Page 1 2. Port 3. VLAN 4. Network Protocol 5. Routing Protocol 6. Multicast Protocol 7. QoS/ACL 8. STP 9. Security 10. Reliability 11. System Management 12. PoE 13. Appendix Quidway S6500 Series Ethernet Switches Operation Manual Release 3000 Series Huawei Technologies Proprietary...
Page 2 3116A038 Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. If you purchase the products from the sales agent of Huawei Technologies Co., Ltd., please contact our sales agent. If you purchase the products from Huawei Technologies Co., Ltd. directly, Please feel free to contact our local office, customer care center or company headquarters.
Page 3 Copyright © 2005 Huawei Technologies Co., Ltd. All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks , HUAWEI, C&C08, EAST8000, HONET,...
Page 4 About This Manual Release Notes The product version that corresponds to the manual is Release 3000 Series. Related Manuals The following manuals provide more information about the Quidway S6500 Series Ethernet Switches. Manual Content Quidway S6500 Series Ethernet It provides information for the system Switches Installation Manual installation.
Page 5 Customers who are familiar with network fundamentals Conventions The manual uses the following conventions: I. General conventions Convention Description Arial Normal paragraphs are in Arial. Headings are in Boldface. Boldface Terminal Display is in Courier New. Courier New Huawei Technologies Proprietary...
Page 6 <Enter>, <Tab>, <Backspace>, or <A>. Press the keys concurrently. For example, <Ctrl+Alt+A> <Key1+Key2> means the three keys should be pressed concurrently. Press the keys in turn. For example, <Alt, A> means the <Key1, Key2> two keys should be pressed in turn. Huawei Technologies Proprietary...
Page 7 Eye-catching symbols are also used in the manual to highlight the points worthy of special attention during the operation. They are defined as follows: Caution, Warning, Danger: Means reader be extremely careful during the operation. Note, Comment, Tip, Knowhow, Thought: Means a complementary description. Huawei Technologies Proprietary...
Page 8 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Getting Started Huawei Technologies Proprietary...
Page 9: Table Of Contents
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Product Overview ......................1-1 1.1 Product Overview....................... 1-1 1.2 Function Features ......................1-2 Chapter 2 Logging in Switch......................2-1 2.1 Setting up Configuration Environment via the Console Port ..........2-1 2.2 Setting up Configuration Environment through Telnet............
Page 10: Chapter 1 Product Overview
Chapter 1 Product Overview 1.1 Product Overview Quidway S6500 Series Ethernet Switches is a series of large capacity, modularized wire speed L2/L3 Ethernet switches. They are mainly designed for IP MAN, large-sized enterprise network and campus network users. The series include the following main...
Page 11: Function Features
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 1 Product Overview 1.2 Function Features Table 1-1 Function features Features Description Supports VLAN compliant with IEEE 802.1Q Standard Supports port-based VLAN VLAN Supports protocol-based VLAN Supports GARP VLAN Registration Protocol (GVRP)
Page 12 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 1 Product Overview Features Description Supports Multi-level user management and password protect Supports 802.1X authentication Security features Supports Packet filtering Supports AAA & RADIUS/HWTACACS authentication Reliability Supports Virtual Redundancy Routing Protocol (VRRP)
Page 13: Chapter 2 Logging In Switch
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Chapter 2 Logging in Switch 2.1 Setting up Configuration Environment via the Console Port Step 1: As shown in the figure below, to set up the local configuration environment, connect the serial port of a PC (or a terminal) to the Console port of the switch with the Console cable.
Page 14: Setting Up Configuration Environment Through Telnet
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Figure 2-3 Configuring the port for connection Figure 2-4 Setting communication parameters Step 3: The switch is powered on. Display self-test information of the Ethernet switch and prompt you to press Enter to show the command line prompt such as <Quidway>.
Page 15 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Log in through the Ethernet port Correctly configure the IP address of a VLAN interface on a Switch (using the ip address command in VLAN interface view).
Page 16 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Workstation Workstation Ethernet port Ethernet port Ethernet Ethernet Serv er Serv er Workstation Workstation PC ( for configuri n g the switch PC ( for configuri n g the switch...
Page 17: Telneting A Switch Through Another Switch
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch 2.2.2 Telneting a Switch through another Switch After a user has logged into a switch, he or she can configure another switch through the switch via Telnet. The local switch serves as Telnet client and the peer switch serves as Telnet server.
Page 18: Setting Up Configuration Environment Through A Dial-Up The Modem
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Step 5: Use the corresponding commands to configure the switch or view it running state. Enter “?” to get the immediate help. For details of specific commands, refer to the following chapters.
Page 19 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 2 Logging in Switch Figure 2-9 Setting the dialed number Figure 2-10 Dialing on the remote PC Step 5: Enter the preset login password on the remote terminal emulator and wait for the prompt such as <Quidway>.
Page 20: Chapter 3 Command Line Interface
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Chapter 3 Command Line Interface 3.1 Command Line Interface Quidway series Switches provide a series of configuration commands and command line interfaces for configuring and managing the switch. The command line interface has the following characteristics: Local configuration via the Console port.
Page 21 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Management level: They are commands that influence basis operation of the system and system support module, which plays a support role on service. Commands of this level involve file system commands, FTP commands, TFTP commands, user management commands, and level setting commands.
Page 22 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Route policy view Basic ACL view Advanced ACL view Layer-2 ACL view User-defined ACL view QoS view RADIUS scheme view ISP domain view The following table describes the function features of different views and the ways to enter or quit.
Page 23 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Command Command to Command to Function Prompt view enter exit quit returns to Configure IP VLAN Key in interface system view interface [Quidway-Vlan-inte interface vlan-interface 1...
Page 24 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Command Command to Command to Function Prompt view enter exit quit returns to Configure system view Key in ospf in OSPF view OSPF [Quidway-ospf-1] system view...
Page 25: Features And Functions Of Command Line
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface Command Command to Command to Function Prompt view enter exit quit returns to RADIUS Configure Key in radius system view scheme RADIUS [Quidway-radius-1] scheme 1 in...
Page 26: Displaying Characteristics Of Command Line
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface [Quidway] interface vlan 1 ? <cr> <cr> indicates no parameter in this position. The next command line repeats the command, you can press <Enter> to execute it directly.
Page 27: Common Command Line Error Messages
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface can invoke and execute them at any time later. History command buffer is defaulted as 10. That is, the command line interface can store 10 history commands for each user.
Page 28: Editing Characteristics Of Command Line
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 3 Command Line Interface 3.3.5 Editing Characteristics of Command Line Command line interface provides the basic command editing function and supports to edit multiple lines. A command cannot longer than 256 characters. See the table below.
Page 29: Chapter 4 User Interface Configuration
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Chapter 4 User Interface Configuration 4.1 User Interface Overview User interface configuration is another way provided by the switch to configure and manage the port data.
Page 30: User Interface Configuration
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration 4.2 User Interface Configuration User interface configuration includes: Entering user interface view Configuring the user interface-supported protocol Configuring the attributes of AUX (Console) port Configuring the terminal attributes...
Page 31: Configuring The Attributes Of Aux (Console) Port
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Caution: If Telnet protocol is specified, to ensure a successful login via the Telnet, you must configure the password by default. If SSH protocol is specified, to ensure a successful login, you must configure the local or remote authentication of username and password using the command.
Page 32: Configuring The Terminal Attributes
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration III. Configuring parity on the AUX (Console) port Table 4-5 Configuring parity on the AUX (Console) port Operation Command Configure parity mode on the AUX...
Page 33 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration I. Enabling/Disabling terminal service After the terminal service is disabled on a user interface, you cannot log in to the switch through the user interface. However, the user logged in through the user interface before disabling the terminal service can continue his operation.
Page 34: Managing Users
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Table 4-10 Locking the user interface Operation Command Lock user interface lock IV. Setting the screen length If a command displays more than one screen of information, you can use the following command to set how many lines to be displayed in a screen, so that the information can be separated in different screens and you can view it more conveniently.
Page 35 In the following example, local username and password authentication are configured. # Perform username and password authentication when a user logs in through VTY 0 user interface and set the username and password to zbr and huawei respectively. [Quidway-ui-vty0] authentication-mode scheme...
Page 36 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration [Quidway] local-user zbr [Quidway-luser-zbr] password simple huawei [Quidway-luser-zbr] service-type telnet No authentication [Quidway-ui-vty0] authentication-mode none Note: By default, the password is required for authenticating the Modem and Telnet users when they log in.
Page 37 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration III. Setting the command level used after a user logs in from a user interface You can use the following command to set the command level after a user logs in from a specific user interface, so that a user is able to execute the commands at such command level.
Page 38: Configuring Modem Attributes
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Table 4-17 Setting the command priority Operation Command Set the command priority in a specified command-privilege level level view view. view command Restore the default command level in a undo command-privilege view view specified view.
Page 39: Displaying And Debugging User Interface
Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Table 4-19 Configuring to send messages between different user interfaces. Operation Command Configure to send messages between send { all | number | type number } different user interfaces.
Page 40 Operation Manual - Getting Started Quidway S6500 Series Ethernet Switches Chapter 4 User Interface Configuration Table 4-21 Displaying and debugging user interface Operation Command Clear a user in a specified user interface free user-interface [ type ] number Display the user application information...
Page 41 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Port Huawei Technologies Proprietary...
Page 42 Operation Manual - Port Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Ethernet Port Configuration ..................1-1 1.1 Ethernet Port Overview...................... 1-1 1.2 Ethernet Port Configuration ....................1-1 1.2.1 Enter Ethernet port view..................1-2 1.2.2 Enable/Disable Ethernet Port.................. 1-2 1.2.3 Set Description Character String for Ethernet Port ..........
Page 43 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Chapter 1 Ethernet Port Configuration 1.1 Ethernet Port Overview The Ethernet ports of S6500 Ethernet Switch have the following features: 10Base-T/100Base-TX Ethernet ports support MDI/MDI-X auto-sensing, and can...
Page 44 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Set the VLAN VPN Feature Copy port configuration to other ports 1.2.1 Enter Ethernet port view Before configuring the Ethernet port, enter Ethernet port view first.
Page 45 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Table 1-3 Set description character string for Ethernet port Operation Command Set description character string for Ethernet port. description text Delete the description character string of Ethernet.
Page 46 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Table 1-5 Set speed on Ethernet port Operation Command Set 100M Ethernet port speed speed { 10 | 100 | 1000 | 10000 | auto }...
Page 47 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration 1.2.7 Enable/Disable Flow Control for Ethernet Port After enabling flow control in both the local and the peer switch, if congestion occurs in the local switch, the switch will inform its peer to pause packet sending. Once the peer switch receives this message, it will pause packet sending, and vice versa.
Page 48 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration appropriate broadcast packet ratio by discarding the overflow traffic, so as to suppress broadcast storm, avoid suggestion and ensure the normal service. For example, the bandwidth suppression radio mode parameter is taken the maximum bandwidth ratio of the broadcast traffic allowed on the port.
Page 49 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration multicast packet ratio by discarding the overflow traffic, so as to suppress multicast storm, avoid suggestion and ensure the normal service. For example, the bandwidth suppression radio mode parameter is taken the maximum bandwidth ratio of the multicast traffic allowed on the port.
Page 50 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Table 1-12 Set link type for Ethernet port Operation Command Configure the port as access port port link-type access Configure the port as hybrid port port link-type hybrid...
Page 51 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration After adding the Ethernet port to specified VLANs, the local port can forward packets of these VLANs. The hybrid and trunk ports can be added to multiple VLANs, thereby implementing the VLAN intercommunication between peers.
Page 52 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration VLAN VPN feature can provide duplex VLAN Tags to a packet, i.e. mark the packet with another VLAN Tag besides the original one, thus to provide 4k x 4k VLANs to meet user’s demands.
Page 53 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Table 1-16 Copy port configuration to other ports Operation Command copy configuration source interface-type interface-number | interface-name | aggregation-group Copy port configuration agg-id destination interface_list to other ports...
Page 54 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Operation Command Configure that the system performs loopback loopback-detection detection to all VLANs on Trunk and Hybrid ports per-vlan enable (Ethernet port view) Configure that the system only performs loopback...
Page 55 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration 1.4 Ethernet Port Configuration Example I. Networking requirements Switch A is connected to Switch B via the Trunk port Ethernet1/0/1. Configure the Trunk port with default VLAN ID, so that: when receiving the packets without VLAN Tag, the port can forward them to the member ports belonging to the default VLAN;...
Page 56 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Execute the display interface or display port command to check if the port is a trunk port or a hybrid port. If it is neither of them, configure it as a trunk port or a hybrid port.
Page 57 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Chapter 2 Link Aggregation Configuration 2.1 Overview 2.1.1 Brief Introduction to Link Aggregation Link aggregation means aggregating several ports together to implement the outgoing/incoming payload balance among the member ports and enhance the connection reliability.
Page 58 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration aggregated, so that the two parties can agree on adding/deleting which port into/from a certain dynamic aggregation group. Operation key is a configuration set generated by LACP based on port setting (speed, duplex mode, basic configuration and management key).
Page 59 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration In a static LACP aggregation group, the system sets the ports to active or inactive state based on these rules: Based on the descending order of priority levels from full duplex/high speed, to full...
Page 60 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration determined by the port priority of the system. You can decide whether the port is selected or standby by setting system priority and port priority. 2.1.4 Load Sharing In terms of load balancing, link aggregation may be load balancing aggregation and non-load balancing aggregation.
Page 61 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration 2.2.1 Enable/Disable LACP at Port You should first enable LACP at the ports before performing dynamic aggregation, so that both parties can agree on adding/deleting the ports into/from a dynamic LACP aggregation group.
Page 62 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration During creating an aggregation group, if it already exists in the system but contains no member port, it changes to the new type; if it already exists in the system and contains member ports, then you can only change a dynamic or static LACP aggregation group to a manual one, or a dynamic LACP aggregation group to a static one.
Page 63 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration By default, an aggregation group has no descriptor. Note that if you have saved the current configuration with the save command, the configured manual aggregation groups, static LACP aggregation groups and corresponding descriptors exist when the system reboots.
Page 64 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Table 2-6 Configure port priority Operation Command Configure port priority lacp port-priority port-priority-value Restore the default port priority undo lacp port-priority By default, port priority is 32768.
Page 65 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Operation Command Disable/enable debugging [ undo ] debugging link-aggregation event link aggregation events 2.4 Link Aggregation Configuration Example I. Networking Requirement Switch A connects switch B with three aggregation ports, numbered as Ethernet1/0/1 to Ethernet1/0/3, so that incoming/outgoing load can be balanced among the member ports.
Page 66 Operation Manual - Port Quidway S6500 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Static LACP aggregation # Create static LACP aggregation group 1. [Quidway] link-aggregation group 1 mode static # Add Ethernet ports Ethernet1/0/1 to Ethernet1/0/3 into aggregation group 1.
Page 67 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual VLAN Huawei Technologies Proprietary...
Page 68 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 VLAN Configuration ....................1-1 1.1 VLAN Overview........................1-1 1.2 VLAN Common Configuration ................... 1-1 1.2.1 Create/Delete a VLAN..................... 1-2 1.2.2 Set VLAN Broadcast Suppression ................1-2 1.2.3 Set/Delete VLAN or VLAN interface Description Character ........
Page 69 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration Chapter 1 VLAN Configuration 1.1 VLAN Overview Virtual Local Area Network (VLAN) groups the devices of a LAN logically but not physically into segments to implement the virtual workgroups. IEEE issued the IEEE 802.1Q in 1999, which was intended to standardize VLAN implementation solutions.
Page 70 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration Set/Delete VLAN or VLAN interface description character string Specify/Remove VLAN interface Shut down/Enable VLAN Interface To configure a VLAN, first create a VLAN according to the requirements.
Page 71 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-2 Relationship Between Broadcast Suppression Mode and LPU Type Type A LPU (LS81FT48A/ Broadcast LPUs excluding LS81FM24A/LS81FS24A/LS81GB Suppression Mode the type A LPUs 8UA/LS81GT8UA) VLAN Supported...
Page 72 Chapter 1 VLAN Configuration By default, VLAN description character string is VLAN ID of the VLAN, e.g. VLAN 0001. VLAN interface description character text is the VLAN interface name, e.g. HUAWEI, Quidway Series, Vlan-interface1 Interface. 1.2.4 Name the current VLAN You can use the following command to name the current VLAN.
Page 73 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration Perform the following configuration in VLAN interface view. Table 1-7 Shut down/Enable VLAN interface Operation Command Shut down the VLAN interface shutdown Enabling the VLAN interface undo shutdown The operation of shutting down or enabling the VLAN interface has no effect on the UP/DOWN status of the Ethernet ports on the local VLAN.
Page 74 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration You can group packets of different network protocols to different VLANs, and packets with different encapsulation formats to different VLANs, regardless of the packets’ network protocols. For the packets of IPX protocol, you can group packets using the encapsulation format of Ethernet II to one VLAN, and those using encapsulation format of SNAP to another.
Page 75 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration 1.4.2 Create a Protocol-Based VLAN on the Specified Port Perform the following configuration in Ethernet port view. Table 1-10 Create/delete a Protocol-Based VLAN on the Specified Port...
Page 76 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration Note that you must add the card port where the protocol is to be applied to the protocol-based VLAN. Currently, only the cards (include LPU and SRPU) except A type ones support the command.
Page 77 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 1 VLAN Configuration 1.6 VLAN Configuration Example I. Networking requirements Create VLAN2 and VLAN3. Add Ethernet1/0/1 and Ethernet1/0/2 to VLAN2 and add Ethernet1/0/3 and Ethernet1/0/4 to VLAN3. II. Networking diagram...
Page 78 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration Chapter 2 GARP/GVRP Configuration 2.1 Configure GARP 2.1.1 GARP Overview Generic Attribute Registration Protocol (GARP) offers a mechanism that is used by the members in the same switching network to distribute, propagate and register such information as VLAN and multicast addresses.
Page 79 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration GARP and GMRP are described in details in the IEEE 802.1p standard (which has been added to the IEEE802.1D standard). Quidway Series Ethernet Switches fully support the GARP compliant with the IEEE standards.
Page 80 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration Table 2-1 Set GARP timer Operation Command Set GARP Hold timer, Join timer and garp timer { hold | join | leave } Leave timer timer_value Set GARP LeaveAll timer...
Page 81 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration Table 2-2 Display and debug GARP Operation Command Display GARP statistics display garp statistics interface information interface-list ] Display GARP timer display garp timer [ interface interface-list ]...
Page 82 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration 2.2.2 Enable/Disable Global GVRP You can use the following command to enable/disable global GVRP. Perform the following configurations in system view. Table 2-3 Enable/Disable global GVRP Operation...
Page 83 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration When an Ethernet port is set to be in Forbidden registration mode, all the VLANs except VLAN1 will be logged out and no other VLANs can be created and registered on this port.
Page 84 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 2 GARP/GVRP Configuration II. Networking diagram E1/0/10 E1/0/10 E1/0/11 E1/0/11 Switch A Switch A Switch B Switch B Figure 2-1 GVRP configuration example III. Configuration procedure Configure Switch A: # Enable GVRP globally.
Page 85 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 3 Super VLAN Chapter 3 Super VLAN Note: Only the Salience III series engines support the super VLAN. 3.1 Overview of Super VLAN To save IP address resources, the super VLAN concept (also known as VLAN aggregation) was developed.
Page 86 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 3 Super VLAN Table 3-1 Configure a super VLAN Operation Command Configure a super VLAN supervlan Remove super VLAN configuration undo supervlan Note that: You cannot configure Ethernet ports for the super VLAN.
Page 87 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 3 Super VLAN Table 3-3 Configure the mapping between a super VLAN and a sub VLAN Operation Command Configure the mapping between a super subvlan sub-vlan-list VLAN and a sub VLAN...
Page 88 Operation Manual - VLAN Quidway S6500 Series Ethernet Switches Chapter 3 Super VLAN III. Configuration procedure [Quidway] vlan 10 [Quidway-vlan10] supervlan [Quidway-vlan10] vlan 2 [Quidway-vlan2] port ethernet0/1 ethernet0/2 [Quidway-vlan2] vlan 3 [Quidway-vlan3] port ethernet0/3 ethernet0/4 [Quidway-vlan3] vlan 5 [Quidway-vlan5] port ethernet0/5 ethernet0/6...
Page 89 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Network Protocol Huawei Technologies Proprietary...
Page 90 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Address Configuration ................... 1-1 1.1 IP Address Overview ......................1-1 1.1.1 IP Address Classification and Indications ............... 1-1 1.1.2 Subnet and Mask ....................1-3 1.2 Configure IP Address......................
Page 91 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Table of Contents 5.2 Configuring DHCP Relay ....................5-2 5.2.1 Configuring the IP Address of a DHCP Server ............5-2 5.2.2 Configuring the Corresponding DHCP Server Group of the VLAN Interface..5-3 5.2.3 Configuring the Address Table Entry ..............
Page 92 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration Chapter 1 IP Address Configuration 1.1 IP Address Overview 1.1.1 IP Address Classification and Indications IP address is a 32-bit address allocated to the devices which access into the Internet. It consists of two fields: net-id field and host-id field.
Page 93 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration Table 1-1 IP address classes and ranges Network Address IP network Note class range range Host ID with all the digits being 0 indicates that the IP address is the network address, and is used for network routing.
Page 94 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration 1.1.2 Subnet and Mask Nowadays, with rapid development of the Internet, IP addresses are depleting very fast. The traditional IP address allocation method wastes IP addresses greatly. In order to make full use of the available IP addresses, the concept of mask and subnet is proposed.
Page 95 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration 1.2 Configure IP Address The IP address configuration includes: Configuring the Hostname and Host IP Address Configure IP Address of the VLAN Interface 1.2.1 Configuring the Hostname and Host IP Address The host name is corresponded to the IP address by using this command.
Page 96 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration 1.3 Display and debug IP Address After the above configuration, execute display command in any view to display the IP addresses configured on interfaces of the network device, and to verify the effect of the configuration.
Page 97 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Address Configuration Troubleshooting can be performed as follows: Check the configuration of the Ethernet Switch. Use display arp command to view the ARP entry table that the Switch maintains.
Page 98 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 2 ARP Configuration Chapter 2 ARP Configuration 2.1 Introduction to ARP I. Necessity of ARP An IP address cannot be directly used for communication between network devices because network devices can only identify MAC addresses. An IP address is only an address of a host in the network layer.
Page 99 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 2 ARP Configuration Normally, dynamic ARP executes and automatically searches for the resolution from the IP address to the Ethernet MAC address without the administrator. 2.2 Configure ARP The ARP mapping table can be maintained dynamically or manually. Usually, the manually configured mapping from the IP addresses to the MAC addresses is known as static ARP.
Page 100 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 2 ARP Configuration 2.2.2 Configure the Dynamic ARP Aging Timer For purpose of flexible configuration, the system provides the following commands to assign dynamic ARP aging period. When the system learns a dynamic ARP entry, its aging period is based on the current value configured.
Page 101 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 2 ARP Configuration If the device which sends the gratuitous ARP packet changed its hardware address (probably, it turns off, has its interface card changed, and then reboots), this packet can make old hardware address in the cache of other devices update accordingly.
Page 102 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 2 ARP Configuration 2.4 Display and debug ARP After the above configuration, execute display command in any view to display the running of the ARP configuration, and to verify the effect of the configuration. Execute debugging command in user view to debug ARP configuration.
Page 103 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 3 ARP Source Suppression Configuration Chapter 3 ARP Source Suppression Configuration 3.1 ARP Source Suppression Overview ARP source suppression means after receiving ARP packets, a switch classifies these packets and restricts the maximum number of different types of ARP packets sent to the CPU.
Page 104 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 3 ARP Source Suppression Configuration Table 3-1 ARP source suppression configuration tasks Configuration step Command Description Enter system view — system-view default, maximum number is related to ARP Configure packet types.
Page 105 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 4 Proxy ARP Chapter 4 Proxy ARP 4.1 Introduction to ARP Proxy When one of the following things occurs, you have to enable the ARP proxy function, if you want to realize layer 3 internetworking between ports.
Page 106 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration Chapter 5 DHCP Configuration 5.1 DHCP Overview 5.1.1 DHCP Fundamentals This is a world where networks are ever-growing with configurations getting complex, computers (such as laptop computers and wireless networks) are often moved, and the available IP addresses are far from adequate for the ever-increasing number of computers.
Page 107 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration DHCP client DHCP client Ethernet Internet Switch ( DHCP Rel DHCP client DHCP client DHCP Server Figure 5-2 DHCP Relay typical application DHCP Relay work on this principle: In the startup and DHCP initialization, DHCP Client advertises configuration request messages to the local network.
Page 108 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration Table 5-1 Configuring the IP address for the DHCP server Operation Command dhcp-server groupNo ip ip_address1 Configure IP address for DHCP server [ ip_address2 ] Delete all DHCP server IP addresses...
Page 109 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration Table 5-3 Configuring/Deleting the address table entry Operation Command dhcp-security static ip_address Add an entry to the address table mac_address undo dhcp-security { ip_address | all |...
Page 110 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration 5.2.6 Allow/Inhibit the Passing of Unknown Machines through DHCP Security Check The so called unknown machine is a device which IP and MAC addresses are not contained in any DHCP security table entry.
Page 111 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration 5.4 DHCP Relay Configuration Example I. Networking requirements The segment address for DHCP Client is 10.110.0.0, which is connected to a port in the VLAN2 on the switch. The IP address of DHCP Server is 202.38.1.2. The DHCP packets should be forwarded via the switch with DHCP Relay enabled.
Page 112 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 5 DHCP Configuration Secondly, use the display vlan and display ip interface vlan-interface commands to check if the VLAN and the corresponding interface IP address have been configured. Then make sure to ping the configured DHCP Server to ensure that the link is connected.
Page 113 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 6 IP Performance Configuration Chapter 6 IP Performance Configuration 6.1 IP Performance Configuration IP performance configuration includes: Configure TCP attributes Configure whether to send special IP packets to CPU Configure whether to forward L3 Broadcast Packets 6.1.1 Configure TCP Attributes...
Page 114 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 6 IP Performance Configuration By default, the TCP finwait timer is 675 seconds, the synwait timer is 75 seconds, and the receiving/sending buffer size of connection-oriented Socket is 4K bytes.
Page 115 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 6 IP Performance Configuration Table 6-3 Configure Whether to Forward L3 Broadcast Packets Operation Command Configure forward L3 broadcast packets ip forward-broadcast Disable forward L3 broadcast packets undo ip forward-broadcast By default, L3 broadcast packets is forwarded.
Page 116 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 6 IP Performance Configuration The following are the UDP packet formats: UDP output packet: Source IP address:202.38.160.1 Source port:1024 Destination IP Address 202.38.160.1 Destination port: 4296 Use the debugging tcp packet command to enable the TCP debugging to trace the TCP packets.
Page 117 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Chapter 7 IPX Configuration 7.1 IPX Protocol Overview Internetwork Packet Exchange (IPX) protocol is a network layer protocol in the NetWare protocol suite. It is similar to IP in the TCP/IP protocol suite. IPX functions to address, route and forward packets.
Page 118 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration 7.1.3 Service Advertising Protocol The Service Advertising Protocol (SAP) advertises the services provided by servers and their addresses as well. It is used by IPX to maintain and advertise dynamic service information.
Page 119 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Table 7-1 Enable IPX Operation Command Enable IPX ipx enable Disable IPX undo ipx enable By default, IPX is disabled. Note that after the undo ipx enable command is executed, the IPX configurations are not recoverable with the ipx enable command.
Page 120 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration The IPX static routes with the destination network number of 0xFFFFFFFE are default routes. 7.2.4 Configure an IPX Route Limit In IPX, you can configure in the routing table the maximum number of the dynamic routes and equivalent routes to the same destination.
Page 121 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration 7.2.5 Configure IPX RIP After IPX is enabled on VLAN interfaces, the system automatically enables RIP. You can configure IPX RIP parameters as needed. Configure the update interval of IPX RIP...
Page 122 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration III. Configure the size of IPX RIP update packets Perform the following configuration in VLAN interface view. Table 7-8 Configure the size of IPX RIP update packets...
Page 123 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration By default, IPX RIP does not import static routes. Note that RIP imports only active static routes; inactive static routes are neither imported nor forwarded. 7.2.6 Configure IPX SAP After IPX is enabled on VLAN interfaces, the system automatically enables SAP.
Page 124 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration By default, IPX SAP sends updates every 60 seconds. Ensure that all servers and switches on the network have the same SAP update interval to avoid the situation where the switches mistake an operating server for a failed one.
Page 125 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Respond with the information of the nearest server (the server with the smallest hop count in the service information table on the switch). Respond with the information of one server that is picked out from all the known servers through round robin polling.
Page 126 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Table 7-17 Configure a static IPX service entry Operation Command service service-type name Add a static IPX service entry network.node socket hops [ preference preference ]...
Page 127 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Table 7-19 Configure the maximum length of the service information reserve-queue for one service type Operation Command Configure the maximum length of the service information reserve-queue for ipx sap max-reserve-servers length one service type.
Page 128 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Table 7-21 Configure split horizon of IPX Operation Command Enable split horizon of IPX ipx split-horizon Disable split horizon of IPX undo ipx split-horizon By default, split horizon is enabled.
Page 129 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration 7.3 Display and Debug IPX After the above configuration, execute display command in any view to display the running of the IPX configuration, and to verify the effect of the configuration. Execute debugging command in user view to debug IPX.
Page 130 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration 7.4 IPX Configuration Example I. Networking requirements Through an IPX network, Switch A with the node address of 00e0-fc01-0000 is connected to Switch B with the node address of 00e0-fc01-0001.
Page 131 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration # Configure a static route with the destination network number 3. [Quidway-Vlan-interface1] quit [Quidway] ipx route-static 3 1000.00e0-fc01-0001 tick 7 hop 2 Configure Switch B # Enable IPX.
Page 132 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration Debug IPX packets with the debugging ipx packet command; check that IPX packets are correctly received, transmitted, forwarded. Fault 2: Packets are discarded. Troubleshooting: If the IPX packet debugging information shows that a packet is discarded because ”Packet size is greater than interface MTU!”, do the following:...
Page 133 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration If the configured static route is shown in the routing table, check that its hop count is smaller than 15. III. Troubleshoot IPX SAP Fault 1: Unable to add static service information to the service information table.
Page 134 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration There are update packets with the debugging ipx packet and debugging ipx sap packet verbose commands. If there are no update packets, check that the underlying network connection is available.
Page 135 Operation Manual - Network Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IPX Configuration The round robin polling is enabled with the display current-configuration command. Multiple equivalent service entries are available for the service request. The service entries are considered equivalent only when they have the same RIP ticks , RIP hop count, SAP hop count and SAP preference.
Page 136 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Routing Protocol Huawei Technologies Proprietary...
Page 137 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Routing Protocol Overview ..................1-1 1.1 Introduction to IP Route and Routing Table ..............1-1 1.1.1 IP Route and Route Segment ................. 1-1 1.1.2 Route Selection through the Routing Table ............
Page 138 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Table of Contents 3.2.15 Setting Additional Routing Metric ................ 3-10 3.2.16 Configuring Route Filtering ................. 3-11 3.2.17 Configuring Traffic Sharing Across RIP Interfaces ..........3-12 3.3 Displaying and Debugging RIP..................3-13 3.4 Typical RIP Configuration Example .................
Page 139 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Table of Contents 4.2.27 Disabling the Interface to Send OSPF Packets ..........4-24 4.2.28 Configuring OSPF and Network Management System (NMS) ......4-25 4.2.29 Resetting the OSPF Process ................4-26 4.3 Displaying and Debugging OSPF ..................
Page 140 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Table of Contents 5.2.28 Configuring IS-IS Routing Leak................5-20 5.2.29 Configuring IS-IS Route Filtering ................ 5-20 5.2.30 Setting the Preference of IS-IS Protocol ............. 5-21 5.2.31 Resetting All the IS-IS Data Structure..............5-22 5.2.32 Resetting the Specified IS-IS Peer..............
Page 141 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Table of Contents 7.2 IP Routing Policy Configuration ..................7-3 7.2.1 Defining a route-policy .................... 7-3 7.2.2 Defining If-match clauses for a Route-policy ............7-4 7.2.3 Defining apply clauses for a Route-policy............... 7-5 7.2.4 Importing Routing Information Discovered by Other Routing Protocols ....
Page 142 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Routing Protocol Overview Chapter 1 IP Routing Protocol Overview Note: When an Ethernet switch runs a routing protocol, it can perform the router functions. Router that is referred to in the following and its icon represent a generalized router or an Ethernet switch running routing protocols.
Page 143 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Routing Protocol Overview Route Route segment segment Figure 1-1 About hops As the networks may have different sizes, the segment lengths connected between two different pairs of routers are also different. The number of route segments multiplies a weighted coefficient can serve as a weighted measurement for the actual length of the signal transmission path.
Page 144 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Routing Protocol Overview destination host or router is located. For example, if the destination address is 129.102.8.10, the address of the network where the host or the router with the mask 255.255.0.0 is located will be 129.102.0.0.
Page 145 Figure 1-2 The routing table 1.2 Routing Management Policy The Quidway S6500 Series Ethernet Switches support the configuration of a series of dynamic routing protocols such as RIP, OSPF, Integrated IS-IS and BGP, as well as the static routes. The static routes configured by the user are managed together with the dynamic routes as detected by the routing protocol.
Page 146 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 1 IP Routing Protocol Overview Table 1-1 Routing protocols and the default preferences for the routes learned by them Routing protocol or route type The preference of the corresponding route...
Page 147 The Quidway S6500 series switches can import the information of another routing protocol. Each protocol has its own route redistribution mechanism. For details, please refer to the description about "Importing an External Route"...
Page 148 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration Chapter 2 Static Route Configuration 2.1 Introduction to Static Route 2.1.1 Attributes and Functions of Static Route A static route is a special route. You can set up an interconnecting network with the static route configuration.
Page 149 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration Internet Control Message Protocol (ICMP) packet will be sent to the originating host to inform that the destination host or network is unreachable. Default route is very useful in the networks. Suppose that there is a typical network, which consists of hundreds of routers.
Page 150 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration specified can the link layer find the corresponding link layer address, and then forward the packet according to this address. You cannot specify an interface address of the local switch as the next hop address of an static route.
Page 151 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration Table 2-3 Configuring the default preference of static routes Operation Command Configure the default preference route-static default-preference value of static routes default-preference-value Restore the default value undo ip route-static default-preference By default, its value is 60.
Page 152 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration Operation Command View the routing information found by display routing-table protocol the specified protocol protocol [ inactive | verbose ] View the tree routing table...
Page 153 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 2 Static Route Configuration [Switch B] ip route-static 1.1.5.0 255.255.255.0 1.1.3.1 [Switch B] ip route-static 1.1.1.0 255.255.255.0 1.1.3.1 # Configure the static route for Ethernet Switch C [Switch C] ip route-static 1.1.1.0 255.255.255.0 1.1.2.1 [Switch C] ip route-static 1.1.4.0 255.255.255.0 1.1.3.2...
Page 154 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Chapter 3 RIP Configuration 3.1 Brief Introduction to RIP Routing Information Protocol (RIP) is a relatively simple dynamic routing protocol, but it has a wide application. RIP is a kind of Distance-Vector (D-V) algorithm-based protocol and exchanges routing information via UDP packets.
Page 155 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration request by returning the response packets containing information of their local routing tables. After receiving the response packets, the router, which has sent the request, will modify its own routing table.
Page 156 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration 3.2.1 Enabling RIP and Entering RIP view Perform the following configurations in system view. Table 3-1 Enabling RIP and Entering RIP View Operation Command Enable RIP and enter RIP view...
Page 157 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration 3.2.3 Configuring Unicast of the Message RIP is a broadcast protocol. It exchanges routing information with non-broadcasting networks in unicast mode. Please perform the following configuration in RIP view.
Page 158 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration By default, the interface receives and sends the RIP-1 packets. It will transmit packets in multicast mode when the interface RIP version is set to RIP-2.
Page 159 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Note: You must consider network performance when adjusting RIP timers, and configure all the routes that are running RIP, so as to avoid unnecessary traffic or network oscillation.
Page 160 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Operation Command Enable the interface to send RIP update packet rip output Disable the interface to send RIP update packet undo rip output The undo rip work command and the undo network command have similar but not all the same functions.
Page 161 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration RIP-1 only sends the route with natural mask, that is, it always sends routes in the route aggregation form. RIP-2 supports subnet mask and classless interdomain routing. To advertise all the subnet routes, the route aggregation function of RIP-2 can be disabled.
Page 162 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration 3.2.11 Configuring Split Horizon Split horizon means that the route received via an interface will not be sent via this interface again. The split horizon is necessary for reducing routing loop. But in some special cases, split horizon must be disabled so as to get correct advertising at the cost of efficiency.
Page 163 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Table 3-13 Configuring default cost for the imported route Operation Command Configure default cost for the imported route default cost value Restore the default cost of the imported route.
Page 164 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Operation Command Set the additional routing metric of the route rip metricout value when the interface sends an RIP packet Disable the additional routing metric of the...
Page 165 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Operation Command undo filter-policy acl-number Cancel filtering the received global ip-prefix ip-prefix-name gateway routing information ip-prefix-name route-policy route-policy-name } import II. Configuring filtering the route distributed by RIP...
Page 166 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration Table 3-18 Configuring RIP traffic sharing among interfaces Configuration item Command Description Enter system view system-view Enter RIP view Enable traffic Required; default, traffic-share-across- sharing among...
Page 167 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration 155.10.1.0 and 196.38.165.0. Switch C, Switch A and Switch B are connected via Ethernet 110.11.2.0. Correctly configure RIP to ensure that Switch C, Switch A and Switch B can interconnect.
Page 168 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 3 RIP Configuration # Configure RIP [Switch B] rip [Switch B-rip] network 196.38.165.0 [Switch B-rip] network 110.11.2.0 Configure Switch C: # Configure RIP [Switch C] rip [Switch C-rip] network 117.102.0.0 [Switch C-rip] network 110.11.2.0...
Page 169 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Chapter 4 OSPF Configuration 4.1 OSPF Overview 4.1.1 Introduction to OSPF Open Shortest Path First (OSPF) is an Interior Gateway Protocol based on the link state developed by IETF. At present, OSPF version 2 (RFC2328) is used, which is...
Page 170 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration a weighted directed graph, which actually reflects the topology architecture of the whole network. Obviously, all the routers get a graph exactly the same. A router uses the SPF algorithm to calculate the shortest path tree with itself as the root, which shows the routes to the nodes in the autonomous system.
Page 171 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Link State Acknowledgment (LSAck) packet The packet is used for acknowledging the received LSU packets. It contains the HEAD(s) of LSA(s) requiring acknowledgement. 4.1.4 Basic Concepts Related to OSPF I.
Page 172 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration to take changes. Hence, the network will always in “turbulence”, and a great number of OSPF packets will be generated and transmitted in the network. This will lower the network bandwidth utility.
Page 173 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Configuring the Cost for Sending Packets on an Interface Setting the Interface Priority for DR Election Setting the peer Setting the Interval of Hello Packet Transmission...
Page 174 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.2 Entering OSPF Area view Perform the following configurations in OSPF view. Table 4-2 Entering OSPF Area view Operation Command Enter OSPF Area view area area-id...
Page 175 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.4 Configuring Router ID Router ID is a 32-bit unsigned integer that uniquely identifies a router within an AS. Router ID can be configured manually. If Router ID is not configured, the system will select the IP address of an interface automatically.
Page 176 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Configure the interface type to p2mp if not all the routers are directly accessible on an NBMA network. Change the interface type to p2p if the router has only one peer on the NBMA network.
Page 177 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration For S6500 series switches,the default cost for running OSPF protocol of on the VLAN interface is 10. 4.2.7 Setting the Interface Priority for DR Election The priority of the router interface determines the qualification of the interface in DR election, and the router of higher priority will be considered first if there is a collision in the election.
Page 178 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-7 Setting the Interface Priority for DR Election Operation Command Configure the interface with a priority for ospf dr-priority priority_num DR election Restore the default interface priority undo ospf dr-priority By default, the priority of the Interface is 1 in the DR election.
Page 179 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-9 Setting the Interval of Hello Packet Transmission Operation Command Set the hello interval of the interface ospf timer hello seconds Restore the default hello of the interface...
Page 180 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration The user can configure the interval of sending LSU message. Obviously, more attention should be paid on this item over low speed network. Perform the following configuration in Interface view:...
Page 181 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.13 Setting a Shortest Path First (SPF) Calculation Interval for OSPF Whenever the LSDB of OSPF takes changes, the shortest path requires recalculation. Calculating the shortest path upon change will consume enormous resources as well as affect the operation efficiency of the router.
Page 182 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-14 Configuring STUB area of OSPF Operation Command Configure an area to be the STUB area stub [ no-summary ] Remove the configured STUB area...
Page 183 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration NSSA NSSA area 1 area 1 NSSA NSSA NSSA NSSA ASBR ASBR area 0 area 0 area 2 area 2 Figure 4-1 NSSA area Perform the following configuration in OSPF Area view.
Page 184 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.16 Configuring the Route Summarization of OSPF Area Route summary means that ABR can aggregate information of the routes of the same prefix and advertise only one route to other areas. An area can be configured with multiple aggregate segments, thereby OSPF can summarize them.
Page 185 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-17 Configuring summarization of imported routes by OSPF Operation Command Configure summarization of imported asbr-summary ip-address mask routes by OSPF [ not-advertise | tag value ]...
Page 186 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration The "logic channel" means that the multiple routers running OSPF between two ABRs only take the role of packet forwarding (the destination addresses of the protocol packets are not these routers, so these packets are transparent for them and the routers forward them as common IP packets).
Page 187 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.20 Configuring OSPF Packet Authentication OSPF supports simple authentication or MD5 authentication between neighboring routers. Perform the following configuration in Interface view: Table 4-20 Configuring OSPF Packet Authentication...
Page 188 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration reach the corresponding ASBR from the local router + cost to reach the destination address of the route from the ASBR The external routes type-2 refer to the imported EGP routes. Since these routes have...
Page 189 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-22 Configuring Parameters for OSPF to Import External Routes Operation Command Configure the minimum interval for OSPF to import default interval seconds the external routes...
Page 190 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Table 4-23 Configuring OSPF to Import the Default Route Operation Command default-route-advertise [ always | cost Import the default route to OSPF value | type type-value | route-policy...
Page 191 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration I. Configuring OSPF to filter the received routes Table 4-25 Enabling OSPF to filter the received routes Operation Command filter-policy { acl-number | ip-prefix Disable to filter the received global...
Page 192 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration 4.2.26 Configuring to Fill the MTU Field When an Interface Transmits DD Packets OSPF-running routers use the DD (Database Description) packets to describe their own LSDBs when synchronizing the databases.
Page 193 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration OSPF to adapt to the networking can be enhanced, which will hence reduce the consumption of system resources. On a switch, this command can disable/enable the specified VLAN interface to send OSPF packets.
Page 194 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration By default, OSPF TRAP function is disabled. That is, the switch does not send TRAP packets when any OSPF process is abnormal. The configuration is valid to all OSPF processes if you do not specify a process ID.
Page 195 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Operation Command Display OSPF virtual links display ospf [ process-id ] vlink Display OSPF request list display ospf [ process-id ] request-queue Display OSPF retransmission list...
Page 196 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration III. Configuration procedure # Configure Switch A: [Switch A] interface Vlan-interface 1 [Switch A-Vlan-interface1] ip address 196.1.1.1 255.255.255.0 [Switch A-Vlan-interface1] ospf dr-priority 100 [Switch A] router id 1.1.1.1...
Page 197 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration [Switch D] router id 4.4.4.4 [Switch D] ospf [Switch D-ospf-1] area 0 [Switch D-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 On Switch A, run display ospf peer to display the OSPF peers. Please note that Switch A has three peers.
Page 198 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration II. Networking diagram Switch A 1.1.1.1 Area 0 196.1.1.1/24 196.1.1.2/24 Switch B 197.1.1.2/24 2.2.2.2 Virtual Area 1 Link 197.1.1.1/24 152.1.1.1/24 Switch C Area 2 3.3.3.3 Figure 4-3 OSPF virtual link configuration networking III.
Page 199 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration [Switch B-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 [Switch B-ospf-1-area-0.0.0.0] quit [Switch B-ospf-1] area 1 [Switch B-ospf-1-area-0.0.0.1] network 197.1.1.0 0.0.0.255 [Switch B-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3 # Configure Switch C: [Switch C] interface Vlan-interface 1 [Switch C-Vlan-interface1] ip address 152.1.1.1 255.255.255.0...
Page 200 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration Execute the display ospf interface command to view OSPF information in the interface. Check whether the physical connections and the lower level protocol operate normally. You can execute the ping command to test. If the local router cannot ping the peer router, it indicates that faults have occurred to the physical link and the lower level protocol.
Page 201 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 4 OSPF Configuration The backbone area (area 0) cannot be configured as the STUB area and the virtual link cannot pass through the STUB area. That is, if a virtual link has been set up between RTB and RTC, neither area1 nor area0 can be configured as a stub area.
Page 202 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Chapter 5 Integrated IS-IS Configuration 5.1 Brief Introduction to Integrated IS-IS Intermediate System-to-Intermediate System (IS-IS) intra-domain routing information exchange protocol is the dynamic routing protocol used inside the Autonomous System (AS) issued by the International Organization for Standardization (ISO).
Page 203 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration 5.1.2 Two-level Structure of IS-IS Routing Protocol Area 1 Area 2 Routing Domain 1 Routing Domain 2 Routing Domain Boundary Area 3 IS-IS Area End system...
Page 204 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Level-1/Level-2 router contiguous with a router in some other area will notify the Level-1 routers in the local area that it has the exit of the area.
Page 205 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration NSAP Selector (SEL) of 8 bits does not select routes but equals the protocol identifier of IP. Different transmission protocols correspond to different identifiers. All the SELs of IP are 00.
Page 206 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration IS-IS configuration includes: Enabling IS-IS and Entering the IS-IS View Setting Network Entity Title (NET) Enabling IS-IS on the Specified Interface Setting IS-IS Link State Routing Metric...
Page 207 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-1 Enabling IS-IS and entering the IS-IS view Operation Command Enable the IS-IS and enter the IS-IS view isis [ tag ] Cancel the specified IS-IS routing process undo isis [ tag ] The tag parameter identifies the IS-IS process.
Page 208 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-3 Enabling IS-IS on the specified Interface Operation Command Enable IS-IS on the specified Interface isis enable [ tag ] Cancel this designation undo isis enable [ tag ] 5.2.4 Configuring IS-IS Route Metric Type...
Page 209 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration The value parameter is configured according to the link state of the Interface. By default, the routing cost of IS-IS on Interface is 10. 5.2.6 Setting the Hello Packet Broadcast Interval...
Page 210 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-7 Setting the CSNP packet broadcast interval Operation Command Set the CSNP packet broadcast interval, isis timer csnp seconds [ level-1 | measured in seconds...
Page 211 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-9 Setting LSP packet retransmission interval Operation Command Set the retransmission interval of the isis timer retransmit seconds LSP packet over p2p links Restore...
Page 212 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-11 Setting priority for DIS election Operation Command Set the priorities for DIS election on the isis dis-priority value [ level-1 | interface level-2 ]...
Page 213 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration 5.2.13 Setting IS-IS Authentication I. Setting Interface Authentication The authentication password set on the interface is mainly used in the Hello packet so as to confirm the validity and correctness of its peers. The authentication passwords at the same level of all the interfaces of a network should be identical.
Page 214 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-14 Setting IS-IS authentication password Operation Command area-authentication-mode { simple | Set authentication-mode password md5 } password [ ip | osi ] undo area-authentication-mode...
Page 215 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Perform the following configurations in Interface view. Table 5-16 Setting the mesh group of the interface Operation Command isis mesh-group [ mesh-group-number Add an interface to a mesh group.
Page 216 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-18 Setting to generate default route Operation Command default-route-advertise route-policy Set to generate default route route-policy-name ] undo default-route-advertise [ route-policy Set not to generate default route...
Page 217 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-20 Setting overload flag bit Operation Command Set overload flag bit set-overload Remove the overload flag bit undo set-overload By default, no over load bit is set.
Page 218 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration By default, the peer changes log is disabled. 5.2.21 Setting LSP Refresh Interval In order to ensure that the LSPs in the whole area can maintain the synchronization, all the current LSPs will be transmitted periodically.
Page 219 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Table 5-25 Setting SPF calculation in slice Operation Command Set the duration of one cycle in second spf-slice-size seconds of SPF calculation Restore the default configuration...
Page 220 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Perform the following configurations in IS-IS view. Table 5-27 Setting SPF computing interval Operation Command Set SPF computing interval timer spf seconds [ level-1 | level-2 ]...
Page 221 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Perform the following configurations in IS-IS view. Table 5-29 Importing routes of other protocols Operation Command import-route protocol [ cost value | type { external |...
Page 222 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration Perform the following configurations in IS-IS view. Configuring to filter the routes received by IS-IS Table 5-31 Configuring to filter the received routes Operation Command...
Page 223 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration find the route to the same destination, the protocol with the higher preference will take effect. Perform the following configurations in IS-IS view. Table 5-33 Configuring the preference of IS-IS protocol...
Page 224 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration 5.3 Displaying and Debugging Integrated IS-IS Through the following configuration operations, you can view the LSDB of the IS-IS, the transmitting/receiving of various packets of the IS-IS and the SPF calculation so as to determine the IS-IS route maintenance conditions.
Page 225 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration 5.4 Typical Integrated IS-IS Configuration Example I. Networking requirement As is shown in the following figure, Switches A, B, C and D belong to the same autonomous system.
Page 226 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration [Switch A] interface vlan-interface 102 [Switch A-Vlan-interface102] ip address 100.20.0.1 255.255.255.0 [Switch A-Vlan-interface102] isis enable # Configure Switch B [Switch B] isis [Switch B-isis] network-entity 86.0001.0000.0000.0006.00 [Switch B] interface vlan-interface 101 [Switch B-Vlan-interface101] ip address 200.10.0.1 255.255.255.0...
Page 227 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 5 Integrated IS-IS Configuration [Switch D-Vlan-interface102] ip address 100.20.0.2 255.255.255.0 [Switch D-Vlan-interface102] isis enable [Switch D] interface vlan-interface 100 [Switch D-Vlan-interface100] ip address 100.30.0.1 255.255.255.0 [Switch D-Vlan-interface100] isis enable...
Page 228 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Chapter 6 BGP Configuration 6.1 Brief Introduction to BGP 6.1.1 BGP Overview Border gateway protocol (BGP) is an inter-autonomous system (inter-AS) dynamic route discovery protocol. Three early versions of BGP are BGP-1 (RFC1105), BGP-2 (RFC1163) and BGP-3 (RFC1267).
Page 229 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Note: CIDR handles IP addresses in an entirely new way, that is, it does not distinguish networks of Class A, Class B and Class C. For example, an invalid Class C network address 192.213.0.0 (255.255.0.0) can be expressed as 192.213.0.0/16 in CIDR mode,...
Page 230 I. Route advertisement policy In the implementation of Quidway S6500 Series Ethernet Switches, these policies are used by BGP when advertising routes: If there are multiple routes available, a BGP speaker only selects the optimum one.
Page 231 II. Peer configuration VS peer group configuration In Quidway S6500 Series Ethernet Switches, a BGP peer must belong to a peer group. If you want to configure a BGP peer, you need first to create a peer group and then add a peer into the group.
Page 232 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Refreshing BGP routes 6.2.1 Enabling BGP To enable BGP, local AS number should be specified. After the enabling of BGP, local router listens to BGP connection requests sent by adjacent routers. To make the local router send BGP connection requests to adjacent routers, refer to the configuration of the peer command.
Page 233 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration II. Configuring AS number of a EBGP peer group You can specify AS number for EBGP peer group, but IBGP needs no AS number. When a peer group is specified with an AS number, all its member peers inherit the AS number.
Page 234 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-5 Configuring the state of a peer/peer group Operation Command Enable a peer/peer group peer { group-name | peer-address } enable disable a peer/peer group undo peer { group-name | peer-address } enable By default, a peer or peer group is enabled.
Page 235 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration By default, the keep-alive message is sent every 60 seconds and the value of the hold timer is 180 seconds. VII. Configuring the interval at which route update messages are sent by a...
Page 236 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration II. Configuring a peer group to be a client of a route reflector Table 6-10 Configuring a peer (group) to be a client of a route reflector...
Page 237 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration V. Removing private AS numbers while transmitting BGP update messages Generally, the AS numbers (public AS numbers or private AS numbers) are included in the AS paths while transmitting BGP update messages. This command is used to configure certain outbound routers to ignore the private AS numbers while transmitting update messages.
Page 238 In BGP, no MD5 authentication is performed in setting up TCP connections by default. 6.2.4 Configuring route filtering of peer (group) Quidway S6500 series switches support filtering imported and advertised routes for peers (groups) through Route-policy, AS path list , ACL and ip prefix list.
Page 239 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration The route filtering policy of advertised routes configured for each member of a peer group must be same with that of the peer group but their route filtering policies of ingress routes may be different.
Page 240 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration III. Configuring route filtering policy based on AS path list for a peer (group) Table 6-20 Configuring route filtering policy based on AS path list for a peer (group)
Page 241 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-22 Configuring Networks for BGP Distribution Operation Command network ip-address address-mask Configure the local network route [ route-policy route-policy-name ] undo network ip-address Remove the local network route...
Page 242 Command cancel the synchronization of BGP and IGP undo synchronization By default, BGP doesn’t synchronize with IGP. Quidway S6500 series ethernet switches don’t support synchronization of BGP and IGP. 6.2.7 Configuring BGP Route Summarization The CIDR supports route summarization. There are two modes of BGP route summarization: summary: The summary of the BGP subnet routes.
Page 243 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration 6.2.8 Configuring BGP Route Filtering I. Configuring BGP to filter the received route information Perform the following configurations in BGP view. The routes received by the BGP can be filtered, and only those routes that meet the certain conditions will be received by the BGP.
Page 244 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Note: The filter-policy import command filters BGP route received from the neighbors. The routes that cannot pass the filter won’t be added to the routing table, and won’t be advertised to the neighbors.
Page 245 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-28 Configuring BGP route dampening Operation Command dampening half-life-reachable half-life-unreachable reuse suppress Configure BGP route dampening ceiling route-policy route-policy-name ] Clear route attenuation information and...
Page 246 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-29 Configuring BGP preference Operation Command Configure BGP preference preference ebgp-value ibgp-value local-value Restore the default preference undo preference The ebgp-value, ibgp-value and local-value parameters are in the range of 1 to 256. By default, the first two is 256 and the last one is 130.
Page 247 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-31 Configuring the local preference Operation Command Configure the local preference default local-preference value Restore the default local preference undo default local-preference The local preference is transmitted only when the IBGP peers exchange the update packets and it will not be transmitted beyond the local AS.
Page 248 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-33 Comparing the MED Routing Metrics from the Peers in Different ASs Operation Command Comparing the MED Routing Metrics compare-different-as-med from the Peers in Different ASs...
Page 249 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration 6.2.16 Configuring BGP Route Reflector To ensure the interconnection between IBGP peers, it is necessary to establish fully connected network. In some networks, there are large numbers of IBGP peers, and the internal BGP network becomes very large, consequently the costs to establish fully meshed network are very large.
Page 250 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration the other non-client peer, forms a fully meshed network because they follow the basic principles of IBGP fully meshed network. The route reflection function is only completed on route reflector, and all client peers and non-client peers are routine BGP peers.
Page 251 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration The parameter is not necessarily configured, and it will automatically function upon enabling BGP. Configure the Cluster_ID of the route reflector 6.2.17 Configuring BGP AS Confederation Attribute Confederation provides the method to handle the booming IBGP network connections inside AS.
Page 252 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-38 Configuring sub-AS belonging to the confederation Operation Command Configure a confederation consisting of confederation peer-as as-number-1 which sub-ASs [ ... as-number-n ] Cancel the specified sub-AS in the...
Page 253 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Please perform the following configurations in the system view: Table 6-40 Defining the AS path list Operation Command ip as-path-acl acl-number { permit | Define the AS path list...
Page 254 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Table 6-41 Clearing BGP connection Operation Command Clear the connection between BGP and reset bgp peer-address [ flap-info ] the specified peers Clear all connections of BGP...
Page 255 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Operation Command Display CIDR routes display bgp routing-table cidr display bgp routing-table community Display the routing information of the aa:nn no-export-subconfed specified BGP community no-advertise no-export...
Page 256 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Operation Command debugging bgp packet [ receive | Enable BGP packet debugging send ] [ verbose ] debugging route-refresh Enable BGP Update packet debugging [ receive | send ] [ verbose ]...
Page 257 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration II. Networking diagram AS100 Switch B AS1001 Switch A AS1002 172.68.10.2 172.68.10.1 Ethernet 172.68.10.3 172.68.1.1 172.68.1.2 156.10.1.1 Switch C Switch D AS1003 156.10.1.2 Switch E AS200 Figure 6-2 Networking diagram of configuring AS confederation III.
Page 258 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration [Switch B-bgp] confederation peer-as 1001 1003 [Switch B-bgp] group confed1001 external [Switch B-bgp] peer confed1001 as-number 1001 [Switch B-bgp] group confed1003 external [Switch B-bgp] peer confed1003 as-number 1003 [Switch B-bgp] peer 172.68.10.1 group confed1001...
Page 259 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration II. Networking diagram Route reflector VLAN 3 VLAN 4 193.1.1.1/24 194.1.1.1/24 Network Switch C 1.0.0.0 AS200 IBGP IBGP VLAN 100 VLAN 4 EBGP 1.1.1.1/8 VLAN 3 194.1.1.2/24...
Page 260 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration [Switch B-bgp] group ex external [Switch B-bgp] peer 192.1.1.1 group ex as-number 100 [Switch B-bgp] group in internal [Switch B-bgp] peer 193.1.1.1 group in Configure Switch C:...
Page 261 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration 6.4.3 Configuring BGP Routing I. Networking requirements This example illustrates how the administrators manage the routing via BGP attributes. All Ethernet switches are configured with BGP, and IGP in AS 200 utilizes OSPF.
Page 262 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration [Switch A-bgp] peer 192.1.1.2 group ex192 as-number 200 [Switch A-bgp] group ex193 external [Switch A-bgp] peer 193.1.1.2 group ex193 as-number 200 [Switch A-bgp] quit # Configure the MED attribute of Switch A Add ACL on Switch A, enable network 1.0.0.0.
Page 263 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration [Switch B-ospf-1] area 0 [Switch B-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [Switch B-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [Switch B] bgp 200 [Switch B-bgp] undo synchronization [Switch B-bgp] group ex external [Switch B-bgp] peer 192.1.1.1 group ex as-number 100...
Page 264 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration [Switch D-Vlan-interface5] ip address 195.1.1.1 255.255.255.0 [Switch D] ospf [Switch D-ospf-1] area 0 [Switch D-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [Switch D-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [Switch D-ospf-1-area-0.0.0.0] network 4.0.0.0 0.255.255.255...
Page 265 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 6 BGP Configuration Apply such route policy to the BGP neighbor 193.1.1.1 (Switch A) [Switch C] bgp 200 [Switch C-bgp] peer 193.1.1.1 route-policy localpref import By then, due to the fact that the Local preference attribute value (200)of the route 1.0.0.0 learned by Switch C is more than that of Switch B(Switch B is not configured...
Page 266 The matching rules can be set in advance and then used in the routing policy to advertise, receive and import the route information. In Quidway S6500 Series Ethernet Switches, five kinds of filters, Route-policy, acl, as-path, community-list, and ip-prefix, are provided to be called by the routing protocols.
Page 267 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration II. Access Control List (ACL) For routing information filtering, the basic ACL is generally used. When the user defines the ACL, he will define the range of an IP address or subnet to the destination network segment address or the next-hop address of the routing information.
Page 268 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration The definition of the community-list has already been implemented in the BGP configuration. For the relevant configurations, please refer to the ip community-list command in the BGP Configuration.
Page 269 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration By default, the Route-policy is not defined. Note: if multiple nodes are defined in a route-policy, at least one of them should be in permit mode.
Page 270 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Operation Command Match the routing cost of the routing if-match cost value information Cancel the matched routing cost of the undo if-match cost routing information...
Page 271 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Operation Command Cancel the next-hop address of the undo apply ip next-hop routing information import the route to isis level-1, level-2 or apply isis [ level-1 | level-2 |...
Page 272 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration should satisfy the requirement of the protocol by specifying a route cost for the imported route. Perform the following configuration in routing protocol view.
Page 273 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Please note that if more than one ip-prefix item are defined, then the match mode of at least one list item should be the permit mode. The list items of the deny mode can be firstly defined to rapidly filter the routing information not satisfying the requirement, but if all the items are in the deny mode, no route will pass the ip-prefix filtering.
Page 274 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Table 7-7 Configuring to filter the distributed routes Operation Command Configure filter routes filter-policy acl-number ip-prefix distributed by the protocol ip-prefix-name } export [ routing-process ]...
Page 275 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Operation Command display community-list Display Community-list basic-comm-list-number information adv-comm-list-number ] 7.4 Typical IP Routing Policy Configuration Example 7.4.1 Configuring to Filter the Received Routing Information I.
Page 276 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration [Switch A] ip route-static 30.0.0.1 255.0.0.0 12.0.0.2 [Switch A] ip route-static 40.0.0.1 255.0.0.0 12.0.0.2 # Enable OSPF protocol and specifies the number of the area to which the interface belongs.
Page 277 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 7 IP Routing Policy Configuration Please check for the following faults: The if-match mode of at least one node of the Route-policy should be the permit mode. When a Route-policy is used for the routing information filtering, if a piece of routing information does not pass the filtering of any node, then it means that the route information does not pass the filtering of the Route-policy.
Page 278 Ethernet switch will not change (unless the hardware is upgraded but upgrading cannot be guaranteed to solve all problems). In order to solve such problem, Quidway S6500 Series Ethernet Switches provide a mechanism to control the size of the routing table: Monitor the free memory in the system to determine whether to add new routes to the routing table and whether to keep connection with a routing protocol.
Page 279 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 8 Route Capacity Configuration 8.2 Route Capacity Configuration Route capacity configuration includes: Setting the lower limit and the safety value of the Ethernet switch memory Enabling/Disabling the Ethernet switch to recover the disconnected routing protocol automatically 8.2.1 Setting the lower limit and the safety value of the Ethernet switch...
Page 280 Operation Manual - Routing Protocol Quidway S6500 Series Ethernet Switches Chapter 8 Route Capacity Configuration Table 8-2 Enabling/Disabling the Ethernet switch to Recover the Disconnected Routing Protocol Automatically Operation Command Enable memory automatic restoration memory auto-establish enable function Disable memory automatic restoration...
Page 281 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Multicast Protocol Huawei Technologies Proprietary...
Page 282 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Multicast Overview ...................... 1-1 1.1 IP Multicast Overview ......................1-1 1.1.1 Problems with Unicast/Broadcast ................1-1 1.1.2 Advantages of Multicast ..................1-2 1.1.3 Application of Multicast ...................
Page 283 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Table of Contents Chapter 5 IGMP Configuration ..................... 5-1 5.1 IGMP Overview........................5-1 5.2 IGMP Configuration ......................5-2 5.2.1 Enabling Multicast ....................5-2 5.2.2 Enabling IGMP on the Interface ................5-3 5.2.3 Configuring IGMP Version ..................
Page 284 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Table of Contents 6.3.13 Configuring BSR Policy..................6-12 6.3.14 Configuring C-RP Policy ..................6-13 6.3.15 Clearing PIM Routing Entries................6-13 6.3.16 Clearing PIM Neigthbore..................6-13 6.4 Displaying and Debugging PIM Configuration..............6-13 6.5 PIM Configuration Examples ...................
Page 285 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview Chapter 1 Multicast Overview Note: When running IP multicast protocols, Ethernet switches also provide the functions of switches. We use routers in this manual to stand for not only the common routers but also the layer 3 Ethernet switches running IP multicast protocols.
Page 286 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview over the network if the there is a large number of users in need of this infomration. As the bandwidth would turn short, the unicast mode is incapable of massive transmission.
Page 287 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview User A User B Multicast User D Server User E Figure 1-3 Data transmission in multicast mode Suppose the Users B, D, and E need the information, they need to be organized into a receiver group to ensure that the information can reach them smoothly.
Page 288 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview Point-to-multipoint data distribution With the increasing popularity of multimedia services over IP network, multicast is gaining its marketplace. 1.2 Implementation of IP Multicast 1.2.1 Multicast Addresses In multicast mode, there are questions about where to send the information, how to locate the destination or know the receiver.
Page 289 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview Table 1-1 Ranges and meanings of Class D addresses Class D address range Description Reserved multicast addresses (addresses of permanent groups). All but 224.0.0.0 can be 224.0.0.0∼224.0.0.255...
Page 290 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview II. Ethernet Multicast MAC Addresses When a unicast IP packet is transmitted on the Ethernet, the destination MAC address is the MAC address of the receiver. However, for a multicast packet, the destination is no longer a specific receiver but a group with unspecific members.
Page 291 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 1 Multicast Overview I. Multicast group management protocol Multicast groups use Internet group management protocol (IGMP) as the management protocols. IGMP runs between the switch and multicast router and defines the membership establishment and maintenance mechanism between them.
Page 292 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 2 GMRP Configuration Chapter 2 GMRP Configuration 2.1 GMRP Overview GMRP (GARP Multicast Registration Protocol), based on GARP, is used for maintaining dynamic multicast registration information of the switch. All the switches supporting GMRP can receive multicast registration information from other switches and dynamically update local multicast registration information.
Page 293 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 2 GMRP Configuration 2.2.2 Enabling/Disabling GMRP on the Port Perform the following configuration in Ethernet port view. Table 2-2 Enabling/Disabling GMRP on the port Operation Command Enable GMRP on the port...
Page 294 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 2 GMRP Configuration III. Configuration procedure Configure LS_A: # Enable GMRP globally. [Quidway] gmrp # Enable GMRP on the port. [Quidway] interface ethernet 2/0/4 [Quidway-Ethernet2/0/4] gmrp Configure LS_B: # Enable GMRP globally.
Page 295 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Chapter 3 IGMP Snooping Configuration 3.1 IGMP Snooping Overview 3.1.1 IGMP Snooping Principle IGMP Snooping (Internet Group Management Protocol Snooping) is a multicast control mechanism running on the Layer 2 Ethernet switch and it is used for multicast group management and control.
Page 296 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Video stream Internet / Intranet Multicast router Video stream VOD Server Layer 2 Ethernet Switch Video stream Video stream Video stream Multicast group member Non-multicast...
Page 297 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration II. Implementing Layer 2 multicast with IGMP Snooping The Ethernet switch runs IGMP Snooping to listen to the IGMP messages and map the host and its ports to the corresponding multicast group address. To implement IGMP...
Page 298 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration multicast group exists but does not contains the port received the report message, the switch adds the port into the multicast group and starts the port aging timer.
Page 299 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Caution: IGMP Snooping and GMRP cannot run at the same time. You can check if GMRP is running, using the display gmrp status command, in any view, before enabling...
Page 300 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Table 3-3 Configuring the maximum response time Operation Command Configure the maximum response igmp-snooping max-response-time time seconds Restore the default setting undo IGMP-snooping max-response-time By default, the maximum response time is 10 seconds.
Page 301 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Operation Command Reset IGMP Snooping statistic reset igmp-snooping statistics information 3.4 IGMP Snooping Configuration Example I. Networking requirements To implement IGMP Snooping on the switch, first enable it. The switch is connected with the router via the router port, and with user PC through the non-router ports.
Page 302 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 3 IGMP Snooping Configuration Troubleshooting: IGMP Snooping is disabled. Input the display current-configuration command to display the status of IGMP Snooping. If the switch disabled IGMP Snooping, check whether the IGMP Snooping is not enabled globally or it is not enabled in the VLAN.
Page 303 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 4 Common Multicast Configuration Chapter 4 Common Multicast Configuration 4.1 Overview Common multicast configuration tasks, which are effective to both multicast management and routing protocols, include enabling multicast, displaying multicast routig table and multicast forwarding table, and so on.
Page 304 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 4 Common Multicast Configuration Please perform the following configurations in system view. Table 4-2 Configuring number limit of multicast routing entries Operation Command Configure number limit of multicast routing...
Page 305 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 4 Common Multicast Configuration Execute the debugging commands in user view for the debugging of multicast. Table 4-5 Displaying and Debugging Common Multicast Configuration Operation Command display multicast routing-table [ group-address...
Page 306: Chapter 5 Igmp Configuration
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration Chapter 5 IGMP Configuration 5.1 IGMP Overview IGMP (Internet Group Management Protocol) is a protocol in the TCP/IP suite responsible for management of IP multicast members. It is used to establish and maintain multicast membership between IP hosts and their directly connected neighboring routers.
Page 307: Igmp Configuration
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration that a host has left the group. In IGMP Version 2, when a host replying to the last membership query message leaves a multicast group, it should send a leave group message to the multicast router.
Page 308: Enabling Igmp On The Interface
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration 5.2.2 Enabling IGMP on the Interface This configuration task is to enable IGMP on the interface which needs to perform multicast membership maintenance. You should execute this operation before other IGMP configurations.
Page 309: Configuring Interval And Number Of Querying Igmp Packets
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration Table 5-3 Configuring query interval Operation Command Configure query interval igmp timer query seconds Restore the default query interval undo igmp timer query When there are multiple multicast routers on a network segment, the querier is responsible for sending IGMP query messages to all the hosts on the LAN.
Page 310: Configuring Duration Of Igmp Querier
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration By default, the interval is 1 second. II. Configuring number of last member querying Table 5-5 Configuring number of last member querying Operation Command Configure number of last member...
Page 311: Limiting Igmp Groups On The Interface
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration Table 5-7 Configuring the maximum query response time for IGMP Operation Command Configure the maximum query response time igmp max-response-time for IGMP seconds Restore the default value undo igmp max-response-time The shorter the max response time is, the faster the router interdicts a group.
Page 312: Limiting Multicast Groups An Interface Can Access
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration Table 5-9 Configuring a router to join specified multicast group Operation Command igmp host-join group-address port Configure a router to join specified interface_type interface_ multicast group (VLAN interface...
Page 313: Deleting Igmp Groups From The Interface
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 5 IGMP Configuration 5.2.11 Deleting IGMP Groups from the Interface You can delete all the IGMP groups of one or all router interfaces, or an IGMP group address or group address network segment from a specified interface.
Page 314: Chapter 6 Pim Configuration
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Chapter 6 PIM Configuration 6.1 PIM Overview 6.1.1 PIM-DM I. Introduction Protocol independent multicast-dense mode (PIM-DM) is the dense-mode multicast routing protocol. It is applicable to small networks, where multicast group members are rather intensive.
Page 315: Pim-Sm
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration towards the multicast source, the path is considered as correct. Otherwise, the multicast packet will be discarded as a redundant one. The concerned unicast routing information can be of any unicast routing protocol such as RIP or OSPF.
Page 316 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration reducing the network bandwidth occupied by data and control packets and bringing down processing cost of routers. Multicast data travels along the shared tree to the network segments where the multicast group members are located.
Page 317: Pim-Dm Configuration
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Switching from RPT to SPT When a multicast router detects that the multicast packet with the destination address of G from the RP is sent at a rate greater than the threshold, the multicast router will send a join message to the node of a higher level toward the source S, which results in switching from the RPT to the SPT.
Page 318: Enabling Multicast
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Configuring filtering of PIM neighbors Limiting the number of PIM neighbors of an interface Clearing PIM routing entries Clearing PIM neighbors 6.2.1 Enabling Multicast See Chapter 4 Common Multicast Configuration.
Page 319: Entering Pim View
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration You should first start PIM (PIM-DM or PIM-SM) protocol in interface view before initiating this configuration. 6.2.4 Entering PIM View To configure PIM-related global parameters, you need to enter PIM view.
Page 320: Limiting Number Of Pim Neighbors On The Interface
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Table 6-5 Configuring filtering PIM neighbors Operation Command Set to filter PIM neighbors pim neighbor-policy acl-number Remove filtering configuration undo pim neighbor-policy 6.2.7 Limiting Number of PIM Neighbors on the Interface The maximum number of PIM neighbors of a router interface can be configured to avoid exhausting the memory of the router or router faults.
Page 321: Pim-Sm Configuration
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Table 6-8 Clearing PIM neighbors Operation Command reset pim neighbor { all | { neighbor-address | Clear PIM neighbors interface interface-type interface-number } * } 6.3 PIM-SM Configuration...
Page 322: Entering Pim View
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Table 6-9 Enabling PIM-SM protocol Operation Command Start PIM-SM on the interface pim sm Disable PIM-SM on the interface undo pim sm Repeat this operation to enable PIM-SM on other interfaces. Only one multicast routing protocol can be enabled on an interface at a time.
Page 323: Configuring C-Rp
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Table 6-10 Configuring C-BSR Operation Command c-bsr Vlan-interface interface-number Configure C-BSR hash-mask-len [ priority ] Remove C-BSR configuration undo c-bsr C-BSRs should be configured on the routers in the backbone network. By default, no C-BSR is configured.
Page 324: Configuring Pim-Sm Domain Boundary
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Table 6-12 Configuring static RP Operation Command Configure static RP static-rp rp-address [ acl-number ] Remove static RP configuration undo static-rp Basic ACL can be used to control the range of multicast group served by a static RP.
Page 325: Configuring The Rp To Filter Incoming Registration Packets
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration 6.3.12 Configuring the RP to Filter Incoming Registration Packets In the PIM-SM network, the register packet filtering mechanism helps an RP to decide the groups a source sends packets to, namely the packets to receive and forward.
Page 326: Configuring C-Rp Policy
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration 6.3.14 Configuring C-RP Policy To prevent C-RP spoofing, C-RP policy can be configured to specify the range of valid C-RPs and of groups served by each C-RP.
Page 327: Pim Configuration Examples
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration Operation Command debugging pim common { all | event | packet | Enable PIM debugging timer } undo debugging pim common { all | event |...
Page 328: Pim-Sm Configuration Example
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration III. Configuration procedure Only configuration steps for Lanswitch 1 are listed here and those for Lanswitch 2 and Lanswitch 3 are in similar way. # ENABLING the multicast routing protocol.
Page 329 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration LS_A is connected to LS_B through vlan-interface10, to Host A through vlan-interface11, and to LS_C through vlan-interface12. LS_B is connected to LS_A through vlan-interface10, to LS_C through vlan-interface11, and to LS_D through vlan-interface12.
Page 330 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration [Quidway-vlan-interface10] quit [Quidway] vlan 11 [Quidway-vlan11] port ethernet 3/0/4 to ethernet 3/0/5 [Quidway-vlan11] quit [Quidway] interface vlan-interface 11 [Quidway-vlan-interface11] igmp enable [Quidway-vlan-interface11] pim sm [Quidway-vlan-interface11] quit...
Page 331 Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration [Quidway-vlan12] quit [Quidway] interface vlan-interface 12 [Quidway-vlan-interface12] igmp enable [Quidway-vlan-interface12] pim sm [Quidway-vlan-interface12] quit # Configuring C-BSRs. [Quidway] pim [Quidway-pim] c-bsr vlan-interface 10 30 2 # Configuring C-RPs.
Page 332: Pim Troubleshooting
Operation Manual - Multicast Protocol Quidway S6500 Series Ethernet Switches Chapter 6 PIM Configuration [Quidway-vlan-interface11] quit [Quidway] vlan 12 [Quidway-vlan12] port ethernet 0/6 to ethernet 0/7 [Quidway-vlan12] quit [Quidway] interface vlan-interface 12 [Quidway-vlan-interface12] igmp enable [Quidway-vlan-interface12] pim sm [Quidway-vlan-interface12] quit 6.6 PIM Troubleshooting...
Page 333: Chapter 7 Multicast Mac Address Configuration
Operation Manual - Multicast Protocol Chapter 7 Multicast MAC Address Quidway S6500 Series Ethernet Switches Configuration Chapter 7 Multicast MAC Address Configuration 7.1 Introduction In Layer 2 multicast, you can not only dynamically create multicast forwarding entries using the Layer 2 multicast protocol, but also set manually the multicast MAC address and bind multicast entries to ports.
Page 334: Multicast Mac Address Configuration Example
Operation Manual - Multicast Protocol Chapter 7 Multicast MAC Address Quidway S6500 Series Ethernet Switches Configuration 7.3 Multicast MAC Address Configuration Example I. Network requirements The S6506 connects two hosts: Host1 and Host2. Add a multicast MAC address to send the multicast packets with multicast MAC address 0100-0000-0001 only to Host1 and the multicast packets with multicast MAC address 0100-0000-0002 only to Host2.
Page 335 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual QoS/ACL Huawei Technologies Proprietary...
Page 336 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 ACL Configuration....................... 1-1 1.1 Brief Introduction to ACL....................1-1 1.1.1 ACL Overview ......................1-1 1.1.2 ACL Supported by Ethernet Switch................. 1-3 1.2 Configure ACL ........................1-4 1.2.1 Configure Time-Range....................
Page 337 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Table of Contents 2.2.9 Relabeling Priority Level ..................2-19 2.2.10 Configuring RED Operations................2-21 2.2.11 Setting Traffic Statistics..................2-21 2.2.12 Displaying and Debugging QoS Configuration ........... 2-22 2.3 QoS Configuration Example .................... 2-23 2.3.1 Traffic Limit and Line Rate Configuration Example..........
Page 338: Chapter 1 Acl Configuration
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Chapter 1 ACL Configuration 1.1 Brief Introduction to ACL Note: A type card includes LS81FT48A, LS81FM24A, LS81FS24A, LS81GB8UA and LS81GT8UA cards. 1.1.1 ACL Overview A series of matching rules are required for the network devices to identify the packets to be filtered.
Page 339 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Table 1-1 Hardware match order of ACL’s sub-rule Switch Hardware match order of ACL’s sub-rule An ACL is configured with multiple sub-rules. The sub-rule with the more accurate range is matched first;...
Page 340: Acl Supported By Ethernet Switch
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Note: The depth-first principle is to put the statement specifying the smallest range of packets on the top of the list. This can be implemented through comparing the wildcards of the addresses.
Page 341: Configure Acl
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Item Value range Maximum Numbered User-defined ACL 5000 to 5999 The sub items of an ACL 0 to 127 1.2 Configure ACL ACL configuration includes: Configure time range...
Page 342: Select Acl Mode
This command is not effective to the cards except A type ones. By default, ip-based mode is chosen, in other words, L3 traffic classification rule is used by switch. 1.2.3 Define ACL Huawei Switches support several kinds of ACLs. Here we will introduce how to define these ACLs. Huawei Technologies Proprietary...
Page 343 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Defining ACL by following the steps below: enter the corresponding ACL view add a rule to the ACL You can add multiple rules to one ACL. Note: If a specific time rang is not defined, the ACL will always function after activated.
Page 344 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration II. Define advanced ACL The rules of the classification for advanced ACL are defined on the basis of the attributes such as source and destination IP address, the TCP or UDP port number in use and packet priority to process the data packets.
Page 345 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration III. Define Layer-2 ACL The rules of Layer-2 ACL are defined on the basis of the Layer-2 information such as source MAC address, source VLAN ID, Layer-2 protocol type, Layer-2 packet format and destination MAC address.
Page 346 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Note: Take the following into consideration when configuring the offset parameter: (1) The packets processed by the switch have VLAN tags. One VLAN tag occupies 4 bytes.
Page 347: Activate Acl
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration 1.2.4 Activate ACL The defined ACL can be active after activated globally on the switch. This function is used to activate the ACL filtering or classify the data transmitted by the hardware of switch.
Page 348: Display And Debug Acl
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration Note: Combined activating of IP ACL and Link ACL is supported by the cards except A type ones. But the sum of the bytes number defined by IP ACL and that defined by the Link ACL can not exceed 32 bytes;...
Page 349: Acl Configuration Example
In the following configurations, only the commands related to ACL configurations are listed. Define the work time range # Define time range from 8:00 to 18:00. [Quidway] time-range huawei 8:00 to 18:00 working-day Define the ACL to access the payment server. Huawei Technologies Proprietary 1-12...
Page 350: Basic Acl Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 1 ACL Configuration # Enter the named advanced ACL, named as traffic-of-payserver. [Quidway] acl name traffic-of-payserver advanced match-order config # Define the rules for other department to access the payment server.
Page 351: Link Acl Configuration Example
# Enter the named basic ACL, named as traffic-of-host. [Quidway] acl name traffic-of-host basic # Define the rules for packet which source IP is 10.1.1.1. [Quidway-acl-basic-traffic-of-host] rule 1 deny source 10.1.1.1 0 time-range huawei Activate ACL. # Activate the ACL traffic-of-host .
Page 352 In the following configurations, only the commands related to ACL configurations are listed. Define the time range # Define time range from 8:00 to 18:00. [Quidway] time-range huawei 8:00 to 18:00 daily Select ACL mode # Select link-based ACL mode. [Quidway] acl mode link-based Define the ACL for packet which source MAC address is 00e0-fc01-0101 and destination MAC address is 00e0-fc01-0303.
Page 353: Chapter 2 Qos Configuration
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Chapter 2 QoS Configuration 2.1 QoS Overview In the traditional IP network, all the packets are treated equally without priority difference. Every switch/router handles the packets following the First In First Out (FIFO) policy.
Page 354: Packet Filter
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration application etc can be used for traffic classification. Generally the classification standards are encapsulated in the header of the packets. The packet content is seldom used as the classification standard.
Page 355: Traffic Priority
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.1.8 Traffic Priority The Ethernet Switch can deliver priority tag service for some special packets. The tags include TOS, DSCP and 802.1p, etc., which can be used and defined in different QoS modules.
Page 356: Traffic Mirroring
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration transmitted first, while the packets of lower service priority are transmitted during the idling gap between transmitting the packets of higher service priorities. The SP also has the drawback that when congestion occurs, if there are many packets...
Page 357: Qos Configuration
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Compare the random number with the discarding probability of the current queue and discard the packet, whose random number is greater than the probability. The longer the queue is, the higher the discarding probability will be. However, there is a maximum discarding probability.
Page 358 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Table 2-1 QoS feature description for different LPUs Type A LPUs (LS81FT48A/ LPUs excluding the LS81FM24A/LS81FS24A/LS81GB8 Features type A LPUs UA/LS81GT8UA) Traffic Support advanced, basic, Support advanced, basic, Layer 2...
Page 359: Setting Port Priority
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Type A LPUs (LS81FT48A/ LPUs excluding the LS81FM24A/LS81FS24A/LS81GB8 Features type A LPUs UA/LS81GT8UA) Traffic Count packets Count the packets received and sent counting received by a port.
Page 360: Setting Port Mirroring
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Note: Perform the following two configuration tasks in system view. 2.2.2 Setting Port Mirroring Port mirroring means duplicating data on the monitored port to the designated monitor port, for purpose of data analysis and supervision.
Page 361: Setting Priority-Output Queue Mapping And Queue Scheduling
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.2.3 Setting Priority-Output Queue Mapping and Queue Scheduling Queue scheduling is often used in solving the problem of resource contention during network congestion. Each port supports eight outbound queues. The switch can distribute packets into the target queues according to several types of priority.
Page 362 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Table 2-6 Mapping between IP priority levels and outbound queues IP priority level Queue Table 2-7 Mapping between DSCP priority levels and outbound queues Name (LPUs excluding...
Page 363 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Table 2-8 Setting mapping table Operation Command cos-local-precedence-map cos0-map-local-prec Configure cos1-map-local-prec cos2-map-local-prec COS→Local-prece cos3-map-local-prec cos4-map-local-prec dence mapping cos5-map-local-prec cos6-map-local-prec table cos7-map-local-prec Restore the default undo qos cos-local-precedence-map mapping By default, the switch selects the default mapping between them.
Page 364: Entering Qos View
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Note: Type A LPUs do not support configuring queue scheduling. LPUs excluding the type A LPUs support configuring queue scheduling. 2.2.4 Entering QoS View You should run most QoS configurations in QoS view.
Page 365: Setting Traffic Limit
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.2.5 Setting Traffic Limit Traffic limit refers to rate limit based on traffic. If the traffic threshold is exceeded, corresponding measures will be taken, for example, dropping the excessive packets or re-defining their priority levels.
Page 366 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Operation Command Remarks The prompt character in ACL view corresponds to the ACL type you enter. acl { number acl-number | Advanced name acl-name [ advanced Enter...
Page 367 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Operation Command Remarks traffic-limit { inbound | outbound } { ip-group Configure { acl-number | acl-name } — traffic policing [ rule rule ] | link-group { acl-number | acl-name }...
Page 368 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Operation Command Remarks Advanced ACL: rule [ rule-id ] { permit | deny } protocol [ source { source-addr wildcard | any } ] [ destination { dest-addr dest-mask | any } ]...
Page 369 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Operation Command Remarks Display display qos-interface configuration You can execute the display [ interface-name | interface-type of the traffic command in any view. interface-num ] traffic-limit policing...
Page 370: Setting Line Limit
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.2.6 Setting Line Limit Line limit refers to rate limit based on the port, that is, limiting the total rate at the port. The adjustment step for line rate of S6500 series switches is 1Mbps.
Page 371: Setting Traffic Redirection
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.2.8 Setting Traffic Redirection Traffic redirection refers to changing packet forwarding direction, that is, forwarding packets to CPU or other ports. Please perform the following configurations in QoS view.
Page 372 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration I. Configuration on A Type Card Table 2-17 Relabeling priority level Operation Command traffic-priority { inbound | outbound } { ip-group { acl-number | Relabel traffic acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule...
Page 373: Configuring Red Operations
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration 2.2.10 Configuring RED Operations RED operation, an anti-congestion measures, monitors and further processes packet forwarding even when no network congestion happens. Please perform the following configurations in QoS view.
Page 374: Displaying And Debugging Qos Configuration
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Note: A type card includes LS81FT48A, LS81FM24A, LS81FS24A, LS81GB8UA and LS81GT8UA cards. II. Configuration on the Cards except A Type Ones Table 2-21 Setting traffic statistics Operation...
Page 375: Qos Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Table 2-22 Displaying and debugging QoS configuration Operation Command Display mirroring group display mirroring-group [ groupid ] Display COS→Local-precedence display qos cos-local-precedence-map mapping table Display line rate for outbound...
Page 376 Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration outbound traffic at 20M on the average. Those packets exceeding the threshold will be labeled with priority level 4. II. Networking diagram Wage server 129.110.1.2 GE7/0/1 Switch...
Page 377: Port Mirroring Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration # Limit average outbound traffic of the wage server at 20 Mbps and label over-threshold packets with priority level 4. [Quidway-qosb-GigabitEthernet7/0/1] traffic-limit inbound ip-group traffic-of-payserver 20 exceed remark-dscp 4 # Limit inbound traffic of the wage server from the port GigabitEthernet7/0/1 at 20 Mbps.
Page 378: Priority Relabeling Configuration Example
Define traffic rules for PC packets. # Enter the number-based basic ACL and select the ACL 2000. [Quidway] acl number 2000 # Define traffic classification rules for PC1 packets. [Quidway-acl-basic-2000] rule 0 permit source 1.0.0.2 0 time-range huawei Huawei Technologies Proprietary 2-26...
Page 379: Packet Redirection Configuration Example
Define traffic rules for PC1 packets. # Enter the number-based basic ACL and select the ACL 2000. [Quidway] acl number 2000 # Define traffic classification rules for PC1 packets. [Quidway-acl-basic-2000] rule 0 permit source 1.0.0.2 0 time-range huawei Huawei Technologies Proprietary 2-27...
Page 380: Red Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 2 QoS Configuration Forward PC1 packets to the port GE7/0/8. # Enter QoS view. [Quidway-GigabitEthernet7/0/1] qos [Quidway-qosb-GigabitEthernet7/0/1] # Forward PC1 packets to the port GE7/0/8. [Quidway-qosb-GigabitEthernet7/0/1] traffic-redirect inbound ip-group 2000 rule 0 interface gigabitethernet7/0/8 2.3.5 RED Configuration Example...
Page 381: Traffic Bandwidth Configuration Example
# Define traffic rules for the packets of IP address 1.0.0.1. [Quidway] acl number 2000 [Quidway-acl-basic-2000] rule 0 permit source 1.0.0.1 0.0.0.0 time-range huawei Run RED operation for the packets of IP address 1.0.0.1 and view the configuration with the display command.
Page 382 # Define traffic rules for the packets of IP addresses 1.0.0.1 and 2.0.0.1. [Quidway] acl number 2000 [Quidway-acl-basic-2000] rule 0 permit source 1.0.0.1 0.0.0.0 time-range huawei [Quidway-acl-basic-2000] rule 1 permit source 2.0.0.1 0.0.0.0 time-range huaweis Configure traffic bandwidth for the packets of IP addresses 1.0.0.1 and 2.0.0.1, view the configuration with the display command.
Page 383: Traffic Statistics Configuration Example
Define traffic rules for PC1 packets. # Define traffic classification rules for PC1 packets. [Quidway] acl number 2000 [Quidway-acl-basic-2000] rule 0 permit source 1.1.1.1 0.0.0.0 time-range huawei Count PC1 packets, view the statistics with the display command. # Enter QoS view.
Page 384: Chapter 3 Acl Configuration
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 3 ACL Configuration Chapter 3 ACL Configuration 3.1 Overview Security problems draw more and more attentions with increasingly extensive application of Ethernet switches. Currently Ethernet switches support three major access modes: SNMP (Simple Network Management Protocol) access, Telnet access and HTTP (Hypertext Transfer Protocol) access.
Page 385: Importing Acl
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 3 ACL Configuration Operation Command Delete an ACL or all undo acl { number acl-number | name acl-name | all } ACLs (system view) Perform the following configuration in corresponding view.
Page 386: Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 3 ACL Configuration Note: Currently you can import only the basic and advanced ACLs with digit IDs. 3.2.3 Configuration Example I. Networking requirement Only the Telnet users from 10.110.100.52 and 10.110.100.46 can access the switch.
Page 387: Configuring Acl For Snmp Users
Chapter 3 ACL Configuration 3.3 Configuring ACL for SNMP Users Huawei Quidway series Ethernet switches support remote network management (NM) and the user can use SNMP to access them. Proper ACL configuration can prevent illegal users from logging onto the switches.
Page 388: Configuration Example
Operation Manual - QoS/ACL Quidway S6500 Series Ethernet Switches Chapter 3 ACL Configuration SNMP username or group name is one of the features of SNMP V2 and above, therefore you import the ACL into the commands with SNMP username or group name configured, for the SNMP V2 and above.
Page 389 [Quidway-acl-baisc-2000] rule 2 permit source 10.110.100.46 0 [Quidway-acl-baisc-2000] rule 3 deny source any [Quidway-acl-baisc-2000] quit # Import the ACL. [Quidway] snmp-agent community read huawei acl 2000 [Quidway] snmp-agent group v2c huaweigroup acl 2000 [Quidway] snmp-agent usm-user v2c huaweiuser huaweigroup acl 2000 Huawei Technologies Proprietary...
Page 390 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Huawei Technologies Proprietary...
Page 391 Operation Manual - STP Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 MSTP Region-configuration ..................1-1 1.1 MSTP Overview ......................... 1-1 1.1.1 MSTP Concepts ...................... 1-1 1.1.2 MSTP Principles...................... 1-4 1.2 Configure MSTP ........................ 1-9 1.2.1 Configure the MST Region for a Switch..............
Page 392 Operation Manual - STP Quidway S6500 Series Ethernet Switches Table of Contents 4.2 Rapid Transition Configuration ..................4-2 4.2.1 Prerequisites ......................4-2 4.2.2 Configuration procedure..................4-3 Huawei Technologies Proprietary...
Page 393: Chapter 1 Mstp Region-Configuration
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Chapter 1 MSTP Region-configuration 1.1 MSTP Overview MSTP stands for Multiple Spanning Tree Protocol, which is compatible with STP and RSTP. STP cannot transit fast. Even on the point-to-point link or the edge port, it has to take an interval as long as twice forward delay before the network converges.
Page 394 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration I. MST region Multiple Spanning Tree Regions: A multiple spanning tree region contains several physically and directly connected MSTP switches sharing the same region name, VLAN-spanning tree mapping configuration, and MSTP revision level configuration, and the network segments between them.
Page 395 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration VIII. Common Root Bridge The Common Root Bridge refers to the root bridge of CIST. There is only one common root bridge in the specified network. IX. Edge port The edge port refers to the port located at the MST region edge, connecting different MST regions, MST region and STP region, or MST region and RSTP region.
Page 396: Mstp Principles
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration 1.1.2 MSTP Principles MSTP divides the entire Layer 2 network into several MST regions and calculates and generates CST for them. Multiple spanning trees are generated in a region and each of them is called an MSTI.
Page 397 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Switch A Switch C Switch B Figure 1-3 Designated bridge and designated port For a switch, the designated bridge is a switch in charge of forwarding BPDU to the local switch via a port called the designated port accordingly.
Page 398 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration To facilitate the descriptions, only the first four parts of the configuration BPDU are described in the example. They are root ID (expressed as Ethernet switch priority), path cost to the root, designated bridge ID (expressed as Ethernet switch priority) and the designated port ID (expressed as the port number).
Page 399 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration BPDU for every other port: substituting the root ID with the root ID in the configuration BPDU of the root port, the cost of path to root with the value made by the root path cost plus the path cost corresponding to the root port, the designated bridge ID with the local switch ID and the designated port ID with the local port ID.
Page 400 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration CP1 receives the configuration BPDU {0, 0, 0, AP2} from Switch A and Switch C launches the updating. The configuration BPDU is updated as {0, 0, 0, AP2}.
Page 401: Configure Mstp
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Upon the initiation of the network, all the switches regard themselves as the roots. The designated ports send the configuration BPDUs of local ports at a regular interval of HelloTime.
Page 402: Configure The Mst Region For A Switch
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Enable MSTP on the device Enable MSTP on a port Only after MSTP is enabled on the device will other configurations take effect. Before enabling MSTP, you can configure the related parameters of the device and Ethernet ports, which will take effect upon enabling MSTP and stay effective even after resetting MSTP.
Page 403 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration II. Configure the MST Region Perform the following configuration in MST region view. Table 1-2 Configure the MST region for a switch Operation Command Configure MST region name...
Page 404: Specify The Switch As Primary Or Secondary Root Bridge
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Table 1-3 Activate the MST Region Configuration and exit the MST Region View Operation Command Show the configuration information of the MST check region-configuration region under revision (from MST region view)
Page 405: Configure The Mstp Running Mode
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration When configuring the primary and secondary switches, you can also configure the network diameter and hello time of the specified switching network. For detailed information, refer to the configuration tasks “Configure switching network diameter” and “Configure the Hello Time of the switch”.
Page 406: Configure The Bridge Priority For A Switch
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Generally, if there is STP switch on the switching network, the port connected to it will automatically transit from MSTP mode to STP-compatible mode. But the port cannot automatically transit back to MSTP mode after the STP switch is removed.
Page 407: Configure The Switching Network Diameter
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration You can use the following command to configure the max hops in an MST region. Perform the following configuration in system view. Table 1-7 Configure the max hops in an MST region...
Page 408: Setting The Timeout Factor Of The Bridge
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration 1.2.7 Setting the Timeout Factor of the Bridge A bridge transmits hello packet regularly to the adjacent bridges to check if there is link failure. Generally, if the switch doesn’t receive the STP packets from the upstream switch for 3 times of hello time, the switch will decide the upstream switch is dead and will recalculate the topology of the network.
Page 409 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Table 1-10 Configure the time parameters of a switch Operation Command timer forward-delay Configure Forward Delay on the switch. centiseconds Restore the default Forward Delay of the undo stp timer forward-delay switch.
Page 410: Configure The Max Transmission Speed On A Port
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration You are recommended to use the stp root primary command to specify the network diameter and Hello Time of the switching network, thus MSTP will automatically calculate and give the rather desirable values.
Page 411: Configure A Port As An Edge Port
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration By default, the max transmission speed on every Ethernet port of the switch is 3. 1.2.10 Configure a Port as an Edge Port An edge port refers to the port not directly connected to any switch or indirectly connected to a switch over the connected network.
Page 412: Configure The Path Cost Of A Port
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration It is better to configure the BPDU protection on the edged port, so as to prevent the switch from being attacked. Before BPDU protection is enabled on the switch, the port runs as a non-edge port when it receives BPDU, even if the user has set it as an edge port.
Page 413 The switch calculates the default Path Cost of a port by the IEEE 802.1t standard. legacy: The switch calculates the default Path Cost of a port by the Huawei-3Com standard. You can specify the intended standard by using the following commands.
Page 414: Configure The Priority Of A Port
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration dot1d-1998 dot1t value Huawei-3Co Link speed Duplex state value range range m cost value Half-Duplex Full-Duplex 200,000 Aggregated Link 199,999 2 Ports 100Mb/s 100,000 Aggregated Link 66,666...
Page 415: Configure The Port (Not) To Connect With The Point-To-Point Link
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration I. Configure in system view Perform the following configuration in system view. Table 1-19 Configure the port priority Operation Command Configure port stp interface interface-list [ instance instance-id ] port priority.
Page 416 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Table 1-21 Configure the port (not) to connect with the point-to-point link Operation Command Configure the port to connect with the interface interface-list point-to-point link. point-to-point force-true...
Page 417: Configure The Mcheck Variable Of A Port
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Note: For a link aggregation, only the master port can be configured to connect with the point-to-point link. If a port in auto-negotiation mode operates in full-duplex mode upon negotiation, it can be configured to connect with the point-to-point link.
Page 418: Configure The Switch Security Function
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Note that the command can be used only if the switch runs MSTP. The command does not make any sense when the switch runs in STP-compatible mode.
Page 419 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration very short period. Too frequent delete operations shall consume huge switch sources and bring great risk to network stability. When the protection from TC-BPDU packet attack is enabled, the switch just perform one delete operation in a specified period after receiving TC-BPDU packets, as well as monitoring whether it receives TC-BPDU packets during this period.
Page 420: Enable Mstp On The Device
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration more (as if the link to the port is disconnected). If the port has not received any higher-priority BPDU for a certain period of time thereafter, it will resume the normal state.
Page 421: Display And Debug Mstp
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Table 1-27 Enable/Disable MSTP on a port Operation Command Enable MSTP on a port. stp interface interface-list enable Disable MSTP on a port. stp interface interface-list disable II.
Page 422: Typical Mstp Configuration Example
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration Operation Command Enable/Disable MSTP (packet [ undo ] debugging stp [ interface receiving/transmitting, event, error) interface-list ] { packet | event } debugging on the port. Enable event debugging of MSTP...
Page 423 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration III. Configuration procedure Configurations on Switch A # MST region [Quidway] stp region-configuration [Quidway-mst-region] region-name example [Quidway-mst-region] instance 1 vlan 10 [Quidway-mst-region] instance 3 vlan 30 [Quidway-mst-region] instance 4 vlan 40 [Quidway-mst-region] revision-level 0 # Manually activate MST region configuration.
Page 424 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 1 MSTP Region-configuration [Quidway-mst-region] active region-configuration # Specify Switch C as the root of instance 4. [Quidway] stp instance 4 root primary Configurations on Switch D # MST region [Quidway] stp region-configuration...
Page 425: Chapter 2 Bpdu Tunnel Configuration
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 2 BPDU Tunnel Configuration Chapter 2 BPDU Tunnel Configuration 2.1 BPDU Tunnel Overview Bridge protocol data unit (BPDU) Tunnel enables geographically distributed user network to transmit BPDU packets transparently over the specified VLAN VPN on the operator’s network.
Page 426: Enabling Bpdu Tunnel Of The System
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 2 BPDU Tunnel Configuration Sequence Configuration Command View Description number item Enable VLAN Required Ethernet vlan-vpn enable VLAN port view Ethernet port. configuration 2.2.1 Enabling BPDU Tunnel of the System Perform the following configuration in system view.
Page 427: Bpdu Tunnel Configuration Example
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 2 BPDU Tunnel Configuration 2.3 BPDU Tunnel Configuration Example I. Network requirements The S6500 Series Ethernet Switches are used as the access devices of the operator’s network, that is, Switch C and Switch D in the following figure.
Page 428 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 2 BPDU Tunnel Configuration Configure Switch C # Enable MSTP on the device. [Quidway] stp enable # Enable BPDU Tunnel on the device. [Quidway] vlan-vpn tunnel # Add port Ethernet4/0/1 into VLAN 10.
Page 429: Chapter 3 Digest Snooping
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 3 Digest Snooping Chapter 3 Digest Snooping 3.1 Introduction According to IEEE 802.1s, two connected switches can communicate through MSTIs (multiple spanning tree instances) in a MSTP (multiple spanning tree protocol) domain only when they are configured with the same domain settings.
Page 430 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 3 Digest Snooping Operation Command Remark Enable digest Required. Digest snooping is snooping on the config-digest-snooping disabled by default interface Quit Ethernet — quit interface view Enable digest Required. Digest snooping is...
Page 431: Chapter 4 The Rapid Transition Feature
Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 4 The Rapid Transition Feature Chapter 4 The Rapid Transition Feature 4.1 Introduction Designated ports with RSTP (rapid spanning tree protocol) or MSTP (multiple spanning tree protocol) employed use the following two types of packets to implement rapid...
Page 432 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 4 The Rapid Transition Feature Upstream sw itch Upstream sw itch Dow nstream switch Dow nstream switch Send proposal packets Send proposal packets Root port blocks Root port blocks to request rapid transition...
Page 433 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 4 The Rapid Transition Feature The upstream switch has proprietary protocols concerning spanning tree employed, the mechanism for its designated port to implement sate transition is similar to that of RSTP.
Page 434 Operation Manual - STP Quidway S6500 Series Ethernet Switches Chapter 4 The Rapid Transition Feature Operation step Command Description Required Enable rapid Rapid transition stp no-agreement-check transition disabled on a port by default. Note: Configure rapid transition for root port or Alternate port only.
Page 435 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Security Huawei Technologies Proprietary...
Page 436 Operation Manual - Security Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 802.1x Configuration ....................1-1 1.1 802.1x Overview ........................ 1-1 1.1.1 802.1x Standard Overview..................1-1 1.1.2 802.1x System Architecture ..................1-1 1.1.3 802.1x Authentication Process................1-2 1.1.4 Implementing 802.1x on the Ethernet Switch ............
Page 437 Operation Manual - Security Quidway S6500 Series Ethernet Switches Table of Contents 2.3.5 Setting Retransmission Times of RADIUS Request Packet ......... 2-18 2.3.6 Configuring the User Re-authentication at Reboot ..........2-19 2.3.7 Setting the Supported Type of the RADIUS Server ..........2-20 2.3.8 Setting the RADIUS Server State .................
Page 438: Chapter 1 802.1X Configuration
The LAN access control device needs to provide the Authenticator System of 802.1x. The devices at the user side such as the computers need to be installed with the 802.1x client Supplicant software, for example, the 802.1x client provided by Huawei Technologies Co., Ltd. (or by Microsoft Windows XP). The 802.1x Authentication Server system normally stays in the carrier’s AAA center.
Page 439: Authentication Process
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration The Controlled Port will be in connecting state only after the user passes the authentication. Then the user is allowed to access the network resources. Authenticator Authenticator System...
Page 440: Implementing 802.1X On The Ethernet Switch
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration 1.1.4 Implementing 802.1x on the Ethernet Switch Quidway Series Ethernet Switches not only support the port access authentication method regulated by 802.1x, but also extend and optimize it in the following way: Support to connect several End Stations in the downstream via a physical port.
Page 441: Enabling/Disabling 802.1X
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration 1.2.1 Enabling/Disabling 802.1x The following command can be used to enable/disable the 802.1x on the specified port or globally. When it is used in system view, if the parameter interface-list is not specified, 802.1x will be globally enabled.
Page 442: Setting The Port Access Control Method
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration 1.2.3 Setting the Port Access Control Method The following commands are used for setting 802.1x access control method on the specified port. When no port is specified in system view, the access control method of port is configured globally.
Page 443: Setting The Authentication In Dhcp Environment
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration Table 1-5 Setting the maximum number of users via a specified port Operation Command Set maximum number of users via dot1x max-user user-number specified port [ interface interface-list ]...
Page 444: Enabling/Disabling Guest Vlan
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration PEAP: As a kind of EAP protocol, protected EAP (PEAP) first establishes an encrypted transport layer security (TLS) channel to provide integrity protection, and then initiates a new type of EAP negotiation, to accomplish identity authentication to the client.
Page 445: Setting 802.1X Re-Authentication
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration Users who skip the authentication, fail in the authentication or get offline belong to the Guest VLAN. If dot1x dhcp-launch is configured on the switch, the Guest VLAN function cannot be implemented because the switch does not send active authentication packet in this mode.
Page 446: Setting 802.1X Client Version Authentication
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration During the authentication, the switch takes the last received one as the authentication period. For example, after the user configured the authentication period on the switch, the switch receives the packet with the termination-action attributes of 1, and then the switch takes the session-timeout value in the access-accept packet as the authentication period.
Page 447: Setting The Maximum Times Of Authentication Request Message Retransmission1-10
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration II. Configuring the maximum retry times for the switch to send version request frame to the client After sending client version request frame for the first time, if the switch receives no response from the client response within a certain period of time (set by the version authentication timeout timer), it resends version request again.
Page 448: Configuring Timers
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration Table 1-14 Setting the maximum times of the authentication request message retransmission Operation Command maximum times authentication request message dot1x retry max-retry-value retransmission Restore default maximum undo dot1x retry retransmission times By default, the max-retry-value is 2.
Page 449: Enabling/Disabling A Quiet-Period Timer
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration server-timeout: Specify the timeout timer of an Authentication Server. If an Authentication Server has not responded before the specified period expires, the Authenticator will resend the authentication request.
Page 450: Displaying And Debugging 802.1X
Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration Table 1-16 Enabling/disabling a quiet-period timer Operation Command Enable a quiet-period timer dot1x quiet-period Disable a quiet-period timer undo dot1x quiet-period By default, quiet-period timer is disabled.
Page 451 Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration accessed, the domain name does not follow the user name. Normally, if the user’s traffic is less than 2kbps consistently over 20 minutes, he will be disconnected.
Page 452 Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration # Enable the 802.1x performance on the specified port Ethernet 3/0/1. [Quidway] dot1x interface Ethernet 3/0/1 # Set the access control mode. (This command could not be configured, when it is configured as MAC-based by default.)
Page 453 Operation Manual - Security Quidway S6500 Series Ethernet Switches Chapter 1 802.1x Configuration [Quidway-isp-huawei163.net] access-limit enable 30 # Enable idle cut function for the user and set the idle cut parameter in the domain huawei163.net. [Quidway-isp-huawei163.net] idle-cut enable 20 2000 # Add a local supplicant and sets its parameter.
Page 454: Chapter 2 Aaa And Radius Protocol Configuration
Remote: Users are authenticated remotely through RADIUS. In this mode, the NAS acts as a client to communicate with a RADIUS server. With RADIUS, either the standard RADIUS or Huawei’s extended RADIUS protocol. II. Authorization AAA authorization supports the following modes: Local: Users are authorized according to the attributes related to their accounts on the NAS.
Page 455: Domain
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration III. Accounting AAA accounting supports the following modes: None: Requires no accounting. Remote: The accounting is conducted through a RADIUS server. 2.1.2 Domain The NAS provides two levels of user management: domain management (users are grouped into domains and managed by their domains) and account management (users are managed by their accounts).
Page 456: Configuring Aaa
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration II. RADIUS operation RADIUS server generally uses proxy function of the devices like access server to perform user authentication. The operation process is as follows: First, the user send request message (the client username and encrypted password is included in the message ) to RADIUS server.
Page 457: Creating An Isp Domain And Configuring The Related Attributes
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Subsectio Task Command View Description System Creating a local local-user view user Setting local-user System password password-displ view display mode for ay-mode all local users...
Page 458 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration different ISPs. Because the attributes of ISP users, such as username and password formats, etc, may be different, it is necessary to differentiate them by ISP domains.
Page 459 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration By default, the AAA scheme is local once an ISP domain is created. Note: Like the scheme command, the radius-scheme command can also be used to specify the RADIUS scheme for the current ISP domain;...
Page 460 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration V. Enabling/disabling the idle-cut function The idle cut function means if the traffic from a certain connection is less than the defined traffic, cut off this connection.
Page 461 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration On the switch, use the following command to enable this function and to configure the remaining-online-time threshold (the limit argument) and the alert message interval.
Page 462: Creating A Local User And Setting The Related Attributes
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Table 2-9 Configuring the self-service server URL Operation Command Configure self-service server URL and configure the URL address used to self-service-url enable url-string change the user password on the...
Page 463 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Table 2-11 Setting the password display mode for local users Operation Command Set the password display mode for all local-user password-display-mode local users { cipher-force | auto }...
Page 464: Disconnecting A User By Force
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Note: When the configured authentication mode (local or RADIUS authentication) requires username and password, the command level that a user can access after login depends on the user priority level.
Page 465 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration String ID: The switch compares the string ID delivered from the server with the VLAN names existing on the switch. If a matching entry is found, the switch adds the port into the corresponding VLAN.
Page 466: Configuring The Radius Protocol
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Table 2-15 Configuring name of the delivered VLAN Operation Command Configure name of the delivered VLAN name string Remove the configured VLAN name undo name 2.3 Configuring the RADIUS Protocol...
Page 467: Creating/Deleting A Radius Scheme
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration 2.3.1 Creating/Deleting a RADIUS Scheme As mentioned above, RADIUS protocol configurations are performed on the per RADIUS scheme basis. Therefore, before performing other RADIUS protocol configurations, it is compulsory to create the RADIUS scheme and enter its view to set its IP address.
Page 468: Configuring Radius Accounting Servers And The Related Attributes
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Operation Command Restore IP address and port number of second undo secondary RADIUS authentication/authorization server to the authentication default values. By default, as for the newly created RADIUS scheme, the IP address of the primary authentication server is 0.0.0.0, and the UDP port number of this server is 1812;...
Page 469 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration "system" RADIUS scheme created by the system, the IP address of the primary accounting server is 127.0.0.1, and the UDP port number is 1646.
Page 470 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration How to calculate the value of retry-times? Suppose that RADIUS server connection will timeout in T and the real-time accounting interval of NAS is t, then the integer part of the result from dividing T by t is the value of count.
Page 471: Setting The Radius Packet Encryption Key
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration V. Enabling the Selection of the Radius Accounting Option Perform the following configurations in RADIUS scheme view. Table 2-22 Enabling the selection of RADIUS accounting option...
Page 472: Configuring The User Re-Authentication At Reboot
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration You can use the following command to set retransmission times of RADIUS request packet. Perform the following configurations in RADIUS scheme view. Table 2-24 Setting retransmission times of RADIUS request packet...
Page 473: Setting The Supported Type Of The Radius Server
2.3.7 Setting the Supported Type of the RADIUS Server Quidway Series Ethernet Switches support the standard RADIUS protocol and the extended RADIUS service platforms developed by Huawei. You can use the following command to set the supported types of RADIUS servers.
Page 474: Configuring The Quiet Time Interval
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration communicate, NAS will turn to the primary one again. The following commands can be used to set the primary server to be active manually, in order that NAS can communicate with it right after the troubleshooting.
Page 475: Setting The Unit Of Data Flow That Transmitted To The Radius Server
By default, the default data unit is byte and the default data packet unit is one packet. 2.3.12 Configuring the Local RADIUS Authentication Server RADIUS service, which adopts authentication/authorization/accounting servers to manage users, is widely used in Quidway S6500 series switches. Besides, local Huawei Technologies Proprietary 2-22...
Page 476: Configuring Source Address For Radius Packets Sent By Nas
Huawei. Caution When using local RADIUS authentication server function of Huawei, remember the number of UDP port used for authentication is 1645 and that for accounting is 1646. The key configured by this command must be the same as that of the RADIUS...
Page 477: Setting The Timers Of The Radius Server
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration You can use either command to bind a source address with the NAS. By default, no source address is specified and the source address of a packet is the address of the interface where it is sent.
Page 478 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration When there are a large amount of users (more than 1000, inclusive), we suggest a larger value. The following table recommends the ratio of minutes value to the number of users.
Page 479: Displaying And Debugging Aaa And Radius Protocol
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Table 2-37 Configuring the quiet time interval Operation Command Set the quiet time interval timer quiet minutes Set the quiet time interval to its default value undo timer quiet By default, the value of the Quiet time interval is five minutes.
Page 480: Aaa And Radius Protocol Configuration Example
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Operation Command reset stop-accounting-buffer Delete stopping accounting { radius-scheme radius-scheme-name | requests saved in buffer without session-id session-id time-range response start-time stop-time user-name user-name }...
Page 481 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration II. Networking topology Authenticati on Servers ( IP addre ss:10.110.91.164 ) Switch Internet Internet telnet user Figure 2-1 Configuring the remote RADIUS authentication for Telnet users III.
Page 482: Configuring The Ftp/Telnet User Authentication At Local
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration [Quidway-radius-cams] quit [Quidway] domain cams [Quidway-isp-cams] scheme radius-scheme cams 2.5.2 Configuring the FTP/Telnet User Authentication at Local Note: Configuring local authentication for FTP users is similar to that for Telnet users. The following example is based on Telnet users.
Page 483: Dynamic Vlan With Radius Server Configuration Example
Configuration Local server method is similar to remote RADIUS authentication. But you should modify the server IP address to 127.0.0.1, authentication key to huawei, the UDP port number of the authentication server to 1645. 2.5.3 Dynamic VLAN with RADIUS Server Configuration Example I.
Page 484: Aaa And Radius Protocol Fault Diagnosis And Troubleshooting
Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration Note For the string delivery mode, the VLAN to be delivered must be an existing one on the switch. That is, you must have created the VLAN and configured a name for it on the switch.
Page 485 Operation Manual - Security Chapter 2 AAA and RADIUS Protocol Quidway S6500 Series Ethernet Switches Configuration The accounting port number may be set improperly. Please set a proper number. The accounting service and authentication/authorization service are provided on different servers, but NAS requires the services to be provided on one server (by specifying the same IP address).
Page 486 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Reliability Huawei Technologies Proprietary...
Page 487 Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 VRRP Configuration ....................1-1 1.1 VRRP Overview ......................... 1-1 1.2 VRRP Configuration ......................1-2 1.2.1 Enabling/Disabling the Function to Ping the Virtual IP Address ......1-3 1.2.2 Setting Correspondence Between Virtual IP Address and MAC Address ....
Page 488: Chapter 1 Vrrp Configuration
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Chapter 1 VRRP Configuration 1.1 VRRP Overview Virtual Router Redundancy Protocol (VRRP) is a fault-tolerant protocol, which is evoked as a solution to communication interruption caused by a network failure.
Page 489: Vrrp Configuration
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Network Actual IP address10.100.10.2 Actual IP address10.100.10.3 Master Backup Virtual IP address10.100.10.1 Virtual IP address10.100.10.1 Ethernet 10.100.10.7 10.100.10.8 10.100.10.9 Host 1 Host 2 Host 3 Figure 1-2 Virtual router This virtual router has its own IP address: 10.100.10.1 (which can be the interface...
Page 490: Enabling/Disabling The Function To Ping The Virtual Ip Address
So the Quidway S6500 Series Ethernet Switches provide the ping function. You can use the following commands to enable and disable the ping function.
Page 491: Adding/Deleting A Virtual Ip Address
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Table 1-2 Set correspondence between virtual IP address and MAC address Operation Command Set correspondence between the virtual vrrp method { real-mac | virtual-mac } IP address and the MAC address...
Page 492: Configuring The Priority Of Switches In The Virtual Router
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration After the last virtual IP address is removed from the virtual router, the whole virtual router will also be removed. That is, there is no more virtual router on the interface any more and any configuration of it is invalid accordingly.
Page 493: Configuring Authentication Type And Authentication Key
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration has not received the packets from the master switch punctually, it will become the master switch. However, the failure of backup to receive the packets may be due to network congestion, instead of the malfunction of the master switch.
Page 494: Configuring Vrrp Timer
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Those packets failing to pass the authentication will be discarded and a trap packet will be sent to the network management system. Perform the following configuration in VLAN interface view.
Page 495: Configuring The Switch To Track A Specified Interface
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Table 1-7 Configure VRRP timer Operation Command vrrp vrid virtual-router-ID timer advertise Configure VRRP timer adver-interval Clear VRRP timer undo vrrp vrid virtual-router-ID timer advertise By default, adver-interval is configured to be 1.
Page 496: Displaying And Debugging Vrrp
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration Note: The monitored physical port may be contained in the VLAN of the VLAN interface the backup group belongs to. When the switch is an IP address owner, its interfaces cannot be tracked.
Page 497 Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration virtual router ID: 1 virtual IP address: 202.38.160.111 master: switch A backup: switch B preemption: allowed II. Network diagram 10.2.3.1 Host B Internet VLAN-interface3: 10.100.10.2 Switch_A Switch_B VLAN-interface2: 202.38.160.1...
Page 498: Vrrp Tracking Interface Example
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration [LSW-A-vlan-interface2] vrrp vrid 1 priority 110 [LSW-A-vlan-interface2] vrrp vrid 1 preempt-mode Configure switch B. # Configure VLAN2. [LSW-B] vlan 2 [LSW-B-vlan2] interface vlan 2 [LSW-B-vlan-interface2] ip address 202.38.160.2 255.255.255.0 [LSW-B-vlan-interface2] quit # Configure VRRP.
Page 499 Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration III. Configuration procedure Configure switch A. # Configure VLAN 2. [LSW-A] vlan 2 [LSW-A-vlan2] interface vlan 2 [LSW-A-vlan-interface2] ip address 202.38.160.1 255.255.255.0 [LSW-A-vlan-interface2] quit # Set the virtual IP address of the virtual router can be pinged successfully.
Page 500: Multiple Virtual Routers Example
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration [LSW-B] interface vlan 2 [LSW-B-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Set the authentication key for the virtual router. [LSW-B-vlan-interface2] vrrp authentication-mode md5 switch # Set the master to send VRRP packets every 5 seconds.
Page 501: Troubleshooting
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration # Set the priority for virtual router 1. [LSW-A-vlan-interface2] vrrp vrid 1 priority 150 # Create virtual router 2. [LSW-A-vlan-interface2] vrrp vrid 2 virtual-ip 202.38.160.112 Configure switch B.
Page 502 Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 1 VRRP Configuration caused by the malicious attempt of some devices, non-technical measures should be resorted to. II. Symptom 2: More than one masters existing within the same virtual router There are also 2 reasons.
Page 503: Chapter 2 Ha Configuration
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 2 HA Configuration Chapter 2 HA Configuration 2.1 HA Overview S6506R supports high availability (HA) feature. This feature is to achieve a high availability of the system and to recover the system as soon as possible in the event of failures so as to shorten the mean time between failure (MTBF) of the system.
Page 504: Setting The Slave System Restart Manually
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 2 HA Configuration Note: When the S6506R starts, it will take about 3 minutes from the slave board is on to you can see the system prompt. During the 3 minutes, the slave board has no any action and reaction to the user’s operation if the user login the slave board.
Page 505: Enabling/Disabling Automatic Synchronization
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 2 HA Configuration Perform the following configuration in user view. Table 2-2 Perform the master-slave switchover manually Operation Command Perform the master-slave switchover manually slave switchover 2.2.3 Enabling/Disabling Automatic Synchronization S6506R supports automatic synchronization.
Page 506: Displaying And Debugging Ha
Operation Manual - Reliability Quidway S6500 Series Ethernet Switches Chapter 2 HA Configuration 2.3 Displaying and Debugging HA After the above configuration, execute the display command in any view to display the running of the ACL configuration, and to verify the effect of the configuration.
Page 507 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual System Management Huawei Technologies Proprietary...
Page 508 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 File System Management.................... 1-1 1.1 File System ........................1-1 1.1.1 File System Overview ..................... 1-1 1.1.2 Directory Operation ....................1-1 1.1.3 File Operation......................1-2 1.1.4 Storage Device Operation..................
Page 509 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Table of Contents Chapter 3 Device management ....................3-1 3.1 Device Management Overview..................3-1 3.2 Device Management Configuration ................... 3-1 3.2.1 Reboot Ethernet Switch ..................3-1 3.2.2 Reset a Card ......................3-1 3.2.3 Enable the Timing Reboot Function................
Page 510 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Table of Contents 4.5.3 Sending the Information to Loghost ..............4-14 4.5.4 Sending the Information to Console terminal............4-16 4.5.5 Sending the Information to Telnet Terminal or Dumb Terminal......4-19 4.5.6 Sending the Information to Log Buffer ..............
Page 511 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Table of Contents Chapter 7 NTP Configuration ....................... 7-1 7.1 Brief Introduction to NTP ....................7-1 7.1.1 NTP Functions......................7-1 7.1.2 Basic Operating Principle of NTP................7-1 7.2 NTP Configuration ......................7-2 7.2.1 Configure NTP Operating Mode................
Page 512: Chapter 1 File System Management
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Chapter 1 File System Management 1.1 File System 1.1.1 File System Overview The Ethernet switch provides a file system module for user’s efficient management over the storage devices such as flash memory. The file system offers file access and directory management, mainly including creating the file system, creating, deleting, modifying and renaming a file or a directory and opening a file.
Page 513: File Operation
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Operation Command Display the current working directory Display the information about directories or files dir [ / all ] [ file-url ] Change the current directory cd directory 1.1.3 File Operation...
Page 514: Set The Prompt Mode Of The File System
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Table 1-3 Storage device operation Operation Command Format the storage device format filesystem 1.1.5 Set the Prompt Mode of the File System The following command can be used for setting the prompt mode of the current file system.
Page 515: Display The Current-Configuration And Saved-Configuration Of Ethernet Switch
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management 1.2.2 Display the Current-configuration and Saved-configuration of Ethernet Switch After being powered on, the system will read the configuration files from Flash for the initialization of the device. (Such configuration files are called saved-configuration files).
Page 516: Erase Configuration Files From Flash Memory
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management 1.2.4 Erase Configuration Files from Flash Memory The reset saved-configuration command can be used to erase configuration files from Flash Memory. The system will use the default configuration parameters for initialization when the Ethernet switch is powered on for the next time.
Page 517: Ftp
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management 1.3 FTP 1.3.1 FTP Overview FTP is a common way to transmit files on IP network. Before the World Wide Web (WWW) appears, files were transmitted in the command line mode and FTP was the most popular application.
Page 518: Enable/Disable Ftp Server
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Table 1-11 Configuration of the switch as FTP server Device Configuration Default Description You can view the configuration FTP server is Start FTP server. information of FTP server with disabled.
Page 519: Configure The Ftp Server Connection Timeouts
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management directory provided for FTP clients. Only the clients who have passed the authentication and authorization successfully can access the FTP server. Note: For information about how to configure a local user, the password display mode of all...
Page 520: Introduction To Ftp Client
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management command can be used for displaying the detail information about the connected FTP users. 1.3.6 Introduction to FTP Client As an additional function provided by Ethernet switch, FTP client is an application module without any user configuration.
Page 521: Ftp Server Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Caution: If the free space of the flash memory is not enough, you need to first delete the existing programs in the flash memory and then upload the new ones.
Page 522 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management & write authority over the flash root directory on the PC. The IP address of a VLAN interface on the switch is 1.1.1.1, and that of the PC is 2.2.2.2. The switch and PC are reachable.
Page 523: Tftp
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management <Quidway> # Use the boot boot-loader command to specify the downloaded program as the application at the next login and reboot the switch. <Quidway> boot boot-loader primary switch.app <Quidway>...
Page 524: Download Files By Means Of Tftp
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Table 1-15 Configuration of the switch as TFTP client Device Configuration Default Description TFTP is right for the case where no Configure IP address for...
Page 525: Specify The Acl Rule On Tftp Connection
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management 1.4.4 Specify the ACL rule on TFTP connection You can use the following commands to specify the ACL rule when the TFTP client is making a connection with the TFTP server.
Page 526 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 1 File System Management Caution: If the flash memory of the switch is not enough, you need to first delete the existing programs in the flash memory and then upload the new ones.
Page 527: Chapter 2 Mac Address Table Management
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 2 MAC Address Table Management Chapter 2 MAC Address Table Management 2.1 MAC Address Table Management Overview An Ethernet Switch maintains a MAC address table for fast forwarding packets. A table entry includes the MAC address of a device and the port ID of the Ethernet switch connected to it.
Page 528: Mac Address Table Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 2 MAC Address Table Management You can configure (add or modify) the MAC address entries manually according to the actual networking environment. The entries can be static ones or dynamic ones.
Page 529: Set The Max Count Of Mac Address Learned By A Port
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 2 MAC Address Table Management You can use the following commands to set the MAC address aging time for the system. Perform the following configuration in system view. Table 2-2 Set the MAC address aging time for the system...
Page 530: Set The Processing Method For The Specific Packets
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 2 MAC Address Table Management 2.2.4 Set the processing method for the specific packets You can use the following commands to configure whether or not the packets with destination MAC addresses being bridge MAC address of the switch are passed to CPU for being processed.
Page 531 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 2 MAC Address Table Management II. Networking diagram Internet Network Port Console Port Switch Figure 2-2 Typical configuration of address table management III. Configuration procedure # Enter the system view of the switch.
Page 532: Chapter 3 Device Management
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Chapter 3 Device management 3.1 Device Management Overview With the device management function, the Ethernet Switch can display the current running state and event debugging information about the slots, thereby implementing the maintenance and management of the state and communication of the physical devices.
Page 533: Enable The Timing Reboot Function
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management 3.2.3 Enable the Timing Reboot Function After enable the timing reboot function on the switch, the switch will be rebooted on the specified time. Perform the following configuration in user view, and display schedule reboot command can be performed in any view.
Page 534: Upgrade Bootrom
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management If the switch cannot be booted by both of the files, it randomly selects an application file from the Flash memory. The booting fails if the switch cannot be booted by the newly selected one.
Page 535: Set Slot Temperature Limit
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Note: S6506R supports master board and slave board. The two boards both have file system. User can operate the file on the two boards. In the case user upgrade the BootROM adopted on slave board, the file directory or URL should be started with “slot[No.]#flash:”, the [No.] is the slave board number.
Page 536: Specify The Switch Type
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Table 3-9 Enable/Disable RDRAM Operation Command Enable RDRAM of the device rdram enable Disable RDRAM of the device rdram disable By default, RDRAM of the device is enabled.
Page 537: Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management 3.3.2 Configuration Example I. Network requirements Salience III series engines works with the S6503 chassis without the XGbus silkscreen. Set the switch type to S6503. II. Network diagram...
Page 538: Pause Frame Protection Mechanism Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Table 3-11 Configure pause frame protection mechanism Number Operation Command Remarks – Enter system view <Quidway> system-view Required. Pause Enable pause [Quidway] frame protection frame protection...
Page 539: Layer 3 Connectivity Detection Configuration Task
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management 3.5.1 Layer 3 Connectivity Detection Configuration Task Note: Before performing this configuration, make sure the physical link between the local peer and the remote peer is correct, and the related VLAN interfaces are assigned with an IP addresses.
Page 540: Layer 3 Connectivity Detection Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management 3.5.2 Layer 3 Connectivity Detection Configuration Example I. Network requirements Enable Layer 3 connectivity detection between a local and a remote device. II. Configuration procedure Note: Make sure the physical link between the local peer and the remote peer is correct;...
Page 541: Queue Traffic Monitoring Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Table 3-13 Configure queue traffic monitoring Number Operation Command Remarks – Enter system view <Quidway> system-view Required. This Enable queue [Quidway] qe monitor function is enabled by...
Page 542: Error Packets Monitoring Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management Table 3-14 Configure error packets monitoring Number Operation Command Remarks Enter <Quidway> – system view system-view Set the interval [Quidway] qe monitor Optional. Defaults to 5...
Page 543: Display And Debug Device Management
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management [Quidway-Ethernet4/0/1] Specify only detect current interface for error packets of runt type. [Quidway-Ethernet4/0/1] qe monitor errpkt runt 3.8 Display and Debug Device Management After the above configuration, execute display command in any view to display the running of the device management configuration, and to verify the effect of the configuration.
Page 544 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management II. Networking diagram Network Network Switch Switch Switch Figure 3-2 Networking for FTP configuration III. Configuration procedure Configure FTP server parameters on the PC: a user named as switch, password hello, read &...
Page 545 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 3 Device management # Enter the authorized directory of the FTP server. [ftp] cd switch # Use the get command to download the switch.app from the FTP server to the flash directory on the FTP server.
Page 546: Chapter 4 System Maintenance And Debugging
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Chapter 4 System Maintenance and Debugging 4.1 Basic System Configuration 4.1.1 Set Name for Switch Perform the operation of sysname command in the system view.
Page 547: Set The Summer Time
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging 4.1.4 Set the Summer Time You can set the name, starting and ending time of the summer time. Perform the following operations in the user view.
Page 548: System Debugging
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging 4.3 System Debugging 4.3.1 Enable/Disable the Terminal Debugging The Ethernet switch provides various ways for debugging most of the supported protocols and functions, which can help you diagnose and address the errors.
Page 549: Display Diagnostic Information
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging For more about the usage and format of the debugging commands, refer to the relevant chapters. Note: Since the debugging output will affect the system operating efficiency, do not enable the debugging without necessity, especially use the debugging all command with caution.
Page 550: Logging Function
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging The response to each ping message. If no response packet is received when time is out, ”Request time out” information appears. Otherwise, the data bytes, the packet sequence number, TTL, and the round-trip time of the response packet will be displayed.
Page 551 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging %Jun 7 05:22:03 2003 Quidway IFNET/6/UPDOWN:Line protocol on interface Ethernet1/0/2, changed state to UP When the log information is output to info-center, the first part will be “<Priority>”.
Page 552 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging The sysname is the host name, the default value is "Quidway". User can change the host name through sysname command. Notice: There is a blank between sysname and module name.
Page 553: Info-Center Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Severity Description notifications The information should be concerned. informational Common prompting information debugging Debugging information Notice: There is a slash between severity and digest.
Page 554 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging The information can be classified in terms of the source modules and the information can be filtered in accordance with the modules. The output language can be selected between Chinese and English.
Page 555 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-14 Sending the Information to the console terminal. Configuration Device Configuration Default value description default, Other configurations are Enable info-center info-center is valid only if the info-center enabled.
Page 556 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-15 Sending the Information to monitor terminal Configuration Device Configuration Default value description default, Other configurations are Enable info-center info-center is valid only if the info-center enabled.
Page 557 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-16 Sending the Information to log buffer Configuration Device Configuration Default value description default, Other configurations are Enable info-center info-center valid only if the info-center enabled.
Page 558 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-18 Sending the Information to SNMP Configuration Device Configuration Default value description default, Other configurations are Enable info-center info-center valid only if the info-center enabled.
Page 559: Sending The Information To Loghost
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-19 Turn on/off the information synchronization switch in Fabric Configuration Device Configuration Default value description Other configurations are Enable By default, info-center valid only if the info-center info-center is enabled.
Page 560 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-21 Configuring to output information to loghost Operation Command info-center loghost host-ip-addr channel channel-number Output information to loghost channel-name } ] [ facility local-number ]...
Page 561: Sending The Information To Console Terminal
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Note: If you want to view the debugging information of some modules on the switch, you must select debugging as the information type when configuring information source, meantime using the debugging command to turn on the debugging switch of those modules.
Page 562 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Configuring to output information to console terminal Perform the following operation in system view. Table 4-25 Configuring to output information to console terminal Operation...
Page 563 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Note: If you want to view the debugging information of some modules on the switch, you must select debugging as the information type when configuring information source, meantime using the debugging command to turn on the debugging switch of those modules.
Page 564: Sending The Information To Telnet Terminal Or Dumb Terminal
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging 4.5.5 Sending the Information to Telnet Terminal or Dumb Terminal To send configuration information to Telnet terminal or dumb terminal, follow the steps below: Enabling info-center Perform the following operation in system view.
Page 565 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-31 Defining information source Operation Command info-center source { modu-name | default } Define information source channel { channel-number | channel-name } [ { log |...
Page 566: Sending The Information To Log Buffer
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-32 Configuring the output format of time-stamp Operation Command Configure the output format of the info-center timestamp trap time-stamp debugging } { boot | date | none }...
Page 567 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-34 Enabling/disabling info-center Operation Command Enable info-center info-center enable Disable info-center undo info-center enable Note: Info-center is enabled by default. After info-center is enabled, system performances are affected when the system processes much information because of information classification and outputting.
Page 568: Sending The Information To Trap Buffer
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging information with the level below it will not be output. channel-number specifies the channel number and channel-name specifies the channel name. When defining the information sent to log buffer, channel-number or channel-name must be set to the channel that corresponds to Console direction.
Page 569 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Note: Info-center is enabled by default. After info-center is enabled, system performances are affected when the system processes much information because of information classification and outputting.
Page 570: Sending The Information To Snmp Network Management
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging may have different default settings of log, trap and debugging. When there is no specific configuration record for a module in the channel, use the default one.
Page 571 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Configuring to output information to SNMP NM Perform the following operation in system view. Table 4-43 Configuring to output information to SNMP NM Operation...
Page 572: Turn On/Off The Information Synchronization Switch In Fabric
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Note: If you want to view the debugging information of some modules on the switch, you must select debugging as the information type when configuring information source, meantime using the debugging command to turn on the debugging switch of those modules.
Page 573: Displaying And Debugging Info-Center
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Table 4-46 Enable/disable info-center Operation Command Enable info-center info-center enable Disable info-center undo info-center enable Turn on the information synchronization switch Perform the following operation in system view.
Page 574: Configuration Examples Of Sending Log To Unix Loghost
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging Operation Command Clear information in memory buffer reset logbuffer Clear information in trap buffer reset trapbuffer 4.5.11 Configuration examples of sending log to Unix loghost I.
Page 575 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging This configuration is performed on the loghost. The following example is performed on SunOS 4.0 and the operation on Unix operation system produced by other manufactures is generally the same to the operation on SunOS 4.0.
Page 576: Configuration Examples Of Sending Log To Linux Loghost
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging 4.5.12 Configuration examples of sending log to Linux loghost I. Networking Requirement The networking requirement are as follows: Sending the log information of the switch to Linux loghost The IP address of the loghost is 202.38.1.10...
Page 577 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging # Quidway configuration messages local7.info /var/log/Quidway/information Note: Note the following points when editing /etc/syslog.conf: The note must occupy a line and start with the character #.
Page 578: Configuration Examples Of Sending Log To Console Terminal
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 4 System Maintenance and Debugging 4.5.13 Configuration examples of sending log to console terminal I. Networking Requirement The networking requirement are as follows: Sending the log information of the switch to console terminal...
Page 579: Chapter 5 Snmp Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration Chapter 5 SNMP Configuration 5.1 SNMP Overview By far, the Simple Network Management Protocol (SNMP) has gained the most extensive application in the computer networks. SNMP has been put into use and widely accepted as an industry standard in practice.
Page 580 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration Figure 5-1 Architecture of the MIB tree The MIB (Management Information Base) is used to describe the hierarchical architecture of the tree and it is the set defined by the standard variables of the monitored network device.
Page 581: Configure Snmp
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration 5.3 Configure SNMP The main configuration of SNMP includes: Set community name Set the Method of Identifying and Contacting the Administrator Enable/Disable snmp Agent to Send Trap...
Page 582: Enable/Disable Snmp Agent To Send Trap
}* | version { { v1 | v2c | v3 }* | all } } administrator By default, the system contacting method is “ Hangzhou Huawei-3Com Tech. Co.,Ltd. ”; the location is “ Beijing China ”; the version is SNMPv3.
Page 583: Set The Destination Address Of Trap
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration 5.3.4 Set the Destination Address of Trap You can use the following commands to set or delete the destination address of the trap. Perform the following configuration in system view.
Page 584: Set Snmp Version
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration Table 5-7 Set sysLocation Operation Command snmp-agent sys-info location Set sysLocation sysLocation Restore the default location of the undo snmp-agent sys-info location Ethernet switch By default, the sysLocation is specified as “Beijing China”.
Page 585: Set The Source Address Of Trap
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration Table 5-10 Set/Delete an SNMP Group Operation Command snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-list ]...
Page 586: Create/Update View Information Or Deleting A View
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration 5.3.12 Create/Update View Information or Deleting a View You can use the following commands to create, update the information of views or delete a view. Perform the following configuration in system view.
Page 587: Display And Debug Snmp
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration 5.4 Display and Debug SNMP After the above configuration, execute display command in any view to display the running of the SNMP configuration, and to verify the effect of the configuration. Execute debugging command in user view to debug SNMP configuration.
Page 588 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 5 SNMP Configuration II. Networking diagram 129.102.0.1 129.102.149.23 Ethernet Figure 5-2 SNMP configuration example III. Configuration procedure # Enter the system view. <Quidway> system-view # Set the community name , group name and user.
Page 589 Chapter 5 SNMP Configuration IV. Configure Network Management System The Ethernet Switch supports Huawei’s iManager Quidview NMS. Users can query and configure the Ethernet switch through the network management system. For more about it, refer to the manuals of Huawei’s NM products.
Page 590: Chapter 6 Rmon Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 6 RMON Configuration Chapter 6 RMON Configuration 6.1 RMON Overview Remote Network Monitoring (RMON) is a type of IETF-defined MIB. It is the most important enhancement to the MIB II standard. It is mainly used for monitoring the data traffic on a segment and even on a whole network.
Page 591: Configure Rmon
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 6 RMON Configuration 6.2 Configure RMON RMON configuration includes: Add/Delete an Entry to/from the Event Table Add/Delete an Entry to/from the Alarm Table Add/Delete an Entry to/from the extended RMON alarm table...
Page 592: Add/Delete An Entry To/From The History Control Table
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 6 RMON Configuration Table 6-2 Add/Delete an entry to/from the event table Operation Command rmon event event-entry [ description description ] { log | Add an entry to the trap trap-community | log-trap log-trapcommunity | none } event table.
Page 593: Add/Delete An Entry To/From The Statistics Table
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 6 RMON Configuration 6.2.5 Add/Delete an Entry to/from the Statistics Table The RMON statistics management concerns the port usage monitoring and error statistics when using the ports. The statistics include collision, CRC and queuing, undersize packets or oversize packets, timeout transmission, fragments, broadcast, multicast and unicast messages and the usage ratio of bandwidth.
Page 594 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 6 RMON Configuration II. Networking diagram Internet Network Port Console Port Switch Figure 6-1 RMON configuration networking III. Configuration procedure # Configure RMON. [Quidway-Ethernet3/0/1] rmon statistics 3 owner abc # View the configurations in user view.
Page 595: Chapter 7 Ntp Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Chapter 7 NTP Configuration 7.1 Brief Introduction to NTP 7.1.1 NTP Functions As the network topology gets more and more complex, it becomes important to synchronize the clocks of the equipment on the whole network. NTP (Network Time Protocol) is an application layer protocol of TCP/IP protocol suite and used for advertising the accurate time throughout the network.
Page 596: Ntp Configuration
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration In the figure above, Ethernet Switch A and Ethernet Switch B are connected via the Ethernet port. They have independent system clocks. Before implement automatic clock synchronization on both switches, we assume that: Before synchronizing the system clocks on Ethernet Switch A and B, the clock on Ethernet Switch A is set to 10:00:00am, and that on B is set to 11:00:00am.
Page 597: Configure Ntp Operating Mode
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Disable the NTP Service Globally 7.2.1 Configure NTP Operating Mode You can set the NTP operating mode of an Ethernet Switch according to its location in the network and the network structure.
Page 598 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Table 7-1 Configure NTP time server Operation Command ntp-service unicast-server ip-address [ version number ] Configure NTP time authentication-keyid keyid source-interface server { interface-name | interface-type interface-number } ]...
Page 599 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration III. Configure NTP Broadcast Server Mode Designate an interface on the local Ethernet Switch to transmit NTP broadcast packets. In this case, the local equipment operates in broadcast mode and serves as a broadcast server to broadcast messages to its clients regularly.
Page 600: Configure Ntp Id Authentication
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Perform the following configurations in VLAN interface view. Table 7-5 Configure NTP multicast server mode Operation Command ntp-service multicast-server [ ip-address ] [ authentication-keyid Configure NTP multicast server mode...
Page 601: Set Ntp Authentication Key
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Table 7-7 Configure NTP authentication Operation Command Enable NTP authentication ntp-service authentication enable Disable NTP authentication undo ntp-service authentication enable 7.2.3 Set NTP Authentication Key This configuration task is to set NTP authentication key.
Page 602: Set Ntp Master Clock
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Perform the following configurations in system view. Table 7-10 Designate an interface to transmit NTP message Operation Command ntp-service source-interface Designate an interface to transmit NTP...
Page 603: Set Authority To Access A Local Ethernet Switch
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Table 7-12 Enable/Disable an interface to receive NTP message Operation Command Disable an interface to receive NTP ntp-service in-interface disable message Enable an interface to receive NTP...
Page 604: Disable The Ntp Service Globally
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Table 7-14 Set the maximum local dynamic sessions Operation Command maximum local dynamic ntp-service max-dynamic-sessions sessions number Restore default value undo ntp-service maximum number of local dynamic...
Page 605: Typical Ntp Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Table 7-16 NTP display and debugging Operation Command Display the status of NTP service display ntp-service status Display the status of sessions maintained by display ntp-service...
Page 606 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration # Enter system view. <Quidway2> system-view # Set Quidway1 as the NTP server. [Quidway2] ntp-service unicast-server 1.0.1.11 above examples synchronized Quidway2 Quidway1. Before synchronization, the Quidway2 is shown in the following status:...
Page 607 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration ******************************************************************** [12345]1.0.1.11 LOCAL(0) -0.4 note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured II. NTP peer configuration example Network requirements On Quidway3, set local clock as the NTP master clock at stratum 2. On Quidway2, configure Quidway1 as the time server in server mode and set the local equipment as in client mode.
Page 608 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration Service status: enabled Clock status: synchronized Clock stratum: 2 Reference clock ID: 3.0.1.31 Nominal frequency: 60.0002 Hz Actual frequency: 60.0002 Hz Clock precision: 2^17 Clock offset: -9.8258 ms Root delay: 27.10 ms...
Page 609 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration [Quidway3-Vlan-Interface2] ntp-service broadcast-server Configure Ethernet Switch Quidway4: # Enter system view. <Quidway4> system-view # Enter Vlan-interface2 view. [Quidway4] interface vlan-interface 2 [Quidway4-Vlan-Interface2] ntp-service broadcast-client Configure Ethernet Switch Quidway1: # Enter system view.
Page 610 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration source reference stra reach poll now offset delay disper [12345]127.127.1.0 LOCAL(0) [5]1.0.1.11 LOCAL(0) [5]128.108.22.44 0.0.0.0 note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured IV. Configure NTP multicast mode...
Page 611 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration [Quidway1-Vlan-Interface2] ntp-service multicast-client The above examples configure Quidway4 and Quidway1 to receive multicast messages from Vlan-interface2, Quidway3 multicast messages from Vlan-interface2. Since Quidway1 and Quidway3 are not located on the same segments, Quidway1 cannot receive the multicast packets from Quidway3, while Quidway4 is synchronized by Quidway3 after receiving the multicast packet.
Page 612 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 7 NTP Configuration [Quidway1] ntp-service authentication enable # Set the key. [Quidway1] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey # Configure the key as reliable. [Quidway1] ntp-service reliable authentication-keyid 42...
Page 613: Chapter 8 Ssh Terminal Services
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Chapter 8 SSH Terminal Services 8.1 SSH Terminal Services 8.1.1 SSH Overview Secure Shell (SSH) can provide information security and powerful authentication to prevent such assaults as IP address spoofing, plain-text password interception when users log on to the switch remotely from an insecure network environment.
Page 614: Configuring Ssh Server
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Key negotiation stage: Both ends negotiate key algorithm and compute session key. The server randomly generates its RSA key and sends the public key to the client.
Page 615 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Setting system protocol and link maximum Configuring and deleting local RSA key pair Configuring authentication type Defining update interval of server key Defining SSH authentication timeout value...
Page 616 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Table 8-2 Configuring and canceling local RSA key pair Operation Command Configure local RSA key pair rsa local-key-pair create Cancel local RSA key pair rsa local-key-pair destroy Caution: For a successful SSH login, you must configure and generate the local RSA key pairs.
Page 617 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Table 8-4 Defining update interval of server key Operation Command Define update interval of server key ssh server rekey-interval hours Restore the default update interval undo ssh server rekey-interval By default, the system does not update server key.
Page 618 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Note: This operation is only available for the SSH users using RSA authentication. At the switch, you configure the RSA public key of the client, while at the client, you specify the RSA private key which corresponds to the RSA public key.
Page 619: Configuring Ssh Client
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Table 8-9 Associating public key with SSH user Operation Command Associate existing public with an SSH ssh user username assign rsa-key user keyname Remove the association undo ssh user username assign rsa-key 8.1.3 Configuring SSH Client...
Page 620 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Figure 8-2 PuTTy key generator When the generation process has finished, save the generated public and private keys to files using the Save buttons. Run the sshkey program. This converts SSH public key to the format required by the switch.
Page 621 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Use the save button to save this converted key to a file. Open the public key file in notepad and add the following lines of text before the existing...
Page 622 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services II. Specifying server IP address Start PuTTY program and the client configuration interface pops up. Figure 8-5 SSH client configuration interface (1) In the Host Name (or IP address) text box key in the IP address of the switch, for example, 10.110.28.10.
Page 623 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Figure 8-6 SSH client configuration interface (2) You can select 1, as shown in the figure. V. Specifying RSA private key file If you want to enable RSA authentication, you must specify RSA private key file, which is not required for password authentication.
Page 624 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Figure 8-7 SSH client configuration interface (3) Click the <Browse> button to enter the File Select interface. Choose a desired file and click <OK>. VI. Opening SSH connection Click the <Open >...
Page 625: Displaying And Debugging Ssh
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services Figure 8-8 SSH client interface Key in correct username and password and log into SSH connection. Log out of SSH connection with the logout command.
Page 626: Ssh Configuration Example
Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services 8.1.5 SSH Configuration Example I. Networking requirements As shown in Figure 8-9, configure local connection from SSH Client to the switch. The client uses SSH protocol to access the switch.
Page 627 Operation Manual - System Management Quidway S6500 Series Ethernet Switches Chapter 8 SSH Terminal Services # Specify AAA authentication on the user interface. [Quidway] user-interface vty 0 4 [Quidway-ui-vty0-4] authentication-mode scheme # Select SSH protocol on the switch. [Quidway-ui-vty0-4] protocol inbound ssh # Specify RSA authentication on the switch.
Page 628 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Huawei Technologies Proprietary...
Page 629 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 PoE Configuration ....................... 1-1 1.1 PoE Overview ........................1-1 1.1.1 PoE on the Switch....................1-1 1.1.2 External PSE2500-A1 Power System ..............1-2 1.1.3 PoE-Capable Boards ....................1-2 1.1.4 Setting PoE Management Mode ................
Page 630: Chapter 1 Poe Configuration
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration Chapter 1 PoE Configuration 1.1 PoE Overview 1.1.1 PoE on the Switch S6500 Series Ethernet Switches (hereinafter referred to as S6500 series) support power-over-Ethernet (PoE). Equipped with external power supply and PoE-capable boards, S6500 series can provide -48 VDC power to remote powered devices (PDs, such as IP Phones, WLAN APs, and Network Cameras) through twisted pairs.
Page 631: External Pse2500-A1 Power System
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration 1.1.2 External PSE2500-A1 Power System If PSE2500-A1 power system is taken as the external power supply, the power is distributed as follows: Input voltage: 100 VAC to 140 VAC One power supply unit (PSU) of the PSE2500-A1 power system can provide 1250 W of power, and two PSUs can provide up to 2400 W of power.
Page 632: Poe Configuration
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration Note: When the switch manages PoE in auto mode, then it compares the port priorities on board basis. In other words, it cannot compare the priorities of ports on different boards.
Page 633 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration Operation Command Description Enable PoE-compatibilit [Quidway] legacy Optional y detection on enable slot slot-num the PoE board result this command, a port view [Quidway] interface Enter Ethernet...
Page 634 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration Operation Command Description Display the PoE state and PoE <Quidway> display You can execute this power command in any view. information each board To cancel the configurations, use the corresponding undo commands. For details about the parameters, refer to the Command Manual.
Page 635: Configuration Example
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration Note: When setting the maximum PoE power supplied by the switch with the poe power max-value command, you must set it to a value greater than the total power that has been distributed to the boards.
Page 636 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration The IP phones connected to Ethernet3/0/23 and Ethernet3/0/24 do not need PoE feature. Ethernet3/0/48 requires high priority for the use of network management. Configure the PoE management mode as auto mode for slot 3.
Page 637 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 1 PoE Configuration # Set the maximum power to 400 W on the board in slot 3. By default, the power of each board is full, so the power on the board in slot 5 need no configuration.
Page 638: Chapter 2 Poe Psu Supervision Configuration
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 2 PoE PSU Supervision Configuration Chapter 2 PoE PSU Supervision Configuration 2.1 Introduction to PoE PSU Supervision The PoE-capable S6500 series can monitor the external PoE power supply units (PSUs) through SRPUs. The external PoE PSU supervision includes: Setting the alarm thresholds for the AC input voltages.
Page 639: Ac Input Alarm Thresholds Configuration Example
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 2 PoE PSU Supervision Configuration Note: You can set the thresholds to any appropriate values in the range, but make sure the lower threshold is less than the upper threshold.
Page 640: Dc Output Alarm Thresholds Configuration Tasks
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 2 PoE PSU Supervision Configuration 2.3.1 DC Output Alarm Thresholds Configuration Tasks Table 2-2 DC output alarm thresholds configuration task Operation Command Description <Quidway> Enter the system view — system-view...
Page 641: Displaying Poe Supervision Information
Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 2 PoE PSU Supervision Configuration [Quidway] poe-power output-thresh upper 55.0 # Set the undervoltage alarm threshold of DC output for the PoE PSUs to 47.0 V. [Quidway] poe-power output-thresh lower 47.0 # Display the DC output state of the PoE PSUs.
Page 642 Operation Manual - PoE Quidway S6500 Series Ethernet Switches Chapter 2 PoE PSU Supervision Configuration II. Network diagram S6506 S6506 Ethernet3/0/1~Ethernet3/0/48 Ethernet3/0/1~Ethernet3/0/48 IP Phone IP Phone Network Network IP Phone IP Phone IP Phone IP Phone IP Phone IP Phone Figure 2-1 Network diagram for PoE supervision configuration III.
Page 643 HUAWEI Quidway S6500 Series Ethernet Switches Operation Manual Appendix Huawei Technologies Proprietary...
Page 644 Operation Manual - Appendix Quidway S6500 Series Ethernet Switches Table of Contents Table of Contents Appendix A Acronyms ........................A-1 Huawei Technologies Proprietary...
Page 645 Operation Manual - Appendix Quidway S6500 Series Ethernet Switches Appendix A Acronyms Appendix A Acronyms Authentication, Authorization and Accounting Area Border Router Access Control List Address Resolution Protocol Autonomous System ASBR Autonomous System Border Router Backup Designated Router Committed Access Rate...
Page 646 Operation Manual - Appendix Quidway S6500 Series Ethernet Switches Appendix A Acronyms ICMP Internet Control Message Protocol IGMP Internet Group Management Protocol Interior Gateway Protocol Internet Protocol Link State Advertisement LSDB Link State DataBase Medium Access Control Management Information Base...
Page 647 Operation Manual - Appendix Quidway S6500 Series Ethernet Switches Appendix A Acronyms User Datagram Protocol VLAN Virtual LAN Video On Demand Virtual Terminal Virtual Type Terminal Weighted Round Robin Huawei Technologies Proprietary...

This manual is also suitable for:

Release 3000 series

Huawei Quidway S6500 Series Operation Manual

Huawei

Chapter 1 Product Overview

Chapter 2 Logging in Switch

Chapter 3 Command Line Interface

Chapter 4 User Interface Configuration

Igmp Configuration/Pim Configuration

Chapter 5 IGMP Configuration

Chapter 6 PIM Configuration

Chapter 7 Multicast MAC Address Configuration

Huawei

Huawei

Huawei

Huawei

Huawei

Chapter 8 SSH Terminal Services

Quick Links

Chapters

Troubleshooting

Related Manuals for Huawei Quidway S6500 Series

Summary of Contents for Huawei Quidway S6500 Series