Zte ZXR10 2900 Series User Manual Download Page 164

Page: 164 / 262

ZXR10 2900 Series User Manual

Command

Function

zte(cfg)#

rule

rule-id

permit

deny

}{<

port-id

any

}{<

ip-p

rotocol

tcp

udp

arp

any

}{<

source-ipaddr wildcard

any

}{<

destination-ipaddr wildcard

any

}[

dscp

0-63

>][

fragment

][

cos

0-7

>][<

source-vlanId

>][<

source-mac

wildcard

any

][<

destination-mac

wildcard

any

]

This configures a
global ACL rule.

�

rule-id: designate the sub-item of the global access control
list and the range is 1~16.

�

ip-protocol, ip, tcp, udp, arp, any: the matching protocol.
It can be one of the keyword “tcp”, “udp”, “arp”and ”ip”
or an integer from 0 to 255 representing IP protocol. any
represents ignoring the protocol type.

Creating a global ACL instance means entering the configura-
tion mode of this instance, that is , global ACL configuration
mode.

12. To sort the rules in ACL instance, use the following command.

Command

Function

zte(cfg)#

move

rule-id

after

before

rule-id

This sorts the rules in
ACL instance.

13. To delete a rule in ACL instance, use the following command.

Command

Function

zte(cfg)#

clear rule

rule-id

This deletes a rule in
ACL instance.

14. To show the information of a configured ACL instance, use the

following command.

Command

Function

zte(cfg)#

show acl config

acl-number

>|<

acl-name

>][

rule

rule-id

permit

deny

active

passive

snmp

command

policy

ports

]

This shows the
information of a
configured ACL
instance.

15. To display ACL configuration information of port, use the fol-

lowing command.

Command

Function

zte(cfg)#

show acl binding

{

all

port

portlist

>]|

trunk

trunklist

>]}

This displays
ACL configuration
information of port.

152

Confidential and Proprietary Information of ZTE CORPORATION

Summary of Contents for ZXR10 2900 Series

Page 1: ...telligent Ethernet Switch User Manual Version 2 0 ZTE CORPORATION NO 55 Hi tech Road South ShenZhen P R China Postcode 518057 Tel 86 755 26771900 Fax 86 755 26770801 URL http ensupport zte com cn E mail support zte com cn ...

Page 2: ...rchantability fitness for a particular purpose title or non in fringement ZTE CORPORATION and its licensors shall not be liable for damages resulting from the use of or reliance on the information contained herein ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications covering the subject matter of this document Except as expressly provided in any...

Page 3: ...Technical Features and Parameters 8 Structure and Principle 11 Working Principle 11 Hardware Structure 12 ZXR10 2920 12 ZXR10 2920 Interfaces 13 ZXR10 2920 Indicators 13 ZXR10 2928 14 ZXR10 2928 Interfaces 14 ZXR10 2928 Indicators 14 ZXR10 2952 15 ZXR10 2952 Interfaces 15 ZXR10 2952 Interfaces 16 ZXR10 2936 FI 17 ZXR10 2936 FI Interfaces 17 ZXR10 2936 FI Indicators 17 Sub boards 18 FGEI 19 Confide...

Page 4: ... 39 System Boot Procedure 39 Usage and Operation 43 Configuration Modes 43 Configuration through Console Port Connection 44 Configuration through TELNET Session 44 Configuration through SSH Connection 45 Configuration through SNMP Connection 46 Configuration through WEB Connection 46 Command Mode 47 User Mode 47 Global Configuration Mode 48 File System Configuration Mode 48 Layer 3 Configuration M...

Page 5: ...rmation 60 Version Upgrade When the System is Normal 61 Version Upgrade When the System is Abnormal 62 Description about the Configuration File 64 Service Configuration 65 Port Configuration 65 Port Overview 65 Port Basic Configuration 66 Viewing Port Information 70 MAC Table Operations 71 MAC Table Overview 71 Basic Configuration of MAC Table 71 FDB Configuration Example 72 Port Mirroring Configu...

Page 6: ...Configuration of SQinQ 90 SQinQ Configuration Example 90 LACP Configuration 91 LACP Overview 91 Basic Configuration of LACP 92 LACP Configuration Example 93 STP Configuration 94 STP Overview 94 Basic Configuration of STP 97 Configuration Example 99 STP Configuration Example 99 RSTP Configuration Example 100 MSTP Configuration Example 101 ZESR Configuration 102 ZESR Overview 102 ZESR Introduction 1...

Page 7: ...Option82 Overview 133 Basic Configuration of DHCP Snooping Option82 134 DHCP Snooping Option82 Configuration Example 135 VBAS Configuration 136 VBAS Conifguration Overview 136 Basic Configuration of VBAS 137 VBAS Configuration Example 138 EPON 138 EPON Overview 138 EPON Function of ZXR10 2900 139 Basic Configuration of EPON 140 EPON Service Switch Configuration 141 EPON Configuration Example 143 U...

Page 8: ...Syslog Overview 182 Basic Configuration of Syslog 182 Syslog Configuration Example 183 NTP Configuration 183 NTP Overview 183 Basic Configuration of NTP 183 NTP Configuration Example 184 OAM 185 OAM Overview 185 OAM Overview 185 OAM Function 185 Basic Configuration of OAM 186 OAM Configuration Example 189 OAM Remote Loopback Configuration Example 189 OAM Link Control Event Configuration Example 19...

Page 9: ...3 Basic Configuration of SFLOW 213 WEB 214 WEB Overview 214 Configuring System Login 214 Configuration Management 216 System Information 216 Port Management 217 VLAN Management 221 PLAN Management 224 Port Mirroring Management 226 LACP Management 229 Monitor Information 233 Terminal Log 233 Port Statistics 233 Configuration Information 234 System Maintenance 235 Saving Configuration 235 Configurin...

Page 10: ...ZXR10 2900 Series User Manual Glossary 249 VIII Confidential and Proprietary Information of ZTE CORPORATION ...

Page 11: ... 3 Structure and Principles Introduces the structure and working princi ples of the ZXR10 2920 2928 2952 2936 FI Chapter 4 Installation and Debugging Introduces the installation and debugging methods of the ZXR10 2920 2928 2952 2936 FI Chapter 5 Usage and Operations Introduces the configuration methods command mode and usage of command line Chapter 6 System Management Introduces the system managem...

Page 12: ...ZXR10 2900 Series User Manual This page is intentionally blank II Confidential and Proprietary Information of ZTE CORPORATION ...

Page 13: ...uences So take care to use debug commands Especially the debug all com mand will open all debug processes so this command must not be used on the devices with services It is not recommended to use the debug commands when the user networks are in normal state ZTE Corporation will assume no responsibility for consequences re sulting from violation of general specifications for safety operations or o...

Page 14: ...ser Manual Caution Indicates the matters needing attention during configuration Note Indicates the description hint tip and so on for configuration op erations 2 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 15: ...r of carrier network and enterprise network Port and insert card expanding instance that ZXR10 2920 2928 2952 2936 FI switch series support are shown below Switch Type Fixed Port Expanding Module ZXR10 2920 16 10 100 Base T Ethernet Ports 2 10 100 1000 BASE T Ethernet Ports An expanding insert card which can provide dual channel 1000M optical port dual channel 1000M electrical port a 1000M electri...

Page 16: ... through STP RSTP MSTP These switches support the 802 3ad LACP function and it supplies load sharing and link backup It supports ZESR Ethernet ring network mode to provide fast protection switching which ensures the user service will not be interrupted Service Characteristics All kinds of operation characteristics and control are as follows 1 It provides flexible VLAN classification mode It can be...

Page 17: ...le can prevent unauthenticated users changing the switch configuration iv RADIUS identification authentication puts the switch un der the centralized control and prevents unauthorized user from modifying configuration 3 Network security control is provided i ACL based on port or Trunk makes it possible for users to apply security strategy to the ports of switches or Trunk ii MAC address binding an...

Page 18: ...itching is implemented at all ports ZXR10 2920 2928 2952 2936 FI has the following functions 1 100Mbps ports support 10 100M self adaption and MDI MDIX self adaption 2 Gigabit electrical ports support port 10 100 1000M self adap tion and MDI MDIX self adaption 3 It supports port based 802 3x flow control full duplex and back pressure flow control half duplex 4 It supports Virtual Circuit Tester VC...

Page 19: ...ity queues Ingress supports CAR The queue scheduling supports SP and combination SP WRR schedul ing method It supports egress shaping and tail drop 23 Port based speed control includes input speed limit and output speed limit Input speed limit supports flow rate limit of mul tiple buckets and output speed limit is based on queue The minimal granularity is 64Kbps 24 It provides detailed port flow s...

Page 20: ...Depth Weight with the full configuration ZXR10 2920 2 kg ZXR10 2928 2 kg ZXR10 2952 2 5 kg ZXR10 2936 FI 4 kg Maximum Power Consumption ZXR10 2920 16 W ZXR10 2928 20 W ZXR10 2952 27 W ZXR10 2936 FI 40 W Switch Capacity ZXR10 2920 11 2 Gbps ZXR10 2928 12 8 Gbps ZXR10 2952 17 6 Gbps ZXR10 2936 FI 14 4 Gbps Packet Forwarding Rate ZXR10 2920 8 3 Mpps ZXR10 2928 9 5 Mpps ZXR10 2952 13 1 Mpps ZXR10 2936...

Page 21: ...ong term work 30 70 For short term work 20 90 1 Under the normal work environment the test point of temperature and humidity should be above ground 2 meters and anterior to equipment 0 4m when the equipment without front and back protection board 2 The short term work means the continuous operation is less than 48 hours and the an nual work time is accomplished within 15 days Confidential and Prop...

Page 22: ...ZXR10 2900 Series User Manual This page is intentionally blank 10 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 23: ...ists of main processor and external functional chips to implement applications such as switching module control and manage for the system It provides serial ports for data operation and maintenance 2 Switch Module The main part of switch module is dedicated Ethernet switch chip which is used to process and switch pack ets sent from ports 3 Interface Module The main part of interface module is phys...

Page 24: ...ors On the back panel of ZXR10 2920 2928 2952 2936 FI there are AC and DC power supply interface and power supply switch ZXR10 2920 2928 2952 adopts natural dissipation method the vents on the left and right sides of box ZXR10 2936 FI adopts active ail cooled heat method the exhaust fan is installed on the one side of switch Power supply adopts independent power supply and supports two modes for p...

Page 25: ... of LINK ACT Four indicators show the status of two 10 100 1000 BASE T ports Each port has two indicators The left indicator of port shows the status of ACT The right indicator of port shows the status of LINK Two system indicators show the system running work status Indicators running statuses are described as follows 1 System indicators include power indicator SYS and running indicator RUN After...

Page 26: ...trical ports one 1000M electrical port together with one 1000M optical port or two 100M optical ports can be expanded 4 One console port is to realize the management and configura tion of various services ZXR10 2928 Indicators The following indicators are adopted on the front panel of ZXR10 2928 48 indicators indicate the statuses of the 16 10 100 Base T ports Each port has two indicators The left...

Page 27: ... duplex On the left side of port Flashing Collision condition On Link is available 10 100 Base T Ports On the right side of port Flashing Data is sent and received On the left side of port ACT indicator is flashing Data is sent and received 10 100 1000 BASE T Ports On the right side of port LINK indicator is always on LINK is available ZXR10 2952 Front panel of ZXR10 2952 is shown in Figure 4 FIGU...

Page 28: ... The upside indicator corresponds to the upside optical port the downside indicator corresponds to the downside optical port Two system indicators show power indicator SYS and running indicator RUN Indicators running status are described as follows 1 System indicators include power indicator SYS and running indicator RUN After the system is powered up the SYS indicator is on and the RUN indicator ...

Page 29: ...of 2936 FI is shown in Figure 5 FIGURE 5 ZXR10 2936 FI FRONT PANEL ZXR10 2936 FI Interfaces ZXR10 2936 FI provides the following types of access ports 1 Eight 10 100 BASE TX Ethernet 100M electrical ports These ports support MDI MDIX adaptation function and VCT auto matic test function 2 24 100BASE FX Ethernet 100M optical ports 3 Four uplink 1000BASE X interfaces 4 One console port is to realize ...

Page 30: ...quency of one time per second 2 The indicators of ZXR10 2936 FI except power and system indicators are shown in Table 5 TABLE 5 INDICATOR WORKING STATE OF ZXR10 2936 FI Indicator Position State Meaning The upside indicator LINK indicator is on LINK is available 100BASE FX 1000BASE X Ports The downside indicator ACT indicator is flashing Data is sent and received On the left side of port ACT indica...

Page 31: ...electrical ports The type is RS 2800 2GE RJ45 and supports 10 100 1000M adaptive as shown in Figure 6 FIGURE 6 RS 2800 2GE RJ45 SUB BOARD FGEI There are 4 indicators on the FGEI panel Each gigabit Ethernet electrical port has 2 indicators One is link activation indicator the other is link status indicator 1 When the link activation indicator is flashing it indicates that the data is sent or receiv...

Page 32: ...5 SUB BOARD FGFE There are 3 indicators on the FGFE panel The gigabit optical port has an indicator ACT When the indicator is on it indicates that LINK is normal If the indicator is flashing it indicates that there is packet being received or sent The gigabit electrical port has two indicators one is link activation indicator and the other is link status indicator 1 If the link activation indicato...

Page 33: ...S 2800 1GE SFF There are an indicator ACT on the PON panel which corresponds to PON optical port When the indicator is on it indicates that LINK is normal If the indicator is flashing it indicates that there is packet being received or sent Note ZXR10 2920 2928 can act as ONU device after loading PON sub board After connecting the single mode bi directional optical port to OLT side of central offi...

Page 34: ...Figure 11 shows the back panel of the switch when the 48V DC power supply is used Figure 12 shows the back panel of the switch when the 110V 220V AC power supply is used FIGURE 11 ZXR10 2920 2928 2952 2936 FI BACK PANEL DC POWER FIGURE 12 ZXR10 2920 2928 2952 2936 FI BACK PANEL AC POWER 22 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 35: ... Desktop When switch is placed on desktop install four plastic pads the plastic pads and screws are part of the accessories on bottom plate of switch It is shown in Figure 13 FIGURE 13 INSTALLING PLASTIC PADS 1 Case 2 Pad Installing the Switch onto a Cabinet Switch can either be installed on a desktop or in 19 inch cabinet Where 19 inch standard cabinet can be provided by the user In case ZTE cabi...

Page 36: ... switch shell as shown in Figure 14 FIGURE 14 INSTALLING FLANGES 1 Case 2 Flange 3 Screw 2 Install two symmetrical brackets at both sides of the 19 inch cabinet to support the switch as shown in Figure 15 FIGURE 15 INSTALLING BRACKETS 1 Holder 2 Cabinet 3 Screw 3 After installation push switch along with bracket and fix flanges with screws onto cabinet as shown in Figure 16 24 Confidential and Pro...

Page 37: ...alling Power Cables Power cables are classified into the following two kinds of cables AC power cables and DC power cables 1 AC power cable installation An AC power cable looks the same as standard printer power cable as shown in Figure 17 FIGURE 17 AC POWER CABLE One end of AC power cable connects the AC power socket of ZXR10 2920 2928 2952 2936 FI power module Another end of AC power cable conne...

Page 38: ...re connects GNDP One end of the DC power cable is connected to the power socket on the DC power supply module of ZXR10 2920 2928 2952 2936 FI and another end connects to the corresponding terminal of 48V DC power supply 3 Grounding cable installation There is a grounding screw on the back of ZXR10 2920 2928 2952 2936 FI indicated by When connecting with yellowgreen protection cable connect one end...

Page 39: ...ble is a DB9 serial port which is connected with the serial port on the computer The other end is an RJ45 port which is connected to the Console port on the ZXR10 2920 2928 2952 2936 FI Figure 21 shows the appearance of a configuration cable and Table 7 provides the cable pinout FIGURE 21 SERIAL PORT CONFIGURATION CABLE TABLE 7 PINOUT OF SERIAL PORT CONFIGURATION CABLE End A Color End B 2 White 3 ...

Page 40: ... lines in the connector the cables can be classified into Straight through cable RJ45 with one to one connection cor respondence at two ends of the cable The specific pinout is shown in Table 8 TABLE 8 RJ45 PINOUT OF STRAIGHT THROUGH CABLE A End Cable Colors B End 1 White orange 1 2 Orange 2 3 White green 3 6 Blue 6 4 White blue 4 5 Green 5 7 White brown 7 8 Brown 8 Crossover cable RJ45J with two ...

Page 41: ...ode Type of Connector on the Switch Type of Connector on the Peer End FC PC connector SC PC connector ST PC connector Single mode fiber SC PC connector square and flat head LC PC small square and flat head LC PC connector FC PC connector SC PC connector ST PC connector multi mode fiber SC PC connector square and flat head LC PC small square and flat head LC PC connector For fiber layout out of the...

Page 42: ...RJ45 Cable English number The corresponding name is parallel network cable Port A End A of the cable connector corresponding to End B or another end 5 Length of the finished cable It refers to the straight line length of the cable from the connector at one end to the con nector at the other end TIC 10 100Base T 1 Connection position the first 10 100Base T network port of the TIC board 2 The patter...

Page 43: ... with its own scotch adhesive tapes It is used when the horizontal English label cannot be used because the cable connector is small or the cable does not look nice with a horizontal English label 3 Before the cabinet equipment is delivered all the internal in terconnected cables shall be attached with flag type direction labels This label attached to the cable is called Transverse English Type I ...

Page 44: ...is attached on the optical interface equipment of the customer contents filled on the label are just contrary to those at the ZXR10 2920 2928 2952 2936 FI side Cable Lightning Protection Requirements According to the degree of hazard lightning is classified into di rect lightning strike and lightning induction The damage of direct lightning strike is hard to avoid But proper lightning protection m...

Page 45: ...bars must be added for the uplink downlink and cascading Ethernet ports that are led outdoors In special case when the common subscriber lines must be distributed outdoors lightning protection bars must also be added The lightning protection capability of the lightning protection bar must reach 6 KV or above and the current discharge capability must reach 5 KA The grounding cable of the lightning ...

Page 46: ... lightning protec tion socket and lightning protection bar must be added to the power supply The lightning protection bar for the power sup ply must have better lightning protection index than that for the port cable 5 Whether the Ethernet switch will suffer lightning strike is af fected by a lot of factors including grounding power sup ply and wiring The lightning strike lead in mechanism also va...

Page 47: ...ystem as an example 1 Select Start Programs Accessories Communica tions HyperTerminal on the PC screen to start the Hy perTerminal as shown in Figure 29 FIGURE 29 STARTING THE HYPERTERMINAL 2 Input the related local information in the interface as shown in Figure 30 FIGURE 30 LOCATION INFORMATION Confidential and Proprietary Information of ZTE CORPORATION 35 ...

Page 48: ...me and choose an icon for the new connection as shown in Figure 31 FIGURE 31 SETTING UP A CONNECTION 4 Based on serial port connection to the console cable choose COM1 or COM2 as the serial port to be connected as shown in Figure 32 36 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 49: ...IGURATION 5 Enter the properties of the selected serial port as shown in Figure 33 The port property configuration includes Bits per Second 9600 Data bit 8 Parity None Stop bit 1 Data flow control None Confidential and Proprietary Information of ZTE CORPORATION 37 ...

Page 50: ...or operational use Power on Procedure Before powering on the ZXR10 2920 2928 2952 2936 FI check the environment in the equipment room and the hardware instal lation 1 Check whether the temperature humidity and voltage of the power supply in the equipment room meet the requirements listed in Table 11 38 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 51: ... the 2920 2928 2952 2936 FI do as follows 1 Turn off the power switch at the back of the switch 2 Turn off the external power supply Indicator Status After the switch is powered on the system indicators change in the following way 1 After the system is powered on the PWR indicator is on and the RUN indicator is flashing 2 The BootROM starts to load the version If the version is un available the st...

Page 52: ...ord pw 2952 flags f 0x0 other o MAC0 00 32 45 67 89 ab Attaching to TFFS done Loading file kernel Uncompressing Uncompressed 4273428 bytes Ok Loading image 12720656 Starting at 0x10000 Attached TCP IP interface to marfec unit 0 Attaching interface lo0 done The switch s mac address is 00 d0 d0 fa 29 20 Module 0 ZXR10 2952 SI fasteth 48 gbit 0 Module 1 COPPER 1000M fasteth 0 gbit 1 Module 2 COPPER 1...

Page 53: ...ig 211 config 1 row success Dot1x special access config 213 config 1 row success Zdp config 231 config 1 row success Ztp config 232 config 1 row success Group management config 233 config 1 row success Switch QoS global configure 261 config 1 row success Switch QoS port configure 262 config 52 row success Switch Syslog parameter configure 311 config 1 row success Switch PvlanTable configure 89 con...

Page 54: ...ZXR10 2900 Series User Manual This page is intentionally blank 42 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 55: ...shown in Figure 34 select a configuration mode according to the network connected 1 Configuration through Console port connection 2 Configuration through TELNET session 3 Configuration through SSH connection 4 Configuration through SNMP connection 5 Configuration through WEB connection FIGURE 34 ZXR10 2920 2928 2952 2936 FI CONFIGURATION MODES Confidential and Proprietary Information of ZTE CORPOR...

Page 56: ...ration of IP address of the layer 3 port see Configuring IP Port Use the command create user name admin guest the length of username does not exceed 15 characters to create a new management user the command set user local name login password string the length of login password does not exceed 16 characters to set the login password Use the command set user local radius name admin pa ssword string ...

Page 57: ... in data to be easily intercepted by attackers A disadvantage of the Telnet FTP security authentication is that it is easily attacked by the man in the middle This imitates the server to receive the data sent by the client and imitates the client to transmit the data to the real server SSH can solve this hidden trouble The SSH sets up a security channel for the remote login on non security network...

Page 58: ...tware For the SNMP configuration on the ZXR10 2920 2928 2952 2936 FI refer to Basic Configuration of SNMP Configuration through WEB Connection Web is another way to implement remote management of switch and is similar with Telnet The user can log in to the remote switch through the Ethernet port of the local host The login username login password and administrator password must be configured on th...

Page 59: ... 2852S are al located to different modes according to the functions and author ities A command can be executed only in the specified mode The ZXR10 2609 2809 2818S 2826S 2852S command modes in clude 1 User mode 2 Global configuration mode 3 SNMP configuration mode 4 Layer 3 configuration mode 5 File system configuration mode 6 NAS configuration mode 7 Cluster management configuration mode 8 Basic ...

Page 60: ...the login of unauthorized users To return to the user mode from the global configuration mode use the exit command File System Configuration Mode In the global configuration mode execute the command config tffs to enter the file system configuration mode as shown below zte cfg config tffs zte cfg tffs In the file system configuration mode you can operate on the switch file system including adding ...

Page 61: ...nd exit or press Ctrl Z SNMP Configuration Mode In the global configuration mode you can use the command c onfig snmp to enter the SNMP configuration mode as shown be low zte cfg config snmp zte cfg snmp In the SNMP configuration mode you can set the SNMP and RMON parameters To return to the global configuration mode from the SNMP config uration mode use the command exit or press Ctrl Z Cluster Ma...

Page 62: ...de you can add delete and move the rules of extended ACL with specific ACL number To return to the global configuration mode from extended ACL con figuration mode use the command exit or press Ctrl Z Layer 2 ACL Configuration Mode In the global configuration mode execute the command config acl link number 200 299 to enter layer 2 ACL configuration mode as shown below zte cfg config acl link number...

Page 63: ...behind the DOS prompt of the system a list of available commands in the command mode will appear You can use the online help to get keywords and parameter list of any command 1 In any command mode enter a question mark behind the DOS prompt of the system and a list of all commands in the mode and the brief description of the commands will appear For example zte enable enable configure mode exit ex...

Page 64: ...r port vlan create descriptive name for vlan user create user zte cfg create user Parameter not enough 0x40000071 zte cfg create user name user name length 15 zte cfg creat user wangkc admin create an administrator guest create a guest zte cfg creat user wangkc guest cr zte cfg creat user wangkc guest Command Abbreviations In the ZXR10 2920 2928 2952 2936 FI a command or keyword can be shortened i...

Page 65: ...mpt Ctrl F or Move right in the command line where the prompt is currently located Tab Display commands starting with the character or string If there is only one command make this command a complete one Ctrl A Skip to the beginning of the command line Ctrl E Skip to the end of the command line Ctrl K Delete the characters from the cursor to the end Backspace or Ctrl H Delete the character on the ...

Page 66: ...ZXR10 2900 Series User Manual current page You can press any key to turn pages or press Q or Ctrl C to stop the output 54 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 67: ...in the FLASH memory Operations such as version upgrading and configuration saving should be conducted in the FLASH memory The name of the version file is kernel z The name of the configuration file is running cfg The name of configuration file in text mode is config txt File System Operation Configuration Task Overview ZXR10 2920 2928 2952 2936 FI provides many commands for file system operations ...

Page 68: ...move name to delete the specified direc tory File Operation The file system can delete specified file rename file name copy file and view file information Configure file operation at the global configuration mode St ep Command Function 1 zte cfg config tffs This enters into file system configuration mode 2 zte cfg tffs rename name name This changes file name 3 zte cfg tffs copy source pathname des...

Page 69: ... format This formats FLASH Caution After formatting the FLASH all system software and configurations will be cleared FTP Configuration The switch version file and configuration file can be backed up or restored by TFTP The TFTP server application software is started at the background to communicate with the ZXR10 2920 2928 2952 2936 FI TFTP client to implement the file backup and recovery 1 Run th...

Page 70: ...ck Browse and select the directory for the version file or config uration file for example D IMG 3 Click the second Browse to select log file name click OK to complete the configuration The dialog is show as Figure 38 FIGURE 38 TFTPD SETTINGS DIALOG BOX 58 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 71: ...Contents of the con fig txt can be edited manually as needed and then downloaded to the switch by using the command tftp After the config uration file is downloaded into the flash of switch reboot the switch to import the configuration zte cfg tffs tftp 192 168 1 102 download config txt In normal case during the rebooting process of switch use run ning cfg file to recover the configuration If swit...

Page 72: ...ver the version file Version file recovery is used to retransmit the background backup version file to the foreground through TFTP Recovery is very important in the case of upgrade failure The version recovery operation is basically the same with the version upgrade procedure For details refer to software version upgrade Software Version Upgrade Normally version upgrading is needed only when the o...

Page 73: ... of the background host using the self contained configuration cable Connect an Ethernet port of the switch to the network port of the background host using a network cable Check whether the connections are correct 2 Set the IP address of the Ethernet port on the switch Set the IP address of the background host used for upgrade The two IP addresses must be in the same network segment so that the h...

Page 74: ...y upgrade the version as follows 1 Connect Console port of the switch to the serial port of the background host by using the self contained configuration ca ble Connect an Ethernet port of the switchexcept the ninth port of ZXR10 2609 2809 to the network port of the back ground host by using a network cable Check whether the connections are correct 2 Restart the switch At the HyperTerminal press a...

Page 75: ... configuration 6 In the ZX10 Boot state input zte the screen prompts pass word should be entered the default value is zxr10 After enter ing the password enter the BootManager state of the switch Input to display the command list for this state ZxR10 Boot zte PASSWORD Bootline has saved to NVRAM boot device marfec unit number 0 processor number 0 host name f129750 file name kernel inet on ethernet ...

Page 76: ...unning in the memory If the switch cannot be started normally it indicates the version up grade fails In this case repeat the above upgrade procedure from step 1 Description about the Configuration File Config txt file is mainly used for version upgrade When the span between new version and old one is big using running cfg file of the primary version may cause mistakes after version upgrade The co...

Page 77: ...124 DHCP CLIENT Configuration 131 DHCP Snooping Option82 Configuration 133 VBAS Configuration 136 EPON 138 ACL Configuration 147 QoS Configuraton 156 Layer 2 Protocol Transparent Transmission Configura tion 167 Layer 3 Configuration 169 Access Service Configuration 171 Syslog Configuration 182 NTP Configuration 183 OAM 185 Port Configuration Port Overview The commands can be classified into the fo...

Page 78: ...te cfg set port portlist enable disable This enables or disables the port The port is disabled by default zte cfg set port portlist speedadvert ise maxspeed zte cfg set port portlist speedadver tise maxspeed speed10 speed100 speed1000 fullduplex halfduplex This sets the port speedadvertise Port speedadvertise is to set the negotiation speed between the local port and the other end port If the giga...

Page 79: ...is function is used for access and authentication Security function is disabled by default zte cfg set port portlist unit statistics enable disable This enables or disables the statistics function of port in unit time zte cfg set port portlist multicast fil ter enable disable This configures whether the port filters the multicast packet It controls the forwarding of unknown multicast packet mainly...

Page 80: ...accessing zte cfg set port portlist vlan attrib ute vlanlist untag tag This configures the corresponding configuration between port and vlan The port and vlan has to be configured one to one zte cfg set queue schedule feport portlist wrr0 wrr1 sp wrr2 sp sp This sets the queue schedule mode of 100Mbps port This command relates to QoS and sets the queue schedule mode on 100Mbps port wrr0 queue sche...

Page 81: ... be received on port By default all types of frames are received After receiving the specified type of frame non specified type of frame will be discarded When setting 100Mbps port trust DSCP the switch also converts it to the corresponding UP User priority The flow is shown below When the IP message enters from port A that trusts in DSCP firstly get the default priority def 2 0 0 7 3 bits in tota...

Page 82: ...e port zte cfg show port portlist utilization This displays utilization statistics of the port zte cfg show port portlist qos This displays the QoS configuration on a port zte cfg show port portlist bandwidth session 0 3 This displays the bandwidth information on a port zte cfg show port portlist brief This displays the brief information of a port One end is auto negotiation port Another end is fo...

Page 83: ...ing function can effectively prevent the illegal access to the network and fraudulent use of key MAC addresses and play an important role in ensuring the network security Basic Configuration of MAC Table To configure FDB perform the following steps Command Function zte cfg set fdb add HH HH HH HH HH HH vlan 1 4094 port portid trunk trunkid This adds the static binding address to the address table ...

Page 84: ... aging time to 300S Bind a static MAC 00 D0 D0 29 20 92 in port 2 of VLAN 1 The maximum number of access user of port 1 is 100 Forbid device with MAC 00 D0 D0 00 00 01 access to the network FIGURE 39 FDB CONFIGURATION EXAMPLE Configuration of switch 1 Configuration procedure zte cfg set fdb agingtime 300 zte cfg set fdb add 00 d0 d0 29 20 92 vlan 1 port 2 zte cfg set fdb filter 00 d0 d0 00 00 01 v...

Page 85: ...verview Port mirroring is used to mirror data packets of the switch port ingress mirroring port to an ingress destination port ingress monitoring port or mirror the data packets of the switch port egress mirroring port to an egress destination port egress mon itoring port By using mirroring data packets flowing in or out of a certain port can be monitored Port mirroring provides an effective tool ...

Page 86: ...zte cfg set mirror statistic ingress egress sample interval 1 2047 This sets sample mirror statistic rate zte cfg show mirror This displays the configuration information of port mirroring Example zte cfg show mirror Ingress mirror information Ingress statistical mirror sample interval 1 Source port none Destination port none Egress mirror information Geport sub card egress statistical mirror sampl...

Page 87: ...l is 1 then it is normal port mirroring Source port 1 Destination port 2 Egress mirror information Geport sub card egress statistical mirror sample interval 100 If sample interval 1 or mirroring destination port is not gigabit port or daughter card port then normal port mirroring is done Source port 1 Destination port 2 Single Port Loop Detection Configuration Loop Detection Overview Single port l...

Page 88: ...est function on a specified port When the VLAN is not specified to examine examine the VLAN where the port PVID exists By default port loop detection function is disabled zte cfg set loopdetect port portlist vlan 1 4094 This enables or disables loop detection function of specified port in specified vlan By default port loop detection function is disabled zte cfg set loopdetect trunk trunklist enab...

Page 89: ...s interval time for sending loop detection packet Loop detection function sends test packet on time and judges whether there is a self loop by judging whether the packet is received in the interval time The default value is 15 seconds zte cfg set loopdetect extend port portlist enable disable This sets cross devices loop detection This command implements cross devices port loop detection on ZXR10 ...

Page 90: ...VLAN Overview The Virtual Local Area Network VLAN protocol is a basic protocol of layer 2 switching equipment which enables the administrator to divide a physical LAN to multiple VLANs Each VLAN has a VLAN ID to identify it uniquely in the entire LAN Multiple VLANs share the switching equipment and links of the physical LAN Logically a VLAN is like an independent LAN All frame flows in the same VA...

Page 91: ... add port portlist tag untag This adds a specified port to VLAN zte cfg set vlan vlanlist delete port portlist This deletes a specified port from VLAN zte cfg set vlan vlanlist add trunk trunklist tag untag This adds a specified trunk to VLAN zte cfg set vlan vlanlist delete trunk trunklist This deletes a specified trunk from VLAN zte cfg set vlan vlanlist forbid port portlist This forbids learnin...

Page 92: ...g example shows how to configures a VLAN Note By default VLAN1 is enabled all ports are in VLAN1 and in mode of untag Configure VLAN 100 Add untagged ports 1 and 2 and tagged ports 7 and 8 The detailed configuration is as follows zte cfg set vlan 100 add port 1 2 untag zte cfg set vlan 100 add port 7 8 tag zte cfg set port 1 2 pvid 100 zte cfg set vlan 100 enable zte cfg show vlan 100 VlanId 100 V...

Page 93: ...f generic attribute registration protocol which distributes VLAN and multicast MAC address dynamically to the member in the same switching network by applying the different application protocols GVRPGARP VLAN Registration Protocolis a kind of application pro tocol defined by GARP which maintains VLAN information in switch dynamically based on GARP protocol mechanism All switches sup porting GVRP c...

Page 94: ... zte cfg set gvrp port portlist registration normal fixed forbidden This configures type of GVRP registration on port zte cfg set gvrp trunk trunklist enab le disable This enables or disables GVRP on trunk port zte cfg set gvrp trunk trunklist registration normal fixed forbidden This configures GVRP registration type on Trunk port zte cfg show gvrp This views GVRP configuration information includi...

Page 95: ... 00 d0 d0 f2 51 24 SwitchA cfg show port 1 vlan PortId 1 Tagged in vlan 30 40 Untagged in vlan 1 10 20 SwitchB cfg show port 1 vlan PortId 1 Tagged in vlan 10 20 Untagged in vlan 1 30 40 SwitchA cfg show vlan 30 40 VlanId 30 VlanStatus enabled VlanName VlanMode Dynamic Tagged ports 1 Untagged ports Forbidden ports SwitchB cfg show vlan 10 20 VlanId 10 VlanStatus enabled VlanName VlanMode Dynamic T...

Page 96: ...ports are nec essary to be configured otherwise the configuration of PVLAN will be invalid Basic Configuration of PVLAN To configure PVLAN perform the following steps Command Function zte cfg set pvlan session 1 4 add promiscuous port portid trunk trunki d isolate port portlist This adds the isolate ports and promiscuous ports into PVLAN instance zte cfg set pvlan session 1 4 delete isolate port p...

Page 97: ...add promiscuous port 16 isolate port 1 3 zte cfg show pvlan pvlan session 1 promiscuous port 16 isolated port 1 3 2 Example 2 As shown in Figure 44 add trunk 1 and isolated port 4 5 and 6 into session 2 FIGURE 44 PVLAN CONFIGURATION EXAMPLE 2 Configuration of switch A zte cfg set lacp enable zte cfg set lacp aggregator 1 add port 1 3 zte cfg set lacp sggregator 1 mode dynamic Confidential and Prop...

Page 98: ...technology is the addition of one more VLAN tag outer tag to the original VLAN tag inner tag The outer tag can shield the inner tag QinQ does not need the protocol support The simple Layer 2 Vir tual Private Network L2VPN can be realized through QinQ The QinQ is especially suitable for the small size LAN that takes the layer 3 switch as its backbone Figure 45 shows the typical networking of the Qi...

Page 99: ...hes the switch B 3 Switch B finds out that the port connected to user network 2 is a customer port Thus it removes the outer tag in compliance with the conventional 802 1Q protocol to recover the original packet and sends the packet to user network 2 4 In this way data between user network 1 and user network 2 can be transmitted transparently The VLAN ID of the user network can be planned regardle...

Page 100: ...RE 46 QINQ CONFIGURATION EXAMPLE Configuration of switch Configuration on SW1 ZXR10 2952 set qinq the outer label is 100 zte cfg set vlan 100 enable zte cfg set vlan 100 add port 1 24 zte cfg set port 1 24 pvid 100 zte cfg set qinq customer port 1 enable zte cfg set qinq uplink port 24 enable zte cfg set vlan 999 enable zte cfg config router zte cfg router set ipport 1 ipaddress 192 168 0 1 24 zte...

Page 101: ...trategy Configuration Configure a group of customer vlans corresponding to one uplink vlan One port can configure multiple customer vlan groups but must make sure that vlan can t overlap in different customer vlan groups on the same port Configuration of SQinQ in CustomerPort only makes sense for packets which carrying 802 1Q tag and for designated Cus tomer Vlan As to the Customer Vlan which carr...

Page 102: ...1 256 This clears traffic mirror zte cfg set port portlist sqinq session sessionlist enable disable This applies SQinQ session on port zte cfg clear sqinq session sessionlist This clears the configuration of SQinQ session zte cfg show sqinq session sessionlist This shows SQinQ session Note When configuring SQinQ policy configuration of SQinQ refers to the related description about QoS SQinQ Config...

Page 103: ...n 1 200 uplink vlan 100 zte cfg set vlan 100 enable zte cfg set port 1 3 sqinq session 1 enable zte cfg set vlan 100 add port 1 3 untag zte cfg set vlan 100 add port 24 tag zte cfg set port 1 3 pvid 100 zte cfg set sqinq session 2 customer vlan 201 4094 uplink vlan 200 zte cfg set vlan 200 enable zte cfg set port 4 6 sqinq session 2 enable zte cfg set vlan 200 add port 4 6 untag zte cfg set port 4...

Page 104: ...edia type and the same transmission rate Basic Configuration of LACP LACP configuration on the switch includes the following contents Command Function zte cfg set lacp enable disable This enables or disables LACP function By default the LACP function is disabled zte cfg set lacp aggregator trunkid add port portlist This adds a specified port to LACP aggregation group zte cfg set lacp aggregator tr...

Page 105: ...EXAMPLE OF LACP CONFIGURATION The detailed configuration of switch A is as follows zte cfg set lacp enable zte cfg set lacp aggregator 3 add port 15 16 zte cfg set lacp aggregator 3 mode dynamic zte cfg set vlan 2 add trunk 3 tag zte cfg set vlan 2 add port 1 untag zte cfg set vlan 3 add trunk 3 tag zte cfg set vlan 3 add port 3 untag zte cfg set port 1 pvid 2 zte cfg set port 3 pvid 3 zte cfg set...

Page 106: ...al link status STP Configuration STP Overview Spanning Tree Protocol STP is applicable to a loop network It blocks some redundant paths with certain algorithms so that the loop network is pruned into a tree network without any loop thus avoiding the hyperplasia and infinite loop of packets in the loop network Rapid Spanning Tree Protocol RSTP is on the basis of common STP added with the mechanism ...

Page 107: ... is a single spanning tree to connect all switches In this MSTP topology structure an IST can serve as a single bridge switch In this way CTS can serve as an RSTP for the interac tion of configuration information BPDU Multiple instances can be created in an IST area and these instances are valid only in this area An instance is equivalent to an RSTP except that the instance needs to perform BPDU i...

Page 108: ...ocol message If there exists vicious protocol attack or Linux virtual bridge receiving unlawful protocol message will bring to net shocking or topology changing abnormally The port will be closed after using the protection After a while to check the net is normal or not If it is normal it will recover to original state Root protection is function is for the protection of root switch In the network...

Page 109: ...isables STP The default setting is disabled zte cfg set stp name name This sets the area name of MST The size of the name is no more than 32 characters zte cfg set stp forceversion mstp rstp stp This sets the forced STP type to mstp rstp stp The default forced type is mstp zte cfg set stp instance 0 15 add de lete vlan vlanlist This sets the mapping relationship between VLAN and instance zte cfg s...

Page 110: ...disables port bpdu protection zte cfg set stp port portlist pcheck This sets port stp type check zte cfg set stp bpdu interval 10 65535 This sets BPDU protection port linkdown interval the default is 100 the unit is s zte cfg set stp port portlist linktype point point shared This sets instance port Linktype zte cfg set stp trunk trunklist linktype point point shared This sets instance trunk Linkty...

Page 111: ...s views information of STP instance zte cfg show stp port portlist This views information of STP port zte cfg show stp trunk trunklist This views information of STP trunk Configuration Example STP Configuration Example As shown in Figure 50 configure the STP function of switch 1 and switch 2 take switch 1 as the root bridge and block a redundant port in the loop It realizes loop protection and lin...

Page 112: ...Alternate SSTP None RSTP Configuration Example As shown in STP Configuration Example configure the RSTP function of switch 1 and switch 2 take switch 1 as the root bridge and block a redundant port in the loop It realizes loop protection and link backup between switches Configuration of switch zte cfg set stp enable enable STP protocol of switch1 and switch2 zte cfg set stp forceversion rstp set f...

Page 113: ... stp revision 10 zte cfg set stp instance 1 add vlan 10 20 zte cfg show stp show the STP configure of switch1 and switch2 in system view The spanning_tree protocol is enabled The STP ForceVersion is MSTP Revision 10 Name zte Cisco key 0x13ac06a62e47fd51f95d2ba243cd0346 Cisco digest 0x00000000000000000000000000000000 Huawei key 0x13ac06a62e47fd51f95d2ba243cd0346 Huawei digest 0x00000000000000000000...

Page 114: ...ress 00 d0 d0 02 00 54 HelloTime s 2 MaxAge s 20 ForwardDelay s 15 RemainHops 19 BridgeID Priority 32769 Address 00 d0 d0 29 52 06 HelloTime s 2 MaxAge s 20 ForwardDelay s 15 MaxHops 20 Interface PortId Cost Status Role GuardStatus 1 128 1 200000 Forward Root None 2 128 2 200000 Discard Alternate None ZESR Configuration ZESR Overview ZESR Introduction With the integration of data voice video and I...

Page 115: ...SR ring are transmis sion node It mainly assists the master to do loop inspection and service switching 6 Edge Node The node connects with more than 2 levels in ZESR ring is called edge node The edge node can be transmission node contains 2 ports master node contains 2 ports or assistant port contains 1 port 7 Assistant Node The assistant port is also edge port It is the transmission node that has...

Page 116: ...t does not receive the HEALTH packet then the link state is link failure 2 When there is malfunction somewhere the adjacent node de tects the malfunction and informs the master The loop is link failure As shown in Figure 51 the two interfaces of master are pri mary and secondary The loop port is blocked when master initializes The secondary port is blocked when the master de tects the normal link ...

Page 117: ... FIGURE 53 ZESR RUNNING STATE WHEN THE RING IS LINK RESTORE Multi Ring Multi Domain ZESR Principle of Multi Ring Multi Domain ZESR ZESR domain consists of many switches which are configured with the same domain ID control VLAN and protection VLAN These switches are interconnected One or more EAPS domains exist on a physical loop Each EAPS domain defines its master node transmission node and assist...

Page 118: ... primary ring or segment link is not down As shown in Figure 56 S3 S6 compose the segment links of level 1 segment 1 where S3 and S4 are assistant nodes and S5 is the master node S3 and S4 can always intercommunicate with each other via primary ring If all links where S3 S4 S5 and S6 lo cate on segment 1 of level 1 are up master node S5 will block its secondary port and if the states of some links...

Page 119: ...e is used to monitor the state of direct connect ZESR link and notify the link change to master node who will make decision for processing The Function of Assistant Node Assistant node is also the border node and transit node with only one port on corresponding segment link It is mainly used to mon itor the state of direct connect ZESR notify the link change to master node and meanwhile monitor th...

Page 120: ...y protect the same protected vlans Configuration Notice No more than 4 areas in one node No more than 3 layers in one node No more than 3 layers in one area No more than 4 lower layer access ports in one node No more than 8 ZESR ports in one node Caution When the protocol port of ZESR node is enabled and configured including master and slave port edge port access port other services such as adding...

Page 121: ...ommand Command Function zte cfg set zesr domain domainId level levelId segment segId mode master transit edge master edge transit This sets the node attribute in ZESR domain sub ring The parameter domain domainId ZESR Domain ID the range is 1 4 The parameter level levelId level ID the range is 1 2 The parameter segment segId Segment link ID the range is 1 to 4 The parameter mode The node mode The ...

Page 122: ...he node with attribute EDGE_MASTER 6 To add delete control VLAN in ZESR domain use the following command Command Function zte cfg set zesr domain domainId add delete control vlan vlanId This adds deletes VLAN in ZESR domain 7 To add delete the MSTP instance that the service VLAN be longs use the following command Command Function zte cfg set zesr domain domainI d add delete protect instance instan...

Page 123: ...timer 3 600 preup timer 0 500 This sets preup and preforward time on non major level ring By default preforward timer is 3s preup timer is 0s For both the main level and the level of all the nodes in the zesr domain the preforward and preup time must be the same 11 To enable or disable ZESR function in ZESR domain use the following command Command Function zte cfg set zesr domain domainId enable d...

Page 124: ... is 1 the protected data VLAN is 100 and the protocol control VLAN is 4000 Node configuration of switch 1 S1 node VLAN zxr10 cfg set vlan 100 add port 1 2 untag zxr10 cfg set vlan 4000 add port 1 2 tag zxr10 cfg set vlan 100 4000 enable zxr10 cfg set port 1 2 pvid 100 STP zxr10 cfg set stp instance 1 add vlan 100 zxr10 cfg set stp enable ZESR zxr10 cfg set zesr domain 1 add control vlan 4000 zxr10...

Page 125: ...zesr domain 1 add secondary port 2 zxr10 cfg set zesr domain 1 major level mode transit zxr10 cfg set zesr domain 1 enable Configuration descriptions are shown below 1 ZESR port in control VLAN must be configured as tag port 2 Before enabling ZESR function STP function must be enabled 3 The primary port and the secondary port in master node are different on function Normally the primary port is se...

Page 126: ...erarchical ring is composed of S6 S3 and S4 S6 is the Master P1 is the Primary Port P2 is the Secondary Port S3 and S4 are the assisting nodes 3 The link 2 of hierarchical ring 1 is composed of S5 S3 and S4 S5 is the Master P1 is the Primary Port P2 is the Secondary Port S3 and S4 are the assisting nodes The protect instance in the ring is 1 the protected data is VLAN 100 and the protocol VLAN is ...

Page 127: ...100 4000 enable zxr10 cfg set port 1 4 pvid 100 STP zxr10 cfg set stp instance 1 add vlan 100 zxr10 cfg set stp enable ZESR zxr10 cfg set zesr domain 1 add control vlan 4000 zxr10 cfg set zesr domain 1 add protect instance 1 zxr10 cfg set zesr domain 1 add primary port 1 zxr10 cfg set zesr domain 1 add secondary port 2 zxr10 cfg set zesr domain 1 major level mode edge transit zxr10 cfg set zesr do...

Page 128: ...el 1 segment 1 mode master zxr10 cfg set zesr domain 1 enable Configuration descriptions are shown below 1 The intersecting node of the primary ring and the hierarchical ring must be Edge Port or Edge Transit 2 The port connecting the primary ring and the hierarchical ring must be Edge Port 3 The edge port has two attributes not Master and Master The attribute not Master is used in the condition t...

Page 129: ...e SecondaryPort S2 is the Transit node S3 S4 are Edge Transit node P3 is the Access port using for Smart Link 2 S5 is the Smart Link node P1 is the PrimaryPort P2 is the SecondaryPort The protect instance in the ring is 1 the protected data is VLAN 100 and the protocol VLAN is VLAN 4000 node configuration of switch 1 S1 node VLAN zxr10 cfg set vlan 100 add port 1 2 zxr10 cfg set vlan 4000 add port...

Page 130: ...10 cfg set vlan 100 add port 1 3 zxr10 cfg set vlan 4000 add port 1 3 tag zxr10 cfg set vlan 100 4000 enable zxr10 cfg set port 1 3 pvid 100 STP zxr10 cfg set stp instance 1 add vlan 100 zxr10 cfg set stp enable ZESR zxr10 cfg set zesr domain 1 add control vlan 4000 zxr10 cfg set zesr domain 1 add protect instance 1 zxr10 cfg set zesr domain 1 add primary port 1 zxr10 cfg set zesr domain 1 add sec...

Page 131: ... message may be spread to each node of the network thus causing a great waste of network bandwidth re source With the IGMP Snooping function the IGMP communication be tween the host and router is snooped so that the multicast pack ets are sent to the ports in the multicast forwarding table instead of all ports This restricts the wide spread of multicast messages in the LAN switch reduces the waste...

Page 132: ...lete group A B C D port portlist trunk trunklist This removes static multicast group based on port or aggregation port from the specified multicast snooping VLAN zte cfg set igmp snooping vlan 1 4094 add smr port portlist trunk trunklist This adds static multicast router port or static route aggregation port to a VLAN zte cfg set igmp snooping vlan 1 4094 delete smr port portlist trunk trunklist T...

Page 133: ...esents 2 seconds 250 represents 25 seconds zte cfg set igmp snooping fastleave enable disable This enables or disables the IGMP fastleave function The default is disable zte cfg set igmp snooping crossvlan enable disable This enables or disables cross vlan snooping function The default is disable zte cfg set igmp filter enable disable This enables or disables the IGMP filter The default is disable...

Page 134: ... This sets IGMP snooping query version zte cfg set igmp snooping proxy version v2 auto This sets IGMP snooping proxy version zte cfg set igmp snooping v3 enable disable This sets IGMP snooping v3 version multicast zte cfg show igmp snooping This displays the configuration of IGMP snooping zte cfg show igmp snooping vlan vlanname host router This displays the configuration of IGMP snooping result z...

Page 135: ...is as follows zte cfg set vlan 200 add port 1 3 5 10 untag zte cfg set port 1 3 5 10 pvid 200 zte cfg set vlan 200 enable zte cfg set igmp snooping enable zte cfg set igmp snooping add vlan 200 zte cfg set igmp filter enable zte cfg set igmp filter add groupip 230 44 45 167 vlan 200 Display the multicast snooping results zte cfg show igmp snooping vlan Num VlanId Group Last_Report PortMember 1 200...

Page 136: ...d Function zte cfg nas iptv control enable disable This enables or disables iptv control The default is disable zte cfg nas iptv cac rule enable disable This enables or disables the cac control The default is disable zte cfg nas iptv sms server A B C D This sets the IP address of SMS The default IP address of SMS is 192 168 0 119 zte cfg nas iptv sms server port 1025 65535 This sets the TCP port o...

Page 137: ...name channel name 1 32 characters viewfile name view file name 1 60 characters viewfile id view file configuration id 0 255 zte cfg nas iptv channel name channe l name id list channel idlist enable disable This enables or disables the channel log zte cfg nas show iptv channel name channel name id channel id This displays the channel information zte cfg nas iptv package name packag e name channel i...

Page 138: ...lue is 4 seconds zte cfg nas iptv prv overcount cdr enable disable This enables or disables iptv preview overcount cdr function The default is disable zte cfg nas show iptv prv This displays iptv preview global configuration zte cfg nas iptv view profile name viewfile name id view profile id This creates iptv preview configuration files The parameter name viewfile name 1 60 characters zte cfg nas ...

Page 139: ...tv cdr record function zte cfg nas iptv cdr max records cdr size This sets cdr maximum record items The default is 1000 zte cfg nas iptv cdr report This reports cdr manually zte cfg nas iptv cdr report interval report interval This sets the time interval for CDR report The parameter report interval report interval the report interval1 65535 The default value is 300 seconds zte cfg nas iptv cdr rep...

Page 140: ...ts multicast control mode of user zte cfg nas iptv port portlist vlan vlan id package name package nam e id package id This distributes package to users zte cfg nas clear iptv port portlist vlan vlan id package name package name id package id This deletes the distributed package zte cfg nas iptv port portlist vlan vlan id channel name channel nam e id list channel idlist deny order preview query T...

Page 141: ...guration of switch i Configure vlan zte cfg set vlan 100 add port 1 zte cfg set vlan 4000 add port 1 4 zte cfg set vlan 100 4000 enable zte cfg set port 1 pvid 100 zte cfg set port 4 pvid 4000 IGMP Snooping zte cfg set igmp snooping enable zte cfg set igmp snooping add vlan 100 4000 zte cfg set igmp snooping fastleave enable ii Configure IPTV zte cfg config nas zte cfg nas iptv control enable zte ...

Page 142: ...fg set port 4 pvid 4000 IGMP Snooping zte cfg set igmp snooping enable zte cfg set igmp snooping add vlan 100 4000 zte cfg set igmp snooping fastleave enable ii Configure IPTV zte cfg config nas zte cfg nas iptv control enable zte cfg nas iptv cac rule enable zte cfg nas iptv prv enable iii Configure rules on the port zte cfg nas iptv channel mvlan 4000 group 225 1 1 1 name CCTV1 id 1 zte cfg nas ...

Page 143: ...e expires the host should request continuous leasing from the server and the address can be used continuously only after the server accepts the request The process of application and lease needn t manual intervention the necessary configuration can be done before use Basic Configuration of DHCP CLIENT 1 Global Configuration Command Function zte cfg set dhcp client enable disa ble This enables disa...

Page 144: ...t lease day hour minute zte cfg router set ipport 0 63 dhcp client lease infinite This sets the lease that client suggests the format can be infinite or day hour minute zte cfg router set ipport 0 63 dhcp client request dns server domain name router static route tftp server name This sets client request items the server fill in response contents according to request items zte cfg clear ipport 0 63...

Page 145: ...led Dhcp client configuration as follows Class id Client id Hostname Lease Clear request DHCP Snooping Option82 Configuration DHCP Snooping Option82 Overview The DHCP Dynamic Host Configuration Protocol enables the host to apply dynamic addresses from server DHCP snooping function prevents bogus DHCP server from being laid in network and in this case the port connecting to DHCP server must be set ...

Page 146: ...lient This configures DHCP attribute of port There are three kinds of attributes of the port server port cascade port and client port Only server port is the trusted port If the switch is connected with DHCP relay device and the uplink port is setting as trunk then the uplink port attribute must be trusted The trusted port receives and transmits DHCP Offer normally but the untrusted port discards ...

Page 147: ...n zte cfg show dhcp snooping This displays DHCP Snooping configurations zte cfg show dhcp snooping binding port portname This displays information of DHCP Snooping dynamic binding table zte cfg show dhcp option82 This displays information of DHCP Option82 configuration information zte cfg show dhcp option82 ani This displays the information of DHCP Option82 access node identifier zte cfg show dhcp...

Page 148: ...ng port s PortId PortType 1 Client 2 Server zte cfg show dhcp ip source guard Ip source guard is configured on the following port s VBAS Configuration VBAS Conifguration Overview VBAS is not physical equipment but a protocol standard which is developed by Guangdong Institute of China Telecom VBAS is to solve the problem of wide band user identifier When BAS gets user identifier by inquiring corres...

Page 149: ... shown in Figure 66 FIGURE 66 TYPICAL NETWORK OF VBAS Basic Configuration of VBAS To configure VBAS perform the following steps Command Function zte cfg set vbas enable disable This enables or disables global VBAS function VBAS function is disabled by default zte cfg set vbas trust port portlist enable disable This enables or disables trust port VBAS function The port is untrusted by default zte c...

Page 150: ...r accessing technologies such as T1 E1 or SONET SDH cost too much and optical accessing technologies such as Cable Modem requires high cost of network constructing wireless ac cessing technology is restricted by environment and security and is not easy to launch Passive Optical Network PON is an accessing technology which guarantees the user to obtain enough accessing bandwidth and controls the ne...

Page 151: ... ONUs which makes the best use of the bandwidth EPON Characteris tics All bearer devices in EPON network are passive so the power network is not required EPON adopts wavelength division multiplexing technology The uplink and downlink flow are transmitted on an optical fiber which saves a lot of fiber EPON works on physical and logical link layer It is totally trans parent to the high level service...

Page 152: ... port on PON subboard use the follow ing command Command Function zte cfg set epon port enable disable This enables or disables the port on PON subboard 3 To configure the schedule mode of PON subboard use the fol lowing command Command Function zte cfg set epon schedule SP WRR 1 8 This configures the schedule mode of PON subboard 4 To show link status of PON subboard use the following com mand Co...

Page 153: ...ubboard port 8 To show PON schedule information use the following com mand Command Function zte cfg show epon schedule This shows PON schedule information EPON Service Switch Configuration When ZXR10 29290 2928 acts as ONU device a part of services will be changed The following contents describe the differences between added with PON daughter card or without PON daughter card 1 Port configuration ...

Page 154: ...n command to show all Vlans information When the switch does not add with PON daughter card only VLAN 1 is enabled Port 1 18 are added into VLAN 1 with UNTAG Use the show vlan command to show the information of VLAN 1 Example The following example shows that daughter card is added with ZXR10 2920 2928 zte cfg show vlan VlanType 802 1q vlan VlanId 1 VlanStatus enabled VlanName VlanMode Static Tagge...

Page 155: ...ress port geport id egress vlan vlan list This configures VLAN translation function and the related functional port and VLAN After ZXR10 2920 2928 adds with PON daughter card the translation port will discard the TAG packet without transla tion rule When ZXR10 2920 2928 doesn t add with PON daughter card the translation port will forwards all packets and not discard any packet 4 IGMP Snooping Func...

Page 156: ...g function to monitor VLAN1000 View the above configurations on ONU device zte cfg show port 1 vlan PortId 1 Tagged in vlan 2 999 1001 4094 Untagged in vlan 1 zte cfg show port 1 vlan mode Port 1 Vlan mode Transparent mode The transparent transmission mode of port 1 has been valid zte cfg show port 2 vlan mode Port 2 Vlan mode Tag mode Tag value 100 The configuration of port 2 is valid zte cfg sho...

Page 157: ...em version file kernel z has been updated on ZXR10 2920 2928 For detailed updating steps refer to Software Version Upgrade Caution PON daughter card version file only applies to ZXR10 2920 2928 Steps 1 Enter into file system configuration mode delete the old ver sion file from FLASH with remove command The two PON daughter card version files have longer file name their file ex tension name are blo...

Page 158: ...8 bytes 475 136 bytes free zte cfg tffs remove iros_onu_oob_asic_rom_big 02 00 04 1216201110 blob Sure to remove Yes No y zte cfg tffs remove eeprom onu 3d up noreset ctrlvlan0 igmp0 dat Sure to remove Yes No y zte cfg tffs tftp 192 168 20 159 down iros_onu_oob_asic_rom_big 02 00 04 1216201110 blob 315 844 bytes downloaded zte cfg tffs tftp 192 168 20 159 down eeprom onu 3d up noreset ctrlvlan0 ig...

Page 159: ...l port will be bound with ACL automatically 2 ACL rule can be added deleted sorted i Rule can be added to a configured ACL Regular ID number range is 1 500 ii Configured ACL can be deleted regularly If the specified ACL instance number or rule number hasn t been config ured a false message will return iii Many rules of an ACL can be sorted and only need to specify the place where rule number need ...

Page 160: ... ACL 100 199 L2 ACL 200 299 Hybrid ACL 300 399 support IPV6 global ACL 400 Each ACL has at most 500 rules and the range is 1 500 Basic Configuration of ACL To configure ACL perform the following steps 1 To create a basic ACL instance use the following command Command Function zte cfg config acl basic number acl number This creates a basic ACL instance 2 To create an extended ACL instance use the f...

Page 161: ...ed decimal notation The keyword any is used as the abbreviation for the source 0 0 0 0 and the wildcard 255 255 255 255 fragment It is only available in fragment packet Creating a basic ACL instance means entering the configuration mode of this instance that is basic ACL configuration mode 7 To configure an extended ACL rule use the following command Command Function zte cfg rule rule_id permit de...

Page 162: ...lanid the source VLAN of the packet source mac the source MAC address of the packet any represents any MAC address source mac wildcard wildcard of source MAC address of packet destination mac the destination MAC of the packet destination mac wildcard the destination MAC address of the packet Any represents any source MAC address Creating a L2 ACL instance means entering the configuration mode of t...

Page 163: ...ge is 1 500 ip protocol tcp udp any the matching protocol It can be one of the keyword tcp and udp or an integer repre senting IP protocol number from 0 to 255 any represents ignoring the protocol type source port It is only available when configuring tcp and udp the range is 0 65535 and the well known port can be chosen source portmask It is only available when configuring tcp and udp can be the ...

Page 164: ...nce that is global ACL configuration mode 12 To sort the rules in ACL instance use the following command Command Function zte cfg move rule id after before rule id This sorts the rules in ACL instance 13 To delete a rule in ACL instance use the following command Command Function zte cfg clear rule rule id This deletes a rule in ACL instance 14 To show the information of a configured ACL instance u...

Page 165: ...t use the following com mand Command Function zte cfg set trunk trunklist acl acl number enable disable This sets ACL information on trunk port 19 To delete ACL instance use the following command Command Function zte cfg clear acl basic extend link hybrid number acl number This deletes ACL instance 20 To configure time range use the following command Command Function zte cfg set time range name ra...

Page 166: ...figure the name of ACL instance use the following com mand Command Function zte cfg set acl name acl number name word This sets ACL name 25 To clear the name of ACL instance use the following command Command Function zte cfg clear acl name acl number This clears ACL name ACL Configuration Example As shown in Figure 68 configure ACL in the switch to realize the following functions Forbid the users ...

Page 167: ...with ACL300 zte cfg show acl binding all Id PortType AclNo 1 PhyPort 300 2 PhyPort 300 3 PhyPort 300 4 PhyPort 300 22 PhyPort 300 23 PhyPort 300 24 PhyPort 300 1 ACL is not available in the time range of 18 00 24 00 and 0 00 9 00 zte cfg show time range show time range configuration The time range activity is passive Supported time range number 32 Configured time range number 1 name activity type ...

Page 168: ...ckets VLAN priority 802 1P user priority layer 3 DSCP priority or the default port pri ority The priority of a data packet is determined in the following sequence 1 Priority of the data packets sent by CPU determined by CPU 2 Priority of the MGMT data packets management data packets such as the BPDU packets The priority of the management packets is determined by the initialization 3 Priority of th...

Page 169: ... To set the mapping between 802 1P user priority and the queue on 100M port use the following command Command Function zte cfg set qos priority map feport user priority 0 7 traffic class 0 3 This sets the mapping between 802 1P user priority and the queue on 100M port 2 To set the mapping between 802 1P user priority and the queue on gigabit port use the following command Command Function zte cfg ...

Page 170: ...t queue on 100M port There are 4 100M queues queue0 weight 1 32 is the weight of queue 0 queue1 weight 1 32 is the weight of queue 1 queue2 weight 1 32 is the weight of queue 2 queue3 weight 1 32 is the weight of queue 3 7 To configure the weight of queue schedule on gigabit port use the following command Command Function zte cfg set qos queue schedule geport session 0 1 queue 0 7 sp sdwrr 0 1 wei...

Page 171: ...ision mode L1 include preamble IPG CRC L2 include L2 L3 header CRC L3 include L3 packet without CR Set counter mode of the qos policer By default it works in L2 mode 11 To configure the committed speed kbps of the traffic monitor use the following command Command Function zte cfg set qos policer policerid 0 2 55 parameters 32 25165824 This configures the committed speed kbps of the traffic monitor...

Page 172: ...d Function zte cfg set bandwidth feport portlist ingress session 0 3 rate 64 100000 This configures ingress rate limit on 100M port The parameter session 0 3 is configured as follows by de fault 0 broadcast suppression 1 multicast suppression 2 rate limit 3 user configure 16 To configure packet type of port ingress rate limit on 100M port use the following command Command Function zte cfg set band...

Page 173: ...19 To configure if enable each session of port ingress rate limit on 100M port use the following command Command Function zte cfg set bandwidth feport portl ist ingress session 0 3 enable disable This configures if enable each session of port ingress rate limit on 100M port 20 To configure the egress rate limit on 100M port use the fol lowing command Command Function zte cfg set bandwidth feport p...

Page 174: ...tagged tagged all This remarks the VLAN attribution of the designated flow rule 1 500 if global ACL only 16 rules is supported 25 To limit and measure the data flow rate according to the flow use the following command Command Function zte cfg set policy policing in acl 1 400 rule 1 500 policer 0 255 This limits and measures the data flow rate according to the flow 26 To copy the specified data flo...

Page 175: ... policy counter 0 31 This clears flow monitor counter 31 To delete QoS mirror matching a flow use the following com mand Command Function zte cfg clear policy mirror in acl 1 400 rule 1 500 This deletes QoS mirror matching a flow 32 To clear VLAN remark matching a flow use the following com mand Command Function zte cfg clear policy vlan remark in acl 1 400 rule 1 500 This clears VLAN remark match...

Page 176: ...02 1P user priority and queue priority use the following command Command Function zte cfg show qos priority map user priority This views the mapping that between 802 1P user priority and queue priority 38 To view the mapping that between IP DSCP priority and queue priority use the following command Command Function zte cfg show qos priority map ip priority This views the mapping that between IP DS...

Page 177: ...and Function zte cfg show policy qos remark mirror redirect vlan remark statistic policing 0 255 This views flow based QoS application configuration QoS Configuration Example As show in Figure 69 set the bandwidth both direction of all the user interface as 2M The uplink bandwidth of the switch is 20M The uplink port is port 26 and the client PC accesses the network through port 24 FIGURE 69 QOS C...

Page 178: ...ty disable DefaultPriority 0 QueueSchedule feport WRR0 PortPriorityRemapTable COS 802 1p user priority RMP Remapped priority COS 0 1 2 3 4 5 6 7 RMP 0 1 2 3 4 5 6 7 IngressRateLimit session 0 disable IngressRateLimit session 1 disable IngressRateLimit session 2 disable IngressRateLimit session 3 enable EgressRateLimit 2000 zte cfg show port 26 qos view the Qos configuration of port 26 PortId 26 Po...

Page 179: ...n function which transparently transmits 802 1x protocol packets from the client to the authentication server for authentication ZXR10 2920 2928 2952 2936 FI provides 802 1x transparent transmission function It also provides layer 2 transparent trans mission function such as STP LACP OAM ZGMP and GVRP The protocol range is 0x00 0x02 0x2f The common layer 2 protocols are shown below Protocol Number...

Page 180: ...fault zte cfg show l2pt This displays the configuration of L2pt transparent transmission Layer 2 Protocol Transparent Transmission Configuration Example As shown in Figure 70 set the LACP transparent transmission func tion of L2pt of switch1 to implement the link aggregation between switch2 and switch3 The configuration increases the link band width and realizes the redundant backup FIGURE 70 L2PT...

Page 181: ...next hop address and egress interface Destination address and destination address mask de scribe the destination network information The next hop address and egress interface describe the way that switch forwards desti nation packet ZXR10 2920 2928 2952 2936 FI allows adding and deleting the static ARP table ARP table records mapping relationship between IP address and MAC address of each node in ...

Page 182: ... D M A B C D A B C D A B C D 1 15 This adds static route zte cfg set ipport 0 63 enable disa ble This enables or disables layer 3 port zte cfg set ipport 0 63 ipaddress A B C D M A B C D A B C D This sets IP address and submask of layer 3 port zte cfg set ipport 0 63 mac HH HH HH HH HH HH This sets the MAC address of layer 3 port zte cfg set ipport 0 63 vlan vlanname This sets the VLAN binding wit...

Page 183: ...2 168 1 1 Reply from 192 168 1 1 bytes 28 time 1ms TTL 64 Reply from 192 168 1 1 bytes 28 time 1ms TTL 64 Reply from 192 168 1 1 bytes 28 time 1ms TTL 64 Reply from 192 168 1 1 bytes 28 time 1ms TTL 64 Reply from 192 168 1 1 bytes 28 time 1ms TTL 64 Access Service Configuration Access Service Overview With the rapid expansion of Ethernet construction scale to meet the fast increase of subscribers ...

Page 184: ...port and uncontrolled port in the IEEE 802 1x protocol are logical ports There are no such physi cal ports on the equipment The IEEE 802 1x protocol sets up a local authentication for each subscriber that other subscribers cannot use Thus there will not be such a problem that the port is used by other subscribers after the port is enabled 3 The authentication server is generally a RADIUS server Th...

Page 185: ...ntication mode NAS requires the subscriber to provide the username and password and the subscriber returns the subscriber information in the form of plain text The server checks whether this subscriber is avail able and whether the password is correct according to the sub scriber configuration and returns different responses This au thentication mode features poor security and the username and pas...

Page 186: ... tity authentication FIGURE 73 USING CHAP MODE FOR IDENTITY AUTHENTICA TION EAP Extensible Authentication Protocol EAP is a kind of authentication mode of transmitting EAP mes sage transparently including EAP MD5 and PEAP The following example is about EAP MD5 description EAP MD5 is a CHAP identity authentication mechanism used in the EAP framework structure Figure 74 shows the process of using th...

Page 187: ...zte cfg nas aaa control port portlist accounting enable disable This enables disables port accounting function zte cfg nas aaa control port portlist max hosts 0 256 This sets the maximum number of subscribers connected through the port 0 indicates non limit zte cfg nas aaa control port portlist multiple hosts enable disable This allows prohibits multi subscriber access of the port Confidential and...

Page 188: ...m of the port When the function is enabled vlanjump and private MAC address are not supported to be used at the same time zte cfg nas aaa control port portlist keepalive period 1 3600 This sets the abnormal off line detection period of the port The unit is second the default is 10s zte cfg nas dot1x max request 1 10 This sets the maximum times of request resending when the timer expires before the...

Page 189: ...an resend the EAPOL data packet because it does not receive the response from the client The unit is second the default is 30s zte cfg nas dot1x add vlan vlanid mac HH HH HH HH HH HH This configures the private MAC address that DOT1X protocol can use zte cfg nas dot1x delete vlan vlanid This deletes the private MAC address that DOT1X protocol can use zte cfg nas radius isp ispname enab le disable ...

Page 190: ...ret string This configures the shared password of a domain zte cfg nas radius retransmit 1 255 This sets the number of retransmissions upon server response timeout The default is 3 zte cfg nas radius timeout 1 255 This sets the server response timeout time zte cfg nas radius keep time 0 4294967295 This configures keep time of radius accounting breaking packet keep time 0 429496 7295 unit is second...

Page 191: ...port zte cfg show dot1x This shows 802 1x protocol parameters zte cfg show client This shows the information of all accessing users zte cfg show client index 0 255 This shows the information of an accessing users zte cfg show client mac HH HH HH HH HH HH This shows the user accessing information of a MAC address zte cfg show client port portlist This shows the user accessing information of a port ...

Page 192: ... cfg nas clear client vlan vlantlist This clears all clients on one VLAN Access Service Configuration Example As shown in Figure 75 the user installs radius client terminal in PC The switch connects the radius server and the user s PC through the network cable The user can log in to the switch through the console port and configure the access server and then enable client software on user PC to or...

Page 193: ...adius isp zte add accounting 192 168 20 199 1812 zte cfg nas radius isp zte add authentication 192 168 20 199 1813 3 Enable radius client software on PC and input correct username and password Then the authentication request is launched When the authentication request succeeds view the user in formation by using the command show client zte cfg show client MaxClients 256 HistoryAccessClientsTotal 1...

Page 194: ...he top down into eight levels according to importance Informa tion filters from low level to high level TABLE 14 SYSLOG LOG INFORMATION Severity Level Description Emergencies crucial fault Alerts the fault that must be corrected quickly Critical key fault Errors the fault need to be noticed but not important Warnings warn maybe a mistake exists Notifications the information that needs to be notice...

Page 195: ...rmation level is informational all function modules are enabled server IP address is 192 168 1 1 name is Srv1 Configuration of switch zte cfg set syslog level informational zte cfg set syslog add server 1 ipaddress 192 168 1 1 name Srv1 zte cfg set syslog module all enable zte cfg set syslog enable zte cfg show syslog status Syslog status enable Syslog alarm level informational Syslog enabled modu...

Page 196: ...is second the default is 10s zte cfg set ntp server A B C D vers ion 1 2 3 This sets ip address and version id of NTP server zte cfg set ntp source A B C D This sets the source IP address that is used for switch to send NTP packet zte cfg set ntp timezone 12 13 This sets NTP time zone zte cfg show ntp This views the current status and configuration information of NTP module NTP Configuration Examp...

Page 197: ... OAM Protocol Function IEEE 802 3ah operations administration and maintenance stan dard is the formal standard which aims at the management of link level It monitors and troubleshoots the point to point virtual point to point Ethernet link It has the important meaning for connection management of Last One Mile The faults take place constantly on Last One Mile ZXR10 2900 series switch supports IEEE...

Page 198: ...health frame discard due to the link failure 4 Link Monitoring ZXR10 2900 series switch monitors and examines the link state and announces the specified frame events by OAM function The specified frame events can be classified into four types error symbol period event error frame event and error frame period event error frame second statistic event After inspecting the error OAM will respond and a...

Page 199: ...r stops OAM remote loopback function on port The prerequisites of enabling this function is that the global OAM function has been enabled the OAM function has been enabled on destination port and the OAM discovery process has been completed 5 To set remote loopback timeout value on port use the follow ing command Command Function zte cfg set ethernet oam remote loopback timeout 1 10 This sets remo...

Page 200: ...port portlist link monitor frame threshold 1 65535 window 1 60 This configures the error frame The parameter threshold 1 65535 the number of error frame The default value is 1 The parameter window 1 60 time period The default value is 1 second 9 To configure the period of error frame use the following com mand Command Function zte cfg set ethernet oam port portlist link monitor frame period thresh...

Page 201: ...mation will be shown The parameter port shows the port configuration information that OAM is enabled The parameter discovery shows the OAM state and configu ration information on local and the peer that is discovered by a specified port including port OAM discovery period mode and the detection for relative link and the loopback The parameter statistics shows the statistics information of link eve...

Page 202: ...scovery fails Loopback off PDU Revision 92 Remote DTE the remote device information Config Mode active Link Monitor support Unidirection nonsupport Remote Loopback support Mib Retrieval nonsupport PDU max size 1518 Status Parser forward Multiplexer forward Stable yes Mac Address 00 d0 d0 29 28 02 the system MAC of the remote device The MAC address is 00 00 00 00 00 00 when discovery fails PDU Revi...

Page 203: ...lowing in formation appears SAT JUL 03 23 33 00 2004 ETH OAM port 2 deteced a fault in the local receive direction OAM Link Control Event Configuration Example OAM monitor function can notify the abnormal frame of the link receiver to the local The function is based on OAM discovery The user logs in to the switch through console port and configures OAM Enable OAM and the port link monitor of the o...

Page 204: ...mes Errored Frame Threshold 5 Total Errored Frames 0 Local Total Errored Events 0 Remote Total Errored Events 0 Errored Frame Seconds Event Errored Seconds Window 30 s Errored Seconds Threshold 10 s Total Errored Frame Seconds 0 s Local Total Errored Frame Seconds Events 0 Remote Total Errored Frame Seconds Events 0 Key of configuration The link monitoring events are classified into four types err...

Page 205: ...is to enhance the security of the network management system After this function is enabled specify a network management user to access the switch only from a specified IP address the user can not access the switch from other IP addresses When this function is disabled the network management user can access the switch through TelnetSSHSNMPWeb from any IP address Basic Configuration of Remote Access...

Page 206: ...cal authorization which restricts the login mode of remote login in detail By default all login modes are permitted zte cfg clear remote access all This deletes all IP addresses of restrictive access zte cfg clear remote access ipaddress A B C D A B C D This deletes an IP address of restrictive access zte cfg show remote access This displays the remote access configuration information Remote Acces...

Page 207: ...te access and other secure network services over an insecure network The purpose of the SSH protocol is to solve the security prob lems in interconnected networks and to offer a securer substitute for Telnet and Rlogin Although the present development of the SSH protocol has far exceeded the remote access function scope therefore the SSH connection protocol shall support interactive session The SS...

Page 208: ...onfiguration of the switch is as follows zte cfg creat user zte zte cfg set login password zte zte cfg set ssh enable The client end setting of host The client end of SSH v2 0 can use the free software Putty devel oped by Simon Tatham The current version provides client end support of Putty0 54 version The required settings when using Putty to log in to switch are as follows 1 Set the IP address a...

Page 209: ...ORT NUMBER OF THE SSH SERVER 2 Set the SSH version number as shown in Figure 80 FIGURE 80 SETTING SSH VERSION NUMBER 3 For the first time to log in the user confirmation is needed as shown in Figure 81 Confidential and Proprietary Information of ZTE CORPORATION 197 ...

Page 210: ...ST LOGIN 4 The SSH login result is shown in Figure 82 FIGURE 82 SSH LOGIN RESULT SNMP SNMP Overview SNMP is the most popular network management protocol currently It involves a series of protocol and specifications 198 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 211: ...evices can report errors to NMSs at any time before the NMSs poll them These errors are called traps When a trap occurs to a device the NMS can be used to query the device suppose it is reachable and obtain more infor mation Snmp v2c and v3 also support inform a SNMPv2 Trap that need response to inform abnormal events to NMS If receives in form message NMS will send a acknowledgement packet to swi...

Page 212: ... all enable disable This enables or disables SNMP link connection and disconnection link authentication failure cold boot warm start cluster topology change cluster member up down and loopdetect and so on zte cfg snmp set user username groupname v3 md5 auth sha auth password des56 priv password This sets SNMP v3 user name group name and its related authentication mode password zte cfg show snmp co...

Page 213: ... the IP address of the network management server is 10 40 92 77 the switch has a layer 3 port with the IP address of 10 40 92 11 and the switch is managed through the network management server Create a user named zteuser and the group named ztegroup the security level of this group is private that is authentication and encryption Specify the IP address of the host receiving trap or inform as 10 40...

Page 214: ...statistics group Statistics maintains the basic application and error statistics of each subnet that the agent monitors Event it is a table related to all events generated by RMON agents Alarm allows operators of the management console to set sampling interval and alarm threshold for any count or integer recorded by RMON agents All these groups are used to store the data collected by the monitor a...

Page 215: ...eateRequest invalid This sets history group zte cfg snmp set statistics 1 6553 5 datasource portname owner name status valid underCreation createRequest invalid This sets statistics group zte cfg snmp show alarm 1 65535 This displays configuration information about alarm group zte cfg snmp show event 1 65535 This displays configuration information about event group zte cfg snmp show history 1 6553...

Page 216: ...about history 2 zte cfg snmp show history 2 ControlIndex 2 BucketsRequest 3 Interval 10 BucketsGranted 3 ControlStatus valid ControlOwner zteNj DataSource 1 3 6 1 2 1 2 2 1 1 16 View configuration information about alarm 2 zte cfg snmp show alarm 2 AlarmIndex 2 SampleType absolute Interval 10 Value 16 Threshold R 8 Startup risingAlarm Threshold F 15 Status valid EventIndex R 2 Variable 1 3 6 1 2 1...

Page 217: ...rivate network It is recommended that you isolate the broadcast domain between the public network and the private network on the command switch and shield direct access to the private address The command switch provides an external management and maintenance chan nel to manage the cluster in a centralized manner In general the broadcast domain where a cluster is located consists of switches in the...

Page 218: ...900 Series User Manual FIGURE 83 CLUSTER MANAGEMENT NETWORKING Figure 84 shows the changeover rule of the four roles of switches within a cluster 206 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 219: ...fig group This enters cluster management configuration mode zte cfg group set zdp enable disable This enables disables the system ZDP function zte cfg group set zdp port portlist e nable disable This enables disables the port ZDP function zte cfg group set zdp trunk trunklist enable disable This enables disables the trunk ZDP function zte cfg group set zdp holdtime 10 255 This sets the valid time ...

Page 220: ...The ZTP configuration on the switch includes the following con tents Command Function zte cfg config group This enters cluster management configuration mode zte cfg group set ztp enable disable This enables disables the system ZTP function zte cfg group set ztp port portlist e nable disable This enables disables the port ZTP function zte cfg group set ztp trunk trunklist enable disable This enable...

Page 221: ...TP Consequently the cluster management and monitoring are implemented Unique ID of a cluster consists of VLAN where cluster is located and MAC address of command switch Command Function zte cfg config group This enters cluster management configuration mode zte cfg group set group candidate This configures a switch as candidate switch zte cfg group set group independent This configures a switch as ...

Page 222: ...cfg group set group tftpsvr A B C D This sets IP address of internal public TFTP Server of cluster zte cfg group set group commander mac HH HH HH HH HH HH HH HH HH vid This configures MAC address of cluster commander switch 00 d0 d0 is required to add on the front of MAC address zte cfg group set group mac mode standard This configures the protocol broadcast address mode of cluster management as s...

Page 223: ... WYXX cfg set vlan 2525 add port 1 16 tag WYXX cfg config router WYXX cfg router set ipport 25 ipaddress 100 1 1 10 24 WYXX cfg router set ipport 25 vlan 2525 WYXX cfg router set ipport 25 enable WYXX cfg router iproute 0 0 0 0 0 100 1 1 1 2 Create a cluster on layer 3 port 1 of the command switch and VLAN 1 default VLAN WYXX cfg config group WYXX cfg group set group commander ipport 1 ip pool 192...

Page 224: ...WYXX cfg group 5 Create a cluster on VLAN 4000 WYXX cfg group set ztp vlan 4000 WYXX cfg group set group commander ipport 1 ip pool 192 168 1 1 24 Cmdr WYXX cfg group ztp start Cmdr WYXX cfg group show ztp device Last collection vlan 4000 Last collection time 176 ms Id MacAddress Hop Role HostName Platform 0 00 d0 d0 fc 08 6c 0 cmdr zte ZXR10 2926 1 00 d0 d0 fc 08 d6 1 candi zte ZXR10 2909 2 00 d0...

Page 225: ...riority of traffic across core network Recognize the network application flow from the remote site to ensure the effect on server Basic Configuration of SFLOW To configure SFLOW perform the following steps Command Function zte cfg set sflow ingress feport feportlist off on frequency 2 16000000 This configures sampling rate on ingress direction of 100M port zte cfg set sflow ingress egress geport g...

Page 226: ...to use a standard Web browser it is recommended to use IE4 0 above and 1024 768 resolution for managing remote switch Configuring System Login On the condition that WEB connection has been configured on the switch refer to Configuration through WEB Connection 1 Open Microsoft Internet Explore 2 Enter IP address of switch in URL this address is that switch can connect press the button Enter to open...

Page 227: ...me and password select user privilege Ad min user need enter login password and management pass word Guest user only need enter login password Click Login button to login in to system main interface as shown in Figure 86 Confidential and Proprietary Information of ZTE CORPORATION 215 ...

Page 228: ...tion Management System Information Click directory tree on the left of system main page Configura tion System open system information page by default Con figuration directory is expansive as shown in Figure 87 216 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 229: ...ded card 1 HostName system name SysLocation system location SysUpTime the running time after the system is started Both HostName and SysLocation can be configured After con figuration click the Apply button to submit to complete the con figuration Port Management 1 Click directory tree on the left of system main page Configu ration Port Port State open port state information page as shown in Figur...

Page 230: ...uplex working state of port Speed working speed of port Note Linkdown of port means that port hasn t physical connection The displaying values of Duplex and Speed are meaning less 2 Click directory tree on the left of main page Configuration Port Port Parameter open port configuration information page as shown in Figure 89 218 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 231: ...uplex mode PVID port default VLAN ID FlowControl port flow control enable MultiFilter port multicast filter enable MacLimit port Mac address learning limit Security port security enable SpeedAdvertise port speed advertisement 3 Single port configuration click the Config button in the line of port to be configured in port configuration information page list to open configuration page of this port a...

Page 232: ...ore the two attributes can t be configured enabled at the same time Caution Note If the port connects the network management host is shutdown network management will be interrupted 4 Bulk port configuration select multiple ports in port configu ration information page listselect Select All to select all ports and then click Apply to open bulk port configuration page as shown in Figure 91 220 Confi...

Page 233: ...ply to submit to complete the configuration VLAN Management 1 Click directory tree on the left of main page Configuration VLAN Vlan Overview open VLAN information page to display the VLAN information which is operated currently If the VLAN hasn t been operated the default VLAN will be displayed Refer to Figure 92 Confidential and Proprietary Information of ZTE CORPORATION 221 ...

Page 234: ...me AdminStatus VLAN enable Tagged Ports port with tag in VLAN Untagged Ports port without tag in VLAN Tagged Trunks trunk with tag in VLAN Untagged Trunks trunk without tag in VLAN 2 View specific VLAN information select Input in VLAN infor mation page and then enter VLAN number in the following text box such as 1 3 5 or select All Click Apply to submit to get the corresponding VLAN information 3 ...

Page 235: ...er page such as 1 3 5 click Apply to enter single VLAN configuration or bulk VLAN configuration page respective description are as follows Figure 94 shows the single VLAN configuration interface FIGURE 94 SINGLE VLAN CONFIGURATION PAGE Confidential and Proprietary Information of ZTE CORPORATION 223 ...

Page 236: ...hows bulk VLAN configuration FIGURE 95 BULK VLAN CONFIGURATION PAGE Admin of Select items is used to enable VLAN Port is ordi nary port of bulk VLAN configuration Trunk is Trunk group of bulk VLAN configuration After setting some attributes of VLAN in this page click Apply to complete the configuration PLAN Management 1 Click directory tree Configuration PVLAN Pvlan Overview on the left of main pa...

Page 237: ...mation of PVLAN pvlan Session PVLAN instance Promiscuous Port shared port Isolated Port isolated port 2 Click directory tree Configuration PVLAN Pvlan Config ure on the left of main page open PVLAN configuration page as shown in Figure 97 Confidential and Proprietary Information of ZTE CORPORATION 225 ...

Page 238: ... Port isolated port This page also can set attributes After setting click Apply to submit When system is configured successfully the config ured information page will be displayed Port Mirroring Management 1 Click directory tree Configuration Mirror on the left of main page open Mirror information page refer to Figure 98 226 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 239: ...on of port mirroring including ingress and egress Source port mirroring source port Destination port mirroring destination port 2 Click Config on the right of Ingress column to open port ingress mirroring configuration page Refer to Figure 99 Confidential and Proprietary Information of ZTE CORPORATION 227 ...

Page 240: ...n port can be configured in this page After setting click Apply to submit to complete the configuration 3 Click Config on the right of Egress column to open port egress mirroring configuration page as shown in Figure 100 FIGURE 100 PORT EGRESS MIRRORING CONFIGURATION PAGE 228 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 241: ...s i LACP basic information AdminStatus LACP enable LacpPriority LACP priority ii aggregation port information GroupNum aggregation group number that aggre gation port belongs to GroupMode aggregation group aggregation mode that port belongs to LacpTime aggregation port timeout mode LacpActive aggregation port active passive mode set basic attributes of AdminStatus and LacpPriority in this page and...

Page 242: ...ick Set to open configuration page of bulk aggregation port as shown in Figure 102 FIGURE 102 BULK AGGREGATION PORT CONFIGURATION PAGE After setting attributes of aggregation port in this page click Apply to submit 2 Click directory tree Configuration Lacp Lacp State on the left of main page open aggregation group information page as shown in Figure 103 230 Confidential and Proprietary Information...

Page 243: ... group Attached Ports attached ports in aggregation group Active Ports active ports in aggregation group GroupMode aggregation mode of aggregation group Click Config of the right column to open the corresponding aggregation group configuration page as shown in Figure 104 Confidential and Proprietary Information of ZTE CORPORATION 231 ...

Page 244: ...and release port from aggre gation group select port in aggregation port column click Note Only the ports with same attribute can be bound into the same aggregation group Each aggregation group can bind up to 8 ports Caution Note avoid binding the port connects the network manage ment host with aggregation group or the network manage ment will be interrupted 232 Confidential and Proprietary Inform...

Page 245: ... information page as shown in Figure 105 FIGURE 105 TERMINAL LOG INFORMATION PAGE Click Refresh button to update terminal log information Port Statistics Click directory tree Monitoring Port Statistics on the left of main page open port statistics information page as shown in Figure 106 Confidential and Proprietary Information of ZTE CORPORATION 233 ...

Page 246: ...castFrames Received multicast frames OversizeFrames Oversize frames UndersizeFrames undersize frames CrcError number of CRC error SendBytes sending bytes SendFrames sending frames SendBroadcastFrames sending broadcast frames SendMulticastFrames sending multicast frames Configuration Information Click directory tree Monitoring Running config on the left of main page open configuration information p...

Page 247: ...ge displays configuration information of switch System Maintenance Saving Configuration Click directory tree Maintenance Save on the left of main page open saving configuration information page as shown in Figure 108 Confidential and Proprietary Information of ZTE CORPORATION 235 ...

Page 248: ... Caution Saving configuration will cover the original configuration file Make sure that the configuration need to be covered before clicking Ok Configuring Reboot Click directory tree Maintenance Reboot on the left of main page open reboot function page as shown in Figure 109 236 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 249: ...rd in AdminPassword and then click Ok to re boot the switch or click Cancel to cancel reboot Uploading File Click directory tree Maintenance Upload on the left of main page open file upload page as shown in Figure 110 Confidential and Proprietary Information of ZTE CORPORATION 237 ...

Page 250: ...RE 110 FILE UPLOAD PAGE Click Browse browse and select the file to be uploaded as shown in Figure 111 and then click Ok to upload file FIGURE 111 BROWSE AND SELECT THE FILE 238 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 251: ...can t work Unprofessional personnel are not recommended to use this function User Management Click directory tree Maintenance User Manager on the left of main page open user management page as shown in Figure 112 FIGURE 112 USER MANAGEMENT PAGE This page displays the current username The username and login password can be modified Enter the new username password and new password and verify Click A...

Page 252: ... FIGURE 113 ADDING USER PAGE Enter admin password of current user in this page enter the in formation about the user to be added and then click Apply to submit Deleting User Click Delete button in user management page open Deleting User page as shown in Figure 114 240 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 253: ...8 Network Management FIGURE 114 DELETING USER PAGE Enter admin password in this page select the user to be deleted and then click Apply to submit Confidential and Proprietary Information of ZTE CORPORATION 241 ...

Page 254: ...ZXR10 2900 Series User Manual This page is intentionally blank 242 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 255: ... Plastic Pads 23 Figure 14 Installing Flanges 24 Figure 15 Installing Brackets 24 Figure 16 Fixing the Switch 25 Figure 17 AC Power Cable 25 Figure 18 Outline Drawing of 48V Power Socket 26 Figure 19 DC Power Cable 26 Figure 20 Grounding Protect Cable 27 Figure 21 SERIAL PORT CONFIGURATION CABLE 27 Figure 22 STRUCTURE OF NETWORK CABLE 28 Figure 23 TRANSVERSE ENGLISH LABEL ON PANELS AND CONNECTORS ...

Page 256: ...on Example 88 Figure 47 SQinQ Typical Network 91 Figure 48 EXAMPLE OF LACP CONFIGURATION 93 Figure 49 MSTP Topological Structure 95 Figure 50 STP Configuration Example 99 Figure 51 ZESR running state when the ring is complete state 104 Figure 52 ZESR running state when the ring is link failure 105 Figure 53 ZESR running state when the ring is link restore 105 Figure 54 Multi Ring Multi Domain 106 ...

Page 257: ... USER CONFIRMATION REQUIRED IN THE FIRST LOGIN 198 Figure 82 SSH LOGIN RESULT 198 Figure 83 CLUSTER MANAGEMENT NETWORKING 206 Figure 84 SWITCH ROLE CHANGEOVER RULE 207 Figure 85 System Login Interface 215 Figure 86 System Main Interface 216 Figure 87 System Information Page 217 Figure 88 Port State Information Page 218 Figure 89 Port Configuration Information Page 219 Figure 90 Single Port Configu...

Page 258: ...erminal Log Information Page 233 Figure 106 Port Statistics Information Page 234 Figure 107 Configuration Information Page 235 Figure 108 Saving Configuration Page 236 Figure 109 Reboot Function Page 237 Figure 110 File Upload Page 238 Figure 111 Browse and Select the File 238 Figure 112 User Management Page 239 Figure 113 Adding User Page 240 Figure 114 Deleting User Page 241 246 Confidential and...

Page 259: ...ZXR10 2936 FI 18 Table 6 ZXR10 2920 2928 Sub board List 18 Table 7 PINOUT OF SERIAL PORT CONFIGURATION CABLE 27 Table 8 RJ45 PINOUT OF STRAIGHT THROUGH CABLE 28 Table 9 RJ45J PINOUT OF CROSSOVER CABLE 29 Table 10 FIBER TYPES 29 Table 11 TEMPERATURE AND HUMIDITY TABLE 39 Table 12 FUNCTIONAL KEYS 53 Table 13 Port Role and Port State 96 Table 14 Syslog Log Information 182 Confidential and Proprietary...

Page 260: ...ZXR10 2900 Series User Manual This page is intentionally blank 248 Confidential and Proprietary Information of ZTE CORPORATION ...

Page 261: ...tocol NTP Network Time Protocol OAM Operation Administration and Maintenance PVID Port VLAN ID PVLAN Private Virtual Local Area Network RMON Remote Monitoring RSTP Rapid Spanning Tree Protocol SNMP Simple Network Management Protocol SP Strict Priority SSH Secure Shell STP Spanning Tree Protocol TFTP Trivial File Transfer Protocol VBAS Virtual Broadband Access Server VLAN Virtual Local Area Network...

Page 262: ...ZXR10 2900 Series User Manual WRR Weighted Round Robin ZESR ZTE Ethernet Switch Ring 250 Confidential and Proprietary Information of ZTE CORPORATION ...

Search results

Summary of Contents for ZXR10 2900 Series

Reviews:

Related manuals for ZXR10 2900 Series

Brands by name

Popular brands

Zte ZXR10 2900 Series, User Manual

Search results

Summary of Contents for ZXR10 2900 Series

Reviews:

Related manuals for ZXR10 2900 Series

Brands by name

Popular brands