debugging information of IGMP packets mpm debugging information of IGMP multicast port management timer debugging information of IGMP timers Description Using debugging igmp command you can enable IGMP debugging functions Using undo debugging igmp command you can disable the debugging functions By default IGMP debugging ...

Page 374: ...sts through IGMP or through command line For the related command see igmp host join Example View the member information of multicast group in the system Quidway display igmp group LoopBack0 20 20 20 20 Total 3 IGMP Groups reported Group Address Last Reporter Uptime Expires 225 1 1 1 20 20 20 20 00 02 04 00 01 15 225 1 1 3 20 20 20 20 00 02 04 00 01 15 225 1 1 2 20 20 20 20 00 02 04 00 01 17 Table ...

Page 375: ...interface VLAN interface1 IGMP is enabled on interface Current IGMP version is 2 IGMP query interval is 60 seconds IGMP querier timeout is 120 seconds IGMP max query response time is 10 seconds IGMP querying router is 10 110 91 129 No IGMP group reported 4 1 4 display igmp port Syntax display igmp port port number vlan vlan id View Any view Parameter port port number Specifies IGMP port number vla...

Page 376: ...rface_type interface_ num interface_name to interface_type interface_ num interface_name undo igmp group policy port interface_type interface_ num interface_name to interface_type interface_ num interface_name View Interface View Parameter acl number Number of the basic IP access control list number defining a multicast group range The value ranges from 2000 to 2999 1 IGMP version 1 2 IGMP version...

Page 377: ...uidway Vlan interface10 igmp group policy 2000 2 4 1 6 igmp group policy vlan Syntax igmp group policy acl number vlan vlanid undo igmp group policy vlan vlanid View Ethernet port view Parameter acl number Number of the basic IP access control list number defining a multicast group range The value ranges from 2000 to 2999 vlanid Specify the ID for the VLAN to which the port belongs Description Usi...

Page 378: ...e_ num interface_name View VLAN interface view Parameter group address Multicast address of the multicast group that an interface will join port Specify the port in the VLAN interface Description Using igmp host join command you can enable an port in the VLAN interface of an ethernet switch to join a multicast group Using undo igmp host join command you can disable the configuration By default an ...

Page 379: ...with the igmp host join port command Note that the configured port must belong to the specified VLAN and the IGMP protocol must be enabled on this VLAN interface otherwise the configuration does not function For the related command see igmp host join port igmp host join igmp group policy Example Add port Ethernet 0 1 in VLAN interface10 to the multicast group at 225 0 0 1 Quidway Vlan interface10 ...

Page 380: ... view Parameter seconds IGMP querier present timer value in second ranging from 60 to 300 By default the value is twice the value of IGMP query message interval i e 120 seconds Description Using igmp timer other querier present command you can configure the timer of presence of the IGMP querier Using undo igmp timer other querier present command you can restore the default value On a shared networ...

Page 381: ...scription Using igmp timer query command you can configure the interval at which a router interface sends IGMP query messages Using undo igmp timer query command you can restore the default value A multicast router periodically sends out IGMP query messages to attached segments to find hosts that belong to different multicast groups The query interval can be modified according to the practical con...

Page 382: ...ed Description Using igmp version command you can specify the version of IGMP that a router uses Using undo igmp version command you can restore the default value All routers on a subnet must support the same version of IGMP After detecting the presence of IGMP Version 1 system a router cannot automatically switch to Version 1 Example Run IGMP Version 1 on VLAN interface10 Quidway Vlan interface10...

Page 383: ...2 priority Priority of the candidate BSR The larger the value of the priority the higher the priority of the BSR The value ranges from 0 to 255 By default the priority is 0 Description Using c bsr command you can configure a candidate BSR Using undo c bsr command you can remove the candidate BSR configured By default no candidate BSR is set When configure the candidate BSR the larger bandwidth sho...

Page 384: ...tise itself as a candidate RP Using undo c rp command you can remove the configuration By default no candidate RP is configured When configuring the candidate RP a relatively large bandwidth should be reserved for the router and other devices in the PIM domain For the related command see c bsr Example Configure the Ethernet switch to advertise the BSR that he is the C RP in the PIM The standard ac...

Page 385: ...re disabled Example Enable all common PIM debugging functions Quidway debugging pim common all 5 1 4 debugging pim dm Syntax debugging pim dm alert all mrt timer warning recv send all assert graft graft ack join prune undo debugging pim dm alert all mrt timer warning recv send all assert graft graft ack join prune View User view Parameter all all the debugging information of PIM DM alert Interoper...

Page 386: ... warning recv send assert bootstrap crpadv jp reg regstop View User view Parameter mbr debugging information of PIM SM multicast border router event verbose debugging detail information of PIM SM mrt debugging information of PIM SM multicast routing table timer debugging information of PIM SM timer warning debugging information of PIM SM warning message recv debugging information of PIM SM receivi...

Page 387: ...R information For the related commands see c bsr and c rp Example Quidway display pim bsr info Current BSR Address 20 20 20 30 Priority 0 Mask Length 30 Expires 00 01 55 Local host is BSR Table 5 1 Output description of the display pim bsr info command Field Description BSR Boot trap router Priority Priority of BSR Mask Length 30 Length of mask Expires 00 01 55 Expire time 5 1 7 display pim interf...

Page 388: ... interface is 10 10 1 20 PIM is enabled on interface PIM version is 2 PIM mode is Sparse PIM query interval is 30 seconds Total 1 PIM neighbor on interface PIM DR designated router is 10 10 1 20 Table 5 2 Output description of the display pim interface command Field Description PIM version Version of PIM PIM mode PIM mode enabled on the interface DM or SM PIM query interval Hello packet interval P...

Page 389: ... Specifies when the member will be removed from the group 5 1 9 display pim routing table Syntax display pim routing table g group address mask mask length mask rp rp address mask mask length mask group address mask mask length mask source address mask mask length mask incoming interface interface type interface number null dense mode sparse mode View Any view Parameter rp RP route entry g G route...

Page 390: ... 2 S G entries 192 168 1 2 224 2 178 130 Protocol 0x20 PIMSM Flag 0x4 SPT UpTime 23 59 Timeout after 196 seconds Upstream interface VLAN interface2 RPF neighbor NULL Downstream interface list NULL 192 168 1 2 224 2 181 90 Protocol 0x20 PIMSM Flag 0x4 SPT UpTime 23 59 Timeout after 196 seconds Upstream interface VLAN interface2 RPF neighbor NULL Downstream interface list NULL Total 2 entries listed...

Page 391: ... rp info command you can view the RP information of multicast group In addition this command can also display the BSR and static RP information Example View the RP information of multicast group Quidway display pim rp info PIM SM RP SET information BSR is 4 4 4 6 Group MaskLen 224 0 0 0 4 RP 4 4 4 6 Version 2 Priority 0 Uptime 00 39 50 Expires 00 01 40 5 1 11 pim Syntax pim undo pim View System vi...

Page 392: ...undary command you can configure an interface to be the PIM domain border Using undo pim bsr boundary command you can remove the border You can use this command to set border of bootstraps messages that is to say bootstrap messages cannot pass interfaces that are configured with pim bsr boundary command while other PIM messages can In this way the network is divided into different BSR domains By d...

Page 393: ...e interface and vice versa Example Enable PIM DM on VLAN interface10 of the Ethernet switch Quidway multicast routing enable Quidway Vlan interface10 pim dm 5 1 14 pim sm Syntax pim sm undo pim sm View Interface view Parameter None Description Using pim sm command you can enable the PIM SM protocol on an interface Using undo pim sm command you can disable the PIM SM protocol By default PIM SM is d...

Page 394: ...undo pim timer hello command you can restore the default value Example Configure to transmit Hello packet via VLAN interface10 every 40 seconds Quidway Vlan interface10 pim timer hello 40 5 1 16 register policy Syntax register policy acl number undo register policy View PIM view Parameter acl number Number of IP advanced ACL defining the rule of filtering the source and group addresses The value r...

Page 395: ... switch threshold traffic rate infinity group policy acl number undo spt switch threshold traffic rate infinity group policy acl number View PIM view Parameter traffic rate Indicate switch rate threshold from RPT to SPT in Kbps By default the switch threshold value is 0 i e switching starts when the RPT receives the first data packet infinity Indicate never to switch to SPT acl number Number of th...

Page 396: ...specified static RP will only serve the multicast group passing the ACL Description Using static rp command you can configure static RP Using undo static rp command you can remove the configuration Static RP functions as the backup of dynamic RP so as to improve the network robusticity If the RP elected by BSR mechanism is valid static RP will not work All routers in the PIM domain should be confi...

Page 397: ...ast VLAN Use the undo service type multicast command to cancel the setting By default no VLAN is a multicast VLAN You can configure a multicast VLAN join related switch ports into this VLAN and enable the IGMP Snooping function to make users in different VLANs share the same multicast VLAN After doing that multicast streams are transmitted only through the multicast VLAN and therefore the bandwidt...

Page 398: ...rt list in format of interface list interface type interface num interface name to interface type interface num interface name 1 10 vlan_id Specifies VLAN ID Description Use the mac address multicast command to add multicast MAC address entries Use the undo mac address multicast command to delete multicast MAC address entries A multicast entry includes multicast address forwarding port VLAN etc Re...

Page 399: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual QoS ACL ...

Page 400: ... 1 2 4 display time range 1 17 1 2 5 packet filter 1 19 1 2 6 reset acl counter 1 20 1 2 7 rule 1 21 1 2 8 time range 1 24 1 3 ACL Configuration Command List of S3552 Series Switches 1 25 1 3 1 acl 1 25 1 3 2 display acl config 1 27 1 3 3 display acl running packet filter all 1 28 1 3 4 display flow template 1 29 1 3 5 display time range 1 29 1 3 6 flow template user defined 1 31 1 3 7 flow templa...

Page 401: ...s global traffic statistic 2 20 2 2 7 display qos interface all 2 21 2 2 8 display qos interface line rate 2 22 2 2 9 display qos interface traffic limit 2 23 2 2 10 display queue scheduler 2 24 2 2 11 line rate 2 25 2 2 12 mirrored to 2 25 2 2 13 priority 2 27 2 2 14 priority trust 2 27 2 2 15 qos cos local precedence map 2 28 2 2 16 queue scheduler 2 30 2 2 17 reset traffic statistic 2 31 2 2 18...

Page 402: ... 19 mirroring port 2 51 2 3 20 monitor port 2 52 2 3 21 priority 2 53 2 3 22 priority trust 2 53 2 3 23 qos conform level 2 54 2 3 24 qos cos drop precedence map 2 54 2 3 25 qos cos local precedence map 2 56 2 3 26 queue 2 58 2 3 27 queue scheduler 2 59 2 3 28 reset traffic statistic 2 61 2 3 29 traffic limit 2 61 2 3 30 traffic priority 2 64 2 3 31 traffic redirect 2 66 2 3 32 traffic shape 2 68 ...

Page 403: ...999 Advanced ACL 4000 to 4999 L2 ACL name acl name Specifies an access list with a character string beginning with English letters a z A Z only excluding space and quotation marks and not case sensitive The all and any keywords are not allowed advanced Advanced ACL basic Basic ACL link L2 ACL config Follow the user configuration order to match ACL rules auto Follow the depth first order to match A...

Page 404: ...le Table 1 1 Hardware match order of ACL s sub rule Switch Hardware match order of ACL s sub rule S3526 An ACL is configured with multiple sub rules The deny sub rules are matched first and then are the permit sub rules Exact match mode is used for the permit sub rules the sub rule with the more accurate range is matched first for example ACL 3000 has rule 0 and rule 1 the definition of rule 0 is ...

Page 405: ...luding space or quotation mark Description Using display acl config command you can view the detail configuration information about the ACL including all the statements and sequence numbers and how many packets and bytes matched these statements The matched information is the information treated by switch s CPU The matched information of transmitted data can be displayed by display qos global traf...

Page 406: ...e 1 permit 10 0 0 1 0 0 times matched indicates the rule s content 1 1 3 display acl running packet filter all Syntax display acl running packet filter all View Any view Parameter None Description Using display acl running packet filter all command you can view the information about the running state of the ACL The displayed information includes ACL name rule name and running state Example Display...

Page 407: ... case Example Display the configuration of all the time ranges Quidway display time range all Current time is 14 36 36 4 3 2003 Thursday Time range hhy Inactive from 08 30 2 5 2005 to 18 00 2 19 2005 Time range hhy1 Inactive from 08 30 2 5 2003 to 18 00 2 19 2003 Table 1 3 the display Information Field Description Current time is 14 36 36 4 3 2003 Thursday Indicates the current time of the switch ...

Page 408: ... link group acl number acl name rule rule View System view Parameter ip group acl number acl name activate the IP ACLs IP ACLs include basic advanced ACLs acl number Specifies the ACL number ranging from 2000 to 3999 acl name Specifies the ACL name with a character string started with English letters that is a to z A to Z excluding space and quotation marks link group acl number acl name activate ...

Page 409: ...ich is used to filter or classify the data treated by the software of switch You can clear the matched counters to zero using this command Table 1 5 The comparison between reset commands of statistics information Command Function reset acl counter Reset the statistics information of the ACL which is used in the case of filtering or classifying the data treated by the software of switch The case in...

Page 410: ...tination source port destination port icmp type precedence tos dscp fragment time range III define delete a rule for link acl rule rule id permit deny ingress source vlan id source mac addr interface interface name interface type interface num any egress destination vlan id dest mac addr interface interface name interface type interface num any time range name undo rule rule id View ACL view Param...

Page 411: ... wildcard is the source IP address and source address wildcard expressed in dotted decimal notation any represents any source address dest addr wildcard any dest addr wildcard is the destination IP address and destination address wildcard expressed in dotted decimal notation any represents any destination address source port operator port1 port2 This parameter is to define the source TCP or UDP po...

Page 412: ...information of a data packet source vlan id specifies the source VLAN of the packet and source mac addr specifies the source MAC address of the data packets interface interface name interface type interface num represents the L2 port receiving the packets any represents all the packets received from all the ports egress destination vlan id dest mac addr interface interface name interface type inte...

Page 413: ...he rules of MAC MAC MAC PORT PORT PORT MAC ANY ANY MAC PORT ANY and ANY PORT The Layer 3 ACL supports using the rules of IP IP IP NET NET NET IP ANY ANY IP NET ANY and ANY NET Traffic statistic traffic statistic ip group acl number acl name rule rule link group acl number acl name rule rule Traffic statistics only supports using the ACL of permit operation The Layer 2 ACL supports using the rules ...

Page 414: ...e 0 permit ip source 1 1 1 1 0 destination 2 2 2 2 0 time range huawei z NET NET stands for lay 3 ACL rules from source segment IP address to destination segment IP address the wildcard parameter can not be 0 such as rule 0 permit ip source 1 1 1 1 0 0 255 255 destination 2 2 2 2 0 0 255 255 time range huawei z MAC any stands for lay 2 ACL rule from source MAC address to any destination MAC addres...

Page 415: ...cl adv 3000 rule 1 permit tcp established source 1 1 1 1 0 destination 2 2 2 2 0 Add a rule to a basic ACL Quidway acl basic 2000 rule 1 permit source 1 1 1 1 0 fragment Add a rule to an L2 ACL Quidway acl link 4000 rule 1 permit ingress 1 egress any 1 1 8 time range Syntax time range time name start time to end time days of the week from start time start date to end time end date from start time ...

Page 416: ...arameters are omitted there is no limit to the effective date Description Using time range command you can configure a time range Using undo time range command you can delete a time range If you input the parameter when use the undo time range command the system will delete the corresponding content of the time range according to the parameter input Example Configure a time range being effective s...

Page 417: ...CL you can use the rule command to add rules for them after entering ACL view Use the quit command to exit ACL view An ACL may contain multiple rules and the traffic classification rules concern different ranges which brings forward the issue of match order when a data packet matches more than one rule Using the match order parameter you can configure to follow the user configuration order as defa...

Page 418: ... a z A Z only and excluding space or quotation mark Description Using display acl config command you can view the detail configuration information about the ACL including all the statements and sequence numbers and how many packets and bytes matched these statements The matched information is the information treated by switch s CPU The matched information of transmitted data can be displayed by di...

Page 419: ...e 1 permit 10 0 0 1 0 0 times matched indicates the rule s content 1 2 3 display acl running packet filter all Syntax display acl running packet filter all View Any view Parameter None Description Using display acl running packet filter all command you can view the information about the running state of the ACL The displayed information includes ACL name rule name and running state Example Display...

Page 420: ...l case Example Display the configuration of all the time ranges Quidway display time range all Current time is 14 36 36 4 3 2003 Thursday Time range hhy Inactive from 08 30 2 5 2005 to 18 00 2 19 2005 Time range hhy1 Inactive from 08 30 2 5 2003 to 18 00 2 19 2003 Table 1 9 the display Information Field Description Current time is 14 36 36 4 3 2003 Thursday Indicates the current time of the switch...

Page 421: ...e link group acl number acl name rule rule View System view Parameter user group acl number acl name activate the user defined ACL acl number Specifies the ACL number ranging from 5000 to 5999 acl name Specifies the ACL name with a character string started with English letters that is a to z A to Z excluding space and quotation marks ip group acl number acl name activate the IP ACLs IP ACLs includ...

Page 422: ...mber Specifies an access list with a number in the range of 2000 to 3999 acl name Specifies an access list with a character string beginning with English letters a z A Z only excluding space and quotation marks and not case sensitive The all and any keywords are not allowed Description Using the reset acl counter command you can reset the statistics information of the ACL which is used to filter o...

Page 423: ...delete a rule for advanced acl rule rule id permit deny protocol source source addr wildcard any destination dest addr dest mask any source port operator port1 port2 destination port operator port1 port2 icmp type type code established precedence precedence tos tos dscp dscp fragment time range name undo rule rule id source destination source port destination port icmp type precedence tos dscp fra...

Page 424: ...ol This parameter is to define protocol type which can be indicated by name or digit This parameter can be icmp igmp tcp udp ip gre ospf or ipinip If this parameter takes ip it means all the IP protocols This parameter can be 1 255 if indicated by digit source addr wildcard any source addr wildcard is the source IP address and source address wildcard expressed in dotted decimal notation any repres...

Page 425: ...1p priority ranging from 0 to 7 ingress source vlan id source mac addr source mac wildcard interface interface name interface type interface num any Source information of a data packet source vlan id specifies the source VLAN of the packet and source mac addr source mac wildcard specifies the source MAC address and MAC address wildcard of the data packets These two parameters give the source MAC a...

Page 426: ...ng undo rule command you can cancel a rule from an ACL You can add a lot of rules to an ACL If you input the parameter when use the undo rule command the system will delete the corresponding content of the rule according to the parameter input For related configurations refer to command acl Example Add a rule to an advanced ACL Quidway acl adv 3000 rule 1 permit tcp established source 1 1 1 1 0 de...

Page 427: ...ning effective days of the time range with the end date format as hh mm MM DD YYYY to end time end date End time and date of the special time range determining effective days of the time range with the start date format as hh mm MM DD YYYY If the above two parameters are omitted there is no limit to the effective date Description Using time range command you can configure a time range Using undo t...

Page 428: ...umbered or named ACL or all the ACLs By default the ACLs are matched in config order You can use the acl command to create an ACL and specify its name with acl name and its type with the keywords advanced basic link For both numbered and named ACL you can use the rule command to add rules for them after entering ACL view Use the quit command to exit ACL view An ACL may contain multiple rules and t...

Page 429: ...ncluding numbered and named ACLs acl number Specifies the sequence number of the ACL to be displayed with a number between 2000 and 3999 acl name Specifies the name of the ACL to be displayed with a character string starting with English letters a z A Z only and excluding space or quotation mark Description Using display acl config command you can view the detail configuration information about th...

Page 430: ...he number of ACL in this location it may be the name of the ACL 1 rule indicates the rule number of the ACL rule 1 permit 10 0 0 1 0 0 times matched indicates the rule s content 1 3 3 display acl running packet filter all Syntax display acl running packet filter all View Any view Parameter None Description Using display acl running packet filter all command you can view the information about the r...

Page 431: ...plate command you can view the configuration of flow template The configuration includes the defined information of flow template the interface for which the flow template has applied For the related command see flow template user defined Example Display the default flow template Quidway display flow template default System default flow template This flow template has not been configured 1 3 5 dis...

Page 432: ...y Indicates the current time of the switch according to the switch setting Time range hhy Inactive Indicates the name of the time range Inactive indicates the status of this time range is not active at current time from 08 30 2 5 2005 to 18 00 2 19 2005 The content of time range the first time is the beginning time the last time is the ending time Display the time range named tm1 Quidway display t...

Page 433: ... display flow template Example Apply user defined flow template on the current Ethernet0 1 Quidway Ethernet0 1 flow template user defined 1 3 7 flow template user defined template info Syntax flow template user defined template info undo flow template user defined View System view Parameter template info Information available in defining traffic classification its value can be cos 802 1p priority ...

Page 434: ... the length of 1 byte tos TOS type of service domain in the IP packet header in the length of 1 byte vlanid VLAN ID in the Ethernet packet header in the length of 2 bytes Description Using the flow template user defined template info command you can define a flow template Using the undo flow template user defined command you can delete a flow template In defining a flow template the total length o...

Page 435: ...but those you have defined For the related command see display flow template Example Define a flow template which classifies traffic by source and destination IP addresses source and destination TCP UDP ports DSCP domain in the IP packet header Quidway flow template user defined ip protocol sip dip sport dport dscp 1 3 8 packet filter Syntax I Command Format in System View packet filter inbound ac...

Page 436: ...s the ACL number ranging from 2000 to 3999 acl name Specifies the ACL name with a character string started with English letters that is a to z A to Z excluding space and quotation marks z link group acl number acl name activate the L2 ACL acl number Specifies the ACL number ranging from 4000 to 4999 acl name Specifies the ACL name with a character string started with English letters that is a to z...

Page 437: ...ich is used to filter or classify the data treated by the software of switch You can clear the matched counters to zero using this command Table 1 17 The comparison between reset commands of statistics information Command Function reset acl counter Reset the statistics information of the ACL which is used in the case of filtering or classifying the data treated by the software of switch The case i...

Page 438: ...o rule rule id source destination source port destination port icmp type precedence tos dscp fragment time range III define delete a rule for link acl rule rule id permit deny cos vlan pri ingress source vlan id source mac addr source mac wildcard any egress dest vlan id dest mac addr dest mac wildcard any tagged untagged time range name undo rule rule id View ACL view Parameter rule id Specifies ...

Page 439: ...t operator port1 port2 This parameter is to define the source TCP or UDP port number Here operator represents port operation character including eq equal to gt greater than lt less than neq not equal to and range in certain range Note This parameter is available only when protocol parameter takes TCP or UDP port1 port2 TCP or UDP port number of packets expressed with characters or numbers The numb...

Page 440: ...fies the destination information of data packets dest vlan id specifies the destination VLAN of the packet dest mac addr dest mac wildcard specifies the destination MAC address of the data packets any represents all the packets forwarded by all the ports tagged untagged Specifies filtering the packets according the VLAN tag Tagged means filtering the packets which have VLAN tag untagged means filt...

Page 441: ... ranging from 0 to 6 Monday Tuesday Wednesday Thursday Friday Saturday or Sunday working day representing 5 working days from Monday to Friday off day representing Saturday and Sunday daily representing everyday of the week from start time start date Start time and date of the special time range determining effective days of the time range with the end date format as hh mm MM DD YYYY to end time e...

Page 442: ...itches 2 1 1 display qos cos local precedence map Syntax display qos cos local precedence map View Any view Parameter None Description Using display qos cos local precedence map command you can view COS Local precedence map Example Display COS Local precedence map Quidway display qos cos local precedence map cos local precedence map cos 0 1 2 3 4 5 6 7 local precedence 2 0 1 3 4 5 6 7 2 1 2 displa...

Page 443: ...ule 1 running Priority action Local precedence 0 traffic statistic Matches acl std1 rule 0 running 0 byte 0 packet Matches acl std1 rule 1 running 0 byte 0 packet mirrored to Matches acl std1 rule 0 running Mirrored to Ethernet0 1 Matches acl std1 rule 1 running Mirrored to Ethernet0 1 Table 2 1 the display Information Field Description traffic priority Matches acl std1 rule 0 running Priority act...

Page 444: ... Ethernet0 1 Indicates the mirroring configuration of the switch Matches acl std1 rule 0 running indicates the classification rule to the traffic Mirrored to Ethernet0 1 indicates the monitor port for the packets matching the classification rule 2 1 3 display qos global mirrored to Syntax display qos global mirrored to View Any view Parameter None Description Using display qos global mirrored to c...

Page 445: ... the packets matching the classification rule 2 1 4 display qos global traffic priority Syntax display qos global traffic priority View Any view Parameter None Description Using display qos global traffic priority command you can view the settings of traffic priority This command is used for displaying the settings of traffic priority The information displayed includes the ACL corresponding to the...

Page 446: ...tatistic Syntax display qos global traffic statistic View Any view Parameter None Description Using display qos global traffic statistic command you can view the traffic statistics information This command is used for displaying the traffic statistics information The information displayed includes the ACL corresponding to the traffic to be counted and the number of packets counted The statistics i...

Page 447: ...ching the classification rule 2 1 6 display qos interface queue scheduler Syntax display qos interface interface name interface type interface num queue scheduler View Any view Parameter interface name interface type interface num Specifies a port of the switch For detailed information refer to the port command manual Description Using display qos interface queue scheduler command you can view the...

Page 448: ...with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered interface interface name interface type interface num Specifies the destination port where the traffic will be mirror interface num specifies the port number interface num an...

Page 449: ...witch replaces the 802 1p priority carried by a packet with the port priority Every port of Ethernet switch supports four packet egress queues The switch puts the packets into different egress queues according to their priorities You can set a priority for a port and replace the 802 1p priority carried in the packet with it After transmitting a packet the switch will replace the packet 802 1p prio...

Page 450: ...dway Ethernet0 1 priority trust 2 1 10 qos cos local precedence map Syntax qos cos local precedence map cos0 map local prec cos1 map local prec cos2 map local prec cos3 map local prec cos4 map local prec cos5 map local prec cos6 map local prec cos7 map local prec undo qos cos local precedence map View System view Parameter cos0 map local prec Specifies the mapping value of COS 0 local prec which r...

Page 451: ...ce map Using undo qos cos local precedence map command you can restore its default value By default the system provides the default COS Local precedence mapping relationship Table 2 5 The default COS Local precedence map COS Value Local Precedence 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7 If needed you can change COS Local precedence map using the command Example Configure COS Local precedence map Quidway q...

Page 452: ... weight Specifies the weight percent of bandwidth assigned 1 queue2 weight Specifies the weight of the queue 2 queue3 weight Specifies the weight of the queue 3 queue4 weight Specifies the weight of the queue 4 Description Using queue scheduler command you can configure the queue scheduler and the related parameters Using undo queue scheduler command you can restore the default queue scheduler By ...

Page 453: ...mber ranging from 4000 to 4999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered Description Using reset traffic statistic command you can reset the traffic statistics information This command...

Page 454: ...rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered link group acl number acl name rule rule Specifies a Layer 2 ACL acl number Specifies the ACL sequence number ranging from 4000 to 4999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule o...

Page 455: ...le rule Specifies a Layer 2 ACL acl number Specifies the ACL sequence number ranging from 4000 to 4999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered Description Using traffic statistic com...

Page 456: ...ecedence map View Any view Parameter None Description Using display qos cos local precedence map command you can view COS Local precedence map Example Display COS Local precedence map Quidway display qos cos local precedence map cos local precedence map cos 0 1 2 3 4 5 6 7 local precedence 2 0 1 3 4 5 6 7 2 2 2 display qos global all Syntax display qos global all View Any view Parameter None Descr...

Page 457: ... Ethernet0 2 Matches acl std1 rule 1 running Redirected to interface Ethernet0 2 traffic statistic Matches acl std1 rule 0 running 0 byte 0 packet Matches acl std1 rule 1 running 0 byte 0 packet mirrored to Matches acl std1 rule 0 running Mirrored to Ethernet0 1 Matches acl std1 rule 1 running Mirrored to Ethernet0 1 Table 2 8 the display Information Field Description traffic priority Matches acl ...

Page 458: ...std1 rule 0 running indicates the classification rule to the traffic 0 byte 0 packet indicates the statistic information for the packets matching the classification rule mirrored to Matches acl std1 rule 0 running Mirrored to Ethernet0 1 Matches acl std1 rule 1 running Mirrored to Ethernet0 1 Indicates the mirroring configuration of the switch Matches acl std1 rule 0 running indicates the classifi...

Page 459: ...e mirroring configuration of the switch Matches acl std1 rule 0 running indicates the classification rule to the traffic Mirrored to Ethernet0 1 indicates the monitor port for the packets matching the classification rule 2 2 4 display qos global traffic priority Syntax display qos global traffic priority View Any view Parameter None Description Using display qos global traffic priority command you...

Page 460: ... indicates the classification rule to the traffic Priority action dscp ef indicates the action of resetting the priority of the packets matching the classification rule 2 2 5 display qos global traffic redirect Syntax display qos global traffic redirect View Any view Parameter None Description Using display qos global traffic redirect command you can view the settings of the redirection This comma...

Page 461: ...t port for the packets matching the classification rule 2 2 6 display qos global traffic statistic Syntax display qos global traffic statistic View Any view Parameter None Description Using display qos global traffic statistic command you can view the traffic statistics information This command is used for displaying the traffic statistics information The information displayed includes the ACL cor...

Page 462: ...s the statistic information for the packets matching the classification rule 2 2 7 display qos interface all Syntax display qos interface interface name interface type interface num all View Any view Parameter interface name interface type interface num Specifies a port of the switch For detailed information refer to the port command manual Description Using display qos interface all command you c...

Page 463: ...ication rule to the traffic Target rate 4 Mbps indicates the s the normal rate for the packets matching the classification rule Exceed action drop indicates the action to the traffic which match the classification rule but exceed the normal rate The action can be drop or remark dscp Ethernet0 2 line rate Line rate 3 Mbps Indicates the line rate configuration of the port Line rate 3 Mbps indicates ...

Page 464: ...ne rate configuration of the port Line rate 3 Mbps indicates the general packet sending rate on a port 2 2 9 display qos interface traffic limit Syntax display qos interface interface name interface type interface num traffic limit View Any view Parameter interface name interface type interface num Specifies a port of the switch For detailed information refer to the port command manual Description...

Page 465: ...rule 0 running Target rate 4 Mbps Exceed action drop Indicates the traffic limit configuration of the port Inbound indicates system only treats the traffic received by the port Matches acl 2000 rule 0 running indicates the classification rule to the traffic Target rate 4 Mbps indicates the s the normal rate for the packets matching the classification rule Exceed action drop indicates the action to...

Page 466: ...fies the general packet sending rate on a port ranging from 1 to 100 measured in Mbps Description Using line rate command you can configure the limitation of the rate to restrict the general speed of sending packets through the port Using undo line rate command you can cancel the limitation of the rate This command is used for configuring the general limitation of rate on the port for sending pack...

Page 467: ...le rule Specifies a Layer 2 ACL acl number Specifies the ACL sequence number ranging from 4000 to 4999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered interface interface name interface type...

Page 468: ...switch replaces the 802 1p priority carried by a packet with the port priority Every port of Ethernet switch supports four packet egress queues The switch puts the packets into different egress queues according to their priorities You can set a priority for a port and replace the 802 1p priority carried in the packet with it After transmitting a packet the switch will replace the packet 802 1p pri...

Page 469: ...dway Ethernet0 1 priority trust 2 2 15 qos cos local precedence map Syntax qos cos local precedence map cos0 map local prec cos1 map local prec cos2 map local prec cos3 map local prec cos4 map local prec cos5 map local prec cos6 map local prec cos7 map local prec undo qos cos local precedence map View System view Parameter cos0 map local prec Specifies the mapping value of COS 0 local prec which r...

Page 470: ...e map Using undo qos cos local precedence map command you can restore its default value By default the system provides the default COS Local precedence mapping relationship Table 2 16 The default COS Local precedence map COS Value Local Precedence 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7 If needed you can change COS Local precedence map using the command Example Configure COS Local precedence map Quidway q...

Page 471: ... queue 3 queue4 weight Specifies the weight of the queue 4 wrr max delay queue1 weight queue2 weight queue3 weight queue4 weight maxdelay Configures to perform Delay bounded WRR scheduler queue1 weight Specifies the weight percent of bandwidth assigned 1 queue2 weight Specifies the weight of the queue 2 queue3 weight Specifies the weight of the queue 3 queue4 weight Specifies the weight of the que...

Page 472: ...es a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered ip group acl number acl name rule rule Specifies a basic or advanced ACL acl number Specifies the ACL sequence number ranging from 2000 to 3999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Speci...

Page 473: ...traffic limit Syntax traffic limit inbound user group acl number acl name rule rule ip group acl number acl name rule rule link group acl number acl name rule rule target rate exceed action undo traffic limit inbound user group acl number acl name rule rule ip group acl number acl name rule rule link group acl number acl name rule rule View Ethernet port view Parameter inbound Configures to limit ...

Page 474: ...raffic limit command you can enable ACL traffic identification and perform limiting the rate of the traffic matching the specified ACL whose action is permit Using undo traffic limit command you can cancel the traffic limit Example Limit rate of the traffic matching the ACL 2000 rules on Ethernet0 1 whose action is permit The normal traffic rate is set to 50Mbps Drop the packets exceeding the traf...

Page 475: ...this parameter all the rules will be considered dscp dscp value Specifies DSCP preference ranging from 0 to 63 ip precedence pre value from cos Specifies IP preference pre value specifies the IP preference ranging from 0 to 7 from cos indicates to set the IP preference to the same as that of 802 1p of the packet cos pre value from ipprec Specifies 802 1p preference pre value specifies the 802 1p p...

Page 476: ...me with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Specifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered link group acl number acl name rule rule Specifies a Layer 2 ACL acl number Specifies the ACL sequence number ranging from 4000 to 4999 acl name Specifies the ACL name wit...

Page 477: ...ifies a rule of an ACL ranging from 0 to 127 If you do not set this parameter all the rules will be considered ip group acl number acl name rule rule Specifies a basic or advanced ACL acl number Specifies the ACL sequence number ranging from 2000 to 3999 acl name Specifies the ACL name with a character string starting with English letters a z A Z and excluding space and quotation mark rule rule Sp...

Page 478: ... 2000 rules with action permit Quidway traffic statistic ip group 2000 2 3 QoS Configuration Commands of S3552 Series Switches S3552 Series Ethernet Switches include S3552G S3552P S3528G and S3528P Ethernet Switches 2 3 1 display mirror Syntax display mirror View Any view Parameter None Description Using the display mirror command you can view port mirroring configuration including monitored ports...

Page 479: ...6 or 0 8 10 16 in which blank space must be inserted between values If you input nothing for it the whole mapping table will be displayed local precedence cos map Displays Local precedence Conform level 802 1p priority mapping table Description Using the display qos conform level command you can view DSCP Conform level Service group and Local precedence Conform level 802 1p priority mapping tables...

Page 480: ...e cos map Local prec 0 1 2 3 4 5 6 7 cos 2 0 1 3 4 5 6 7 2 3 3 display qos cos drop precedence map Syntax display qos cos drop precedence map View Any view Parameter None Description Using the display qos cos drop precedence map command you can view CoS Drop precedence mapping table Example Display CoS Drop precedence mapping table Quidway display qos cos drop precedence map cos drop precedence ma...

Page 481: ... mapping table Quidway display qos cos local precedence map cos local precedence map cos 0 1 2 3 4 5 6 7 local precedence 2 0 1 3 4 5 6 7 2 3 5 display qos global all Syntax display qos global all View Any view Parameter None Description Using the display qos global all command you can view all QoS configuration items Example Display all QoS configuration items Quidway display qos global all 2 3 6...

Page 482: ...os interface all 2 3 7 display qos interface drop mode Syntax display qos interface interface name interface type interface num drop mode View Any view Parameter interface name interface type interface num Port of the switch Description Using the display qos interface drop mode command you can view drop mode for outbound port queues If you specify a port only its drop mode is displayed Otherwise d...

Page 483: ...ponding parameter configuration If you specify a port only its queue scheduling mode is displayed Otherwise queue scheduling mode of all ports will be displayed For the related command see queue scheduler Example Display queue scheduling mode Quidway display qos interface queue scheduler Ethernet0 1 Port scheduling QID scheduling group weight 0 sp 0 1 sp 0 2 sp 0 3 wrr group1 25 4 sp 0 5 wrr group...

Page 484: ...If you specify a port only its traffic shaping configuration is displayed Otherwise the traffic shaping configuration of all ports will be displayed Example Display traffic shaping configuration of all ports Quidway Ethernet0 4 display qos interface traffic shape 2 3 10 display qos interface mirrored to Syntax display qos interface interface name interface type interface num mirrored to View Any v...

Page 485: ...ak information rate and monitor action configuration For the related command see traffic limit Example Display traffic limit configuration Quidway display qos interface traffic limit 2 3 12 display qos interface traffic priority Syntax display qos interface interface name interface type interface num traffic priority View Any view Parameter interface name interface type interface num Port of the s...

Page 486: ... corresponding ACL and port For the related command see traffic redirect Example Display traffic redirection configuration Quidway display qos interface traffic redirect 2 3 14 display qos interface traffic statistic Syntax display qos interface interface name interface type interface num traffic statistic View Any view Parameter interface name interface type interface num Port of the switch Descr...

Page 487: ...system resources And then no packets are put into long delay queues The following two drop modes are available z Tail drop mode Different queues red yellow and red are allocated with different drop thresholds When these thresholds are exceeded respectively excessive packets will be dropped z WRED drop mode Drop precedence is taken into account in action When only min thresholds of red yellow and g...

Page 488: ...tore its default values You must enter a specific conform level view to configure the DSCP Conform level Service group mapping table of that level For example when you enter conform level 0 view you can only modify the mapping table of conform level 0 Example Configure the DSCP Conform level Service group mapping table of conform level 0 Quidway conform level 0 dscp 0 0 0 0 0 0 Quidway conform lev...

Page 489: ...value3 cos value4 cos value5 cos value6 cos value7 undo local precedence View Conform level view Parameter cos value0 802 1p priority value corresponding to Local precedence 0 in the range of 0 7 cos value1 802 1p priority value corresponding to Local precedence 1 in the range of 0 7 cos value2 802 1p priority value corresponding to Local precedence 2 in the range of 0 7 cos value3 802 1p priority...

Page 490: ...nter a specific conform level view to configure the Local precedence Conform level 802 1p priority mapping table of that level For example when you enter conform level 0 view you can only modify the mapping table of conform level 0 Example Configure Local precedence Conform level 802 1p priority mapping table of conform level 0 Quidway conform level 0 local precedence 0 1 2 3 5 5 6 7 The following...

Page 491: ... link group acl number acl name rule rule One rule in IP ACL and one rule in Link ACL ip group acl number acl name rule rule link group acl number acl name rule rule One rule in IP ACL and all rules in Link ACL ip group acl number acl name rule rule link group acl number acl name z ip group acl number acl name activate the IP ACLs IP ACLs include basic advanced ACLs acl number Specifies the ACL nu...

Page 492: ...rt you must configure the direction of the monitored packets as inbound or both For the related command see display qos interface mirrored to Example Mirror the packets which match the permitted rules in ACL 2000 to the CPU Quidway Ethernet0 1 mirrored to inbound ip group 2000 cpu 2 3 19 mirroring port Syntax mirroring port port list inbound outbound both undo mirroring port port list inbound outb...

Page 493: ...me interface_type interface_num inbound outbound both undo monitor port interface_name interface_type interface_num inbound outbound both View System view Parameter interface_name interface_type interface_num Port of the switch inbound outbound both Indicates to monitor the packets of which direction Inbound means to monitor inbound packets outbound means to monitor outbound packets both means to ...

Page 494: ...ity command you can configure the local precedence values at a port Using the undo priority command you can restore the default values Upon receiving a packet the switch allocates a service group set to it The priority value is allocated according to this First obtain local precedence value based on CoS Local precedence mapping table If unsuccessful the local precedence value of receive port will ...

Page 495: ...level Syntax qos conform level conform level value View System view Parameter conform level conform level value Conform level in the range of 0 2 Description Using the qos conform level command you can create a conform level and enter it The switch supports three conform levels numbered respectively as 0 1 and 2 Input the corresponding number to enter the desired conform level view in which you ca...

Page 496: ...ecedence mapping value in the range of 0 2 Cos7 map drop prec CoS 7 drop precedence mapping value in the range of 0 2 Description Using the qos cos drop precedence map command you can configure CoS Drop precedence mapping table Using the undo qos cos drop precedence map command you can restore its default setting The following is the default CoS Drop precedence mapping table Table 2 22 Default CoS...

Page 497: ...map local prec cos5 map local prec cos6 map local prec cos7 map local prec undo qos cos local precedence map View System view Parameter cos0 map local prec CoS 0 Local precedence mapping value in the range of 0 7 cos1 map local prec CoS 1 Local precedence mapping value in the range of 0 7 cos2 map local prec CoS 2 Local precedence mapping value in the range of 0 7 cos3 map local prec CoS 3 Local p...

Page 498: ...e mapping table CoS Value Local Precedence 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7 Upon receiving a packet the switch allocates a service group set to it including CoS value local precedence value drop precedence The allocation rule is based on the packet 802 1p priority use the 802 1p priority value as the CoS value obtain local precedence value and drop precedence respectively from CoS Local precedence ...

Page 499: ... id Outbound queue ID in the range of 0 7 green min threshold Minimum average queue length to trigger random green packet dropping in the range of 0 65535 green max threshold Maximum average queue length to trigger complete green packet dropping in the range of 0 65535 green max prob Maximum drop probability for green packets in the range of 1 15 It indicates the drop probability of the green pack...

Page 500: ... length follows the actual queue length quickly if it is large the average queue length follows the actual queue length slowly By default it is 9 Description Using the queue command you can configure parameters for a WRED index Using the undo queue command you can restore the default values for the WRED index The switch provides four sets of default WRED parameters respectively numbered as 0 3 Eac...

Page 501: ...into WRR priority group 2 Then a queue will selected respectively from theses three groups according to their own scheduling algorithms Then these three selected queues will scheduled in SP algorithm Note You must follow these rules to group eight outgoing queues at a port z The queues in one group must have consecutive queue numbers For example queue 3 4 and 5 have consecutive queue numbers and t...

Page 502: ...rule rule Sub item of the ACL optional in the range of 0 127 If you specify no rule all sub items will be selected link group acl number acl name rule rule L2 ACL acl number ACL index in the range of 4000 4999 acl name ACL name a character string starting with English alphabets a z A Z without blank space or quotation marks between rule rule Sub item of the ACL optional in the range of 0 127 If yo...

Page 503: ... acl name rule rule One rule in IP ACL and all rules in Link ACL ip group acl number acl name rule rule link group acl number acl name z ip group acl number acl name activate the IP ACLs IP ACLs include basic advanced ACLs acl number Specifies the ACL number ranging from 2000 to 3999 acl name Specifies the ACL name with a character string started with English letters that is a to z A to Z excludin...

Page 504: ...s and ebs is byte Note If you choose untrusted mode for a specific traffic in traffic priority operation that is you manually specify a service group for the designated traffic then the traffic limit and traffic statistic operations are invalid for this traffic If you choose traffic limit and traffic statistic however then the untrusted mode is invalid To the same data traffic you cannot set both ...

Page 505: ...le in IP ACL ip group acl number acl name rule rule All rules in Link ACL link group acl number acl name Only one rule in Link ACL link group acl number acl name rule rule All rules in IP ACL and one rule in Link ACL ip group acl number acl name link group acl number acl name rule rule One rule in IP ACL and one rule in Link ACL ip group acl number acl name rule rule link group acl number acl name...

Page 506: ...ity command you can cancel service groups for a designated traffic type The following modes are available in configuration service groups for a designated traffic type 1 The switch allocates service groups when it receives packets You just select the auto keyword in the command for this mode 2 Choose service groups for packets based on their DSCP values and conform levels and get them from DSCP Co...

Page 507: ...face name interface type interface num next hop ip addr1 ip addr2 undo traffic redirect inbound acl rule View Ethernet port view Parameter acl rule the rule of ACL only the rules including these elements defined in template can be sent to target hardware and referenced for such QoS functions as packet filtering traffic policing priority re labeling Otherwise the rules cannot be activated on the ha...

Page 508: ...e ACL will be activated cpu Redirects packets to the CPU interface interface name interface type interface num Redirects packets to the designated Ethernet port For interface type you can only choose Ethernet interface num and interface type together identify a port In function interface name is equivalent to interface type plus interface num next hop ip addr1 ip addr2 Redirects packets to a desig...

Page 509: ...ueue depth The maximum depth of a queue ranging from 128 to 2048 and must be the multiple of 16 If the parameter queue queue id is not specified in the command this parameter is used to specify the queue depth of a port otherwise it specifies the queue depth of the corresponding queue Description Using the traffic shape command you can enable traffic shaping to transmit packets at relatively avera...

Page 510: ...size of queue Example Run traffic shaping on all traffic at the current port with max rate being 650kbps burst size being 8 kbytes and queue depth being 80 kbytes Quidway Ethernet0 1 traffic shape 650 8 80 2 3 33 traffic statistic Syntax traffic statistic inbound acl rule undo traffic statistic inbound acl rule View Ethernet port view Parameter acl rule the rule of ACL only the rules including the...

Page 511: ...e ACL name with a character string started with English letters that is a to z A to Z excluding space and quotation marks z rule rule Specifies the rule in the ACL to be activated ranging from 0 to 127 If it is not specified all the rules in the ACL will be activated Description Using the traffic statistic command you can enable the ACL and configure traffic statistics only available to the permit...

Page 512: ...er it Using the undo wred command you can restore default setting By default the switch provides four sets of WRED parameters respectively numbered as 0 3 The WRED parameters include green min threshold green max threshold green max prob yellow min threshold yellow max threshold yellow max prob red min threshold red max threshold red max prob and exponent See the QoS ACL module in Operation Manual...

Page 513: ...99 inbound Perform ACL control over the users that telnet to the local switch outbound Perform ACL control over the users that telnet to other switches from the local switch Description Using acl command you can call an ACL and perform ACL control over the TELNET users This command calls numbered basic ACL only Example Performs ACL control over the users that telnet to the local switch Suppose ACL...

Page 514: ...uppose ACL 2020 has been defined Quidway ip http acl 2020 3 1 3 snmp agent community Syntax snmp agent community read write community name mib view view name acl acl number undo snmp agent community community name View System view Parameter read Indicate that MIB object can only be read write Indicate that MIB object can be read and written community name Community name character string mib view v...

Page 515: ...te view notify view notify view acl acl number undo snmp agent group v3 group name authentication privacy View System view Parameter v1 Configure to use V1 safe mode v2c Configure to use V2c safe mode v3 Configure to use V3 safe mode groupname Group name ranging from 1 to 32 bytes read view Configures to allow read only view settings readview Read only view name ranging from 1 to 32 bytes write vi...

Page 516: ...agent usm user v3 user name group name authentication mode md5 sha auth password privacy mode des56 priv password acl acl number undo snmp agent usm user v3 user name group name local engineid engineid string View System view Parameter v1 Configure to use V1 safe mode v2c Configure to use V2c safe mode v3 Configure to use V3 safe mode username Specify the user name ranging from 1 to 32 bytes group...

Page 517: ...t usm user command you can add a new user to a SNMP group and perform the ACL control to the user through the parameter acl acl number Using undo snmp agent usm user command you can cancel a user from corresponding SNMP group meanwhile delete the configuration of ACL control Example Adds a user huawei for huaweigroup an SNMP group configures to authenticate with HMAC MD5 96 and sets authentication...

Page 518: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Integrated Management ...

Page 519: ...4 ndp timer aging 2 5 2 1 5 reset ndp statistics 2 6 2 2 NTDP Configuration Commands 2 7 2 2 1 display ntdp 2 7 2 2 2 display ntdp device list 2 8 2 2 3 ntdp enable 2 9 2 2 4 ntdp explore 2 10 2 2 5 ntdp hop 2 11 2 2 6 ntdp timer 2 12 2 2 7 ntdp timer hop delay 2 12 2 2 8 ntdp timer port delay 2 13 2 3 Cluster Configuration Commands 2 14 2 3 1 add member 2 14 2 3 2 administrator address 2 15 2 3 3...

Page 520: ...ent Quidway S3500 Series Ethernet Switches Table of Contents Huawei Technologies Proprietary ii 2 3 15 logging host 2 27 2 3 16 port tagged 2 28 2 3 17 reboot member 2 29 2 3 18 snmp host 2 29 2 3 19 tftp server 2 30 2 3 20 timer 2 31 ...

Page 521: ...d information will indicate that the local switch is the master switch and indicate the number of switches in the stack Using the command with members the member information of the stack will be displayed including stack number of master slave switches stack name stack device name MAC address and status When using this command on a slave switch the displayed information will indicate that the loca...

Page 522: ... Name of member switch Device Device type of member switch such as S3526 etc MAC Address Mac address of member switch Member status Status of member switch the member switch can be administrator or member IP 172 31 0 1 16 IP address of member switch 1 1 2 stacking Syntax stacking num View User view Parameter num Number of the slave switch to be switched to Description Using stacking command you ca...

Page 523: ...le View System view Parameter None Description Using stacking enable command you can establish a stack Using undo stacking enable command you can cancel the stack After entering this command the system will automatically add the switches connected to the stack ports of the master switch to the stack User can only operate on the master switch to delete a stack After a stack has been established the...

Page 524: ...e default IP address configuration of the stack By default no IP pool is configured Before establishing a stack the user should firstly set the optional IP address range in the public network for a stack Then the master switch will automatically distribute the applicable IP addresses for the slave switches to add to the stack This command can only be used on the non stack switches After a stack is...

Page 525: ...terface_num interface_name 1 10 interface_type specifies the port type interface_num specifies the port number expressed as slot number port number Key word to helps specify a port range Description Using display ndp command you can view global NDP configuration information including NDP packet interval NDP information hold time and neighbor information of all the ports Example Display global NDP ...

Page 526: ...ernet0 9 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface Ethernet0 10 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface Ethernet0 11 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface Ethernet0 12 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface Ethernet0 13 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface Ethernet0 14 Status Enabled Pkts Snd 0 Pkts Rvd 0...

Page 527: ...fc00 0003 Port Name Ethernet0 23 Software Ver VRP3 10 Device Name Quidway S3526 Port Duplex AUTO Product Ver 3526 0001C Interface Ethernet0 24 Status Enabled Pkts Snd 0 Pkts Rvd 0 Pkts Err 0 Interface GigabitEthernet2 1 Status Enabled Pkts Snd 4 Pkts Rvd 5 Pkts Err 0 Table 2 1 Information about NDP configuration the NDP neighbors discovered by a port Field Description Neighbor Discovery Protocol i...

Page 528: ...bor device 2 1 2 ndp enable Syntax ndp enable interface port list undo ndp enable interface port list View System view or Ethernet port view Parameter interface port list Specifies a list of ports isolated from the specified port A list may contain consecutive or separated ports or the combination of consecutive and separated ports The parameter is expressed as interface_type interface_num interfa...

Page 529: ... packet interval A device shall refresh the NDP information of its adjacent nodes in time to maintain timely information as the adjacent nodes change You can use configuration command to adjust the NDP refreshing frequency Example Configure to transmit NDP packets every 80 seconds Quidway ndp timer hello 80 2 1 4 ndp timer aging Syntax ndp timer aging aging in secs undo ndp timer aging View System...

Page 530: ...ing time of NDP packet as 60 so that an adjacent device will discard the NDP packets from the local device 60 seconds after receiving them Quidway ndp timer aging 60 2 1 5 reset ndp statistics Syntax reset ndp statistics interface port list View User view Parameter interface port list Specifies a list of ports isolated from the specified port A list may contain consecutive or separated ports or th...

Page 531: ... This command is used for displaying the global NTDP information Example Display the global NTDP information Quidway display ntdp NTDP is running Hops 3 Timer 0 min Hop Delay 200 ms Port Delay 20 ms Last collection total time 2216ms Table 2 2 Description of global NTDP configuration information Field Description NTDP is running The global NTDP is enabled on the local device Hops Hops for topology ...

Page 532: ...Quidway display ntdp device list MAC HOP IP PLATFORM 00e0 fc10 0000 1 Quidway S3526 00e0 fc07 3c00 3 Quidway S3526 00e0 fc07 4de0 2 192 169 121 257 25 Quidway S3526 00e0 fc07 0bc0 0 Quidway S3526 Table 2 3 Description of device list information collected through NTDP Field Description MAC MAC address of the device HOP Hops to the collecting device PLATFORM Platform information about device IP IP a...

Page 533: ... Version Huawei Versatile Routing Platform Software VRP tm Software Version 3 10 Quidway S3026 Software Version 3026 005 RELEASE SOFTWARE Copyright c 2000 2002 By HUAWEI TECH CO LTD Cluster Candidate device Stack Candidate device Peer MAC Peer Port ID Native Port ID Speed Duplex 00e0 fc07 4de0 Ethernet0 14 Ethernet0 8 100 FULL Table 2 4 Description of detail information of devices collected throug...

Page 534: ...l the NTDP information on the switch will be cleared and the switch will discard all the NTDP packets and stop transmitting NTDP request The user can use this command to enable disable NTDP on a specified port to decide through which port to transmit receive and forward NTDP packets After the global NTDP and port NTDP have been enabled the NTDP packets can be transmitted received and forwarded via...

Page 535: ... value Indicate the maximum hops that the device collected can be away from the topology collecting device ranging from 1 to 16 By default the value is 3 Description Using ntdp hop command you can configure a limit to the hops for topology collection to collect the topology information of the devices among determined range so that infinitive collection can be avoided Using undo ntdp hop command yo...

Page 536: ... default topology collection interval By default the interval of periodic topology collection is 0 minute i e no regular topology collection will be performed In order to learn the topology changes in time it is necessary to regularly collect the topology information throughout the whole scope specified This can show any topological changes some of which may be omitted by the partial collection Ex...

Page 537: ...long it shall wait before the first port forwards the request Example Configure that the collected device receives NTDP request and delays for 300ms before transmitting the NTDP packet to the first port Quidway ntdp timer hop delay 300 2 2 8 ntdp timer port delay Syntax ntdp timer port delay time undo ntdp timer port delay View System view Parameter time The delay before forwarding the topology re...

Page 538: ...e should be authenticated A candidate without password need not input password If password different from the password of the administrator device has been configured on the candidate device a user has to input that password before adding the candidate device to the cluster Description Using add member command you can add a candidate device to a cluster This command can be executed on the administ...

Page 539: ...al subtraction sign and underline _ Description Using administrator address command you can store such information as administrator device address and cluster name related to a cluster on a member device and add a candidate to a cluster Using undo administrator address command you can cancel a member from the cluster and make it a candidate again This command is used for saving configuration infor...

Page 540: ...nd on an administrator device the system will collect the candidates directly The recover parameter is used for recover a cluster Using the auto build recover command you can find the members left the member list and add them to the cluster again Note Ensure that NTDP is enabled because it is the basis of candidate and member collection The collection range is also decided through NTDP You can use...

Page 541: ...d becomes the administrator device and will be assigned with a fixed member number of 0 This command can be executed on an administrator device or a command capable device Using it on an administrator device you can rename a cluster Using it on a candidate device you can create a cluster Example Configure the current switch as the administrator device and specifies HUAWEI as the cluster name Quidw...

Page 542: ...se it on a member device the system will exit the cluster and disable the cluster function on it Note If the cluster function is disabled you cannot create a cluster on the device or add it to a cluster Example Enable the cluster function of a switch Quidway cluster enable 2 3 7 cluster switch to Syntax cluster switch to member num mac address H H H administrator View User view Parameter member nu...

Page 543: ...to the administrator device After passing the authentication the system will enter the user view automatically When executed on the administrator device if the specified member number n is omitted the error message will be on display Enter quit to stop the switchover operation Example Switch from the administrator device to member device 6 and then switches back to the administrator device Huawei_...

Page 544: ...command can be performed on both administrator device and member device but the displays are different In the administrator device there are cluster name member number handshake interval holdtime address pool and the server of cluster In the member device there are member number MAC address of administrator device and the state of administrator device Example Display information about cluster on t...

Page 545: ...ured The corresponding configuration of the cluster Display information about cluster on the member device Quidway display cluster Cluster name sss Role Member Member number 1 Handshake timer 10 sec Handshake hold time 60 sec Administrator device mac address 00e0 fc00 0003 Administrator status Up Table 2 6 Description of cluster status and statistics information Field Description Cluster name Name...

Page 546: ...System view to specify the collection range This command displays the candidate device collected by NTDP last time In order to ensure the correctness of display you can manually perform a collection first or set the NTDP to run collection periodically Example Display all the candidate devices lists Quidway display cluster candidates MAC HOP IP PLATFORM 00e0 fc10 0000 1 Quidway S3526 00e0 fc07 3c00...

Page 547: ...dministrator device IP IP address Platform Platform of the candidate device 2 3 11 display cluster members Syntax display cluster members member num verbose View Any view Parameter member num Cluster member number ranging from 0 to 255 verbose Display the detailed information about all the member devices Description Using display cluster command you can view the information of cluster member This ...

Page 548: ...ce Status Status of the device Name Name of the device Display the detailed configuration information about the administrator device and all member devices Quidway display cluster members verbose Member number 0 Name Huawei_0 Quidway Device Quidway S3526 MAC Address 00e0 fc07 0bc0 Member status Cmdr Hops to administrator device 0 IP 1 1 200 210 16 Version Huawei Versatile Routing Platform Software...

Page 549: ...m Software VRP tm Software Version 3 10 Copyright c 2000 2002 By HUAWEI TECH CO LTD Quidway S3526 3526 003 Table 2 9 Description of detail information Field Description Member number Device member number Name Name of the device Device Device type MAC Address MAC address of the device Member Status Status of the device Hops to administrator device The hops from current member device to the administ...

Page 550: ...0 9 2 3 13 holdtime Syntax holdtime seconds undo holdtime View Cluster view Parameter seconds Valid holdtime in seconds ranging from 1 to 255 By default the valid holdtime is 60 seconds Description Using holdtime command you can configure the valid holdtime of a switch Using undo holdtime command you can restore the default value of holdtime After missing 3 times of handshake if the switch still c...

Page 551: ...ol command you can restore the default IP address configuration of the cluster By default no IP pool is configured Before setting up a cluster the user should configure a private IP address pool for the member devices of the cluster When a candidate device is added the administrator device will dynamically assign a private IP address which can be used for communication inside the cluster In this w...

Page 552: ...he members can send log information to logging host via the administrator device Example Configure the IP address of the logging host on the administrator device Huawei_0 Quidway cluster logging host 1 0 0 9 2 3 16 port tagged Syntax port tagged vlan vlanid undo port tagged View Cluster view Parameter vlanid ID of management VLAN which can be configured as 1 only Description Using port tagged comm...

Page 553: ...between the administrator device and member devices may be interrupted due to some configuration errors the member device can be controlled via the remote control function of member device For example you can delete the booting configuration file and reset the member device to restore the normal communication between administrator device and member device When using the reboot member command the u...

Page 554: ...ce Example Configure the IP address of SNMP host for the cluster on the administrator device Huawei_0 Quidway cluster snmp host 1 0 0 9 2 3 19 tftp server Syntax tftp server ip address undo tftp server View Cluster view Parameter ip address IP address of TFTP server configured for the cluster Description Using tftp server command you can configure the public TFTP server for the cluster members on ...

Page 555: ...scription Using timer command you can configure the interval of handshake packets Using undo timer command you can restore the default value of the interval Inside a cluster the member devices communicate with the administrator device through transmitting handshake packets The regular handshake can help the user monitor the states of cluster members and links This command can only be executed on t...

Page 556: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual STP ...

Page 557: ...ost 1 12 1 1 14 stp priority 1 13 1 1 15 stp port priority 1 14 1 1 16 stp root primary 1 15 1 1 17 stp root secondary 1 16 1 1 18 stp interface 1 17 1 1 19 stp interface edged port 1 18 1 1 20 stp interface cost 1 19 1 1 21 stp interface port priority 1 21 1 1 22 stp interface loop protection 1 22 1 1 23 stp interface mcheck 1 22 1 1 24 stp interface point to point 1 23 1 1 25 stp interface root ...

Page 558: ...max age 1 34 1 1 38 stp transit limit 1 35 1 1 39 vlan mapping modulo 1 36 Chapter 2 BPDU TUNNEL Configuration Commands 2 1 2 1 BPDU TUNNEL Configuration Commands 2 1 2 1 1 vlan vpn tunnel 2 1 Chapter 3 Digest Snooping Configuration Commands 3 1 3 1 Digest Snooping Configuration Commands 3 1 3 1 1 stp config digest snooping 3 1 ...

Page 559: ...specially the VLAN mapping table of the MST region will lead to the recalculation of spanning tree and network topology flapping To bate such flapping MSTP applies the configured parameters and launches recalculation of the spanning tree only when you activate the configured MST region parameters or enable MSTP After you entered this command MSTP will apply the MST region parameters you configured...

Page 560: ...in the expected region due to any slight deviation You can use this command to display the MST region configuration information to be activated to know to which MST regions the switch belongs and check if the MST region configurations are correct For the related command see instance region name revision level vlan mapping modulo active region configuration Example Display the configuration informa...

Page 561: ...an view the state information and statistics information of the spanning tree The MSTP state and statistics information can help analyze and maintain the network topology and maintain the normal operation of MSTP If no STI ID or port list is specified the command will display the spanning tree information of all the instances on all the ports in port number order If the instance ID is specified th...

Page 562: ...information Count of TCN CONFIG BPDU RST and MST BPDU transmitted received via the port For the related command see reset stp Example Display the state and statistics information about the spanning tree Quidway display stp instance 0 interface ethernet0 1 to ethernet0 10 brief MSTID Port STP State Guard Type 0 Ethernet0 1 DOWN none 0 Ethernet0 2 DOWN none 0 Ethernet0 3 DOWN none 0 Ethernet0 4 DOWN...

Page 563: ...ons between VLANs and STIs All these configurations together determine to which MST region a switch belongs For the related command see stp region configuration Example Display the MST region configuration information Quidway display stp region configuration Oper Configuration Format selector 0 Region name huawei Revision level 0 Instance Vlans Mapped 0 21 to 4094 1 1 to 10 2 11 to 20 Table 1 3 th...

Page 564: ...o the specified STI Using undo instance command you can cancel the specified VLAN list from the specified STI the removed VLAN will then be mapped to the CIST i e the Instance 0 If no VLAN is specified in the undo command all the VLANs associated with the specified STI will be mapped to CIST By default all the VLANs are mapped to CIST i e the Instance 0 MSTP describes the association between VLANs...

Page 565: ...ng the region to which the switch belongs For the related command see instance revision level check region configuration vlan mapping modulo active region configuration Example Set the MST region name of the switch as huawei Quidway mst region region name huawei 1 1 7 reset stp Syntax reset stp interface interface list View User view Parameter interface list Ethernet port list containing multiple ...

Page 566: ...nd see display stp Example Clear the statistics information on the ports from Ethernet0 1 through Ethernet0 3 Quidway reset stp interface ethernet0 1 to ethernet0 3 1 1 8 revision level Syntax revision level level undo revision level View MST region view Parameter level Specifies the MSTP revision level ranging from 0 to 65535 By default MSTP revision level takes 0 Description Using revision level...

Page 567: ...or a port By default MSTP is disabled on the switch After MSTP is enabled the switch determines to run MSTP in STP compatible mode or MSTP mode per your configurations The switch serves as a transparent bridge after MSTP is disabled After MSTP is enabled it will dynamically maintain the spanning tree state of the corresponding VLAN according to the received configuration BPDU until it is disabled ...

Page 568: ...e the spanning tree which makes the network topology flap These ports will not receive any STP configuration BPDU in normal cases Anyway if someone maliciously attacks the switch with fake configuration BPDU the network will flap MSTP provides BPDU protection function to avoid such attack After configured with BPDU protection the switch will disable the edge port through MSTP which receives a BPDU...

Page 569: ... the user configured bridge diameter parameter MSTP will automatically set Hello Time Forward Delay and Max Age to moderate values When bridge diameter defaults to 7 the time parameters also take their respective default values For the related command see stp timer forward delay stp timer hello stp timer max age Example Set the diameter of the switching network to 5 Quidway stp bridge diameter 5 1...

Page 570: ...any other switches it will not receive the configuration BPDUs from them Before BPDU PROTECTION is enabled on the switch the port received a BPDU runs as a non edge port even if it is configured as edge port For the related command see stp interface edged port Example Configure Ethernet 0 1 as an edge port Quidway Ethernet0 1 stp edged port disable 1 1 13 stp cost Syntax stp instance instance id c...

Page 571: ...ut parameter instance instance id when configuring switch the configuration will only be effective on CIST The default values of the path cost varies with the different port speeds as described in the following table Table 1 4 Cost corresponding to the port speed Link speed Recommended value Recommended value range Value range 10Mbps 2 000 200 20000 1 200000 100Mbps 200 20 2000 1 200000 1Gbps 20 2...

Page 572: ...4096 1 1 15 stp port priority Syntax stp instance instance id port priority priority undo stp instance instance id port priority View Ethernet port view Parameter instance id Specifies the spanning tree instance ID ranging from 0 to 16 instance 0 is CIST port priority priority Specifies the port priority ranging from 0 to 240 with a step length of 16 e g 0 16 and 32 By default the priorities of a ...

Page 573: ...ecify the network diameter of the spanning tree ranging from 2 to 7 hello time centi senconds Specifies the Hello Time of the spanning tree ranging from 100 to 1000 and measured in centiseconds Description Using stp root primary command you can configure the current switch as the primary root of the designated STI Using undo stp root command you can cancel the current switch for the primary root o...

Page 574: ...ority of the switch Example Designate the current switch as the root bridge of STI 1 and specifies the diameter of the switching network as 4 and the Hello Time as 500 centiseconds Quidway stp instance 1 root primary bridge diameter 4 hello time 500 1 1 17 stp root secondary Syntax stp instance instance id root secondary bridge diameter bridgenum hello time centi senconds undo stp instance instanc...

Page 575: ...he other two parameters Forward Delay and Max Age of the switch can be determined To configure the current switch as the root bridge of CIST simply specify instance id as 0 You can configure only one root bridge for an STI and one or more secondary root bridges for it After a switch is configured as primary root switch or secondary root switch user can t modify the bridge priority of the switch Ex...

Page 576: ...ble MSTP on the port For the related command see stp mode stp Example Enable MSTP on Ethernet 0 1 in system view Quidway stp interface ethernet 0 1 enable 1 1 19 stp interface edged port Syntax stp interface interface list edged port enable disable undo stp interface interface list edged port View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expres...

Page 577: ...he edge port will not cause loop upon network topology changes Accordingly you can configure a port as an edge port so that it can transit to forwarding state fast For this purpose please configure the Ethernet port directly connected to the user terminal as an edge port Because the edge port is not connected to any other switches it will not receive the configuration BPDUs from them Before BPDU P...

Page 578: ... speed For details refer to the table in the configuration guideline You may specify the instance id parameter as 0 to configure CIST path cost of the port The path cost has effect on the port role selection A port can be configured with different path costs on different MSTIs Thus the traffic from different VLANs can run over different physical links thereby implementing the VLAN based load balan...

Page 579: ...port priority ranging from 0 to 240 with a step length of 16 e g 0 16 and 32 By default the port has a priority of 128 on every STI Description Using stp interface port priority command you can configure the priority of the specified port on the specified STI in system view Using undo stp interface port priority command you can restore the default priority If user doesn t input parameter instance ...

Page 580: ...eding parameters can be entered up to 10 times Description Using stp interface loop protection command you can enable loop protection on the switch in system view Using undo stp interface loop protection command you can restore the default loop protection state By default loop protection is disabled For the related command see stp loop protection Example Enable loop protection on the Ethernet 0 1 ...

Page 581: ... Example Set mcheck parameter of Ethernet 0 3 in system view Quidway stp interface ethernet 0 3 mcheck 1 1 24 stp interface point to point Syntax stp interface interface list point to point force true force false auto undo stp interface interface list point to point View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface _list inte...

Page 582: ...d all the MSTIs The settings of a port whether to connect the point to point link will be applied to all the STIs where the port belongs Note that a temporary loop may be redistributed if you configure a port not physically connected with the point to point link as connected to such a link by force For the related command see stp point to point Example Configure Ethernet 0 3 to be connected to the...

Page 583: ...nce Whenever such port receives a higher priority BPDU that is it is about to turn into non designated port it will be set to listening state and not forward packets any more as if the link to the port is disconnected If the port has not received any higher priority BPDU for a certain period of time thereafter it will resume the normal state For the related command see stp root protection Example ...

Page 584: ...me unit yet the more switch resources will be occupied With a moderate value the amount of the BPDUs transmitted during Hello Time via every port can be limited and MSTP will not occupy too many bandwidth resources when the network topology flaps For the related command see stp transit limit Example Set a limit of 5 to the packets transmitted via Ethernet 0 3 in system view Quidway stp interface e...

Page 585: ...k diameter supported by the local MST region As the BPDU traveling from the spanning tree root each time when it is forwarded by a switch the max hops will be reduced by 1 The switch discards the configuration BPDU with 0 hops left thereby limiting the network scale inside the region If the current switch is a CIST root bridge or MSTI root bridge in an MST region the Max Hops configured on it will...

Page 586: ...p mode stp rstp mstp undo stp mode View System view Parameter stp Configure the MSTP operation mode as STP compatible rstp Configure the MSTP operation mode as RSTP mstp Configure the MSTP operation mode as MSTP Description Using stp mode command you can configure MSTP operation mode of the switch Using undo stp mode command you can restore the default MSTP operation mode By default switch work in...

Page 587: ...the default state in which MSTP automatically detects if the link to the Ethernet port is point to point link By default switch adopts auto mode The port state can t be rapidly transited if the port doesn t connected with the point to point link The master ports of the link aggregation and the ports operating in full duplex mode are connected to the point to point link You are recommended to keep ...

Page 588: ...ult MSTP region configurations By default the three MST region parameters take the default values The MST region name of the switch is the first MAC address all the VLANs are mapped to CIST and MSTP revision level takes 0 You can enter MST region view using the stp region configuration command And then you can configure the parameters including region name revision level and VLAN mapping table of ...

Page 589: ...idge The port configured with Root protection only plays a role of designated port on every instance Whenever such port receives a higher priority BPDU it will be set to listening state and not forward packets any more as if the link to the port is disconnected If the port has not received any higher priority BPDU for a certain period of time thereafter it will resume the normal state For the rela...

Page 590: ... MAC address table and ARP table Example Enable TC BPDU protection on the switch Quidway stp tc protection enable 1 1 35 stp timer forward delay Syntax stp timer forward delay centi senconds undo stp timer forward delay View System view Parameter centi senconds Specifies Forward Delay ranging from 400 to 3000 and measured in centiseconds By default the Forward Delay of the switch is 1500 centiseco...

Page 591: ...r hello centi senconds undo stp timer hello View System view Parameter centi senconds Specifies Hello Time value with an integer in the range of 100 to 1000 in units of centiseconds By default the Hello Time of the switch is 200 centiseconds Description Using stp timer hello command you can configure Hello Time of the switch Using undo stp timer hello command you can restore the default Hello Time...

Page 592: ...iseconds Specifies the Max Age ranging from 600 to 4000 and measured with centiseconds By default the Max Age of the switch is 2000 centiseconds Description Using stp timer max age command you can configure the Max Age of the switch Using undo stp timer max age command you can restore the default Max Age MSTP can detect the link fault and automatically resume the forwarding state of the redundant ...

Page 593: ...o stp transit limit View Ethernet port view Parameter packetnum Specifies the amount limit to the transmitted packets ranging from 1 to 255 expressed as a counter value without any units By default the value is 3 Description Using stp transit limit command you can configure an amount limit to the configuration BPDU transmitted via a port during the Hello Time Using undo stp transit limit command y...

Page 594: ...mand to configure this table Every VLAN can be mapped to an STI as per your configuration A VLAN cannot be mapped to different MSTI at the same time The latter configured association will replace the former one The vlan mapping modulo modulo command designates VLAN for every STI fast It maps the VLAN to an STI whose ID is VLAN ID 1 modulo 1 Note VLAN ID 1 modulo performs modulo operation on VLAN I...

Page 595: ...Description Use the vlan vpn tunnel command to enable bridge protocol data unit BPDU Tunnel on the switch Use the undo vlan vpn tunnel command to disable BPDU Tunnel on the switch BPDU Tunnel enables geographically segmented user network to transmit BPDU packets transparently over the specified VLAN VPN on the operator s network This allows the user network to participate in a uniform spanning tre...

Page 596: ...anning tree protocol domain only when they are configured with the same domain settings With MSTP employed interconnected switches determine whether or not they are in the same domain by checking the configuration IDs of the BPDUs between them Configuration ID comprises information such as domain ID and configuration digest As some switches come with some proprietary protocols concerning STP emplo...

Page 597: ... same settings z To enable digest snooping all interfaces in a MSTP domain used to connect other switches must have digest snooping enabled z Do not enable digest snooping on border interfaces of a MSTP domain z To change domain configuration be sure to disable digest snooping first to prevent broadcast storm Example Enable digest snooping on GigabitEthernet1 0 1 interface Quidway system view Syst...

Page 598: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Security ...

Page 599: ...1 1 1 12 dot1x retry version max 1 12 1 1 13 dot1x supp proxy check 1 13 1 1 14 dot1x timer 1 14 1 1 15 dot1x version check 1 16 1 1 16 reset dot1x statistics 1 17 Chapter 2 Portal Configuration Commands 2 1 2 1 Portal Configuration Commands 2 1 2 1 1 debugging portal 2 1 2 1 2 display portal 2 2 2 1 3 portal 2 5 2 1 4 portal arp handshake 2 6 2 1 5 portal auth network 2 7 2 1 6 portal delete user...

Page 600: ...on enable 3 18 3 2 2 accounting optional 3 20 3 2 3 data flow format 3 20 3 2 4 display local server statistics 3 21 3 2 5 display radius 3 22 3 2 6 display radius statistics 3 23 3 2 7 display stop accounting buffer 3 24 3 2 8 key 3 25 3 2 9 local server 3 26 3 2 10 nas ip 3 27 3 2 11 primary accounting 3 28 3 2 12 primary authentication 3 29 3 2 13 radius nas ip 3 30 3 2 14 radius scheme 3 31 3 ...

Page 601: ...5 1 5 1 HABP Commands 5 1 5 1 1 display debugging habp 5 1 5 1 2 display habp 5 1 5 1 3 display habp table 5 2 5 1 4 display habp traffic 5 2 5 1 5 habp enable 5 3 5 1 6 habp server vlan 5 4 5 1 7 habp timer 5 4 Chapter 6 System guard Configuration Commands 6 1 6 1 System guard Configuration Commands 6 1 6 1 1 display system guard ip record 6 1 6 1 2 display system guard state 6 2 6 1 3 system gua...

Page 602: ...num specifies the interface number and interface name specifies the interface name For the respective meanings and value ranges read the Parameter of the Port Command Manual section Description Using display dot1x command you can view the relevant information of 802 1x including configuration information running state session connection information and relevant statistics information By default al...

Page 603: ... s Quiet Period 000060 s Value of Quiet Period Timer is disabled Supp Timeout 000030 s Value of Server Timeout 000100 s The maximal retransmitting times 000003 Handshake period 000015 s Total maximum on line user number is 1024 Total current on line user number is 0 Ethernet0 1 is link down 802 1X protocol is disabled Proxy trap checker is disabled Proxy logoff checker is disabled Version Check is...

Page 604: ...rrent device or on the specified port When it is used in system view if the parameter ports list is not specified 802 1x will be globally enabled If the parameter ports list is specified 802 1x will be enabled on the specified port When this command is used in Ethernet port view the parameter interface list cannot be input and 802 1x can only be enabled on the current port The configuration comman...

Page 605: ...kes It sends password in the form of simple text Challenge Handshake Authentication Protocol CHAP is a kind of authentication protocol with three handshakes It only transmits username but not password CHAP is more secure and reliable In the process of EAP authentication switch directly sends authentication information of 802 1x user to RADIUS server in the form of EAP packet It is not necessary to...

Page 606: ... the users who configure static IP addresses in DHCP environment Using undo dot1x dhcp launch command you can set 802 1x to enable the switch to trigger the authentication over them By default the switch can trigger the user ID authentication over the users who configure static IP addresses in DHCP environment For the related command see dot1x Example Disable the switch to trigger the authenticati...

Page 607: ...this parameter it means that to enable Guest VLAN on the specified port When you execute this command in Ethernet port view you can only enable Guest VLAN on the current port and the interface list parameter cannot be input Note the following z Guest VLAN is only supported in the port based authentication mode z A switch only can be configured with one Guest VLAN z Users who skip the authenticatio...

Page 608: ...mmand Manual section Description Using dot1x max user command you can configure a limit to the amount of supplicants on the specified interface of 802 1x Using undo dot1x max user command you can restore the default value This command is used for setting a limit to the amount of supplicants that 802 1x can hold on the specified interface This command has effect on the interface specified by the pa...

Page 609: ... 10 interface num specifies a single Ethernet interface in the format interface num interface type interface num interface name where interface type specifies the interface type interface num specifies the interface number and interface name specifies the interface name For the respective meanings and value ranges read the Parameter of the Port Command Manual section Description Using dot1x port c...

Page 610: ...nual section Description Using dot1x port method command you can configure the base for 802 1x to perform access control on the specified interface Using undo dot1x port method command you can restore the default access control base By default the value is macbased This command is used to set the base for 802 1x to perform access control namely authenticate the users on the specified interface Whe...

Page 611: ...r Using undo dot1x quiet period command you can disable this timer If an 802 1x user has not passed the authentication the Authenticator will keep quiet for a while which is specified by quiet period timer before launching the authentication again During the quiet period the Authenticator does not do anything related to 802 1x authentication By default quiet period timer is disabled For the relate...

Page 612: ...pecified it means that to enable the 802 1x re authentication feature on all interfaces if the interface list parameter is specified it means that to enable the feature on the specified interfaces In Ethernet port view the interface list parameter cannot be specified and you can use command only to enable the feature on the current interface Before configuring 802 1x re authentication feature on a...

Page 613: ...e only once 2 indicates that the switch is configured to transmit authentication request frame once again when no response is received for the first time and so on This command has effect on all the port after configuration For the related commands see display dot1x Example Configure the current device to transmit authentication request frame to the user for no more than 9 times Quidway dot1x retr...

Page 614: ...ap interface interface list undo dot1x supp proxy check logoff trap interface interface list View System view Ethernet Port view Parameter logoff Cuts network connection to a user upon detecting the use of proxy trap Sends trap message upon detecting a user using proxy to access the switch interface interface list Ethernet interface list including several Ethernet interfaces expressed in the forma...

Page 615: ...g the use of proxy on Ethernet 0 1 Ethernet 0 8 Quidway dot1x supp proxy check logoff Quidway dot1x supp proxy check logoff interface Ethernet 0 1 to Ethernet 0 8 Configure the switch to send trap message upon detecting the use of proxy on Ethernet 0 9 Quidway dot1x supp proxy check trap Quidway dot1x supp proxy check trap interface Ethernet 0 9 or Quidway dot1x supp proxy check trap Quidway inter...

Page 616: ...t timer of a Supplicant After the Authenticator sends Request Challenge request packet which requests the MD5 encrypted text the supp timeout timer of the Authenticator begins to run If the Supplicant does not respond back successfully within the time range set by this timer the Authenticator will resend the above packet supp timeout value Specify how long the duration of an authentication timeout...

Page 617: ...timeout timer as 150s Quidway dot1x timer server timeout 150 1 1 15 dot1x version check Syntax dot1x version check interface interface list undo dot1x version check interface interface list View System view Ethernet port view Parameter interface interface list Ethernet interface list represents multiple Ethernet interfaces in the format of interface list interface num to interface num 1 10 interfa...

Page 618: ...t interface num to interface num 1 10 interface num specifies a single Ethernet port in the format port num interface type interface num interface name where interface type specifies the port type interface num specifies the port number and interface name specifies the port name For the respective meanings and value ranges read the Parameter of the Port Configuration section Description Using rese...

Page 619: ...cm all arp handshake server tcp cheat View User view Parameter acm Enables authentication connection management ACM debugging that is the debugging for transitions between states related to authentication connection and management all Enables all Portal debugging arp handshake Enables address resolution protocol ARP handshake debugging server Enables Portal server debugging tcp cheat Enables TCP s...

Page 620: ...ion free IP addresses free user Displays configured authentication free users server server name Displays the information about the specified Portal server server statistics Displays the Portal server statistics tcp cheat statistics Displays TCP spoofing statistics ipaddress Displays the information about a user with the specified IP address portIndex Displays the user information about a specifie...

Page 621: ...cation the output displays Layer3 Free IP Free IP addresses The Portal server uses a free IP automatically Free User Authentication free users Portal Server The basic information of the Portal server including the IP address communication key port and URL for HTTP redirection ARP HandShake ARP handshake information including time interval and retry times VLAN Portal Configuration The following inf...

Page 622: ...5249 PT_MSG_ARP_FAIL 0 PT_MSG_TMR_ACL 0 PT_MSG_TMR_MAC 0 PT_MSG_TMR_NIP 0 ERROR Statistics MEM Error 0 RCV MSG ERR 0 SND MSG ERR 0 Table 2 2 Description on the fields of the display portal acm statistics command Field Description ACM Statistics ACM statistics WAIT_MAC_ACK Timeout waiting for MAC address acknowledgement For Layer 3 Portal authentication it is 0 DISCOVERED The number of discovered u...

Page 623: ..._ARPPKT ARP packet messages For Layer 3 Portal authentication it is 0 PT_MSG_TMR_AUT Authentication timer timeout count PT_MSG_TMR_LGN Login timer timeout count PT_MSG_TMR_LGT Logout timer timeout count PT_MSG_TMR_LEV Leaving timer timeout count PT_MSG_TMR_HDS Handshaking timer timeout count For Layer 3 Portal authentication it is 0 PT_MSG_ARP_FAIL ARP failure count For Layer 3 Portal authenticati...

Page 624: ...on a VLAN port you should assure the VLAN interface is configured with a legal IP address and the specified Portal server exists Example Enable Portal authentication on Vlan interface 10 Specify a Portal server named Quidway Quidway Vlan interface10 portal Quidway 2 1 4 portal arp handshake Syntax portal arp handshake interval interval retry times retry times undo portal arp handshake interval ret...

Page 625: ...120 seconds and the allowed maximum retry times to 6 Quidway portal arp handshake interval 120 retry times 6 2 1 5 portal auth network Syntax portal auth network network address net mask vlan vlan_id undo portal auth network network address net mask vlan vlan_id all View System view Parameter network address net mask Configures the address and subnet mask for an authentication network segment vlan...

Page 626: ...ete user 10 153 94 8 2 1 7 portal free ip Syntax portal free ip ip address undo portal free ip ip address View System view Parameter ip address Free IP address Description Use the portal free ip command to specify free IP address for Portal Use the undo portal free ip command to delete the free IP address By default no free IP address is configured You can configure the IP address of the free acce...

Page 627: ...n authentication free user locates This port should be in the VLAN specified by this command interface_type Port type Its value is Ethernet or GigabitEthernet interface_num Port number The port is numbered in slot port format interface_name Port name expressed in interface_name interface_type interface_num all Deletes all the authentication free users Description Use the portal free user command t...

Page 628: ...authentication free user locates z Layer 3 Portal authentication does not support the configurations of authentication free users Example Configure Portal authentication free users Quidway portal free user mac 00e0 fc01 0101 ip 10 110 1 1 vlan 10 interface ethernet 0 1 2 1 9 portal method Syntax portal method direct redhcp layer3 undo portal method View System view Parameter direct Direct authenti...

Page 629: ...65 534 By default it is 50100 url string URL used in HTTP re directing which is the IP address in character form If an IP address is 10 110 100 100 then its default URL is http 10 110 100 100 The character string must be put between double quotation marks Description Use the portal server command to initiate or modify Portal server configuration Use the undo portal server command to delete a speci...

Page 630: ...erface_num Description Use the portal upload command to configure uplink port of Portal rate limitation Use the undo portal upload command to disable Portal rate limitation By default Portal rate limitation is disabled Portal restriction works together with the bandwidth restriction service provided by CAMS servers The bandwidth restriction service refers to the specified bandwidth available for P...

Page 631: ...m server tcp cheat statistics View User view Parameter acm Clears Portal ACM statistics that is clear the information about authentication connection and management server Clears Portal server statistics tcp cheat Clears TCP spoofing statistics Description Use the reset portal command to clear Portal statistics Example Clear Portal ACM statistics Quidway reset portal acm statistics ...

Page 632: ...SP domain ranging from 1 to 1024 Description Using access limit command you can configure a limit to the amount of supplicants in the current ISP domain Using undo access limit command you can restore the limit to the default setting By default there is no limit to the amount of supplicants in the current ISP domain The access limit command limits the amount of supplicants contained in the current...

Page 633: ...cess the device by using the current user name The argument max user number is in the range of 1 to 1024 vlan vlanid Sets the VLAN attribute of user in other words the VLAN to which a user belong The argument vlanid is an integer in the range of 1 to 4094 location Sets the port binding attribute of user nas ip ip address The IP address of the access server in the event of binding a remote port wit...

Page 634: ...ing not exceeding 24 characters The specified ISP domain shall have been created mac mac address Configures to cut the connection of the supplicant whose MAC address is mac address The argument mac address is in the hexadecimal format H H H radius scheme radius scheme name Configures to cut the connection according to RADIUS server name radius scheme name specifies the RADIUS server name with a ch...

Page 635: ...res to display the supplicants according to their logon type dot1x means the 802 1x users portal means the Portal users domain domain name Configures to display all the users in an ISP domain domain name specifies the ISP domain name with a character string not exceeding 24 characters The specified ISP domain shall have been created mac mac address Configures to display the supplicant whose MAC ad...

Page 636: ...ation about all connected users For the related command see cut connection Example Display the relevant information of all the users Quidway display connection Total 0 connections matched 0 listed 3 1 5 display domain Syntax display domain isp name View Any view Parameter isp name Specifies the ISP domain name with a character string not exceeding 24 characters The specified ISP domain shall have ...

Page 637: ...cal users in the specified ISP domain isp name specifies the ISP domain name with a character string not exceeding 24 characters The specified ISP domain shall have been created idle cut Configures to display the local users according to the state of idle cut function disable means that the user disables the idle cut function and enable means the user enables the function This parameter only takes...

Page 638: ...e integer ranging from 1 to 4094 Description Using display local user command you can view the relevant information of all the local users or the specified one s This command displays the relevant information about a specified or all the local users The output can help you with the fault diagnosis and troubleshooting related to local user For the related command see local user Example Display the ...

Page 639: ...ISP domain Using undo domain command you can cancel a specified ISP domain By default a domain named system has been created in the system The attributes of system are all default values ISP domain is a group of users belonging to the same ISP Generally for a username in the userid isp name format taking gw20010608 huawei163 net as an example the isp name i e huawei163 net following the is the ISP...

Page 640: ...Quidway domain huawei163 net New Domain added Quidway isp huawei163 net 3 1 8 idle cut Syntax idle cut disable enable minute flow View ISP domain view Parameter disable means disabling the user to use idle cut function enable means enabling the user to use idle cut function minute Specifies the maximum idle time ranging from 1 to 120 and measured in minutes flow The minimum data traffic ranging fr...

Page 641: ...undo local user user name all service type telnet ftp lan access ssh View System view Parameter user name Specifies a local username with a character string not exceeding 80 characters excluding and The character can only be used once in one username The pure username the part before namely the user ID cannot exceed 55 characters The user name is case insensitive so that UserA is the same as usera...

Page 642: ...the password command to set a password display mode Description Using local user password display mode command you can configure the password display mode of all the accessing users Using undo local user password display mode command you can cancel the password display mode that has been set for all the accessing users If cipher force has been adopted the user efforts of specifying to display pass...

Page 643: ...ttings By default the messenger alert is disabled on the switch This function allows the clients to inform the online users about their remaining online time through message alert dialog box The implementation of this function is as follows z On the switch use the messenger time enable command to enable this function and to configure the remaining online time threshold the limit argument and the a...

Page 644: ...an100 name test 3 1 13 password Syntax password simple cipher password undo password View Local user view Parameter simple Specifies to display passwords in simple text cipher Specifies to display passwords in cipher text password Defines a password which is a character string of up to 16 characters if it is in simple text and of up to 24 characters if it is in cipher text Description Using passwo...

Page 645: ...the current ISP domain Using undo radius scheme command you can restore the RADIUS server group used by the current ISP domain to the default RADIUS server group After an ISP domain is created it uses the default RADIUS server group named as system For configuration of relevant parameters read the RADIUS Configuration section of this chapter of the system This command is used to specify the RADIUS...

Page 646: ...ts and card numbers by themselves And a server with the self service software is called a self service server Once this function is enabled on the switch users can locate the self service server and perform self management through the following operations z Select Change user password on the 802 1x client z After the client opens the default explorer IE or NetScape locate the specified URL page us...

Page 647: ...evel level Specifies the level of Telnet or SSH users The argument level is an integer in the range of 0 to 3 and defaults to 1 ftp Specifies user type as ftp ftp directory directory Specifies the directory of ftp users directory is a character string of up to 64 characters lan access Specifies user type to lan access which mainly refers to Ethernet accessing users 802 1x supplicants for example D...

Page 648: ...er By default after an ISP domain is created it is in the active state in ISP domain view A local user will be active in local user view upon its creation In ISP domain view every ISP can either be in active or block state If an ISP domain is configured to be active the users in it can request for network service while in block state its users cannot request for any network service which will not ...

Page 649: ...he switch compares the string ID delivered from the server with the VLAN names existing on the switch If a matching entry is found the switch adds the port into the corresponding VLAN Otherwise the delivery fails and the user cannot pass the authentication By default the integer mode is selected that is the switch supports the RADIUS server delivering the integer VLAN ID For the related commands s...

Page 650: ...not access network resources normally The user can access the network only after the network administrator deletes manually the online information of the user To solve this problem user re authentication at reboot is designed After this function is enabled each time the switch reboots z The switch generates an Accounting On message which mainly includes NAS ID NAS IP source IP and session ID z The...

Page 651: ...you can disable the selection of RADIUS accounting option By default selection of RADIUS accounting option is disabled If no RADIUS server is available or if RADIUS accounting server fails when the accounting optional is configured the user can still use the network resource otherwise the user will be disconnected The user configured with accounting optional command in RADIUS scheme will no longer...

Page 652: ...et flow mega packet Set mega packet as the unit of packet flow one packet Set one packet as the unit of packet flow Description Using data flow format command you can configure the unit of data flow that send to RADIUS Server Using undo data flow format command you can restore the unit to the default setting By default the data unit is byte and the data packet unit is one packet For the related co...

Page 653: ...ntax display radius radius scheme name View Any view Parameter radius scheme name Specifies the RADIUS scheme name with a character string not exceeding 32 characters Display all RADIUS schemes when the parameter is not set Description Using display radius command you can view the configuration information of all RADIUS schemes or a specified one By default This command outputs the configuration i...

Page 654: ...top PKT 500 Username format without domain Data flow unit Byte Packet unit 1 Total 1 RADIUS scheme s 1 listed 3 2 6 display radius statistics Syntax display radius statistics View Any view Parameter None Description Using display radius statistics command you can view the statistics information of RADIUS packet This command outputs the statistics information about the RADIUS packets The displayed ...

Page 655: ...ge start time stop time user name user name View Any view Parameter radius scheme radius scheme name Configures to display the saved stopping accounting requests according to RADIUS server name radius scheme name specifies the RADIUS server name with a character string not exceeding 32 characters session id session id Configures to display the saved stopping accounting requests according to the se...

Page 656: ...an select to display the packets sent to a certain RADIUS server or display the packets according to user session ID or username You may also display the request packets saved during a specified time range The displayed packet information can help with diagnosis and troubleshooting For the related commands see reset stop accounting buffer stop accounting buffer enable retry stop accounting Example...

Page 657: ... authorization and accounting are performed on two different servers with different encryption keys you are supposed to set two encryption keys respectively For the related commands see primary accounting primary authentication radius scheme Example Example 1 Set the authentication authorization key of the RADIUS scheme huawei to hello Quidway radius huawei key authentication hello Example 2 Set t...

Page 658: ...RADIUS function on the switch Caution z When using local RADIUS server function of Huawei remember the number of UDP port used for authentication is 1645 and that for accounting is 1646 z The password configured by this command must be the same as that of the RADIUS authentication authorization packet configured by the command key authentication in RADIUS scheme view Quidway series switches suppor...

Page 659: ...ommand see display radius radius nas ip Example Set the source IP address that is carried in the RADIUS packets sent by the NAS the switch to 10 1 1 1 Quidway radius scheme test1 Quidway radius test1 nas ip 10 1 1 1 3 2 11 primary accounting Syntax primary accounting ip address port number undo primary accounting View RADIUS scheme view Parameter ip address IP address in dotted decimal format port...

Page 660: ...3 3 2 12 primary authentication Syntax primary authentication ip address port number undo primary authentication View RADIUS scheme view Parameter ip address IP address in dotted decimal format port number Specifies UDP port number ranging from 1 to 65535 Description Using primary authentication command you can configure the IP address and port number for the primary RADIUS authentication authoriz...

Page 661: ... 2 13 radius nas ip Syntax radius nas ip ip address undo radius nas ip View System view Parameter ip address IP address in dotted decimal format Description Using the radius nas ip command you can specify the source address of the RADIUS packet sent from NAS Using the undo radius nas ip command you can restore the default setting By specifying the source address of the RADIUS packet you can avoid ...

Page 662: ...fied IP address and UDP port number of the RADIUS authentication authorization accounting server and some necessary parameters exchanged with the RADIUS client end switch system So it is necessary to create the RADIUS scheme and enter its view before performing other RADIUS protocol configurations A RADIUS scheme can be used by several ISP domains at the same time You can configure up to 16 RADIUS...

Page 663: ...on id time range start time stop time user name user name View User view Parameter radius scheme radius scheme name Configures to delete the stopping accounting requests from the buffer according to the specified RADIUS server name radius scheme name specifies the RADIUS server name with a character string not exceeding 32 characters session id session id Configures to delete the stopping accounti...

Page 664: ...retransmit it for several times which is set through the retry realtime accounting command This command is used to delete the stopping accounting requests from the switch buffer You can select to delete the packets transmitted to a specified RADIUS server or according to the session id or username or delete the packets transmitted during the specified time range For the related commands see stop a...

Page 665: ...heme Example Set to retransmit the RADIUS request packet no more than 5 times for the RADIUS scheme huawei Quidway radius huawei retry 5 3 2 18 retry realtime accounting Syntax retry realtime accounting retry times undo retry realtime accounting View RADIUS scheme view Parameter retry times Specifies the maximum times of real time accounting request failing to be responded ranging from 1 to 255 By...

Page 666: ...dway radius huawei retry realtime accounting 10 3 2 19 retry stop accounting Syntax retry stop accounting retry times undo retry stop accounting View RADIUS scheme view Parameter retry times Specifies the maximal retransmission times after stopping accounting request ranging from 10 to 65535 By default the value is 500 Description Using retry stop accounting command you can configure the maximal r...

Page 667: ...pecifies the UDP port number ranging from 1 to 65535 By default the accounting service is provided via UDP 1813 Description Using secondary accounting command you can configure the IP address and port number for the second RADIUS accounting server Using undo secondary accounting command you can restore the IP address and port number to default values For detailed information read the Description o...

Page 668: ...iled information read the Description of the primary authentication command For the related commands see key radius scheme state Example Set the IP address of the second authentication authorization server of RADIUS scheme huawei to 10 110 1 2 and the UDP port 1812 to provide RADIUS authentication authorization service Quidway radius huawei secondary authentication 10 110 1 2 1812 3 2 22 server ty...

Page 669: ... supported by the switch Using undo server type command you can restore the RADIUS server type to the default setting By default the newly created RADIUS scheme supports the server of standard type while the system RADIUS scheme created by the system supports the server of huawei type Quidway Series Ethernet Switches support standard RADIUS protocol and the extended RADIUS service platform develop...

Page 670: ...mand is used to set the primary server to be active manually in order that NAS can communicate with it right after the troubleshooting When the primary and second servers are all active or block NAS will send the packets to the primary server only For the related commands see radius scheme primary authentication secondary authentication primary accounting secondary accounting Example Set the secon...

Page 671: ...ng accounting request packets in the buffer Quidway radius huawei stop accounting buffer enable 3 2 25 timer Syntax timer seconds undo timer View RADIUS scheme view Parameter seconds RADIUS server response timeout timer ranging from 1 to 10 and measured in seconds By default the value is 3 Description Using timer command you can configure RADIUS server response timer Using undo timer command you c...

Page 672: ...e interval to its default value The functions of the quiet time interval are as follows z The switch sends RADIUS packets to the primary RADIUS server z If the switch affirms that the primary server does not respond it then sends RADIUS packets to the secondary RADIUS server z After each quiet time interval the switch sets the status of the primary RADIUS server to active and sends RADIUS packets ...

Page 673: ...accounting information of online users to the RADIUS server regularly The value of minute is related to the performance of NAS and RADIUS server The smaller the value is the higher the requirement for NAS and RADIUS server is When there are a large amount of users more than 1000 inclusive we suggest a larger value The following table recommends the ratio of minute value to number of users Table 3 ...

Page 674: ...llowing is the ISP domain name The switch will put the users into certain ISP domains according to the domain names However some earlier RADIUS servers reject the username including ISP domain name In this case the username will be sent to the RADIUS server after its domain name is removed Accordingly the switch provides this command to decide whether the username to be sent to RADIUS server carri...

Page 675: ...s of the security policy server all IP addresses of all security policy servers Description Use the session control server command to configure IP address for the security policy server Use the undo session control server command to remove the IP address configuration You can configure up to eight different IP addresses for eight security policy servers in a RADIUS scheme The switch only responds ...

Page 676: ... Technologies Proprietary 4 2 Quidway radius Quidway session control server 192 168 0 1 Quidway radius Quidway display current configuration radius scheme Quidway primary authentication 1 1 11 29 1812 secondary authentication 127 0 0 1 1645 user name format without domain session control server 192 168 0 1 ...

Page 677: ...p Syntax display debugging habp View Any view Parameter None Description Using the display debugging habp command you can view HAMP debugging state Example Display HABP debugging state Quidway display debugging habp HABP Debugging switch is on 5 1 2 display habp Syntax display habp View Any view Parameter None Description Using the display habp command you can view configuration information and st...

Page 678: ...d Description HABP Mode HABP mode for the current switch including server and client Sending HABP request packets every 20 seconds Time interval to send HABP request packets Bypass VLAN Send HABP packets in specified VLANs 5 1 3 display habp table Syntax display habp table View Any view Parameter None Description Using the display habp table command you can view HABP MAC address table Example Disp...

Page 679: ...enable Syntax habp enable undo habp enable View System view Parameter None Description Using the habp enable command you can enable HABP attribute at a switch Using the undo hapb enable command you can disable HABP attribute at a switch By default HABP attribute is disabled at a switch If 802 1x attribute is enabled on switch and HABP attribute is not enabled for those ports where 802 1x authentic...

Page 680: ...smitting HABP packets in a specific VLAN Using the undo hapb server vlan command you can restore the HABP mode to the default value By default the HABP mode is client You must first enable HABP attribute at a switch using the habp enable command and then specify HABP mode as server Example Specify HABP mode as server and transmit HABP packets in VLAN2 Quidway habp server vlan 2 5 1 7 habp timer Sy...

Page 681: ...the habp timer command you can define time interval for a switch to send HABP request packet Using the undo habp timer command you can restore the time interval to the default value The command is only available on the switch whose HABP mode is set as server Example Define the time interval to send HABP request packets as 50 seconds Quidway habp timer 50 ...

Page 682: ...ax display system guard ip record View Any view Parameter None Description Using the display system guard ip record command you can view the record of the IP packets that the switch CPU receives during this detection interval Example Display the record of the IP packets that the switch CPU receives during this detection interval Quidway display system guard ip record SrcIP 00 0 0 0 0 DstIP 00 0 0 ...

Page 683: ...ny view Parameter None Description Using display system guard state command you can view current detection results and parameters of system guard Example View current detection results and parameters of system guard Quidway display system guard state system guard is running Ip Attack threshold 30 Deny threshold 1 Infected virus Host Number 0 Isolated times of Aging time 3 Max Num of detection supp...

Page 684: ... Using undo system guard enable you can disable the state of system guard function By default system guard function is disabled System guard detects the source IP address featuring attacks and counts the number of those IP packets by monitoring the packets that the CPU receives at the interval of 10 seconds Once the number exceeds the preconfigured threshold some measures are taken to treat the ho...

Page 685: ...guard is enabled don t change the port priority and the mode of queue scheduling Example Enable system guard function Quidway system guard enable Success to enable system guard task 6 1 4 system guard detect maxnum Syntax system guard detect maxnum number undo system guard detect maxnum View System view Parameter number Max detection count of system guard ranging from 1 to 100 Description Using sy...

Page 686: ...record times threshold isolate time of system guard function Using undo system guard detect threshold you can restore these three parameters to the default values By default IP record threshold record times threshold isolate time of system guard function are 30 1 and 3 For example set the IP record threshold record times threshold isolate time of system guard function to 50 3 5 In this case the sy...

Page 687: ...e S3526 S3526 FM and S3526 FS need to learn the destination IP address in the packets if the address is not reside in the non directly connected network segment In this way they can forward multiple times while learning once When the switch is enabled not to learn the destination address in the packets it learns from the source IP address in the response thus preventing the hosts from the virus at...

Page 688: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Reliability ...

Page 689: ... VRRP Configuration Commands 1 1 1 1 VRRP Configuration Commands 1 1 1 1 1 debugging vrrp 1 1 1 1 2 display vrrp 1 2 1 1 3 vrrp authentication mode 1 3 1 1 4 vrrp method 1 4 1 1 5 vrrp ping enable 1 5 1 1 6 vrrp vrid preempt mode 1 5 1 1 7 vrrp vrid priority 1 6 1 1 8 vrrp vrid timer 1 7 1 1 9 vrrp vrid track 1 8 1 1 10 vrrp vrid virtual ip 1 8 ...

Page 690: ...t debugging VRRP packets Description Using debugging vrrp command you can enable the VRRP debugging Using undo debugging vrrp command you can disable the VRRP debugging By default the VRRP debugging is disabled Example Enable VRRP state debugging Quidway debugging vrrp state Vlan interface1 Virtual Router 1 INITIALIZE MASTER Table 1 1 Description of information generated by the command display vrr...

Page 691: ...on the switch will be displayed If only the interface name is specified the state information about all the virtual routers on the interface will be displayed If the interface name and virtual router ID are specified the state information about the specified virtual router on the interface will be displayed Example Display the information about the virtual routers on VLAN interface 1 of the switch...

Page 692: ... IF Track interface Pri Reduced Reduced priority value for virtual router when track interface is Down Virtual IP Virtual IP address list of virtual router Master IP IP address of the master device in virtual router 1 1 3 vrrp authentication mode Syntax vrrp authentication mode type key undo vrrp authentication mode View VLAN interface view Parameter type Authentication type There are following ty...

Page 693: ...authentication type and key When the authentication type and key are set the upper lower cases are not necessary to be matched Example Specify the authentication type and key for a VRRP virtual router Quidway vlan interface2 vrrp authentication mode simple huawei 1 1 4 vrrp method Syntax vrrp method real mac virtual mac undo vrrp method View System view Parameter real mac Use the real MAC address ...

Page 694: ...support this command Example Set the real MAC address of the interface match the virtual IP address of the backup group Quidway vrrp method real mac 1 1 5 vrrp ping enable Syntax vrrp ping enable undo vrrp ping enable View System view Parameter None Description Using vrrp ping enable command you can enable the function to ping the virtual IP address of the backup group Using undo vrrp ping enable ...

Page 695: ...is 0 second If a higher priority switch is required to preempt the Master you need configure it as preemption You can also set a delay for the preemption If you configure it not to preempt the delay will be set to 0 automatically Example Configure the switch to preempt Quidway vlan interface2 vrrp vrid 1 preempt mode Set a delay Quidway vlan interface2 vrrp vrid 1 preempt mode timer delay 5 Config...

Page 696: ...rid 1 priority 150 1 1 8 vrrp vrid timer Syntax vrrp vrid virtual router ID timer advertise adver interval undo vrrp vrid virtual router ID timer advertise View VLAN interface view Parameter virtual router ID VRRP virtual router ID ranging from 1 to 255 adver interval VRRP packet interval of the Master in the virtual router in seconds ranging from 1 to 255 By default the value is 3s Description Us...

Page 697: ... can stop tracking the interface VRRP interface track expends the backup function which thereby can be implemented not only when the switch fails but also when a network interface is down The user can use this command to track or stop tracking an interface or all the interfaces After the configuration of the interface tracking the priority of the switch will be reduced if the tracked interface tur...

Page 698: ...uter or add a virtual IP address to an existing virtual router Using undo vrrp vrid virtual ip command you can cancel an existing virtual router or an address from the virtual router Example Create a virtual router Quidway vlan interface2 vrrp vrid 1 virtual ip 10 10 10 10 Add a virtual IP address to an existing virtual router Quidway vlan interface2 vrrp vrid 1 virtual ip 10 10 10 11 Delete a vir...

Page 699: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual System Management ...

Page 700: ...8 1 1 12 reset recycle bin 1 9 1 1 13 rmdir 1 10 1 1 14 undelete 1 10 1 2 Configuration File Management Commands 1 11 1 2 1 reset saved configuration 1 11 1 2 2 save 1 12 1 3 FTP Server Configuration Commands 1 13 1 3 1 display ftp server 1 13 1 3 2 display ftp user 1 14 1 3 3 ftp server 1 14 1 3 4 ftp timeout 1 15 1 3 5 local user 1 15 1 3 6 password 1 16 1 3 7 service type 1 17 1 4 FTP Client Co...

Page 701: ...gement Commands 2 1 2 1 MAC Address Table Management Commands 2 1 2 1 1 display mac address aging time 2 1 2 1 2 display mac address 2 1 2 1 3 mac address 2 2 2 1 4 mac address max mac count 2 3 2 1 5 mac address timer 2 4 Chapter 3 Device Management Commands 3 1 3 1 Device Management Commands 3 1 3 1 1 boot boot loader 3 1 3 1 2 boot bootrom 3 1 3 1 3 display boot loader 3 2 3 1 4 display cpu 3 2...

Page 702: ...center channel name 4 21 4 5 4 info center console channel 4 21 4 5 5 info center enable 4 22 4 5 6 info center logbuffer 4 23 4 5 7 info center loghost 4 23 4 5 8 info center loghost source 4 24 4 5 9 info center monitor channel 4 25 4 5 10 info center snmp channel 4 26 4 5 11 info center source 4 26 4 5 12 info center timestamp 4 29 4 5 13 info center trapbuffer 4 29 4 5 14 reset logbuffer 4 30 ...

Page 703: ... 18 Chapter 6 RMON Configuration Commands 6 1 6 1 RMON Configuration Commands 6 1 6 1 1 display rmon alarm 6 1 6 1 2 display rmon event 6 2 6 1 3 display rmon eventlog 6 3 6 1 4 display rmon history 6 4 6 1 5 display rmon prialarm 6 5 6 1 6 display rmon statistics 6 6 6 1 7 rmon alarm 6 8 6 1 8 rmon event 6 9 6 1 9 rmon history 6 10 6 1 10 rmon prialarm 6 10 6 1 11 rmon statistics 6 12 Chapter 7 N...

Page 704: ...nds 8 1 8 1 SSH Configuration Commands 8 1 8 1 1 debugging ssh server 8 1 8 1 2 display rsa local key pair public 8 2 8 1 3 display rsa peer public key 8 3 8 1 4 display ssh server 8 4 8 1 5 display ssh user information 8 4 8 1 6 peer public key end 8 5 8 1 7 protocol inbound 8 6 8 1 8 public key code begin 8 6 8 1 9 public key code end 8 7 8 1 10 rsa local key pair create 8 8 8 1 11 rsa local key...

Page 705: ...ctory Destination directory By default the directory is the working path configured by the user when the system starts Description Using cd command you can change the current user configuration path on the Ethernet Switch Example Change the current working directory of the switch to flash Quidway cd flash Quidway pwd flash 1 1 2 copy Syntax copy fileurl source fileurl dest View User view Parameter...

Page 706: ...irm y Copyed file flash test test txt flash test test bak Display current directory information Quidway dir Directory of 0 rw 595 Jul 12 2001 19 41 50 test txt 1 rw 595 Jul 12 2001 19 46 50 test bak 16125952 bytes total 13974528 bytes free 1 1 3 delete Syntax delete unreserved file url View User view Parameter file url path and name of the file you want to delete Description Using delete command y...

Page 707: ...dir txt will display all the files with the extension txt in the current directory By default display the file information in current path Description Using dir command you can view the information about the specified file or directory in storage device of Ethernet Switch Example Display the information about the file flash test test txt Quidway dir flash test test txt Directory of flash test rwxr...

Page 708: ...in flash test Quidway dir all flash test t Directory of flash test t rwxrwxrwx 1 noone nogroup 971 Sep 20 2003 14 32 49 text txt 7932928 bytes total 4965376 bytes free 1 1 5 file prompt Syntax file prompt alert quiet View System view Parameter alert Perform interactive confirmation on dangerous file operations The default value is alert which configures to perform interactive confirmation on dange...

Page 709: ... on the device Specially configuration files will be lost after formatting the flash memory Example Format flash Quidway format flash All data on Flash will be lost proceed with format Y N y Now begin to format flash please wait for a while Format winc completed 1 1 7 mkdir Syntax mkdir directory View User view Parameter directory Directory name Description Using mkdir command you can create direc...

Page 710: ...can display files in the text format Example Display contents of file test txt Quidway more test txt AppWizard has created this test application for you This file contains a summary of what you will find in each of the files that make up your test application Test dsp This file the project file contains information at the project level and is used to build a single project or subproject Other user...

Page 711: ... test drwxrwxrwx 1 noone nogroup Sep 20 2003 14 36 11 dd rwxrwxrwx 1 noone nogroup 971 Sep 20 2003 14 40 05 sample txt 7932928 bytes total 4963328 bytes free Move flash test sample txt to flash sample txt Quidway move flash test sample txt flash sample txt Move flash test sample txt to flash sample txt Y N y Moved file flash test sample txt to flash sample txt Display the directory after moving a ...

Page 712: ...nt path Example Display the current path Quidway pwd flash 1 1 11 rename Syntax rename fileurl source fileurl dest View User view Parameter fileurl source Source file name fileurl dest Destination file name Description Using rename command you can rename a file If the destination file name is the same as an existing directory name operation fails If the destination file name is the same as an exis...

Page 713: ...Y N y Renamed file flash sample txt to flash sample bak Display the directory after renaming sample txt with sample bak Quidway dir Directory of flash drwxrwxrwx 1 noone nogroup Jun 22 2002 02 19 16 shit rwxrwxrwx 1 noone nogroup 971 Jun 30 2003 11 45 19 vrpcfg txt rwxrwxrwx 1 noone nogroup 4 Aug 27 2003 16 56 56 snmpboots rwxrwxrwx 1 noone nogroup 2957562 Sep 20 2003 10 49 57 QX S5516 VRP31 0 003...

Page 714: ...y name Description Using rmdir command you can cancel a directory The directory to be deleted must be empty Example Delete the directory huawei Quidway rmdir huawei Rmdir huawei Y N y Removed directory huawei 1 1 14 undelete Syntax undelete file url View User view Parameter file url Name of the file to be recovered Description Using undelete command you can recover deleted file The file name to be...

Page 715: ...3 32 sample bak 7932928 bytes total 4962304 bytes free Recover the deleted file sample bak Quidway undelete sample bak Undelete flash sample bak Y N y Undeleted file flash sample bak Display the information of all the files including the deleted ones in the current directory Quidway dir all Directory of flash drwxrwxrwx 1 noone nogroup Jun 22 2002 02 19 16 shit rwxrwxrwx 1 noone nogroup 971 Jun 30...

Page 716: ...et Switch is applied to the new circumstance and the original configuration files cannot meet the new requirements the Ethernet Switch should be configured again Erase the original configuration files for reconfiguration If the configuration files do not exist in the flash memory when Ethernet Switch is electrified and initialized it will enter setup switch view automatically For the related comma...

Page 717: ...his will save the configuration in the flash memory The switch configurations will be written to flash Are you sure Y N Now saving current configuration to flash memory Please wait for a while Save current configuration to flash memory successfully 1 3 FTP Server Configuration Commands 1 3 1 display ftp server Syntax display ftp server View Any view Parameter None Description Using display ftp ser...

Page 718: ...guration after setting FTP parameters Example Show the configuration of FTP user parameters Quidway display ftp user No ftp user 1 3 3 ftp server Syntax ftp sever enable undo ftp sever View System view Parameter enable Start FTP Server Description Using ftp server command you can start FTP Server and enable FTP user logon Using undo ftp server command you can close FTP Server and disable FTP user ...

Page 719: ...n timeout interval Using undo ftp timeout command you can restore the default connection timeout interval After a user logs on to an FTP Server and has established connection if the connection is interrupted or cut abnormally by the user FTP Server will still hold the connection The connection timeout can avoid this problem If the FTP server has no command interaction with a client for a specific ...

Page 720: ...s which mainly refers to Ethernet accessing users 802 1x supplicants for example all All the users Description Using local user command you can configure a local user and enter the local user view Using undo local user command you can cancel a specified local user By default no local user For the related commands see display local user server type Example Add a local user named huawei1 Quidway loc...

Page 721: ...ord simple 20030422 1 3 7 service type Syntax service type telnet level level ftp ftp directory directory lan access undo service type telnet level ftp ftp directory lan access View Local user view Parameter telnet Specifies user type as Telnet level level Specifies the level of Telnet users The argument level is an integer in the range of 0 to 3 and defaults to 3 ftp Specifies user type as ftp ft...

Page 722: ...eter None Description Using ascii command you can configure data transmission mode as ASCII mode By default the file transmission mode is ASCII mode Perform this command if the user needs to change the file transmission mode to default mode Example Configure to transmit data in the ASCII mode ftp ascii 200 Type set to A 1 4 2 binary Syntax binary View FTP Client view Parameter None Description Usi...

Page 723: ...mote FTP Server and return to user view After performing this command you can terminate the control connection and data connection with the remote FTP Server Example Terminate connection with the remote FTP Server and return to user view ftp bye 1 4 4 cd Syntax cd pathname View FTP Client view Parameter pathname Path name Description Using cd command you can change the working path on the remote F...

Page 724: ...rking path to the upper level directory This command is used to exit the current directory and return to the upper level directory Example Change working path to the upper level directory ftp cdup 1 4 6 close Syntax close View FTP Client view Parameter None Description Using close command user can disconnect FTP client side from FTP server side without exiting FTP client side view That is to say y...

Page 725: ...ugging Syntax debugging View FTP Client view Parameter None Description Using debugging command you can enable the system debugging functions Example Enable the system debugging functions ftp debugging Debug is on 1 4 8 delete Syntax delete remotefile View FTP Client view Parameter remotefile File name Description Using delete command you can cancel the specified file This command is used to delet...

Page 726: ...d is specified then all the files in the directory will be displayed Example Query the file temp c and saves the results in the file temp1 ftp dir temp c temp1 1 4 10 disconnect Syntax disconnect View FTP Client view Parameter None Description Using disconnect command subscribers can disconnect FTP client side from FTP server side without exiting FTP client side view This command terminates the co...

Page 727: ...1 Description Using ftp command you can establish control connection with the remote FTP Server and enter FTP Client view Example Connect to FTP Server at the IP address 1 1 1 1 Quidway ftp 1 1 1 1 1 4 12 get Syntax get remotefile localfile View FTP Client view Parameter localfile Local file name remotefile Name of a file on the remote FTP Server Description Using get command you can download a re...

Page 728: ... lcd command you can view local working path of FTP Client Example Show local working path ftp lcd Local directory now flash temp 1 4 14 ls Syntax ls remotefile localfile View FTP Client view Parameter remotefile Remote file to be queried localfile Saved local file name Description Using ls command you can query a specified file If no parameter is specified all the files will be shown Example Quer...

Page 729: ...ample Create the directory flash lanswitch on the remote FTP Server ftp mkdir flash lanswitch 1 4 16 open Syntax open ip address port View FTP Client view Parameter ip address The host name a string with a length of 1 to 20 characters or the IP address of the remote FTP Server port Port number of remote FTP Server ranging from 0 to 65535 By default it is 21 Description Using open command you can e...

Page 730: ...word 230 Logged in successfully 1 4 17 passive Syntax passive undo passive View FTP Client view Parameter None Description Using passive command you can configure the data transmission mode as passive mode Using undo passive command you can configure the data transmission mode as active mode By default the data transmission mode is passive mode Example Set the data transmission to passive mode ftp...

Page 731: ...ilename on the remote server the system will consider it the same as the local file name by default Example Upload the local file temp c to the remote FTP Server and saves it as temp1 c ftp put temp c temp1 c 1 4 19 pwd Syntax pwd View FTP Client view Parameter None Description Using pwd command you can view the current directory on the remote FTP Server Example Show the current directory on the r...

Page 732: ...th the remote FTP Server and returns to user view ftp quit Quidway 1 4 21 remotehelp Syntax remotehelp protocol command View FTP Client view Parameter protocol command FTP protocol command Description Using remotehelp command you can view help information about the FTP protocol command Example Show the syntax of the protocol command user ftp remotehelp user 214 Syntax USER sp username 1 4 22 rmdir...

Page 733: ... FTP Server ftp rmdir flash temp1 1 4 23 user Syntax user username password View FTP Client view Parameter username Logon username password Logon password Description Using user command you can register an FTP user Example Log in the FTP Server with username tom and password bjhw ftp user tom bjhw 1 4 24 verbose Syntax verbose undo verbose View FTP Client view Parameter None Description Using verb...

Page 734: ...on mode is binary Description Using tftp command you can configure the transmission mode of the TFTP files TFTP transmits files in two modes binary mode for program files and ASCII mode for text files You can perform this command to configure the file transmission mode By default TFTP transmits files in binary mode Before resetting the mode and restarting the switch the set mode will not change Fo...

Page 735: ...ed commands see tftp tftp put Example Download the file LANSwitch app from the TFTP server at 1 1 3 214 and save it as vxWorks app on the local switch Quidway tftp binary Quidway tftp get 1 1 3 214 LANSwitch app vxWorks app 1 5 3 tftp put Syntax tftp put mmm nnn A A A A xxx yyy View System view Parameter mmm nnn The file to be uploaded A A A A xxx yyy IP address of the TFTP server and the filename...

Page 736: ...ging time command you can view the aging time of the dynamic entry in the MAC address table For the related commands see mac address mac address timer display mac address Example Display the aging time of the dynamic entry in the MAC address table Quidway display mac address aging time mac address aging time 300s The above information indicates that the aging time of the dynamic entry in the MAC a...

Page 737: ... Using display mac address command you can view MAC address table information When managing the Layer 2 addresses of the switch the administrator can Perform this command to view such information as the Layer 2 address table address status static or dynamic Ethernet port of the MAC address VLAN of the address and system address aging time For the related commands see mac address mac address timer ...

Page 738: ... entry will be modified That is replace the interface pointed by this address with the new interface and the entry attribute with the new attribute dynamic entry and static entry All the MAC unicast addresses on a certain interface can be deleted User can choose to delete any of the following addresses address learned by system automatically dynamic address configured by user static address config...

Page 739: ... addresses learned via the Ethernet port The port will stop learning MAC address when the amount reaches the limit specified by the count parameter For the related commands see mac address mac address timer Example Configure Ethernet0 3 to learn at most 600 addresses Quidway Ethernet0 3 mac address max mac count 600 Configure no limit to the amount of addresses learned via Ethernet0 3 Quidway Ethe...

Page 740: ... the problem that the Ethernet switch broadcasts a great mount of data packets without MAC addresses which will affect the switch operation performance If aging time is set too long the Ethernet switch will store a great number of out of date MAC address tables This will consume MAC address table resources and the switch will not be able to update MAC address table according to the network change ...

Page 741: ...ameter file url Path and name of APP file Description Using boot boot loader command you can configure the app file used for boot of the next time Example Specify the APP application used for boot of next time Quidway boot boot loader PLATV100R002B09D002 APP The specifed file will be booted next time Quidway 3 1 2 boot bootrom Syntax boot bootrom file url View User view Parameter file url File pat...

Page 742: ...display boot loader View Any view Parameter None Description Using display boot loader command you can view APP file used next time Example Quidway display boot loader The app to boot at the next time is PLATV100R002B09D002 APP 3 1 4 display cpu Syntax display cpu View Any view Parameter None Description Using display cpu command you can display CPU occupancy Example Display CPU occupancy Quidway ...

Page 743: ...arameter None Description Using display device command you can view module type and working status information of each card including main card and daughter card Perform display device command to display the module type and working status information of a card including physical card number physical daughter card number number of ports hardware version number FPGA version number BOOTROM software v...

Page 744: ... FPGAVer FPGA version number CPLDVer r Hardware version number BootRomVer BootROM software version number AddrLM Address learning mode Type Interface card type 3 1 6 display fan Syntax display fan fan id View Any view Parameter fan id the fan ID Description Using display fan command you can view the working state of the built in fans User can Perform this command to see if they work normally Examp...

Page 745: ...on Using display memory command you can display memory situation Example Display memory situation Quidway display memory System Total Memory bytes 32491008 Total Used Memory bytes 13181348 Used Rate 40 Table 3 3 Display information Field Description System Total Memory bytes The Total Memory of switch unit in byte Total Used Memory bytes The Total used Memory of switch unit in byte Used Rate The m...

Page 746: ...m down value up value undo temperature limit slot num View User view system view Parameter slot num Physical card number for S3552 series the value is 0 down value Lower temperature limit ranging from 0 to 45 unit in up value Upper temperature limit ranging from 50 to 80 unit in Description Using temperature limit command you can configure temperature limit Using undo temperature limit command you...

Page 747: ...from 1993 to 2035 MM ranges from 1 to 12 and DD ranges from 1 to 31 Description Using clock datetime command you can configure the current date and clock of Ethernet Switch By default the date and clock of Ethernet Switch is set as 0 0 0 2000 1 1 The current date and clock of Ethernet Switch must be set in the circumstance that absolute time is strictly required For the related commands see displa...

Page 748: ... time input like HH MM SS hour minute second Description Using clock summer time command you can set the name starting and ending time of the summer time Using undo clock summer time command you can remove the configuration of the summer time After the configuration takes effect the display clock command can be used to check it Besides the time of the log or debug information uses the local time a...

Page 749: ...second Description Using clock timezone command you can set the information of the local time zone Using undo clock timezone command you can restore to the default Universal Time Coordinated UTC time zone After the configuration takes effect the display clock command can be used to check it Besides the time of the log or debug information uses the local time after the adjustment of the time zone a...

Page 750: ...ine interface E g the host name of Ethernet Switch is Quidway and the prompt in user view is Quidway Example Set the hostname of the Ethernet Switch as QuidwayLANSwitch Quidway sysname QuidwayLANSwitch QuidwayLANSwitch 4 2 System Status and System Information Display Commands 4 2 1 display clock Syntax display clock View Any view Parameter None Description Using display clock command subscribers c...

Page 751: ...that matches the regular expression exclude Exclude lines that match the regular expression include Include lines that match the regular expression regular expression Define the regular expression Description Using display current configuration command you can display the currently effective configuration parameters of the switch By default if some running configuration parameters are the same wit...

Page 752: ...r type nec primary authentication 127 0 0 1 1645 primary accounting 127 0 0 1 1646 user name format without domain domain system radius scheme system access limit disable state active idle cut disable self service url disable messenger time disable domain default enable system local server nas ip 127 0 0 1 key nec interface Aux0 0 vlan 1 interface Ethernet0 1 interface Ethernet0 2 interface Ethern...

Page 753: ...nterface Ethernet0 14 interface Ethernet0 15 interface Ethernet0 16 interface Ethernet0 17 interface Ethernet0 18 interface Ethernet0 19 interface Ethernet0 20 interface Ethernet0 21 interface Ethernet0 22 interface Ethernet0 23 interface Ethernet0 24 interface NULL0 user interface aux 0 user interface vty 0 4 return View the lines containing the character string 10 in the configuration informatio...

Page 754: ...Ethernet0 16 interface Ethernet0 17 interface Ethernet0 18 interface Ethernet0 19 interface Ethernet0 21 View configuration information begin with user Quidway display current configuration include user user interface aux 0 user interface vty 0 4 View the pre positive and post positive configuration information Quidway display current configuration configuration sysname Quidway radius scheme syste...

Page 755: ...name View Any view Parameter interface name Specify the Ethernet port name interface type Specify the Ethernet port type interface num Specify the Ethernet port number module name Specify the module name Description Using display debugging command you can view the enabled debugging process Show all the enabled debugging when there is no parameter For the related commands see debugging Example Show...

Page 756: ... the startup configuration of the Ethernet Switch For the related commands see save reset saved configuration display current configuration Example Display configuration files in flash memory of Ethernet Switch Quidway display saved configuration sysname Quidway radius scheme system server type nec primary authentication 127 0 0 1 1645 primary accounting 127 0 0 1 1646 user name format without dom...

Page 757: ...erface Ethernet0 3 interface Ethernet0 4 interface Ethernet0 5 interface Ethernet0 6 interface Ethernet0 7 interface Ethernet0 8 interface Ethernet0 9 interface Ethernet0 10 interface Ethernet0 11 interface Ethernet0 12 interface Ethernet0 13 interface Ethernet0 14 interface Ethernet0 15 interface Ethernet0 16 interface Ethernet0 17 interface Ethernet0 18 interface Ethernet0 19 interface Ethernet0...

Page 758: ...terface NULL0 user interface aux 0 user interface vty 0 4 return 4 2 5 display users Syntax display users all View Any view Parameter all display all users connected to the switch Description Using display users command you can view information about users connected to the switch Example Display the status of the current users Quidway display users UI Delay IPaddress Username F 0 AUX 0 00 00 00 4 ...

Page 759: ... display version Versatile Routing Platform Software VRP R Software Version 3 10 RELEASE 0014 Copyright c Reserved Quidway uptime is 0 week 0 day 3 hours 13 minutes Quidway with 1 MIPS Processor 64M bytes SDRAM 8192K bytes Flash Memory Config Register points to FLASH Hardware Version is REV 0 CPLD Version is 000 Bootrom Version is 120 Subslot 0 24 FE Hardware Version is REV 0 4 3 System Debug Comm...

Page 760: ...after all the debugging is enabled by debugging all command So it is not suggested to use the debugging all command It is convenient for the user to disable all the debugging with undo debugging all command For the related commands see display debugging Example Enable IP Packet debugging Quidway debugging ip packet IP packet debugging switch is on 4 3 2 display diagnostic information Syntax displa...

Page 761: ...Commands 4 4 1 ping Syntax ping a ip address c count d f h ttl i interface type interface num interface name ip n p pattern q r s packetsize t timeout tos tos v host View Any view Parameter a ip address Specify the source IP address to transmit ICMP ECHO REQUEST c count specify how many times the ICMP ECHO REQUEST packet will be transmitted ranging from 1 to 4294967295 d Configure the socket to be...

Page 762: ...k connection and the reachability of the host By default when the parameters are not specified z The ECHO REQUEST message will be sent for 5 times z socket is not in DEBUGGING mode z The TTL value for echo requests is 255 z host will be treated as IP address first If it is not an IP address perform domain name resolution z The default padding operation starts from 0x01 and ends on 0x09 progressive...

Page 763: ...0 244 is reachable Quidway ping 202 38 160 244 ping 202 38 160 244 56 data bytes Reply from 202 38 160 244 bytes 56 sequence 1 ttl 255 time 1ms Reply from 202 38 160 244 bytes 56 sequence 2 ttl 255 time 2ms Reply from 202 38 160 244 bytes 56 sequence 3 ttl 255 time 1ms Reply from 202 38 160 244 bytes 56 sequence 4 ttl 255 time 3ms Reply from 202 38 160 244 bytes 56 sequence 5 ttl 255 time 2ms 202 ...

Page 764: ...1 and the first hop will send an ICMP error message back to indicate this packet cannot be transmitted because of TTL timeout Then this packet will be sent again with TTL 2 and the second hop will indicate a TTL timeout error Perform this operation repeatedly till reaching the destination These processes are operated to record the source address of each ICMP TTL timeout so as to provide a path to ...

Page 765: ...isplay channel Syntax display channel channel number channel name View Any view Parameter channel number Channel number ranging from 0 to 9 that is the system has ten channels channel name Specify the channel name the name can be channel6 channel7 channel8 channel9 console logbuffer loghost monitor snmpagent trapbuffer Description Using display channel command you can view the details about the in...

Page 766: ... center logbuffer info center console channel info center monitor channel Example Show the system log information Quidway display info center Information Center enabled Log host 173 168 1 10 channel number 2 channel name loghost language english host facility local 7 Console channel number 0 channel name console Monitor channel number 1 channel name monitor SNMP Agent channel number 5 channel name...

Page 767: ...nel name with a character string not exceeding 30 characters excluding or Description Using info center channel name command you can rename a channel specified by the channel number as channel name Using undo info center channel command you can restore the channel name Note that the channel name cannot be duplicated Example Rename the channel 0 as execconsole Quidway info center channel 0 name exe...

Page 768: ...nfo center enable display info center Example Configure to output log information to the console through channel 0 Quidway info center console channel 0 4 5 5 info center enable Syntax info center enable undo info center enable View System view Parameter None Description Using info center enable command you can enable the system log function Using undo info center enable command you can disable sy...

Page 769: ...r snmpagent trapbuffer size Configure the size of buffer buffersize Size of buffer number of messages which can be kept By default the size of the buffer is 20 Description Using info center logbuffer command you can configure to output information to the memory buffer Using undo info center logbuffer command you can cancel the information output to buffer This command takes effect only after the s...

Page 770: ...fo center loghost ranging from local0 to local7 language Set the logging language chinese english Language used in log file Description Using info center loghost command you can configure the IP address of the info center loghost to send information to it Using undo info center loghost command you can cancel output to info center loghost By default Ethernet switches do not output information to in...

Page 771: ...e info center enable display info center Example Set source address of the packets sent to loghost as the address of the VLAN interface 1 Quidway info center loghost source vlan interface 1 4 5 9 info center monitor channel Syntax info center monitor channel channel number channel name undo info center monitor channel View System view Parameter channel number Channel number ranging from 0 to 9 tha...

Page 772: ...tem has ten channels By default channel 5 is used channel name Specify the channel name The name can be channel6 channel7 channel8 channel9 console logbuffer loghost monitor snmpagent trapbuffer Description Using info center snmp channel command you can configure new channel for transmitting the SNMP information Using undo info center snmp channel command you can restore the channel for transmitti...

Page 773: ...critical Level 3 information critical information errors Level 4 information error information warnings level 5 information warning information notifications Level 6 information showed normally and important informational Level 7 information notice to be recorded debugging Level 8 information generated during the debugging progress Note If you only specify the level for one two of the three types ...

Page 774: ...gure the channels in the output direction channel filter information filtering and redirecting of all kinds of information At present the system distributes an information channel in each output direction by default shown as follows Table 4 1 Information Channel in Each Output Direction by Default Output direction Information channel name Console console Monitor monitor Info center loghost loghost...

Page 775: ... and yyyyyy is the low 32 bits date Current system date and time It shows as yyyy mm dd hh mm ss in Chinese environment and mm dd yyyy hh mm ss in Western language environment None No timestamp format Description Using info center timestamp command you can configure the timestamp output format in debugging trap information Using undo info center timestamp command you can disable the output of time...

Page 776: ...can output information to the trap buffer Using undo info center trapbuffer command you can cancel output information to trap buffer By default output information is transmitted to trap buffer and size of trap buffer is 20 This command takes effect only after the system logging is enabled For the related commands see info center enable display info center Example Send information to the trap buffe...

Page 777: ...n in trap buffer Quidway reset trapbuffer 4 5 16 terminal debugging Syntax terminal debugging undo terminal debugging View User view Parameter None Description Using terminal debugging command you can configure to display the debugging information on the terminal Using undo terminal debugging command you can configure not to display the debugging information on the terminal By default the displayi...

Page 778: ...terminal logging command you can disable terminal log information display By default this function is enabled Example Disable the terminal log display Quidway undo terminal logging 4 5 18 terminal monitor Syntax terminal monitor undo terminal monitor View User view Parameter None Description Using terminal monitor command you can enable the log debugging log trap on the terminal monitor Using undo...

Page 779: ...nal logging undo terminal trapping commands When the terminal monitor is enabled you can use terminal debugging undo terminal debugging terminal logging terminal logging and terminal trapping undo terminal trapping respectively to enable or disable the corresponding functions Example Disable the terminal monitor Quidway undo terminal monitor 4 5 19 terminal trapping Syntax terminal trapping undo t...

Page 780: ...er read display read only community information write display read write community information Description Using display snmp agent community command you can view the currently configured community names Example Display the currently configured community names Quidway display snmp agent community community name public group name public storage type nonVolatile community name tom group name huawei ...

Page 781: ... the communication with SNMP application etc Example Display the engine ID of current device Quidway display snmp agent local engineid SNMP local engineID 00000009020000000C025808 5 1 3 display snmp agent group Syntax display snmp agent group group name View Any view Parameter groupname Group name ranging from 1 to 32 bytes Description Using display snmp agent group command you can view group name...

Page 782: ...ng to that group storage type Storage type 5 1 4 display snmp agent mib view Syntax display snmp agent mib view exclude include viewname mib view View Any view Parameter exclude Display the SNMP mib view excluded Include Display the SNMP mib view included viewname Display the SNMP mib view according to the mib view name mib view Specify the mib view name Description display snmp agent mib view com...

Page 783: ... ViewDefault MIB Subtree snmpModules 18 Storage type nonVolatile excluded active The following table describes the output fields Table 5 2 Output description of the display snmp agent mib view command Field Description View name View name MIB Subtree MIB subtree storage type Storage type included excluded Permit or forbid access to an MIB object active Indicate the line state in the table Caution ...

Page 784: ...ty supplied 0 ASN 1 or BER errors in the process of decoding 9 Messages passed from the SNMP entity 0 SNMP PDUs which had badValue error status 0 SNMP PDUs which had genErr error status 0 SNMP PDUs which had noSuchName error status 0 SNMP PDUs which had tooBig error status Maximum packet size 1500 9 MIB objects retrieved successfully 0 MIB objects altered successfully 0 GetRequest PDU accepted and...

Page 785: ...y snmp agent sys info location View Any view Parameter None Description Using display snmp agent sys info location command you can view the character string describing the system location Example Display the system location Quidway display snmp agent sys info location The physical location of this node BeiJing China 5 1 8 display snmp agent sys info version Syntax display snmp agent sys info versi...

Page 786: ... ID username display user information with specified user name groupname display user information of specified group Description Using display snmp agent usm user command you can view information of all the SNMP usernames in the group username list Example Display the information of all the current users Quidway display snmp agent usm user User name authuser Engine ID 00000009020000000C025808 User...

Page 787: ...ocal engineid command you can configure a name for a local or remote SNMP engine on the Ethernet Switch Using undo snmp agent local engineid command you can restore the default setting of engine ID Device information is determined according to different products It can be IP address MAC address or user defined text However you must use numbers in hexadecimal form Example Configure the ID of a loca...

Page 788: ...way snmp agent community write mgr 5 1 12 snmp agent group Syntax snmp agent group v1 v2c group name read view read view write view write view notify view notify view acl acl list undo snmp agent group v1 v2c group name snmp agent group v3 group name authentication privacy read view read view write view write view notify view notify view acl acl list undo snmp agent group v3 group name authenticat...

Page 789: ... will affect all the users related to this group Please do not specify the notify view when configuring SNMP group Example Create an SNMP group named huawei Quidway snmp agent group v3 huawei 5 1 13 snmp agent mib view Syntax snmp agent mib view included excluded view name oid tree undo snmp agent mib view view name View System view Parameter included Include this MIB subtree excluded Exclude this...

Page 790: ... of SNMP packet measured in bytes ranging from 484 to 17940 By default the size is 1500 bytes Description Using snmp agent packet max size command you can configure the size of SNMP packet that the Agent can send receive Using undo snmp agent packet max size command you can restore the default size of SNMP packet The sizes of the SNMP packets received sent by the Agent are different in different n...

Page 791: ...ystem information such as geographical location of the device contact information for system maintenance and version information of running SNMP Using undo snmp agent sys info location command you can restore the default value By default the contact information is HuaWei Beijing China the system location is Beijing China the SNMP version is SNMP V3 Example Set system location as Building 3 Room 21...

Page 792: ... command you can configure destination of SNMP notification Using undo snmp agent target host command you can cancel the host that receives SNMP notification The snmp agent target host command and the snmp agent trap enable command should be used at the same time Use the snmp agent trap enable command to enable the device to transmit Trap packets snmp agent trap enable command and snmp agent targe...

Page 793: ... Reboot operation caused by problems such as power failure z warm start Reboot operation caused by executing the reboot command Description Using snmp agent trap enable command you can enable the device to send Trap message Using undo snmp agent trap enable command you can disable Trap message sending By default Trap message sending is disabled snmp agent trap enable command and snmp agent target ...

Page 794: ...fault value The set timeout of Trap packet is represented by seconds If time exceeds seconds this Trap packet will be discarded For the related commands see snmp agent trap enable snmp agent target host Example Configure the timeout interval of Trap packet as 60 seconds Quidway snmp agent trap life 60 5 1 19 snmp agent trap queue size Syntax snmp agent trap queue size length undo snmp agent trap q...

Page 795: ...0 Description Using snmp agent trap source command you can configure the source address for sending Trap Using undo snmp agent trap source command you can cancel the source address for sending Trap Example Configure the IP address of the VLAN interface 1 as the source address for transmitting the Trap packets Quidway snmp agent trap source vlan interface 1 5 1 21 snmp agent usm user Syntax snmp ag...

Page 796: ...t with higher security authpassword Specify the authentication password with a character string ranging from 1 to 64 bytes privacy mode Specify the safety level as encrypted des56 Specify the authentication protocol as DES privpassword Specify the encryption password with a character string ranging from 1 to 64 bytes acl acl list Set access control list for this user based on USM name Description ...

Page 797: ...prietary 5 18 5 1 22 undo snmp agent Syntax undo snmp agent View System view Parameter None Description Using undo snmp agent command you can disable all versions of SNMP running on the server Perform any command of snmp agent will enable SNMP Agent Example Disable the running SNMP agents of all SNMP versions Quidway undo snmp agent ...

Page 798: ...m Example Display the RMON alarm information Quidway display rmon alarm Alarm table 1 owned by HUAWEI is VALID Samples absolute value 1 3 6 1 2 1 16 1 1 1 4 1 etherStatsOctets 1 Sampling interval 10 sec Rising threshold 1000 linked with event 1 Falling threshold 100 linked with event 1 When startup enables risingOrFallingAlarm Latest value 0 Table 6 1 Output description of the display rmon alarm c...

Page 799: ...hold 6 1 2 display rmon event Syntax display rmon event event table entry View Any view Parameter event table entry Entry index of event table Description Using display rmon event command you can view RMON events The display includes event index in event table owner of the event description to the event action caused by event log or alarm information and occurrence time of the latest event counted...

Page 800: ...d you can view RMON event log The display includes description about event index in event table description to the event and occurrence time of the latest event counted on system initiate boot time in centisecond Example Show event log of RMON Quidway display rmon eventlog 1 Event table 1 owned by HUAWEI is VALID Generates eventLog 1 1 at 0days 00h 01m 39s Description The 1 3 6 1 2 1 16 1 1 1 4 1 ...

Page 801: ...display rmon history Syntax display rmon history port num View Any view Parameter port num Ethernet port name Description Using display rmon history command you can view latest RMON history sampling information including utility error number and total packet number For the related commands see rmon history Example Show the RMON history information Quidway display rmon history ethernet 2 1 History ...

Page 802: ...d octets in sampling time packets Packets sent received in sampling time broadcast packets Number of broadcast packets multicast packets Number of multicast packets CRC alignment errors Number of CRC error packets undersized packets Number of undersized packets oversized packets Number of oversized packets fragments Number of undersized and CRC error packets jabbers Number of oversized and CRC err...

Page 803: ... Creator of the extended alarm entry VALID The entry corresponding to the index is valid Samples absolute value Sampling the absolute value of the node 1 3 6 1 2 1 16 1 1 1 4 1 Rising threshold Rising threshold When sampling value rises from normal value to this threshold rising threshold alarm will be triggered Falling threshold Falling threshold When sampling value decreases from normal value to...

Page 804: ...s entry 1 owned by HUAWEI is VALID Interface Ethernet2 1 ifEntry 642 Received octets 0 packets 0 broadcast packets 0 multicast packets 0 undersized packets 0 oversized packets 0 fragments packets 0 jabbers packets 0 CRC alignment errors 0 collisions 0 Dropped packet insufficient resources 0 Packets received according to length octets 64 0 65 127 0 128 255 0 256 511 0 512 1023 0 1024 1518 0 Table 6...

Page 805: ... alarm entry number View System view Parameter entry number Number of the entry to be added deleted ranging from 1 to 65535 alarm variable Specifies the alarm variable with a character string ranging from 1 to 256 in the OID dotted format like 1 3 6 1 2 1 2 1 10 1 or ifInOctets 1 sampling time Specifies the sampling interval ranging from 5 to 65535 measured in seconds delta Sampling type is delta ...

Page 806: ...ystem view Parameter event entry Number of the entry to be added deleted ranging from 1 to 65535 description string Event description Length of the character string ranges from 1 to 255 log Log event trap Trap event trap community Name of the community that trap message is sent to log trap Log and trap event log trapcommunity Name of the community that trap message is sent to None neither log nor ...

Page 807: ... text string Creator of the line Length of the character string ranges from 1 to127 Description Using rmon history command you can add an entry to the history control table Using undo rmon history command you can cancel an entry from history control table Perform this command to sample set sample parameter sample time interval and storage amounts for a port RMON will periodically perform data coll...

Page 808: ... value specified with a number greater than 0 event entry1 Corresponding event number to the upper limit threshold value ranging from 0 to 65535 threshold value2 Falling threshold value specified with a number greater than 0 event entry2 Event number corresponding to the falling threshold ranging from 0 to 65535 forever cycle cycle period Specifies the type of the alarm instance line cycle period ...

Page 809: ... of the entry Length of the character string ranges from 1 to127 Description Using rmon statistics command you can add an entry to the statistic table Using undo rmon statistics command you can cancel an entry from statistic table RMON statistic management concerns the statistics and monitoring of the usage and error on a port Statistics includes collision CRC Cyclic Redundancy Check and queue und...

Page 810: ...User view Parameter access NTP access control debugging adjustment NTP clock adjustment debugging all All NTP debugging functions authentication NTP authentication debugging event NTP event debugging filter NTP filter information debugging packet NTP packet debugging parameter NTP clock parameter debugging refclock NTP reference clock debugging selection NTP clock selection information debugging s...

Page 811: ...vided by the local equipment By default the status of all the sessions maintained by NTP service provided by the local equipment will be displayed When you configure this command without the verbose parameter the Ethernet switch will display the brief information about all the sessions it maintains With the verbose parameter configured Ethernet switch will display the detail information about all ...

Page 812: ...tatus information Output Meaning clock status unsynchronized Local clock status do not synchronize to any remote NTP server clock stratum 16 Indicates the NTP stratum of local clock reference clock ID Indicates the address of a remote server of the reference ID in the case that the local system has been synchronized by a remote NTP server or the ID of some clock source nominal frequency Nominal fr...

Page 813: ...rver 127 0 0 1 stratum 8 offset 0 000000 synch distance 0 00000 refid 127 127 1 0 7 1 5 ntp service access Syntax ntp service access query synchronization server peer acl number undo ntp service access query synchronization server peer View System view Parameter query Allow to control query authority synchronization Only allow the server to access server Allow query to server and access peer Full ...

Page 814: ... peer in ACL 2076 Quidway ntp service access peer 2076 Give the authority of time request and query control of the local equipment to the peer in ACL 2028 Quidway ntp service access synchronization 2028 7 1 6 ntp service authentication enable Syntax ntp service authentication enable undo ntp service authentication enable View System view Parameter None Description Using ntp service authentication ...

Page 815: ...tion key Only MD5 authentication is supported for the NTP authentication key settings Example Set MD5 authentication key 10 as BetterKey Quidway ntp service authentication keyid 10 authentication mode md5 BetterKey 7 1 8 ntp service broadcast client Syntax ntp service broadcast client undo ntp service broadcast client View VLAN interface view Parameter None Description Using ntp service broadcast ...

Page 816: ...ervice broadcast server authentication keyid keyid version number undo ntp service broadcast server View VLAN interface view Parameter authentication keyid Specify the authentication key keyid Key ID used in broadcast ranging from 0 to 4294967295 version Define NTP version number number NTP version number ranging from 1 to 3 Description Using ntp service broadcast server command you can configure ...

Page 817: ...ce in interface disable command you can disable an interface to receive NTP message Using undo ntp service in interface disable command you can enable an interface to receive NTP message By default an interface is enabled to receive NTP message Example Disable Vlan Interface1 to receive NTP message Quidway interface vlan interface1 Quidway Vlan Interface1 ntp service in interface disable 7 1 11 nt...

Page 818: ...an configure the NTP multicast client mode Using undo ntp service multicast client command you can disable the NTP multicast client mode By default the multicast client service is disabled ip address defaults to 224 0 1 1 Designate an interface on the local Ethernet Switch to receive NTP multicast messages and operate in multicast client mode The local Ethernet Switch listens to the multicast from...

Page 819: ...1 to 3 Description Using ntp service multicast server command you can configure NTP multicast server mode if no IP address is specified switch automatically choice the 224 0 1 1 as the multicast IP address Using undo ntp service multicast server command you can disable NTP multicast server mode if no IP address is specified the switch will disable the configuration of the multicast IP address 224 ...

Page 820: ... ntp service refclock master command you can cancel the NTP master clock settings By default ip address is not specified and stratum defaults to 1 You can use this command to designate an NTP external reference clock or the local clock as an NTP master clock to provide synchronized time for other equipment ip address specifies the IP address of an external clock as 127 127 t u If no IP address is ...

Page 821: ...hichever can provide a reliable key Example Enable NTP authentication adopt MD5 encryption and designate Key 37 BetterKey and configure it as reliable Quidway ntp service authentication enable Quidway ntp service authentication keyid 37 authentication mode md5 BetterKey Quidway ntp service reliable authentication keyid 37 7 1 16 ntp service source interface Syntax ntp service source interface inte...

Page 822: ...ress of Vlan Interface1 as their source IP address Quidway ntp service source interface Vlan Interface 1 7 1 17 ntp service unicast peer Syntax ntp service unicast peer ip address version number authentication key keyid source interface interface name interface type interface number priority undo ntp service unicast peer ip address View System view Parameter ip address Specify the IP address of a ...

Page 823: ...icast or reference clock By operating in this mode a local device can synchronize and be synchronized by a remote server Example Configure the local equipment to synchronize or synchronized by a peer at 128 108 22 44 Set the NTP version to 3 The IP address of the NTP packets are taken from that of Vlan Interface1 Quidway ntp service unicast peer 131 108 22 33 version 3 source interface Vlan Interf...

Page 824: ...r as the first choice Description Using ntp service unicast server command you can configure NTP server mode Using undo ntp service unicast server command you can disable NTP server mode By default version number number defaults to 3 the authentication is disabled and the local server is not the first choice The command announces to use the remote server at ip address as the local time server ip a...

Page 825: ... channels index Debugged SSH channels Optional values depend on the VTY number and they are 0 4 Description Using the debugging ssh server command you can send the negotiation process defined in SSH1 5 protocol to the information center as debugging information and debug a single user interface Using the undo debugging ssh server command you can disable debugging function By default debugging func...

Page 826: ...ey pair public command you can display local key pair and public key of the server If no key is generated corresponding information will be prompted for example RSA keys not found For the related command see rsa local key pair create Example Display local key pair and public key of the server Quidway display rsa local key pair public Key pair was generated at 12 26 33 UTC 2002 4 4 Key name rtvrp_H...

Page 827: ...sa peer public key command you can display a designated RSA public key All public keys will be displayed if no key is specified For the related command see rsa local key pair create Example Display a designated RSA public key Quidway display rsa peer public key Address Bits Name 1023 abcd 1024 hq 1024 wn1 1024 hq_all Quidway display rsa peer public key name abcd Key name abcd Key address Data 3081...

Page 828: ...ands see ssh server authentication retries ssh server rekey interval ssh server timeout Example Display SSH state and configuration parameters Quidway display ssh server status SSH version 1 5 SSH connection timeout 60 seconds SSH server key generating interval 1 hours SSH Authentication retries 3 times Display SSH sessions Quidway display ssh server session Conn Ver Encry State Retry Username VTY...

Page 829: ...hentication type Example Display SSH user information Quidway display ssh user information Username authentication type user public key name Jin rsa jin hanqi1 password 816pub 8 1 6 peer public key end Command peer public key end View Public key view Parameter None Description Using the peer public key end command you can finish editing peer public key and quit from public key view to system view ...

Page 830: ... enabled and specified for the user interface but no local RSA key is configured SSH cannot take effect yet till you log onto the system next time If SSH protocol is specified to ensure a successful logon you must configure the AAA authentication using the authentication mode scheme command The protocol inbound ssh configuration fails if you configure authentication mode password and authenticatio...

Page 831: ...y Quidway system view System View return to User View with Ctrl Z Quidway rsa peer public key quidway003 Quidway rsa public key public key code begin Quidway rsa key code 308186028180739A291ABDA704F5D93DC8FDF84C427463 Quidway rsa key code 1991C164B0DF178C55FA833591C7D47D5381D09CE82913 Quidway rsa key code D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4 Quidway rsa key code 0861B74A0E135523CCD74CAC6...

Page 832: ...ey pair create Command rsa local key pair create View System view Parameter None Description Using the rsa local key pair create command you can create local RSA host key pair and server key pair If you have configured RSA key the system gives an alarm after using this command and prompts that the existing one will be replaced The key naming format is switch name plus server and switch name plus h...

Page 833: ...er than 512 It will take a few minutes Input the bits in the modulus default 512 Generating keys Quidway 8 1 11 rsa local key pair destroy Command rsa local key pair destroy View System view Parameter None Description Using the rsa local key pair destroy command you can remove all RSA key pairs at the server including Host key pair and Server key pair Acknowledgement information will be promoted b...

Page 834: ... Description Using the rsa peer public key command you can enter the public key view When using this command together with the public key code begin command you can configure the public key at the client which is generated randomly by the client program supporting SSH1 5 For the related commands see public key code begin public key code end Example Enter the public key view Quidway system view Sys...

Page 835: ...thentication retry times value as 4 Quidway system view System View return to User View with Ctrl Z Quidway ssh server authentication retries 4 Quidway 8 1 14 ssh server rekey interval Command ssh server rekey interval hours undo ssh server rekey interval View System view Parameter hours Defines key update interval in the range of 1 24 hours Description Using the ssh server rekey interval command ...

Page 836: ...ation authentication which takes effect at next logon Using the undo ssh server timeout command you can restore the default value By default the timeout value is 60 seconds For the related commands see display ssh server Example Define the registration timeout value as 80 seconds Quidway system view System View return to User View with Ctrl Z Quidway ssh server timeout 80 Quidway 8 1 16 ssh user a...

Page 837: ...r zhangsan assign rsa key key1 Quidway 8 1 17 ssh user username authentication type Command ssh user username authentication type all password rsa undo ssh user username authentication type View System view Parameter username Valid local user name or user name defined by remote RADIUS system all Specifies authentication type as password and RSA password Specifies authentication type as password rs...

Page 838: ...itches Chapter 8 SSH Configuration Commands Huawei Technologies Proprietary 8 14 Example Specify zhangsan s authentication type as password Quidway system view System View return to User View with Ctrl Z Quidway ssh user zhangsan authentication type password Quidway ...

Page 839: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Auto Detecting ...

Page 840: ...apter 1 Auto Detect Configuration Commands 1 1 1 1 1 detect group 1 1 1 1 2 detect list 1 1 1 1 3 display detect group 1 2 1 1 4 option 1 4 1 1 5 retry 1 5 1 1 6 timer loop 1 5 1 1 7 timer wait 1 6 Chapter 2 Auto Detect Implementation Commands 2 1 2 1 1 ip route static 2 1 2 1 2 standby detect group 2 2 2 1 3 vrrp vrid track detect group 2 3 ...

Page 841: ...roup group number View System view Parameter group number Specifies detecting group number which ranges from 1 to 100 Description Use the detect group command to create a detecting group and enter its view Use the undo detect group command to remove a specified detecting group Example Create a detecting group numbered 10 Quidway system view System View return to User View with Ctrl Z Quidway detec...

Page 842: ... address is set by the ip address ip address command Upon configuring the IP addresses of the interfaces to be detected the switch detects these interfaces one by one from those with smaller list number value to those with larger list number value Up to 100 IP addresses can be configured in a detecting group You can specify how the detecting result is generated by using the option command Related ...

Page 843: ...Table 1 1 Description on the fields of the display detect group command Field Description detect group 1 Detecting group 1 detect loop time s 15 The detecting interval is 15 seconds ping wait time s 2 The timeout time is 2 seconds detect retry times 2 The retry times is 2 detect ip option and The detecting result is reachable only when all the specified interfaces can be successfully pinged group ...

Page 844: ...ged which is the same as the option and command When a detecting operation is being carried out the switch detects each interface for their reachability whose IP address is contained in the detecting group one by one from those with smaller list number value to those with larger list number value z If you specify the and keyword the switch returns unreachable as the detecting result when the switc...

Page 845: ...ring a detection Example Specify the maximum retires to 10 for detecting group 10 Quidway system view System View return to User View with Ctrl Z Quidway detect group 10 Quidway detect group 10 retry 3 1 1 6 timer loop Syntax timer loop seconds View Detecting group views Parameter seconds Specifies the detecting interval which ranges form 5 to 86400 in seconds and defaults to 15 Description Use th...

Page 846: ...60 1 1 7 timer wait Syntax timer wait seconds View Detecting group views Parameter seconds Specifies the timeout time of a detection which ranges from 1 to 30 in seconds and defaults to 2 Description Use the timer wait command to set the timeout time of a detection Example Set the timeout time to 3 seconds for detecting group 3 Quidway system view System View return to User View with Ctrl Z Quidwa...

Page 847: ...p address Specifies the IP address in dotted decimal notation mask Specifies the subnet mask mask length Specifies the length of the subnet mask that is the number of successive bits in the subnet mask whose values are 1 interface type Specifies the type of the next hop interface interface number Specifies the number of the next hop interface nexthop Specifies the IP address of the next hop in dot...

Page 848: ...ute to 192 168 0 5 24 with 192 168 0 2 as the next hop The route is to be enabled when the result of detecting group 10 is reachable Quidway system view System View return to User View with Ctrl Z Quidway ip route static 192 168 0 5 24 192 168 0 2 detect group 10 2 1 2 standby detect group Syntax standby detect group group number undo standby detect group group number View VLAN interface views Par...

Page 849: ...id track detect group group number reduced value reduced undo vrrp vrid virtual router id track detect group group number View VLAN interface views Parameter virtual router id Specifies the ID of the virtual router group number Specifies the detecting group number which ranges from 1 to 100 value reduced Specifies the increment by which the preference value is reduced It ranges from 1 to 255 and d...

Page 850: ...tect the interface with an IP address of 202 13 1 55 Quidway system view System View return to User View with Ctrl Z Quidway detect group 10 Quidway detect group 10 detect list 1 ip 202 13 1 55 Specify to decrease the preference value of backup group 1 by 20 when the result of detecting group 10 is unreachable Quidway interface vlan interface 2 Quidway vlan interface2 vrrp vrid 1 track detect grou...

Page 851: ...Huawei Technologies Proprietary HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Appendix ...

Page 852: ...Command Manual Appendix Quidway S3500 Series Ethernet Switches Table of Contents Huawei Technologies Proprietary i Table of Contents Appendix A Command Index A 1 ...

Page 853: ...accounting optional Reliability Command 3 20 accounting on enable Reliability Command 3 18 acl Security Command 1 1 acl Security Command 1 14 acl Security Command 1 25 acl Security Command 3 1 active region configuration System Management Command 1 1 add member Multicast Protocol Command 2 14 address check QACL Command 5 1 address check dhcp relay QACL Command 6 29 address check no matched QACL Co...

Page 854: ...nt Command 5 4 apply local preference Integrated Management Command 5 5 apply origin Integrated Management Command 5 5 apply tag Integrated Management Command 5 6 area Integrated Management Command 3 2 arp check enable QACL Command 2 1 arp probe ip QACL Command 2 1 arp proxy QACL Command 3 1 arp send gratuitous enable QACL Command 2 11 arp source suppression cache QACL Command 2 2 arp source suppr...

Page 855: ...5 auto execute command Port Command 1 1 B bgp Integrated Management Command 4 2 binary Auto Detecting Command 1 18 boot boot loader Auto Detecting Command 3 1 boot bootrom Auto Detecting Command 3 1 broadcast suppression VLAN Command 1 1 build Multicast Protocol Command 2 16 bye Auto Detecting Command 1 19 C c bsr STP Command 5 1 cd Auto Detecting Command 1 1 cd Auto Detecting Command 1 19 cdup Au...

Page 856: ...nd 2 17 cluster switch to Multicast Protocol Command 2 18 command privilege level Port Command 1 2 compare different as med Integrated Management Command 4 3 confederation id Integrated Management Command 4 4 confederation nonstandard Integrated Management Command 4 5 confederation peer as Integrated Management Command 4 5 Conventions Getting Started Command 5 copy Auto Detecting Command 1 1 c rp ...

Page 857: ...y QACL Command 5 1 debugging gmrp STP Command 1 1 debugging igmp STP Command 4 1 debugging multicast forwarding STP Command 3 1 debugging multicast kernel routing STP Command 3 1 debugging multicast status forwarding STP Command 3 2 debugging ntp service Auto Detecting Command 7 1 debugging pim common STP Command 5 2 debugging pim dm STP Command 5 3 debugging pim sm STP Command 5 4 debugging porta...

Page 858: ... 7 default route advertise Integrated Management Command 3 8 delete Auto Detecting Command 1 2 delete Auto Detecting Command 1 21 delete member Multicast Protocol Command 2 19 description VLAN Command 1 1 description Network Protocol Command 1 1 detect group 1 1 detect list 1 1 dhcp enable QACL Command 6 1 dhcp relay release QACL Command 6 31 dhcp relay security QACL Command 6 33 dhcp relay securi...

Page 859: ...mmand 7 1 dhcp snooping trust QACL Command 7 2 dir Auto Detecting Command 1 3 dir Auto Detecting Command 1 22 disconnect Auto Detecting Command 1 22 display acl config Security Command 1 3 display acl config Security Command 1 16 display acl config Security Command 1 27 display acl running packet filter all Security Command 1 4 display acl running packet filter all Security Command 1 17 display ac...

Page 860: ... display bgp routing table community Integrated Management Command 4 18 display bgp routing table community list Integrated Management Command 4 18 display bgp routing table dampened Integrated Management Command 4 19 display bgp routing table different origin as Integrated Management Command 4 21 display bgp routing table flap info Integrated Management Command 4 21 display bgp routing table peer...

Page 861: ...ct group 1 2 display device Auto Detecting Command 3 3 display dhcp client QACL Command 4 2 display dhcp relay address QACL Command 6 33 display dhcp relay statistics QACL Command 6 34 display dhcp server conflict QACL Command 6 13 display dhcp server expired QACL Command 6 14 display dhcp server free ip QACL Command 6 15 display dhcp server ip in use QACL Command 6 15 display dhcp server statisti...

Page 862: ...y gmrp statistics STP Command 1 1 display gmrp status STP Command 1 2 display gvrp statistics Network Protocol Command 3 5 display gvrp status Network Protocol Command 3 6 display habp Reliability Command 5 1 display habp table Reliability Command 5 2 display habp traffic Reliability Command 5 2 display history command Port Command 1 4 display icmp statistics QACL Command 10 2 display igmp group S...

Page 863: ... table ip_address1 ip_address2 Integrated Management Command 1 8 display ip routing table ip prefix Integrated Management Command 1 9 display ip routing table protocol Integrated Management Command 1 10 display ip routing table radix Integrated Management Command 1 11 display ip routing table statistics Integrated Management Command 1 12 display ip routing table verbose Integrated Management Comma...

Page 864: ...ay multicast routing table STP Command 3 4 display multicast vif STP Command 3 6 display ndp Multicast Protocol Command 2 1 display ntdp Multicast Protocol Command 2 7 display ntdp device list Multicast Protocol Command 2 8 display ntp service sessions Auto Detecting Command 7 2 display ntp service status Auto Detecting Command 7 2 display ntp service trace Auto Detecting Command 7 4 display ospf ...

Page 865: ...link Integrated Management Command 3 27 display pim bsr info STP Command 5 5 display pim interface STP Command 5 5 display pim neighbor STP Command 5 6 display pim routing table STP Command 5 7 display pim rp info STP Command 5 8 display port VLAN Command 1 6 display portal Reliability Command 2 2 display protocol vlan interface Network Protocol Command 1 8 display protocol vlan vlan Network Proto...

Page 866: ...ode Security Command 2 41 display qos interface line rate Security Command 2 22 display qos interface mirrored to Security Command 2 43 display qos interface queue scheduler Security Command 2 6 display qos interface queue scheduler Security Command 2 41 display qos interface traffic limit Security Command 2 23 display qos interface traffic limit Security Command 2 44 display qos interface traffic...

Page 867: ...snmp agent Auto Detecting Command 5 1 display snmp agent community Auto Detecting Command 5 1 display snmp agent group Auto Detecting Command 5 2 display snmp agent mib view Auto Detecting Command 5 3 display snmp agent statistics Auto Detecting Command 5 4 display snmp agent sys info contact Auto Detecting Command 5 5 display snmp agent sys info location Auto Detecting Command 5 6 display snmp ag...

Page 868: ...atus QACL Command 10 7 display time range Security Command 1 4 display time range Security Command 1 17 display time range Security Command 1 29 display user interface Port Command 1 5 display users Port Command 1 6 display users Auto Detecting Command 4 12 display version Auto Detecting Command 4 12 display vlan Network Protocol Command 1 2 display vrrp System Management Command 1 2 dns list QACL...

Page 869: ...Command 1 11 dot1x retry version max Reliability Command 1 12 dot1x supp proxy check Reliability Command 1 13 dot1x timer Reliability Command 1 14 dot1x version check Reliability Command 1 16 drop mode Security Command 2 46 dscp Security Command 2 46 duplex VLAN Command 1 6 E expired QACL Command 6 22 F file prompt Auto Detecting Command 1 4 filter policy export Integrated Management Command 2 3 f...

Page 870: ...t Command 1 7 flow control VLAN Command 1 9 flow interval VLAN Command 1 9 flow template user defined Security Command 1 31 flow template user defined template info Security Command 1 31 format Auto Detecting Command 1 5 free user interface Port Command 1 7 ftp Auto Detecting Command 1 23 ftp server Auto Detecting Command 1 14 ftp timeout Auto Detecting Command 1 15 ftp server Multicast Protocol C...

Page 871: ...5 4 habp timer Reliability Command 5 4 header Port Command 1 8 history command max size Port Command 1 10 holdtime Multicast Protocol Command 2 26 host route Integrated Management Command 2 5 I idle cut Reliability Command 3 9 idle timeout Port Command 1 10 if match acl ip prefix Integrated Management Command 5 10 if match as path Integrated Management Command 5 11 if match community Integrated Ma...

Page 872: ... Command 4 9 igmp snooping STP Command 2 3 igmp snooping fast leave STP Command 2 4 igmp snooping group limit STP Command 2 5 igmp snooping group policy STP Command 2 5 igmp snooping host aging time STP Command 2 7 igmp snooping max response time STP Command 2 8 igmp snooping router aging time STP Command 2 9 import route Integrated Management Command 2 6 import route Integrated Management Command...

Page 873: ...m Management Command 1 6 Intended Audience Getting Started Command 4 interface VLAN Command 1 10 interface vlan interface Network Protocol Command 1 3 ip address Network Protocol Command 1 4 ip address QACL Command 1 2 ip address bootp alloc QACL Command 8 2 ip address dhcp alloc QACL Command 4 2 ip as path acl Integrated Management Command 4 27 ip community list Integrated Management Command 4 28...

Page 874: ... lcd Auto Detecting Command 1 24 line rate Security Command 2 25 link aggregation VLAN Command 2 2 local precedence Security Command 2 48 local server Reliability Command 3 26 local user Reliability Command 3 10 local user Auto Detecting Command 1 15 local user password display mode Reliability Command 3 11 lock Port Command 1 11 logging host Multicast Protocol Command 2 27 loopback VLAN Command 1...

Page 875: ...Integrated Management Command 6 4 memory auto establish disable Integrated Management Command 6 3 memory auto establish enable Integrated Management Command 6 4 messenger Reliability Command 3 11 mirrored to Security Command 2 7 mirrored to Security Command 2 25 mirrored to Security Command 2 49 mirroring port Security Command 2 51 mkdir Auto Detecting Command 1 5 mkdir Auto Detecting Command 1 25...

Page 876: ...twork Integrated Management Command 2 7 network Integrated Management Command 3 31 network Integrated Management Command 4 29 nssa Integrated Management Command 3 32 ntdp enable Multicast Protocol Command 2 9 ntdp explore Multicast Protocol Command 2 10 ntdp hop Multicast Protocol Command 2 11 ntdp timer Multicast Protocol Command 2 12 ntdp timer hop delay Multicast Protocol Command 2 12 ntdp time...

Page 877: ...t server Auto Detecting Command 7 10 ntp service refclock master Auto Detecting Command 7 11 ntp service reliable authentication keyid Auto Detecting Command 7 11 ntp service source interface Auto Detecting Command 7 12 ntp service unicast peer Auto Detecting Command 7 13 ntp service unicast server Auto Detecting Command 7 14 O open Auto Detecting Command 1 25 option QACL Command 6 25 option 1 4 O...

Page 878: ...f timer poll Integrated Management Command 3 39 ospf timer retransmit Integrated Management Command 3 39 ospf trans delay Integrated Management Command 3 40 P packet filter Security Command 1 6 packet filter Security Command 1 19 packet filter Security Command 1 33 parity Port Command 1 12 passive Auto Detecting Command 1 26 password Reliability Command 3 13 password Auto Detecting Command 1 16 pe...

Page 879: ...advertise Integrated Management Command 4 33 peer description Integrated Management Command 4 33 peer ebgp max hop Integrated Management Command 4 34 peer enable Integrated Management Command 4 35 peer filter policy Integrated Management Command 4 35 peer group Integrated Management Command 4 36 peer ip prefix Integrated Management Command 4 37 peer next hop local Integrated Management Command 4 3...

Page 880: ...5 11 pim timer hello STP Command 5 12 ping Auto Detecting Command 4 15 port Network Protocol Command 1 5 port access vlan VLAN Command 1 15 port hybrid protocol vlan vlan Network Protocol Command 1 10 port hybrid pvid vlan VLAN Command 1 15 port hybrid vlan VLAN Command 1 16 port link type VLAN Command 1 17 port trunk permit vlan VLAN Command 1 18 port trunk pvid vlan VLAN Command 1 18 portal Reli...

Page 881: ...mand 2 28 preference Integrated Management Command 2 8 preference Integrated Management Command 3 41 primary accounting Reliability Command 3 28 primary authentication Reliability Command 3 29 priority Security Command 2 8 priority Security Command 2 27 priority Security Command 2 53 priority trust Security Command 2 8 priority trust Security Command 2 27 priority trust Security Command 2 53 proto...

Page 882: ... precedence map Security Command 2 56 queue Security Command 2 58 queue scheduler Security Command 2 11 queue scheduler Security Command 2 30 queue scheduler Security Command 2 59 quit Port Command 1 13 quit Auto Detecting Command 1 27 R radius nas ip Reliability Command 3 30 radius scheme Reliability Command 3 31 radius scheme Reliability Command 3 14 reboot Auto Detecting Command 3 5 reboot memb...

Page 883: ...y Command 1 20 reset acl counter Security Command 1 35 reset arp QACL Command 2 10 reset bgp Integrated Management Command 4 44 reset bgp dampening Integrated Management Command 4 45 reset bgp flap info Integrated Management Command 4 45 reset bgp group Integrated Management Command 4 46 reset counters interface VLAN Command 1 19 reset dhcp relay statistics QACL Command 6 37 reset dhcp server conf...

Page 884: ...ommand 1 9 reset saved configuration Auto Detecting Command 1 11 reset stop accounting buffer Reliability Command 3 32 reset stp System Management Command 1 7 reset tcp statistics QACL Command 10 8 reset traffic statistic Security Command 2 12 reset traffic statistic Security Command 2 31 reset traffic statistic Security Command 2 61 reset trapbuffer Auto Detecting Command 4 31 retry Reliability C...

Page 885: ...tegrated Management Command 2 13 rip split horizon Integrated Management Command 2 14 rip version Integrated Management Command 2 15 rip work Integrated Management Command 2 16 rmdir Auto Detecting Command 1 10 rmdir Auto Detecting Command 1 28 rmon alarm Auto Detecting Command 6 8 rmon event Auto Detecting Command 6 9 rmon history Auto Detecting Command 6 10 rmon prialarm Auto Detecting Command 6...

Page 886: ...14 secondary accounting Reliability Command 3 36 secondary authentication Reliability Command 3 36 self service url Reliability Command 3 14 send Port Command 1 15 server type Reliability Command 3 37 service type Port Command 1 15 service type Reliability Command 3 15 service type Auto Detecting Command 1 17 service type multicast STP Command 6 1 session control server Reliability Command 4 1 set...

Page 887: ...uto Detecting Command 5 12 snmp agent trap enable Auto Detecting Command 5 13 snmp agent trap enable ospf Integrated Management Command 3 45 snmp agent trap life Auto Detecting Command 5 15 snmp agent trap queue size Auto Detecting Command 5 15 snmp agent trap source Auto Detecting Command 5 16 snmp agent usm user Security Command 3 4 snmp agent usm user Auto Detecting Command 5 16 snmp host Multi...

Page 888: ...ool Multicast Protocol Command 1 3 standby detect group 2 2 state Reliability Command 3 16 state Reliability Command 3 38 static bind ip address QACL Command 6 28 static bind mac address QACL Command 6 28 static rp STP Command 5 14 stop accounting buffer enable Reliability Command 3 39 stopbits Port Command 1 19 stp System Management Command 1 9 stp bpdu protection System Management Command 1 9 st...

Page 889: ...mcheck System Management Command 1 22 stp interface point to point System Management Command 1 23 stp interface port priority System Management Command 1 21 stp interface root protection System Management Command 1 24 stp interface transit limit System Management Command 1 25 stp loop protection System Management Command 1 26 stp max hops System Management Command 1 27 stp mcheck System Management...

Page 890: ...stem Management Command 1 30 stp tc protection System Management Command 1 31 stp timer forward delay System Management Command 1 32 stp timer hello System Management Command 1 33 stp timer max age System Management Command 1 34 stp transit limit System Management Command 1 35 stub Integrated Management Command 3 46 subvlan Network Protocol Command 4 3 summary Integrated Management Command 2 16 su...

Page 891: ...t Command 1 22 T tcp timer fin timeout QACL Command 10 9 tcp timer syn timeout QACL Command 10 9 tcp window QACL Command 10 10 telnet Port Command 1 23 temperature limit Auto Detecting Command 3 6 terminal debugging Auto Detecting Command 4 31 terminal logging Auto Detecting Command 4 32 terminal monitor Auto Detecting Command 4 32 terminal trapping Auto Detecting Command 4 33 tftp Auto Detecting ...

Page 892: ...nd 2 32 traffic limit Security Command 2 61 traffic priority Security Command 2 13 traffic priority Security Command 2 33 traffic priority Security Command 2 64 traffic redirect Security Command 2 35 traffic redirect Security Command 2 66 traffic shape Security Command 2 68 traffic statistic Security Command 2 14 traffic statistic Security Command 2 36 traffic statistic Security Command 2 69 U und...

Page 893: ...ode Reliability Command 3 17 vlan mapping modulo System Management Command 1 36 vlan vpn enable VLAN Command 1 22 vlan vpn tunnel System Management Command 2 1 vlink peer Integrated Management Command 3 47 vrrp authentication mode System Management Command 1 3 vrrp method System Management Command 1 4 vrrp ping enable System Management Command 1 5 vrrp vrid preempt mode System Management Command 1...

Page 894: ...ix Quidway S3500 Series Ethernet Switches Appendix A Command Index Huawei Technologies Proprietary A 42 vrrp vrid track detect group 2 3 vrrp vrid virtual ip System Management Command 1 8 W wred Security Command 2 71 X Y Z ...

Reviews:

No comments

Related manuals for Quidway S3526

Paradyne MCC Installation Instructions Manual preview
MCC
Brand: Paradyne Pages: 11
Paradyne Hotwire 8784 Installation Instructions Manual preview
Hotwire 8784
Brand: Paradyne Pages: 19
Paradyne Hotwire 7995 Installation Instructions Manual preview
Hotwire 7995
Brand: Paradyne Pages: 32
Paradyne COMSPHERE 3550 Series User Manual preview
COMSPHERE 3550 Series
Brand: Paradyne Pages: 153
Paradyne Jetstream CPX-1000 Reference Manual preview
Jetstream CPX-1000
Brand: Paradyne Pages: 141
Paradyne FrameSaver 9783 Installation Instructions Manual preview
FrameSaver 9783
Brand: Paradyne Pages: 28
Paradyne COMSPHERE 6800 Series Installation And Enabling/Disabling Instructions preview
COMSPHERE 6800 Series
Brand: Paradyne Pages: 7
Valcom VIP-822 Manual preview
VIP-822
Brand: Valcom Pages: 3
Valcom VIP-814 User Manual preview
VIP-814
Brand: Valcom Pages: 4
IBM 8677 - BladeCenter Rack-mountable - Power... Planning And Installation Manual preview
8677 - BladeCenter Rack-mountable - Power...
Brand: IBM Pages: 126
LaCie 301160U - 1TB Ethernet Disk RAID Network Attached... Quick Install Manual preview
301160U - 1TB Ethernet Disk RAID Network Attached...
Brand: LaCie Pages: 5
Paradyne Adapter Bracket Notice preview
Adapter Bracket
Brand: Paradyne Pages: 1
Draytek Vigor 2710e Quick Start Manual preview
Vigor 2710e
Brand: Draytek Pages: 8
US Robotics USR8700 User Manual preview
USR8700
Brand: US Robotics Pages: 156
NETGEAR FS605 v3 Installation Manual preview
FS605 v3
Brand: NETGEAR Pages: 84
peplink balance ONE Manual preview
balance ONE
Brand: peplink Pages: 2
Rabbit RabbitCore RCM4400W Product Manual preview
RabbitCore RCM4400W
Brand: Rabbit Pages: 126
4Home ControlPoint 2000 User Manual preview
ControlPoint 2000
Brand: 4Home Pages: 20

Brands by name

Popular brands

Load more brands