Huawei S9300 Configuration Manual
  1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Switch
  5. Quidway S9300
  6. Configuration manual
Huawei S9300 Configuration Manual

Huawei S9300 Configuration Manual

Terabit routing switch
Hide thumbs Also See for S9300:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual
S9300&S9300E Terabit Routing Switch
V200R001C00
Configuration Guide - IP Service
Issue
01
Date
2012-03-15
HUAWEI TECHNOLOGIES CO., LTD.

Advertisement

Table of Contents
loading

Related Manuals for Huawei S9300

Summary of Contents for Huawei S9300

  • Page 1 S9300&S9300E Terabit Routing Switch V200R001C00 Configuration Guide - IP Service Issue Date 2012-03-15 HUAWEI TECHNOLOGIES CO., LTD.
  • Page 2 All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope.

  • Page 3: About This Document

    About This Document Intended Audience This document describes the configurations of the IP services of the S9300&S9300E, including the basic knowledge and configurations of secondary IP addresses, DHCP, DHCPv6, IP performance, IP unicast policy-based routing, UDP Helper, basic IPv6 functions, IPv6 over IPv4 tunnels, IPv4 over IPv6 tunnels, and IP sessions.

  • Page 4: Command Conventions

    Change History Updates between document issues are cumulative. Therefore, the latest document issue contains all changes made in previous issues. Changes in Issue 01 (2012-03-15) Initial commercial release. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 5: Table Of Contents

    About This Document........................ii 1 IP Addresses Configuration......................1 1.1 Introduction to IP Addresses..........................2 1.2 Features of IP Addresses Supported by the S9300&S9300E................2 1.3 Configuring IP Addresses for Interfaces......................3 1.3.1 Establishing the Configuration Task......................3 1.3.2 Configuring a Primary IP Address for an Interface...................3 1.3.3 (Optional) Configuring a Secondary IP Address for an Interface.............4...
  • Page 6 2.11.5 Example for Configuring Layer 2 Topology Detection................42 3 DHCP Configuration........................45 3.1 Introduction to DHCP............................46 3.2 DHCP Features Supported by the S9300&S9300E..................46 3.3 Configuring the DHCP Server Based on the Global Address Pool..............49 3.3.1 Establishing the Configuration Task.......................49 3.3.2 Configuring an Interface to Use Global Address Pool................50 3.3.3 Configuring Address Allocation Mode for Global Address Pool............51...
  • Page 7 4.3.3 Binding a User Authentication Domain to a Sub-Interface..............92 4.3.4 (Optional) Setting the Format of DHCP User Name and the Password..........93 4.3.5 (Optional) Configuring the S9300&S9300E to Process Option Fields...........94 4.3.6 (Optional) Setting ARP Detection Parameters..................95 4.3.7 (Optional) Setting the Type of a NAS Interface..................95 4.3.8 (Optional) Binding a VPN Instance to an Interface.................96...
  • Page 8 6.5.3 Example for Optimizing System Performance by Discarding Certain ICMP Packets......130 7 UDP Helper Configuration......................132 7.1 Introduction to UDP Helper...........................133 7.2 UDP Helper Features Supported by the S9300&S9300E................133 7.3 Configuring UDP Helper..........................134 7.3.1 Establishing the Configuration Task.....................134 7.3.2 Enabling the UDP Helper Function.......................134 7.3.3 Configuring the UDP Port on Which Packets Are Forwarded..............135...
  • Page 9 8.5.1 Example for Configuring DNS......................146 9 Basic Configurations of IPv6....................150 9.1 Introduction to IPv6............................151 9.2 IPv6 Features Supported by the S9300&S9300E...................151 9.3 Configuring an IPv6 Address for an Interface....................153 9.3.1 Establishing the Configuration Task.....................153 9.3.2 Enabling IPv6 Packet Forwarding Capability..................154 9.3.3 Configuring an IPv6 Link-Local Address for an Interface..............154...
  • Page 10 10.5.1 Example for Configuring IPv6 DNS....................177 11 IPv6 over IPv4 Tunnel Configuration................. 182 11.1 Introduction to IPv6 over IPv4........................183 11.2 IPv6 over IPv4 Supported by the S9300&S9300E..................183 11.3 Configuring IPv4/IPv6 Dual Stacks......................188 11.3.1 Establishing the Configuration Task....................188 11.3.2 Enabling IPv6 Packet Forwarding.......................189 11.3.3 Configuring IPv4 and IPv6 Addresses for the Interface..............190...
  • Page 11 11.7.4 Example for Configuring 6PE......................214 12 IPv4 over IPv6 Tunnel Configuration.................222 12.1 Introduction to IPv4 over IPv6........................223 12.2 IPv4 over IPv6 Supported by the S9300&S9300E..................223 12.3 Configuring an IPv4 over IPv6 Tunnel......................224 12.3.1 Establishing the Configuration Task....................224 12.3.2 Enabling the Service Loopback Function on an Eth-Trunk Interface..........224 12.3.3 Configuring a Tunnel Interface......................225...

  • Page 12: Ip Addresses Configuration

    IP addresses. 1.2 Features of IP Addresses Supported by the S9300&S9300E IP addresses can be obtained through static manual configuration or borrowing. 1.3 Configuring IP Addresses for Interfaces Assigning an IP address to a device on a network enables the device to communicate with the other devices on the network.

  • Page 13: Introduction To Ip Addresses

    Manually configuring an IP address for an interface Borrowing an IP address from other interfaces The S9300&S9300E supports the space overlapping of network segment addresses to save the address space. Different IP addresses in the overlapped network segments but not same can be configured on different interfaces of the same device.

  • Page 14: Configuring Ip Addresses For Interfaces

    (Optional) Secondary IP address and subnet mask of the interface 1.3.2 Configuring a Primary IP Address for an Interface An interface can have only one primary IP address. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 15: Optional) Configuring A Secondary Ip Address For An Interface

    { mask | mask-length } sub A secondary IP address is configured. You can configure a maximum of 255 secondary IP addresses on an interface. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 16: Checking The Configuration

    Before configuring IP address unnumbered on an interface, complete the following tasks: Configuring physical attributes for the IP address borrower and lender Configuring link layer protocols for the IP address borrower and lender Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 17: Configuring The Primary Ip Address Of The Interface That Lends An Ip Address

    The system view is displayed. Step 2 Run: interface tunnel interface-number The TUNNEL interface view is displayed. Step 3 Run: ip address unnumbered interface interface-type interface-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 18: Checking The Configuration

    Switch can access the two network segments but the host in 172.16.1.0/24 cannot interconnect with the host in 172.16.2.0/24. Figure 1-1 Networking diagram for setting IP addresses 172.16.1.0/24 Switch GE 1/0/1 VLANIF 100 172.16.1.1/24 172.16.2.1/24 sub 172.16.2.0/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 19 Reply from 172.16.2.2: bytes=56 Sequence=4 ttl=128 time=26 ms Reply from 172.16.2.2: bytes=56 Sequence=5 ttl=128 time=26 ms --- 172.16.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 20: Example For Configuring A Tunnel Interface To Borrow The Ip Address Of A Loopback Interface

    Figure 1-2 Networking diagram for configuring a tunnel interface to borrow an IP address of a loopback interface SwitchB SwitchA SwitchC Tunnel Tunnel 3/0/15 Tunnel 3/0/15 PC 1 PC 2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 21 Reply from 9.9.9.9: bytes=56 Sequence=3 ttl=255 time=3 ms Reply from 9.9.9.9: bytes=56 Sequence=4 ttl=255 time=3 ms Reply from 9.9.9.9: bytes=56 Sequence=5 ttl=255 time=3 ms --- 9.9.9.9 ping statistics --- 5 packet(s) transmitted Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 22 Configuration file of Switch C sysname SwitchC interface LoopBack0 ip address 9.9.9.9 255.255.225.255 interface Tunnel3/0/15 ip address unnumbered interface LoopBack0 ospf 1 area 0.0.0.0 network 9.9.9.9 0.0.0.0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 23: Arp Configuration

    An Ethernet device must support ARP. ARP implements dynamic mapping between Layer 3 IP addresses and Layer 2 MAC addresses. 2.2 Features of ARP Supported by the S9300&S9300E ARP can operate in either of two modes: static and dynamic. The extensions of ARP include proxy ARP, gratuitous ARP, and ARP-Ping.
  • Page 24 2 ARP Configuration The operations of ARP maintenance include clearing ARP statistics and monitoring ARP operating status. 2.11 Configuration Examples This section provides several configuration examples of ARP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 25: Overview Of Arp

    MAC addresses and IP addresses. The Address Resolution Protocol (ARP) maps an IP address to the corresponding MAC address. 2.2 Features of ARP Supported by the S9300&S9300E ARP can operate in either of two modes: static and dynamic. The extensions of ARP include proxy ARP, gratuitous ARP, and ARP-Ping.
  • Page 26 MAC. In this way, you can query the IP address corresponding to the specific MAC address on the network segment. Principles of ARP-Ping MAC ARP-Ping MAC sends broadcast ICMP Echo Request packets. The following describes how to implement ARP-Ping MAC: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 27: Configuring Static Arp

    2.3 Configuring Static ARP Static ARP indicates that there is a fixed mapping between an IP address and a MAC address. Static ARP needs to be configured by an administrator. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 28: Establishing The Configuration Task

    IP address contained in the static ARP entries; otherwise, incorrect host routes are generated and thus packets cannot be normally forwarded. Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 29: Configuring Static Arp Entries In A Vlan

    NOTE To configure static ARP for the packets with double tags, run the arp static cevid command. For details, see the S9300&S9300E Terabit Routing Switch Command Reference - Ethernet. Procedure Step 1 Run: system-view The system view is displayed.

  • Page 30: Configuring Static Arp Entries In A Vpn Instance

    ----End 2.4 Optimizing Dynamic ARP If dynamic ARP is configured, the system automatically resolutes an IP address into an Ethernet MAC address. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 31: Establishing The Configuration Task

    The number of aging detection times of the dynamic ARP entries is configured. Step 4 Run: arp expire-time expire-times The timeout period for aging dynamic ARP entries is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 32: Enabling Arp Suppression Function

    The Layer 2 topology detection function is enabled. By default, this function is not enabled. ----End 2.4.5 Checking the Configuration You can view the configuration of dynamic ARP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 33: Configuring Routed Proxy Arp

    To configure routed proxy ARP, you need the following data. Data Number of the interface to be enabled with routed proxy ARP IP address of the interface to be enabled with routed proxy ARP Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 34: Configure An Ip Addresses For The Interface

    Step 2 Run: interface vlanif vlan-id The VLANIF interface view is displayed. Routed proxy ARP can be enabled only on the VLANIF interface of the S9300&S9300E. Step 3 Run: ip address ip-address { mask | mask-length } The interface is configured with an IP address.

  • Page 35: Configuring Proxy Arp Within A Vlan

    IP address of the interface to be enabled with proxy ARP in a VLAN VLAN ID associated with the interface to be enabled with proxy ARP in a VLAN Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 36: Configure An Ip Addresses For The Interface

    Step 3 Run: arp-proxy inner-sub-vlan-proxy enable Proxy ARP within a VLAN is enabled. ----End 2.6.4 Checking the Configuration You can view the configuration of intra-VLAN proxy ARP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 37: Configuring Proxy Arp Between Vlans

    IP address of the interface to be enabled with proxy ARP between VLANs VLAN ID associated with the interface to be enabled with proxy ARP between VLANs Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 38: Configuring An Ip Addresses For The Interface

    The VLANIF interface view is displayed. Step 3 Run: arp-proxy inter-sub-vlan-proxy enable Proxy ARP between VLANs is enabled. ----End 2.7.4 Checking the Configuration You can view the configuration of inter-VLAN proxy ARP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 39: Configuring Arp-Ping Ip

    Up. Data Preparation To configure ARP-Ping IP, you need the following data. Data IP address to be checked Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 40: Detecting The Ip Address By Using The Arp-Ping Ip Command

    Configuring parameters of the link layer protocol and IP addresses for the interfaces and ensuring that the status of the link layer protocol on the interfaces is Up. Data Preparation To configure ARP-Ping MAC, you need the following data. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 41: Detecting The Mac Address By Using The Arp-Ping Mac Command

    The operations of ARP maintenance include clearing ARP statistics and monitoring ARP operating status. 2.10.1 Clearing ARP Entries This section describes ARP entries clearance through the reset command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 42: Monitoring Network Operation Status Of Arp

    When the CPU usage is close to 100%, debugging ARP may cause the board resetting. So, confirm the action before you use the command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 43: Configuration Examples

    When faults occur during ARP operation, run the following debugging command in the user view to debug ARP and locate the fault. For more information, see chapter "Information Center Configuration" in the S9300&S9300E Terabit Routing Switch Configuration Guide-System Management. Procedure Run the debugging arp packet [ interface interface-type interface-number | slot slot-id ] command in the user view to debug ARP.
  • Page 44 255.255.255.0, and MAC address being 00e0-fc01-0000 Procedure Step 1 Create a VLAN and add an interface to the VLAN. # Create VLAN 2 and VLAN 3. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 45 10.2.2.3 00e0-fc01-0000 vid 3 interface GigabitEthernet1/0/2 ----End Configuration Files The following is the configuration file of the Switch. sysname Quidway vlan batch 2 to 3 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 46: Example For Configuring Routed Proxy Arp

    Assign an IP Address to an interface. Enable routed proxy ARP on the interface. Configure the default route. Data Preparation To complete the configuration, you need the following data: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 47 # Ping Host B from Host A. The ping operation is successful. ----End Configuration Files Configuration file of the Switch sysname Quidway vlan batch 2 to 3 interface Vlanif2 ip address 172.16.1.1 255.255.255.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 48: Example For Configuring Intra-Vlan Proxy Arp

    10.10.10.3/24 10.10.10.2/24 00-e0-fc-00-00-03 00-e0-fc-00-00-02 sub-VLAN2 Configuration Roadmap The configuration roadmap is as follows: Create and configure a super-VLAN and a sub-VLAN. Add an interface to the sub-VLAN. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 49 # Assign an IP address to VLANIF 3. [Quidway-Vlanif3] ip address 10.10.10.1 24 Step 3 Enable intra-VLAN proxy ARP on VLANIF 3. [Quidway-Vlanif3] arp-proxy inner-sub-vlan-proxy enable [Quidway-Vlanif3] quit Step 4 Verify the configuration. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 50: Example For Configuring Inter-Vlan Proxy Arp

    Hosts in the sub-VLANs 2 and 3 should not be pinged mutually. Hosts in VLAN 2 and VLAN 3 should be pinged mutually after inter-VLAN proxy ARP is enabled. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 51 [Quidway] vlan 2 [Quidway-vlan2] quit # Add GE 1/0/0 and GE 1/0/1 to sub-VLAN 2. [Quidway] interface gigabitethernet 1/0/0 [Quidway-GigabitEthernet1/0/0] port link-type access [Quidway-GigabitEthernet1/0/0] port default vlan 2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 52 EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN/CEVLAN ------------------------------------------------------------------------------ 10.10.10.1 0018-2000-0083 Vlanif4 10.10.10.2 00e0-fc00-0002 GE1/0/0 10.10.10.3 00e0-fc00-0003 GE1/0/1 10.10.10.4 00e0-fc00-0004 GE2/0/0 10.10.10.5 00e0-fc00-0005 GE2/0/1 ------------------------------------------------------------------------------ Total:5 Dynamic:4 Static:0 Interface:1 ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 53: Example For Configuring Layer 2 Topology Detection

    GE interfaces are shown in the figure. Figure 2-7 Networking diagram for configuring Layer 2 topology detection Switch VLANIF100 10.1.1.2/24 PC B PC A VLAN100 10.1.1.3/24 10.1.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 54 # Run the shutdown command and then the undoshutdown command on GE 1/0/1 to view the aging time of ARP entries. [Quidway] interface gigabitethernet 1/0/1 [Quidway-GigabitEthernet1/0/1] shutdown [Quidway-GigabitEthernet1/0/1] undo shutdown [Quidway-GigabitEthernet1/0/1] display arp all Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 55 100 interface Vlanif100 ip address 10.1.1.2 255.255.255.0 interface GigabitEthernet1/0/1 port link-type access port default vlan 100 interface GigabitEthernet1/0/2 port link-type access port default vlan 100 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 56: Dhcp Configuration

    3.2 DHCP Features Supported by the S9300&S9300E The S9300&S9300E can be used as a DHCP server or a DHCP relay agent. 3.3 Configuring the DHCP Server Based on the Global Address Pool A DHCP server can allocate IP addresses to clients by using the global address pool.

  • Page 57: Introduction To Dhcp

    DHCP server that are on different network segments. 3.2 DHCP Features Supported by the S9300&S9300E The S9300&S9300E can be used as a DHCP server or a DHCP relay agent. Table 3-1 describes the DHCP usage scenarios where the S9300&S9300E is used.
  • Page 58 Using the S9300&S9300E as a DHCP Server The S9300&S9300E can function as a DHCP server to allocate IP addresses to clients. A client sends a packet to the server to request for configurations such as the IP address, subnet mask, and default gateway.
  • Page 59 100.10.10.1/24 100.10.10.2/24 An S9300&S9300E functions as a DHCP server and another one functions as a DHCP relay agent. The DHCP server and DHCP clients are on different network segments. On this network, the DHCP server can use only the global address pool.

  • Page 60: Configuring The Dhcp Server Based On The Global Address Pool

    This helps you complete the configuration task quickly and accurately. Applicable Environment On an enterprise network, if the computers are connected to the DHCP server through another network, the global address pool needs to be configured on the S9300&S9300E to allocate IP addresses to computers, as shown in Figure 3-3.

  • Page 61: Configuring An Interface To Use Global Address Pool

    Configuration Guide - IP Service 3 DHCP Configuration (Optional) Configuring the NetBIOS server Configuring routes from the S9300&S9300E to the DNS server and the NetBIOS server (The routes are required only when the servers are configured.) (Optional) Configuring the customized DHCP option...

  • Page 62: Configuring Address Allocation Mode For Global Address Pool

    IP address in the global address pool. Context Up to 256 address pools can be configured on the S9300&S9300E, including the global address pools and interface address pools. The number of address pools of each type is not limited. To use the dynamic allocation mode, you must specify the range of addresses to be allocated;...

  • Page 63: Optional) Configuring Dns For Global Address Pool

    During domain name resolution, users only need to enter a part of the domain name, and then the system uses a complete domain name for resolution. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 64: Optional) Configuring Netbios For Global Address Pool

    This node obtains the mappings by communicating with the NetBIOS server. m-node: indicates a node in mixed mode, that is, the p-type node with some broadcast features. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 65: Optional) Configuring The Customized Dhcp Option For The Global Address Pool

    Related commands: DNS service: domain-name and dns-list NetBIOS service: nbns-list and netbios-type Lease: lease Perform the following steps on the DHCP server. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 66: Optional) Preventing Repetitive Allocation Of An Ip Address

    The maximum number of ping packets is set. By default, the maximum number of ping packets to be sent by the S9300&S9300E is 0. That is, the S9300&S9300E does not ping the IP addresses to be allocated.

  • Page 67: Optional) Configuring Automatic Saving Of Dhcp Data

    By default, the period in which the S9300&S9300E waits for the response is 500 ms. ----End 3.3.8 (Optional) Configuring Automatic Saving of DHCP Data You can configure the S9300&S9300E to save DHCP data to the storage device. When a fault occurs, you can restore data from the storage device. Context Perform the following steps on the DHCP server.

  • Page 68: Configuring The Dhcp Server Based On The Vlanif Interface Address Pool

    Dhcp Offer: Dhcp Ack: Dhcp Nak: Bad Messages: Run the display ip pool name ip-pool-name command to view the IP address pool named huawei. The similar information is displayed. <Quidway> display ip pool name huawei Pool-Name : huawei Pool-No Lease...

  • Page 69: Establishing The Configuration Task

    This helps you complete the configuration task quickly and accurately. Applicable Environment If the DHCP clients and the DHCP server are on the same network segment, the interface address pool needs to be configured on the S9300&S9300E to allocate IP addresses for the clients, as shown in Figure 3-4.

  • Page 70: Configuring Address Allocation Mode For Interface Address Pool

    { mask | mask-length } An IP address is allocated to the VLANIF interface. Step 5 Run: dhcp select interface The S9300&S9300E is configured to use the interface address pool. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 71: Optional) Configuring The Dns Service Of The Vlanif Interface Address Pool

    Perform the following steps on the DHCP server. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: interface vlanif vlan-id Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 72: Optional) Configuring The Netbios Service Of The Vlanif Interface Address Pool

    The VLANIF interface view is displayed. Step 3 Run: dhcp server nbns-list ip-address &<1-8> The NetBIOS server address is configured for the DHCP client. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 73: Optional) Configuring The Customized Dhcp Option Of The Vlanif Interface Address Pool

    Reply packet returned by the DHCP server. Before using this command, ensure that you know the functions of the option to be configured. For details on the DHCP options, see RFC 2132. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 74 The maximum number of ping packets is set. By default, the maximum number of ping packets to be sent by the S9300&S9300E is 0. That is, the S9300&S9300E does not ping the IP addresses to be allocated.

  • Page 75: Checking The Configuration

    The interval for saving DHCP data is set. By default, DHCP data is not automatically saved to CF card. After the S9300&S9300E is configured to automatically save DHCP data, the S9300&S9300E saves data every 7200 seconds by default and the latest data overwrites the previous data.

  • Page 76: Configuring The Dhcp Relay Agent

    If no DHCP server is configured on the local network, the DHCP relay function can be enabled on an S9300&S9300E to forward DHCP Request packets to the DHCP servers on other networks. To ensure that the DHCP clients obtain IP addresses, the DHCP server must use a global address pool, and no address pool can be configured on the interface connected to the DHCP relay agent.

  • Page 77: Configuring Dhcp Relay On An Interface

    Pre-configuration Tasks Before configuring the DHCP relay agent, complete the following tasks: Configuring the DHCP server Configuring a route from the S9300&S9300E to the DHCP server Data Preparation To configure the DHCP relay agent, you need the following data. Data...

  • Page 78: Configuring A Destination Dhcp Server Group

    ----End Follow-up Procedure When functioning as a DHCP relay agent, the S9300&S9300E forwards the DHCP Request packets from DHCP clients to the DHCP server. After the DHCP relay function is enabled on the VLANIF interface, set the DHCP server address on the VLANIF interface in either of the following ways: Configure a destination DHCP server group and bind the group to the interface.

  • Page 79: Binding An Interface To A Dhcp Server Group

    Step 2 Run: interface vlanif vlan-id The VLANIF interface view is displayed. Step 3 Run: dhcp relay server-select group-name The VLANIF interface is bound to a DHCP server group. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 80: Optional) Configuring The Dhcp Relay Agent To Send Dhcp Release Packet

    A VPN instance is bound to the VLANIF interface. If a user connected to the S9300&S9300E interface is in a private network, bind the interface to a VPN instance. The bound VPN instance must be the same as the VPN instance bound to the DHCP server group.

  • Page 81: Checking The Configuration

    Broadcast packets sent to clients : 0 DHCP packets received from servers DHCP OFFER packets received DHCP ACK packets received DHCP NAK packets received DHCP packets sent to servers DHCP Bad packets received Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 82: Maintaining Dhcp

    DHCP server group on a VLANIF interface and the servers in the DHCP server group. Run the display dhcp relay statistics command to view packet statistics on the DHCP relay agent. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 83: Configuration Examples

    The lease of an IP address in 10.1.1.128/25 is 2 days, the DNS address is 10.1.1.2, the NetBIOS address is 10.1.1.4, and the IP address of the egress gateway is 10.1.1.254. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 84: Dhcp Server

    # Set the attributes of IP address pool 1, including the address pool range, DNS address, egress gateway address, and address lease. [Quidway] ip pool 1 [Quidway-ip-pool-1] network 10.1.1.0 mask 255.255.255.128 [Quidway-ip-pool-1] dns-list 10.1.1.2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 85 [Quidway-Vlanif20] ip address 10.1.1.129 255.255.255.128 [Quidway-Vlanif20] dhcp select global [Quidway-Vlanif20] quit Step 4 Verify the configuration. Run the display ip pool command on the S9300&S9300E, and you can view the configuration of the IP address pool. [Quidway] display ip pool -----------------------------------------------------------------------...

  • Page 86: Example For Configuring The Dhcp Server Based On The Interface Address Pool

    A campus has two equipment rooms, which are in different network segments. A switch needs to be configured as a DHCP server to allocate IP addresses for the computers in the two equipment rooms. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 87 To complete the configuration, you need the following data: IP addresses of the interfaces DNS server address and NetBIOS server address Address lease in the address pool Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 88 [Quidway-Vlanif10] dhcp server netbios-type b-node Step 6 Set IP address leases of IP address pools. # Set the IP address lease of VLANIF 10 address pool to 30 days. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 89 10 to 11 dhcp enable interface Vlanif10 ip address 10.1.1.1 255.255.255.0 dhcp select interface dhcp server excluded-ip-address 10.1.1.2 10.1.1.3 dhcp server dns-list 10.1.1.2 dhcp server netbios-type b-node Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 90: Example For Configuring A Dhcp Relay Agent

    IP addresses to the clients in different network segments. A global address pool in the network segment 20.20.20.0/24 is required, and the DHCP server must have a reachable route to the network segment 20.20.20.0/24. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 91 Name of the DHCP server group IP address of the DHCP server in the DHCP server group Number and IP address of the interface enabled with DHCP relay Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 92 Configure an IP address pool 20.20.20.0/24 on the DHCP server and configure a static route from the DHCP server to the Switch. Ensure that the route between the DHCP server and network segment 20.20.20.0/24 is reachable. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 93 GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 100 return Configuration file of SwitchB sysname Quidway vlan batch 20 dhcp enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 94: Example For Configuring A Dhcp Relay Agent For Vpn

    Figure 3-9 Networking diagram for configuring the DHCP relay for a VPN Loopback1 2.2.2.2/32 Internet PE: DHCP Server: GE1/0/0 VLANIF101 10.10.10.1/24 10.10.10.2/24 Loopback1 Swtich 1.1.1.1/32 DHCP Relay: GE1/0/0 VLANIF100 20.20.20.1/24 vpna DHCP Client Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 95 [Switch] interface vlanif 100 [Switch-Vlanif100] dhcp select relay [Switch-Vlanif100] quit Step 3 Create a VPN instance and bind the DHCP server group and VLANIF interface to the VPN instance. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 96 The following lists how to create a VPN instance and bind the VPN instance on the Switch in Figure 3-9. The configuration procedure is not mentioned here. For details, see the S9300&S9300E Terabit Routing Switch Configuration Guide - VPN. # Create a VPN instance.
  • Page 97 DHCP server IP [11] :255.255.255.255 DHCP server IP [12] :255.255.255.255 DHCP server IP [13] :255.255.255.255 DHCP server IP [14] :255.255.255.255 DHCP server IP [15] :255.255.255.255 DHCP server IP [16] :255.255.255.255 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 98 Configuration file of the PE sysname PE vlan 101 ip vpn-instance vpna route-distinguisher 1:1 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity interface Vlanif101 ip binding vpn-instance vpna Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 99 GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 101 bgp 100 peer 1.1.1.1 as-number 100 peer 1.1.1.1 connect-interface loopback 1 ipv4-family vpnv4 peer 1.1.1.1 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 100: Ip Session Configuration

    This section describes the concepts related to the IP session. 4.2 IP Session Supported by the S9300&S9300E The S9300&S9300E supports the access of IP sessions to Layer 3 sub-interfaces, but does not support the access to main interfaces. 4.3 Configuring IP Session This section describes how to create an IP session and set related parameters.

  • Page 101: Introduction To The Ip Session

    DHCP server, and the AAA server authenticates and authorizes users. Thus the users can be online once they power on the computer. The DHCP server can be a remote server or a local server. If a local server is used, it indicates that the S9300&S9300E functions as the DHCP server.

  • Page 102: Configuring Ip Session

    To make access users go online successfully, you must configure a static route between the egress gateway and the DHCP server on the S9300&S9300E. The address of the egress gateway is set according to the actual situation and the configuration of the static route is described in IP Static Route Configuration.

  • Page 103: Enabling The Ip Session Function

    4.3.3 Binding a User Authentication Domain to a Sub-Interface If a user authentication domain is bound to a sub-interface, when a user goes online, the S9300&S9300E selects the bound domain to authenticate and authorize the user. Issue 01 (2012-03-15) Huawei Proprietary and Confidential...

  • Page 104: Optional) Setting The Format Of Dhcp User Name And The Password

    A user authentication domain is bound to the sub-interface. When a user goes online, the S9300&S9300E selects the bound domain to authenticate and authorize the user. By default, the user authentication domain bound to a sub-interface is the global default domain.

  • Page 105: Optional) Configuring The S9300&S9300E To Process Option Fields

    ----End 4.3.5 (Optional) Configuring the S9300&S9300E to Process Option Fields Through the IP session function, the S9300&S9300E can process the Option 82 field of DHCP messages and select the service policy according to the Option 60 field. Procedure Step 1 Run: system-view The system view is displayed.

  • Page 106: Optional) Setting Arp Detection Parameters

    IP address is abnormally disconnected but no release packet is sent to the DHCP server is often encountered. In this case, the S9300&S9300E needs to regularly send ARP detection packets to check whether users remain online. Upon the timeout of the ARP detection, users are disconnected. In addition, DHCP Release packets are constructed and sent to the DHCP server to enable the DHCP server to release the IP address.

  • Page 107: Optional) Binding A Vpn Instance To An Interface

    The VPN instance is bound to the interface. ----End 4.3.9 Checking the Configuration This section describes how to check the configuration of IP session. Prerequisites All configurations of IP session are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 108: Example For Configuring Ip Session

    Figure 4-2 Networking diagram of IPTV DHCP server Router 10.10.10.10 Multicast server Radius server Loopback0 20.20.20.20/32 Swtich GE1/0/2.100 GE1/0/1.100 STB-A STB-B Configuration Roadmap The configuration roadmap is as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 109 Step 3 Bind user authentication domains to sub-interfaces. # Bind the user authentication domain stb-a to GE 1/0/1.100. [Quidway] aaa [Quidway-aaa] domain stb-a [Quidway-aaa-domain-stb-a] quit [Quidway-aaa] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 110 User detect interval : 60 (s) User detect retransmit times Option82 policy : none (0) Service policy : default (0) ----End Configuration Files Configuration file of the Switch Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 111 10.10.10.10 0 gateway 20.20.20.20 domain stb-a domain stb-b interface NULL0 interface LoopBacl0 ip address 20.20.20.20 255.255.255.255 ip route-static 10.10.10.0 255.255.255.0 NULL0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 112: Dhcpv6 Configuration

    5 DHCPv6 Configuration DHCPv6 Configuration About This Chapter Currently, the S9300&S9300E can function as only the DHCP relay agent on IPv6 networks. This document describes how to configure Dynamic Host Configuration Protocol for IPv6 (DHCPv6) relay. 5.1 Introduction to DHCPv6 DHCPv6 is designed for IPv6 addressing and is used to allocate IPv6 addresses and other network configuration parameters to hosts.

  • Page 113: Introduction To Dhcpv6

    The DHCP Unique Identifier (DUID) identifies a DHCPv6-enabled device including the DHCPv6 client and is used for verification between DHCPv6-enabled devices. The S9300&S9300E uses the DUID Based on hardware type, Link-layer Address and Time (DUID-LLT) to identify DHCPv6-enabled devices. Figure 5-1 shows the format of the DUID-LLT.

  • Page 114: Dhcpv6 Features Supported By The S9300&S9300E

    The link layer address is the MAC address. 5.2 DHCPv6 Features Supported by the S9300&S9300E Currently, the S9300&S9300E supports only the DHCPv6 relay function, and cannot function as the DHCPv6 server or client. Typical Networking of DHCPv6 Figure 5-2 shows a typical networking of DHCPv6.
  • Page 115 To prevent a large number of messages of clients or relay agents from attacking the device, the S9300&S9300E can limit the rate of DHCPv6 messages to be forwarded. An alarm is generated when the number of discarded packets exceeds the threshold.

  • Page 116: Configuring Dhcpv6 Relay

    DHCPv6 messages discarded 5.3.2 Enabling the DHCPv6 Relay Function You can enable the DHCPv6 relay function on a VLANIF interface of the S9300&S9300E, set the IPv6 address of the DHCPv6 server or the next hop relay agent, and specify the outbound interface of relay messages.

  • Page 117: Optional) Configuring The Remote Id

    DHCPv6 server or the next hop relay agent needs to be specified. On the S9300&S9300E, up to eight interfaces can be enabled with the DHCPv6 relay function and each interface can be configured with up to eight destination addresses.
  • Page 118 Currently, a remote ID can contain a maximum of 247 bytes. When the S9300&S9300E functions as the DHCPv6 relay agent, it processes the remote ID as follows: The S9300&S9300E directly receives messages from DHCPv6 clients. When constructing a Relay-Forward message, the S9300&S9300E adds the remote ID to the Relay-Forward...

  • Page 119: Optional) Configuring Rate Limit Of Dhcpv6 Messages

    Rate limit of DHCPv6 messages is enabled and the maximum transmission rate of DHCPv6 messages is set. By default, rate limit of DHCPv6 messages is disabled on the S9300&S9300E. Step 4 Run: dhcpv6 packet-rate drop-alarm enable The alarm function for DHCPv6 messages discarded when the rate of DHCPv6 messages exceeds rate limit.

  • Page 120: Maintaining Dhcpv6

    5.4.1 Clearing the Statistics About DHCPv6 Messages Passing Through the DHCP Relay Agent If the S9300&S9300E is enabled with the DHCPv6 relay function, the system collects statistics about DHCPv6 messages passing through the DHCP relay agent. To clear the statistics about DHCPv6 messages passing through the DHCPv6 relay agent, you can use the command in the user view or system view.

  • Page 121: Configuration Examples

    GE1/0/2 GE1/0/1 Switch VLANIF20 VLANIF10 3000::1/64 2000::1/64 3000::3/64 DHCPv6 relay agent DHCPv6 server DHCPv6 client DHCPv6 client Configuration Roadmap The configuration roadmap is as follows: Enable DHCP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 122 # Enable the DHCPv6 relay function on VLANIF 10 and set the IP address of the DHCPv6 server. [Quidway] interface vlanif 10 [Quidway-Vlanif10] dhcpv6 relay destination 3000::3 Step 5 Configure the Switch as the gateway. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 123 3000::3 interface Vlanif20 ipv6 enable ipv6 address 3000::1/64 interface GigabitEthernet1/0/1 port hybrid pvid vlan 10 port hybrid untagged vlan 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 124 S9300&S9300E Terabit Routing Switch Configuration Guide - IP Service 5 DHCPv6 Configuration interface GigabitEthernet1/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 125: Ip Performance Configuration

    Here, IP performance parameters supported by the S9300&S9300E are described. 6.2 IP Performance Supported by the S9300&S9300E This section describes the IP Performance features supported by the S9300&S9300E. 6.3 Optimizing IP Performance This section describes how to optimize IP performance of a certain network by setting IP performance parameters.

  • Page 126: Introduction To Ip Performance

    Load balancing mode of IP packet forwarding NOTE On the S9300&S9300E, you can set the load balancing mode for only the packets sent by the CPU. Timeout interval of the TCP FIN-Wait timer Timeout interval of the TCP SYN-Wait timer...

  • Page 127: Enabling An Interface To Check The Source Ip Addresses Of Packets

    Timeout interval of the TCP SYN-Wait timer, timeout interval of the TCP FIN-Wait timer, receive or transmit buffer of the socket 6.3.2 Enabling an Interface to Check the Source IP Addresses of Packets Context Do as follows on the S9300&S9300E. Procedure Step 1 Run: system-view The system view is displayed.

  • Page 128: Configuring Forcible Fragmentation Of Outgoing Packets On An Interface

    S9300&S9300E Terabit Routing Switch Configuration Guide - IP Service 6 IP Performance Configuration The S9300&S9300E only checks the source IP addresses of the packets sent from the interface to the CPU. ----End 6.3.3 Configuring Forcible Fragmentation of Outgoing Packets on...
  • Page 129 After the fast ICMP reply function is enabled on the S9300&S9300E, the S9300&S9300E can respond to ICMP Echo request packets quickly in the following situations: l The S9300&S9300E does not have the ARP entry of the device that initiates the ping. However, the S9300&S9300E cannot learn the ARP entry of this device in this case.

  • Page 130: Setting Tcp Parameters

    When the S9300&S9300E is disabled from sending ICMP Host Unreachable packets, all the interfaces of the S9300&S9300E do not send the ICMP Host Unreachable packets even if you run the undo icmp host- unreachable send (interface view) command in the interface view.

  • Page 131: Optional) Setting The Load Balancing Mode Of Ip Packet Forwarding

    The load balancing mode is configured for IP packet forwarding. NOTE The value of slot-id can only be 0. That is, on the S9300&S9300E, you can set the load balancing mode for only the packets sent by the CPU. ----End...

  • Page 132: Checking The Configuration

    Run the display fib [ slot-id ] [ vpn-instance vpn-instance-name ] statistics command to check the total number of FIB entries. ----End 6.4 Maintaining IP Performance This section describes how to maintain IP performance. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 133: Clearing Ip Performance Statistics

    Run the display fib [ vpn-instance vpn-instance-name ] acl acl-number [ verbose ] command to check information about the FIB entries that match ACL rules in a certain format. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 134: Debugging Ip Performance

    [ protocol protocol-number ] [ verbose verbose-number ] or debugging rawip packet [ task-id task-id ] [ socket-id socket-id ] [ verbose verbose-number ] command in the user view to debug RAWIP packets. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 135: Configuration Examples

    1.1.1.2/24 2.2.2.2/24 SwitchC SwitchB Configuration Roadmap The configuration roadmap is as follows: Assign IP addresses to interfaces on routing devices. Configure static routes to indirectly connected devices. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 136 [SwitchB] ip route-static 2.2.2.0 255.255.255.0 1.1.1.1 Step 3 Disable the sending of ICMP redirection packets on VLANIF 10 of Switch B. [SwitchB] interface vlanif 10 [SwitchB-Vlanif10] undo icmp redirect send Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 137 GigabitEthernet1/0/0 port hybrid tagged vlan 10 ip route-static 2.2.2.0 255.255.255.0 1.1.1.1 return Configuration file of Switch C sysname SwitchC vlan batch 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 138: Example For Disabling The Sending Of Icmp Host Unreachable Packets

    By default, the sending of ICMP host unreachable packets is enabled on the interface view. If the configuration is not changed, you can skip this configuration. Data Preparation To complete the configuration, you need the following data: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 139 [SwitchC-GigabitEthernet1/0/2] port hybrid tagged vlan 11 [SwitchC-GigabitEthernet1/0/2] quit [SwitchC] interface vlanif 11 [SwitchC-Vlanif11] ip address 2.2.2.2 24 [SwitchC-Vlanif11] quit # Configure a static route on Switch C. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 140 11 return Configuration file of Switch C sysname SwitchC vlan batch 11 interface vlanif 11 ip address 2.2.2.2 255.255.255.0 interface GigabitEthernet1/0/2 port hybrid tagged vlan 11 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 141: Example For Optimizing System Performance By Discarding Certain Icmp Packets

    BRAS S9300 DSLAM User network Enterprise Individual user user Configuration Roadmap Perform the configurations in the system view of the Switch. The configuration roadmap is as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 142 1 icmp with-options drop slot 1 icmp ttl-exceeded drop slot 2 icmp with-options drop slot 2 icmp ttl-exceeded drop slot 3 icmp with-options drop slot 3 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 143: Udp Helper Configuration

    This section describes the principle of UDP helper. 7.2 UDP Helper Features Supported by the S9300&S9300E This section describes the UDP Helper features supported by the S9300&S9300E. 7.3 Configuring UDP Helper This section describes how to configure UDP helper to forward IP broadcast packets of a specified UDP port.

  • Page 144: Introduction To Udp Helper

    The S9300&S9300E on a network needs to obtain network configurations or query the name of another device by sending broadcast packets. The S9300&S9300E, however, cannot obtain the required information if the S9300&S9300E and the server or the device to be queried are in different broadcast domains.

  • Page 145: Configuring Udp Helper

    7.3.1 Establishing the Configuration Task Applicable Environment When an S9300&S9300E on a network needs to obtain network configurations or query the name of another device by sending broadcast packets, you can enable the UDP helper function if the S9300&S9300E and the device to be queried are in different broadcast domains.

  • Page 146: Configuring The Udp Port On Which Packets Are Forwarded

    The UDP helper function is enabled. Context After the UDP helper function is enabled, the S9300&S9300E forwards broadcast packets of UDP ports 37 (Time), 49 (TACACS), 53 (DNS), 69 (TFTP), 137 (NetBIOS-NS), and 138 (NetBIOS-DS) by default. If the port number that needs to be configured is in the range of default UDP port numbers, you can skip this configuration procedure.

  • Page 147: Checking The Configuration

    <Quidway> display udp-helper server interface Vlanif 100 vlan-interface Server-Ip packet-num Vlanif100 10.10.10.10 7.4 Maintaining UDP Helper This section describes how to maintain UDP helper. 7.4.1 Clearing UDP Helper Statistics Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 148: Monitoring The Running Status Of Udp Helper

    The Switch is configured to forward broadcast packets with the destination UDP port number as 137 and the destination IP address as 255.255.255.255 and broadcast packets with the destination IP address as 10.110.255.255 to the NetBIOS-NS name server. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 149 <Quidway> system-view [Quidway] udp-helper enable Step 2 Configure the destination server to which packets of UDP ports are forwarded. [Quidway] vlan 100 [Quidway-Vlan100] quit [Quidway] interface vlanif 100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 150 Vlanif100 10.2.1.1 ----End Configuration Files Configuration file of the Switch sysname Quidway vlan batch 100 udp-helper enable interface Vlanif100 ip address 10.110.1.1 255.255.0.0 udp-helper server 10.2.1.1 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 151: Dns Configuration

    IP address of a host through. In this manner, you can use domain names, which are easy to memorize and are of significance, instead of complicated IP addresses. 8.2 DNS Supported by the S9300&S9300E Domain name resolution can be performed in either dynamic mode or static mode.

  • Page 152: Introduction To Dns

    DNS resolution. To improve resolution efficiency, you can put common domain names in a static domain name resolution table. The S9300&S9300E supports static resolution and dynamic resolution. 8.3 Configuring DNS By configuring the DNS, you can set up a mapping between a domain name and an IP address.

  • Page 153: Configuring Static Dns Entries

    To perform dynamic domain name resolution, you need a special domain name resolution server, which runs a server program. This server provides mappings between domain names and IP addresses and receives resolution requests from the client. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 154: Checking The Configuration

    Run the display dns server command to check the configurations about DNS servers. Run the display dns domain command to check the configurations about domain name suffixes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 155: Maintaining Dns

    This section describes DNS entry clearance through the reset command. Context CAUTION DNS entries cannot be restored after being cleared. So, confirm the action before you use this command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 156: Monitoring Network Operation Status Of Dns

    Run the following debugging command in the user view to debug DNS and locate the fault. For more information, refer to the chapter "Information Center Configuration" in the S9300&S9300E Terabit Routing Switch Configuration Guide - System Management. Procedure Step 1 Run the debugging dns command in the user view to debug dynamic DNS.

  • Page 157: Configuration Examples

    Figure 8-1, Switch A acts as a DNS client, being required to access the host 2.1.1.3/16 by using the domain name huawei.com. You need to configure domain name suffixes "com" and "net". On Switch A, configure static DNS entries of Switch B and Switch C so that Switch A can communicate with them by using domain names.
  • Page 158 S9300&S9300E Terabit Routing Switch Configuration Guide - IP Routing. Step 2 Verify the configuration. # Run the ping huawei.com command on Switch A to ping the IP address 2.1.1.3. The ping succeeds. <SwitchA> ping huawei.com Trying DNS server (3.1.1.2)
  • Page 159 LoopBack0 ip address 4.1.1.1 255.255.255.255 interface vlanif100 ip address 2.1.1.1 255.255.0.0 interface vlanif101 ip address 1.1.1.1 255.255.0.0 rip 1 network 2.0.0.0 network 1.0.0.0 network 4.0.0.0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 160 LoopBack0 ip address 4.1.1.2 255.255.255.255 interface vlanif100 ip address 2.1.1.2 255.255.0.0 interface vlanif101 ip address 3.1.1.1 255.255.0.0 rip 1 network 2.0.0.0 network 3.0.0.0 network 4.0.0.0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 161: Basic Configurations Of Ipv6

    The IPv6 functions of the S9300&S9300E are restricted through the license. Generally, the IPv6 commands can be run on a new device, but the corresponding IPv6 functions cannot take effect. To make the IPv6 functions effective on the S9300&S9300E, contact local office of Huawei to buy the license.

  • Page 162: Introduction To Ipv6

    The S9300&S9300E supports the IPv6 protocol suite and TCP6 protocol suite. IPv6 Features Supported by the S9300&S9300E The S9300&S9300E supports the setting of IPv6 addresses on a VLANIF, Loopback interface. Each interface supports a maximum of 20 IPv6 addresses, including link-local addresses and the global unicast addresses.

  • Page 163: Ipv6 Neighbor Discovery

    FIB. Forwarding Information Base (FIB) contains minimum necessary information needed by an S9300&S9300E to forward packets. An FIB entry usually contains the destination address, prefix length, transport port, next-hop address, route flag, time stamp. An S9300&S9300E forwards packets according to FIB entries.

  • Page 164: Configuring An Ipv6 Address For An Interface

    To configure IPv6 addresses for an interface, you need the following data. Data Number of the interface Link-local address configured manually Global unicast address and prefix length Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 165: Enabling Ipv6 Packet Forwarding Capability

    A packet with a link-local address as the source or destination address is forwarded only along the local link. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 166: Configuring An Ipv6 Global Unicast Address For An Interface

    You can enable the IPv6 capability. Step 4 Run: ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } or ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } eui-64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 167: Checking The Configuration

    Before configuring IPv6 neighbor discovery, complete the following tasks: Configuring the physical features for the interface and ensuring that the status of the physical layer of the interface is Up Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 168: Configuring Static Neighbors

    To configure a static neighbor entry on a VLANIF interface, run the ipv6 neighbor ipv6- address mac-address vid vlan-id interface-type interface-number command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 169: Enabling Ra Message Advertising

    The VLANIF interface view is displayed. Step 3 Run: ipv6 enable You can enable the IPv6 capability. Step 4 Run: ipv6 nd ra { max-interval maximum-interval | min-interval minimum-interval } Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 170: Enabling Stateful Auto Configuration

    When this flag is set, hosts use the stateful protocol for auto-configuration of other (non-address) information. ----End 9.4.6 Configuring the Address Prefixes to Be Advertised Nodes of the local links can perform address auto-configuration by using prefixes of these addresses. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 171: Configuring Other Information To Be Advertised

    The system view is displayed. Step 2 Run: ipv6 nd hop-limit limit ND hop limit is configured. The value of limit ranges from 1 to 255. By default, it is 64. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 172 Step 9 Run: ipv6 nd nud reachable-time value The NUD reachable time is set. Step 10 Run: ipv6 mtu mtu MTU of the interface is configured. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 173: Checking The Configuration

    *down: administratively down !down: FIB overload down (l): loopback (s): spoofing Interface Physical Protocol VLANIF20 [IPv6 Address] 2030::101:101 VLANIF30 [IPv6 Address] 2001::1 LoopBack0 up(s) [IPv6 Address] Unassigned Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 174: Configuring Tcp6

    By setting two TCP6 timers, you can control the TCP connection time. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: tcp ipv6 timer syn-timeout timer-value The TCP6 SYN-WAIT timer is set. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 175: Configuring The Size Of The Tcp6 Sliding Window

    Run the display tcp ipv6 statistics, display tcp ipv6 status, and display udp ipv6 statistics commands. If the connection status and statistic of TCP6 and UDP6 are displayed, it means that the configuration succeeds. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 176 Run the display ipv6 socket command. If the related socket information is displayed, it means that the configuration succeeds. <Quidway> display ipv6 socket SOCK_STREAM: Task = VTYD(14), socketid = 4, Proto = 6, Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 177: Maintaining Ipv6

    In routine maintenance, you can run the following commands in any view to display the running of IPv6. Procedure Run the display ipv6 interface [ interface-type interface-number | brief ] command in any view to view information about IPv6 on an interface. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 178: Debugging Ipv6

    Run the following debugging commands in the user view to debug IPv6 and locate the fault. For the procedures of displaying the debugging information, refer to the chapter "Information Center Configuration" in the S9300&S9300E Terabit Routing Switch Configuration Guide - System Management.

  • Page 179: Configuration Examples

    Global unicast address of an interface Procedure Step 1 Enable the IPv6 forwarding capability on the Switch. # Configure Switch A. <Quidway> system-view [Quidway] sysname SwitchA [SwitchA] ipv6 # Configure Switch B. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 180 IPv6 protocol current state : UP IPv6 is enabled, link-local address is FE80::2E0:FCFF:FE33:11 Global unicast address(es): 3001::2, subnet is 3001::/64 Joined group address(es): FF02::1:FF00:2 FF02::1:FF33:11 FF02::2 FF02::1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 181 Configuration file of Switch A sysname SwitchA ipv6 vlan batch 100 interface Vlanif100 ipv6 enable ipv6 address 3001::1/64 interface GigabitEthernet1/0/1 port hybrid pvid vlan 100 port hybrid untagged vlan 100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 182 Configuration file of Switch B sysname SwitchB ipv6 vlan batch 100 interface Vlanif100 ipv6 enable ipv6 address 3001::2/64 interface GigabitEthernet1/0/1 port hybrid pvid vlan 100 port hybrid untagged vlan 100 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 183: Ipv6 Dns Configuration

    IP address of a host. In this manner, you can use domain names, which are easy to memorize and are of significance, instead of complicated IP addresses. 10.2 IPv6 DNS Supported by the S9300&S9300E IPv6 domain name resolution can be performed in either dynamic mode or static mode.

  • Page 184: Introduction To Ipv6 Dns

    IPv6 DNS resolution. To improve resolution efficiency, you can put common domain names in a static domain name resolution table. 10.2 IPv6 DNS Supported by the S9300&S9300E IPv6 domain name resolution can be performed in either dynamic mode or static mode.

  • Page 185: Configuring A Static Ipv6 Dns Entry

    IPv6 address. Figure 10-1 DNS server connecting IPv4 and IPv6 networks DNS IPv4 client DNS server DNS IPv6 client IPv6 link IPv4 link Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 186: Checking The Configuration

    DNS fails in searching for a host name, it appends a domain name to the host name following a "." and continues the DNS search. You can configure some commonly used domain names like "com", and "net". For example, if the search for the host name "huawei" fails, the system then searches for "huawei.com" or "huawei.net".

  • Page 187: Maintaining Ipv6 Dns

    This section describes how to maintain the IPv6 DNS. Detailed operations include deleting IPv6 DNS entries and monitoring IPv6 DNS operation. 10.4.1 Clearing IPv6 DNS Entries This section describes IPv6 DNS entry clearance through the reset command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 188: Monitoring Network Operation Status Of Ipv6 Dns

    10.5 Configuration Examples This section provides several configuration examples of IPv6 DNS. 10.5.1 Example for Configuring IPv6 DNS This section provides a configuration example of IPv6 DNS. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 189: Networking Requirements

    Domain names of Switch B and Switch C IPv6 address of the IPv6 DNS server Domain name suffix Procedure Step 1 Configure Switch A. # Configure static IPv6 DNS entries. <SwitchA> system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 190 S9300&S9300E Terabit Routing Switch Configuration Guide - IP Routing. Step 2 Verify the configuration. # Run the ping ipv6 huawei.com command on Switch A. You can find that the Ping operation succeeds, and the destination IP address is 2002::1. <SwitchA> ping ipv6 huawei.com Resolved Host ( huawei.com ->...
  • Page 191 100 to 101 ipv6 interface GigabitEthernet1/0/1 port hybrid pvid vlan 101 port hybrid untagged vlan 101 interface GigabitEthernet1/0/2 port hybrid pvid vlan 100 port hybrid untagged vlan 100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 192 S9300&S9300E Terabit Routing Switch Configuration Guide - IP Service 10 IPv6 DNS Configuration interface vlanif100 ipv6 enable ipv6 address 2002::3/64 interface vlanif101 ipv6 enable ipv6 address 2003::1/64 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 193: Ipv6 Over Ipv4 Tunnel Configuration

    11.1 Introduction to IPv6 over IPv4 An IPv6 packet is transparently transmitted after being encapsulated into an IPv4 packet. 11.2 IPv6 over IPv4 Supported by the S9300&S9300E You can configure manual IPv6 over IPv4 tunnels or 6to4 tunnels to interconnect IPv6 networks.

  • Page 194: Introduction To Ipv6 Over Ipv4

    To implement this tunnel, enable IPv4/IPv6 dual stacks on the devices at the border of the IPv4 network and the IPv6 network. 11.2 IPv6 over IPv4 Supported by the S9300&S9300E You can configure manual IPv6 over IPv4 tunnels or 6to4 tunnels to interconnect IPv6 networks.

  • Page 195: Ipv6 Over Ipv4 Tunnel

    An IPv6 over IPv4 manual tunnel is set up by configuring the border devices of two tunnel ends. The source IPv4 address and destination IPv4 address of such a tunnel must be configured statically. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 196 IPv4 network. Similarly, the IPv4 address contained in the 6to4 address of the host or device in Site2 is the IPv4 address of the interface through which Switch B accesses the IPv4 network. Switch A and Switch B are both 6to4 devices. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 197: Isatap Tunnel

    The ISATAP device uses a router notification message to respond to the request. The router notification message contains the ISATAP prefix, which is manually configured on the device. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 198 IPv6 packet header. The remote 6PE then sends the packet to the destination host in the remote IPv6 network through the remote CE. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 199: Configuring Ipv4/Ipv6 Dual Stacks

    If a device has both IPv4 and IPv6 connections, the IPv4/IPv6 dual protocol stacks need to be enabled on the device. Enabling the IPv4/IPv6 dual protocol stacks on the S9300&S9300E is a simple process. Enable the IPv6 packet forwarding capacity in the system view and configure an IPv4 address or IPv6 address on the corresponding interface.

  • Page 200: Enabling Ipv6 Packet Forwarding

    IPv6 packets although the interface is configured with an IPv6 address. By default, the IPv6 packet forwarding capability is disabled. Step 3 Run: interface vlanif vlan-id Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 201: Configuring Ipv4 And Ipv6 Addresses For The Interface

    The link-local address of the interface is configured. l Run: ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length The global unicast address is configured. l Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 202: Checking The Configuration

    To configure an IPv6 over IPv4 tunnel, you need the following data. Data Number, IPv6 address and prefix length of the tunnel Encapsulation mode of packets over the tunnel Source IPv4 address or interface number of the tunnel Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 203: Configuring The Service Loopback Eth-Trunk Interface

    Before enabling the service loopback function, create an Eth-Trunk, add member interfaces to the Eth-Trunk and keep it in the Up state. Only one interface enabled with the service loopback function is needed on a device. Do as follows on the S9300&S9300E. Procedure Step 1 Run: system-view The system view is displayed.
  • Page 204 The destination address of the tunnel can be the address of a physical interface or the address of a loopback interface. Step 6 Run: ipv6 enable IPv6 is enabled on the interface. Step 7 Run: ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 205: Configuring A 6To4 Tunnel

    IPv6 is enabled on the interface. Step 6 Run: ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } The interface is configured with an IPv6 address. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 206: Configuring An Isatap Tunnel

    Step 5 Run: ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } The tunnel interface is configured with an IPv6 address. Step 6 Run: undo ipv6 nd ra halt Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 207: Configuring Routes In The Tunnel

    Applicable Environment To interconnect IPv6 networks over the existing MPLS network, 6PE must be configured on the PE devices. Pre-configuration Tasks Before configuring 6PE, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 208: Configuring Ipv4/Ipv6 Dual Protocol Stacks

    Step 4 Run: ip address ip-address { mask | mask-length } The interface is configured with an IPv4 address. Step 5 Run: quit Return to the system view. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 209: Configuring Mpls

    MPLS is enabled and the MPLS view is displayed. Step 4 Run: quit Return to the system view. Step 5 Run: mpls ldp MPLS LDP is enabled. Step 6 Run: quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 210: Enabling 6Pe Peer

    Step 5 Run: ipv6-family The BGP-IPv6 unicast address family view is displayed. Step 6 Run: peer peer-ipv4-address enable 6PE peer is enabled. Step 7 Run: peer peer-ipv4-address label-route-capability Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 211: Checking The Configuration

    This section describes how to debug an IPv6 over IPv4 tunnel. Context CAUTION Debugging affects the performance of the system. So, after debugging, run the undo debugging all command to disable it immediately. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 212: Configuration Examples

    IPv6 tunnel. View information about debugging, locate the fault, and analyze the cause. For the procedure of displaying the debugging information, refer to the chapter "Information Center Configuration" in the S9300&S9300E Terabit Routing Switch Configuration Guide - System Management. Procedure Step 1 Run the debugging tunnel { all | control | error | keepalive | packet | timer } [ interface tunnel interface-number ] command in the user view to debug tunnel information.
  • Page 213 # Bind the tunnel interface to the Eth-Trunk. [SwitchA-Tunnel1/0/1] eth-trunk 1 # Set IPv6 address and destination address for the tunnel interface. [SwitchA-Tunnel1/0/1] ipv6 enable [SwitchA-Tunnel1/0/1] ipv6 address 3001::1/64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 214 [SwitchC-GigabitEthernet1/0/1] port hybrid pvid vlan 200 [SwitchC-GigabitEthernet1/0/1] port hybrid untagged vlan 200 [SwitchC-GigabitEthernet1/0/1] quit [SwitchC] interface vlanif 200 [SwitchC-Vlanif200] ip address 192.168.51.2 255.255.255.0 [SwitchC-Vlanif200] quit # Set the tunnel protocol to IPv6-IPv4. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 215 --- 3001::1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 26/26/28 ms ----End Configuration Files Configuration file of Switch A sysname SwitchA ipv6 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 216 200 interface Vlanif200 192.168.51.2 255.255.255.0 interface Eth-Trunk1 service type tunnel interface GigabitEthernet1/0/1 port hybrid pvid vlan 200 port hybrid untagged vlan 200 interface GigabitEthernet1/0/3 eth-trunk 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 217: Example For Configuring A 6To4 Tunnel

    2002:201:102:1::2 IPv6 IPv6 Configuration Roadmap The configuration roadmap is as follows: Enabling the service loopback function on an Eth-Trunk interface. Configure the IPv4/IPv6 stack on the Switch. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 218 [SwitchA-Tunnel0/0/1] eth-trunk 1 [SwitchA-Tunnel1/0/1] tunnel-protocol ipv6-ipv4 6to4 [SwitchA-Tunnel1/0/1] ipv6 enable [SwitchA-Tunnel1/0/1] ipv6 address 2002:0201:0101::1/64 [SwitchA-Tunnel1/0/1] source vlanif 100 [SwitchA-Tunnel1/0/1] quit # Configure a route to other 6to4 networks. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 219 There must be a reachable route between SwitchA and SwitchB. In this example, the routing protocol needs to be configured on GigabitEthernet1/0/1 of SwitchA and SwitchB to ensure a reachable route between SwitchA and SwitchB. For the configuration procedure, see the S9300&S9300E Terabit Routing Switch Configuration Guide - IP Routing.
  • Page 220 GigabitEthernet1/0/1 port hybrid pvid vlan 100 port hybrid untagged vlan 100 interface GigabitEthernet1/0/2 port hybrid pvid vlan 200 port hybrid untagged vlan 200 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 221: Example For Configuring An Isatap Tunnel

    IPv6 network through a border device. Both the IPv6 host and the border device support ISATAP. Then you need to set up an ISATAP tunnel between the IPv6 host and the border device. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 222 [Quidway-GigabitEthernet1/0/3] eth-trunk 1 [Quidway-GigabitEthernet1/0/3] quit # Enable IPv4/IPv6 dual protocol stacks and configure an IP address for each interface. <Quidway> system-view [Quidway] ipv6 [Quidway] vlan batch 100 200 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 223 ND router advertisement max interval 600 seconds, min interval 200 seconds ND router advertisements live for 1800 seconds ND router advertisements hop-limit 10 Hosts use stateless autoconfig for addresses Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 224 Minimum = 0ms, Maximum = 0ms, Average = 0ms ----End Configuration Files The configuration file of the ISATAP device is as follows: sysname Quidway vlan batch 100 200 ipv6 interface Vlanif100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 225: Example For Configuring 6Pe

    IPv6 network. The PE device and CE device exchange routing information in static routing mode through the IPv6 address. Use the 6PE feature to connect IPv6 networks of users through the IPv4/MPLS network of carriers. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 226 [PE2] ipv6 # Set the IPv6 address for VLANIF 100 of PE1 and the IP address for Loopback0. [PE1] vlan batch 100 200 [PE1] interface gigabitethernet 1/0/0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 227 [PE2-Vlanif200] ip address 4.3.5.2 255.255.255.0 [PE2-Vlanif200] mpls [PE2-Vlanif200] mpls ldp [PE2-Vlanif200] quit # Configure OSPF on PE1 and trigger the setup of the LSP. [PE1] ospf [PE1-ospf-1] area 0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 228 [CE2] vlan batch 100 [CE2] interface gigabitethernet 1/0/0 [CE2-GigabitEthernet1/0/0] port hybrid pvid vlan 100 [CE2-GigabitEthernet1/0/0] port hybrid untagged vlan 100 [CE2-GigabitEthernet1/0/0] quit [CE2] interface vlanif 100 [CE2-Vlanif100] ipv6 enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 229 = 50 ms Reply from 3000:1065::2 bytes=56 Sequence=2 hop limit=63 time = 1 ms Reply from 3000:1065::2 bytes=56 Sequence=3 hop limit=63 time = 1 ms Reply from 3000:1065::2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 230 2.2.2.9 enable ipv6-family import-route direct import-route static peer 2.2.2.9 enable peer 2.2.2.9 label-route-capability ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 4.3.5.0 0.0.0.255 return Configuration file of PE2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 231 4.3.5.0 0.0.0.255 return Configuration file of CE1 sysname CE1 ipv6 vlan batch 100 interface Vlanif100 ipv6 enable ipv6 address 3000:435::2 64 interface GigabitEthernet1/0/0 port hybrid pvid vlan 100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 232 Vlanif100 ipv6 enable ipv6 address 3000:1065::2 64 interface GigabitEthernet1/0/0 port hybrid pvid vlan 100 port hybrid untagged vlan 100 ipv6 route-static :: 0 Vlanif100 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 233: Ipv4 Over Ipv6 Tunnel Configuration

    You can create tunnels on the IPv6 networks to connect IPv4 isolated sites so that IPv4 isolated sites can access other IPv4 networks through the IPv6 Internet. 12.2 IPv4 over IPv6 Supported by the S9300&S9300E This section describes how to interconnect IPv4 networks through IPv6 networks.

  • Page 234: Introduction To Ipv4 Over Ipv6

    12.2 IPv4 over IPv6 Supported by the S9300&S9300E This section describes how to interconnect IPv4 networks through IPv6 networks. The S9300&S9300E supports the enabling of IPv4 and IPv6 protocol stacks on the devices at the border of IPv6 and IPv4 networks.

  • Page 235: Configuring An Ipv4 Over Ipv6 Tunnel

    IPv4 address of the tunnel interface or the interface from which the IPv4 address is borrowed 12.3.2 Enabling the Service Loopback Function on an Eth-Trunk Interface Context Before enabling the service loopback function on an Eth-Trunk interface, note the following: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 236: Configuring A Tunnel Interface

    Before enabling the service loopback function, create an Eth-Trunk, add member interfaces to the Eth-Trunk and keep it in the Up state. Only one interface enabled with the service loopback function is needed on a device. Do as follows on the S9300&S9300E. Procedure Step 1 Run: system-view The system view is displayed.

  • Page 237: Configuring Routes In The Tunnel

    12.3.5 Checking the Configuration You can view the configuration of an IPv4 over IPv6 tunnel. Prerequisites The configurations of the IPv4 over IPv6 Tunnel function are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 238: Maintaining Ipv4 Over Ipv6 Tunnels

    Tunnel2/0/0 current state : UP Line protocol current state : UP Last line protocol up time : 2010-06-22, 19:33:19 Description : HUAWEI, Quidway Series, Tunnel2/0/0 Interface, Route Port Route Port,The Maximum Transmit Unit is 1452 bytes Internet Address is 10.1.1.1/30...

  • Page 239: Monitoring The Operation Status Of Ipv4 Over Ipv6 Tunnel

    IPv4 tunnel. View information about debugging, locate the fault, and analyze the cause. For the procedure of displaying the debugging information, refer to the chapter "Information Center Configuration" in the S9300&S9300E Terabit Routing Switch Configuration Guide - System Management. Procedure Step 1 Run the debugging tunnel { all | control | error | keepalive | packet | timer } [ interface tunnel interface-number ] command in the user view to debug tunnel information.

  • Page 240: Example For Configuring An Ipv6 Over Ipv4 Tunnel

    Routing protocols used on the IPv6 network and IPv4 network Source and destination IPv6 addresses at both ends of the tunnel IPv4 address of the tunnel interface Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 241 [SwitchD] vlan batch 100 200 [SwitchD] interface gigabitethernet 1/0/0 [SwitchD-GigabitEthernet1/0/0] port hybrid pvid vlan 100 [SwitchD-GigabitEthernet1/0/0] port hybrid untagged vlan 100 [SwitchD-GigabitEthernet1/0/0] quit [SwitchD] interface vlanif 100 [SwitchD-Vlanif100] ipv6 enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 242 # Configure Switch E. <Quidway> system-view [Quidway] sysname SwitchE [SwitchE] vlan batch 200 [SwitchE] interface gigabitethernet 1/0/0 [SwitchE-GigabitEthernet1/0/0] port hybrid pvid vlan 200 [SwitchE-GigabitEthernet1/0/0] port hybrid untagged vlan 200 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 243 [SwitchB] display interface tunnel 2/0/0 Tunnel2/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel2/0/0 Interface, Route Port Route Port,The Maximum Transmit Unit is 1500 Internet Address is 10.1.1.1/30 Encapsulation is TUNNEL6, loopback not set...
  • Page 244 100 ip route-static 10.1.3.2 255.255.255.252 vlanif 100 10.1.2.1 ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.3 return Configuration file of Switch B sysname SwitchB Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 245 1 inteface GigabitEthernet1/0/0 port hybrid pvid vlan 200 port hybrid untagged vlan 200 interface GigabitEthernet2/0/0 port hybrid pvid vlan 100 port hybrid untagged vlan 100 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 246 GigabitEthernet1/0/0 port hybrid pvid vlan 200 port hybrid untagged vlan 200 ip route-static 10.1.2.2 255.255.255.252 vlanif 200 10.1.3.1 ospf 1 area 0.0.0.0 network 10.1.3.0 0.0.0.3 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 247: Index

    Example for Configuring DNS, Example for Configuring IPv6 DNS, Example for Setting an IPv6 Address for a VLANIF Interface, Introduction to IPv6, IPTV, IPv6 Features Supported by the S9300&S9300E, Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

This manual is also suitable for:

S9300e

Table of Contents