Quidway S2700 Series Ethernet Switches
V100R006C00
Configuration Guide - IP Service
Issue
01
Date
2011-07-15
HUAWEI TECHNOLOGIES CO., LTD.
Страница 1: ...Quidway S2700 Series Ethernet Switches V100R006C00 Configuration Guide IP Service Issue 01 Date 2011 07 15 HUAWEI TECHNOLOGIES CO LTD...
Страница 2: ...e within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarante...
Страница 3: ...ws Symbol Description DANGER Indicates a hazard with a high level of risk which if not avoided will result in death or serious injury WARNING Indicates a hazard with a medium or low level of risk whic...
Страница 4: ...d in braces and separated by vertical bars A minimum of one item or a maximum of all items can be selected x y Optional items are grouped in brackets and separated by vertical bars Several items or no...
Страница 5: ...nfiguring Common Static ARP Entries 11 2 3 3 Configuring Static ARP Entries in a VLAN 11 2 3 4 Checking the Configuration 12 2 4 Optimizing Dynamic ARP 12 2 4 1 Establishing the Configuration Task 13...
Страница 6: ...3 2 IP Performance Supported by the S2700 36 3 3 Optimizing IP Performance 36 3 3 1 Establishing the Configuration Task 36 3 3 2 Enabling an Interface to Check the Source IP Addresses of Packets 37 3...
Страница 7: ...ng Stateful Auto Configuration 65 5 4 6 Configuring the Address Prefixes to Be Advertised 65 5 4 7 Configuring Other Information to Be Advertised 66 5 4 8 Checking the Configuration 67 5 5 Maintaining...
Страница 8: ...mple for Configuring IPv6 DNS 79 Quidway S2700 Series Ethernet Switches Configuration Guide IP Service Contents Issue 01 2011 07 15 Huawei Proprietary and Confidential Copyright Huawei Technologies Co...
Страница 9: ...tworks communicate with each other using their network layer addresses namely IP addresses 1 2 Features of IP Addresses Supported by the S2700 IP addresses can be obtained through static manual config...
Страница 10: ...rface on a device is configured with the IP address 20 1 1 1 16 if another interface is configured with the IP address 20 1 1 2 24 the system prompts a message However the configuration is still succe...
Страница 11: ...etworks you need to configure a primary IP address and a secondary IP address for this interface to ensure that the device can communication with all computers on this network Pre configuration Tasks...
Страница 12: ...you need to assign a secondary IP address to this interface Procedure Step 1 Run system view The system view is displayed Step 2 Run interface vlanif vlan id The VLANIF interface view is displayed St...
Страница 13: ...in which hosts belong to two different network segments that is 172 16 1 0 24 and 172 16 2 0 24 It is required that the Switch can access the two network segments but the host in 172 16 1 0 24 cannot...
Страница 14: ...tes 56 Sequence 3 ttl 128 time 26 ms Reply from 172 16 1 2 bytes 56 Sequence 4 ttl 128 time 26 ms Reply from 172 16 1 2 bytes 56 Sequence 5 ttl 128 time 26 ms 172 16 1 2 ping statistics 5 packet s tra...
Страница 15: ...terface Ethernet0 0 1 port hybrid pvid vlan 100 port hybrid untagged vlan 100 return Quidway S2700 Series Ethernet Switches Configuration Guide IP Service 1 IP Addresses Configuration Issue 01 2011 07...
Страница 16: ...ess into an Ethernet MAC address 2 5 Configuring Routed Proxy ARP Proxy ARP enables devices whose IP addresses belong to the same network segment but different physical networks to communicate with ea...
Страница 17: ...ing types dynamic ARP and static ARP l Static ARP means the mapping between manually configured IP addresses and MAC addresses l Dynamic ARP means that the ARP mapping table is dynamically maintained...
Страница 18: ...ARP mappings tables on themselves for the corresponding ARP entries If the conditions for being a proxy are met the interface sends the MAC address of the switch to the sender of the ARP Request mess...
Страница 19: ...ancy Protocol VRRP are enabled on a device simultaneously the virtual IP address of the VRRP backup group configured on the VLANIF interface cannot be the IP address contained in the static ARP entrie...
Страница 20: ...ied the system selects the outbound interface automatically If the VLAN ID and outbound interface are specified the system forwards the packet from the specified outbound interface If the interface co...
Страница 21: ...parameters of dynamic ARP If the device needs to update ARP entries frequently you can reduce the aging timeout period of ARP entries increase the number of aging detections for ARP entries and reduce...
Страница 22: ...tries Procedure Step 1 Run system view The system view is displayed Step 2 Run arp suppress enable ARP suppression is enabled on the current device End 2 4 4 Enabling Layer 2 Topology Detection Functi...
Страница 23: ...by a device You need to enable the proxy ARP on the device interface connected to the physical networks This enables communication between the two networks Network IDs of subnet hosts must be the same...
Страница 24: ...End 2 5 3 Enabling the Routed Proxy ARP Function To interconnect the subnets in the same IP network you need to enable routed proxy ARP Procedure Step 1 Run system view The system view is displayed S...
Страница 25: ...ach other to ensure the two users can communicate you need to enable proxy ARP within the VLAN on the interface associated with the VLAN Pre configuration Tasks Before configuring proxy ARP within a V...
Страница 26: ...must be in the same network segment with that of hosts in the VLAN associated with this interface End 2 6 3 Enabling Proxy ARP Within a VLAN To interconnect isolated users on a VLAN you need to enabl...
Страница 27: ...unicate you need to enable proxy ARP between VLANs on the sub interface associated with the VLAN IP addresses of hosts in a VLAN must be in the same network segment Pre configuration Tasks Before conf...
Страница 28: ...e interface must be in the same network segment with that of hosts in the VLAN associated with this interface End 2 7 3 Enabling Proxy ARP Between VLANs To interconnect users on different VLANs you ne...
Страница 29: ...s deleted after you clear ARP entries So confirm the action before you use the command l The static ARP entries cannot restore after you clear it So confirm the action before you use the command Proce...
Страница 30: ...tions about the debugging commands see the Quidway S2700 Series Ethernet Switches Debugging Reference Procedure l Run the debugging arp packet interface interface type interface number command in the...
Страница 31: ...onfiguration Roadmap The configuration roadmap is as follows 1 Create a VLAN and add an interface to the VLAN 2 Set dynamic ARP parameters on a VLANIF interface at the user side 3 Create a static ARP...
Страница 32: ...ber of detection times before deleting ARP entries to 2 Quidway Vlanif2 arp detect times 2 Quidway Vlanif2 quit Create VLANIF 3 Quidway interface vlanif 3 Assign an IP address to VLANIF 3 Quidway Vlan...
Страница 33: ...e connected to a LAN respectively and the network IDs of the two LANs are 172 16 0 0 16 Host A and Host B are not configured with the default gateway It is required that routed proxy ARP should be ena...
Страница 34: ...add GE 0 0 2 to VLAN 3 Quidway vlan 3 Quidway vlan3 quit Quidway interface gigabitethernet 0 0 2 Quidway GigabitEthernet0 0 2 port link type access Quidway GigabitEthernet0 0 2 port default vlan 3 Qui...
Страница 35: ...It is required that l Host A and host B in VLAN 2 should be isolated at Layer 2 l Host A should communicate with host B at Layer 3 through intra VLAN proxy ARP The IP address and subnet mask of the VL...
Страница 36: ...way interface gigabitethernet 0 0 2 Quidway GigabitEthernet0 0 2 port isolate enable Quidway GigabitEthernet0 0 2 quit Add GE 0 0 1 and GE 0 0 2 to Sub VLAN 2 Quidway interface gigabitethernet 0 0 1 Q...
Страница 37: ...sysname Quidway vlan batch 2 to 3 vlan 3 aggregate vlan access vlan 2 interface Vlanif3 ip address 10 10 10 1 255 255 255 0 arp proxy inner sub vlan proxy enable interface GigabitEthernet0 0 1 port li...
Страница 38: ...ub VLAN l Eth 0 0 2 and Eth 0 0 1 belonging to Sub VLAN 2 l Eth 0 0 3 and Eth 0 0 4 belonging to Sub VLAN 3 l IP address and subnet mask of VLANIF 4 in Super VLAN 4 being 10 10 10 1 and 255 255 255 0...
Страница 39: ...interface vlanif 4 Assign an IP address to VLANIF 4 Quidway Vlanif4 ip address 10 10 10 1 24 Step 3 Enable inter VLAN proxy ARP on VLANIF 4 Quidway Vlanif4 arp proxy inter sub vlan proxy enable Quidw...
Страница 40: ...an 3 interface Ethernet0 0 4 port link type access port default vlan 3 return 2 9 5 Example for Configuring Layer 2 Topology Detection Networking Requirements As shown in Figure 2 5 two GE interfaces...
Страница 41: ...y interface gigabitethernet 0 0 2 Quidway GigabitEthernet0 0 2 port link type access Quidway GigabitEthernet0 0 2 port default vlan 100 Quidway GigabitEthernet0 0 2 quit Step 2 Enable Layer 2 topology...
Страница 42: ...SS EXPIRE M TYPE INTERFACE VPN INSTANCE VLAN 10 1 1 2 00e0 c01a 4900 I Vlanif100 10 1 1 3 00e0 de24 bf04 20 D 0 GE0 0 2 Total 2 Dynamic 1 Static 0 Interface 1 NOTE After the ARP entry is updated the a...
Страница 43: ...ibed 3 2 IP Performance Supported by the S2700 3 3 Optimizing IP Performance This section describes how to optimize IP performance of a certain network by setting IP performance parameters 3 4 Maintai...
Страница 44: ...rse To solve this problem a control switch is added on the outgoing interface of ICMP messages This switch is used to respectively enable or disable the sending of ICMP host unreachable messages If th...
Страница 45: ...ets 4 Number of the interface which needs to configure ICMP host unreachable 5 SYN WAIT timer FIN WAIT timer receiving and sending buffer size of the socket 3 3 2 Enabling an Interface to Check the So...
Страница 46: ...nabled End 3 3 4 Setting TCP Parameters Context You can set the following TCP parameters l SYN Wait timer When sending packets with the SYN flag TCP starts the SYN Wait timer If no response is receive...
Страница 47: ...l Run the display tcp status task id task id socket id socket id local ip ip address local port local port number remote ip ip address remote port remote port number command to check the TCP connectio...
Страница 48: ...s command to check the total number of FIB entries End 3 4 Maintaining IP Performance This section describes how to maintain IP performance 3 4 1 Clearing IP Performance Statistics Context CAUTION The...
Страница 49: ...information about the FIB table l Run the display fib acl acl number verbose command to check information about the FIB entries that match ACL rules in a certain format l Run the display fib interfac...
Страница 50: ...c port src port dest ip dest address dest port dest port or debugging tcp md5 task id task id socket id socket id command in the user view to debug TCP Message Digest Algorithm 5 MD5 authentication l...
Страница 51: ...configuration is not changed you can skip this configuration Data Preparation To complete the configuration you need the following data l Static routes to indirectly connected devices l IP address of...
Страница 52: ...an IP address to VLANIF 11 on Switch C Quidway system view Quidway sysname SwitchC SwitchC vlan 11 SwitchC Vlan11 quit SwitchC interface ethernet0 0 2 SwitchC Ethernet0 0 2 port hybrid tagged vlan 11...
Страница 53: ...0 interface Ethernet0 0 1 port hybrid tagged vlan 10 interface Ethernet0 0 2 port hybrid tagged vlan 11 return l Configuration file of Switch C sysname SwitchC vlan 11 interface vlanif 11 ip address...
Страница 54: ...ted by the S2700 Domain name resolution can be performed in either dynamic mode or static mode 4 3 Configuring DNS By configuring the DNS you can set up a mapping between a domain name and an IP addre...
Страница 55: ...supports static resolution and dynamic resolution 4 3 Configuring DNS By configuring the DNS you can set up a mapping between a domain name and an IP address In this manner you can enable the device t...
Страница 56: ...omain name the client can search the table for the required IP address This improves the efficiency of domain name resolution Procedure Step 1 Run system view The system view is displayed Step 2 Run i...
Страница 57: ...servers 1 source address and 10 domain name suffixes To configure more than one domain name server repeat Step 3 To configure more than one domain name suffix repeat Step 5 4 3 4 Checking the Configu...
Страница 58: ...n names is displayed it means that the configuration succeeds For example Quidway display dns domain No Domain name 1 com 2 net Run the display dns dynamic host command If information about the dynami...
Страница 59: ...ynamic DNS entries in the domain name cache End 4 4 3 Debugging DNS This section describes DNS debugging through the debugging command Context CAUTION Debugging affects the performance of the system S...
Страница 60: ...Ethernet0 0 1 1 1 1 2 16 1 1 1 1 16 2 1 1 1 16 2 1 1 2 16 3 1 1 1 16 SwitchA SwitchB SwitchC huawei com 2 1 1 3 16 DNS Server 3 1 1 2 16 DNS Client VLANIF 100 VLANIF 100 VLANIF 101 VLANIF 100 VLANIF 1...
Страница 61: ...server 3 1 1 2 PING huawei com 2 1 1 3 56 data bytes press CTRL_C to break Reply from 2 1 1 3 bytes 56 Sequence 1 ttl 126 time 6 ms Reply from 2 1 1 3 bytes 56 Sequence 2 ttl 126 time 4 ms Reply from...
Страница 62: ...ress 1 1 1 2 255 255 0 0 rip 1 network 1 0 0 0 return l Configuration file of Switch B sysname SwitchB vlan batch 100 101 interface Ethernet0 0 1 port hybrid pvid vlan 100 port hybrid untagged vlan 10...
Страница 63: ...ed vlan 101 interface LoopBack0 ip address 4 1 1 2 255 255 255 255 interface vlanif100 ip address 2 1 1 2 255 255 0 0 interface vlanif101 ip address 3 1 1 1 255 255 0 0 rip 1 network 2 0 0 0 network 3...
Страница 64: ...ery ND is a packet transmission process to identify the relationship between neighboring nodes The Neighbor Discovery Protocol NDP replaces the Address Resolution Protocol ARP ICMP Device Discovery me...
Страница 65: ...decimal numbers d d d d is a standard IPv4 address An IPv6 address can be divided into two parts l Network prefix n bits equivalent to the network ID in the IPv4 address l Interface identifier 128 n...
Страница 66: ...nagement policies the S2700 obtains minimum necessary forwarding information from the RIB and adds the information to the FIB Through the route management module you can also add static routes into th...
Страница 67: ...refix length of the network bits in an EUI 64 address must not be longer than 64 bits The EUI 64 address and the global unicast address can be configured simultaneously or alternatively However the IP...
Страница 68: ...ability is enabled By default the IPv6 packet forwarding capability is disabled To enable a device to forward IPv6 packets you must run this command in the system view otherwise the IPv6 protocol stat...
Страница 69: ...n also configure a global unicast IPv6 address for auto generating a link local address For details see Configuring an IPv6 Global Unicast Address for an Interface End 5 3 4 Configuring an IPv6 Global...
Страница 70: ...ery messages and ICMP Redirect messages and introduces neighbor reachability detection 5 4 1 Establishing the Configuration Task This section describes the applicable environment pre configuration tas...
Страница 71: ...view is displayed Step 2 Run interface vlanif vlan id The VLANIF interface view is displayed Step 3 Run ipv6 enable You can enable the IPv6 capability Step 4 Run one of the following commands as requ...
Страница 72: ...rface vlanif vlan id The VLANIF interface view is displayed Step 3 Run ipv6 enable You can enable the IPv6 capability Step 4 Run ipv6 nd ra max interval maximum interval min interval minimum interval...
Страница 73: ...to any addresses auto configured using stateless address auto configuration Step 5 Run ipv6 nd autoconfig other flag The flag bit for other stateful configurations is set When this flag is set hosts u...
Страница 74: ...ms Neighbor Unreachability Detection NUD checks the reachability of neighbors By default NUD value is 30000ms The MTU of the interface determines whether to fragment IP packets on the interface Defaul...
Страница 75: ...e undo shudown command orderly in the interface view to validate the configuration 5 4 8 Checking the Configuration You can view the configuration of IPv6 neighbor discovery Prerequisite The configura...
Страница 76: ...clude deleting information about IPv6 operation and monitoring IPv6 operation 5 5 1 Clearing IPv6 Statistics Context CAUTION Statistics cannot be restored after being cleared So confirm the action bef...
Страница 77: ...socket id command in any view to view information about the specified socket l Run the display ipv6 fib existing slot id command in any view to view information about FIB End 5 5 3 Debugging IPv6 This...
Страница 78: ...As shown in Figure 5 1 two Switches are connected through Eth 0 0 1 The Eth 0 0 1 interfaces of Switch A and Switch B correspond to their VLANIF 100 interfaces You need to set IPv6 global unicast addr...
Страница 79: ...Ethernet0 0 1 port hybrid untagged vlan 100 SwitchB Ethernet0 0 1 quit SwitchB interface vlanif 100 SwitchB Vlanif100 ipv6 enable SwitchB Vlanif100 ipv6 address 3001 2 64 SwitchB Vlanif100 quit Step...
Страница 80: ...E80 2E0 FCFF FE33 11 bytes 56 Sequence 2 hop limit 64 time 3 ms Reply from FE80 2E0 FCFF FE33 11 bytes 56 Sequence 3 hop limit 64 time 3 ms Reply from FE80 2E0 FCFF FE33 11 bytes 56 Sequence 4 hop lim...
Страница 81: ...100 return l Configuration file of Switch B sysname SwitchB ipv6 vlan 100 interface Vlanif100 ipv6 enable ipv6 address 3001 2 64 interface Ethernet0 0 1 port hybrid pvid vlan 100 port hybrid untagged...
Страница 82: ...e resolution can be performed in either dynamic mode or static mode 6 3 Configuring IPv6 DNS By configuring the IPv6 DNS you can set up a mapping between a domain name and an IPv6 address In this mann...
Страница 83: ...the Configuration Task This section describes the applicable environment pre configuration tasks data preparation and configuration procedure for configuring the IPv6 DNS Applicable Environment DNS n...
Страница 84: ...the same host is configured with IPv6 addresses for several times the maximum times is 8 IPv6 addresses the IPv6 address configured earliest is used when needing to find the host with the IPv6 address...
Страница 85: ...stem view The system view is displayed Step 2 Run dns resolve The dynamic domain name resolution is enabled Step 3 Run dns server ipv6 ipv6 address interface type interface number The IPv6 DNS server...
Страница 86: ...er IpAddress 1 169 254 65 125 IPv6 Dns Servers Domain server Ipv6Address Interface Name 1 3001 2 2 FE80 2 GigabitEthernet6 0 0 Run the display dns domain command If the suffixes of the domain names ar...
Страница 87: ...operation of IPv6 DNS Procedure l Run display dns domain Domain names are checked l Run display dns server Configurations of the DNS server are checked l Run display dns ipv6 dynamic host Contents ab...
Страница 88: ...rver 2003 2 64 DNS client VLANIF100 VLANIF101 VLANIF100 VLANIF100 VLANIF101 Ethernet0 0 1 Ethernet0 0 1 Ethernet0 0 2 Ethernet0 0 2 2002 1 64 Configuration Roadmap The configuration roadmap is as foll...
Страница 89: ...l 126 time 6 ms Reply from 2002 1 bytes 56 Sequence 2 ttl 126 time 4 ms Reply from 2002 1 bytes 56 Sequence 3 ttl 126 time 4 ms Reply from 2002 1 bytes 56 Sequence 4 ttl 126 time 4 ms Reply from 2002...
Страница 90: ...vlan 101 port hybrid untagged vlan 101 interface Ethernet0 0 2 port hybrid pvid vlan 100 port hybrid untagged vlan 100 interface vlanif100 ipv6 enable ipv6 address 2002 2 64 interface vlanif101 ipv6...
Страница 91: ...4 interface vlanif101 ipv6 enable ipv6 address 2003 1 64 return Quidway S2700 Series Ethernet Switches Configuration Guide IP Service 6 IPv6 DNS Configuration Issue 01 2011 07 15 Huawei Proprietary an...
