Вы находитесь на странице: 1из 171

Quidway S5300 Series Ethernet Switches

V100R003C00

Configuration Guide - IP Service

Issue

04

Date

2010-01-25

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any
assistance, please contact our local office or company headquarters.

Huawei Technologies Co., Ltd.


Address:

Huawei Industrial Base


Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website:

http://www.huawei.com

Email:

support@huawei.com

Copyright Huawei Technologies Co., Ltd. 2010. All rights reserved.


No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions


and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Contents

Contents
About This Document.....................................................................................................................1
1 IP Addresses Configuration.....................................................................................................1-1
1.1 Overview.........................................................................................................................................................1-2
1.1.1 Introduction to IP Addresses..................................................................................................................1-2
1.1.2 Features of IP Addresses Supported by the S-switch.............................................................................1-2
1.2 Configuring IP Addresses for VLAN interfaces.............................................................................................1-2
1.2.1 Establishing the Configuration Task......................................................................................................1-2
1.2.2 Configuring a Primary IP Address for an VLAN Interface...................................................................1-3
1.2.3 (Optional) Configuring a Secondary IP Address for an VLANIF Interface..........................................1-4
1.2.4 Checking the Configuration...................................................................................................................1-4
1.3 Maintaining.....................................................................................................................................................1-5
1.3.1 Monitoring Network Operation Status...................................................................................................1-5
1.4 Configuration Examples..................................................................................................................................1-5
1.4.1 Example for Configuring Primary and Secondary IP Addresses...........................................................1-5

2 ARP Configuration....................................................................................................................2-1
2.1 Overview.........................................................................................................................................................2-2
2.1.1 Introduction to ARP...............................................................................................................................2-2
2.1.2 Features of ARP Supported by the S-switch..........................................................................................2-2
2.2 Configuring ARP.............................................................................................................................................2-2
2.2.1 Establishing the Configuration Task......................................................................................................2-2
2.2.2 Configuring Static ARP Entries.............................................................................................................2-3
2.2.3 Optimizing Dynamic ARP.....................................................................................................................2-4
2.2.4 Checking the Configuration...................................................................................................................2-4
2.3 Configuring Routed Proxy ARP.....................................................................................................................2-6
2.3.1 Establishing the Configuration Task......................................................................................................2-6
2.3.2 Configuring an IP Addresses for the VLANIF Interface.......................................................................2-6
2.3.3 Enabling Routed Proxy ARP Function..................................................................................................2-7
2.3.4 Checking the Configuration...................................................................................................................2-7
2.4 Configuring Proxy ARP in a VLAN...............................................................................................................2-8
2.4.1 Establishing the Configuration Task......................................................................................................2-8
2.4.2 Setting the IP Address of a VLANIF Interface......................................................................................2-8
2.4.3 Enabling Proxy ARP in a VLAN...........................................................................................................2-9
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Contents

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
2.4.4 Checking the Configuration...................................................................................................................2-9

2.5 Configuring Proxy ARP Between VLANs...................................................................................................2-10


2.5.1 Establishing the Configuration Task....................................................................................................2-10
2.5.2 Configuring an IP Addresses for the VLANIF Interface.....................................................................2-11
2.5.3 Enabling Proxy ARP Between VLANs...............................................................................................2-11
2.5.4 Checking the Configuration.................................................................................................................2-12
2.6 Maintaining ARP...........................................................................................................................................2-12
2.6.1 Clearing ARP Statistics........................................................................................................................2-12
2.6.2 Monitoring Network Operation Status.................................................................................................2-13
2.6.3 Debugging ARP...................................................................................................................................2-13
2.7 Configuration Examples................................................................................................................................2-14
2.7.1 Example for Configuring Static ARP...................................................................................................2-14
2.7.2 Example for Configuring Dynamic ARP.............................................................................................2-16
2.7.3 Example for Configuring Routed Proxy ARP......................................................................................2-17
2.7.4 Example for Configuring Proxy ARP in a VLAN...............................................................................2-19
2.7.5 Example for Configuring Proxy ARP Between VLANs.....................................................................2-22

3 DNS Configuration....................................................................................................................3-1
3.1 Overview.........................................................................................................................................................3-2
3.1.1 Introduction to DNS...............................................................................................................................3-2
3.1.2 DNS Supported by the S-switch.............................................................................................................3-2
3.2 Configuring DNS............................................................................................................................................3-2
3.2.1 Establishing the Configuration Task......................................................................................................3-2
3.2.2 Configuring Static DNS Entries.............................................................................................................3-3
3.2.3 Configuring Dynamic DNS....................................................................................................................3-3
3.2.4 Checking the Configuration...................................................................................................................3-4
3.3 Maintaining DNS............................................................................................................................................3-5
3.3.1 Clearing DNS Entries.............................................................................................................................3-5
3.3.2 Monitoring Network Operation Status...................................................................................................3-6
3.3.3 Debugging DNS.....................................................................................................................................3-6
3.4 Configuration Examples..................................................................................................................................3-6
3.4.1 Example for Configuring DNS..............................................................................................................3-6

4 DHCP Configuration.................................................................................................................4-1
4.1 Overview.........................................................................................................................................................4-2
4.1.1 Introduction to DHCP............................................................................................................................4-2
4.1.2 DHCP Supported by the S-switch..........................................................................................................4-2
4.2 Configuring the Global Address Pool-based DHCP Server............................................................................4-2
4.2.1 Establishing the Configuration Task......................................................................................................4-2
4.2.2 Configuring the DHCP Global Address Pool........................................................................................4-3
4.2.3 Configure Static IP Address Binding.....................................................................................................4-4
4.2.4 Configuring DNS Services for the DHCP Client...................................................................................4-5
4.2.5 Configuring NetBIOS Services for the DHCP Client............................................................................4-6
4.2.6 Configuring Egress Gateway for the DHCP Client...............................................................................4-7
ii

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Contents

4.2.7 Configuring DHCP Self-Defined Options.............................................................................................4-7


4.2.8 Assigning IP Addresses in the Global Address Pool to the DHCP Clients on the Specified Interface
.........................................................................................................................................................................4-8
4.2.9 Checking the Configuration...................................................................................................................4-9
4.3 Configuring VLANIF Interface Address Pool-based DHCP Server.............................................................4-11
4.3.1 Establishing the Configuration Task....................................................................................................4-11
4.3.2 Enabling Address Pools on VLANIF Interfaces..................................................................................4-12
4.3.3 Configuring the Address Pool on the VLANIF Interface....................................................................4-14
4.3.4 Configuring DNS on the Address Pool of the VLANIF Interface.......................................................4-15
4.3.5 Configuring NetBIOS on the Address Pool of the VLANIF Interface................................................4-15
4.3.6 Configuring DHCP Self-Defined Options for the Address Pool of the VLANIF Interface................4-17
4.3.7 Checking the Configuration.................................................................................................................4-18
4.4 Configuring the Security Function for DHCP...............................................................................................4-18
4.4.1 Establishing the Configuration Task....................................................................................................4-19
4.4.2 Starting the Detection of the Pseudo DHCP Server on a DHCP Server..............................................4-19
4.4.3 Avoiding Repetitive IP Address Assignment.......................................................................................4-20
4.4.4 Saving DHCP Data...............................................................................................................................4-20
4.4.5 Recovering DHCP Data.......................................................................................................................4-21
4.4.6 Checking the Configuration.................................................................................................................4-21
4.5 Configuring DHCP Relay.............................................................................................................................4-22
4.5.1 Establishing the Configuration Task....................................................................................................4-22
4.5.2 Enabling DHCP Relay.........................................................................................................................4-23
4.5.3 Assigning IP Addresses to the Client Through Relay..........................................................................4-24
4.5.4 Requesting the DHCP Server to Release IP Addresses of the Client..................................................4-25
4.5.5 Checking the Configuration.................................................................................................................4-25
4.6 Maintaining DHCP........................................................................................................................................4-26
4.6.1 Resetting DHCP...................................................................................................................................4-26
4.6.2 Releasing Conflicting IP Addresses.....................................................................................................4-27
4.6.3 Clearing DHCP Statistics.....................................................................................................................4-27
4.6.4 Monitoring Network Operation Status.................................................................................................4-28
4.6.5 Debugging DHCP................................................................................................................................4-28
4.7 Configuration Examples................................................................................................................................4-29
4.7.1 Example for Configuring the Global Address Pool-based DHCP Server............................................4-29
4.7.2 Example for Configuring the VLANIF Interface Address Pool-based DHCP Server.........................4-32
4.7.3 Example for Configuring DHCP Relay...............................................................................................4-35

5 IP Performance Configuration.................................................................................................5-1
5.1 Overview.........................................................................................................................................................5-2
5.1.1 Introduction to IP Performance..............................................................................................................5-2
5.1.2 IP Performance Supported by the S-switch............................................................................................5-2
5.2 Improving IP Performance..............................................................................................................................5-3
5.2.1 Establishing the Configuration Task......................................................................................................5-3
5.2.2 Verifying the Source IP Address............................................................................................................5-4
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

iii

Contents

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
5.2.3 Forwarding Broadcast Packets...............................................................................................................5-4
5.2.4 Configuring ICMP Attributes.................................................................................................................5-5
5.2.5 Configuring TCP Attributes...................................................................................................................5-5
5.2.6 Checking the Configuration...................................................................................................................5-6

5.3 Maintaining IP Performance.........................................................................................................................5-10


5.3.1 Clearing IP/TCP/UDP Statistics...........................................................................................................5-10
5.3.2 Monitoring Network Operation Status.................................................................................................5-11
5.3.3 Debugging IP/TCP/UDP......................................................................................................................5-12
5.4 Configuration Examples................................................................................................................................5-13
5.4.1 Example for Limiting Transmission of ICMP Host-Unreachable Packets..........................................5-13

6 DHCP Policy VLAN Configuration.......................................................................................6-1


6.1 Overview.........................................................................................................................................................6-2
6.1.1 Introduction............................................................................................................................................6-2
6.1.2 DHCP Policy VLAN Supported by the S-switch...................................................................................6-2
6.2 Configuring DHCP Policy VLAN Based on MAC Addresses.......................................................................6-2
6.2.1 Establishing the Configuration Task......................................................................................................6-2
6.2.2 Configuration Procedure........................................................................................................................6-3
6.2.3 Checking the Configuration...................................................................................................................6-4
6.3 Configuring the DHCP Policy VLAN Based on Interfaces............................................................................6-4
6.3.1 Establishing the Configuration Task......................................................................................................6-4
6.3.2 Configuration Procedure........................................................................................................................6-5
6.3.3 Checking the Configuration...................................................................................................................6-5
6.4 Configuring Generic DHCP Policy VLAN.....................................................................................................6-6
6.4.1 Establishing the Configuration Task......................................................................................................6-6
6.4.2 Configuration Procedure........................................................................................................................6-6
6.4.3 Checking the Configuration...................................................................................................................6-7
6.5 Maintaining DHCP Policy VLAN.................................................................................................................. 6-7
6.5.1 Monitoring the Running Status..............................................................................................................6-8
6.6 Configuration Examples..................................................................................................................................6-8
6.6.1 Example for Configuring DHCP Policy VLAN Based on MAC Addresses.........................................6-8
6.6.2 Example for Configuring DHCP Policy VLAN Based on Interfaces..................................................6-10

7 Basic IPv6 Configuration..........................................................................................................7-1


7.1 Introduction to IPv6........................................................................................................................................ 7-2
7.2 IPv6 Supported by the S-switch......................................................................................................................7-2
7.3 Configuring an IPv6 Address for an Interface................................................................................................ 7-3
7.3.1 Establishing the Configuration Task......................................................................................................7-4
7.3.2 Enabling IPv6 Packet Forwarding Capability........................................................................................7-4
7.3.3 Configuring an IPv6 Link-Local Address for an Interface.................................................................... 7-4
7.3.4 Configuring an IPv6 Global Unicast Address for an Interface..............................................................7-5
7.3.5 Checking the Configuration...................................................................................................................7-6
7.4 Configuring IPv6 Neighbor Discovery...........................................................................................................7-6
7.4.1 Establishing the Configuration Task......................................................................................................7-6
iv

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Contents

7.4.2 Configuring Static Neighbors.................................................................................................................7-7


7.4.3 Enabling RA Message Advertising........................................................................................................7-7
7.4.4 Setting the Interval for Advertising RA Messages.................................................................................7-8
7.4.5 Enabling Stateful Auto Configuration....................................................................................................7-8
7.4.6 Configuring the Address Prefixes to Be Advertised..............................................................................7-9
7.4.7 Configuring Other Information to Be Advertised..................................................................................7-9
7.4.8 Checking the Configuration.................................................................................................................7-11
7.5 Configuring PMTU.......................................................................................................................................7-11
7.5.1 Establishing the Configuration Task....................................................................................................7-11
7.5.2 Creating Static PMTU Entries..............................................................................................................7-12
7.5.3 Configuring PMTU Aging Time..........................................................................................................7-12
7.5.4 Checking the Configuration.................................................................................................................7-13
7.6 Configuring TCP6.........................................................................................................................................7-13
7.6.1 Establishing the Configuration Task....................................................................................................7-13
7.6.2 Configuring TCP6 Timers....................................................................................................................7-14
7.6.3 Configuring the Size of the TCP6 Sliding Window.............................................................................7-14
7.6.4 Checking the Configuration.................................................................................................................7-15
7.7 Maintaining IPv6...........................................................................................................................................7-16
7.7.1 Resetting IPv6......................................................................................................................................7-16
7.7.2 Monitoring Network Operation Status of IPv6....................................................................................7-17
7.7.3 Debugging IPv6....................................................................................................................................7-17
7.8 Configuration Examples................................................................................................................................7-18
7.8.1 Example for Configuring an IPv6 Address for an Interface................................................................7-18

8 IPv6 over IPv4 Tunnel Configuration....................................................................................8-1


8.1 Introduction to IPv6 over IPv4........................................................................................................................8-2
8.2 IPv6 over IPv4 Supported by the S-switch.....................................................................................................8-2
8.3 Configuring IPv4/IPv6 Dual Stacks................................................................................................................8-6
8.3.1 Establishing the Configuration Task......................................................................................................8-6
8.3.2 Enabling IPv6 Packet Forwarding..........................................................................................................8-7
8.3.3 Configuring IPv4 and IPv6 Addresses for the Interface........................................................................8-7
8.4 Configuring an IPv6 over IPv4 Tunnel...........................................................................................................8-8
8.4.1 Establishing the Configuration Task......................................................................................................8-9
8.4.2 Enabling the Service Loopback Function on an Eth-Trunk Interface....................................................8-9
8.4.3 Configuring an IPv6 over IPv4 Manual Tunnel...................................................................................8-10
8.4.4 Configuring a 6to4 Tunnel...................................................................................................................8-11
8.4.5 Configuring an ISATAP Tunnel..........................................................................................................8-12
8.4.6 Configuring Routes in the Tunnel........................................................................................................8-13
8.4.7 Checking the Configuration.................................................................................................................8-13
8.5 Configuration Examples................................................................................................................................8-14
8.5.1 Example for Configuring an IPv6 over IPv4 Manual Tunnel..............................................................8-14
8.5.2 Example for Configuring a 6to4 Tunnel..............................................................................................8-18

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Contents

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
8.5.3 Example for Configuring an ISATAP Tunnel.....................................................................................8-22

vi

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Figures

Figures
Figure 1-1 Configuring primary and secondary IP addresses for a VLANIF interface.......................................1-6
Figure 2-1 Networking diagram for configuring static ARP..............................................................................2-14
Figure 2-2 Networking diagram for configuring dynamic ARP........................................................................2-16
Figure 2-3 Networking diagram of configuring proxy ARP..............................................................................2-18
Figure 2-4 Networking diagram of proxy ARP in a VLAN...............................................................................2-20
Figure 2-5 Networking diagram of configuring proxy ARP between VLANs..................................................2-23
Figure 3-1 Networking diagram of DNS..............................................................................................................3-7
Figure 4-1 Networking diagram of the DHCP server and the client that are in the same network segment.....4-30
Figure 4-2 Networking diagram of the DHCP server based on the address pool on the VLANIF interface.....4-33
Figure 4-3 Networking diagram for configuring DHCP relay...........................................................................4-36
Figure 5-1 Networking diagram of configuring ICMP host unreachable packets.............................................5-13
Figure 6-1 Networking for configuring DHCP policy VLAN based on MAC addresses....................................6-8
Figure 6-2 Networking for configuring DHCP policy VLAN based on interfaces...........................................6-10
Figure 7-1 Networking diagram of configuring an IPv6 address for an interface.............................................7-18
Figure 8-1 Single stack and dual stack structures (Ethernet)...............................................................................8-2
Figure 8-2 Schematic diagram of IPv6 over IPv4 tunnel.....................................................................................8-3
Figure 8-3 6to4 tunnel and 6to4 relay..................................................................................................................8-4
Figure 8-4 ISATAP tunnel...................................................................................................................................8-6
Figure 8-5 Networking diagram of the IPv6 over IPv4 manual tunnel..............................................................8-15
Figure 8-6 Networking diagram of the 6to4 tunnel............................................................................................8-19
Figure 8-7 Networking diagram of the ISATAP tunnel.....................................................................................8-22

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

vii

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

About This Document

About This Document


Purpose
This document provides configuration procedures and examples for the IP Service features of
the S-switch.
This document covers the following topics:
l

Feature description

Data preparations

Pre-configuration tasks

Configuration procedures

Checking the configuration

Configuration examples

This document helps you grasp the configuration procedures and application scenarios of the IP
Service features of the S-switch.

Related Versions
The following table lists the product versions related to this document.
Product Name

Version

S5300

V100R003C00

Intended Audience
This document is intended for:
l

Commissioning engineers

Data configuration engineers

Network administrators

System maintenance engineers

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

About This Document

Organization
This document is organized as follows.
Chapter

Description

1 IP Addresses Configuration

This chapter describes the basics, methods


and examples for configuring IP Address.

2 ARP Configuration

This chapter describes the basics, methods


and examples for configuring ARP.

3 DNS Configuration

This chapter describes the basics, methods


and examples for configuring DNS.

4 DHCP Configuration

This chapter describes the basics, methods


and examples for configuring DHCP.

5 IP Performance Configuration

This chapter describes the basics, methods


and examples for configuring IP performance.

6 DHCP Policy VLAN Configuration

This chapter describes the basics, methods


and examples for configuring DHCP policy
VLAN.

7 Basic IPv6 Configuration

This chapter describes the basics, methods


and examples for configuring IPv6.

8 IPv6 over IPv4 Tunnel Configuration

This chapter describes the basics, methods


and examples for configuring IPv6 over IPv4
tunnel.

Conventions
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol

Description

DANGER

WARNING

CAUTION

Indicates a hazard with a high level of risk, which if


not avoided, will result in death or serious injury.
Indicates a hazard with a medium or low level of risk,
which if not avoided, could result in minor or
moderate injuries.
Indicates a potentially hazardous situation, which if
not avoided, could result in equipment damage, data
loss, performance degradation, or unexpected
results.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Symbol

About This Document

Description

TIP

Indicates a tip that may help you address a problem


or save your time.

NOTE

Provides additional information to emphasize or


supplement important points of the main text.

General Conventions
Convention

Description

Times New Roman

Normal paragraphs are in Times New Roman.

Boldface

Names of files, directories, folders, and users are in Boldface.


For example, log in as user Root.

Italic

Book titles are in Italics.

Courier New

Examples of information displayed on the screen are in Courier


New.

Command Conventions

Issue 04 (2010-01-25)

Convention

Description

Boldface

The keywords of a command line are in boldface.

Italic

Command arguments are in italics.

[]

Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... }

Alternative items are grouped in braces and separated by vertical


bars. One is selected.

[ x | y | ... ]

Optional alternative items are grouped in square brackets and


separated by vertical bars. One or none is selected.

{ x | y | ... } *

Optional items are grouped in braces and separated by vertical


bars. A minimum of one item or a maximum of all items can be
selected.

[ x | y | ... ] *

Optional alternative items are grouped in square brackets and


separated by vertical bars. Several or none is selected.

&<1-n>

The parameter before the & sign can be repeated 1 to n times.

A line starting with the # sign is comments.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

About This Document

GUI Conventions
Convention

Description

boldface

Buttons, menus, parameters, tabs, windows, and dialog titles are


in boldface. For example, click OK.

>

Multi-level menus are in boldface and separated by the ">" signs.


For example, choose File > Create > Folder.

Keyboard Operations
Convention

Description

Key

Press the key. For example, press Enter and press Tab.

Key 1+Key 2

Press the keys concurrently. For example, pressing Ctrl+Alt


+A means the three keys should be pressed concurrently.

Key 1, Key 2

Press the keys in turn. For example, pressing Alt, F means the
two keys should be pressed in turn.

Mouse Operations
Convention

Description

Click

Select and release the primary mouse button without moving the
pointer.

Double-click

Press the primary mouse button twice continuously and quickly


without moving the pointer.

Drag

Press and hold the primary mouse button and move the pointer
to a certain position.

Update History
Updates between document versions are cumulative. Therefore, the latest document version
contains all updates made to previous versions.

Updates in Issue 04 (2010-01-25)


Fourth commercial release. The document is updated as follows:
l

ACL Configuration and ACL6 Configuration are moved from Quidway S5300 Series
Ethernet Switches Configuration - IP Service to Quidway S5300 Series Ethernet
Switches Configuration - Security.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

About This Document

Updates in Issue 03 (2009-11-25)


Third commercial release. The document is updated as follows:
The following information is added:
l

ARP Configuration: 2.4 Configuring Proxy ARP in a VLAN

ARP Configuration: 2.7.4 Example for Configuring Proxy ARP in a VLAN

The following information is modified:


l

IP Performance Configuration: 5.2.4 Configuring ICMP Attributes

Updates in Issue 02 (2009-08-14)


Second commercial release. The document is updated as follows:
l

Bugs are fixed.

The manual version is updated.

Updates in Issue 01 (2009-06-30)


This is the first release.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

IP Addresses Configuration

About This Chapter


This chapter describes the fundamentals of IP address, including its classes, methods and
important characteristics. It also describes the steps for IP address configuration, along with
typical examples.
1.1 Overview
This section describes the principle and concepts of the IP address.
1.2 Configuring IP Addresses for VLAN interfaces
This section describes how to configure IP addresses for VLAN interfaces.
1.3 Maintaining
This section describes how to view configurations about IP addresses.
1.4 Configuration Examples
This section provides several configuration examples of IP addresses.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

1.1 Overview
This section describes the principle and concepts of the IP address.
1.1.1 Introduction to IP Addresses
1.1.2 Features of IP Addresses Supported by the S-switch

1.1.1 Introduction to IP Addresses


To communicate with each other in an IP network, each host in the network must be assigned
an IP address.
An IP address is a 32-bit number, composed of two parts, network ID and host ID.
The network ID identifies a network and the host ID identifies a host on the network. If the
network IDs of hosts are the same, it indicates that the hosts are in the same network regardless
of their physical location.

1.1.2 Features of IP Addresses Supported by the S-switch


The S-switch supports IP address configuration through the following methods:
l

Manually configuring an IP address for an interface

Get IP address by DHCP

1.2 Configuring IP Addresses for VLAN interfaces


This section describes how to configure IP addresses for VLAN interfaces.
1.2.1 Establishing the Configuration Task
1.2.2 Configuring a Primary IP Address for an VLAN Interface
1.2.3 (Optional) Configuring a Secondary IP Address for an VLANIF Interface
1.2.4 Checking the Configuration

1.2.1 Establishing the Configuration Task


Applicable Environment
To start the IP services on S-switch, configure the IP address on the VLANIF interface. You can
assign several IP addresses to each interface. Among them, one is the primary IP address and
the others are secondary IP addresses.

Pre-configuration Tasks
Before configuring an IP address for an VLANIF interface, complete the following tasks:
1-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

Configuring the physical parameters for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring the link layer parameters for the interface and ensuring that the status of the
link layer protocol on the interface is Up

Configuring the corresponding VLAN

Data Preparation
To configure IP addresses for an VLANIF interface, you need the following data.
No.

Data

VLANIF interface number

Primary IP address and subnet mask for the VLANIF interface

(Optional) Secondary IP address and subnet mask for the VLANIF interface

Subordinate IP addresses are required when an VLANIF interface needs multiple addresses.

1.2.2 Configuring a Primary IP Address for an VLAN Interface


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ip address ip-address { mask | mask-length }

Or
ip address dhcp-alloc

A primary IP address is configured.


An VLANIF interface has only one primary IP address. If the VLANIF interface already has a
primary IP address, the newly configured primary IP address replaces the original one.
----End
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

1.2.3 (Optional) Configuring a Secondary IP Address for an


VLANIF Interface
Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ip address ip-address { mask | mask-length } sub

A secondary IP address is configured.


----End

1.2.4 Checking the Configuration


Run the following commands to check the pervious configuration.
Action

Command

View the IP configuration on the


interface.

display ip interface[ brief ] [ interface-type interfacenumber ]

View interface information.

display interface[ interface-type [ interface-number ] ]


[ verbose ] [ | { begin| exclude | include } regularexpression ]

Run the display ip interface command. If the physical status and link protocol status of the
interface are Up, it means that the configuration succeeds.
<Quidway> display ip interface brief vlanif 1
*down: administratively down
(l): loopback
(s): spoofing
Interface
IP Address
Physical
Vlanif1
192.168.32.22
up

Protocol
up

Description
Huawei,Quidway

Run the display interface command. If information about the IP address and mask of the
interface is displayed, it means that the configuration succeeds. For example:
<Quidway> display interface vlanif 1
Vlanif1 current state : UP
Line protocol current state : UP

1-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

Description : Huawei, Quidway Series, Vlanif1 Interface, Route Port


The Maximum Transmit Unit is 1500 bytes
Internet Address is 192.168.32.22/16
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0010-8300-0026
Last 300 seconds input rate: 1 packets/sec
Last 300 seconds output rate: 1 packets/sec
Input:

60281 Packets, 21941 Unicasts


29097 Broadcasts, 9243 Multicasts

Output:

22637 Packets, 22637 Unicasts


0 Broadcasts, 0 Multicasts

1.3 Maintaining
This section describes how to view configurations about IP addresses.
1.3.1 Monitoring Network Operation Status

1.3.1 Monitoring Network Operation Status


To obtain configurations about IP addresses in routine maintenance, run the following
commands.
Action

Command

View configurations about the


IP address of the interface.

display ip interface[ brief ] [ interface-type interfacenumber ]

View information about the


interface.

display interface [ interface-type [ interface-number ] ]


[ verbose ] [ | { begin | exclude | include } regularexpression ]

1.4 Configuration Examples


This section provides several configuration examples of IP addresses.
1.4.1 Example for Configuring Primary and Secondary IP Addresses

1.4.1 Example for Configuring Primary and Secondary IP Addresses


Networking Requirements
As shown in Figure 1-1, GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 of the S-switch are
connected to two PCs and added to VLAN 1. The IP addresses of PC1 and PC2 are 172.16.1.1/24
and 172.16.2.1/24.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

Figure 1-1 Configuring primary and secondary IP addresses for a VLANIF interface

S-switch
GE 0/0/1

PC 1
172.16.1.1/24

GE 0/0/2

PC 2
172.16.2.1/24

Configuration Roadmap
The configuration roadmap is as follows:
1.

Analyze the network segment where the interface locates.

2.

Configure a primary IP address for the VLANIF interface and then configure a secondary
IP address for the interface.

Data Preparation
To complete the configuration, you need the following data:
l

Primary IP address and subnet mask of the VLANIF interface

Secondary IP address and subnet mask of the VLANIF interface

Configuration Procedure
If you assign only one IP address to the VLANIF interface on the S-switch, you can access
certain hosts through the S-switch. To access all the hosts in the network through the S-switch,
you need to assign a secondary IP address to the VLANIF interface.
1.

Add GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 of the S-switch to VLAN 1.

2.

Configure the device.


# Configure the primary and secondary IP addresses for VLANIF 1 of the device.
<Quidway> system-view
[Quidway] interface vlanif 1
[Quidway-Vlanif1] ip address 172.16.1.2 255.255.255.0
[Quidway-Vlanif1] ip address 172.16.2.2 255.255.255.0 sub

3.

Verify the configuration.


# Ping the host PC1 from the device. The ping succeeds.
[Quidway] ping 172.16.1.1
PING 172.16.1.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.1.1: bytes=56 Sequence=1 ttl=128 time=25
Reply from 172.16.1.1: bytes=56 Sequence=2 ttl=128 time=27
Reply from 172.16.1.1: bytes=56 Sequence=3 ttl=128 time=26
Reply from 172.16.1.1: bytes=56 Sequence=4 ttl=128 time=26
Reply from 172.16.1.1: bytes=56 Sequence=5 ttl=128 time=26

1-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

ms
ms
ms
ms
ms

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

1 IP Addresses Configuration

--- 172.16.1.1 ping statistics --5 packet(s) transmitted


5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 25/26/27 ms

# Ping the host PC2 from the device. The ping succeeds.
[Quidway] ping 172.16.2.1
PING 172.16.2.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.2.1: bytes=56 Sequence=1 ttl=128 time=25
Reply from 172.16.2.1: bytes=56 Sequence=2 ttl=128 time=26
Reply from 172.16.2.1: bytes=56 Sequence=3 ttl=128 time=26
Reply from 172.16.2.1: bytes=56 Sequence=4 ttl=128 time=26
Reply from 172.16.2.1: bytes=56 Sequence=5 ttl=128 time=26
--- 172.16.2.1 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 25/25/26 ms

ms
ms
ms
ms
ms

# The hosts PC1 and PC2 cannot ping each other.

Configuration Files
The configuration file of the device is as follows:
#
interface Vlanif1
ip address 172.16.1.2 255.255.255.0
ip address 172.16.2.2 255.255.255.0 sub
#

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

ARP Configuration

About This Chapter


This chapter describes the static and dynamic ARP, ARP proxy concepts and their configuration
steps, along with typical examples.
2.1 Overview
This section describes the basic principle and concepts of the Address Resolution Protocol
(ARP).
2.2 Configuring ARP
This section describes how to configure static ARP, and dynamic ARP.
2.3 Configuring Routed Proxy ARP
This section describes how to configure routed proxy ARP to make different sub-networks
communicate with each other.
2.4 Configuring Proxy ARP in a VLAN
This section describes how to configure proxy ARP in a VLAN to enable hosts that are isolated
at Layer 2 in a VLAN to communicate with each other.
2.5 Configuring Proxy ARP Between VLANs
This section describes how to implement communication between hosts in different VLANs.
2.6 Maintaining ARP
This section describes how to display ARP configurations, clear ARP statistics and debug ARP.
2.7 Configuration Examples
This section provides several configuration examples of ARP, proxy ARP in a VLAN, and proxy
ARP between VLANs.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

2.1 Overview
This section describes the basic principle and concepts of the Address Resolution Protocol
(ARP).
2.1.1 Introduction to ARP
2.1.2 Features of ARP Supported by the S-switch

2.1.1 Introduction to ARP


Each host or device in the Local Area Network (LAN) has a 32-bit IP address to communicate
with others. In an Ethernet, a host or a device transmits Ethernet frames based on 48-bit Medium
Access Control (MAC) addresses. A MAC address is also called physical address or hardware
address. It is assigned to an Ethernet interface when a device is produced. IP addresses are
independent of hardware addresses. Therefore, mappings between MAC addresses and IP
addresses must be created through a certain address resolution mechanism.
The Address Resolution Protocol (ARP) emerges. It provides a mapping between an IP address
and a MAC address.

2.1.2 Features of ARP Supported by the S-switch


ARP is classified into dynamic ARP and static ARP. The S-switch supports the dynamic ARP,
static ARP, and proxy ARP.

2.2 Configuring ARP


This section describes how to configure static ARP, and dynamic ARP.
2.2.1 Establishing the Configuration Task
2.2.2 Configuring Static ARP Entries
2.2.3 Optimizing Dynamic ARP
2.2.4 Checking the Configuration

2.2.1 Establishing the Configuration Task


Applicable Environment
Dynamic ARP is one of functions owned by a device or host. To enable this function, you modify
some parameters of dynamic ARP actions instead of running the related command.
Static ARP is used in the following situations:
l

2-2

The packets whose destination IP address is in another network segment traverse a gateway
of the segment so that the gateway can forward the packets to their destination.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

When users need to filter out some packets with illegal destination IP addresses, static ARP
can bind these illegal addresses to a nonexistent MAC address.

Pre-configuration Tasks
Before configuring ARP, complete the following tasks:
l

Configuring the physical parameters for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring the link layer parameters for the interface and ensuring that the status of the
link layer protocol on the interface is Up

Configuring the network layer parameters for the interface

Data Preparation
To configure ARP, you need the following data.
No.

Data

IP address and MAC address of the static ARP entry

ID of the VLANIF interface to which the dynamic ARP entry belongs

Aging detection times of the dynamic ARP entry

Aging time of the dynamic ARP entry

2.2.2 Configuring Static ARP Entries


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Perform the following as required to add static ARP entries:
l

To configure common static ARP entries, run the arp static ip-address mac-address
command.

To configure static ARP entries in a Virtual Local Area Network (VLAN), do as follows:

Issue 04 (2010-01-25)

Run the arp static ip-address mac-address vid vlan-id interface interface-type interfacenumber command.

Run the arp static ip-address mac-address [ vpn-instance vpn-instance-name ] vid vlanid command.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

2-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

This command is applied to the sub-interface that supports VLAN and can be bound to
the VPN.
l

To configure static ARP entries in a VPN instance, run the arp static ip-address macaddress vpn-instance vpn-instance-name command.
NOTE

Static ARP entries keep valid when a device works normally.

----End

2.2.3 Optimizing Dynamic ARP


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLAN interface view is displayed.


Step 3 Run:
arp detect-times detect-times

The aging detection times of the dynamic ARP entries are configured.
Step 4 Run:
arp expire-time expire-times

The timeout period for aging dynamic ARP entries is configured.


Step 5 Run:
quit

Back to the system view.


Step 6 Run:
arp-suppress enable

ARP suppression is enabled on the current device.


----End

2.2.4 Checking the Configuration


Run the following commands to check the pervious configuration.
2-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Action

Command

View information about


ARP mapping tables based
on interfaces.

display arp [ statistics ] interface vlanif vlan-id [ | { begin |


exclude | include } regular-expression ]

View statistics about ARP


entries.

display arp statistics

Run the display arp interface command. If all the ARP entries of the interface are displayed,
it means that the configuration succeeds. For example:
<Quidway> display arp interface vlanif 1
IP ADDRESS
MAC ADDRESS EXPIRE(M) TYPE INTERFACE
VPN-INSTANCE
VLAN
-----------------------------------------------------------------------------192.168.32.22
0010-8300-0026
I - Vlanif1
192.168.1.255
Incomplete
0
D-0 Vlanif1
192.168.29.1
000e-4540-04b7 5
DF0 GE0/0/1
1
192.168.29.3
e000-0af0-e492 7
DF0 GE0/0/1
1
192.168.29.7
e000-0af0-cb68 7
DF0 GE0/0/1
1
192.168.29.2
e000-0af0-e497 7
DF0 GE0/0/1
1
192.168.29.4
e000-0af0-e090 7
DF0 GE0/0/1
1
192.168.29.6
e000-0af0-cb67 7
DF0 GE0/0/1
1
192.168.1.239
0018-8236-f110 9
DF0 GE0/0/1
1
192.168.1.232
0200-000a-1d34 10
DF0 GE0/0/1
1
192.168.1.220
0018-8261-2507 11
DF0 GE0/0/1
1
192.168.31.99
0019-21df-dd7c 17
DF0 GE0/0/1
1
192.168.32.171 0019-e00a-a8fc 17
DF0 GE0/0/1
1
192.168.31.181 001e-9089-c65a 17
DF0 GE0/0/1
1
192.168.31.253 000d-88f7-5fee 19
DF0 GE0/0/1
1
192.168.29.126 e000-0af0-cbba 19
DF0 GE0/0/1
1
192.168.1.145
0200-0016-0319 19
DF0 GE0/0/1
1
192.168.3.169
0018-8261-652c 20
DF0 GE0/0/1
1
192.168.1.143
0200-0016-0331 20
DF0 GE0/0/1
1
192.168.225.2
4e74-6300-0422 20
DF0 GE0/0/1
1
192.168.32.108 0018-8241-e376 20
DF0 GE0/0/1
1
-----------------------------------------------------------------------------Total:21
Dynamic:20
Static:0
Interface:1

Run the display arp statistics command. If statistics about ARP entries are displayed, it means
that the configuration succeeds. For example:
<Quidway> display arp statistics
Total:27
Dynamic:20
Static:0

Issue 04 (2010-01-25)

Interface:7

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

2.3 Configuring Routed Proxy ARP


This section describes how to configure routed proxy ARP to make different sub-networks
communicate with each other.
2.3.1 Establishing the Configuration Task
2.3.2 Configuring an IP Addresses for the VLANIF Interface
2.3.3 Enabling Routed Proxy ARP Function
2.3.4 Checking the Configuration

2.3.1 Establishing the Configuration Task


Applicable Environment
When two hosts are located in different network segments without gateways configured, you
can use the arp-proxy enable command to enable routed proxy ARP on the S-switch connecting
these hosts. In this manner, IP addresses between these two hosts can be resolved through the
S-switch.

Pre-configuration Tasks
Before configuring routed proxy ARP, complete the following tasks:
l

Configuring the physical parameters for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring the link layer parameters for the interface and ensuring that the status of the
link layer protocol on the interface is Up

Data Preparation
To configure routed proxy ARP, you need the following data.
No.

Data

Number of the VLANIF interface enabled with routed proxy ARP

IP address of the VLANIF interface enabled with routed proxy ARP

2.3.2 Configuring an IP Addresses for the VLANIF Interface


Context
Do as follows on the S-switch:
2-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ip address ip-address { mask | mask-length }

The VLANIF interface is configured with an IP address.


----End

2.3.3 Enabling Routed Proxy ARP Function


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
arp-proxy enable

The routed proxy ARP function is enabled on the VLANIF interface.


----End

2.3.4 Checking the Configuration


Run the following commands to check the pervious configuration.

Issue 04 (2010-01-25)

Action

Command

Check if the Proxy ARP


function is enabled on
VLANIF interfaces

display this

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Run the display thiscommand. You can check if the Proxy ARP function is enabled on
interfaces. For example:
<Quidway> interface vlanif 1
[Quidway-Vlanif1] display this
#
interface Vlanif1
ip address 100.1.1.235 255.255.255.0
arp-proxy enable
#

2.4 Configuring Proxy ARP in a VLAN


This section describes how to configure proxy ARP in a VLAN to enable hosts that are isolated
at Layer 2 in a VLAN to communicate with each other.
2.4.1 Establishing the Configuration Task
2.4.2 Setting the IP Address of a VLANIF Interface
2.4.3 Enabling Proxy ARP in a VLAN
2.4.4 Checking the Configuration

2.4.1 Establishing the Configuration Task


Applicable Environment
Users in a VLAN are in the same broadcast domain; therefore, they must be isolated on Layer
2 to prevent broadcast storms. To enable these users to communicate with each other, you need
to enable proxy ARP in the VLAN.

Pre-configuration Tasks
Before configuring proxy ARP in a VLAN, complete the following tasks:
l

Connecting interfaces and setting the physical parameters of each interface to make the
physical layer in Up state

Configuring Layer-2 isolation of users in the VLAN

Data Preparation
To configure proxy ARP in a VLAN, you need the following data.
No.

Data

Number of the interface where proxy ARP in the VLAN is enabled

IP address of the interface where proxy ARP in the VLAN is enabled

2.4.2 Setting the IP Address of a VLANIF Interface


2-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


You can enable proxy ARP in a VLAN only on VLANIF interfaces of the S-switch.
Step 3 Run:
ip address ip-address { mask | mask-length }

The IP address of the interface is configured.


The IP address of the VLANIF interface must be on the same network segment as the LAN
connected to the VLANIF interface.
----End

2.4.3 Enabling Proxy ARP in a VLAN


Context
If proxy ARP in a VLAN is enabled on an interface of the S-switch, the interface does not directly
discard the ARP Request packet that is not destined for it. Instead, it searches the ARP mappings
table for the corresponding ARP entry. If the interface can function as the proxy, the interface
sends the MAC address of the S-switch to the sender of the ARP request.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
arp-proxy inner-sub-vlan-proxy enable

Proxy ARP in the VLAN is enabled.


----End

2.4.4 Checking the Configuration


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Procedure
l

Run the display this command in the VLANIF interface view to check whether proxy ARP
in a VLAN is enabled on the interface.

----End

Example
# Run the display this on a VLANIF interface to check whether proxy ARP in a VLAN is
enabled on the interface.
<Quidway> system-view
[Quidway] interface vlanif 10
[Quidway-Vlanif10] display this
#
interface Vlanif10
ip address 10.1.1.10 255.255.255.0
arp-proxy inner-sub-vlan-proxy enable
#
return

2.5 Configuring Proxy ARP Between VLANs


This section describes how to implement communication between hosts in different VLANs.
2.5.1 Establishing the Configuration Task
2.5.2 Configuring an IP Addresses for the VLANIF Interface
2.5.3 Enabling Proxy ARP Between VLANs
2.5.4 Checking the Configuration

2.5.1 Establishing the Configuration Task


Applicable Environment
If two users belong to different VLANs and they need to communicate, you need to enable proxy
ARP between VLANs on the sub-interface associated with the VLAN.
If vlan aggregation is configured on the device, the sub-VLANs in a super-VLAN cannot
communicate with each other. To solve this problem, enable proxy ARP between VLANs on
the VLANIF interface corresponding to the super-VLAN.
Implementing communication between VLANs through proxy ARP occupies fewer resources
than through configuring a VLANIF interface for each sub-VLAN.
IP addresses of hosts in a VLAN must be in the same network segment.

Pre-configuration Tasks
Before configuring proxy ARP between VLANs, complete the following tasks:
l

2-10

Configuring physical attributes for the interface and ensuring that the status of the physical
layer of the interface is Up
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
l

2 ARP Configuration

Configuring VLAN aggregation

Data Preparation
To configure proxy ARP between VLANs, you need the following data.
No.

Data

Number of the VLANIF interface to be enabled with proxy ARP between VLANs

IP address of the VLANIF interface to be enabled with proxy ARP between VLANs

VLAN ID associated with the VLANIF interface to be enabled with proxy ARP
between VLANs

2.5.2 Configuring an IP Addresses for the VLANIF Interface


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ip address ip-address { mask | mask-length }

The VLANIF interface is configured with an IP address.


The IP address configured for the VLANIF interface must be in the same network segment with
that of hosts in the VLAN associated with this interface.
----End

2.5.3 Enabling Proxy ARP Between VLANs


Context
Do as follows on the S-switch:
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-11

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
arp-proxy inter-sub-vlan-proxy enable

Proxy ARP between VLANs is enabled.


----End

2.5.4 Checking the Configuration


Run the following commands to check the pervious configuration.
Action

Command

Check if the Proxy ARP


Between VLANs is enabled
on VLANIF interfaces

display this

Run the display thiscommand. You can check if the Proxy ARP Between VLANs is enabled
on interfaces. For example:
<Quidway> interface vlanif 1
[Quidway-Vlanif1] display this
#
interface Vlanif1
ip address 100.1.1.235 255.255.255.0
arp-proxy inter-sub-vlan-proxy enable
#
return

2.6 Maintaining ARP


This section describes how to display ARP configurations, clear ARP statistics and debug ARP.
2.6.1 Clearing ARP Statistics
2.6.2 Monitoring Network Operation Status
2.6.3 Debugging ARP

2.6.1 Clearing ARP Statistics


2-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

CAUTION
The mapping between the IP and MAC addresses is deleted after you clear ARP statistics.
To clear the ARP statistics, run the following reset command in the user view.
Action

Command

Clear the ARP entries in the ARP


mapping table.

reset arp [ all | dynamic | interface vlanif vlan-id |


static ]

2.6.2 Monitoring Network Operation Status


To obtain configurations about ARP in routine maintenance, run the following command.
Action

Command

View information about the


ARP mapping table based
on interfaces.

display arp [ statistics ] interface vlanif vlan-id [ | { begin |


exclude | include } regular-expression ]

2.6.3 Debugging ARP

CAUTION
Debugging affects the performance of the system. So, after debugging, run the undo debugging
all command to disable it immediately.
When faults occur during ARP operation, run the following debugging command in the user
view to debug ARP and locate the fault.

Issue 04 (2010-01-25)

Action

Command

Enable ARP debugging.

debugging arp packet

Enable proxy ARP debugging.

debugging arp-proxy [ inner-sub-vlan-proxy |


inter-sub-vlan-proxy ] [ interface interface-type
interface-number ]

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-13

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

2.7 Configuration Examples


This section provides several configuration examples of ARP, proxy ARP in a VLAN, and proxy
ARP between VLANs.
2.7.1 Example for Configuring Static ARP
2.7.2 Example for Configuring Dynamic ARP
2.7.3 Example for Configuring Routed Proxy ARP
2.7.4 Example for Configuring Proxy ARP in a VLAN
2.7.5 Example for Configuring Proxy ARP Between VLANs

2.7.1 Example for Configuring Static ARP


Networking Requirements
As shown in Figure 2-1, the S-switch-A connected to the hosts also connects the S-switch-B
through Ethernet 0/0/1. It is required that a static ARP entry be added on Ethernet 0/0/1. The IP
address and MAC address of the S-switch-B are 10.2.2.3 and 00e0-fc01-0000 respectively;
Ethernet 0/0/1 belongs to VLAN 3.
Figure 2-1 Networking diagram for configuring static ARP

S-switch-B
Eth 0/0/1
S-switch-A

Configuration Roadmap
The configuration roadmap is as follows:

2-14

1.

Create a VLAN and add the interface in the VLAN.

2.

Create a static ARP entry.


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Data Preparation
To complete the configuration, you need the following data:
l

Ethernet 0/0/1 belonging to VLAN 3

IP address 10.2.2.3 and MAC address 00e0-fc01-0000 of the S-switch-B

Configuration Procedure
The procedure for configuring the S-switch-A is as follows:
1.

Create a VLAN and add the interface in the VLAN.


# Create VLAN 3.
<Quitway> system-view
[Quidway] sysname S-switch-A
[S-switch-A] vlan 3
[S-switch-A-vlan3] quit

# Add Ethernet 0/0/1 in VLAN 3.


[S-switch-A] interface ethernet 0/0/1
[S-switch-A-Ethernet0/0/1] port trunk allow-pass vlan 3
[S-switch-A-Ethernet0/0/1] quit

2.

Create a static ARP entry.


# Create VLANIF 3.
[S-switch-A] interface vlanif 3

# Assign an IP address to VLANIF 3.


[S-switch-A-Vlanif3] ip address 10.2.2.2 255.0.0.0
[S-switch-A-Vlanif3] quit

# Create a static ARP entry with IP address 10.2.2.3, MAC address 00e0-fc01-0000, VLAN
ID 3, and outbound interface Ethernet 0/0/1.
[S-switch-A] arp static 10.2.2.3 00e0-fc01-0000 vid 3 interface ethernet 0/0/1

3.

Verify the configuration.


# Run the display arp command to view the ARP mapping table.
<S-switch-A>display arp static
IP ADDRESS
MAC ADDRESS EXPIRE(M) TYPE INTERFACE
VPN-INSTANCE
VLAN
-----------------------------------------------------------------------------10.2.2.3
00e0-fc01-0000
S-Ethernet 0/0/1
3
-----------------------------------------------------------------------------Total:1
Dynamic:0
Static:1
Interface:0

Configuration Files
l

The following is the configuration file of the S-switch-A.

#
sysname S-switch-A
#
vlan batch 3
#
arp static 10.2.2.3 00e0-fc01-0000 vid 3 interface ethernet 0/0/1
#
interface Vlanif3
ip address 10.2.2.2 255.0.0.0
#
interface Ethernet0/0/1
port trunk allow-pass vlan 3

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-15

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration
#
return

2.7.2 Example for Configuring Dynamic ARP


Networking Requirements
As shown in Figure 2-2, a host logs in to the S-switch through Telnet. It is required that the
aging time of dynamic ARP entries be 60s and the S-switch delete the expired dynamic ARP
entries after detecting them twice.
Figure 2-2 Networking diagram for configuring dynamic ARP

10.2.2.2/8
Eth0/0/1
Host A
10.2.2.3/8

S-switch

Configuration Roadmap
The configuration roadmap is as follows:
1.

Create a VLAN.

2.

Create a VLANIF interface and assign an IP address to the VLANIF interface.

3.

Add the interface in the VLAN.

4.

Configure ARP attributes for the VLANIF interface.

Data Preparation
To complete the configuration, you need the following data:
l

VLAN ID: 10

IP address of the VLANIF interface: 10.2.2.2

Aging time of the dynamic ARP entries of VLANIF 10: 60s, and number of detections: 2

Configuration Procedure
1.

# Create a VLAN.
<Quidway> system-view
[Quidway] vlan 10
[Quidway-vlan10] quit

2.

# Create a VLANIF interface.


[Quidway] interface vlanif 10

3.

# Assign an IP address to the VLANIF interface.


[Quidway-Vlanif10] ip address 10.2.2.2 255.0.0.0
[Quidway-Vlanif10] quit

2-16

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4.

2 ARP Configuration

# Add the interface in the VLAN.


[Quidway] interface ethernet 0/0/1
[Quidway-Ethernet0/0/1] port default vlan 10

5.

# Configure ARP attributes for the VLANIF interface.


[Quidway] interface vlanif 10
[Quidway-Vlanif10] arp expire-time 60
[Quidway-Vlanif10] arp detect-times 2

6.

# Verify the configuration.


Host A telnets S-switch successfully through the VLANIF interface with IP address
10.2.2.2.
Run the display arp interface vlanif command. You can view the following information
about the ARP mapping table:
[Quidway] display arp interface vlanif 10
IP ADDRESS
MAC ADDRESS
EXPIRE(M) TYPE INTERFACE
VLAN
-----------------------------------------------------------------------------10.2.2.2
000b-0922-d8a3
I Vlanif10
10.2.2.3
0000-fc33-0011 20
D-0
Eth0/0/1
10
-----------------------------------------------------------------------------Total:2
Dynamic:1
Static:0
Interface:1

Configuration Files
Configuration file of S-switch
#
sysname Quidway
#
vlan batch 10
#
interface Vlanif10
ip address 10.2.2.2 255.0.0.0
arp expire-time 60
arp detect-times 2
#
interface Ethernet0/0/1
port default vlan 10
#
return

2.7.3 Example for Configuring Routed Proxy ARP


Networking Requirements
As shown in Figure 2-3, two S-switches are directly connected. One Ethernet interface on each
S-switch is connected to a LAN. Network numbers of the two LANs are 172.16.0.0/16. The
default gateway is not configured on PC 1 or PC 2. Routed proxy ARP must be configured on
the S-switch and hosts in the two LANs can access each other.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-17

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Figure 2-3 Networking diagram of configuring proxy ARP

PC1
172.16.1.2/16
0000-5e33-ee20

VLANIF1
172.16.1.1/24
00e0-fc39-80aa

PC2
172.16.2.2/16
0000-5e33-ee10
VLANIF2
172.17.3.1/16

VLANIF2
172.17.3.2/16

S-switch-A

VLANIF1
172.16.2.1/24
00e0-fc39-80bb

S-switch-B

Configuration Roadmap
The configuration roadmap is as follows:
1.

Configure IP addresses for VLANIF interfaces.

2.

Enable proxy ARP on VLANIF interfaces.

3.

Configure the default routes.

Data Preparation
To complete the configuration, you need the following data:
l

IP address for related interfaces

Default routes

IP address of the host

Configuration Procedure
1.

Configure S-switch-A.
# Configure an IP address for VLANIF1 and VLANIF2.
<Quidway> system-view
[Quidway] sysname S-switch-A
[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] ip address 172.16.1.1 255.255.255.0
[S-switch-A-Vlanif1] quit
[S-switch-A] interface vlanif 2
[S-switch-A-Vlanif2] ip address 172.17.3.1 255.255.0.0
[S-switch-A-Vlanif2] quit

# Enable proxy ARP on VLANIF1.


[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] arp-proxy enable
[S-switch-A-Vlanif1] quit

# Configure a static route.


[S-switch-A] ip route-static 0.0.0.0 0 172.17.3.2

2.

Configure S-switch-B.
# Configure an IP address for VLANIF1 and VLANIF2.
<Quidway> system-view

2-18

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

[Quidway] sysname S-switch-B


[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] ip address 172.16.2.1 255.255.255.0
[S-switch-B-Vlanif1] quit
[S-switch-B] interface vlanif 2
[S-switch-B-Vlanif2] ip address 172.17.3.2 255.255.0.0

# Enable routed proxy ARP on VLANIF1.


[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] arp-proxy enable
[S-switch-B-Vlanif1] quit

# Configure a static route.


[S-switch-B] ip route-static 0.0.0.0 0 172.17.3.1

3.

Configure the host.


Configure the IP address of PC1 to 172.16.1.2/16.
Configure the IP address of PC2 to 172.16.2.2/16.

4.

Verify the configuration.


# PC1 can ping through PC2.
# The ARP table of PC1 shows that the MAC address of PC2 is the MAC address of
VLANIF1 on S-switch-A.

Configuration Files
l

Configuration file of S-switch-A


#
sysname S-switch-A
#
interface Vlanif1
ip address 172.16.1.1 255.255.255.0
arp-proxy enable
#
interface Vlanif2
ip address 172.17.3.1 255.255.0.0
#
ip route-static 0.0.0.0 0 172.17.3.2
#
return

Configuration file of S-switch-B


#
sysname S-switch-B
#
interface Vlanif1
ip address 172.16.2.1 255.255.255.0
arp-proxy enable
#
interface Vlanif2
ip address 172.17.3.2 255.255.0.0
#
ip route-static 0.0.0.0 0 172.17.3.1
#
return

2.7.4 Example for Configuring Proxy ARP in a VLAN


Networking Requirements
As shown in Figure 2-4, GE 0/0/1 and GE 0/0/2 of the S-switch belong to sub-VLAN 2. VLAN
2 is a sub-VLAN of super-VLAN 3. The requirements are as follows:
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-19

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration
l

Host A and host B in VLAN 2 are isolated at Layer 2.

Host A and host B can communicate with each other at Layer 3 through proxy ARP in a
VLAN.

The IP address of the VLANIF interface corresponding to the super-VLAN is 10.10.10.1 and
the mask is 255.255.255.0.
Figure 2-4 Networking diagram of proxy ARP in a VLAN

Internet

S-switch
GE0/0/1

GE0/0/2

HostB
10.10.10.3/24
00-e0-fc-00-00-03

HostA
10.10.10.2/24
00-e0-fc-00-00-02
sub-VLAN2

Configuration Roadmap
The configuration roadmap is as follows:
1.

Create and configure the super-VLAN and sub-VLAN.

2.

Add GE 0/0/1 and GE 0/0/2 to the sub-VLAN.

3.

Create the VLANIF interface of the super-VLAN and assign an IP address to the VLANIF
interface.

4.

Enable proxy ARP in a VLAN on the VLANIF interface.

Data Preparation
To complete the configuration, you need the following data:

2-20

IDs of the super-VLAN and sub-VLAN: VLAN 3 and VLAN 2

VLAN that GE 0/0/1 and GE 0/0/2 belong to: VLAN 2

IP address and mask of the VLANIF interface corresponding to the super-VLAN:


10.10.10.1/255.255.255.0

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Procedure
Step 1 Create and configure the super-VLAN and sub-VLAN.
# Create sub-VLAN 2.
<Quidway> system-view
[Quidway] vlan 2
[Quidway-Vlan2] quit

# Enable port isolation on GE 0/0/1 and GE 0/0/2.


[Quidway] interface gigabitethernet 0/0/1
[Quidway-GigabitEthernet0/0/1] port-isolate enable
[Quidway-GigabitEthernet0/0/1] quit
[Quidway] interface gigabitethernet 0/0/2
[Quidway-GigabitEthernet0/0/2] port-isolate enable
[Quidway-GigabitEthernet0/0/2] quit

# Add GE 0/0/1 and GE 0/0/2 to sub-VLAN 2.


[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/1] port
[Quidway-GigabitEthernet0/0/1] port
[Quidway-GigabitEthernet0/0/1] quit
[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] quit

0/0/1
link-type access
default vlan 2
0/0/2
link-type access
default vlan 2

# Configure super-VLAN 3 and add sub-VLAN 2 to super-VLAN 3.


[Quidway] vlan 3
[Quidway-vlan3] aggregate-vlan
[Quidway-vlan3] access-vlan 2
[Quidway-vlan3] quit

Step 2 Create and configure the VLANIF interface VLANIF 3.


# Create VLANIF 3.
[Quidway] interface vlanif 3

# Assign an IP address to VLANIF 3.


[Quidway-Vlanif3] ip address 10.10.10.1 24

Step 3 Enable proxy ARP in a VLAN on VLANIF 3.


[Quidway-Vlanif3] arp-proxy inner-sub-vlan-proxy enable
[Quidway-Vlanif3] quit

Step 4 Verify the configuration


# Run the display current-configuration command to view the configuration of the superVLAN, sub-VLAN, and VLANIF interface. The output of the command is displayed in the
following configuration file.
# Run the display arp command to view all the ARP entries.
<Quidway> display arp
IP ADDRESS
MAC ADDRESS

EXPIRE(M) TYPE INTERFACE


VPN-INSTANCE
VLAN
-----------------------------------------------------------------------------10.10.10.1
0018-8245-6321
I - Vlanif3
10.10.10.2
00e0-fc00-0002 17
DF0 GE0/0/2
1
10.10.10.3
00e0-fc00-0003 17
DF0 GE0/0/1
1

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-21

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

-----------------------------------------------------------------------------Total:3
Dynamic:2
Static:0
Interface:1

----End

Configuration Files
Configuration file of the S-switch
#
sysname Quidway
#
vlan batch 2 to 3
#
vlan 3
aggregate-vlan
access-vlan 2
#
interface Vlanif3
ip address 10.10.10.1 255.255.255.0
arp-proxy inner-sub-vlan-proxy enable
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
port-isolate enable
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 2
port-isolate enable
#
return

2.7.5 Example for Configuring Proxy ARP Between VLANs


Networking Requirements
As shown in Figure 2-5, VLAN 2 and VLAN 3 compose a super-VLAN, VLAN 4.
The sub-VLANs, VLAN 2 and VLAN 3 cannot ping through each other.
To implement communication between VLAN 2 and VLAN 3, configure proxy ARP between
VLANs.

2-22

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration

Figure 2-5 Networking diagram of configuring proxy ARP between VLANs

S-switch

VLAN2

VLAN3

VLAN4

VLAN2

VLAN3

Configuration Roadmap
The configuration roadmap is as follows:
1.

Configure an IP address for the VLANIF4 interface.

2.

Enable proxy ARP between VLANs on the VLANIF4 interface.

Data Preparation
To complete the configuration, you need IP addresses of related interfaces.

Configuration Procedure
This example covers only the commands used to configure proxy ARP between VLANs.
1.

Configure an IP address for the VLANIF4 interface.


<Quidway> system-view
[Quidway] sysname S-switch
[S-switch] interface vlanif 4
[S-switch-Vlanif4] ip address 192.168.1.100 255.255.255.0
[S-switch-Vlanif4] quit

2.

Configure IP addresses for PCs.


# Configure IP addresses for PCs. The IP addresses must be in the same network segment
with the IP address of the VLANIF4 interface.
# After configurations, PCs and the device can ping through each other but PCs in VLAN
2 and PCs in VLAN 3 cannot ping through each other.

3.

Configure proxy ARP between VLANs.


[S-switch] interface vlanif 4
[S-switch-Vlanif4] arp-proxy inter-sub-vlan-proxy enable
[S-switch-Vlanif4] quit

4.
Issue 04 (2010-01-25)

Verify the configuration.


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

2-23

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2 ARP Configuration
l

PCs in VLAN 2 and PCs in VLAN 3 can ping through each other.

Check the ARP table on the PC.

# You can find that in the ARP table of any PC in VLAN 2, the MAC addresses of all PCs
in VLAN 3 are the MAC address of the VLANIF4 interface on S-switch.

Configuration Files
The configuration file of S-switch is as follows:
#
sysname S-switch
#
vlan batch 2 to 4
#
vlan 4
aggregate-vlan
access-vlan 2 to 3
#
interface Vlanif4
ip address 192.168.1.100 255.255.255.0
arp-proxy inter-sub-vlan-proxy enable
#
Return

2-24

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

DNS Configuration

About This Chapter


This chapter describes the static and dynamic DNS concepts and their configuration steps, along
with typical examples.
3.1 Overview
This section describes the basic principle and concepts of Domain Name System (DNS).
3.2 Configuring DNS
This section describes how to use the domain name to communicate with other devices.
3.3 Maintaining DNS
This section describes how to display the configuration of DNS, clear DNS entries and debug
DNS.
3.4 Configuration Examples
This section provides a configuration example of DNS.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

3.1 Overview
This section describes the basic principle and concepts of Domain Name System (DNS).
3.1.1 Introduction to DNS
3.1.2 DNS Supported by the S-switch

3.1.1 Introduction to DNS


The Domain Name System (DNS) is a host naming mechanism provided by TCP/IP, with which
hosts can be named in the form of character string. This system assumes a hierarchical naming
structure. It designates a meaningful name for the device in the Internet and associates the name
with the IP address through a domain name resolution server. In this manner, you can use domain
names that are easy to remember instead of memorizing complex IP addresses.

3.1.2 DNS Supported by the S-switch


DNS has two resolution modes: dynamic DNS resolution and static DNS resolution. To resolve
a domain name, the system first uses static DNS resolution. If this mode fails, the system uses
dynamic DNS resolution. To improve resolution efficiency, you can put common domain names
in a static domain name resolution table.
The S-switch supports static resolution and dynamic resolution.

3.2 Configuring DNS


This section describes how to use the domain name to communicate with other devices.
3.2.1 Establishing the Configuration Task
3.2.2 Configuring Static DNS Entries
3.2.3 Configuring Dynamic DNS
3.2.4 Checking the Configuration

3.2.1 Establishing the Configuration Task


Applicable Environment
If local users accessing devices need to communicate with other devices by using domain names,
you can configure DNS on the device.
If local users communicate with other devices hardly through the domain name or the DNS
server is unavailable, configure static DNS. Prior to configuring static DNS, you must know the
mapping between the domain name and the IP address. In case of a change in the mapping, you
must modify the DNS entry manually.
You can configure dynamic DNS on the device if local users frequently use domain names for
communicating with other devices and the DNS server is available.
3-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

Pre-configuration Tasks
Before configuring DNS, complete the following tasks:
l

Configuring physical attributes of the interface and ensuring that the physical layer status
of the interface is Up

Configuring parameters of the link layer protocol of the interface and ensuring that the link
layer protocol status of the interface is Up

Configuring routes between the local device and the DNS server

Configuring the DNS server

Data Preparation
To configure DNS, you need the following data.
No.

Data

Domain name and the corresponding IP address in a static DNS entry

IP address of a DNS server

Domain name or the domain name list of a dynamic DNS entry

3.2.2 Configuring Static DNS Entries


Context
You can configure a maximum of 50 static DNS entries.
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ip host host-name ip-address

The IP address corresponding to the host name is configured.


A host name corresponds to only one IP address. When you configure an IP address for a host
for several times, only the IP address configured at the latest is valid. To resolve several host
names, repeat Step 2.
----End

3.2.3 Configuring Dynamic DNS


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dns resolve

The function of dynamic domain name resolution is enabled.


Step 3 Run:
dns server ip-address

A DNS server is specified.


Step 4 Run:
dns domain domain-name

The suffix of the domain name is added.


----End

Postrequisite
The system supports the configuration of a maximum of 6 domain name servers, 1 source
address, and 10 domain name suffixes.
To configure more than one domain name server, repeat Step 3.
To configure more than one domain name suffix, repeat Step 4.

3.2.4 Checking the Configuration


Run the following commands to check the previous configuration.
Action

Command

Check information about the static DNS entry table.

display ip host

Check configurations about DNS servers.

display dns server

Check configurations about domain name suffixes.

display dns domain

Check information about dynamic DNS entries in the


domain name cache.

display dns dynamic-host

Run the display ip host command. If static DNS entries including the mappings between host
names and IP addresses, are displayed, it means that the configuration succeeds. For example:
<Quidway> display ip host

3-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
Host
hw
gww

Age
0
0

3 DNS Configuration
Flags
static
static

Address
10.1.1.1
192.168.1.1

Run the display dns server command. If IP addresses of all domain servers are displayed, it
means that the configuration succeeds. For example:
<Quidway> display dns server
IPv4 Dns Servers :
Domain-server
IpAddress
1
172.16.1.1
2
172.16.1.2

Run the display dns domain command. If the list of suffixes of domain names is displayed, it
means that the configuration succeeds. For example:
<Quidway> display dns domain
No
Domain-name
1
com
2
net

Run the display dns dynamic-host command. If information about the dynamic domain name
cache is displayed, it means that the configuration succeeds. For example:
<Quidway> display dns dynamic-host
No Domain-name
IpAddress
1
www.huawei.com
91.1.1.1
2
www.huawei.com.cn
87.1.1.1

TTL
3521
3000

Alias

3.3 Maintaining DNS


This section describes how to display the configuration of DNS, clear DNS entries and debug
DNS.
3.3.1 Clearing DNS Entries
3.3.2 Monitoring Network Operation Status
3.3.3 Debugging DNS

3.3.1 Clearing DNS Entries

CAUTION
DNS entries cannot be restored after being cleared. So, confirm the action before you use this
command.
To clear DNS entries, run the following reset command in the user view.

Issue 04 (2010-01-25)

Action

Command

Clear dynamic DNS entries in the domain name


cache.

reset dns dynamic-host

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

3.3.2 Monitoring Network Operation Status


In routine maintenance, to obtain configurations about DNS, run the following commands.
Action

Command

Check information about the static DNS entry


table.

display ip host

Check configurations about DNS servers.

display dns server

Check configurations about domain name suffixes.

display dns domain

Check information about dynamic DNS entries in


the domain name cache.

display dns dynamic-host

3.3.3 Debugging DNS

CAUTION
Debugging affects the performance of the system. So after debugging, run the undo debugging
all command to disable it immediately.
Run the following debugging command in the user view to debug DNS and locate the fault.
Action

Command

Enable dynamic DNS debugging.

debugging dns

3.4 Configuration Examples


This section provides a configuration example of DNS.
3.4.1 Example for Configuring DNS

3.4.1 Example for Configuring DNS


Networking Requirements
As shown in Figure 3-1, S-switch-A acts as a DNS client, being required to access the host
2.1.1.3/16 by using the domain name huawei.com. You need to configure domain name suffixes
"com" and "net".
On S-switch-A, configure static DNS entries of S-switch-B and S-switch-C so that S-switch-A
can communicate with them by using domain names.
3-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

Figure 3-1 Networking diagram of DNS


Loopback0
4.1.1.1/32
VLANIF1 S-switch-B
1.1.1.2/16

DNS Client
S-switch-A

VLANIF1
1.1.1.1/16

Loopback0
4.1.1.2/32

S-switch-C

VLANIF2
2.1.1.1/16

VLANIF1
3.1.1.1/16
VLANIF2
2.1.1.2/16

DNS Server
3.1.1.2/16

huawei.com
2.1.1.3/16

Configuration Roadmap
The configuration roadmap is as follows:
1.

Configure static DNS entries.

2.

Enable DNS resolution.

3.

Configure an IP address for the DNS server.

4.

Configure suffixes of domain names.

Data Preparation
To complete the configuration, you need the following data:
l

Domain names of S-switch-B and S-switch-C

IP address of the DNS server

Suffixes of domain names

Configuration Procedure
NOTE

Before performing configurations, suppose:

1.

S-switch-A and each host have been configured with IP addresses and other configurations.

The mapping between the domain name "huawei.com" and the IP address 2.1.1.3/16 is available on
the DNS server.

The DNS server works normally.

Configure S-switch-A.
# Configure static DNS entries.
<S-switch-A> system-view
[S-switch-A] ip host S-switch-B 4.1.1.1
[S-switch-A] ip host S-switch-C 4.1.1.2

# Enable DNS resolution.


[S-switch-A] dns resolve

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

# Configure an IP address for the DNS server.


[S-switch-A] dns server 3.1.1.2

# Configure a domain name suffix "net".


[S-switch-A] dns domain net

# Configure a domain name suffix "com".


[S-switch-A] dns domain com
NOTE

To complete DNS resolution, configuring routes from S-switch-A to the DNS server is mandatory.

2.

Verify the configuration.


# Run the ping huawei.com command on S-switch-A to ping the IP address 2.1.1.3. The
ping succeeds.
<S-switch-A> ping huawei.com
Trying DNS server (3.1.1.2)
PING huawei.com (2.1.1.3): 56 data bytes, press CTRL_C to break
Reply from 2.1.1.3: bytes=56 Sequence=1 ttl=126 time=6 ms
Reply from 2.1.1.3: bytes=56 Sequence=2 ttl=126 time=4 ms
Reply from 2.1.1.3: bytes=56 Sequence=3 ttl=126 time=4 ms
Reply from 2.1.1.3: bytes=56 Sequence=4 ttl=126 time=4 ms
Reply from 2.1.1.3: bytes=56 Sequence=5 ttl=126 time=4 ms
--- huawei.com ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/4/6 ms

# Run the display ip host command on S-switch-A to view static DNS entries, including
mappings between host names and IP addresses.
<S-switch-A> display ip host
Host
Age
S-switch-B
0
S-switch-C
0

Flags Address
static 4.1.1.1
static 4.1.1.2

# Run the display dns dynamic-host command on S-switch-A to view dynamic DNS
entries in the domain name cache.
<S-switch-A> display dns dynamic-host
No Domain-name
IpAddress
1
huawei.com
2.1.1.3

TTL
3579

Alias

NOTE

TTL value in the above display indicates the lifetime of an entry. It is in seconds.

Configuration Files
l

Configuration file of S-switch-A


#
sysname S-switch-A
#
ip host S-switch-B 4.1.1.1
ip host S-switch-C 4.1.1.2
#
dns resolve
dns server 3.1.1.2
dns domain net
dns domain com
#
interface Vlanif1
ip address 1.1.1.2 255.255.0.0
#
rip 1
network 1.0.0.0

3-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

3 DNS Configuration

#
return
l

Configuration file of S-switch-B


#
sysname S-switch-B
#
interface Vlanif1
ip address 1.1.1.1 255.255.0.0
#
interface Vlanif2
ip address 2.1.1.1 255.255.0.0
#
interface LoopBack0
ip address 4.1.1.1 255.255.255.255
#
rip 1
network 2.0.0.0
network 1.0.0.0
network 4.0.0.0
#
return

Configuration file of S-switch-C


#
sysname S-switch-C
#
interface Vlanif1
ip address 3.1.1.1 255.255.0.0
#
interface Vlanif2
ip address 2.1.1.2 255.255.0.0
#
interface LoopBack0
ip address 4.1.1.2 255.255.255.255
#
rip 1
network 2.0.0.0
network 3.0.0.0
network 4.0.0.0
#
return

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

DHCP Configuration

About This Chapter


This chapter describes the DHCP fundamentals including DHCP service, DHCP server, and
relay agent. It also includes configuration steps for DHCP Server based on different parameters,
DHCP relay agent, and security functions in DHCP service, along with typical examples.
4.1 Overview
This section describes the principle and concepts of the Dynamic Host Configuration Protocol
(DHCP).
4.2 Configuring the Global Address Pool-based DHCP Server
This section descries how to configure a DHCP server when hosts are connected with Sswitch through other devices.
4.3 Configuring VLANIF Interface Address Pool-based DHCP Server
This section describes how to configure a DHCP server that uses the address pool of the VLANIF
interface.
4.4 Configuring the Security Function for DHCP
This section describes how to enhance the security of the DHCP service.
4.5 Configuring DHCP Relay
This section describes how to enable DHCP relay so that DHCP relay can forward DHCP
requests from local clients to the DHCP server on other networks.
4.6 Maintaining DHCP
This section describes how to clear the statistics about DHCP and debug DHCP.
4.7 Configuration Examples
This section provides several configuration examples of the DHCP server and DHCP relay.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

4.1 Overview
This section describes the principle and concepts of the Dynamic Host Configuration Protocol
(DHCP).
4.1.1 Introduction to DHCP
4.1.2 DHCP Supported by the S-switch

4.1.1 Introduction to DHCP


With the rapid growth in network scale and complexity, network configuration becomes more
difficult. The location of hosts changes (such as laptops and wireless network) and the number
of hosts has exceeded that of the available IP addresses. The Dynamic Host Configuration
Protocol (DHCP) is developed to solve these problems.

4.1.2 DHCP Supported by the S-switch


The S-switch supports the following DHCP applications, ensures the security of DHCP services,
and provides the DHCP relay agent function.
l

Global address pool

Address pool on the VLAN logical interface

4.2 Configuring the Global Address Pool-based DHCP


Server
This section descries how to configure a DHCP server when hosts are connected with Sswitch through other devices.
4.2.1 Establishing the Configuration Task
4.2.2 Configuring the DHCP Global Address Pool
4.2.3 Configure Static IP Address Binding
4.2.4 Configuring DNS Services for the DHCP Client
4.2.5 Configuring NetBIOS Services for the DHCP Client
4.2.6 Configuring Egress Gateway for the DHCP Client
4.2.7 Configuring DHCP Self-Defined Options
4.2.8 Assigning IP Addresses in the Global Address Pool to the DHCP Clients on the Specified
Interface
4.2.9 Checking the Configuration

4.2.1 Establishing the Configuration Task


4-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Applicable Environment
To obtain IP addresses from the device dynamically, you need to configure a global address
pool-based DHCP server.
The global address pool-based DHCP server usually works together with the DHCP relay agent.

Pre-configuration Tasks
Before configuring the global address pool-based DHCP server, complete the following tasks:
l

Configuring the DNS server

Configuring the NetBIOS server

Configuring the routes to the DNS server and the NetBIOS server

Data Preparation
To configure the global address pool-based DHCP server, you need the following data.
No.

Data

Name and the address range of the address pool

Range of the IP addresses that cannot be dynamically assigned to hosts

IP addresses and the MAC addresses that need to be bound statically

Lease of the IP address

IP address of the DNS server and the domain name of the DHCP client

IP address of the NetBIOS server and the NetBIOS node type of the DHCP client

Coding of the DHCP self-defined options and the corresponding ASCII strings or
hexadecimal number or IP address

4.2.2 Configuring the DHCP Global Address Pool


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp enable

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

DHCP is enabled.
Step 3 Run:
dhcp server ip-pool pool-name

A DHCP address pool is created and the DHCP address pool view is displayed.
NOTE

Each DHCP server can be configured with a maximum of 128 global address pools.

Step 4 Run:
network ip-address [ mask { mask | mask-length } ]

The address pool range is configured.


Step 5 Run:
expired { day day [ hour hour [ minute minute ] ] | unlimited }

The lease of the IP addresses dynamically assigned to hosts is configured. By default, the IP
lease is one day.
NOTE

The DHCP server can specify the IP lease for each address pool. The IP lease may vary with address pools.
The addresses in the same DHCP address pool, however, have the same IP lease.

Step 6 Run:
quit

Back to the system view.


Step 7 Run:
dhcp server forbidden-ip low ip address [ high ip address ]

The range of IP addresses that cannot be dynamically assigned is configured.


NOTE

After repeatedly running the dhcp server forbidden-ip command, you can configure multiple IP address
segments that cannot be automatically assigned. When using the undo dhcp server forbidden-ip command
to delete the setting, ensure that the specified parameters are consistent with the previously configured
parameters. That is, you cannot delete only partial originally configured addresses.

----End

4.2.3 Configure Static IP Address Binding


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ip-pool pool-name

4-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

A DHCP address pool is created and the DHCP address pool view is displayed.
Step 3 Run:
static-bind ip-address ip-address [ mask { mask | mask-length } ]

Certain IP addresses are statically bound.


Step 4 Run:
static-bind mac-address mac-address

MAC addresses of certain clients are statically bound.


----End

Postrequisite
Based on the clients' needs, you can adopt either static address binding or dynamic address
assignation. However, you cannot configure the same DHCP address pool with these two modes
at the same time.
Dynamic address distribution needs specification of the address range for assignment, while
static address binding can be regarded as a special DHCP address pool with only one address.
Some clients may need fixed IP addresses that are bound with their MAC addresses. When the
client with a specific MAC address uses DHCP to apply for an IP address, the DHCP server
finds out the fixed IP address bound with the MAC address and assigns it to the client.
NOTE

The static-bind ip-address command must be used together with the static-bind mac-address command.
The new configuration supersedes the previous one when you use the two commands for several times.

4.2.4 Configuring DNS Services for the DHCP Client


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ip-pool pool-name

The DHCP address pool view is displayed.


Step 3 Run:
domain-name domain-name

The domain name of the DHCP client is configured.


Step 4 Run:
dns-list ip-address &<1-8>

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

The IP address of the DNS server of the DHCP client is configured.


----End

Postrequisite
On the DHCP server, designate a domain name for the client per address pool basis.
When a host accesses the Internet by using the domain name, the DNS server resolves the domain
name into an IP address. Therefore, to ensure that the client can successfully access the Internet,
the DHCP server also needs to specify the DNS server address for the client when it assigns IP
addresses.
To perform load balancing and improve the network reliability, you can configure several DNS
servers and egress gateways.

4.2.5 Configuring NetBIOS Services for the DHCP Client


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ip-pool pool-name

The DHCP address pool view is displayed.


Step 3 Run:
nbns-list ip-address &<1-8>

The IP address of the NetBIOS server of the DHCP client is configured.


Step 4 Run:
netbios-type { b-node | h-node | m-node | p-node }

The NetBIOS node type of the DHCP client is configured.


By default, the node type of the DHCP client is not specified.
----End

Postrequisite
For the client using the OS of Microsoft, Windows Internet Naming Service (WINS) server
provides resolution from the host name to the IP address. This is given to the host that uses
NetBIOS protocol for communication. Most of the Windows clients need to be configured with
WINS.
4-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

When a DHCP client communicates in a WAN by adopting the NetBIOS protocol, a mapping
between the host name and the IP address should be set up. The following lists the types of
NetBIOS nodes for obtaining mappings:
l

Type b nodes (b-node): "b" stands for broadcast; that is, type b nodes obtain the mapping
relation by means of broadcast.

Type p nodes (p-node): "p" stands for peer-to-peer, namely, type p nodes obtain the
mapping relation by means of communicating with NetBIOS servers.

Type m nodes (m-node): "m" stands for mixed. Type m nodes are the type p nodes owning
part of the broadcasting features.

Type h nodes (h-node): "h" stands for hybrid. Type h nodes are type b nodes owning the
"peer-to-peer" communicating mechanism.

4.2.6 Configuring Egress Gateway for the DHCP Client


Context
Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ip-pool pool-name

The DHCP address pool view is displayed.


Step 3 Run:
gateway-list ip-address &<1-8>

The egress gateway of the DHCP client is configured.


When a DHCP client wants to access a server (or host) that is not on the local network, an egress
gateway needs to be configured on the local network.
To perform load balancing and improve the network reliability, you can configure several DNS
servers and egress gateways.
----End

4.2.7 Configuring DHCP Self-Defined Options


Context
NOTE

Configuring DHCP self-defined options are optional. Services, such as DNS on the client, NETBIOS, and
IP lease cannot be configured through the option code command but through the commands early
mentioned.

Do as follows on the S-switch:


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ip-pool pool-name

The DHCP address pool view is displayed.


Step 3 Run:
option

code { ascii ascii-string | hex hex-string | ip-address ip-address }

The DHCP self-defined options are configured.


----End

Postrequisite
The Option field in DHCP packets carries the control information and parameters that are not
defined in some common protocols. If the DHCP server is configured with Option, the DHCP
client gets the configuration information saved in the Option filed of DHCP response packets.
You need to add the options to the attribute tables of the DHCP servers. For example,
l

To configure the IP address of a log server to 10.110.204.1, use the command option 7 ipaddress 10.110.204.1.

To configure the TTL of the client packet to 64, use the command option 23 hex 40.
NOTE

Using the option command, you can specify the options to be included in the DHCP response packets.
Before using the option command, you need to know the function of each option: Option 77 identifies user
types or applications of DHCP client. Based on User Class in the Option field, the DHCP server selects
the proper address pool and configuration parameters. Option 77 usually is configured on the client.

4.2.8 Assigning IP Addresses in the Global Address Pool to the


DHCP Clients on the Specified Interface
Context
Do as follows on the S-switch:

Procedure
l

Assigning IP addresses to the clients on the current VLANIF interface


1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif VLANIF interface-number

4-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

The VLNAIF interface view is displayed.


3.

Run:
ip address ip-address { mask | mask-length } [ sub ]

The VLNAIF interface is configured with an IP address.


4.

Run:
dhcp select global

The IP addresses in the global address pool are assigned.


l

Assigning IP addresses to the clients in VLANs


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp select global vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>

The IP addresses in the global address pool are assigned.


----End

4.2.9 Checking the Configuration


Run the following commands to check the previous configuration.
Action

Command

Check the available address information


in the DHCP address pool.

display dhcp server free-ip

Check the expired lease in the DHCP


address pool.

display dhcp server expired { all | ip ip-address


| pool [ pool-name ] | vlan vlan-id }

Check address binding information.

display dhcp server ip-in-use { all | ip ipaddress | pool [ pool-name ] | vlan vlan-id }

Check the statistics about the DHCP


server.

display dhcp server statistics

Check information about the treestructure of the DHCP address pool.

display dhcp server tree { all | pool [ poolname ] | vlan vlan-id }

Run the display dhcp server free-ip command. If there are unused IP addresses in the address
pool, it means that the configuration succeeds.
<Quidway> display dhcp server free-ip
IP Range from 5.5.5.1
to
IP Range from 202.38.160.1
to
IP Range from 202.38.160.4
to

5.5.5.254
202.38.160.1
202.38.160.126

Run the display dhcp server expired command. If information about the expired leases of IP
addresses in DHCP address pools is displayed, it means that the configuration succeeds.
<Quidway> display dhcp server expired all
Global pool:

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration
IP address
Hardware address
Interface pool:
IP address
Hardware address

Lease expiration

Type

Lease expiration

Type

Run the display dhcp server ip-in-use command. If the binding information of IP address, such
as the hardware address and the IP lease, is displayed, it means that the configuration succeeds.
<Quidway> display dhcp server ip-in-use all
Global pool:
IP address Hardware address
Lease expiration
Interface pool:
IP address Hardware address
Lease expiration
5.5.5.1
0050-ba28-930a Jul 5 2006 13: 00:10 PM

Type
Type
Auto:COMMITED

Run the display dhcp server statistics command. If statistics of the DHCP server, including
the number of DHCP address pools, the number of the automatic binding, the manual binding
and the expired binding and the number of DHCP packets is displayed, it means that the
configuration succeeds.
<Quidway> display dhcp server
Global Pool:
Pool Number:
5
Binding
Auto:
0
Manual:
1
Expire:
0
Interface Pool:
Pool Number:
Binding
Auto:
Manual:
Expire:
Boot Request:
Dhcp Discover:
Dhcp Request:
Dhcp Decline:
Dhcp Release:
Dhcp Inform:
Boot Reply:
Dhcp Offer:
Dhcp Ack:
Dhcp Nak:
Bad Messages:
HA Message:
BatchBackup send msg:
BatchBackup recv msg:
BatchBackup send lease:
BatchBackup recv lease:

statistics

1
1
0
0
6
1
4
0
1
0
4
1
3
0
0
0
0
0
0

Run the display dhcp server tree command. If the tree structure of the DHCP address pool,
including DNS, the IP lease and Option parameters, is displayed, it means that the configuration
succeeds.
<Quidway> display dhcp server tree all
Global pool:
Pool name: 5
network 10.10.1.0 255.255.255.0
Child node:6
Sibling node:7
option 1 ip-address 255.0.0.0
expired 1 0 0
option 58 hex 00 00 A8 C0
option 59 hex 00 00 00 3C
Pool name: 6
host 10.10.1.2 255.0.0.0
hardware-address 1111.2222.3333 gigabitethernet
Parent node:5
option 1 ip-address 255.255.0.0
expired 1 0 0

4-10

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

option 58 hex 00 00 A8 C0
option 59 hex 00 00 00 3C
Pool name: 7
network 10.10.1.64
PrevSibling node:5
Sibling node:8
option 1 ip-address 255.0.0.0
Pool name: 8
network 20.10.1.1
Child node:9
PrevSibling node:7
option 1 ip-address 255.0.0.0
gateway-list 2.2.2.2
nbns-list 3.3.3.3
netbios-type m-node
expired 2 0 0
option 58 hex 00 01 51 80
option 59 hex 00 00 00 3C
Pool name: 9
network 30.10.1.64
Parent node:8
option 1 ip-address 255.0.0.0
gateway-list 2.2.2.2
dns-list 1.1.1.1
domain-name 444444
nbns-list 3.3.3.3
netbios-type m-node
expired 2 0 0
option 58 hex 00 01 51 80
option 59 hex 00 00 00 3C

255.255.255.192

255.255.255.0

255.255.255.0

Interface pool:
Pool name: GigabitEthernet0/0/1
network 5.5.5.0 mask 255.255.255.0
option 1 ip-address 255.255.255.0
gateway-list 5.5.5.5
expired 1 0 0
option 58 hex 00 00 A8 C0
option 59 hex 00 00 00 3C

4.3 Configuring VLANIF Interface Address Pool-based


DHCP Server
This section describes how to configure a DHCP server that uses the address pool of the VLANIF
interface.
4.3.1 Establishing the Configuration Task
4.3.2 Enabling Address Pools on VLANIF Interfaces
4.3.3 Configuring the Address Pool on the VLANIF Interface
4.3.4 Configuring DNS on the Address Pool of the VLANIF Interface
4.3.5 Configuring NetBIOS on the Address Pool of the VLANIF Interface
4.3.6 Configuring DHCP Self-Defined Options for the Address Pool of the VLANIF Interface
4.3.7 Checking the Configuration

4.3.1 Establishing the Configuration Task


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-11

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Applicable Environment
The interface address pool on the VLANIF interface, is used for devices to support the switched
Ethernet interface. Because the switched Ethernet interface cannot be configured with IP
addresses directly, you need to create a VLANIF interface and then configure DHCP address
pools on the VLANIF interface.

Pre-configuration Tasks
Before configuring the VLANIF interface address pool-based DHCP server, complete the
following tasks:
l

Creating a VLANIF interface

Configuring the DNS server

Configuring the NetBIOS server

Configuring routes to the DNS server and the NetBIOS server

Data Preparation
To configure the VLANIF interface address pool-based DHCP server, you need the following
data.
No.

Data

Number, IP address and subnet mask of the VLANIF interface

IP addresses in the address pools of VLANIF interface and the MAC addresses to be
bound with the IP addresses

Lease of the IP address

IP address of the DNS server and the domain name of the DHCP client

IP address of the NetBIOS server and the NetBIOS node type of the DHCP client

Coding of the DHCP self-defined options and the corresponding ASCII strings or
hexadecimal number or IP address

4.3.2 Enabling Address Pools on VLANIF Interfaces


Context
Do as follows on the DHCP server:

Procedure
l

Enabling address pools in the VLANIF interface view


1.

Run:
system-view

The system view is displayed.


4-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

2.

4 DHCP Configuration

Run:
vlan vlan-id

A VLAN is created.
3.

Run:
quit

Back to the system view.


4.

Run:
interface vlanif vlan-id

The VLANIF interface is displayed.


5.

Run:
ip address ip-address { mask | mask-length }

The IP address of the VLANIF interface is configured.


6.

Run:
dhcp select interface

The address pool on the VLANIF interface is enabled.


l

Enabling address pools on one VLANIF interface or multiple VLANIF interfaces in the
system view
1.

Run:
system-view

The system view is displayed.


2.

Run:
vlan vlan-id

A VLAN is created.
3.

Run:
quit

Back to the system view.


4.

Run:
interface vlanif VLANIF interface number

The VLANIF interface is displayed.


5.

Run:
ip address ip-address { mask | mask-length }

The IP address of the VLANIF interface is configured.


6.

Run:
quit

Back to the system view.


7.

Run:
dhcp select interface vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>

The address pool on the specified VLANIF interface is enabled.


----End
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-13

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

4.3.3 Configuring the Address Pool on the VLANIF Interface


Context
Do as follows on the DHCP server:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp enable

DHCP is enabled.
Step 3 Run:
interface vlanif VLANIF interface number

The VLANIF interface view is displayed.


Step 4 Run:
dhcp select interface

The address pool on the interface is enabled.


Step 5 Run:
dhcp server static-bind ip-address ip-address mac-address mac-address

Certain IP addresses and MAC addresses are bound with the address pool.
Step 6 The following steps are optional, so perform them as required.
Run:
dhcp server expired { day day [ hour hour [ minute minute ] ] | unlimited }

The IP lease of the VLANIF interface is configured. By default, the IP lease is one day.
Or
Run:
quit

Return to the system view.


Run:
dhcp server expired { day day [ hour hour [ minute minute ] ] | unlimited } vlan
{ vlan-id1 [ to vlan-id2 ] } &<1-10>

The leases of the IP addresses of several VLANIF interfaces are configured. By default, the IP
lease is one day.
----End
4-14

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Postrequisite
The IP address and its mask of the VLANIF interface determine the range of the address pool
on the VLANIF interface. If you need to configure several address pools for VLANIF interfaces,
repeat Steps 3, 4, 5, and 6.

4.3.4 Configuring DNS on the Address Pool of the VLANIF


Interface
Context
Do as follows on the DHCP server:

Procedure
l

Configuring DNS on VLANIF interfaces


1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif VLANIF interface number

The VLAIF interface view is displayed.


3.

Run:
dhcp server domain-name domain-name

Domain names are configured for the clients of the VLANIF interface.
4.

Run:
dhcp server dns-list ip-address &<1-8>

The IP address of the DNS server is specified for the clients of the VLANIF interface.
l

Configuring DNS on one or multiple VLANIF interfaces


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp server domain-name domain-name vlan { vlan-id1 [ to vlan-id2 ] }
&<1-10>

The domain name of the DHCP client is configured.


3.

Run:
dhcp server dns-list ip-address &<1-8> vlan { vlan-id1 [ to vlan-id2 ] }
&<1-10>

The IP address of the DNS server is specified for the DHCP client.
----End

4.3.5 Configuring NetBIOS on the Address Pool of the VLANIF


Interface
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-15

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Context
Do as follows on the DHCP server:

Procedure
l

Configuring NetBIOS on VLANIF interfaces


1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif VLANIF interface number

The VLANIF interface view is displayed.


3.

Run:
dhcp server nbns-list ip-address &<1-8>

The IP address of the NetBIOS server is specified for the DHCP clients of the VLANIF
interface.
4.

Run:
dhcp server netbios-type { b-node | h-node | m-node | p-node }

The NetBIOS node type is specified for the DHCP clients of the VLANIF interface.
l

Configuring NetBIOS on one or multiple VLANIF interfaces


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp server nbns-list ip-address &<1-8> vlan { vlan-id1 [ to vlan-id2 ] }
&<1-10>

The IP address of the NetBIOS server is specified for the DHCP client.
3.

Run:
dhcp server netbios-type { b-node | h-node | m-node | p-node } vlan { vlanid1 [ to vlan-id2 ] } &<1-10>

The NetBIOS node type is specified for the DHCP client.


By default, the node type of the client is not specified.
----End

Postrequisite
Before using the NetBIOS service, make sure that
l

The NetBIOS server is configured correctly

There are routes between the device and the NetBIOS server.

For the client using the OS of Microsoft, WINS server provides the resolution from the host
name to the IP address for the host that uses the NetBIOS protocol to communicate. In this way,
most of the Windows network clients need to be configured with WINS.
4-16

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

When a DHCP client communicates on a WAN, by adopting NetBIOS protocol, a mapping


between the host name and the IP address should be set up. The types of NetBIOS nodes for
obtaining mappings are as follows:
l

Type b nodes (b-node): "b" stands for broadcast; that is, type b nodes obtain the mapping
relation by means of broadcast.

Type p nodes (p-node): "p" stands for peer-to-peer; that is, type p nodes obtain the mapping
relation by means of communicating with NetBIOS servers.

Type m nodes (m-node): "m" stands for mixed. Type m nodes are the type p nodes owning
part of the broadcasting features.

Type h nodes (h-node): "h" stands for hybrid. Type h nodes are type b nodes owning the
"peer-to-peer" communicating mechanism.

4.3.6 Configuring DHCP Self-Defined Options for the Address


Pool of the VLANIF Interface
Context
NOTE

Configuring DHCP self-defined options is optional. Services, such as DNS on the client, NETBIOS and
IP lease cannot be configured through the option code command but through the related command
described above.

Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server option code { ascii ascii-string | hex hex-string | ip-address ipaddress &<1-8> } { vlan { vlan-id1 [ to vlan-id2 ] } &<1-10> }

The DHCP self-defined options are configured.


The DHCP self-defined options are optional. You can configure it when needed.
----End

Postrequisite
The Option field in DHCP packets carries the control information and parameters that are not
defined in some common protocols. If the DHCP server is configured with Option, the DHCP
client gets the configuration information saved in Option filed of DHCP response packets.
You can add new options to the attribute list of the DHCP server by manual definition. For
example,
l

Issue 04 (2010-01-25)

To configure the IP address of the log server to 10.110.204.1, run the dhcp server option
7 ip-address 10.110.204.1 command.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

4-17

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration
l

To configure the TTL of the client packet to 64, run the dhcp server option 23 hex 40
command.
NOTE

Using the option code command, you can specify the options that need be included in the DHCP response
packets.
Before using the option code command, you need to know the function of each option: Option 77 applies
to identify user types or applications of DHCP client. Based on User Class in the Option field, the DHCP
server selects proper address pool and configuration parameters. Option 77 usually is configured by the
client.

4.3.7 Checking the Configuration


Run the following commands to check the previous configuration.
Action

Command

Check the expired lease in the DHCP address


pool of the specified VLANIF interface.

display dhcp server expired vlan vlan-id

Check information about the DHCP address


bound to the specified VLANIF interface.

display dhcp server ip-in-use vlan vlan-id

Check information about the tree-structure of


DHCP address pool on the VLANIF interface.

display dhcp server tree vlan vlan-id

Run the display dhcp server tree vlan command. If the tree structure information of DHCP
address pools on VLANIF interfaces, such as DNS, IP lease and Option parameters, is displayed,
it means that the configuration succeeds.
<Quidway> display dhcp server tree vlan 2
Interface pool:
Pool name: Vlanif2
network 50.1.1.0 mask 255.255.255.0
gateway-list 50.1.1.1
expired day 1 hour 0 minute 0

Run the display dhcp server ip-in-use vlan command. If the binding information of IP address
on VLANIF interfaces, such as the hardware address and the IP lease, is displayed, it means that
the configuration succeeds.
<Quidway> display dhcp server ip-in-use vlan 2
IP address
Hardware address
Lease expiration
50.1.1.12
0023-0034-0053
NOT Used

Type
Manual

Run the display dhcp server expired command. If the expired IP address in the address pool
on VLANIF interfaces is displayed, it means that the configuration succeeds.
<Quidway> display dhcp server expired vlan 2
IP address
Hardware address
Lease expiration

Type

4.4 Configuring the Security Function for DHCP


This section describes how to enhance the security of the DHCP service.
4.4.1 Establishing the Configuration Task
4-18

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

4.4.2 Starting the Detection of the Pseudo DHCP Server on a DHCP Server
4.4.3 Avoiding Repetitive IP Address Assignment
4.4.4 Saving DHCP Data
4.4.5 Recovering DHCP Data
4.4.6 Checking the Configuration

4.4.1 Establishing the Configuration Task


Applicable Environment
After configuring the DHCP server, you need to configure the security function of DHCP to
enhance the security.

Pre-configuration Tasks
Before configuring the security function of DHCP, complete the DHCP server configuration.

Data Preparation
To configure the security function of DHCP service, you need the following data.
No.

Data

Interval at which ping packets are sent and the number of ping packets

Interval for saving the DHCP data

4.4.2 Starting the Detection of the Pseudo DHCP Server on a DHCP


Server
Context
If a private DHCP server exists in the network, users cannot obtain correct IP addresses and thus
cannot log in to the network because this private DHCP server will interact with the DHCP client
during address application. Such a private DHCP server is called a pseudo DHCP server.
Do as follows on the DHCP server:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server detect

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-19

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Detecting the pseudo DHCP server is enabled on the DHCP server.


By default, this function is disabled.
----End

4.4.3 Avoiding Repetitive IP Address Assignment


Context
Do as follows on the DHCP server:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server ping timeout milliseconds

The time for waiting the response after the ping packets is sent by the DHCP server is configured.
Step 3 Run:
dhcp server ping packets number

The maximum number of ping packets sent by the DHCP server is configured.
By default, the maximum number of ping packets being sent is 2 and the longest waiting time
for ping response packets is 500 ms.
----End

Postrequisite
Before assigning addresses to a client, the DHCP server should detect the IP address to avoid
address collision.
Using the ping command, you can check if there is a ping response of the address to be assigned
within the specific time. If there is no response after a specific time, the DHCP server re-sends
ping packets to this address until it reaches the maximum number of ping packets allowed to be
sent. If there is still no response, it indicates that the IP address is not in use. In this way, it is
ensured that a unique IP address is assigned to the client.

4.4.4 Saving DHCP Data


Context
Do as follows on the DHCP server:

Procedure
Step 1 Run:
4-20

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

system-view

The system view is displayed.


Step 2 Run:
dhcp server database enable

Saving the DHCP data to the Flash is enabled.


Step 3 Run:
dhcp server database write-delay seconds

The time delay for saving the data is set.


By default, DHCP data cannot be saved to the Flash. If the function is enabled, the default interval
for saving the current DHCP data is 300 seconds, and the new data overwrites the previous data.
----End

Postrequisite
The DHCP data is saved with a fixed file name on the Flash. Normally, the IP leasing information
is saved in lease.txt file and the address collision information is saved in conflict.txt file. Back
up these two files to other directories because they are replaced regularly.

4.4.5 Recovering DHCP Data


Context
Do as follows on the DHCP server:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
dhcp server database recover

DHCP data is recovered after reboot.


----End

4.4.6 Checking the Configuration


Run the following commands to check the previous configuration.

Issue 04 (2010-01-25)

Action

Command

View the statistics of DHCP address


collisions.

display dhcp server conflict { all | ip ip-address }

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-21

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Action

Command

View the storage path and file


information of the DHCP database.

display dhcp server database

Run the display dhcp server conflict command. If the conflicted IP address and the time when
the conflict occurs are displayed, it means that the configuration succeeds.
<Quidway> display dhcp server conflict all
Address
Discover Time
10.110.1.2
Jan 11 2003 11:57: 7 PM

Run the display dhcp server database command. If the saved path of the DHCP data is
displayed, it means that the configuration succeeds.
<Quidway> display dhcp server database
Status: disable
Recover from files after reboot: disable
File saving lease items: flash:/dhcp/lease.txt
File saving conflict items: flash:/dhcp/conflict.txt
Save Interval: 300 (seconds)

4.5 Configuring DHCP Relay


This section describes how to enable DHCP relay so that DHCP relay can forward DHCP
requests from local clients to the DHCP server on other networks.
4.5.1 Establishing the Configuration Task
4.5.2 Enabling DHCP Relay
4.5.3 Assigning IP Addresses to the Client Through Relay
4.5.4 Requesting the DHCP Server to Release IP Addresses of the Client
4.5.5 Checking the Configuration

4.5.1 Establishing the Configuration Task


Applicable Environment
When there is no DHCP server configured on the local network, enable the DHCP relay function
on the device. Thus, the DHCP relay can forward the DHCP requests from local clients to the
DHCP server on the other network. That is, the interface connecting the DHCP server to the
DHCP relay must not be configured with any interface address pool.
NOTE

The relay between the server and the client cannot exceed four. Otherwise, the DHCP packet is discarded.

Pre-configuration Tasks
Before configuring the DHCP relay, complete the following tasks:
4-22

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
l

Configuring the DHCP server

Configuring the routes from the local device to the DHCP server

4 DHCP Configuration

Data Preparation
To configure the DHCP relay, you need the following data.
No.

Data

IP address of the DHCP server

Number of the VLAN to be enabled the DHCP relay function

IP address to be released and the corresponding MAC address

4.5.2 Enabling DHCP Relay


Context
Each interface can be configured with up to 20 IP relay addresses.
Do as follows on the S-switch acting as the DHCP relay:

Procedure
l

Enabling DHCP relay in the interface view


1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif vlan-id

The interface view is displayed.


3.

Run:
ip address ip-address { mask | mask-length }

The IP address of the interface is configured.


NOTE

This IP address must be in the same network segment with the IP addresses in the address pool
on the DHCP server.

4.

Run:
ip relay address ip-address

The relay IP address of the interface is added.


The relay IP address indicates the IP address of the DHCP server specified on the
DHCP relay device. After the DHCP relay is enabled on one interface, the DHCP
server is specified by the IP relay address. The DHCP broadcast packets received on
the interface are sent to the specified DHCP server.
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-23

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration
NOTE

If the VLANIF interface is configured with a secondary IP address, the secondary IP address
cannot be used as the gateway address. That is, if the ip relay address command is run on the
interface, the command takes effect only on the network segment where the primary IP address
of the interface resides.

Enabling DHCP Relay in the system view


1.

Run:
system-view

The system view is displayed.


2.

Run:
ip relay address ip-address vlan vlan-id

The IP relay address of the VLANIF interface is added.


----End

Postrequisite
Because the DHCP client may send broadcast packets during DHCP configuration, the interface
where IP relay is enabled should support the broadcast mode.

4.5.3 Assigning IP Addresses to the Client Through Relay


Context
Do as follows on the S-switch acting as the DHCP relay:

Procedure
l

Assigning IP addresses to the client of the current interface


1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif VLANIF interface number

The VLANIF interface view is displayed.


3.

Run:
dhcp select relay

IP addresses are assigned through DHCP relay.


l

Assigning IP addresses to the clients of the VLAN


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp select relay vlan { vlan-id1 [ to vlan-id2 ] }&<1-10>

IP addresses are assigned through DHCP relay.


----End
4-24

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

4.5.4 Requesting the DHCP Server to Release IP Addresses of the


Client
Context
Do as follows on the S-switch acting as the DHCP relay:

Procedure
l

Requesting all the DHCP servers to release an IP address


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp relay release client-ip-address mac-address

The DHCP servers are required to release the IP address.


l

Requesting the specified DHCP server to release an IP address


1.

Run:
system-view

The system view is displayed.


2.

Run:
dhcp relay release client-ip-address mac-address server-ip-address

The specified DHCP server is required to release the IP address.


l

Requesting the DHCP server connected with the interface to release an IP address
1.

Run:
system-view

The system view is displayed.


2.

Run:
interface vlanif VLANIF interface number

The VLANIF interface view is displayed.


3.

Run:
dhcp relay release client-ip-address mac-address [ server-ip-address ]

The DHCP server connected with the interface on the DHCP relay is required to
release the IP address.
----End

4.5.5 Checking the Configuration


Run the flowing commands to check the previous configuration.
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-25

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Action

Command

Check the related statistics about the


DHCP relay.

display dhcp relay statistics

Check the DHCP relay address of


the interface.

display dhcp relay address vlan vlan-id

Run the display dhcp relay address command. If there are available DHCP relay addresses and
related configuration information, it means that the configuration succeeds.
<Quidway> display dhcp relay address vlan 1
** Vlanif1 DHCP Relay Address **
Relay Address [0] :
3.3.3.3

Run the display dhcp relay statistics command. If statistics of DHCP relay, such as the number
of wrong DHCP packets and the number of various DHCP packet, is displayed, it means that
the configuration succeeds.
<Quidway> display dhcp relay statistics
Bad Packets received:
DHCP packets received from clients:
DHCP DISCOVER packets received:
DHCP REQUEST packets received:
DHCP INFORM packets received:
DHCP DECLINE packets received:
DHCP packets received from servers:
DHCP OFFER packets received:
DHCP ACK packets received:
DHCP NAK packets received:
DHCP packets sent to servers:
DHCP packets sent to clients:
Unicast packets sent to clients:
Broadcast packets sent to clients:

0
0
0
0
0
0
0
0
0
0
0
0
0
0

4.6 Maintaining DHCP


This section describes how to clear the statistics about DHCP and debug DHCP.
4.6.1 Resetting DHCP
4.6.2 Releasing Conflicting IP Addresses
4.6.3 Clearing DHCP Statistics
4.6.4 Monitoring Network Operation Status
4.6.5 Debugging DHCP

4.6.1 Resetting DHCP

CAUTION
Resetting DHCP binding through the reset dhcp command interrupts the operation of the DHCP
server.

4-26

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

To reset DHCP, run the following reset commands in the user view.
Action

Command

Reset information about the binding of the


specified IP address.

reset dhcp server ip-in-use ip ip-address

Reset information about the dynamic address


bindings of the global address pool.

reset dhcp server ip-in-use pool [ poolname ]

Reset information about dynamic IP address


bindings on the address pool of the VLANIF
interface.

reset dhcp server ip-in-use vlan vlan-id

Reset information about the dynamic address


bindings of all the address pools.

reset dhcp server ip-in-use all

4.6.2 Releasing Conflicting IP Addresses

CAUTION
After the conflicting IP addresses are released, they can be reallocated by the DHCP server.
To release the conflicting IP addresses, run the following reset commands in the user view.
Action

Command

Release the conflicting IP addresses in the


specified address pool.

reset dhcp server conflict ip ip-address

Release all conflicting IP addresses.

reset dhcp server conflict all

The DHCP server detects the conflicting IP addresses through the ping command while the
DHCP client detects the conflicting IP address through sending ARP packets.

4.6.3 Clearing DHCP Statistics

CAUTION
DHCP statistics cannot be restored after you clear it. So, confirm the action before you use the
command.
To clear the DHCP statistics, run the following reset commands.
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-27

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Action

Command

Reset the statistics about the DHCP


server.

reset dhcp server statistics

Reset the statistics about the DHCP relay.

reset dhcp relay statistics

4.6.4 Monitoring Network Operation Status


To obtain configuration about DHCP in routine maintenance, run the following commands.
Action

Command

View information about available IP


addresses in the DHCP address pool.

display dhcp server free-ip

View information about the IP


addresses with expired leases in the
DHCP address pool.

display dhcp server expired { all | ip ip-address |


pool [ pool-name ] | vlan vlan-id}

View information about address


bindings.

display dhcp server ip-in-use { all | ip ip-address |


pool [ pool-name ] | vlan vlan-id }

View statistics about the DHCP


server.

display dhcp server statistics

View information about the tree


structure of the DHCP address pool.

display dhcp server tree { all | pool [ pool-name ] |


vlan vlan-id }

View information about the conflict


addresses in the DHCP address pool.

display dhcp server conflict { all | ip ip-address }

View the path at which DHCP


database is saved and file information
about the database.

display dhcp server database

View configurations about the DHCP


relay address.

display dhcp relay address vlan vlan-id

4.6.5 Debugging DHCP

CAUTION
Debugging affects the performance of the system. So after debugging, run the undo debugging
allcommand to disable it immediately.
Run the following debug commands in the user view to debug DHCP and locate the fault.
4-28

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Action

Command

Enable DHCP server debugging .

debugging dhcp server { all | error | event | packet }

Enable DHCP relay debugging.

debugging dhcp relay { all | error | event | packet


[ client mac mac-address ] }

4.7 Configuration Examples


This section provides several configuration examples of the DHCP server and DHCP relay.
4.7.1 Example for Configuring the Global Address Pool-based DHCP Server
4.7.2 Example for Configuring the VLANIF Interface Address Pool-based DHCP Server
4.7.3 Example for Configuring DHCP Relay

4.7.1 Example for Configuring the Global Address Pool-based


DHCP Server
Networking Requirements
As shown in Figure 4-1, a DHCP server dynamically assigns the IP addresses to a client in the
same network segment. The address pool segment 10.1.1.0/24 is divided into two segments:
10.1.1.0/25 and 10.1.1.128/25. The IP addresses of the two VLANIF interfaces on the DHCP
server are 10.1.1.1/25 and 10.1.1.129/25.
The IP lease of the segment 10.1.1.0/25 is 10 days and 12 hours, with domain name as
huawei.com, DNS address as 10.1.1.2, egress device address as 10.1.1.126 and without the
NetBIOS address.
The IP lease of the segment 10.1.1.128/25 is 5 days, with domain name as huawei.com, DNS
address as 10.1.1.2, egress device address as 10.1.1.254, and NetBIOS address as 10.1.1.4.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-29

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Figure 4-1 Networking diagram of the DHCP server and the client that are in the same network
segment

NetBIOS
Server

DHCP
Client

DHCP
Client

VLANIF1
10.1.1.1/25

DHCP
Client

VLANIF2
10.1.1.129/25

DHCP
Server

DNS
Server

DHCP
Client

Network: 10.1.1.0/25

DHCP
Client

DHCP
Client

Network: 10.1.1.128/25

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enable DHCP.

2.

Configure the IP addresses that need not be assigned automatically, such as IP addresses
of the DNS server, the NetBIOS server and the egress gateway.

3.

Configure an address pool, including the address range and the domain name, and configure
the IP address of the DNS server.

4.

Configure related attributes for the address pool, such as the address range, the egress
gateway, the IP address of the NetBIOS server and the IP lease.
This example covers the configurations of three address pools. Address pool 0 is configured
with the common attribute of all client; address pool 1 and address pool 2 are configured
with different attributes of various clients.
In this example, you can configure only address pool 1 and address pool 2. They cannot
adopt configurations of the root address pool. You need to configure attributes for them
respectively.

Data Preparation
To complete the configuration, you need the following data:
l

IP address that need not be assigned automatically

Address pool number

Configuration Procedure
1.
4-30

Configure the DHCP server.


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

# Enable DHCP on the device.


<Quidway> system-view
[Quidway] sysname S-switch
[S-switch] dhcp enable

# Configure the IP addresses that do not participate in auto-allocation, including addresses


of the DNS server, the NetBIOS server and the egress gateway.
[S-switch]
[S-switch]
[S-switch]
[S-switch]

dhcp
dhcp
dhcp
dhcp

server
server
server
server

forbidden-ip
forbidden-ip
forbidden-ip
forbidden-ip

10.1.1.2
10.1.1.4
10.1.1.126
10.1.1.254

# Configure general attributes of DHCP address pool 0, including the address pool range,
domain name and the IP address of the DNS server.
[S-switch] dhcp server ip-pool 0
[S-switch-dhcp-0] network 10.1.1.0 mask 255.255.255.0
[S-switch-dhcp-0] domain-name huawei.com
[S-switch-dhcp-0] dns-list 10.1.1.2
[S-switch-dhcp-0] quit

# Configure attributes of DHCP address pool 1, including the address pool range, egress
gateway and the IP lease.
[S-switch] dhcp server ip-pool 1
[S-switch-dhcp-1] network 10.1.1.0 mask 255.255.255.128
[S-switch-dhcp-1] expired day 10 hour 12
[S-switch-dhcp-1] gateway-list 10.1.1.126
[S-switch-dhcp-1] quit

# Configure attributes of DHCP address pool 2, including the address pool range, egress
gateway, the IP address of the NetBIOS server and the IP lease.
[S-switch] dhcp server ip-pool 2
[S-switch-dhcp-2] network 10.1.1.128 mask 255.255.255.128
[S-switch-dhcp-2] expired day 5
[S-switch-dhcp-2] nbns-list 10.1.1.4
[S-switch-dhcp-2] gateway-list 10.1.1.254
[S-switch-dhcp-2] quit

# Configure the clients of the VLANIF1 to obtain their IP addresses from the global address
pool.
[S-switch] interface vlanif 1
[S-switch-Vlanif1] ip address 10.1.1.1 255.255.255.128
[S-switch-Vlanif1] dhcp select global
[S-switch-Vlanif1] quit

# Configure the clients of the VLANIF2 to obtain their IP addresses from the global address
pool.
[S-switch] interface vlanif 2
[S-switch-Vlanif2] ip address 10.1.1.129 255.255.255.128
[S-switch-Vlanif2] dhcp select global
[S-switch-Vlanif2] quit

2.

Verify the configuration.


After the configuration, run the display dhcp server tree command on the DHCP server.
If the tree structure information of DHCP address pools, including DNS, IP lease, and
Option parameters, is displayed, it means that the configuration succeeds.
[S-switch] display dhcp server tree all
Global pool:
Pool name: 0
Child node:1
network 10.1.1.0 mask 255.255.255.0
dns-list 10.1.1.2
domain-name huawei.com
expired day 1 hour 0 minute 0
Pool name: 1
Parent node:0

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-31

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration
Sibling node:2
network 10.1.1.0 mask 255.255.255.128
gateway-list 10.1.1.126
dns-list 10.1.1.2
domain-name huawei.com
expired day 10 hour 12 minute 0
Pool name: 2
Parent node:0
PrevSibling node:1
network 10.1.1.128 mask 255.255.255.128
gateway-list 10.1.1.254
dns-list 10.1.1.2
domain-name huawei.com
nbns-list 10.1.1.4
expired day 5 hour 0 minute 0

Configuration File
The configuration file of S-switch is as follows:
#
sysname S-switch
#
dhcp server ip-pool 0
network 10.1.1.0 mask 255.255.255.0
dns-list 10.1.1.2
domain-name huawei.com
#
dhcp server ip-pool 1
network 10.1.1.0 mask 255.255.255.128
gateway-list 10.1.1.126
expired day 10 hour 12
#
dhcp server ip-pool 2
network 10.1.1.128 mask 255.255.255.128
gateway-list 10.1.1.254
nbns-list 10.1.1.4
expired day 5
#
interface Vlanif1
ip address 10.1.1.1 255.255.255.128
#
interface Vlanif2
ip address 10.1.1.129 255.255.255.128
#
dhcp server forbidden-ip 10.1.1.2
dhcp server forbidden-ip 10.1.1.4
dhcp server forbidden-ip 10.1.1.126
dhcp server forbidden-ip 10.1.1.254
#
dhcp enable
#
return
NOTE

By default, IP addresses in the global address pool are assigned. So, the configuration file does not contain
the dhcp select global command.

4.7.2 Example for Configuring the VLANIF Interface Address Poolbased DHCP Server
Networking Requirements
Figure 4-2 shows the diagram of applying the VLANIF-interface-based address pool to the
device that supports switched Ethernet interfaces. The Ethernet interface cannot be configured
4-32

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

with an IP address, so you need to create a VLANIF interface and configure a DHCP address
pool on it to assign IP addresses.
Figure 4-2 Networking diagram of the DHCP server based on the address pool on the VLANIF
interface

NetBIOS Server
10.1.1.3/24

DHCP
Client

DNS Server
10.1.1.2/24

VLANIF10 GE0/0/1
10.1.1.1/24
DHCP
Server
VLANIF11 GE0/0/2
10.1.2.1/24

DHCP
Client

DHCP
Client

DHCP
Client

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enable DHCP.

2.

Configure the IP addresses that need not be assigned automatically, such as IP addresses
of the DNS server, IP addresses of the NetBIOS server.

3.

Create VLANIF interfaces and configure IP addresses for them.

4.

Enable the address pool that is based on the VLANIF interface.

5.

Configure related attributes for the address pool, such as the domain name, IP addresses of
the NetBIOS server and the DNS server, and the IP lease.

Data Preparation
To complete the configuration, you need the following data:
l

IP address that need not be assigned automatically

Address pool number

Configuration Procedure
1.

Configure the DHCP server.


# Enable DHCP on the device.
<Quidway> system-view

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-33

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration
[Quidway] sysname S-switch
[S-switch] dhcp enable

# Configure the IP addresses that do not participate in auto-allocation, including IP


addresses of the DNS server and NetBIOS server.
[S-switch] dhcp server forbidden-ip 10.1.1.2
[S-switch] dhcp server forbidden-ip 10.1.1.3

# Create a VLAN.
[S-switch] vlan 10
[S-switch-vlan10] quit
[S-switch] vlan 11
[S-switch-vlan11] quit

# Configure attributes for the switched Ethernet interface and join the interface to a VLAN.
[S-switch] interface gigabitethernet
[S-switch-GigabitEthernet0/0/1] port
[S-switch-GigabitEthernet0/0/1] quit
[S-switch] interface gigabitethernet
[S-switch-GigabitEthernet0/0/2] port
[S-switch-GigabitEthernet0/0/2] quit

0/0/1
default vlan 10
0/0/2
default vlan 11

# Create a VLANIF interface and configure an IP address for the VLANIF interface.
[S-switch] interface vlanif 10
[S-switch-Vlanif10] ip address 10.1.1.1 24
[S-switch-Vlanif10] quit
[S-switch] interface vlanif 11
[S-switch-Vlanif11] ip address 10.1.2.1 24
[S-switch-Vlanif11] quit

# Enable the address pool on the VLANIF interface.


[S-switch] dhcp select interface vlan 10 to 11

# Configure the domain name of the address pool and IP addresses of the DNS server and
the NetBIOS server.
[S-switch]
[S-switch]
[S-switch]
[S-switch]

dhcp
dhcp
dhcp
dhcp

server
server
server
server

domain-name huawei.com vlan 10 to 11


dns-list 10.1.1.2 vlan 10 to 11
nbns-list 10.1.1.3 vlan 10 to 11
netbios-type b-node vlan 10 to 11

# Configure the IP lease.


[S-switch] dhcp server expired day 10 hour 12 vlan 10 to 11

2.

Verify the configuration.


After the configuration, run the display dhcp server tree command on the DHCP server.
If the tree structure information of DHCP address pools, including DNS, IP lease, and
Option parameters, is displayed, it means that the configuration succeeds.
[S-switch] display dhcp server tree all
Interface pool:
Pool name: Vlanif10
network 10.1.1.0 mask 255.255.255.0
gateway-list 10.1.1.1
dns-list 10.1.1.2
domain-name huawei.com
nbns-list 10.1.1.3
netbios-type b-node
expired day 10 hour 12 minute 0
Pool name: Vlanif11
network 10.1.2.0 mask 255.255.255.0
gateway-list 10.1.2.1
dns-list 10.1.1.2
domain-name huawei.com
nbns-list 10.1.1.3
netbios-type b-node
expired day 10 hour 12 minute 0

4-34

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Configuration Files
The configuration file of S-switch is as follows:
#
sysname S-switch
#
vlan batch 10 to 11
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
dhcp select interface
dhcp server dns-list 10.1.1.2
dhcp server domain-name huawei.com
dhcp server nbns-list 10.1.1.3
dhcp server netbios-type b-node
dhcp server expired day 10 hour 12
#
interface Vlanif11
ip address 10.1.2.1 255.255.255.0
dhcp select interface
dhcp server dns-list 10.1.1.2
dhcp server domain-name huawei.com
dhcp server nbns-list 10.1.1.3
dhcp server netbios-type b-node
dhcp server expired day 10 hour 12
#
interface gigabitEthernet0/0/1
port default vlan 10
#
interface gigabitEthernet0/0/2
port default vlan 11
#
dhcp server forbidden-ip 10.1.1.2
dhcp server forbidden-ip 10.1.1.3
#
dhcp enable
#
return

4.7.3 Example for Configuring DHCP Relay


Networking Requirements
As shown in Figure 4-3, the DHCP client is in the network segment 10.100.0.0/16, while the
DHCP server is in the network segment 202.40.0.0/16. A DHCP relay device is needed to relay
DHCP packets so that the DHCP client obtains the IP addresses from the DHCP server.
The DHCP server is assigned with an address pool in the network segment 10.100.0.0/16. The
IP address of the DNS server is 10.100.1.2/16, the IP address of the NetBIOS server is
10.100.1.3/16, and the IP address of the egress gateway is 10.100.1.4. On the DHCP server, the
routing table must contain at least one reachable a route to the network segment 10.110.0.0.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-35

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Figure 4-3 Networking diagram for configuring DHCP relay

DNS Server
NetBIOS Server
10.100.1.2/16 10.100.1.3/16

DHCP Relay

VLANIF1
10.100.1.1/16

VLANIF2
202.40.1.1/16

DHCP
Client

DHCP Server
Router

GE0/0/1
202.40.1.2/16

DHCP
Client

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enable DHCP on S-switchthat acts as the DHCP relay.

2.

Configure the IP address for interface VLANIF2.

3.

Configure the IP relay address for VLANIF1 and enable DHCP relay on VLANIF1.

4.

Configure a route from the DHCP server to the network segment 10.100.0.0/16.

5.

Enable DHCP on the Router.

6.

Configure the clients attached to GE 0/0/1 to obtain IP addresses through the global address
pool.

7.

Configure a global address pool on the Router.

Data Preparation
To complement the configuration, you need the following data:
l

IP address of the interface that need to be enabled with DHCP relay

IP address of the DHCP server

Configuration Procedure
1.

Configure the DHCP relay.


# Enable DHCP on the device.
<Quidway> system-view
[Quidway] sysname S-switch
[S-switch] dhcp enable

# Configure an IP address for VLANIF2.


[S-switch] interface vlanif 2
[S-switch-Vlanif2] ip address 202.40.1.1 255.255.0.0
[S-switch-Vlanif2] quit

4-36

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

# Enter the view of the interface that needs to be enabled with DHCP relay. Configure the
IP address and mask of the interface, which should be in the same network segment with
that of the DHCP client.
[S-switch] interface vlanif 1
[S-switch-Vlanif1] ip address 10.100.1.1 255.255.0.0
[S-switch-Vlanif1] ip relay address 202.40.1.2
[S-switch-Vlanif1] dhcp select relay
[S-switch-Vlanif1] quit

2.

Configure the DHCP server.


# On the Router, configure routes to VLANIF1 that connects S-switchand its client.
<Quidway> system-view
[Quidway] sysname Router
[Router] ip route-static 10.100.0.0 255.255.0.0 202.40.1.1

# Enable DHCP.
[Router] dhcp enable

# Configure the clients of GE 0/0/1 to obtain the IP addresses from the global address pool.
[Router] interface GigabitEthernet 0/0/1
[Router-GigabitEthernet 0/0/1] ip address 202.40.1.2 255.255.0.0
[Router-GigabitEthernet 0/0/1] dhcp select global
[Router-GigabitEthernet 0/0/1] quit

# Configure the IP addresses that do not participate in auto-allocation, including IP


addresses of the DNS server, the NetBIOS server and the egress gateway.
[Router] dhcp server forbidden-ip 10.100.1.2
[Router] dhcp server forbidden-ip 10.100.1.3
[Router] dhcp server forbidden-ip 10.100.1.4

# Configure attributes of DHCP address pool 1, including the address pool range, domain
name, egress gateway, the IP address of the DNS server and IP lease.
[Router] dhcp server ip-pool 1
[Router-dhcp-1] network 10.100.0.0 mask 255.255.0.0
[Router-dhcp-1] domain-name huawei.com
[Router-dhcp-1] dns-list 10.100.1.2
[Router-dhcp-1] nbns-list 10.100.1.3
[Router-dhcp-1] gateway-list 10.100.1.4
[Router-dhcp-1] expired day 10 hour 12
[Router-dhcp-1] quit

3.

Verify the configuration.


Run the display dhcp server tree command on the DHCP server. If the tree structure
information of DHCP address pools, including DNS, IP lease, and Option parameters, is
displayed, it means that the configuration succeeds.
[Router] display dhcp server tree all
Global pool:
Pool name: 1
network 10.100.0.0 mask 255.255.0.0
gateway-list 10.100.1.4
dns-list 10.100.1.2
domain-name huawei.com
nbns-list 10.100.1.3
expired day 10 hour 12 minute 0

Run the display dhcp relay address vlan 1 command on the DHCP relay device to view
configurations of the relay IP address.
[S-switch] display dhcp relay address vlan 1
** Vlanif1
DHCP Relay Address
Relay Address [0] :
202.40.1.2

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

**

4-37

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

4 DHCP Configuration

Configuration Files
l

Configuration file of S-switch


#
sysname S-switch
#
interface Vlanif1
ip address 10.100.1.1 255.255.0.0
ip relay address 202.40.1.2
dhcp select relay
#
interface Vlanif2
ip address 202.40.1.1 255.255.0.0
#
return

Configuration file of the Router


#
sysname Router
#
dhcp server ip-pool 1
network 10.100.0.0 mask 255.255.0.0
gateway-list 10.100.1.4
dns-list 10.100.1.2
domain-name huawei.com
nbns-list 10.100.1.3
expired day 10 hour 12
#
interface GigabitEthernet 0/0/1
ip address 202.40.1.2 255.255.0.0
#
dhcp server forbidden-ip 10.100.1.2
dhcp server forbidden-ip 10.100.1.3
dhcp server forbidden-ip 10.100.1.4
#
ip route-static 10.100.0.0 255.255.0.0 202.40.1.1
#
return

4-38

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

IP Performance Configuration

About This Chapter


This chapter describes the parameters and function required for IP performance optimization
and provides procedures and examples for optimizing IP performance.
5.1 Overview
This section describes the parameters and concepts concerning IP performance.
5.2 Improving IP Performance
This section describes how to enhance the performance of a specified network through setting
some IP parameters.
5.3 Maintaining IP Performance
This section describes how to clear IP/TCP/UDP statistics and debug IP/TCP/UDP.
5.4 Configuration Examples
This section provides several configuration examples of the IP performance.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

5.1 Overview
This section describes the parameters and concepts concerning IP performance.
5.1.1 Introduction to IP Performance
5.1.2 IP Performance Supported by the S-switch

5.1.1 Introduction to IP Performance


IP performance optimization should be performed on the basis of configurations of some
parameters and enablement of related functions, for example, ICMP function, and TCP
attributes.
Internet Control Message Protocol (ICMP) messages are used by either the IP layer or the higher
layer protocol (TCP or UDP). ICMP communicates error messages or other conditions that
require attention.

5.1.2 IP Performance Supported by the S-switch


ICMP
l

ICMP Host Unreachable Messages


When forwarding packets, the device discards the packets and returns an ICMP host
unreachable message to the source to notify that the source must stop sending packets to
this destination if the device encounters the following situations:

There is no route to the destination.

The packet is not for itself.

ICMP Packet Sending Switches


In normal circumstance, ICMP host unreachable messages can ensure normal packet
transmission. However, when devices encounter the preceding conditions frequently,
network traffic becomes heavy because devices send a large number of ICMP messages.
This increases the traffic burden. In the case of malicious attacks, network congestion
becomes worse.
To solve this problem, a control switch is added on the outgoing interface of ICMP
messages. This switch is used to respectively enable or disable the sending of ICMP host
unreachable messages. If the switch is disabled, the device does not send out the ICMP
host unreachable packets. This can reduce the traffic burden and protect the network from
malicious attacks.

Broadcast Packet Forwarding


Broadcast packet forwarding is used to control whether broadcast packets are forwarded on a
specified interface. Run the ip forward-broadcast command on an interface. For the broadcast
packets that are not generated by the local host, this interface sends the broadcast packets to the
local host before forwarding them.
5-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

When forwarding broadcast packets is enabled, the ACL rules can be specified. The interface
forwards only the broadcast packets that match the ACL. It sends back the broadcast packets
that do not match the ACL to the host without forwarding them.
S-switch generally do not forward directional broadcast packets. In some cases, however, you
may require the device to forward directional broadcast packets. Thus, you can run the ip
forward-broadcast command to enable an interface to forward directional broadcast packets.
This makes the networking to be flexible.

5.2 Improving IP Performance


This section describes how to enhance the performance of a specified network through setting
some IP parameters.
5.2.1 Establishing the Configuration Task
5.2.2 Verifying the Source IP Address
5.2.3 Forwarding Broadcast Packets
5.2.4 Configuring ICMP Attributes
5.2.5 Configuring TCP Attributes
5.2.6 Checking the Configuration

5.2.1 Establishing the Configuration Task


Applicable Environment
In some special network environments, you must adjust the IP parameters to achieve the best
performance. Improving IP performance involves configurations of a series of parameters.

Pre-configuration Tasks
Before improving IP performance, complete the following tasks:
l

Configuring the physical parameters for related interfaces and ensuring that the status of
the physical layer of the interface is Up

Configuring the link layer protocol for related interfaces and ensuring that the status of the
link layer protocol on the interface is Up

Configuring the IP addresses for related interfaces

Configuring the ACL

Data Preparation
To improve IP performance, you need the following data.

Issue 04 (2010-01-25)

No.

Data

Number of the interface


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

5-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

No.

Data

Number of the interface which needs source address verification

Number of the interface which needs to forward broadcast packets and ACL number
which is used to specify the broadcast packets

Number of the interface which needs to configure ICMP host-unreachable

SYN-WAIT timer, FIN-WAIT timer, receiving and sending buffer size of the socket

5.2.2 Verifying the Source IP Address


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The interface view is displayed.


Step 3 Run:
ip verify source-address

The source IP address verification is enabled on the interface.


By default, the function is disabled on all interfaces.
----End

5.2.3 Forwarding Broadcast Packets


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

5-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

The interface view is displayed.


Step 3 Run:
ip forward-broadcast [ acl acl-number ]

The interface is configured to forward broadcast packets.


By default, broadcast packets are not forwarded by any interface.
----End

5.2.4 Configuring ICMP Attributes


Context
By default, sending ICMP redirection packets and unreachable packets is enabled.

CAUTION
l

If the transmission of ICMP host unreachable messages is disabled, the device no longer
sends the ICMP host unreachable message.

Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface interface-type interface-number

The interface view is displayed.


The interface is a VLANIF interface.
Step 3 Run:
icmp host-unreachable send

Sending ICMP host unreachable packets is enabled.


----End

5.2.5 Configuring TCP Attributes


Context
The TCP attributes that can be configured include:
l

Issue 04 (2010-01-25)

The SYN-Wait timer: On sending SYN packets, the TCP starts the SYN-Wait timer. If
response packets are not received before the SYN-Wait timer timeout, the TCP connection
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

5-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

is terminated. The SYN-Wait timer timeout ranges from 2 seconds to 600 seconds, and the
default value is 75 seconds.
l

The FIN-Wait timer: When the TCP connection status turns from FIN_WAIT_1 to
FIN_WAIT_2, the FIN-Wait timer starts. If FIN packets are not received before the FINWait timer timeout, the TCP connection is terminated. The FIN-Wait timer timeout ranges
from 76 seconds to 3600 seconds, and the default value is 675 seconds.

The receiving and sending window-size of the connection-oriented socket: It ranges from
1K bytes to 32K bytes, and the default value is 8K bytes.

If an attribute of TCP is configured for many times in the system view, only the last configuration
takes effect.
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
tcp timer syn-timeout interval

The SYN-Wait timer of setting up TCP connections is configured.


Step 3 Run:
tcp timer fin-timeout interval

The FIN_WAIT_2 timer of setting TCP connections is configured.


Step 4 Run:
tcp window window-size

The receiving/sending buffer size of the TCP socket is configured.


----End

5.2.6 Checking the Configuration


Run the following commands to check the pervious configuration.

5-6

Action

Command

View the TCP connection status.

display tcp status [ [ task-id task-id ] [ socketid socket-id ] | [ local-ip ip-address ] [ localport local-port-number ] [ remote-ip ipaddress ] [ remote-port remote-port-number ] ]

View the TCP traffic statistics.

display tcp statistics

View the UDP traffic statistics.

display udp statistics

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

Action

Command

View the table information of the IP layer


interface.

display ip interface [ interface-type interfacenumber ]


display ip interface brief [ interface-type
[ interface-number ] ]

View the IP traffic statistics.

display ip statistics

View the ICMP traffic statistics.

display icmp statistics

View the Rawlink statistics.

display rawlink statistics

View the FIB table.

display fib

View the filtered FIB information.

display fib acl acl-number[ verbose ]

View the FIB entry which matches a


destination address.

display fib destination-address1 [ destinationmask1 ] [ longer ] [ verbose ]

View the FIB entry whose destination


address is in the range of destinationaddress1 destination-mask1 to
destination-address2 destination-mask2.

display fib destination-address1 destinationmask1 destination-address2 destination-mask2


[ verbose ]

View the FIB entries that have passed


filtering in a certain format according to
the input IP prefix name.

display fib ip-prefix prefix-name [ verbose ]

View the FIB entries that have passed


filtering in a certain format according to
the input interface type and interface
number.

display fib interface interface-type interfacenumber

View the FIB entries that have passed


filtering in a certain format according to
the input next hop address.

display fib next-hop ip-address

View the total number of FIB entries.

display fib statistics

View the summary of the FIB.

display fib [ | { begin | exclude | include }


regular-expression ]

View all the current socket API


information.

display ip socket [ monitor ] [ task-id task-id |


sock-type sock-type ]

Run the display tcp status command. If the information about the TCP connection status is
displayed, it means that the configuration succeeds. For example:
<Quidway> display tcp status
TCPCB
Tid/Soid Local Add:port
0dcdd3c0 30 /1
0.0.0.0:21
0f63b34c 40 /1
0.0.0.0:23
0dcde398 40 /2
100.1.1.235:23
d
0dce0348 40 /3
100.1.1.235:23
d

Issue 04 (2010-01-25)

Foreign Add:port
0.0.0.0:0
0.0.0.0:0
100.1.1.156:3589
100.1.1.156:3596

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

VPNID State
0
Listening
14849 Listening
0
Establishe
0

Establishe

5-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration
0dce0e40
d
0dce22f8
d

40 /4

100.1.1.235:23

100.1.1.156:3750

Establishe

40 /5

100.1.1.235:23

100.1.1.156:3762

Establishe

Run the display tcp statistics command. If the TCP traffic statistics are displayed, it means that
the configuration succeeds. For example:
<Quidway> display tcp statistics
Received packets:
Total: 0
packets in sequence: 0 (0 bytes)
window probe packets: 0, window update packets: 0
checksum error: 0, offset error: 0, short error: 0
duplicate packets: 0 (0 bytes), partially duplicate packets: 0 (0 bytes)
out-of-order packets: 0 (0 bytes)
packets of data after window: 0 (0 bytes)
packets received after close: 0
ACK packets: 0 (0 bytes)
duplicate ACK packets: 0, too much ACK packets: 0
Sent packets:
Total: 0
urgent packets: 0
control packets: 0 (including 0 RST)
window probe packets: 0, window update packets: 0
data packets: 0 (0 bytes),data packets retransmitted: 0 (0 bytes)
ACK-only packets: 0 (0 delayed)
Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0
Keep alive timeout: 0, keep alive probe: 0, Keep alive timeout, so connections d
isconnected : 0
Initiated connections: 0, accepted connections: 0, established connections: 0
Closed connections: 0 (dropped: 0, initiated dropped: 0)
Packets dropped with MD5 authentication: 0
Packets permitted with MD5 authentication: 0

Run the display udp statistics command. If the UDP traffic statistics are displayed, it means
that the configuration succeeds. For example:
<Quidway> display udp statistics
Received packets:
Total: 0
checksum error: 0
shorter than header: 0, data length larger than packet: 0
unicast(no socket on port): 0
broadcast/multicast(no socket on port): 0
not delivered, input socket full: 0
input packets missing pcb cache: 0
Sent packets:
Total: 0

Run the display ip interface command. If the information about IP interfaces is displayed, it
means that the configuration succeeds. For example:
<Quidway> display ip interface vlanif 1
Vlanif1 current state : DOWN
Line protocol current state : DOWN
The Maximum Transmit Unit : 1500 bytes
input packets : 0, bytes : 0, multicasts : 0
output packets : 0, bytes : 0, multicasts : 0
Directed-broadcast packets:
received packets:
0, sent packets:
forwarded packets:
0, dropped packets:
Internet Address is 172.18.255.1/24
Broadcast address : 172.18.255.255

5-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

0
0

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service
TTL invalid packet number:
ICMP packet input number:
Echo reply:
Unreachable:
Source quench:
Routing redirect:
Echo request:
Router advert:
Router solicit:
Time exceed:
IP header bad:
Timestamp request:
Timestamp reply:
Information request:
Information reply:
Netmask request:
Netmask reply:
Unknown type:
DHCP packet deal mode: global

5 IP Performance Configuration
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

Run the display ip statistics command. If the IP traffic statistics are displayed, it means that the
configuration succeeds. For example:
<Quidway> display ip statistics
Input:
sum
10153
bad protocol
0
bad checksum
0
TTL exceeded
0
Output:
forwarding
0
dropped
0
Fragment: input
0
dropped
0
fragmented
0
Reassembling:sum
0

local
bad format
bad options

10153
0
0

local
no route
output

11589
0
0

couldn't fragment
timeouts

0
0

Run the display icmp statistics command. If the ICMP traffic statistics are displayed, it means
that the configuration succeeds. For example:
<Quidway> display icmp statistics
Input: bad formats
0
bad checksum
echo
4
destination unreachable
source quench
0
redirects
echo reply
5
parameter problem
timestamp
0
information request
mask requests
0
mask replies
time exceeded
0
Output:echo
5
destination unreachable
source quench
0
redirects
echo reply
4
parameter problem
timestamp
0
information reply
mask requests
0
mask replies
time exceeded
0

0
0
0
0
0
0
0
0
0
0
0

Run the display rawlink statistics command. If the Rawlink statistics are displayed, it means
that the configuration succeeds. For example:
<Quidway> display rawlink statistics
Received packets:
Total: 0
ifnet is null: 0
input packets missing pcb cache: 0
not pass multicast: 0
no join multicast: 0
full sock and pstMBuf to be freed: 0
full sock and nothing to be freed: 0
full sock and other reason: 0
Send packets:
Total: 0

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

Run the display fib command. If the brief information about the FIB is displayed, it means that
the configuration succeeds. For example:
<Quidway> display fib
FIB Table:
Total number of Routes : 7
Destination/Mask
Nexthop
Flag TimeStamp
127.0.0.1/32
127.0.0.1
HU
t[57]
127.0.0.0/8
127.0.0.1
U
t[57]
172.16.255.6/32
127.0.0.1
HU
t[86]
172.16.255.4/30
172.16.255.6
U
t[86]
0.0.0.0/0
172.16.255.5
GSU t[86]
192.168.0.0/16
172.16.255.5
GSU t[86]
172.16.255.5/32
172.16.255.5
HLU t[650]
<Quidway> display fib acl 2010
Route entry matched by access-list 2010:
Summary counts: 1
Destination/Mask Nexthop
Flag
TimeStamp
127.0.0.0/8
127.0.0.1
U
t[0]

Interface
InLoop0
InLoop0
InLoop0
Vlanif2002
Vlanif2002
Vlanif2002
GE0/0/1

TunnelID
0x0
0x0
0x0
0x0
0x0
0x0
0x0

Interface
InLoopBack0

TunnelID
0x0

5.3 Maintaining IP Performance


This section describes how to clear IP/TCP/UDP statistics and debug IP/TCP/UDP.
5.3.1 Clearing IP/TCP/UDP Statistics
5.3.2 Monitoring Network Operation Status
5.3.3 Debugging IP/TCP/UDP

5.3.1 Clearing IP/TCP/UDP Statistics

CAUTION
IP/TCP/UDP statistics cannot be restored after you clear it. So, confirm the action before you
use the command.
To clear the IP/TCP/UDP statistics, run the following reset commands in the user view.

5-10

Action

Command

Reset the IP statistics.

reset ip statistics [ interface interface-type


interface-number ]

Clear information about the socket


monitor.

reset ip socket monitor

Reset the TCP traffic statistics.

reset tcp statistics

Reset the UDP traffic statistics.

reset udp statistics

Rest the Rawlink statistics.

reset rawlink statistics

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

5.3.2 Monitoring Network Operation Status


To obtain configurations in routine maintenance, run the following commands.
Action

Command

View TCP connection status.

display tcp status [ [ task-id task-id ] [ socketid socket-id ] | [ local-ip ip-address ] [ localport local-port-number ] [ remote-ip ipaddress ] [ remote-port remote-port-number ] ]

View statistics about TCP traffic.

display tcp statistics

View statistics about UDP traffic.

display udp statistics

View information about IP interfaces.

display ip interface [ interface-type interfacenumber ]


display ip interface brief [ interface-type [
interface-number ] ]

Issue 04 (2010-01-25)

View statistics about IP traffic.

display ip statistics

View statistics about ICMP traffic.

display icmp statistics

View statistics about Rawlink.

display rawlink statistics

View the FIB table.

display fib

View the FIB information selectively


through filtering.

display fib acl acl-number [ verbose ]

Filter FIB entries by matching destination


IP addresses.

display fib [ slot-id ] destination-address1


[ desinationt-mask1 ] [ longer ] [ verbose ]

View the FIB entries with the destination


IP addresses in the range from destinationaddress1 destination-mask1 to
destination-address2 destination-mask2.

display fib [ slot-id ] destination-address1


destination-mask1 destination-address2
destination-mask2 [ verbose ]

View the FIB entries that have passed


filtering in a certain format according to the
input IP prefix name.

display fib ip-prefix prefix-name [ verbose ]

View the FIB entries that have passed


filtering in a certain format according to the
input interface type and interface number.

display fib interface interface-type interfacenumber

View the FIB entries that have passed


filtering in a certain format according to the
input next hop address.

display fib next-hop ip-address

View the total number of FIB entries.

display fib statistics

View brief information about the


forwarding table.

display fib [ | { begin | exclude | include }


regular-expression ]

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-11

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

Action

Command

View information about all the socket


interfaces of the system.

display ip socket [ monitor ] [ task-id task-id


| sock-type sock-type ]

5.3.3 Debugging IP/TCP/UDP

CAUTION
Debugging affects the performance of the system. So after debugging, run the undo debugging
all command to disable it immediately.
Run the following debug commands in the user view to debug IP/TCP/UDP/RAWIP/
RAWLINK and locate the fault.
Action

Command

Enable IP packets debugging.

debugging ip packet [ error ] [ acl acl-number ]

Enable ICMP debugging.

debugging ip icmp

Enable UDP packets debugging.

debugging udp packet [ local-ip ip-address ] [ localport local-port ] [ remote-ip ip-address ] [ remoteport remote-port ]
debugging udp packet [ task-id task-id ] [ socket-id
socket-id ]

Enable TCP packets debugging.

debugging tcp packet [ local-ip ip-address ] [ localport local-port ] [ remote-ip ip-address ] [ remoteport remote-port ] [ flag flag-number ]
debugging tcp packet [ task-id task-id ] [ socket-id
socket-id ] [ flag flag-number ]

Enable TCP event debugging.

debugging tcp event [ local-ip local-address ] [ localport local-port ] [ remote-ip remote-address ] [ remoteport remote-port ]
debugging tcp event [ task-id task-id ] [ socket-id
socket-id ]

Enable TCP MD5 authentication


debugging.

debugging tcp md5 [ local-ip local-address ] [ localport local-port ] [ remote-ip remote-address ] [ remoteport remote-port ]
debugging tcp md5 [ task-id task-id ] [ socket-id socketid ]

5-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

Action

Command

Enable RAWIP packets


debugging.

debugging rawip packet [ local-ip ip-address ]


[ remote-ip ip-address ] [ protocol protocol-number ]
[ verbose verbose-number ]
debugging rawip packet [ task-id task-id ] [ socket-id
socket-id ] [ verbose verbose-number ]

Enable RAWLINK packets


debugging.

debugging rawlink packet [ local-mac local-mac ]


[ remote-mac remote-mac ] [ verbose verbosenumber ]
debugging rawlink packet [ task-id task-id ] [ socketid socket-id ] [ verbose verbose-number ]

5.4 Configuration Examples


This section provides several configuration examples of the IP performance.
5.4.1 Example for Limiting Transmission of ICMP Host-Unreachable Packets

5.4.1 Example for Limiting Transmission of ICMP HostUnreachable Packets


Networking Requirements
As shown in Figure 5-1, S-switch-A, S-switch-B and S-switch-C are connected with each other
through their VLANIF to test limiting transmission of host-unreachable packets.
Figure 5-1 Networking diagram of configuring ICMP host unreachable packets

S-switch-A
VLANIF1
1.1.1.1/24

Internet
VLANIF1
2.2.2.2/24

VLANIF1
1.1.1.2/24

S-switch-C

Issue 04 (2010-01-25)

S-switch-B

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-13

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1.

Configure IP addresses for the interfaces on devices.

2.

Configure static routes between devices that are not directly connected.

3.

Enable limiting transmission of ICMP Host-unreachable packets.

Data Preparation
To complete the configuration, you need the following data:
l

Static routes between devices that are not directly connected

IP addresses for the interfaces

Configuration Procedure
1.

Configure S-switch-A.
# Configure static routes on S-switch-A.
<Quidway> system-view
[Quidway] sysname S-switch-A
[S-switch-A] ip route-static 2.2.2.2 24 1.1.1.2

# Configure an IP address for VLANIF1.


[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] ip address 1.1.1.1 24
[S-switch-A-Vlanif1] quit

2.

Configure S-switch-B.
# Disable sending ICMP host unreachable packets on S-switch-B and configure an IP
address for VLANIF1
<Quidway> system-view
[Quidway] sysname S-switch-B
[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] undo icmp host-unreachable send
[S-switch-B-Vlanif1] ip address 1.1.1.2 24
[S-switch-B-Vlanif1] quit
[S-switch-B] quit

3.

Configure S-switch-C.
# Configure an IP address for VLANIF1 on S-switch-C.
<Quidway> system-view
[Quidway] sysname S-switch-C
[S-switch-C] interface vlanif 1
[S-switch-C-Vlanif1] ip address 2.2.2.2 24
[S-switch-C-Vlanif1] quit

4.

Verify the configuration.


# Enable the debugging of the ICMP packets of S-switch-B.
<S-switch-B> debugging ip icmp

# Run the ping 2.2.2.2 command on S-switch-A. If you can view that S-switch-B does not
send the host unreachable packets, it means that the configuration succeeds. For example:
[S-switch-A] ping 2.2.2.2

Configuration Files
l

5-14

Configuration file of S-switch-A


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

5 IP Performance Configuration

#
sysname S-switch-A
#
interface Vlanif1
ip address 1.1.1.1 255.255.255.0
#
ip route-static 2.2.2.0 255.255.255.0 1.1.1.2
#
l

Configuration file of S-switch-B


#
sysname S-switch-B
#
interface Vlanif1
ip address 1.1.1.2 255.255.255.0
undo icmp host-unreachable send
#

Configuration file of S-switch-C


#
sysname S-switch-C
#
interface Vlanif1
ip address 2.2.2.2 255.255.255.0
#

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-15

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

DHCP Policy VLAN Configuration

About This Chapter


This chapter describes the concept, operating mode, and configuration of Dynamic Host
Configuration Protocol (DHCP) policy Virtual Local Area Network (VLAN), and provides
configuration examples.
6.1 Overview
This section describes the concept of DHCP policy VLAN.
6.2 Configuring DHCP Policy VLAN Based on MAC Addresses
This section describes how to configure DHCP Policy VLAN Based on MAC Addresses
6.3 Configuring the DHCP Policy VLAN Based on Interfaces
This section describes how to configure the DHCP policy VLAN based on interfaces.
6.4 Configuring Generic DHCP Policy VLAN
This section describes how to configure Generic DHCP Policy VLAN
6.5 Maintaining DHCP Policy VLAN
This section describes how to maintain DHCP policy VLAN.
6.6 Configuration Examples
This section provides several configuration examples of DHCP policy VLAN.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

6.1 Overview
This section describes the concept of DHCP policy VLAN.
6.1.1 Introduction
6.1.2 DHCP Policy VLAN Supported by the S-switch

6.1.1 Introduction
When the policy for VLANs is configured on the S-switch, the VLAN to which each host
connects to the interface on the S-switch belongs is determined by the network segment to which
the IP address of the host belongs. When a host that accesses the network for the first time is
connected to an interface, the host cannot be added to its associated VLAN because it has no
valid IP address.
DHCP policy VLAN is thus introduced. With DHCP policy VLAN, hosts that access the network
for the first time can obtain valid IP addresses from the DHCP server and then be added to the
VLANs whose network segments the IP addresses belong to.

6.1.2 DHCP Policy VLAN Supported by the S-switch


The S-switch supports the following types of DHCP policy VLAN:
l

DHCP policy VLAN based on MAC addresses

DHCP policy VLAN based on interfaces

Generic DHCP policy VLAN

6.2 Configuring DHCP Policy VLAN Based on MAC


Addresses
This section describes how to configure DHCP Policy VLAN Based on MAC Addresses
6.2.1 Establishing the Configuration Task
6.2.2 Configuration Procedure
6.2.3 Checking the Configuration

6.2.1 Establishing the Configuration Task


Applicable Environment
When multiple hosts access the network through an interface on the S-switch, you need to
configure DHCP policy VLAN based on MAC addresses so that the hosts can obtain IP addresses
from the DHCP server and be added to specific VLANs.
6-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

Pre-configuration Tasks
Before configuring DHCP policy VLAN based on MAC addresses, complete the following
tasks:
l

Configuring the default VLAN for the interface on the S-switch that connects to the newly
added hosts

Data Preparation
To configure DHCP policy VLAN based on MAC addresses, you need the following data.
No.

Data

MAC addresses of the newly added hosts

ID of the VLAN to which the DHCP server belongs

6.2.2 Configuration Procedure


Context
Do as follows on the S-switch.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface interface-type interface-number

The view of the interface on the S-switch that connects to multiple hosts is displayed.
Step 3 Run:
port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

The interface is added to the specified VLANs, ensuring that frames from the VLANs pass
through the interface in untagged mode.
Step 4 Run:
vlan vlan id

The view of the VLAN to which the DHCP server belongs is displayed.
Step 5 Run:
policy-vlan dhcp-mac mac-address1 [ to mac-address2 ] [ priority priority ]

The DHCP policy VLAN based on MAC addresses is configured.


----End
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

6.2.3 Checking the Configuration


Run the following command to check the previous configuration.
Action

Command

Check the configuration of the Sswitch in the VLAN view.

display this

Run the display this command in the VLAN view of the S-switch where DHCP policy VLAN
based on MAC addresses is configured, you can view that the configuration of DHCP policy
VLAN based on MAC addresses is correct.
[Quidway-vlan2] display this
#
vlan 2
policy-vlan dhcp-mac 0002-0002-0002 priority 2
#

6.3 Configuring the DHCP Policy VLAN Based on


Interfaces
This section describes how to configure the DHCP policy VLAN based on interfaces.
6.3.1 Establishing the Configuration Task
6.3.2 Configuration Procedure
6.3.3 Checking the Configuration

6.3.1 Establishing the Configuration Task


Applicable Environment
When multiple hosts access the network through different interfaces on the S-switch, you need
to configure DHCP policy VLAN based on interfaces so that the hosts can obtain IP addresses
from the DHCP server.

Pre-configuration Tasks
Before configuring DHCP policy VLAN based on interfaces, complete the following tasks:
l

Configuring the default VLAN for the interface that connects to the newly added host on
the S-switch

Configuring the interface that connects to the newly added host on the S-switch as a hybrid
interface

Data Preparation
To configure DHCP policy VLAN based on interfaces, you need the following data.
6-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

No.

Data

Number of the interface that connects to the newly added host on the S-switch

ID of the VLAN to which the DHCP server belongs

6.3.2 Configuration Procedure


Context
Do as follows on the S-switch.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface interface-type interface-number

The view of the interface that connects to the newly added host on the S-switch is displayed.
Step 3 Run:
port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

The interface is added to the specified VLANs, ensuring that frames from the VLANs pass
through the interface in untagged mode.
Step 4 Run:
vlan vlan id

The view of the VLAN to which the DHCP server belongs is displayed.
Step 5 Run:
policy-vlan dhcp-port interface-type interface-number1 [ to interface-number2 ]
[ priority priority ]

The DHCP policy VLAN based on interfaces is configured.


----End

6.3.3 Checking the Configuration


Run the following commands to check the previous configuration.

Issue 04 (2010-01-25)

Action

Command

Check the configuration of the Sswitch in the VLAN view.

display this

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

Run the display this command in the VLAN view of the S-switch where DHCP policy VLAN
based on interfaces is configured, you can view that the configuration of DHCP policy VLAN
based on interfaces is correct.
[Quidway-vlan2] display this
#
vlan 2
policy-vlan dhcp-port GigabitEthernet 0/0/2 priority 2
#

6.4 Configuring Generic DHCP Policy VLAN


This section describes how to configure Generic DHCP Policy VLAN
6.4.1 Establishing the Configuration Task
6.4.2 Configuration Procedure
6.4.3 Checking the Configuration

6.4.1 Establishing the Configuration Task


Applicable Environment
When hosts that do not apply DHCP policy VLAN based on MAC addresses or DHCP policy
VLAN based on interfaces access the network for the first time, you need to configure generic
DHCP policy VLAN on the S-switch so that the hosts can obtain valid IP addresses.

Pre-configuration Tasks
Before configuring generic DHCP policy VLAN, complete the following tasks:
l

Configuring the default VLAN for the interface that connects to the newly added host on
the S-switch

Data Preparation
To configure generic DHCP policy VLAN, you need the following data.
No.

Data

ID of the VLAN to which the DHCP server belongs

6.4.2 Configuration Procedure


Context
Do as follows on the S-switch.
6-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface interface-type interface-number

The view of the interface that connects to the newly added host on the S-switch is displayed.
Step 3 Run:
port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

The interface is added to the specified VLANs, ensuring that frames from the VLANs pass
through the interface in untagged mode.
Step 4 Run:
vlan vlan id

The view of the VLAN to which the DHCP server belongs is displayed.
Step 5 Run:
policy-vlan dhcp-generic [ priority priority ]

The generic DHCP policy VLAN is configured.


----End

6.4.3 Checking the Configuration


Run the following command to check the previous configuration.
Action

Command

Check the configuration of the Sswitch in the VLAN view.

display this

Run the display this command in the VLAN view of the S-switch where generic DHCP policy
VLAN is configured, you can view that the configuration of generic DHCP policy VLAN is
correct.
[Quidway-vlan2] display this
#
vlan 2
policy-vlan dhcp-generic priority 2
#

6.5 Maintaining DHCP Policy VLAN


This section describes how to maintain DHCP policy VLAN.
6.5.1 Monitoring the Running Status
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

6.5.1 Monitoring the Running Status


To check the running status of DHCP policy VLAN, run the following display command in the
corresponding VLAN view.
Action

Command

Check the configuration of DHCP


policy VLAN.

display this

6.6 Configuration Examples


This section provides several configuration examples of DHCP policy VLAN.
6.6.1 Example for Configuring DHCP Policy VLAN Based on MAC Addresses
6.6.2 Example for Configuring DHCP Policy VLAN Based on Interfaces

6.6.1 Example for Configuring DHCP Policy VLAN Based on MAC


Addresses
Networking Requirements
As shown in Figure 6-1, on the S-switch, GE 0/0/2 connects to PC1 and PC2 that access the
network for the first time; GE 0/0/4 connects to the DHCP server that belongs to VLAN 100.
The MAC address of PC1 is 001E-9089-C65A; the MAC address of PC2 is 00E0-4C84-0B44.
Figure 6-1 Networking for configuring DHCP policy VLAN based on MAC addresses

PC1
001E-9089-C65A

S-switch
GE 0/0/4

VLAN100

GE 0/0/2
DHCP Server
192.168.31.251/16

PC2
00E0-4C84-0B44

6-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1.

Determine to which VLAN the DHCP server belongs.

2.

Configure DHCP policy VLAN based on MAC addresses.

Data Preparation
To complete the configuration, you need the following data:
l

MAC address of the newly added host

Default VLAN ID of the interfaces on the S-switch

Configuration Procedure
1.

Configure the S-switch.


# Configure GE 0/0/2 and GE 0/0/4 on the S-switch as a hybrid interface, and configure
frames from VLAN 100 to pass through GE 0/0/2 in untagged mode.
<Quidway> system-view
[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] quit
[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/4] port
[Quidway-GigabitEthernet0/0/4] port
[Quidway-GigabitEthernet0/0/4] quit

0/0/2
default vlan 2
hybrid untagged vlan 100
0/0/4
default vlan 4
hybrid untagged vlan 100

# Configure DHCP policy VLAN based on MAC addresses.


<Quidway> system-view
[Quidway] vlan 100
[Quidway-vlan100] policy-vlan dhcp-mac 001E-9089-C65A priority 5
[Quidway-vlan100] policy-vlan dhcp-mac 00E0-4C84-0B44 priority 5
[Quidway-vlan100] quit

2.

Verify the configuration.


# Ping the DHCP server from PC1 and PC2. The ping operations are successful.
C:\>ping 192.168.31.251
Pinging 192.168.31.251 with 32 bytes of data:
Reply
Reply
Reply
Reply

from
from
from
from

192.168.31.251:
192.168.31.251:
192.168.31.251:
192.168.31.251:

bytes=32
bytes=32
bytes=32
bytes=32

time=126ms TTL=255
time=2ms TTL=255
time=2ms TTL=255
time=2ms TTL=255

Ping statistics for 192.168.31.251:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 126ms, Average = 33ms

Configuration Files
The following lists the configuration file of the S-switch.
#
interface GigabitEthernet0/0/2
port default vlan 2
port hybrid untagged vlan 100
interface GigabitEthernet0/0/4

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration


port default vlan 4
port hybrid untagged vlan 100
#
vlan 100
policy-vlan dhcp-mac 001e-9089-c65a priority 5
policy-vlan dhcp-mac 00e0-4c84-0b44 priority 5
#
return

6.6.2 Example for Configuring DHCP Policy VLAN Based on


Interfaces
Networking Requirements
As shown in Figure 6-2, on the S-switch, GE 0/0/2 connects to an access switch; GE 0/0/1
connects to the DHCP server that belongs to VLAN 100; the access switch connects to 10 hosts.
Figure 6-2 Networking for configuring DHCP policy VLAN based on interfaces

S-switch
GE 0/0/1

VLAN100

GE 0/0/2
DHCP Server
192.168.31.251/16

...
PC1

PC10

Configuration Roadmap
The configuration roadmap is as follows:
1.

Determine to which VLAN the DHCP server belongs.

2.

Configure DHCP policy VLAN based on interfaces.

Data Preparation
To complete the configuration, you need the following data:

6-10

Number of the S-switch interface that connects to the downstream access switch

Default VLAN ID of the interfaces on the S-switch


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

6 DHCP Policy VLAN Configuration

Configuration Procedure
1.

Configure the S-switch.


# Configure GE 0/0/1 and GE 0/0/2 on the S-switch as hybrid interfaces, and configure
frames from VLAN 100 to pass through GigabitEthernet 0/0/2 in untagged mode.
<Quidway> system-view
[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/1] port
[Quidway-GigabitEthernet0/0/1] port
[Quidway-GigabitEthernet0/0/1] port
[Quidway-GigabitEthernet0/0/1] quit
[Quidway] interface gigabitethernet
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] port
[Quidway-GigabitEthernet0/0/2] quit

0/0/1
link-type hybrid
default vlan 10
hybrid untagged vlan 100
0/0/2
link-type hybrid
default vlan 20
hybrid untagged vlan 100

# Configure DHCP policy VLAN based on interfaces.


<Quidway> system-view
[Quidway] vlan 100
[Quidway-vlan100] policy-vlan dhcp-port gigabitethernet 0/0/2 priority 5

2.

Verify the configuration.


# Ping the DHCP server from each host. The ping operations are successful.
C:\>ping 192.168.31.251
Pinging 192.168.31.251 with 32 bytes of data:
Reply
Reply
Reply
Reply

from
from
from
from

192.168.31.251:
192.168.31.251:
192.168.31.251:
192.168.31.251:

bytes=32
bytes=32
bytes=32
bytes=32

time=126ms TTL=255
time=2ms TTL=255
time=2ms TTL=255
time=2ms TTL=255

Ping statistics for 192.168.31.251:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 126ms, Average = 33ms

Configuration Files
The following lists the configuration file of the S-switch.
#
interface GigabitEthernet0/0/1
port default vlan 10
port hybrid untagged vlan 100
interface GigabitEthernet0/0/2
port default vlan 20
port hybrid untagged vlan 100
#
vlan 100
policy-vlan dhcp-port gigabitEthernet 0/0/2 priority 5
#
return

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-11

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Basic IPv6 Configuration

About This Chapter


This chapter describes the IPv6 features and IPv6 address overview. It also describes
configuration steps for IPv6 ND, PMTU configuration, along with typical examples.
7.1 Introduction to IPv6
7.2 IPv6 Supported by the S-switch
7.3 Configuring an IPv6 Address for an Interface
This section describes how to configure an IPv6 address for an interface.
7.4 Configuring IPv6 Neighbor Discovery
This section describes how to configure IPv6 neighbor discovery.
7.5 Configuring PMTU
This section describes how to configure IPv6 PMTU.
7.6 Configuring TCP6
This section describes how to configure TCP connections.
7.7 Maintaining IPv6
This section describes how to clear IPv6 statistics and debug IPv6.
7.8 Configuration Examples
This section provides a configuration example for the IPv6 address.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

7.1 Introduction to IPv6


Internet Protocol Version 6 (IPv6), also called IP Next Generation (IPng), is the standard network
protocol of the second generation. It is a set of specifications designed by the Internet
Engineering Task Force (IETF). IPv6 is the upgraded version of IPv4. The most remarkable
difference between IPv6 and IPv4 is that the IP address lengthens from 32 bits to 128 bits.

7.2 IPv6 Supported by the S-switch


The S-switch supports the IPv6 protocol suite and TCP6 protocol suite.

IPv6 Address
A 128-bit IPv6 address has the following formats:
l

X:X:X:X:X:X:X:X
In this format, a 128-bit IP address is divided into eight groups. The 16 bits of each group
are represented by four hexadecimal characters, that is, 0 to 9, and A to F. The groups are
separated by colons. Every "X" represents a group of hexadecimal values.

X:X:X:X:X:X:d.d.d.d
This format is for the following types of addresses:

IPv4-compatible IPv6 address

IPv4-mapped IPv6 address

IPv4-compatible IPv6 address is used to configure an IPv6 over IPv4 tunnel.


In this type of address, "X" represents the first six groups of numbers. Each "X" stands for
16 bits that are represented by hexadecimal numbers. "d" represents the subsequent four
group of numbers. Each "d" stands for eight bits that are represented by decimal numbers.
"d.d.d.d" is a standard IPv4 address.
An IPv6 address can be divided into two parts:
l

Network prefix: equals the network ID of an IPv4 address. It is of n bits.

Interface identifier: equals the host ID in an IPv4 address. It is of 128-n bits.

IPv6 Neighbor Discovery


The IPv6 neighbor discovery (ND) is a group of messages and processes that define the
relationship between neighboring nodes. ND replaces the Address Resolution Protocol (ARP)
messages and the Internet Control Message Protocol (ICMP) device discovery messages. It also
provides additional functions.

IPv6 PMTU
Generally, the problem that different networks have different Maximum Transmission Units
(MTU) can be solved in the following ways:
7-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Devices fragment packets as required. The source host only needs to fragment packets;
however, the intermediate device not only needs to fragment packets, but also to reassemble
packets.

The source host sends packets based on a proper MTU so that packets need not be
fragmented on the intermediate device. In such a case, packet processing burden on the
intermediate device can be reduced. During IPv6 packet transmission, only this way can
be adopted because IPv6 intermediate devices do not support packet fragmentation.

The Path MTU (PMTU) Discovery mechanism aims at finding a proper MTU value on the path
from the source to the destination.

IPv6 FIB
Connecting network topologies of different types needs the configuration of different routing
protocols. This brings about Routing Information Base (RIB). The RIB is a base of the
Forwarding Information Base (FIB). Guided by route management policies, a device extracts a
minimum of necessary forwarding information from RIB and adds the information to the FIB.
Through the route management module, you can also add static routes into the FIB.
A FIB contains a group of minimum information needed by a device during packet forwarding.
An FIB entry usually contains the destination address, prefix length, transport port, next-hop
address, route flag, and time stamp. A device forwards packets according to FIB entries.
The FIB mechanism consists of two parts: FIB agent (used on the control plane) and FIB
container (used on the forwarding plane). A FIB agent is responsible for interacting with the
RM module for delivering FIB entries to the forwarding engine, and to the I/O board in a
distributed system.
A FIB contains the following information:
l

Destination address: indicates the network or host a packet is destined for.

Prefix length: indicates the length of the destination address prefix. From the prefix length,
you can infer that the destination address is a network address or a host address.

Nexthop: indicates the address of the close next hop through which the packet reaches the
destination.

Flag(s): identifies route features.

Interface: indicates the outgoing interface of the packet.

Timestamp: Indicates the time when an FIB entry is established.

7.3 Configuring an IPv6 Address for an Interface


This section describes how to configure an IPv6 address for an interface.
7.3.1 Establishing the Configuration Task
7.3.2 Enabling IPv6 Packet Forwarding Capability
7.3.3 Configuring an IPv6 Link-Local Address for an Interface
7.3.4 Configuring an IPv6 Global Unicast Address for an Interface
7.3.5 Checking the Configuration
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

7.3.1 Establishing the Configuration Task


Applicable Environment
When a device communicates with an IPv6 device, you need to configure IPv6 address for the
interface.

Pre-configuration Tasks
Before configuring IPv6 addresses, complete the following tasks:
l

Configuring the physical features of the interface and ensuring that the status of the physical
layer of the interface is Up

Configuring the link layer parameters for the interface and ensuring that the status of the
link layer protocol on the interface is Up

Data Preparation
To configure IPv6 addresses for an interface, you need the following data.
No.

Data

Number of the interface

Link-local address configured manually

Global unicast address and prefix length

7.3.2 Enabling IPv6 Packet Forwarding Capability


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6

The IPv6 packet forwarding capability is enabled.


By default, the IPv6 packet forwarding capability is disabled.
----End

7.3.3 Configuring an IPv6 Link-Local Address for an Interface


7-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Perform the following as required.
Run:
ipv6 address auto link-local

Auto generation of the IPv6 link-local address is enabled.


Or
Run:
ipv6 address ipv6-address link-local

The IPv6 link-local address is manually configured.


Besides configuring a link-local address through the preceding two commands, you can also
configure a global unicast IPv6 address for auto generating a link-local address. For details, see
Configuring an IPv6 Global Unicast Address for an Interface.
----End

7.3.4 Configuring an IPv6 Global Unicast Address for an Interface


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } [ eui-64 ]

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

The global unicast address is configured on the interface.


----End

7.3.5 Checking the Configuration


Prerequisite
The configurations of the IPv6 addresses are complete.

Procedure
l

Run the display ipv6 interface [ interface-type interface-number | brief ] command to


check the IPv6 information of an interface.

Run the display ipv6 statistics command to check the IPv6 packet statistics.

----End

7.4 Configuring IPv6 Neighbor Discovery


This section describes how to configure IPv6 neighbor discovery.
7.4.1 Establishing the Configuration Task
7.4.2 Configuring Static Neighbors
7.4.3 Enabling RA Message Advertising
7.4.4 Setting the Interval for Advertising RA Messages
7.4.5 Enabling Stateful Auto Configuration
7.4.6 Configuring the Address Prefixes to Be Advertised
7.4.7 Configuring Other Information to Be Advertised
7.4.8 Checking the Configuration

7.4.1 Establishing the Configuration Task


Applicable Environment
Most of the ND configurations are implemented based on the interfaces.

Pre-configuration Tasks
Before configuring IPv6 neighbor discovery, complete the following tasks:

7-6

Configuring the physical features for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring link layer parameters for the interface

Configuring the IPv6 address for the interface


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Data Preparation
To configure IPv6 neighbor discovery, you need the following data.
No.

Data

Number of interface which needs to be configured with IPv6 ND

IPv6 address and MAC address of the static neighbor

Intervals, prefix, and life duration of RA messages

Flag bit of automatic configuration

Hop limit of ND

Sending times of NS for DAD

Intervals for re-transmitting NS messages

NUD reachable time

Interface MTU

7.4.2 Configuring Static Neighbors


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ipv6 neighbor ipv6-address mac-address vid vlan-id interface-type interface-number

Static neighbors are configured.


----End

7.4.3 Enabling RA Message Advertising


Context
Do as follows on the S-switch:
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-7

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
undo ipv6 nd ra halt

The function of advertising RA messages is enabled.


By default, suppress the device from advertising messages.
----End

7.4.4 Setting the Interval for Advertising RA Messages


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ipv6 nd ra { max-interval maximum-interval | min-interval minimum-interval }

The interval for advertising RA messages is configured.


By default, the maximum interval is 600 seconds and the minimum interval is 200 seconds.
The maximum interval can not be shorter than the minimum interval.
----End

7.4.5 Enabling Stateful Auto Configuration


Context
Do as follows on the S-switch:
7-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ipv6 nd autoconfig managed-address-flag

The flag bit for stateful auto configuration addresses is set.


If this flag is set, hosts use the stateful protocol for address auto-configuration in addition to any
addresses auto-configured using stateless address auto-configuration.
Step 4 Run:
ipv6 nd autoconfig other-flag

The flag bit for other stateful configurations is set.


When this flag is set, hosts use the stateful protocol for auto-configuration of other (non-address)
information.
----End

7.4.6 Configuring the Address Prefixes to Be Advertised


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 3 Run:
ipv6 nd ra prefix { ipv6-address prefix-length | ipv6-address/prefix-length } validlifetime preferred-lifetime [ no-autoconfig ] [ off-link ]

The prefix of RA messages is configured.


----End

7.4.7 Configuring Other Information to Be Advertised


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-9

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Context
Duplicate Address Detect (DAD) is a process of IPv6 automatic address configuration. You can
configure the number of DAD messages which are sent continuously.
Set the interval of sending Neighbor Solicitation (NS) messages on the device. By default, NS
re-transmitting time interval is 1000ms.
NUD checks the reachability of neighbors. By default, NUD value is 30000ms.
The MTU of the interface determines whether to fragment IP packets on the interface.
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6 nd hop-limit limit

ND hop limit is configured.


The value of limit ranges from 1 to 255. By default, it is 64.
Step 3 Run:
interface vlanif vlan-id

The VLANIF interface view is displayed.


Step 4 Run:
ipv6 nd ra router-lifetime ra-lifetime

The life duration of RA messages is configured.


NOTE

When the ipv6 nd ra command is run to set the interval for advertising RA messages, the interval
must be less than or equal to the life duration.

By default, the maximum interval is 600 seconds, and the minimum interval is 200 seconds.

By default, the life duration of RA messages is 1800 seconds. If the prefix is configured, the duration
is still 1800 seconds.

Step 5 Run:
ipv6 nd dad attempts value

Times to send NS message for DAD are configured.


Step 6 Run:
ipv6 nd ns retrans-timer value

The interval for re-sending NS messages is set.


Step 7 Run:
ipv6 nd nud reachable-time value

The NUD reachable time is set.


7-10

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Step 8 Run:
ipv6 mtu mtu

MTU of the interface is configured.


----End

Postrequisite
If the IPv6 MTU value is changed, run the shutdown command and the undo shutdown
command orderly in the interface view to validate the configuration.

7.4.8 Checking the Configuration


Prerequisite
The configurations of the IPv6 neighbor discovery function are complete.

Procedure
l

Run the display ipv6 neighbors interface-type interface-number command to check the
neighbor information in the cache.

Run the display ipv6 interface [ interface-type interface-number | brief ] command to


check the IPv6 information of an interface.

----End

7.5 Configuring PMTU


This section describes how to configure IPv6 PMTU.
7.5.1 Establishing the Configuration Task
7.5.2 Creating Static PMTU Entries
7.5.3 Configuring PMTU Aging Time
7.5.4 Checking the Configuration

7.5.1 Establishing the Configuration Task


Applicable Environment
By setting PMTUs on interfaces, you can enable devices to send packets based on proper MTUs
across the network. This avoids packet fragmentation, reduces the burden of the devices,
implements efficient usage of network resources and achieves the best throughput.

Pre-configuration Tasks
Before configuring PMTUs, complete the following tasks:
l

Issue 04 (2010-01-25)

Configuring the physical features for the interface and ensuring that the status of the
physical layer of the interface is Up
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

7-11

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration


l

Configuring the link layer protocol for the interface

Data Preparation
To configure PMTUs, you need the following data.
No.

Data

IPv6 address and PMTU value to be configured

PMTU aging time

7.5.2 Creating Static PMTU Entries


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6 pathmtu ipv6-address [ path-mtu ]

The PMTU value of a specified IPv6 address is configured.


The path-mtu ranges from 1280 to 10000 bytes. By default, the PMTU of the IPv6 address is
1500 bytes.
----End

7.5.3 Configuring PMTU Aging Time


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6 pathmtu age age-time

The aging time of PMTU is configured.


7-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

By default, the dynamic PMTU aging time is 10 minutes.


The PMTU aging time is used to change the lifetime of a dynamic PMTU entry in the cache. It
has no effect on static PMTU entries because they cannot be aged.
----End

7.5.4 Checking the Configuration


Prerequisite
The configurations of the PMTU are complete.

Procedure
l

Run the display ipv6 pathmtu { ipv6-address | all | dynamic | static } command to check
all PMTU items.

Run the display ipv6 interface [ interface-type interface-number | brief ] command to


check the current MTU of the interface.

----End

7.6 Configuring TCP6


This section describes how to configure TCP connections.
7.6.1 Establishing the Configuration Task
7.6.2 Configuring TCP6 Timers
7.6.3 Configuring the Size of the TCP6 Sliding Window
7.6.4 Checking the Configuration

7.6.1 Establishing the Configuration Task


Applicable Environment
To optimize network performance, you need to adjust the TCP6 parameters.

Pre-configuration Tasks
Before configuring TCP6, complete the following tasks:
l

Connecting and configuring the physical features for the interface and ensuring that the
status of the physical layer of the interface is Up

Configuring the link layer protocol parameters for the interface and ensuring that the status
of the link layer protocol on the interface is Up

Data Preparation
To configure TCP6, you need the following data.
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-13

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

No.

Data

Value of TCP6 FIN-WAIT timer

Value of TCP6 SYN-WAIT timer

Size of TCP6 Sliding Window

7.6.2 Configuring TCP6 Timers


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
tcp ipv6 timer syn-timeout timer-value

The TCP6 SYN-WAIT timer is set.


By default, the SYN-WAIT timer is 75s.
Step 3 Run:
tcp ipv6 timer fin-timeout timer-value

The TCP6 FIN-WAIT timer is set.


By default, the FIN-WAIT timer is 675s.
----End

7.6.3 Configuring the Size of the TCP6 Sliding Window


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
tcp ipv6 window window-size

The size of the TCP6 sliding window is configured.


7-14

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

The size of the TCP6 sliding window ranges from 1 KB to 32 KB. By default, the size of the
TCP6 sliding window is 8 KB.
----End

7.6.4 Checking the Configuration


Prerequisite
The configurations of the TCP6 function are complete.

Procedure
l

Run the display tcp ipv6 statistics command to check related TCP6 statistics.

Run the display tcp ipv6 status command to check the TCP6 connection status.

Run the display udp ipv6 statistics command to check related UDP6 statistics.

Run the display ipv6 socket [ socktype sock-type ] [ task-id sock-id ] command to check
the information of the specified socket.

----End

Example
Run the display tcp ipv6 statistics, display tcp ipv6 status, and display udp ipv6 statistics
commands. If the connection status and statistic of TCP6 and UDP6 are displayed, it means that
the configuration succeeds.
<Quidway> display tcp ipv6 statistics
Received packets:
Total: 0
packets in sequence: 0 (0 bytes)
window probe packets: 0, window update packets: 0
checksum error: 0, offset error: 0, short error: 0
duplicate packets: 0 (0 bytes), partially duplicate packets: 0 (0 bytes)
out-of-order packets: 0 (0 bytes)
packets with data after window: 0 (0 bytes)
packets after close: 0
ACK packets: 0 (0 bytes)
duplicate ACK packets: 0, too much ACK packets: 0
Sent packets:
Total: 0
urgent packets: 0
control packets: 0 (including 0 RST)
window probe packets: 0, window update packets: 0
data packets: 0 (0 bytes) data packets retransmitted: 0 (0 bytes)
ACK only packets: 0 (0 delayed)
Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0
Keepalive timeout: 0, keepalive probe: 0, Keepalive timeout, so connections disc
onnected : 0
Initiated connections: 0, accepted connections: 0, established connections: 0
Closed connections: 0 (dropped: 0, initiated dropped: 0)
<Quidway> display tcp ipv6 status
TCP6CB
Local Address
Foreign Address
State
09e39ae4 3000::2->179
3000::1->49158
Time_Wait
09e36f24 3000::2->49152
3000::1->179
Established
07da08f8 ::->179
::->0
Listening
07d96da8 ::->23
::->0
Listening

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-15

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

<Quidway> display udp ipv6 statistics


Received packets:
Total: 0
checksum error: 0
shorter than header: 0, invalid message length: 0
no socket on port: 0
no multicast port: 0
not delivered, input socket full: 0
input packets missing pcb cache: 0
Sent packets:
Total: 0

Run the display ipv6 socket command. If the related socket information is displayed, it means
that the configuration succeeds.
<Quidway> display ipv6 socket
SOCK_STREAM:
Task = VTYD(14), socketid = 4, Proto = 6,
LA = ::->22, FA = ::->0,
sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0,
socket option = SO_ACCEPTCONN SO_REUSEPORT SO_SENDVPNID,
socket state = SS_PRIV SS_ASYNC
Task = VTYD(14), socketid = 3, Proto = 6,
LA = ::->23, FA = ::->0,
sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0,
socket option = SO_ACCEPTCONN SO_REUSEPORT SO_SENDVPNID,
socket state = SS_PRIV SS_ASYNC
SOCK_DGRAM:
SOCK_RAW:

7.7 Maintaining IPv6


This section describes how to clear IPv6 statistics and debug IPv6.
7.7.1 Resetting IPv6
7.7.2 Monitoring Network Operation Status of IPv6
7.7.3 Debugging IPv6

7.7.1 Resetting IPv6


Context
NOTE

IPv6 statistics cannot restore after you clear it. So, confirm the action before you use the command.

Procedure

7-16

Run the reset ipv6 statistics [ slot 0 ] command in the user view to clear statistics of
processing IPv6 packets after you confirm it.

Run the reset ipv6 pathmtu { all | dynamic | static } command in the user view to clear
PMTU entries in the cache after you confirm it.

Run the reset ipv6 neighbors { all | dynamic | static | vid vlan-id [ interface-type interfacenumber ] | vlanif vlan-id } command in the user view to clear all IPv6 neighbor statistics
after you confirm it.

Run the reset ipv6 routing-table statistics protocol { all | protocol } command in the user
view to clear all IPv6 routing table statistics after you confirm it.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Run the reset tcp ipv6 statistics command in the user view to clear all TCP6 statistics after
you confirm it.

Run the reset udp ipv6 statistics command in the user view to clear all UDP6 statistics
after you confirm it.

----End

7.7.2 Monitoring Network Operation Status of IPv6


Context
In routine maintenance, you can run the following command in any view to check the operation
of IPv6.

Procedure
l

Run the display ipv6 interface [ interface-type interface-number | brief ] command in any
view to check the IPv6 information about the interface.

Run the display ipv6 statistics command in any view to check IPv6 packet statistics.

Run the display ipv6 neighbors [ [ vid vlan-id ] interface-type interface-number ]


command in any view to check contents about the neighbor cache.

Run the display ipv6 pathmtu { ipv6-address | all | dynamic | static } command in any
view to check all PMTU entries.

Run the display udp ipv6 statistics command in any view to check UDP6 statistics.

Run the display ipv6 socket [ socktype sock-type ] [ task-id sock-id ] command in any
view to check information about the specified socket.

Run the display ipv6 fib { begin | include | exclude } regular-expression ] command in
any view to check information about the FIB.

----End

7.7.3 Debugging IPv6


Context
NOTE

Debugging affects the performance of the system. So, after debugging, execute the undo debugging all
command to disable it immediately.

Run the following debugging commands in the user view to debug IPv6 and locate the fault.
For the procedures of displaying the debugging information, refer to the chapter "Information
Center Configuration" in the Quidway S5300 SeriesConfiguration Guide - Device
Management.

Procedure
l

Run the debugging ipv6 icmpv6 command in the user view to debug ICMPv6.

Run the debugging ipv6 nd command in the user view to debug IPv6 neighbors status and
ND messages.

Run the debugging ipv6 packet [ error ] [ acl acl-number ] command in the user view to
debug IPv6 packet.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-17

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

Run the debugging ipv6 pathmtu command in the user view to debug PMTU.

Run the debugging tcp ipv6 { event | packet } [ task-id socket-id ] command in the user
view to debug TCP6.

Run the debugging udp ipv6 packet [ task-id socket-id ] command in the user view to
debug UDP6.

----End

7.8 Configuration Examples


This section provides a configuration example for the IPv6 address.
7.8.1 Example for Configuring an IPv6 Address for an Interface

7.8.1 Example for Configuring an IPv6 Address for an Interface


Networking Requirement
As shown in Figure 7-1, S-switch-A and S-switch-B are connected through VLANIF interfaces.
It is required to configure IPv6 global unicast addresses for the interfaces and test the connectivity
between them.
The IPv6 global unicast addresses to be configured for the interfaces are 3001::1/64 and
3001::2/64.
Figure 7-1 Networking diagram of configuring an IPv6 address for an interface

Vlanif1
3001::1/64
S-switch-A

Vlanif1
3001::2/64
S-switch-B

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enable IPv6 forwarding capability on devices.

2.

Configure IPv6 global unicast addresses for the interfaces.

Data Preparation
To complement the configuration, you need the following data:
l

Global unicast addresses and prefix length of the interfaces

Procedure
Step 1 Enable IPv6 packet forwarding on S-switch-A and S-switch-B.
7-18

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

# Configure S-switch-A
<Quidway> system-view
[Quidway] sysname S-switch-A
[S-switch-A] ipv6

# Configure S-switch-B
<Quidway> system-view
[Quidway] sysname S-switch-B
[S-switch-B] ipv6

Step 2 Configure IPv6 global unicast addresses for the interfaces.


# Configure S-switch-A.
[S-switch-A] vlan 1
[S-switch-A-vlan1] port gigabitethernet0/0/1
[S-switch-A-vlan1] quit
[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] ipv6 address 3001::1/64
[S-switch-A-Vlanif1] quit

# Configure S-switch-B.
[S-switch-B] vlan 1
[S-switch-B-vlan1] port gigabitethernet0/0/1
[S-switch-B-vlan1] quit
[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] ipv6 address 3001::2/64
[S-switch-B-Vlanif1] quit

Step 3 Verify the configuration.


If the configuration succeeds, you can view the configured IPv6 global unicast addresses and
status of the interface and the IPv6 protocol are both Up.
# Display interface information of S-switch-A.
[S-switch-A] display ipv6 interface vlanif 1
Vlanif1 current state : UP
IPv6 protocol current state : UP
IPv6 is enabled, link-local address is FE80::200:FF:FE00:7200
Global unicast address(es):
3001::1, subnet is 3001::/64
Joined group address(es):
FF02::1:FF00:1
FF02::1:FF00:7200
FF02::2
FF02::1
MTU is 1500 bytes
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds
Hosts use stateless autoconfig for addresses

# Display interface information of S-switch-B.


[S-switch-B] display ipv6 interface vlanif 1
Vlanif1 current state :
UP
IPv6 protocol current state : UP
IPv6 is enabled, link-local address is FE80::2D6F:0:7AF3:1
Global unicast address(es):
3001::2, subnet is 3001::/64
Joined group address(es):
FF02::1:FF00:2
FF02::1:FFF3:1
FF02::2
FF02::1

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-19

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration


MTU is 1500 bytes
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds
Hosts use stateless autoconfig for addresses

# On S-switch-A, ping the link-local address of S-switch-B. Note that you need to use the
parameter -i to specify the interface.
[S-switch-A] ping ipv6 fe80::2d6f:0:7af3:1 -i vlanif 1
PING FE80::2D6F:0:7AF3:1 : 56 data bytes, press CTRL_C to break
Reply from FE80::2D6F:0:7AF3:1
bytes=56 Sequence=1 hop limit=64 time = 60 ms
Reply from FE80::2D6F:0:7AF3:1
bytes=56 Sequence=2 hop limit=64 time = 50 ms
Reply from FE80::2D6F:0:7AF3:1
bytes=56 Sequence=3 hop limit=64 time = 50 ms
Reply from FE80::2D6F:0:7AF3:1
bytes=56 Sequence=4 hop limit=64 time = 30 ms
Reply from FE80::2D6F:0:7AF3:1
bytes=56 Sequence=5 hop limit=64 time = 1 ms
--- FE80::2D6F:0:7AF3:1 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/38/60 ms

# On S-switch-A, ping the global unicast IPv6 address of S-switch-B.


[ S-switch-A] ping ipv6 3001::2
PING 3001::2 : 56 data bytes, press CTRL_C to break
Reply from 3001::2
bytes=56 Sequence=1 hop limit=64 time = 30 ms
Reply from 3001::2
bytes=56 Sequence=2 hop limit=64 time = 50 ms
Reply from 3001::2
bytes=56 Sequence=3 hop limit=64 time = 50 ms
Reply from 3001::2
bytes=56 Sequence=4 hop limit=64 time = 20 ms
Reply from 3001::2
bytes=56 Sequence=5 hop limit=64 time = 40 ms
--- 3001::2 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/38/50 ms

----End

Configuration Files
l

Configuration file of S-switch-A


#
sysname S-switch-A
#
ipv6
#
interface Vlanif1
ipv6 address 3001::1/64
#
interface GigabitEthernet0/0/1
port default vlan 1

Configuration file of S-switch-B


#
sysname S-switch-B
#
ipv6

7-20

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

7 Basic IPv6 Configuration

#
interface Vlanif1
ipv6 address 3001::2/64
#
interface GigabitEthernet0/0/1
port default vlan 1

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-21

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

IPv6 over IPv4 Tunnel Configuration

About This Chapter


This chapter describes the IPv6 over IPv4 tunnel fundamentals. It also describes configuration
steps for IPv6 over IPv4 tunnel configuration, along with typical examples.
8.1 Introduction to IPv6 over IPv4
8.2 IPv6 over IPv4 Supported by the S-switch
8.3 Configuring IPv4/IPv6 Dual Stacks
This section describes how to enable the IPv4/IPv6 dual protocol stacks.
8.4 Configuring an IPv6 over IPv4 Tunnel
This section describes how users in IPv6 networks communicate across an IPv4 network.
8.5 Configuration Examples
This section provides several configuration examples of IPv6 over IPv4 tunnels.

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-1

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

8.1 Introduction to IPv6 over IPv4


During the transition from the IPv4 Internet to the IPv6 Internet, IPv4 networks have been widely
deployed while IPv6 domains are isolated and dispersed around the world. It is not economical
to connect these isolated sites with private lines.
The usual method is tunnel technology. This technology creates tunnels over IPv4 networks to
connect isolated IPv6 domains. This is similar to the situation where the tunnel technology is
used to deploy VPNs on the IP networks.
The tunnel used to connect isolated IPv6 domains over IPv4 networks is called IPv6 over IPv4
tunnel. To implement this tunnel, enable IPv4/IPv6 dual stacks on the devices at the border of
the IPv4 network and the IPv6 network.

8.2 IPv6 over IPv4 Supported by the S-switch


Dual Stacks
The simplest way for an IPv6 node to remain compatible with an IPv4 node is to reserve a
complete IPv4 protocol stack. In this way, the IPv6 node maintains a dual-stack structure. Figure
8-1 shows a single stack structure and a dual stack structure.
Figure 8-1 Single stack and dual stack structures (Ethernet)

IPv4 Application
TCP

UDP

IPv4/IPv6 Application
TCP

UDP

IPv4

IPv4
Protocol ID:
0x0800
Ethernet
IPv4 Stack

IPv6
Protocol ID: Protocol ID:
0x86DD
0x0800
Ethernet
Dual Stack

The characteristics of the dual-stack structure are as follows:


l

Supported by multiple link layer protocols


Multiple link layer protocols, such as Ethernet, support dual stacks. The link layer in the
above diagram is the Ethernet. For an Ethernet frame with the protocol ID field value of
0x0800 indicates that the network layer has IPv4 packets. The ID field value of 0x86DD
indicates that the network has IPv6 packets.

8-2

Supported by multiple applications


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Multiple applications such as DNS, FTP and Telnet support dual stacks. The upper
application, such as DNS, can select TCP or UDP as its transport layer protocol. However,
it prefers the IPv6 protocol stack rather than IPv4 to be the network layer protocol.

IPv6 over IPv4 Tunnel


Figure 8-2 shows principles of the IPv6 over IPv4 tunnel technology.
1.

Enabling IPv4/IPv6 dual stacks


Enable IPv4/IPv6 dual stacks on the border device.

2.

Encapsulating IPv6 packets


After receiving a packet from the IPv6 network, the border device takes the received IPv6
packet as the payload, adds an IPv4 packet header before the payload and encapsulates it
into an IPv4 packet if it finds that the destination of the packet is not for itself.

3.

Transmitting the encapsulated packet


In the IPv4 network, the encapsulated packet is transmitted to the peer border device.

4.

Decapsulating the packet


The peer border device decapsulates the packet, removes the IPv4 packet header, and
forwards the resulting IPv6 packet to the remote IPv6 network.

Figure 8-2 Schematic diagram of IPv6 over IPv4 tunnel

Dual Stack

Dual Stack
IPv4
Tunnel

IPv6
IPv6 host
IPv6 Header

IPv6 Data
IPv4 Header IPv6 Header

IPv6
IPv6 Header

IPv6 host
IPv6 Data

IPv6 Data

The virtual tunnel that transmits IPv6 packets between the border devices is called the IPv6 over
IPv4 tunnel. Tunnels can be classified according to their setup modes.
The common IPv6 over IPv4 tunnel modes include:
l

IPv6 over IPv4 manual tunnels

6to4 tunnels

Intrasite Automatic Tunnel Addressing Protocol (ISATAP) tunnels

IPv6 over IPv4 Manual Tunnel


An IPv6 over IPv4 manual tunnel is set up by configuring the border devices of two tunnel ends.
The source IPv4 address and destination IPv4 address of such a tunnel must be configured
statically.
A manual tunnel is equivalent to a permanent link between two IPv6 networks over an IPv4
backbone network. It is the fixed channel for regular and secure communication between the
two border devices.
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-3

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

The manual tunnel can be used between isolated IPv6 networks. It can also be used between a
border device and a host. In this case, the host and the device on both ends of the tunnel must
support the IPv4 and the IPv6 protocol stacks.

6to4 Tunnel
A 6to4 tunnel is a mechanism that connects several isolated IPv6 domains to each other over an
IPv4 network. The 6to4 tunnel can be configured on the border device between the isolated IPv6
network and the IPv4 network. The border device on both the ends of the 6to4 tunnel must
support the IPv4 and the IPv6 dual protocol stacks at the same time.
The key difference between the 6to4 tunnel and the manual tunnel is that the former can be a
point-to-multipoint connection, and the latter is only a point-to-point connection. Hence, the
devices of the 6to4 tunnel are not configured in pairs.
The 6to4 tunnel can automatically find another end of the tunnel, like the automatic tunnel. You
need not specify the IPv4-compatible IPv6 address for it.
The 6to4 tunnel uses a kind of special IPv6 address, namely the 6to4 address with the following
format:
2002:IPv4 address: subnet ID:interface ID
The prefix of the 6to4 address is 2002:IPv4 address with the length of 48 bits. Of these, the IPv4
address is a globally unique one requested for an isolated IPv6 domain. This IPv4 address must
be configured on the IPv6/IPv4 border device's physical interface that is connected with the IPv4
network. The length of the subnet ID is 16 bits, and that of the interface ID is 64 bits. Both the
subnet ID and the interface ID are allocated in the isolated IPv6 domains.
As shown in Figure 8-3, Site1 and Site2 are 6to4 networks, and hosts and devices in the 6to4
network are allocated with 6to4 addresses. The IPv4 address contained in the 6to4 address of
the host or device in Site1 is the IPv4 address of the interface through which S-switch-A accesses
the IPv4 network. Similarly, the IPv4 address contained in the 6to4 address of the host or device
in Site2 is the IPv4 address of the interface through which S-switch-B accesses the IPv4 network.
S-switch-A and S-switch-B are both 6to4 devices.
Figure 8-3 6to4 tunnel and 6to4 relay

6to4
Router

6to4
Network
Site1

6to4
Router
IPv4
Network

S-switch-A
S-switch-C

6to4
Network
Site2
S-switch-B
6to4
Relay
IPv6
Internet
Site3

When the host in Site1 accesses the host in Site2, the process concerned is as follows:
8-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

1.

The IPv6 packet is transmitted to S-switch-A.

2.

S-switch-A checks the destination address of the IPv6 packet and finds that the address is
the 6to4 address, from which S-switch-A obtains the remote IPv4 address of the 6to4 tunnel.

3.

S-switch-A encapsulates this IPv6 packet into the IPv4 packet. The destination address of
IPv4 packet header is the remote IPv4 address of the tunnel, and its source address is the
local IPv4 address of the tunnel.

4.

S-switch-A forwards the IPv4 packet in the IPv4 network to S-switch-B.

5.

S-switch-B decapsulates it to obtain the previous IPv6 packet, and then sends the IPv6
packet to the destination host in Site2.

The above process implements the communication between the 6to4 networks. To implement
the communication between the 6to4 network and native IPv6 network, a 6to4 relay device is
needed. The so-called native IPv6 network means that both its internal host and device are not
configured with the 6to4 address.
The 6to4 relay device is the gateway between the 6to4 network and the native IPv6 network.
One side of the 6to4 relay device is connected to the native IPv6 network; the other side is
connected to the IPv4 network and creates the 6to4 tunnel with the 6to4 device.
As shown in Figure 8-3, when the host in the 6to4 network accesses the IPv6 Internet, the process
concerned is as follows:
1.

The IPv6 packet is routed to S-switch-A.

2.

A 6to4 tunnel is created between S-switch-A and S-switch-C.

3.

The IPv6 packet is encapsulated into the IPv4 packet and is sent to S-switch-C.

4.

S-switch-C decapsulates the IPv4 packet to obtain the previous IPv6 packet, and sends the
IPv6 packet to the destination host in the IPv6 Internet.

ISATAP Tunnel
The ISATAP tunnel is used when the IPv4/IPv6 host in an IPv4 network accesses an IPv6
network. The ISATAP tunnel can be created between an ISATAP host and an ISATAP device.
The ISATAP format address is needed to create the ISATAP tunnel. Its structure is as follows:
Prefix (64bit)::5EFE:IPv4-Address
When the ISATAP tunnel is created (since the IPv4/IPv6 host and the ISATAP device are in a
same IPv4 network), the IPv4 address embedded into the ISATAP address can be either a public
network address or a private network address.
As shown in Figure 8-4, the process for an IPv4/IPv6 host to obtain an IPv6 address is as follows:
1.

The IPv4/IPv6 host sends a request message to a device.


The IPv4/IPv6 host uses the link-local address in the ISATAP format to send a router
request message to the ISATAP device. It encapsulates the message into the IPv4 packet.

2.

The ISATAP device responds to the request message.


The ISATAP device uses a router notification message to respond to the request. The router
notification message contains the ISATAP prefix, which is manually configured on the
device.

3.
Issue 04 (2010-01-25)

The IPv4/IPv6 host obtains its IPv6 address.


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

8-5

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

The IPv4/IPv6 host obtains its own IPv6 address by combining the ISATAP prefix with
5EFE:IPv4-Address, and uses this address to access the IPv6 host.
Figure 8-4 ISATAP tunnel

IPv6
Host

IPv4
Network
ISATAP Tunnel

IPv6
Network
ISATAP
Router

IPv4/IPv6 Host
2.1.1.1
FE80::5EFE:0201:0101
3FFE::5EFE:0201:0101

The principle of an IPv4 or IPv6 host accessing an IPv6 network is as follows:


1.

The IPv4 or IPv6 host in the IPv4 network obtains an IPv6 address based on the steps given
above.

2.

The IPv4 or IPv6 host sends packets that are encapsulated in an IPv4 packet to the host in
the IPv6 network.

3.

An ISATAP device decapsulates the IPv4 packet and sends the IPv6 packets to the IPv6
host.

8.3 Configuring IPv4/IPv6 Dual Stacks


This section describes how to enable the IPv4/IPv6 dual protocol stacks.
8.3.1 Establishing the Configuration Task
8.3.2 Enabling IPv6 Packet Forwarding
8.3.3 Configuring IPv4 and IPv6 Addresses for the Interface

8.3.1 Establishing the Configuration Task


Applicable Environment
If a device has both IPv4 and IPv6 connections, the IPv4/IPv6 dual protocol stacks need to be
enabled on the device.
Enabling the IPv4/IPv6 dual protocol stacks on the S-switch is a simple process. Enable the IPv6
packet forwarding capacity in the system view and configure an IPv4 address or IPv6 address
on the corresponding interface. The device can then forward IPv4 and IPv6 packets on the
corresponding interface.

Pre-configuration Tasks
Before configuring IPv6 tunnels, complete the following tasks:
8-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Configuring the physical parameters for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring the link layer parameters for the interface

Data Preparation
To configure IPv4/IPv6 dual stacks, you need the following data.
No.

Data

Type and number of the interface connected with the IPv4 network

IPv4 address and mask of the interface connected with the IPv4 network

Type and number of the interface connected with the IPv6 network

IPv6 address and prefix of the interface connected with the IPv6 network

8.3.2 Enabling IPv6 Packet Forwarding


Context
Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6

The IPv6 packet forwarding capability is enabled.


To enable a device to forward IPv6 packets, you must run this command in the system view;
otherwise, the IPv6 protocol status on the interface is Down and the device cannot forward IPv6
packets although the interface is configured with an IPv6 address.
By default, the IPv6 packet forwarding capability is disabled.
----End

8.3.3 Configuring IPv4 and IPv6 Addresses for the Interface


Context
Do as follows on the S-switch:
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-7

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface vlanif vlan-id

The interface view of the IPv4 network is displayed.


Step 3 Run:
ip address ip-address { mask | mask-length }

An IPv4 address is assigned to the interface.


Step 4 Run:
quit

Return to the system view.


Step 5 Run:
interface vlanif vlan-id

The interface view of the IPv6 network is displayed.


Step 6 Perform the following configuration as required.
l

Run:
ipv6 address auto link-local

The link-local address is set to be automatically generated.


l

Run:
ipv6 address ipv6-address link-local

The link-local address of the interface is configured.


l

Run:
ipv6 address { ipv6-address prefix-length | ipv6-address / prefix-length }

The global unicast address is configured.


l

Run:
ipv6 address ipv6-address / prefix-length [ eui-64 ]

The IPv6 EUI-64 address is configured.


----End

8.4 Configuring an IPv6 over IPv4 Tunnel


This section describes how users in IPv6 networks communicate across an IPv4 network.
8.4.1 Establishing the Configuration Task
8.4.2 Enabling the Service Loopback Function on an Eth-Trunk Interface
8.4.3 Configuring an IPv6 over IPv4 Manual Tunnel
8.4.4 Configuring a 6to4 Tunnel
8.4.5 Configuring an ISATAP Tunnel
8-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

8.4.6 Configuring Routes in the Tunnel


8.4.7 Checking the Configuration

8.4.1 Establishing the Configuration Task


Applicable Environment
To enable communication between two IPv6 networks over the IPv4 network, configure an IPv6
over IPv4 tunnel on the border device of the IPv4 and IPv6 networks.

Pre-configuration Tasks
Before configuring an IPv6 over IPv4 tunnel, complete the following tasks:
l

Configuring the physical parameters for the interface and ensuring that the status of the
physical layer of the interface is Up

Configuring the link layer protocol for the interface and ensuring that the status of the link
layer protocol on the interface is Up

Configuring the IPv4/IPv6 dual-protocol stacks

Data Preparation
To configure an IPv6 over IPv4 tunnel, you need the following data.
No.

Data

Number, IPv6 address and prefix length of the tunnel

Encapsulation mode of packets over the tunnel

Source IPv4 address or interface number of the tunnel

Destination IPv4 address of the tunnel

8.4.2 Enabling the Service Loopback Function on an Eth-Trunk


Interface
Context
Before enabling the service loopback function on an Eth-Trunk interface, note the following:
l

You need to create an Eth-Trunk interface and keep it in the Up state before enabling the
service loopback function.

Only one interface enabled with the service loopback function is needed on a device.

Do as follows on the S-switch.


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-9

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface eth-trunk trunk-id

The Eth-Trunk interface view is displayed.


Step 3 Run:
service-type tunnel

The Eth-Trunk interface is enabled with the service loopback function.


----End

8.4.3 Configuring an IPv6 over IPv4 Manual Tunnel


Context
Note the following when configuring an IPv6 over IPv4 manual tunnel:
l

Create only one interface enabled with the service loopback function on a device first, and
keep it in the Up state.

Before configuring other parameters of an IPv6 tunnel, you must create a tunnel interface.

You need to conduct the following configurations on the devices on both the ends of the
tunnel. During the configuration, note that the source address of the local tunnel end is the
destination address set for the remote tunnel end; the destination address of the local tunnel
end is the source address set for the remote tunnel end.

To support dynamic routing protocol, you also need to configure the tunnel interface with
a network address.

Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6

IPv6 is enabled on the device.


Step 3 Run:
interface tunnel interface-number

The tunnel interface is created.


Step 4 Run:
tunnel-protocol ipv6-ipv4

8-10

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

The tunnel is specified be an IPv6 over IPv4 manual tunnel.


Step 5 Run:
source vlanif vlan-id

The source interface of the tunnel is specified.


Step 6 Run:
destination ipv4-address

The destination address of the tunnel is specified.


NOTE

The destination address of the tunnel can be the address of a physical interface or the address of a loopback
interface.

Step 7 Run:
ipv6 address { ipv6-address prefix-length | ipv6-address / prefix-length }

The tunnel interface is configured with an IPv6 address.


----End

8.4.4 Configuring a 6to4 Tunnel


Context
Note the following when configuring a 6to4 tunnel:
l

Create only one interface enabled with the service loopback function on a device first, and
keep it in the Up state.

Before configuring other parameters of the tunnel, create a tunnel interface.

When the specified source interface of the tunnel is a physical interface, it is recommended
to set the tunnel ID to be the same as the number of the physical interface.

When configuring a 6to4 tunnel, you need to specify only the source tunnel interface. The
destination address of the tunnel is automatically obtained from the destination IP address
field carried in the original IPv6 packet. Note that the source interface of the 6to4 tunnel
must be unique.

On the border device, configure a 6to4 address on the interface that is connected with the
6to4 network, and configure an IPv4 address on the interface that is connected with the
IPv4 network. To make the tunnel support the routing protocol, configure an IP address for
the tunnel interface.

Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
ipv6

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-11

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

IPv6 is enabled on the device.


Step 3 Run:
interface tunnel interface-number

A tunnel interface is created.


Step 4 Run:
tunnel-protocol ipv6-ipv4 6to4

The tunnel is specified as a 6to4 tunnel.


Step 5 Run:
source vlanif vlan-id

The source interface of the tunnel is specified.


Step 6 Run:
ipv6 address { ipv6-address prefix-length | ipv6-address / prefix-length }

The interface is configured with an IPv6 address.


----End

8.4.5 Configuring an ISATAP Tunnel


Context
Note the following when configuring an ISATAP tunnel:
l

Create only one interface enabled with the service loopback function on a device first, and
keep it in the Up state.

Before configuring other parameters of the tunnel, create a tunnel interface.

When the specified source interface of the tunnel is a physical interface, it is recommended
to set the tunnel ID to be the same as the number of the physical interface.

When configuring an ISATAP tunnel, you need to specify only the source address of the
tunnel. The destination address of the tunnel is automatically obtained from the destination
IP address field carried in the original IPv6 packet. Note that the source interface of the
ISATAP tunnel must be unique.

The IPv6 address configured on the tunnel interface is an ISATAP address with a prefix
length of 64 bits.

Do as follows on the S-switch:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
interface tunnel interface-number

A tunnel interface is created.


8-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Step 3 Run:
tunnel-protocol ipv6-ipv4 isatap

The tunnel is specified as an ISATAP tunnel.


Step 4 Run:
source { ipv4-address | interface-type interface-number }

The source address or source interface of the tunnel is specified.


Step 5 Run:
ipv6 address { ipv6-address prefix-length | ipv6-address / prefix-length }

The tunnel interface is configured with an IPv6 address.


Step 6 Run:
undo ipv6 nd ra halt

The device is allowed to advertise routes.


----End

8.4.6 Configuring Routes in the Tunnel


Context
Routes for forwarding must exist on the source device and the destination device of the tunnel,
ensuring normal packet forwarding.
Configuring routes in the tunnel comprises configuring static routes and dynamic routes.
l

You can configure the static route by manually configuring the route to the destination
address (the destination address specified before encapsulating packets rather than the
destination address of the tunnel), and configure the next hop as the address of the peer
tunnel interface.

You can enable dynamic routing protocol on the tunnel interface connected to the private
networks and on the device interface.

8.4.7 Checking the Configuration


Prerequisite
The configurations of the IPv6 over IPv4 Tunnel function are complete.

Procedure
Step 1 Run the display interface tunnel [ interface-number ] [ verbose ] [ | { begin | exclude |
include } regular-expression ] command to check the operation status of a tunnel interface.
Step 2 Run the display ipv6 interface tunnel interface-number command to check the IPv6 attributes
of a tunnel interface.
----End
Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-13

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

Example
Run the display interface tunnel command. If the tunnel interface is Up and is configured with
a source address, a destination address and the protocol type, it means that the configuration
succeeds.
<Quidway> display interface tunnel 0/0/3
Tunnel0/0/3 current state : UP
Line protocol current state : DOWN
Description : HUAWEI, Quidway Series, Tunnel0/0/3 Interface, Route Port
The Maximum Transmit Unit is 1500 bytes
Internet protocol processing : disabled
Encapsulation is TUNNEL, loopback not set
Tunnel source 192.168.51.2 (Vlanif1), destination 192.168.50.2
Tunnel protocol/transport IPv6 over IPv4
5 minutes input rate 0 bits/sec, 0 packets/sec
5 minutes output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error

Run the display ipv6 interface tunnel command. If the IPv6 packets forwarding is enabled,
you can see the state of tunnel interface is Up, the state of IPv6 protocol is Up, source address
and ND parameters.
<Quidway> display ipv6 interface tunnel 0/0/3
Tunnel0/0/3 current state : UP
IPv6 protocol current state : UP
IPv6 is enabled, link-local address is FE80::C0A8:3302
Global unicast address(es):
3001::2, subnet is 3001::/64
Joined group address(es):
FF02::1:FFA8:3302
FF02::1:FF00:2
FF02::2
FF02::1
MTU is 1500 bytes
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds
Hosts use stateless autoconfig for addresses

8.5 Configuration Examples


This section provides several configuration examples of IPv6 over IPv4 tunnels.
8.5.1 Example for Configuring an IPv6 over IPv4 Manual Tunnel
8.5.2 Example for Configuring a 6to4 Tunnel
8.5.3 Example for Configuring an ISATAP Tunnel

8.5.1 Example for Configuring an IPv6 over IPv4 Manual Tunnel


Networking Requirements
As shown in Figure 8-5, two IPv6 networks are connected to S-switch-B in the IPv4 backbone
network respectively through S-switch-A and S-switch-C. To enable communication between
two IPv6 networks, configure an IPv6 over IPv4 manual tunnel between S-switch-A and Sswitch-C.
8-14

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Figure 8-5 Networking diagram of the IPv6 over IPv4 manual tunnel

Vlanif1
192.168.50.1/24

S-switch-B

GE0/0/1

Vlanif2
192.168.51.1/24
GE0/0/2

GE0/0/1
S-switch-C
IPv4 network
Vlanif1
192.168.50.2/24
Vlanif2
IPv6
192.168.51.2/24
Dual
Dual
Stack
Stack

S-switch-A GE0/0/1
IPv6

Configuration Roadmap
The configuration roadmap of IPv6 over IPv4 manual tunnel is as follows:
1.

Enabling the service loopback function on an Eth-Trunk interface.

2.

Configure IP addresses for physical interfaces.

3.

Configure IPv6 addresses, the source interface, and the destination addresses for the tunnel
interfaces.

4.

Set the tunnel protocol as IPv6-IPv4.

Data Preparation
To complete the configuration, you need the following data:
l

IP addresses of interfaces

IPv6 addresses, the source interfaces and the destination addresses of the tunnel interfaces

Procedure
Step 1 Configure S-switch-A.
# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/1
[Quidway-GigabitEthernet0/0/1] eth-trunk 1
[Quidway-GigabitEthernet0/0/1] quit

# Configure an IP address for the VLANIF interface.


[Quidway] sysname S-switch-A
[S-switch-A] ipv6
[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] ip address 192.168.50.2 255.255.255.0
[S-switch-A-Vlanif1] quit

# Set the tunnel protocol as IPv6-IPv4.


Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-15

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

[S-switch-A] interface tunnel 0/0/1


[S-switch-A-Tunnel0/0/1] tunnel-protocol ipv6-ipv4

# Configure the IPv6 address, source interface, and destination address for the tunnel interface.
[S-switch-A-Tunnel0/0/1]
[S-switch-A-Tunnel0/0/1]
[S-switch-A-Tunnel0/0/1]
[S-switch-A-Tunnel0/0/1]
[S-switch-A-Tunnel0/0/1]

ipv6 enable
ipv6 address 3001::1/64
source vlanif 1
destination 192.168.51.2
quit

# Configure static routes.


[S-switch-A] ip route-static 192.168.51.2 255.255.255.0 192.168.50.1

Step 2 Configure S-switch-B.


# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/2
[Quidway-GigabitEthernet0/0/2] eth-trunk 1
[Quidway-GigabitEthernet0/0/2] quit

# Configure an IP address for the VLANIF interface.


[Quidway] sysname S-switch-B
[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] ip address 192.168.50.1 255.255.255.0
[S-switch-B-Vlanif1] quit
[S-switch-B] interface vlanif 2
[S-switch-B-Vlanif2] ip address 192.168.51.1 255.255.255.0
[S-switch-B-Vlanif2] quit

Step 3 Configure S-switch-C.


# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/1
[Quidway-GigabitEthernet0/0/1] eth-trunk 1
[Quidway-GigabitEthernet0/0/1] quit

# Configure an IP address for the VLANIF interface.


[Quidway] sysname S-switch-C
[S-switch-C] ipv6
[S-switch-C] interface vlanif 1
[S-switch-C-Vlanif1] ip address 192.168.51.2 255.255.255.0
[S-switch-C-Vlanif1] quit

# Set the tunnel protocol as IPv6-IPv4.


[S-switch-C] interface tunnel 0/0/1
[S-switch-C-Tunnel0/0/1] tunnel-protocol ipv6-ipv4

# Configure the IPv6 address, source interface, and destination address for the tunnel interface.
[S-switch-C-Tunnel0/0/1]
[S-switch-C-Tunnel0/0/1]
[S-switch-C-Tunnel0/0/1]
[S-switch-C-Tunnel0/0/1]

ipv6 address 3001::2/64


source vlanif 1
destination 192.168.50.2
quit

# Configure a static route.


8-16

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

[S-switch-C] ip route-static 192.168.50.2 255.255.255.0 192.168.51.1

Step 4 Verify the configuration.


# On S-switch-C, ping the IPv4 address of the interface VLANIF1 of S-switch-A. S-switch-C
can receive response packets from S-switch-A.
[S-switch-C] ping 192.168.50.2
PING 192.168.50.2: 56 data bytes, press CTRL_C to break
Reply from 192.168.50.2: bytes=56 Sequence=1 ttl=255 time=84 ms
Reply from 192.168.50.2: bytes=56 Sequence=2 ttl=255 time=27 ms
Reply from 192.168.50.2: bytes=56 Sequence=3 ttl=255 time=25 ms
Reply from 192.168.50.2: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 192.168.50.2: bytes=56 Sequence=5 ttl=255 time=24 ms
--- 192.168.50.2 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/32/84 ms

# On S-switch-C, ping the IPv6 address of Tunnel 0/0/1 of S-switch-A. S-switch-C can receive
response packets from S-switch-A.
[S-switch-C] ping ipv6 3001::1
PING 3001::1 : 56 data bytes, press
Reply from 3001::1
bytes=56 Sequence=1 hop limit=255
Reply from 3001::1
bytes=56 Sequence=2 hop limit=255
Reply from 3001::1
bytes=56 Sequence=3 hop limit=255
Reply from 3001::1
bytes=56 Sequence=4 hop limit=255
Reply from 3001::1
bytes=56 Sequence=5 hop limit=255
--- 3001::1 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 26/26/28 ms

CTRL_C to break
time = 28 ms
time = 27 ms
time = 26 ms
time = 27 ms
time = 26 ms

----End

Configuration File
l

Configuration file of S-switch-A


#
sysname S-switch-A
#
ipv6
#
interface Vlanif1
ip address 192.168.50.2 255.255.255.0
#
interface Eth-Trunk1
service-type tunnel
#
interface Tunnel0/0/1
ipv6 address 3001::1/64
tunnel-protocol ipv6-ipv4
source Vlanif1
destination 192.168.51.2
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
ip route-static 192.168.51.0 255.255.255.0 192.168.50.1

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-17

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

#
return
l

Configuration file of S-switch-B


#
sysname S-switch-B
#
interface Vlanif1
ip address 192.168.50.1 255.255.255.0
#
interface Vlanif2
ip address 192.168.51.1 255.255.255.0
#
interface Eth-Trunk1
service-type tunnel
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
return

Configuration file of S-switch-C


#
sysname S-switch-C
#
ipv6
#
interface Vlanif1
ip address 192.168.51.2 255.255.255.0
#
interface Eth-Trunk1
service-type tunnel
#
interface Tunnel0/0/1
ipv6 address 3001::2/64
tunnel-protocol ipv6-ipv4
source Vlanif1
destination 192.168.50.2
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
ip route-static 192.168.50.0 255.255.255.0 192.168.51.1
#
return

8.5.2 Example for Configuring a 6to4 Tunnel


Networking Requirements
As shown in Figure 8-6, two IPv6 networks are both 6to4 networks. S-switch-A and Sswitch-B are connected with the 6to4 network and the IPv4 network. To enable communication
between the hosts in the two 6to4 network, it is required to set up a 6to4 tunnel between Sswitch-A and S-switch-B.
To enable communication between 6to4 networks, configure 6to4 addresses for the hosts in the
6to4 network. A 6to4 address has a 48-bit prefix composed of 2002:IPv4 address:. As shown
in Figure 8-6, the IPv4 address of the interface through which A is connected to the IPv4 network
is 2.1.1.1. Therefore, the 6to4 address of A in the 6to4 network should start with
2002:0201:0101::.

8-18

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Figure 8-6 Networking diagram of the 6to4 tunnel

IPv4
6to4
6to4
Router
Router
S-switch-B
S-switch-A GE0/0/2
GE0/0/2 Vlanif2
Vlanif2
2002:201:102:1::1/64
Vlanif1
Vlanif1
2002:201:101:1::1/64
2.1.1.1 2.1.1.2
GE0/0/1
GE0/0/1
Tunnel 0/0/1
Tunnel 0/0/1
2002:201:101::1/64
2002:201:102::1/64
PC2
PC1
IPv6

2002:201:101:1::2

2002:201:102:1::2

IPv6

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enabling the service loopback function on an Eth-Trunk interface.

2.

Configure IPv4/IPv6 dual-protocol stacks.

3.

Configure the tunnel protocol as 6to4.

4.

Configure related routes.

Data Preparation
To complete the configuration, you need the following data:
l

IPv4 or IPv6 addresses of interfaces

Source tunnel interface

Procedure
Step 1 Configure S-switch-A.
# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/2
[Quidway-GigabitEthernet0/0/2] eth-trunk 1
[Quidway-GigabitEthernet0/0/2] quit

# Configure IPv4/IPv6 dual protocol stacks.


[Quidway] sysname S-switch-A
[S-switch-A] ipv6
[S-switch-A] interface vlanif 1
[S-switch-A-Vlanif1] ip address 2.1.1.1 8
[S-switch-A-Vlanif1] quit

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-19

8 IPv6 over IPv4 Tunnel Configuration

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

[S-switch-A] interface vlanif 2


[S-switch-A-Vlanif2] ipv6 address 2002:0201:0101:1::1/64
[S-switch-A-Vlanif2] quit

# Configure a 6to4 tunnel.


[S-switch-A] interface tunnel 0/0/1
[S-switch-A-Tunnel0/0/1] tunnel-protocol ipv6-ipv4 6to4
[S-switch-A-Tunnel0/0/1] ipv6 address 2002:0201:0101::1/64
[S-switch-A-Tunnel0/0/1] source vlanif 1
[S-switch-A-Tunnel0/0/1] quit

# Configure a route to other 6to4 networks.


[S-switch-A] ipv6 route-static 2002:: 16 tunnel 0/0/1

Step 2 Configure S-switch-B.


# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/2
[Quidway-GigabitEthernet0/0/2] eth-trunk 1
[Quidway-GigabitEthernet0/0/2] quit

# Configure IPv4/IPv6 dual protocol stacks.


[Quidway] sysname S-switch-B
[S-switch-B] ipv6
[S-switch-B] interface vlanif 1
[S-switch-B-Vlanif1] ip address 2.1.1.2 8
[S-switch-B-Vlanif1] quit
[S-switch-B] interface vlanif 2
[S-switch-B-Vlanif2] ipv6 address 2002:0201:0102:1::1/64
[S-switch-B-Vlanif2] quit

# Configure a 6to4 tunnel.


[S-switch-B] interface tunnel 0/0/1
[S-switch-B-Tunnel0/0/1] tunnel-protocol ipv6-ipv4 6to4
[S-switch-B-Tunnel0/0/1] ipv6 address 2002:0201:0102::1/64
[S-switch-B-Tunnel0/0/1] source vlanif 1
[S-switch-B-Tunnel0/0/1] quit

# Configure a route to other 6to4 networks.


[S-switch-B] ipv6 route-static 2002:: 16 tunnel 0/0/1
NOTE

There must be an accessible route between S-switch-A and S-switch-B. In this example, both the devices
are directly connected; therefore, no routing protocol needs to be configured.

Step 3 Verify the configuration.


# Check the IPv6 state of Tunnel 0/0/1 on S-switch-A and find it is UP.
[S-switch-A] display ipv6 interface tunnel 0/0/1
Tunnel0/0/1 current state : UP
IPv6 protocol current state : UP
IPv6 is enabled, link-local address is FE80::201:101
Global unicast address(es):
2002:201:101::1, subnet is 2002:201:101::/64
Joined group address(es):
FF02::1:FF01:101
FF02::1:FF00:1
FF02::2

8-20

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

FF02::1
MTU is 1500 bytes
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds
Hosts use stateless autoconfig for addresses

# S-switch-A can ping through the 6to4 address of VLANIF2 of S-switch-B.


[S-switch-A] ping ipv6 2002:0201:0102:1::1
PING 2002:0201:0102:1::1 : 56 data bytes, press CTRL_C to break
Reply from 2002:201:102:1::1
bytes=56 Sequence=1 hop limit=255 time = 8 ms
Reply from 2002:201:102:1::1
bytes=56 Sequence=2 hop limit=255 time = 25 ms
Reply from 2002:201:102:1::1
bytes=56 Sequence=3 hop limit=255 time = 4 ms
Reply from 2002:201:102:1::1
bytes=56 Sequence=4 hop limit=255 time = 5 ms
Reply from 2002:201:102:1::1
bytes=56 Sequence=5 hop limit=255 time = 5 ms
--- 2002:0201:0102:1::1 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/9/25 ms

----End

Configuration Files
l

Configuration file of S-switch-A


#
sysname S-switch-A
#
ipv6
#
interface Vlanif1
ip address 2.1.1.1 255.0.0.0
#
interface Vlanif2
ipv6 address 2002:201:101:1::1/64
#
interface Eth-Trunk1
service-type tunnel
#
interface Tunnel 0/0/1
ipv6 address 2002:201:101::1/64
tunnel-protocol ipv6-ipv4 6to4
source vlanif 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
ipv6 route-static 2002:: 16 Tunnel 0/0/1
#
return

Configuration file of S-switch-B


#
sysname S-switch-B
#
ipv6
#
interface Vlanif1
ip address 2.1.1.2 255.0.0.0
#
interface Vlanif2

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-21

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration


ipv6 address 2002:201:102:1::1/64
#
interface Eth-Trunk1
service-type tunnel
#
interface Tunnel 0/0/1
ipv6 address 2002:201:102::1/64
tunnel-protocol ipv6-ipv4 6to4
source vlanif1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
ipv6 route-static 2002:: 16 Tunnel 0/0/1
#
return

8.5.3 Example for Configuring an ISATAP Tunnel


Network Requirements
As shown in Figure 8-7, an IPv6 host in the IPv4 network running the Windows XP system
needs to access the IPv6 network through a border device. Both the IPv6 host and the border
device support ISATAP. Then you need to set up an ISATAP tunnel between the IPv6 host and
the border device.
Figure 8-7 Networking diagram of the ISATAP tunnel

IPv4
network

IPv6
network
GE0/0/1

Vlanif1
3001::1/64
IPv6 Host
3001::2

GE0/0/2

ISATAP
Router

Vlanif2
2.1.1.1/8

ISATAP Host

FE80::5EFE:0201:0102
2.1.1.2
2001::5EFE:0201:0102

Configuration Roadmap
The configuration roadmap is as follows:
1.

Enabling the service loopback function on an Eth-Trunk interface.

2.

Configure IPv4/IPv6 dual protocol stacks.

3.

Configure an ISATAP tunnel.

4.

Configure static routes from the IPv6 host to the ISATAP host.

Data Preparation
To complete the configuration, you need the following data:

8-22

IPv4 or IPv6 addresses of interfaces

Source interface of the tunnel


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

Procedure
Step 1 Configure the ISATAP device.
# Enabling the service loopback function on an Eth-Trunk interface.
<Quidway> system-view
[Quidway] interface eth-trunk 1
[Quidway-Eth-Trunk1] service-type tunnel
[Quidway-Eth-Trunk1] quit
[Quidway] interface gigabitethernet 0/0/2
[Quidway-GigabitEthernet0/0/2] eth-trunk 1
[Quidway-GigabitEthernet0/0/2] quit

# Enable IPv4/IPv6 dual protocol stacks and configure an IP address for each interface.
[Quidway] ipv6
[Quidway] interface vlanif 1
[Quidway-Vlanif1] ipv6 address 3001::1/64
[Quidway-Vlanif1] quit
[Quidway] interface vlanif 2
[Quidway-Vlanif2] ip address 2.1.1.1 255.0.0.0
[Quidway-Vlanif2] quit

# Configure an ISATAP tunnel.


[Quidway] interface tunnel 0/0/2
[Quidway-Tunnel0/0/2] tunnel-protocol ipv6-ipv4 isatap
[Quidway-Tunnel0/0/2] ipv6 address 2001::/64 eui-64
[Quidway-Tunnel0/0/2] source vlanif 2
[Quidway-Tunnel0/0/2] undo ipv6 nd ra halt
[Quidway-Tunnel0/0/2] quit

Step 2 Configure the ISATAP host.


# Configure a static route to the border device. (The pseudo interface number of the host is 2.
You can run the ipv6 if command to view the interface corresponding to the automatic tunneling
pseudo interface.
C:\> ipv6 install
Installing...
Succeeded.
C:\> ipv6 rlu 2 2.1.1.1

Step 3 Configure the IPv6 host.


# Configure a static route on the IPv6 host to the border device, so hosts in different networks
can communicate through the ISATAP tunnel.
C:\> ipv6 rtu 2001::/64 6/3001::1

Step 4 Verify the configuration.


Check the status of the Tunnel 0/0/2 on the ISATAP device and find it is Up.
[Quidway] display ipv6 interface Tunnel 0/0/2
Tunnel0/0/2 current state : UP
IPv6 protocol current state : UP
IPv6 is enabled, link-local address is FE80::5EFE:201:101
Global unicast address(es):
2001::5EFE:201:101, subnet is 2001::/64
Joined group address(es):
FF02::1:FF01:101
FF02::2
FF02::1
MTU is 1500 bytes
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-23

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

ND advertised reachable time is 0 milliseconds


ND advertised retransmit interval is 0 milliseconds
ND router advertisement max interval 600 seconds, min interval 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses

# On the ISATAP device, ping the global unicast IP address of the tunnel interface on the
ISATAP host.
[Quidway] ping ipv6 2001::5efe:2.1.1.2
PING 2001::5efe:2.1.1.2 : 56 data bytes, press CTRL_C to break
Reply from 2001::5EFE:201:102
bytes=56 Sequence=1 hop limit=64 time = 4 ms
Reply from 2001::5EFE:201:102
bytes=56 Sequence=2 hop limit=64 time = 3 ms
Reply from 2001::5EFE:201:102
bytes=56 Sequence=3 hop limit=64 time = 2 ms
Reply from 2001::5EFE:201:102
bytes=56 Sequence=4 hop limit=64 time = 2 ms
Reply from 2001::5EFE:201:102
bytes=56 Sequence=5 hop limit=64 time = 2 ms
--- 2001::5efe:2.1.1.2 ping statistics --5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/2/4 ms

# On the ISATAP host, ping the global unicast IP address of the ISATAP device.
C:\> ping6 2001::5efe:2.1.1.1
Pinging 2001::5efe:2.1.1.1
from 2001::5efe:2.1.1.2 with 32 bytes of data:
Reply
Reply
Reply
Reply

from
from
from
from

2001::5efe:2.1.1.1:
2001::5efe:2.1.1.1:
2001::5efe:2.1.1.1:
2001::5efe:2.1.1.1:

bytes=32
bytes=32
bytes=32
bytes=32

time=1ms
time=1ms
time=1ms
time=1ms

Ping statistics for 2001::5efe:2.1.1.1:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms

# The ISATAP host can ping through the IPv6 host.


C:\> ping6 3001::2
Pinging 3001::2 with 32 bytes of data:
Reply
Reply
Reply
Reply

from
from
from
from

3001::2:
3001::2:
3001::2:
3001::2:

time<1ms
time<1ms
time<1ms
time<1ms

Ping statistics for 3001::2:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

----End

Configuration Files
The configuration file of the ISATAP device is as follows:
#
sysname Quidway

8-24

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 04 (2010-01-25)

Quidway S5300 Series Ethernet Switches


Configuration Guide - IP Service

8 IPv6 over IPv4 Tunnel Configuration

#
ipv6
#
interface Vlanif1
ipv6 address 3001::1/64
#
interface Vlanif2
ip address 2.1.1.1 255.0.0.0
#
interface Eth-Trunk1
service-type tunnel
#
interface Tunnel0/0/2
ipv6 address 2001::/64 eui-64
undo ipv6 nd ra halt
tunnel-protocol ipv6-ipv4 isatap
source Vlanif2
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
return

Issue 04 (2010-01-25)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

8-25