manualshive.com logo in svg

Huawei AR150/200 Series, Руководство по настройке

Поделиться
Скачать
Huawei AR150/200 Series Скачать руководство пользователя страница 130

<Huawei> 

display ntp-service sessions

               source          reference       stra reach poll  now offset delay 
disper
********************************************************************************
        [12345]127.127.1.0     LOCAL(0)           7    1   64    2      -    0.0   
15.6
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured,
      6 vpn-instance

Run the 

display ntp-service trace

 command to view the summary information on each passing

NTP server when tracing from the local device to the reference clock source.

<Huawei> 

display ntp-service trace

server 127.0.0.1,stratum 5, offset 0.024099, synch distance 0.06337
server 171.1.1.2,stratum 4, offset 0.028786, synch distance 0.04575
server 201.1.1.2,stratum 3, offset 0.035199, synch distance 0.03075
server 200.1.7.1,stratum 2, offset 0.039855, synch distance 0.01096
refid 127.127.1.0

5.3 Configuring NTP Security Mechanisms

This section describes how to configure NTP security mechanisms to guarantee reliable clock
synchronization on networks demanding high security.

5.3.1 Establishing the Configuration Task

Before configuring NTP security mechanisms, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This can help
you complete the configuration task quickly and accurately.

Applicable Environment

NTP supports two security mechanisms: access authority and NTP authentication.

l

Access authority
Access authority is a type of simple security method provided by the AR150/200 to protect
local NTP services.
The AR150/200 provides four access authority levels. When an NTP access request packet
reaches the local end, it is matched in an order from the minimum access authority to the
maximum access authority. The first matched authority level takes effect. The matching
order is as follows:

peer

: indicates the minimum access authority. The remote end can send the request of

the local time and the control query to the local end. The local clock can also be
synchronized with that of the remote server.

server

: indicates the remote end can perform the time request and control query to the

local end but the local clock cannot be synchronized with that of the remote end.

synchronization

: indicates that the remote end can perform only the time request to the

local end.

query

: indicates the maximum access authority. The remote end can perform only the

control query to the local end.

l

NTP authentication
NTP authentication is required in some networks with high security demands.
The configuration of NTP authentication involves configuring NTP authentication on both
the client and the server.

Huawei AR150&200 Series Enterprise Routers
Configuration Guide - Network Management

5 NTP Configuration

Issue 02 (2012-03-30)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

119

Содержание AR150/200 Series

Страница 1: ...Huawei AR150 200 Series Enterprise Routers V200R002C00 Configuration Guide Network Management Issue 02 Date 2012 03 30 HUAWEI TECHNOLOGIES CO LTD ...

Страница 2: ...be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensu...

Страница 3: ...ANGER Indicates a hazard with a high level of risk which if not avoided will result in death or serious injury WARNING Indicates a hazard with a medium or low level of risk which if not avoided could result in minor or moderate injury CAUTION Indicates a potentially hazardous situation which if not avoided could result in equipment damage data loss performance degradation or unexpected results TIP...

Страница 4: ...d by vertical bars Several items or no item can be selected 1 n The parameter before the sign can be repeated 1 to n times A line starting with the sign is comments Interface Numbering Conventions Interface numbers used in this manual are examples In device configuration use the existing interface numbers on devices Change History Updates between document versions are cumulative Therefore the late...

Страница 5: ... Function 18 1 3 5 Optional Configuring the Trap Function 19 1 3 6 Checking the Configuration 20 1 4 Configuring a Device to Communicate with an NM Station by Running SNMPv3 22 1 4 1 Establishing the Configuration Task 22 1 4 2 Configuring Basic SNMPv3 Functions 23 1 4 3 Optional Controlling the NM Station s Access to the Device 25 1 4 4 Optional Enabling the SNMP Extended Error Code Function 27 1...

Страница 6: ... in the LLDPDU 66 3 3 6 Optional Configuring LLDP Timers 67 3 3 7 Optional Enabling the LLDP Trap Function 70 3 3 8 Checking the Configuration 71 3 4 Maintaining LLDP 74 3 4 1 Clearing LLDP Statistics 74 3 4 2 Monitoring LLDP Status 74 3 5 Configuration Examples 74 3 5 1 Example for Configuring LLDP on the Device That Has a Single Neighbor 75 3 5 2 Example for Configuring LLDP on the Device That H...

Страница 7: ...ng NTP Authentication in Broadcast Mode 123 5 3 7 Configuring NTP Authentication in Multicast Mode 123 5 3 8 Checking the Configuration 124 5 4 NTP Configuration Examples 125 5 4 1 Example for Configuring NTP Authentication in Unicast Server and Client Mode 125 5 4 2 Example for Configuring NTP Peer Mode 129 5 4 3 Example for Configuring NTP Authentication in Broadcast Mode 131 5 4 4 Example for C...

Страница 8: ...e Configuration 162 6 9 Configuring the SNMP Query Test 163 6 9 1 Establishing the Configuration Task 163 6 9 2 Configuring the SNMP Query Test Parameters 163 6 9 3 Checking the Configuration 165 6 10 Configuring the TCP Test 166 6 10 1 Establishing the Configuration Task 166 6 10 2 Configuring the TCP Server 166 6 10 3 Configuring the TCP Client 167 6 10 4 Checking the Configuration 168 6 11 Conf...

Страница 9: ...of Saving NQA Test Results Through FTP 193 6 17 4 Optional Configuring the Number of Test Results Saved Through FTP 193 6 17 5 Optional Configuring the Duration of Saving Test Results Through FTP 194 6 17 6 Optional Enabling Alarms to Be Sent to the NM Station After the FTP Transmission Succeeds 194 6 17 7 Starting the Test Instance 195 6 17 8 Checking the Configuration 196 6 18 Configuring a Thre...

Страница 10: ...put Statistics 234 7 4 3 Outputting the Statistics 235 7 4 4 Optional Configuring the Inactive Aging Time 235 7 4 5 Optional Configuring the Active Aging Time 236 7 4 6 Enabling NetStream for Multicast Traffic on an Interface 236 7 4 7 Checking the Configuration 236 7 5 Configuring the Aggregation Statistics About IPv4 Traffic 237 7 5 1 Establishing the Configuration Task 238 7 5 2 Configuring the...

Страница 11: ...ugh NetStream 251 7 9 Example for Configuring NetStream 251 7 9 1 Example for Collecting the Statistics of IPv4 Unicast Traffic 252 7 9 2 Example for Configuring NetStream of IPv4 Aggregation Traffic 253 7 9 3 Example for Configuring Flexible NetStream Traffic Statistics 256 8 Ping and Tracert 260 8 1 Ping and Tracert Overview 261 8 1 1 Introduction to Ping and Tracert 261 8 2 Configuring Ping and...

Страница 12: ... by Running SNMPv2c After SNMPv2c is configured a managed device and an NM station can run SNMPv2c to communicate with each other To ensure normal communication you need to configure both sides This section describes only the configurations on a managed device the agent side For details about configurations on an NM station see the pertaining NM station operation guide 1 4 Configuring a Device to ...

Страница 13: ...ons that the NM station can perform and allows devices to send alarms to notify the NM station of device faults An SNMP managed network consists of three components NM station agent and managed device The NM station uses the MIB to identify and manage device objects The operations used for device management include GetRequest GetNextRequest GetResponse GetBulk SetRequest and notification from the ...

Страница 14: ...f numbers 1 2 1 1 Such a number string is called an Object Identifier OID A MIB tree is used to describe the hierarchy of data in a MIB that collects the definitions of variables on the managed devices A user can use a standard MIB or define a MIB based on certain standards Using a standard MIB can reduce the costs on proxy deployment and therefore reduce the costs on the entire network management...

Страница 15: ... the value of a variable The NM station sends the request to a managed device to adjust the status of an object on the device Trap Reports an event to the NM station NOTE SNMP is used for NM station s monitoring and management of network devices It cannot be used to monitor and manage the operation of the entire network To monitor and manage the operation of an entire network for example to learn ...

Страница 16: ...anaged devices This prevents data packets from being intercepted or modified improving data sending security Error code Identifies particular faults An administrator uses error codes to quickly locate and rectify faults The more error codes received the more they help an administrator in device management Trap Sent from managed devices to the NM station These traps allow an administrator to discov...

Страница 17: ...irements are not strict or whose security is good for example VPNs but whose services are so busy that traffic congestion may occur SNMPv3 This version is applicable to networks of various scales especially the networks that have strict requirements on security and can be managed only by authorized administrators such as the scenario where data between the NM station and managed devices needs to b...

Страница 18: ...nfiguring a device to communicate with an NM station by running SNMPv1 familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the data required for the configuration This will help you complete the configuration task quickly and accurately Applicable Environment SNMP needs to be deployed in a network to allow the NM station to manage network devices If...

Страница 19: ...led By default the SNMP agent function is disabled Running any command with the parameter snmp agent can enable the SNMP agent function so this step is optional Step 3 Run snmp agent sys info version v1 The SNMP version is set By default SNMPv1 SNMPv2c and SNMPv3 are enabled Step 4 Run snmp agent community read write community name The community name is set l read must be configured in the command...

Страница 20: ...k Step 7 Optional Run snmp agent sys info contact contact location location The equipment administrator s contact information or location is configured This step is required when the NM station administrator must know equipment administrators contact information and locations when the NM station manages many devices This allows the NM station administrator to contact the equipment administrators q...

Страница 21: ...The system view is displayed Step 2 Run acl acl number A basic ACL is created to filter the NM station users that can manage the device Step 3 Run rule rule id deny permit source source ip address source wildcard any A rule is added to the ACL Step 4 Run quit Return to the system view Step 5 Run snmp agent mib view view name include exclude subtree name mask mask A MIB view is created and manageab...

Страница 22: ...ress of the NM station is specified if the IP address changes for example the NM station changes its location or IP addresses are reallocated due to network adjustment you need to change the IP address of the NM station in the ACL Otherwise the NM station cannot access the device 1 2 4 Optional Enabling the SNMP Extended Error Code Function This section describes how to enable the extended SNMP er...

Страница 23: ... is set The queue length depends on the number of generated trap messages If the router frequently generates trap messages a longer queue length can be set to prevent trap messages from being lost Step 5 Run snmp agent trap life seconds The lifetime of every trap message is set The lifetime of every trap message depends on the number of generated trap messages If the router frequently generates tr...

Страница 24: ...ame ViewDefault Acl 2001 Total number is 1 Run the display snmp agent sys info version command You can view the SNMP version running on the agent Huawei display snmp agent sys info version SNMP version running in the system SNMPv1 Run the display acl acl number command You can view the rules in the specified ACL Huawei display acl 2000 Basic ACL 2000 1 rule Acl s step is 5 rule 5 permit source 1 1...

Страница 25: ...eed to configure both sides This section describes only the configurations on a managed device the agent side For details about configurations on an NM station see the pertaining NM station operation guide The NM station manages a device in the following manners l Sends requests to the managed device to perform the GetRequest GetNextRequest GetResponse GetBulk or SetRequest operation obtaining dat...

Страница 26: ...arm destination host and administrator s contact information and location 2 Optional ACL number IP address of the NM station MIB object 3 Optional Name of the alarm sending module source address of trap messages queue length for trap messages and lifetime of trap messages 1 3 2 Configuring Basic SNMPv2c Functions After basic SNMP functions are configured an NM station can perform basic operations ...

Страница 27: ...msname The destination address for the alarms and error codes sent from the device is configured The descriptions of the command parameters are as follows l The default destination UDP port number is 162 In some special cases for example port mirroring is configured to prevent a well known port from being attacked the parameter udp port can be used to specify a non well known UDP port number This ...

Страница 28: ...d manageable MIB objects for SNMP based communication between the NM station and managed device to improve communication security Context If a device is managed by multiple NM stations that use the same community name note the following points l If all the NM stations that use the community name need to have rights to access the objects in the Viewdefault view 1 3 6 1 skip the following steps l If...

Страница 29: ...ead and write certain data l If some of the NM stations that use the community name need to have rights to access the objects in the Viewdefault view 1 3 6 1 mib view view name does not need to be configured in the command l If all the NM stations that use the community name need to manage specified objects on the device acl acl number does not need to be configured in the command l If some of the...

Страница 30: ...fied After the source interface is specified its IP address becomes the source IP address of trap messages Configuring the IP address of the local loopback interface as the source interface is recommended which can ensure device security The source interface specified on the router for trap messages must be consistent with that specified on the NM station otherwise the NM station will not accept t...

Страница 31: ...rator s contact information l Run the display snmp agent sys info location command to check the location of the device l Run the display current configuration include trap command to check trap configurations l Run the display snmp agent target host command to check information about the target host l Run the display snmp agent extend error code status command to check whether the SNMP extended er...

Страница 32: ...snmp agent sys info contact The contact person for this managed node R D Beijing Huawei Technologies co Ltd Run the display snmp agent sys info location command You can view the location of the device Huawei display snmp agent sys info location The physical location of this node Beijing China Run the display current configuration include trap command You can view trap configurations Huawei display...

Страница 33: ...ication see the following configuration procedures 1 4 1 Establishing the Configuration Task Before configuring a device to communicate with an NM station by running SNMPv3 familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the data required for the configuration This will help you complete the configuration task quickly and accurately Applicable E...

Страница 34: ... Context Steps 4 5 and 6 are mandatory for the configuration of basic SNMP functions After the configurations basic SNMP communication can be conducted between the NM station and managed device Procedure Step 1 Run system view The system view is displayed Step 2 Optional Run snmp agent The SNMP agent function is enabled By default the SNMP agent function is disabled Running any command with the pa...

Страница 35: ... lower than the security level of the SNMP group to which the user belongs otherwise communication fails If the security level configured for the user is no authentication and no encryption the user has permission to access objects within MIB 2 and has only read property After a user is added to the user group the NM station that uses the name of the user can access the objects in the Viewdefault ...

Страница 36: ...both the equipment administrator s contact information and location you must run the command twice to configure them separately End Follow up Procedure If finer device management is required follow directions below to configure the managed device l To allow a specified NM station in an SNMPv3 user group to manage specified objects of the device such as NM station with the specified IP address foll...

Страница 37: ...ghts to access the objects in the Viewdefault view 1 3 6 1 l If a few MIB objects on the device or some objects in the current MIB view do not or no longer need to be managed by the NM station exclude needs to be specified in the command to exclude these MIB objects l If a few MIB objects on the device or some objects in the current MIB view need to be managed by the NM station include needs to be...

Страница 38: ... l If some of the NM stations that are in the same SNMPv3 user group need to manage specified objects on the device both the MIB view and ACL need to be configured in the command End Follow up Procedure After the access rights are configured especially after the IP address of the NM station is specified if the IP address changes for example the NM station changes its location or IP addresses are r...

Страница 39: ...n will not accept the trap messages sent from the router Step 4 Run snmp agent trap queue size size The length of the queue storing trap messages to be sent to the destination host is set The queue length depends on the number of generated trap messages If the router frequently generates trap messages a longer queue length can be set to prevent trap messages from being lost Step 5 Run snmp agent t...

Страница 40: ...004C3F Group name testgroup Authentication mode md5 Privacy mode des56 Storage type nonVolatile User status active Total number is 1 Run the display snmp agent sys info version command You can view the SNMP version running on the agent Huawei display snmp agent sys info version SNMP version running in the system SNMPv3 Run the display acl acl number command You can view the rules in the specified ...

Страница 41: ... section provides several configuration examples of SNMP The configuration roadmap in the examples will help you understand the configuration procedures Each configuration example provides information about the networking requirements configuration notes and configuration roadmap 1 5 1 Example for Configuring a Device to Communicate with an NM Station by Using SNMPv1 This section provides an examp...

Страница 42: ...e the trap function to allow the router to send alarms to NMS2 5 Configure the equipment administrator s contact information on the router 6 Configure NMS2 Data Preparation To complete the configuration you need the following data l SNMP version l Community name l ACL number l IP address of the NM station l Equipment administrator s contact information Procedure Step 1 Configure available routes b...

Страница 43: ...ap hostname nms2 address 1 1 1 2 trap paramsname trapnms2 Huawei snmp agent trap queue size 200 Huawei snmp agent trap life 60 Huawei snmp agent trap enable Step 6 Configure the equipment administrator s contact information Huawei snmp agent sys info contact call Operator at 010 12345678 Step 7 Configure NMS2 For details on how to configure NMS2 see the relevant NMS configuration guide Step 8 Veri...

Страница 44: ... Oct 11 2010 18 57 59 00 00 Huawei DS 4 DATASYNC_CFGCHANGE OID 1 3 6 1 4 1 2011 5 25 191 3 1 configurations have been changed The current change number is 95 the change loop count is 0 and the maximum number of records is 4095 Check the equipment administrator s contact information Huawei display snmp agent sys info contact The contact person for this managed node call Operator at 010 12345678 End...

Страница 45: ...nage the router On the router only the modules that are enabled by default are allowed to send alarms to NMS2 This prevents an excess of unwanted alarms from being sent to NMS2 Equipment administrator s contact information needs to be configured on the router This allows the NMS administrator to contact the equipment administrator quickly if a fault occurs Figure 1 5 Networking diagram for configu...

Страница 46: ...01 rule 6 deny source 1 1 1 1 0 0 0 0 Huawei acl basic 2001 quit Configure a MIB view Huawei snmp agent mib view dnsmib include 1 3 6 1 4 1 2011 5 25 194 Configure a community name to allow NMS2 to manage the objects in the MIB view Huawei snmp agent community write adminnms2 mib view dnsmib acl 2001 Step 5 Configure the trap function Huawei snmp agent target host trap paramsname trapnms2 v2c secu...

Страница 47: ...nms2 Total number is 1 Parameter list trap target host Parameter name of the target host trapnms2 Message mode of the target host SNMPV2C Trap version of the target host v2c Security name of the target host adminnms2 Total number is 1 When an alarm is generated run the display trapbuffer command to view the details Huawei display trapbuffer Trapping buffer configuration and contents enabled Allowe...

Страница 48: ...ple to describe how to configure a device to communicate with an NM station by using SNMPv3 and how to specify the MIB objects that can be managed by the NM station Networking Requirements As shown in Figure 1 6 two NM stations NMS1 and NMS2 and the router are connected across a public network According to the network planning NMS2 can manage DNS MIB object on the router and NMS1 does not manage t...

Страница 49: ...router 6 Configure NMS2 Data Preparation To complete the configuration you need the following data l SNMP version l User group name l User name and password l Authentication and encryption algorithms l ACL number l IP address of the NM station l Equipment administrator s contact information Procedure Step 1 Configure available routes between the router and the NM stations Details for the configura...

Страница 50: ...snmp agent target host trap paramsname trapnms2 v3 securityname testuser privacy Huawei snmp agent target host trap hostname nms2 address 1 1 1 2 trap paramsname trapnms2 Huawei snmp agent trap queue size 200 Huawei snmp agent trap life 60 Huawei snmp agent trap enable Step 6 Configure the equipment administrator s contact information Huawei snmp agent sys info contact call Operator at 010 1234567...

Страница 51: ...ost v3 Security name of the target host testuser Security level of the target host privacy Total number is 1 When an alarm is generated run the display trapbuffer command to view the details Huawei display trapbuffer Trapping buffer configuration and contents enabled Allowed max buffer size 1024 Actual buffer size 256 Channel number 3 Channel name trapbuffer Dropped messages 0 Overwritten messages...

Страница 52: ... agent target host trap hostname nms2 address 1 1 1 2 udp port 162 trap paramsname trapnms2 snmp agent target host trap paramsname trapnms2 v3 securityname testuser privacy snmp agent mib view dnsmib include hwDnsMib snmp agent usm user v3 testuser testgroup authentication mode md5 B4B3D731A5006953EDFC9BB83F983497 privacy mode des56 B4B3D731A5006953EDFC9BB83F983497 snmp agent trap enable snmp agen...

Страница 53: ...ough RMON 2 3 RMON Configuration Examples This section provides examples for configuring RMON and illustrates the networking requirements configuration roadmap and configuration notes You can better understand the configuration procedures with the help of the configuration flowchart Huawei AR150 200 Series Enterprise Routers Configuration Guide Network Management 2 RMON Configuration Issue 02 2012...

Страница 54: ...MIB l Embed a RMON agent into a network device a router for example to enable the device to be of the RMON Probe capability The NM Station uses the basic SNMP commands for exchanging data with the RMON agent and collecting the network management information This process is restricted by device resources and hence the NM Station collects only information on four groups alarm event history and stati...

Страница 55: ...sm to limit the generation of alarms If this mechanism is adopted an alarm event is generated when the sampled data in a direction crosses the threshold No more events will be generated until the sampled data in the opposite direction crosses the threshold The AR150 200 does not apply this mechanism because it will not generate the alarms for a long period For the AR150 200 the alarms are re gener...

Страница 56: ...us and traffic through RMON 2 2 1 Establishing the Configuration Task Before configuring RMON familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment To monitor network status and collect traffic statistics on a network segment you can confi...

Страница 57: ...lated parameters 6 Prialarm table to be used and related parameters 2 2 2 Enabling the RMON Statistics Function on the Interface You need to enable traffic statistics function on the interface where traffic statistics are collected If the traffic statistics function is not enabled on the interface statistics values of in both ethernetStatsTable and HistoryControlTable are 0 Context Do as follows o...

Страница 58: ...4 Configuring the HistoryControlTable HistoryControlTable provides the historical data management function With this function you can sample traffic of a certain interface set the maximum number of items to be saved and the sampling interval collect traffic statistics on the specific interface periodically and save the statistics to etherHistoryTable for future use Context As recommended by the RM...

Страница 59: ...xceeds the alarm threshold the router generates logs sends traps or generates logs and sends traps Context Do as follows on the router that is monitored The RMON event management module is responsible for adding events to the corresponding rows in the eventTable and defining the methods of processing events l log sending only logs l log trap sending both logs and trap messages to the NM Station l ...

Страница 60: ...red for example an inexistent OID is specified the status of alarm recording is undercreation and no alarm is generated Do as follows on the router that is monitored Procedure Step 1 Run system view The system view is displayed Step 2 Run rmon alarm entry number alarm OID sampling time absolute changeratio delta rising threshold threshold value1 event entry1 falling threshold threshold value2 even...

Страница 61: ...ratio delta rising threshold threshold value1 event entry1 falling threshold threshold value2 event entry2 entrytype cycle entry period forever owner owner name The prialarmTable is configured End 2 2 8 Checking the Configuration After configuring RMON you can view the traffic statistics collected by RMON Prerequisites The configurations of the RMON are complete Procedure l Run the display rmon al...

Страница 62: ...n history command to display the RMON history Huawei display rmon history History control entry 1 owned by Test300 is VALID Samples interface Ethernet1 0 0 ifEntry 402653698 Sampling interval 30 sec with 10 buckets max Last Sampling time 0days 00h 09m 43s Latest sampled values octets 645 packets 7 broadcast packets 7 multicast packets 0 undersize packets 6 oversize packets 0 fragments packets 0 ja...

Страница 63: ...ork connected to Ethernet0 0 1 be monitored to obtain real time and history statistics of unicast packets on the network If the number of unicast packets in the VLAN becomes abnormal the Router sends a Trap message to the NMS Figure 2 1 Networking diagram of configuring RMON NM Station PC PC Ethernet 0 0 1 VLAN Router IP Netw ork Configuration Roadmap The configuration roadmap is as follows 1 Exec...

Страница 64: ...cs enable Configure the etherStatsTable Router Ethernet0 0 1 rmon statistics 1 owner User01 Verify the configuration You can check the traffic on the subnet Router Ethernet0 0 1 display rmon statistics ethernet 0 0 1 Statistics entry 1 owned by User01 is VALID Interface Ethernet0 0 1 ifEntry 4 Received octets 156 packets 1 broadcast packets 0 multicast packets 1 undersize packets 0 oversize packet...

Страница 65: ...er User01 Display the alarms Router display rmon event Event table 1 owned by User01 is VALID Description logevent Will cause log when triggered last triggered at 0days 00h 00m 00s Event table 2 owned by User01 is VALID Description prialarmevent Will cause snmp trap when triggered last triggered at 0days 00h 00m 00s Step 6 Configure the alarmTable for unicast packets Sample the unicast packets eve...

Страница 66: ...y 1 buckets 10 interval 30 owner User01 rmon event 1 description logevent log owner User01 rmon event 2 description prialarmevent trap public owner User01 rmon alarm 1 1 3 6 1 2 1 2 2 1 11 4 30 absolute rising threshold 10000 1 falling threshold 100 2 owner User01 return Huawei AR150 200 Series Enterprise Routers Configuration Guide Network Management 2 RMON Configuration Issue 02 2012 03 30 Huawe...

Страница 67: ...cribes the usage scenarios of the LLDP feature and TLV types supported by the AR150 200 3 3 Configuring LLDP This section describes how to configure LLDP 3 4 Maintaining LLDP This section describes how to clear LLDP statistics and monitor LLDP status 3 5 Configuration Examples This section provides LLDP configuration examples Huawei AR150 200 Series Enterprise Routers Configuration Guide Network M...

Страница 68: ... information about configuration conflicts The Layer 2 discovery protocol precisely discovers the interfaces on each device and obtains connection information between devices In addition it displays the paths between clients switches routers application servers and network servers The Layer 2 information helps you quickly know the device topology detect configuration conflicts between devices and ...

Страница 69: ...me system description port description system capability and management address LLDP Agent An LLDP agent manages LLDP operations for an interface The LLDP agent performs the following operations l Maintains information in the LLDP local system MIB l Obtains and sends LLDP local system MIB information to neighbor devices when the status of the local device status changes If the local device status ...

Страница 70: ... C2 00 00 0E l SA indicates the bridge MAC address of the neighbor device l LLDP Ethertype indicates the LLDP packet type If a packet contains this field it is an LLDP packet and it is sent to the LLDP module The value of this field is 0x88CC l LLDPDU indicates the LLDP data unit It is the major content of an LLDP packet l FCS indicates the Frame Check Sequence LLDPDU in the LLDP packet contains t...

Страница 71: ...tween two routers or the interfaces between a router and a media endpoint ME are directly connected so each interface has only one neighbor As shown in Figure 3 4 RouterA is directly connected to RouterB and ME Each interface on RouterA and RouterB has only one neighbor Figure 3 4 Each interface has only one neighbor Internet Router A RouterB ME NMS Networks Where an Interface Has Multiple Neighbo...

Страница 72: ... LLDPDU 10 10 10 2 10 10 10 3 10 10 10 1 Networks Where Link Aggregation Is Configured As shown in Figure 3 6 a link aggregation group is configured between the routers Each interface in the link aggregation group has only one neighbor Figure 3 6 Link aggregation is configured on the network RouterA RouterB Enterprise User Enterprise User Network NMS Eth Trunk Huawei AR150 200 Series Enterprise Ro...

Страница 73: ...n System Name TLV Device name l Organizationally Specific TLV defined in 802 1 Type Description Port VLAN TLV VLAN ID of an interface Port protocol VLAN TLV Protocol VLAN ID of an interface VLAN Name TLV VLAN name Protocol identity TLV Protocol types supported by an interface l Organizationally Specific TLV defined in 802 3 Type Description Link Aggregation TLV Whether a port supports link aggrega...

Страница 74: ...tended Power via MDI TLV Power capability of the device By default LLDP advertises all types of TLVs except the Location Identification TLV 3 3 Configuring LLDP This section describes how to configure LLDP 3 3 1 Establishing the Configuration Task Applicable Environment The LLDP function on network devices allows the NMS to obtain device topology management addresses device identifications and int...

Страница 75: ...face 6 Optional Delay to send neighbor change traps to the NMS 3 3 2 Enabling Global LLDP After LLDP is enabled on the router and its neighbors the router and its neighbors obtain status information of each other by exchanging LLDP packets The NMS obtains Layer 2 connection status from the router for network topology analysis Procedure Step 1 Run system view The system view is displayed Step 2 Run...

Страница 76: ... LLDP can exist in the same Eth Trunk l LLDP can be enabled and disabled only on the physical interfaces such as Ethernet interfaces but cannot be used on logical interfaces such as VLANIF interfaces and Eth Trunk Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run undo lldp enable LLDP is dis...

Страница 77: ...erfaces Context To enable an interface to send the 802 3 Power via MDI TLV run the lldp tlv enable dot3 tlv power command The 802 3 Power via MDI TLV has the following formats l 802 1ab format TLV type TLV information string length 802 3 OUI MDI power support PSE power pair power class l 802 3at format TLV type TLV information string length 802 3 OUI MDI power support PSE power pair power class ty...

Страница 78: ...LV you must disable the other types of LLDP MED TLVs first To disable the MAC PHY Configuration Status TLVs you must disable the LLDP MED Capabilities TLV first l The 802 3 MAC PHY Configuration Status TLVs are advertised automatically after the LLDP MED Capabilities TLV is advertised l If you disable the LLDP MED TLVs and use the all keyword the MAC PHY Configuration Status TLVs are not disabled ...

Страница 79: ...wever if the delay is too long the device cannot notify neighbors of its status in time and the NMS cannot discover the network topology changes in real time l A short delay increases the LLDP packet transmission frequency and enables the NMS to discover network topology changes in real time However if the delay is too short the LLDP packets are exchanged frequently and thus the system load is inc...

Страница 80: ... topology flapping However if the value is too large the device cannot notify neighbors of its status in time and the NMS cannot discover the network topology changes in real time l A small value of the delay enables the NMS to discover topology change in time However if the value is too small the neighbors update device information too frequently This increases the load on the system and wastes r...

Страница 81: ...lldp trap interval interval The delay to send neighbor change traps to the NMS is set The default value is 5 in seconds End 3 3 7 Optional Enabling the LLDP Trap Function To send traps to the NMS when the neighbor information changes you must enable the trap function on the router Context After the trap function is enabled the router sends traps to the NMS in one of the following cases l The LLDP ...

Страница 82: ...interface number command to view neighbor information of an interface l Run the display lldp neighbor brief command to view brief information about neighbors l Run the display lldp tlv config command to view the TLV types supported by the interface End Example Run the display lldp local command The following information shows the LLDP status in the system and on the interface LLDP management addre...

Страница 83: ...d 0 Remote Neighbors Aged 0 Total Neighbors 2 Port information Interface Ethernet0 0 0 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Interface Port And Protocol VLAN ID PPVID don t supported Port VLAN ID PVID 1 VLAN name of VLAN 1 VLAN1 Protocol identity STP RSTP MSTP LACP EthOAM CFM Auto negot...

Страница 84: ...2C00 Copyright C 2000 2011 Huawei Technologies Co Ltd System capabilities supported bridge System capabilities enabled bridge Management address type ipV4 Management address 127 0 0 1 Expired time 104s Port VLAN ID PVID 1 VLAN name of VLAN 1 VLAN1 Protocol identity STP RSTP MSTP LACP GVRP Auto negotiation supported Yes Auto negotiation enabled Yes OperMau speed 100 duplex Full Power port class PD ...

Страница 85: ...Procedure l Run the reset lldp statistics interface interface type interface number command to clear LLDP statistics End 3 4 2 Monitoring LLDP Status To view LLDP status run the following display commands Procedure l Run the display lldp local interface interface type interface number command to view LLDP status in the entire system or on an interface l Run the display lldp statistics interface in...

Страница 86: ... LLDP management address changes global LLDP is enabled or disabled or the neighbor information changes This ensures that the administrator detects topology changes in time The ME supports the LLDP function Reachable routes exist between the NMS and Routers The SNMP parameters are set on all devices Figure 3 7 Configuring LLDP on the device that has a single neighbor Internet Router A RouterB M E ...

Страница 87: ...p enable Step 4 Verify the configuration Check whether the LLDP function is enabled management addresses are configured and the LLDP trap function is enabled l View the configurations on RouterA RouterA display lldp local System information Chassis type macAddress Chassis ID 00e0 11fc 1710 System name RouterA System description Huawei AR200 Huawei Versatile Routing Platform Software V RP R softwar...

Страница 88: ...days 5 hours 57 minutes 32 seconds Remote Neighbors Added 15 Remote Neighbors Deleted 13 Remote Neighbors Dropped 0 Remote Neighbors Aged 0 Total Neighbors 2 Port information Interface Ethernet0 0 0 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Ethernet0 0 0 Interface Port And Protocol VLAN ID ...

Страница 89: ...erA display lldp neighbor interface ethernet 0 0 0 Ethernet0 0 0 has 1 neighbors Neighbor index 1 Chassis type macAddress Chassis ID 00e0 11fc 1710 Port ID type interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Ethernet0 0 0 Interface System name RouterB System description Huawei AR200 Huawei Versatile Routing Platform Software V RP R software Version 5 100 AR200 V200R002C00 Co...

Страница 90: ...orted Yes Link aggregation enabled No Aggregation port ID 0 Maximum frame Size 9216 MED Device information Device class Network Connectivity HardwareRev AR01SRU3A VER A FirmwareRev 100 SoftwareRev V200R002C00 SerialNum NA Manufacturer name HUAWEI TECH CO LTD Model name NA Asset tracking identifier NA Media policy type Voice Unknown Policy Defined VLAN tagged Yes Media policy VlanID 0 Media policy ...

Страница 91: ...figuring LLDP on the Device That Has Multiple Neighbors After LLDP is configured on the network devices the NMS can obtain the network topology The following example describes how to configure LLDP on the devices that have multiple neighbors Networking Requirements As shown in Figure 3 8 RouterA RouterB and RouterC are connected through an unknown network The unknown network is not managed by the ...

Страница 92: ...NMP packet LLDPDU packet LLDPDU 10 10 10 2 10 10 10 3 10 10 10 1 Configuration Roadmap The configuration roadmap is as follows 1 Enable global LLDP on RouterA RouterB and RouterC 2 Configure management addresses for RouterA RouterB and RouterC Data Preparation To complete the configuration you need the following data l Management addresses for RouterA RouterB and RouterC Procedure Step 1 Enable gl...

Страница 93: ...formation Chassis type macAddress Chassis ID 00e0 11fc 1710 System name RouterA System description Huawei AR200 Huawei Versatile Routing Platform Software V RP R software Version 5 100 AR200 V200R002C00 Copyright C 2000 2011 Huawei Technologies Co Ltd System capabilities supported bridge System capabilities enabled bridge LLDP Up time 2010 11 13 11 40 49 MED system information Device class Network...

Страница 94: ...face Ethernet0 0 0 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Ethernet0 0 0 Interface Port And Protocol VLAN ID PPVID don t supported Port VLAN ID PVID 1 VLAN name of VLAN 1 VLAN1 Protocol identity STP RSTP MSTP LACP EthOAM CFM Auto negotiation supported Yes Auto negotiation enabled Yes Oper...

Страница 95: ...ID type interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Ethernet0 0 0 Interface System name RouterB System description Huawei AR200 Huawei Versatile Routing Platform Software V RP R software Version 5 100 AR200 V200R002C00 Copyright C 2000 2011 Huawei Technologies Co Ltd System capabilities supported bridge System capabilities enabled bridge Management address type ipV4 Manag...

Страница 96: ...SRU3A VER A FirmwareRev 100 SoftwareRev V200R002C00 SerialNum NA Manufacturer name HUAWEI TECH CO LTD Model name NA Asset tracking identifier NA Media policy type Voice Unknown Policy Defined VLAN tagged Yes Media policy VlanID 0 Media policy L2 priority 6 Media policy Dscp 46 Power Type Unknown PoE PSE power source Unknown Port PSE Priority Unknown Port Available power value 2 l View the configur...

Страница 97: ...e Network Where Link Aggregation Is Configured After LLDP is configured on the interfaces of network devices the NMS can obtain the network topology The following example describes how to configure LLDP on the network where link aggregation is configured Networking Requirements As shown in Figure 3 9 RouterA and RouterB need to be connected by an Eth Trunk The NMS needs to obtain the Layer 2 infor...

Страница 98: ... following data l Management address 10 10 10 1 for RouterA and management address 10 10 10 2 for RouterB l Number of the Eth Trunk between RouterA and RouterB and numbers of the interfaces added to the Eth Trunk Procedure Step 1 Configure the Eth Trunk between RouterA and RouterB Configure RouterA Huawei system view Huawei sysname RouterA RouterA vlan batch 100 RouterA interface eth trunk 1 Route...

Страница 99: ...A Least Active linknumber 1 Max Bandwidth affected linknumber 8 Operate status up Number Of Up Port In Trunk 3 PortName Status Weight Ethernet0 0 0 Up 1 Ethernet0 0 1 Up 1 Ethernet0 0 2 Up 1 View the LLDP configurations RouterA display lldp local System information Chassis type macAddress Chassis ID 00e0 11fc 1710 System name RouterA System description Huawei AR200 Huawei Versatile Routing Platfor...

Страница 100: ...e Last Change Time 0 days 5 hours 57 minutes 32 seconds Remote Neighbors Added 15 Remote Neighbors Deleted 13 Remote Neighbors Dropped 0 Remote Neighbors Aged 0 Total Neighbors 2 Port information Interface Ethernet0 0 0 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 0 Port description HUAWEI AR Series Ethernet0 0 0 Interface Port ...

Страница 101: ... Port PSE Priority Unknown Port Available power value 2 Interface Ethernet0 0 1 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 1 Port description HUAWEI AR Series Ethernet0 0 1 Interface Port And Protocol VLAN ID PPVID don t supported Port VLAN ID PVID 1 VLAN name of VLAN 1 VLAN1 Protocol identity STP RSTP MSTP LACP EthOAM CFM Aut...

Страница 102: ... 46 Power Type Unknown PoE PSE power source Unknown Port PSE Priority Unknown Port Available power value 2 Interface Ethernet0 0 2 LLDP Enable Status enabled default is disabled Total Neighbors 1 Port ID subtype interfaceName Port ID Ethernet0 0 2 Port description HUAWEI AR Series Ethernet0 0 2 Interface Port And Protocol VLAN ID PPVID don t supported Port VLAN ID PVID 1 VLAN name of VLAN 1 VLAN1 ...

Страница 103: ...nID 0 Media policy L2 priority 6 Media policy Dscp 46 Power Type Unknown PoE PSE power source Unknown Port PSE Priority Unknown Port Available power value 2 View the neighbor information of RouterA RouterA display lldp neighbor brief Local Intf Neighbor Dev Neighbor Intf Exptime Eth0 0 0 RouterB Eth0 0 0 115 Eth0 0 1 RouterB Eth0 0 1 115 Eth0 0 2 RouterB Eth0 0 2 115 l View the configurations on R...

Страница 104: ...nk 1 return l Configuration file of RouterB sysname RouterB interface Ethernet0 0 8 ip address 10 10 10 2 255 255 255 0 vlan batch 100 lldp enable lldp management address 10 10 10 2 interface Eth Trunk1 port link type trunk port trunk allow pass vlan 100 interface Ethernet0 0 0 eth trunk 1 interface Ethernet0 0 1 eth trunk 1 interface Ethernet0 0 2 eth trunk 1 return Huawei AR150 200 Series Enterp...

Страница 105: ...o manage it During connection setup the CPE or ACS needs to be authenticated The connection can be set up only after the CPE or ACS is authenticated After the connection is set up the ACS invokes Remote Procedure Call RPC methods to manage and maintain the CPE 4 3 Configuring CWMP This section describes how to configure CWMP 4 4 Configuration Examples This chapter provides CWMP configuration examp...

Страница 106: ...ows the CWMP network model Figure 4 1 CWMP network model IP Network CPE ACS DNS Server DHCP Server A CWMP network model consists of l ACS manages and maintains CPEs on the network l CPE managed by the ACS l DNS server defines that an ACS and a CPE use URL to identify and access each other DNS resolves the URL l DHCP server assigns IP addresses to ACSs and CPEs and sets parameters for CPEs by using...

Страница 107: ... an ACS An ACS can initiate a Connect Request to a CPE at any time After the CPE authenticates the request a session can be set up This mode requires that the CPE have successfully set up a connection with the ACS The ACS then stores the IP address of the CPE in its own address list so that the ACS can initiate connections with the CPE SSL Security Socket Layer SSL is a security protocol developed...

Страница 108: ...nce and functions Therefore an ACS must be able to identify each type of CPE and monitor the configurations and configuration changes of each CPE CWMP allows network administrators to define monitoring parameters and obtain the CPE status and statistics by using an ACS NOTE The configurations on the ACS are not mentioned here 4 3 Configuring CWMP This section describes how to configure CWMP 4 3 1 ...

Страница 109: ...he CWMP function is enabled Procedure Step 1 Run system view The system view is displayed Step 2 Run cwmp The CWMP view is displayed Step 3 Run cwmp enable The CWMP function is enabled End 4 3 3 Configuring CWMP Auto Connection To allow the ACS to manage the CPE set up a connection between the ACS and the CPE Context How a CPE obtains the URL of ACS To set up a connection with an ACS the CPE must ...

Страница 110: ...the CPE and the ACS are allowed to initiate connections This avoids the need for a persistent connection to be maintained between each CPE and an ACS The following configuration procedure shows how a CPE initiates a connection with the ACS To set up a connection the CPE sends Inform messages to the ACS You can configure the CPE to automatically send Inform messages to the ACS by setting Inform mes...

Страница 111: ...orm messages periodically 1 Run cwmp cpe inform interval enable The CPE is enabled to periodically send Inform messages By default the CPE does not periodically send Inform messages 2 Run cwmp cpe inform interval The interval at which a CPE sends Inform messages is set By default a CPE sends an Inform message every 600 seconds l Sending an Inform message at a specified time 1 Run cwmp cpe inform t...

Страница 112: ...he CPE authenticates the ACS After the ACS sends an HTTP packet containing the IP address of the CPE the CPE authenticates the ACS by using the user name and password After being authenticated the ACS can set up a connection with the CPE Maximum number of connection attempts If the CPE fails to set up a connection with the ACS or a connection is torn down unexpectedly the CPE can be configured to ...

Страница 113: ... to retry a connection is set By default the maximum number of attempts is 3 Step 7 Run cwmp cpe wait timeout seconds The close wait timer of the CPE is set By default the close wait timer is 30 seconds End 4 3 5 Configuring CWMP SSL CWMP SSL ensures communication security and data integrity between the ACS and CPE Context Security Socket Layer SSL is a security protocol developed by Netscape It u...

Страница 114: ...rt path2 ssl policy policy name The CPE is configured to validate the certificate from the ACS NOTE The system time must be correctly set otherwise certificate validation may fail To use a new certificate uninstall the existing certificate first Before configuring a CPE to authenticate the ACS using an SSL policy run the ssl policy policy name type client command to configure the SSL policy on the...

Страница 115: ...rmation is set by user ACS username newacsname ACS password newacspsw Connection status connected Time of last successful connection 2010 12 01T20 00 00 4 4 Configuration Examples This chapter provides CWMP configuration examples 4 4 1 Example for Configuring CWMP By using the CWMP function an ACS can manage CPEs Networking Requirements As shown in Figure 4 2 multiple hosts in Enterprise A access ...

Страница 116: ...t to the ACS Router cwmp cwmp acs url http www acs com 80 acs Enable the Router to send Inform messages Router cwmp cwmp cpe inform interval enable Set the interval at which the Router sends Inform messages to 1000 seconds Router cwmp cwmp cpe inform interval 1000 Configure the Router to send an Inform message at 2011 01 01 20 00 00 Router cwmp cwmp cpe inform time 2011 01 01T20 00 00 Step 4 Set C...

Страница 117: ...e URL of the ACS status of the connection between the CPE and the ACS and time when the last connection is set up Router display cwmp status CWMP is enabled ACS URL http www acs com 80 acs ACS information is set by user ACS username newacsname ACS password newacspsw Connection status connected Time of last successful connection 2010 12 01T20 00 00 End Configuration Files Configuration file of the ...

Страница 118: ...ibes how to configure NTP security mechanisms to guarantee reliable clock synchronization on networks demanding high security 5 4 NTP Configuration Examples This section provides examples for configuring NTP and illustrates the networking requirements configuration roadmap and configuration notes You can better understand the configuration procedures with the help of the configuration flowchart Hu...

Страница 119: ...art of all the routers in a network requires the clocks of all the routers be consistent l Several systems working together on the same complicate event Systems have to take the same clock for reference to ensure a proper sequence of implementation l Incremental backup between the backup server and clients Clocks on the backup server and clients should be synchronized l User login time Some applic...

Страница 120: ...RouterA 10 00 00am NTP Packet received at 10 00 03 RouterA RouterA RouterA RouterB RouterB RouterB Step1 Step2 Step3 Step4 Network RouterB NTP packet NTP packet 11 00 01am 10 00 00am NTP packet 11 00 01am 10 00 00am 11 00 02am Network Network Network The process of synchronizing system clocks is as follows 1 Router A sends an NTP packet to Router B The packet carries the originating timestamp when...

Страница 121: ...ode In this mode you need to configure only the client The server needs to be configured with only one NTP primary clock Note that the client can be synchronized to the server but the server cannot be synchronized to the client After the configuration the following actions occur 1 The client sends a synchronization request packet to the server with the mode field being set to 3 The value 3 indicat...

Страница 122: ...erver and the client After the configurations the following actions occur l The server periodically sends clock synchronization packets to the configured multicast address By default the multicast address is 224 0 1 1 l The client senses multicast packets from the server l After receiving the first multicast packet to estimate the network delay the client enables a temporary Client Server model fo...

Страница 123: ...ing to the operation mode l Client Server mode IP address of the server and the VPN instance that the server belongs to l Peer mode IP address of the symmetric passive end and the VPN instance that it belongs to l Broadcast mode interfaces to send and receive broadcast NTP packets and the maximum sessions set up dynamically on the client l Multicast mode IP address of the multicast group the TTL v...

Страница 124: ...er Context Commonly specify the IP address of the NTP server on the client The client and server can then exchange NTP packets using this IP address If the source interface to send NTP packets is specified on the server the IP address of the server configured on the client should be the same otherwise the client cannot process NTP packets sent from the server and clock synchronization fails Proced...

Страница 125: ... ipv6 source interface interface type interface number vpn instance vpn instance name The local source interface that sends NTP packets is specified End 5 2 4 Configuring the Peer Mode This part describes how to configure the NTP peer mode In this mode clocks on the two peers synchronize with each other based on the stratum Each side can send the clock synchronization request message to the peer a...

Страница 126: ... packets using this IP address If the source interface to send NTP packets is specified on the symmetric active end the IP address of the NTP peer configured on the symmetric passive end should be the same otherwise the passive end cannot process NTP packets sent from the active end and clock synchronization fails End 5 2 5 Configuring the Broadcast Mode This part describes how to configure the NT...

Страница 127: ...ult a maximum of 100 NTP sessions can be set up dynamically After the configurations the local router senses the broadcast NTP packets sent from the server and synchronizes the local clock Running the ntp service max dynamic sessions command does not affect the existence of NTP sessions When the number of the sessions reaches or exceeds the maximum the new session cannot be set up further End 5 2 ...

Страница 128: ... client ip address The local router is set to be an NTP multicast client Step 2 is optional By default up to 100 NTP sessions can be set up dynamically After the configurations the local router senses the multicast NTP packets sent from the server and synchronizes the local clock Running the ntp service max dynamic sessions command does not affect the existence of NTP sessions When the number of t...

Страница 129: ...the display ntp service trace command to view the summary information on each passing NTP server when tracing from the local device to the reference clock source End Example Run the display ntp service status command to view the status of the NTP service Huawei display ntp service status clock status synchronized clock stratum 2 reference clock ID LOCAL 0 nominal frequency 60 0002 Hz actual freque...

Страница 130: ...authority and NTP authentication l Access authority Access authority is a type of simple security method provided by the AR150 200 to protect local NTP services The AR150 200 provides four access authority levels When an NTP access request packet reaches the local end it is matched in an order from the minimum access authority to the maximum access authority The first matched authority level takes...

Страница 131: ...make the server and client reachable l Configuring ACL rules if the access authority is configured Data Preparation To configure NTP security mechanisms you need the following data No Data 1 ACL rules 2 Shared key and its ID that are used in NTP authentication 3 NTP primary clock and its stratum 4 Interfaces that send and receive NTP packets 5 NTP version 5 3 2 Setting NTP Access Authorities When ...

Страница 132: ...the client with the server NTP multicast client NTP broadcast mode Synchronizing the client with the server NTP broadcast client End 5 3 3 Enabling NTP Authentication This part describes how to set NTP Autokey authentication and MD5 authentication on the device Context NTP client synchronizes to authenticated NTP servers to ensure that time service is reliable across the network Authentication pre...

Страница 133: ...client Procedure Step 1 Run system view The system view is displayed Step 2 Run ntp service unicast server ip address authentication keyid key id version number source interface interface type interface number vpn instance vpn instance name preference The ID of the authentication key used for the synchronization of the server and client clocks is configured End 5 3 5 Configuring NTP Authentication...

Страница 134: ... 2 Run interface interface type interface number The interface to send broadcast NTP packets is configured Step 3 Run quit The system view is displayed Step 4 Run ntp service broadcast server authentication keyid key id version number The ID of the authentication key used by the NTP broadcast server is configured For configuring the broadcast client see Configuring the Broadcast Mode End 5 3 7 Con...

Страница 135: ...rvice sessions verbose command to view the status of NTP sessions End Example Run the display ntp service status command to view the status of the NTP service Huawei display ntp service status clock status synchronized clock stratum 2 reference clock ID LOCAL 0 nominal frequency 60 0002 Hz actual frequency 60 0002 Hz clock precision 2 18 clock offset 0 0000 ms root delay 0 00 ms root dispersion 0 ...

Страница 136: ...tion cannot be passed Networking Requirements As shown in Figure 5 2 l RouterA functions as a unicast NTP server The clock on it functions as a primary NTP clock with the stratum being 2 l RouterB functions as a unicast NTP client Its clock needs to be synchronized with the clock on RouterA l RouterC and RouterD function as NTP clients of RouterB l Enable NTP authentication NOTE AR150 200 is Route...

Страница 137: ...TP authentication configure the authentication key and declare the key to be reliable RouterA ntp service authentication enable RouterA ntp service authentication keyid 42 authentication mode md5 Hello RouterA ntp service reliable authentication keyid 42 Note that authentication keys configured on the server and the client should be the same Step 3 Configure a primary NTP clock on RouterB and enab...

Страница 138: ...k on RouterB View the NTP status on RouterC and find that the clock is synchronized The stratum of the clock is 4 one stratum lower than that on RouterB RouterC display ntp service status clock status synchronized clock stratum 4 reference clock ID 10 0 0 1 nominal frequency 60 0002 Hz actual frequency 60 0002 Hz clock precision 2 18 clock offset 3 8128 ms root delay 31 26 ms root dispersion 74 20...

Страница 139: ...s 10 0 0 1 255 255 255 0 interface GigabitEthernet2 0 0 ip address 10 0 1 1 255 255 255 0 ospf 1 area 0 0 0 0 network 10 0 1 0 0 0 0 255 network 10 0 0 0 0 0 0 255 ntp service authentication enable ntp service authentication keyid 42 authentication mode md5 ENC 8HX Q Q MAF4 1 ntp service reliable authentication keyid 42 ntp service unicast server 2 2 2 2 authentication keyid 42 return l Configurat...

Страница 140: ... That is RouterD functions as the client l RouterE takes RouterD as its symmetric passive end That is RouterE is the symmetric active end Figure 5 3 Networking diagram of the NTP peer mode Router C Router D Router E Eth1 0 0 10 0 1 1 24 Eth1 0 0 10 0 1 2 24 Eth1 0 0 10 0 1 3 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure the clock on RouterC to be the NTP primary cloc...

Страница 141: ...n RouterC RouterD display ntp service status clock status synchronized clock stratum 3 reference clock ID 10 0 1 1 nominal frequency 64 0029 Hz actual frequency 64 0029 Hz clock precision 2 7 clock offset 0 0000 ms root delay 62 50 ms root dispersion 0 20 ms peer dispersion 7 81 ms reference time 06 52 33 465 UTC Mar 7 2006 C7B7AC31 773E89A8 Step 3 Configure the unicast NTP peer mode On RouterE co...

Страница 142: ...figuration file of RouterE sysname RouterE interface Ethernet1 0 0 ip address 10 0 1 3 255 255 255 0 ntp service unicast peer 10 0 1 2 return 5 4 3 Example for Configuring NTP Authentication in Broadcast Mode On a LAN the device with the most precise clock is specified as the NTP server Clocks on other devices synchronize with the clock on the NTP server Networking Requirements As shown in Figure ...

Страница 143: ...es based on Figure 5 4 The detailed procedures are not mentioned here Step 2 Configure an NTP broadcast server and enable NTP authentication on it Set the local clock of RouterA as a primary clock with stratum being 3 RouterA system view RouterA ntp service refclock master 3 Enable NTP authentication RouterA ntp service authentication enable RouterA ntp service authentication keyid 16 authenticati...

Страница 144: ... 0 RouterC interface ethernet 1 0 0 RouterC Ethernet1 0 0 ntp service broadcast client RouterC Ethernet1 0 0 quit Step 5 Verify the configuration After the configurations the clock on RouterB and RouterC can be synchronized to the clock on RouterA Check the NTP status on RouterB and you can find that the clock status is synchronized That is clock synchronization completes The stratum of the clock ...

Страница 145: ...nt ntp service authentication enable ntp service authentication keyid 16 authentication mode md5 ENC 8HX Q Q MAF4 1 ntp service reliable authentication keyid 16 return 5 4 4 Example for Configuring Multicast Mode In a multicast domain the device with the most precise clock is specified as the NTP server Clocks on other devices synchronize with the clock on the NTP server Networking Requirements As...

Страница 146: ... here Step 2 Configure an NTP multicast server Set the local clock on RouterA as an NTP primary clock with stratum 2 RouterA system view RouterA ntp service refclock master 2 Configure RouterA to be an NTP multicast server NTP multicast packets are sent from Eth 1 0 0 RouterA interface ethernet 1 0 0 RouterA Ethernet1 0 0 ntp service multicast server Step 3 Configure RouterB Configure RouterB to b...

Страница 147: ...z actual frequency 60 0002 Hz clock precision 2 18 clock offset 0 66 ms root delay 24 47 ms root dispersion 208 39 ms peer dispersion 9 63 ms reference time 17 03 32 022 UTC Apr 25 2005 C61734FD 800303C0 End Configuration Files l Configuration file of RouterA sysname RouterA ntp service refclock master 2 interface Ethernet1 0 0 ip address 10 1 1 1 255 255 255 0 ntp service multicast server return ...

Страница 148: ... the FTP download performance 6 5 Configuring the FTP Upload Test This section describes how to configure an FTP upload test to check the FTP upload performance 6 6 Configuring the HTTP Test This section describes how to configure a Hypertext Transfer Protocol HTTP test to check the responding speed of the HTTP service in each phase 6 7 Configuring the DNS Test This section describes how to config...

Страница 149: ...he specified service on the network 6 16 Configuring the Trap Function This section describes how to configure the trap function in an NQA test instance After the trap function is configured a trap message is sent to the NMS in case of transmission success or transmission failure 6 17 Configuring Test Results to Be Sent to the FTP Server This section describes how to configure the system to send t...

Страница 150: ...on delay of Domain Name System DNS resolution and ratio of error DNS resolution By controlling these indexes network operators provide users with services of various grades and charges users differently NQA is also an effective tool to diagnose and locate faults in a network 6 1 2 Comparisons Between NQA and Ping This part describes the differences between NQA and Ping tests NQA is the extension a...

Страница 151: ...CP UDP and Jitter tests however you must configure the NQA server An NQA server processes the test packets received from the clients As shown in Figure 6 2 the NQA server responds to the test request packet received from the client through the monitoring function Figure 6 2 Relationship between the NQA client and the NQA server NQA Client NQA Server IP MPLS Network You can create multiple TCP or U...

Страница 152: ... tests immediate timely and delayed Supports several modes of ending tests automatic immediate timely delayed and ending the test when the lifetime of the test expires Supports auto distributing the start time and the test interval when several tests are performed at a time l Supports the auto delay function with which the system resources can be effectively utilized so that tests can be completed...

Страница 153: ... ping command but its output is more detailed Pre configuration Tasks Before configuring the ICMP test configure reachable routes between the NQA client and the tested device Data Preparation To configure the ICMP test you need the following data No Data 1 Administrator name and test name of the NQA test 2 Destination IP address 3 Optional Virtual Private Network VPN instance name source interface...

Страница 154: ...et header excluded of the Echo Request packet run the datasize size command datasize size equals the s option in the ping command l To configure the time to live TTL value run the ttl number command ttl number equals the h option in the ping command l To configure the type of service ToS field in the IP packet header run the tos value command tos equals the tos option in the ping command l To conf...

Страница 155: ...The configurations of the ICMP Test function are complete Context NOTE NQA test results cannot be displayed automatically on a terminal You must run the display nqa results command to view test results By the default the command output contains the records about only the last five test results Procedure Step 1 Run the display nqa results test instance admin name test name command to view the test ...

Страница 156: ...obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment To obtain the following information you can create an NQA DHCP test l Time for a client to set up a connection with a DHCP server l Time for a client to obtain its IP address Pre configuration Tasks Before configuring the DHCP test complete the following tasks l Configuring the ...

Страница 157: ...nal Run the following commands to configure other parameters for the DHCP test For detailed parameter configurations see the chapter Configuring Universal NQA Test Parameters l To set the timeout period of the NQA test run the timeout time command NOTE For the DHCP test the time taken to wait for the response to the probe packet may reach 10 seconds By default the timeout period is 15 seconds You ...

Страница 158: ... By the default the command output contains the records about only the last five tests Procedure Step 1 Run the display nqa results test instance admin name test name command to view the test results on the NQA client End Example Run the display nqa results command If the test is successful the following is displayed l testflag is inactive l The test is finished l Completion success For the DHCP t...

Страница 159: ...his can help you complete the configuration task quickly and accurately Applicable Environment In an FTP download test the local device functions as an NQA FTP client intending to download the specified file from an FTP server The test result contains statistics about each FTP phase including the time to set up an FTP control connection and the time to transport the data Pre configuration Tasks Be...

Страница 160: ...e FTP Download test For detailed parameter configurations see the chapter Configuring Universal NQA Test Parameters l To configure the source IP address run the source address ipv4 ip address command l To configure the FTP source port number run the source port port number command l To configure the FTP destination port number run the destination port port number command l To configure the NQA tes...

Страница 161: ... seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started at a specified time l To perform the NQA test after a certain delay period run the start delay seconds second hh mm ss end at yyyy mm dd hh mm ss delay seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started after a certain delay End 6 4 3 Checking the Configuration ...

Страница 162: ...o configure an FTP upload test to check the FTP upload performance 6 5 1 Establishing the Configuration Task Before configuring an FTP upload test familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment In an FTP upload test the local device...

Страница 163: ...lient Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa test instance admin name test name An NQA test instance is created and the test instance view is displayed Step 3 Run test type ftp The test type is set to FTP Step 4 Run destination address ipv4 ip address The destination IP address is configured Step 5 Optional Perform the following as required to configure other ...

Страница 164: ...th can contain these characters l The file name can contain the extension name but cannot contain the extension name only such as txt l To upload the file with a specified size run the ftp filesize size command The client then automatically creates a file name nqa ftp test txt to upload NOTE During the FTP test select a file with a relatively small size If the file is large the test may fail becau...

Страница 165: ...results command If the test is successful the following is displayed l CtrlConnTime l DataConnTime l SumTime Huawei display nqa results NQA entry admin ftp testflag is inactive testtype is ftp 1 Test 1 result The test is finished SendProbe 1 ResponseProbe 1 Completion success RTD OverThresholds number 0 MessageBodyOctetsSum 448 Stats errors number 0 Operation timeout number 0 System busy operation...

Страница 166: ... client sends the Get or Post packets to an HTTP server to the time the Echo packet sent by the client reaches the HTTP server Pre configuration Tasks Before configuring the HTTP test complete the following tasks l Configuring the HTTP server l Configuring routes between the NQA client and the HTTP server Data Preparation To configure the HTTP test you need the following data No Data 1 Administrat...

Страница 167: ...s run the fail percent percent command l To configure the NQA test packet to be sent without searching the routing table run the sendpacket passroute command Step 6 Run http operation get post The HTTP operation type is configured By default the HTTP operation type is Get Step 7 Run http url deststring verstring The web page to be visited and the HTTP version are configured NOTE When information o...

Страница 168: ...lts test instance admin name test name command to view the test results on the NQA client End Example Run the display nqa results command If the test is successful the following is displayed l DNSRTT indicates the time when the DNS sends a query request l TCPConnectRTT indicates the time when the TCP connection is established l TransactionRTT and RTT indicates the durations of data transmission an...

Страница 169: ...on Tasks Before configuring the DNS test complete the following tasks l Configuring the DNS server l Configuring routes between the NQA client and the DNS server Data Preparation To configure the DNS test you need the following data No Data 1 Administrator name and test name 2 IP address of the DNS server 3 Host name to be resolved 4 Start mode and end mode of the test 6 7 2 Configuring the DNS Te...

Страница 170: ...hh mm ss delay seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started immediately l To perform the NQA test at the specified time run the start at yyyy mm dd hh mm ss end at yyyy mm dd hh mm ss delay seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started at a specified time l To perform the NQA test after a certain delay...

Страница 171: ...erage Completion Time 4 4 4 Sum Square Sum Completion Time 4 16 Last Good Probe Time 2010 06 21 15 40 12 6 Lost packet ratio 0 6 8 Configuring the Traceroute Test This section describes how to configure a traceroute test to check the connectivity to each hop on the network 6 8 1 Establishing the Configuration Task Before configuring a traceroute test familiarize yourself with the applicable enviro...

Страница 172: ...ep 4 Run destination address ipv4 ip address The destination address of the traceroute test is configured Step 5 Run the following commands as required For detailed parameter configurations see the chapter Configuring Universal NQA Test Parameters l To configure the maximum hops run tracert hopfailtimes times l To configure the initial TTL and maximum TTL values of a packet run tracert livetime fi...

Страница 173: ...t you can view the test result Prerequisites The configurations of the traceroute test are complete Context NOTE NQA test results cannot be displayed automatically on the terminal You need to run the display nqa results command to view test results By the default the command output contains the records about only the last five tests Procedure Step 1 Run the display nqa results test instance admin ...

Страница 174: ...he configuration task quickly and accurately Applicable Environment Through the SNMP Query test you can obtain the statistics of the communication between hosts and SNMP agents Pre configuration Tasks Before configuring the SNMP Query test complete the following tasks l Configuring the SNMP agent l Configuring routes between the NQA client and the SNMP agent Data Preparation To configure the SNMP ...

Страница 175: ...ee the chapter Configuring Universal NQA Test Parameters l To configure the VPN instance to be tested run the vpn instance vpn instance name command l To configure the source IP address run the source address ipv4 ip address command l To configure the source port number run the source port port number command l To configure the interval for sending test packets run the interval seconds interval co...

Страница 176: ... results command to view test results By the default the command output contains the records about only the last five tests Procedure Step 1 Run the display nqa results test instance admin name test name command to view the test results on the NQA client End Example Run the display nqa results command If the test is successful the following is displayed Huawei display nqa results NQA entry admin s...

Страница 177: ...ient and the TCP server Data Preparation To configure the TCP test you need the following data No Data 1 Administrator name and test name 2 IP address and port number monitored by the TCP server 3 Optional Destination port numbers of the probe packets sent by the TCP client and source IP addresses source port numbers of test packets interval for sending test packets and percentage of the failed NQ...

Страница 178: ...p address The destination IP address is configured Step 5 To configure the destination port number run the destination port port numbercommand Step 6 Optional Perform the following as required to configure other parameters for the TCP test For detailed parameter configurations see the chapter Configuring Universal NQA Test Parameters l To configure the source IP address run the source address ipv4...

Страница 179: ...ate tests are as follows l The TCP Public tests do not require the destination port to be configured on the client Connection requests are initiated and sent to the TCP port 7 of the destination address The server should monitor the TCP port 7 l The TCP Private tests require the destination port be specified and the related monitoring services enabled on the server End 6 10 4 Checking the Configur...

Страница 180: ...ore configuring a UDP test familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment To obtain the time for the specified port to respond to a UDP connection request you can create a UDP test instance Pre configuration Tasks Before configuring...

Страница 181: ...ose configured on the client End 6 11 3 Configuring the UDP Client This part describes how to set UDP test parameters Context Do as follows on the NQA client UDP client Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa test instance admin name test name An NQA test instance is created and the test instance view is displayed Step 3 Run test type udp The test type is set t...

Страница 182: ...elay seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started immediately l To perform the NQA test at the specified time run the start at yyyy mm dd hh mm ss end at yyyy mm dd hh mm ss delay seconds second hh mm ss lifetime seconds second hh mm ss command The test instance is started at a specified time l To perform the NQA test after a certain delay period ru...

Страница 183: ...tter test only when both the client and the server are Huawei devices 6 12 1 Establishing the Configuration Task Before configuring a jitter test familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment The jitter time refers to the interval ...

Страница 184: ...mbers of the probe packets sent by the UDP client 4 Optional VPN instance name source IP address and port number of the probe packet sent by the UDP client number of probe packets and test packets sent each time interval for sending probe packets and test packets percentage of the failed NQA tests and version number carried in the Jitter packet 5 Start mode and end mode of the test 6 12 2 Configur...

Страница 185: ... statistics the network administrator can easily detect network faults and malicious attacks Step 3 Run nqa test instance admin name test name An NQA test instance is created and the test instance view is displayed Step 4 Run test type jitter The test type is set to Jitter Step 5 Run destination address ipv4 ip address The destination IP address is configured Step 6 Run destination port port numbe...

Страница 186: ...e fail percent percent command l To send the NQA test packet without searching the routing table run the sendpacket passroute command Step 8 Run start The NQA test is started Select the start mode as required because the start command has several forms l To perform the NQA test immediately run the start now end at yyyy mm dd hh mm ss delay seconds second hh mm ss lifetime seconds second hh mm ss c...

Страница 187: ... Max Positive SD 1 Max Positive DS 1 Positive SD Number 15 Positive DS Number 1 Positive SD Sum 15 Positive DS Sum 1 Positive SD Square Sum 15 Positive DS Square Sum 1 Min Negative SD 1 Min Negative DS 1 Max Negative SD 1 Max Negative DS 1 Negative SD Number 15 Negative DS Number 1 Negative SD Sum 15 Negative DS Sum 1 Negative SD Square Sum 15 Negative DS Square Sum 1 Min Delay SD 0 Min Delay DS 0...

Страница 188: ...m the following steps on the NQA client Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa test instance admin name test name The NQA test instance view is displayed Step 3 Configure global parameters for the test instance as required l Run agetime hh mm ss The aging time is set for the NQA test instance l Run alarm entry number lost packet ratio jitter average jitter ds ...

Страница 189: ...on port number can be configured only for UDP Jitter TCP Trace FTP and HTTP test instances l Run dns server ipv4 ip address The DNS server address is configured for the NQA test instance NOTE The DNS server address can be configured only for DNS and HTTP test instances l Run fail percent percent The failure percentage is set for the NQA test instance NOTE This parameter cannot be configured for Tr...

Страница 190: ... for the HTTP test instance l Run http url deststring verstring The relative file path and version are configured for the HTTP test instance NOTE The relative file path and version can be configured only for the HTTP test instance l Run interval milliseconds interval seconds interval The interval for sending packets is set for the NQA test instance NOTE The interval for sending packets can be conf...

Страница 191: ...ce test instances l Run send trap all owd ds owd sd probefailure rtd testcomplete testfailure The condition for triggering the trap message is configured l Run source address ipv4 ip address The source IP address is set for the NQA test instance NOTE This parameter cannot be configured for DHCP and DNS test instances l Run source interface interface type interface number The source interface is co...

Страница 192: ...l The lifetime is set for the Trace test instance NOTE This parameter can be configured only for Trace test instance l Run vpn instance vpn instance name The VPN instance name is configured for the NQA test instance NOTE This parameter cannot be configured for DNS and DHCP test instance End 6 13 3 Checking the Configuration After setting universal parameters for NQA test instances you can view the...

Страница 193: ...plicable Environment If the round trip transmission delay threshold is configured for a NQA test instance the NQA test result will contain the statistics on the test packets that exceed the set threshold This provides the basis for the network manager to analyze the operation status of the specified service Pre configuration Tasks Before configuring the round trip transmission delay threshold comp...

Страница 194: ... is configured Step 4 Run destination address ipv4 ip address The destination IP address is configured Step 5 Optional Run destination port port number The destination port number is configured Step 6 Run threshold rtd rtd value The round trip transmission delay threshold is configured Step 7 Run send trap rtd The trap function is enabled End 6 14 3 Checking the Configuration After setting the rou...

Страница 195: ...rk manager to analyze the operating status of the specified service on the network 6 15 1 Establishing the Configuration Task Before setting a one way transmission delay threshold familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Applicable Environment In al...

Страница 196: ...yed Step 2 Run nqa test instance admin name test name An NQA test instance is created and the NQA instance view is displayed Step 3 Run test type jitter The test type is configured Step 4 Run destination address ipv4 ip address The destination IP address is configured Step 5 Optional Run destination port port number The destination port number is configured Step 6 Run threshold owd sd owd sd value...

Страница 197: ...e admin jitter test type jitter destination address ipv4 100 1 1 201 destination port 80 send trap probefailure send trap testfailure send trap testcomplete send trap rtd send trap owd sd send trap owd ds threshold owd sd 2000 threshold owd ds 2000 nqa status normal 6 16 Configuring the Trap Function This section describes how to configure the trap function in an NQA test instance After the trap f...

Страница 198: ... exceeds the threshold l For all tests supporting traps if the round trip transmission delay exceeds the threshold and the trap function is enabled trap messages are sent to the NM station with the specified IP address l For all the Jitter tests if the uni directional transmission delay exceeds the threshold and the trap function is enabled trap messages are sent to the NM station with the specifi...

Страница 199: ...ss ipv4 ip address The destination IP address is configured Step 5 Optional Run destination port port number The destination port number is configured Step 6 Run send trap testfailure Sending trap messages when tests fail is enabled By default the trap function is disabled Step 7 Run test failtimes times The number of test failures that trigger sending a trap message is configured By default a tra...

Страница 200: ...at trigger sending a Trap message is configured By default a trap message is sent for each probe failure Step 7 Run send trap probefailure Sending trap messages when probes fail is enabled By default the trap function is disabled End 6 16 4 Sending Trap Messages When Probes Are Complete Successfully A trap message is sent to the NMS when the NQA test is complete successfully Context Do as follows ...

Страница 201: ... Sending Trap Messages When the Transmission Delay Exceeds Thresholds A trap message is sent to the NMS when the test result exceeds the threshold Context Do as follows on the NQA client Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa test instance admin name test name An NQA test instance is created and the test instance view is displayed Step 3 Run test type tcp The ...

Страница 202: ... 1024 Actual buffer size 256 Channel number 3 channel name trapbuffer Dropped messages 0 Overwritten messages 0 Current messages 11 May 6 2009 12 54 17 00 00 CBB6 PE3 SINDEX 4 INDEXMAP OID 1 3 6 1 4 1 2011 5 25 110 2 0 1 ShortIFIndexMapTable changed May 6 2009 11 02 37 00 00 CBB6 PE3 SRM_BASE 4 ENTITYREGSUCCESS OID 1 3 6 1 4 1 2011 5 25 129 2 1 18 Physical entity register succeeded EntityPhysicalI...

Страница 203: ...ration Tasks Before configuring test results to be sent to the FTP server complete the following tasks l Configuring the FTP server l Configuring a reachable route between the NQA client and the NM station l Configuring a test instance Data Preparation To configure test results to be sent to the FTP server you need the following data No Data 1 IP address of the FTP server 2 User name and password ...

Страница 204: ...f Saving NQA Test Results Through FTP The system can send test results to the FTP server only after the FTP server is enabled with the test result saving function Context Do as follows on the NQA client Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa ftp record enable The FTP server is enabled to save test results End 6 17 4 Optional Configuring the Number of Test Resu...

Страница 205: ...he test results sent each time Context Do as follows on the NQA client Procedure Step 1 Run system view The system view is displayed Step 2 Run nqa ftp record time time The duration of saving test results to the FTP server through FTP is configured End 6 17 6 Optional Enabling Alarms to Be Sent to the NM Station After the FTP Transmission Succeeds After test results are successfully saved on the F...

Страница 206: ... admin name test name command enter the NQA test instance view Step 3 Run test type dhcp dns ftp http icmp jitter snmp tcp trace udp The test type is configured Step 4 Run destination address ipv4 ip address The destination IP address is configured Step 5 Optional Run destination port port number The destination port number is configured Step 6 Run start The NQA test is started Select the start mo...

Страница 207: ...sults End Example Run the display nqa ftp record configuration command to check the configuration for saving NQA test results Huawei display nqa ftp record configuration NQA FTP SAVE RECORD CONFIGURATION FUNCTION ENABLE TRAP DISABLE IP ADDRESS 11 1 1 8 VPN INSTANCE USERNAME wang PASSWORD 123 FILENAME icmp ITEM NUM 10010 TIME 2 LAST FINISHED FILENAME icmp20080605 150350 txt 6 18 Configuring a Thres...

Страница 208: ...orresponding to the threshold 2 Number of the alarm threshold 3 Upper threshold 4 Lower threshold 6 18 2 Configuring the Event Corresponding to the Alarm Threshold This part describes the actions that the system needs to perform in response to the threshold exceeding such as generating logs generating traps or generating logs and traps Context Do as follows on the NQA client Procedure Step 1 Run s...

Страница 209: ...tep 6 Run alarm entry number lost packet ratio jitter average jitter ds average jitter sd average packet loss ds packet loss sd rtt average absolute delta falling threshold threshold value1 event entry1 rising threshold threshold value2 event entry2 description description The alarm number and the threshold are configured NOTE At present only the absolute statistics function rather than the relati...

Страница 210: ...started after a certain delay End 6 18 5 Checking the Configuration After the alarm threshold for test results is set you can view the configuration Prerequisites The configurations of the Threshold for the NQA Alarm function are complete Procedure l Run the display nqa event command to check the maximum number of events that can be configured and the number of events that are configured l Run the...

Страница 211: ... 10 nqa status normal 6 19 Maintaining NQA This section describes how to maintain an NQA test instance You can restart the test instance and clear the statistics on the test result to maintain a test instance 6 19 1 Restarting NQA Test Instances If a test instance fails you can try to restart the test instance in the next test period Prerequisites To restart an NQA test instance run the following ...

Страница 212: ... Examples This section provides examples for configuring NQA and illustrates the networking requirements configuration roadmap and configuration notes You can better understand the configuration procedures with the help of the configuration flowchart 6 20 1 Example for Configuring the ICMP Test This part provides examples for configuring an ICMP test to check the IP network connectivity Networking...

Страница 213: ...esttype is icmp 1 Test 1 result The test is finished Send operation times 3 Receive response times 3 Completion success RTD OverThresholds number 0 Attempts number 1 Drop operation number 0 Disconnect operation number 0 Operation timeout number 0 System busy operation number 0 Connection fail number 0 Operation sequence errors number 0 RTT Stats errors number 0 Destination ip address 10 1 1 2 Min ...

Страница 214: ... the NQA client 2 Create and perform the DHCP test on Router A to check whether Router A can set up a connection with Router B and obtain an IP address from Router B Data Preparation To complete the configuration you need the following data l IP address of the DHCP server l Source interface l Timeout period Procedure Step 1 Configure the IP address The detailed procedure is not mentioned here Step...

Страница 215: ...figuration file of Router A sysname RouterA interface Ethernet1 0 0 ip address dhcp alloc nqa test instance admin dhcp test type dhcp timeout 20 source interface Ethernet1 0 0 return l Configuration file of Router B sysname RouterB ip pool 1 network 10 1 1 0 mask 255 255 255 0 interface Ethernet1 0 0 ip address 10 1 1 2 255 255 255 0 return 6 20 3 Example for Configuring the FTP Download Test This...

Страница 216: ...t mentioned here Step 2 Configure Router B as the FTP server RouterB system view RouterB ftp server enable RouterB aaa RouterB aaa local user user1 password cipher hello RouterB aaa local user user1 service type ftp RouterB aaa local user user1 ftp directory flash RouterB aaa quit Step 3 Create an NQA FTP test on Route A RouterA system view RouterA nqa test instance admin ftp RouterA nqa admin ftp...

Страница 217: ... ftp test type ftp destination address ipv4 10 1 1 2 source address ipv4 10 1 1 1 ftp filename test txt ftp username user1 ftp password hello return l Configuration file of Router B sysname RouterB FTP server enable interface GigabitEthernet1 0 0 ip address 10 1 1 2 255 255 255 0 aaa local user user1 password cipher 3MQ TZ O3KCQ Q MAF4 1 local user user1 service type ftp local user user1 ftp direc...

Страница 218: ... reachable routes between Router A Router B and Router C The detailed procedure is not mentioned here Step 2 Configure Router C as the FTP server RouterC system view RouterC ftp server enable RouterC aaa RouterC aaa local user user1 password cipher hello RouterC aaa local user user1 service type ftp RouterC aaa local user user1 ftp directory flash RouterC aaa quit Step 3 Create an NQA FTP test on ...

Страница 219: ...s displayed RouterC dir Directory of flash 0 rw 331 Jul 06 2007 18 34 34 private data txt 1 rw 1024000 Jul 06 2007 18 37 06 nqa ftp test txt 2540 KB total 1536 KB free End Configuration Files l Configuration file of Router A sysname RouterA interface Ethernet1 0 0 ip address 10 1 1 1 255 255 255 0 nqa test instance admin ftp test type ftp destination address ipv4 10 2 1 2 source address ipv4 10 1 ...

Страница 220: ...gure 6 7 Networking diagram of the HTTP test Router A Eth1 0 0 10 1 1 1 24 10 2 1 1 24 HTTP Server IP Network Configuration Roadmap The configuration roadmap is as follows 1 Configure Router A as an NQA client 2 Create and perform an HTTP test on Router A to check whether Router A can set up a connection with the HTTP server and to obtain the time of file transferring between Router A and the HTTP...

Страница 221: ...mber 0 TcpConnError number 0 System busy operation number 0 DNSRTT Sum Min Max 0 0 0 TCPConnectRTT Sum Min Max 4 1 2 TransactionRTT Sum Min Max 3 1 1 RTT Sum Min Max Avg 7 2 3 2 DNSServerTimeout 0 TCPConnectTimeout 0 TransactionTimeout 0 Lost packet ratio 0 End Configuration Files The configuration file of Router A is as follows sysname RouterA interface Ethernet1 0 0 ip address 10 1 1 1 255 255 2...

Страница 222: ...ed The detailed procedure is not mentioned here Step 2 Create an NQA DNS test Router system view RouterA dns resolve RouterA dns server 10 3 1 1 RouterA nqa test instance admin dns RouterA nqa admin dns test type dns RouterA nqa admin dns dns server ipv4 10 3 1 1 RouterA nqa admin dns destination address url server com Step 3 Start the test RouterA nqa admin dns start now Step 4 View the test resu...

Страница 223: ...rver ipv4 10 3 1 1 ip route static 10 3 1 0 255 255 255 0 10 1 1 2 ip route static 10 2 1 0 255 255 255 0 10 1 1 2 return 6 20 7 Example for Configuring the Traceroute Test This part provides examples for configuring a traceroute test to check the connectivity between the client and devices along the transmission path Networking Requirements As shown in Figure 6 9 perform the Traceroute test on Ro...

Страница 224: ... admin trace testflag is inactive testtype is trace 1 Test 1 result The test is finished Completion success Attempts number 1 Disconnect operation number 0 Operation timeout number 0 System busy operation number 0 Connection fail number 0 Operation sequence errors number 0 RTT Stats errors number 0 Drop operation number 0 Last good path Time 2009 3 28 10 52 39 9 1 Hop 1 Send operation times 3 Rece...

Страница 225: ...y Test This part provides examples for configuring a traceroute test to check the SNMP communications between the client and the SNMP agent Networking Requirements As shown in Figure 6 10 RouterA and Router C functions as an SNMP agent It is required to perform an NQA SNMP Query test to obtain the time from when routerA sends an SNMP query packet to when Router A receives an Echo packet NOTE AR150...

Страница 226: ... Step 5 Start the test RouterA nqa admin snmp start now Step 6 View the test results RouterA nqa admin snmp display nqa results test instance admin snmp NQA entry admin snmp testflag is inactive testtype is snmp 1 Test 1 result The test is finished Send operation times 3 Receive response times 3 Completion success RTD OverThresholds number 0 Attempts number 0 Drop operation number 0 Disconnect ope...

Страница 227: ... 000007DB7F00000100006294 return 6 20 9 Example for Configuring the TCP Test This part provides examples for configuring a TCP test to check the TCP communications between the client and the server Networking Requirements As shown in Figure 6 11 it is required to perform an NQA TCP Private test to obtain the time taken by Router A to set up a TCP connection with Router C NOTE AR150 200 is RouterA ...

Страница 228: ...in tcp destination address ipv4 10 2 1 2 RouterA nqa admin tcp destination port 9000 Step 4 Start the test RouterA nqa admin tcp start now Step 5 View the test results RouterA nqa admin tcp display nqa results test instance admin tcp NQA entry admin tcp testflag is inactive testtype is tcp 1 Test 1 result The test is finished Send operation times 3 Receive response times 3 Completion success RTD O...

Страница 229: ... 0 255 255 255 0 10 2 1 1 return 6 20 10 Example for Configuring the UDP Test This part provides examples for configuring a UDP test to check the UDP communications between the client and the server Networking Requirements As shown in Figure 6 12 it is required to perform an NQA UDP Public test to obtain the RTT of a UDP packet transmitted between Router A and Router C NOTE AR150 200 is RouterA Fi...

Страница 230: ...in udp destination address ipv4 10 2 1 2 RouterA nqa admin udp destination port 6000 Step 4 Start the test RouterA nqa admin udp start now Step 5 View the test results RouterA nqa admin udp display nqa results test instance admin udp NQA entry admin udp testflag is inactive testtype is udp 1 Test 1 result The test is finished Send operation times 3 Receive response times 3 Completion success RTD O...

Страница 231: ...tatic 10 1 1 0 255 255 255 0 10 2 1 1 return 6 20 11 Example for Configuring the Jitter Test This part provides examples for configuring a jitter test to measure jitter on the network Networking Requirements As shown in Figure 6 13 it is required to perform an NQA Jitter test to obtain the jitter time of the packet transmitted from Router A to Router C NOTE AR150 200 is RouterA Figure 6 13 Network...

Страница 232: ...tep 4 Start the test RouterA nqa admin jitter start now Step 5 View the test results RouterA nqa admin jitter display nqa results test instance admin jitter NQA entry admin jitter testflag is inactive testtype is jitter 1 Test 1 result The test is finished SendProbe 60 ResponseProbe 60 Completion success RTD OverThresholds number 0 OWD OverThresholds SD number 0 OWD OverThresholds DS number 0 Min ...

Страница 233: ... test instance admin jitter test type jitter destination address ipv4 10 2 1 2 destination port 9000 ip route static 10 2 1 0 255 255 255 0 10 1 1 2 return l Configuration file of Router B sysname RouterB interface Ethernet1 0 0 ip address 10 1 1 2 255 255 255 0 interface Ethernet2 0 0 ip address 10 2 1 1 255 255 255 0 return l Configuration file of Router C sysname RouterC interface Ethernet1 0 0...

Страница 234: ...e NQA client and Router A functions as the NQA server 2 Start the UDP jitter test instance on Router D Data Preparation To complete the configuration you need the following data l IP addresses of Router A and Router D l Code type for simulated VoIP services Procedure Step 1 Configure the NQA server Router A RouterA system view RouterA nqa server udpecho 10 1 1 1 180 Step 2 Configure the NQA client...

Страница 235: ...DS Sum 485 Positive SD Square Sum 1317 Positive DS Square Sum 2455 Min Negative SD 1 Min Negative DS 1 Max Negative SD 16 Max Negative DS 26 Negative SD Number 292 Negative DS Number 285 Negative SD Sum 429 Negative DS Sum 486 Negative SD Square Sum 1235 Negative DS Square Sum 2714 Min Delay SD 5 Min Delay DS 4 Avg Delay SD 6 Avg Delay DS 5 Max Delay SD 19 Max Delay DS 18 Delay SD Square Sum 39901...

Страница 236: ...est type jitter destination address ipv4 10 1 1 1 destination port 180 jitter codec g711a return Huawei AR150 200 Series Enterprise Routers Configuration Guide Network Management 6 NQA Configuration Issue 02 2012 03 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 225 ...

Страница 237: ...he Aggregation Statistics About IPv4 Traffic This section describes how to configure the statistics about IPv4 aggregation traffic passing an interface 7 6 Configuring the Flexible NetStream Feature This section describes how to configure the Flexible NetStream feature to flexibly create NetStream statistics according to records 7 7 Collecting the Statistics of RPF Traffic By configuring the RPF t...

Страница 238: ... IP network communications among different types of services are realized by the transmission of IP packets from one terminal to another Such IP packets constitute a data stream of a particular service on the network Most data streams on the network are ephemeral and bidirectional Based on the destination IP address source IP address destination port number source port number protocol number Type ...

Страница 239: ...e specified packets l Fixed time sampling This indicates that one sampling is performed on packets at a certain interval l Random time sampling This indicates that one sampling is randomly performed on packets in the specified period Versions of Original Traffic and Aggregated Traffic The Huawei AR150 200 Series supports three types of output modes original traffic aggregated traffic and Flexible ...

Страница 240: ...istics collection familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the data required for the configuration This will help you complete the configuration task quickly and accurately Applicable Environment You need to configure the NetStream on an interface to collect statistics about inbound and outbound IPv4 unicast packets respectively The stati...

Страница 241: ...3 3 Setting the Destination Address of the Statistics This section describes how to send the IPv4 unicast traffic statistics to the NMS for analysis Context You cannot export the NetStream statistics without the pre configured source and destination addresses Procedure Step 1 Run system view The system view is displayed Step 2 Run ip netstream export source ip address The source address for export...

Страница 242: ...according to the FIN or RST flag NOTE If multiple aging conditions are configured on the AR150 200 the traffic ages when it meets any condition End 7 3 5 Optional Configuring the Inactive Aging Time The inactive time indicates the interval between the time the last packet arrives and the current time When the inactive time expires the system ages the traffic immediately Procedure Step 1 Run system...

Страница 243: ...The interface view is displayed Step 3 Optional Run ip netstream sampler fix packets packet interval fix time time interval random packets packet interval random time time interval inbound outbound The packet sampling ratio is set on the interface By default an interface samples packets at fixed packet intervals and the packet interval is 100 Step 4 Run ip netstream inbound outbound The NetStream ...

Страница 244: ... 1380000 Origin egress entries 0 Origin egress packets 0 Origin egress octets 0 Origin total entries 30000 Origin total entries 0 Agility ingress entries 0 Agility ingress packets 0 Agility ingress octets 0 Agility egress entries 0 Agility egress packets 0 Agility egress octets 0 Agility total entries 0 Handle origin entries 0 Handle agility entries 0 Handle As aggre entries 0 Handle ProtPort aggr...

Страница 245: ...ng the link layer attributes of the interface l Configuring an IP address for the interface Data Preparation To collect the statistics of the IPv4 multicast original traffic you need the following data No Data 1 Name and number of the interface on which the traffic statistics need to be collected 2 Number of the version in which the traffic collected through NetStream is output 3 IP address and in...

Страница 246: ...ation address of the output statistics is configured You can configure at most two destination IP addresses respectively for the active and the standby NSCs End 7 4 4 Optional Configuring the Inactive Aging Time The inactive time indicates the interval between the time the last packet arrives and the current time When the inactive time expires the system ages the traffic immediately Procedure Step...

Страница 247: ...c statistics need to be collected Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run ip netstream multicast inbound outbound NetStream is enabled for multicast traffic on an interface By default NetStream is disabled for incoming and outgoing IPv4 multicast traffic NetStream can collect the s...

Страница 248: ... Origin egress entries 0 Origin egress packets 0 Origin egress octets 0 Origin total entries 30000 Origin total entries 0 Agility ingress entries 30000 Agility ingress packets 30000 Agility ingress octets 3960000 Agility egress entries 0 Agility egress packets 0 Agility egress octets 0 Agility total entries 30000 Handle origin entries 29035 Handle agility entries 29050 Handle As aggre entries 1 Ha...

Страница 249: ...mplete the configuration you need the following data No Data 1 Name and number of the interface on which traffic statistics need to be collected 2 Version number of exported packets of the NetStream traffic statistics 3 IP addresses and port numbers of the NSC 7 5 2 Configuring the Aggregation Function You can aggregate the original IPv4 unicast traffic statistics based on the as as tos protocol p...

Страница 250: ...f the exported packets is V8 End 7 5 4 Configuring the Export of Statistics This section describes how to send the aggregated IPv4 unicast traffic statistics to the NMS for analysis Procedure Step 1 Run system view The system view is displayed Step 2 Run ip netstream aggregation as as tos destination prefix destination prefix tos prefix prefix tos protocol port protocol port tos source prefix sour...

Страница 251: ...interval between the time the last packet arrives and the current time When the inactive time expires the system ages the traffic immediately Procedure Step 1 Run system view The system view is displayed Step 2 Run ip netstream aggregation timeout inactive inactive interval The inactive aging time of the aggregation traffic is set By default the inactive aging time of the aggregation traffic is 30...

Страница 252: ... tos destination prefix tos prefix tos protocol port tos or source prefix tos run the trust dscp command to configure DSCP priority mapping on the interface Step 5 Run ip netstream inbound outbound The NetStream function is enabled on the interface to collect statistics about IPv4 unicast traffic By default NetStream is disabled for IPv4 traffic End 7 5 8 Checking the Configuration After configuri...

Страница 253: ...ty total entries 30000 Handle origin entries 29035 Handle agility entries 29050 Handle As aggre entries 1 Handle ProtPort aggre entries 1 Handle SrcPrefix aggre entries 118 Handle DstPrefix aggre entries 1 Handle Prefix aggre entries 118 Handle AsTos aggre entries 1 Handle ProtPortTos aggre entries 1 Handle SrcPreTos aggre entries 118 Handle DstPreTos aggre entries 1 Handle PreTos aggre entries 11...

Страница 254: ...created and the record view is displayed Step 3 Run match ipv4 protocol tos source address destination address source port destination port The IPv4 aggregation key words of records are configured Step 4 Run collect counter bytes packets The mode of exporting traffic statistics is configured Step 5 Run collect interface input output The traffic statistics sent to the NSC contain the indexes of the...

Страница 255: ...nation addresses Procedure Step 1 Run system view The system view is displayed Step 2 Run ip netstream export source ip address The source address for exporting statistics is configured Step 3 Run ip netstream export host ip address port number The destination IP address of the exported statistics that is the IP address of the NSC is configured You can configure up to 2 destination addresses to im...

Страница 256: ... 2 Run ip netstream timeout active active interval The active aging time is set By default the active aging time is 30 minutes End 7 6 7 Enabling Flexible NetStream on Interfaces You can collect the statistics on aggregated IPv4 unicast traffic only of the interface enabled with the NetStream function Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type...

Страница 257: ... Run the display ip netstream statistic command to view the NetStream traffic statistics End Example After successful configurations run the display ip netstream all command in the user view to check the configurations Huawei display ip netstream all ip netstream timeout inactive 100 ip netstream export source 100 1 10 10 ip netstream export host 100 1 10 1 100 ip netstream record hwrecord match i...

Страница 258: ... collection familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and accurately Application Environment After RPF is configured some IPv4 multicast packets are discarded because they fail to pass the detection In this case you can collect the statistics of these discarded pac...

Страница 259: ... format is Version 5 with the AS option as peer as The output does not contain the next hop BGP address NOTE Version 5 does not support the output of the next hop of BGP End 7 7 3 Outputting the Statistics This part describes how to send the RPF traffic statistics to the NMS for analysis Context Do as follows on the router on which the statistics of the discarded packets need to be collected Proce...

Страница 260: ...By default the inactive aging time of the original traffic is 30s End 7 7 5 Optional Configuring the Active Aging Time The active time indicates the interval from the time the first packet arrives to the current time After the traffic in the cache expires the system ages the traffic in the cache Procedure Step 1 Run system view The system view is displayed Step 2 Run ip netstream timeout active ac...

Страница 261: ...ip netstream all command to view the NetStream configuration l Run the display ip netstream statistic command to view the NetStream traffic statistics End Example After successful configurations run the display ip netstream all command in the user view to check the configurations Huawei display ip netstream all ip netstream timeout inactive 100 ip netstream export source 100 1 10 10 ip netstream e...

Страница 262: ...s section describes how to clear the NetStream traffic statistics 7 8 1 Resetting the Statistics Collected Through NetStream This part describes how to use the reset ip netstream statistics command to clear the NetStream traffic statistics Note that the cleared information cannot be restored Context CAUTION Statistics cannot be restored after you clear it So confirm the action before you use the c...

Страница 263: ...he interfaces on router 2 Enable NetStream for incoming and outgoing traffic on Router B Data Preparation To complete the configuration you need the following data l IP addresses of the interfaces l Destination address source address and destination interface of the output statistics Procedure Step 1 Configure IP addresses for the interfaces on Router A and Router B The configuration details are n...

Страница 264: ...bound ip netstream outbound End Configuration Files l Configuration file of Router A sysname RouterA interface Ethernet1 0 0 ip address 10 1 1 1 255 255 255 0 return l Configuration file of Router B sysname RouterB ip netstream export version 9 ip netstream export source 10 2 1 1 ip netstream export host 10 2 1 2 6000 interface Ethernet1 0 0 ip address 10 1 1 2 255 255 255 0 ip netstream inbound i...

Страница 265: ...rface IP address Router A Ethernet1 0 0 10 1 1 1 24 Router B Ethernet1 0 0 10 2 1 1 24 Ethernet1 0 1 10 4 1 1 24 Ethernet2 0 0 10 3 1 1 24 Ethernet2 0 1 10 1 1 2 24 Router C Ethernet1 0 0 10 2 1 2 24 Router D Ethernet1 0 0 10 3 1 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Enable NetStream statistics for incoming and outgoing packets and NetStream sampling on Eth 2 0 1 of ...

Страница 266: ...terB aggregation as ip netstream export host 10 4 1 2 6000 RouterB aggregation as ip netstream export source 10 4 1 1 RouterB aggregation as enable RouterB aggregation as quit Set the sampling ratio and enable traffic statistics for inbound and outbound traffic RouterB interface ethernet 2 0 1 RouterB Ethernet2 0 1 ip netstream sampler fix packets 100 inbound RouterB Ethernet2 0 1 ip netstream sam...

Страница 267: ...rface Ethernet1 0 0 ip address 10 2 1 2 255 255 255 0 return Configuration file of Router D sysname RouterD interface Ethernet1 0 0 ip address 10 3 1 2 255 255 255 0 return 7 9 3 Example for Configuring Flexible NetStream Traffic Statistics To collect statistics on packets based on the protocol type TOS source IP address destination IP address source port number destination port number you can con...

Страница 268: ...ress of each interface l Version of the exported packets l Address and port number of the NSC and the source address contained in the packets l Traffic statistics to be sent to the NSC Procedure Step 1 Set the IP addresses for the interfaces of Router A and Router B as shown in Figure 7 4 The configuration procedure is not mentioned here Step 2 Specify the version of the exported packets Set the v...

Страница 269: ...tbound traffic on Eth 1 0 0 to 100 RouterB Ethernet1 0 0 ip netstream sampler fix packets 100 inbound RouterB Ethernet1 0 0 ip netstream sampler fix packets 100 outbound Enable the NetStream function for the inbound and outbound traffic on Eth 1 0 0 RouterB Ethernet1 0 0 ip netstream inbound RouterB Ethernet1 0 0 ip netstream outbound RouterB Ethernet1 0 0 quit Step 6 Verify the configuration Afte...

Страница 270: ...h ipv4 destination address match ipv4 destination port collect counter packets collect interface input interface Ethernet1 0 0 ip address 10 1 1 2 255 255 255 0 ip netstream inbound ip netstream outbound interface Ethernet2 0 0 ip address 10 2 1 1 255 255 255 0 return Huawei AR150 200 Series Enterprise Routers Configuration Guide Network Management 7 NetStream Configuration Issue 02 2012 03 30 Hua...

Страница 271: ...epts of ping and tracert and the support for ping and tracert on the AR150 200 8 2 Configuring Ping and Tracert This part describes how to check the network connectivity through ping and tracert operations Huawei AR150 200 Series Enterprise Routers Configuration Guide Network Management 8 Ping and Tracert Issue 02 2012 03 30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd ...

Страница 272: ...hop The process continues until the packet reaches its destination In this process the source host can record the source address of each ICMP TTL timeout message and obtain the IP packet transmission path 8 2 Configuring Ping and Tracert This part describes how to check the network connectivity through ping and tracert operations 8 2 1 Establishing the Configuration Task Before checking the networ...

Страница 273: ...n the timeout period it outputs a Request time out message if receiving a response packet the system outputs bytes of data sequence number TTL and response time of each response packet l Final statistics including the number of sent packets number of received packets percentage of unacknowledged packets to all transmitted packets and the minimum maximum and mean response time NOTE If the destinati...

Страница 274: ...nce name w timeout host The preceding command contains only a part of the parameters For the description of the options and parameters of this command refer to the Huawei AR150 200 Series Enterprise Routers Command Reference An example of applying Tracert program to analyze the network is as follows Huawei tracert m 10 35 1 1 48 traceroute to 35 1 1 48 35 1 1 48 max hops 30 packet length 40 press ...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды