manualshive.com logo in svg

Huawei Quidway S8500 Series, Command Manual

Share
Download
Huawei Quidway S8500 Series Command Manual Download Page 944

Command Manual – Security 
Quidway S8500 Series Routing Switches 

Chapter 2  AAA and RADIUS/HWTACACS Protocol 

Configuration Commands

 

Huawei Technologies Proprietary 

2-58 

2.3.11  primary authorization 

Syntax 

primary authorization ip-address 

[

 port-number

 ] 

undo primary authorization 

View 

HWTACACS view 

Parameter 

ip-address

: IP address of the server, a valid unicast address in dotted decimal format. 

port-number

: Port number of the server, which is in the range 1 to 65535 and defaults to 

49. 

Description 

Use the 

primary authorization

 command to configure a primary TACACS 

authorization server. 

Use the 

undo primary authorization

 command to delete the configured primary 

authorization server. 

By default, the IP address of the TACACS authorization server is all zeros. 

You are not allowed to assign the same IP address to both primary and secondary 
authorization servers. 

If you repeatedly use this command, the latest configuration overwrites the previous 
one. 

You can remove a TACACS scheme authorization server only when no Active TCP 
connection used to send authorization packets is now using the server, and the removal 
impacts only packets forwarded afterwards. 

Related command: 

display hwtacacs

Example 

# Configure a primary authorization server. 

[Quidway] hwtacacs scheme test1 

[Quidway-hwtacacs-test1] primary authorization 10.163.155.13 49 

2.3.12  reset hwtacacs statistics 

Syntax 

reset hwtacacs statistics 

accounting 

|

 authentication 

|

 authorization 

|

 all 

Summary of Contents for Quidway S8500 Series

Page 1: ...1 Reliability 4 Network Protocol 12 System Management 5 Routing Protocol 13 PoE 6 Multicast Protocol 14 NAT URPF VPLS 7 QoS ACL 15 Integrated Management 8 MPLS 16 Appendix Quidway S8500 Series Routing Switches Command Manual VRP3 10 Huawei Technologies Proprietary ...

Page 2: ...ts from the sales agent of Huawei Technologies Co Ltd please contact our sales agent If you purchase the products from Huawei Technologies Co Ltd directly Please feel free to contact our local office customer care center or company headquarters Huawei Technologies Co Ltd Address Administration Building Huawei Technologies Co Ltd Bantian Longgang District Shenzhen P R China Postal Code 518129 Websi...

Page 3: ... iTELLIN HUAWEI OptiX C C08iNET NETENGINE OptiX iSite U SYS iMUSE OpenEye Lansway SmartAX infoX and TopEng are trademarks of Huawei Technologies Co Ltd All other trademarks and trade names mentioned in this manual are the property of their respective holders Notice The information in this manual is subject to change without notice Every effort has been made in the preparation of this manual to ens...

Page 4: ... routing protocols multicast protocols and QoS ACL Quidway S8500 Series Routing Switches Operation Manual Volume II It includes MPLS STP security reliability system management PoE NAT URPF VPLS integrated management and appendix Organization Quidway S8500 Series Routing Switches Command Manual consists of the following parts z Getting Started This module introduces the commands available in the S8...

Page 5: ...uration z STP This module introduces the commands for STP configuration z Security This module presents the commands for the configuration on 802 1x AAA and RADIUS protocols HABP and HWTACACS protocol z Reliability This module focuses on the commands for VRRP and HA configuration z System Management This module details the commands for the configuration involved in system management and maintenanc...

Page 6: ...command line are in Boldface italic Command arguments are in italic Items keywords or arguments in square brackets are optional x y Alternative items are grouped in braces and separated by vertical bars One is selected x y Optional alternative items are grouped in square brackets and separated by vertical bars One or none is selected x y Alternative items are grouped in braces and separated by ver...

Page 7: ...Backspace or A Key1 Key2 Press the keys concurrently For example Ctrl Alt A means the three keys should be pressed concurrently Key1 Key2 Press the keys in turn For example Alt A means the two keys should be pressed in turn V Mouse operation Action Description Select Press and hold the primary mouse button left mouse button by default Click Select and release the primary mouse button without movin...

Page 8: ...in the manual to highlight the points worthy of special attention during the operation They are defined as follows Caution Means reader be extremely careful during the operation Note Means a complementary description Huawei Technologies Proprietary ...

Page 9: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Getting Started Huawei Technologies Proprietary ...

Page 10: ... 1 9 free user interface 1 10 1 1 10 header 1 11 1 1 11 history command max size 1 13 1 1 12 idle timeout 1 14 1 1 13 language mode 1 14 1 1 14 lock 1 15 1 1 15 modem 1 15 1 1 16 modem auto answer 1 16 1 1 17 modem timer answer 1 17 1 1 18 parity 1 17 1 1 19 protocol inbound 1 18 1 1 20 quit 1 19 1 1 21 return 1 19 1 1 22 screen length 1 20 1 1 23 send 1 21 1 1 24 service type telnet 1 21 1 1 25 s...

Page 11: ...iguration Commands 2 1 2 1 1 display password control 2 1 2 1 2 display password control blacklist 2 2 2 1 3 display password control super 2 2 2 1 4 password 2 3 2 1 5 password control 2 4 2 1 6 password control enable 2 6 2 1 7 password control super 2 7 2 1 8 reset password control history record 2 8 2 1 9 reset password control history record super 2 8 2 1 10 reset password control blacklist 2...

Page 12: ...you need to configure a login password using the set authentication password cipher simple password command This command with the scheme parameter indicates to perform authentication of local or remote username and password The type of the authentication depends on your configuration For detailed information see Security section By default terminal authentication is not required for local users lo...

Page 13: ...ed command When a user logs in the command configured will be executed automatically The user will be disconnected after that Use the undo auto execute command command to configure not to run the command automatically This command is usually used to configure the telnet command on the terminal which will connect the user to a designated device automatically By default auto run is disabled Caution ...

Page 14: ... specifically view Use the undo command privilege view command to restore the default command priority The command levels include visit monitoring configuration and management which are identified as 0 through 3 respectively An administrator assigns authorities as per user requirements and allows them to operate in corresponding views When a user logs in to the switch the command level that it can...

Page 15: ...ameter 7 Sets 7 data bits 8 Sets 8 data bits Description Use the databits command to configure the data bits for the user interface Use the undo databits command to restore the default bits of the user interface This command can only be performed in Console and AUX user interface view By default the value is 8 Example Configure the data bits of AUX port to 7 bits Quidway system view System View re...

Page 16: ...nds are stored in the history command buffer When the history command buffer is full the oldest information in the buffer will be replaced by new information The number of history commands obtained through the display history command command Command Number depends on the size of the history command buffer set through the history command max size command and Command Number should not be bigger than...

Page 17: ...Command Number and a regular expression begin include exclude Match string the system will display the commands that match the regular expression among the first Command Number pieces of commands Related command history command max size Example Display all history commands in the buffer Quidway display history command system view user interface vty 0 user interface vty 0 4 history command max size...

Page 18: ...ry command 5 display history command include 10 11 113 14 display history command 5 1 1 6 display user interface Syntax display user interface type number number summary View Any view Parameter type Specifies the type of a user interface number Specifies the number of a user interface Summary Displays the summary of a user interface Description Use the display user interface command to view the re...

Page 19: ...al location of UIs A Authenticate use AAA N Current UI need not authentication P Authenticate use current UI s password Table 1 1 Description on the fields of the display user interface command Field Description Current user interface is in use F Current user interface is in use and work in asynchronous mode Idx Absolute index of user interface Type Type and relative index of user interface Tx Rx ...

Page 20: ...all user interfaces Description Use the display users command to view the information of the user interface Example Display the information of the current user interface Quidway display users UI Delay Type Ipaddress Username 0 CON 0 00 00 00 Table 1 3 Description on the fields of the display users command Field Description Current user interface is in use and work in asynchronous mode UI Number of...

Page 21: ...es no flow control software Configures to perform software flow control Description Use the flow control command to configure the flow control mode on the user interface Use the undo flow control command to restore the default flow control mode By default the value is none That is no flow control will be performed This command can only be performed in Console and AUX user interface view Example Co...

Page 22: ...u log in via the user interface 1 for the next time 1 1 10 header Syntax header shell incoming login text undo header shell incoming login View System view Parameter login Login information in case of authentication It is displayed before the user is prompted to enter user name and password shell User conversation established header the information output after user conversation has been establish...

Page 23: ...here is only one character in the first line and it is used as the identifier this initial character pairs with the ending character and is not header content 2 If there are many characters in the first line but the initial and ending characters are different this initial character pairs with the ending character and is header content 3 Texts are input in multiple lines there are many characters i...

Page 24: ...s Hello Welcome Quidway 1 1 11 history command max size Syntax history command max size value undo history command max size View User interface view Parameter value Defines the size of the history buffer ranging from 0 to 256 By default the size is 10 that is 10 history commands can be saved Description Use the history command max size command to configure the size of the history command buffer Us...

Page 25: ...med before idle timeout expires the user interface will be disconnected Use the undo idle timeout command to restore the default idle timeout idle timeout 0 means disabling idle timeout By default idle timeout is set to 10 minutes Example Configure the timeout value to 1 minute on the AUX user interface Quidway system view System View return to User View with Ctrl Z Quidway user interface aux 0 Qu...

Page 26: ...rent users By default the value is English Example Switch from English mode to Chinese mode Quidway language mode chinese 1 1 14 lock Syntax lock View User view Parameter None Description Use the lock command to lock the user interface to prevent unauthorized user from operating it Example Lock the current user interface Quidway lock Password xxxx Again xxxx 1 1 15 modem Syntax modem call in both ...

Page 27: ...is command can only be performed in AUX user interface view Example Configure to allow call in and call out of Modem on the AUX port Quidway system view System View return to User View with Ctrl Z Quidway user interface aux 0 Quidway ui aux0 modem both 1 1 16 modem auto answer Syntax modem auto answer undo modem auto answer View User interface view Parameter None Description Use the modem auto ans...

Page 28: ... timer answer in seconds ranging from 1 to 60 The default value is 30s Description Use the modem timer answer command to configure the timer answer from off hook to carrier detected when establishing the call in connection Use the undo modem timer answer command to restore the default timeout value This command can only be performed in AUX user interface view Example Set the timer answer of AUX 0 ...

Page 29: ...le and AUX user interface view By default the mode is set to none Example Set mark parity on the AUX port Quidway system view System View return to User View with Ctrl Z Quidway user interface aux 0 Quidway ui aux0 parity mark 1 1 19 protocol inbound Syntax protocol inbound all telnet ssh View User interface view Parameter all Specifies to support all the protocols including Telnet and SSH ssh Spe...

Page 30: ...tocol inbound telnet 1 1 20 quit Syntax quit View Any view Parameter None Description Use the quit command to return to the lower level view from the current view If the current view is user view you can quit the system There are three levels of views which are listed from low to high as follows z User view z System view z VLAN view Ethernet port view and so on Related command see return system vi...

Page 31: ...Syntax screen length screen length undo screen length View User interface view Parameter screen length Specifies how many lines can be displayed on a screen ranging from 0 to 512 The default value is 24 Description Use the screen length command to configure how many lines that can be displayed on a screen of the terminal Use the undo screen length command to restore the default number of terminal ...

Page 32: ...x or vty number Specifies the absolute relative number of the user interface If it follows type it is a relative number For Aux or Console user types it can be 0 only For VTY user type it ranges from 0 to 4 If the type is not specified it is an absolute number which ranges from 0 to 6 Description Use the send command to send messages between different user interfaces Example Send message to all th...

Page 33: ... this level including the display command and the debugging command are used for system maintenance service fault diagnosis etc The operation of saving the configuration file is not allowed on this level of commands z Configuration level Service configuration commands including routing command and commands on each network layer are used to provide direct network service to the user z Management le...

Page 34: ...ample _ TT8F Y 5SQ Q MAF4 1 Description Use the set authentication password command to configure the password for local authentication Use the undo set authentication password command to cancel local authentication password The password in plain text is required when performing authentication regardless whether the configuration is plain text or encrypted text Note By default password is required ...

Page 35: ...erfaces other than the Console user interface z You cannot use this command on the user interface via which you log in z You will be asked to confirm before executing this command on any legal user interface Example Disable terminal service on the vty user interface 0 to 4 after logging in to the switch via user interface 0 Quidway system view System View return to User View with Ctrl Z Quidway us...

Page 36: ... speed on the AUX port as 9600bit s Quidway system view System View return to User View with Ctrl Z Quidway user interface aux 0 Quidway ui aux0 speed 9600 1 1 28 stopbits Syntax stopbits 1 1 5 2 undo stopbits View User interface view Parameter 1 Sets 1 stop bit 1 5 Sets 1 5 stop bits 2 Sets 2 stop bits Description Use the stopbits command to configure the stop bits on the user interface Use the u...

Page 37: ...rent user level If the user has set the super password level level simple cipher password then user password of the higher level is needed or the former user level will not change Login users are classified into four levels that correspond to the four command levels respectively After users of different levels log in they can only use commands at the levels that are equal to or lower than its own ...

Page 38: ...ts and in encrypted text for example _ TT8F Y 5SQ Q MAF4 1 Description Use the super password command to configure the password for changing the user from a lower level to a higher level In order to prevent unauthorized users from illegal intrusion user ID authentication is performed when users switch from a lower level to a higher level For the sake of confidentiality on the screen the user canno...

Page 39: ...e Changing the hostname of the switch will affect the prompt of command line interface For example if the hostname of the switch is Quidway the prompt in user view will be Quidway Example Configure the hostname of switch to Switch Quidway system view System View return to User View with Ctrl Z Quidway sysname Switch Switch 1 1 32 system view Syntax system view View User view Parameter None Descrip...

Page 40: ...TCP port on the remote switch providing Telnet service ranging from 0 to 65535 Description Use the telnet command to log in to another switch from the current one via telnet for remote management To terminate the Telnet login press Ctrl K By default when the service port is not specified the default telnet port number is 23 Related command display tcp status Example Log in to switch Quidway2 at 12...

Page 41: ...r interface vty 0 Quidway ui vty0 1 1 35 user privilege level Syntax user privilege level level undo user privilege level View User interface view Parameter level Specifies which level of command a user can use after login from the specifically user interface ranging from 0 to 3 Description Use the user privilege level command to configure which level of command a user can use after login from the...

Page 42: ...er privilege level 0 After you telnet from VTY 0 user interface to the switch you will view the terminal only displays commands at level 0 Quidway User view commands debugging Enable system debugging functions language mode Specify the language environment ping Ping function quit Exit from current command view super Privilege current user a specified priority level telnet Establish one TELNET conn...

Page 43: ...on and the configured minimum password length the enabled disabled state of history password recording the alert time before password expiration the timeout time for password authentication the maximum number of password input attempts the maximum number of history password records the processing mode after failed password input attempts the time when the password history was last cleared and so o...

Page 44: ...t command to view the user information added into the backlist based on the user name or IP address after failed attempts of entering passwords Example Display the information of all users added into the blacklist after failed attempts of entering passwords Quidway display password control blacklist USERNAME IP Jack 10 1 1 2 The number of users in blacklist is 1 2 1 3 display password control supe...

Page 45: ...tax password View Local user view Parameter None Description Use the password command to configure a system login password To change a password just log in to the switch and carry out this command For related configuration refer to password control Example Set the system login password to 9876543210 Quidway system view System View return to User View with Ctrl Z Quidway local user test Quidway lus...

Page 46: ...x record num Configures the maximum number of history password records for each user The value range is 2 to 10 default 4 alert time Configures the alert time before password expiration The value range is 1 to 30 days and the default value is 7 days authentication timeout Configures the timeout time for user authentication The value range is 30 to 120 seconds and the default value is 60 seconds Ex...

Page 47: ...ommand to configure the timeout time for user password authentication Use the password control login attempt attempt time exceed command to configure the processing mode used after password attempt fails Example Configure the aging time of the system login passwords to 100 days Quidway system view System View return to User View with Ctrl Z Quidway password control aging 100 Configure the minimum ...

Page 48: ...lt the minimum password length is 10 characters Use the password control history enable command to enable history password recording When a login password expires the system will require the user to input a new password and will save the old password automatically to a file in the flash memory By recording the history passwords the system can prevent the user from using a single password or repeat...

Page 49: ... min length undo password control super aging length View System view Parameter aging time Specifies the aging time for super passwords The value range is 1 to 365 days and the default value is 90 days min length Specifies the minimum length for super passwords It ranges from 4 to 16 characters and the default value is 10 characters Description Use the password control super command to configure s...

Page 50: ...ted by the previously configured history password records Example Delete the history password records of all users Quidway reset password control history record Are you sure to delete all the history record Y N If you type Y the system will delete the history password records of all users and gives the following prompt Updating the password file please wait All historical passwords have been clear...

Page 51: ...rd of a user is deleted the configuration of a new password will not be restricted by the previously configured history password records Example Delete the history records of super passwords for the users at level 2 Quidway reset password control history record super level 2 Are you sure to clear the specified level super password history records Y N If you type Y the system will delete the histor...

Page 52: ...ay display password control blacklist USERNAME IP test 192 168 30 25 tes 192 168 30 24 test2 192 168 30 23 Remove user test from the blacklist Quidway reset password control blacklist user name test Are you sure to delete the blacklist users Y N y All the blacklist users have been cleared Check the current user information in the blacklist and verify that user test has been removed Quidway display...

Page 53: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Port Huawei Technologies Proprietary ...

Page 54: ...pback 1 13 1 1 14 mdi 1 13 1 1 15 multicast suppression 1 14 1 1 16 port access vlan 1 15 1 1 17 port hybrid pvid vlan 1 16 1 1 18 port hybrid vlan 1 17 1 1 19 port link type 1 18 1 1 20 port mode 1 18 1 1 21 port trunk permit vlan 1 19 1 1 22 port trunk pvid vlan 1 20 1 1 23 reset counters interface 1 21 1 1 24 shutdown 1 21 1 1 25 speed 1 22 1 1 26 vlan vpn enable 1 23 Chapter 2 Ethernet Link Ag...

Page 55: ...ption 3 2 3 1 4 display interface pos 3 3 3 1 5 debugging ppp 3 5 3 1 6 flag 3 6 3 1 7 frame format 3 8 3 1 8 interface pos 3 8 3 1 9 loopback 3 9 3 1 10 mtu 3 9 3 1 11 pos access vlan 3 10 3 1 12 ppp timer negotiate 3 11 3 1 13 reset counters interface pos 3 12 3 1 14 scramble 3 12 3 1 15 shutdown 3 13 3 1 16 threshold 3 13 3 1 17 timer hold 3 14 Chapter 4 RPR Port Configuration Commands 4 1 4 1 ...

Page 56: ... 4 1 24 rpr timer 4 24 4 1 25 rpr weight 4 25 4 1 26 sdh threshold 4 26 4 1 27 shutdown 4 27 Chapter 5 IDS Linkage Configuration Commands 5 1 5 1 IDS Linkage Configuration Commands 5 1 5 1 1 ids acl 5 1 5 1 2 display ids 5 1 5 1 3 debugging ids acl 5 2 Chapter 6 Port Isolation Configuration Commands 6 1 6 1 Port Isolation Configuration Commands 6 1 6 1 1 port isolate group 6 1 6 1 2 port isolate u...

Page 57: ...d on the port The value range is 1 to 100 and the default value is 50 The smaller the ratio is the smaller the broadcast traffic is allowed bandwidth Specifies broadcast suppression bandwidth on the port The value range is 1 to the maximum value of port bandwidth Description Use the broadcast suppression command to set the broadcast suppression ratio or broadcast suppression bandwidth Use the undo...

Page 58: ...de between known multicast and unknown multicast for multicast suppression Related command multicast suppression Example Set the broadcast suppression ratio to 40 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet 2 1 1 Quidway Ethernet2 1 1 broadcast suppression 40 Set the broadcast suppression bandwidth to 40Mbit Quidway Ethernet2 1 1 broadcast suppression...

Page 59: ...n command to copy the configuration of a specific port to other ports to ensure consistent configuration Example Copy the configuration of aggregation group 1 to aggregation group 2 Quidway system view System View return to User View with Ctrl Z Quidway copy configuration source aggregation group 1 destination aggregation group 2 1 1 3 description Syntax description text undo description View Ethe...

Page 60: ...inbound Displays the import statistic information outbound Displays the export statistic information interface type Specifies the port type Three types are available Ethernet Gigabit Ethernet POS and RPR Description Use the display counters command to view the statistics on the ports of the specified types If the port type is not specified the system displays statistics orderly on all the ports Ex...

Page 61: ...on refer to the interface command Description Use the display interface command to view the configuration information on the port If the port type and number are not specified when displaying the port information the information of all the ports will be displayed If only the port type is specified all the information of the ports of this type will be displayed If both port type and port number are...

Page 62: ... 64 bytes broadcasts multicasts 0 pauses Output 0 output errors underruns buffer failures 0 aborts 0 deferred collisions 0 late collisions lost carrier no carrier Receive Packet Peak Value Info 7215 bytes happened at 03 30 35 3 7 2001 Transmit Packet Peak Value Info 64 bytes happened at 03 30 35 3 7 2001 Table 1 1 Description on the fields of the display interface command Field Description Etherne...

Page 63: ...ID The VLANs with packets untagged Last 300 seconds input 0 packets sec 0 bits sec Last 300 seconds output 0 packets sec 0 bits sec The input output rate and the passing packet number on this port in the last 300 seconds Input total 0 packets 0 bytes 0 broadcasts 0 multicasts Input normal 0 packets 0 bytes broadcasts multicasts Input 0 input errors 0 runts 0 giants 0 throttles 0 CRC 0 frame 0 over...

Page 64: ...s as well as the default values may vary from card to card Example Display the current Jumboframe configuration in the system Quidway system view Quidway display jumboframe configuration The jumboframe configuration at present Slot 2 Allow jumbo frame to pass The Maximum Frame Length is 1552 1 1 7 display port Syntax display port hybrid trunk View Any view Parameter hybrid Displays Hybrid port tru...

Page 65: ... full half undo duplex View Ethernet port view Parameter auto Port auto negotiation attribute full Port full duplex attribute half Port half duplex attribute Description Use the duplex command to configure the duplex attribute of the Ethernet port Use the undo duplex command to restore the duplex attribute of the port to default auto negotiation mode By default the duplex attribute is auto Related...

Page 66: ...gestion Use the undo flow control command to disable flow control feature By default flow control on the Ethernet port is disabled Example Enable flow control on Ethernet2 1 1 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet 2 1 1 Quidway Ethernet2 1 1 flow control 1 1 10 link status hold Syntax link status hold hold time undo link status hold View System ...

Page 67: ...port type It can be Aux Ethernet Loopback M Ethernet NULL VLAN interface GigabitEthernet and 10 GigabitEthernet Pos RPR interface number Specifies the port number It adopts slot number subslot number port number format slot number specifies the LPU slot number of the port For S8505 it ranges from 2 to 6 For S8508 it ranges from 0 to 3 and 6 to 9 slot number 4 and 5 are SRPU For S8512 it ranges fro...

Page 68: ...itted to pass the card Description Use the jumboframe enable command to permit jumbo frames to pass the card on the specified slot and set the maximum size of Jumbo frames Use the jumboframe disable slot command to prohibit jumbo frames from passing the card on the specified slot By default jumbo frame is permitted to pass cards Related command display jumboframe configuration Note The system supp...

Page 69: ...et port in external loop mode Presently the Ethernet ports of the Quidway S8500 Series Routing Switches do not support this mode internal Ethernet port in internal loop mode Description Use the loopback command to set the Ethernet port in loop mode Use the undo loopback command to cancel the loop setting By default the Ethernet port is not in loop mode Example Configure Ethernet2 1 1 in internal l...

Page 70: ... electrical ports Example Configure the network cable type of Ethernet port Ethernet2 1 1 as auto Quidway system view System View return to User View with Ctrl Z Quidway interface ethernet2 1 1 Quidway Ethernet2 1 1 mdi auto 1 1 15 multicast suppression Syntax multicast suppression ratio bandwidth bandwidth undo multicast suppression View Ethernet port view Parameter ratio Specifies the maximum wi...

Page 71: ... versa Although the commands are based on ports the mutual exclusion between these two commands is based on cards z If multicast suppression is enabled broadcast packets are also suppressed at the same time while broadcast suppression does not work on multicast packets z No distinction is made between known multicast and unknown multicast for multicast suppression Related command broadcast suppres...

Page 72: ...AN3 has existed Quidway system view System View return to User View with Ctrl Z Quidway interface ethernet2 1 1 Quidway Ethernet2 1 1 port access vlan 3 1 1 17 port hybrid pvid vlan Syntax port hybrid pvid vlan vlan id undo port hybrid pvid View Ethernet port view Parameter vlan id VLAN ID defined in IEEE802 1Q ranging from 1 to 4094 and the default vlan id is 1 Description Use the port hybrid pvi...

Page 73: ...10 indicates that the former parameter can be input 10 times repeatedly at most tagged Packet of specified VLAN will have tag untagged Packet of specified VLAN will not have tag Description Use the port hybrid vlan command to join the hybrid port to specified existing VLAN Use the undo port hybrid vlan command to cancel the hybrid port from the specified VLAN Hybrid port can belong to multiple VLA...

Page 74: ... port Use the undo port link type command to restore the port as default status i e access port You can configure three types of ports concurrently on the same switch but you cannot switch between trunk port and hybrid port You must turn it first into access port and then set it as other type For example you cannot configure a trunk port directly as hybrid port but first set it as access port and ...

Page 75: ... to restore the default mode of the port By default Ethernet ports work in LAN mode 10GE ports support WAN mode Example Set port GigabitEthernet2 1 1 to work in WAN mode Quidway system view System View return to User View with Ctrl Z Quidway interface GigabitEthernet2 1 1 Quidway GigabitEthernet2 1 1 port mode wan Restore the default LAN mode on port GigabitEthernet2 1 1 Quidway GigabitEthernet2 1...

Page 76: ...ay system view System View return to User View with Ctrl Z Quidway interface Ethernet2 1 1 Quidway Ethernet2 1 1 undo port trunk permit vlan 1 Add the trunk port to all VLANs Quidway Ethernet2 1 1 port trunk permit vlan all 1 1 22 port trunk pvid vlan Syntax port trunk pvid vlan vlan id undo port trunk pvid View Ethernet port view Parameter vlan id VLAN ID defined in IEEE802 1Q ranging from1 to 4 ...

Page 77: ...or parameter description refer to the interface command Description Use the reset counters interface command to reset the statistical information on the port and count the related information again on the port for the user If the port type and number are not specified when clearing the port information information of all ports on the switch will be cleared If only the port type is specified all th...

Page 78: ... 1 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet2 1 1 Quidway Ethernet2 1 1 undo shutdown 1 1 25 speed Syntax speed 10 100 1000 10000 auto undo speed View Ethernet port view Parameter 10 Speed on the port is 10 Mbps 100 Speed on the port is 100 Mbps 1000 Speed on the port is 1000 Mbps 10000 Speed on the port is 10 Gbps auto Port speed is in peer auto ne...

Page 79: ... 1 26 vlan vpn enable Syntax vlan vpn enable undo vlan vpn View Ethernet port view Parameter None Description Use the vlan vpn enable command to enable port VLAN VPN Use the undo vlan vpn command to disable port VLAN VPN Note that if anyone of GVRP STP NTP or 802 1x has been enabled on a port VLAN VPN cannot be enabled on it By default the port VLAN VPN is disabled Example Enable VLAN VPN on Ether...

Page 80: ...interface number to interface type interface number Specifies a port or ports The command without the parameter to specifies one port while the command with the parameter to specifies several contiguous ports interface type indicates port type interface number indicates port number For more information see the parameter description of the interface command Description Use the debugging lacp packet...

Page 81: ...while the command with the parameter to specifies several contiguous ports interface type indicates port type interface number indicates port number For more information see the parameter description of the interface command actor churn Actor churn state machine debugging switch mux MUX state machine debugging switch partner churn Partner churn state machine debugging switch ptx PTX state machine ...

Page 82: ...mand to disable link aggregation error debugging Example Enable link aggregation error debugging Quidway debugging link aggregation error 2 1 4 debugging link aggregation event Syntax debugging link aggregation event undo debugging link aggregation event View User view Parameter None Description Use the debugging link aggregation event command to enable link aggregation event debugging Use the und...

Page 83: ...k aggregation Example Display the device ID of the local system Quidway display lacp system id Actor System ID 0x8000 00e0 fc00 0100 Table 2 1 Description on the fields of the display lacp system id command Field Description Actor System ID The device ID of the local system including system priority and system MAC address 2 1 6 display link aggregation summary Syntax display link aggregation summa...

Page 84: ...dsharing NonS Non Loadsharing Actor ID 0x8000 00e0 fc23 0d90 AL AL Partner ID Select Standby Share Master ID Type Ports Ports Type Port 1 M none 2 0 Shar GigabitEthernet3 1 1 3 M none 4 0 Shar Ethernet4 1 45 Table 2 2 Description on the fields of the display link aggregation summary command Field Description Actor ID Local device ID AL ID Aggregation group ID AL Type Aggregation group type Partner...

Page 85: ... status and detailed remote information local port indexes of remote ports port priority flag operation key and system ID here local and remote are in a relative sense Note that since the manual aggregation group cannot get the information of the peer end every item of the peer end is displayed as 0 which does not indicate the actual status of the peer system Example Display the detailed informati...

Page 86: ...tailed information about the peer device including local port peer port index port priority flag operation key and device ID 2 1 8 display link aggregation interface Syntax display link aggregation interface interface type interface number to interface type interface number View Any view Parameter interface interface type interface number to interface type interface number Specifies a port or port...

Page 87: ...te System ID 0x0 0000 0000 0000 Port Number 0 Port Priority 0 Oper key 0 Flag 0x00 Received LACP Packets 0 packet s Illegal 0 packet s Sent LACP Packets 0 packet s Table 2 4 Description on the fields of the display link aggregation interface command Field Description Attached AggID Aggregation group ID for the specified port Local Port Priority 32768 Oper key 1 Flag 0x00 Port priority operation ke...

Page 88: ... Ethernet1 1 1 Quidway Ethernet1 1 1 lacp enable 2 1 10 lacp port priority Syntax lacp port priority port priority value undo lacp port priority View Ethernet port view Parameter port priority value Port priority in the range of 0 to 65 535 By default it is 32 768 Description Use the lacp port priority command to configure port priority Use the undo lacp port priority command to restore the defaul...

Page 89: ...mmand to configure system priority Use the undo lacp system priority command to restore the default system priority Related command display lacp system id Example Set system priority to 64 Quidway system view System View return to User View with Ctrl Z Quidway lacp system priority 64 2 1 12 link aggregation Syntax link aggregation interface name1 to interface name2 both View System view Parameter ...

Page 90: ... group agg id description alname undo link aggregation group agg id description View System view Parameter agg id Aggregation group ID in the range of 1 to 920 IDs 1 though 31 indicate manual or static aggregation groups IDs 32 through 64 are reserved IDs 65 though 192 indicate Routed Trunks IDs 193 through 920 indicate dynamic aggregation groups alname Aggregation group name character string with...

Page 91: ...the undo link aggregation group command to delete an aggregation group Related command display link aggregation summary Note Port aggregation includes manual aggregation static aggregation and dynamic aggregation z In the manual aggregation mode ports working at different rates can be aggregated Manual aggregation can be load balancing aggregation if the aggregation resource is available In this c...

Page 92: ... 193 through 920 indicate dynamic aggregation groups Description Use the port link aggregation group command to add an Ethernet port into a manual or static aggregation group Use the undo port link aggregation group command to delete an Ethernet port from an aggregation group Related command display link aggregation verbose When a port is added into an aggregation group the original ARP informatio...

Page 93: ...e the command with the parameter to specifies several contiguous ports interface type indicates port type interface number indicates port number For more information refer to the parameter description of the interface command Description Use the reset lacp statistics command to clear LACP statistics for the port If you do not specify a port the command clears LACP statistics for all the ports Rela...

Page 94: ... POS port to use internal clock slave Sets the POS port to use line clock Description Use the clock command to set clock mode at the POS port Use the undo clock command to restore the default clock mode at the POS port By default a POS port works in the line clock mode Example Set the clock mode of POS2 1 1 to the master clock mode Quidway system view System View return to User View with Ctrl Z Qu...

Page 95: ... 16 bit CRC Example Set CRC checkbit length at POS2 1 1 as 16 Quidway system view System View return to User View with Ctrl Z Quidway interface pos2 1 1 Quidway Pos2 1 1 crc 16 3 1 3 description Syntax description text undo description View POS port view Parameter text Port description string 64 characters at most Description Use the description command to set port description string Use the undo ...

Page 96: ...rt in the range of 1 to 4 Description Use the display interface pos command to view the configuration and status information of a designated POS port If no interface number is specified the command displays the configuration and status information of all POS ports Example Display the configuration and status information of POS2 1 1 Quidway display interface pos2 1 1 Pos2 1 1 current state UP Link ...

Page 97: ...64 bits sec 0 Last 5 minutes input 0 packets sec 1584 bits sec 0 input 1731 packets 16913416468 bytes 0 errors 0 CRC 0 giants 0 pads 0 aborts 0 overflows Output 3953 packets 1314756 bytes 0 errors 0 underflows Table 3 1 Description on the fields of the display interface pos command Field Description Pos2 1 1 current state Current state of the POS port Link layer protocol current state Current stat...

Page 98: ... 0 path layer B3 0 G1 0 SDH error information Last 5 minutes output 0 packets sec 0 bits sec Last 5 minutes input 0 packets sec 0 bits sec Input and output rates in the last five minutes on the port input 0 packets 0 bytes 0 errors 0 CRC 0 giants 0 pads 0 aborts 0 overflows Output 0 packets 0 bytes 0 errors 0 underflows Input output packet and error statistics on the port 3 1 5 debugging ppp Synta...

Page 99: ...ing switch interface number POS port number in the format of board slot ID daughter card slot ID port ID where board slot ID refers to the ID of the slot for LPU in the range of 2 to 6 for S8505 or 0 to 3 and 6 to 9 for S8508 or 0 to 5 and 8 to 13 for S8512 daughter card slot ID refers to the ID of the slot for daughter with the value of 1 port ID refers to the sequence number on the LPU for the p...

Page 100: ... type sonet Frame format is SONET flag value The value range of c2 is 0 to ff hexadecimal In the SDH format the value ranges of j0 and j1 are both 1 to 15 characters string In the SONET format the value range of j0 is 0 to 7f hexadecimal Description Use the flag command to set overhead byte type at the port Use the undo flag command to restore the default overhead byte type at the port Note that z...

Page 101: ...the frame format command to set frame format at the POS port Use the undo frame format command to restore the default frame format at the POS port By default the frame format of a POS port is SDH Example Set the frame format of POS2 1 1 to SDH Quidway system view System View return to User View with Ctrl Z Quidway interface pos2 1 1 Quidway Pos2 1 1 frame format sdh 3 1 8 interface pos Syntax inte...

Page 102: ...rt view Example Enter POS2 1 1 port view Quidway system view System View return to User View with Ctrl Z Quidway interface pos 2 1 1 3 1 9 loopback Syntax loopback internal external undo loopback View POS port view Parameter internal Enables internal loopback at the POS port external Enables external loopback at the POS port Description Use the loopback command to define loopback type at the POS p...

Page 103: ... define the MTU on the POS port Note that you must disable port by using the shutdown command first and then use the undo shutdown command to enable it again if the MTU values are different between both ends In this case as the result of negotiation between both ports the smaller value will be used as the MTU Example Set the MTU on the POS port to 5000 bytes Quidway system view System View return ...

Page 104: ...AN and vice versa Example Add POS2 1 1 into VLAN3 Quidway system view System View return to User View with Ctrl Z Quidway interface pos2 1 1 Quidway Pos2 1 1 pos access vlan 3 3 1 12 ppp timer negotiate Syntax ppp timer negotiate seconds undo ppp timer negotiate View POS port view Parameter seconds Timeout time in seconds for PPP negotiation in the range of 1 to 10 seconds By default it is 3 secon...

Page 105: ...ghter with the value of 1 port ID refers to the sequence number on the LPU for the port in the range of 1 to 4 Description Use the reset counters interface pos command to clear statistics about the POS port to recollect statistics about the port If no port number is specified the command clears statistics about all POS ports Example Clear statistics about POS2 1 1 Quidway reset counters interface ...

Page 106: ...one Description Use the shutdown command to shut down the POS port Use the undo shutdown command to bring the POS port up By default a POS port is in UP status Example Turn POS2 1 1 into UP status Quidway system view System View return to User View with Ctrl Z Quidway interface pos2 1 1 Quidway Pos2 1 1 undo shutdown 3 1 16 threshold Syntax threshold sd sf value undo threshold sd sf View POS port ...

Page 107: ...ntax timer hold seconds undo timer hold View POS port view Parameter seconds Polling interval in units of second and in the range of 0 to 32 767 By default it is 10 seconds 0 means the system does not perform link validity check Description Use the timer hold command to set polling interval for the status timer at the POS port Use the undo timer hold command to restore the default polling interval...

Page 108: ...the clock source as line internal Specifies the clock source as internal By default it is internal Description Use the clock source command to configure clock source Use the undo clock source command to restore the default setting Example Set clock source Quidway system view Quidway interface RPR2 1 1 1 Quidway RPR2 1 1 1 clock source line 4 1 2 debugging rpr Syntax debugging rpr all topology prot...

Page 109: ... Example Enable all debugging for an RPR port Quidway debugging rpr all 4 1 3 display interface Syntax display interface interface type interface type interface number View Any view Parameter interface type Port type interface number Port number Note that there are two physical ports on the RPR panel However the physical ports presently appear as sub interfaces Description Use the display interfac...

Page 110: ...is NULL Rpr bridge MAC address is 00e0 fc00 85ff Rpr configured default ringlet is 0 RPR work mode NORMAL IP address of RPR Access VLAN s interface is NULL IP Mask of RPR Access VLAN s interface is NULL Link status hold interval 3 Sec Description RprPos2 1 1 Interface The Maximum Transmit Unit is 1536 Loopback not set 10G speed mode and full duplex mode Flow control is not enabled The Maximum Fram...

Page 111: ...1 1 RPR physical port Quidway display interface RPR 4 1 1 1 Rpr physical interface RprPos4 1 1 1 Current state DOWN SDH alarm section layer LOS line layer path layer Overhead C2 J0 J1 Rx 0xdf quidway quidway Tx 0x16 quidway quidway SDH error section layer B1 0 line layer B2 0 M1 0 path layer B3 0 G1 0 Data Traffic Counters of the Interface RprPos4 1 1 1 Host receive Packets Bytes unicast 0 0 multi...

Page 112: ...let Configured default ring ID RPR work mode RPR operation mode IP address of RPR Access VLAN s interface IP address of the VLAN virtual interface to which an RPR port is bound IP mask of RPR Access VLAN s interface IP subnet mask of the VLAN virtual interface to which an RPR port is bound Link status hold interval Port hold time Description Description information The Maximum Transmit Unit The ma...

Page 113: ...nts 0 throttles 0 CRC 0 frame 0 overruns aborts 0 ignored parity errors Output total 0 packets 0 s 0 broadcasts 0 multicasts 0 pauses Output normal 0 packets 0 bytes broadcasts multicasts 0 pauses Output 0 output errors underruns buffer failures 0 aborts 0 deferred collisions 0 late collisions lost carrier no carrier Receive Packet Peak Value Info 0 bytes happened at 04 03 46 3 25 2001 Transmit Pa...

Page 114: ...logy instability defect 0 IP address duplicate defect 0 Table 4 2 Description on the fields of the display rpr defect command Field Description Rpr defects of the interface RPR defects of the port Amount of reserved bandwidth exceeded defect Reserved bandwidth exceeded Jumbo configuration defect Jumbo configuration defect LRTT measurement defect LRTT measurement defect Maximum number of stations e...

Page 115: ... bandwidth for medium on ringlet1 0Mbps Local Rate limiter bandwidth for low on ringlet0 10000Mbps Local Rate limiter bandwidth for low on ringlet1 10000Mbps Total Reserved bandwidth for class A0 on ringlet0 90Mbps Total Reserved bandwidth for class A0 on ringlet1 90Mbps Table 4 3 Description on the fields of the display rpr fairness command Field Description Rpr fairness parameters of the interfa...

Page 116: ...ss A0 on ring 1 4 1 6 display rpr protection Syntax display rpr protection rprpos interface number View Any view Parameter interface number Port number in the format of slot number card number port number Description Use the display rpr protection command to view protection information If you do not specify port number the command displays the protection information about all RPR ports RPR protect...

Page 117: ...3 25 04 51 13 Table 4 4 Description on the fields of the display rpr protection command Field Description Protection information of the interface Protection information of the port Protection mode configured Configured protection mode Protection mode effective Currently effective protection mode Protection reversion mode Recovery protection mode MAC address of the east neighbor MAC address of the ...

Page 118: ...shortest path vrrp VRRP virtual router redundancy protocol ring selection tables which consist of MAC ring selection entries from integrated ring selection tables when VRRP is supported interface number RPR port number in the format of slot number card number port number If no parameter is specified the command displays integrated ring selection tables of all RPR rings Description Use the display ...

Page 119: ... 0 indicates displaying MAC addresses of all nodes in the ring interface number Port number in the format of slot number card number port number Description Use the display rpr statistics command to query the traffic statistics information of packets sent from other nodes to local node or from the local node to other nodes Example Query the traffic from station with bridge MAC address 0012 3456 00...

Page 120: ...ATD timer 1s WTR timer 20s Holdoff timer 0ms Keepalive timer 3ms Topology stability timer 40ms FDD timer 100ms Table 4 5 Description on the fields of the display rpr timers command Field Description All the timers value of interface All the timers values of the port TP fast timer TP fast timer TP slow timer TP slow timer TC fast timer TC fast timer TC slow timer TC slow timer ATD timer ATD timer W...

Page 121: ... of the interface when the operational parameter is verbose only the command displays the detailed information of all interfaces Ring topology information includes the number of stations in the ring ring topology type maximum transmission unit MTU value non reserved bandwidth and others Local node topology information includes local node MAC address protection status edge status reserved bandwidth...

Page 122: ...e j0 j0 value Regeneration section trace message which is a section overhead byte and checks port connectivity at section level j1 j1 value Higher order VC N path trace byte which is a high order overhead byte and checks port connectivity at path level Description Use the flag command to configure SONET SDH overhead bytes Use the undo flag command to restore the default configuration In scrambling...

Page 123: ... to configure the framing mode if it is FRAMER at the physical layer Use the undo frame format command to restore the default configuration The default encryption mode is SDH Example Configure the RPR ports to use SDH physical encapsulation Quidway system view Quidway interface RPR 2 1 1 1 Quidway RPR 2 1 1 1 Frame format SDH 4 1 13 port type Syntax port type 10gpos 10ge View RPR logical port view...

Page 124: ...face number Port number in the format of slot number card number port number The port includes RPRPOS logical port and physical port Description Use the reset counters interface command to clear port statistics to implement statistics of related information on the port Example Clear RPRPOS logical port RPR2 1 1 statistics Quidway reset counters interface RPR2 1 1 Clear RPR physical port RPR 2 1 1 ...

Page 125: ...nual switchover The MS priority is lower Both the rpr admin request idle command and any failure FS SF or SD in the RPR ring can preempt MS making MS fail If there are other commands with higher priority the manual switchover you are performing also fails automatically Use the rpr admin request idle command to clear forced switchover or manual switchover Note that the receiving and sending sub rin...

Page 126: ...er but the connection fails at the service layer you can use the Echo Req Echo Rsp message to test the failure The source node sends an Echo Req message When receiving it the destination node gives the sender an Echo Rsp message If the source node receives the Echo Rsp message within the specified time it shows the connection is correct Otherwise it shows the failure between the two nodes Example ...

Page 127: ...r tag Maps tag priority to RPR priority mpls Maps mpls priority to RPR priority ip Maps ip priority to RPR priority value0 7 Values of the RPR priority which tag mpls and ip priorities correspond respectively to 0 A 1 B 2 C Description Use the rpr cos precedence map command to map tag mpls and ip priority types to RPR priority Use the undo rpr cos precedence map command to remove the configuration...

Page 128: ...R logical port view Parameter steer The source node sends data in another direction for protection wrap The failure node sends data in loopback mode for protection Description Use the rpr protect mode command to configure node protection mode as Steer or Wrap The default mode is Steer Use the undo rpr protect mode command to restore the steer RPR protection mode Example Set the RPR protection mode...

Page 129: ...oportion of the bandwidth reserved on the node for class A1 class B CIR and class C services in the total bandwidth with the step length of 1 and default value of 0 Description Use the rpr rate limit command to configure rate limit for class A class B CIR class C and class B EIR services on the local node Use the undo rpr rate limit command to restore rate limit to the default value When the rate ...

Page 130: ... reversion mode to non revertive Quidway system view Quidway interface RPR2 1 1 Quidway RPR2 1 1 rpr reversion mode non revertive 4 1 22 rpr static rs Syntax rpr static rs mac address ringlet0 ringlet1 undo rpr static rs mac address View RPR logical port view Parameter mac address MAC address of destination node ringlet0 Transports packets to the specified node over Ringlet0 ringlet1 Transports pa...

Page 131: ...002 0003 ringlet0 Quidway RPR2 1 1 rpr static rs 0001 0002 0004 ringlet1 4 1 23 rpr station name Syntax rpr station name string undo rpr station name string View RPR logical port view Parameter string Station name a string consisting of up to 20 characters Description Use the rpr station name command to configure a station name Use the undo rpr station name command to remove the configuration Exam...

Page 132: ...range of 1 to 20 in milliseconds tc slow value TC slow timer value in the range of 50 to 1 000 in milliseconds wtr value WTR timer value in the range of 0 to 1 440 in seconds By default it is 10 seconds Description Use the rpr timer atd command to set the value of the timer for sending ATD frames and other frames periodically The value range is 1 to 10 in seconds The default value is 1 second Use ...

Page 133: ... range of weight is 1 to 255 Example Set weight of nodes on ringlet0 to 2 Quidway system view Quidway interface RPR2 1 1 Quidway RPR2 1 1 rpr weight ringlet0 2 4 1 26 sdh threshold Syntax sdh threshold sd ber value sf ber value undo sdh threshold sd ber s ber View RPR POS physical port view Parameter sd ber Threshold for signal degrade SD BER sf ber Threshold for signal failure SF BER value Thresh...

Page 134: ...n command to enable the RPR port On a ring network a large part of node traffic needs to be forwarded To reduce the influence on forwarded traffic you may need to carry out the shutdown command on the RPRPOS logical port After the execution of the shutdown command the logical port is in the Down state and the locally added dropped services are disabled After you disable the RPR physical port by sh...

Page 135: ...able IDS linkage on the port enable Enable IDS linkage on the port Description Use the acl ids enable command to enable IDS linkage function Use the undo ids acl enable command to disable IDS linkage function Example Enable IDS linkage on port Ethernet 3 1 1 Quidway system view Quidway interface Ethernet 3 1 1 Quidway Ethernet3 1 1 ids acl enable 5 1 2 display ids Syntax display ids all controlled...

Page 136: ... of ports available for IDS linkage z Displays the IDS linkage information which meets the requirement on by one Example Display all information about IDS linkage Quidway display ids all Port list under IDS control is Ethernet2 1 10 Ethernet2 1 11 Ethernet2 1 12 Ethernet2 1 13 Ethernet2 1 14 Ethernet2 1 15 ACL group ID list used by IDS is 3997 3996 3995 3994 3993 3992 3991 3990 3989 3988 Number of...

Page 137: ...tion Commands Huawei Technologies Proprietary 5 3 Use the undo debugging ids acl command to disable IDS linkage debugging By default IDS linkage debugging is disabled Example Enable IDS linkage debugging Quidway debugging ids acl Disable IDS linkage debugging Quidway undo debugging ids acl ...

Page 138: ...p number ranging from 1 to 64 The system supports 64 isolated groups Description Use the port isolate group command in system view to create an isolated group Use the undo port isolate group isolate group id in system view to delete an isolated group If you delete the isolated group all ports in the isolated group exit from the group Example Create isolated group 1 Quidway system view Quidway port...

Page 139: ...n upstream port can be an aggregation group but not a static or dynamic aggregation group z An upstream port cannot serve as both an isolated port and an upstream port of the same isolated group Example Configure port Ethernet2 1 1 as an upstream port Quidway system view Quidway interface Ethernet2 1 1 Quidway Ethernet2 1 1 port isolate uplink port group 1 6 1 3 port isolate group Syntax port isol...

Page 140: ...1 4 display port isolate group Syntax display port isolate group isolate group id verbose View Any view Parameter isolate group id Isolated group number ranging from 1 to 64 The system supports 64 isolated groups Description Use the display port isolate group command to display configuration information of an isolated group If you do not specify the isolated group number the system displays the co...

Page 141: ...ort Quidway S8500 Series Routing Switches Chapter 6 Port Isolation Configuration Commands Huawei Technologies Proprietary 6 4 Port isolate group ID 2 Uplink port Ethernet3 1 4 Isolate Port s Ethernet3 1 5 Ethernet3 1 6 ...

Page 142: ... a specific port number the command will apply to all the ports on the card This command supports the following port types Ethernet ports ATM ports POS ports and RPR ports vlan id VLAN ID defined in IEEE802 1Q If you do not specify a specific VLAN the command will apply to all VLANs traffic class Traffic class If you do not specify a specific traffic class the command will apply to all traffic cla...

Page 143: ... counting again Example Set the egress packet statistics mode of Counter 0 on slot 4 so that it monitors port GigabitEthernet4 1 1 Quidway set egress counter0 slot 4 interface GigabitEthernet4 1 1 7 1 2 display egress counter Syntax display egress counter0 counter1 slot slot num clear View Any view Parameter counter0 Counter 0 used for packet statistics monitoring counter1 Counter 1 used for packe...

Page 144: ... Technologies Proprietary 7 3 The mode of counter0 Interface all VLAN all TC all DP all The outgoing packets Unicast 5000 packets Multicast 2000 packets Broadcast 1000 packets Bridge egress filtered packets regardless of interface priority or DP 0 packets TxQ filtered packets Due to TxQ congestion 0 packets ...

Page 145: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual VLAN QinQ Huawei Technologies Proprietary ...

Page 146: ...t 1 8 1 3 Protocol Based VLAN Configuration Commands 1 9 1 3 1 display protocol vlan interface 1 9 1 3 2 display vlan protocol vlan vlan 1 10 1 3 3 port hybrid protocol vlan vlan 1 11 1 3 4 protocol vlan 1 12 Chapter 2 GARP GVRP Configuration Commands 2 1 2 1 GARP Configuration Commands 2 1 2 1 1 display garp statistics 2 1 2 1 2 display garp timer 2 1 2 1 3 garp timer 2 2 2 1 4 garp timer leaveal...

Page 147: ...user vlan Configuration Commands 4 1 4 1 1 display isolate user vlan 4 1 4 1 2 isolate user vlan 4 3 4 1 3 isolate user vlan enable 4 4 Chapter 5 Q in Q Configuration Commands 5 1 5 1 Q in Q Configuration Commands 5 1 5 1 1 display port vlan vpn 5 1 5 1 2 traffic redirect nested vlan modified vlan 5 1 5 1 3 vlan vpn enable 5 3 5 1 4 vlan vpn tpid 5 4 5 1 5 vlan vpn uplink enable 5 5 ...

Page 148: ...64 characters The default description character string of current VLAN is VLAN ID of the VLAN e g VLAN 0001 The default description character string of VLAN interface is the interface name e g Vlan interface1 interface Description Use the description command to configure a description for the current VLAN or VLAN interface Use the undo description command to restore the default description of curr...

Page 149: ...w the related information about specified or all VLAN interfaces including physical protocol status and link protocol status of VLAN interface Ethernet sending frame format MAC address IP address and sub net mask description character string and MTU etc With vlan id specified only the information about the specified VLAN interface will be displayed If no vlan id is specified the information about ...

Page 150: ...lay vlan vlan id to vlan id all static dynamic View Any view Parameter vlan id Displays information of the specified VLAN all Displays information of all VLANs static Displays information of VLANs created statically by the system dynamic Displays information of VLANs created dynamically by the system Description Use the display vlan command to view related information about the specified or all VL...

Page 151: ...e 1 2 Description on the fields of the display vlan 2 command Field Description VLAN ID VLAN ID VLAN Type Configuration type of VLAN either dynamic or static Route interface Whether the route interface exists ARP proxy disabled The ARP proxy function of the VLAN is disabled Description VLAN description Tagged Ports The ports on which VLAN packets need tag Untagged Ports The ports on which VLAN pac...

Page 152: ... Enter the view of the VLAN interface 1 Quidway interface vlan interface 1 1 1 6 name Syntax name string undo name View VLAN view Parameter string Name of the current VLAN a string of 1 to 32 characters The default value is the VLAN ID of the VLAN Description Use the name command to name the current VLAN Use the undo name command to restore the default name of the current VLAN By default the name ...

Page 153: ...ter the related parameters and protocols of VLAN interface are set Or when the VLAN interface fails the interface can be shut down first and then restarted In this way the interface may be restored to normal status Shutting down or bringing up a VLAN interface will not affect any Ethernet port of this VLAN Example Shut down Vlan interface 2 Quidway Vlan interface1 shutdown 1 1 8 trap to cpu disabl...

Page 154: ... VLANs that contain a CPU port expressed in form of vlan list vlan id to vlan id 1 10 The vlan id before the keyword to must be larger than or equal to the vlan id after to 1 10 means that the preceding parameter can be repeated up to 10 times I all All VLANs Description II Use the trap to cpu disable vlan command to move the CPU port out of the specified VLANs III Use the undo trap to cpu disable...

Page 155: ...ange of VLANs Use the undo vlan command to delete the specified VLAN If only one VLAN is created the system will automatically enter the view of the VLAN just created Related command display vlan Example Create VLANs 5 20 21 22 23 24 400 1002 1003 1004 and 2000 Quidway system view Quidway vlan 5 20 to 24 400 1002 to 1004 2000 Caution z VLAN 1 is the system default VLAN and cannot be removed z VLAN...

Page 156: ...t in VLAN view Related command display vlan Example Add Ethernet2 1 1 through Ethernet2 1 3 to VLAN 2 Quidway vlan2 port ethernet2 1 1 to ethernet2 1 3 1 3 Protocol Based VLAN Configuration Commands 1 3 1 display protocol vlan interface Syntax display protocol vlan interface interface list all View Any view Parameter interface list Displays the protocol information of a specified interface in the ...

Page 157: ...of vlan list vlan id to vlan id 1 10 where the vlan id after the keyword to must be larger than or equal to the vlan id before to 1 10 represents that the preceding parameter can be repeated up to 10 times all Displays the protocol information of all VLANs Description Use the display protocol vlan vlan command to view the protocol information and protocol index configured for a VLAN to which you c...

Page 158: ...index indicates the initial value of protocol index protocol end indicates the end value of protocol index all Adds deletes all protocols to from a port Description Use the port hybrid protocol vlan vlan command to add a protocol VLAN or protocol VLANs to a specified port Use the undo port hybrid protocol vlan vlan command to delete a protocol VLAN or protocol VLANs from the port Use the undo port...

Page 159: ...ap id Logical link control protocol based VLAN dsap id is the destination service access point ranging from 0 to FF ssap id is source service access point ranging from 0 to FF snap etype etype id Sub Network Access Protocol SNAP based protocol etype id is the Ethernet type of incoming packets ranging from 600 to FFFF protocol index Initial value of protocol index ranging from 0 to 7 It must be sma...

Page 160: ...ommand to specify the parameters of VLANs based on AppleTalk IP IPX etc Use the undo vlan type protocol command to cancel this configuration Related command display protocol vlan vlan Example Specify VLAN 5 to be based on the network segment 123 34 56 0 Quidway vlan5 vlan type protocol ip 123 34 56 0 Configure AppleTalk based protocol VLAN 5 Quidway vlan5 protocol vlan at ...

Page 161: ...l to that before to 1 10 represents that the preceding parameter can be repeated up to 10 times Description Use the display garp statistics command to view the GARP statistics information including the number of packets received sent and discarded by GVRP GMRP Example Display the GARP statistics information on Ethernet port Ethernet2 1 1 Quidway display garp statistics interface ethernet2 1 1 GARP...

Page 162: ...of GARP timer including Hold timer Join timer Leave timer and LeaveAll timer Related command garp timer garp timer leaveall Example Display GARP timer on Ethernet2 1 1 Quidway display garp timer interface ethernet2 1 1 GARP timers on port Ethernet2 1 1 GARP JoinTime 20 centiseconds GARP Leave Time 60 centiseconds GARP LeaveAll Time 1000 centiseconds GARP Hold Time 10 centiseconds 2 1 3 garp timer ...

Page 163: ...be greater than the doubled value of Join timer and smaller than the Leaveall timer value z The minimal value of Join timer is 10 centiseconds Description Use the garp timer command to set the value of GARP timer including Hold timer Join timer and Leave timer of the port Use the undo garp timer command to restore the default value of GARP timer The value range of a timer varies with the values of...

Page 164: ...l command to restore the default value After every GARP application entity is started the LeaveAll timer will be started simultaneously The GARP application entity will send LeaveAll message after the timer times out to make other application entities re register all attribute information on the entities themselves Then the LeaveAll timer is started and the new cycle begins Related command display...

Page 165: ... 1 display gvrp statistics Syntax display gvrp statistics interface interface list View Any view Parameter Interface list List of Ethernet ports on which the GVRP statistics information is to be displayed expressed as interface list interface type interface number to interface type interface number 1 10 interface type is interface type and interface number is interface number The interface number ...

Page 166: ...e source of the last GVRP data unit If GVRP data unit is not received the system displays 0000 0000 0000 if received from a device the GVRP data unit received last time is regarded as coming from this MAC address of this device GVRP Registration Type GVRP registration type that is fixed forbidden or normal 2 2 2 display gvrp status Syntax display gvrp status View Any view Parameter None Descriptio...

Page 167: ...Before enabling port GVRP you must enable global GVRP first In addition port GVRP must be enabled disabled on Trunk ports Related command display gvrp status Example Enable global GVRP Quidway gvrp 2 2 4 gvrp registration Syntax gvrp registration fixed forbidden normal undo gvrp registration View Ethernet port view Parameter fixed Enables to create or register VLAN on the port manually and disable...

Page 168: ...vrp registration command to configure GVRP registration type Use the undo gvrp registration command to restore the default type By default the registration type is normal This command can be only used on Trunk port Related command display gvrp statistics Example Set the GVRP registration type of Ethernet2 1 1 as fixed Quidway Ethernet2 1 1 gvrp registration fixed ...

Page 169: ...rvlan command to display mapping relationship between a specified super VLAN and sub VLANs and the ports that identify the mapping relationship Related command supervlan subvlan Example Display the mapping relationship between the super VLAN and the sub VLAN Quidway display supervlan 2 Supervlan ID 2 Subvlan ID 3 5 Subvlan in which arp proxy is disabled None Display detailed information about the ...

Page 170: ...agged Ports Ethernet5 1 1 Quidway display vlan 4 VLAN ID 4 VLAN Type static It is a Sub VLAN And the Super VLAN is VLAN 2 ARP proxy enabled Route Interface not configured Description VLAN 0004 Tagged Ports none Untagged Ports Ethernet5 1 2 Quidway display vlan 5 VLAN ID 5 VLAN Type static It is a Sub VLAN And the Super VLAN is VLAN 2 ARP proxy enabled Route Interface not configured Description VLA...

Page 171: ...VLANs Note that z The VLANs configured to be the sub VLANs of a super VLAN must be existing VLANs z You can still add remove ports to from a VLAN after the mapping relationship is established z The undo subvlan command cancels all mapping relationships between the specified super VLAN and all sub VLANs If you do not specify the sub vlan list argument Otherwise this command cancels the mapping rela...

Page 172: ...super VLAN type of a VLAN By default no type is configured for a VLAN Note that z You cannot add ports to a super VLAN z The ARP proxy of the interfaces of a VLAN are enabled automatically and cannot be disabled when the VLAN is set to be a super VLAN z The default VLANs cannot be super VLANs Related command display supervlan Example Set VLAN 2 to be a super VLAN Quidway vlan2 supervlan ...

Page 173: ... display isolate user vlan command to view the mapping relationships between isolate user VLANs and Secondary VLANs and the ports identifying the mapping relationships between isolate user vlan and Secondary VLAN Related command isolate user vlan enable isolate user vlan Example Display the mapping relationships between isolate user VLANs and Secondary VLANs Quidway display isolate user vlan Isola...

Page 174: ...LAN 0004 Name VLAN 0004 Tagged Ports none Untagged Ports Ethernet2 1 4 Table 4 1 Description on the fields of the display isolate user vlan command Field Description Isolate user VLAN Vlan ID VLAN ID of Isolate user VLAN Secondary Vlan ID VLAN ID of Secondary VLAN Vlan ID VLAN ID Vlan Type VLAN configuration type static or dynamic configuration Isolate user VLAN type VLAN type is Isolate user VLAN...

Page 175: ...cel the mapping relationship By default there is no mapping relationship between isolate user vlan and Secondary VLAN Before you execute the isolate user vlan command the VLAN can include hybrid ports access ports or no ports After this command is executed the mapping relationship between isolate user vlan and Secondary VLAN is established The actual operation include for access ports or hybrid po...

Page 176: ...to other switches However the VLAN can only contain access or hybrid ports not trunk ports Related command display isolate user vlan Note z You cannot configure VLAN 1 as an isolate user VLAN or Secondary VLAN z You cannot directly configure isolate user VLAN as other types of VLAN than common VLAN such as Secondary VLAN multicast VLAN Super VLAN Sub VLAN Guest VLAN and VLAN running L2VPN services...

Page 177: ...te user vlan can be mapped to up to 64 Secondary VLANs z You can configure up to 32 isolate user VLANs for the system z You can configure up to 1024 Secondary VLANs for the system z You cannot configure the same MAC address in the Secondary VLAN corresponding to an isolate user VLAN Example Configure VLAN 5 as isolate user VLAN Quidway vlan5 isolate user vlan enable ...

Page 178: ...nformation about VLAN VPN ports and the information about VLAN VPN uplink ports Example Display the VLAN VPN related configuration of the current system Quidway display port vlan vpn VLAN VPN TPID 0x9100 GigabitEthernet1 1 1 VLAN VPN status enabled VLAN VPN VLAN 1 GigabitEthernet1 1 2 VLAN VPN uplink status enabled 5 1 2 traffic redirect nested vlan modified vlan Syntax I Use the following command...

Page 179: ...ber acl name Specifies a basic or advanced ACL The acl number argument is the ACL number in the range of 2 000 to 3 999 The acl name argument is the ACL name a string that is of 1 to 32 characters in length The string must begin with an English letter that is a z or A Z and cannot contain spaces and quotation marks link group acl number acl name Specifies a Layer 2 ACL The acl number argument is t...

Page 180: ... traffic redirect command to remove the configuration Note z Make sure the VLAN identified by the nested vlanid argument exists to prevent otherwise the packets from being discarded due to no outbound port found z The traffic redirect modified vlan command modifies the outer VLAN tag of a packet z At present only LSB1GP24 LSB1GT24 and LSB1GV48 cards support the traffic redirect nested vlan modifie...

Page 181: ...not be enabled if the port has any of GVRP STP and 802 1x protocols enabled z VLAN VPN cannot be enabled on a port if the VLAN which the port belongs to has IGMP Snooping enabled or its VLAN interface has IGMP enabled Similarly if a port is VLAN VPN enabled you cannot enable IGMP Snooping in the VLAN to which the port belongs or enable IGMP on the VLAN interface of the VLAN z If you want to add VL...

Page 182: ...0 for VLAN VPN uplink ports Do not set the TPID value to a value that may cause conflicts such as the known protocol type value 0x0806 which is that of ARP packets Otherwise the packets may be discarded Table 5 1 Common protocol type values of an Ethernet frame Protocol type Value ARP 0x0806 IP 0x0800 MPLS 0x8847 0x8848 IPX 0x8137 IS IS 0x8000 LACP 0x8809 802 1x 0x888E Example Set the TPID value t...

Page 183: ...ed by the VLAN VPN uplink port Caution z At present LSBM1XP4 and LSBM1TGX1 cards do not support this command z The vlan vpn uplink enable command and the vlan vpn enable command are mutually exclusive That is if you execute the vlan vpn enable command on a port you will fail to execute the vlan vpn uplink enable command on the same port if you execute the vlan vpn uplink enable command on a port y...

Page 184: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Network Protocol Huawei Technologies Proprietary ...

Page 185: ... 6 display arp 2 6 2 1 7 display arp multi port 2 7 2 1 8 display arp proxy 2 8 2 1 9 display arp timer aging 2 9 2 1 10 gratuitous arp learning enable 2 9 2 1 11 reset arp 2 10 Chapter 3 ARP Table Size Configuration Commands 3 1 3 1 ARP Table Size Configuration Commands 3 1 3 1 1 arp max entry 3 1 3 1 2 arp max aggregation entry 3 2 3 1 3 arp enable size 3 2 3 1 4 display arp max entry 3 3 Chapte...

Page 186: ... 2 23 nbns list 4 25 4 2 24 netbios type 4 26 4 2 25 network 4 27 4 2 26 option 4 28 4 2 27 reset dhcp server conflict 4 28 4 2 28 reset dhcp server ip in use 4 29 4 2 29 reset dhcp server statistics 4 30 4 2 30 static bind ip address 4 30 4 2 31 static bind mac address 4 31 4 3 DHCP Relay Configuration Commands 4 32 4 3 1 debugging dhcp relay 4 32 4 3 2 dhcp relay security 4 33 4 3 3 dhcp relay s...

Page 187: ...ance Configuration Commands 7 1 7 1 IP Performance Configuration Commands 7 1 7 1 1 display fib 7 1 7 1 2 display fib ip address 7 2 7 1 3 display fib acl 7 3 7 1 4 display fib 7 4 7 1 5 display fib ip prefix 7 4 7 1 6 display fib statistics 7 5 7 1 7 display icmp statistics 7 5 7 1 8 display ip socket 7 7 7 1 9 display ip statistics 7 8 7 1 10 display tcp statistics 7 10 7 1 11 display tcp status...

Page 188: ...cription Use the display ip host command to display all the host names and the corresponding IP addresses Example Display all host names and the corresponding IP addresses of the hosts Quidway display ip host Host Age Flags Address My 0 static 1 1 1 1 Aa 0 static 2 2 2 4 Table 1 1 Description on the fields of the display ip host command Field Description Host Host name Age Valid period Flags Flags...

Page 189: ...formation about interface VLAN interface 1 Quidway display ip interface vlan interface 1 Vlan interface1 current state DOWN Line protocol current state DOWN Internet Address is 1 1 1 1 8 Primary Broadcast address 1 255 255 255 The Maximum Transmit Unit 1500 bytes input packets 0 bytes 0 multicasts 0 output packets 0 bytes 0 multicasts 0 TTL invalid packet number 0 ICMP packet input number 0 Echo r...

Page 190: ...e received packets with invalid TTLs ICMP packet input number Echo reply Unreachable Source quench Routing redirect Echo request Router advert Router solicit Time exceed IP header bad Timestamp request Timestamp reply Information request Information reply Netmask request Netmask reply Unknown type Total received ICMP packets including Echo reply packets unreachable packets source quench packets ro...

Page 191: ...ace loopback interface console interface does not have an IP address configured Normally a VLAN interface loopback interface console interface only needs to be configured with one IP address But you can also assign up to 21 IP addresses to a VLAN interface loopback interface console interface to enable it to connect to multiple subnets Of all the IP addresses assigned to a VLAN interface loopback ...

Page 192: ... will be removed Related command display ip interface Example Assign 129 12 0 1 to VLAN interface 1 with a subnet mask of 255 255 255 0 Quidway system view System View return to User View with Ctrl Z Quidway interface vlan interface 1 Quidway Vlan interface1 ip address 129 12 0 1 255 255 255 0 Assign 129 12 0 10 to Ethernet4 0 0 with a 24 bit subnet mask Quidway system view System View return to U...

Page 193: ... ip protect View VLAN interface view Parameter None Description Use the ip protect enable command to enable IP address protection Use the undo ip protect command to disable IP address protection After IP address protection is enabled the current interface will no longer dynamically learn ARP mapping entries and existing dynamic ARP mapping entries will be removed At the same time the switch will e...

Page 194: ...al Network Protocol Quidway S8500 Series Routing Switches Chapter 1 IP Address Configuration Commands Huawei Technologies Proprietary 1 7 Quidway interface Vlan interface 2 Quidway Vlan interface2 ip protect enable ...

Page 195: ...on By default ARP proxy function is disabled You can configure these commands for a VLAN and sub VLAN If you enable ARP proxy for a VLAN the device with ARP proxy function directly forwards received ARP requests in the VLAN If you enable ARP proxy for a sub VLAN the device with ARP proxy function directly forwards received ARP requests in other sub VLANs which belong to the same super VLAN and als...

Page 196: ...mapping table of the system ARP is empty and the switch can obtain its address mapping by means of dynamic ARP The arp static command can be used to configure auto filling of ARP entries When configuring an ARP entry if you input on the IP address the switch will automatically set the MAC address to 0 Such a mapping entry is auto fill ARP mapping entry When an auto fill ARP entry is resolved the s...

Page 197: ...r dynamic aggregated ports Related commands reset arp display arp debugging arp Example Configure the MAC address corresponding to the IP address 202 38 10 2 to 00e0 fc01 0000 This static ARP mapping entry is on Ethernet port Ethernet2 1 1 which belongs to VLAN1 Quidway arp static 202 38 0 10 00e0 fc01 0000 1 ethernet2 1 1 2 1 3 arp static multi port Syntax arp static ip address mac address vlan i...

Page 198: ...ecides that the port to be added is for a multicast ARP entry Only one port can be added every time the command is executed If the ARP entry does not exist a new entry is generated If the port has already been in the entry no further processing is made Note that z You cannot configure multicast ARP for aggregation ports Otherwise the system will prompt error message z At present the outgoing ports...

Page 199: ...command display arp timer aging Example Configure the dynamic ARP aging timer to 10 minutes Quidway system view System View return to User View with Ctrl Z Quidway arp timer aging 10 2 1 5 debugging arp Syntax debugging arp error info packet undo debugging arp error info packet View User view Parameter error ARP error debugging info ARP mapping table and information management debugging packet ARP...

Page 200: ... sender_ip_addr IP address of the sender target_eth_addr Target Ethernet address If the packet is a ARP request packet the target IP address will be 0 It changes to the correct address when the target responds target_ip_addr Target IP address 2 1 6 display arp Syntax display arp ip address dynamic static begin include exclude text View Any view Parameter dynamic Displays the dynamic ARP entries in...

Page 201: ...f in a regular expression is a wildcard So as for 2 2 2 231 2 2 1 matches its sub string 2 231 and thus the ARP mapping entry with an IP address of 2 2 2 231 is displayed as a matched entry Table 2 2 Description on the fields of the display arp command Field Description IP Address IP address of the ARP mapping entry MAC Address MAC address of the ARP mapping entry VLAN ID ID of the VLAN to which t...

Page 202: ... IP address of 10 10 10 98 Quidway display arp multi port 10 10 10 98 IP Address 10 10 10 98 Mac Address 0150 0098 0098 VLAN ID 20 ARP Port List Ethernet6 1 2 Ethernet6 1 3 Ethernet6 1 4 Ethernet6 1 5 Ethernet6 1 6 Ethernet6 1 7 Ethernet6 1 8 Ethernet6 1 9 Ethernet6 1 1 VPN Name Public ARP When a precedes a port the port is in the Up state otherwise the port is in the Down state 2 1 8 display arp ...

Page 203: ...ging command to view the current setting of the dynamic ARP aging timer Related command arp timer aging Example Display the current setting of the ARP aging timer Quidway display arp timer aging Current ARP aging time is 10 minute s You can see that the ARP aging time is 10 minutes 2 1 10 gratuitous arp learning enable Syntax gratuitous arp learning enable undo gratuitous arp learning enable View ...

Page 204: ...s Example Enable the gratuitous ARP packet learning function on the switch Quidway system view System View return to User View with Ctrl Z Quidway gratuitous arp learning enable 2 1 11 reset arp Syntax reset arp dynamic static interface interface type interface number all View User view Parameter dynamic Clears the dynamic ARP mapping entries static Clears the static ARP mapping entries interface ...

Page 205: ...ARP entries that can be supported by a specified card in the system Use the undo arp max entry command to cancel the configuration By default each card supports up to 4K ARP entries If the system does not contain cards with their model names being suffixed with B DA DB or DC you can configure the maximum number of ARP entries to be 4K 5K 6K 7K or 8K for the card Otherwise you can only configure th...

Page 206: ...mand to restore the default maximum number of aggregation ARP entries supported by each card If the system does not contain cards whose model name are suffixed with B DA DB or DC you can configure the maximum number of aggregation ARP entries to 0K 1K 3K 7K or 8K Otherwise you can only configure the maximum number to 0K 1K or 3K By default each card supports up to 1K aggregation ARP entries Exampl...

Page 207: ...to 4K ARP entries each card supports up to 4K ARP entries and each card supports up to 1K aggregation ARP entries Example Configure the maximum number of ARP entries of the whole switch to 64K Quidway system view System View return to User View with Ctrl Z Quidway arp enable size 64 The configuration won t be enabled until the system is rebooted Caution z You must restart the system for each of th...

Page 208: ...ime Example Display the current maximum numbers of ARP entries and the intending counterparts that will take effect after the switch restarts next time Quidway display arp max entry The current max arp entry config information max arp entry config Main Board 65536 max link aggregation arp entry config 0 max arp entry config of slot 0 8192 max arp entry config of slot 13 8192 The next max arp entry...

Page 209: ...e undo dhcp enable command to disable the DHCP service For both DHCP server and DHCP relay you must enable DHCP service first before performing other DHCP configurations The other related DHCP configurations take effect only after DHCP service is enabled Example Enable DHCP service Quidway system view System View return to User View with Ctrl Z Quidway dhcp enable 4 1 2 dhcp select Syntax In VLAN ...

Page 210: ...LAN interfaces all Specifies all the VLAN interfaces Caution The dhcp select interface command cannot be used together with the ip relay address or dhcp relay security address check enable command Description Use the dhcp select command to specify a method used by the switch to process the DHCP packets it received You can use this command in VLAN interface view to specify a processing method of DH...

Page 211: ... command to disable fake DHCP server detection Fake DHCP server detection is disabled by default Example Enable fake DHCP server detection Quidway system view System View return to User View with Ctrl Z Quidway dhcp server detect 4 2 DHCP Server Configuration Commands 4 2 1 debugging dhcp server Syntax debugging dhcp server all error event packet undo debugging dhcp server all error event packet V...

Page 212: ...h type of debugging concerning DHCP servers is disabled by default Example Enable debugging for DHCP server events Quidway debugging dhcp server event 4 2 2 display dhcp server forbidden ip Syntax display dhcp server forbidden ip View Any view Parameter None Description Use the display dhcp server forbidden ip command to display forbidden IP addresses in the DHCP address pool Example Display forbi...

Page 213: ...an id Specifies one VLAN interface or a range of VLAN interfaces all Specifies all VLAN interfaces or all configured IP addresses Description Use the dhcp server dns list command to configure one or more DNS server addresses for the DHCP address pool of current VLAN interface or for the DHCP address pool s of the specified VLAN interface s Use the undo dhcp server dns list command to remove one or...

Page 214: ...t domain name for DHCP address pool of specified VLAN interface a string that is of 3 to 50 characters in length interface vlan interface vlan id to vlan interface vlan id Specifies one VLAN interface or a range of VLAN interfaces all Specifies all VLAN interfaces Description Use the dhcp server domain name command to configure a DHCP client domain name for the DHCP address pool of the current VLA...

Page 215: ...em view Parameter day day Sets the number of days The day argument ranges from 0 to 365 hour hour Sets the number of hours The hour argument ranges from 0 to 23 minute minute Sets the number of minutes The minute argument ranges from 0 to 59 unlimited Sets an unlimited lease time interface vlan interface vlan id to vlan interface vlan id Specifies one VLAN interface or a range of VLAN interfaces a...

Page 216: ...dress in the forbidden IP address range Note that the value of this argument must be larger than or equal to that of the low ip address argument If you do not provide this argument then the forbidden IP address range contains only the IP address specified by the low ip address argument Description Use the dhcp server forbidden ip command to forbid a range of IP addresses to be automatically assign...

Page 217: ...HCP address pool view Use the undo dhcp server ip pool command to remove a specified global DHCP address pool No global DHCP address pool is created by default Related command dhcp enable Example Create a global DHCP address pool with a name of 0 Quidway system view System View return to User View with Ctrl Z Quidway dhcp server ip pool 0 Quidway dhcp 0 4 2 8 dhcp server nbns list Syntax In VLAN i...

Page 218: ...do dhcp server nbns list command to remove one or all NetBIOS server IP addresses configured for the DHCP address pool of current VLAN interface or for the DHCP address pool s of the specified VLAN interface s By default no NetBIOS server IP address is configured With eight NetBIOS server addresses already configured if you add a new one by executing the dhcp server nbns list command the newly con...

Page 219: ...e DHCP clients of this node type are p nodes which take some broadcast features m stands for mixed h node Specifies h node to be the NetBIOS node type DHCP clients of this node type are b nodes which take peer to peer mechanism h stands for hybrid Description Use the dhcp server netbios type command to configure the NetBIOS node type for DHCP clients of DHCP address pool of current or specified VL...

Page 220: ...xadecimal digits hh or hhhh ip address ip address ip address Specifies one or more IP addresses You can specify up to eight IP addresses separated by spaces in one command interface vlan interface vlan id to vlan interface vlan id Specifies one or more VLAN interfaces all Specifies all VLAN interfaces Description Use the dhcp server option command to configure a custom DHCP option for the DHCP add...

Page 221: ...et timeout milliseconds Sets the maximum time to wait for a response to a ping packet The milliseconds argument is in the unit of milliseconds it ranges from 0 to 10000 and defaults to 500 Description Use the dhcp server ping command to set the maximum times to send ping packets or the maximum time for the DHCP server to wait for a response after sending a ping packet Use the undo dhcp server ping...

Page 222: ...iption Use the dhcp server static bind command to statically bind an IP address in the address pool of the current VLAN interface to a MAC address Use the undo dhcp server static bind command to remove a statically bound IP address entry IP addresses in the address pool of a VLAN interface are not statically bound by default VLAN interface address pool only supports one to one MAC IP binding Examp...

Page 223: ...1 2003 11 57 7 PM Table 4 1 Description on the fields of the display dhcp server conflict command Field Description Address The IP address that causes the conflict Discover Time The time when the conflict is discovered 4 2 14 display dhcp server expired Syntax display dhcp server expired ip ip address pool pool name interface vlan interface vlan id all View Any view Parameter ip ip address Specifi...

Page 224: ...xpiration Type Interface pool IP address Hardware address Lease expiration Type Table 4 2 Description on the fields of the display dhcp server expired command Field Description Global pool The information followed is about expired IP addresses in global address pool s Interface pool The information followed is about lease expired IP addresses in VLAN interface address pool s IP address Bound IP ad...

Page 225: ...eter ip ip address Specifies an IP address pool pool name Specifies a global address pool If you do not input a pool name all global address pools are included interface vlan interface vlan id Specifies a VLAN interface address pool If you do not input a vlan id all VLAN interface address pools are included all Specifies all DHCP address pools Description Use the display dhcp server ip in use comm...

Page 226: ...s about bound IP addresses in VLAN interface address pool s IP address Bound IP addresses Hardware address Bound MAC addresses Lease expiration The time when an IP address expires Type Binding type 4 2 17 display dhcp server statistics Syntax display dhcp server statistics View Any view Parameter None Description Use the display dhcp server statistics command to display statistics information abou...

Page 227: ... Pool The information followed is about the statistics of the global address pools Interface Pool The information followed is about the statistics of the address pools of VLAN interfaces Pool Number Number of address pools Auto Number of automatically bound IP addresses Manual Number of manually bound IP addresses Expire Number of expired IP addresses Boot Request 6 Dhcp Discover 1 Dhcp Request 4 ...

Page 228: ...pecify a VALN interface address pools of all VLAN interfaces are included all Specifies all addresses pools Description Use the display dhcp server tree command to display information about DHCP address pool hierarchy Example Display information about DHCP address pool hierarchy Quidway display dhcp server tree all Global pool Pool name 5 network 10 10 1 0 mask 255 255 255 0 Child node 6 Sibling n...

Page 229: ...d the corresponding MAC address statically bound to it child node 6 The address pool named 6 is a child node of the one named 5 Based on the node position of the address pool named 5 the node type displayed here includes the following Child node Indicates the node to which the address pool named 6 corresponds is a child node of that of the address pool named 5 In this case node 6 stands for a subn...

Page 230: ...CP address pool view Parameter ip address IP address of a DNS server You can specify up to eight IP addresses separated by spaces in one command all Specifies all configured DNS server IP addresses Description Use the dns list command to configure one or more DNS server IP addresses for a global DHCP address pool Use the undo dns list command to remove one or all DNS server IP addresses configured...

Page 231: ... a domain name for the DHCP clients of a global DHCP address pool Use the undo domain name command to remove the domain name configured for the DHCP clients of a global DHCP address pool By default no domain name is configured for the DHCP clients of a global DHCP address pool Related command dhcp server ip pool dhcp server domain name Example Configure a domain name mydomain com for the DHCP clie...

Page 232: ...default valid period The default valid period is 1 day Related command dhcp server ip pool dhcp server expired Example Set the IP address lease time of the global DHCP address pool 0 to one day plus two hours and three minutes Quidway system view System View return to User View with Ctrl Z Quidway dhcp server ip pool 0 Quidway dhcp 0 expired day 1 hour 2 minute 3 4 2 22 gateway list Syntax gateway...

Page 233: ...p pool 0 Quidway dhcp 0 gateway list 10 110 1 99 4 2 23 nbns list Syntax nbns list ip address ip address undo nbns list ip address all View DHCP address pool view Parameter ip address IP address of a NetBIOS server You can specify up to eight IP addresses separated by spaces in one command all Specifies all configured NetBIOS server IP addresses Description Use the nbns list command to configure o...

Page 234: ... type of DHCP clients to be p node p stands for peer to peer Nodes of this type establish their host name to IP address mappings by communicating with NetBIOS server m node Specifies the NetBIOS node type of DHCP clients to be m node m stands for mixed Nodes of this type are p nodes which take some broadcast features h node Specifies the NetBIOS node type of DHCP clients to be h node h stands for ...

Page 235: ... is used Description Use the network command to configure an address range for dynamic IP address assignment Use the undo network command to remove the address range configured for dynamic IP address assignment By default no IP address range is configured for dynamic IP address assignment Each DHCP address pool can be configured with only one address range If you execute the network command multip...

Page 236: ...one or more IP addresses You can specify up to eight IP addresses separated by spaces in one command Description Use the option command to configure a custom DHCP option for a global DHCP address pool Use the undo option command to remove a custom DHCP option configured for the global DHCP address pool If you execute the option command multiple times the new configurations overwrite the correspond...

Page 237: ...dhcp server ip in use Syntax reset dhcp server ip in use all interface vlan interface vlan id ip ip address pool pool name View User view Parameter all Specifies all binding entries ip address Specifies the binding entry that contains the specified IP address pool name Specifies a global DHCP address pool If you do not provide this argument then all global DHCP address pools are included vlan id S...

Page 238: ...ly bound IP addresses and expired IP addresses and the number of unrecognized packets DHCP_Request packets and DHCP_ACK packets Related command display dhcp server statistics Example Clear statistics information about the DHCP servers Quidway reset dhcp server statistics 4 2 30 static bind ip address Syntax static bind ip address ip address mask netmask undo static bind ip address View DHCP addres...

Page 239: ...tem View return to User View with Ctrl Z Quidway dhcp server ip pool 0 Quidway dhcp 0 static bind ip address 10 1 1 1 mask 255 255 255 0 Quidway dhcp 0 static bind mac address 0000 e03f 0305 4 2 31 static bind mac address Syntax static bind mac address mac address undo static bind mac address View DHCP address pool view Parameter mac address MAC address to be bound Description Use the static bind ...

Page 240: ... Syntax debugging dhcp relay all packet error event undo debugging dhcp relay all packet error event View User view Parameter all Enables all types of debugging concerning DHCP Relay packet Enables debugging for packets error Enables debugging for error messages event Enables debugging for events Description Use the debugging dhcp relay command to enable debugging for DHCP Relay Use the undo debug...

Page 241: ...validpkt Wrong DHCP packet Table 4 6 Description on the fields of the debugging dhcp relay command Field Description Interface The VLAN interface that forwards DHCP packets Type Type of the forwarded DHCP packet ClientHardAddress The MAC address of the DHCP client ServerIpAddress The IP address of the DHCP server your ip address The IP address assigned to the DHCP client 4 3 2 dhcp relay security ...

Page 242: ... 0005 5D02 F2B3 Quidway system view System View return to User View with Ctrl Z Quidway dhcp relay security 1 1 1 1 0005 5D02 F2B3 static 4 3 3 dhcp relay security address check Syntax dhcp relay security address check enable disable View VLAN interface view Parameter None Description Use the dhcp relay security address check enable command to enable security address checking on a VLAN interface U...

Page 243: ... issues IP addresses to DHCP clients However the IP addresses they issued always bring addresses conflicts and cause users cannot access networks This kind of DHCP servers are known as fake DHCP servers Example Enable fake DHCP server detecting Quidway system view System View return to User View with Ctrl Z Quidway dhcp server detect 4 3 5 display dhcp relay address Syntax display dhcp relay addre...

Page 244: ...ervers configured for VLAN interface 192 Quidway display dhcp relay address interface vlan 192 Vlan interface192 DHCP Relay Address Relay Address 0 193 193 1 1 Relay Address 1 1 1 1 1 4 3 6 display dhcprelay security Syntax display dhcprelay security ip address View Any view Parameter ip address User IP address Description Use the display dhcprelay security command to display information about spe...

Page 245: ...terface are forwarded all Specifies all DHCP servers configured for the VLAN interface to forward DHCP packets to Description Use the ip relay address command to specify the VLAN interface to operate in DHCP Relay mode and to specify the DHCP server to which the DHCP packets received by this VLAN interface are forwarded Use the undo ip relay address command to remove the DHCP server configured for...

Page 246: ...on Commands Huawei Technologies Proprietary 4 38 Example Specify users belonging to VLAN interface 1 to acquire their IP addresses from a specified DHCP server Quidway system view System View return to User View with Ctrl Z Quidway interface vlan1 Quidway Vlan interface1 ip relay address 10 9 0 3 ...

Page 247: ... to disable the function of Option 82 support on DHCP relay By default this function is enabled In this case the DHCP relay will add Option 82 into the request packets sent from the DHCP clients and then forward the packets to the DHCP server Related command dhcp server relay information enable Example Enable Option 82 support on DHCP relay so that the relay adds Option 82 into the request packets...

Page 248: ... Option 82 carried by the packets with its own Option 82 Description Use the dhcp relay information strategy command to configure the strategy for the DHCP relay to process the packets carrying Option 82 Use the undo dhcp relay information strategy command to restore the default strategy By default the replace strategy is adopted Example Configure the DHCP relay to drop the request packets carryin...

Page 249: ...to the DHCP server carries Option 82 the response packet sent by the DHCP server will carry a response Option 82 After receiving the response packet from the DHCP server to the DHCP client the DHCP relay check whether Option 82 exists in the packet If yes it strips Option 82 That is the response packet sent to the client does not carry Option 82 By default the function is enabled That is the DHCP ...

Page 250: ... of 1 to 20 characters including letters numbers _ or and it must contain at least one letter ip address Host IP address the corresponding IP address to the host name in dotted decimal notation Description Use the ip host command to configure the host name and the host IP address Use the undo ip host command to cancel the host name and the host IP address By default Host name and corresponding IP ...

Page 251: ...P addresses of the hosts Quidway display ip host Host Age Flags Address My 0 static 1 1 1 1 Aa 0 static 2 2 2 4 Table 6 1 Description on the fields of the display ip host command Field Description Host Host name Age Valid period Flags Flags Address Host IP address 6 2 Dynamic DNS Configuration Commands 6 2 1 debugging dns Syntax debugging dns undo debugging dns View User view Parameter None Descri...

Page 252: ...indicates that the first query is performed to the domain name with the IP address of 172 16 1 1 receive a right answer from server 0xAC100101 The information above indicates that a correct answer packet is received from the server query timeout The information above indicates that the query for a domain name from a server times out because no answer is received 6 2 2 display dns domain Syntax dis...

Page 253: ... view the dynamic domain name buffer Example View the dynamic domain name buffer Quidway display dns dynamic host No Domain name Ipaddress RR TTL S Alias 0 www baidu com 202 108 249 134 63000 1 www yahoo akadns net 66 94 230 39 24 2 www hotmail com 207 68 172 239 3585 3 www eyou com 61 136 62 70 3591 Table 6 3 Description on the fields of the display dns dynamic host command Field Description No S...

Page 254: ... the domain name server Related command dns server Example View the related information of the domain name server Quidway display dns server Domain server Ipaddress 0 172 16 1 1 1 172 16 1 2 Table 6 4 Description on the fields of the display dns server command Field Description Domain server Domain name server Ipaddress Corresponding IP address of the domain name server 6 2 5 dns domain Syntax dns...

Page 255: ...xes are deleted Related command display dns domain Example Configure a domain name suffix com Quidway system view System View return to User View with Ctrl Z Quidway dns domain com 6 2 6 dns resolve Syntax dns resolve undo dns resolve View System view Parameter None Description Use the dns resolve command to enable the dynamic domain name resolution function Use the undo dns resolve command to dis...

Page 256: ...address of a domain name server The system supports up to six domain name server To delete the domain name server input the IP address and the specific server is deleted Otherwise all of the servers are deleted Related command display dns server Example Configure a domain name server with an IP address of 172 16 1 1 Quidway system view System View return to User View with Ctrl Z Quidway dns server...

Page 257: ...Manual Network Protocol Quidway S8500 Series Routing Switches Chapter 6 DNS Configuration Commands Huawei Technologies Proprietary 6 8 Example Clear the dynamic domain name buffer Quidway reset dns dynamic host ...

Page 258: ...ry The information includes destination address mask length next hop current flag timestamp and outbound interface Example Display the entries of the Forwarding Information Base Quidway display fib Destination Mask Nexthop Flag TimeStamp Interface 10 153 17 0 24 10 153 17 99 U t 0 Vlan interface1 10 153 18 88 32 127 0 0 1 GHU t 0 InLoopBack0 10 153 18 0 24 10 153 18 88 U t 0 LoopBack0 10 153 17 99...

Page 259: ...nger View Any view Parameter ip address1 ip address2 Destination IP address in dotted decimal format ip address1 and ip address2 jointly define an address range The FIB entries in this address range are displayed mask1 mask2 IP address mask in dotted decimal format mask length1 mask length2 An integer in the range of 0 to 32 to represent the mask length longer Specifies to display the FIB entries ...

Page 260: ...255 255 0 0 169 254 0 6 255 255 0 0 Route Entry Count 1 Destination Mask Nexthop Flag TimeStamp Interface 169 254 0 1 16 2 1 1 1 U t 0 Vlan interface1 For the descriptions of the displayed fields refer to Table 7 1 7 1 3 display fib acl Syntax display fib acl number name View Any view Parameter number ACL in number form in the range 2000 to 2999 name ACL in name form a string of 1 to 32 characters...

Page 261: ...lay fib command to view the FIB entries which are output from the buffer according to regular expression and related to the specific character string Example Display the lines starting from the first one containing the string 169 254 0 0 Quidway display fib begin 169 254 0 0 Destination Mask Nexthop Flag TimeStamp Interface 169 254 0 0 16 2 1 1 1 U t 0 Vlan interface1 2 0 0 0 16 2 1 1 1 U t 0 Vlan...

Page 262: ... 127 0 0 0 8 127 0 0 1 U t 0 InLoopBack0 127 0 0 1 32 127 0 0 1 U t 0 InLoopBack0 169 0 0 0 8 2 1 1 1 SU t 0 Vlan interface1 For the descriptions of the displayed fields refer to Table 7 1 7 1 6 display fib statistics Syntax display fib statistics View Any view Parameter None Description Use the display fib statistics command to view the total number of FIB entries Example Display the total number...

Page 263: ...ormation reply 0 mask requests 0 mask replies 0 time exceeded 0 Table 7 2 Description on the fields of the display icmp statistics command Field Description bad formats Number of input packets in bad format bad checksum Number of input packets with wrong checksum echo Number of input output echo request packets destination unreachable Number of input output packets with unreachable destination sou...

Page 264: ...y the information about the sockets in the current system Example Display the information about the socket of TCP type Quidway display ip socket socktype 1 SOCK_STREAM Task VTYD 18 socketid 1 Proto 6 LA 0 0 0 0 23 FA 0 0 0 0 0 sndbuf 8192 rcvbuf 8192 sb_cc 0 rb_cc 0 socket option SO_ACCEPTCONN SO_KEEPALIVE SO_SENDVPNID SO_SETKEEPALIVE socket state SS_PRIV SS_ASYNC Task VTYD 18 socketid 2 Proto 6 L...

Page 265: ...iving buffer size of the socket sb_cc The current data size in the sending buffer The value makes sense only for the socket of TCP type because only TCP is able to cache data rb_cc The current data size in the receiving buffer socket option The option of the socket socket state The state of the socket 7 1 9 display ip statistics Syntax display ip statistics View Any view Parameter None Description...

Page 266: ... with wrong protocol number bad format Number of packets in bad format bad checksum Number of packets with wrong checksum Input bad options Number of packets that have wrong options forwarding Number of forwarded packets local Number of packets that are sent by the local device dropped Number of dropped packets during transmission no route Number of packets that cannot be routed Output compress fa...

Page 267: ...quence 412 11032 bytes window probe packets 0 window update packets 0 checksum error 0 offset error 0 short error 0 duplicate packets 4 88 bytes partially duplicate packets 5 7 bytes out of order packets 0 0 bytes packets of data after window 0 0 bytes packets received after close 0 ACK packets 481 8776 bytes duplicate ACK packets 7 too much ACK packets 0 Sent packets Total 665 urgent packets 0 co...

Page 268: ... error 0 short error 0 Number of checksum errors 0 Number of offset errors 0 Number of short errors 0 duplicate packets 4 88 bytes partially duplicate packets 5 7 bytes Number of duplicate packets 4 total of 88 bytes Number of partially duplicate packets 5 total of 7 bytes out of order packets 0 0 bytes Number of out of order packets 0 0 byte packets of data after window 0 0 bytes Number of packet...

Page 269: ...tted timeout events exceeding the specified value 0 Keepalive timeout 0 keepalive probe 0 Keepalive timeout so connections Number of keepalive timeout events 0 Number of keepalive probe packets sent 0 disconnected 0 Number of connections disconnected when keepalive probes fail 0 Initiated connections 0 accepted connections 0 established connections 0 Number of initiated connections 0 Number of acc...

Page 270: ...er is 23 The remote IP address is 100 0 0 253 and the remote port number is 65508 In addition there is a local server process which listens to the port 4001 7 1 12 display udp statistics Syntax display udp statistics View Any view Parameter None Description Use the display udp statistics command to view UDP traffic statistic information It displays the statistic information of all current UDP conn...

Page 271: ...on Received packet Total 0 Total received UDP packets 0 checksum error 0 Number of checksum errors 0 shorter than header 0 data length larger than packet 0 Cases that the length of the packets is shorter than the header 0 Cases that the data length exceeds the packet length 0 no socket on port 0 Cases that there is no socket on port 0 broadcast 0 Number of broadcast packets 0 not delivered input s...

Page 272: ...IP statistics information Quidway reset ip statistics 7 1 14 reset tcp statistics Syntax reset tcp statistics View User view Parameter None Description Use the reset tcp statistics command to clear the TCP statistics information Related command display tcp statistics Example Clear the TCP statistics information Quidway reset tcp statistics 7 1 15 reset udp statistics Syntax reset udp statistics Vi...

Page 273: ...e tcp timer fin timeout command to configure the TCP finwait timer Use the undo tcp timer fin timeout command to restore the default value of the TCP finwait timer When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2 the finwait timer is enabled If the switch does not receive FIN packets before the finwait timer times out the TCP connection is terminated Related command tcp timer sy...

Page 274: ... command tcp timer fin timeout tcp window Example Configure the TCP synwait timer value as 80 seconds Quidway system view System View return to User View with Ctrl Z Quidway tcp timer syn timeout 80 7 1 18 tcp window Syntax tcp window window size undo tcp window View System view Parameter window size The size of the sending and receiving buffers measured in kilobytes KB whose value ranges from 1 t...

Page 275: ...anual Network Protocol Quidway S8500 Series Routing Switches Chapter 7 IP Performance Configuration Commands Huawei Technologies Proprietary 7 18 System View return to User View with Ctrl Z Quidway tcp window 3 ...

Page 276: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Routing Protocol Huawei Technologies Proprietary ...

Page 277: ...able statistics 1 13 1 1 9 display ip routing table vpn instance 1 14 1 1 10 display ip routing table verbose 1 15 1 2 Static Route Configuration Commands 1 16 1 2 1 delete static routes all 1 16 1 2 2 delete vpn instance 1 17 1 2 3 ip route static 1 17 Chapter 2 RIP Configuration Commands 2 1 2 1 RIP Configuration Commands 2 1 2 1 1 checkzero 2 1 2 1 2 default cost 2 2 2 1 3 display rip 2 2 2 1 4...

Page 278: ...bugging ospf 3 11 3 1 14 display ospf abr asbr 3 11 3 1 15 display ospf asbr summary 3 12 3 1 16 display ospf brief 3 13 3 1 17 display ospf cumulative 3 15 3 1 18 display ospf error 3 17 3 1 19 display ospf interface 3 19 3 1 20 display ospf lsdb 3 21 3 1 21 display ospf nexthop 3 23 3 1 22 display ospf peer 3 24 3 1 23 display ospf request queue 3 25 3 1 24 display ospf retrans queue 3 26 3 1 25...

Page 279: ... 52 3 1 55 stub 3 53 3 1 56 vlink peer 3 53 Chapter 4 Integrated IS IS Configuration Commands 4 1 4 1 Integrated IS IS Configuration Commands 4 1 4 1 1 area authentication mode 4 1 4 1 2 cost style 4 2 4 1 3 debugging isis 4 3 4 1 4 default route advertise 4 4 4 1 5 display isis interface 4 5 4 1 6 display isis lsdb 4 6 4 1 7 display isis mesh group 4 7 4 1 8 display isis peer 4 8 4 1 9 display is...

Page 280: ... 1 37 reset isis peer 4 32 4 1 38 set overload 4 32 4 1 39 silent interface 4 33 4 1 40 spf delay interval 4 34 4 1 41 spf slice size 4 34 4 1 42 summary 4 35 4 1 43 timer lsp max age 4 36 4 1 44 timer lsp refresh 4 37 4 1 45 timer spf 4 37 Chapter 5 BGP Configuration Commands 5 1 5 1 BGP Configuration Commands 5 1 5 1 1 aggregate 5 1 5 1 2 Balance 5 2 5 1 3 bgp 5 3 5 1 4 compare different as med ...

Page 281: ... 30 import route 5 29 5 1 31 network 5 30 5 1 32 peer advertise community 5 31 5 1 33 peer allow as loop 5 31 5 1 34 peer as number 5 32 5 1 35 peer as path acl export 5 32 5 1 36 peer as path acl import 5 33 5 1 37 peer connect interface 5 34 5 1 38 peer default route advertise 5 35 5 1 39 peer description 5 35 5 1 40 peer ebgp max hop 5 36 5 1 41 peer enable 5 37 5 1 42 peer filter policy export...

Page 282: ...ly cost 6 3 6 1 4 apply cost type 6 4 6 1 5 apply ip next hop 6 4 6 1 6 apply isis 6 5 6 1 7 apply local preference 6 6 6 1 8 apply origin 6 6 6 1 9 apply tag 6 7 6 1 10 display ip ip prefix 6 7 6 1 11 display route policy 6 8 6 1 12 filter policy export 6 9 6 1 13 filter policy import 6 10 6 1 14 if match acl ip prefix 6 11 6 1 15 if match as path 6 12 6 1 16 if match community 6 13 6 1 17 if mat...

Page 283: ...ing Protocol Quidway S8500 Series Routing Switches Table of Contents Huawei Technologies Proprietary vii Chapter 8 Recursive Routing Configuration 8 1 8 1 Recursive Routing Configuration Commands 8 1 8 1 1 route rely 8 1 ...

Page 284: ...uration of VPN instance refer to the MPLS module in Quidway S8500 Series Routing Switches Operation Manual 1 1 Display Commands of the Routing Table 1 1 1 display ip routing table Syntax display ip routing table View Any view Parameter None Description Use display ip routing table command to view the routing table summary This command displays routing table information in summary form Each line re...

Page 285: ... 0 0 1 InLoopBack0 Table 1 1 Description of the fields of the display ip routing table command Field Description Destination Mask Destination address Mask length Protocol Routing protocol Pre Routing preference Cost Cost Nexthop Next hop address Interface Output interface through which the data packet destined for the destination network segment is sent 1 1 2 display ip routing table acl Syntax di...

Page 286: ...dway acl basic 2000 display ip routing table acl 2000 Routes matched by access list 2000 Summary count 4 Destination Mask Protocol Pre Cost Nexthop Interface 10 1 1 0 24 DIRECT 0 0 10 1 1 2 Vlan interface1 10 1 1 2 32 DIRECT 0 0 127 0 0 1 InLoopBack0 For detailed description of the output information see Table 1 1 Display the verbose information of the Active and Inactive routes that are filtered ...

Page 287: ...ag 0 Table 1 2 Description of the fields of the display ip routing table acl verbose command Field Description Destination Destination address Mask Mask Protocol Routing protocol Preference Routing preference Nexthop Next hop address Interface Output interface through which the data packet destined for the destination network segment is sent Vlinkindex Virtual link index ...

Page 288: ... destined for the same destination change For more details refer to the specific routing protocols Int The route is discovered by interior gateway protocol IGP NoAdvise The routing protocol does not import NoAdvise route when it imports routes based on the policy NotInstall The routing protocol generally selects the route with the highest precedence from its routing table then places it in its cor...

Page 289: ...the destination address in natural mask range verbose With the verbose argument this command displays the verbose information of both the Active and Inactive routes Without the parameter this command only displays the summary of Active routes Description Use the display ip routing table ip address command to view the routing information of the specified destination address With different parameter...

Page 290: ...table 192 168 1 2 Destination Mask Protocol Pre Cost Nexthop Interface 192 168 1 0 24 DIRECT 0 0 192 168 1 1 Vlan interface10 There are corresponding routes in the natural mask range Display the detailed information Quidway display ip routing table 169 0 0 0 verbose Routing tables Generate Default no Active Route Last Active Both Next hop in use Summary count 3 Destination 169 0 0 0 Mask 255 255 0...

Page 291: ...ip address2 Destination IP address in dotted decimal notation ip address1 mask1 mask2 and ip address2 determine one address range together Anding ip address1 with mask1 specifies the start of the range while anding ip address2 with mask2 specifies the end This command is used to display the routes in this address range mask1 mask2 IP address mask length in dotted decimal notation or integer form I...

Page 292: ...es that passed filtering rules Without the parameter this command displays the summary of the active routes that passed filtering rules Description Use the display ip routing table ip prefix command to view the route information that passed the filtering rule according the input ip prefix list name This command is mainly used to trace the route policy and display the corresponding route informatio...

Page 293: ...e output information see Table 1 1 Display the details of the active and inactive routes filtered by the prefix list abc2 Quidway display ip routing table ip prefix abc2 verbose Routes matched by ip prefix abc2 Generate Default no Active Route Last Active Both Next hop in use Summary count 2 Destination 10 1 1 0 Mask 255 255 255 0 Protocol STATIC Preference 60 NextHop 48 48 48 2 Interface 48 48 48...

Page 294: ...e information z ospf Displays OSPF route information z ospf ase Displays OSPF ASE route information z ospf nssa Displays OSPF NSSA route information z rip Displays RIP route information vpn instance name Indicates a VPN instance name Description Use the display ip routing table protocol command to view the route information of specified protocol Example Display all direct connection routes summary...

Page 295: ... Nexthop Interface 1 2 3 0 24 STATIC 60 0 1 2 4 5 Vlan interface10 STATIC Routing tables status inactive Summary count 1 For detailed description of the output information see Table 1 1 1 1 7 display ip routing table radix Syntax display ip routing table radix View Any view Parameter None Description Use the display ip routing table radix command to view route information in tree format Example Di...

Page 296: ...ny view Parameter None Description Use the display ip routing table statistics command to view the integrated routing information The integrated routing information includes total route amount the route amount added or deleted by protocol amount of the routes that are labeled Deleted but not deleted and the Active route amount Example Display the integrated route information Quidway display ip rou...

Page 297: ...nds of routes 1 1 9 display ip routing table vpn instance Syntax display ip routing table vpn instance vpn instance name View Any view Parameter vpn instance Specifies VPN instance parameter vpn instance name VPN instance name Description Use the display ip routing table vpn instance command to view the routing information about the VPN instance Example View the routing information about the VPN i...

Page 298: ...of each route will be output All current routes including inactive route and invalid route can be displayed using the display ip routing table verbose command Example Display the verbose routing table information Quidway display ip routing table verbose Routing Tables Generate Default no Active Route Last Active Both Next hop in use Destinations 3 Routes 3 Holddown 0 Delete 62 Hidden 0 Destination...

Page 299: ...ting table verbose command Field Description Holddown Number of held down routes Delete Number of deleted routes Hidden Number of hidden routes 1 2 Static Route Configuration Commands 1 2 1 delete static routes all Syntax delete static routes all View System view Parameter None Description Use the delete static routes all command to delete all the static routes The system will request your confirm...

Page 300: ...ll prompt your acknowledgement The system removes all configured static routes after the acknowledgement Related commands ip route static display ip routing table vpn instance Example Remove all static routes of the VPN Quidway delete vpn instance vp1 static routes all Are you sure to delete all the VPN static routes Y N 1 2 3 ip route static Syntax ip route static vpn instance vpn instance name l...

Page 301: ...nge from 1 to 255 reject Indicates an unreachable route When a static route to a destination has the reject attribute all the IP packets to this destination will be discarded and the source host will be informed that the destination is unreachable blackhole Indicates a blackhole route If a static route to a destination has the blackhole attribute the outgoing interface of this route is the Null 0 ...

Page 302: ...mands Huawei Technologies Proprietary 1 19 Example Configure the next hop of the default route as 129 102 0 2 Quidway ip route static 0 0 0 0 0 0 0 0 129 102 0 2 Configure static route 129 102 0 2 255 255 255 0 in multiple VPNs Quidway ip route static vpn instance vpn1 vpn2 vpn3 129 102 0 2 255 255 255 0 null 0 ...

Page 303: ...idway S8500 Series Routing Switches Operation Manual 2 1 RIP Configuration Commands 2 1 1 checkzero Syntax checkzero undo checkzero View RIP view Parameter None Description Use the checkzero command to check the zero field of RIP 1 packet Use the undo checkzero command to disable the checking of the zero fields By default RIP 1 performs zero field check According to the protocol RFC1058 specificat...

Page 304: ...default routing cost of an imported route Use the undo default cost command to restore the default value If no specific routing cost is specified when importing the route of another routing protocol with the import route command the redistribution will be performed with the default routing cost specified with the default cost command Related command import route Example Set the default routing cos...

Page 305: ...imeout timer 180 Garbage collection timer 120 No peer router Network 202 38 168 0 Table 2 1 Description of the fields of the display rip command Field Description RIP is running RIP is active public net VPN Instance Public network in the VPN Checkzero is on Enable zero field checking Default cost 1 The default route cost is 1 Summary is on Routes are summarized automatically Preference 100 The pre...

Page 306: ...ation is to be filtered including direct isis bgp ospf ospf ase ospf nssa and static at present Description Use the filter policy export command to configure to filter the advertised routing information by RIP Use the undo filter policy export command to configure not to filter the advertised routing information By default RIP does not filter the advertised routing information Related commands acl...

Page 307: ...and to configure to filter the received routing information distributed from the specified address Use the undo filter policy gateway import command to configure not to filter the received routing information distributed from the specified address Use the filter policy import command to configure the filtering to the received global routing information Use the undo filter policy import command to ...

Page 308: ...policy name undo import route protocol View RIP view Parameter protocol Specifies the source routing protocol to be imported by RIP At present RIP can import the following routes direct bgp ospf ospf ase ospf nssa isis and static value Cost value of the route to be imported route policy route policy name Configures to import the route matching the condition of the specified Route policy only Descr...

Page 309: ...ork Syntax network network address undo network network address View RIP view Parameter network address IP address of the RIP interface It can be the IP network address of any interface Description Use the network command to enable Routing Information Protocol RIP for the specified network connected to the router Use the undo network command to disable the RIP on the interface By default all RIP i...

Page 310: ...interface with the network address as 129 102 0 0 Quidway rip network 129 102 0 0 2 1 9 peer Syntax peer ip address undo peer ip address View RIP view Parameter ip address The interface IP address of the peer router in dotted decimal format Description Use the peer command to configure the sending destination address of the peer device Use the undo peer command to cancel the set destination addres...

Page 311: ...l has its own preference Its default value is determined by the specific routing policy The preference will finally determine the routing algorithm to obtain the optimal route in the IP routing table This command can be used to modify the RIP preference manually Example Specify the RIP preference as 20 Quidway rip preference 20 2 1 11 reset Syntax reset View RIP view Parameter None Description Use...

Page 312: ...es not run RIP To enter the RIP view to configure various RIP global parameters RIP should be enabled first Whereas the configuration of parameters related to the interfaces is not restricted by enabling disabling RIP Note Note that the interface parameters configured previously would be invalid when RIP is disabled Example Enable the RIP and enter the RIP view Quidway rip Quidway rip 2 1 13 rip a...

Page 313: ... RFC2082 key id MD5 cipher text authentication identifier ranging from 1 to 255 Description Use the rip authentication mode command to configure RIP 2 authentication mode and its parameters Use the undo rip authentication mode command to cancel the RIP 2 authentication RIP 1 does not support authentication There are two RIP authentication modes simple authentication and MD5 cipher text authenticat...

Page 314: ...face to receive RIP packets By default all interfaces except loopback interfaces are enabled to receive RIP packets This command is used in cooperation with the other two commands rip output and rip work Functionally rip work is equivalent to rip input rip output The latter two control the receipt and the transmission of RIP packets respectively on an interface The former command equals the functi...

Page 315: ...ify the additional route metric to 2 when the interface Vlan interface 10 receives RIP packets Quidway interface Vlan interface 10 Quidway Vlan interface10 rip metricin 2 2 1 16 rip metricout Syntax rip metricout value undo rip metricout View Interface view Parameter value Additional route metric added when an interface transmits a packet ranging from 1 to 16 By default the value is 1 Description ...

Page 316: ...external By default all interfaces except loopback interfaces are enabled to transmit RIP packets to the external This command is used in cooperation with the other two commands rip input and rip work Functionally rip work is equivalent to rip input rip output The latter two control the receipt and the transmission of RIP packets respectively on an interface The former command equals the functiona...

Page 317: ...t horizon is necessary for reducing route loop Only in some special cases you need to disable split horizon to ensure the correct execution of protocols When doing that make sure that it is necessary Example Specify the interface Vlan interface 10 not to use split horizon when processing RIP packets Quidway interface Vlan interface 10 Quidway Vlan interface10 undo rip split horizon 2 1 19 rip vers...

Page 318: ...erface only receives and transmits RIP 2 broadcast packets receives RIP 1 packets and RIP 2 multicast packets When running RIP 2 in multicast mode the interface only receives and transmits RIP 2 multicast packets receives RIP 2 broadcast packets but does not receive RIP 1 packets Example Configure the interface Vlan interface 10 as RIP 2 broadcast mode Quidway interface Vlan interface 10 Quidway V...

Page 319: ... used Automatic route summarization can be performed to reduce the routing traffic on the network as well as to reduce the size of the routing table If RIP 2 is used route summarization function can be disabled with the undo summary command when it is necessary to broadcast the subnet route RIP 1 does not support subnet mask Forwarding subnet route may cause ambiguity Therefore RIP 1 uses route su...

Page 320: ...command to modify the values of the three RIP timers Period Update Timeout and Garbage collection Use the undo timers command to restore the default settings By default the values of Period Update Timeout and Garbage collection timers are 30 seconds 180 seconds and 120 seconds respectively Generally it is regarded that the value of Garbage collection timer is fixed to four times of that of Period ...

Page 321: ...p address mask advertise not advertise undo abr summary ip address mask View OSPF Area view Parameter ip address Network segment address mask Network mask advertise Advertises only the summarized route that matches the specified IP address and mask not advertise Not advertises routes matching the specified IP address and mask Description Use the abr summary command to configure automatic route sum...

Page 322: ...0 and transmit it to other areas Quidway ospf 1 area 1 Quidway ospf 1 area 0 0 0 1 network 36 42 10 0 0 0 0 255 Quidway ospf 1 area 0 0 0 1 network 36 42 110 0 0 0 0 255 Quidway ospf 1 area 0 0 0 1 abr summary 36 42 0 0 255 255 0 0 3 1 2 area Syntax area area id undo area area id View OSPF view Parameter area id ID of the OSPF area which can be a decimal integer ranging from 0 to 4 294 967 295 or ...

Page 323: ...mmarization By default summarization of imported routes is disabled After the summarization of imported routes is configured if the local router is an autonomous system border router ASBR this command summarizes the imported Type 5 LSAs in the summary address range When NSSA is configured this command will also summarize the imported Type 7 LSAs in the summary address range If the local router act...

Page 324: ...egment must use the same authentication key To configure a simple text authentication key use the ospf authentication mode simple command Use the ospf authentication mode md5 command to configure the MD5 cipher text authentication key if the area is configured to support MD5 cipher text authentication mode Related command ospf authentication mode Example Enter area 0 view Quidway ospf 1 area 0 Spe...

Page 325: ...packet debugging spf Enables Disables OSPF minimum tree calculation debugging Description Use the debugging ospf command to enable OSPF process debugging Use the undo debugging ospf command to disable OSPF process debugging If you do not specify a process ID the command is applied to all processes While the router is operating the debugging state always remains regardless of the existing OSPF proc...

Page 326: ...t external routes as 10 Quidway ospf 1 default cost 10 3 1 7 default interval Syntax default interval seconds undo default interval View OSPF view Parameter seconds Default interval in seconds for importing external routes It ranges from 1 to 2 147 483 647 and defaults to 1 Description Use the default interval command to configure the default interval for OSPF to import external routes Use the und...

Page 327: ...ommand to configure the default value of maximum number of imported routes Use the undo default limit command to restore the default value OSPF can import external routing information and advertise them to the whole AS Importing too much external routes once will greatly affect the performances of the device Related command default interval Example Specify the default value of OSPF imported extern...

Page 328: ...cost and the default tag of the route Related command default type Example Set the default tag that OSPF assigns to imported routes to 10 Quidway ospf 1 default tag 10 3 1 10 default type Syntax default type 1 2 undo default type View OSPF view Parameter type 1 External routes of type 1 type 2 External routes of type 2 Description Use the default type command to configure the default type when OSP...

Page 329: ...tub or NSSA area Use the undo default cost command to restore the cost of the default route transmitted by OSPF to the Stub or NSSA area to the default value This command only applies to the border routers connected to the Stub or NSSA areas To configure a Stub area you need to use two commands stub and default cost The stub command is used to configure the Stub attribute for this area Related com...

Page 330: ...he default route match the route policy specified by route policy name route policy will affect the value in ASE LSA The length of route policy name argument is a character string of 1 to 19 characters Description Use the default route advertise command to import default route to OSPF route area Use the undo default route advertise command to cancel the redistribution of default route By default O...

Page 331: ...s of global OSPF and all processes Quidway display debugging ospf OSPF global debugging state OSPF SPF debugging is on OSPF LSA debugging is on OSPF process 100 debugging state OSPF SPF debugging is on OSPF process 200 debugging state OSPF SPF debugging is on OSPF LSA debugging is on 3 1 14 display ospf abr asbr Syntax display ospf process id abr asbr View Any view Parameter process id Process ID ...

Page 332: ... Destination Router ID of the ABR or ASBR Area Area where the router is connected with ASBR Cost The routing overhead value of the route Nexthop Nexthop address Interface The local output interface 3 1 15 display ospf asbr summary Syntax display ospf process id asbr summary ip address mask View Any view Parameter process id Process ID of OSPF The command is applied to all current OSPF processes if...

Page 333: ...1 status Advertise The Count of Route is 0 Summary Address net 1 1 0 0 mask 255 255 0 0 tag 100 status DoNotAdvertise The Count of Route is 0 Table 3 2 Description of the fields of the display ospf asbr summary command Field Description net Destination network segment mask Mask tag Tag Status information including two values DoNotAdvertise The summary routing information to the network segment wil...

Page 334: ...F computation count 16 Area Count 1 Nssa Area Count 0 Area 0 0 0 0 Authtype none Flags SPF scheduled Interface 201 1 1 4 Vlan interface1 Cost 1 State DR Type Broadcast Priority 1 Designated Router 201 1 1 4 Backup Designated Router 201 1 1 3 Timers Hello 10 Dead 40 Poll 0 Retransmit 5 Transmit Delay 1 Table 3 3 Description of the fields of the display ospf brief command Field Description RouterID ...

Page 335: ...ing to this area Cost Cost of routes State State information Type Network type of OSPF interface Priority Priority Designated Router IP address of designated router DR Backup Designated Router IP address of backup designated router BDR OSPF timers defining as follows Hello Interval of hello packet Dead Interval of dead neighbors Poll Interval of poll Timers Retransmit Interval of retransmitting LS...

Page 336: ... Sum FCAF LSAs originated by this router Router 50 SumNet 40 SumASB 2 LSAs Originated 92 LSAs Received 33 Area 0 0 0 0 Neighbors 1 Interfaces 1 Spf 54 Checksum Sum F020 rtr 2 net 0 sumasb 0 sumnet 1 Area 0 0 0 1 Neighbors 0 Interfaces 1 Spf 19 Checksum Sum 14EAD rtr 1 net 0 sumasb 1 sumnet 1 Routing Table Intra Area 2 Inter Area 0 ASE 1 Table 3 4 Description of the fields of the display ospf cumul...

Page 337: ...a routes Routing Table ASE Number of external routes 3 1 18 display ospf error Syntax display ospf process id error View Any view Parameter process id Process ID of OSPF The command is applied to all current OSPF processes if you do not specify a process ID Description Use the display ospf error command to view the OSPF error information Example Display the OSPF error information Quidway display o...

Page 338: ... not exist 0 DD MTU option mismatch 0 ROUTETYPE wrong type value Table 3 5 Description of the fields of the display ospf error command Field Description IP received my own packet Received my own packet OSPF wrong packet type OSPF packet type error OSPF wrong version OSPF version error OSPF wrong checksum OSPF checksum error OSPF wrong area id OSPF area ID error OSPF area mismatch OSPF area mismatc...

Page 339: ... packet unknown LSA type LS REQ neighbor state low Link state request LS REQ packet The states of neighbors are not synchronized LS REQ empty request Link state request packet empty request LS REQ wrong request Link state request packet erroneous request LS UPD neighbor state low Link state update packet The states of neighbors are synchronized LS UPD newer self generate LSA Link state update pack...

Page 340: ...nterface1 Cost 1 State BackupDR Type Broadcast Priority 1 Designated Router 10 110 10 1 Backup Designated Router 10 110 10 2 Timers Hello 10 Dead 40 Poll 0 Retransmit 5 Transmit Delay 1 Table 3 6 Description of the fields of the display ospf interface command Field Description Cost Cost of the interface State State of the interface state machine Type Network type of OSPF on the interface Priority ...

Page 341: ...ormation of Type 5 LSA AS external LSA network Views the database information of Type 2 LSA Network LSA nssa Views the database information of Type 7 LSA NSSA external LSA router Views the database information of Type 1 LSA Router LSA summary Views the database information of Type 3 LSA Summary Net LSA ip address Link state ID in IP address format originate router ip address Views the IP address o...

Page 342: ... 1 1 1 1 1006 36 80000002 1 Ase List ASE 10 153 16 0 2 2 2 2 798 36 80000002 1 Uninitialized ASE 10 153 17 0 2 2 2 2 623 36 80000003 1 Uninitialized ASE 10 153 17 0 1 1 1 1 1188 36 80000002 1 Ase List Table 3 7 Description of the fields of the display ospf lsdb command Field Description Type Type of the LSA LinkStateID Link state ID of the LSA AdvRouter Router ID of the router originating the LSA ...

Page 343: ...ength of the LSA seq Sequence number of the LSA chksum Checksum of the LSA Options Options of the LSA Net mask Network mask E type Type of external route Forwarding Address Forwarding address Tag Tag 3 1 21 display ospf nexthop Syntax display ospf process id nexthop View Any view Parameter process id Process ID of OSPF The command is applied to all current OSPF processes if you do not specify a pr...

Page 344: ...P address of the outgoing interface to the next hop Intf Name The outgoing interface to the next hop 3 1 22 display ospf peer Syntax display ospf process id peer brief View Any view Parameter process id Process ID of OSPF The command is applied to all current OSPF processes if you do not specify a process ID Description Use the display ospf peer command to view information about OSPF peers Use the...

Page 345: ...nterface Interface address of the network segment State State information 3 1 23 display ospf request queue Syntax display ospf process id request queue View Any view Parameter process id ID of an OSPF process The command is applied to all current OSPF processes if you do not specify a process ID Description Use the display ospf request queue command to view the information about the OSPF request ...

Page 346: ...e Sequence number of the LSA used to discover old and repeated LSAs Age Age in seconds of the LSA 3 1 24 display ospf retrans queue Syntax display ospf process id retrans queue View Any view Parameter process id ID of an OSPF process The command is applied to all current OSPF processes if you do not specify a process ID Description Use the display ospf retrans queue command to view information abo...

Page 347: ...PF area Type Type of the LSA LSID Link State ID of the LSA AdvRouter Router ID of the router originating the LSA 3 1 25 display ospf routing Syntax display ospf process id routing View Any view Parameter process id ID of an OSPF process The command is applied to all current OSPF processes if you do not specify a process ID Description Use the display ospf routing command to view information about ...

Page 348: ... of intra area routes Inter Area Number of inter area routes ASE Number of external routes NSSA Number of NSSA routes 3 1 26 display ospf abr summary Syntax display ospf process id abr summary View Any view Parameter process id OSPF process number If no process number is specified the command functions on all the currently active OSPF processes Description Use the display ospf abr summary command ...

Page 349: ...work segment will not be advertised Status advertise Summary route information to this network segment will be advertised Status information Which can be Yes The configuration of summary route to this network segment includes match route Used No The configuration of summary route to this network segment does not include match route 3 1 27 display ospf vlink Syntax display ospf process id vlink Vie...

Page 350: ...t of the interface Type Type virtual link Transit Area ID of transit area that the virtual link passes and it cannot be backbone area Stub area and NSSA area OSPF timers defining as follows Hello Interval of Hello packet Dead Interval of dead neighbors Poll Interval of poll Timers Retransmit Interval for retransmitting LSA on the interface Transmit Delay Delay time of transmitting LSA on the inter...

Page 351: ...information passing the filtration can be advertised This command takes effect on the routes imported by OSPF using the import route command If the routing protocol argument is specified only the routes imported from this specified protocol are filtered If the routing protocol argument is not specified all imported routes are filtered Related command acl ip ip prefix Example Configure OSPF to adve...

Page 352: ...se of the other areas The filtration is implemented according to the link state ID of the Type 3 LSAs Related command acl ip ip prefix Example Configure the filter condition so that the OSPF backbone area advertises only those Type 3 LSAs having passed ACL 2000 Quidway acl number 2000 Quidway acl basic 2000 rule permit source 11 0 0 0 0 255 255 255 Quidway acl basic 2000 rule deny source any Quidw...

Page 353: ...ass the filter are added into the routing table The command can filter the routes by next hop or by destination address Because OSPF is a link state based dynamic routing protocol its routing information is hidden in LSAs OSPF however cannot filter advertised and received LSAs Compared with the case with vector based routing protocols the use of this command is rather limited with OSPF Example Fil...

Page 354: ...ly in an OSPF area so that only those Type 3 LSAs having passed the filtration can be added into the link state database of the other areas The filtration is implemented according to the link state ID of the Type 3 LSAs Related command acl ip ip prefix Example Filter the received routing information as per the condition defined in ACL 2000 Quidway acl number 2000 Quidway acl basic 2000 rule permit...

Page 355: ...ol By default the routing information of other protocols is not imported Note You are recommended to configure the route type cost and tag together in one command Otherwise the new configuration overwrites the old one Example Specify an imported RIP route as the route of type 2 with the route tag as 33 and the route cost as 50 Quidway ospf 1 import route rip type 2 tag 33 cost 50 3 1 33 import rou...

Page 356: ...e network command to configure the interfaces running OSPF Use the undo network command to cancel the interfaces running OSPF By default interfaces do not belong to any OSPF area With the two parameters ip address and ip mask one or more interfaces can be configured as an area To run the OSPF protocol on one interface the main IP address of this interface must belong to the network segment specifi...

Page 357: ...gured For all the routers connected to the NSSA area the command nssa must be used to configure the area as the NSSA attribute The default route advertise keyword is used to generate default type 7 LSA No matter whether there is route 0 0 0 0 in routing table on ABR type 7 LSA default route will be generated always Only when there is route 0 0 0 0 in routing table on ASBR will type 7 LSA default r...

Page 358: ...and to disable the OSPF protocol After starting OSPF protocol the user can make the corresponding configuration in the OSPF protocol view By default the system does not run the OSPF protocol Related command network Example Enable the running of the OSPF protocol Quidway router id 10 110 1 8 Quidway ospf Quidway ospf 1 Enable the running of the OSPF protocol with process ID specified as 120 Quidway...

Page 359: ...e the authentication mode and key between adjacent routers Use the undo ospf authentication mode command to cancel the authentication key that has been set By default the interface does not authenticate OSPF packets The passwords for authentication keys of the routers on the same network segment must be identical In addition using the authentication mode command you can set the authentication type...

Page 360: ...face runs OSPF as 33 Quidway interface Vlan interface 10 Quidway Vlan interface10 ospf cost 33 3 1 39 ospf dr priority Syntax ospf dr priority value undo ospf dr priority View Interface view Parameter value Interface priority for electing the designated router ranging from 0 to 255 The default value is 1 Description Use the ospf dr priority command to configure the priority for electing the design...

Page 361: ...B operation to the specified OSPF process Use the undo ospf mib binding command to restore the default When OSPF protocol enables the first process it always binds MIB operation to this process You can use this command to bind MIB operation to another OSPF process Execute the undo ospf mib binding command if you want to cancel the setting OSPF will automatically re bind MIB operation to the first ...

Page 362: ...e specified interface can be set manually to write the MTU value area in DD packets when sending DD packets namely the actual MTU value of the interface is written in Example Set interface Vlan interface 3 to write MTU value field when sending DD packets Quidway interface Vlan interface 3 Quidway Vlan interface3 ospf mtu enable 3 1 42 ospf network type Syntax ospf network type broadcast nbma p2mp ...

Page 363: ... non broadcast network with the multi access capability is considered an NBMA network only when it is fully meshed meaning any two routers on it have a direct virtual circuit between them If the network is not fully meshed you must change the network type of the interface connected to it to p2mp This allows two routers that are not directly reachable to exchange routing information through a route...

Page 364: ...idered to be invalid The value of dead seconds should be at least four times that of the Hello seconds The dead seconds for the routers on the same network segment must be identical Related command ospf timer hello Use the ospf timer dead minimal multi hello packets command to set Fast Hello function on the port The fixed dead interval is 1 The packets argument is the specified number of sent Hell...

Page 365: ...y Vlan interface10 ospf timer hello 20 3 1 45 ospf timer poll Syntax ospf timer poll seconds undo ospf timer poll View Interface view Parameter seconds Specifies the poll Hello interval ranging from 1 to 65 535 and measured in seconds The default value is 120 seconds Description Use the ospf timer poll command to configure the poll Hello packet interval on an NBMA or p2mp network Use the undo ospf...

Page 366: ...terval value for LSA re transmitting on the interface If a router running OSPF transmits a link state advertisement LSA to the peer it needs to wait for the acknowledgement packet from the peer If no acknowledgement is received from the peer within the LSA retransmit this LSA will be re transmitted This command can change the interval of re transmitting LSA However according to RFC2328 the LSA ret...

Page 367: ...ission Therefore it is necessary to add a period of time set by this command to the aging time of LSA before transmitting it Example Specify the trans delay of transmitting LSA on the interface Vlan interface 10 as 3 seconds Quidway interface Vlan interface 10 Quidway Vlan interface10 ospf trans delay 3 3 1 48 preference Syntax preference ase value undo preference ase View OSPF view Parameter valu...

Page 368: ...ics all process id View User view Parameter statistics Resets OSPF statistics all Resets all OSPF processes process id ID of an OSPF process If no OSPF process is specified all OSPF processes are reset Description Use the reset ospf all command to reset all OSPF processes Use the reset ospf process id command to reset the corresponding OSPF process The following are the benefits of the reset ospf ...

Page 369: ...dress of the physical interface with the greatest IP address value will be the router ID Router ID is a 32 bit unsigned integer that uniquely identifies a router in an OSPF autonomous system The user can specify the ID for a router If the user doesn t specify router ID the router will automatically select one from configured IP address as the ID of this router If no IP address is configured for an...

Page 370: ...e undo silent interface command to restore the default setting By default the interface is enabled to transmit OSPF packets You can use this command to disable an interface to transmit OSPF packets so as to prevent the router on some network from receiving the OSPF routing information On a switch this command can disable enable a VLAN interface to send OSPF packets Example Disable interface Vlan i...

Page 371: ...d Quidway ospf 1 area 0 0 0 0 Quidway ospf 1 area 0 0 0 0 sham link 1 1 1 1 2 2 2 2 dead minimal multi hello 5 3 1 53 snmp agent trap enable ospf Syntax snmp agent trap enable ospf process id ifstatechange virifstatechange nbrstatechange virnbrstatechange ifcfgerror virifcfgerror ifauthfail virifauthfail ifrxbadpkt virifrxbadpkt iftxretransmit viriftxretransmit originatelsa maxagelsa lsdboverflow ...

Page 372: ...ement in this manual Example Enable the TRAP function for OSPF process 100 Quidway snmp agent trap enable ospf 100 3 1 54 spf schedule interval Syntax spf schedule interval interval undo spf schedule interval View OSPF view Parameter interval SPF calculation interval of OSPF which is in the range of 1 to 10 and is measured in seconds The default value is five seconds Description Use the spf schedu...

Page 373: ...cel the settings By default no area is set to be a Stub area If the router is an ABR it will send a default route to the connected Stub area Using the default cost command you can configure the default route cost value In addition on an ABR you can configure the no summary argument in the stub command to prevent type 3 LSAs from entering the Stub area connected to this ABR Related command default ...

Page 374: ...interface By default the value is 10 seconds simple password Specifies the simple text authentication password not exceeding 8 characters of the interface This value must equal the authentication key of the virtually linked peer keyid Specifies the MD5 authentication key ID Its value ranges from 1 to 255 It must be equal to the authentication key ID of the virtually linked peer key Specifies the M...

Page 375: ...hentication mode display ospf Example Create a virtual link to 10 110 0 3 and use the MD5 cipher authentication mode Quidway ospf 1 area 10 0 0 0 Quidway ospf 1 area 10 0 0 0 vlink peer 10 110 0 3 md5 3 345 Specify this virtual link to run Fast Hello function and send five Hello packets Quidway ospf 1 area 10 0 0 0 vlink peer 10 110 0 3 dead minimal multi hello 5 ...

Page 376: ... Commands 4 1 1 area authentication mode Syntax area authentication mode simple md5 password ip osi undo area authentication mode simple md5 ip osi View IS IS view Parameter simple Configures to transmit the password in simple text md5 Configures to transmit the password encrypted with MD5 algorithm password Configures a password If simple authentication is used the password must be a simple text ...

Page 377: ...ting packets and there is no password As the result of this command no Level 1 routing packets whose area authentication passwords are not consistent with the one set via this command will be received At the same time this command will let ISIS insert the area authentication password into all the level 1 routing packets sent by this node in a certain mode Related command reset isis all domain auth...

Page 378: ...eives sends packets whose cost type is narrow Related command isis cost Example Set IS IS to receive packets whose cost type is narrow or wide but only send packets whose cost type is narrow Quidway isis Quidway isis cost style narrow compatible 4 1 3 debugging isis Syntax debugging isis adjacency all authentication error checksum error circuit information configuration error datalink receiving pa...

Page 379: ...enabled data link layer memory allocating IS IS memory allocating status receiving packet content Packets received through IS IS protocol restart events IS IS restart evetns self originate update Packets locally updated through IS IS protocol sending packet content Packets sent through IS IS protocol snp packet CSNP PSNP packet of IS IS spf event IS IS SPF events spf summary Statistics about IS IS...

Page 380: ...d by searching the ATT bit in the L1 LSP This command can be set on L1 router or L2 router By default the route is generated on L2 LSP If the apply isis level 1 command is executed in route policy view the default route will be generated on L1 LSP If the apply isis level 2 command is executed in Route policy view the default route will be generated on L2 LSP If the apply isis level 1 2 command is ...

Page 381: ...e IP Address Id Link Sta IP Sta MTU Type DIS Vlan interface1 172 16 1 2 001 Up Up 1497 L1 Yes Display the details of the IS IS enabled interface Quidway display isis interface verbose Interface IP Address Id Link Sta IP Sta MTU Type DIS Vlan interface1 172 16 1 2 001 Up Up 1497 L1 Yes Secondary IP Address SNPA Address 00e0 fc44 5f71 Csnp Interval L1 10 L2 10 Hello Interval L1 10 L2 10 Hold Time L1...

Page 382: ...display isis mesh group Syntax display isis mesh group View Any view Parameter None Description Use the display isis mesh group command to view the IS IS mesh group This command is used for displaying the configurations of the mesh group of the current router interface Example Add Interface Vlan interface 10 and Interface Vlan interface 20 running IS IS into mesh group 100 Quidway Vlan interface10...

Page 383: ...ime and IP address of the directly connected interface of the peer Example Display detailed information about IS IS neighbors Quidway display isis peer verbose System ID Interface Circuit ID State HoldTime Type Pri 0002 0000 0000 Vlan interface251 0002 0000 0000 0a Up 6s L1 64 Area Address 00 0001 IP Address 192 3 1 3 192 4 1 3 192 5 1 3 192 6 1 3 192 7 1 3 192 8 1 3 192 9 1 3 192 10 1 3 192 11 1 ...

Page 384: ...ormation Quidway display isis route ISIS Level 1 Forwarding Table Type D Direct C Connected I ISIS S Static O OSPF B BGP R RIP Flags R Added to RM L Advertised in LSPs U Up Down Bit Set Destination Mask In Met Ex Met NextHop Interface Flags I 3 3 3 0 24 20 7 7 7 7 Vlan interface1000 R 6 6 6 6 Vlan interface1001 I 0 0 0 0 0 10 7 7 7 7 Vlan interface1000 R 6 6 6 6 Vlan interface1001 D 7 7 7 0 25 10 ...

Page 385: ...ion ms StartTime IS_SPFTRIG_LSPCHANGE 2 19 1 12 1 IS_SPFTRIG_LSPCHANGE 2 19 1 11 58 IS_SPFTRIG_LSPCHANGE 2 18 1 11 53 IS_SPFTRIG_CIRC_DOWN 2 19 1 11 46 IS_SPFTRIG_NEWADJ 2 20 1 11 39 IS_SPFTRIG_LSPCHANGE 2 19 1 11 35 IS_SPFTRIG_PERIODIC 3 18 1 3 25 IS_SPFTRIG_LSPCHANGE 2 22 0 55 51 IS_SPFTRIG_LSPCHANGE 2 18 0 55 46 IS_SPFTRIG_ADJDOWN 2 19 0 55 23 IS_SPFTRIG_NEWADJ 2 18 0 54 16 IS_SPFTRIG_LSPCHANGE...

Page 386: ...haracter string with 1 to 16 characters If md5 is specified the password will be displayed in a cipher text form with 24 characters when the display current configuration command is executed Inputting password in a cipher text form with 24 characters is also supported ip If this item is configured the system checks the configuration of the corresponded field of the IP in LSP osi If this item is co...

Page 387: ...the access control list ranging from 2000 to 3999 routing protocol Specifies the protocols that distribute routing information including direct static rip bgp ospf ospf nssa and ospf ase If it does not specify any protocol the distributed routes of all the protocols will be filtered Description Use the filter policy export command to configure to filter the routes distributed by IS IS Use the undo...

Page 388: ...outes received by IS IS Use the undo filter policy import command to configure not to filter the received routes By default IS IS does not filter the received routing information In some cases only the routing information meeting the specified conditions will be accepted You can configure the filter policy to specify the filter conditions so as to accept the desired routing information only Relate...

Page 389: ...ror command the LSP packet will be discarded silently if the checksum error is found Example Discard the LSPs with checksum errors Quidway isis ignore lsp checksum error 4 1 15 import route Syntax import route protocol cost value type external internal level 1 level 1 2 level 2 route policy route policy name undo import route protocol cost value type external internal level 1 level 1 2 level 2 rou...

Page 390: ...tside the routing domain Related command import route isis level 2 into level 1 Example Import the static route The cost value is 15 Quidway isis import route static ip cost 15 4 1 16 import route isis level 2 into level 1 Syntax import route isis level 2 into level 1 acl acl number undo import route isis level 2 into level 1 acl acl number View IS IS view Parameter acl number ACL number It is in ...

Page 391: ...orresponding IS IS routing process and enter the ISIS view Use the undo isis command to delete the specified IS IS routing process By default IS IS routing process is not started For the normal operation of the IS IS protocol the isis command must be used to enable the IS IS process Then the network entity command is used to set a Network Entity Title NET for the router And at last the isis enable...

Page 392: ...the simple text password defined for MD5 authentication is displayed in cipher text A cipher text password must have 24 characters in cipher text for example TT8F Y 5SQ Q MAF4 1 level 1 Configures authentication password for L1 level 2 Configures authentication password for L2 ip If this item is configured the system checks the configuration of the corresponded field of the IP in LSP osi If this i...

Page 393: ... adjacency on the current interface only Description Use the isis circuit level command to have the Level 1 2 router set up link adjacency with the peer router Use the undo isis circuit level command to restore the default setting of the link adjacency on the Level 1 2 router By default the value is level 1 2 This command is only applicable to Level 1 2 routers If the local router is a Level 1 2 r...

Page 394: ...1 level 2 Indicates that the link cost corresponds to Level 2 Description Use the isis cost command to configure the link cost of this interface when performing SPF calculation Use the undo isis cost command to restore the default link cost If neither Level 1 nor Level 2 is specified in the configuration Level 1 will be the default value The user is recommended to configure the appropriate link co...

Page 395: ...do isis dis priority command to restore the default priority The IS IS protocol does not concern the concept of backup DIS The router with the priority 0 can also run for the DIS which is different from the DR election of OSPF Related command area authentication mode domain authentication mode Example Set the priority of Interface Vlan interface 10 to 127 Quidway interface Vlan interface 10 Quidwa...

Page 396: ...face 10 Quidway isis huawei Quidway isis network entity 10 0001 1010 1020 1030 00 Quidway interface Vlan interface 10 Quidway Vlan interface10 isis enable huawei 4 1 23 isis mesh group Syntax isis mesh group mesh group number mesh blocked undo isis mesh group View Interface view Parameter mesh group number Specifies the mesh group number ranging from 1 to 4 294 967 295 mesh blocked Configures to b...

Page 397: ...cifies the CSNP packet interval on the broadcast network ranging from 1 to 65535 and measured in seconds By default the value is 10 seconds level 1 Specifies the Level 1 CSNP packet interval level 2 Specifies the Level 2 CSNP packet interval Description Use the isis timer csnp command to configure the interval of sending CSNP packets on the broadcast network Use the undo isis timer csnp command to...

Page 398: ...he interval of sending Hello packet of the corresponding level Use the undo isis timer hello command to restore the default value On a broadcast link level 1 and level 2 Hello packets will be sent respectively and their intervals should also be set respectively Such settings are unnecessary on point to point links The shorter the sending interval is the more system resources are occupied to send H...

Page 399: ...ect on both Level 1 and Level 2 Hello packets Description Use the isis timer hello minimal command to configure the IS IS system to send the Hello packets at the corresponding level s in Fast Hello Mode If the number of consecutively sent Hello packets is not specified the system sends three Hello packets per second Use the undo isis timer hello minimal command to restore the default setting that ...

Page 400: ...st network you may configure this command specific to Level 1 or Level 2 neighbors by specifying the keyword level 1 or level 2 Given a PPP link you do not need to specify Level 1 or Level 2 because only one kind of Hello packet is available This command virtually specifies a hold down time If the local router does not receive any Hello packet from the peer within this time the peer is considered ...

Page 401: ...o 500 milliseconds Quidway interface Vlan interface 10 Quidway Vlan interface10 isis timer lsp 500 4 1 29 timer lsp generation Syntax timer lsp generation x y z level 1 level 2 undo timer lsp generation level 1 level 2 View IS IS view Parameter x Maximum interval in seconds for generating LSP It ranges from 1 to 120 and defaults to 5 y Interval in milliseconds between each trigger operation and ea...

Page 402: ...0 500 2500 Quidway isis timer lsp generation 10 500 2500 4 1 30 isis timer retransmit Syntax isis timer retransmit seconds undo isis timer retransmit View Interface view Parameter seconds Specifies the retransmission interval of LSP packets in the unit of second in the range from 1 to 300 and the default value is five seconds Description Use the isis timer retransmit command to configure the LSP r...

Page 403: ... the L2 routes and maintain the LSDB of L2 Description Use the is level command to configure the level of the IS IS router Use the undo is level command to restore the default value By default the value is level 1 2 We recommend setting the system Level when you configure IS IS If there is only one area you are recommended to set the level of all the routers as Level 1 or Level 2 because it is not...

Page 404: ...bled Example Configure to output the IS IS peer changes on the current router Quidway isis log peer change 4 1 33 md5 compatible Syntax md5 compatible undo md5 compatible View IS IS view Parameter None Description Use the md5 compatible command to set the IS IS to use the MD5 algorithm which is compatible with that of the other vendors Use the undo md5 compatible command to return to the defaults ...

Page 405: ...ocess Use the undo network entity command to delete a NET By default no NET is defined NET means the Network Service Access Point NSAP An IS IS NET is 8 to 20 bytes long It consists of three parts Part one is area ID which is variable 1 to 13 bytes and the area IDs of the routers in the same area are identical Part two is system ID 6 bytes of this router which must be unique in the whole area and ...

Page 406: ...ult value Several dynamic routing protocols could run simultaneously on a router In this case there is an issue of sharing and selecting the routing information among all the routing protocols The system sets a preference for each routing protocol When various routing protocols find the route to the same destination the protocol with the higher preference will take effect Example Configure the pre...

Page 407: ...ion mode domain authentication mode Example Reset all the IS IS data structures Quidway reset isis all 4 1 37 reset isis peer Syntax reset isis peer system id View User view Parameter system id Specifies the system ID of IS IS neighbor Description Use the reset isis peer command to reset the specified IS IS peer By default the IS IS neighbor will not be cleared This command is used when you want t...

Page 408: ...overload 4 1 39 silent interface Syntax silent interface silent interface type silent interface number undo silent interface silent interface type silent interface number View IS IS view Parameter silent interface type Specifies the interface type silent interface number Specifies the interface number Description Use the silent interface command to disable a specified interface to transmit IS IS p...

Page 409: ...utes in the routing table this command can be used to set that CPU resources are released automatically after a certain number of routes are processed The unprocessed routes will be processed in one second In this way SPF calculation will not occupy the system resources for a long time which has impact on the responding speed of the console The value of the number argument can be adjusted accordin...

Page 410: ...able the SPF calculation in slices to prevent it from occupying the system resources for a long time The user is recommended to use the command when the number of routes reaches 150 000 or 200 000 and the value of seconds is recommended as 1 In other cases the default setting should be used that is SPF runs to the end with no slice If the spf delay interval command is also configured when SPF calc...

Page 411: ... of 202 0 0 0 8 Quidway isis summary 202 0 0 0 255 0 0 0 4 1 43 timer lsp max age Syntax timer lsp max age seconds undo timer lsp max age View IS IS view Parameter seconds Specifies the maximum lifetime of LSP measured in seconds The range is 1 to 65535 The default value is 1200 seconds Description Use the timer lsp max age command to configure the maximum lifetime of an LSP generated by the curre...

Page 412: ...s Description Use the timer lsp refresh command to configure the refreshment interval of LSP Use the undo timer lsp refresh command to restore the default value that is 900 seconds By this mechanism the latest synchronization of the LSP within the entire area can be maintained Related command timer lsp max age Example Set the LSP refresh interval of the current system to 1500 seconds Quidway isis ...

Page 413: ...l only If the level is not specified it defaults to setting Level 1 SPF calculation interval Description Use the timer spf command to configure the interval for the SPF calculation of corresponding level Use the undo timer spf command to restore the system default value In IS IS when the LSDB of the corresponding level is changed SPF calculation is required However if the SPF calculation is perfor...

Page 414: ...gate Syntax aggregate address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name undo aggregate address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name View BGP view Parameter address Address of the aggregated route in dotted decimal for...

Page 415: ...ress any aggregated route but it restrains the advertisement of all the specific routes If only some specific routes are to be restrained use the peer filter policy command carefully suppress policy Create an aggregated route with this keyword At the same time the advertisement of the specified route is restrained If you want to restrain some specific routes selectively and leaves other routes sti...

Page 416: ... equivalent routes By default the system supports one BGP equivalent route Example Set the number of supported BGP equivalent routes to 3 Quidway bgp balance 3 5 1 3 bgp Syntax bgp as number undo bgp as number View System view Parameter as number The specified local AS number in the range of 1 to 65535 Description Use the bgp command to enable BGP and enter the BGP view Use the undo bgp command to...

Page 417: ...ult it is disabled to compare the MED attribute values from the routing paths of different AS peers If there are several routes available to one destination address the route with smaller MED parameter can be selected as the final route item Do not use this command unless it is determined that the same IGP and routing selection mode are adopted by different autonomous systems Example Quidway bgp c...

Page 418: ...hole from the point of view of a confederation although these sub ASs have EBGP relations This can assure the integrality of the former AS domain and ease the problem of too many connections in the domain Related command confederation nonstandard confederation peer as Example Confederation 9 consists of four sub ASs namely 38 39 40 and 41 Here the peer 10 1 1 1 is an internal member of the AS conf...

Page 419: ...idway bgp confederation peer as 65000 Quidway bgp confederation nonstandard 5 1 7 confederation peer as Syntax confederation peer as as number 1 as number n undo confederation peer as as number 1 as number n View BGP view Parameter as number 1 as number n Sub AS number The range is 1 to 65535 This command can configure a maximum of 32 Sub ASs belonging to a confederation Description Use the confed...

Page 420: ...es half life unreachable Specifies the semi dampening when the route is unreachable The range is 1 to 45 minutes By default the value is 15 minutes reuse When the penalty is reduced under this value the route is reused The range is 1 to 20000 By default the value is 750 suppress When the penalty exceeds this value the route is suppressed The range is 1 to 20000 By default the value is 2000 ceiling...

Page 421: ...ebugging event Indicates to enable BGP event information debugging normal Indicates to enable information debugging of BGP normal functions keepalive Indicates to enable BGP Keepalive packet information debugging mp update Indicates to enable MBGP Update packet information debugging open Indicates to enable BGP Open packet information debugging packet Indicates to enable BGP packet information deb...

Page 422: ...cal preference View BGP view Parameter value Default local preference to be configured The range is 0 to 4294967295 By default its value is 100 Description Use the default local preference command to configure the local preference Use the undo default local preference command to restore the default value Configuring different local preferences will affect BGP routing selection Example The two rout...

Page 423: ...nsitive When a router running BGP gets routes with the same destination address but different next hops from different external peers it selects the route with the smallest MED as the optimum route provided that all other conditions are the same Example Routers RTA and RTB belong to AS100 and router RTC belongs to AS200 RTC is the peer of RTA and RTB So the MED of RTA can be configured as 25 to al...

Page 424: ...licy ip prefix no default route produce Table 5 2 Description of the fields of the display bgp group command Field Description Group Name of peer group type Type of peer group IBGP or EBGP as number AS number of peer group members in this group Members in this peer group route policy Name of configured route policy filter policy Configured export and import route filter for BGP acl Configured acce...

Page 425: ... bgp network command Field Description Network Network address Mask Mask Route policy Configured route policy 5 1 14 display bgp paths Syntax display bgp paths as regular expression View Any view Parameter as regular expression Matched AS path regular expression Description Use the display bgp paths command to view the information about AS paths Example Display the information about the AS paths Q...

Page 426: ... to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway protocol EGP Origin INC Short for INCOMPLETE indicates that the original source of the route information is unknown learned by other metho...

Page 427: ...ceived 41 Sent 41 Checked 41 Input messages Total 4 Updates 1 Octets 125 Output messages Total 4 Updates 1 Octets 148 Route Queue Timer unset Peer capabilities Route refresh advertised and received Ipv4 family Unicast advertised and received Configuration within the peer no export policy route policy no export policy ip prefix no export policy filter policy no export policy acl no import policy ro...

Page 428: ...outing table ip address mask View Any view Parameter ip address Destination of the network mask Mask of the network Description Use the display bgp routing table command to view all the BGP routing information Example Display all the BGP routing information Quidway display bgp routing table Flags valid active I internal D damped H history S aggregate suppressed B balance Dest Mask Next hop Med Loc...

Page 429: ... Local preference which ranges from 0 to 4294967295 Origin attribute of route which indicates that the route updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway pr...

Page 430: ...I internal S aggregate suppressed B balance Dest Mask Pref Next Hop Med Local pref Origin As path 1 1 1 0 24 256 10 10 10 1 0 IGP 200 1 1 2 0 24 256 10 10 10 1 0 IGP 200 1 1 3 0 24 256 10 10 10 1 0 IGP 200 2 2 3 0 24 256 10 10 10 1 0 INC 200 4 4 4 0 24 256 10 10 10 1 0 INC 200 9 9 9 0 24 256 10 10 10 1 0 INC 200 10 10 10 0 24 256 10 10 10 1 0 IGP 200 22 1 0 0 16 256 200 1 7 2 100 INC 200 88 1 0 0 ...

Page 431: ... source of the route information is unknown learned by other methods BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE As path AS path attribute of route which records all AS areas that the route passes With it route loop can be avoided 5 1 18 display bgp routing table cidr Syntax display bgp routing table cidr View Any view Parameter None Description Use the disp...

Page 432: ...n advertise the route to other sub Ass in the confederation whole match Configures to display the exactly matched routes Description Use the display bgp routing table community command to view the routing information related to the specified BGP community number in the routing table Example Display the routing information matching BGP community number 11 22 Quidway display bgp routing table commun...

Page 433: ... community list 1 Quidway display bgp routing table community list 1 Flags valid best D damped H history I internal S aggregate suppressed B balance Destination Mask Pref Next hop Med Local Pref Origin As Path 1 1 1 0 24 256 10 10 10 1 0 IGP 200 1 1 2 0 24 256 10 10 10 1 0 IGP 200 1 1 3 0 24 256 10 10 10 1 0 IGP 200 2 2 3 0 24 256 10 10 10 1 0 INC 200 4 4 4 0 24 256 10 10 10 1 0 INC 200 9 9 9 0 24...

Page 434: ...te suppressed B balance Dest Mask Source Damping limit Origin As path D 11 1 0 0 16 133 1 1 2 1 20 00 IGP 200 Table 5 8 Description of the fields of the display bgp routing table dampened command Field Description Flags State flags valid valid best selected D damped discarded H history history I internal interior gateway protocol S aggregate suppressed suppressed D The valid and damped route Dest ...

Page 435: ...rce of the route information is unknown learned by other methods BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE As path AS path attribute of route which records all AS areas that the route passes With it route loop can be avoided 5 1 22 display bgp routing table different origin as Syntax display bgp routing table different origin as View Any view Parameter Non...

Page 436: ... path regular expression acl number Number of the specified AS path to be matched ranging from 1 to 199 network address Displays the flap information of this IP address mask Network mask longer match Shows the route flap info that is more specific than address mask Description Use the display bgp routing table flap info command to view BGP flap info If the network address mask arguments are set to...

Page 437: ...s The times of the route flap Origin attribute of route which indicates that the route updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway protocol EGP Origin INC ...

Page 438: ...vertised or received Related command display bgp peer Example Display the routing information advertised by BGP peer 10 10 10 1 Quidway display bgp routing table peer 10 10 10 1 advertised Flags valid best D damped H history I internal S aggregate suppressed B balance Dest mask Next Hop Med Local pref Origin As path 10 10 10 0 24 0 0 0 0 INC For detailed description of the output information see T...

Page 439: ... 10 1 0 IGP 200 9 9 9 0 24 256 10 10 10 1 0 INC 200 10 10 10 0 24 256 10 10 10 1 0 IGP 200 For detailed description of the output information see Table 5 6 5 1 26 display bgp routing table statistic Syntax display bgp routing table advertised received statistic View Any view Parameter advertised Routing information advertised by the peers received Routing information received by the peers statisti...

Page 440: ...ame export routing protocol View BGP view Parameter acl number Number of IP access control list in the range of 2000 to 3999 ip prefix name Name of ip prefix list Its length ranges from 1 to 19 routing protocol Specified protocols advertising routing information which include direct ospf ospf ase ospf nssa rip isis and static Description Use the filter policy export command to filter the advertise...

Page 441: ...refix name Name of a peer router address prefix list It is used for filtering routing information by peer router address Its length ranges from 1 to 19 Description Use the filter policy gateway import command to filter the learned routing information advertised by the peer with the specified address Use the undo filter policy gateway import command to cancel the filtration to the routing informati...

Page 442: ... groups of other sub ASs in the confederation Description Use the group group name command to establish a peer group Use the undo group group name command to cancel the configured peer group The default type of BGP peer group is internal Rather than existing alone a BGP peer must belong to a peer group Therefore when creating a BGP peer you must create a BGP peer group first and then add the peer ...

Page 443: ... import route command to import routes of other protocols Use the undo import route command to cancel importing routes of other protocols By default BGP does not import routes of other protocols Example Import routes of RIP Quidway bgp import route rip 5 1 31 network Syntax network ip address address mask route policy route policy name undo network ip address address mask route policy route policy...

Page 444: ... community command to enable the transmission of the community attribute to a peer group Use the undo peer advertise community command to cancel the existing configuration By default the community attribute is not transmitted to any peer group Related command if match community list apply community Example Transmit community attribute to the peer group named test Quidway bgp peer test advertise co...

Page 445: ...ng times of local AS to 2 Quidway bgp peer 1 1 1 1 allow as loop 2 5 1 34 peer as number Syntax peer group name as number as number undo peer group name as number View BGP view Parameter group name Name of peer group as number Peer AS number of the peer group the range is 1 to 65535 Description Use the peer as number command to configure the peer AS number of the specified peer group Use the undo ...

Page 446: ...This command can only be configured on the peer group The acl number specifies the number of the AS path list It is configured by the ip as path acl command rather than the acl command Related command peer as path acl import ip as path acl Example Configure to filter the routes advertised by the peer group test using the AS path list 1 Quidway bgp peer test as path acl 1 export 5 1 36 peer as path...

Page 447: ...cl 1 import 5 1 37 peer connect interface Syntax peer group name peer address connect interface interface name undo peer group name peer address connect interface interface name View BGP view Parameter group name Specified peer group peer address IP address of the peer interface name Interface name Description Use the peer connect interface command to specify the source interface of a route update...

Page 448: ...rtise command to cancel the existing configuration By default a peer group does not import the default route For this command no default route needs to exist in the routing table A default route is sent unconditionally to a peer with the next hop as itself Example Configure a peer group named test to generate a default route Quidway bgp peer test default route advertise 5 1 39 peer description Syn...

Page 449: ...the description information of the peer whose name is group1 as beijing1 Quidway bgp peer group1 description beijing1 5 1 40 peer ebgp max hop Syntax peer group name ebgp max hop ttl undo peer group name ebgp max hop View BGP view Parameter group name Specifies the name of the peer group ttl Maximum hop value The range is 1 to 255 By default the value is 64 Description Use the peer ebgp max hop co...

Page 450: ...ified peer peer group By default BGP peer peer group is enabled If the specified peer peer group is disabled the router will not exchange routing information with the specified peer peer group Example Disable the specified peer After the configuration the local router does not exchange BGP routing information with the specified peer Quidway bgp peer 18 10 0 9 group group1 Quidway bgp undo peer 18 ...

Page 451: ... policy import Syntax peer group name peer address filter policy acl number import undo peer group name peer address filter policy acl number import View BGP view Parameter group name Specifies the name of the peer group peer address Specifies the IP address of the peer acl number Specifies an IP acl number ranging from 2000 to 3999 That is you can use basic ACLs or advanced ACLs import Ingress fi...

Page 452: ... ability of the specified peer or peer group If the Graceful restart ability is enabled for a peer group first peers added into this group afterwards also inherits the Graceful restart ability of this group It is allowed that peers in a peer group have a different Graceful restart ability than that configured for this peer group For example after configuring Graceful restart for the whole peer gro...

Page 453: ... existing peer group Use the undo peer group command to delete the specified peer When you add a peer to an IBGP peer group the as number as number argument is not available When a peer is added to an EBGP peer group that has been assigned an AS number the peer inherits the configuration of the group You cannot assign an AS number to the peer separately If the peer group is not assigned an AS numb...

Page 454: ...o peer ip prefix export command to cancel the route filtering policy of the peer peer group based on the ip prefix By default the route filtering policy of the peer group is not specified The peer ip prefix export command can only be configured on peer groups Related command peer ip prefix import Example Configure the route filtering policy of the peer group based on the ip prefix 1 Quidway bgp pe...

Page 455: ...igured for the peer group Related command peer ip prefix export Example Configure the route filtering policy of the peer group based on the ip prefix 1 Quidway bgp peer group1 ip prefix list1 import 5 1 48 peer next hop local Syntax peer group name next hop local undo peer group name next hop local View BGP view Parameter group name Specifies the name of the peer group Description Use the peer nex...

Page 456: ...eter cipher is configured in the command Description Use the peer password command to configure MD5 authentication for BGP during TCP connection setup Use the undo peer password command to cancel the configuration By default BGP does not perform MD5 authentication when TCP connection is set up Once MD5 authentication is enabled both parties involved in the authentication must be configured with id...

Page 457: ...kets By default private AS number is carried when transmitting BGP update packets Generally BGP transmits BGP update packets with the AS number either public AS number or private AS number To enable some outbound routers to ignore the AS number when transmitting update packets you can configure not to carry the AS number when transmitting BGP update packets Example Configure not to carry the priva...

Page 458: ...guration of the Graceful restart ability The default value of Restart time is 180 seconds Example Set the Restart time of peer group TEST to 100 seconds Quidway system view Quidway bgp group TEST external Quidway bgp peer TEST restart timer 100 5 1 52 peer reflect client Syntax peer group name reflect client undo peer group name reflect client View BGP view Parameter group name Name of peer group ...

Page 459: ... to the routes advertised to the peer group Use the undo peer route policy export command to delete the specified Route policy By default the peer peer group has no Route policy association The peer route policy export command only applies to peer groups Related command peer route policy import Example Apply the Route policy named test policy to the route going out of the peer group test Quidway b...

Page 460: ...icy export Example Apply the Route policy named test policy to the route coming from the peer group test Quidway bgp peer test route policy test policy import 5 1 55 peer route update interval Syntax peer group name route update interval seconds undo peer group name route update interval View BGP view Parameter group name Specifies the name of the configured peer group seconds The minimum interval...

Page 461: ...letters and numbers The name length ranges from 1 to 47 peer address Peer IP address Description Use the peer shutdown command to disconnect and not to reconnect BGP connections without deleting BGP configurations Example Disconnect without reconnecting Peer 1 1 1 1 in the BGP unicast view Quidway bgp peer 1 1 1 1 shutdown Disconnect without reconnecting the Group Out in the BGP unicast view Quidw...

Page 462: ... for the specified peer peer group Use the undo peer timer command to restore the default timer settings The timer configured by using this command has a higher priority than the one configured by using the timer command Example Configure Keepalive and Holdtime intervals of the peer group test Quidway bgp peer test timer keep alive 60 hold 180 5 1 58 preference Syntax preference ebgp value ibgp va...

Page 463: ...routes all to 170 Quidway bgp preference 170 170 170 5 1 59 reflect between clients Syntax reflect between clients undo reflect between clients View BGP view Parameter None Description Use the reflect between clients command to configure the between client reflection of a route Use the undo reflect between clients command to disable this function After the route reflector is configured the route r...

Page 464: ...d command to delete the cluster ID of the route reflector By default each route reflector uses its Router ID as the cluster ID Usually there is only one route reflector in a cluster In this case the cluster is identified by the router ID of the route reflector You can configure multiple route reflectors to improve network stability If there are multiple route reflectors you can use this command to...

Page 465: ...sh the routes After the BGP connection is established only incremental routes are sent However some special cases exist For example when the routing policy changes the routes advertised to the peer or the advertised routes from the peer need refreshing so that they can be filtered according to the new policy Example Request all peers to re send the routes Quidway refresh bgp all import 5 1 62 rese...

Page 466: ...gular expression as regular expression as path acl acl number network address mask View User view Parameter regular expression as regular expression Resets the flap info matching the AS path regular expression as path acl acl number Resets the flap info in consistency with a specified filter list The range of the acl number argument is 1 to 199 network address Resets the flap info of a record at t...

Page 467: ...ers from group1 Quidway reset bgp group group1 5 1 65 reset dampening Syntax reset bgp dampening network address mask View User view Parameter network address Network IP address related to the clearing attenuation information mask Network mask Description Use the reset dampening command to reset route attenuation information and release suppressed routes Related command dampening display bgp routi...

Page 468: ...e Make the auto aggregation of the sub network routes Quidway bgp summary 5 1 67 timer Syntax timer keep alive keepalive interval hold holdtime interval undo timer View BGP view Parameter keepalive interval Sets the interval time value for keepalive time which ranges from 1 to 65535 By default its value is 60 seconds holdtime interval Sets the interval time value for hold time which ranges from 3 ...

Page 469: ... BGP view Parameter None Description Use the undo synchronization command to cancel the synchronization of BGP and IGP By default BGP does not synchronize with IGP This command set asynchronization between BGP IGP You need not configure it in operations The system does not support synchronization of BGP and IGP at present Example Cancel the synchronization of BGP and IGP Quidway bgp undo synchroni...

Page 470: ...some situations it may be required that only some routing information meeting a certain condition be received In this case you can define a Filter policy to filter advertised routing information so that only the routing information having passed the filtration can be received Note For the details about the apply mpls label if match mpls label and if match vpn target commands refer to the 08 MPLS c...

Page 471: ... Route policy Quidway route policy apply as path 200 6 1 2 apply community Syntax apply community aa nn no export subconfed no export no advertise additive additive none undo apply community View Route policy view Parameter none Deltes the community attribute of the route aa nn Community number no export subconfed Does not send matched route outside the sub AS no advertise Does not send matched ro...

Page 472: ...no export 6 1 3 apply cost Syntax apply cost value undo apply cost View Route policy view Parameter value Specifies the route cost value of route information Description Use the apply cost command to configure the route cost value of route information Use the undo apply cost command to cancel the Apply sub statement By default no Apply sub statement is defined This command is one Apply sub stateme...

Page 473: ...t is only valid for IS IS and it indicates external cost type of IS IS Description Use the apply cost type command to configure the route cost type of route information Use the undo apply cost type command to cancel the Apply sub statement By default route cost type is not set Example Set the cost type of IGP as MED value of BGP Quidway route policy apply cost type internal 6 1 5 apply ip next hop...

Page 474: ...te information attribute Quidway route policy apply ip next hop 193 1 1 8 6 1 6 apply isis Syntax apply isis level 1 level 2 level 1 2 undo apply isis View Route policy view Parameter level 1 Sets to import the matched route to Level 1 area level 2 Sets to import the matched route to Level 2 area level 1 2 Sets to import the matched route to both Level 1 and Levle 2 area Description Use the apply ...

Page 475: ...match interface if match acl if match ip prefix if match ip next hop if match cost if match tag route policy apply ip next hop apply local preference apply origin apply tag Example Define an Apply sub statement Apply the local preference level of route information as 130 when this Apply sub statement is used for setting route information attribute Quidway route policy apply local preference 130 6 ...

Page 476: ...e of BGP route information as IGP Quidway route policy apply origin igp 6 1 9 apply tag Syntax apply tag value undo apply tag View Route policy view Parameter value Specifies the tag value of route information Description Use the apply tag command to configure to set the tag area of OSPF route information Use the undo apply tag command to cancel the Apply sub statement Related command if match int...

Page 477: ...n of the address prefix list named as p1 Quidway display ip ip prefix p1 name index conditions ip prefix mask GE LE p1 10 permit 10 1 0 0 16 17 18 Table 6 1 Description of the fields of the display ip ip prefix command Field Description name Name of ip prefix index Internal sequence number of ip prefix conditions Mode permit or deny ip prefix mask Address and network segment length of ip prefix GE...

Page 478: ...hed 0 denied 0 Table 6 2 Description of the fields of the display route policy command Field Description Route policy Name of ip prefix Information of the route policy with mode configured as permit and node as 10 if match prefixlist p1 The configured if match clause apply cost 100 Apply routing cost 100 to the routes matching the conditions defined by if match clause matched Number of routes matc...

Page 479: ...g information meeting some conditions can be advertised Then the filter policy command can be used to set the filtering conditions for the routing information to be advertised Only the routing information passing the filtration can be advertised Related command filter policy import Example Define the filtering rules for advertising the routing information of RIP Only the routing information passin...

Page 480: ...t filtered To ignore some routing information received you can use the filter policy command to set the filter condition Related command filter policy export Example Define the filtering rule for receiving routing information of RIP Only the routing information filtered through the address prefix list p1 can be received by RIP Quidway rip filter policy ip prefix p1 import 6 1 14 if match acl ip pr...

Page 481: ...th View Route policy view Parameter acl number AS path list number ranging from 1 to 199 Description Use the if match as path command to match the AS path domain of the BGP routing information Use the undo if match as path command to cancel the match of AS path domain By default AS path list number is not matched This command is an if match sub statement of route policy used to filter BGP routing ...

Page 482: ...atch the community attribute of the BGP information Use the undo if match community command to cancel the match of the community attribute By default no match operation is done on the community attribute of BGP routes This if match sub statement of route policy is used to filter BGP routing information and specify the match condition according to the community attributes of the routing information...

Page 483: ... rule By default no if match sub statement is defined This is an if match sub statement of Route policy used to specify the cost of a route matches the specified condition Related command if match interface if match acl if match ip prefix if match ip next hop if match tag route policy apply ip next hop apply local preference apply cost apply origin apply tag Example Define an if match sub statemen...

Page 484: ...ine an if match sub statement to match the route whose next hop interface is Vlan interface 1 Quidway route policy if match interface Vlan interface 1 6 1 19 if match ip next hop Syntax if match ip next hop acl acl number ip prefix ip prefix name undo if match ip next hop ip prefix View Route policy view Parameter acl number Specifies the number of the access control list used for filtration The r...

Page 485: ...passes the filtration of the prefix address list p1 to pass this if match sub statement Quidway route policy if match ip next hop ip prefix p1 6 1 20 if match tag Syntax if match tag value undo if match tag View Route policy view Parameter value Specifies the value in tag field of OSPF route information Description Use the if match tag command to configure to match the tag field of OSPF route info...

Page 486: ... policy Related command peer as path acl display bgp routing table as path acl Example Configure an AS path list Quidway ip as path acl 10 permit 200 300 6 1 22 ip community list Syntax ip community list basic comm list number permit deny aa nn internet no export subconfed no advertise no export ip community list adv comm list number permit deny comm regular expression undo ip community list basic...

Page 487: ...g to advertise routes with the community attribute beyond the local AS Quidway ip community list 6 permit no export subconfed 6 1 23 ip ip prefix Syntax ip ip prefix ip prefix name index index number permit deny network len greater equal greater equal less equal less equal undo ip ip prefix ip prefix name index index number permit deny View System view Parameter ip prefix name The specified addres...

Page 488: ...he undo ip ip prefix command to delete an address prefix list or one of its items The address prefix list is used for IP address filtering An address prefix list may contain several items and each item specifies one address prefix range The inter item filtering relation is OR i e passing an item means passing the filtering of this address prefix list Not passing the filtering of any item means not...

Page 489: ...ter its view Use the undo route policy command to delete the established Route policy By default no Route policy is defined Route policy is used for route information filtration or policy routing One Route policy comprises of some nodes and each node comprises of some match and Apply sub statements The if match sub statement defines the match rules of this node and the Apply sub statement defines ...

Page 490: ...ber of route entries supported by current system to 256 K 512K Sets the maximum number of route entries supported by current system to 512 K Description Use the router route limit command to set the maximum number of route entries supported by the current system If the maximum number of route entries supported by a card is less than this number the system will inhibit the card from working By defa...

Page 491: ...to 512 1024 Sets the maximum number of VRFs supported by current system to 1024 Description Use the router VRF limit command to set the maximum number of VPN routing and forwarding instances VRFs supported by current system If the number of VRFs supported by a card is less than this number the system will inhibit the card from working This number is 256 by default Example Set the maximum number of...

Page 492: ... bgp Specifies routes learned by the BGP as the type of routes to be controlled static Specifies static routes as the type of routes to be controlled Description Use the route rely command to enable recursive routing Use the undo route rely command to disable the recursive routing By default both routes learned by the BGP and static routes support recursive routing Example Disable recursive routin...

Page 493: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Multicast Protocol Huawei Technologies Proprietary ...

Page 494: ...t Static Routing Port Configuration Commands 1 13 1 2 1 igmp snooping mrouter port 1 13 1 2 2 igmp snooping mrouter vlan 1 14 Chapter 2 Multicast VLAN Configuration Commands 2 1 2 1 Multicast VLAN Configuration Commands 2 1 2 1 1 service type multicast 2 1 Chapter 3 Multicast Common Configuration Commands 3 1 3 1 Multicast Common Configuration Commands 3 1 3 1 1 broadcast suppression 3 1 3 1 2 deb...

Page 495: ... robust count 4 12 4 1 13 igmp timer other querier present 4 12 4 1 14 igmp timer query 4 13 4 1 15 igmp version 4 14 4 1 16 reset igmp group 4 15 4 2 IGMP Proxy Configuration Commands 4 15 4 2 1 igmp proxy 4 15 Chapter 5 PIM Configuration Commands 5 1 5 1 PIM Configuration Commands 5 1 5 1 1 bsr policy 5 1 5 1 2 c bsr 5 2 5 1 3 c rp 5 3 5 1 4 crp policy 5 4 5 1 5 debugging pim common 5 5 5 1 6 de...

Page 496: ...1 peer 6 10 6 1 12 peer description 6 11 6 1 13 peer mesh group 6 11 6 1 14 peer minimum ttl 6 12 6 1 15 peer request sa enable 6 13 6 1 16 peer sa cache maximum 6 13 6 1 17 peer sa policy 6 14 6 1 18 peer sa request policy 6 15 6 1 19 reset msdp peer 6 16 6 1 20 reset msdp sa cache 6 17 6 1 21 reset msdp statistics 6 17 6 1 22 shutdown 6 18 6 1 23 static rpf peer 6 18 6 1 24 timer retry 6 19 Chap...

Page 497: ...ort 7 10 7 1 18 filter policy import 7 11 7 1 19 import route 7 12 7 1 20 ipv4 family multicast 7 13 7 1 21 network 7 14 7 1 22 peer advertise community 7 14 7 1 23 peer allow as loop 7 15 7 1 24 peer as path acl export 7 16 7 1 25 peer as path acl import 7 17 7 1 26 peer enable 7 17 7 1 27 peer filter policy export 7 18 7 1 28 peer filter policy import 7 19 7 1 29 peer group 7 20 7 1 30 peer ip p...

Page 498: ...l Enables IGMP snooping abnormal debugging all Turns on all IGMP snooping debugging switches events Enables IGMP snooping events debugging forward Enables IGMP snooping forwarding debugging groups Enables IGMP snooping multicast groups debugging packets Enables IGMP snooping packets debugging timers Enables IGMP snooping timers debugging Description Use the debugging mpm command to enable IGMP sno...

Page 499: ...cast packets are disabled from flooding within VLANs Related command igmp snooping Example Display the IGMP Snooping configuration information of the switch Quidway display igmp snooping configuration Enable IGMP Snooping Enable IGMP Snooping The router port timeout is 105 second s The max response timeout is 1 second s The host port timeout is 260 second s Enable IGMP Snooping Non Flooding The in...

Page 500: ...C multicast group MAC multicast group address and the member ports in the MAC multicast group Example Display the multicast group information about VLAN2 Quidway display igmp snooping group vlan 2 Multicast group table Vlan id 2 Router port s Ethernet3 1 1 IP group s the following ip group s match to one mac group IP group address 230 45 45 1 Member port s Ethernet3 1 12 MAC group s MAC group addr...

Page 501: ...d igmp snooping Example Display statistics information about IGMP Snooping Quidway display igmp snooping statistics Received IGMP general query packet s number 0 Received IGMP specific query packet s number 0 Received IGMP V1 report packet s number 0 Received IGMP V2 report packet s number 0 Received IGMP leave packet s number 0 Received error IGMP packet s number 0 Sent IGMP specific query packet...

Page 502: ...not be enabled on the corresponding VLAN interface z If IGMP Snooping feature is enabled on a VLAN or IGMP is enabled on the VLAN interface you cannot add the member port on which VLAN VPN is enabled into the VLAN z Isolate user VLAN supports the IGMP Snooping function After IGMP Snooping is enabled under isolate user VLAN all secondary VLANs are IGMP Snooping enabled It makes no sense to enable I...

Page 503: ...t leave command to disable IGMP Snooping fast leave An IGMP Snooping enabled Layer 2 switch directly removes a fast leave enabled port from the list of member ports of the multicast group when the port receives a leave packet That is the switch peels off the port from the multicast group immediately and does not forward multicast data to the port any longer You can optionally specify multiple vlan...

Page 504: ... igmp snooping fast leave command is useless if you do not enable IGMP Snooping globally You can enable IGMP Snooping globally by executing the igmp snooping enable command in system view z When you configure IGMP Snooping fast leave on aggregation ports the configuration takes effect only on primary aggregation ports z If you add an IGMP V1 host of the same multicast group to the port the switch ...

Page 505: ...ing fast leave vlan 3 Disable IGMP Snooping fast leave on the Ethernet2 1 1 port in all VLANs Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet2 1 1 Quidway Ethernet2 1 1 undo igmp snooping fast leave Enable IGMP Snooping fast leave on all Ethernet ports in VLAN 5 Quidway system view System View return to User View with Ctrl Z Quidway igmp snooping fast lea...

Page 506: ...nfigured rule will replace the old one Use the undo igmp snooping group policy command to cancel the configuration By default no filtering rule is set in a VLAN In this case a host can join any multicast group Example Create ACL2001 and configure the flow rule for basic ACL using the source IP address serves as the destination multicast address Quidway system view System View return to User View w...

Page 507: ...embers Use the undo igmp snooping host aging time command to restore the default value This command is used to set the aging time of the multicast group member so that the refresh frequency can be controlled When the group members change frequently the aging time should be comparatively short and vice versa Related command igmp snooping Example Set the aging time to 300 seconds Quidway system view...

Page 508: ...nooping max response time 15 1 1 10 igmp snooping nonflooding enable Syntax igmp snooping nonflooding enable undo igmp snooping nonflooding enable View System view Parameter None Description Use the igmp snooping nonflooding enable command to enable unknown multicast data packets not to be broadcasted within a VLAN Use the undo igmp snooping nonflooding enable command to disable unknown multicast ...

Page 509: ...s 105 Description Use the igmp snooping router aging time command to configure the router port aging time of IGMP Snooping Use the undo igmp snooping router aging time command to restore the default value The port here refers to the Ethernet switch port connected to the multicast router The Layer 2 Ethernet switch receives general query packets from the router via this port The timer should be set...

Page 510: ...ter port Syntax igmp snooping mrouter port port number undo igmp snooping mrouter port port number View VLAN view Parameter port number Port number of the port to be configured as a static routing port Provide this argument in the format of interface type interface number where the interface type argument can only be Ethernet port type Description Use the igmp snooping mrouter port command to conf...

Page 511: ...s an aggregated port or not To configure all ports in an aggregation group as static routing ports you can enable the static routing port function on all the ports in the aggregation group Related command igmp snooping mrouter vlan Example Configure GigabitEthernet 5 1 1 port to be a static routing port assuming that GigabitEthernet 5 1 1 port belongs to VLAN 1 Quidway system view System View retu...

Page 512: ... multiple ports in a VLAN to be static routing ports by executing the igmp snooping mrouter port command repeatedly The newly configured ports do not replace the existing static routing ports z The configuration of a static routing port takes effect on the current port only no matter whether the current port is an aggregated port or not To configure all ports in an aggregation group as static rout...

Page 513: ...ndo service type multicast command to remove the configuration By default all VLANs are not multicast VLANs If you configure multicast VLAN add the corresponding switch ports to the multicast VLAN and enable IGMP Snooping users in different VLANs can share one multicast VLAN and multicast flow can be transmitted in the multicast VLAN only thus saving bandwidth The completely isolated multicast VLA...

Page 514: ...uidway S8500 Series Routing Switches Chapter 2 Multicast VLAN Configuration Commands Huawei Technologies Proprietary 2 2 Quidway system view System View return to User View with Ctrl Z Quidway vlan 2 Quidway vlan2 service type multicast ...

Page 515: ... allowed on the port The value range is 1 to 100 and the default value is 50 The smaller the ratio is the smaller the broadcast traffic is allowed to pass bandwidth Specifies broadcast suppression bandwidth on the port The value range is 1 to the maximum value of port bandwidth Description Use the broadcast suppression command to set the broadcast suppression ratio or broadcast suppression bandwid...

Page 516: ...ime while broadcast suppression does not work on multicast packets No distinction is made between known multicast and unknown multicast for multicast suppression Related command multicast suppression Example Set the broadcast suppression ratio to 40 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet 2 1 1 Quidway Ethernet2 1 1 broadcast suppression 40 Set th...

Page 517: ...gging multicast forwarding 3 1 3 debugging multicast kernel routing Syntax debugging multicast kernel routing undo debugging multicast kernel routing View User view Parameter None Description Use the debugging multicast kernel routing command to enable multicast kernel routing debugging functions Use the undo debugging multicast kernel routing command to disable the debugging functions By default ...

Page 518: ...ebugging multicast status forwarding 3 1 5 display mpm forwarding table Syntax display mpm forwarding table group address source address View Any view Parameter group address Multicast group address used to specify a multicast group ranging from 224 0 0 0 to 239 255 255 255 source address IP address of the multicast source Description Use the display mpm forwarding table command to view the port c...

Page 519: ...table Field Description Multicast Forwarding Cache Table Multicast forwarding cache table Total 1 entry entries Total number of entries 00001 Sequence number of entries 10 11 113 110 226 1 1 1 s g namely source address group address in vlan Vlan1 The in VLAN of the multicast forwarding table is VLAN 1 2 out vlan s The multicast forwarding table has two out VLANs Vlan20 Ethernet5 1 33 Vlan10 Ethern...

Page 520: ...ast group z MAC multicast group z MAC multicast group address z Member port of MAC multicast group Caution z The information displayed by this command includes that displayed by the display igmp group command and port information z The information displayed by this command is the same as that displayed by the display igmp snooping group command except the VLAN properties The display igmp snooping ...

Page 521: ...s a member port of the IP multicast group MAC group address 01 00 5e 2d 2d 01 The MAC address of the MAC multicast group is 01 00 5e 2d 2d 01 Member port s Ethernet2 1 2 Ethernet2 1 2 port is a member port of the MAC multicast group 3 1 7 display multicast forwarding table Syntax display multicast forwarding table group address mask mask mask length source address mask mask mask length incoming in...

Page 522: ...splay multicast forwarding table Multicast Forwarding Cache Table Total 2 entries 00001 4 4 4 4 224 2 254 84 iif Vlan interface1 0 oifs Matched 240 pkts 11288 bytes Wrong If 0 pkts Forwarded 232 pkts 11288 bytes 00002 4 4 4 4 224 2 149 17 iif Vlan interface1 1 oifs List of outgoing interface 01 Vlan interface2 Matched 236 pkts 3267 bytes Wrong If 0 pkts Forwarded 233 pkts 3267 bytes Matched 2 entr...

Page 523: ... Matched 2 entries 2 matched entries 3 1 8 display multicast routing table Syntax display multicast routing table group address mask mask mask length source address mask mask mask length incoming interface interface type vlan interface register View Any view Parameter group address Multicast group address used to specify a multicast group and display the corresponding routing table information of ...

Page 524: ...4 4 224 2 149 17 Uptime 00 15 16 Timeout in 272 sec Upstream interface Vlan interface1 4 4 4 6 Downstream interface list Vlan interface2 2 2 2 4 Protocol 0x1 IGMP 4 4 4 4 224 2 254 84 Uptime 00 15 16 Timeout in 272 sec Upstream interface Vlan interface1 4 4 4 6 Downstream interface list NULL 4 4 4 4 239 255 2 2 Uptime 00 02 57 Timeout in 123 sec Upstream interface Vlan interface1 4 4 4 6 Downstrea...

Page 525: ... 2 2 2 4 The downstream interface is configured with IGMP groups Matched 3 entries 3 entries in total meeting the requirement 3 1 9 ip managed multicast Syntax ip managed multicast undo ip managed multicast View System view Parameter None Description Use the ip managed multicast command to enable the managed multicast function of the system Use the undo ip managed multicast to disable the managed ...

Page 526: ...to cancel the configuration Related command display local user service type lan access multicast Example Grant users permission to join the multicast group with the IP address of 225 10 10 10 Quidway system view System View return to User View with Ctrl Z Quidway local user multicast 225 10 10 10 3 1 11 multicast Syntax multicast ip address ip address 1 9 mask length undo multicast ip address ip a...

Page 527: ...p Users must pass the 802 1x authentication for the port first Moreover users can only join the multicast group configured particularly for them The port based managed multicast prohibits users without authority from joining controlling users access to the specific multicast group Caution In local user view before configuring this command you must configure user service type as LAN ACCESS which th...

Page 528: ...ed the capacity value you configured during using this command the system will not delete the existing entries but prompts the information Existing route entries exceed the configured capacity value The new configuration overwrites the old one if you run the command for a second time Example Limit multicast routing table capacity at 128 Quidway system view System View return to User View with Ctrl...

Page 529: ...e multicast traffic allowed on the port The value range is 1 to 100 and the default value is 50 The smaller the ratio is the smaller the multicast traffic is allowed to pass bandwidth Specifies multicast suppression bandwidth on the port The value range is 1 to the maximum value of port bandwidth Description Use the multicast suppression command to set the multicast suppression ratio or multicast ...

Page 530: ...een known multicast and unknown multicast for multicast suppression Related command broadcast suppression Example Set the multicast suppression ratio to 40 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet 2 1 1 Quidway Ethernet2 1 1 multicast suppression 40 Set the multicast suppression bandwidth to 40Mbit Quidway Ethernet2 1 1 multicast suppression bandwi...

Page 531: ... forwarding table command to clear MFC forwarding entries or the statistic information of MFC forwarding entries You can type in source address first and group address after in the command as long as they both are valid addresses The system prompts error information if you type in invalid addresses Related command reset pim routing table reset multicast routing table display multicast forwarding t...

Page 532: ...interface Specifies incoming interface for the multicast forward entry vlan interface type interface number Interface type and VLAN virtual interface number Description Use the reset multicast routing table command to clear route entries from the core multicast routing table as well as MFC forwarding entries You can type in source address first and group address after in the command as long as the...

Page 533: ...g information of IGMP event Debugging information of IGMP event host Debugging information of IGMP host packet Debugging information of IGMP packets timer Debugging information of IGMP timers Description Use the debugging igmp command to enable IGMP debugging functions Use the undo debugging igmp command to disable the debugging functions By default IGMP debugging functions are disabled Example En...

Page 534: ...line Related command igmp host join Example Display the IGMP group members in a directly connected subnet Quidway display igmp group LoopBack0 20 20 20 20 Total 3 IGMP Groups reported Group Address Last Reporter Uptime Expires 225 1 1 1 20 20 20 20 00 02 04 00 01 15 225 1 1 3 20 20 20 20 00 02 04 00 01 15 225 1 1 2 20 20 20 20 00 02 04 00 01 17 Table 4 1 Description of the output information of th...

Page 535: ...uery response time for IGMP in seconds 10 Value of robust count for IGMP 2 Value of startup query interval for IGMP in seconds 15 Value of last member query interval for IGMP in seconds 1 Value of query timeout for IGMP version 1 in seconds 400 Policy to accept IGMP reports none Querier for IGMP 10 153 17 99 this router IGMP group limit is 1024 No IGMP group reported Table 4 2 Description on the f...

Page 536: ...w VLAN interface view Parameter None Description Use the igmp enable command to enable IGMP on an interface Use the undo igmp enable command to disable IGMP on the interface By default IGMP is disabled on an interface You must enable the multicast function before this command can work you must use this command first before you can configure other IGMP features Related command multicast routing ena...

Page 537: ...to enable IGMP fast leave on ports or VLANs Use the undo igmp fast leave command to disable IGMP fast leave An IGMP enabled Layer 3 switch does not query packets of the specific multicast group to a fast leave enabled port any longer when the port receives an IGMP leave packet Instead the switch peels off the port from the multicast group immediately You can optionally specify multiple vlan keywor...

Page 538: ...nd before you can configure the fast leave feature z Disabling globally enabled multicast routing results in all existing IGMP fast leave related configurations being cleared z When you configure IGMP fast leave on aggregation ports the configuration takes effect only on primary aggregation ports z If you add an IGMP V1 host of the same multicast group to the port or configure a static host of the...

Page 539: ...uidway undo igmp fast leave 4 1 6 igmp group limit Syntax igmp group limit limit undo igmp group limit View VLAN interface view Parameter limit Quantity of multicast groups in the range of 0 to 512 Description Use the igmp group limit command to limit multicast groups to be added on an interface After the limit is reached the router does not process IGMP join messages Use the undo igmp group limit...

Page 540: ...rule will replace the old one Use the undo igmp group policy command to cancel the configuration By default no filtering rule is set in a VLAN In this case a host can join any multicast group Example Create ACL2001 and configure the flow rule for basic ACL using the source IP address serves as the destination multicast address Quidway system view System View return to User View with Ctrl Z Quidway...

Page 541: ...e interface number Specifies the port under the VLAN interface Description Use the igmp host join command to enable a port in the VLAN interface of an Ethernet switch to join a multicast group Use the undo igmp host join command to disable the configuration By default an interface does not join any multicast group Related command igmp group policy Example Add port Ethernet 2 1 1 under VLAN interfa...

Page 542: ...interface vlan interface 10 Quidway Vlan interface10 igmp enable Quidway Vlan interface10 quit Quidway interface Ethernet 2 1 1 Quidway Ethernet2 1 1 port access vlan 10 Quidway Ethernet2 1 1 igmp host join 225 0 0 1 vlan 10 4 1 10 igmp lastmember queryinterval Syntax igmp lastmember queryinterval seconds undo igmp lastmember queryinterval View Interface view Parameter seconds Time interval before...

Page 543: ...ponse time Syntax igmp max response time seconds undo igmp max response time View VLAN Interface view Parameter seconds Maximum response time in the IGMP query messages in second in the range from 1 to 25 By default the value is 10 seconds Description Use the igmp max response time command to configure the maximum response time contained in the IGMP query messages Use the undo igmp max response ti...

Page 544: ...y router sends IGMP group query message after it receives the IGMP Leave message from the host Use the undo igmp robust count command to restore the default value Related commands igmp lastmember queryinterval display igmp interface Example Set the robust value at the Vlan interface 10 as 3 Quidway system view System View return to User View with Ctrl Z Quidway interface vlan interface 10 Quidway ...

Page 545: ...In IGMP version 1 the selection of a query is determined by the multicast routing protocol In IGMP version 2 the router with the lowest IP address on the shared network segment acts as the querier Related command igmp timer query and display igmp interface Example Set querier to expire after 300 seconds Quidway system view System View return to User View with Ctrl Z Quidway interface vlan interfac...

Page 546: ... with Ctrl Z Quidway interface vlan interface 2 Quidway Vlan interface2 igmp timer query 150 4 1 15 igmp version Syntax igmp version 1 2 undo igmp version View VLAN interface view Parameter 1 IGMP version 1 2 IGMP version 2 The default setting is IGMP version 2 Description Use the igmp version command to specify the version of IGMP that a router uses Use the undo igmp version command to restore th...

Page 547: ...t igmp group command to delete an existing IGMP group from the interface The deleted group can added again on the interface Example Delete all IGMP groups on all the interfaces Quidway reset igmp group all Delete all IGMP groups on the Vlan intrface10 Quidway reset igmp group interface Vlan interface10 all Delete the group 225 0 0 1 from the Vlan interface10 Quidway reset igmp group interface Vlan...

Page 548: ...is disabled on a VLAN interface Caution z You need to enable PIM protocol for a VLAN interface before executing the igmp proxy command in its VLAN interface view z If you configure the IGMP proxy interface for a VLAN interface multiple times the latest configured IGMP proxy interface will take effect z A VLAN interface cannot be the IGMP proxy interface for two or more other VLAN interfaces simult...

Page 549: ...two measures need to be taken z Prevent the router from being spoofed by hosts though faking legal BSR messages to modify RP mapping BSR messages are of multicast type and their TTL is 1 so this type of attacks often hit edge routers Fortunately BSRs are inside the network while assaulting hosts are outside therefore neighbor and RPF checks can be used to stop this type of attacks z If a router in...

Page 550: ...idway pim Quidway pim bsr policy 2000 Quidway pim quit Quidway acl number 2000 Quidway acl basic 2000 rule 0 permit source 101 1 1 1 0 5 1 2 c bsr Syntax c bsr interface type interface number hash mask len priority undo c bsr View PIM view Parameter interface type interface number Specifies the interface The candidate BSR is configured on the interface PIM SM must be enabled on the interface first...

Page 551: ...y acl number priority priority value undo c rp interface type interface number all View PIM view Parameter interface type interface number Specifies interface with the IP address advertised as a candidate RP address acl number Number of the basic ACL that defines a group range which is the service range of the advertised RP The value ranges from 2000 to 2999 priority value Priority value of candid...

Page 552: ...to 3999 Description Use the crp policy command to limit the range of legal C RP as well as target service group range of each C RP and prevent C RP proofing Use the undo crp policy command to restore the default setting that is no range limit is set and all received messages are taken as legal In the PIM SM network using BSR mechanism every router can set itself as C RP candidate rendezvous point ...

Page 553: ...em View return to User View with Ctrl Z Quidway multicast routing enable Quidway pim Quidway pim crp policy 3000 Quidway pim quit Quidway acl number 3000 Quidway acl adv 3000 rule 0 permit source 1 1 1 1 0 destination 225 1 0 0 0 0 255 255 5 1 5 debugging pim common Syntax debugging pim common all event packet timer undo debugging pim common all event packet timer View User view Parameter all All ...

Page 554: ...operation event debugging information of PIM DM all All the debugging information of PIM DM mrt Debugging information of PIM DM multicast routing table timer Debugging information of PIM DM timer warning Debugging information of PIM DM warning message recv Debugging information of PIM DM receiving packets send Debugging information of PIM DM sending packets assert graft graft ack join prune Packet...

Page 555: ... of PIM SM multicast border router fresh stands for debugging renew information of PIM SM multicast verbose Debugging detail information of PIM SM mrt Debugging information of PIM SM multicast routing table msdp Debugging information of correspondence between PIM SM and MSDP timer Debugging information of PIM SM timer assert bsr crpadv jp jpdelay mrt probe spt PIM SM timer type warning Debugging i...

Page 556: ...ay display pim bsr info Current BSR Address 192 168 1 1 Priority 0 Mask Length 30 Expires 00 01 26 Bootstrap Period 60 seconds Bootstrap Timeout 130 seconds Local host is BSR Table 5 1 Output description of the display pim bsr command Field Description BSR Boot strap router Priority Priority of BSR Mask Length 30 Length of mask Expires 00 01 55 Expire time BootStrap Period 60 seconds Boot strap in...

Page 557: ...on an interface Quidway display pim interface vlan 2 PIM information of VLAN interface 2 IP address of the interface is 10 10 1 20 PIM is enabled on interface PIM version is 2 PIM mode is Sparse PIM query interval is 30 seconds PIM neighbor hold time is 105 seconds PIM neighbor limit is 128 PIM neighbor policy is none Total 1 PIM neighbor on interface PIM DR designated router is 10 10 1 20 Table 5...

Page 558: ...ormation discovered by the switch interface If the interface type and interface number are specified this command only displays the PIM neighbor information on the specified interface Example Display PIM neighbor information discovered by the switch interface Quidway display pim neighbor Neighbor s Address Interface Name Uptime Expires 90 0 0 2 Vlan interface90 00 00 36 00 01 40 Table 5 3 Descript...

Page 559: ...ess Address of the multicast group source address IP address of the multicast source incoming interface interface interface type interface number Route entry with the specified incoming interface null Specifies the incoming interface type as Null dense mode Specifies the multicast routing protocol as PIM DM sparse mode Specifies the multicast routing protocol as PIM SM Description Use the display ...

Page 560: ...information of display pim routing table Field Description RP Rendezvous Point S G source address multicast group PIM SM PIM Sparse Mode SPT Shortest Path Tree RPF Reverse Path Forwarding 5 1 12 display pim rp info Syntax display pim rp info group address View Any view Parameter group address Specifies the group address to display If no multicast group is specified the RP information about all mul...

Page 561: ...p info Field Description PIM SM RP SET information RP information BSR is 4 4 4 6 BSR is the virtual interface of the node 4 4 4 6 Group MaskLen 224 0 0 0 4 RP 4 4 4 6 Version 2 Priority 0 Uptime 00 39 50 Expires 00 01 40 Adv Period 60 seconds Holdtime 150 seconds The RP with IP address 224 0 0 0 and mask length of 4 is the virtual interface of the node 4 4 4 6 in version 2 and priority 0 it has be...

Page 562: ... User View with Ctrl Z Quidway multicast routing enable Quidway pim Quidway pim 5 1 14 pim bsr boundary Syntax pim bsr boundary undo pim bsr boundary View VLAN interface view Parameter None Description Use the pim bsr boundary command to configure an interface to be the PIM domain border Use the undo pim bsr boundary command to remove the border By default no domain border is set You can use this ...

Page 563: ...way interface vlan interface 10 Quidway Vlan interface10 pim bsr boundary 5 1 15 pim dm Syntax pim dm undo pim dm View VLAN interface view Parameter None Description Use the pim dm command to enable PIM DM Use the undo pim dm command to disable PIM DM By default PIM DM is disabled Before enabling PIM DM you must execute the multicast routing enable command in system view to enable the multicast ro...

Page 564: ...e added any more when the limit is reached Use the undo pim neighbor limit command to restore the default setting By default the PIM neighbors on the interface are limited to 128 If the existing PIM neighbors exceed the configured value during configuration they will not be deleted Example Limit the PIM neighbors on the Vlan interface10 to 50 Quidway system view System View return to User View wit...

Page 565: ...erve as a PIM neighbor of the Vlan interface10 but not 10 10 1 1 Quidway system view System View return to User View with Ctrl Z Quidway interface vlan interface 10 Quidway Vlan interface10 pim neighbor policy 2000 Quidway Vlan interface10 quit Quidway acl number 2000 Quidway acl basic 2000 rule permit source 10 10 1 2 0 Quidway acl basic 2000 rule deny source 10 10 1 1 0 5 1 18 pim sm Syntax pim ...

Page 566: ... the time interval is 30 seconds Description Use the pim timer hello command to configure the time interval for a port to send Hello packets Use the undo pim timer hello command to restore the default time interval After the protocol independent multicast sparse mode PIM SM protocol is enabled for a port a switch sends Hello packets periodically to all network devices supporting protocol independe...

Page 567: ...ace vlan interface 10 Quidway Vlan interface10 pim timer hello 40 5 1 20 register policy Syntax register policy acl number undo register policy View PIM view Parameter acl number Number of IP advanced ACL defining the rule of filtering the source and group addresses The value ranges from 3000 to 3999 Description Use the register policy command to configure a RP to filter the register messages sent...

Page 568: ...ce interface type interface number View User view Parameter all All PIM neighbors neighbor address Specifies neighbor address interface interface type interface number Specifies interface Description Use the reset pim neighbor command to clear a PIM neighbor Related command display pim neighbor Example Clear the PIM neighbor 25 5 4 3 Quidway reset pim neighbor 25 5 4 3 5 1 22 reset pim routing tab...

Page 569: ... valid Error information will be given if you type in invalid addresses If in this command the group address is 224 0 0 0 24 and source address is the RP address where group address can have a mask but the resulted IP address must be 224 0 0 0 and source address has no mask then it means only the RP item will be cleared If in this command the group address is any a group address and source address...

Page 570: ... as well as advanced ACLs then the router filters the resource and group addresses of all multicast data packets received Those not matched will be discarded When this feature is configured the router filters not only multicast data but the multicast data encapsulated in the registration packets The new configuration overwrites the old one if you run the command for a second time Example Set to re...

Page 571: ...e network robustness If the RP elected by BSR mechanism is valid static RP will not work All routers in the PIM domain should be configured with this command and be specified with the same RP address The new configuration overwrites the old one if you run the command for a second time Caution z When the BSR elected RP is effective the static RP does not work z All routers in the PIM domain must be...

Page 572: ...hapter 5 PIM Configuration Commands Huawei Technologies Proprietary 5 24 Remove the static RP with the IP address of 10 110 0 6 Quidway system view System View return to User View with Ctrl Z Quidway multicast routing enable Quidway pim Quidway pim undo static rp 10 110 0 6 ...

Page 573: ...6 1 1 cache sa enable Syntax cache sa enable undo cache sa enable View MSDP view Parameter None Description Use the cache sa enable command to enable the router to cache SA state Use the undo cache sa enable command to remove the cache from the router By default the router caches the SA state i e S G entry after it receives SA messages If the router is in cache state it will not send SA request me...

Page 574: ...r connection reset event Debugging information of MSDP event packet Debugging information of MSDP packet source active Debugging information of active MSDP source Description Use the debugging msdp command to enable MSDP debugging functions Use the undo debugging msdp command to disable MSDP debugging functions By default MSDP debugging functions are disabled Example Enable all common MSDP debuggi...

Page 575: ... display msdp peer status command to view the detailed information of MSDP peer Related command peer Example Display the detailed information of the MSDP peer 10 110 11 11 Quidway display msdp peer status 10 110 11 11 MSDP Peer 20 20 20 20 AS 100 Description Information about connection status State Up Up down time 14 41 08 Resets 0 Connection interface LoopBack0 20 20 20 30 Number of sent receive...

Page 576: ...rce address autonomous system number View Any view Parameter group address Group address of S G entry source address Source address of S G entry With no source address specified all the source information of the specified group will be displayed If neither group address nor source address is determined all SA caches will be displayed autonomous system number Displays S G entries from specified aut...

Page 577: ...t as number View Any view Parameter as number Number of sources and groups from the specified autonomous system Description Use the display msdp sa count command to view the number of sources and groups in MSDP cache The cache sa enable command must be configured before the configuration of this command Example view the number of sources and groups in MSDP cache Quidway display msdp sa count Numbe...

Page 578: ...e domain need to be advertised when a MSDP originates an SA message Use the undo import source command to remove the configuration By default all the S G entries in the domain are advertised by the SA message Besides controlling SA messages creation you can filter the forwarded SA messages by the commands peer sa policy import and peer sa policy export Example Configure which S G entries from the ...

Page 579: ...ress max hops max hops next hop info sa info peer info skip hops skip hops View Any view Parameter source address Multicast source address group address Multicast group address rp address IP address of RP max hops The maximum number of hops that are traced ranging from 1 to 255 By default the value is 16 next hop info Flag bit for collecting the next hop information sa info Flag bit for collecting...

Page 580: ...formation Router Address 20 20 1 1 Fixed length response info Peer Uptime 10 minutes Cache Entry Uptime 30 minutes D bit 0 RP bit 1 NC bit 0 C bit 1 Return Code Reached max hops Next Hop info Next Hop Router Address 0 0 0 0 SA info Count of SA messages received for this S G RP 0 Count of encapsulated data packets received for this S G RP 0 SA cache entry uptime 00 30 00 SA cache entry expiry time ...

Page 581: ...meter next hop info is used Peer RPF neighbor address will be displayed Count of SA messages received for this S G RP Number of SA messages received for tracing this S G RP entry Count of encapsulated data packets received for this S G RP Number of encapsulated data packets received for tracing this S G RP entry SA cache entry uptime Present time of SA cache entry SA cache entry expiry time Expiry...

Page 582: ...turn to User View with Ctrl Z Quidway msdp Quidway msdp originating rp Vlan interface 10 6 1 11 peer Syntax peer peer address connect interface interface type interface number undo peer peer address View MSDP view Parameter peer address Address of MSDP peer connect interface interface type interface number Interface type and number whose primary address is used by the local router as the source IP...

Page 583: ...um length is 80 characters Description Use the peer description command to configure descriptive text to MSDP peer Use the undo peer description command to remove the descriptive text configured By default an MSDP peer has no descriptive text Administrator can conveniently differentiate MSDP peers by configuring descriptive text Related command display msdp peer status Example Add descriptive text...

Page 584: ...ny Mesh Group Example Configure the MSDP peer with address 125 10 7 6 to be a member of the Mesh Group Grp1 Quidway system view Quidway msdp Quidway msdp peer 125 10 7 6 mesh group Grp1 6 1 14 peer minimum ttl Syntax peer peer address minimum ttl ttl undo peer peer address minimum ttl View MSDP view Parameter peer address Address of the MSDP peer to which the TTL limitation applies ttl TTL thresho...

Page 585: ...quest sa enable View MSDP view Parameter peer address Address of MSDP peer Description Use the peer request sa enable command to enable the router to send SA request message to the specified MSDP peer when receiving a new group join message Use the undo peer request sa enable command to remove the configuration By default when receiving a new group join message the router sends no SA request messa...

Page 586: ...ches is 2048 This configuration is recommended for all MSDP peers in the networks possibly attacked by DoS Related command display msdp sa count display msdp peer status display msdp brief Example Limit the number of caches originated to 100 when the router receives SA messages from the MSDP peer 125 10 7 6 Quidway system view System View return to User View with Ctrl Z Quidway msdp Quidway msdp p...

Page 587: ... advanced IP ACL Quidway system view Quidway acl number 3000 Quidway acl adv 3000 rule permit ip source 170 15 0 0 0 0 255 255 destination 225 1 0 0 0 0 255 255 Quidway acl adv 3000 quit Quidway msdp Quidway msdp peer 125 10 7 6 connect interface Vlan interface 10 Quidway msdp peer 125 10 7 6 sa policy export acl 3000 6 1 18 peer sa request policy Syntax peer peer address sa request policy acl acl...

Page 588: ...SDP peer 175 58 6 5 The SA request messages from group address range 225 1 1 0 8 will be received and all the others will be ignored Quidway system view System View return to User View with Ctrl Z Quidway acl number 2000 Quidway acl basic 2000 rule permit source 225 1 1 0 0 0 0 255 Quidway acl basic 2000 quit Quidway msdp Quidway msdp peer 175 58 6 5 sa request policy acl 2000 6 1 19 reset msdp pe...

Page 589: ...s Related command cache sa enable and display msdp sa cache Example Clear the cache entries with group address 225 5 4 3 from the SA cache Quidway reset msdp sa cache 225 5 4 3 6 1 21 reset msdp statistics Syntax reset msdp statistics peer address View User view Parameter peer address Address of the MSDP peer whose statistics resetting information and input output information will be cleared If no...

Page 590: ...e MSDP peer 125 10 7 6 Quidway system view System View return to User View with Ctrl Z Quidway msdp Quidway msdp shutdown 125 10 7 6 6 1 23 static rpf peer Syntax static rpf peer peer address rp policy ip prefix name undo static rpf peer peer address View MSDP view Parameter peer address Address of the static RPF peer to receive SA messages rp policy ip prefix name Filter policy based on RP addres...

Page 591: ...router this MSDP peer will be regarded as a static RPF peer Related command peer and ip prefix list Example Configure two static RPF peers Quidway system view System View return to User View with Ctrl Z Quidway ip ip prefix list1 permit 130 10 2 3 32 Quidway ip ip prefix list2 permit 130 10 2 4 32 Quidway msdp Quidway msdp peer 130 10 7 6 connect interface Vlan interface 10 Quidway msdp peer 130 1...

Page 592: ...to 60 Description Use the timer retry command to configure the value of connection request re try period Use the undo timer retry command to restore the default value By default the value of connection request re try period is 30 seconds Related command peer Example Configure the connection request re try period to 60 seconds Quidway system view System View return to User View with Ctrl Z Quidway ...

Page 593: ...ss family view Parameter address Address of the aggregated route mask Network mask of the aggregated route as set Generates a route with AS_SET segment This parameter is not recommended when aggregating many AS paths attribute policy route policy name Sets aggregate attribute detail suppressed Advertises the aggregated routes rather than the specific routes origin policy route policy name Filters ...

Page 594: ...b address family view Parameter None Description Use the compare different as med command to enable to compare the route MED values of neighbors from different ASs Use the undo compare different as med command to disable this function By default the comparison function is disabled If there are multiple routes available to the same destination address you can select the route with the smallest MED ...

Page 595: ...bug MBGP Update messages Use the undo debugging bgp mp update command to disable the debugging By default the debugging function is disabled Example Enable MBGP Update message debugging Quidway debugging bgp mp update 7 1 4 default local preference Syntax default local preference value undo default local preference View IPv4 multicast sub address family view Parameter value Configures default loca...

Page 596: ... Description Use the default med command to configure system MED value Use the display bgp multicast group command to restore the default value Multi exit discriminator MED attribute is the external metric for a route Unlike local precedence attribute MED is exchanged between ASs and one it enters an AS it does not leave the AS MED attribute is used in best route selection When a router running BG...

Page 597: ...l peer groups will be displayed Description Use the display bgp multicast group command to view the information about peer groups Example View the information about the peer group named my_peer Quidway display bgp multicast group my_peer 7 1 7 display bgp multicast network Syntax display bgp multicast network View Any view Parameter None Description Use the display bgp multicast network command to...

Page 598: ... the display bgp multicast peer command to view the MBGP peer information Example View the MBGP peer detailed information Quidway display bgp multicast peer verbose 7 1 9 display bgp multicast routing table Syntax display bgp multicast routing table ip address mask View Any view Parameter ip address Displays the MBGP routing information with specified IP address Description Use the display bgp mul...

Page 599: ...n Use the display bgp multicast routing table as path acl command to view routes that match an as path acl Example Display routes that match the as path acl 2 Quidway display bgp multicast routing table as path acl 2 7 1 11 display bgp multicast routing table cidr Syntax display bgp multicast routing table cidr View Any view Parameter None Description Use the display bgp multicast routing table ci...

Page 600: ...ertise matched routes to any peer no export Does not advertise routes outside the local autonomous system but advertise routes to other sub autonomous systems whole match Exact match Description Use the display bgp multicast routing table community command to view routing information of a specified MBGP community Example Display routing information of the specified MBGP community Quidway display b...

Page 601: ...igin as Syntax display bgp multicast routing table different origin as View Any view Parameter None Description Use the display bgp multicast routing table different origin as command to view AS routes of different origins Example Display AS routes of different origins Quidway display bgp multicast routing table different origin as 7 1 15 display bgp multicast routing table peer Syntax display bgp...

Page 602: ...eer 10 10 1 11 advertised 7 1 16 display bgp multicast routing table regular expression Syntax display bgp multicast routing table regular expression as regular expression View Any view Parameter as regular expression AS regular expression matched Description Use the display bgp multicast routing table regular expression command to view the routing information matching the specified AS regular exp...

Page 603: ...can be advertised by BGP Use the undo filter policy export command to cancel route filtering By default filtering the advertised routes is not enabled The command affects route advertising by BGP If you specify the protocol parameter the router only filters the routes with the specified protocol imported without influence on the routes importing other protocols Otherwise the router filters the rou...

Page 604: ...those pass through the filter can be advertised by BGP Use the undo filter policy gateway import command to cancel route filtering Use the filter policy import command to set to filter the global routes received Use the undo filter policy import command to cancel route filtering By default filtering the received routes is not enabled This configuration determines whether to add the routes into the...

Page 605: ...otocols Example Import static routes Quidway system view System View return to User View with Ctrl Z Quidway bgp 100 Quidway bgp ipv4 family multicast Quidway bgp af mul import route static 7 1 20 ipv4 family multicast Syntax ipv4 family multicast undo ipv4 family multicast View BGP view VPN instance sub address family view VPNv4 sub address family view Parameter None Description Use the ipv4 fami...

Page 606: ...dress mask Mask of the network address route policy policy name Route policy applied to the routes advertised Description Use the network command to configure the network addresses to be sent by the local MBGP Use the undo network command to remove the configuration By default the local MBGP does not send any route Example Advertise routes to network segment 10 0 0 0 16 Quidway system view System ...

Page 607: ...ay bgp 100 Quidway bgp ipv4 family multicast Quidway bgp af mul peer test advertise community 7 1 23 peer allow as loop Syntax peer group name peer address allow as loop number undo peer group name peer address allow as loop View IPv4 multicast sub address family view Parameter group name Name of the peer group peer address IP address of the peer number Repetition number of local AS IDs in the ran...

Page 608: ...s the filter list number of an AS regular expression The range is 1 to 199 export Uses the AS path list to filter the advertised routes Description Use the peer as path acl export command to configure filtering Policy of MBGP advertised routes based on AS path list Use the undo peer as path acl command to cancel the existing configuration By default the peer group has no AS path list This command ...

Page 609: ...r the received routes Description Use the peer as path acl import command to configure filtering Policy of MBGP received routes based on AS path list Use the undo peer as path acl import command to cancel the existing configuration By default the peer peer group has no AS path list The inbound filter policy configured for the peer takes precedence over the configurations for the peer group Related...

Page 610: ...r establishes connection with the multicast peer Example Enable peer group group1 Quidway system view System View return to User View with Ctrl Z Quidway bgp 100 Quidway bgp ipv4 family multicast Quidway bgp af mul peer group1 enable 7 1 27 peer filter policy export Syntax peer group name filter policy acl number export undo peer group name filter policy acl number export View IPv4 multicast sub a...

Page 611: ...ay bgp ipv4 family multicast Quidway bgp af mul peer test filter policy 2000 export 7 1 28 peer filter policy import Syntax peer group name peer address filter policy acl number import undo peer group name peer address filter policy acl number import View IPv4 multicast sub address family view Parameter group name Specifies the name of the peer group peer address Specifies the IP address of the pe...

Page 612: ...r peer address View IPv4 multicast sub address family view Parameter peer address IP address of the peer in dotted decimal format group name Name of the peer consisting of one to 47 alphanumeric characters Description Use the peer group command to add a peer into a peer group Use the undo peer group command to delete the peer Caution You must firstly add the specific peer in the peer group in BGP ...

Page 613: ...ure the route filtering policy of routes advertised by the peer group based on the ip prefix Use the undo peer ip prefix export command to cancel the route filtering policy of the peer peer group based on the ip prefix By default the route filtering policy of the peer group is not specified The peer ip prefix export command can only be configured on the peer groups Related command ip ip prefix pee...

Page 614: ...ip prefix import command to cancel the route filtering policy of the peer based on the ip prefix By default the route filtering policy of the peer is not specified The inbound route policy configured for the peer takes precedence over the configurations for the peer group Related command peer ip prefix export Example Configure the route filtering policy of the peer group1 based on the ip prefix li...

Page 615: ...tax peer group name public as only undo peer group name public as only View IPv4 multicast sub address family view Parameter group name Name of the peer group Description Use the peer public as only command to set to contain only public AS IDs in the MBGP Update message but not private AS IDs Use the undo peer public as only command to restore the default setting the router contains only private A...

Page 616: ...up name Name of the peer group Description Use the peer reflect client command to configure a peer group as a client of the route reflector Use the undo peer reflect client command to remove the configuration By default there is no route reflector in the autonomous system Example Configure peer group test as the client of the route reflector Quidway system view System View return to User View with...

Page 617: ... route policy import Example Apply the Route policy named test policy to the route coming from the peer group test Quidway system view System View return to User View with Ctrl Z Quidway bgp 100 Quidway bgp ipv4 family multicast Quidway bgp af mul peer test route policy test policy export 7 1 36 peer route policy import Syntax peer group name peer address route policy policy name import undo peer ...

Page 618: ...idway bgp ipv4 family multicast Quidway bgp af mul peer test route policy test policy import 7 1 37 preference Syntax preference ebgp value ibgp value local vlaue undo preference View IPv4 multicast sub address family view Parameter ebgp value EBGP route priority in the range of 1 to 256 By default it is 256 ibgp value IBGP route priority in the range of 1 to 256 By default it is 256 local value L...

Page 619: ...d to disable route reflection between clients When configured the route reflector can reflect routes of a client to other clients By default all connection is not required for the clients with route reflectors configured since the routes are by default reflected from one client to others For all connection clients route reflection is unnecessary Related command reflector cluster id and peer reflec...

Page 620: ...in or send multicast sub address family router again Example Request all the peers to send multicast sub address family router again Quidway refresh bgp all multicast import 7 1 40 reflector cluster id Syntax reflector cluster id cluster id address undo reflector cluster id View IPv4 multicast sub address family view Parameter cluster id Route reflector cluster ID in integer number or IP address f...

Page 621: ...ily multicast Quidway bgp af mul reflector cluster id 80 Quidway bgp af mul peer test reflect client 7 1 41 summary Syntax summary undo summary View IPv4 multicast sub address family view Parameter None Description Use the summary command to set to auto aggregate subnet routes Use the undo summary command to remove the configuration By default subnet routes can not be aggregated automatically Afte...

Page 622: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual QoS ACL Huawei Technologies Proprietary ...

Page 623: ...ing group 2 1 2 1 2 display qos conform level 2 2 2 1 3 display qos cos drop precedence map 2 3 2 1 4 display qos cos local precedence map 2 4 2 1 5 display qos interface all 2 4 2 1 6 display qos interface drop mode 2 6 2 1 7 display qos interface mirrored to 2 6 2 1 8 display qos interface queue scheduler 2 7 2 1 9 display qos interface traffic limit 2 8 2 1 10 display qos interface traffic prio...

Page 624: ... 2 1 34 traffic priority 2 37 2 1 35 traffic redirect 2 40 2 1 36 traffic shape 2 44 2 1 37 traffic statistic 2 44 2 1 38 wred 2 46 Chapter 3 ACL Control Commands to Control Login Users 3 1 3 1 The ACL Control Commands to Control Login Users 3 1 3 1 1 acl 3 1 3 1 2 snmp agent community 3 2 3 1 3 snmp agent group 3 3 3 1 4 snmp agent usm user 3 4 Chapter 4 VLAN ACL Configuration Commands 4 1 4 1 VL...

Page 625: ... 2 ACL 1 1 ACL Commands 1 1 1 acl Syntax acl number acl number name acl name advanced basic link match order config auto undo acl number acl number name acl name all View System view Parameter number acl number ACL number in the range of 2000 to 2999 Represents basic ACL 3000 to 3999 Represents advanced ACL 4000 to 4999 Represents Layer 2 ACL name acl name Character string which must be started wi...

Page 626: ...t the former mode is selected You cannot modify the matching order once you specify it To do so you have to delete all rules of the ACL and specify a matching order for it again Note The user defined ACL matching order takes effect only when multiple rules of one ACL are applied at the same time For example an ACL has two rules If the two rules are not applied simultaneously even if you configure ...

Page 627: ...and to view the configuration details of the ACL including all the rules their serial numbers quantities and number of bytes of matched packets The matched times here refer to the software matched times that is the matched times of the ACLs that needed to be processed by CPU You can collect hardware matched times value by using the traffic statistic command Example Display contents of all ACLs Qui...

Page 628: ...E 1024 0 0 1024 GE5 1 13 GE5 1 24 ACTION 1024 0 0 1024 GE5 1 1 GE5 1 12 ACTION 1024 0 0 1024 GE5 1 13 GE5 1 24 Table 1 1 The description of the information on display Field Description Resource Type Resource type METER the resource is the flow meter resource RULE the resource is the rule resource ACTION the resource is action resource Total Number The total number of ACL rules that are supported b...

Page 629: ...er the VLAN configured through the service process card vlan id the ID of the VLAN in the range of 1 4094 Description Use the display acl running packet filter command to display the ACL application information including the name of the ACL the name of the sub items and the application state Example Display the ACL application information of port Ethernet3 1 1 Quidway display acl running packet fi...

Page 630: ...ter referred to as S8500 series support two flow templates one is user defined the other is the default one If you do not input any parameter for this command the detailed configuration of all flow templates will be displayed Related command flow template user defined Example Display information about the default flow template Quidway display flow template default default flow template ip protocol...

Page 631: ...t time is 14 36 36 4 3 2003 Thursday Time range hhy Inactive from 08 30 2 5 2005 to 18 00 2 19 2005 Time range hhy1 Inactive from 08 30 2 5 2003 to 18 00 2 19 2003 Table 1 2 Description of displayed information Field Description Current time is 14 36 36 4 3 2003 Thursday The current time of the system Time range hhy Inactive from 08 30 2 5 2005 to 18 00 2 19 2005 Time range hhy Inactive means that...

Page 632: ... is similar 1 1 7 flow template user defined Syntax flow template user defined undo flow template user defined View Ethernet port view Parameter None Description Use the flow template user defined command to apply the user defined flow template to current port Use the undo flow template user defined command to cancel the applied flow template on current port Related command display flow template f...

Page 633: ...gth of 2 bytes z dscp DSCP domain in the IP packet header dscp exp ip precedence and tos altogether occupy 1 byte z ethernet protocol Protocol type domain in the Ethernet packet header in the length of 6 bytes z exp EXP field in MPLS packet dscp exp ip precedence and tos altogether occupy 1 byte z fragment flags Flag field of fragment in IP packed header no bytes in flow template z icmp code ICMP ...

Page 634: ...oth of these two fields The c tag cos and c tag vlanid fields occupy two bytes in the same way z The fragment flags field occupies no byte in flow template so just ignore it when you determine whether the total length of template elements exceeds 16 bytes slot slotid Specifies the slot on which the flow template applied Description Use the flow template user defined slot slotid template info comma...

Page 635: ...undo packet filter inbound ip group acl number acl name rule rule slot slotid II Command Format Which Applies IP Group and Link Group ACL at Same time In Ethernet port view packet filter inbound ip group acl number acl name rule rule link group acl number acl name rule rule system index index link group acl number acl name rule rule undo packet filter inbound ip group acl number acl name rule rule...

Page 636: ...e of later retrieval You can also assign a system index for it when delivering an ACL rule with this command However you are not recommended to manually assign a system index if not urgently necessary Note If you remove the card with QoS ACL configured when the system operates the corresponding system index value is automatically released and is then used for a newly delivered flow rule Once the s...

Page 637: ...eter ranging from 1 to 32 bytes It must start with an English letter a z A Z No space or quotation mark is allowed in it It is case insensitive The keywords all is forbidden Description Use the reset acl counter command to clear ACL statistics to zero Example Clear the statistics of ACL 2000 Quidway reset acl counter 2000 1 1 11 rule Syntax I Define or delete the subrules of a basic ACL rule rule ...

Page 638: ...time range name undo rule rule id View Corresponding ACL view Parameter rule id Specifies a rule number of the ACL in the range of 0 to 127 permit Allows qualified packets to pass deny Forbids qualified packets to pass time range name Time range name optional parameter It means the rule takes effect in this time range Note The following parameters are for the attributes of the packet The ACL gener...

Page 639: ...y for the range operator both port1 and port2 are active For the rest operators only port1 is required destination port operator port1 port2 Destination TCP or UDP port ID of the packet See source port operator port1 port2 for detailed description icmp type type code It is active when the protocol is set as icmp type code specifies an ICMP packet type indicates ICMP packet type in characters or di...

Page 640: ...ecimal number the range is 1 FFFF ingress source vlan id to source vlan id end source mac addr source mac wildcard c tag vlan c tag vlanid any Source information of the packet source vlan id to source vlan id end shows its source VLAN or source VLAN range identified by the external VLAN Tag of the packet source mac addr source mac wildcard shows source MAC address and wildcard of the source addres...

Page 641: ...gured option automatically overwrites the corresponding option of the original rule and the option not being redefined remains For example With the original rule 0 acl number 2000 rule 0 permit source 10 1 1 1 0 time range Huawei when redefine it as follows acl number 2000 rule 0 permit source 10 1 1 2 0 fragment it becomes rule 0 permit source 10 1 1 2 0 fragment time range Huawei That is the sou...

Page 642: ... date View System view Parameter time name Name of a particular time range used as an import identifier start time Optional Starting time of the particular time range in the format of hh mm end time Optional End time of the particular time range in the format of hh mm days of the week Optional Indicating the particular time range takes effect on which day in a week You can type these values z Numb...

Page 643: ...the absolute time range are both matched For example a time range defines a period time range which is from 12 00 to 14 00 every Wednesday and defines an absolute time range which is from 00 00 2004 1 1 to 23 59 2004 12 31 This time range is only active from 12 00 to 14 00 every Wednesday in 2004 If the start time and end time are not configured the time range is one day 00 00 24 00 If the end tim...

Page 644: ... Service processor cards do not support Layer 2 ACL 2 1 QoS Commands 2 1 1 display mirroring group Syntax display mirroring group groupid View Any view Parameter groupid mirroring group ID in the range of 1 to 24 Description Use the display mirroring group command to view the configuration of a port mirroring group The information displayed includes the monitored ports direction of monitored packe...

Page 645: ...10 16 a space is required between two values If you type value s for this parameter then only the specified DSCP items will be displayed Otherwise the system displays the whole mapping connection DSCP value is in the range of 0 to 63 exp policed service map Displays EXP Conform level Service parameter mapping table EXP is MPLS priority of MPLS packets local precedence cos map Displays Local preced...

Page 646: ...onform level 0 exp policed service map conform level 0 exp dscp exp cos local precedence drop precedence 0 2 0 0 0 0 1 10 1 1 1 0 2 18 2 2 2 0 3 26 3 3 3 0 4 34 4 4 4 0 5 42 5 5 5 0 6 50 6 6 6 0 7 58 7 7 7 0 Display the Local precedence Conform level Priority mapping table Quidway display qos conform level 0 local precedence cos map conform level 0 local precedence 0 1 2 3 4 5 6 7 cos 0 1 2 3 4 5 ...

Page 647: ...cos 0 1 2 3 4 5 6 7 drop precedence 2 2 1 1 1 1 0 0 2 1 4 display qos cos local precedence map Syntax display qos cos local precedence map View Any view Parameter None Description Use the display qos cos local precedence map command to view the CoS Local precedence mapping table Example Display the CoS Local precedence mapping table Quidway display qos cos local precedence map cos local precedence...

Page 648: ...heir QoS configuration will be displayed including drop mode queue scheduling traffic shaping etc Example Display all the QoS configurations of the port Ethernet2 1 3 Quidway display qos interface Ethernet2 1 3 all Ethernet2 1 3 Port Shaping Disable 0 kbps 0 burst 256 queue depth QID status max rate kbps burst size Kbyte queue depth 0 Disable 0 0 128 1 Disable 0 0 128 2 Disable 0 0 128 3 Disable 0...

Page 649: ...s at a port If no port is specified drop mode configuration of all ports will be displayed Related command drop mode Example Display drop mode and parameters of the port Ethernet2 1 2 Quidway display qos interface Ethernet2 1 2 drop mode Ethernet2 1 2 Drop mode tail drop params index 0 2 1 7 display qos interface mirrored to Syntax display qos interface interface type interface number mirrored to ...

Page 650: ...er View Any view Parameter interface type interface number Port of the switch for detailed description please refer to Command Manual Port Description Use the display qos interface queue scheduler command to view queue scheduling mode and parameters of a port If no port is specified queue scheduling mode and the parameters of all ports will be displayed Related command queue scheduler Example Disp...

Page 651: ...lease refer to Command Manual Port Description Use the display qos interface traffic limit command to view the parameter setting of traffic rate limitation including the target ACL committed average rate committed burst size CBS maximum burst size MBS peak rate and the related monitoring actions etc Related command traffic limit Example Display parameter configuration of traffic rate limitation Qu...

Page 652: ...e priority values etc Related command traffic priority Example Display traffic priority marking configuration Quidway display qos interface traffic priority GigabitEthernet2 1 1 traffic priority Inbound Matches Acl 2021 rule 0 running Priority action remark policed service dscp 20 2 1 11 display qos interface traffic redirect Syntax display qos interface interface type interface number traffic red...

Page 653: ...the switch for detailed description please refer to Command Manual Port Description Use the display qos interface traffic shape command to view traffic shaping configuration of a port including the maximum rate MBS in units of kbyte the maximum queue length If no port is specified traffic shaping configuration of all ports will be displayed Example Display traffic shaping configuration Quidway dis...

Page 654: ... packets etc Related command traffic statistics Example Display traffic statistics information on port GigabitEthernet7 1 1 Quidway display qos interface GigabitEthernet7 1 1 traffic statistic GigabitEthernet7 1 1 traffic statistic Inbound Matches Acl 2000 rule 0 running 12002688 bytes green 1270244416 byte s yellow 1895874880 byte s red 704683968 byte s 3333270 packets green 0 byte s yellow 0 byt...

Page 655: ...ation Vlan 1 traffic redirect Inbound There is no configuration Vlan 2 traffic limit Inbound Matches Acl 2000 rule 1 running Committed Information Rate 8192 Kbps Committed Burst Size 10000 byte s Excess Burst Size 20000 byte s Peak Information Rate 0 Kbps Exceed action drop Vlan 2 traffic priority Inbound Matches Acl 2000 rule 1 running Priority action remark policed service untrusted dscp 13 cos ...

Page 656: ...y qos vlan traffic limit Vlan 1 traffic limit Inbound There is no configuration Vlan 2 traffic limit Inbound Matches Acl 2000 rule 3 running Committed Information Rate 8192 Kbps Committed Burst Size 10000 byte s Excess Burst Size 20000 byte s Peak Information Rate 0 Kbps Exceed action drop 2 1 16 display qos vlan traffic priority Syntax display qos vlan vlan id traffic priority View Any view Param...

Page 657: ...n traffic redirect Syntax display qos vlan vlan id traffic redirect View Any view Parameter vlan id ID of a VLAN in the range of 1 to 4094 Description Use the display qos vlan traffic redirect command to display the parameter configuration for traffic redirection including the related ACL and the destination port of the traffic redirection Related command traffic redirect Example Display the param...

Page 658: ... policing Quidway display traffic params 1 traffic parameters configuration list index cir Kbps cbs byte ebs byte pir Kbps 0 20000 5000 5000 30000 2 1 19 drop mode Syntax drop mode tail drop wred wred index undo drop mode View Ethernet port view Parameter tail drop Tail drop mode wred WRED drop mode wred index WRED index in the range of 0 to 3 By default it is 0 If you type nothing for this parame...

Page 659: ...d all excessive packets will be dropped Example Set the port Ethernet3 1 1 in WRED drop mode import WRED 0 as the threshold Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet3 1 1 Quidway Ethernet3 1 1 drop mode wred 0 2 1 20 dscp Syntax dscp dscp list dscp value exp value cos value local precedence value drop precedence undo dscp dscp list View Conform leve...

Page 660: ...ure the DSCP Conform level 0 Service parameter mapping table Quidway system view System View return to User View with Ctrl Z Quidway qos conform level 0 Quidway conform level 0 dscp 0 0 0 0 0 0 Quidway conform level 0 dscp 8 10 8 0 1 1 0 Quidway conform level 0 dscp 16 18 16 0 2 2 0 Quidway conform level 0 dscp 24 26 24 0 3 3 0 Quidway conform level 0 dscp 32 34 32 0 4 4 0 Quidway conform level 0 ...

Page 661: ...LS packets dscp value Modified DSCP value in the range of 0 to 63 exp value Modified EXP value in the range of 0 to 7 EXP is MPLS priority of MPLS packets cos value Modified 802 1p priority value in the range of 0 to 7 local precedence value Modified local precedence value in the range of 0 to 7 drop precedence Modified drop precedence value in the range of 0 to 2 Description Use the exp command t...

Page 662: ... of 0 to 7 cos value1 802 1p priority value corresponding to Local precedence 1 in the range of 0 to 7 cos value2 802 1p priority value corresponding to Local precedence 2 in the range of 0 to 7 cos value3 802 1p priority value corresponding to Local precedence 3 in the range of 0 to 7 cos value4 802 1p priority value corresponding to Local precedence 4 in the range of 0 to 7 cos value5 802 1p pri...

Page 663: ... Conform level 0 802 1p priority mapping table Example Configure the Local precedence Conform level 0 802 1p priority mapping table Quidway system view System View return to User View with Ctrl Z Quidway qos conform level 0 Quidway conform level 0 local precedence 0 1 2 3 5 5 6 7 The configured mapping table Table 2 2 Local precedence Conform level 802 1p priority mapping table Local precedence Co...

Page 664: ... number acl name Activates IP ACLs including basic and advanced ACLs acl number Sequence number of ACL ranging from 2000 to 3999 acl name Name of the ACL which must be a character string starting with an English letter a z or A Z and without any space or quotation mark in it link group acl number acl name Activates Layer 2 ACLs acl number Sequence number of ACL ranging from 4000 to 4999 acl name N...

Page 665: ...or data streams to the CPU Use the undo mirrored to command to remove traffic mirroring setting This configuration is only applicable to the packets which match the permitted rules in the ACL Related command display qos interface mirrored to Example Mirror the packets which match the permitted rules in the ACL 2000 to the CPU Quidway system view System View return to User View with Ctrl Z Quidway ...

Page 666: ...tored packets S8500 series support up to 24 mirroring groups at a port Related command display mirroring group Note S8500 series support cross card mirroring that is the monitoring and monitored ports can be at different cards Consider these issues when configuring port mirroring z For intra card mirroring only one monitoring port can be configured for the mirroring groups in the same direction z ...

Page 667: ...w Ethernet port view Parameter priority level Port priority value in the range of 0 to 7 By default it is 0 Description Use the priority command to set the default local precedence value for a port Use the undo priority command to restore the default value of local precedence After receiving a packet the switch allocates a set of service parameters to it according to a specific rule The procedure ...

Page 668: ...l Service parameter mapping table and the Local precedence Conform level 802 1p mapping table Example Create the conform level 0 view and enter it Quidway system view System View return to User View with Ctrl Z Quidway qos conform level 0 Quidway conform level 0 2 1 27 qos cos drop precedence map Syntax qos cos drop precedence map cos0 map drop prec cos1 map drop prec cos2 map drop prec cos3 map d...

Page 669: ...ecedence mapping table Use the undo qos cos drop precedence map command to restore the default values of the CoS Drop precedence mapping table The system provides CoS Drop precedence mapping table as the default value Table 2 3 Default CoS Drop precedence mapping table CoS Value Drop precedence 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 After receiving a packet the switch allocates a set of service parameter...

Page 670: ...S Value Drop precedence 0 2 1 2 2 1 3 1 4 1 5 0 6 0 7 0 2 1 28 qos cos local precedence map Syntax qos cos local precedence map cos0 map local prec cos1 map local prec cos2 map local prec cos3 map local prec cos4 map local prec cos5 map local prec cos6 map local prec cos7 map local prec undo qos cos local precedence map View System view Parameter cos0 map local prec Mapping value from CoS 0 to loc...

Page 671: ...recedence mapping table Use the undo qos cos local precedence map command to restore the default values of the CoS Local precedence mapping table The system provides CoS Local precedence mapping table as the default value Table 2 5 Default CoS Local precedence mapping connection CoS Value Local Precedence 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7 After receiving a packet the switch allocates a set of servic...

Page 672: ...eue Syntax queue queue id green min threshhold green max threshhold green max prob yellow min threshhold yellow max threshhold yellow max prob red min threshhold red max threshhold red max prob exponent undo queue queue id View WRED index view Parameter queue id Outbound queue ID in the range of 0 to 7 green min threshhold Minimum queue length to trigger random green packet dropping in the range o...

Page 673: ...he queue command to configure parameters for a WRED index Use the undo queue command to restore the default parameters for the WRED index The switch provides four sets of default WRED parameters respectively numbered as 0 1 2 and 3 Each set includes 80 parameters 10 parameters for each of the eight queues The ten parameters are green min threshhold yellow min threshhold red min threshhold green ma...

Page 674: ...t scheduling groups SP group WRR priority group 1 and group 2 For example you can set queues 6 and 7 into SP group queues 0 1 and 2 into WRR priority group 1 and queues 3 4 and 5 into WRR priority group 2 Then a queue will be selected respectively for theses three groups according to their own scheduling algorithms Then these three selected queues will scheduled in SP algorithm The queue weight is...

Page 675: ...umber of ACL ranging from 4000 to 4999 acl name Name of ACL which must be a character string started with an English letter a z or A Z and without any space or quotation mark in it rule rule Specifies the subitem of an active ACL ranging from 0 to 127 if not specified all subitems of ACL will be activated Description Use the reset traffic statistic command to clear statistics of all traffic or tra...

Page 676: ...onform remark cos remark policed service exceed forward drop slot slotid undo traffic limit inbound ip group acl number acl name rule rule slot slotid II Command format which applies IP group and link group ACL at the same time In Ethernet port view traffic limit inbound ip group acl number acl name rule rule link group acl number acl name rule rule system index index link group acl number acl nam...

Page 677: ... can also assign a system index for it when delivering an ACL rule with this command However you are not recommended to manually assign a system index if not urgently necessary tc index index Index value of traffic conditioner ranging from 0 to 12288 If you configured the same index value to different traffic rules during traffic policy configuration then the sum of these traffics is restricted by...

Page 678: ...rvice processor card Description Use the traffic limit command to activate an ACL and set traffic limitation to take different actions for the packets within and beyond the preset traffic threshold Use the undo traffic limit command to remove traffic limitation setting This command is only applicable to the packets which match the permitted rules in the ACL It is required that CIR is less than or ...

Page 679: ...Quidway system view System View return to User View with Ctrl Z Quidway interface ethernet2 1 1 Quidway traffic limit inbound link group 4000 200 2000 2500 conform remark policed service exceed drop 2 1 33 traffic params Syntax traffic params traffic index cir commited info rate cbs commited base size ebs exceed base size pir peak info rate View System view Parameter traffic index Traffic paramete...

Page 680: ...l name rule rule In VLAN view traffic priority inbound ip group acl number acl name rule rule system index index auto remark policed service trust dscp dscp dscp value untrusted dscp dscp value cos cos value local precedence local precedence drop priority drop level slot slotid undo traffic priority inbound ip group acl number acl name rule rule slot slotid II Command Format Which Applies IP Group...

Page 681: ...is the system index for an ACL rule When delivering a rule the system assigns a globally unique index to it for convenience of later retrieval You can also assign a system index for it when delivering an ACL rule with this command However you are not recommended to manually assign a system index if not urgently necessary auto Chooses the service parameters allocated automatically by the switch rem...

Page 682: ...eter setting The system can set service parameters for the matched traffic in one of following modes 1 Employ the service parameters automatically allocated by the switch Upon receiving a packet the switch allocates a set of service parameters for it according to a specific rule To choose this mode you should select the auto keyword in this command 2 Choose service parameters from the DSCP Conform...

Page 683: ...eter mapping table and EXP Conform Level Service parameter mapping table For more information about this mapping table see the qos conform level dscp and exp commands Related command display qos interface traffic priority Example Choose auto service parameters for the packets which match the permitted rules in the ACL 4000 Quidway system view System View return to User View with Ctrl Z Quidway int...

Page 684: ...ound link group acl number acl name rule rule system index index cpu interface interface type interface number destination vlan l2 vpn l3 vpn next hop ip addr1 ip addr2 slot slotid vlanid join vlan undo traffic redirect inbound link group acl number acl name rule rule View Ethernet port view VLAN view Parameter ip group acl number acl name Activates IP ACLs including basic and advanced ACLs acl nu...

Page 685: ...ine two IP addresses at a stoke but the first one is with higher priority That is the system redirects packets to the second IP address only if the first one is unreachable slot slotid Redirects packets to the specified service processor card vlanid Specifies the VLAN of the packets to be redirected join vlan if this key word is specified and if redirection is enabled the system will add the port ...

Page 686: ...Q section in the manual for the information on the traffic redirect nested vlan modified vlan command Example Configure traffic redirection on the interface cards for packets that match the permit rules in ACL 4000 packets are redirected to the port Ethernet5 1 1 the destination vlan ID is 4094 L3 VPN packet is permitted Quidway system view System View return to User View with Ctrl Z Quidway inter...

Page 687: ...e the undo traffic shape command to cancel traffic shaping The switch supports both shaping traffic based on port shaping all traffic at the port and shaping the traffic in a specified queue at the port You can achieve the former mode by specifying no queue ID or the latter mode by specifying queue ID Example Shape the traffic in the outbound queue 2 at the port maximum rate 500 Kbps burst size 12...

Page 688: ... rules of an active ACL ranging from 0 to 127 if not specified all rules of ACL will be activated system index index here is the system index for an ACL rule When delivering a rule the system assigns a globally unique index to it for convenience of later retrieval You can also assign a system index for it when delivering an ACL rule with this command However you are not recommended to manually ass...

Page 689: ...escription Use the wred command to create a WRED index view and enter it Use the undo wred command to restore the default WRED parameters The switch provides four sets of default WRED parameters respectively numbered as 0 1 2 and 3 The ten parameters for a port are green min threshhold yellow min threshhold red min threshhold green max threshhold yellow max threshhold red max threshhold green max ...

Page 690: ...ce view Parameter acl number1 Numbers of basic number based ACLs and advanced ACLs ranging from 2 000 to 3 999 acl number2 Number of number based Layer 2 ACL ranging from from 4 000 to 4 999 inbound Performs ACL control to the users who access the local switch using Telnet or SSH outbound Performs ACL control to the users who access other switches from the local switch using Telnet or SSH Descript...

Page 691: ...ests are restricted based on the source MAC addresses Therefore when you use the rules of a Layer 2 ACL only the source MAC address and its mask and the time range parameter are valid z When you use a Layer 2 ACL to implement ACL control to the users accessing through Telnet or SSH only incoming requests are restricted z If a user fails to log in due to ACL restriction the system logs the failure ...

Page 692: ...orm ACL control to the network management users by acl number Use the undo snmp agent community command to remove the setting of community access name By default SNMPV1 and SNMPV2C use community name to perform access Example Set the community name as Huawei permit the user to perform read only access by using this community name and reference the ACL 2000 to perform ACL control to the network man...

Page 693: ...f basic number based ACLs ranging from 2000 to 2999 Description Use the snmp agent group command to configure a new SNMP group and reference the ACL to perform ACL control to the network management users by acl acl number Use the undo snmp agent group command to remove a specified SNMP group Example Create a SNMP group huawei and reference the ACL 2001 to perform ACL control to the network managem...

Page 694: ... acl acl number Number identifier of basic number based ACLs ranging from 2000 to 2999 local Local entity user engineid Specifies the engine ID related to the user engineid string Engine ID character string Description Use the snmp agent usm user command to add a new user to an SNMP group and reference the ACL to perform ACL control to the network management users by acl acl number Use the undo sn...

Page 695: ...e self defined flow template is deleted under the port the system will apply QACL rules in the VLAN to the new port automatically z You will fail to apply the self defined flow template of a port with a VLAN ACL already applied to a customized flow template 2 If both a VLAN and one of its ports have QACL rules applied only those applied to the port work In this case the VLAN ACL takes effect only ...

Page 696: ...gns a globally unique index value to the rule When using the mirrored to command to deliver a rule you can also specify a system index value for the rule In general you are not recommended to specify this parameter manually cpu Mirrors traffic to the CPU Description Use the mirrored to command to activate an ACL and mirror matching data streams in VLAN to the CPU Use the undo mirrored to command t...

Page 697: ...hen using this command to deliver a rule you can also specify a system index value for the rule In general you are not recommended to specify this parameter manually Description Use the packet filter command to activate the ACLs in VLAN Use the undo packet filter command to deactivate an active ACL Example Activate ACL 2000 of each port in VLAN 2 Quidway system view System View return to User View...

Page 698: ... flow policing parameters For example the cir value of the flow of match rule 1 is configured to be 10kbps and that of match rule 2 is configured to be 10kbps The tc index values of the two rules are the same at the same time Then the sum of the average rate of the flow matching rule 1 and the flow matching rule 2 will be limited to 10kbps Note When you specifies the same tc index value for differ...

Page 699: ...oliced service z You need to configure the DSCP Conform level Æ Service parameter mapping table before configuring the remark policed service action you need to configure the Local precedence Conform level Æ 802 1p priority mapping table before configuring the remark cos action Refer to the qos control level dscp local precedence command for the descriptions of the two mapping tables Example Perfo...

Page 700: ... dscp dscp value Reallocates service parameters according to customized DSCP values or EXP values For IP packets dscp value is the DSCP priority six bits in length in the packet header ranging from 0 to 63 and is set by users For MPLS packets the dscp value argument indicates the DSCP priority In addition the least three bits of the value also act as the EXP flag field which is set simultaneously ...

Page 701: ...ties and EXP values of MPLS packets To choose this mode specify the remark policed service dscp dscp value when executing this command 4 Specify a set of service parameters To choose this mode specify remark policed service untrusted dscp dscp value cos cos value local precedence local precedence drop priority drop level parameter when executing this command Note z The DSCP Conform Level Service p...

Page 702: ...x Specifies the system index value of the rule which will be indexed during operation After delivering a rule the system automatically assigns a globally unique index value to the rule When using this command to deliver a rule you can also specify a system index value for the rule In general you are not recommended to specify this parameter manually cpu Redirects packets to the CPU next hop ip add...

Page 703: ...View VLAN view Parameter ip group acl number acl name Activates IP ACLs including basic and advanced ACLs acl number Sequence number of ACL ranging from 2000 to 3999 acl name Name of the ACL which must be a character string starting with an English letter a z or A Z and without any space or quotation mark in it rule rule Specifies the subitem of an active ACL ranging from 0 to 127 if not specified...

Page 704: ...nge of 1 to 4 094 Description Use the port can access vlan acl command to synchronize VLAN ACL configuration of the specified VLAN to the port When being added to a VLAN a port automatically synchronizes VLAN ACL configuration of the VLAN The synchronization fails if system resources are not enough In this case you can delete part of configuration of the card and then use this command to manually ...

Page 705: ... a port is added to a VLAN you may fail to synchronize the VLAN ACL configuration of the VLAN because the resources are not enough or user defined flow templates are applied to ports You can use this command to view the ports to which the ACL rule configured on the specified VLAN is applied Example View the ports to which the ACL rule configured on VLAN 5 is applied Quidway display vlan acl member...

Page 706: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual MPLS Huawei Technologies Proprietary ...

Page 707: ... lsp ingress 1 9 1 1 13 static lsp transit 1 10 1 2 LDP Configuration Commands 1 11 1 2 1 debugging mpls ldp 1 11 1 2 2 display mpls ldp 1 12 1 2 3 display mpls ldp buffer info 1 12 1 2 4 display mpls ldp interface 1 13 1 2 5 display mpls ldp lsp 1 15 1 2 6 display mpls ldp peer 1 16 1 2 7 display mpls ldp remote 1 18 1 2 8 display mpls ldp session 1 19 1 2 9 mpls ldp 1 20 1 2 10 mpls ldp enable 1...

Page 708: ...h vpn target 2 16 2 1 19 import route 2 17 2 1 20 ip binding vpn instance 2 18 2 1 21 ip route static vpn instance 2 19 2 1 22 ip vpn instance 2 20 2 1 23 ipv4 family 2 21 2 1 24 nesting vpn 2 22 2 1 25 network 2 22 2 1 26 ospf 2 23 2 1 27 peer advertise community 2 25 2 1 28 peer allow as loop 2 26 2 1 29 peer as number 2 27 2 1 30 peer as path acl export 2 27 2 1 31 peer as path acl import 2 28 ...

Page 709: ...pls vlan 2 48 2 1 59 preference 2 48 2 1 60 reflect between clients 2 49 2 1 61 reflector cluster id 2 50 2 1 62 route distinguisher 2 50 2 1 63 route tag 2 51 2 1 64 timer 2 53 2 1 65 traffic redirect 2 53 2 1 66 routing table limit 2 54 2 1 67 sham link 2 55 2 1 68 summary 2 57 2 1 69 vpn instance capability simple 2 58 2 1 70 vpn target 2 59 Chapter 3 MPLS L2VPN Configuration Commands 3 1 3 1 C...

Page 710: ...8500 Series Routing Switches Table of Contents Huawei Technologies Proprietary iv 3 3 4 display mpls l2vpn 3 12 3 3 5 l2vpn family 3 14 3 3 6 mpls l2vpn 3 14 3 3 7 mpls l2vpn encapsulation 3 15 3 3 8 mtu 3 16 3 3 9 peer enable 3 16 ...

Page 711: ...bugging for various MPLS events ftn Enables MPLS FTN debugging interface Enables the MPLS debugging on the message sending receiving interface packet Enables MPLS packet debugging policy Enables MPLS policy debugging process Enables debugging of MPLS internal processing vpn Enables all MPLS VPN debugging Description Use the debugging mpls lspm command to enable various LSPM debugging Use the undo ...

Page 712: ...y the information of all MPLS enabled interface Quidway display mpls interface MPLS interface information Interface Vlan interface12 Label Range 0 44800 Interface Vlan interface23 Label Range 0 44800 Interface Vlan interface21 Label Range 0 44800 Interface Vlan interface20 Label Range 0 44800 Interface Vlan interface194 Label Range 0 44800 Interface Vlan interface104 Label Range 0 44800 Interface ...

Page 713: ...ls interface display mpls statistics and display static lsp Example Display all the LSPs including Quidway Vlan interface2000 display mpls lsp include LSP Information Ldp Lsp NO FEC NEXTHOP I O LABEL OUT INTERFACE 1 10 110 1 0 24 10 110 1 1 3 2 10 10 10 0 24 10 10 10 1 3 3 10 100 20 20 32 127 0 0 1 3 4 5 5 5 5 32 127 0 0 1 3 5 10 100 20 0 24 10 100 20 20 3 6 80 80 80 80 32 127 0 0 1 3 7 70 70 70 7...

Page 714: ...ERFACE 1 1 1 1 1 32 200 5 5 4 1000 Vlan2000 TOTAL 1 Record s Found 1 1 5 display mpls statistics Syntax display mpls statistics interface Vlan interface all lsp lsp Index all lsp name View Any view Parameter interface Vlan interface all Specifies one interface or all interfaces lsp lsp Index all lsp name Specifies one label switching path or all label switching paths Where lsp Index is an LSP inde...

Page 715: ...fix ip prefix View MPLS view Parameter all Triggers LSPs at any route ip prefix Triggers LSPs only at the routes matching the specified IP prefix list ip prefix IP prefix list ranging from 1 to 19 Description Use the lsp trigger command to configure topology triggered LSP creation policy Use the undo lsp trigger command to remove the filtering conditions specified by parameters and disable LSP tri...

Page 716: ...w to enable MPLS on the VLAN interface Use the undo mpls command to disable MPLS function in the system view or on the VLAN interface By default you cannot enter this view After executing the command you can enter MPLS view Only after you enter MPLS view can you configure other MPLS commands You must configure the mpls lsr id command first and then you can enter MPLS view Example Enter MPLS view f...

Page 717: ...LSR ID Use the undo mpls lsr id command to delete an LSR ID By default no LSR has an ID You must configure the mpls lsr id command first and then you can use the other MPLS related commands An LSR ID is in the format of IP address thus a loopback address is recommended Related command display mpls interface Example Set the LSR ID to 202 17 41 246 Quidway system view Quidway mpls lsr id 202 17 41 2...

Page 718: ...ystem view Quidway snmp agent trap enable ldp 1 1 10 snmp agent trap enable lsp Syntax snmp agent trap enable lsp undo snmp agent trap enable lsp View System view Parameter None Description Use the snmp agent trap enable lsp command to enable Trap function in MPLS LSP creation Use the undo snmp agent trap enable lsp command to disable Trap function in MPLS LSP creation By default Trap function is ...

Page 719: ...p egress command to delete an LSP for an egress LSR Related command static lsp ingress static lsp transit and debugging mpls Example Configure a static LSP named bj sh on the egress LSR Quidway system view Quidway mpls static lsp egress bj sh incoming interface vlan interface 201 in label 233 1 1 12 static lsp ingress Syntax static lsp ingress lsp name destination dest addr addr mask mask length l...

Page 720: ...tic lsp ingress bj sh destination 202 25 38 1 24 nexthop 202 55 25 33 out label 237 1 1 13 static lsp transit Syntax static lsp transit lsp name l2vpn incoming interface interface type interface number in label in label value nexthop next hop addr out label out label value undo static lsp transit lsp name View MPLS view Parameter lsp name LSP name interface type Interface number Interface type int...

Page 721: ...n pdu notification remote interface interface type interface number View User view Parameter all Displays all debugging information related to LDP main Displays the debugging information of LDP main tasks advertisement Displays the debugging information during LDP advertising session Displays debugging information during LDP session processing pdu Displays the debugging information during PDU pack...

Page 722: ...information of LDP and LSR Related command mpls ldp mpls ldp hops count mpls ldp loop detection and mpls ldp path vectors Example Display LDP and LSR information Quidway display mpls ldp Label Distribution Protocol V1 LSR ID 10 10 10 10 LSR Status Active Loop Detection Disabled Path Vector Limit 32 Hop Count Limit 32 DU Readvertisement On Request Retry Off Label Retention Mode Liberal DU Explicit ...

Page 723: ...6 201 198 PEER INF 5 116 201 198 SESSION 6 176 201 198 US BLK 7 264 1052 1028 DS BLK 8 240 1052 1042 FEC 9 40 1042 1032 US LIST 10 16 1052 1028 TRIG BLK 11 56 2076 2071 LABEL RANGE 12 20 198 198 CR TUNNEL 13 124 128 128 ER HOP 14 40 4096 4096 IF MSG 15 24 9999 9999 Buffer no error 1 2 4 display mpls ldp interface Syntax display mpls ldp interface begin text exclude text include text View Any view ...

Page 724: ...Negotiated Hello hold time 15 Hello packets sent rcv 21158 21136 Interface Vlan interface21 address 21 21 21 2 Label distributing enabled bound to entity 2 2 2 2 0 Generic label range configured 16 44800 Label Advertisement Mode Downstream Unsolicited Configured KeepAlive hold time 60 Configured Hello hold time 15 Negotiated Hello hold time 0 Hello packets sent rcv 16929 0 Interface Vlan interface...

Page 725: ... Parameter Displays matched outputs begin Displays the outputs matching the regular expression from the first line exclude Displays the outputs excluding those lines matching the regular expression include Displays only those outputs matching the regular expression text Contents of the regular expression Description Use the display mpls ldp lsp command to view relevant LSP information created via ...

Page 726: ...ral 85 12 0 1 32 1025 2 12 PREFIX 85 12 0 1 1025 3 0 1 23 23 23 3 Vlan23 13 PREFIX 85 12 0 1 3 1 1 23 23 23 3 Vlan23 1 2 6 display mpls ldp peer Syntax display mpls ldp peer begin text exclude text include text View Any view Parameter Displays matched outputs begin Displays the outputs matching the regular expression from the first line exclude Displays the outputs excluding those lines matching t...

Page 727: ...d time 60 Peer Distribution Method Downstream Unsolicited Peer Type Remote Peer RowStatus Active Local LDP ID 2 2 2 2 0 Peer LDP ID 1 1 1 1 0 Internetwork Address Type IPv4 Internetwork Address 1 1 1 1 Maximum Peer PDU length 4096 Peer KeepAlive hold time 60 Peer Distribution Method Downstream Unsolicited Peer Type Local Peer RowStatus Active Local LDP ID 2 2 2 2 0 Peer LDP ID 1 1 1 1 0 Internetwo...

Page 728: ...gular expression include Displays only those outputs matching the regular expression text Contents of the regular expression Description Use the display mpls ldp remote command to view the configured Remote peer information By default you can view all the Remote peer configurations Related command mpls ldp remote peer and remote ip Example Display the Remote peer configuration Quidway display mpls...

Page 729: ...ckets sent rcv 0 0 1 2 8 display mpls ldp session Syntax display mpls ldp session begin text exclude text include text View Any view Parameter Displays matched outputs begin Displays the outputs matching the regular expression from the first line exclude Displays the outputs excluding those lines matching the regular expression include Displays only those outputs matching the regular expression te...

Page 730: ...ive hold time 60 Peer PV Limit 0 LDP Basic Discovery Source A means active Inter vlan113 A Inter vlan112 Inter vlan111 1 2 9 mpls ldp Syntax mpls ldp undo mpls ldp View System view Parameter None Description Use the mpls ldp command to enable LDP Use the undo mpls ldp command to disable LDP By default LDP is disabled Before enabling LDP you must enable MPLS and configure LSR ID first Related comma...

Page 731: ...and session creation proceed Example Enable LDP on a VLAN interface Quidway system view Quidway vlan 201 Quidway Vlan201 port gigabitethernet 2 1 1 Quidway Vlan201 quit Quidway interface vlan interface 201 Quidway Vlan interface201 mpls Quidway vlan interface201 mpls ldp enable 1 2 11 mpls ldp hops count Syntax mpls ldp hops count hop number undo mpls ldp hops count View System view Parameter hop ...

Page 732: ... Quidway mpls ldp hops count 22 Set the maximum hop count of loop detection to its default value 32 Quidway undo mpls ldp hops count 1 2 12 mpls ldp loop detect Syntax mpls ldp loop detect undo mpls ldp loop detect View System view Parameter None Description Use the mpls ldp loop detect command to enable loop detection Use the undo mpls ldp loop detect command to disable loop detection By default ...

Page 733: ...ldp password command to configure MD5 authentication password for the LDP After this configuration the MD5 authentication is adopted for LDP on the interface Use the undo mpls ldp password command to delete the configuration Example Configure the LDP authentication mode as MD5 plain text password 123 Quidway system view Quidway interface vlan interface 201 Quidway vlan interface201 mpls ldp passwo...

Page 734: ... path vector to 23 Quidway system view Quidway mpls ldp path vectors 23 Restore the default maximum value of path vector Quidway undo mpls ldp path vectors 1 2 15 mpls ldp remote peer Syntax mpls ldp remote peer index undo mpls ldp remote peer index View System view or remote peer view Parameter index Index that identifies a remote peer entity ranging from 0 to 99 Description Use the mpls ldp remo...

Page 735: ...ace After LDP is configured on an interface and LDP session is created this command can be used to reset a specific session on the interface You only need to specify the address of the peer corresponding to the session to be reset Related command mpls ldp and mpls ldp enable Example Reset a specified session on the VLAN201 interface Quidway system view Quidway interface vlan interface 201 Quidway ...

Page 736: ...for the hold timer interval Time interval to send a Keepalive packet Description Use the mpls ldp timer command to set the hold time for the Hello hold timer and Session hold timer Use the undo mpls ldp timer command to restore the default values The timeout of the Hello hold timer means that the adjacency with the peer goes down the timeout of the Session hold timer means the session with the pee...

Page 737: ...ddress When there are multiple directly connected and MPLS LDP enabled links between two LSR neighbors all these links must be configured with the same transport address it is recommended to adopt the default LSR ID as the transport address Otherwise the system may be unable to set up a steady LDP session For a Remote peer the transport address cannot be configured and is fixed to the LSR ID By de...

Page 738: ...Description Use the remote ip command to configure a Remote IP address The address should be the lsr id of the remote LSR As Remote Peers adopt LSR ID as their transport addresses the last two Remote Peers use the lsr id as their transport addresses for creating TCP connection Related command mpls ldp remote peer Example Configure the address of remote peer Quidway system view Quidway mpls ldp rem...

Page 739: ...olicy route policy name detail suppressed origin policy route policy name suppress policy route policy name undo aggregate address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name View VPN instance subaddress family view Parameter address IP address of an aggregated route in dotted decimal format mask Network mask of...

Page 740: ...ion detail suppressed This keyword suppresses advertisement of all the specific routes but not of the aggregated routes Using the peer filter policy command you can suppress some specific routes suppress policy This keyword enables the creation of an aggregate route but disables the advertising of the specified routes Using the if match clause in the route policy command you can choose to suppress...

Page 741: ...r condition Quidway route policy apply mpls label 2 1 3 debugging bgp Syntax debugging bgp all event normal keepalive mp update open packet route refresh update receive send verbose undo debugging bgp all event normal keepalive mp update open packet route refresh update View User view Parameter all Enables all types of BGP debugging event Enables BGP event debugging normal Enables BGP common funct...

Page 742: ...verbose 2 1 4 default local preference Syntax default local preference value undo default local preference View VPNv4 subaddress family view Parameter value Value of the local precedence ranging from 0 to 4294967295 A greater value enjoys higher precedence The default local precedence is 100 Description Use the default local preference command to configure the local precedence for BGP routing in V...

Page 743: ...l measurement for routes and does not leave AS once entering it The route with smaller MED value will be selected as the external one for AS when other conditions hold Example The routers RTA and RTB belong to AS100 and the router RTC belongs to AS200 RTC associates with RTA and RTB Set the MED value of RTA 25 This makes the RTC prefer the route sent by RTB Quidway bgp af vpn instance default med ...

Page 744: ...ance vpn instance name Displays the information related to VPN instance group Displays the information of a neighbor peer group network Displays the advertised routing information peer Displays the peer information verbose Displays detailed peer information routing table Displays routing information options Configures to view the routing information Description Use the display bgp vpnv4 command to...

Page 745: ...yed information is null If you use the display bgp routing table address mask command to view the BGP routing information the label information will be displayed if the route has a label Example View the BGP routing information Quidway display bgp routing table label Flags valid active I internal D damped H history S aggregate suppressed In out Dest Mask Next Hop Label 9 0 0 1 32 0 0 0 0 1024 View...

Page 746: ...ormation in the IP routing table of vpn instance Example Display the IP routing table associated with the VPN instance PEA disp ip routing table vpn instance vpna ce1 vpna ce1 Route Information Routing Table vpna ce1 Route Distinguisher 100 1 Destination Mask Protocol Pre Cost Nexthop Interface 20 20 20 0 24 BGP 256 0 40 40 40 40 Vlan interface24 40 40 40 0 24 DIRECT 0 0 40 40 40 10 Vlan interface...

Page 747: ...p vpn instance vpn1 VPN Instance vpn1 No description Route Distinguisher 100 6 Interfaces Vlan interface1100 2 1 11 display mpls l3vpn lsp Syntax display mpls l3vpn lsp vpn instance vpn instance name transit egress ingress include text verbose View Any view Parameter transit LSP for the ASBR Autonomous System Boundary Router egress LSP of egress VPN ingress LSP of ingress VPN vpn instance Specifie...

Page 748: ... NO Number I O LABEL Incoming Outgoing label VPN labels labels advertised with VPNV4 routes will be displayed in case of uni hop EBGP cross AS MPLS L3 VPN networking and tunneling labels labels advertised with unicast routes and labels advertised by LDP protocol will be displayed in case of multi hop EBGP cross AS MPLS L3 VPN networking NEXTHOP Next hop IN INTERFACE Ingress interface OUT INTERFACE...

Page 749: ... L3VPN egress lsp information on PE Quidway display mpls l3vpn lsp egress LSP Information L3vpn Egress Lsp NO VRFNAME INNER LABEL NEXTHOP OUT INTERFACE 1 vpna 4096 0 0 0 0 InLoop0 TOTAL 1 Record s Found Table 2 4 Description of command information on display Field Description NO Number VRFNAME Name of VPN Instance INNER LABEL Inner label VPN label NEXTHOP Next hop OUT INTERFACE Egress interface 2 ...

Page 750: ...id addr undo domain id View OSPF protocol view Parameter id number Domain id for a VPN instance an integer in the range of 0 to 4294967295 By default it is 0 id addr IP address format of Domain id for a VPN instance By default it is 0 0 0 0 Description Use the domain id command to specify Domain id for a VPN instance Use the undo domain id command to restore the default Domain id For standard BGP ...

Page 751: ...main id 100 Quidway ospf 100 domain id 0 0 0 100 2 1 14 filter policy export Syntax filter policy acl number ip prefix ip prefix name export protocol undo filter policy acl number ip prefix ip prefix name export protocol View VPNv4 subaddress family view VPN instance subaddress family view Parameter acl number ACL number ranging from 2000 to 3999 matching the destination address of routing ip pref...

Page 752: ...fix name import View VPNv4 subaddress family view VPN instance subaddress family view Parameter acl number ACL number ranging from 2000 to 3999 to match the destination address of routing ip prefix ip prefix name Name of IP prefix list to match destination of routing gateway ip prefix name Name of the IP prefix list for the neighboring routers whose routing information will be filtered Description...

Page 753: ...peer group It can be expressed in string of letters and numbers from 1 to 47 in length internal Creates an internal peer group external Creates an external peer group including other sub AS groups in federation Description Use the group command to create a BGP peer group in VPN instance Use the undo group command to delete a specified BGP peer group By default the MP IBGP peer is created Members i...

Page 754: ...ew Parameter vpn target Route VPN target attribute values used for matching in ASN nn or IP address nn format count Number of the route VPN target values used for matching in the range of 2 to 65535 Description Use the if match vpn target command to match the route s vpn target attribute The match for a route succeeds only when the route s vpn target attribute is a subset of the configured values ...

Page 755: ...route policy if match vpn target begin 100 1 10 Define an if match clause to match five VPN target attribute values starting from 1 1 1 1 65533 that is 1 1 1 1 65533 1 1 1 1 65534 1 1 1 1 65535 1 1 1 2 0 and 1 1 1 2 1 Quidway route policy if match vpn target begin 1 1 1 1 65533 5 2 1 19 import route syntax import route ospf ospf ase ospf nssa process id direct rip static med value route policy rou...

Page 756: ...168 168 55 1 85 Quidway vpn sphinx quit Quidway bgp 352 Quidway bgp ip vpn instance sphinx Quidway bgp af vpn instance import route ospf 100 2 1 20 ip binding vpn instance Syntax ip binding vpn instance vpn instance name undo ip binding vpn instance vpn instance name View VLAN interface view Parameter vpn instance name Name assigned to VPN instance Description Use the ip binding vpn instance comma...

Page 757: ...Name of VPN instance 6 names can be configured at most and this value of character string is ranging from 1 to 19 characters destination ip address Destination address of a static route mask Subnet mask mask length Length of the mask ranging to 0 to 32 As it requires consecutive 1s in a 32 bit mask the mask in dotted decimal format can be substituted by mask length mask length is represented by th...

Page 758: ...atic vpn instance vpn1 100 1 1 1 16 vpn instance vpn1 1 1 1 2 2 1 22 ip vpn instance Syntax ip vpn instance vpn instance name undo ip vpn instance vpn instance name View System view Parameter vpn instance name Name assigned to VPN instance Description Use the ip vpn instance command to create a VPN instance and enter VPN instance view Use the undo ip vpn instance command to delete the specified VP...

Page 759: ...v4 address family view unicast Uses unicast sub address family Description Use the ipv4 family vpn instance command to enter MBGP VPN instance subaddress family view Use the undo ipv4 family vpn instance command to delete the association of a VPN instance with MBGP address family and return to BGP unicast view Use the ipv4 family vpnv4 command to enter MBGP VPNv4 subaddress family view Use the und...

Page 760: ...BGP VPNv4 sub address family view Parameter None Description Use the nesting vpn command to enable the nested VPN function Use the undo nesting vpn command to disable this function By default the nested VPN function is disabled If VPNv4 route advertisement is needed for a CE connected to a PE the nested VPN function must be enabled on the PE Example Enable the nested VPN function Quidway bgp af vp...

Page 761: ...ng with the destination network segment 10 0 0 0 16 Quidway bgp af vpn instance network 10 0 0 1 255 255 0 0 2 1 26 ospf Syntax ospf process id router id router id number vpn instance vpn instance name undo ospf process id View System view Parameter process id OSPF Process ID The default process ID is 1 router id number Router ID for an OSPF process It is optional vpn instance name VPN instance bo...

Page 762: ...fy the VPN instance name One VPN instance may include several processes For example for VPN1 you can configure the commands OSPF 1 VPN instance VPN1 OSPF2 VPN instance VPN1 and OSPF3 VPN instance VPN1 Accordingly VPN instance VPN1 will include the OSPF processes 1 2 and 3 But one process belongs to one instance only If you have configured OSPF 1 VPN instance VPN1 you cannot configure OSPF 1 VPN in...

Page 763: ...rocesses 1 2 and 3 If VPN instance VPN 1 is deleted the OSPF processes 1 2 and 3 will all be deleted at the same time Related command network Example Enable OSPF protocol with the default process ID 1 Quidway router id 10 110 1 8 Quidway ospf Enable OSPF protocol with the process ID 120 Quidway router id 10 110 1 8 Quidway ospf 120 Quidway ospf 120 Enable OSPF process with the process ID 100 speci...

Page 764: ...ess family view VPN instance sub address family view Parameter group name Name of a peer group consisting of 1 to 47 alphanumeric characters peer address IP address of a specified peer asn limit Maximum times for which autonomous system AS number is allowed to receive in route updates Description Use the peer allow as loop command to allow loop in the route updates in the Hub Spoke networking mode...

Page 765: ...roup group name as number as number View VPN instance subaddress family view Parameter group name Name of a peer group consisting of 1 to 47 alphanumeric characters peer address IP address of peer group as number Opposite AS number of a peer group Description Use the peer as number command to configure the opposite AS number of a specified peer group Use the undo peer as number command to remove t...

Page 766: ...cy based on AS path list You can only use the peer as path acl export command in the peer group Related command peer as path acl import Example Configure the test peer group to filter the advertised routing information with the AS path ACL 3 Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer test as path acl 3 export 2 1 31 peer as path acl import Syntax peer group name peer address as path acl...

Page 767: ...p name ip address connect interface interface type interface_num undo peer group name ip address connect interface View VPN instance subaddress family view Parameter group name Name of a neighbor peer group consisting of 1 to 47 alphanumeric characters ip address Peer IP address interface type interface number Interface type interface number Description Use the peer connect interface command to co...

Page 768: ...escription Use the peer default route advertise command to enable a peer group to transmit a default route Use the undo peer default route advertise command to remove the existing configuration By default a peer group does not transmit a default route This command does not require any default route in the routing table but transmits a default route whose next hop address is itself to the peer unco...

Page 769: ...o import a default route Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer 10 1 1 1 default route advertise vpn instance test 2 1 35 peer description Syntax peer group name peer address description description line undo peer group name peer address description View VPN instance subaddress family view Parameter group name Name of a neighbor peer group consisting of 1 to 47 alphanumeric characte...

Page 770: ...ddress Peer IP address ttl The maximum hops in the rang of 1 to 255 and is 64 by default Description Use the peer ebgp max hop command to enable to establish an EBGP connection with a specified neighbor which is attached to the network indirectly Use the undo peer ebgp max hop command to restore the default setting By default you can only make a connection with a direct accessing EBGP neighbor Exa...

Page 771: ...eer group name filter policy acl number export View VPNv4 subaddress family view VPN instance subaddress family view Parameter group name Name of a neighbor peer group consisting of 1 to 47 alphanumeric characters acl number IP ACL number ranging from 2000 to 3999 That is you can use basic ACL or advanced ACL export Uses the filtering policy for the advertised route and this policy is only effecti...

Page 772: ...to 47 alphanumeric characters peer address Peer IP address in dotted decimal format acl number IP ACL number from 2000 to 3999 that is you can use basic or advanced ACL import Performs the filtering policy on the received routes Description Use the peer filter policy import command to apply the ACL based filtering policy to the received routing information for peers Use the undo peer filter policy...

Page 773: ...e a specified peer from the group In BGP view and VPN instance subaddress family view when adding a peer to an external group out of an AS you need to specify an AS number When adding a peer to an internal group or an external group in an AS the AS number is not needed A peer must have been added in a group in BGP view before it can be added to another group in multicast subaddress family view or ...

Page 774: ...he peer group does not perform the routing filtering policy you can only configure the peer ip prefix export command to the peer group Related command peer ip prefix import Example Configure the peer group group1 to filter the advertised routing information with the IP prefix list list1 Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer group1 ip prefix list1 export 2 1 42 peer ip prefix import...

Page 775: ...received route with the IP prefix list 1 Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer group1 ip prefix list1 import 2 1 43 peer label route capability Syntax peer group name label route capability undo peer group name label route capability View BGP view Parameter group name Name of a neighbor peer group Description Use the peer label route capability command to enable a peer group to han...

Page 776: ...of the next hop in the routes that BGP advertises to a peer group and configure to use its own address as the next hop Use the undo peer next hop local command to cancel the existing setting Example Specify the current BGP address as the next hop in its route advertising to a peer group Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer test next hop local 2 1 45 peer password Syntax peer group...

Page 777: ...en the MD5 authentication is enabled both parties must have the same authentication mode and password otherwise no TCP connection can be established because the MD5 authentication cannot be passed A specified peer can perform the MD5 authentication only when the group to which the peer belongs is not set the authentication Otherwise the configuration of the peer group applies Example Assign MD5 au...

Page 778: ...uters may ignore private AS number when transmitting BGP update packets Example Send MBGP update packets without bearing private AS numbers Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer 168 public as only 2 1 47 peer reflect client Syntax peer group name reflect client undo peer group name reflect client View VPNv4 subaddress family view Parameter group name Name of a neighbor peer group c...

Page 779: ...tion Use the peer route policy export command to apply the routing policy to peer group for advertised routing information Use the undo peer route policy export command to cancel the configuration By default there is no routing policy The peer route policy export command is only used to configure peer groups Related command peer route policy import Example Apply the routing policy test policy to t...

Page 780: ...configuration for peer groups Related command peer route policy export Example Apply the routing policy test policy to the incoming routes of the peer group test Quidway bgp ipv4 family vpnv4 Quidway bgp af vpn peer test route policy test policy import 2 1 50 peer route update interval Syntax peer group name route update interval seconds undo peer group name route update interval View VPN instance...

Page 781: ...phanumeric characters peer address Peer IP address in dotted decimal format keepalive interval Interval of sending the Keepalive message It is in seconds ranging from 1 to 65535 and with the default value 60 holdtime interval Holdtime ranging from 3 to 65535 in seconds and with the default value 180 seconds Description Use the peer timer command to set the Keepalive interval and holdtime for peers...

Page 782: ... ipv4 family vpnv4 Quidway bgp af vpn peer 1 1 1 1 upe 2 1 53 peer vpn instance enable Syntax peer group name vpn instance vpn instance name enable undo peer group name vpn instance vpn instance name enable View BGP VPNv4 sub address family view Parameter group name Name of a peer group vpn instance name Name of the VPN instance the CE peer belongs to enable Enable VPNv4 function for the CE Descri...

Page 783: ... dotted decimal notation vpn instance name Name of the VPN instance the CE peer belongs to group name Name of a peer group Description Use the peer vpn instance group command to join a CE neighbor into a BGP peer group Use the undo peer vpn instance group command to clear the CE neighbor from the BGP peer group By default a CE neighbor does not belong to any peer group Example Join a CE neighbor i...

Page 784: ...o VPNv4 routes it received Use the undo peer vpn instance route policy import command to cancel the configuration By default no routing policy is configured The ingress routing policy configured for a peer takes precedence over the configuration for the peer group Example Configure the peer group ebgp to apply the routing policy named comtest to the ingress routes Quidway bgp af vpn peer ebgp vpn ...

Page 785: ...ll be replaced by the AS number of the PE before being advertised These commands take effect once being executed Example Enable the BGP AS number substitution for the peer group 20 Quidway bgp af vpn peer 20 vpn instance vrf1 substitute as 2 1 57 policy vpn target Syntax policy vpn target undo policy vpn target View BGP VPNv4 subaddress family view Parameter None Description Use the policy vpn tar...

Page 786: ...cable to fast Ethernet ports of cards with the suffix of C Use the undo port trunk mpls command to restore the default value of vlan id The default value is 0 By default the range of MPLS VPN VLANs is from 0 to 1023 and the range of vlan id is from 1 to 3071 The command must be executed on a Trunk port MPLS VPN enabled VLANs and VLANs out of the configured range are excluded By default the Trunk p...

Page 787: ...rence of the preference of the routes learned from the EBGP peer to 2 the preference of the routes learned from the IBGP peer to 3 and the preference of the local routes to 4 Quidway bgp af vpn instance preference 2 3 4 2 1 60 reflect between clients Syntax reflect between clients undo reflect between clients View VPNv4 subaddress family view Parameter None Description Use the reflect between clie...

Page 788: ...figure a cluster ID of router reflector Use the undo reflector cluster id command to delete the configuration By default each router reflector uses his own ID as a cluster ID Usually one cluster has one router reflector And it is the router ID of the reflector to identify this cluster Several router reflectors make the network more stable If one cluster has several router reflectors set the same c...

Page 789: ...ystem number ASN it is composed of the ASN and an arbitrary number if the RD is associated with an IP address it is a combination of the IP address and an arbitrary number RD has the following formats 16 bit ASN can be 0 here A custom 32 bit number for example 101 3 32 bit IP address can be 0 0 0 0 here A custom 16 bit number for example 192 168 122 15 1 Example Configure RD for an MPLS VPN instan...

Page 790: ...mmunity attributes of BGP and thus it is limited in the local area Therefore it can only be configured and function on the PE router which receives BGP routes and generates OSPF LSA Configure Route tag in OSPF protocol view Different processes can be configured with a same Route tag You can configure the same Route tag using different commands but they are different in priority z Those configured ...

Page 791: ...erval and hold time for sending Keepalive messages Use the undo timer command to restore the default value The timer defined with the peer timer command takes preference over that with the timer command Related command peer timer Example Set the time interval and hold time for sending Keepalive messages Quidway bgp af vpn instance timer keep alive 60 hold 180 2 1 65 traffic redirect Syntax traffic...

Page 792: ...terface type can be GigabitEthernet and Ethernet interface number suggests a complete port name with interface type system index index Intra system index of the rule in the range of 0 4294967295 The system assigns automatically an index to it when delivering an ACL rule for later retrieval You can also assign a system index to it when delivering an ACL rule with this command However generally you ...

Page 793: ...te a route distinguisher RD in either of the following formats 16 bit ASN A 32 bit user defined number for example 100 1 32 bit IP address A 16 bit user defined number for example 172 1 1 1 1 Create a VPN target extended community for a VPN instance and specify ingress or egress interface or both of them for the vpn target command These parameters can be used to configure ingress egress routing in...

Page 794: ...he value of dead seconds for a Sham link peer router hello seconds Specifies interval between Hello message transmission at the interface in the range of 1 to 8192 seconds By default it is 10 seconds It must be consistent with the value of hello seconds for a Sham link peer router retransmit seconds Specifies internal for LSA packet retransmission at the interface in the range of 1 to 8192 seconds...

Page 795: ... and imported into BGP through a direct connect route z In an OSPF processes of VPN the Loopback interface routes used by the Sham link cannot be imported directly so the import direct command cannot be used in the OSPF processes of VPN OSPF can only advertise the route by importing a BGP route z The source and destination addresses of a sham link cannot be the same z The same sham link cannot be ...

Page 796: ...N Instance CE Use the undo vpn instance capability command to cancel the configuration OSPF multi VPN instance is often run at a PE router So a CE router on which OSPF multi VPN instance runs is called Multi VPN Instance CE Though they both support multi VPN instance Multi VPN Instance CE does not necessarily support BGP OSPF interoperability When an OSPF process is bound to a VPN instance the def...

Page 797: ...arget vpn target ext community import extcommunity export extcommunity both View VPN instance view Parameter import extcommunity Ingress route information from the extended community of target VPN export extcommunity Egress route information to the extended community of target VPN both Imports both ingress and egress route information to the extended community of target VPN vpn target ext communit...

Page 798: ... ingress VPN target VPN target specifies a target VPN extended community The same as RD an extended community is either composed of an ASN and an arbitrary number or composed of an IP address and an arbitrary number RD is in either of the following formats 16 bit ASN can be 0 here A custom 32 bit number for example 101 3 32 bit IP address can be 0 0 0 0 here A custom 16 bit number for example 192 ...

Page 799: ...he VLAN whose interface is used to establish the connection It must be the ID of an existing VLAN transmit lsp name Name of transmitting LSP the ingress LSP receive lsp name Name of receiving LSP the egress LSP outinterface type outinterface number Name of the interface connecting to the second CE custom edge Description Use the ccc ccc connection name interface vlan interface vlan id transmit lsp...

Page 800: ...terface vlan id undo debugging mpls l2vpn all advertisement error event connections interface vlan interface vlan id View User view Parameter all Enables Disables all types of L2VPN Debugging advertisement Enables Disables Debugging for L2VPN BGP LDP advertisement messages error Enables Disables Debugging for L2VPN error messages event Enables Disables Debugging for L2VPN event messages connection...

Page 801: ...tion Use the display ccc command to display the information about specified CCC connections Example Display information about the CCC connection named c link Quidway display ccc c link name c link type remote state down intf Vlan interface1003 down tran lsp ccc2 up rcv lsp ccc1 up 3 1 4 static lsp egress l2vpn Syntax static lsp egress lsp name l2vpn incoming interface vlan interface vlan id in lab...

Page 802: ...c LSP named bj sh on the egress LSR Quidway mpls static lsp egress bj sh l2vpn incoming interface vlan interface 201 in label 233 3 1 5 static lsp ingress Syntax static lsp ingress lsp name l2vpn nexthop next hop addr out label out label undo static lsp ingress lsp name View MPLS view Parameter lsp name Name of the LSP next hop addr Address of the next hop out label Value of the out label ranging ...

Page 803: ...e next hop in label Value of the in label ranging from 16 to 1 023 out label Value of the out label ranging from 16 to 1 023 Description Use the static lsp transit command to create a static L2VPN LSP for the midway transmitting LSR Use the undo static lsp transit command to remove the static L2VPN LSP created for the midway transmitting LSR You need to create two LSPs for transmitting and receivi...

Page 804: ...ys only the VC information in UP state vsi Specifies VSI instance Description Use the display mpls l2vc command to display the information about the virtual circuit VC created using label distribution protocol LDP Example Display the information about MPLS LDP connections Quidway display mpls l2vc verbose Interface Vlan interface1000State down Encapsulation ethernet Service VLL VC ID 4294967295 VC...

Page 805: ...te up Destination 3 3 3 3 Group ID Local 0 Remote 0 VC Label Local 134137 Remote 131072 Tunnel Type LSP Tunnel Index 25 VC ID 3 VC State down Destination 1 1 0 3 Group ID Local 0 Remote 0 VC Label Local 131077 Remote 0 Tunnel Type Tunnel Index 0 VC ID 3 VC State up Destination 1 1 1 1 Group ID Local 0 Remote 0 VC Label Local 134136 Remote 158987 Tunnel Type LSP Tunnel Index 23 VC ID 4 VC State up ...

Page 806: ...mote 0 VC Label Local 131083 Remote 131077 Tunnel Type LSP Tunnel Index 25 VC ID 6 VC State down Destination 1 1 0 3 Group ID Local 0 Remote 0 VC Label Local 131087 Remote 0 Tunnel Type Tunnel Index 0 VC ID 7 VC State up Destination 1 1 1 1 Group ID Local 0 Remote 0 VC Label Local 131078 Remote 131182 Tunnel Type LSP Tunnel Index 23 VC ID 7 VC State up Destination 3 3 3 3 Group ID Local 0 Remote 0...

Page 807: ... VC ID Destination State Lcl Label Rmt Label Tunnel Index 6 2 2 2 2 up 131077 131083 LSP 14 VSI name vpn7 Service VPLS Service Status Open VC ID Destination State Lcl Label Rmt Label Tunnel Index 7 2 2 2 2 up 131079 131086 LSP 14 3 2 2 mpls l2vc Syntax mpls l2vc ip address vc id undo mpls l2vc View VLAN interface view Parameter ip address IP address of LSR ID on the peer PE vc id ID of the VC rang...

Page 808: ...the maximum number of CEs that can be connected to the CE This argument ranges from 1 to 500 Description Use the ce command to create a CE or modify the CE Range Use the undo ce command to remove a CE The corresponding CE view is created when you create a CE All the CE connections are configured in CE view For VPN capacity expansion you can set the range argument to a value lager than the currentl...

Page 809: ...LS L2VPN CE view Parameter offset Specifies the ID of the remote CE of the L2VPN connection to create a remote CE connection vlan id ID of the VLAN whose interface is used to establish the connection Description Use the connection command to create a connection for the CE Use the undo connection command to remove the specified CE connection You need to configure the route distinguisher RD for the ...

Page 810: ...bout Kompella L2VPN Example Display all the L2VPN information Quidway display bgp l2vpn all BGP local router ID is 172 16 1 5 Origin codes i IGP e EGP incomplete bgp l2vpn 3 destinations CE ID Label Offset Label Base nexthop pref as path Route Distinguisher 100 1 2 1 800000 1 1 1 1 100 I 200 600 3 1 500000 1 1 1 1 100 I 200 600 Route Distinguisher 100 2 1 1 700000 1 1 1 1 100 I 200 600 3 3 4 displ...

Page 811: ... label interface type Type of the interface which can be Aux Ethernet LoopBack M Ethernet NULL Vlan interface GigabitEthernet or 10 GigabitEthernet Pos and RPR Description Use the display mpls l2vpn command to display the MPLS L2VPN information The command can display the state and configuration of the local remote CE of a specified VPN instance and the L2VPN information about a specified CE inter...

Page 812: ...te L2VPN address family view Use the undo l2vpn family command to remove L2VPN address family view Example Create L2VPN address family view Quidway bgp 100 Quidway bgp l2vpn family Quidway bgp af l2vpn 3 3 6 mpls l2vpn Syntax mpls l2vpn undo mpls l2vpn View System view Parameter None Description Use the mpls l2vpn command to enable L2VPN Use the undo mpls l2vpn command to disable L2VPN To execute ...

Page 813: ...n length encapsulation User access encapsulation type Two types are supported currently Ethernet access and VLAN access The default encapsulation type is Ethernet Description Use the mpls l2vpn encapsulation command to create a Kompella MPLS L2VPN specify the encapsulation type and enter MPLS L2VPN view Use the undo mpls l2vpn command to remove a Kompella MPLS L2VPN Related command ce mtu Note You...

Page 814: ... devices of the same VPN to make sure that the configuration is valid Related command mpls l2vpn encapsulation Example Set the MTU of the VPN named vpna to 1 000 Quidway mpls l2vpn vpna encapsulation vlan Quidway mpls l2vpn vpna mtu 1000 3 3 9 peer enable Syntax peer group name peer address enable undo peer group name peer address enable View L2VPN address family view Parameter group name Name of ...

Page 815: ...cified peer or peer group in L2VPN address family view By default the unicast peers or peer groups of IPv4 address family are active Whereas other types of peers or peer groups are inactive Example Activate peer 192 or peer group 192 in L2VPN address family view Quidway bgp group 192 internal Quidway bgp peer 192 1 1 1 group 192 Quidway bgp l2vpn family Quidway bgp af l2vpn peer 192 enable ...

Page 816: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual STP Huawei Technologies Proprietary ...

Page 817: ... 14 stp cost 1 14 1 1 15 stp edged port 1 15 1 1 16 stp instance root primary 1 17 1 1 17 stp interface 1 18 1 1 18 stp interface instance cost 1 19 1 1 19 stp interface edged port 1 20 1 1 20 stp interface instance port priority 1 21 1 1 21 stp interface loop protection 1 22 1 1 22 stp interface mcheck 1 24 1 1 23 stp interface point to point 1 25 1 1 24 stp interface root protection 1 26 1 1 25 ...

Page 818: ...0 1 1 40 stp timer max age 1 41 1 1 41 stp timer factor 1 42 1 1 42 stp transmit limit 1 43 1 1 43 vlan mapping modulo 1 44 Chapter 2 Digest Snooping Configuration Commands 2 1 2 1 Digest Snooping Configuration Commands 2 1 2 1 1 stp config digest snooping 2 1 Chapter 3 BPDU Tunnel Configuration Commands 3 1 3 1 BPDU Tunnel Configuration Commands 3 1 3 1 1 vlan vpn enable 3 1 3 1 2 vlan vpn tunnel...

Page 819: ...VLAN mapping table of the MST region will lead to the recalculation of spanning tree and network topology flapping To bate such flapping MSTP applies the configured parameters and launches recalculation of the spanning tree only when you activate the configured MST region parameters or enable MSTP After you entered this command MSTP will apply the MST region parameters you have configured to the s...

Page 820: ...ion names VLAN mapping tables and MSTP revision levels are configured exactly the same The switch may not be configured in the expected region due to any slight deviation You can use this command to display the MST region configuration information to be activated to know to which MST regions the switch belongs and check if the MST region configurations are correct Related command instance region n...

Page 821: ...stance id lacp key packet tc protection interface interface type interface number lacp key packet event View User view Parameter None Description Use the debugging stp global error global event command to enable STP global error or event debugging Use the undo debugging stp global error global event command to disable STP global error or event debugging Use the debugging stp all command to enable ...

Page 822: ...erface type interface number lacp key packet event command to disable specified port debugging of MSTP Example Enable STP global event debugging Quidway debugging stp global event 1 1 4 display stp Syntax display stp instance instance id interface interface list slot slot num brief View Any view Parameter instance id Specifies the spanning tree instance ID ranging from 0 to 48 Instance 0 represent...

Page 823: ...Delay Max Hops CIST common root external path cost of the switch to the CIST common root region root internal path cost of the switch to the region root CIST root port of the switch and whether to enable BPDU protection Number of received TC TCN packets time interval for receiving packets If you specify the relationship between a master root and one or multiple slave roots the global CIST paramete...

Page 824: ...3 2 1 DESI FORWARDING NONE 0 GigabitEthernet3 2 2 DESI FORWARDING NONE 0 GigabitEthernet3 2 3 DESI FORWARDING NONE 0 GigabitEthernet3 2 4 DESI FORWARDING NONE 0 GigabitEthernet3 3 1 ROOT FORWARDING NONE Table 1 2 Description on the fields of the display stp command Field Description MSTID MST instance ID in a MST region Port Port number corresponding to the related MST instance Role Role of the po...

Page 825: ...ei Revision level 0 Instance Vlans Mapped 0 21 to 4094 1 1 to 10 2 11 to 20 Table 1 3 Description on the fields of the display stp region configuration command Field Description Format selector Selector defined by MSTP Region name Region name of MST region Revision level Revision level of MST region Instance Vlans Mapped VLAN mapping table of MST region 1 1 6 display stp tc Syntax display stp inst...

Page 826: ...Instance 0 tc or tcn detected count Port Ethernet3 1 1 1 Port Ethernet3 1 9 0 Stp Instance 0 tc or tcn sent count Port Ethernet3 1 1 1 Port Ethernet3 1 9 0 Note The topology changes and notification information of Instance 0 will be recorded in the log 1 1 7 instance Syntax instance instance id vlan vlan list undo instance instance id vlan vlan list View MST region view Parameter instance id Speci...

Page 827: ...ation You cannot map one VLAN to different instances while you can map multiple VLANs to one instance When you remap the mapped VLAN to a different instance the original mapping relation is removed automatically The mapping relationship of VLANs and instances in the same MSTP domain must be correct The data will be transmitted according to the spanning tree topology structure of the instance the V...

Page 828: ... region configuration Quidway mst region region name abcde 1 1 9 reset stp Syntax reset stp interface interface list View User view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface list interface type interface number to interface type interface number 1 10 For detail descriptions of interface type interface number parameters refer to the co...

Page 829: ...lt MSTP revision level takes 0 Description Use the revision level command to configure MSTP revision level of the switch Use the undo revision level command to restore the default revision level MSTP revision level together with region name and VLAN mapping table is used for determining the MST region to which the switch belongs Related command instance region name check region configuration vlan ...

Page 830: ...bled After MSTP is enabled it will dynamically maintain the spanning tree state of the corresponding VLAN according to the received configuration BPDU until it is disabled After MSTP is disabled it will not maintain the state By default global and port MSTP are disabled When you enable MSTP on a device or a port both global and port MSTP are enabled if you do not enable MSTP globally you will fail...

Page 831: ...em will automatically set them to non edge ports and recalculate the spanning tree which makes the network topology flap These ports will not receive any STP configuration BPDU in normal cases Anyway if someone maliciously attacks the switch with fake configuration BPDU the network will flap MSTP provides BPDU protection function to avoid such attack After configured with BPDU protection the switc...

Page 832: ...ax Age are well configured These parameters are related to the network scale You can configure the network scale to get the time parameters When users configure the bridge diameter parameter of the switch MSTP will automatically set Hello Time Forward Delay and Max Age to moderate values When bridge diameter defaults to 7 the time parameters also take their respective default values Related comman...

Page 833: ...eter as 0 to configure CIST path cost of the port The path cost has effect on the port role selection A port can be configured with different path costs on different MSTIs Thus the traffic from different VLANs can run over different physical links thereby implementing the VLAN based load balancing MSTP will recalculate the port role and transit its state upon the port path cost changes Related com...

Page 834: ...hen it is directly connected to the user terminal instead of any other switches or shared network segments The edge port will not cause loop upon network topology changes Accordingly you can configure a port as an edge port so that it can transit to forwarding state fast For this purpose configure the Ethernet port directly connected to the user terminal as an edge port Because the edge port is no...

Page 835: ...onfigure the current switch as the primary root of the specified MSTI Use the undo stp root command to cancel the current switch for the primary root of the designated MSTI If you execute these commands without using the instance instance id option your configuration takes effect only on the CIST instance When you set the instance id parameter to 0 its following parameter setting takes effect By d...

Page 836: ...view System View return to User View with Ctrl Z Quidway stp instance 0 root primary bridge diameter 4 hello time 500 1 1 17 stp interface Syntax stp interface interface list enable disable View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface list interface type interface number to interface type interface number 1 10 For detail...

Page 837: ...id cost cost undo stp interface interface list instance instance id cost View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface list interface type interface number to interface type interface number 1 10 For detail descriptions of interface type and interface number parameters refer to the corresponding descriptions in Port Comma...

Page 838: ... path cost changes Related command stp cost Example Set the path cost of Ethernet 2 1 3 on MSTI 2 to 400 in system view Quidway system view System View return to User View with Ctrl Z Quidway stp interface Ethernet 2 1 3 instance 2 cost 400 1 1 19 stp interface edged port Syntax stp interface interface list edged port enable disable undo stp interface interface list edged port View System view Par...

Page 839: ...ly you can configure a port as an edge port so that it can transit to forwarding state fast For this purpose configure the Ethernet port directly connected to the user terminal as an edge port Because the edge port is not connected to any other switches it will not receive the configuration BPDUs from them Related command stp edged port Example Configure Ethernet2 1 3 as an edge port in system vie...

Page 840: ...ferent priorities on different MSTIs Thus the traffic from different VLANs can run over different physical links thereby implementing the VLAN based load balancing MSTP will recalculate the port role and transit its state upon the port priority changes Related command stp instance port priority Example Set the priority of Ethernet 2 1 3 on MSTI 2 to 16 in system view Quidway system view System Vie...

Page 841: ...nable to receive BPDUs and the switch will select root port again In this case the former root port will turn into the specified port and the former blocked ports will change to the forwarding state and link loop appears The loop protection function can inhibit the generation of loop After it is enabled the root port role will change according to the uplink port state The blocked port will maintai...

Page 842: ...tem view If a port of an MSTP switch on a switching network has ever been connected to an STP switch the port will automatically transit to operate in STP compatible mode However when the STP switch is removed the port stays in STP compatible mode and cannot automatically transit back to MSTP mode In this case you can perform mCheck operation to transit the port to MSTP mode by force Note By defau...

Page 843: ...and Manual 1 10 means that the preceding parameters can be entered up to 10 times force true Indicates the Ethernet port connected to a point to point link force false Indicates the Ethernet port not connected to a point to point link auto Configures to automatically check if the link to the Ethernet port is a point to point link Description Use the stp interface point to point command to configur...

Page 844: ...rface list root protection View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface list interface type interface number to interface type interface number 1 10 For detail descriptions of interface type and interface number parameters refer to the corresponding descriptions in Port Command Manual 1 10 means that the preceding parame...

Page 845: ...root protection 1 1 25 stp interface transmit limit Syntax stp interface interface list transmit limit packetnum undo stp interface interface list transmit limit View System view Parameter interface list Ethernet port list containing multiple Ethernet ports and expressed as interface list interface type interface number to interface type interface number 1 10 For detail descriptions of interface t...

Page 846: ... Ethernet2 1 3transmit limit 5 1 1 26 stp loop protection Syntax stp loop protection undo stp loop protection View Ethernet port view Parameter none Description Use the stp loop protection command to enable loop protection function Use the undo stp loop protection command to restore the default setting By default the loop protection function is not enabled Note The port configured with loop protec...

Page 847: ... MST region Max Hops is 20 Description Use the stp max hops command to configure the Max Hops of an MST region Use the undo stp max hops command to restore the default Max Hops On CIST and MSTIs the Max Hops configured on the region root determines the max switching network diameter supported by the local MST region As the BPDU travels from the spanning tree root each time when it is forwarded by ...

Page 848: ...mpatible mode and cannot automatically transit back to MSTP mode In this case you can perform mCheck operation to transit the port to MSTP mode by force Note By default MSTP runs in MSTP mode which is compatible with RSTP and STP This mode can recognize MSTP BPDU STP config BPDU and RSTP config BPDU However the STP switch can only recognize config BPDU STP BPDU sent by the STP and RSTP bridges Aft...

Page 849: ... MSTP mode MSTP and RSTP are compatible and they can recognize the packets of each other However STP cannot recognize MSTP packets To implement the compatibility MSTP provides two operation modes STP compatible mode and MSTP mode In STP compatible mode the switch sends STP BPDU packets via every port In MSTP mode the switch ports send MSTP BPDU packets When detecting it is connected to an STP swit...

Page 850: ...he STP disabled ports belong By default BPDU non flooding is disabled Related command stp enable Example Discard BPDU packets received on STP disabled port Quidway system view System View return to User View with Ctrl Z Quidway interface GigabitEthernet3 1 1 Quidway GigabitEthernet3 1 1 stp disable Quidway stp non flooding Discard BPDU packets received on STP disabled port on slot 3 Quidway system...

Page 851: ... standards use their own way to work out the port rate based on which each standard calculates the port path cost by a certain algorithm By default the legacy standard is applied for the switch S8500 Example Set the DOT1D 1998 as the path cost calculation standard on the STP port Quidway system view System View return to User View with Ctrl Z Quidway stp pathcost standard dot1d 1998 1 1 32 stp poi...

Page 852: ...and all the MSTIs The settings of a port whether to connect the point to point link will be applied to all the MSTIs where the port belongs Note that a temporary loop may be redistributed if you configure a port not physically connected with the point to point link as connected to such a link by force Related command stp interface point to point Example Configure Ethernet2 1 3 to be connected to t...

Page 853: ...nsit its state upon the port priority changes If you execute these commands without using the instance instance id option your configuration takes effect only on the CIST instance Related command stp interface port priority Example Set the priority of Ethernet2 1 3 on MSTI 2 to 16 Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet2 1 3 Quidway Ethernet2 1 3 ...

Page 854: ...w Parameter instance instance id Specifies the spanning tree instance ID ranging from 0 to 48 Specify it as 0 to configure CIST root secondary Configures the current switch as the secondary root of the designated MSTI bridge diameter bridgenum Specifies the network diameter of the spanning tree ranging from 2 to 7 hello time centi senconds Specifies the Hello Time of the spanning tree which is in ...

Page 855: ... configured as a primary root bridge or a secondary root bridge users cannot modify the bridge priority of the switch Example Configure the current switch as the secondary root bridge of MSTI 0 and specify the diameter of the switching network as 5 and the Hello Time of the switch as 300 centiseconds Quidway system view System View return to User View with Ctrl Z Quidway stp instance 0 root primar...

Page 856: ... the Ethernet2 1 1 port of the switch Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet2 1 1 Quidway Ethernet2 1 1 stp root protection 1 1 37 stp tc protection Syntax stp tc protection enable stp tc protection disable View System view Parameter None Description Use the stp tc protection enable command to enable the protection function so that the switch is ...

Page 857: ...forward delay centi senconds undo stp timer forward delay View System view Parameter centi senconds Specifies Forward Delay which is in the range from 400 to 3000 and measured in centiseconds By default the Forward Delay of the switch is 1500 centiseconds Description Use the stp timer forward delay command to configure Forward Delay for the switch Use the undo stp timer forward delay command to re...

Page 858: ...ax age stp bridge diameter Example Set the Forward Delay of the device to 2000 centiseconds Quidway system view System View return to User View with Ctrl Z Quidway stp timer forward delay 2000 1 1 39 stp timer hello Syntax stp timer hello centi senconds undo stp timer hello View System view Parameter centi senconds Specifies Hello Time value with an integer in the range of 100 to 1000 in units of ...

Page 859: ...can automatically calculate and give the moderate values for the time parameters Related command stp timer forward delay stp timer max age stp bridge diameter Example Set Hello Time of the switch to 400 centiseconds Quidway system view System View return to User View with Ctrl Z Quidway stp timer hello 400 1 1 40 stp timer max age Syntax stp timer max age centi senconds undo stp timer max age View...

Page 860: ...ently You are recommended to use the stp bridge diameter command to specify the diameter of the switching network so that MSTP can automatically calculate and give the moderate values for the time parameters Related command stp timer forward delay stp timer hello stp bridge diameter Example Set Max Age of the device to 1000 centiseconds Quidway system view System View return to User View with Ctrl...

Page 861: ...Ethernet port view Parameter packetnum Specifies the amount limit to the transmitted packets ranging from 1 to 255 expressed as a counter value without any units By default the value is 3 Description Use the stp transmit limit command to configure an amount limit to the configuration BPDU transmitted via a port during the Hello Time Use the undo stp transmit limit command to restore the default li...

Page 862: ... modulo command to map fast and symmetrically all VLAN lists to the specified MSTIs according to the modulo operation results Use the undo vlan mapping modulo command to disable the function By default all the VLANs are mapped to CIST namely Instance 0 Related command region name revision level check region configuration active region configuration Example Map VLAN to MSTI based on modulo 16 Quidw...

Page 863: ... MSTP domain only when they are configured with the same domain settings With MSTP employed interconnected switches determine whether or not they are in the same domain by checking the configuration IDs of the bridge protocol data units BPDUs between them A configuration ID comprises information such as domain ID configuration digest As switches of some manufacturers come with some proprietary pro...

Page 864: ... the configuration of a domain with one or multiple of its switches being digest snooping enabled be sure to disable digest snooping on these switches first to prevent possible broadcast storm caused by otherwise inconsistent mapping relationships between VLANs and VPN instances of each switch z To enable digest snooping all ports in an MSTP domain connecting to switches coming from other manufact...

Page 865: ...w Ethernet port view Parameter None Description Use the command vlan vpn enable to enable VLAN VPN QinQ on the port Use the undo vlan vpn command to disable VLAN VPN QinQ on the port By default VLAN VPN is disabled on all the ports Example Enable VLAN VPN on the switch Quidway system view System View return to User View with Ctrl Z Quidway interface Ethernet3 1 3 Quidway Ethernet3 1 3 vlan vpn ena...

Page 866: ...ipate in a uniform spanning tree calculation while maintaining a separate spanning tree from the operator network By default BPDU Tunnel is disabled Caution z To enable BPDU Tunnel on a switch you must first enable STP on it Otherwise the client network BPDU will not be processed by the CPU when entering the switch nor MAC address replacement or transparent transmission will be implemented z To en...

Page 867: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Security Huawei Technologies Proprietary ...

Page 868: ...ot1x retry 1 12 1 1 12 dot1x supp proxy check 1 13 1 1 13 dot1x timer 1 14 1 1 14 reset dot1x statistics 1 16 Chapter 2 AAA and RADIUS HWTACACS Protocol Configuration Commands 2 1 2 1 AAA Configuration Commands 2 1 2 1 1 access limit 2 1 2 1 2 accounting optional 2 1 2 1 3 attribute 2 2 2 1 4 cut connection 2 3 2 1 5 display connection 2 5 2 1 6 display domain 2 6 2 1 7 display local user 2 7 2 1 ...

Page 869: ... 2 2 14 radius nas ip 2 35 2 2 15 radius scheme 2 36 2 2 16 reset radius statistics 2 37 2 2 17 reset stop accounting buffer 2 37 2 2 18 retry 2 39 2 2 19 retry realtime accounting 2 39 2 2 20 retry stop accounting 2 40 2 2 21 secondary accounting 2 41 2 2 22 secondary authentication 2 42 2 2 23 server type 2 43 2 2 24 state 2 44 2 2 25 stop accounting buffer enable 2 45 2 2 26 timer quiet 2 45 2 ...

Page 870: ...7 2 3 11 primary authorization 2 58 2 3 12 reset hwtacacs statistics 2 58 2 3 13 reset stop accounting buffer 2 59 2 3 14 retry stop accounting 2 60 2 3 15 secondary accounting 2 60 2 3 16 secondary authentication 2 61 2 3 17 secondary authorization 2 62 2 3 18 timer quiet 2 63 2 3 19 timer realtime accounting 2 64 2 3 20 timer response timeout 2 65 2 3 21 user name format 2 65 ...

Page 871: ...acket attack prevention Use the anti attack disable command to disable packet attack prevention By default IP packet attack prevention is enabled and ARP packet attack prevention and dot1x packet attack preventionare disabled Example Enable ARP packet attack prevention Quidway system view System View return to User View with Ctrl Z Quidway anti attack arp enable Disable IP packet attack prevention...

Page 872: ... statistics Configures to display the relevant statistics information of 802 1x Description Use display dot1x command to view the relevant information of 802 1x including configuration information running state session connection information and relevant statistics information By default all the relevant 802 1x information about each interface will be displayed This command can be used to display ...

Page 873: ...protocol is enabled 802 1X protocol is enabled on the switch CHAP authentication is enabled CHAP authentication is enabled DHCP launch is disabled If any user configures a static IP without authorization in DHCP environment the switch will trigger authentication on the user Proxy trap checker is disabled Proxy logoff checker is disabled The system does not check the access of users who log on thro...

Page 874: ...ased on the MAC address Max on line user number The maximum number of on line users Omitted 1 1 3 dot1x Syntax dot1x interface interface list undo dot1x interface interface list View System view Ethernet port view Parameter interface list Ethernet interface list expressed in the format interface list interface type interface number to interface type interface number 1 10 interface type means the i...

Page 875: ...fore 802 1x is enabled globally if the parameters are not configured globally or for a specified port they will maintain the default values After the global 802 1x performance is enabled only when port 802 1x performance is enabled will the configuration of 802 1x become effective on the port If 802 1x is enabled on a port you cannot configure the maximum number of learned MAC addresses by using t...

Page 876: ...t only transmits username but not password CHAP is more secure and reliable In the process of EAP authentication switch directly sends authentication information of 802 1x user to RADIUS server in the form of EAP packet It is not necessary to transfer the EAP packet to standard RADIUS packet first and then send it to RADIUS server Please note To realize PAP CHAP or EAP authentication RADIUS server...

Page 877: ...xpressed in the format interface list interface type interface number to interface type interface number 1 10 interface type means the interface type interface number is the interface number Refer to command parameters in the Port section in the manual for the respective meanings and value ranges of them The interface number after the key word to should be no smaller than the interface number befo...

Page 878: ...the interface type interface number is the interface number Refer to command parameters in the Port section in the manual for the respective meanings and value ranges of them The interface number after the key word to should be no smaller than the interface number before to 1 10 in the command means that the preceding parameter can be entered up to 10 times Description Use the dot1x max user comma...

Page 879: ...ways stay in authorized state and the user is allowed to access the network resources without authentication authorization unauthorized force Forced unauthorized mode showing that the interface to always stay in non authorized mode the switch does not respond to authentication requests and the user is not allowed to access the network resources interface interface list Ethernet interface list expr...

Page 880: ...interface list View System view Ethernet interface view Parameter macbased Configures the 802 1x authentication system to perform authentication on the supplicant based on MAC address portbased Configures the 802 1x authentication system to perform authentication on the supplicant based on interface number interface interface list Ethernet interface list expressed in the format interface list inte...

Page 881: ...rameter interface list when executed in system view It has effect on all the interfaces when no interface is specified The parameter interface list cannot be input when the command is executed in Ethernet interface view and it has effect only on the current interface Related command display dot1x Example Authenticate the supplicant based on the interface number on Ethernet 3 1 1 Quidway dot1x port...

Page 882: ...supplicant Use the undo dot1x retry command to restore the default maximum retransmission time After the switch has transmitted authentication request frame to the user for the first time if no user response is received during the specified time range the switch will re transmit authentication request to the user This command is used for specifying how many times the switch can re transmit the aut...

Page 883: ...erface number before to 1 10 in the command means that the preceding parameter can be entered up to 10 times Description Use the dot1x supp proxy check command to configure the control method for 802 1x access users via proxy logon the specified interface Use the undo dot1x supp proxy check command to cancel the control method set for the 802 1x access users via proxy Note that when performing thi...

Page 884: ...er the user has passed the authentication After setting handshake period system will send the handshake packet by the period Suppose the dot1x retry time is configured as N the system will consider the user having logged off and set the user as logoff state if system doesn t receive the response from user for consecutive N times handshake period value Handshake period The value ranges from 1 to 10...

Page 885: ...run If the Supplicant does not respond back with authentication reply packet successfully then the Authenticator will resend the authentication request packet tx period value Specifies how long the duration of the transmission timeout timer is The value ranges from 10 to 120 in units of second and defaults to 30 Note It is recommended to configure different handshake period value and handshake tim...

Page 886: ...e interface number Refer to command parameters in the Port section in the manual for the respective meanings and value ranges of them The interface number after the key word to should be no smaller than the interface number before to 1 10 in the command means that the preceding parameter can be entered up to 10 times Description Use the reset dot1x statistics command to reset the statistics of 802...

Page 887: ...ranging from 1 to 2312 Description Use the access limit command to configure a limit to the amount of supplicants in the current ISP domain Use the undo access limit command to restore the limit to the default setting By default there is no limit to the amount of supplicants in the current ISP domain This command limits the amount of supplicants contained in the current ISP domain The supplicants ...

Page 888: ...ot execute this command under the same circumstance This command is used when you want the server to authenticate without charging Example Enable accounting option for domain user named huawei163 net Quidway domain huawei163 net Quidway isp huawei163 net accounting optional 2 1 3 attribute Syntax attribute ip ip address mac mac address idle cut second access limit max user number vlan vlanid locat...

Page 889: ...PortNumber If the bound port has no SubSlotNumber the value 0 can be used as the SubSlotNumber Description Use the attribute command to configure some attributes for specified local user Use the undo attribute command to cancel the attributes that have been defined for this local user As for attributes of the users that are of local LAN service type user IP address and MAC address attribute are va...

Page 890: ...Configures to cut the connection according to RADIUS scheme name radius server name specifies the RADIUS server name with a character string not exceeding 32 characters interface interface type interface num Configures to cut the connection according to the port ip ip address Configures to cut the connection according to IP address vlan vlanid Configures to cut the connection according to VLAN ID ...

Page 891: ...ed mac mac address Configures to display the supplicant whose MAC address is mac address The argument mac address is in the hexadecimal format x x x radius scheme radius server name Configures to display the supplicant according to RADIUS server name radius server name specifies the RADIUS server name with a character string not exceeding 32 characters interface interface type interface number Con...

Page 892: ...the ISP domain name with a character string not exceeding 24 characters The specified ISP domain shall have been created Description Use the display domain command to view the configuration of a specified ISP domain or display the summary information of all ISP domains By default this command displays the summary information about all the ISP domains in the system This command is used to output th...

Page 893: ...cifies the ISP domain name with a character string not exceeding 24 characters The specified ISP domain shall have been created idle cut Configures to display the local users according to the state of idle cut function disable means that the user disables the idle cut function and enable means the user enables the function This parameter only takes effect on the users configured as Lan access type...

Page 894: ...users belonged to specified VLAN vlanid is the integer ranging from 1 to 4094 Description Use the display local user command to view the relevant information about all the local users or the specified one s The output can help you with the fault diagnosis and troubleshooting related to local user By default this command displays the relevant information about all the local users Related command lo...

Page 895: ...main Use the undo domain command to cancel a specified ISP domain By default a domain named as system has been created in the system The attributes of system are all default values ISP domain is a group of users belonging to the same ISP Generally for a username in the userid isp name format taking gw20010608 huawei163 net as an example the isp name i e huawei163 net following the is the ISP domai...

Page 896: ...able minute flow View ISP domain view Parameter disable means disabling the user to use idle cut function enable means enabling the user to use idle cut function minute Specifies the maximum idle time ranging from 1 to 120 and measured in minutes flow Minimum data traffic ranging from 1 to 10 240 000 and measured in bytes Description Use the idle cut command to configure the user template in the c...

Page 897: ...ddress Two ends of the IP address pool The number of IP addresses in an address pool cannot exceed 1024 If you do not provide the high ip address argument then the address pool only contains the one specified by the low ip address argument Description Use the ip pool command to create a local IP address pool for PPP users Use the undo ip pool command to remove a specified local address pool By def...

Page 898: ...evel Syntax level level undo level View Local user view Parameter level User priority an integer ranging from 0 to 3 Description Use the level command to set user priority Use the undo level command to restore the default user priority By default the user priority is 0 Related command local user Note If you specify not to authenticate or to authenticate by passwords the levels of the commands avai...

Page 899: ...eans deleting all local PPP views ssh means deleting all local SSH views and terminal means deleting all the terminals all All users multicast domain domain name Add or delete multicast addresses according to the domain ipaddress IP address of multicast password display mode auto cipher force Specifies the password display mode auto means displaying the password in user specified mode cipher force...

Page 900: ...escription Use the local user password display mode command to configure the password display mode of all the accessing users Use the undo local user password display mode command to cancel the password display mode that has been set for all the accessing users If cipher force has been adopted the user efforts of specifying to display passwords in simple text will render useless The default passwo...

Page 901: ... to test Quidway vlan 100 Quidway vlan100 name test 2 1 15 password Syntax password simple cipher password undo password View Local user view Parameter simple Specifies to display passwords in simple text cipher Specifies to display passwords in cipher text password Defines a password which is a character string of up to 16 characters if it is in simple text and of up to 24 characters if it is in ...

Page 902: ...thentications Description Use the scheme command to configure the AAA scheme used in the current ISP domain Use the undo scheme command to restore the default domain AAA scheme By default an AAA scheme specifies to perform local authentications The scheme command specifies a RADIUS HWTACACS scheme for the current ISP domain The specified scheme must be an existing scheme You can use the radius sch...

Page 903: ...tandard undo private group id mode standard View System view Parameter private group id Specifies the way to represent the RADIUS attribute private group id mode Specifies the way to represent the RADIUS attribute private group id standard Specify to code the RADIUS attribute private group id according to RFC 2868 Description Use the private group id mode standard command to configure VLAN deliver...

Page 904: ...ervice server uniform resource locator URL Use the self service url disable command to remove the configuration of self service server URL By default self service server URL is not configured on a switch This command must be incorporated with a RADIUS server such as a CAMS server that supports self service Self service means that users can manage their accounts and card numbers by themselves And a...

Page 905: ...rectory directory lan access ppp call number call number callback nocheck callback number callback number ssh level level telnet terminal telnet level level ssh terminal terminal level level ssh telnet View Local user view Parameter ftp Specifies user types as FTP ftp directory directory Specifies the directory of FTP users directory is a character string of up to 64 characters lan access Specifie...

Page 906: ...current ISP domain ISP domain view current user local user view as being in block state that is the system does not allow the users in the domain ISP domain view or the current user local user view to request network service Description Use the state command to configure the state of the current ISP domain current user By default after an ISP domain is created it is in the active state in ISP doma...

Page 907: ...g to authenticated users to specified VLANs according to the attribute values delivered by the RADIUS server In actual use ports are usually set to operate in port based mode in order to work together with Guest VLAN A port operating in MAC address based mode can only have one host connected to it Currently the VLAN IDs delivered by RADIUS servers can be of integer or string type z As for a VLAN I...

Page 908: ...ger is within the range 1 to 4 094 the switch takes the VLAN name as an integer and add the authenticated port to the VLAN identified by the integer In this case the switch will add the port to VLAN 1024 If the equivalent integer is not within the range 1 to 4 094 such as string 12345 the RADIUS server fails to deliver the VALN name if the all numeral string contains space such as 12 345 the first...

Page 909: ...onal command in RADIUS scheme view is only effective on the accounting that uses this RADIUS scheme Example Enable the selection of RADIUS accounting of the RADIUS scheme named as CAMS Quidway radius cams accounting optional 2 2 2 data flow format Syntax data flow format data byte giga byte kilo byte mega byte packet giga byte kilo byte mega byte one packet undo data flow format View RADIUS scheme...

Page 910: ...e unit of data flow that send to RADIUS Server Huawei is kilo byte and the data packet unit is kilo packet Quidway radius huawei data flow format data kilo byte packet kilo packet 2 2 3 debugging radius Syntax debugging radius packet undo debugging radius packet View User view Parameter packet Enable packet debugging Description Use the debugging radius command to enable RADIUS packet debugging Us...

Page 911: ...s The localserver packet statistics Receive 0 Send 0 Discard 0 Receive Packet Error 0 Auth Reveive 0 Auth Send 0 Acct Receive 0 Acct Send 0 2 2 5 display radius Syntax display radius radius server name View Any view Parameter radius server name Specifies the RADIUS scheme name with a character string not exceeding 32 characters Display all RADIUS scheme when the parameter is not set Description Us...

Page 912: ...of the display radius command Field Description SchemeName The name of Radius Scheme Index The index of Radius Scheme Type The type of Radius Scheme Primary Auth IP Port State The IP address of the primary authentication server the number of the access port the current state of the server Primary Acct IP Port State The IP address of the primary accounting server the number of the access port the c...

Page 913: ... packets 2 2 6 display radius nas ip Syntax display radius nas ip View Any view Parameter None Description Use the display radius nas ip command to display all the global NAS IP information configured in system view including the global NAS IP information of public network and private network When the NAS IP information of global private network is displayed the name of the VPN that the NAS IP bel...

Page 914: ...us statistics state statistic total 4120 DEAD 4120 AuthProc 0 AuthSucc 0 AcctStart 0 RLTSend 0 RLTWait 0 AcctStop 0 OnLine 0 Stop 0 StateErr 0 Receive and Send packets statistic Send PKT total 0 Receive PKT total 0 RADIUS received packets statistic Code 2 Num 0 Err 0 Code 3 Num 0 Err 0 Code 5 Num 0 Err 0 Code 11 Num 0 Err 0 Code 22 Num 0 Err 0 Running statistic RADIUS received messages statistic N...

Page 915: ...EAP_reauth_reject Num 0 Account success Num 0 Account failure Num 0 Account off ack Num 0 Update request Num 0 Leaving ack Num 0 Cut req Num 0 RecError_MSG_sum 0 SndMSG_Fail_sum 0 Timer_Err 0 Alloc_Mem_Err 0 State Mismatch 0 Other_Error 0 No response acct stop packet 0 Discarded No response acct stop packet 0 2 2 8 display stop accounting buffer Syntax display stop accounting buffer radius scheme ...

Page 916: ...haracter can only be used once in one username The pure username the part before namely the user ID cannot exceed 24 characters Description Use the display stop accounting buffer command to view the stopping accounting requests which have not been responded and saved in the buffer You can select to display the packets sent to a certain RADIUS scheme or display the packets according to user Session...

Page 917: ...lgorithm to encrypt the exchanged packets The two ends verify the packet through setting the encryption key Only when the keys are identical can both ends accept the packets from each other and give responses So it is necessary to ensure that the keys set on the switch and the RADIUS scheme are identical If the authentication authorization and accounting are performed on two different servers with...

Page 918: ...itches Besides local authentication authorization service is also used in these products and it is called local RADIUS function i e realize basic RADIUS function on the switch Caution z When using local RADIUS server function of Huawei remember the number of UDP port used for authentication is 1645 and that for accounting is 1646 z The password configured by this command must be the same as that o...

Page 919: ...rce IP address used in sending Radius packets you can avoid unreachability of packets back from the server when the physical interface fails It is recommended to use the Loopback interface address By default the source IP address of packets is the IP address of the VLAN interface to which the port connecting with the server belongs Related commands display radius radius nas ip Example Configure th...

Page 920: ...on authorization server and accounting server Besides you can set primary and secondary server for each kind of server Although in actual use these settings depend on specific demands at least one authentication authorization server and one accounting server is required Make sure the port settings on the switch about RADIUS service are identical to those on the RADIUS servers Related command key r...

Page 921: ... specific requirements However at least you have to set one authentication authorization server and an accounting server Besides ensure that the RADIUS service port settings on the switch is consistent with the port settings on the RADIUS server Related command key radius scheme state Example Set the IP address of the primary authentication authorization server of RADIUS scheme huawei to 10 110 1 ...

Page 922: ... System view Parameter radius server name Specifies the RADIUS scheme name with a character string not exceeding 32 characters Description Use the radius scheme command to configure a RADIUS scheme and enter its view Use the undo radius scheme command to delete the specified RADIUS scheme By default RADIUS scheme named as system has been created in the system The attributes of system are all defau...

Page 923: ...state user name format retry display radius display radius statistics Example Create a RADIUS scheme named huawei and enters its view Quidway radius scheme huawei Quidway radius huawei 2 2 16 reset radius statistics Syntax reset radius statistics View User view Parameter None Description Use the reset radius statistics command to clear the statistic information related to the RADIUS protocol Relat...

Page 924: ... username User name specifies the username a character string not exceeding 32 characters excluding and The character can only be used once in one username The pure username the part before namely the user ID cannot exceed 24 characters Description Use the reset stop accounting buffer command to reset the stopping accounting requests which are saved in the buffer and have not been responded After ...

Page 925: ...s not reliable If the RADIUS server has not responded NAS until timeout NAS has to retransmit RADIUS request packet Suppose the maximum retransmission times is N If the accumulative transmission times is more than N N 2 but the primary RADIUS server still gives no answer the NAS will consider that it has lost the communication with the current RADIUS server and then turn to transmit the request to...

Page 926: ...ssary to disconnect the user at NAS end and on RADIUS server synchronously when some unexpected failure occurs Quidway Series Switches support to set maximum times of real time accounting request failing to be responded NAS will disconnect the user if it has not received real time accounting response from RADIUS server for some specified times How to calculate the value of count Suppose RADIUS ser...

Page 927: ...ll save it in the local buffer and retransmit it until the server responds or discard the messages after transmitting for specified times Related command reset stop accounting buffer radius scheme display stop accounting buffer Example Perform the following configuration such that the switch can retransmit a buffered stop accounting request to the server configured for the RADIUS scheme Huawei for...

Page 928: ...me view Parameter ip address IP address in dotted decimal format By default the IP address of secondary authentication authorization server is 0 0 0 0 port number Specifies the UDP port number ranging from 1 to 65535 By default the authentication authorization service is provided via UDP 1812 Description Use the secondary authentication command to configure the IP address and port number for the s...

Page 929: ...erver to interact according to the regulation and packet format of standard RADIUS protocol RFC 2138 2139 or newer Description Use the server type command to configure the RADIUS scheme type supported by the switch Use the undo server type command to restore the RADIUS scheme type to the default value The default RADIUS server type of a newly created RADIUS scheme is standard The RADIUS server typ...

Page 930: ...DIUS scheme are in the state of active For the primary and secondary servers no matter an authentication authorization or an accounting server if the primary server is disconnected to NAS for some fault NAS will automatically turn to exchange packets with the secondary server However after the primary one recovers NAS will not resume the communication with it at once instead it continues communica...

Page 931: ...ounting requests in the buffer Because the stopping accounting request concerns account balance and will affect the amount of charge which is very important for both the user and ISP NAS shall make its best effort to send the message to RADIUS accounting server Accordingly if the message from the switch to RADIUS accounting server has not been responded the switch shall save it in the local buffer...

Page 932: ...t is equal to or greater than the time set by this command it restarts sending user request packets to the server Related command display radius Example Set the quiet timer of the primary server to 10 minutes Quidway radius scheme test1 Quidway radius test1 timer quiet 10 2 2 27 timer realtime accounting Syntax timer realtime accounting minute undo timer realtime accounting View RADIUS scheme view...

Page 933: ...terval in minutes 1 to 99 3 100 to 499 6 500 to 999 12 1000 15 Related command retry realtime accounting radius scheme Example Set the real time accounting interval of RADIUS scheme huawei to 15 minutes Quidway radius huawei timer realtime accounting 15 2 2 28 timer response timeout Syntax timer response timeout seconds undo timer response timeout View RADIUS scheme view Parameter seconds The valu...

Page 934: ... created by the system the username sent to RADIUS servers excludes the ISP domain name The supplicants are generally named in userid isp name format The part following is the ISP domain name The switch will put the users into certain ISP domains according to the domain names However some earlier RADIUS servers reject the username including ISP domain name In this case the username will be sent to...

Page 935: ...n Use the vpn instance command to configure the VPN that the RADIUS scheme belongs to Use the undo vpn instance command to cancel the configuration for VPN The VPN in this command must exist and must be assigned with an RD One RADIUS scheme can only be bound to one VPN Note The nas ip configured must belong to the VLAN bound to the specified VPN after a VPN is specified by the RADIUS scheme otherw...

Page 936: ...yte Sets mega byte as the unit of data flow packet Sets data packet unit giga packet Sets giga packet as the unit of packet flow kilo packet Sets kilo packet as the unit of packet flow mega packet Sets mega packet as the unit of packet flow one packet Sets one packet as the unit of packet flow Description Use the data flow format command to configure the unit of data flow sent to TACACS Server Use...

Page 937: ...s message debugging receive packet Enables incoming packet debugging send packet Enables outgoing packet debugging Description Use the debugging hwtacacs command to enable HWTACACS debugging Use the undo debugging hwtacacs command to disable HWTACACS debugging By default HWTACACS debugging is disabled Example Enable the event debugging of HWTACACS Quidway debugging hwtacacs event 2 3 3 display hwt...

Page 938: ...49 Primary accounting server 172 31 1 11 49 Secondary authentication server 0 0 0 0 0 Secondary authorization server 0 0 0 0 0 Secondary accounting server 0 0 0 0 0 Current authentication server 172 31 1 11 49 Current authorization server 172 31 1 11 49 Current accounting server 172 31 1 11 49 Source IP address 0 0 0 0 key authentication 790131 key authorization 790131 key accounting 790131 Quiet ...

Page 939: ...p Syntax hwtacacs nas ip ip address undo hwtacacs nas ip View System view Parameter ip address IP address of a specified source which is that of the local host and cannot be a broadcast address of class A B or C a class D address an all zero address or an address begins with 127 Description Use the hwtacacs nas ip command to specify the source address of the HWTACACS packet sent from NAS Use the u...

Page 940: ...me hwtacacs scheme name View System view Parameter hwtacacs scheme name Name of a HWTACACS scheme a character string not exceeding 32 characters Description Use the hwtacacs scheme command to enter the HWTACACS view If you specified a nonexistent scheme a new HWTACACS scheme will be created Use the undo hwtacacs scheme command to delete a HWTACACS scheme Example Create a HWTACACS scheme named test...

Page 941: ... Only when the same key is used can both ends accept the packets from each other and give responses So it is necessary to ensure that the same key is set on the switch and the HWTACACS server If the authentication authorization and accounting are performed on two server devices with different shared keys you must set one shared key for each Related command display hwtacacs Example Use hello as the...

Page 942: ...primary accounting Syntax primary accounting ip address port number undo primary accounting View HWTACACS view Parameter ip address IP address of the server a valid unicast address in dotted decimal format port number Port number of the server which is in the range 1 to 65535 and defaults to 49 Description Use the primary accounting command to configure a primary TACACS accounting server Use the u...

Page 943: ...ion Use the primary authentication command to configure a primary TACACS authentication server Use the undo primary authentication command to delete the configured authentication server By default the IP address of the TACACS authentication server is all zeros You are not allowed to assign the same IP address to both primary and secondary authentication servers If you repeatedly use this command t...

Page 944: ... command to delete the configured primary authorization server By default the IP address of the TACACS authorization server is all zeros You are not allowed to assign the same IP address to both primary and secondary authorization servers If you repeatedly use this command the latest configuration overwrites the previous one You can remove a TACACS scheme authorization server only when no Active T...

Page 945: ...y reset hwtacacs statistics 2 3 13 reset stop accounting buffer Syntax reset stop accounting buffer hwtacacs scheme hwtacacs scheme name View User view Parameter hwtacacs scheme hwtacacs scheme name Configures to delete the stop accounting requests from the buffer according to the specified HWTACACS scheme name The hwtacacs scheme name specifies the HWTACACS scheme name with a character string not...

Page 946: ... retransmission and configure the maximum number of stop accounting request attempts Use the undo retry stop accounting command to restore the default setting By default stop accounting packet retransmission is enabled and up to 100 packets are allowed to be transmitted for each request Related command reset stop accounting buffer hwtacacs scheme and display stop accounting buffer Example Enable s...

Page 947: ...y use this command the latest configuration overwrites the previous one You can remove a TACACS scheme accounting server only when no Active TCP connection used to send accounting packets is now using the server and the removal impacts only packets forwarded afterwards Example Configure a secondary accounting server Quidway hwtacacs scheme test1 Quidway hwtacacs test1 secondary accounting 10 163 1...

Page 948: ... only packets forwarded afterwards Related command display hwtacacs Example Configure a secondary authentication server Quidway hwtacacs scheme test1 Quidway hwtacacs test1 secondary authentication 10 163 155 13 49 2 3 17 secondary authorization Syntax secondary authorization ip address port number undo secondary authorization View HWTACACS view Parameter ip address IP address of the server a lega...

Page 949: ...t Syntax timer quiet minutes undo timer quiet View HWTACACS view Parameter minutes Ranges from 1 to 255 minutes By default the primary server must wait five minutes before it resumes the active state Description Use the timer quiet command to set the waiting time before the primary server resumes the active state Use the undo timer quiet command to restore the default configuration This command is...

Page 950: ...unting interval is necessary for real time accounting After an interval is set the NAS transmits the accounting information of online users to the TACACS accounting server periodically The setting of real time accounting interval somewhat depends on the performance of the NAS and the TACACS server a shorter interval requires higher device performance You are therefore recommended to adopt a longer...

Page 951: ...5 seconds Description Use the timer response timeout command to set the TACACS server response timeout time Use the undo timer response timeout command to restore the default setting Note Since HWTACACS is implemented based on TCP so server response timeout or TCP timeout may terminate the connection to the TACACS server Related command display hwtacacs Example Set the TACACS server response timeo...

Page 952: ...e is usually in the userid isp name format with the ISP domain name following The switch uses domain names to group users to different ISP domains While some earlier TACACS servers do not accept the username with domain name In this case you must remove the domain name before sending a username to the server Note When you specify that no ISP domain name is contained in usernames for a HWTACACS sch...

Page 953: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Reliability Huawei Technologies Proprietary ...

Page 954: ... 1 1 6 vrrp authentication mode 1 6 1 1 7 vrrp method 1 7 1 1 8 vrrp ping enable 1 7 1 1 9 vrrp un check ttl 1 8 1 1 10 vrrp vrid preempt mode 1 9 1 1 11 vrrp vrid priority 1 9 1 1 12 vrrp vrid timer 1 10 1 1 13 vrrp vrid track 1 11 1 1 14 vrrp vrid virtual ip 1 12 Chapter 2 HA Configuration Commands 2 1 2 1 HA Configuration Commands 2 1 2 1 1 debugging ha 2 1 2 1 2 display switchover state 2 1 2 ...

Page 955: ...s VRRP state packet Debugs VRRP packets error Debugs VRRP errors Description Use the debugging vrrp command to enable the VRRP debugging Use the undo debugging vrrp command to disable the VRRP debugging By default the VRRP debugging is disabled Example Enable VRRP state debugging Quidway debugging vrrp state 1 1 2 display vrrp Syntax display vrrp interface vlan interface interface number virtual r...

Page 956: ...layed Example Display the VRRP state information on VLAN interface 1 Quidway Vlan interface1 display vrrp interface vlan interface 1 Run Method VIRTUAL MAC Virtual Ip Ping Disable Interface Vlan interface1 VRID 1 Adver Timer 1 Admin Status UP State Initialize Config Pri 100 Run Pri 90 Preempt Mode YES Delay Time 0 Auth Type NONE Track IF Vlan interface2 Pri Reduced 10 Virtual IP 1 1 1 1 Master IP ...

Page 957: ...tual router ID ranging from 1 to 255 Description Use the display vrrp statistics command to view the information about the VRRP statistics If the interface name and virtual router ID are not specified the statistics information about all the virtual routers on the switch will be displayed If only the interface name is specified the statistics information about all the virtual routers on the interf...

Page 958: ... the VRRP summary information on the switch Quidway display vrrp summary Run Method VIRTUAL MAC Virtual Ip Ping Disable The total number of the vitual routers 64 VLANID VRID State Run Adver Auth Virtual Pri Time Type IP 2 2 Initialize 100 1 NONE 2 2 2 192 3 3 Initialize 100 1 NONE 3 3 3 192 4 4 Initialize 100 1 NONE 4 4 4 192 5 5 Initialize 100 1 NONE 5 5 5 192 6 6 Initialize 100 1 NONE 6 6 6 192 ...

Page 959: ...P Virtual IP address list of virtual router 1 1 5 reset vrrp statistics Syntax reset vrrp statistics vlan interface interface number virtual router ID View User view Parameter statistics VRRP statistics vlan interface interface number Interface name virtual router ID VRRP virtual router ID ranging from 1 to 255 Description Use the reset vrrp statistics command to clear the statistics information a...

Page 960: ...he vrrp authentication mode command to configure the authentication type and key of a specified VRRP virtual router Use the undo vrrp authentication mode command to reset the authentication type and key of a specified VRRP virtual router If the simple or md5 authentication is configured it is required to set the authentication key This command is used to configure the authentication type and key f...

Page 961: ...ndo vrrp method command to reset the correspondence to the default value By default the switch matches the virtual MAC address with the IP address of the virtual router Due to the chips installed some switches support matching one IP address to multiple MAC addresses Then you may configure correspondence between the virtual IP address of the virtual router and the real virtual MAC address You shou...

Page 962: ...stablished on the switch it is not allowed to use the vrrp ping enable command the undo vrrp ping enable command to modify the configuration any more Example Enable to ping the virtual IP address of the virtual router Quidway vrrp ping enable 1 1 9 vrrp un check ttl Syntax vrrp un check ttl undo vrrp un check ttl View VLAN interface view Parameter None Description Use the vrrp un check ttl command...

Page 963: ...gure the preemption and delay of the virtual router Use the undo vrrp vrid preempt mode command to cancel the preemption By default virtual router is in preempt mode and delay value is 0 second If a higher priority switch is required to preempt the Master you need to configure it as preemption You can also set a delay for the preemption If you configure it not to preempt the delay will be set to 0...

Page 964: ...dress owner The priority of the IP address owner is always 255 and cannot be modified Example Set the virtual router priority on VLAN interface2 Quidway vlan interface2 vrrp vrid 1 priority 120 1 1 12 vrrp vrid timer Syntax vrrp vrid virtual router ID timer advertise adver interval undo vrrp vrid virtual router ID timer advertise View VLAN interface view Parameter virtual router ID VRRP virtual ro...

Page 965: ... track the interface Use the undo vrrp vrid track command to stop tracking the interface VRRP interface track expends the backup function which thereby can be implemented not only when the switch fails but also when the state of a network interface is Down The user can use this command to track or stop tracking an interface or all the interfaces After the command is configured the priority of the ...

Page 966: ...rtual IP address to an existing virtual router Use the undo vrrp vrid virtual ip command to cancel an existing virtual router or an address from the virtual router You can add up to 16 virtual IP addresses to one virtual router If all of the addresses in a virtual router are deleted the system will delete the virtual router automatically Example Create a virtual router Quidway vlan interface2 vrrp...

Page 967: ...ugging switches event HA batch backup or tamed event debugging switch message Debugging sswitch for messages received or sent by HA state HA state machine state information debugging switch Description Use the debugging ha command to enable HA debugging Use the undo debugging ha command to disable HA debugging By default HA debugging is disabled Example Enable all the HA debugging Quidway debuggin...

Page 968: ...te master Slave is absent 2 1 3 display xbar Syntax display xbar View System view Parameter None Description Use the display xbar command to view the load mode of master and slave boards which includes the configured system Xbar load mode and the active system Xbar load mode Note that the configured system Xbar load mode is not always the same as the active system Xbar load mode Only when the slav...

Page 969: ...hronization between the master and slave systems By default automatic synchronization is enabled Related command slave update config Example Enable automatic synchronous switch between master slave systems Quidway slave auto update config 2 1 5 slave restart Syntax slave restart View User view Parameter None Description Use the slave restart command to restart slave board When the slave system wor...

Page 970: ...master slave switchover by using a command if he expects the slave board to operate in place of the master board After the switchover the slave board will control the system and the original master board will be forced to reset Example Enable master slave switchover manually Quidway slave switchover Caution Confirm switch slave to master Y N y Starting RAM Line OK 2 1 7 slave update configuration ...

Page 971: ...ce load single View System view Parameter load balance Sets Xbar load balance mode load single Sets Xbar load single mode Description Use the xbar command to configure the load mode of the master slave board By default the master and slave boards are both in load single mode Caution When a single SRPU is in position the load balance mode is not effective and the SRPU changes to the load single mod...

Page 972: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual System Management Huawei Technologies Proprietary ...

Page 973: ... 9 1 1 15 rmdir 1 10 1 1 16 umount 1 11 1 1 17 undelete 1 11 1 2 Configuration File Management Commands 1 12 1 2 1 display current configuration 1 12 1 2 2 display saved configuration 1 16 1 2 3 display this 1 18 1 2 4 display startup 1 18 1 2 5 reset saved configuration 1 19 1 2 6 save 1 20 1 2 7 startup saved configuration 1 21 1 3 FTP Server Configuration Commands 1 21 1 3 1 display ftp server ...

Page 974: ...p 1 39 1 4 22 rmdir 1 39 1 4 23 user 1 40 1 4 24 verbose 1 40 1 5 TFTP Configuration Commands 1 41 1 5 1 tftp get 1 41 1 5 2 tftp put 1 42 Chapter 2 MAC Address Table Management Commands 2 1 2 1 MAC Address Table Management Commands 2 1 2 1 1 display mac address aging time 2 1 2 1 2 display mac address 2 1 2 1 3 mac address 2 2 2 1 4 mac address max mac count 2 3 2 1 5 mac address max mac count al...

Page 975: ...lock timezone 4 3 4 1 4 quick ping enable 4 3 4 1 5 sysname 4 4 4 2 Clock Module Commands 4 5 4 2 1 clock 4 5 4 2 2 clock forcessm 4 6 4 2 3 clock ipuport 4 7 4 2 4 clock priority 4 7 4 2 5 clock sa bit 4 8 4 2 6 clock ssm 4 8 4 2 7 clock ssmcontrol 4 10 4 2 8 clock stop warm up 4 10 4 2 9 display clock device 4 11 4 2 10 display clock version 4 12 4 2 11 display clock d a 4 13 4 2 12 display cloc...

Page 976: ...nnel name 4 40 4 6 7 info center console channel 4 41 4 6 8 info center enable 4 41 4 6 9 info center logbuffer 4 42 4 6 10 info center logfile 4 43 4 6 11 info center loghost 4 43 4 6 12 info center loghost source 4 45 4 6 13 info center monitor channel 4 45 4 6 14 info center snmp channel 4 46 4 6 15 info center source 4 47 4 6 16 info center timestamp 4 52 4 6 17 info center trapbuffer 4 53 4 6...

Page 977: ...6 RMON Configuration Commands 6 1 6 1 RMON Configuration Commands 6 1 6 1 1 display rmon alarm 6 1 6 1 2 display rmon event 6 2 6 1 3 display rmon eventlog 6 3 6 1 4 display rmon history 6 4 6 1 5 display rmon prialarm 6 5 6 1 6 display rmon statistics 6 7 6 1 7 rmon alarm 6 7 6 1 8 rmon event 6 9 6 1 9 rmon history 6 10 6 1 10 rmon prialarm 6 11 6 1 11 rmon statistics 6 13 Chapter 7 NTP Configura...

Page 978: ...ey end 8 5 8 1 7 protocol inbound 8 6 8 1 8 public key code begin 8 7 8 1 9 public key code end 8 8 8 1 10 rsa local key pair create 8 9 8 1 11 rsa local key pair destroy 8 10 8 1 12 rsa peer public key 8 11 8 1 13 ssh server authentication retries 8 11 8 1 14 ssh server compatible_ssh1x enable 8 12 8 1 15 ssh server rekey interval 8 13 8 1 16 ssh server timeout 8 13 8 1 17 ssh user assign rsa key...

Page 979: ...Routing Switches Table of Contents Huawei Technologies Proprietary vii 8 4 7 get 8 24 8 4 8 help 8 25 8 4 9 ls 8 25 8 4 10 mkdir 8 26 8 4 11 put 8 26 8 4 12 pwd 8 27 8 4 13 quit 8 27 8 4 14 remove 8 28 8 4 15 rename 8 28 8 4 16 rmdir 8 29 8 4 17 sftp 8 29 ...

Page 980: ...able to delete such a directory or file even though the system supports directory or file names containing more than 64 characters z The total number of characters including device directory and file names can be up to 136 characters long 1 1 1 cd Syntax cd directory View User view Parameter directory Destination directory By default the directory is the working path configured by the user when th...

Page 981: ...ile that has already existed in the specified directory and the destination filename can be changed as required When the destination filename is the same as that of an existing file the system will ask whether to overwrite it Example Copy the file test txt and saves it as test bak Quidway copy test txt test bak Copy flash test test txt to flash test test bak Y N Copyed file flash test test txt fla...

Page 982: ...te flash test test txt Delete flash test test txt Y N 1 1 4 dir Syntax dir all file url View User view Parameter all Display all the files including the deleted ones file url File or directory name to be displayed The file url parameter supports matching For example using dir txt will display all the files with the extension txt in the current directory Description Use the dir command to view the ...

Page 983: ...2928 bytes total 4966400 bytes free 1 1 5 execute Syntax execute filename View System view Parameter filename Name of the batch file ranging from 1 to 256 with a suffix of bat Description Use the execute command to execute the specified batch file The batch command executes the command lines in the batch file one by one There should be no invisible character in the batch file If invisible characte...

Page 984: ...e prompt command you can modify prompt modes of the file operation on the Ethernet switch If the prompt mode is set as quiet that is no prompt for file operations some non recoverable operations may lead to system damage Example Configure the prompt mode of file operation as quiet Quidway system view System View return to User View with Ctrl Z Quidway file prompt quiet 1 1 7 fixdisk Syntax fixdisk...

Page 985: ...ser view Parameter filesystem Device name Description Use the format command to format the storage device Format operation will cause non recoverable loss of all the files on the device Specially configuration files will be lost after formatting the flash memory Example Format flash Quidway format flash All data on Flash will be lost proceed with format Y N y Now begin to format flash please wait ...

Page 986: ...le url File name Description Use the more command to view the contents of a specific file At present the file system can display files in text format This command can be used to display the contents of the files with txt suffix or cfg configuration suffix Example Display the contents of file test txt Quidway more test txt AppWizard has created this test application for you This file contains a sum...

Page 987: ...erwrite it Example Move flash test sample txt to flash sample txt Quidway move flash test sample txt flash sample txt Move flash test sample txt to flash sample txt Y N y Moved file flash test sample txt to flash sample txt Note The switch has the following limitation on directory name and filename z The maximum length of a directory name or filename is 64 characters z The maximum length of a full...

Page 988: ...User view Parameter fileurl source Source file name fileurl dest Destination file name Description Use the rename command to rename a file If the destination file name is identical with that of an already existent directory or file the rename operation fails and the system prompts that name has already been used or the file is being used Example Rename the file sample txt to sample bak Quidway ren...

Page 989: ... reset recycle bin command will delete this file permanently Example Delete the file from the recycle bin Quidway reset recycle bin flash vrpcfg vrrp Squeeze flash vrpcgf vrrp Y N 1 1 15 rmdir Syntax rmdir directory View User view Parameter directory Directory name Description Use the rmdir command to cancel a directory The directory to be deleted must be empty that is all the files under the dire...

Page 990: ...o unload the CF card from the file system Example Unload the CF card from the file system Quidway umount cf 1 1 17 undelete Syntax undelete file url View User view Parameter file url Name of the file to be recovered Description Use the undelete command to recover the file that has not been deleted completely The file name to be recovered cannot be the same as an existing directory name If the dest...

Page 991: ...he configuration information of interfaces interface type Type of the interface including Aux Ethernet GigabitEthernet NULL Vlan interface M Ethernet LoopBack interface number Number of the interface configuration configuration Views the pre positive and post positive configuration information The value of configuration is the key word of the configuration such as z system Views the host name z ti...

Page 992: ...in program It is recommended not to use this character in the regular expression Description Use the display current configuration command to display the currently effective configuration parameters of the switch If some running configuration parameters are the same with the default operational parameters they will not be displayed If a user needs to authenticate whether the configurations are cor...

Page 993: ...main system radius scheme system access limit disable state active idle cut disable domain default enable system local server nas ip 127 0 0 1 key huawei router id 2 2 2 2 stp timer hello 500 vlan 1 vlan 2 interface Vlan interface1 interface Vlan interface2 ip address 10 1 1 2 255 255 255 0 interface Aux0 0 interface Aux0 0 1 interface M Ethernet0 0 0 interface Ethernet4 1 1 interface Ethernet4 1 ...

Page 994: ...nsecutive times Quidway display current configuration include 10 110 primary authentication 127 0 0 1 1645 primary accounting 127 0 0 1 1646 local server nas ip 127 0 0 1 key huawei vlan 1 interface Vlan interface1 ip address 10 1 1 2 255 255 255 0 interface Ethernet4 1 1 speed 1000 interface Ethernet4 1 2 interface Ethernet4 1 3 interface Ethernet4 1 4 interface Ethernet4 1 5 network 10 1 1 0 0 0...

Page 995: ...ry accounting 127 0 0 1 1646 user name format without domain domain system radius scheme system access limit disable state active idle cut disable domain default enable system local server nas ip 127 0 0 1 key huawei router id 2 2 2 2 stp timer hello 500 ospf area 0 0 0 0 network 10 1 1 0 0 0 0 255 user interface aux 0 user interface vty 0 4 return 1 2 2 display saved configuration Syntax display ...

Page 996: ...figuration of the Ethernet Switch Related command save reset saved configuration and display current configuration Example Display configuration files in flash memory or CF card of Ethernet Switch Quidway display saved configuration sysname Quidway local user abc password simple abc tcp window 8 interface Aux7 1 1 link protocol ppp interface Ethernet2 1 1 interface Ethernet2 1 2 interface Ethernet...

Page 997: ... configured by the user if their related functions are not effective are not displayed either For example if X 25 is encapsulated at the data link layer on an interface you can configure PPP parameter on the interface but cannot view the configuration information when executing the display this command Associated configuration of the interface is displayed when executing the command in different i...

Page 998: ...are configured for the next enabling the configuration filename used for the current enabling the configuration filename configured for the next enabling Related command startup saved configuration Example Display the filenames related to the current and the next enabling Quidway display startup MainBoard Startup saved configuration file flash 8500 cfg Next startup saved configuration file flash 8...

Page 999: ...mmand save display current configuration display saved configuration Example Erase the configuration files from the flash memory of Ethernet Switch Quidway reset saved configuration The saved configuration will be erased Are you sure Y N 1 2 6 save Syntax save file name View User view Parameter file name Name of the configuration file with the extension cfg It is a character string of 5 to 56 char...

Page 1000: ...56 characters Description Use the startup saved configuration command to configure the configuration file used for enabling the system for the next time The configuration file must have cfg as its extension name and must be saved under the root directory of the Flash By default the configuration file will be saved under the root directory of Flash The extension of configuration file must be cfg an...

Page 1001: ...n of FTP Server parameters Quidway display ftp server FTP server is running Max user number 5 User count 0 Timeout value in minute 30 The above information displays the running state of FTP server maximum number of user connections number of current login users and timeout 1 3 2 display ftp user Syntax display ftp user View Any view Parameter None Description Use the display ftp user command to vi...

Page 1002: ...rl Z Quidway ftp disconnect ftptest 1 3 4 ftp server enable Syntax ftp server enable undo ftp server View System view Parameter None Description Use the ftp server enable command to start FTP Server and enable FTP user logon Use the undo ftp server command to close FTP Server and disable FTP user logon By default FTP Server is shut down Perform this command to easily start or shut down FTP Server ...

Page 1003: ...ver and has established connection if the connection is interrupted or cut abnormally by the user FTP Server will still hold the connection The connection timeout can avoid this problem If the FTP server has no command interaction with a client for a specific period of time it considers the connection to be failed and disconnect to the client Example Set the connection timeout to 36 minutes Quidwa...

Page 1004: ...lay mode auto cipher force Specifies the display mode of password auto indicates the password will be displayed in the same mode as that used when the user configure the password And cipher force indicates the password will be displayed in forcible cipher mode Description Use the local user command to configure a local user and enter the local user view Use the undo local user command to cancel on...

Page 1005: ...ocal user Use the undo local user password display mode command to restore the default mode By default this mode is auto Example Set the display mode of user password when the switch displays the local user to cipher force Quidway system view System View return to User View with Ctrl Z Quidway local user password display mode cipher force 1 3 8 password Syntax password simple cipher password undo ...

Page 1006: ...tp ftp directory directory lan access ppp call number call number callback nocheck callback number callback number ssh level level telnet terminal telnet level level ssh temninal terminal level level ssh telnet undo service type ftp ftp directory directory lan access ppp call number call number callback nocheck callback number callback number ssh level level telnet terminal telnet level level ssh ...

Page 1007: ...ncel the specified service type for the user This configuration is required if you want to access FTP server through FTP from a client Example Set user Quidway as Lan access user Quidway system view System View return to User View with Ctrl Z Quidway local user quidway New local user added Quidway luser huawei1 Quidway luser quidway service type lan access 1 4 FTP Client Commands 1 4 1 ascii Synta...

Page 1008: ...ascii 200 Type set to A 1 4 2 binary Syntax binary View FTP Client view Parameter None Description Use the binary command to configure file transmission type as binary mode Example Configure to transmit data in the binary mode Quidway ftp ftp binary 200 Type set to I 1 4 3 bye Syntax bye View FTP Client view Parameter None Description Use the bye command to disconnect with the remote FTP Server an...

Page 1009: ...the remote FTP Server and return to user view Quidway ftp ftp bye 1 4 4 cd Syntax cd pathname View FTP Client view Parameter pathname Path name Description Use the cd command to change the working path on the remote FTP Server This command is used to access another directory on FTP Server Note that the user can only access the directories authorized by the FTP server Example Change the working pat...

Page 1010: ... working path to the upper level directory Quidway ftp ftp cdup 1 4 6 close Syntax close View FTP Client view Parameter None Description Use the close command to disconnect FTP client side from FTP server side without exiting FTP client side view That is to say you can terminate the control connection and data connection with the remote FTP Server at the same time Example Terminate connection with...

Page 1011: ...g command to disable the debugging for FTP Client commands By default the debugging for FTP Client commands is disabled Example Enable the debugging for FTP Client commands Quidway ftp ftp debugging 1 4 8 delete Syntax delete remotefile View FTP Client view Parameter remotefile File name Description Use the delete command to cancel the specified file Example Delete the file temp c Quidway ftp ftp ...

Page 1012: ... displayed Example Query the file temp c and saves the results in the file temp1 Quidway ftp ftp dir temp c temp1 1 4 10 disconnect Syntax disconnect View FTP Client view Parameter None Description Use the disconnect command to disconnect FTP Client side from FTP server side without exiting FTP client side view This command terminates the control connection and data connection with the remote FTP ...

Page 1013: ...ote FTP Server and enter FTP Client view Example Connect to FTP Server at the IP address 1 1 1 1 Quidway ftp 1 1 1 1 1 4 12 get Syntax get remotefile localfile View FTP Client view Parameter localfile Local file name remotefile Name of a file on the remote FTP Server Description Use the get command to download a remote file and save it locally If no local file name is specified it will be consider...

Page 1014: ...path Quidway ftp ftp lcd Local directory now flash temp 1 4 14 ls Syntax ls remotefile localfile View FTP Client view Parameter remotefile Remote file to be queried localfile Saved local file name Description Use the ls command to query a specified file If no parameter is specified all the files will be shown Note that the ls command only displays the file names while the dir command also displays...

Page 1015: ...ser can perform this operation as long as the remote FTP server has authorized Example Create the directory flash lanswitch on the remote FTP Server Quidway ftp ftp mkdir flash lanswitch 1 4 16 open Syntax open ipaddr port View FTP Client view Parameter ipaddr IP address of the remote FTP server port Port number of the remote server Description Use the open command to set up an FTP connection with...

Page 1016: ...mand to configure the data transmission mode as active mode By default the data transmission mode is passive mode Example Set the data transmission to passive mode Quidway ftp ftp passive 1 4 18 put Syntax put localfile remotefile View FTP Client view Parameter localfile Local file name remotefile File name on the remote FTP Server Description Use the put command to upload a local file to the remo...

Page 1017: ...tp put temp c temp1 c 1 4 19 pwd Syntax pwd View FTP Client view Parameter None Description Use the pwd command to view the current directory on the remote FTP Server Example Show the current directory on the remote FTP Server Quidway ftp ftp pwd flash temp is current directory 1 4 20 quit Syntax quit View FTP Client view Parameter None Description Use the quit command to terminate the connection ...

Page 1018: ...ocol command FTP protocol command Description Use the remotehelp command to view help information about the FTP protocol command This command takes effects only when the FTP server provides the protocol command help S8500 series serving as servers provide this help service but common FTP software do not provide this service Example Show the syntax of the protocol command user Quidway ftp ftp remot...

Page 1019: ...ains no files Example Delete the directory flash temp1 from FTP Server Quidway ftp ftp rmdir flash temp1 1 4 23 user Syntax user username password View FTP Client view Parameter username Logon username password Logon password Description Use the user command to register an FTP user This command is available when you log in FTP server with a specified user account Example Log in the FTP Server with...

Page 1020: ...uidway ftp ftp verbose 1 5 TFTP Configuration Commands 1 5 1 tftp get Syntax tftp tftp server get source file dest file View User view Parameter tftp server IP address or hostname of the TFTP server The name of the TFTP server should be a string ranging from 1 to 20 characters source file Specifies the filename of the source file on the TFTP server dest file Specifies the filename of the destinati...

Page 1021: ...FTP server The name of the TFTP server should be a string ranging from 1 to 20 characters source file Specifies the filename of the source file which is saved on the switch dest file Name of the saved as file uploaded to the specified directory on the TFTP server Description Use the tftp put command to upload a file from the switch to the specified directory on the TFTP server Related command tftp...

Page 1022: ... address aging time command to view the aging time of the dynamic entry in the MAC address table Related command mac address mac address timer display mac address Example Display the aging time of the dynamic entry in the MAC address table Quidway display mac address aging time mac address aging time 300s The above information indicates that the aging time of the dynamic entry in the MAC address i...

Page 1023: ...n managing the Layer 2 addresses of the switch the administrator can perform this command to view such information as the Layer 2 address table address status static or dynamic Ethernet port of the MAC address VLAN of the address and system address aging time Related command mac address mac address timer Example Show the information of the entry with MAC address at 00e0 fc01 0101 Quidway display m...

Page 1024: ...e entry If the input address has been existed in the address table the original entry will be modified That is replace the interface pointed by this address with the new interface and the entry attribute with the new attribute dynamic entry static entry and permanent entry All the MAC unicast addresses on a certain interface can be deleted User can choose to delete any of the following addresses a...

Page 1025: ...ger learn any more MAC addresses and you can use the undo mac address max mac count command to remove the limit on the number Note z The maximum number of MAC addresses of a board ranges from 12 K to 16 K depending on various software versions and board types z The aforementioned number of MAC addresses includes only the MAC addresses learned by the switch dynamically and excludes those configured...

Page 1026: ...maximum number of MAC addresses that the port can learned the port will send an alarm to network administrator to prompt that the port will no longer learn any MAC addresses Related commands mac address mac address timer Note z The maximum number of MAC addresses of a board ranges from 12 K to 16 K depending on various software versions and board types z The aforementioned number of MAC addresses ...

Page 1027: ...addresses have not been learned by ports when the number of automatically learned MAC addresses of a specified port exceeds maximum number of learned MAC addresses Use the undo mac address max mac count enable forward command to discard the packets whose source MAC addresses have not been learned by ports when the number of automatically learned MAC addresses of a specified port exceeds maximum nu...

Page 1028: ...he mac address max mac count command to set the maximum number of MAC addresses that can be learned in VLAN Use the undo mac address max mac count command to cancel the configuration If you have set the maximum number MAC addresses will not be learned in the VLAN when the maximum number is reached By default the number of learned MAC addresses is not limited in a VLAN Note If you execute this comm...

Page 1029: ...r 2 dynamic address table entry Use the undo mac address timer command to restore the default value If aging time is too short the MAC address might be deleted before the Ethernet switch gets the address information That way the switch broadcasts the received packets to all the ports within the VLAN This will affect the switch operation performance If aging time is too long the Ethernet switch wil...

Page 1030: ...ser view Parameter all Clears all of the MAC address entries dynamic Clears all dynamic MAC address entries static Cleasr all static MAC address entries interface type is the type of the port and interface number is the number of the interface Vlan vlan id Clears all of the MAC address entries in the specified VLAN Description Use the reset mac address command to clear corresponding MAC address en...

Page 1031: ...backup command to specify the backup bootstrap program to be the bootstrap program If the switch cannot be started through specified bootstrap program a program will be selected from the Flash or CF card as bootstrap program If the switch still cannot be started normally the switch fails to boot up Note An S8500 series routing switch supports system switchover both its active and standby SRPCs hav...

Page 1032: ...oot loader primary slot1 flash s8500 vrp310 r1262 app slot 1 The specified file will be booted next time 3 1 2 boot bootrom Syntax boot bootrom file url slot slot num list View User view Parameter file url Path and name of Bootrom file in the storage device slot slot num list Specifies the slot number list of switch The formula is slot num list slot num to slot num 1 n 1 n indicates that the prior...

Page 1033: ... of board 0 at this time is flash switch app Table 3 1 Description on the display boot loader command Field Description The app to boot of board 0 at the next time is flash Switch app Startup file used on startup next time The app to boot of board 0 at this time is flash PLAT APP Startup file used on startup this time 3 1 4 display cpu Syntax display cpu slot slot no View Any view Parameter slot s...

Page 1034: ...detail information shelf no Shelf number frame no Frame number slot no Slot number Description Use the display device command to display the module type and working status information of a card including physical card number physical daughter card number number of ports hardware version number FPGA version number version number of BOOTROM software application version number address learning mode i...

Page 1035: ... environment command to view environment information Example Display the environment information Quidway display environment System temperature information degree centigrade Board Temperature Lower limit Upper limit 0 33 10 45 2 35 10 65 4 34 10 65 3 1 7 display fan Syntax display fan fan id View Any view Parameter fan id the fan ID Description Use the display fan command to view the working state...

Page 1036: ... slot number Description Use the display memory command to display memory situation Example Display memory situation Quidway display memory slot 0 System Total Memory bytes 197932416 Total Used Memory bytes 65234704 Used Rate 32 Table 3 3 Description on the fields of the display memory command Field Description System Total Memory bytes The Total Memory of switch unit in byte Total Used Memory byt...

Page 1037: ...State Absent Power 2 State Normal Power 3 State Absent 3 1 10 display schedule reboot Syntax display schedule reboot View Any view Parameter None Description Use the display schedule reboot command to check the configuration of related parameters of the switch schedule reboot terminal service Related command reboot schedule reboot at Example Display the configuration of the schedule reboot termina...

Page 1038: ... reboot at hh mm yyyy mm dd undo schedule reboot View User view Parameter hh mm Reboot time of the switch in the format of hour minute The hh ranges from 0 to 23 and the mm ranges from 0 to 59 yyyy mm dd Reboot date of the switch in the format of year month day The yyyy ranges from 2000 to 2099 the mm ranges from 1 to 12 and the value of dd is related to the specific month Description Use the sche...

Page 1039: ...he configured date should not exceed the current date more than 30 days In addition after the command is configured the system will prompt you to input confirmation information Only after the Y or the y is entered can the configuration be valid If there is related configuration before it will be covered directly Moreover after the schedule reboot at command is configured and the system time is adj...

Page 1040: ...rmats can be used to set the waiting delay of timing reboot switch namely the format of hour minute and the format of absolute minutes But the total minutes should be no more than 30 24 60 minutes or 30 days After this command is configured the system will prompt you to input confirmation information Only after the Y or the y is entered can the configuration be valid If there is related configurat...

Page 1041: ...0 Quidway temperature limit 0 10 75 3 1 15 update l3plus Syntax update l3plus slot slot no filename file name ftpserver server name username user name password password port port num View System view Parameter slot no Slot for the service processing board to be updated file name Name of upgrading file to be downloaded The file suffix is app server name IP address or host name of FTP Server where t...

Page 1042: ... dynamic random access memory SDRAM and uses the file to enable service processing boards Example Update the service processing board in slot 2 The file to be downloaded is place in the host with the IP address 192 168 1 100 and its name is L3PLUS app The user name and password for FTP login are 654321 and 123456 respectively Quidway system view System View return to User View with Ctrl Z Quidway ...

Page 1043: ...Y ranges from 2000 to 2100 MM ranges from 1 to 12 and DD ranges from 1 to 31 Description Use the clock datetime command to configure the current date and clock of Ethernet Switch By default the date and clock of Ethernet Switch is set as 0 0 0 2000 1 1 The current date and clock of Ethernet Switch must be set in the circumstance that absolute time is strictly required Related command display clock...

Page 1044: ...the summer time input like HH MM SS hour minute second Description Use the clock summer time command to set the name starting and ending time of the summer time Use the undo clock summer time command to remove the configuration of the summer time After the configuration takes effect the display clock command can be used to check it Besides the time of the log or Debugging information uses the loca...

Page 1045: ...d Description Use the clock timezone command to set the information of the local time zone Use the undo clock timezone command to restore to the default Universal Time Coordinated UTC time zone After the configuration takes effect the display clock command can be used to check it Besides the time of the log or debug information uses the local time after the adjustment of the time zone and summer t...

Page 1046: ... sysname Syntax sysname sysname undo sysname View System view Parameter sysname Specifies the hostname with a character string with the length ranging from1 to 30 characters The name of the Ethernet switch defaults to Quidway Description Use the sysname command to configure the hostname of Ethernet Switch By default the hostname of Ethernet Switch is Quidway Changing the hostname name of Ethernet ...

Page 1047: ...f the primary clock source is lost the phase lock mode of the clock module switches into Hold 2 In auto mode z If SSM is not involved in control the set SSM level will be neglected and the clock module will select a clock source by priority If two clock sources have the same priority they will be selected in the high to low order from clock source 1 to clock source 18 If the available clock source...

Page 1048: ... sources with the SSM level being DNU should not be used for synchronization and are not engaged in switching Example Set the work mode of clock module on the SRPU to auto Quidway system view System View return to User View with Ctrl Z Quidway clock auto 4 2 2 clock forcessm Syntax clock forcessm on off source source View System view Parameter on SSM is not extracted from clock source namely SSM i...

Page 1049: ...puport command to select the output port of the line clock source of the interface card Example Set the output port of the line clock source of the interface card 3 to port 1 Quidway system view System View return to User View with Ctrl Z Quidway clock lpuport slot 3 card 1 port 1 4 2 4 clock priority Syntax clock priority value source source View System view Parameter value Priority level ranging...

Page 1050: ...m 1 to 2 sa4 Time slot of sa4 bit sa5 Time slot of sa5 bit sa6 Time slot of sa6 bit sa7 Time slot of sa7 bit sa8 Time slot of sa8 bit Description Use the clock sa bit command to set the time slot of a Bits clock source sa4 through sa8 refer to the five bits sa4 through sa8 of CRC4 CRC4 multiple frame even frame slot 0 one of which can be selected by the carrier to carry the SSM information accordi...

Page 1051: ... signal but SSM is not engaged in control the set SSM level is the SSM level of the clock source SSM means Synchronization Status Marker which is also referred to as synchronous quality information It is used to indicate the level of synchronous timing signal in synchronous timing transfer link For line clock sources SSM is extracted by the interface card and reported to the SRPU and then the SRPU...

Page 1052: ...aged in control z SSM is engaged in control The level of the clock source is first determined by its SSM level during automatic clock source switching z SSM is not engaged in control The SSM level can be set and queried but the SSM level of the clock source is neglected during automatic clock source switching The SSM function of the clock module is not engaged in control by default Example Enable ...

Page 1053: ...ork Quidway system view System View return to User View with Ctrl Z Quidway clock stop warm up 4 2 9 display clock device Syntax display clock device View Any view Parameter None Description Use the display clock device command to query the detailed information of the clock device Example Query the detailed information of the clock device Quidway display clock device Clock module detail informatio...

Page 1054: ...5 UNKNOWN No 4 N A 2 lost 255 UNKNOWN No 4 N A 3 lost 255 UNKNOWN No N A 4 lost 255 UNKNOWN No N A 5 lost 255 UNKNOWN No N A 6 normal 255 UNKNOWN No N A 0 1 1 7 lost 255 UNKNOWN No N A 8 lost 255 UNKNOWN No N A 9 lost 255 UNKNOWN No N A 10 lost 255 UNKNOWN No N A 11 lost 255 UNKNOWN No N A 12 lost 255 UNKNOWN No N A 13 lost 255 UNKNOWN No N A 14 lost 255 UNKNOWN No N A 15 lost 255 UNKNOWN No N A 1...

Page 1055: ...he clock device Quidway display clock version Clock module version Software version v010 Hardware version Rev A CPLD version v009 Release date 2002 02 26 4 2 11 display clock d a Syntax display clock d a View Any view Parameter None Description Use the display clock d a command to query the D A value of the clock device Example Query the D A value of the clock device Quidway display clock d a DAC ...

Page 1056: ...y display clock basephase clock base phase 0x0 4 2 13 display clock lpuport Syntax display clock lpuport View Any view Parameter None Description Use the display clock lpuport command to query the LPU port to output the clock reference source Example Query the LPU port to output the clock reference source Quidway display clock lpuport the LPU port which output clock reference reference lpu port sl...

Page 1057: ... of the 18 clock sources Example Query the status of the 18 clock sources Quidway display clock source No primary reference is traced reference state lpu port slot card port 1 lost N A 2 lost N A 3 lost 4 normal 2 1 1 5 lost 6 lost 7 lost 8 lost 9 lost 10 lost 11 lost 12 lost 13 lost 14 lost 15 lost 16 lost 17 lost 18 lost 4 2 15 display clock self test result Command display clock self test resul...

Page 1058: ...result Clock module work mode normal Detail test report SRAM normal Output 38 88MHz signal normal PLL TRU050 normal PLL 88915 normal OSC normal I2C bus normal EPLD normal HDLC normal E1a normal E1b normal 4 2 16 display clock priority Command display clock priority View Any view Parameter None Description Use the display clock priority command to query the priority levels of the 18 clock sources E...

Page 1059: ... 11 255 12 255 13 255 14 255 15 255 16 255 17 255 18 255 4 2 17 display clock ssm level Command display clock ssm level View Any view Parameter None Description Use the display clock ssm level command to query the SSM levels of the 18 clock sources Example Query the SSM levels of the 18 clock sources Quidway display clock ssm level reference SSM level 1 LNC 2 UNKNOWN 3 UNKNOWN 4 LNC 5 UNKNOWN ...

Page 1060: ...NKNOWN 15 UNKNOWN 16 UNKNOWN 17 UNKNOWN 18 UNKNOWN 4 2 18 display clock ssm output Command display clock ssm output View Any view Parameter None Description Use the display clock ssm output command to query the SSM output level of the clock Example Query the SSM output level of the clock Quidway display clock ssm output SSM output level is LNC 4 2 19 display clock phase lock state Command display ...

Page 1061: ...e Query the phase lock status of the clock Quidway display clock phase lock state phase lock state hold osc state noamal finished warm up 4 2 20 display clock work mode Command display clock work mode View Any view Parameter None Description Use the display clock work mode command to query the clock work mode Example Query the clock work mode Quidway display clock work mode clock work in auto mode...

Page 1062: ...ration work mode AUTO SSM participate in control No reference Priority SSM level Forcessm Sa bit lpu port 1 255 LNC No 4 N A 2 4 UNKNOWN No 5 N A 3 255 UNKNOWN No N A 4 255 LNC No N A 5 255 UNKNOWN No N A 6 255 UNKNOWN No N A 7 255 UNKNOWN No N A 8 255 UNKNOWN No N A 9 255 UNKNOWN No N A 10 255 UNKNOWN No N A 11 255 UNKNOWN No N A 12 255 UNKNOWN No N A 13 255 UNKNOWN No N A 14 255 UNKNOWN No N A 1...

Page 1063: ... 2002 02 02 Time Zone beijing add 01 00 00 Summer Time bj one off 01 00 00 2003 01 01 01 00 00 2003 08 08 01 00 00 Table 4 1 Description of the output information of the display clock command Field Description 18 36 31 beijing Sat 2002 02 02 Current system time Time Zone beijing add 01 00 00 Configured time zone information Summer Time bj one off 01 00 00 2003 01 01 01 00 00 2003 08 08 01 00 00 Co...

Page 1064: ...ay fiber module Syntax display fiber module interface type interface number View Any view Parameter interface type The interface type supported by switch the value can be Ethernet GigabitEthernet and so on interface number Interface number Description Use the display fiber module command to display the information of the optical modules connected with all the optical interfaces in position on the ...

Page 1065: ...er connect LC VendorName AGILENT PartNumber HFBR 5760LP Mode MultiMode WaveLength Unknown Length for 50 125um 0m Length for 62 5 125um 2000m Warning This Port Use Wrong Optical Module Pos4 1 2 Card info 1000BASE SFP Fiber connect LC VendorName Hitachi Cable PartNumber HTR6511R Mode SingleMode WaveLength 1310nm Length for 9um 10km Warning This Port Use Wrong Optical Module Pos4 1 3 Card info 2 5G S...

Page 1066: ...rtNumber 64P0215 Mode SingleMode WaveLength 1310nm Length for 9um 10km GigabitEthernet6 1 3 Card info 10G XFP Fiber connect LC VendorName JDS Uniphase PartNumber 64P0215 Mode SingleMode WaveLength 1310nm Length for 9um 10km Please refer to the following table for the information above Table 4 2 Description of the display fiber module command information on display Field Description Card info Card ...

Page 1067: ...ameter all display all users connected to the switch Description Use the display users command to view information about users connected to the switch Example Display the information about all the active users on the console Quidway display users UI Delay Type Ipaddress Username 0 CON 0 00 00 00 130 VTY 0 00 00 05 TEL 192 168 1 253 tb Display the information about all the users on the console Quid...

Page 1068: ...at is the login username of this user If the current terminal line is in anonymous login mode AAA authentication is enabled on it this field is null 4 3 5 display version Syntax display version View Any view Parameter e Description Use the display version command to view such information as software version issue date and the basic hardware configurations Example Display the information about the ...

Page 1069: ...00 VRP310 r1265 LSB1F32GC0 2 uptime is 0 weeks 2 days 1 hour 15 minutes QuidwayS8500 LPU with 1 MPC8245 Processor 128M bytes SDRAM 0K bytes NVRAM Memory PCB Version REV 0 BootROM Version 103 CPLD Version 002 Software Version S8500 VRP310 r1265 CPUCard 1 PCB Ver 4 CPLD Ver 001 SubCard 1 PCB Ver Ver B CPLD Ver NONE SubCard 2 PCB Ver REV 0 CPLD Ver NONE 4 4 System Debug Commands 4 4 1 debugging Synta...

Page 1070: ...By default all the debugging processes are disabled Ethernet Switch provides various kinds of debugging functions for technical support personnel and experienced maintenance staff to troubleshoot the network Enabling the debugging will generate a large amount of debugging information and decrease the system efficiency Specially network system may collapse after all the debugging is enabled by debu...

Page 1071: ...lay all system configuration information Quidway display diagnostic information This operation may take a few minutes continue Y N y display version Huawei 3Com Versatile Routing Platform Software VRP R Software Version COMWAREHZV300R001B08D018 Release 0001 VRP tm Lanswitch Platform Software Version COMWAREHZV300R001B08D018 S8500 Software Version V100R002B02D018 S8500 Product Version S8500 VRP310 ...

Page 1072: ... By default the starting padding is 0x01 crescent and the ending padding is 0x09 and then repeat q Configures not to display any other detailed information except statistics r Record route By default the system does not record route s packetsize Specifies the length of ECHO REQUEST excluding IP and ICMP packet header in bytes The length of the echo request packet defaults to 56 bytes t timeout Max...

Page 1073: ...Related command tracert Example Check whether the host 202 38 160 244 is reachable Quidway ping 202 38 160 244 ping 202 38 160 244 56 data bytes Reply from 202 38 160 244 bytes 56 sequence 1 ttl 255 time 1ms Reply from 202 38 160 244 bytes 56 sequence 2 ttl 255 time 2ms Reply from 202 38 160 244 bytes 56 sequence 3 ttl 255 time 1ms Reply from 202 38 160 244 bytes 56 sequence 4 ttl 255 time 3ms Rep...

Page 1074: ...ends a packet with TTL 1 and the first hop will send an ICMP error message back to indicate this packet cannot be transmitted because of TTL timeout Then this packet will be sent again with TTL 2 and the second hop will indicate a TTL timeout error Perform this operation repeatedly till reaching the destination These processes are operated to record the source address of each ICMP TTL timeout so a...

Page 1075: ...ny view Parameter channel number Channel number ranging from 0 to 9 that is the system has ten channels channel name Specifies the channel name the name can be channel7 channel8 channel9 console logbuffer loghost monitor snmpagent trapbuffer logfile Description Use the display channel command to view the details about the information channel Without parameter display channel command shows the conf...

Page 1076: ...er logbuffer info center console channel info center monitor channel Example Show the system log information Quidway display info center Information Center enabled Log host Console channel number 0 channel name console Monitor channel number 1 channel name monitor SNMP Agent channel number 5 channel name snmpagent Log buffer enabled max buffer size 1024 current buffer size 256 current messages 6 c...

Page 1077: ...cluding the occupied channel number and channel name Log buffer The status of the log buffer including enable status maximum size current size number of current messages channel name channel number number of dropped messages number of the overwritten messages Trap buffer The status of the trap buffer including enable status maximum size current size number of current messages channel name channel ...

Page 1078: ...gencies 1 Emergent errors alerts 2 Errors you must correct immediately critical 3 Critical errors errors 4 Errors requiring your attention but not critical warnings 5 Warning an error may occur notifications 6 Information requiring your attention informational 7 General prompt information debugging 8 Debugging information size Configures the size of buffer sizenum Size of buffer number of messages...

Page 1079: ...hould be less than five consecutive underscores If the underscores in a command are discrete on the first group of underscores are filtered for the output information but not the subsequent underscores Left parenthesis push flag in program It is recommended not to use this character in the regular expression Description Use the display logbuffer command to view the attribute of logbuffer and the i...

Page 1080: ...ical warnings 5 Warning an error may occur notifications 6 Information requiring your attention informational 7 General prompt information debugging 8 Debugging information Description Use the display logbuffer summary command to view the summary information recorded in logbuffer Related command info center enable info center loghost info center logbuffer info center console channel info center mo...

Page 1081: ...Table 4 5 gives the details Description Use the display trapbuffer command to view the attribute of trapbuffer and the information recorded in trapbuffer Example Show the system trapbuffer attribute and the log information in trapbuffer Quidway display trapbuffer Trapping Buffer Configuration and contents enabled allowed max buffer size 1024 actual buffer size 256 channel number 3 channel name tra...

Page 1082: ... info center channel name command to rename a channel specified by the channel number as channel name Use the undo info center channel command to restore the channel name The system assigns a channel in each output direction by default See the table below Table 4 8 Numbers and names of the channels for log output Output direction Channel number Default channel name Console 0 console Monitor 1 moni...

Page 1083: ...le logbuffer loghost monitor snmpagent trapbuffer logfile Description Use the info center console channel command to configure the channel through which the log information is output to the console By default Ethernet switches do not output log information to the console This command takes effect only after system logging is started Related command info center enable display info center Example Co...

Page 1084: ... to User View with Ctrl Z Quidway info center enable 4 6 9 info center logbuffer Syntax info center logbuffer channel channel number channel name size buffersize undo info center logbuffer channel size View System view Parameter channel Configures the channel to output information to buffer channel number Channel number ranging from 0 to 9 that is system has ten channels channel name Specifies the...

Page 1085: ... logfile undo info center logfile View System view Parameter None Description Use the info center logfile command to configure to output information to the logfile Use the undo info center logfile command to cancel the information output to logfile This command takes effect only after the system logging is enabled Related command info center enable display info center Example Send log information ...

Page 1086: ...language Sets the logging language chinese english Language used in log file Description Use the info center loghost command to configure the system to output information to the log host Use the undo info center loghost command to cancel output to info center loghost By default Ethernet switches do not output information to info center loghost This command takes effect only after the system loggin...

Page 1087: ... address of the interface specified by the interface name Use the command to Using undo info center loghost source command you can cancel the setting source address of the packets sent to loghost Related command info center enable display info center Example Set source address of the packets sent to loghost as the address of the VLAN interface 1 Quidway system view System View return to User View ...

Page 1088: ...le display info center Example Configure channel 0 to output log information to user terminal Quidway system view System View return to User View with Ctrl Z Quidway info center monitor channel 0 4 6 14 info center snmp channel Syntax info center snmp channel channel number channel name undo info center snmp channel View System view Parameter channel number Channel number ranging from 0 to 9 that ...

Page 1089: ...erity state state undo info center source modu name default all channel channel number channel name View System view Parameter modu name Module name Table 4 9 gives the details Table 4 9 The module name field Module name Description 8021X 802 1X module ACL ACL access control list module ADBM MAC address management module ARP ARP address resolution protocol module BGP BGP border gateway protocol mo...

Page 1090: ... protocol module HGMPS HGMPS Huawei group management protocol service module HWCM Huawei configuration management MIB module IFNET Interface management module IGSP IGMP snooping module IP IP internet protocol module ISIS IS IS intermediate system to intermediate system intradomain routing protocol module L2INF L2 interface management module L2V L2 VPN module LACL LAN switch ACL module LDP LDP labe...

Page 1091: ... PSSINIT module RDS RADIUS module RM Routing management module RMON Remote monitor module RPR Resilent packet ring module RSA RSA Revest Shamir and Adleman encryption module RTPRO Routing protocol module SHELL User interface module SNMP SNMP simple network management protocol module SOCKET Socket module SSH Secure Shell module SYSM System manage veneer module SYSMIB System MIB module TELNET Telnet...

Page 1092: ... notifications 6 Information requiring your attention informational 7 General prompt information debugging 8 Debugging information By default the information level of each channel is as follows Table 4 11 Default information level of each channel channel Log information level Trap information level Debugging information level Console warning debugging debugging Terminal warning debugging debugging...

Page 1093: ...ple if you only define the level of the log information then the levels of the trap and debugging information return to the defaults channel number Channel number to be set channel name Channel name to be set The name can be channel7 channel8 channel9 console logbuffer loghost monitor snmpagent trapbuffer logfile state Sets the state of the information state Specifies the state as on or off Descri...

Page 1094: ...nitor Info center loghost loghost Log buffer logbuffer Trap buffer trapbuffer snmp snmpagent Log file logfile In addition each information channel has a default record with the module name default and module number as 0xffff0000 However for different information channel the default log trap and debugging settings in the records may be different with one another Use default configuration record if ...

Page 1095: ...mp format Description Use the info center timestamp command to configure the timestamp output format in debugging trap information Use the undo info center timestamp command to disable the output of timestamp field By default date stamp is used Example Configure the debugging information timestamp format as boot Quidway system view System View return to User View with Ctrl Z Quidway info center ti...

Page 1096: ...mation is transmitted to trap buffer and size of trap buffer is 256 This command takes effect only after the system logging is enabled The information can be output to the trap buffer by configuring the size of the buffer Related command info center enable display info center Example Send information to the trap buffer and sets the size of buffer as 30 Quidway system view System View return to Use...

Page 1097: ...mple Clear information in trap buffer Quidway reset trapbuffer 4 6 20 terminal debugging Syntax terminal debugging undo terminal debugging View User view Parameter None Description Use the terminal debugging command to configure to display the debugging information on the terminal Use the undo terminal debugging command to configure not to display the debugging information on the terminal By defau...

Page 1098: ...og information display Use the undo terminal logging command to disable terminal log information display By default the log information display is enabled on the console and disabled on the terminal Example Disable the terminal log display Quidway undo terminal logging 4 6 22 terminal monitor Syntax terminal monitor undo terminal monitor View User view Parameter None Description Use the terminal m...

Page 1099: ...ving performed undo terminal debugging undo terminal logging undo terminal trapping commands When the terminal monitor is enabled you can use terminal debugging undo terminal debugging terminal logging terminal logging and terminal trapping undo terminal trapping respectively to enable or disable the corresponding functions Example Disable the terminal monitor Quidway undo terminal monitor 4 6 23 ...

Page 1100: ...mp agent local engineid remote engineid command to view engine ID of current device SNMP engine is the core of SNMP entity It performs the function of sending receiving and authenticating SNMP message extracting PDU packet encapsulation and the communication with SNMP application and so on Example Display the engine ID of current device Quidway display snmp agent local engineid SNMP local EngineID...

Page 1101: ...es Quidway display snmp agent community Community name public Group name public Storage type nonVolatile Community name private Group name private Storage type nonVolatile Table 5 1 Description on the fields of the display snmp agent community command Field Description community name Community name Group name Group name storage type Storage mode 5 1 3 display snmp agent group Syntax display snmp a...

Page 1102: ...p name Security model The security mode adopted by SNMP readview Read only MIB view name corresponding to that group writeview Writable MIB view corresponding to that group notifyview The name of the notify MIB view corresponding to that group storage type Storage mode 5 1 4 display snmp agent mib view Syntax display snmp agent mib view exclude include viewname mib view View Any view Parameter exc...

Page 1103: ...e nonVolatile View Type excluded View status active View name ViewDefault MIB Subtree snmpVacmMIB Subtree mask Storage type nonVolatile View Type excluded View status active The following table describes the output fields Table 5 3 Description on the fields of the display snmp agent mib view command Field Description View name View name MIB Subtree MIB subtree Subtree mask Subtree mask storage typ...

Page 1104: ...t known 0 Messages which represented an illegal operation for the community supplied 0 ASN 1 or BER errors in the process of decoding 9 Messages passed from the SNMP entity 0 SNMP PDUs which had badValue error status 0 SNMP PDUs which had genErr error status 0 SNMP PDUs which had noSuchName error status 0 SNMP PDUs which had tooBig error status Maximum packet size 2000 9 MIB objects retrieved succ...

Page 1105: ...ber of SNMP packets with erroneous values 9 Get next PDUs accepted and processed Number of SNMP packets with general error 0 GetBulkRequest PDU accepted and processed Number or packets request for nonexistent MIB objects 0 GetResponse PDUs accepted and processed Number of too long SNMP packets 0 Set request PDU accepted and processed Number of variables requested by NMS 0 Trap PDUs accepted and pr...

Page 1106: ...string sysContact Quidway display snmp agent sys info contact The contact person for this managed node R D Beijing Huawei Technologies co Ltd The above information represents that the contact person for this machine is R D Beijing Huawei Technologies co Ltd Display the character string describing the system location Quidway display snmp agent sys info location The physical location of this node Be...

Page 1107: ...roup Description Use the display snmp agent usm user command to view information of all the SNMP usernames in the group username list SNMP user is the remote user executing SNMP administrative operation You can use the snmp agent usm user command to specify the SNMP user Example Display the information of all the current users Quidway display snmp agent usm user User name NotifyV3 Group name Notif...

Page 1108: ...arameter None Description Use the enable snmp trap updown command to enable current port or VLAN interface to transmit the LINK UP and LINK DOWN trap messages Use the undo enable snmp trap updown command to disable current port or VLAN interface to transmit the LINK UP and LINK DOWN trap messages The enable snmp trap command should be used in cooperation with the snmp agent trap enable and the snm...

Page 1109: ...hat MIB object can be read and written community name Community name character string view name MIB view name acl acl list sets access control list for specified community Description Use the snmp agent community command to configure community access name and enable the access to SNMP Use the undo snmp agent community command to cancel the settings of community access name Example Configure commun...

Page 1110: ...es to authenticate the packet without encryption privacy Configures to authenticate and encrypt the packet read view Configures to allow read only view settings read view Read only view name ranging from 1 to 32 bytes write view Configures to allow read write view settings write view Name of read write view ranging from 1 to 32 bytes notify view Configures to allow notify view settings notify view...

Page 1111: ...snmp agent local engineid command to configure a name for a local or remote SNMP engine on the Ethernet Switch Use the command to Using undo snmp agent local engineid command you can restore the default setting of engine ID By default the engine ID is corporation number device information Device information is determined according to different products It can be IP address MAC address or user defi...

Page 1112: ...view command to create or update the view information Use the undo snmp agent mib view command to cancel the view information By default the view name is ViewDefault OID is 1 3 6 1 This command supports the parameter input of both OID and node name Related command snmp agent group Example Create a view that consists of all the objects of MIB II Quidway system view System View return to User View w...

Page 1113: ...rl Z Quidway snmp agent packet max size 1042 5 1 14 snmp agent sys info Syntax snmp agent sys info contact sysContact location syslocation version v1 v2c v3 all undo snmp agent sys info contact location version v1 v2c v3 all View System view Parameter contact The contact information for system maintenance sysContact Characters describe the contact information for system maintenance location Sets t...

Page 1114: ...ator at beeper 27345 Quidway system view System View return to User View with Ctrl Z Quidway snmp agent sys info contact Dial System Operator at beeper 27345 5 1 15 snmp agent target host Syntax snmp agent target host trap address udp domain host addr udp port udp port number params securityname securityname v1 v2c v3 authentication privacy undo snmp agent target host host addr securityname securi...

Page 1115: ...version of SNMP message is v3 the packet authentication encryption mode specified by the command must be consistent with configuration for SNMP group to which the securityname belongs Related command snmp agent trap enable snmp agent trap source and snmp agent trap life snmp agent group snmp agent usm user Example Enable sending Trap message to 10 1 1 1 with community name public Quidway system vi...

Page 1116: ...nfiguration management Trap messages flash Enables the sending of FLASH Trap messages System Enables the sending of system management MIB Trap messages vrrp authfailure newmaster Enables the sending of VRRP Trap messages ldp Enables the sending of LDP Trap messages lsp Enables the sending of LSP Trap messages Description Use the snmp agent trap enable command to enable the sending of Trap messages...

Page 1117: ...conds Description Use the snmp agent trap life command to configure the timeout of Trap packets Use the undo snmp agent trap life command to restore the default value The set timeout of Trap packet is represented by seconds If time exceeds seconds this Trap packet will be discarded Related command snmp agent trap enable snmp agent target host Example Configure the timeout interval of Trap packet a...

Page 1118: ...l Z Quidway snmp agent trap queue size 200 5 1 19 snmp agent trap source Syntax snmp agent trap source vlan interface vlan id undo snmp agent trap source View System view Parameter vlan id Specifies the VLAN interface ID ranging from 1 to 4094 Description Use the snmp agent trap source command to configure the source address for sending Trap Use the undo snmp agent trap source command to cancel th...

Page 1119: ...ranging from 1 to 32 bytes authentication mode Specifies the safety level as authentication required md5 MD5 algorithm is adopted in authentication MD5 authentication uses the 128 digit password Computation speed of MD5 is faster than that of SHA sha SHA algorithm is adopted in authentication SHA authentication uses the 160 digit password Computation speed of SHA is slower than that of MD5 but wit...

Page 1120: ...ang for huawei an SNMP group configures to authenticate with MD5 and sets authentication password as pass Quidway system view System View return to User View with Ctrl Z Quidway snmp agent usm user v3 wang huawei authentication mode md5 pass 5 1 21 undo snmp agent Syntax undo snmp agent View System view Parameter None Description Use the undo snmp agent command to disable all versions of SNMP runn...

Page 1121: ...ated command rmon alarm Example Display the RMON alarm information Quidway display rmon alarm Alarm table 1 owned by monitor is VALID Samples type delta Variable formula 1 3 6 1 2 1 16 1 1 1 3 1 etherStatsDropEvents 1 Description Ethernet5 1 1 Sampling interval 10 sec Rising threshold 10 linked with event 1 Falling threshold 2 linked with event 1 When startup enables risingOrFallingAlarm Latest va...

Page 1122: ...hold alarm falling threshold alarm or both Latest value Last sample value 6 1 2 display rmon event Syntax display rmon event event table entry View Any view Parameter event table entry Entry index of event table Description Use the display rmon event command to view RMON events The display includes event index in event table owner of the event description to the event action caused by event log or...

Page 1123: ...rameter event number Entry index of event table Description Use the display rmon eventlog command to view RMON event log The display includes event index in the event table the status of the event the time at which the event log is generated this time starts from the system initialization or booting and counted in milliseconds and event description Example Show event log of RMON Quidway display rm...

Page 1124: ...s The eventlog corresponding to the index 1 2 is generated at 0days 00h 02m 27s 6 1 4 display rmon history Syntax display rmon history port num View Any view Parameter port num Ethernet port name Description Use the display rmon history command to view latest RMON history sampling information including utility error number and total packet number Related command rmon history Example Show the RMON ...

Page 1125: ...s The latest sample information dropevents Dropping packet events octets Sent Received octets in sampling time packets Packets sent received in sampling time broadcast packets Number of broadcast packets multicast packets Number of multicast packets CRC alignment errors Number of CRC error packets undersized packets Number of undersized packets oversized packets Number of oversized packets fragmen...

Page 1126: ...larm This entry will exist forever Latest value 0 Table 6 5 Description on the fields of the display rmon prialarm command Field Description Prialarm table 1 Index of extended alarm entry owned by monitor Creator of the extended alarm entry UNDERCREATION Status of expansion alarms Samples type Type of sampling Variable formula Formula for expansion alarms Description Description information Sampli...

Page 1127: ...es collision CRC Cyclic Redundancy Check and queue undersized or oversized packet timeout fragment broadcast multicast unicast and bandwidth utility Related command rmon statistics Example Show RMON statistics Quidway display rmon statistics Ethernet 2 1 1 Statistics entry 1 owned by aaa is VALID Interface Ethernet2 1 1 ifIndex 872418178 etherStatsOctets 756 etherStatsPkts 9 etherStatsBroadcastPkt...

Page 1128: ...lta Sampling type is delta absolute Sampling type is absolute rising threshold threshold value1 Rising threshold ranging from 0 to 2147483647 event entry1 Event number corresponding to the upper limit of threshold ranging from 0 to 65535 falling threshold threshold value2 Falling threshold ranging from 0 to 2147483647 event entry2 Event number corresponding to the falling threshold ranging from 0 ...

Page 1129: ... rmon event 1 log owner huawei rmon z View configuration information Quidway display rmon event 1 Event table 1 owned by huawei rmon is VALID Description null Will cause log when triggered last triggered at 1days 01h 42m 09s z Configure alarm group Add the first line in the alarm table Sample the nodes 1 3 6 1 2 1 16 1 1 1 4 1 every 10 seconds Trigger event 1 when the sampling value exceeds the up...

Page 1130: ... which receives the messages triggered by the event none Neither log nor trap event owner text Creator for this entry The length of the character string ranges from 1 to 127 Description Use the rmon event command to add an entry to the event table Use the undo rmon event command to cancel an entry from this table RMON event management defines the event ID and the handling of the event You can hand...

Page 1131: ...o sample set sample parameter sample time interval and storage amounts for a port RMON will periodically perform data collection and save for query on this port Sample information includes utility error number and total packet number Related command display rmon history Example Create a history control table entry with the index number of 15 capacity of 100 and sampling interval of 10 seconds The ...

Page 1132: ...to 65535 threshold value2 Falling threshold value specified with a number greater than 0 event entry2 Event number corresponding to the falling threshold ranging from 0 to 65535 forever cycle cycle period Specifies the type of the alarm instance line cycle period specifies the functional cycle of the instance owner text Creator of this entry Length of the character string ranges from 1 to 127 Desc...

Page 1133: ...3 6 1 4 1 43 45 1 6 1 2 1 1 2 1 to get the port utilization of Gigabit Ethernet interface 1 1 1 Monitor the operation results at the sampling interval of 10 seconds When the variation rate exceeds the upper threshold 50 trigger event 1 when the variation rate gets below the lower threshold 2 trigger event 2 Set the alarm instance sampling type to forever and set the owner of the extended alarm tab...

Page 1134: ...c table Use the undo rmon statistics command to cancel an entry from statistic table RMON statistic management concerns the statistics and monitoring of the usage and error on a port Statistics includes collision undersized or oversized packet timeout fragment broadcast multicast unicast and bandwidth utility You can use the display rmon statistics command to view information about statistics tabl...

Page 1135: ...ew User view Parameter access NTP access control debugging adjustment NTP clock adjustment debugging all All NTP debugging functions authentication NTP authentication debugging event NTP event debugging filter NTP filter information debugging packet NTP packet debugging parameter NTP clock parameter debugging refclock NTP reference clock debugging selection NTP clock selection information debuggin...

Page 1136: ...lt the status of all the SESSIONS maintained by NTP service provided by the local equipment will be displayed When you configure this command without the verbose parameter the Ethernet switch will display the brief information about all the SESSIONS it maintains With the verbose parameter configured Ethernet switch will display the detail information about all the SESSIONS it maintains Example Dis...

Page 1137: ...fields of the display ntp service status command Field Description clock status unsynchronized Local clock status do not synchronize to any remote NTP server clock stratum 16 Indicates the NTP stratum of local clock reference clock ID Indicates the address of a remote server of the reference ID in the case that the local system has been synchronized by a remote NTP server or the ID of some clock s...

Page 1138: ... time till the reference clock source and displays brief information about every NTP server Example Display brief information about every NTP server on the way from the local device to the reference clock source Quidway display ntp service trace server 127 0 0 1 stratum 8 offset 0 000000 synch distance 0 00000 refid 127 127 1 0 7 1 5 ntp service access Syntax ntp service access query synchronizati...

Page 1139: ...imitation The first matched authority will be given Example Give the authority of time request query control and synchronization with the local equipment to the peer in ACL 2000 Quidway system view System View return to User View with Ctrl Z Quidway ntp service access peer 2000 Give the authority of time request and query control of the local equipment to the peer in ACL 2000 Quidway ntp service a...

Page 1140: ...anging from 1 to 4 294 967 295 value Value of the key with 1 to 32 ASCII characters Description Use the ntp service authentication keyid command to set NTP authentication key Use the undo ntp service authentication keyid command to cancel the NTP authentication key By default there is no authentication key Only MD5 authentication is supported for the NTP authentication key settings Example Set MD5...

Page 1141: ...r mode to switch messages with a remote server for estimating the network delay Thereafter the local Ethernet Switch enters Broadcast Client mode and continues listening to the broadcast and synchronizes the local clock according to the arrived broadcast message Example Configure to receive NTP broadcast packets through Vlan Interface1 Quidway system view System View return to User View with Ctrl ...

Page 1142: ...s through Vlan Interface1 encrypt them with Key 4 and set the NTP version number as 3 Quidway system view System View return to User View with Ctrl Z Quidway interface vlan interface1 Quidway Vlan interface1 ntp service broadcast server authentication key 4 version 3 7 1 10 ntp service max dynamic sessions Syntax ntp service max dynamic sessions number undo ntp service max dynamic sessions View Sy...

Page 1143: ...e NTP multicast client mode By default the multicast client service is disabled ip address defaults to 224 0 1 1 Designate an interface on the local Ethernet Switch to receive NTP multicast messages and operate in Multicast Client mode The local Ethernet Switch listens to the multicast packets from the server When it receives the first multicast packet it starts a brief Client Server mode to switc...

Page 1144: ...number NTP version number and range from 1 to 3 Description Use the ntp service multicast server command to configure NTP multicast server mode if no IP address is specified switch automatically choice the 224 0 1 1 as the multicast IP address Use the undo ntp service multicast server command to disable NTP multicast server mode if no IP address is specified the switch will disable the configurati...

Page 1145: ...l clock as an NTP master clock Use the undo ntp service refclock master command to cancel the NTP master clock settings By default ip address is 127 127 1 0 and stratum defaults to 8 You can use this command to designate an NTP external reference clock or the local clock as an NTP master clock to provide synchronized time for other equipment ip address specifies the IP address of an external clock...

Page 1146: ...han one keys as reliable In this case a Client will only get synchronized by a server whichever can provide a reliable key Example Enable NTP authentication adopt MD5 encryption and designate Key 37 BetterKey and configure it as reliable Quidway system view System View return to User View with Ctrl Z Quidway ntp service authentication enable Quidway ntp service authentication keyid 37 authenticati...

Page 1147: ...ets use this command to specify one interface to send all the NTP packets Example Configure all the outgoing NTP packets to use the IP address of Vlan Interface1 as their source IP address Quidway system view System View return to User View with Ctrl Z Quidway ntp service source interface Vlan Interface 1 7 1 16 ntp service unicast peer Syntax ntp service unicast peer ip address version number aut...

Page 1148: ... symmetric active mode ip address specifies a host address other than an IP address of broadcast multicast or reference clock By operating in this mode a local device can synchronize and be synchronized by a remote server Example Configure the local equipment to synchronize or synchronized by a peer at 128 108 22 44 Set the NTP version to 3 The IP address of the NTP packets are taken from that of ...

Page 1149: ...st choice Description Use the ntp service unicast server command to configure NTP server mode Use the undo ntp service unicast server command to disable NTP server mode By default version number number defaults to 3 the authentication is disabled and the local server is not the first choice The command announces to use the remote server at ip address as the local time server ip address specifies a...

Page 1150: ...and to send information regulated by the SSH2 0 protocol such as the negotiation procedure to the information center in the format of Debugging information You can also use it to debug a user interface individually Use the undo debugging ssh server command to disable the debugging By default the debugging is disabled Related command ssh server authentication retries ssh server rekey interval ssh s...

Page 1151: ...like this RSA keys not found Related command rsa local key pair create Example Display the public key of the server s host key pair and server key pair Quidway display rsa local key pair public Key pair was generated at 12 26 33 UTC 2002 4 4 Key name rtvrp_Host Usage Encryption Key Key Data 30470240 AF7DB1D0 DA78944F 53B7B59B 40D425D0 DC9C57D2 A60916C2 1F165807 08B84DDB 5F4DB8E7 A115B74E 2D41D96C ...

Page 1152: ...y pair specified by the client If you do not specify the keyname argument all public keys will be displayed Related command rsa local key pair create Example Display the public key of the specified RSA key pair of the client Quidway display rsa peer public key Address Bits Name 1023 abcd 1024 hq 1024 wn1 1024 hq_all Display the public key of the specified RSA key pair named abcd of the client Quid...

Page 1153: ... an SSH server Related command ssh server authentication retries ssh server rekey interval ssh server timeout Example Display the status information of the SSH server Quidway display ssh server status SSH version 2 0 SSH connection timeout 60 seconds SSH Authentication retries 3 times SFTP Server state Disable Display the session information of the SSH server Quidway display ssh server session Con...

Page 1154: ...y the current SSH user information Quidway display ssh user information Username Authentication type User public key name Service type sshuser2 rsa sshuser2 stelnet sshuser1 password sshuser1 stelnet If the Username and User key name are too long the result of the dispaly ssh user information is displayed with wildcard An example is given below Display current SSH user information Quidway display ...

Page 1155: ...to System View with peer public key end Quidway rsa public key peer public key end Quidway 8 1 7 protocol inbound Syntax protocol inbound all pad ssh telnet View VTY user interface view Parameter all Supports all protocols including Telnet and SSH ssh Supports the SSH protocol only and does not support the Telnet protocol telnet Supports the Telnet protocol only and does not support the SSH protoc...

Page 1156: ...re authentication mode password and authentication mode none Related command user interface vty Example Set VTY 0 to 4 to support the SSH protocol only Quidway system view System View return to User View with Ctrl Z Quidway user interface vty 0 4 Quidway ui vty0 4 protocol inbound ssh Disable the Telnet function of VTY 0 and make it support SSH only Quidway system view System View return to User V...

Page 1157: ...urn to last view with public key code end Quidway key code 308186028180739A291ABDA704F5D93DC8FDF84C427463 Quidway key code 1991C164B0DF178C55FA833591C7D47D5381D09CE82913 Quidway key code D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4 Quidway key code 0861B74A0E135523CCD74CAC61F8E58C452B2F3F2DA0DC Quidway key code C48E3306367FE187BDD944018B3B69F3CBB0A573202C16 Quidway key code BB2FC1ACF3EC8F828D55A...

Page 1158: ... key 8 1 10 rsa local key pair create Syntax rsa local key pair create View System view Parameter None Description Use the rsa local key pair create command to generate the RSA key pair including the host key and server key of the server The naming conventions for the keys are switch name host and switch name server respectively for example Quidway_host Quidway_server When configuring by this comm...

Page 1159: ...er View with Ctrl Z Quidway rsa local key pair create The name for the keys will be rtvrp_Host You already have RSA keys defined for rtvrp_Host Do you really want to replace them yes no y Choose the size of the key modulus in the range of 512 to 2048 for your Keys Choosing a key modulus greater than 512 may take a few minutes How many bits in the modulus 512 512 Generating keys 8 1 11 rsa local ke...

Page 1160: ...consecutive string whose length ranges from 1 to 64 characters Description Use the rsa peer public key command to enter the public key view Performing this command you can enter the public key view Then you can use the public key code begin command to configure the client public key on the server The client public key is generated randomly by the SSH 2 0 enabled client software Related command pub...

Page 1161: ... of SSH connection authentication retries Related command display ssh server Example Specify the number of login authentication retries to 4 Quidway system view System View return to User View with Ctrl Z Quidway ssh server authentication retries 4 8 1 14 ssh server compatible_ssh1x enable Syntax ssh server compatible_ssh1x enable undo ssh server compatible_ssh1x View System view Parameter None De...

Page 1162: ...nterval View System view Parameter hours Update interval of the server key in range of 1 to 24 hours It cannot be 0 Description Use the ssh server rekey interval command to set update interval of the server key Use the undo ssh server rekey interval command to remove the configuration By default the system does not update the server key Related command display ssh server Example Set to update the ...

Page 1163: ...the login timeout to 80 seconds Quidway system view System View return to User View with Ctrl Z Quidway ssh server timeout 80 8 1 17 ssh user assign rsa key Syntax ssh user username assign rsa key keyname undo ssh user username assign rsa key View System view Parameter keyname Name of the client public key It is a consecutive string whose length ranges from 1 to 64 characters username Valid SSH us...

Page 1164: ...ces the user s authentication mode to password authentication rsa Forces the user s authentication mode to RSA public key authentication password publickey Forces the user s authentication mode to password authentication plus RSA public key authentication all Specifies that the user s authentication mode can be either password authentication or public authentication Description Use the ssh user au...

Page 1165: ...hentication type password 8 2 SSH Client Configuration Commands 8 2 1 display ssh server info Syntax display ssh server info View Any view Parameter None Description Use the display ssh server info command to view the corresponding relationship between the client s servers and public keys Example Display the corresponding relationship between the client s servers and public keys Quidway display ss...

Page 1166: ... System view Parameter server ip IP address of the server keyname Public key name of the client Description Use the ssh client assign rsa key command to specify the IP address and the corresponding public key name of the server on the client Use the undo ssh client assign rsa key command to cancel the configuration Example Specify the public key of a server with IP address 192 168 0 1 on the clien...

Page 1167: ...e first time authentication is not supported when there is no local copy of the public key of the connected server the client assumes that the server is illegal and will refuse to access the server The user can save a copy of the server s public key locally by other means beforehand By default the client does not perform the first time authentication Example Set the SSH client to perform the first...

Page 1168: ...The default algorithm is sha1_96 prefer_stoc_hmac Preferred HMAC algorithm from the server to the client The default algorithm is sha1_96 sha1 HMAC algorithm hmac sha1 sha1_96 HMAC algorithm hmac sha1 96 md5 HMAC algorithm hmac md5 md5_96 HMAC algorithm hmac md5 96 Description Use the ssh2 command to enable the connection between the SSH client and the server and specify the preferred key exchange...

Page 1169: ...nable undo sftp server View System view Parameter None Description Use the sftp server enable command to start the SFTP server Use the undo sftp server enable command to shutdown the SFTP server By default the SFTP server is shutdown Example Start the SFTP server Quidway system view System View return to User View with Ctrl Z Quidway sftp server enable Shutdown the SFTP server Quidway undo sftp se...

Page 1170: ...undo ssh user service type command to restore the default service type By default the service type is stelnet Related command display ssh user information Example Specify the service type to be SFTP for user zhangsan Quidway system view System View return to User View with Ctrl Z Quidway ssh user zhangsan service type sftp 8 4 SFTP Client Configuration Commands 8 4 1 bye Syntax bye View SFTP Clien...

Page 1171: ...rameter remote path Name of a path on the server Description Use the cd command to change the current path on the SFTP server If you do not specify the remote path argument the current path will be displayed Example Change the current path to d temp sftp client cd d temp 8 4 3 cdup Syntax cdup View SFTP Client view Parameter None Description Use the cdup command to change the current path to its u...

Page 1172: ...ity as the remove command Example Delete file temp c from the server sftp client delete temp c 8 4 5 dir Syntax dir remote path View SFTP Client view Parameter remote path Name of the directory to view Description Use the dir command to view the files in the specified directory If the remote path argument is not specified the files in the current directory will be displayed This command has the sa...

Page 1173: ... 30 pub2 8 4 6 exit Syntax exit View SFTP Client view Parameter None Description Use the exit command to terminate the connection with the remote SFTP server and return to the user view This command has the same functionality as the bye and quit commands Example Terminate the connection with the remote SFTP server sftp client exit Quidway 8 4 7 get Syntax get remote file local file View SFTP Clien...

Page 1174: ...elp Syntax help command View SFTP Client view Parameter command Name of a command Description Use the help command to view the help information for SFTP client commands If the command argument is not specified all command names will be displayed Example View the help information for the get command sftp client help get get remote path local path Download file Default local path is the same with re...

Page 1175: ... noone nogroup 225 Aug 24 08 01 pubkey2 rwxrwxrwx 1 noone nogroup 283 Aug 24 07 39 pubkey1 rwxrwxrwx 1 noone nogroup 225 Sep 28 08 28 pub1 drwxrwxrwx 1 noone nogroup 0 Sep 28 08 24 new1 drwxrwxrwx 1 noone nogroup 0 Sep 28 08 18 new2 rwxrwxrwx 1 noone nogroup 225 Sep 28 08 30 pub2 8 4 10 mkdir Syntax mkdir remote path View SFTP Client view Parameter remote path Name of a directory on the remote SFT...

Page 1176: ... default if no name of the file on the remote server is specified it is assumed that the file on the remote server has the same name as the local file Example Upload local file temp c to the remote SFTP server and save it with the name temp1 c sftp client put temp c temp1 c 8 4 12 pwd Syntax pwd View SFTP Client view Parameter None Description Use the pwd command to display the current directory o...

Page 1177: ...functionality as the bye and exit commands Example Terminate the connection with the remote SFTP server sftp client quit Quidway 8 4 14 remove Syntax remove remote file View SFTP Client view Parameter remote file Name of a file on the server Description Use the remove command to delete the specified file from the server This command has the same functionality as the delete command Example Delete t...

Page 1178: ...to temp2 sftp client rename temp1 temp2 8 4 16 rmdir Syntax rmdir remote path View SFTP Client view Parameter remote path Name of a directory on the remote SFTP server Description Use the rmdir command to delete the specified directory from the SFTP server Example Delete the directory D temp1 from the SFTP server sftp client rmdir D temp1 8 4 17 sftp Syntax sftp ipaddr prefer_kex dh_group1 dh_exch...

Page 1179: ...encryption algorithm from the server to the client The default algorithm is aes128 des Encryption algorithm des_cbc 3des Encryption algorithm 3des_cbc aes128 Encryption algorithm aes_128 prefer_ctos_hmac Preferred HMAC algorithm from the client to the server The default algorithm is sha1_96 prefer_stoc_hmac Preferred HMAC algorithm from the server to the client The default algorithm is sha1_96 sha...

Page 1180: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual PoE Huawei Technologies Proprietary ...

Page 1181: ...1 6 1 1 8 poe mode 1 7 1 1 9 poe priority 1 7 Chapter 2 PoE PSU Supervision Commands 2 1 2 1 PoE PSU Supervision Display Commands 2 1 2 1 1 display poe power ac input state 2 1 2 1 2 display poe power alarm 2 2 2 1 3 display poe power dc output state 2 3 2 1 4 display poe power dc output value 2 3 2 1 5 display poe power switch state 2 4 2 1 6 display supervision module information 2 4 2 2 PoE PSU...

Page 1182: ...se the display poe interface interface name interface type interface num command to display the PoE status of a specific port on the switch Use the display poe interface command without any option to display the PoE status of all the PoE capable ports on the switch Example Display the PoE status of the port GigabitEthernet3 1 1 Quidway display poe interface GigabitEthernet3 1 1 Port power status d...

Page 1183: ...auto the system automatically selects the PoE mode 2 signal 3 spare Port PD class The class of the power the port supplies to the PD Port power priority Port priority 1 critical the highest 2 high 3 low Port max power Maximum power on the port Port current power Present power on the port Port average power Average power on the port Port peak power Peak power on the port Port current Present curren...

Page 1184: ...y the power information of the port GigabitEthernet3 1 1 Quidway display poe interface power GigabitEthernet3 1 1 Port power 700 mW 1 1 3 display poe pse Syntax display poe pse View Any view Parameter None Description Use the display poe pse command to display the parameters of all the PoE cards in the switch that serve as a power sourcing equipment PSE Example Display the parameters of all the Po...

Page 1185: ...r Average Value Average power of the card Software Version PSE software version Hardware Version PSE hardware version Note The sampling cycle of the current power of the interface card is 1 minute and the sampling cycle of the peak power and average power is 5 minutes 1 1 4 display poe slot Syntax display poe slot slotnum View Any view Parameter slotnum Slot number of a PoE card Description Use th...

Page 1186: ...tax poe enable undo poe enable View Ethernet port view Parameter None Description Use the poe enable command to enable the PoE feature on a port Use the undo poe enable command to disable the PoE feature on a port By default PoE is disabled on port Example Enable PoE on current port Quidway GigabitEthernet3 1 1 poe enable Disable PoE on current port Quidway GigabitEthernet3 1 1 undo poe enable 1 1...

Page 1187: ...y GigabitEthernet3 1 1 poe max power 12000 Restore the default PoE power on current port Quidway GigabitEthernet3 1 1 undo poe max power 1 1 7 poe max power slot Syntax poe max power max power slot slot num undo poe max power slot slot num View System view Parameter max power Maximum power distributed to the card ranging from 37 W to 806 W slot num Slot number of a card Description Use the poe max...

Page 1188: ...es power in automatically selected mode Description Use the poe mode command to configure the PoE mode on the current port Use the undo poe mode command to restore the default PoE mode on current port By default the port adopts signal lines to supply power Caution Quidway S8500 series routing switches currently do not support the spare mode If a PD only supports the spare mode a conversion will be...

Page 1189: ...y command to set the PoE priority on a port Use the undo poe priority command to restore the default priority By default the PoE priority on each port is low Caution When the PoE power of the switch is not enough to support all the port the switch supplies power to ports with higher priority and powers down some ports with lower priority Example Set the PoE priority of current port to critical Qui...

Page 1190: ...e command to display the AC input state of each power supply unit PSU Example Display the AC input state of each PSU Quidway display poe power ac input state PSU 1 AC Input State Lack Phase PSU 2 AC Input State Normal PSU 3 AC Input State Lack Phase Table 2 1 Description on the fields of the display poe power ac input state Field Description NORMAL The AC input is normal Under Limit The AC input i...

Page 1191: ...ation Fail Rectifier not in present Table 2 2 Description on the fields of the display poe power alarm command Field Description NORMAL Normal NOTLINK The PSU is disconnected That is the controller was able to communicate with the PSU but it cannot now Power cycling the unit or re inserting a new PSU can resolve this problem INERROR The PSU input is in trouble Restoring the AC input can resolve th...

Page 1192: ...tput state of the PoE PSUs Example Display the current DC output state Quidway display poe power dc output state DC Output State Normal 2 1 4 display poe power dc output value Syntax display poe power dc output value View Any view Parameter None Description Use the display poe power dc output value command to display the DC output voltage current value of the PoE PSUs Example Display the DC output...

Page 1193: ...the AC power distribution switches of the PSUs Example Display the number and current state of the AC power distribution switches Quidway display poe power switch state Switch Number 0 Table 2 3 Description on the fields of the display poe power switch state command Field Description On The switch is on Off The switch is off High Volt Input The input is high voltage Low Volt Input The input is low...

Page 1194: ...Output Power 2500 W Hard Version Info NP 2500 PSU 2 Rating Output Power 2500 W Hard Version Info NP 2500 Table 2 4 Description on the fields of the display supervision module information command Field Description Supervision Module Version Software version of the supervision module Supervision Module Name Name of the supervision module Power Type Power type Power Rating Value Rated power of the po...

Page 1195: ... threshold z For 220 VAC input it is recommended to set the threshold to 181 0 V z For 110 VAC input it is recommended to set the threshold to 90 0 V Example Set the undervoltage alarm threshold of AC input to 181 0 V Quidway poe power input thresh lower 181 0 Set lower input threshold power successfully 2 2 2 poe power input thresh upper Syntax poe power input thresh upper string View System view...

Page 1196: ...d It ranges from 45 00 V to 47 00 V in the format of x x Description Use the poe power output thresh lower command to set the undervoltage alarm threshold of DC output lower threshold For both 220 VAC and 110 VAC input it is recommended to set the threshold to 45 00 V Example Set the undervoltage alarm threshold of DC output to 45 00 V Quidway poe power output thresh upper 57 0 Set lower output th...

Page 1197: ...se the poe power output thresh upper command to set the overvoltage alarm threshold of DC output upper threshold For both 220 VAC and 110 VAC input it is recommended to set the threshold to 57 00 V Example Set the overvoltage alarm threshold of DC output to 57 00V Quidway poe power output upper 57 00 Set upper output threshold power successfully ...

Page 1198: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual NAT URPF VPLS Huawei Technologies Proprietary ...

Page 1199: ...1 13 1 1 13 reset nat 1 15 1 2 NAT Security Logging Configuration Commands 1 16 1 2 1 display ip userlog export 1 16 1 2 2 ip userlog nat 1 16 1 2 3 ip userlog nat active time 1 17 1 2 4 ip userlog nat export host 1 18 1 2 5 ip userlog nat export source ip 1 18 1 2 6 ip userlog nat export version 1 19 1 2 7 ip userlog nat mode flow begin 1 19 Chapter 2 URPF Configuration Commands 2 1 2 1 URPF Conf...

Page 1200: ...g Switches Table of Contents Huawei Technologies Proprietary ii 3 1 8 l2 binding vsi 3 6 3 1 9 mac address 3 8 3 1 10 mac table limit 3 9 3 1 11 mtu 3 9 3 1 12 peer 3 10 3 1 13 pwsignal 3 11 3 1 14 qos 3 11 3 1 15 shut 3 13 3 1 16 vsi 3 13 3 1 17 vsi id 3 14 ...

Page 1201: ...iguration Commands 1 1 1 display nat address group Syntax display nat address group View Any view Parameter None Description Use the display nat address group command to display the configuration of the address pool Example Display the configuration of the address pool Quidway display nat address group NAT address group information 0 from 1 1 1 1 to 1 1 1 2 1 from 2 2 2 2 to 2 2 2 3 slot 3 1 1 2 d...

Page 1202: ... NP timer is fast timer FastTime is 40 seconds SlowTime is 700 seconds Slow Timer 660 seconds 1 1 3 display nat blacklist Syntax display nat blacklist all ip ip address slot slot no View Any view Parameter all Displays all blacklist configurations ip ip address Displays the blacklist configurations and real time operation states for an IP address slot slot no Specifies the slot where the NAT servi...

Page 1203: ...ial configuration Control limit configuration of IP 10 1 1 91 Amount control upper limit 50 sessions Rate control limit uses special configuration Display the blacklist configurations and operation states for IP address 1 1 1 1 Quidway display nat blacklist ip 1 1 1 1 slot 3 Blacklist function global configuration Blacklist function is started Connection amount control is enabled Connection set up...

Page 1204: ... nat outbound NAT outbound information Vlan interface2 acl 2000 NAT address group 1 no pat slot 3 Vlan interface2 acl 2000 NAT address group 0 slot 3 Vlan interface3 acl 2000 NAT address group 1 no pat slot 3 Vlan interface3 acl 2000 interface slot 3 1 1 5 display nat server Syntax display nat server View Any view Parameter None Description Use the display nat server command to display information...

Page 1205: ...and to display the statistics of the current NAT information Example Display the statistics of the current NAT information Quidway display nat statistics slot 3 Running information in slot 3 active PAT session table count in CPU 0 active PAT session table count in NP 1 active NO PAT session table count 0 active SERVER session table count 3 the number of good packet in NP 0 the number of bad packet...

Page 1206: ...address pool end addr Ending IP address of an address pool Description Use the nat address group command to configure an address pool Use the undo nat address group command to delete an address pool An address pool is a group of some external IP addresses If start addr and end addr are the same there is only one address Caution z The number of addresses included in an address pool the number of th...

Page 1207: ...np slow Sets the aging mode of NAT entries established by means of the NAPT method in NPs to slow aging Description Use the nat aging time command to set the aging time for NAT entries Use the undo nat aging time command to restore the default value of the aging time for NAT entries The default aging mode of NAT entries is fast aging and cannot be changed By default the aging time of NAT entries r...

Page 1208: ...T setup rates refer to the rate for setting up the relationships that is the number of times for setting up the connections every second amount Sets the upper threshold for total connections that can be set up rate Sets the upper threshold rates at which connections are set up source You can set different thresholds controlling the number of connections for source IP addresses in the previous rang...

Page 1209: ...dresses Use the nat blacklist limit rate command to set the thresholds for controlling the setup rates of the blacklist Use the command to set the threshold for controlling the setup rates of all the addresses Use the nat blacklist limit rate source command to set the thresholds for controlling the setup rate of an individual IP address Use the undo nat blacklist limit rate command to restore the ...

Page 1210: ...side host addr host port slot slotno View VLAN interface view Parameter global addr A valid IP address provided for external accesses global port The port number provided for the FTP service of external accesses ranging from 0 to 12287 among which 21 can be replaced by FTP host addr The IP address of the server in internal LAN host port The service port number provided by nonstandard FTP servers r...

Page 1211: ...21 Example Configure nonstandard FTP servers Quidway system view Quidway interface Vlan interface 3 Quidway Vlan interface3 nat ftp server global 202 100 100 1 11225 inside 1 1 1 3 1698 slot 3 1 1 11 nat outbound Syntax nat outbound acl number address group group number no pat slot slotno undo nat outbound acl number address group group number no pat slot slotno View VLAN interface view Parameter ...

Page 1212: ...onnected to the ISP and acts as the egress of the internal network You may use the corresponding undo command to delete a NAT association If you do not specify any value for the keyword address group the EASY IP feature is implemented for NAT and the IP address of the interface is used as the translated address Note As for the ACL associated with an address pool only the source IP address and the ...

Page 1213: ... host port slot slotno undo nat server protocol pro type global global addr global port inside host addr host port slot slotno View VLAN interface view Parameter global addr Server s public IP address by which external devices can access servers global port External service port numbers of servers by which the external devices can access the services provided by servers If external service port nu...

Page 1214: ... session command automatically after the undo nat server command is executed After the configuration by using the address and port number defined by the global addr and the global port parameters you can access the internal server with the address and port number specified by the host addr and host port parameters Caution Up to 256 internal server translation commands can be configured for a VLAN ...

Page 1215: ...face2 undo nat server protocol tcp global 202 110 10 11 ftp inside 10 110 10 11 ftp slot 3 Specify an external address 202 110 10 10 let ports from 1001 to 1100 map to the TELNET service of internal hosts from 10 110 10 1 to 10 110 10 100 making 202 110 10 10 1001 map to 10 110 10 1 202 110 10 1002 map to 10 110 10 2 Quidway Vlan interface2 nat server protocol tcp global 202 110 10 10 1001 1100 in...

Page 1216: ...rt Syntax display ip userlog export slot slotno View Any view Parameter None Description Use the display ip userlog export command to display configurations and statistics of system logging Example Display configurations of NAT logging Quidway display ip userlog export slot 3 IP userlog export is not enable No ACL referenced as NAT userlog rule Version 1 is enabled Flow begin mode stopped Uselog a...

Page 1217: ... time minutes undo ip userlog nat active time View System view Parameter minutes Time duration of an active NAT connection before a log record is created for it ranging from 10 to 120 in minutes The default time duration is 0 which indicates that this function is disabled Description Use the ip userlog nat active time command to set the time duration of an active NAT connection before a log record...

Page 1218: ...n IP address for log packets udp port UDP port number of the log server that is the destination port number for log packets The valid range is from 0 to 65 535 By default it is 0 Description Use the ip userlog nat export host command to set the address and port number of the destination server of log packets Use the undo ip userlog nat export host command to remove the configuration Example Set th...

Page 1219: ... number of log packets to 169 254 1 1 and 200 respectively Quidway ip userlog nat export source ip 169 254 1 1 200 1 2 6 ip userlog nat export version Syntax ip userlog nat export version version number undo ip userlog nat export version View System view Parameter version number Version of the log packets which defaults to 1 Description Use the ip userlog nat export version command to set the vers...

Page 1220: ...erlog nat mode flow begin command to restore the default logging mode Use the corresponding commands to select the logging mode There are three options z Perform logging only when a NAT connection is deleted z Perform logging when a NAT connection is established or deleted z Perform logging when the NAT connection is active By default the NAT server performs logging only when a NAT connection is d...

Page 1221: ...s enabled on current VLAN ports If URPF is enabled and the specified board with URPF function is enabled you can view UPRF statistical data that is the sum of processed packets and discarded packets Example Query URPF enabling status and statistical data of VLAN interface 1001 Quidway Vlan interface1001 display urpf URPF is enabled to slot 2 on current vlan interface packet statistics related to U...

Page 1222: ...he port To clear recording statistics of received and discarded data packets on the port execute the reset urpf statistic command As a result the URPF statistical counter is cleared to zero Example Clear URPF statistical counters to zero Quidway Vlan interface100 reset urpf statistic 2 1 3 urpf enable Syntax urpf enable to slot slotid undo urpf enable View VLAN interface view Parameter slotid Numb...

Page 1223: ...kets needing URPF check to boards with URPF function the LSBM1NATB board Refer to Packet Redirection section of QACL part for more information Caution Because URPF and virtual private LAN service VPLS are mutually exclusive you cannot simultaneously enable URPF and VPLS in the same VLAN interface view Example Enable URPF on VLAN ports and specify the service processor card installed in slot 2 to i...

Page 1224: ...itation in the range of 64 kbps to 4 194 303 kbps with the increment of 64 After the configuration the system automatically takes the biggest number that can be exactly divided by 64 and is no more than the setting number as the rate limitation The actually supported rate limitation ranges from 64 kbps to 2 097 152 kbps and if the value you set is above 2 097 152 kbps no rate limitation is perform...

Page 1225: ...including broadcast multicast unknown unicast beyond the suppression percentage is discarded By default the broadcast suppression percentage is 5 Example Set the broadcast suppression percentage of the VPLS instance Huawei to 10 Quidway vsi Huawei ldp broadcast restrain 10 3 1 3 description Syntax description TEXT undo description View VSI LDP view Parameter TEXT Description text for the specified...

Page 1226: ...ugging concerning L2VPN module connections Enables debugging for MPLS layer 2 VC connections error Enables debugging for L2VPN errors event Enables debugging for event notification among modules Description Use the debugging mpls l2vpn command to enable individual kinds of L2VPN debugging Use the undo debugging mpls l2vpn command to disable the corresponding debugging By default all L2VPN debuggin...

Page 1227: ...g entries of the VPLS instance Huawei Quidway display mac address vsi Huawei MAC ADDR STATE VPN ID PEER IP AGING TIME 0004 0000 005b dynamic 150 LOCAL AGING 1 mac address es found 3 1 6 display mpls l2vc Syntax display mpls l2vc verbose interface Vlan interface interface num vsi vsi name peer peer ip up down block View Any view Parameter verbose Displays details about all layer 2 virtual connectio...

Page 1228: ...o view the corresponding L2VC information Related command vsi l2 binding vsi Example View the L2VC information about the VPLS instance Huawei Quidway display mpls l2vc Total l2vc 3 l2vc 1 up l2vc 0 block l2vc 2 down Interface Vlan interface1024 Encapsulation ethernet Service VPLS VSI name huawei vsi id 1024 Service Status Open VC ID Destination State Lcl Label Rmt Label Tunnel Index 1024 6 6 6 6 d...

Page 1229: ...Qos table 0 0 0 1 1 1 1 2 Mac table limit 128 3 1 8 l2 binding vsi Syntax l2 binding vsi vsi name encapsulation vlan ethernet undo l2 binding vsi vsi name encapsulation vlan ethernet View VLAN interface view Parameter vsi name Name of a VPLS instance encapsulation Specifies the user access encapsulation mode By default the mode is Ethernet ethernet Specifies the user access encapsulation mode as E...

Page 1230: ...100 in VLAN view Enabled VLAN VPN on the port of the VLAN indicates the VSI can be accessed through Ethernet Quidway interface GigabitEthernet3 1 4 Quidway GigabitEthernet3 1 4 vlan vpn enable Quidway GigabitEthernet3 1 4 port access vlan 100 Quidway GigabitEthernet3 1 4 interface vlan interface 100 Quidway Vlan interface100 undo ip address Quidway Vlan interface100 L2 binding vsi Huawei Caution z...

Page 1231: ...tic MAC address vlan interface number The number of the specified VLAN interface Description Use the mac address command to configure a static MAC address for a VPLS instance The address you configured can be either a MAC address on a local CE or a MAC address on a remote CE Use the undo mac address command to disable the configuration Note that when configuring the static MAC address of a VPLS in...

Page 1232: ...his number the system no longer learns any new source MAC address instead it directly broadcasts the packet in the VSI Example Set the maximum number of the MAC addresses of the VPLS instance Huawei to 1 024 Quidway vsi Huawei ldp mac table limit 1024 3 1 11 mtu Syntax mtu mtu View VSI LDP view Parameter mtu Value of the access maximum transmission unit MTU of a VPLS instance in the range of 128 b...

Page 1233: ...ernet Tagged backup peer Specifies the IP address of the backup PE corresponding to the primary PE of the UPE primary peer Specifies the IP address of the primary PE corresponding to the backup PE of the UPE alternatepeer ip Specifies the IP address of the corresponding backup peer PE in hierarchical VPLS architecture as the IP address of the VPLS peer Description Use the peer command to create a ...

Page 1234: ...e the backup PE will be switched to the available state Quidway vsi vpn1 ldp peer 4 4 4 4 backup peer 5 5 5 5 Quidway vsi vpn1 ldp peer 5 5 5 5 primary peer 4 4 4 4 3 1 13 pwsignal Syntax pwsignal ldp View VSI view Parameter ldp Makes the VPLS uses the martini mode Description Use the pwsignal command to specify a PW signaling protocol for VPLS and enter VPLS protocol view When you specify Martini...

Page 1235: ...the QoS level for the VSI which is in the range of 0 to 7 and defaults to 0 When configuring the QoS level you can either use the QoS mapping table suggested by protocol or the user defined QoS table and set p p p p p p p p with this command The following is the QoS classifying table suggested by protocol Table 3 1 QoS classifying table of available classes of service User Priority 1 2 3 4 5 6 7 8...

Page 1236: ...e VSI is shut down the system does not process any traffic for this VSI Use the undo shut command to restore the VPLS service of the VSI Example Disable VPLS for the VPLS instance Huawei Quidway vsi Huawei ldp shut Enable VPLS for the VPLS instance Huawei Quidway vsi Huawei ldp undo shut 3 1 16 vsi Syntax vsi vsi name static undo vsi vsi name View System view Parameter vsi name Name for a VPLS ins...

Page 1237: ...ay vsi Example Create a VPLS instance named Huawei Specify the peer discovery of the instance as manual configuration the encapsulation for users is VLAN access Quidway vsi Huawei static Quidway vsi Huawei 3 1 17 vsi id Syntax vsi id vsi id View VSI LDP view Parameter vsi id ID for the VPLS instance in the range of 1 to 1 024 The ID of a VPLS instance must be locally unique For the VC of this VPLS...

Page 1238: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Integrated Management Huawei Technologies Proprietary ...

Page 1239: ... 1 12 query vlan 1 13 1 1 13 reset lanswitch 1 16 1 1 14 save lanswitch 1 17 1 1 15 set lanswitch 1 17 1 1 16 set lswconfig 1 18 1 1 17 set lswname 1 18 1 1 18 spanning hub 1 19 1 1 19 upgrade lanswitch 1 20 1 2 Configuration Commands for S2403F Series Switches 1 21 1 2 1 loop port 1 21 1 2 2 query ip address 1 22 1 2 3 set ip address 1 23 1 2 4 set mac 1 23 1 2 5 set port 1 24 1 2 6 set vlan 1 25...

Page 1240: ...ation 1 42 1 3 19 query system 1 43 1 3 20 query uniaddr port 1 43 1 3 21 query used addrnum 1 44 1 3 22 query vdsllink 1 45 1 3 23 query vlanstate 1 46 1 3 24 search multiaddr 1 47 1 3 25 search uniaddr 1 48 1 3 26 set address agedtime 1 49 1 3 27 set config flash 1 50 1 3 28 set gatewayip 1 51 1 3 29 set link aggregation 1 51 1 3 30 set loop test 1 52 1 3 31 set manageip 1 53 1 3 32 set mirror m...

Page 1241: ...Switches Chapter 1 HGMP V1 Configuration Commands Huawei Technologies Proprietary 1 1 Chapter 1 HGMP V1 Configuration Commands 1 1 HGMP Server Common Command Set Note Commands in the common command set are used to configure switches connected to the management device ...

Page 1242: ...nt can identify no more than 40 objects z Ethernet switch position parameters It is necessary to recognize the Ethernet switches connected to a management device This is achieved by using arguments of the lanswitch loc type An argument of this type takes the form of slot subslot port p1 p2 among which port is a port number which identifies a port of the management device through which an Ethernet ...

Page 1243: ...nnected switches using the factory settings Related command query port query vlan Example Configure the switches using the factory settings with VLAN2000 as the starting VLAN ID Quidway lanswitch3 1 6 auto config default 2000 Auto config will clean previous configuration are you sure n y Waiting Auto config LANSWITCH 3 1 6 successfully 1 1 2 backup lswconfig Syntax backup lswconfig View HGMP view ...

Page 1244: ... a character string in such format as 3 7 which identifies objects 3 through 7 You can also use commas to connect single numbers and character strings Description Use the close port command to close the specified ports of the Ethernet switch Use the undo close port command to enable the specified ports of the Ethernet switch You can use the query port command to verify these two commands The close...

Page 1245: ...ration information about an HGMP server Example Display information about the HGMP server Quidway display hgmpserver Hgmp Server Cfg Info Hgmp Server Global Enable Hgmp Server Ports Enable Info Port Hgmp status X Hgmp enable Port Hgmp status Hgmp disable SlotNo 0 SubSlotNo 1 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 2 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 0 20 SlotNo 1 SubSlotNo 1 0 0 0 0 0 0 0 0 0 ...

Page 1246: ...MP Server is enabled globally Hgmp Server Ports Enable Info The list of ports on which HGMP Server is enabled z Port Hgmp status X Hgmp enable The state of Hgmp on the port of the switch X Hgmp enabled z Port Hgmp status Hgmp disable The state of Hgmp on the port of the switch Hgmp disabled SlotNo 1 SubSlotNo 0 Slot and subslot numbers of the port 0 0 0 0 1 1 1 1 1 1 1 2 1 2 3 4 3 4 5 6 7 8 9 0 Po...

Page 1247: ...fter registering inactive Specifies to display Ethernet switches that are inactive after registering Description Use the display lanswitch command to display the information about specified registered Ethernet switches The information includes those about the Ethernet switches connected to the port If the Ethernet switches are connected to the port and registered successfully information about the...

Page 1248: ...ax hgmpport enable disable View Ethernet port view Parameter enable Specifies to enable HGMP on the Ethernet switch port disable Specifies to disable HGMP on the Ethernet switch port Description Use the hgmpport command to enable disable HGMP on an Ethernet switch port After enabling HGMP globally you must enable HGMP on an Ethernet switch port to collect information about it Example Enable HGMP o...

Page 1249: ...r enable Start HGMP protocol successfully 1 1 8 lanswitch Syntax lanswitch lanswitch loc View HGMP view Parameter lanswitch loc Ethernet switch position parameter a string that comprises slot number subslot number port number and sequence number This argument does not indicate the actual physical position Description Use the lanswitch command to enter lanswitch view You can configure an Ethernet s...

Page 1250: ...evice To execute this command make sure the specified file is downloaded to the flash memory of the management device through trivial file transfer protocol TFTP or file transfer protocol FTP Before upgrading an Ethernet switch connected to the management device you must use the load lswprogram command to load the file saved in the flash memory of the management device to the upgrade memory of the...

Page 1251: ...thernet switches attached to it you need configure the networks connected to the ports of the management device to adopt star topology by using the spanning hub command on the management device Example Display topology information about the networks connected to the ports of the management device Quidway hgmp query hgmpport mode port mode X spanning hub mode port mode tree mode SlotNo 0 SlotNo 1 S...

Page 1252: ...s the corresponding port has a network that is of star topology connected 1 1 11 query port Syntax query port port list lockstate View lanswitch view Parameter port list List of ports to be queried Be sure to provide a valid port number if you want to specify a single port You can input a single number for the argument which identifies one object You can input a character string in such format as ...

Page 1253: ...UnLock 11 UnLock 12 UnLock 13 UnLock 14 UnLock 15 UnLock 16 UnLock 17 UnLock 18 UnLock 19 UnLock 20 UnLock 21 UnLock 22 UnLock 23 UnLock 24 UnLock 25 MNoIns 26 UnLock Explain MNIns mean port module isn t inserted End 1 1 12 query vlan Syntax query vlan index vlan index list vlanid vlan id list View lanswitch view Parameter index vlan index list Specifies a list of VLAN indexes Each VLAN has a VLAN...

Page 1254: ...e symbol x indicates the corresponding port is in the VLAN broadcast domain For VLANs with their VLAN IDs the vlan id list argument specifies beyond the VLAN Index the corresponding information cannot be displayed Related command set vlan Example Display information about the broadcast domains to which VLAN Index 1 through 10 correspond Quidway lanswitch3 1 6 query vlan index 1 10 Waiting Result o...

Page 1255: ...in the corresponding VLAN broadcast domain The symbol x indicates a port is in the corresponding VLAN broadcast domain Display information about VLAN broadcast domains to which VLAN ID 2000 through 2005 correspond Quidway lanswitch3 1 6 query vlan vlanid 2000 2005 Waiting Result of inquiring LANSWITCH 6 0 s VlanId VlanId VlanIndex Including ports of Vlan broadcast 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1...

Page 1256: ...tch position parameter a string that comprises slot number subslot number port number and sequence number Description Use the reset lanswitch command to reset the Ethernet switches connected to the management device As all the services provided by an Ethernet switch are terminated when you reset the Ethernet switch use this command with caution Only Ethernet switches that register with the managem...

Page 1257: ...d Ethernet switch to the memory of the management device Note that data stored in the memory of the management device gets lost after the management device reboots Related command backup lswconfig Example Save the configuration settings of the Ethernet switch with a position parameter of 0 1 6 to the memory of the management device Quidway hgmp save lswconfig 0 1 6 Waiting 1 1 15 set lanswitch Syn...

Page 1258: ...ult View HGMP view Parameter lanswitch loc Ethernet switch position parameter Description Use the set lswconfig command to specify the configuration settings of an Ethernet switch to be the default settings of the Ethernet switches that are of the same model You can use the auto config command to configure other Ethernet switches that are of the same model using the default settings Related comman...

Page 1259: ...Ethernet switch in time using its position parameters An alternative is to assign aliases to Ethernet switches Note that the position parameters specified by the lanswitch loclist argument and the aliases specified by the name list argument are one to one mapped Example Assign alias of 1 S3526 to the Ethernet switch with a position parameter of 0 1 6 Quidway hgmp set lswname 0 1 6 1 S3526 Config l...

Page 1260: ...l cause lanswitch data to be lost are you sure n y Quidway hgmp 1 1 19 upgrade lanswitch Syntax upgrade lanswitch lanswitch loc app bootrom View HGMP view Parameter lanswitch loc Ethernet switch position parameter a string that comprises slot number subslot number port number and sequence number This argument does not identify the physical position of an Ethernet switch app Specifies to upgrade th...

Page 1261: ...hernet switches 1 2 1 loop port Syntax loop port port list undo loop port port list View lanswitch view Parameter port list List of ports to be set Be sure to provide a valid port number if you want to specify a single port You can input a single number for the argument which identifies one object You can input a character string in such format as 3 7 which identifies objects 3 through 7 You can a...

Page 1262: ... display the IP address subnet mask and the IP address of the default gateway If nothing displayed the management VLAN of the Ethernet switch has no IP address configured Related command set ip address Example Display the IP address subnet mask and the IP address of the default gateway Quidway lanswitch3 1 6 query ip address Waiting Inquiring ip address of LANSWITCH 3 1 6 successfully Ip address 1...

Page 1263: ...AN Description Use the set ip address command to set the IP address subnet mask and the IP address of the default gateway Use the undo set ip address command to remove the configuration Related command query ip address Example Set the IP address of the management VLAN of the Ethernet switch to 1 3 4 2 Quidway lanswitch3 1 6 set ip address 1 3 4 2 255 255 0 0 1 3 2 1 Waiting Set ip address of LANSW...

Page 1264: ...for the argument which identifies one object You can input a character string in such format as 3 7 which identifies objects 3 through 7 You can also use commas to connect single numbers and character strings vlanid vlan id list tagged untagged Specifies a list of VLAN IDs to be assigned to the ports specified by the port list argument and whether or not these ports are tagged The value of a VLAN ...

Page 1265: ...ding VLAN Index port list Broadcast domain of the specified VLAN The legal value for individual port ranges from 1 to 27 Value of 0 specifies the corresponding VLAN has no broadcast domain broadcast port list vlan id list Sets the specified VLAN The vlan id list argument is optional The port list argument specifies the ports which the corresponding VLAN contains The legal value for individual port...

Page 1266: ...which identifies objects 3 through 7 You can also use commas to connect single numbers and character strings 10m full Specifies to operate at a speed of 10 Mbps and in full duplex mode 10m half Specifies to operate at a speed of 10 Mbps and in half duplex mode 100m full Specifies to operate at a speed of 100 Mbps and in full duplex mode 100m half Specifies to operate at a speed of 100 Mbps and in ...

Page 1267: ...icable to S2008B S2016B S2026B S3026 series switches 1 3 1 add addritem Syntax add addritem mac addr unicast port aged noaged permanent multicast vlanid port list mctype View lanswitch view Parameter mac addr MAC address to be added unicast Specifies the address as a unicast address port Port used to unicast aged Specifies to delete the address if it is aged noaged Specifies the address is not age...

Page 1268: ... address of 0e0 fc01 1000 for the Ethernet switch with a position parameter of 3 1 6 specifying the entry as an aging entry Quidway lanswitch3 1 6 add addritem 00e0 fc01 1000 unicast 1 aged Waiting Add address item successfully MAC Addr 00 e0 fc 01 10 00 1 3 2 delete multicast Syntax delete multicast mac addr vlanid vlanid View lanswitch view Parameter mac addr MAC address of the multicast entry t...

Page 1269: ...1 on the Ethernet switch with a position parameter of 3 1 3 Quidway lanswitch3 1 3 delete uniaddr 00e0 fc01 1001 Waiting Deleting Mac Result No ErrId Mac Addr VlanId 0 0 00 e0 fc 01 10 01 End ErrId Mean 0 Success 1 Invalid Mac 2 vlanId out range 2 vlanId out range 1 4095 5 No Found AddrTab other Unkown Cause Table 1 7 Description on the fields of the delete uniaddr command Field Description No MAC...

Page 1270: ...lf duplex mode A port operating in full duplex mode can send receive packets while it is receiving sending packets A port operating in half duplex mode can either receive or send packets at a certain moment If you set a port with the auto keyword the port negotiates with its peer to determine the mode it operates in Note that the 100M optical ports of an Ethernet switch are fixed to operate at a s...

Page 1271: ... port is relatively large Example Specify to perform flow control on port 3 of the Ethernet switch with a position parameter of 3 1 3 Quidway lanswitch3 1 3 flow port 3 both Waiting operating LANSWITCH 3 1 3 s ports successfully 1 3 6 Lock port Syntax lock port port list View Lanswitch view Parameter port list The port list that requires configuring Description Use the lock port command to disable...

Page 1272: ...odified vlanid VLAN ID of the multicast group port list Port list for the multicast group mctype Specifies how the multicast group forward data to the CPU no Specifies not to forward to the CPU trans Specifies to forward data to the CPU igmp Specifies to forwards IGMP packets to the CPU Description Use the modify multiaddr command to modify the multicast address entry of an Ethernet switch Related...

Page 1273: ... be written to the flash memory Description Use the modify uniaddr command to modify the unicast address entry for an Ethernet switch Related command search uniaddr Example Modify the unicast address entry of the Ethernet switch with a position parameter of 3 1 3 Quidway lanswitch3 1 3 modify uniaddr 0e0 fc11 1001 noaged Waiting Modify addr item successfully Mac addr 00 e0 fc 11 10 01 1 3 9 query ...

Page 1274: ...ation Current configuration is hostname Quidway hgmp enable no qos line aux speed 9600 Table 1 8 Description on the fields of the query active configuration command Field Description Current configuration is The information that follows is the items of the current configuration separated by the symbol 1 3 10 query address Syntax query address agedtime View Lanswitch view Parameter None Description...

Page 1275: ...MS 1 3 11 query gatewayip Syntax query gatewayip View lanswitch view Parameter None Description Use the query gatewayip command to query the gateway IP address of the switch Example Query the gateway IP address of the Ethernet switch with the position parameter of 8 1 1 Quidway lanswitch8 1 1 query gatewayip Waiting Inquire gateway IP address of LANSWITCH 8 1 1 successfully Gateway IP address 1 1 ...

Page 1276: ...regation the command displays Related command set link aggregation Example Query information about port aggregation of the Ethernet switch with a position parameter of 3 1 6 Quidway lanswitch3 1 6 query link aggregation Waiting Link aggregation Group Lk ag Num Type Port1 port2 port3 port4 End Waiting Link aggregation Group Link aggregation Num Type Port1 port2 port3 port4 0 sa 1 2 3 4 End Table 1 ...

Page 1277: ...query the management IP address of the switch Example Query the management IP address of the Ethernet switch with the position parameter of 8 1 1 Quidway lanswitch8 1 1 query manageip vlan 1 Waiting Inquire IP address of LANSWITCH 8 1 1 successfully VlanId 172 ManageIp address 172 172 172 172 NetMask 172 172 172 172 Note This command is only applicable to the configuration of S2008 S2016 and S3026...

Page 1278: ...tion Monitor port NO is Port number of the monitor port The mirrored ports list List of mirrored ports 1 3 15 query multiaddr Syntax query multiaddr vlanid vlanid View lanswitch view Parameter vlanid vlanid Specifies the IDs of the VLANs to be queried in the range of 1 to 4 095 Description Use the query multiaddr command to query the multicast address entries of a specified VLAN of the Ethernet sw...

Page 1279: ...lticast group number Mac addr Multicast address PortMask Port mask which indicates the ports in a multicast group For example value of 0 indicates the multicast group contains no port value of 10 indicates the multicast group contains port 2 value of 110 indicates the multicast group contains ports 2 and 3 value of 10101 indicates the multicast group contains ports 1 3 and 5 and so on McType Indic...

Page 1280: ...UnLock 6 UnLock 7 UnLock 8 UnLock 9 UnLock 10 UnLock 11 UnLock 12 UnLock 13 UnLock 14 UnLock 15 UnLock 16 UnLock 17 UnLock 18 UnLock 19 UnLock 20 UnLock 21 UnLock 22 UnLock 23 UnLock 24 UnLock 25 MNoIns 26 MNoIns Explain MNIns mean port module isn t inserted End Note This command does not support configuring S2403F and S2403 Ethernet switches on the NMS 1 3 17 query rmon Syntax query rmon port por...

Page 1281: ...provide a keyword other than all this command can query 10 ports Related command reset rmon Example Query all the rmon statistics information about port 1 of the Ethernet switch with a position parameter of 3 1 6 Quidway lanswitch3 1 6 query rmon port 1 all Waiting Result of Inquiring RMON PortNum 1 Forward Packet Count 64Byte 0 65 127Byte 0 128 255Byte 0 256 511Byte 0 512 1023Byte 0 1024 1518Byte...

Page 1282: ...nt Statistics information about transmitted packets PortNum 1 Error Count Statistics information about error packets 1 3 18 query saved configuration Syntax query saved configuration View lanswitch view Parameter None Description Use the query saved configuration command to display the startup configuration of an Ethernet switch Example Display the startup configuration of the Ethernet switch Quid...

Page 1283: ...ed by the symbol 1 3 19 query system Syntax query system info View lanswitch view Parameter None Description Use the query system info command to query the system information of the switch Example Query the system information of the Ethernet switch with the position parameter of 8 1 1 Quidway lanswitch8 1 1 query system info Waiting Inquire system info failed Note This command is only applicable t...

Page 1284: ...mple Query the unicast address entries of the port 2 of the Ethernet switch with a position parameter of 3 1 3 Quidway lanswitch3 1 3 query uniaddr port 2 1 50 Waiting Result of Inquire AddrTable Index Mac addr Aged Index Mac addr Aged 0 00 e0 fc 01 10 00 1 1 00 00 00 00 00 00 0 Some Explain 1 Aged mean 0 No aged other value aged to delete 2 Total Number of the addrtable 1 End Table 1 14 Descripti...

Page 1285: ...answitch3 1 3 query used addrnum Waiting Unicast addrItem 7 Multicast AddrItem 6 Table 1 15 Description on the fields of the query used addrnum command Field Description Unicast addrItem Number of occupied unicast MAC address entries Multicast AddrItem Number of occupied multicast MAC address entries 1 3 22 query vdsllink Syntax query vdsllink port list View lanswitch view Parameter port list The ...

Page 1286: ...xSNR 0 LtRsCount 0 LtTxPsd 0dBm hz RtRxSNR 0 RtRsCount 0 RtTxPSD 0dBm hz RtHVer 0 RtSVer 0 End Note This command is only applicable to the configuration of S3026V Ethernet switches on the NMS 1 3 23 query vlanstate Syntax query vlanstate View lanswitch view Parameter None Description Use the query vlanstate command to query the VLAN state of the switch Example Query the VLAN state of the Ethernet ...

Page 1287: ...is argument can contain up to four MAC addresses vlanid list List of VLAN IDs corresponding to those specified by the mac addr list argument Description Use the search multiaddr command to search specified multicast addresses in the address table of an Ethernet switch Example Search an address entry in the multicast address table of the Ethernet switch with a position parameter of 3 1 3 Quidway la...

Page 1288: ...st group For example value of 0 indicates the multicast group contains no port value of 10 indicates the multicast group contains port 2 value of 110 indicates the multicast group contains ports 2 and 3 value of 10101 indicates the multicast group contains ports 1 3 and 5 and so on McType Indicates how a multicast group forwards data to CPU The meanings of its value are z 0 Do not forward to CPU z...

Page 1289: ...Error number which are described as follows z 0 The operation is successful z 1 MAC address error z 2 VLAN ID out of range z 5 No address table found Mac Address Unicast address Port Port number Aged Indicates whether this entry can be aged PortMask Port mask which indicates the ports in a unicast group For example value of 0 indicates the multicast group contains no port value of 10 indicates the...

Page 1290: ...nds Quidway lanswitch8 1 1 set address agedtime 100 Waiting Config address aged time successfully Note This command is only applicable to the configuration of S2008B S2026B and S2016B Ethernet switches on the NMS 1 3 27 set config flash Syntax set config flash write erase View lanswitch view Parameter write Specifies to write the configuration file to the flash memory erase Specifies to remove the...

Page 1291: ...ple Set the IP address of the gateway of the Ethernet switch with the position parameter of 8 1 1 as 1 1 1 1 Quidway lanswitch8 1 1 set gatewayip 1 1 1 1 Waiting Add gateway IP address of LANSWITCH 8 1 1 successfully Cancel the IP address 1 1 1 1 of the gateway of the Ethernet switch with the position parameter of 8 1 1 Quidway lanswitch8 1 1 undo set gatewayip 1 1 1 1 Waiting Cancel gateway IP ad...

Page 1292: ...8B series switch does not support port aggregation an S2016B series switch can only has its Ethernet0 15 and Ethernet0 16 port aggregated in the dasa mode an S2026B series switch can only has its Ethernet0 23 and Ethernet0 24 port aggregated in the dasa mode You can use the query link aggregation command to verify the set link aggregation command Related command query link aggregation Example Set ...

Page 1293: ...lanswitch view Parameter ip address IP address netmask subnet mask vlan id the ID of VLAN Description Use the set manageip command to set the management IP address of the switch Use the undo set mangeip command to cancel the setting Example Set the management IP address of the Ethernet switch with the position parameter of 8 1 1 to 1 1 1 1 Quidway lanswitch8 1 1 set manageip 1 1 1 1 255 255 255 0 ...

Page 1294: ... list List of ports to be mirrored Description Use the set mirror monitor port command to set Ethernet port mirroring Use the undo set mirror command to remove the configuration You cannot specify a trunk port as a monitor port The existing monitor port is automatically removed if you set a new monitor port But the mirroring port remains unchanged Related command query mirror Example Set the port ...

Page 1295: ...ist argument are one to one mapped to the port numbers specified by the port list argument the number of the ports specified by the port list argument must be the same as that of the VLAN IDs specified by the vlan id list argument Description Use the set port command to assign VLAN IDs to ports of an Ethernet switch and specify whether or not these ports are tagged To avoid communication between a...

Page 1296: ... weights of the ports with high priority in the range of 1 to 10 Description Use the set qos_weight command to set the QoS weights of the ports of an Ethernet switch with high priority Use the undo set qos_weight command to remove the setting The QoS weights of the ports with low priority are fixed to 1 By executing the set qos_weight command you can have the ratio of the number of packets forward...

Page 1297: ...tion password of the Ethernet switch with a position parameter of 3 1 3 to darling Quidway lanswitch3 1 3 set superview_password darling 1 3 37 set sysname Syntax set sysname name word View lanswitch view Parameter name word Domain name a string that is of no more than 30 characters in length Description Use the set sysname command to set the domain name of an Ethernet switch Example Set the domai...

Page 1298: ...ates must be consistent with the number of ports Description Use the set vdsllink command to set the VDSL link rate of the port of the switch Example Set the VDSL link uplink rate and downlink rate of the port 1 of the Ethernet switch with the position parameter of 8 1 1 to 2 and 2 Quidway lanswitch8 1 1 set vdsllink 1 uprate 2 downrate 2 Waiting Config VDSL link successfully Note This command is ...

Page 1299: ...o 10m 100m 1000m View lanswitch view Parameter port list List of ports auto Specifies to operate in automatic negotiation mode 10m Specifies to operate at a speed of 10 Mbps 100m Specifies to operate at a speed of 100 Mbps 1000m Specifies to operate at a speed of 1000 Mbps Description Use the speed port command to set a port rate for specified ports of an Ethernet switch Ethernet ports that are of...

Page 1300: ...HUAWEI Quidway S8500 Series Routing Switches Command Manual Appendix Huawei Technologies Proprietary ...

Page 1301: ...acl QACL 3 1 active region configuration STP 1 1 add addritem NAT URPF VPLS 1 27 aggregate Routing Protocol 5 1 aggregate Multicast Protocol 7 1 aggregate MPLS 2 1 anti attack Security 1 1 apply as path Routing Protocol 6 1 apply community Routing Protocol 6 2 apply cost Routing Protocol 6 3 apply cost type Routing Protocol 6 4 apply ip next hop Routing Protocol 6 4 apply isis Routing Protocol 6 5...

Page 1302: ...Getting Started 1 1 authentication mode Routing Protocol 3 3 auto config NAT URPF VPLS 1 2 auto execute command Getting Started 1 2 B backup lswconfig NAT URPF VPLS 1 3 Balance Routing Protocol 5 2 bandwidth NAT URPF VPLS 3 1 bgp Routing Protocol 5 3 binary System Management 1 29 boot boot loader System Management 3 1 boot bootrom System Management 3 2 broadcast restrain NAT URPF VPLS 3 2 broadcas...

Page 1303: ...bit System Management 4 8 clock ssm System Management 4 8 clock ssmcontrol System Management 4 10 clock stop warm up System Management 4 10 clock summer time System Management 4 1 clock timezone System Management 4 3 clock source Port 4 1 close System Management 1 31 close port NAT URPF VPLS 1 4 command privilege level Getting Started 1 3 compare different as med Routing Protocol 5 4 compare diffe...

Page 1304: ...p relay Network Protocol 4 32 debugging dhcp server Network Protocol 4 3 debugging dns Network Protocol 6 2 debugging ha Reliability 2 1 debugging hwtacacs Security 2 51 debugging ids acl Port 5 2 debugging igmp Multicast Protocol 4 1 debugging isis Routing Protocol 4 3 debugging lacp packet Port 2 1 debugging lacp state Port 2 2 debugging link aggregation error Port 2 2 debugging link aggregation...

Page 1305: ...ing Protocol 2 2 default cost Routing Protocol 3 5 default interval Routing Protocol 3 6 default limit Routing Protocol 3 7 default local preference Routing Protocol 5 9 default local preference Multicast Protocol 7 3 default local preference MPLS 2 4 default med Routing Protocol 5 9 default med Multicast Protocol 7 4 default med MPLS 2 5 default tag Routing Protocol 3 7 default type Routing Proto...

Page 1306: ... name Network Protocol 4 6 dhcp server expired Network Protocol 4 7 dhcp server forbidden ip Network Protocol 4 8 dhcp server ip pool Network Protocol 4 9 dhcp server nbns list Network Protocol 4 9 dhcp server netbios type Network Protocol 4 10 dhcp server option Network Protocol 4 11 dhcp server ping Network Protocol 4 13 dhcp server relay information enable Network Protocol 5 2 dhcp server stati...

Page 1307: ...ticast routing table peer Multicast Protocol 7 9 display bgp multicast routing table regular expression Multicast Protocol 7 10 display bgp network Routing Protocol 5 11 display bgp paths Routing Protocol 5 12 display bgp peer Routing Protocol 5 13 display bgp routing table Routing Protocol 5 15 display bgp routing table as path acl Routing Protocol 5 16 display bgp routing table cidr Routing Prot...

Page 1308: ...work mode System Management 4 19 display connection Security 2 5 display counters Port 1 4 display cpu System Management 3 3 display current configuration System Management 1 12 display debugging System Management 4 21 display debugging ospf Routing Protocol 3 11 display device System Management 3 4 display dhcp relay address Network Protocol 4 35 display dhcp server conflict Network Protocol 4 14...

Page 1309: ... System Management 1 21 display ftp user System Management 1 22 display garp statistics VLAN QinQ 2 1 display garp timer VLAN QinQ 2 1 display gvrp statistics VLAN QinQ 2 5 display gvrp status VLAN QinQ 2 6 display hgmpserver NAT URPF VPLS 1 4 display history command Getting Started 1 4 display hwtacacs Security 2 51 display icmp statistics Network Protocol 7 5 display ids Port 5 1 display igmp gr...

Page 1310: ...l 1 13 display ip routing table verbose Routing Protocol 1 15 display ip routing table vpn instance Routing Protocol 1 14 display ip routing table vpn instance MPLS 2 8 display ip socket Network Protocol 7 7 display ip statistics Network Protocol 7 8 display ip userlog export NAT URPF VPLS 1 16 display ip vpn instance MPLS 2 8 display isis interface Routing Protocol 4 5 display isis lsdb Routing P...

Page 1311: ...r info MPLS 1 12 display mpls ldp interface MPLS 1 13 display mpls ldp lsp MPLS 1 15 display mpls ldp peer MPLS 1 16 display mpls ldp remote MPLS 1 18 display mpls ldp session MPLS 1 19 display mpls lsp MPLS 1 2 display mpls static lsp MPLS 1 3 display mpls statistics MPLS 1 4 display mpm forwarding table Multicast Protocol 3 4 display mpm group Multicast Protocol 3 5 display msdp brief Multicast ...

Page 1312: ... Protocol 3 21 display ospf nexthop Routing Protocol 3 23 display ospf peer Routing Protocol 3 24 display ospf request queue Routing Protocol 3 25 display ospf retrans queue Routing Protocol 3 26 display ospf routing Routing Protocol 3 27 display ospf vlink Routing Protocol 3 29 display password control Getting Started 2 1 display password control blacklist Getting Started 2 2 display password con...

Page 1313: ...ACL 2 7 display qos interface mirrored to QACL 2 7 display qos interface queue scheduler QACL 2 8 display qos interface traffic limit QACL 2 9 display qos interface traffic priority QACL 2 10 display qos interface traffic redirect QACL 2 10 display qos interface traffic shape QACL 2 11 display qos interface traffic statistic QACL 2 12 display qos vlan all QACL 2 12 display qos vlan traffic limit Q...

Page 1314: ... display snmp agent System Management 5 1 display snmp agent community System Management 5 1 display snmp agent group System Management 5 2 display snmp agent mib view System Management 5 3 display snmp agent statistics System Management 5 5 display snmp agent sys info System Management 5 7 display snmp agent usm user System Management 5 8 display ssh server System Management 8 4 display ssh serve...

Page 1315: ...rsion System Management 4 26 display vlan VLAN QinQ 1 3 display vlan acl member ports QACL 4 10 display vlan protocol vlan vlan VLAN QinQ 1 10 display vrrp Reliability 1 1 display vrrp statistics Reliability 1 3 display vrrp summary Reliability 1 4 display vsi NAT URPF VPLS 3 5 display xbar Reliability 2 2 dns domain Network Protocol 6 5 dns resolve Network Protocol 6 6 dns server Network Protocol...

Page 1316: ...ork Protocol 4 23 F file prompt System Management 1 5 filter policy export Routing Protocol 2 4 filter policy export Routing Protocol 3 30 filter policy export Routing Protocol 3 31 filter policy export Routing Protocol 4 12 filter policy export Routing Protocol 5 27 filter policy export Routing Protocol 6 9 filter policy export Multicast Protocol 7 10 filter policy export MPLS 2 13 filter policy ...

Page 1317: ...1 6 frame format Port 3 8 frame format Port 4 16 free user interface Getting Started 1 10 ftp System Management 1 33 ftp disconnect System Management 1 22 ftp server enable System Management 1 23 ftp timeout System Management 1 24 G garp timer VLAN QinQ 2 2 garp timer leaveall VLAN QinQ 2 4 gateway list Network Protocol 4 24 get System Management 1 34 get System Management 8 24 gratuitous arp lear...

Page 1318: ...match ip next hop Routing Protocol 6 15 if match mpls label MPLS 2 15 if match tag Routing Protocol 6 16 if match vpn target MPLS 2 16 igmp enable Multicast Protocol 4 4 igmp fast leave Multicast Protocol 4 5 igmp group limit Multicast Protocol 4 7 igmp group policy Multicast Protocol 4 8 igmp host join port Multicast Protocol 4 9 igmp host join vlan Multicast Protocol 4 9 igmp lastmember queryint...

Page 1319: ...9 import route Multicast Protocol 7 12 import route MPLS 2 17 import route isis level 2 into level 1 Routing Protocol 4 15 import route limit Routing Protocol 3 35 import source Multicast Protocol 6 5 info center channel name System Management 4 40 info center console channel System Management 4 41 info center enable System Management 4 41 info center logbuffer System Management 4 42 info center l...

Page 1320: ... NAT URPF VPLS 1 18 ip userlog nat export source ip NAT URPF VPLS 1 18 ip userlog nat export version NAT URPF VPLS 1 19 ip userlog nat mode flow begin NAT URPF VPLS 1 19 ip vpn instance MPLS 2 20 ip protect enable Network Protocol 1 6 ipv4 family MPLS 2 21 ipv4 family multicast Multicast Protocol 7 13 isis Routing Protocol 4 16 isis authentication mode Routing Protocol 4 17 isis circuit level Rout...

Page 1321: ...system priority Port 2 10 language mode Getting Started 1 14 lanswitch NAT URPF VPLS 1 9 lcd System Management 1 35 level Security 2 12 link aggregation Port 2 10 link aggregation group agg id description Port 2 11 link aggregation group agg id mode Port 2 12 link status hold Port 1 10 load lswprogram NAT URPF VPLS 1 10 local precedence QACL 2 20 local server Security 2 31 local user Security 2 13...

Page 1322: ...larm System Management 2 4 mac address max mac count enable forward System Management 2 6 mac address max mac count max mac num System Management 2 7 mac address timer System Management 2 8 mac table limit NAT URPF VPLS 3 9 md5 compatible Routing Protocol 4 29 mdi Port 1 13 mirrored to QACL 2 21 mirrored to QACL 4 1 mirroring group QACL 2 23 mkdir System Management 1 6 mkdir System Management 1 36...

Page 1323: ...1 25 mpls ldp timer MPLS 1 25 mpls ldp transport ip MPLS 1 27 mpls lsr id MPLS 1 7 msdp Multicast Protocol 6 6 msdp tracert Multicast Protocol 6 7 mtu Port 3 9 mtu MPLS 3 16 mtu NAT URPF VPLS 3 9 multicast Multicast Protocol 3 12 multicast route limit Multicast Protocol 3 13 multicast routing enable Multicast Protocol 3 14 multicast suppression Port 1 14 multicast suppression Multicast Protocol 3 ...

Page 1324: ...stem Management 7 5 ntp service authentication keyid System Management 7 6 ntp service broadcast client System Management 7 6 ntp service broadcast server System Management 7 7 ntp service max dynamic sessions System Management 7 8 ntp service multicast client System Management 7 9 ntp service multicast server System Management 7 10 ntp service refclock master System Management 7 11 ntp service re...

Page 1325: ...ACL 1 11 packet filter QACL 4 2 parity Getting Started 1 17 passive System Management 1 37 password Getting Started 2 3 password Security 2 15 password System Management 1 26 password control Getting Started 2 4 password control enable Getting Started 2 6 password control super Getting Started 2 7 peer Routing Protocol 2 8 peer Multicast Protocol 6 10 peer NAT URPF VPLS 3 10 peer advertise communi...

Page 1326: ...l 6 11 peer description MPLS 2 31 peer ebgp max hop Routing Protocol 5 36 peer ebgp max hop MPLS 2 32 peer enable Routing Protocol 5 37 peer enable Multicast Protocol 7 17 peer enable MPLS 2 32 peer enable MPLS 3 16 peer filter policy export Routing Protocol 5 37 peer filter policy export Multicast Protocol 7 18 peer filter policy export MPLS 2 33 peer filter policy import Routing Protocol 5 38 pe...

Page 1327: ... reflect client Multicast Protocol 7 24 peer reflect client MPLS 2 40 peer request sa enable Multicast Protocol 6 13 peer restart timer Routing Protocol 5 44 peer route policy export Routing Protocol 5 46 peer route policy export Multicast Protocol 7 24 peer route policy export MPLS 2 41 peer route policy import Routing Protocol 5 46 peer route policy import Multicast Protocol 7 25 peer route poli...

Page 1328: ...otocol 5 18 ping System Management 4 29 poe enable PoE 1 5 poe max power PoE 1 5 poe max power slot PoE 1 6 poe mode PoE 1 7 poe priority PoE 1 7 poe power input thresh lower PoE 2 6 poe power input thresh upper PoE 2 6 poe power output thresh lower PoE 2 7 poe power output thresh upper PoE 2 7 policy vpn target MPLS 2 47 port VLAN QinQ 1 8 port QACL 2 25 port access vlan Port 1 15 port can access...

Page 1329: ...lticast Protocol 7 26 preference MPLS 2 48 primary accounting Security 2 33 primary accounting Security 2 56 primary authentication Security 2 34 primary authentication Security 2 57 primary authorization Security 2 58 priority QACL 2 27 private group id mode standard Security 2 17 protocol inbound Getting Started 1 18 protocol inbound System Management 8 6 protocol vlan VLAN QinQ 1 12 public key ...

Page 1330: ...uery mirror NAT URPF VPLS 1 37 query multiaddr NAT URPF VPLS 1 38 query port NAT URPF VPLS 1 12 query port lockstate NAT URPF VPLS 1 39 query rmon NAT URPF VPLS 1 40 query saved configuration NAT URPF VPLS 1 42 query system NAT URPF VPLS 1 43 query uniaddr port NAT URPF VPLS 1 43 query used addrnum NAT URPF VPLS 1 44 query vdsllink NAT URPF VPLS 1 45 query vlan NAT URPF VPLS 1 13 query vlanstate N...

Page 1331: ...e System Management 1 9 rename System Management 8 28 reset Routing Protocol 2 9 reset acl counter QACL 1 13 reset arp Network Protocol 2 10 reset bgp Routing Protocol 5 52 reset bgp flap info Routing Protocol 5 53 reset bgp group Routing Protocol 5 53 reset counters interface Port 1 21 reset counters interface Port 4 17 reset counters interface pos Port 3 12 reset dampening Routing Protocol 5 54 ...

Page 1332: ...set ospf Routing Protocol 3 48 reset password control blacklist Getting Started 2 9 reset password control history record Getting Started 2 8 reset password control history record super Getting Started 2 8 reset pim neighbor Multicast Protocol 5 20 reset pim routing table Multicast Protocol 5 20 reset radius statistics Security 2 37 reset recycle bin System Management 1 9 reset saved configuration...

Page 1333: ...k Routing Protocol 2 16 rmdir System Management 1 10 rmdir System Management 1 39 rmdir System Management 8 29 rmon alarm System Management 6 7 rmon event System Management 6 9 rmon history System Management 6 10 rmon prialarm System Management 6 11 rmon statistics System Management 6 13 route distinguisher MPLS 2 50 route policy Routing Protocol 6 19 router id Routing Protocol 3 49 router route l...

Page 1334: ...em Management 3 8 schedule reboot delay System Management 3 9 scheme Security 2 16 scramble Port 3 12 screen length Getting Started 1 20 sdh threshold Port 4 26 search multiaddr NAT URPF VPLS 1 47 search uniaddr NAT URPF VPLS 1 48 secondary accounting Security 2 41 secondary accounting Security 2 60 secondary authentication Security 2 42 secondary authentication Security 2 61 secondary authorizati...

Page 1335: ...LS 1 23 set manageip NAT URPF VPLS 1 53 set mirror monitor port NAT URPF VPLS 1 54 set port NAT URPF VPLS 1 24 set port NAT URPF VPLS 1 54 set priority NAT URPF VPLS 1 55 set qos_weight NAT URPF VPLS 1 56 set superview_password NAT URPF VPLS 1 56 set sysname NAT URPF VPLS 1 57 set vdsllink NAT URPF VPLS 1 57 set vlan NAT URPF VPLS 1 25 set vlanid NAT URPF VPLS 1 58 set workmode NAT URPF VPLS 1 26 ...

Page 1336: ...nt packet max size System Management 5 13 snmp agent sys info System Management 5 14 snmp agent target host System Management 5 15 snmp agent trap enable System Management 5 16 snmp agent trap enable ldp MPLS 1 7 snmp agent trap enable lsp MPLS 1 8 snmp agent trap enable ospf Routing Protocol 3 51 snmp agent trap life System Management 5 18 snmp agent trap queue size System Management 5 18 snmp ag...

Page 1337: ...onfiguration System Management 1 21 state Security 2 20 state Security 2 44 static bind ip address Network Protocol 4 30 static bind mac address Network Protocol 4 31 static lsp egress MPLS 1 8 static lsp egress l2vpn MPLS 3 3 static lsp ingress MPLS 1 9 static lsp ingress MPLS 3 4 static lsp transit MPLS 1 10 static lsp transit l2vpn MPLS 3 5 static rp Multicast Protocol 5 22 static rpf peer Mult...

Page 1338: ...stp mode STP 1 31 stp non flooding STP 1 32 stp pathcost standard STP 1 33 stp point to point STP 1 33 stp port priority STP 1 34 stp region configuration STP 1 35 stp root protection STP 1 37 stp tc protection STP 1 38 stp timer forward delay STP 1 39 stp timer hello STP 1 40 stp timer max age STP 1 41 stp timer factor STP 1 42 stp transmit limit STP 1 43 stub Routing Protocol 3 53 subvlan VLAN Q...

Page 1339: ... 4 56 terminal trapping System Management 4 57 tftp get System Management 1 41 tftp put System Management 1 42 threshold Port 3 13 timer Routing Protocol 5 55 timer MPLS 2 53 timer hold Port 3 14 timer lsp generation Routing Protocol 4 26 timer lsp max age Routing Protocol 4 36 timer lsp refresh Routing Protocol 4 37 timer quiet Security 2 45 timer quiet Security 2 63 timer realtime accounting Sec...

Page 1340: ... 4 9 trap to cpu disable VLAN QinQ 1 6 trap to cpu disable vlan VLAN QinQ 1 7 U umount System Management 1 11 undelete System Management 1 11 undo snmp agent System Management 5 21 undo synchronization Routing Protocol 5 56 update l3plus System Management 3 11 upgrade lanswitch NAT URPF VPLS 1 20 urpf enable NAT URPF VPLS 2 2 user System Management 1 40 user privilege level Getting Started 1 30 us...

Page 1341: ...53 vpn instance Security 2 49 vpn instance capability simple MPLS 2 58 vpn target MPLS 2 59 vrrp authentication mode Reliability 1 6 vrrp method Reliability 1 7 vrrp ping enable Reliability 1 7 vrrp un check ttl Reliability 1 8 vrrp vrid preempt mode Reliability 1 9 vrrp vrid priority Reliability 1 9 vrrp vrid timer Reliability 1 10 vrrp vrid track Reliability 1 11 vrrp vrid virtual ip Reliability...

Reviews:

No comments

Brands by name

Popular brands

Load more brands