Configuration Guide - Device Management (V100R005C01 - 03)

Quidway S5300 Series Ethernet Switches V100R005C01
Configuration Guide - Device Management

Issue Date 03 2011-01-30
HUAWEI TECHNOLOGIES CO., LTD.
Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China http://www.huawei.com support@huawei.com
Website: Email:
Issue 03 (2011-01-30)
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.
Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management
About This Document
About This Document

Intended Audience
This document describes procedures and provides examples for configuring the Device Management features of the S5300. This document guides you through the configuration and applicable environment of the Device Management features of the S5300. This document is intended for: l l l l Data configuration engineers Commissioning engineers Network monitoring engineers System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows. Symbol Description
DANGER
Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury. Indicates a hazard with a medium or low level of risk, which if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement important points of the main text.
WARNING
CAUTION
TIP
NOTE
Issue 03 (2011-01-30)
iii
About This Document
Command Conventions
The command conventions that may be found in this document are defined as follows. Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] { x | y | ... }* Description The keywords of a command line are in boldface. Command arguments are in italics. Items (keywords or arguments) in brackets [ ] are optional. Optional items are grouped in braces and separated by vertical bars. One item is selected. Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected. Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected. The parameter before the & sign can be repeated 1 to n times. A line starting with the # sign is comments.
[ x | y | ... ]* &<1-n> #
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.
Changes in Issue 03 (2011-01-30)

Based on issue 02 (2010-12-01), the document is updated as follows: The following content is modified: Minor mistakes are rectified.

Based on issue 01 (2010-08-15), the document is updated as follows: The following content is modified: l 8.2 PoE Features Supported by the S5300

This is the first release.
iv Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2011-01-30)
Contents
Contents
About This Document...................................................................................................................iii 1 Auto-Config.................................................................................................................................1-1
1.1 Overview.........................................................................................................................................................1-2 1.2 Auto-Config Features Supported by the S5300..............................................................................................1-3 1.3 Deploying Unconfigured Switches (Same Network Segment).......................................................................1-6 1.3.1 Establishing the Configuration Task......................................................................................................1-6 1.3.2 Configuring the DHCP Server...............................................................................................................1-7 1.3.3 Configuring the FTP/TFTP Server.........................................................................................................1-8 1.3.4 Checking the Configuration...................................................................................................................1-8 1.4 Deploying Unconfigured Switches (Different Network Segments)................................................................1-9 1.4.1 Establishing the Configuration Task......................................................................................................1-9 1.4.2 Configuring the DHCP Server.............................................................................................................1-10 1.4.3 Configuring DHCP Relay....................................................................................................................1-11 1.4.4 Configuring the FTP/TFTP Server.......................................................................................................1-11 1.4.5 Checking the Configuration.................................................................................................................1-12
2 NAP Configuration.................................................................................................................... 2-1

2.1 NAP Overview................................................................................................................................................2-2 2.2 Configuring NAP-based Remote Deployment................................................................................................2-2 2.2.1 Establishing the Configuration Task......................................................................................................2-3 2.2.2 Configuring and Starting the NAP Master Interface..............................................................................2-3 2.2.3 Remote Login.........................................................................................................................................2-5 2.2.4 Disabling NAP on the Slave Device......................................................................................................2-6 2.2.5 Checking the Configuration...................................................................................................................2-6 2.3 Configuration Examples..................................................................................................................................2-8 2.3.1 Example for Configuring NAP-based Remote Deployment in Automatic Mode..................................2-8 2.3.2 Example for Configuring NAP-based Remote Deployment in Static Mode.........................................2-9
3 Stacking........................................................................................................................................3-1
3.1 Stacking Overview..........................................................................................................................................3-2 3.2 Principle of Stacking.......................................................................................................................................3-2 3.3 Features of Stacking Supported by the S5300................................................................................................3-8 3.4 Typical Topology of a Stack...........................................................................................................................3-9 3.5 Configuring the Stacking Function on the S5300.........................................................................................3-10 Issue 03 (2011-01-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. v
Contents
Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management 3.5.1 Establishing the Configuration Task....................................................................................................3-10 3.5.2 (Optional) Configuring the Reserved VLAN of the Stack...................................................................3-11 3.5.3 (Optional) Enabling the Stacking Function..........................................................................................3-11 3.5.4 (Optional) Configuring a Stack ID for the S5300................................................................................3-12 3.5.5 (Optional) Configuring a Stack Priority for a Device..........................................................................3-12 3.5.6 (Optional) Configuring the MAC Address Switchover Time..............................................................3-13 3.5.7 Checking the Configuration.................................................................................................................3-13
3.6 Configuration Examples................................................................................................................................3-14 3.6.1 Example for Configuring a Stack in a Ring Topology.........................................................................3-14
4 Using display commands to check the status of the device...............................................4-1

4.1 Introduction.....................................................................................................................................................4-2 4.2 Checking the Status of the S5300................................................................................................................... 4-2 4.2.1 Checking Information About the S5300................................................................................................ 4-2 4.2.2 Checking the Version of the S5300........................................................................................................4-2 4.2.3 Checking the Electronic Labels..............................................................................................................4-3 4.2.4 Checking Temperature...........................................................................................................................4-3 4.2.5 Checking the External Fan Status.......................................................................................................... 4-4 4.2.6 Checking the Power Supply Status........................................................................................................ 4-4 4.2.7 Checking the CPU Usage.......................................................................................................................4-4 4.2.8 Checking the Memory Usage.................................................................................................................4-4 4.2.9 Checking Alarms....................................................................................................................................4-5 4.2.10 Checking the Status of an Interface......................................................................................................4-5
5 Hardware Management.............................................................................................................5-1
5.1 Hardware Management Overview...................................................................................................................5-2 5.2 Hardware Management Features Supported by the S5300.............................................................................5-2 5.3 Backing Up the Electronic Label....................................................................................................................5-2 5.3.1 Establishing the Configuration Task......................................................................................................5-2 5.3.2 Backing Up the Electronic Label...........................................................................................................5-3 5.4 Configuring Electrical Port Sleep................................................................................................................... 5-3 5.4.1 Establishing the Configuration Task......................................................................................................5-3 5.4.2 Enabling Electrical Port Sleep................................................................................................................5-4 5.4.3 Checking the Configuration...................................................................................................................5-4
6 Monitoring the Device Through the Information Center..................................................6-1

6.1 Information Center Overview......................................................................................................................... 6-2 6.1.1 Introduction to the Information Center.................................................................................................. 6-2 6.1.2 Information Center Supported by the S5300..........................................................................................6-2 6.2 Configuring the Information Center................................................................................................................6-8 6.2.1 Establishing the Configuration Task......................................................................................................6-8 6.2.2 Enabling the Information Center............................................................................................................6-8 6.2.3 (Optional) Naming the Information Channel.........................................................................................6-9 6.2.4 Defining the Information Channel......................................................................................................... 6-9 vi Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2011-01-30)
Contents
6.2.5 (Optional) Configuring the Timestamp for the Output Information....................................................6-10 6.2.6 Checking the Configuration.................................................................................................................6-10 6.3 Sending Information of the Information Center............................................................................................6-10 6.3.1 Sending Information to the Console.....................................................................................................6-11 6.3.2 Sending Information to the Telnet Terminal........................................................................................6-11 6.3.3 Sending Information to the SNMP Agent............................................................................................6-12 6.3.4 Sending Information to the Log Buffer................................................................................................6-12 6.3.5 Sending Information to the Trap Buffer...............................................................................................6-13 6.3.6 Sending Information to the Log Host...................................................................................................6-13 6.3.7 Checking the Configuration.................................................................................................................6-14 6.4 Maintaining the Information Center..............................................................................................................6-14 6.5 Configuration Examples................................................................................................................................6-14 6.5.1 Example for Configuring the Information Center................................................................................6-15
7 Mirroring......................................................................................................................................7-1
7.1 Introduction.....................................................................................................................................................7-3 7.1.1 Mirroring Functions...............................................................................................................................7-3 7.1.2 Logical Relationships Between Configuration Tasks............................................................................7-6 7.2 Configuring Local Port Mirroring...................................................................................................................7-6 7.2.1 Establishing the Configuration Task......................................................................................................7-6 7.2.2 Configuring Local Port Mirroring..........................................................................................................7-7 7.2.3 Checking the Configuration...................................................................................................................7-7 7.3 Configuring Remote Port Mirroring...............................................................................................................7-8 7.3.1 Establishing the Configuration Task......................................................................................................7-8 7.3.2 Configuring Remote Port Mirroring......................................................................................................7-9 7.3.3 Checking the Configuration.................................................................................................................7-11 7.4 Canceling Port Mirroring..............................................................................................................................7-11 7.4.1 Establishing the Configuration Task....................................................................................................7-12 7.4.2 Canceling Port Mirroring.....................................................................................................................7-12 7.4.3 Checking the Configuration.................................................................................................................7-12 7.5 Configuring Local VLAN Mirroring............................................................................................................7-13 7.5.1 Establishing the Configuration Task....................................................................................................7-13 7.5.2 Configuring Local VLAN Mirroring...................................................................................................7-13 7.5.3 Checking the Configuration.................................................................................................................7-14 7.6 Configuring Remote VLAN Mirroring.........................................................................................................7-14 7.6.1 Establishing the Configuration Task....................................................................................................7-15 7.6.2 Configuring Remote VLAN Mirroring................................................................................................7-15 7.6.3 Checking the Configuration.................................................................................................................7-16 7.7 Canceling VLAN Mirroring..........................................................................................................................7-17 7.7.1 Establishing the Configuration Task....................................................................................................7-17 7.7.2 Canceling VLAN Mirroring.................................................................................................................7-17 7.7.3 Checking the Configuration.................................................................................................................7-18 7.8 Configuring MAC Address-based Local Mirroring......................................................................................7-18 Issue 03 (2011-01-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. vii
Contents
Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management 7.8.1 Establishing the Configuration Task....................................................................................................7-18 7.8.2 Configuring Local SPAN Based on MAC Addresses..........................................................................7-18 7.8.3 Checking the Configuration.................................................................................................................7-19
7.9 Configuring RSPAN Based on MAC Addresses..........................................................................................7-19 7.9.1 Establishing the Configuration Task....................................................................................................7-20 7.9.2 Configuring Remote MAC Address Mirroring....................................................................................7-20 7.9.3 Checking the Configuration.................................................................................................................7-21 7.10 Canceling Mirroring Based on MAC Addresses.........................................................................................7-22 7.10.1 Establishing the Configuration Task..................................................................................................7-22 7.10.2 Canceling Mirroring Based on MAC Addresses................................................................................7-22 7.10.3 Checking the Configuration...............................................................................................................7-23 7.11 Configuring Local Flow Mirroring.............................................................................................................7-23 7.11.1 Establishing the Configuration Task..................................................................................................7-23 7.11.2 Configuring Traffic Classification Rules...........................................................................................7-24 7.11.3 Configuring Flow Mirroring..............................................................................................................7-24 7.11.4 Creating and Applying a Traffic Policy.............................................................................................7-24 7.11.5 Checking the Configuration...............................................................................................................7-25 7.12 Configuring Remote Flow Mirroring..........................................................................................................7-26 7.12.1 Establishing the Configuration Task..................................................................................................7-26 7.12.2 Setting Traffic Classification Rules...................................................................................................7-26 7.12.3 Configuring Remote Flow Mirroring.................................................................................................7-27 7.12.4 Creating and Applying a Traffic Policy.............................................................................................7-28 7.12.5 Checking the Configuration...............................................................................................................7-28 7.13 Canceling Flow Mirroring...........................................................................................................................7-28 7.13.1 Establishing the Configuration Task..................................................................................................7-29 7.13.2 Canceling Flow Mirroring..................................................................................................................7-29 7.13.3 Checking the Configuration...............................................................................................................7-30 7.14 Changing or Deleting an Observing Port....................................................................................................7-30 7.14.1 Establishing the Configuration Task..................................................................................................7-30 7.14.2 (Optional) Deleting an Observing Port..............................................................................................7-31 7.14.3 (Optional) Changing an Observing Port.............................................................................................7-32 7.14.4 Checking the Configuration...............................................................................................................7-32 7.15 Configuring CPU Mirroring........................................................................................................................7-32 7.15.1 Establishing the Configuration Task..................................................................................................7-32 7.15.2 (Optional) Configuring an ACL Rule................................................................................................7-33 7.15.3 Configuring an Observing Port..........................................................................................................7-33 7.15.4 Configuring CPU Mirroring...............................................................................................................7-34 7.15.5 Checking the Configuration...............................................................................................................7-34 7.16 Cancelling CPU Mirroring..........................................................................................................................7-34 7.16.1 Establishing the Configuration Task..................................................................................................7-35 7.16.2 Cancelling CPU Mirroring.................................................................................................................7-35 7.16.3 Checking the Configuration...............................................................................................................7-35 viii Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2011-01-30)
Contents
7.17 Configuration Examples..............................................................................................................................7-36 7.17.1 Example for Configuring Local Port Mirroring.................................................................................7-36 7.17.2 Example for Configuring Local VLAN Mirroring............................................................................7-38 7.17.3 Example for Configuring MAC Address-based Local Mirroring......................................................7-39 7.17.4 Example for Configuring Local Flow Mirroring...............................................................................7-41 7.17.5 Example for Configuring Remote Port Mirroring..............................................................................7-44 7.17.6 Example for Changing an Observing Port.........................................................................................7-47
8 PoE Configuration......................................................................................................................8-1
8.1 PoE Overview................................................................................................................................................. 8-2 8.2 PoE Features Supported by the S5300............................................................................................................8-2 8.3 Configuring PoE Functions.............................................................................................................................8-3 8.3.1 Establishing the Configuration Task......................................................................................................8-3 8.3.2 Configuring the PoE Function Globally.................................................................................................8-3 8.3.3 Configuring the PoE Function on an Interface.......................................................................................8-5 8.3.4 Checking the Configuration...................................................................................................................8-7 8.4 Configuration Examples..................................................................................................................................8-8 8.4.1 Example for Configuring PoE on the Switch.........................................................................................8-8
9 ALS Configuration.....................................................................................................................9-1
9.1 ALS Overview.................................................................................................................................................9-2 9.2 ALS Features Supported by the S5300...........................................................................................................9-2 9.3 Configuring ALS.............................................................................................................................................9-3 9.3.1 Establishing the Configuration Task......................................................................................................9-4 9.3.2 Enabling ALS on an Interface................................................................................................................9-4 9.3.3 (Optional) Setting the Restart Mode of the Laser..................................................................................9-5 9.3.4 (Optional) Starting the Laser Manually................................................................................................. 9-6 9.3.5 (Optional) Setting the ALS Pulse Interval and Width of the Laser........................................................9-7 9.3.6 Checking the Configuration...................................................................................................................9-7 9.4 Configuration Examples..................................................................................................................................9-8 9.4.1 Example for Configuring ALS...............................................................................................................9-8
10 Restarting and Resetting.......................................................................................................10-1

10.1 Introduction.................................................................................................................................................10-2 10.1.1 Process of Starting the S5300.............................................................................................................10-2 10.1.2 Process of Starting the BootROM......................................................................................................10-2 10.2 Restarting the S5300 Immediately..............................................................................................................10-3 10.2.1 Restarting the S5300 Immediately Through Command Lines...........................................................10-4 10.2.2 Restarting the S5300 Through the Power Button on the S5300........................................................10-4 10.3 Restarting the S5300 at a Fixed Time.........................................................................................................10-5
Issue 03 (2011-01-30)
ix
Figures
Figures
Figure 1-1 Basic process of Auto-Config.............................................................................................................1-4 Figure 1-2 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switch are on the same network segment.................................................................................................................................... 1-6 Figure 1-3 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switches are on different network segments..............................................................................................................................1-9 Figure 2-1 Networking diagram of configuring NAP-based remote deployment................................................2-8 Figure 2-2 Networking diagram of configuring NAP-based remote deployment..............................................2-10 Figure 3-1 Networking diagram of a stack system...............................................................................................3-6 Figure 3-2 Networking diagram of a stack system...............................................................................................3-7 Figure 3-3 Ring Topology....................................................................................................................................3-9 Figure 3-4 link Topology..................................................................................................................................... 3-9 Figure 3-5 Networking of a stack in a ring topology.........................................................................................3-14 Figure 6-1 Functions of the information channel.................................................................................................6-4 Figure 6-2 Format of the output logs....................................................................................................................6-5 Figure 6-3 Format of the output alarms................................................................................................................6-7 Figure 6-4 Networking of sending logs to the log host......................................................................................6-15 Figure 7-1 Schematic diagram of interface mirroring..........................................................................................7-4 Figure 7-2 Schematic diagram of flow mirroring.................................................................................................7-4 Figure 7-3 Networking diagram of RSPAN.........................................................................................................7-5 Figure 7-4 Networking diagram of local port mirroring....................................................................................7-36 Figure 7-5 Networking diagram of local VLAN mapping.................................................................................7-38 Figure 7-6 Networking diagram of local MAC address mirroring.....................................................................7-40 Figure 7-7 Networking diagram of local flow mirroring...................................................................................7-42 Figure 7-8 Networking diagram of remote port mirroring.................................................................................7-45 Figure 7-9 Networking for changing the observing port....................................................................................7-48 Figure 8-1 Networking diagram of PoE configurations.......................................................................................8-8 Figure 9-1 Connecting switches through fibers................................................................................................... 9-2 Figure 9-2 Connecting the switch and ONT through the fiber.............................................................................9-2 Figure 9-3 ALS application..................................................................................................................................9-8 Figure 10-1 Process of starting the S5300..........................................................................................................10-2
Issue 03 (2011-01-30)
xi
Tables
Tables
Table 6-1 Description of the severity levels of information.................................................................................6-2 Table 6-2 Association relationship between the information channels and output directions.............................6-4 Table 6-3 Description of each field in the format of logs.....................................................................................6-6 Table 6-4 Description of each field of the format of alarms................................................................................6-7
Issue 03 (2011-01-30)
xiii
1 Auto-Config
1
About This Chapter
1.2 Auto-Config Features Supported by the S5300 This section describes how Auto-Config runs on the S5300.
Auto-Config
This chapter describes the concept, working mechanism, and deployment of Auto-Config. 1.1 Overview This section describes the functions, application scenarios, and terms of Auto-Config.
1.3 Deploying Unconfigured Switches (Same Network Segment) This section describes how to deploy S5300es without configuration file. 1.4 Deploying Unconfigured Switches (Different Network Segments) This section describes how to deploy unconfigured S5300es.
Issue 03 (2011-01-30)
1-1
1 Auto-Config
1.1 Overview
This section describes the functions, application scenarios, and terms of Auto-Config. When a new switch or a switch without any configuration file is powered on, Auto-Config runs automatically to obtain a configuration file. With the Auto-Config function, the network administrator can manage new switches or switches without any configuration file remotely.
NOTE
The Auto-Config function is applicable to new switches or switches without any configuration file (hereinafter referred to as unconfigured switches).
The Auto-Config function has the following advantages: l l l The maintenance personnel do not need to manually configure each switch. With this function, a few maintenance personnel can maintenance widely deployed devices. Auto-Config simplifies the network configurations and implements unified management and remote debugging on switches. With Auto-Config, switches can automatically download corresponding configuration files, which greatly reduces the workload of network administrators.
Intermediate File
The intermediate file lswnet.cfg is used in the Auto-Config process. The intermediate file records the mapping between MAC addresses of switches and names of configuration files. After an unconfigured switch obtains the IP address of the FTP/TFTP server, it downloads the lswnet.cfg file from the FTP/TFTP server to search for the name of the required configuration file, and then downloads the configuration file from the FTP/TFTP server. For example, if the MAC address of an S5300 is 0018-82C5-AA89 and the S5300 needs to download the configuration file S5300.cfg, the contents of the intermediate file are as follows: 0018-82C5-AA89 S5300.cfg
NOTE
If the configuration file is located on the FTP or TFTP server, its extension must be .cfg. A MAC address and a configuration file name are separated by a space character. The format of a MAC address is xxxx-xxxx-xxxx-xxxx. The name of a configuration file contains up to 48 characters, including the extension .cfg. The name is case insensitive and cannot contain special characters. It is recommended that the name consists of English letters, numbers, and underscore (_). If multiple unconfigured switch need to be configured, each row in the intermediate file records the MAC address of a switch and the name of the configuration file that the switch requires.
Default Configuration File

The default configuration file is a file named lswdef.cfg in the download directory of the FTP/ TFTP server. The default configuration file can be used by multiple devices and is usually adopted when downloading a specified configuration file fails.
Option 150
The Option 150 field is configured on the DHCP server to specify the IP address of the TFTP server.
1-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2011-01-30)
1 Auto-Config
Option 14x
The Option 14x field is configured on the DHCP server to specify the IP address, user name, and password of the FTP server. l l l Option 141: specifies the user name of the FTP user. Option 142: specifies the password of the FTP user. Option 143: specifies the IP address of the FTP server.
1.2 Auto-Config Features Supported by the S5300

This section describes how Auto-Config runs on the S5300. Figure 1-1 shows the basic process of Auto-Config.
Issue 03 (2011-01-30)
1-3
1 Auto-Config
Figure 1-1 Basic process of Auto-Config

Start Power on a switch
Switch is without any configuration file? Yes Auto-Config is enabled? Yes Create a timer for obtaining a configuration file
No
Load the existing configuration file
No Start the switch according to default configurations
Load default configurations and initiate Auto-Config No
Timer expires? Yes Yes File with the extension .cfg or .zip exists in the flash memory? No Yes Switch is added to an HGMP culster? No Obtain a configuration file when the timer expires
Yes Configuration file is obtained within 24 consecutive timeout periods?
Configuration file is obtained? Yes Create a configuration validation timer and delete the timer for obtaining a configuration file Configuration file takes effect when the configuration validation timer expires Delete the configuration validation timer End
No
Delete the timer for obtaining a configuration file
No
1-4
Issue 03 (2011-01-30)
1 Auto-Config
The Auto-Config process can be divided into three phases: l Startup After being powered on, an unconfigured switch checks whether there is a configuration file (*.cfg or *.zip) in the flash memory, and then takes actions according to the checking result: If the switch detects a configuration file, it loads the configuration file to complete the startup. If the switch does not detect any configuration file, it checks whether Auto-Config is enabled. If Auto-Config is enabled, the switch starts a 5-minute timer for obtaining a configuration file and then load the default configuration to complete the startup. If Auto-Config is disabled, the switch loads the default configuration to complete the startup. l Obtaining a configuration file when the timer expires When the timer set for obtaining a configuration file expires, the switch checks whether a configuration file is saved in the flash memory. If the flash memory does not contain any configuration file, the switch checks whether it is added to a Huawei Group Management Protocol (HGMP) cluster. If the switch is not in any HGMP cluster, the switch begins to obtain a configuration file as follows: 1. Obtaining the IP address and information about the FTP/TFTP server A switch that does not load any configuration file automatically enables the DHCP client function on the VLANIF1 interface in Up state. VLANIF1 then broadcasts DHCP Request packets (presuming that the DHCP server has been configured with the address pool, Option 150 or Option 14x, and gateway information). Then, the DHCP server sends the related configurations to the switch, including the IP address allocated to the switch, IP address of the FTP/TFTP server, FTP user name and password, and default gateway. If the switch fails to obtain the IP address of the FTP/TFTP server, the switch starts a counter. If the switch fails to obtain the IP address 24 times consecutively (that is, in 2 hours), it disables the timer for obtaining a configuration file. Then, the switch functions as a hub. 2. Downloading a configuration file After the switch that does not load any configuration file obtains the IP address of the FTP/TFTP server, it accesses the FTP/TFTP server to obtain a configuration file through Layer 2 or Layer 3 forwarding. (1) The switch downloads the intermediate file lswnet.cfg from the FTP/TFTP server. (2) The switch searches for the name of the required configuration file, and then downloads the configuration file from the FTP/TFTP server. (3) If downloading the configuration file fails, the switch attempts to download the default configuration file lswdef.cfg. If downloading the default configuration file lswdef.cfg fails, the switch waits until the timer expires and then repeats the process to obtain a configuration file. l Loading a configuration file After downloading a configuration file, the switch starts a 2-hour configuration validation timer and deletes the timer for obtaining a configuration file. When the 2-hour timer expires, the switch deletes the existing default configurations, loads the downloaded configuration file, and makes the configuration file take effect without being restarted. The switch
Issue 03 (2011-01-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-5
1 Auto-Config
automatically saves the configuration file to the flash memory, and then deletes the configuration validation timer.
1.3 Deploying Unconfigured Switches (Same Network Segment)

This section describes how to deploy S5300es without configuration file. 1.3.1 Establishing the Configuration Task 1.3.2 Configuring the DHCP Server 1.3.3 Configuring the FTP/TFTP Server 1.3.4 Checking the Configuration
1.3.1 Establishing the Configuration Task

Applicable Environment
As shown in Figure 1-2, unconfigured switches are reachable from a DHCP server. A PC is connected to the DHCP server and functions as an FTP or a TFTP server to store configuration files. After the DHCP server and FTP/TFTP server are configured, every switch obtains a configuration file through Auto-Config. The DHCP server, FTP/TFTP server, and switches are deployed on the same network segment. Figure 1-2 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switch are on the same network segment
SwitchA
Operator
SwitchB DHCP Server SwitchC FTP/TFTP Server
Pre-configuration Tasks
Before deploying unconfigured switches, complete the following tasks: l l Ensuring that there are routes from the DHCP server and FTP/TFTP server to the switches Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the flash memory of each switch
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2011-01-30)
1-6
1 Auto-Config
Ensuring that the switches are not added to any HGMP cluster
Data Preparation
To deploy unconfigured switches, you need the following data. N o. 1 2 3 4 Data Interconnection information about the upstream interfaces on each S5300 and the downstream interfaces on the DHCP server MAC address of each unconfigured switch IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server IP address, default configuration file, and required configuration files on the FTP/TFTP server
1.3.2 Configuring the DHCP Server

Context
The configuration procedure varies according to the device type of the DHCP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.
NOTE
The DHCP server must support either Option 150 or Option 14x.
Procedure
l l Enable DHCP server. Configure an address pool, including the address range and Option 150 (or Option 14x). It is required that the address pool be on the same network segment with unconfigured switches and the FTP/TFTP server.
NOTE
Pay attention to the following points when configuring Option 150 or Option 14x: l When new switches obtain configuration file through TFTP, the DHCP server must support Option 150. l When new switches obtain configuration files through FTP, the DHCP server must support Option 141, Option 142, and Option 143. l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes precedence over Option 14x. l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the Auto-Config module cannot recognize the IP address, which results in an Auto-Config failure.
Add the downstream interface on the DHCP server to the management VLAN in access mode and assign an IP address on the same network segment as the IP address of the DHCP server to the management VLAN.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-7
Issue 03 (2011-01-30)
1 Auto-Config
After Auto-Config is enabled, packets from an unconfigured switch do not carry tags. Therefore, ensure that untagged packets can be transmitted between unconfigured switches and the DHCP server. ----End
1.3.3 Configuring the FTP/TFTP Server

Context
The configuration procedure varies according to the device type of the FTP/TFTP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.
Procedure
l Set the IP address of the FTP/TFTP server. For an FTP server, the IP address must be the same as the value of Option 143 configured on the DHCP server; for a TFTP server, the IP address must be the same as the value of Option 150 configured on the DHCP server. l Create and configure an intermediate file. The intermediate file is configured according to the MAC addresses of unconfigured switches and the names of required configuration files. For the format of the intermediate file, see 1.1 Overview. l Save the intermediate file, default configuration file, and required configuration files to the working directory on the FTP/TFTP server.
----End
1.3.4 Checking the Configuration

Prerequisite
The configurations of the DHCP server and FTP/TFTP server are complete.
Context
You can check different items in different phases in the Auto-Config process to confirm that Auto-Config runs properly.
Procedure
Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP server to confirm that the switches are connected to the DHCP server.
NOTE
If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not configure the switches.
Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/ TFTP server or log in to the switches to confirm that correct configuration files have been downloaded.

NOTE
1 Auto-Config
Do not save a configuration file to a switch to be configured immediately after the configuration file is downloaded; otherwise, only a temporary configuration file is saved because the configurations have not taken effect.
Step 3 Wait 2 hours for the downloaded configuration file to take effect, and then run the display current-configuration command to check whether the configurations take effect.
NOTE
If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch may not respond in real time. After the configurations take effect, modify the configuration of the downstream interface on the DHCP server as required.
----End
1.4 Deploying Unconfigured Switches (Different Network Segments)

This section describes how to deploy unconfigured S5300es. 1.4.1 Establishing the Configuration Task 1.4.2 Configuring the DHCP Server 1.4.3 Configuring DHCP Relay 1.4.4 Configuring the FTP/TFTP Server 1.4.5 Checking the Configuration

As shown in Figure 1-3, unconfigured switches are reachable from a DHCP relay and a DHCP server. A PC is connected to the DHCP server and functions as an FTP or a TFTP server to store configuration files. After the DHCP server and FTP/TFTP server are configured, every switch obtains a configuration file through Auto-Config. The DHCP server, FTP/TFTP server, and switches are deployed on different network segments. Figure 1-3 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switches are on different network segments
SwitchA Network SwitchB DHCP Relay DHCP Server SwitchC

Issue 03 (2011-01-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.
Operator
FTP/TFTP Server
1-9
1 Auto-Config
Before deploying unconfigured switches, complete the following tasks: l l l Ensuring that there are routes from the DHCP server, DHCP relay, and FTP/TFTP server to the switches Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the flash memory of each switch Ensuring that the switches are not added to any HGMP cluster
Data Preparation
To deploy unconfigured switches, you need the following data. N o. 1 2 3 4 5 6 Data Interconnection information about the upstream interfaces on each S5300 and the downstream interfaces on the DHCP relay Interconnection information about the DHCP relay and DHCP server MAC address of each unconfigured switch IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server IP address, mask, and relay address of the DHCP relay IP address, default configuration file, and required configuration files on the FTP/TFTP server
1.4.2 Configuring the DHCP Server

Context
The configuration procedure varies according to the device type of the DHCP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.
NOTE
The DHCP server must support either Option 150 or Option 14x.
Procedure
l l Enable DHCP server. Configure an address pool, including the address range, gateway, and Option 150 (or Option 14x).
1-10
Issue 03 (2011-01-30)

NOTE
1 Auto-Config
Pay attention to the following points when configuring Option 150 or Option 14x: l When new switches obtain configuration file through TFTP, the DHCP server must support Option 150. l When new switches obtain configuration files through FTP, the DHCP server must support Option 141, Option 142, and Option 143. l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes precedence over Option 14x. l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the Auto-Config module cannot recognize the IP address, which results in an Auto-Config failure.
----End
1.4.3 Configuring DHCP Relay

Context
The configuration procedure varies according to the device type of the DHCP relay. Therefore, the configuration procedure is not described and only the configuration contents are provided.
Procedure
l l Enable DHCP relay. Configure the upstream and downstream interfaces. You need to configure the IP address and mask for the upstream interface and configure the IP address, mask, and DHCP relay address for the downstream interface.
NOTE
You can temporarily set the IP address of the downstream interface on the same network segment with the IP addresses of unconfigured switches, and then add the downstream interface to the management VLAN in access mode.
----End
1.4.4 Configuring the FTP/TFTP Server

Context
The configuration procedure varies with the device type of the FTP/TFTP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.
Procedure
l Set the IP address of the FTP/TFTP server. For an FTP server, the IP address must be the same as the value of Option 143 configured on the DHCP server; for a TFTP server, the IP address must be the same as the value of Option 150 configured on the DHCP server. l Create and configure an intermediate file. The intermediate file is configured according to the MAC addresses of unconfigured switches and the names of required configuration files. For the format of the intermediate file, see 1.1 Overview.
1 Auto-Config
Save the intermediate file, default configuration file, and required configuration files to the working directory on the FTP/TFTP server.
----End

Prerequisite
The configurations of the DHCP server, DHCP relay, and FTP/TFTP server are complete.
Context
You can check different items in different phases in the Auto-Config process to confirm that Auto-Config runs properly.
Procedure
Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP server to confirm that the switches are connected to the DHCP server.
NOTE
If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not configure the switches.
Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/ TFTP server or log in to the switches to confirm that correct configuration files have been downloaded.
NOTE
Do not save a configuration file to a switch to be configured immediately after the configuration file is downloaded; otherwise, only a temporary configuration file is saved because the configurations have not taken effect.
Step 3 Wait 2 hours for the downloaded configuration file to take effect, and then run the display current-configuration command to check whether the configurations take effect.
NOTE
If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch may not respond in real time. After the configurations take effect, modify the configuration of the downstream interface on the DHCP relay as required.
----End
1-12
Issue 03 (2011-01-30)
2 NAP Configuration
2
About This Chapter
NAP Configuration
This chapter describes how to configure the Neighbor Access Protocol (NAP) on the S5300. 2.1 NAP Overview NAP is a Huawei proprietary protocol that implements remote configuration and deployment of unconfigured devices. You can log in to an unconfigured device from a directly connected device and configure the unconfigured device remotely through NAP. 2.2 Configuring NAP-based Remote Deployment Using NAP, you can remotely log in to devices with empty configurations to implement remote deployment. 2.3 Configuration Examples This section provides upgrade and maintenance examples together with the configuration flowchart. The configuration examples explain networking requirements, configuration notes, and configuration roadmap.
Issue 03 (2011-01-30)
2-1
2 NAP Configuration
2.1 NAP Overview

NAP is a Huawei proprietary protocol that implements remote configuration and deployment of unconfigured devices. You can log in to an unconfigured device from a directly connected device and configure the unconfigured device remotely through NAP. Usually, a device is installed with only necessary software before delivery and no configuration is made. Therefore, engineers must configure and commission new devices on site but cannot log in to the devices remotely. This makes the deployment inconvenient and increases the costs of project operation and delivery. The Huawei Group Management Protocol (HGMP) implements remote configuration on Layer 2 networks and is applicable to Ethernet networks. NAP implements remote configuration on Layer 3 networks. It establishes a temporary neighbor relationship between a configured device and an unconfigured device that are directly connected through physical links. Then you can log in to the unconfigured device from the configured device and configure the unconfigured device remotely. NAP greatly reduces the costs of network operation, maintenance, and delivery.
2.2 Configuring NAP-based Remote Deployment

Using NAP, you can remotely log in to devices with empty configurations to implement remote deployment.
Context
CAUTION
After the device with an empty configuration is powered on and started, you must make sure that its interfaces connected to the devices on the current network are Up and support NAP; otherwise, the function of NAP-based remote deployment cannot take effect. 2.2.1 Establishing the Configuration Task Before configuring NAP-based remote deployment, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This can help you complete the configuration task quickly and accurately. 2.2.2 Configuring and Starting the NAP Master Interface You can assign an IP address to the NAP master interface or use the IP address that is automatically allocated by the system to start the NAP master interface. 2.2.3 Remote Login After the neighbor relationship is set up, you can log in to the NAP slave device from the NAP master device. 2.2.4 Disabling NAP on the Slave Device If the NAP function is no longer required, you need to disable NAP on the slave interface of the slave device. 2.2.5 Checking the Configuration
2 NAP Configuration
After configuring NAP-based remote deployment, you can view the NAP status globally or on a specified interface.

Before configuring NAP-based remote deployment, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This can help you complete the configuration task quickly and accurately.
To deploy devices having empty configurations, you can use NAP to perform remote login to the devices from a device in the current network. In this manner, you can implement remote deployment of devices.
Before configuring NAP-based remote deployment, complete the following tasks: l l Connecting the device having an empty configuration to a device in the current network via a single hop by using network cables Ensuring that the interfaces connecting the device with an empty configuration and the device in the current network are both in the Up state, and support NAP.
Data Preparation
NOTE
l If the IP addresses used for establishing NAP connections are to be manually configured, you need to prepare the following data before configuring NAP. l Conversely, if the IP addresses for establishing NAP connections are to be automatically configured, you can skip this.
To configure NAP-based remote deployment, you need the following data. No. 1 Data Two primary IP addresses. The two IP addresses are primary IP addresses for the master interface and the slave interface respectively, and should be on the same network segment. Two secondary IP addresses. The two IP addresses are secondary IP addresses for the master interface and the slave interface respectively, and should be on the same network segment.
2.2.2 Configuring and Starting the NAP Master Interface

You can assign an IP address to the NAP master interface or use the IP address that is automatically allocated by the system to start the NAP master interface.
Issue 03 (2011-01-30)
2-3
2 NAP Configuration
Context
CAUTION
If commands affecting the IP address configuration or IP packet forwarding (such as configurations and commands related to the VPN, Eth-Trunk, or Layer 2 interface) exist on device of the master interface, NAP enabled on the master interface becomes unavailable. You are recommended to delete these commands and re-enable NAP. Do as follows on the switch to configure and start the NAP master interface. In NAP, IP addresses can be allocated either automatically or manually.
Procedure
l Automatic allocation of IP addresses 1. Run:
system-view
The system view is displayed. 2. Run:

interface interface-type interface-number
The interface view is displayed. 3. Run:

nap port master
The NAP Master interface is configured and started. l Manual IP address allocation Two methods are available for manually allocating IP addresses. You can choose the method according to actual needs. You can specify the NAP IP address pool. Then, IP addresses are automatically allocated to the IP address pool. To use this method, do as follows. 1. Run:
system-view

nap ip-pool ip-address mask-length
An IP address pool is configured for NAP. The default IP address pool for establishing NAP connections is 10.167.253.0/24. You can run the nap ip-pool ip-address mask-length command to change the IP address pool.
NOTE
After NAP is started on the master device, the IP address pool cannot be changed.
3.
Run:
2-4
Issue 03 (2011-01-30)
2 NAP Configuration

nap port master
The NAP Master interface is configured and started. You can also specify the NAP IP addresses. To use this method, do as follows. 1. Run:
system-view


nap local-ip mast-inter-mast-ip sub-ip mast-inter-sub-ip peer-ip subinter-mast-ip sub-ip sub-inter-sub-ip mask-length
IP addresses are configured for establishing NAP connections. The default IP address pool for establishing NAP connections is 10.167.253.0/24. When configuring IP addresses, ensure that the primary IP addresses of both the master and the slave interfaces are on the same network segment, and that the secondary IP addresses of both the master and the slave interfaces are on the same network segment. 4. Run:
nap port master
The NAP master interface is configured and started. ----End
2.2.3 Remote Login

After the neighbor relationship is set up, you can log in to the NAP slave device from the NAP master device.
Context
Using the display nap interface command, you can view the NAP status of an interface to ensure that the interface is assigned a correct IP address. Do as follows on the switch where the NAP master interface is configured.
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Run:

The interface view is displayed.

2 NAP Configuration
Step 3 Run:
nap login neighbor
The login to the slave device from the master device is performed. l If the slave device has an empty configuration, you can log in to the slave device from the master device without a user name and a password. l If, however, the slave device is configured with user name(s) and password(s), you must enter the correct user name and password to perform a NAP-based remote login to the slave device.
NOTE
To ensure security for NAP, the slave device having an empty configuration checks the source address of the Telnet login. If the Telnet source address is the NAP address of the master device that is telnetting to the slave device, the slave device allows the master device to directly log in without being authenticated. This is because by default, the user level of the remote login based on the NAP address is the same as the login through the console interface, which enjoys the highest user level. If the Telnet source address is not the NAP address of the master device, the remote login fails.
----End
2.2.4 Disabling NAP on the Slave Device

If the NAP function is no longer required, you need to disable NAP on the slave interface of the slave device.
Context
The master device has logged in to the slave device through Telnet. The NAP function is no longer required, and to ensure security of the network, NAP should be globally disabled on the slave interface of the slave device. Do as follows on the switch that is configured as the NAP slave device.
Procedure
Step 1 Run:
system-view

undo nap slave enable
NAP is disabled on the slave device. ----End

After configuring NAP-based remote deployment, you can view the NAP status globally or on a specified interface.
Prerequisite
NAP-based remote deployment has been completed.
2 NAP Configuration
Procedure
Step 1 Using the display nap status command, you can view the current NAP status. Step 2 Using the display nap interface [ interface-type interface-number ] command, you can view the NAP status of the specified interface. ----End
Example
Run the display nap status command to view the current NAP status.
<Quidway> display nap status Slave port status : Enable Nap ip-pool/Mask : 12.12.12.0/24
Run the display nap interface interface-type interface-number command to view the NAP status of the specified interface.
<Quidway> display nap interface gigabitethernet0/0/1
If the interface is not assigned an IP address, the following information is displayed.

-----------------------------------------------------NAP master port list: Port count : 2 -----------------------------------------------------Port property : Master Current status : DETECTING Local port : GigabitEthernet0/0/1 Peer port : GigabitEthernet0/0/1 Local primary ip : NULL Peer primary ip : NULL Local secondary ip : NULL Peer secondary ip : NULL Hello time : 3s Linked time : 00:00:00 -----------------------------------------------------Port property : Master Current status : DETECTING Local port : GigabitEthernet0/0/2 Peer port : GigabitEthernet0/0/2 Local primary ip : NULL Peer primary ip : NULL Local secondary ip : NULL Peer secondary ip : NULL Hello time : 3s Linked time : 00:00:00 ------------------------------------------------------
If the interface is assigned an IP address, the following information is displayed.

-----------------------------------------------------NAP master port list : Port count : 2 -----------------------------------------------------Port property : Master Current status : IP-ASSIGNED Local port : GigabitEthernet0/0/1 Peer port : GigabitEthernet0/0/1 Local primary ip : 12.12.12.5 Peer primary ip : 12.12.12.6 Local secondary ip : 12.12.12.9 Peer secondary ip : 12.12.12.10 Hello time : 3s Linked time : 00:09:12 -----------------------------------------------------Port property : Master
Issue 03 (2011-01-30)
2-7
2 NAP Configuration

Current status : IP-ASSIGNED Local port : GigabitEthernet0/0/2 Peer port : GigabitEthernet0/0/2 Local primary ip : 10.10.10.5 Peer primary ip : 10.10.10.6 Local secondary ip : 10.10.10.9 Peer secondary ip : 10.10.10.10 Hello time : 3s Linked time : 00:03:41 ------------------------------------------------------
2.3 Configuration Examples

This section provides upgrade and maintenance examples together with the configuration flowchart. The configuration examples explain networking requirements, configuration notes, and configuration roadmap. 2.3.1 Example for Configuring NAP-based Remote Deployment in Automatic Mode In this example, the temporary neighbor relationship is set up between a switch and another switch that has the empty configuration to implement remote deployment in automatic mode. 2.3.2 Example for Configuring NAP-based Remote Deployment in Static Mode In this example, the temporary neighbor relationship is set up between the switch and the device with the empty configuration and IP addresses are assigned to the switch and the device to implement remote deployment in manual mode.
2.3.1 Example for Configuring NAP-based Remote Deployment in Automatic Mode

In this example, the temporary neighbor relationship is set up between a switch and another switch that has the empty configuration to implement remote deployment in automatic mode.
Networking Requirements
As shown in Figure 2-1, the user needs to perform a remote login to Switch B from Switch A. Switch B is the master device, and temporary neighbor relationship is to be set up between Switch B and Switch C having an empty configuration. Switch B and Switch C need to be directly connected via a single hop. Both the interfaces connecting Switch B and Switch C should be in the Up state, and should support NAP. Figure 2-1 Networking diagram of configuring NAP-based remote deployment
Network PC SwitchA SwitchB SwitchC
Configuration Roadmap
The configuration roadmap is as follows:
2 NAP Configuration
1. 2. 3.
Configure a primary IP address and a secondary IP address on Switch B. Configure the NAP master interface on Switch B. Telnet to Switch C from Switch B by means of NAP.
Data Preparation
None
Procedure
Step 1 Configuring the NAP master interface # Do as follows on Switch B.
<Quidway> system-view [Quidway] sysname SwitchB [SwitchB] interface gigabitethernet0/0/1 [SwitchB-GigabitEthernet0/0/1] nap port master
Step 2 Logging in to the slave device from the master device. # Do as follows on Switch B.
[SwitchB-GigabitEthernet0/0/1] nap login neighbor Trying 10.167.253.10 ... Press CTRL+K to abort Connected to 10.167.253.10 ... Info: The max number of VTY users is 10, and the number of current VTY users on line is 1.
Step 3 Shutting down NAP on the slave device. # Do as follows on Switch C.

<Quidway> system-view [Quidway] sysname SwitchC [SwitchC] undo nap slave enable
----End
Configuration Files
None
2.3.2 Example for Configuring NAP-based Remote Deployment in Static Mode

In this example, the temporary neighbor relationship is set up between the switch and the device with the empty configuration and IP addresses are assigned to the switch and the device to implement remote deployment in manual mode.
As shown in Figure 2-2, the user needs to perform a remote login to Switch B from Switch A. Switch B is the master device, and temporary neighbor relationship is to be set up between Switch B and Switch C having an empty configuration. Switch B and Switch C need to be directly connected via a single hop. Both the interfaces connecting Switch B and Switch C should be in the Up state, and should support NAP.
2 NAP Configuration
Figure 2-2 Networking diagram of configuring NAP-based remote deployment
Network PC SwitchA SwitchB SwitchC
The configuration roadmap is as follows: 1. 2. 3. Configure a primary IP address and a secondary IP address on Switch B. Configure the NAP master interface on Switch B. Telnet to Switch C from Switch B by means of NAP.
Data Preparation
To complete the configuration, you need the following data: l l Two primary IP addresses. The two IP addresses are primary IP addresses for the master interface and the slave interface respectively, and should be on the same network segment. Two secondary IP addresses. The two IP addresses are secondary IP addresses for the master interface and the slave interface respectively, and should be on the same network segment.
Procedure
Step 1 Configuring IP addresses for establishing NAP connections. # Do as follows on Switch B.
<Quidway> system-view [Quidway] sysname SwitchB [SwitchB] nap ip-pool 12.12.12.0 24
Step 2 Configuring the NAP master interface. # Do as follows on Switch B.

[SwitchB] interface gigabitethernet0/0/1 [Switch-GigabitEthernet0/0/1] nap port master
Step 3 Configuring primary IP addresses and secondary IP addresses for the master and slave interfaces. # Do as follows on Switch B.
[SwitchB-GigabitEthernet0/0/1] nap local-ip 12.12.12.5 sub-ip 12.12.12.9 peer-ip 12.12.12.6 sub-ip 12.12.12.10 30 Are you sure to continue?[Y/N] y
# After the preceding configurations, on Switch B, run the display nap status command to find that the NAP protocol is enabled, and run the display nap interface command to find that the primary IP addresses and secondary IP addresses are successfully assigned to the master and slave interfaces.

[SwitchB-GigabitEthernet0/0/1] display nap status Slave port status : Enable Nap ip-pool/Mask : 12.12.12.0/24 [SwitchB-GigabitEthernet0/0/1] display nap interface -----------------------------------------------------NAP master port list Port count : 1 -----------------------------------------------------Port property : Master Current status : IP-ASSIGNED local port : GigabitEthernet0/0/1 peer port : GigabitEthernet0/0/1 local pri ip : 12.12.12.5 peer pri ip : 12.12.12.6 local sec ip : 12.12.12.9 peer sec ip : 12.12.12.10 hello time : 3s linked time : 00:01:00 ------------------------------------------------------
2 NAP Configuration
Step 4 Logging in to the slave device from the master device. # Do as follows on Switch B.
[SwitchB-GigabitEthernet0/0/1] nap login neighbor Trying 12.12.12.10 ... Press CTRL+K to abort Connected to 12.12.12.10 ... Info: The max number of VTY users is 10, and the number of current VTY users on line is 1.
Step 5 Shutting down NAP on the slave device. # Do as follows on Switch C.

<Quidway> system-view [Quidway] sysname SwitchC [SwitchC] undo nap slave enable
----End
Configuration Files
None
Issue 03 (2011-01-30)
2-11
3 Stacking
3
About This Chapter
3.1 Stacking Overview This section describes the basic concepts of the stacking function. 3.2 Principle of Stacking This section describes how a stack system is set up. 3.3 Features of Stacking Supported by the S5300 3.4 Typical Topology of a Stack This section describes two typical topologies of a stack.
Stacking
This chapter describes the basic concepts and configuration methods of the stacking function.
3.5 Configuring the Stacking Function on the S5300 This section describes how to configure the stacking function on the S5300. 3.6 Configuration Examples This section provides an example for configuring a stack in a ring topology.
Issue 03 (2011-01-30)
3-1
3 Stacking
3.1 Stacking Overview

This section describes the basic concepts of the stacking function. The stacking function indicates that multiple devices that support the stacking function are connected together to logically function as one device. Up to nine stack devices are connected through stack cables in a ring or link topology. All stack devices logically function as one device to forward packets. Roles of devices in a stack are as follows: l Master switch A stack has only one master switch. The master switch manages the entire stack system by assigning stack IDs to member switches, collecting information about the stack topology, and notifying all the member switches of the information. l Standby switch A stack has only one standby switch. The standby switch backs up the master switch. When the master switch is faulty, the standby switch functions as a master switch. l Slave switch The slave switch sends packets to inform the master switch of the topology change after detecting that a neighbor is lost. Apart from the master switch and standby switch, all the other switches in a stack are slave switches. The master switch, standby switch, and all the slave switches are all member switches. Interfaces connecting member switches are stack interfaces, and other interfaces are common user interfaces. Member switches are connected through independent stack modules and stack cables.
3.2 Principle of Stacking

This section describes how a stack system is set up.
Prerequisites for Setting Up a Stack System

To successfully create a stack system, complete the following tasks: l Configure the same software version for all the member switches. When the master switch detects that a new member switch runs a different version, the master switch synchronizes system version of the member switch.
NOTE
l When the products of the same series are stacked, the switch that is closest to the physical interface of the new member switch added to the stack system synchronizes the system version of the new member switch. l If no switch in the stack system is of the same series as the new member switch or the system version of the new member switch cannot be synchronized to the master switch version, the new member cannot join the stack system.
Use the devices of the same type as the member switches of a stack system, for example, use EI devices or SI devices in a stack system. The EI devices and SI devices cannot be used in the same stack system. Connect all devices by using leased stack cables and stack modules.
l
3-2
3 Stacking
l l
Ensure that all the stack devices can be started normally. Ensure that the stacking function is enabled on all the stack devices.
Creation of a Stack System

If all the member switches in a stack meet the preceding prerequisites, the stack system is automatically created when a member switch in the stack is powered on. The master switch is elected as follows: l l l The device that is started first becomes the master switch. If all the devices are started at the same time, the one of the highest priority becomes the master switch. If all the devices are started at the same time and are of the same priority, the one with the smallest MAC address becomes the master switch.
The standby switch is elected as follows: l If all the switches excluding the master switch start at the same time, the master switch preferentially selects the switch connected to stack interface 2 on the master switch as the standby switch. If all the other switches excluding the master switch start at the same time and no switch is connected to stack interface 2 on the master switch, the master switch selects the switch connected to stack interface 1 on the master switch as the standby switch.
Before the stacking system is created, each switch is an independent entity. That is, each switch has its own IP address and functions individually. As a result, a user needs to manage each switch individually. After the stacking system is created, all the member switches are presented as one unified logical entity. In this manner, a user manages and maintains all the member switches in a stack through one IP address. The stacking protocol elects the master switch, standby switch, and slave switch in a stack. Then, data can be backed up and the active/standby switchover can be implemented. The switches are connected through stack cables in a ring or link topology. A master switch is elected among all the member switches through the stacking protocol. The master switch manages the stacking system by assigning stack IDs to member switches, collecting information about the topology of the stack, and informing all the stack members of the topology information. A standby switch is specified by the master switch. The standby switch becomes the master switch to manage the stack system if the original master switch is faulty. After the master, standby, and slave switches are specified, the master switch collects the packets that are sent from all the slave switches to report the topology information, and then generates stack entries accordingly and deliver the entries to all the member switches in the stack.
Adding a Member Switch to a Stack System

Adding a member switch to a stack system refers to the action of adding a new switch to a stable stack. A member switch can be added to a stack system in two modes: with power on and with power off. In this manual, member switches are added to a stack system with power off. Adding a member switch to a stack system with power on refers to the action of combining two stacks. (An independent switch can be regarded as a stack system after being enabled with stacking.) The details are described in the scenario of combining two stacks. The member switch to be added is powered off at first and then restarts after being connected to the stack interface of the stack. The adding of a member switch does not affects the status of the original master switch in the stack.
3 Stacking
The original service configurations on a switch are cleared after the switch is added to a stack. Then, the switch uses global configurations of the master switch. If the configuration file already exists on the master device and an interface already exists in the configuration file, the interface can be configured through the configuration file. If an interface does not exist in the configuration file, the configuration of the interface is null. If the configuration file does not exist on the master device, the default configuration of the interface is used. If the stack ID of the added switch conflicts with the stack ID of another member switch in the stack, the master switch reassigns a stack ID to the added switch. Adding a member switch does not affect the original services in the stack system. A stack consists of up to nine switches. The number of the member switches cannot exceed the limit after new member switches are added to the stack.
Quitting a Stack System

Quitting a stack system refers to the action of leaving a stack. Different roles inflict different impacts on a stack by quitting the stack system. The following describes different situations: l When the master switch quits a stack system, the neighbor switch detects the change, and then informs the neighbors of the change and updates the information about the local neighbors. The standby switch becomes the master switch, and then recalculates the stack topology and informs all the other member switches of the change. In addition, the new master switch specifies a member switch as the standby switch, and then runs normally. When the standby switch quits a stack system, the master switch re-specifies a member switch as the standby switch, and then recalculates the stack topology and informs all the other member switches of the change. When a slave switch quits a stack system, the master switch only recalculates the stack topology and informs all the other switches of the change. The quitting slave switch restarts immediately. When the master and standby switches quit a stack system at the same time, all the other member switches in the stack system restart and recreate a stack system.
Restarting a Member Switch

If a stack system runs stably, restarting a member switch indicates that a member switch quits a stack system first and then rejoins the stack system. l If the master switch restarts, the standby switch becomes the master switch, and then specifies another member switch as the standby switch and synchronizes data to the new standby switch. If the standby switch restarts, the master switch specifies another member switch as the standby switch and synchronizes data to the new standby switch. When the master and standby switches restart at the same time, all the other member switches in the stack system restart and recreate a stack system.
l l
When a member switch restarts, the master switch recalculates the stack topology and delivers the stack routing table. Then, the member switch rejoins the stack as a standby or slave switch.
Replacing a Member Switch

If a stack system runs stably, replacing a member switch indicates that a member switch quits the stack system first and then a new member switch joins the stack system. For more details, see the description of adding a member switch to a stack system and quitting a stack system.
3 Stacking
Replacing a member switch requires that the stack cables connecting the replaced switches to other switches be removed. l If the master switch is replaced, the standby switch becomes the master switch, and then specifies another member switch as the standby switch and synchronizes data to the new standby switch. If the standby switch is replaced, the master switch specifies another member switch as the standby switch and synchronizes data to the new standby switch.
Switchover Between the Master and Standby Switches

After a stack system is created, the standby switch automatically becomes the master switch if the master switch is faulty or exits from the stack system. The new master switch specifies the new slave switch and data is synchronized on the master and slave switches. l After a stack system is created for the first time, the MAC address of the stack system is the MAC address of the master switch. When the master switch is faulty or quits the stack system, the MAC address of the stack system is immediately switched to be that of the newly-elected master switch if the function of the delay in switching the MAC address of the stack system is disabled. By default, the MAC address switchover is enabled and the delay for switchover is 10 minutes. When a stack system is created, the MAC address of the stack system is switched to be that of the newly-elected master switch, if the master switch is faulty or quits the stack system, the stack system is configured with the MAC address switchover time, and the quitting switch does not rejoin the stack within the switchover timeout interval. If the quitting switch rejoins the stack before the switchover timer expires, the switch becomes a slave and the MAC address of the stack system remains unchanged. In this case, the MAC address of the stack system is the MAC address of a slave switch. When a slave switch quits a stack system, the MAC address of the stack system is switched to be that of the master switch, if the MAC address of the stack system is the same as that of the quitting slave switch and the quitting salve switch does not rejoin the stack after the switchover timer times out.
Combining Two Stack Systems

If two stack systems are combined, a new master switch is elected. The running time of the two stack systems is compared and is accurate to minutes. The stack system that has a long running time is of a higher priority. If the running time is the same, the election mode in the setup of the stack system is used for electing the master switch. In one stack system, the roles, configurations, and services of the switches keep unchanged. In the other stack system, all the switches restart and join the combined stack system as slave switches. The master switch reassigns stack IDs to these slave switches and synchronizes its configurations to these slave switches. In addition, services in this stack system are interrupted.
Dividing a Stack System

Dividing a stack system refers to the action of removing certain member switches with power on. As shown in Figure 3-1, Switch A, Switch B, Switch C, and Switch D form Stack-A.
Issue 03 (2011-01-30)
3-5
3 Stacking
Figure 3-1 Networking diagram of a stack system
Ethernet
SwitchA Stack-A SwitchC
SwitchB
SwitchD
stack link common link
Switch A is disconnected from Switch B; Switch C is disconnected from Switch D; Switch B is directly connected to the Ethernet. As shown in Figure 3-2, Switch A and Switch B form StackB; Switch C and Switch D form Stack-C. In this case, Stack-A is divided into Stack-B and StackC, and the process of diving a stack system is complete.
3-6
Issue 03 (2011-01-30)
3 Stacking
Figure 3-2 Networking diagram of a stack system
Ethernet
SwitchA Stack-B SwitchC
SwitchB Stack-C SwitchD
The action of diving a stack system varies with different roles of the removed switches. l After a stack system is divided, the original master and standby switches still belong to the same stack system. In this case, the master switch recalculates the stack topology and updates the topology information accordingly. After detecting that the stack protocol packets time out, the removed slave switches are reset by themselves and reelect the master switch. The newly-elected master switch obtains the configurations of the stack system from the flash memory and then restores the configurations of other switches. After a stack system is divided, the original master and standby switches belong to different stack systems. In this case, the original master switch specifies another switch as the standby switch in its own stack system. The process of the stack system becoming stable is the same as that when the standby switch quits the stack system. In the stack system where the original standby switch currently belongs, the active/standby switchover is implemented, and the process of the stack system becoming stable is the same as that when the master switch quits the stack system.
IP Address and MAC Address Collision After a Stack System Is Divided

The IP address and MAC address of a stack system is configured globally. That is, all the switches in a stack system share the same IP address and MAC address. When a stack system is divided, configuration collision may occur at Layer 3. For example, a Layer 3 VLANIF interface is configured with an IP address 192.168.1.1. After the stack system is divided, two stack systems with the IP address 192.168.1.1 exist on the network. In this case, IP address and MAC address collision occurs. Therefore, collision detection must be implemented at Layer 2 and Layer 3 after a stack system is divided. The dividing of a stack system mentioned here refers to the case that the original master and standby switches belong to different stack systems after the original stack system is divided. In
3 Stacking
this case, the active/standby switchover is implemented on the stack system where the standby switch belongs. After the active/standby switchover, the new master switch specifies the MAC address of its own as the MAC address of the stack system. In addition, the new master switch sends gratuitous ARP packets to instruct other switches to update their MAC address and implements IP collision detection. It is required that the two newly-created stack systems be able to receive gratuitous ARP packets. After the original stack system is divided, the original master switch detects IP address collision if receiving gratuitous packets whose source IP address is the same as the IP address of the master switch. At the same time, the original master switch keeps sending gratuitous ARP packets until no ARP packet with the conflicted IP address is received.
3.3 Features of Stacking Supported by the S5300

The features of stacking supported by the S5300 are as follows: l l l The S5300EI Switch supports the following routing features of stacking: IPv4 static route, route-policy, OSPF, IPv6 static route, and RIP The S5300SI Switch supports the following routing features of stacking: IPv4 static route, IPv6 static route, and RIP The Switch supports the following Ethernet features of stacking: Trunk, LACP, Blackhole MAC, Static MAC, Sticky MAC, MAC learning, common VLAN, MUX VLAN, VLAN stacking, voice VLAN, LLDP-MED for voice VLAN, STP, RSTP, MSTP, VLAN aggregation, port group, port security, and ARP l The Switch supports the following security features of stacking: 802.1x, MAC authentication, AAA, DHCP snooping, attack defense, storm control, broadcast storm suppression, IPSG, MFF, MAC, and ACL l l The Switch supports the following IP service features of stacking: DHCP client, DHCP server, DHCP relay, DNS, and ND The Switch supports the following multicast features of stacking: Multicast policy, controllable multicast, IGMP snooping, MLD snooping, and multicast load balancing l l l l The Switch supports the following network management features of stacking: NTP, RMON, SNMP, HGMP, ping, and tracert The S5300EI Switch supports the following reliability features of stacking: VRRP for IPv4, VRRP for IPv6, Smart Link, and Monitor Link The S5300SI Switch supports the following reliability features of stacking: Smart Link and Monitor Link The Switch supports the following QoS features of stacking: Traffic policy, priority mapping, traffic policing, traffic shaping, congestion avoidance, congestion management, flow mirroring, and port mirroring l l PoE, LLDP-MED for PoE, RSPAN, and information center SSH, FTP (server or client), SFTP (server or client) TFTP client, and Telnet
After a stack system is created, the entire stack system logically functions as one switch. The features supported by stacking are configured the same whether in a stack system or in a nonstack system. For more details, see the related configuration guide.
3 Stacking
3.4 Typical Topology of a Stack

This section describes two typical topologies of a stack.
Ring Topology
The typical topology of a stack is a ring topology. As shown in Figure 3-3, stack interfaces on the Switches are connected through leased stack cables.
NOTE
Do not directly connect stack ports on the same switch to form a loop.
Figure 3-3 Ring Topology
SwitchA SwitchC
SwitchB SwitchD
Link Topology
As shown in Figure 3-4, stack interfaces on the Switches are connected through leased stack cables.
NOTE
Do not directly connect stack ports on the same switch to form a loop.
Figure 3-4 link Topology
PC1
SwitchA
SwitchB
SwitchC stack link
PC2
common link
Issue 03 (2011-01-30)
3-9
3 Stacking
Compared with the link topology, the ring topology enjoys higher reliability. When a stack link in a ring topology breaks, the ring topology becomes a link topology. The entire stack system, however, runs normally. You are recommended to adopt a ring topology when deploying services.
3.5 Configuring the Stacking Function on the S5300

This section describes how to configure the stacking function on the S5300. 3.5.1 Establishing the Configuration Task 3.5.2 (Optional) Configuring the Reserved VLAN of the Stack This section describes how to configure the reserved VLAN for the stack. 3.5.3 (Optional) Enabling the Stacking Function 3.5.4 (Optional) Configuring a Stack ID for the S5300 3.5.5 (Optional) Configuring a Stack Priority for a Device 3.5.6 (Optional) Configuring the MAC Address Switchover Time 3.5.7 Checking the Configuration

To improve the interface density and forwarding capacity of a network, you can configure the stacking function on the S5300. In this manner, you can expand the network capacity and facilitate users' management.
Before creating a stack system, complete the following tasks: l l Configuring the same software version for all the member switches Using the devices of the same type as the member switches of a stack system, for example, using EI devices or SI devices in a stack system. The EI devices and SI devices cannot be used in the same stack system. Installing stack cards on all devices and connecting the devices through stack cables. Ensuring that all the stack devices can be started normally
l l
Data Preparation
To configure the stacking function, you need the following data. No. 1 2
3-10
Data Stack ID of an S5300 Stack priority of an S5300

3 Stacking
No. 3
Data MAC address switchover time
3.5.2 (Optional) Configuring the Reserved VLAN of the Stack

This section describes how to configure the reserved VLAN for the stack.
Context
When the default reserved VLAN of the stack is used for other services, you need to configure a new reserved VLAN before enabling the stacking function. The reserved VLAN of the stack is configured on the master switch.
Procedure
Step 1 Run:
system-view

stack reserved-vlan vlan-id
The reserved VLAN is configured. By default, a stack system uses VLAN 4093 as the reserved VLAN.
NOTE
The reserved VLAN cannot be used for other services.
----End
3.5.3 (Optional) Enabling the Stacking Function

Context
Before connecting stack devices through leased stack cables, do as follows on the stackingcapable devices.
Procedure
Step 1 Run:
system-view

stack enable
The stacking function is enabled on the S5300. By default, the stacking function is enabled.
3 Stacking
NOTE
If you run the undo stack enable command to disable the stacking function on the S5300, the configuration takes effect only after the S5300 is restarted. If you run the stack enable command to enable the stacking function on the S5300, the configuration takes effect only after the S5300 is restarted.
----End
3.5.4 (Optional) Configuring a Stack ID for the S5300

Context
Stack IDs can be configured before or after the stack system is created. By default, stack IDs of member switches in a stack are all 0s. If stack IDs are not configured for member switches before the stack system is created, the stack system assigns stack IDs to member switches after being created. After the stack system is created successfully, all the configuration of the stack system can be performed on the master switch only.
Procedure
Step 1 Run:
system-view

stack slot slot-id renumber new-slot-id
A stack ID is configured for a device. By default, the stack ID of a device is 0.

NOTE
After the stack ID is configured, the configuration takes effect only after the device is restarted. The stack slot-id command is valid only on the device where the stacking function is enabled.
----End
3.5.5 (Optional) Configuring a Stack Priority for a Device

Context
The stack priority of a device can be configured before or after the stack system is created. If the stack system is created, you can configure stack priorities on the master switch only; if the stack system is not created, you can configure a stack priority on each device.
Procedure
Step 1 Run:
system-view

stack slot slot-id priority priority
3-12
Issue 03 (2011-01-30)
3 Stacking
A stack priority is configured for a specified stack device. By default, the priority value of a device is 100. A great value indicates a high priority.
NOTE
Before the stack system is created, the default stack ID is 0. You can run the display stack and display stack peers commands to view the stack ID of a device.
----End
3.5.6 (Optional) Configuring the MAC Address Switchover Time

Context
The MAC address switchover time can be configured before or after the stack system is created. If the MAC address switchover time is configured for all the stack switches before the stack system is created, the MAC address switchover time of the stack system is specified by the MAC address switchover time of the master switch after the stack system is created, and the MAC address switchover time of other member switches keeps the same as that of the master switch. After the stack system is restarted, the MAC address of the stack is changed into the MAC address of the new master switch. In this case, the MAC address of the stack system keeps unchanged if the master switch is unchanged. If the stack system is created before the MAC address switchover time of the system is configured, you can configure the MAC address switchover time of the system on the master switch only. In this case, the MAC address switchover time of other member switches keeps the same as that of the master switch. The MAC address of the stack system keeps unchanged after the stack system is restarted. Do as follows on the devices where the MAC address switchover time is to be configured.
Procedure
Step 1 Run:
system-view

stack timer mac-address switch-delay delay-time
The MAC address switchover time of the stack system is configured. ----End

Prerequisite
Run the following commands to check the previous configuration.
Procedure
l l Run the display stack command to check information about the member switches in a stack. Run the display stack configuration command to check the default stack ID and stack priority when the stack member starts this time and next time.
----End
3 Stacking
Example
You can use the display stack command to check stack IDs and priorities of member switches in a stack.
<Quidway> display stack Stack topology type : Link Stack systern MAC: 0018-82b1-6eb4 MAC switch delay time: 2 min Stack reserve vlanid : 4093 slot# role Mac address ---------------------0 Master 0018-82b1-6eb4 1 Standby 0018-82b1-6eba
Priority -----200 150
Device type ------S5300 S5300
You can use the display stack configuration command to check the default stack ID and stack priority when the stack member starts this time and next time.
<Quidway> display stack configuration Current slot-id Next slot-id Current Priority ---------------------------- ---------------------0 8 200 1 3 150 Next Priority ------------200 150

This section provides an example for configuring a stack in a ring topology. 3.6.1 Example for Configuring a Stack in a Ring Topology
3.6.1 Example for Configuring a Stack in a Ring Topology

As shown in Figure 3-5, Switch A, Switch B, Switch C, and Switch D form a stack in a ring topology. The stack system is automatically created. Switch A functions as the master switch, whereas Switch B functions as a standby switch. After the active/standby switchover, the MAC address of the stack system is immediately switched. To avoid updating MAC addresses of the stack system frequently and wasting system resources, set the MAC address switchover time of the stack system to 1 minute after the active/standby switchover. Figure 3-5 Networking of a stack in a ring topology
SwitchA
SwitchB
SwitchC
SwitchD
3-14
Issue 03 (2011-01-30)
3 Stacking
The configuration roadmap is as follows: l Configure the MAC address switchover time of the stack system on the master switch.
Data Preparation
To complete the configuration, you need the following data: l MAC address switchover time of the stack system
Configuration Procedure
1. # Configure the MAC address switchover time of the stack system on Switch A.
<SwitchA> system-view [SwitchA] stack timer mac-address switch-delay 1
# Run the display stack command on Switch A to check basic information about a stack.
<SwitchA> display stack Stack topology type: Ring Stack system MAC: 0018-82b1-6eb8 MAC switch delay time: 1 min Stack reserve vlanid : 4093 slot# role Mac address ---------------------0 Slave 0018-82d2-2e85 1 Slave 0018-82c6-1f44 3 Standby 0018-82c6-1f4c 4 Master 0018-82b1-6eb8
Priority -----100 100 100 100
Device type ------S5352C-EI S5328C-EI-24S S5328C-EI-24S S5328C-EI
Configuration Files
None.
Issue 03 (2011-01-30)
3-15
4 Using display commands to check the status of the device
Using display commands to check the status of the device
About This Chapter

This chapter describes the maintenance, usage of the display commands and the regular expression. 4.1 Introduction This section describes function of display commands. 4.2 Checking the Status of the S5300 This section describes how to check the status of the S5300 by using the display commands.
Issue 03 (2011-01-30)
4-1
4.1 Introduction
This section describes function of display commands. You can use display commands to view the status of a device and check whether the device runs normally.
4.2 Checking the Status of the S5300

This section describes how to check the status of the S5300 by using the display commands. 4.2.1 Checking Information About the S5300 4.2.2 Checking the Version of the S5300 4.2.3 Checking the Electronic Labels 4.2.4 Checking Temperature 4.2.5 Checking the External Fan Status When the device temperature is high, you can check whether the external fan is functioning normally. 4.2.6 Checking the Power Supply Status Before replacing a power supply, you need to check the status of the power supply. 4.2.7 Checking the CPU Usage You can check the CPU utilization statistics and CPU settings. 4.2.8 Checking the Memory Usage 4.2.9 Checking Alarms 4.2.10 Checking the Status of an Interface
4.2.1 Checking Information About the S5300

Context
You can run the following command in any view to check the type and status of a component on the S5300.
Procedure
Step 1 Run:
display device [ slot slot-id ]
Information about a component on the S5300 is displayed. ----End
4.2.2 Checking the Version of the S5300

Context
You can run the display version command in any view to check the version of the S5300. The displayed information includes the type of a card, startup duration, version of the hardware, and version of the software.
Procedure
Step 1 Run:
display version [ slot slot-id ]
The version of the specified a card is displayed. ----End
4.2.3 Checking the Electronic Labels

Context
You can run the display elabel command in any view to check the electronic labels. You can run the display elabel command to check information about the hardware code. The hardware code provides necessary basis for such services as network installation, network upgrade, network expansion, device management and maintenance, and device replacement in batches. The displayed information includes: type of the card, bar code, Bill of Material (BOM) code, English description, production date, supplier name, issuing number, Common Language Equipment Identification (CLEI) code, and sales BOM code.
Procedure
Step 1 Run:
display elabel [ slot slot-id [ subcard-id ] ]
The electronic labels are displayed. ----End
4.2.4 Checking Temperature

Context
You can run the following command in any view to check the working temperature of the S5300.
Procedure
Step 1 Run:
display environment [ slot slot-id ]
The temperature of a temperature-sending SIC is displayed. ----End

4.2.5 Checking the External Fan Status

When the device temperature is high, you can check whether the external fan is functioning normally.
Procedure
Step 1 Run:
display fan [ slot slot-id | verbose ]
The external fan status is displayed. ----End
4.2.6 Checking the Power Supply Status

Before replacing a power supply, you need to check the status of the power supply.
Procedure
Step 1 Run the following command in any view:
display power
The status of each power supply is displayed. ----End
4.2.7 Checking the CPU Usage

You can check the CPU utilization statistics and CPU settings.
Procedure
Step 1 Run:
display cpu-usage [ configuration | slave | slot slot-id ]
The CPU utilization statistics and CPU settings are displayed. ----End
4.2.8 Checking the Memory Usage

Context
You can run the following command in any view to check the memory usage of the S5300.
Procedure
Step 1 Run:
display memory-usage [ slave | slot slot-id ]
The memory usage is displayed. ----End

4.2.9 Checking Alarms

Context
You can run the following command in any view to check alarms on the S5300.
Procedure
Step 1 Run:
display alarm urgent [ slot slot-id | time interval ]
The alarms generated during device operation are displayed. ----End
4.2.10 Checking the Status of an Interface

Checking the Status of a Specified Interface
1. Run:
display interface interface-type interface-number
The status of a specified interface is displayed. Information about the status of an interface contains the running status, basic configuration of the interface, and statistics of the transmission of packets.
Checking the Status of an Interface in the Current Interface View

1. Run:
system-view


display this interface
The status of the interface in the current interface view is displayed.
Issue 03 (2011-01-30)
4-5
5 Hardware Management
5
About This Chapter
Hardware Management
This chapter describes the hardware management configurations on the S5300. 5.1 Hardware Management Overview This section explains the definition of hardware management. 5.2 Hardware Management Features Supported by the S5300 This section describes the hardware management features supported by the S5300. 5.3 Backing Up the Electronic Label This section describes how to back up the electronic label of the S5300. 5.4 Configuring Electrical Port Sleep This section describes how to configure electrical port sleep to save energy.
Issue 03 (2011-01-30)
5-1
5.1 Hardware Management Overview

This section explains the definition of hardware management. Hardware management refers to operating the installed hardware of the S5300 by using commands.
5.2 Hardware Management Features Supported by the S5300

This section describes the hardware management features supported by the S5300. The S5300 supports the following hardware management features: l l Electronic label backup Electrical port sleep
5.3 Backing Up the Electronic Label

This section describes how to back up the electronic label of the S5300. 5.3.1 Establishing the Configuration Task Before backing up the electronic label, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately. 5.3.2 Backing Up the Electronic Label You can back up the electronic label of the S5300 to an FTP server or the CF card of the S5300.

Before backing up the electronic label, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately.
Electronic labels of network devices play an important role in troubleshooting. When faults occur on a network, you can obtain hardware information quickly from electronic labels. Therefore, you need to back up electronic labels.
Before backing up the electronic label of the S5300, complete the following task: l Connecting the S5300 to an FTP server and ensuring that there is a reachable route between them
Data Preparation
To back up the electronic label of the S5300, you need the following data.
No. 1 2 3
Data Name of the electronic label backup file Stack ID of the S5300 whose electronic label needs to be backed up FTP server address, FTP user name, and password (only applicable to saving the electronic label to an FTP server)
5.3.2 Backing Up the Electronic Label

You can back up the electronic label of the S5300 to an FTP server or the CF card of the S5300.
Procedure
l Back up the electronic label to the CF card. 1. Run the following command in the user view:
backup elabel [ slot slot-id ]
The electronic label is backed up to the CF card. l Back up the electronic label to an FTP server. 1. Run the following command in the user view:
backup elabel [ ftp ip-address filename username password ] [ slot slotid [ subcard-id ] ]
The electronic label is backed up to an FTP server. ----End
5.4 Configuring Electrical Port Sleep

This section describes how to configure electrical port sleep to save energy. 5.4.1 Establishing the Configuration Task Before configuring electrical port sleep, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately. 5.4.2 Enabling Electrical Port Sleep To save energy on a device, you can enable electrical port sleep on the device. 5.4.3 Checking the Configuration After enabling electrical port sleep, you can run the following command to check the configuration.

Before configuring electrical port sleep, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately.
When a device is working normally, you can enable electrical port sleep to save energy.
None.
Data Preparation
To configure electrical port sleep, you need the following data. No. 1 Data Number of the electrical port where the sleep function is to be enabled
5.4.2 Enabling Electrical Port Sleep

To save energy on a device, you can enable electrical port sleep on the device.
Procedure
Step 1 Run:
system-view

interface [ interface-type interface-number ]
The interface view is displayed. Step 3 Run:

port-auto-sleep enable
Electrical port sleep is enabled. By default, the sleep function is disabled on an Ethernet port. ----End

After enabling electrical port sleep, you can run the following command to check the configuration.
Procedure
l Run the display this command in the interface view to check whether port sleep is enabled. ----End
6 Monitoring the Device Through the Information Center
Monitoring the Device Through the Information Center
About This Chapter

This chapter describes the basics of the information center, introduces the procedure for managing the information center and monitoring the device, and provides configuration examples. 6.1 Information Center Overview The information center controls the output of logs, alarms, and debugging messages. 6.2 Configuring the Information Center This section describes how to manage and configure the information center. 6.3 Sending Information of the Information Center This section describes how to send information to the specified direction. 6.4 Maintaining the Information Center This section describes how to clear the statistics. 6.5 Configuration Examples This section provides examples for configuring the information center.
Issue 03 (2011-01-30)
6-1
6.1 Information Center Overview

The information center controls the output of logs, alarms, and debugging messages. 6.1.1 Introduction to the Information Center The information center works as the information hub of a switch. It classifies and filters the output of a system. The information center uses a debugging program to help network administrator and developers monitor network operation and analyze network faults. 6.1.2 Information Center Supported by the S5300 In the S5300, the information center outputs logs, alarms, and debugging messages with eight severity levels to different directions through 10 information channels.
6.1.1 Introduction to the Information Center

The information center works as the information hub of a switch. It classifies and filters the output of a system. The information center uses a debugging program to help network administrator and developers monitor network operation and analyze network faults.
6.1.2 Information Center Supported by the S5300

In the S5300, the information center outputs logs, alarms, and debugging messages with eight severity levels to different directions through 10 information channels.
Information Classification
The information receives and processes the following types of information: l l l Logs Debugging information Alarm information
Severity Levels of Information

Information is classified into eight severity levels as shown in Table 6-1. The severer the information level is, the lower the severity level value is. Table 6-1 Description of the severity levels of information Threshold 0 Severity Level Emergency Description A fatal fault, such as a programme exception or incorrect use of the memory, occurs on the device. The system must restart. An important fault, such as the device memory reaching the highest limit, occurs to device. The fault then needs to be removed immediately.
Alert
6-2
Issue 03 (2011-01-30)
Threshold 2
Severity Level Critical
Description A crucial fault occurs, such as the memory or temperature reaches the lowest limit, the BFD device is unreachable, or an internal fault that is generated by the device itself. The fault then needs to be analyzed and removed. A fault caused by an improper operation or a wrong process occurs, such as entering the wrong user password or receiving wrong protocol packets from other devices. The faults do not affect service but should be paid attention to.
Error
Warning
An abnormal situation of the running device occurs, such as the user disables the routing process, BFD detects packet loss, or the wrong protocol packet is received. The fault should be paid attention to because it may affect services.
Notice
Indicates the key operations used to ensure that the device runs normally, such as the shutdown command, neighbor discovery, or the state machine. Indicates the common operations to ensure that the device runs normally, such as the display command. Indicates the common information of the device that need not be paid attention to.
6 7
Informational Debugging
When information filtering based on severity levels is enabled, only the information whose severity level threshold is less than or equal to the configured value is output. For example, if the severity level value is configured to 6, only the information with the severity level value from 0 to 6 is output.
Working Process of an Information Center

The working process of the information center is as follows: l l l The information center receives logs, traps, and debugging information from all modules. The information center outputs information with different severity levels to different information channels according to the configurations of users. The information is transmitted to different directions based on the association relationship between the information channel and the output direction.
Generally, the information center distributes the three types of information that can be classified into eight levels to ten information channels. The information is then output to different directions.
As shown in Figure 6-1, logs, alarms, and debugging information have default output channels. You can, however, customize them to be output from other channels. For example, you can configure logs to be output to the log cache through Channel 6 rather than Channel 3. Figure 6-1 Functions of the information channel
Infomation type
Infomation channel 0 Console 1 Monitor Loghost Trapbuffer Logbuffer
Output direction
Console Remote terminal Loghost Trap buffer Log buffer SNMP agent
Logs
Traps
2 3
Debugs
5 SNMP agent 6 Direction of logs Direction of alarms Direction of debugging information 7 8 9 channel6 channel7 channel8 channel9
Information Channels and Output Directions

The system supports ten channels. The first six channels (Channel 0 to Channel 5) have their default channel names, and are associated with six output directions. For details of association relationship between default channels and output directions, see Table 6-2. Table 6-2 Association relationship between the information channels and output directions Channel Number 0 Default Channel Name Console Output Direction Console Description Outputs the information to the local Console that can receive logs, alarms, and debugging information. Outputs the information to the VTY terminals that can receive logs, alarms, and debugging information and then perform remote maintenance.
Monitor
Monitor
6-4
Issue 03 (2011-01-30)
Channel Number 2
Default Channel Name Loghost
Output Direction Log host
Description Outputs the information to the log host that can receive logs, alarms, and debugging information. The information is saved to a log host in the file format for easy reference. Outputs information to the trap buffer that can receive traps. An area is specified inside a device as the trap buffer to record traps. Outputs the information to the log buffer area that can receive logs. The switch assigns a specified area in itself to be the log buffer area that can record the information. Outputs the information to the SNMP agent that can receive alarms. Reserved. Reserved. Reserved. Reserved.
Trapbuffer
Trap buffer
Logbuffer
Log buffer
5 6 7 8 9
Snmpagent Unspecified Unspecified Unspecified Unspecified
SNMP agent Unspecified Unspecified Unspecified Unspecified
When multiple log hosts are configured, you can configure logs to be output to different log hosts through one channel or several channels. For example, configure parts of logs to be output to a log host either through Channel 2 (loghost) or through Channel 6. You can also change the name of Channel 6 for managing channel conveniently.
Format of Logs
Syslog is a sub-function of the information center. It outputs information to a log host through port 514. Figure 6-2 shows the format of logs. Figure 6-2 Format of the output logs
<Int_16>TIMESTAMP HOSTNAME %%ddAAA/B/CCC(l):slot=XXX; YYYY
Table 6-3 describes each field in the log format.
Issue 03 (2011-01-30)
6-5
Table 6-3 Description of each field in the format of logs Field <Int_16> Indication Leading character Description Before logs are output to log hosts, leading characters are added. Logs saved in the local device do not contain leading characters. TIMESTAMP Time to send out the information Timestamp has five formats. l boot: indicates the relative time. l date: indicates the time of the system. Logs, alarms and debugging information adopt this format by default. l short-date: The only difference between date format and short-date is that short-date does not include the year. l format-date: It is another time format of the system time. l none: indicates that the information does not contain timestamp. There is a space between the timestamp and the host name. HOSTNAME %% dd AAA B CCC (l) slot=XXX YYYY Host name Log information Version number Module name Log level Brief description Information type Location information Descriptor By default, the name is Quidway. Indicates that this piece of log is output by the device produced by Huawei. Identifies the version of the log format. Indicates the name of the module that outputs information to an information center. Indicates the severity levels of logs. Describes the information type. L: indicates the user log identifier. Slot indicates the number of the slot that sends the location information. Indicates the detailed information output from each module to the information center. Each module fills in this field before outputting logs to describe the detailed contents of logs.
Format of Alarms
Figure 6-3 shows the format of the output alarms.
6-6
Issue 03 (2011-01-30)
Figure 6-3 Format of the output alarms
TimeStamp HostName ModuleName/Severity/BriefDescription
Table 6-4 describes each field of the alarm format. Table 6-4 Description of each field of the format of alarms Field TimeStamp Indication Time to send out the information Description Five timestamp formats are available: l boot: indicates relative time. By default, debugging information adopts this timestamp format. l date: indicates the timestamp in the format of system time. By default, logs and traps adopt this timestamp format. l short-date: indicates system time. The shortdate format does not contain year information. l format-date: indicates another format of system time. l none: indicates that no timestamp is contained in traps. The timestamp and the host name are separated by a blank space. HostName Host name By default, the name is Quidway. There is a space between the sysname and module name. ModuleName Severity Module name Severity level Indicates the name of the module that generates an alarm. Indicates the severity levels of alarms: l Critical l Major l Minor l Warning l Indeterminate l Cleared Brief Description Brief information Description Provides brief information of the alarms. Provides a detailed description of the alarms.
Issue 03 (2011-01-30)
6-7
6.2 Configuring the Information Center

This section describes how to manage and configure the information center. 6.2.1 Establishing the Configuration Task 6.2.2 Enabling the Information Center 6.2.3 (Optional) Naming the Information Channel 6.2.4 Defining the Information Channel 6.2.5 (Optional) Configuring the Timestamp for the Output Information 6.2.6 Checking the Configuration

To collect debugging information, logs, and traps during the operation of the S5300, and to send them to the terminal for display, or to the buffer or the host for storage, you need to configure the information center.
None.
Data Preparation
To manage the information center, you need the following data. No. 1 2 3 4 5 Data (Optional) Numbers and names of the information channels (Optional) Format of the timestamp (Optional) Severity level (Optional) Language used in the logs and the address of the log host (Optional) Size of the log buffer and the trap buffer
6.2.2 Enabling the Information Center

Context
Do as follows on the S5300.
Procedure
Step 1 Run:
system-view

info-center enable
The information center view is displayed.

NOTE
The system sends the system information to the log host and the console only after the information center is enabled.
----End
6.2.3 (Optional) Naming the Information Channel

Procedure
Step 1 Run:
system-view

info-center channel channel-number name channel-name
Channels are specified to send debugging information, logs, and traps. ----End
6.2.4 Defining the Information Channel

Procedure
Step 1 Run:
system-view

info-center source { module-name| default } channel { channel-number | channelname } [ { debug | log | trap } { state { off | on } | level severity } * ] *
A module (or modules) is specified to send debugging information, logs, or traps to the information channels.
NOTE
Run the undo info-center source { module-name | default } channel { channel-number | channelname } command to disable the unnecessary modules and select one or more modules to send information to the information channels.
----End
6.2.5 (Optional) Configuring the Timestamp for the Output Information

Procedure
Step 1 Run:
system-view

info-center timestamp debugging { boot | none | { short-date | format-date | date } [ precision-time { tenth-second | second } ] }
The format of the timestamp is set for the debugging information. Step 3 Run:
info-center timestamp { trap | log } { boot | none | { short-date | format-date | date } [ precision-time { tenth-second | millisecond } ] }
The format of the timestamp is set for the output logs or traps information. ----End

Run the following commands to check the previous configuration. Action Check the configuration of the channel. Check the information recorded by the information center. Check the information in the log buffer of the memory. Check the summary of the information in the log buffer. Check the information in the trap buffer of the memory. Command display channel [ channel-number | channel-name ] display info-center [ statistics ] display logbuffer [ level severity | module modulename | size value | slot slot-id ]* display logbuffer summary [ level severity | slot slotid ] display trapbuffer [ size value ]
6.3 Sending Information of the Information Center

This section describes how to send information to the specified direction. 6.3.1 Sending Information to the Console 6.3.2 Sending Information to the Telnet Terminal 6.3.3 Sending Information to the SNMP Agent
6.3.4 Sending Information to the Log Buffer 6.3.5 Sending Information to the Trap Buffer 6.3.6 Sending Information to the Log Host 6.3.7 Checking the Configuration
6.3.1 Sending Information to the Console

Procedure
Step 1 Run:
system-view

info-center console channel { channel-number | channel-name }
Information is sent to the console. Step 3 Run:

quit
Return to the user view. Step 4 Run:

terminal monitor
The terminal is enabled to display information. By default, the terminal is enabled to display information. Step 5 Run:
terminal debugging
or
terminal logging
or
terminal trapping
The terminal is enabled to display debugging information, logs, and traps.

NOTE
Step 4 and Step 5 are not listed in sequence.
----End
6.3.2 Sending Information to the Telnet Terminal

Procedure
Step 1 Run:
system-view
The system view is displayed.

Step 2 Run:
info-center monitor channel { channel-number | channel-name }
Information is sent to the Telnet terminal. Step 3 Run:

quit
Return to the user view. Step 4 Run:

terminal monitor
The terminal is enabled to display information. Step 5 Run:

terminal debugging
or
terminal logging
or
terminal trapping
The terminal is enabled to display debugging information, logs, and traps.

NOTE
Step 4 and Step 5 are not listed in sequence.
----End
6.3.3 Sending Information to the SNMP Agent

Procedure
Step 1 Run:
system-view

info-center snmp channel { channel-number | channel-name }
Information is sent to the SNMP agent. Step 3 Run:

snmp-agent
The SNMP agent is enabled. For details on configuring the SNMP agent, refer to chapter "SNMP Configuration" in the Configuration Guide - Network Management. ----End
6.3.4 Sending Information to the Log Buffer

Procedure
Step 1 Run:
system-view

info-center logbuffer [ channel { channel-number | channel-name } | size buffersize ] *
Information is sent to the log buffer. ----End
6.3.5 Sending Information to the Trap Buffer

Context
Do as follows on the S5300.
Procedure
Step 1 Run:
system-view

info-center trapbuffer [ channel { buffersize ] * channel-number | channel-name } | size
Information is sent to the trap buffer. ----End
6.3.6 Sending Information to the Log Host

Procedure
Step 1 Run:
system-view

info-center loghost ip-address [ channel { channel-number | channel-name } | facility local-number | { language language-name | binary [ port ] } | { vpninstance vpn-instance-name | public-net } ] *
Information is sent to the IPv4 log host. Step 3 Run:

info-center loghost ipv6 ipv6-address [ channel { channel-number | channel-name } | facility local-number | { language language-name | binary [ port ] } ] *
Issue 03 (2011-01-30)
6-13
Information is sent to the IPv6 log host. Step 4 Run:

info-center loghost source interface-type interface-number
The source interface for sending logs is specified. ----End

Run the following commands to check the previous configuration. Action Check statistics in the information center. Command display info-center [ statistics ]
Run the preceding command. If the information center can send the statistics to the destination terminal, it means that the configuration succeeds.
6.4 Maintaining the Information Center

This section describes how to clear the statistics.
CAUTION
Statistics cannot be restored after being cleared. So, confirm the action before you run the command. Action Clear the statistics in the information center. Clear the information in the log buffer. Clear the information in the trap buffer. Command reset info-center statistics reset logbuffer reset trapbuffer

This section provides examples for configuring the information center. 6.5.1 Example for Configuring the Information Center
6.5.1 Example for Configuring the Information Center

Figure 6-4 Networking of sending logs to the log host
Switch Network
VLANIF10 2.0.0.1/8
Log Host
1.0.0.1/8
The configuration roadmap is as follows: 1. 2. 3. Enable the information center. Configure the information channel to ensure that the S5300 can correctly send logs to the log host. Disable the sending of the traps and debugging information to the log host. Configure the log host.
Data Preparation
To complete the configuration, you need the following data: l The IP address of the log host is specified as 1.0.0.1/8.
NOTE
In the example, only the commands related to monitoring are listed. For details on configuring the log host, see the help files on the log host.
1.
Enable the information center. # Enable the information center. By default, the information center on the S5300 is enabled.
<Quidway> system-view [Quidway] info-center enable Info:Information center is enabled
2.
Configure the information channel. # Send logs of severity levels 0 to 7 from all modules on the S5300 through the channel to the log host. Disable the sending of the debugging information and traps through the channel to the log host.
[Quidway] info-center source default channel loghost log level debugging state on trap state off debug state off
# Verify the configuration.

[Quidway] display channel number:2, MODU_ID NAME ffff0000 default channel loghost channel name:loghost ENABLE LOG_LEVEL ENABLE TRAP_LEVEL Y debugging N debugging ENABLE DEBUG_LEVEL N debugging
Issue 03 (2011-01-30)
6-15
3.
Configure the log host. # Set the IP address of the log host to 1.0.0.1.
[Quidway] info-center loghost 1.0.0.1
# Set VLANIF 10 as the interface for sending information to the log host on the S5300.
[Quidway] vlan 10 [Quidway-vlan10] quit [Quidway] interface GigabitEthernet0/0/1 [Quidway-GigabitEthernet0/0/1] port link-type hybrid [Quidway-GigabitEthernet0/0/1] port hybrid untagged vlan 10 [Quidway-GigabitEthernet0/0/1] quit [Quidway] interface vlanif 10 [Quidway-vlanif10] ip address 2.0.0.1 255.0.0.0 [Quidway-vlanif10] quit [Quidway] info-center loghost source vlanif 10
# Verify the configuration.

[Quidway] display info-center Information Center:enabled Log host: the interface name of the source address:vlanif 10 1.0.0.1, channel number 2, channel name loghost, language English , host facility local7 Console: channel number : 0, channel name : console Monitor: channel number : 1, channel name : monitor SNMP Agent: channel number : 5, channel name : snmpagent Log buffer: enabled,max buffer size 1024, current buffer size 512, current messages 440, channel number : 4, channel name : logbuffer dropped messages 0, overwritten messages 0 Trap buffer: enabled,max buffer size 1024, current buffer size 256, current messages 1, channel number:3, channel name:trapbuffer dropped messages 0, overwritten messages 0 Information timestamp setting: log - date, trap - date, debug - boot Sent messages = 499, Received messages = 499 IO Reg messages = 0 IO Sent messages = 0
4.
Enable the terminal display of the console. # Enable the terminal display of the console. Enable the corresponding terminal display to check the information type as required.
[Quidway] info-center console channel 0 [Quidway] quit <Quidway> terminal monitor Info:Current terminal monitor is on <Quidway> terminal logging Info:Current terminal logging is on
Configuration Files
# info-center source default channel loghost log level debugging state on trap state off debug state off info-center loghost source vlanif 10 info-center loghost 1.0.0.1 info-center console channel 0 # # vlan batch 10 #
6-16
Issue 03 (2011-01-30)

interface vlanif10 ip address 2.0.0.1 255.0.0.0 # interface GigabitEthernet0/0/1 port link-type hybrid port hybrid untagged vlan 10 # return
Issue 03 (2011-01-30)
6-17
7 Mirroring
7
About This Chapter
7.1 Introduction This section describes the basics of mirroring. 7.2 Configuring Local Port Mirroring This section describes how to configure local interface mirroring. 7.3 Configuring Remote Port Mirroring This section describes how to configure remote port mirroring. 7.4 Canceling Port Mirroring This section describes how to cancel interface mirroring. 7.5 Configuring Local VLAN Mirroring This section describes how to configure local VLAN mirroring. 7.6 Configuring Remote VLAN Mirroring This section describes how to configure remote VLAN mirroring.
Mirroring
The mirroring function is used to monitor packets that meet certain requirements.
7.7 Canceling VLAN Mirroring This section describes how to cancel local VLAN mirroring and remote VLAN mirroring. 7.8 Configuring MAC Address-based Local Mirroring This section describes how to configure local MAC address mirroring. 7.9 Configuring RSPAN Based on MAC Addresses This section describes how to configure RSPAN based on MAC addresses. 7.10 Canceling Mirroring Based on MAC Addresses This section describes how to cancel mirroring based on MAC addresses. 7.11 Configuring Local Flow Mirroring This section describes how to configure local flow mirroring. 7.12 Configuring Remote Flow Mirroring This section describes how to configure remote flow mirroring.
7 Mirroring
7.13 Canceling Flow Mirroring This section describes how to cancel flow mirroring. 7.14 Changing or Deleting an Observing Port This section describes how to change or delete an observing port. 7.15 Configuring CPU Mirroring This section describes how to configure CPU mirroring. 7.16 Cancelling CPU Mirroring This section describes how to cancel CPU mirroring. 7.17 Configuration Examples This section provides several configuration examples for mirroring.
7-2
Issue 03 (2011-01-30)
7 Mirroring
7.1 Introduction
This section describes the basics of mirroring. 7.1.1 Mirroring Functions 7.1.2 Logical Relationships Between Configuration Tasks
7.1.1 Mirroring Functions

Mirroring is to copy packets to an observing port to monitor packets without affecting packet forwarding. You can use the mirroring function for network check and troubleshooting. Mirroring functions are classified into interface mirroring, flowing mirroring, VLAN mirroring, MAC address mirroring, and CPU mirroring. The S5300SI does not support remote mirroring based on flows, VLANs, or MAC addresses.
Concepts
l Observing port An observing port on the S5300 is connected to a monitoring host. It is used to export the traffic copied from a mirrored port or a flow mirroring port. l Mirrored port A mirrored port is the interface to be observed. Incoming traffic or outgoing traffic passing through a mirrored port is copied to an observing port. l Flow mirroring port A flow mirroring port is a port to which traffic policies are applied. On such a port, the incoming traffic that matches the traffic classifier in the traffic policy is copied to an observing port. l Mirrored flow A mirrored flow is a packet flow that runs to a flow mirroring port and is observed. When a flow becomes a mirrored flow, it is copied to an observing port. l Mirrored VLAN A mirrored VLAN is a VLAN to be observed. Incoming traffic or outgoing traffic passing through a mirrored VLAN is copied to an observing port. l Mirrored MAC address A mirrored MAC address is the source or destination MAC address of the packets to be mirrored. The S5300 copies the traffic matching this MAC address to an observing port. l RSPAN VLAN A Remote Switched Port Analyzer (RSPAN) VLAN is a VLAN used for remote mirroring. When the mirrored port and the observing port are located on different switches, packets from the mirrored port must be broadcast to the observing port through the RSPAN VLAN. l l
Issue 03 (2011-01-30)
Local mirroring The observing port and mirrored port are on the same switch. Remote mirroring
7 Mirroring
The observing port and mirrored port are on different switches.

NOTE
The S5300 does not support the function of mirroring a flow to multiple observing ports.
Port Mirroring
In the process of port mirroring, the S5300 copies the packets passing through a mirrored port and then sends the copy to a specified observing port. Figure 7-1 shows the diagram of interface mirroring. Figure 7-1 Schematic diagram of interface mirroring
Mirror port Switch Mirror port Observe port Port Data flow Copy of data flow
Sniffer host
Flow Mirroring
In the process of flow mirroring, the S5300 copies the mirroring flow passing one or more interfaces and sends the copy to an observing port. Figure 7-2 shows the diagram of flow mirroring. Figure 7-2 Schematic diagram of flow mirroring
Mirror port Switch Mirror port Observe port
Port Match traffic classification Data flow Copy of data flow

Issue 03 (2011-01-30)
Sniffer host
7-4
7 Mirroring
Flow mirroring is a type of action in traffic behaviors. When a traffic policy configured with flow mirroring is applied to an interface, the S5300 copies the inbound data flow on this interface that matches the traffic classifier and sends the copy to the observing port.
VLAN Mirroring
In the process of VLAN mirroring, the S5300 mirrors the packets passing through all active interfaces in a specified VLAN to a specified observing port. Compared with interface mirroring, VLAN mirroring mirrors packets in a wider range. You can monitor packets in one or more VLANs.
MAC Address Mirroring

MAC address mirroring allows you to monitor the packets received by or sent from a specified device on a network. The S5300 mirrors the packets matching a specified source or destination MAC address in a VLAN to a specified observing port.
CPU Mirroring
CPU mirroring is used to mirror all the packets received by the CPU. CPU mirroring is implemented as follows: l l If an ACL rule is specified, the packets that match the ACL rule are mirrored to a specified observing port. If no ACL rule is specified, all the packets received by the CPU are mirrored to a specified observing port.
CPU mirroring facilitates debugging and fault location.
RSPAN
A switch can copy incoming or outgoing packets on a mirrored port to an observing port. When the observing port and the mirrored port are on different switches, packets can be copied to the observing port through the RSPAN function, which is also called remote mirroring. Figure 7-3 Networking diagram of RSPAN
Destination Switch Observe port Observe port Sniffer host Intermediate Switch Port Data flow Copy of data flow
Source Switch Mirror port
Issue 03 (2011-01-30)
7-5
7 Mirroring
In Figure 7-3: l l l The source switch is the Switch where the mirrored port is located. The destination switch is the Switch where the observing port is located. The intermediate switch is a device between the source switch and destination switch.
NOTE
The source switch and destination switch can also be directly connected to implement the RSPAN function.
The RSPAN function broadcasts mirrored packets from the source switch to the destination switch in the RSPAN VLAN. Interfaces between the source switch, intermediate switch, and destination switch must be added to the RSPAN VLAN. Mirrored packets are forwarded to the intermediate switch through the observing port on the source switch. Then the intermediate switch broadcasts mirrored packets to the observing port on the destination switch in the RSPAN VLAN. The observing port on the destination switch receives mirrored packets. Through the RSPAN function, packets on a specified interface or VLAN, with a specified source or destination MAC address, or matching a classifier can be copied to an observing port on a remote device.
7.1.2 Logical Relationships Between Configuration Tasks

Before performing 7.14 Changing or Deleting an Observing Port, complete7.4 Canceling Port Mirroring, 7.13 Canceling Flow Mirroring, 7.7 Canceling VLAN Mirroring and 7.10 Canceling Mirroring Based on MAC Addresses.
7.2 Configuring Local Port Mirroring

This section describes how to configure local interface mirroring. 7.2.1 Establishing the Configuration Task 7.2.2 Configuring Local Port Mirroring 7.2.3 Checking the Configuration

When all incoming or outgoing packets passing through a specified interface of the S5300 need to be monitored, you can configure local interface mirroring if the mirrored port is located on the same S5300 as the observing port.
None.
7 Mirroring
Data Preparation
To configure local interface mirroring, you need the following data. No. 1 2 Data Type and number of the observing port Type and number of the mirrored port
7.2.2 Configuring Local Port Mirroring

Context
A mirrored port can be a physical interface or an Eth-Trunk interface. To configure an Eth-Trunk as a mirrored interface, you must run the interface eth-trunk trunkid command to create the Eth-Trunk first. l l If an Eth-Trunk is configured as a mirrored interface, its member interfaces cannot be configured as mirrored interfaces. If a member interface of an Eth-Trunk is configured as a mirrored interface, the Eth-Trunk cannot be configured as a mirrored interface.
Procedure
Step 1 Run:
system-view

observe-port index interface interface-type interface-number
An observing port is configured. Step 3 Run:

The view of the mirrored port is displayed. Step 4 Run:

port-mirroring to observe-port index { both | inbound | outbound }
Interface mirroring is configured on the mirrored port. To monitor packets on multiple interface, repeat Step 3 and Step 4. ----End

7 Mirroring
Action Check information about interface mirroring. Check information about the observing port.
Command display port-mirroring display observe-port
If the following results are obtained, it indicates that the configuration succeeds: l l The observing port is configured properly. The mirrored port and the mirroring direction are configured properly.
7.3 Configuring Remote Port Mirroring

This section describes how to configure remote port mirroring. 7.3.1 Establishing the Configuration Task 7.3.2 Configuring Remote Port Mirroring 7.3.3 Checking the Configuration

When incoming or outgoing packets passing through one or more ports of the S5300 need to be monitored, you can configure remote port mirroring if the monitored ports are not located on the same S5300 as the observing port.
None.
Data Preparation
To configure remote port mirroring, you need the following data. No. 1 2 3 Data Type and number of the observing port Number of the mirrored port ID of the RSPAN VLAN
7-8
Issue 03 (2011-01-30)
7 Mirroring
7.3.2 Configuring Remote Port Mirroring

Context
A mirrored port can be a physical interface or an Eth-Trunk interface. To configure an Eth-Trunk as a mirrored interface, you must run the interface eth-trunk trunkid command to create the Eth-Trunk first. l l If an Eth-Trunk is configured as a mirrored interface, its member interfaces cannot be configured as mirrored interfaces. If a member interface of an Eth-Trunk is configured as a mirrored interface, the Eth-Trunk cannot be configured as a mirrored interface.
Procedure
l Specify a mirrored port and an RSPAN VLAN on the source switch.
NOTE
The mirrored port cannot be added to the RSPAN VLAN.
1.
Run:
system-view

vlan vlan-id
An RSPAN VLAN is created and the RSPAN VLAN view is displayed. 3. Run:
mac-address learning disable
The MAC address learning is disabled.

NOTE
If MAC address learning is disabled in the VLAN, other services cannot be configured in the VLAN.
4.
Run:
quit
Return to the system view. 5. Run:

observe-port index interface interface-type interface-number [ vlan vlanid ]
An observing port is configured, and the RSPAN VLAN is specified. 6. Run:

The view of the mirrored port is displayed. 7. Run:

port-mirroring to observe-port index { both | inbound | outbound }
Remote port mirroring is configured. To observe incoming and outgoing packets on multiple interfaces, repeat Step 6 and Step 7.
7 Mirroring
Configure the RSPAN VLAN and add the interfaces connected to the source switch and destination switch to the RSPAN VLAN.
NOTE
Do as follows on the intermediate switch. The configurations on the interfaces connected to the source switch and destination switch are similar. If no intermediate switch exists, skip this step. 1. Run:
system-view

vlan vlan-id
The RSPAN VLAN is created and the RSPAN VLAN view is displayed. 3. Run:
quit

The view of the interface connected to the source switch or destination switch is displayed. 5. Run:
port link-type trunk
The interface is configured as a trunk interface. 6. Run:

port trunk allow-pass vlan vlan-id
The interface is added to the RSPAN VLAN. 7. Run:

quit
Return to the system view. l Configure the remote observing port on the destination switch. 1. Run:
system-view

vlan vlan-id
The RSPAN VLAN is created and the RSPAN VLAN view is displayed. 3. Run:
quit

7-10
Issue 03 (2011-01-30)
7 Mirroring
The view of the interface connected to the intermediate switch is displayed.

NOTE
If no intermediate switch exists, you enter the view of the interface connected to the source switch.
5.
Run:
port link-type trunk
The interface is configured as a trunk interface. 6. Run:

port trunk allow-pass vlan vlan-id
The interface is added to the RSPAN VLAN. 7. Run:

The observing port view is displayed. 8. Run:

port hybrid untagged vlan vlan-id
The observing port is configured as a hybrid interface and it allows packets of the RSPAN VLAN to pass. 9. Run:
quit
Return to the system view. ----End

Run the following commands to check the previous configuration. Action Check information about the observing port. Check information about port mirroring. Command display observe-port display port-mirroring
If the following results are obtained, it indicates that the configuration succeeds: l l l l The RSPAN VLAN is configured properly. The number of the observing port is configured properly. The type of the observing port is configured properly. The number of the mirrored port and the mirroring direction are configured properly.
7.4 Canceling Port Mirroring

This section describes how to cancel interface mirroring.
7 Mirroring
7.4.1 Establishing the Configuration Task 7.4.2 Canceling Port Mirroring 7.4.3 Checking the Configuration

When interface mirroring is enabled on an interface of the S5300, and the incoming or outgoing packets passing through this interface do not need to be monitored, you can cancel interface mirroring on that interface. You must cancel interface mirroring on the bound observing port before deleting this observing port.
None.
Data Preparation
To cancel interface mirroring, you need the following data. No. 1 2 Data Type and number of an observing port Type and number of the mirrored port to be deleted
7.4.2 Canceling Port Mirroring

Procedure
Step 1 Run:
system-view


undo port-mirroring { both | inbound | outbound }
Interface mirroring is canceled. ----End

7 Mirroring
Action Check information about the observing port. Check information about interface mirroring.
Command display observe-port display port-mirroring
Run the display port-mirroring command. If interface mirroring is cancelled properly, it indicates that the configuration succeeds.
7.5 Configuring Local VLAN Mirroring

This section describes how to configure local VLAN mirroring. 7.5.1 Establishing the Configuration Task 7.5.2 Configuring Local VLAN Mirroring 7.5.3 Checking the Configuration

When incoming packets passing through all active interfaces of the S5300 in a specified VLAN or some VLANs need to be monitored, you can configure local VLAN mirroring if all interfaces receiving these monitored incoming packets are located on the same S5300 as the observing port.
Before configuring local VLAN mirroring, complete the following tasks: l l Creating a VLAN as the monitored VLAN Adding physical interfaces to the monitored VLAN
Data Preparation
To configure local VLAN mirroring, you need the following data. No. 1 2 Data Type and number of an observing port ID of a mirrored VLAN
7.5.2 Configuring Local VLAN Mirroring

7 Mirroring
Procedure
Step 1 Run:
system-view


vlan vlan-id
The view of the mirrored VLAN is displayed. Step 4 Run:

mirroring to observe-port index inbound
VLAN mirroring is configured. To observe incoming packets from multiple VLANs, repeat Step 3 and Step 4. ----End

If the following results are obtained, it indicates that the configuration succeeds: l l The type of the observing port is configured properly. The number of the observing port is configured properly.
7.6 Configuring Remote VLAN Mirroring

This section describes how to configure remote VLAN mirroring. 7.6.1 Establishing the Configuration Task 7.6.2 Configuring Remote VLAN Mirroring 7.6.3 Checking the Configuration
7 Mirroring

When incoming packets passing through any active interfaces of the S5300 in a specified VLAN or some VLANs need to be monitored, you can configure remote VLAN mirroring if the interface added to the monitored VLAN is not located on the same S5300 as the observing port.
NOTE
S5300SI does not support remote VLAN mirroring.
Before configuring remote VLAN mirroring, complete the following tasks: l l Creating a VLAN as the monitored VLAN Adding physical interfaces to the monitored VLAN
Data Preparation
To configure remote VLAN mirroring, you need the following data. No. 1 2 3 Data Type and number of the observing port ID of the mirrored VLAN ID of the RSPAN VLAN
7.6.2 Configuring Remote VLAN Mirroring

Procedure
l Configure remote VLAN mirroring on the source switch.
NOTE
1.
Run:
system-view

vlan vlan-id

7 Mirroring
NOTE
4.
Run:
quit

An observing port is configured and the RSPAN VLAN is specified. 6. Run:

vlan vlan-id
The RSPAN VLAN view is displayed. 7. Run:

mirroring to observe-port index inbound
Remote VLAN mirroring is configured. To observe incoming and outgoing packets of multiple VLANs, repeat Step 6 and Step 7. l Configure the RSPAN VLAN on the intermediate switch and add interfaces to the RSPAN VLAN. The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. l Configure the remote observing port on the destination switch. The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. ----End

If the following results are obtained, it indicates that the configuration succeeds: l l
7-16
The type of the observing port is configured properly. The number of the observing port is configured properly.
7 Mirroring
7.7 Canceling VLAN Mirroring

This section describes how to cancel local VLAN mirroring and remote VLAN mirroring. 7.7.1 Establishing the Configuration Task 7.7.2 Canceling VLAN Mirroring 7.7.3 Checking the Configuration

When VLAN mirroring is enabled in a specified VLAN and all incoming packets in this VLAN do not need to be monitored on the S5300, or before deleting or changing the bound observing port, you need to cancel VLAN mirroring.
None.
Data Preparation
To cancel VLAN mirroring, you need the following data. No. 1 Data ID of the mirrored VLAN to be deleted
7.7.2 Canceling VLAN Mirroring

Procedure
Step 1 Run:
system-view

vlan vlan-id
The view of the monitored VLAN is displayed. Step 3 Run:

undo mirroring inbound
VLAN mirroring is canceled. ----End

7 Mirroring

If VLAN mirroring is cancelled, it indicates that the operation succeeds.
7.8 Configuring MAC Address-based Local Mirroring

This section describes how to configure local MAC address mirroring. 7.8.1 Establishing the Configuration Task 7.8.2 Configuring Local SPAN Based on MAC Addresses 7.8.3 Checking the Configuration

When incoming packets with the specified source or destination MAC address in a VLAN need to be monitored on the S5300, you can configure local MAC address mirroring if the monitoring interface receiving these incoming packets is located on the same S5300 as the observing port.
None.
Data Preparation
To configure local MAC address mirroring, you need the following data. No. 1 2 3 Data Type and number of the observing port MAC address of the packets to be mirrored ID of the VLAN that the observed MAC address belongs to
7.8.2 Configuring Local SPAN Based on MAC Addresses

7 Mirroring
Procedure
Step 1 Run:
system-view


vlan vlan-id
The VLAN view is displayed. Step 4 Run:

mac-mirroring mac-address to observe-port index inbound
Local SPAN based on MAC addresses is configured. You can repeatedly perform Step 3 and Step 4 to monitor the incoming packets with multiple MAC addresses in multiple VLANs. ----End

If the following results are obtained, it indicates that the configuration succeeds: l l The type of the observing port is configured properly. The number of the observing port is configured properly.
7.9 Configuring RSPAN Based on MAC Addresses

This section describes how to configure RSPAN based on MAC addresses. 7.9.1 Establishing the Configuration Task 7.9.2 Configuring Remote MAC Address Mirroring This section describes how to configure remote MAC address mirroring. 7.9.3 Checking the Configuration
7 Mirroring

When incoming packets with the specified source or destination MAC address in a VLAN need to be monitored on the S5300, you can configure RSPAN based on MAC addresses if the monitoring interface receiving these incoming packets is not located on the same S5300 as the observing port.
None.
Data Preparation
To configure RSPAN based on MAC addresses, you need the following data. No. 1 2 3 4 Data Type and number of an observing port MAC address of the packet to be mirrored ID of the VLAN that the packet with the MAC address to be mirrored belongs to ID of an RSPAN VLAN
7.9.2 Configuring Remote MAC Address Mirroring

This section describes how to configure remote MAC address mirroring.
Procedure
l Configure remote MAC address mirroring on the source switch.
NOTE
The mirrored port cannot be added to the RSPAN VLAN. The S5300SI series do not support remote MAC address mirroring.
1.
Run:
system-view

vlan vlan-id


NOTE
7 Mirroring
4.
Run:
quit


vlan vlan-id
The view of the VLAN that the observed MAC address belongs to is displayed. 7. Run:
mac-mirroring mac-address to observe-port index inbound
Remote MAC address mirroring is configured and the RSPAN VLAN is specified. To observe incoming packets from or destined for multiple MAC addresses, repeat Step 6 and Step 7. l Configure the RSPAN VLAN on the intermediate switch and add interfaces to the RSPAN VLAN. The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. l Configure the remote observing interface on the destination switch. The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. ----End

Run the following commands to check the previous configuration. Action Check information about the observing port. Check information about MAC address mirroring. Command display observe-port display port-mirroring
If the following results are obtained, it indicates that the configuration succeeds: l l l
Issue 03 (2011-01-30)
The type of the observing port is configured properly. The RSPAN VLAN is configured properly. The number of the observing port is configured properly.
7 Mirroring
7.10 Canceling Mirroring Based on MAC Addresses

This section describes how to cancel mirroring based on MAC addresses. 7.10.1 Establishing the Configuration Task 7.10.2 Canceling Mirroring Based on MAC Addresses 7.10.3 Checking the Configuration

When mirroring based on MAC addresses is enabled and incoming packets with specified MAC addresses in this VLAN do not need to be monitored on the S5300, or before deleting or changing the bound observing port, you need to cancel mirroring based on MAC addresses.
None.
Data Preparation
To cancel mirroring based on MAC addresses, you need the following data. No. 1 Data MAC address of the mirrored packet to be deleted
7.10.2 Canceling Mirroring Based on MAC Addresses

Procedure
Step 1 Run:
system-view

vlan vlan-id
The view of the VLAN that monitored MAC address belongs to is displayed. Step 3 Run:
undo mac-mirroring mac-address inbound
Mirroring based on MAC addresses is canceled. ----End

7 Mirroring

Run the following commands to check the previous configuration. Action Check information about the observing port. Check the configuration of the mirrored port. Command display observe-port display port-mirroring
If MAC address mirroring on the VLANIF interface is cancelled, it indicates that the operation succeeds.
7.11 Configuring Local Flow Mirroring

This section describes how to configure local flow mirroring. 7.11.1 Establishing the Configuration Task 7.11.2 Configuring Traffic Classification Rules 7.11.3 Configuring Flow Mirroring 7.11.4 Creating and Applying a Traffic Policy 7.11.5 Checking the Configuration

When incoming flows passing through the S5300 with the same attribute need to be monitored, you can configure local flow mirroring if the monitored interface receiving these incoming flows is located on the same S5300 as the observing port.
None.
Data Preparation
To configure local flow mirroring, you need the following data. No. 1 2 3 Data Type and number of the observing port Type and number of the flow mirroring interface Names of the traffic classifier, traffic behavior, and traffic policy
Issue 03 (2011-01-30)
7-23
7 Mirroring
7.11.2 Configuring Traffic Classification Rules

NOTE
There is no specified order among the matching rules in a traffic classifier. You can combine these rules.
For details on configuring traffic classification rules, see Configuring Complex Traffic Classification in the Quidway S5300 Series Ethernet Switches Configuration Guide - QoS.
7.11.3 Configuring Flow Mirroring

Procedure
Step 1 Run:
system-view


traffic behavior behavior-name
A traffic behavior is created and the traffic behavior view is displayed. Step 4 Run:
mirroring to observe-port index
Flow mirroring is configured. ----End
Follow-up Procedure
After configuring flow mirroring in a traffic behavior, you need to bind the behavior to a traffic classifier in a traffic policy and then apply the policy to the interface. For detailed configuration procedures, see 7.11.4 Creating and Applying a Traffic Policy.
7.11.4 Creating and Applying a Traffic Policy

Context
Do as follows on the S5300 that needs to be configured with flow mirroring.
Procedure
Step 1 Run:
system-view


traffic policy policy-name
7 Mirroring
A traffic policy is created and the policy view is displayed. Step 3 Run:
classifier classifier-name behavior behavior-name
A traffic behavior is configured for a specified class in the traffic policy. class-name in this step must be the same as the name of the traffic class created in 7.11.2 Configuring Traffic Classification Rules. In this step, behavior-name must be the same as that specified in Step 3 when you configure the traffic behavior. Step 4 Run:
quit
Return to the system view. Step 5 Run:


traffic-policy policy-name inbound
The traffic policy that contains flow mirroring is applied to the interface. You can repeatedly perform Step 5 and Step 6 to monitor the incoming flows, with the same attributes, passing through multiple interfaces. ----End

Run the following commands to check the previous configuration. Action Check information about the observing port. Check information about interface mirroring. Command display observe-port display port-mirroring
Check the flow mirroring display traffic policy interface [ interface-type configuration in the traffic policy interface-number ] [ inbound ] on an interface.
If the following results are obtained, it indicates that the configuration succeeds: l l The observing port is configured properly. A proper traffic policy is applied to the interface where incoming flows need to be monitored.
Issue 03 (2011-01-30)
7 Mirroring
The traffic policy contains a proper traffic classifier and a traffic behavior and the traffic behavior contains a flow mirroring action.
7.12 Configuring Remote Flow Mirroring

This section describes how to configure remote flow mirroring. 7.12.1 Establishing the Configuration Task 7.12.2 Setting Traffic Classification Rules 7.12.3 Configuring Remote Flow Mirroring 7.12.4 Creating and Applying a Traffic Policy 7.12.5 Checking the Configuration

When incoming flows passing through the S5300 with the same attribute need to be monitored, you can configure remote flow mirroring if the monitored interface receiving these incoming flows is not located on the same S5300 as the observing port.
NOTE
S5300SI does not support remote flow mirroring.
None.
Data Preparation
To configure remote flow mirroring, you need the following data. No. 1 2 3 4 Data Type and number of the observing port Type and number of the flow mirroring interface Names of the traffic classifier, traffic behavior, and traffic policy ID of the RSPAN VLAN
7.12.2 Setting Traffic Classification Rules

Context
For how to configure traffic classification rules, see 7.11.2 Configuring Traffic Classification Rules.
7 Mirroring
7.12.3 Configuring Remote Flow Mirroring

Procedure
l Configure remote flow mirroring on the source switch.
NOTE
The mirrored port cannot be added to the RSPAN VLAN. The S5300SI series do not support remote flow mirroring.
1.
Run:
system-view

vlan vlan-id

NOTE
4.
Run:
quit


A traffic behavior is created and the traffic behavior view is displayed. 7. Run:
mirroring to observe-port index
Remote flow mirroring is configured. After configuring flow mirroring in a traffic behavior, you need to bind the behavior to a traffic classifier in a traffic policy and then apply the policy to the interface. For details, see 7.11.4 Creating and Applying a Traffic Policy. l Configure the RSPAN VLAN on the intermediate switch and add interfaces to the RSPAN VLAN. The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. l
Issue 03 (2011-01-30)
Configure the remote observing Interface on the destination switch.

7 Mirroring
The configuration is the same as that for remote port mirroring. For details, see 7.3.2 Configuring Remote Port Mirroring. ----End
7.12.4 Creating and Applying a Traffic Policy

Context
For how to configure traffic classification rules on the source S5300, see 7.11.4 Creating and Applying a Traffic Policy.

Run the following commands to check the previous configuration. Action Check information about the observing port. Check information about port mirroring. Check the configuration of flow mirroring in the traffic policy on an interface. Command display observe-port display port-mirroring display traffic policy interface [ interface-type interface-number ] [ inbound ]
If the following results are obtained, it indicates that the configuration succeeds: l l l l l The number of the observing port is configured properly. The type of the observing port is configured properly. The RSPAN VLAN is configured properly. A proper traffic policy is applied to the interface where incoming flows need to be monitored. The applied traffic policy contains a proper traffic classifier and a traffic behavior, and the traffic behavior contains the flow mirroring action.
7.13 Canceling Flow Mirroring

This section describes how to cancel flow mirroring. 7.13.1 Establishing the Configuration Task 7.13.2 Canceling Flow Mirroring 7.13.3 Checking the Configuration
7-28
Issue 03 (2011-01-30)
7 Mirroring

When flow mirroring is enabled and the flow, with the same attributes, passing through the S5300 does not need to be monitored, you can cancel flow mirroring.
None.
Data Preparation
To cancel flow mirroring, you need the following data. No. 1 2 Data Type and number of the interface where flow mirroring needs to be cancelled Name of the traffic policy
7.13.2 Canceling Flow Mirroring

Context
Do as follows on the S5300 that is configured with flow mirroring.
Procedure
Step 1 Run:
system-view

The traffic behavior view is displayed. Step 3 Run:

undo mirroring
The flow mirroring action is cancelled. Step 4 Run:

quit
Exit from the traffic behavior view. Step 5 Run:

Issue 03 (2011-01-30)
7-29
7 Mirroring

undo traffic-policy inbound
The traffic policy and flow mirroring action on the interface are canceled. To cancel a traffic policy, you must cancel the traffic policy on all the interfaces where the traffic policy is applied, and then run the undo traffic policy policy-name command to cancel the traffic policy in the system view. ----End

Check the flow mirroring display traffic policy interface [ interface-type configuration in the traffic policy interface-number ] [ inbound ] on an interface.
If the following result is obtained, it indicates that the configuration succeeds: The traffic policy applied on an interface is cancelled.
7.14 Changing or Deleting an Observing Port

This section describes how to change or delete an observing port. 7.14.1 Establishing the Configuration Task 7.14.2 (Optional) Deleting an Observing Port 7.14.3 (Optional) Changing an Observing Port 7.14.4 Checking the Configuration

When you do not need to monitor the flow passing through the S5300, you can delete the current observing port; when you need to specify another interface on the S5300 as an observing port, you can change the current observing port.
7 Mirroring
Before changing or deleting an observing port, complete the following tasks: l l l l 7.4 Canceling Port Mirroring 7.7 Canceling VLAN Mirroring 7.10 Canceling Mirroring Based on MAC Addresses 7.13 Canceling Flow Mirroring
Data Preparation
To change or delete an observing port, you need the following data. No. 1 Data Type and number of the new observing port
7.14.2 (Optional) Deleting an Observing Port

Prerequisite
Before deleting an observing port, make sure that the observing port is not used in any mirroring configuration.
Procedure
Step 1 Run:
system-view


undo port-mirroring { both | inbound | outbound }
Interface mirroring is canceled. Step 4 Run:

quit
Return to the system view. Step 5 Run:

undo observe-port index
The observing port is deleted. ----End

7 Mirroring
7.14.3 (Optional) Changing an Observing Port

Procedure
Step 1 Run:
system-view

Another interface is specified as an observing port. ----End

If the observing port is deleted or a new observing port is specified, it indicates that the configuration succeeds.
7.15 Configuring CPU Mirroring

This section describes how to configure CPU mirroring. 7.15.1 Establishing the Configuration Task 7.15.2 (Optional) Configuring an ACL Rule 7.15.3 Configuring an Observing Port 7.15.4 Configuring CPU Mirroring 7.15.5 Checking the Configuration

When debugging the S5300, you can configure CPU mirroring, if you need to monitor the packets received by the CPU.
7 Mirroring
None.
Data Preparation
To configure CPU mirroring, you need the following data. No. 1 2 Data (Optional) ACL number and ACL rule Index, type, and ID of the observing port
7.15.2 (Optional) Configuring an ACL Rule

Context
Do as follows on the S5300 that needs to be configured with CPU mirroring.
Procedure
Step 1 Run:
system-view

acl [ number ] acl-number
An Access Control List (ACL) is created and the ACL view is displayed. For details on the acl command, refer to the Quidway S5300 Series Ethernet Switches Command Reference. Step 3 Run:
rule
A basic or an advanced ACL rule is created. For details on the rule command, see the Quidway S5300 Series Ethernet Switches - Command Reference. ----End
7.15.3 Configuring an Observing Port

Procedure
Step 1 Run:
system-view
Issue 03 (2011-01-30)
7-33
7 Mirroring

A global observing port is configured. ----End
7.15.4 Configuring CPU Mirroring

Procedure
Step 1 Run:
system-view

port-mirroring cpu [ acl acl-number ] to observe-port index inbound
CPU mirroring is configured. By default, CPU mirroring is disabled. ----End

Run the following commands to check the previous configuration. Action Check information about interface mirroring. Check information about CPU mirroring. Command display port-mirroring display cpu port-mirroring
If the number of the ACL that matches packets received by the CPU and the observing port are displayed, it indicates that the configuration succeeds.
7.16 Cancelling CPU Mirroring

This section describes how to cancel CPU mirroring. 7.16.1 Establishing the Configuration Task 7.16.2 Cancelling CPU Mirroring 7.16.3 Checking the Configuration
7 Mirroring

If packets received by the CPU of the S5300 do not need to be monitored, you can cancel CPU monitoring.
None.
Data Preparation
To cancel CPU mirroring, you need the following data. No. 1 Data Number of the observing port
7.16.2 Cancelling CPU Mirroring

Procedure
Step 1 Run:
system-view

undo port-mirroring cpu
CPU mirroring is cancelled. Step 3 Optional: Run:

undo observe-port index
The index of the observing port is deleted. ----End

Run the following commands to check the previous configuration. Action Check information about interface mirroring. Check information about CPU mirroring. Command display port-mirroring display cpu port-mirroring
Issue 03 (2011-01-30)
7-35
7 Mirroring

This section provides several configuration examples for mirroring. 7.17.1 Example for Configuring Local Port Mirroring 7.17.2 Example for Configuring Local VLAN Mirroring 7.17.3 Example for Configuring MAC Address-based Local Mirroring 7.17.4 Example for Configuring Local Flow Mirroring 7.17.5 Example for Configuring Remote Port Mirroring 7.17.6 Example for Changing an Observing Port
7.17.1 Example for Configuring Local Port Mirroring

As shown in Figure 7-4, a Layer 2 (L2) switch is connected to GigabitEthernet 0/0/1 on the Switch, and the incoming traffic on GigabitEthernet 0/0/1 needs to be monitored. In this case, you can configure local port mirroring with GigabitEthernet 0/0/1 as a mirrored port and GigabitEthernet 0/0/24 as an observing port. Figure 7-4 Networking diagram of local port mirroring
Router
GE0/0/3 Switch GE0/0/1 GE0/0/24
L2 Switch
Mirroring host
The configuration roadmap is as follows: 1. 2.
7-36
Configure GigabitEthernet 0/0/24 as an observing port. Configure GigabitEthernet 0/0/1 as a mirrored port.
7 Mirroring
Data Preparation
None.
1. Create a VLAN on the Switch and add interfaces to the VLAN in trunk mode. # Add GigabitEthernet 0/0/1 and GigabitEthernet 0/0/3 to a same VLAN in trunk mode. The following takes the configuration of GigabitEthernet 0/0/1 as an example. The configuration of GigabitEthernet 0/0/3 is the same as the configuration of GigabitEthernet 0/0/1 and is not mentioned here.
<Switch> system-view [Switch] vlan 1 [Switch-vlan1] quit [Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 1 [Switch-GigabitEthernet0/0/1] quit
2.
Configure an observing port. # Set GigabitEthernet 0/0/24 as the observing port.

<Switch> system-view [Switch] observing-port 1 interface GigabitEthernet 0/0/24
3.
Configure a mirrored port. # Set GigabitEthernet 0/0/1 as the mirrored port.

[Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] port-mirroring to observe-port 1 inbound [Switch-GigabitEthernet0/0/1] quit
4.
Verify the configuration. # Run the display port-mirroring command. You can check the configurations on the observing port and mirrored port.
[Switch] display port-mirroring Observe index 1 is set to interface GigabitEthernet0/0/24 Observe Type: Local Interface GigabitEthernet0/0/1 Mirrored to: Observe index 1 Direction: inbound Observe index 2 is not set to any interface Observe index 3 is not set to any interface Observe index 4 is not set to any interface
Configuration Files
Configuration file of the Switch
# vlan batch 1 # sysname Switch # observing-port 1 interface GigabitEthernet0/0/24 # interface GigabitEthernet0/0/1 port trunk allow-pass vlan 1 port-mirroring to observe-port 1 inbound # interface GigabitEthernet0/0/3 port trunk allow-pass vlan 1 # return
Issue 03 (2011-01-30)
7-37
7 Mirroring
7.17.2 Example for Configuring Local VLAN Mirroring

As shown in Figure 7-5, GigabitEthernet0/0/1 is connected to PC1; GigabitEthernet0/0/2 is connected to PC2. PC1 and PC2 belong to VLAN 10. Now, incoming traffic of all active interfaces in VLAN 10 needs to be monitored. In this case, you can configure local VLAN mirroring. GigabitEthernet0/0/3 serves as an observing port. Figure 7-5 Networking diagram of local VLAN mapping
GE0/0/3 GE0/0/1 GE0/0/2
PC3
PC1
PC2
The configuration roadmap is as follows: 1. 2. Configure GigabitEthernet0/0/3 as an observing port. Configure VLAN 10 as a mirrored VLAN.
Data Preparation
None.
1. Add GigabitEthernet0/0/1 and GigabitEthernet0/0/2 to VLAN 10 as access interfaces. # Add GigabitEthernet0/0/1 to VLAN 10 as an access interface.
<Switch> system-view [Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type access [Switch-GigabitEthernet0/0/1] port default vlan 10 [Switch-GigabitEthernet0/0/1] quit
Add GigabitEthernet0/0/2 to VLAN 10 as an access interface in the same way. 2. Configure an observing port. # Set GigabitEthernet0/0/3 as an observing port.

[Switch] observing-port 1 interface GigabitEthernet 0/0/3
7 Mirroring
3.
Configure a mirrored VLAN. # Set VLAN 10 as a mirrored VLAN.

[Switch] VLAN 10 [Switch-VLAN10] mirroring to observe-port 1 inbound [Switch-VLAN10] quit
4.
Verify the configuration. # Run the display port-mirroring command. You can view the configuration of the observing port.
[Switch] display Observe index 1 Observe Type: Observe index 2 Observe index 3 Observe index 4 port-mirroring is set to interface GigabitEthernet0/0/3 Local is not set to any interface is not set to any interface is not set to any interface
Configuration Files
# sysname Switch # vlan batch 1 10 # observe-port 1 interface GigabitEthernet0/0/3 # vlan 10 mirroring to observe-port 1 inbound # interface GigabitEthernet0/0/1 port link-type access port default vlan 10 # interface GigabitEthernet0/0/2 port link-type access port default vlan 10 # # return
7.17.3 Example for Configuring MAC Address-based Local Mirroring

As shown in Figure 7-6, GigabitEthernet 0/0/1 is connected to PC1; GigabitEthernet 0/0/2 is connected to PC2; GigabitEthernet 0/0/4 is connected to a router. GigabitEthernet 0/0/1, GigabitEthernet 0/0/2, and GigabitEthernet 0/0/4 belong to VLAN 10. Now, incoming traffic with the source or destination MAC as the MAC address of GigabitEthernet 1/0/1 on the router in VLAN 10 needs to be monitored. In this case, you can configure local MAC address mirroring on the Switch. GigabitEthernet 0/0/3 serves as an observing port. The MAC address of GigabitEthernet 1/0/1 is 0001-0001-0001.
7 Mirroring
Figure 7-6 Networking diagram of local MAC address mirroring
GE1/0/1 GE0/0/4 GE0/0/3 GE0/0/1 GE0/0/2 PC3
PC1
PC2
The configuration roadmap is as follows: 1. 2. Set GigabitEthernet 0/0/3 as an observing port. Configure local MAC address mirroring in the view of VLAN 10.
Data Preparation
None.
1. 2. Configure VLAN 10 and then add GigabitEthernet 0/0/1, GigabitEthernet 0/0/2, and GigabitEthernet 0/0/4 to VLAN 10. The configuration procedure is not mentioned here. # Set GigabitEthernet 0/0/3 as an observing port.
<Switch> system-view [Switch] observing-port 1 interface GigabitEthernet 0/0/3
3.
Configure a mirroring VLAN. # Configure local MAC address mirroring in the view of VLAN 10.
[Switch] VLAN 10 [Switch-VLAN10] mac-mirroring 0001-0001-0001 to observe-port 1 inbound [Switch-VLAN10] quit
4.
Verify the configuration. # Run the display port-mirroring command. You can view the configuration of the observing port.
Configuration Files

# sysname Switch # vlan batch 1 10 # observing-port 1 interface GigabitEthernet0/0/3 # cluster enable ntdp enable ntdp hop 16 ndp enable # vlan 10 mac-mirroring 0001-0001-0001 to observe-port 1 inbound # interface GigabitEthernet0/0/1 port default vlan 10 bpdu enable ntdp enable ndp enable # interface GigabitEthernet0/0/2 port default vlan 10 bpdu enable ntdp enable ndp enable # interface GigabitEthernet0/0/3 port default vlan 1 bpdu enable ntdp enable ndp enable # interface GigabitEthernet0/0/4 port default vlan 10 bpdu enable ntdp enable ndp enable # # return
7 Mirroring
7.17.4 Example for Configuring Local Flow Mirroring

As is shown in Figure 7-7, the Switch is connected to two L2 switches through GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5. Packets with the same attributes received by GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5 and transmitted from GigabitEthernet 0/0/3 need to be monitored. In this example, packets with the 802.1p priority as 6 need to be monitored. GigabitEthernet 0/0/24 is set as an observing port.
Issue 03 (2011-01-30)
7-41
7 Mirroring
Figure 7-7 Networking diagram of local flow mirroring
Router
Switch GE 0/0/1
GE0/0/3 GE0/0/24 GE0/0/5
L2 Switch
L2 Switch
Mirroring host
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. Set GigabitEthernet 0/0/24 as an observing port. Create a traffic classifier and set the traffic classification rule that only the packets with the 802.1p priority as 6 can be matched. Create a traffic behavior and configure flow mirroring in the traffic behavior. Create a traffic policy and bind the traffic classifier to the traffic behavior. Apply the traffic policy to GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5. Create a VLAN on the Switch. Add GigabitEthernet 0/0/3, GigabitEthernet 0/0/1, and GigabitEthernet 0/0/5 to the same VLAN in trunk mode.
Data Preparation
To complete the configuration, you need the following data: l l l l Name of the traffic classifier: c1 Name of the traffic behavior: b1 Name of the traffic policy: p1 ID of the VLAN created on the Switch: 1
1. Create a VLAN on the Switch and add interfaces to the VLAN in trunk mode. # Add GigabitEthernet 0/0/1, GigabitEthernet 0/0/3, and GigabitEthernet 0/0/5 to the same VLAN in trunk mode. The following takes the configuration of GigabitEthernet 0/0/1 as an example. The configurations of GigabitEthernet 0/0/3 and GigabitEthernet 0/0/5 are the same as the configuration of GigabitEthernet 0/0/1 and are not mentioned here.

<Switch> system-view [Switch] vlan 10 [Switch-vlan10] quit [Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type trunk [Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 [Switch-GigabitEthernet0/0/1] quit
7 Mirroring
2.
Configure an observing port. # Set GigabitEthernet 0/0/24 as the observing port.

[Switch] observe-port 1 interface GigabitEthernet 0/0/24
3.
# Create a traffic classifier. # Create traffic classifier c1 and set the traffic classification rule that only the packets with the 802.1p priority as 6 can be matched.
[Switch] traffic classifier c1 [Switch-classifier-c1] if-match 8021p 6 [Switch-classifier-c1] quit
4.
# Create a traffic behavior. # Create traffic behavior b1 and configure flow mirroring in the traffic behavior.
[Switch] traffic behavior b1 [Switch-behavior-b1] mirroring to observe-port 1 [Switch-behavior-b1] quit
5.
Create a traffic policy. # Create a traffic policy and bind traffic classifier c1 to traffic behavior b1.
[Switch] traffic policy p1 [Switch-trafficpolicy-p1] classifier c1 behavior b1 [Switch-trafficpolicy-p1] quit
6.
Apply the traffic policy and enable the interface to trust the 802.1p priority of packets. # Apply traffic policy p1 to GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5, and enable GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5 to trust the 802.1p priority of packets.
[Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] traffic-policy p1 inbound [Switch-GigabitEthernet0/0/1] trust 8021p [Switch-GigabitEthernet0/0/1] quit [Switch]interface GigabitEthernet 0/0/5 [Switch-GigabitEthernet0/0/5] traffic-policy p1 inbound [Switch-GigabitEthernet0/0/5] trust 8021p [Switch-GigabitEthernet0/0/5] quit
7.
Verify the configuration. # Run the display port-mirroring command. You can check the observing port.
# Run the display traffic policy interface command. You can check the traffic policy applied to GigabitEthernet 0/0/1 and GigabitEthernet 0/0/5.
[Switch] display traffic policy interface Interface: GigabitEthernet0/0/1 Direction: Inbound Policy: p1 Classifier: c1 Rule(s) : if-match 8021p 6 Behavior: b1 mirroring to observe-port 1 Interface: GigabitEthernet0/0/5
Issue 03 (2011-01-30)
7-43
7 Mirroring
Direction: Inbound Policy: p1 Classifier: c1 Rule(s) : if-match 8021p 6 Behavior: b1 mirroring to observe-port 1
Configuration Files
# sysname Switch # vlan batch 10 # observe-port 1 interface GigabitEthernet0/0/24 # traffic classifier c1 if-match 8021p 6 # traffic behavior b1 mirroring to observe-port 1 # traffic policy p1 classifier c1 behavior b1 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 traffic-policy p1 inbound trust 8021p # interface GigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet0/0/5 port link-type trunk port trunk allow-pass vlan 10 traffic-policy p1 inbound trust 8021p # interface GigabitEthernet0/0/24 # return
7.17.5 Example for Configuring Remote Port Mirroring

As shown in Figure 7-8, Switch A is connected to PC1; Switch C is connected to PC2. Now, incoming traffic of GigabitEthernet 0/0/2 on Switch A needs to be monitored on PC2. In this case, you can configure remote port mirroring on Switch A.
7-44
Issue 03 (2011-01-30)
7 Mirroring
Figure 7-8 Networking diagram of remote port mirroring
SwitchA
SwitchB GE 0/0/1 GE0/0/2
SwitchC GE 0/0/1 GE0/0/2 GE0/0/1
GE0/0/2
PC1
PC2
The configuration roadmap is as follows: l l l Configure GE 0/0/1 of Switch A as an observing interface and specify the RSPAN VLAN. Configure Ethernet 0/0/2 of Switch A as a mirrored interface. Configure Ethernet 0/0/1 of Switch C as an observing interface.
Data Preparation
To complete the configuration, you need the following data: l l l Index of the observing interface on Switch A: 1 ID of the RSPAN VLAN on Switch A, Switch B, and Switch C: 2 Index of the observing interface on Switch C: 1
1. Configure Switch A. # Configure the RSPAN VLAN.
<SwitchA> system-view [SwitchA] vlan 2 [SwitchA-vlan2] quit
# Configure GE 0/0/1 of Switch A as an observing interface and specify the RSPAN VLAN.
[SwitchA] observe-port 1 interface GigabitEthernet 0/0/1 vlan 2
# Add GE 0/0/1 to the RSPAN VLAN as a trunk interface.

[SwitchA] interface gigabitethernet 0/0/1 [SwitchA-GigabitEthernet0/0/1] port link-type trunk [SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 [SwitchA-GigabitEthernet0/0/1] quit
# Configure remote port mirroring for incoming traffic on GE 0/0/2 and specify the RSPAN VLAN.
[SwitchA] interface GigabitEthernet 0/0/2 [SwitchA-GigabitEthernet0/0/2] port-mirroring to observe-port 1 inbound [SwitchA-GigabitEthernet0/0/2] quit
Issue 03 (2011-01-30)
7-45
7 Mirroring
2.
Configure Switch B. # Create an RSPAN VLAN and disable MAC address learning in this VLAN..
<SwitchB> system-view [SwitchB] vlan 2 [SwitchB-vlan2] mac-address learning disable [SwitchB-vlan2] quit
# Add GE 0/0/1 and GE 0/0/2 to the RSPAN VLAN as trunk interfaces.

[SwitchB] interface GigabitEthernet [SwitchB-GigabitEthernet0/0/1] port [SwitchB-GigabitEthernet0/0/1] port [SwitchB-GigabitEthernet0/0/1] quit [SwitchB] interface GigabitEthernet [SwitchB-GigabitEthernet0/0/2] port [SwitchB-GigabitEthernet0/0/2] port [SwitchB-GigabitEthernet0/0/2] quit 0/0/1 link-type trunk trunk allow-pass vlan 2 0/0/2 link-type trunk trunk allow-pass vlan 2
3.
Configure Switch C. # Create the RSPAN VLAN.

<SwitchC> system-view [SwitchC] vlan 2 [SwitchC-vlan2] quit
# Add GE 0/0/2 to the RSPAN VLAN as a trunk interface.

[SwitchC] interface GigabitEthernet 0/0/2 [SwitchC-GigabitEthernet0/0/2] port link-type trunk [SwitchC-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 [SwitchC-GigabitEthernet0/0/2] quit
# Configure GE 0/0/1 as a hybrid interface and configure it to allow packets of the RSPAN VLAN to pass.
[SwitchC] interface GigabitEthernet 0/0/1 [SwitchC-GigabitEthernet0/0/1] port hybrid untagged vlan 2 [SwitchC-GigabitEthernet0/0/1] quit
Configuration Files
Configuration file of Switch A
# sysname SwitchA # vlan 2 # observe-port 1 interface GigabitEthernet0/0/1 vlan 2 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 # interface GigabitEthernet0/0/2 port-mirroring to observe-port 1 inbound # # return
Configuration file of Switch B

sysname SwitchB # vlan 2 mac-address learning disable
7-46
Issue 03 (2011-01-30)

# interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 # # return
7 Mirroring
Configuration file of Switch C

# sysname SwitchC # vlan 2 # interface GigabitEthernet 0/0/1 port hybrid untagged vlan 2 # interface GigabitEthernet 0/0/2 port link-type trunk port trunk allow-pass vlan 2 # # return
7.17.6 Example for Changing an Observing Port

As shown in Figure 7-9,GigabitEthernet 0/0/1 on the Switch is connected to an L2 switch; GigabitEthernet 0/0/24 is connected to host 1; GigabitEthernet 0/0/5 is connected to host 2. To monitor incoming traffic on GigabitEthernet 0/0/1, port mirroring is configured on the Switch. Configure GigabitEthernet 0/0/1 as a mirrored port, and GigabitEthernet 0/0/24 connected to host 1 as an observing port. Enable host 1 to receive incoming traffic from GigabitEthernet 0/0/1. At present, host 2 needs to receive incoming traffic from GigabitEthernet 0/0/1. Thus, the observing port needs to switch from GigabitEthernet 0/0/24 to GigabitEthernet 0/0/5.
Issue 03 (2011-01-30)
7-47
7 Mirroring
Figure 7-9 Networking for changing the observing port
Router
Switch GE0/0/1
GE0/0/3 GE0/0/24 GE0/0/5 Mirroring host1
L2 Switch
Mirroring host2
The configuration roadmap is as follows: 1. 2. 3. Delete the mirrored port GigabitEthernet 0/0/1. Set GigabitEthernet 0/0/5 instead of GigabitEthernet 0/0/24 as the observing port. Reset GigabitEthernet 0/0/1 as the mirrored port.
Data Preparation
To complete the configuration, you need the following data: l Type and number of the new observing port, that is, GigabitEthernet 0/0/5
1. Check the configurations on the current observing port and mirrored port. # Run the display port-mirroring command to check the configurations on the current observing port and mirrored port.
<Switch> display port-mirroring Portmirror: ---------------------------------------------------------Mirror-port Direction Observe-port ---------------------------------------------------------GigabitEthernet0/0/1 Inbound GigabitEthernet0/0/24
2.
Delete the mirrored port. # Delete the mirrored port GigabitEthernet 0/0/1.
<Switch> system-view [Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] undo port-mirroring inbound
7-48
Issue 03 (2011-01-30)
7 Mirroring
3.
Delete the observing port. # Delete the observing port GigabitEthernet 0/0/24.
<Switch> system-view [Switch] undo observe-port 1
4.
Change the observing port. # Change the observing port to GigabitEthernet 0/0/5.
[Switch] observe-port 1 interface GigabitEthernet 0/0/5
5.
Configure a mirrored port. # Reset GigabitEthernet 0/0/1 as the mirrored port.

[Switch] interface GigabitEthernet 0/0/1 [Switch-GigabitEthernet0/0/1] port-mirroring to observe-port 1 inbound [Switch-GigabitEthernet0/0/1] quit
6.
Verify the configuration. # Run the display port-mirroring command. You can check the configurations on the current observing port and mirrored port.
[Switch] display port-mirroring Portmirror: ---------------------------------------------------------Mirror-port Direction Observe-port ---------------------------------------------------------GigabitEthernet0/0/1 Inbound GigabitEthernet0/0/5
Configuration Files
# sysname Switch # observe-port 1 interface GigabitEthernet0/0/5 # interface GigabitEthernet0/0/1 port-mirroring to observe-port 1 inbound # return
Issue 03 (2011-01-30)
7-49
8 PoE Configuration
8
About This Chapter
8.1 PoE Overview This section describes the basic concepts of PoE.
PoE Configuration
This chapter describes the basic concepts and configuration methods of PoE.
8.2 PoE Features Supported by the S5300 This section describes the PoE features supported by the S5300. 8.3 Configuring PoE Functions This section describes how to configure PoE functions. 8.4 Configuration Examples This section provides an example for configuring PoE on the S5300.
Issue 03 (2011-01-30)
8-1
8 PoE Configuration
8.1 PoE Overview

This section describes the basic concepts of PoE. Power over Ethernet (PoE) refers to power supply over a 10Base-T, 100Base-TX, or 1000BaseT twisted pair cable. PoE can be used to effectively provide power for terminals such as IP phones, Access Points (APs), chargers of portable devices, point-of-sale (POS) machines, cameras, and data collection. Terminals are powered when they access the network. Therefore, the indoor cabling of power supply need not be considered. Currently, PoE supports the unified standard IEEE 802.3af and 802.3at, which enables devices developed by different vendors to be compatible with each other.
8.2 PoE Features Supported by the S5300

This section describes the PoE features supported by the S5300. The downstream electrical interfaces of the S5300 support PoE. Each downstream interface provides a maximum of 30 W power and a maximum power supply distance of 100 m. The S5300 can transmit current and data on the same pair of signal cables. PoE power supplies are classified into the following types: 500 W constant current power supply and 250 W constant current power supply. A 500 W power supply provides 369.6 W power for the PoE function, and a 250 W power supply provides 123.2 W for the PoE function. The following S5300 models support PoE: l S5348TP-PWR-SI, S5352C-PWR-SI, and S5352C-PWR-EI Each switch has two power supply slots. Each slot supports a 500 W or 250 W power supply. When two PoE power supplies are used, determine their working mode according to the following table. Power Supply Combination 250 W constant current 500 W constant current 250 W constant current 250 W constant current 500 W constant current 250 W constant current 500 W constant current 500 W constant current Available PoE Power 123.2W 369.6W 246.4W 492.8W 739.2W
S5324TP-PWR-SI, S5328C-PWR-EI, and S5328C-PWR-SI Each switch has two power supply slots. Each slot supports a 500 W or 250 W power supply. When two PoE power supplies are used, determine their working mode according to the following table. Power Supply Combination 250 W constant current 500 W constant current Available PoE Power 123.2W 369.6W
Issue 03 (2011-01-30)
8-2
8 PoE Configuration
Power Supply Combination 250 W constant current 250 W constant current 500 W constant current 250 W constant current 500 W constant current 500 W constant current
Available PoE Power 246.4W 369.6W 369.6W
8.3 Configuring PoE Functions

This section describes how to configure PoE functions. 8.3.1 Establishing the Configuration Task 8.3.2 Configuring the PoE Function Globally 8.3.3 Configuring the PoE Function on an Interface In an interface view, you can enable the PoE function, set the maximum output power, set the power supply priority, and specify the power-off time segment. 8.3.4 Checking the Configuration

The S5300 can detect whether a device connected to it needs the remote power supply and provide power for the device that requires the remote power supply. According to the actual requirements on the network, you can: l l Set the maximum power and reserved power of the PoE power supply on the S5300 through commands. Control the remote power supply features of PoE interfaces separately, for example, enable or disable the remote power supply function, and set the maximum output power, the power supply mode, and the power supply priority through commands.
Before configuring the PoE functions, complete the following task: Installing the PoE power supply on the S5300.
8.3.2 Configuring the PoE Function Globally

Procedure
l Optional: Set the maximum output power of the device. 1. Run:
system-view
The system view is displayed.

8 PoE Configuration
2.
Run:
poe max-power maximum-power [ slot slot-id ]
The maximum output power of a board is set. The value of maximum-power ranges from 15400 to 739200, in mW. l Optional: Configure the PoE power supply management mode. 1. Run:
system-view

poe power-management { auto | manual } [ slot slot-id ]
The power supply management mode is configured. l Optional: Manually power on or power off the PD connected to an interface.
NOTE
When the manual power management mode is adopted, you must manually power on or power off PDs on interfaces.
1.
Run:
system-view

poe power-on interface interface-type interface-number or poe power-off interface interface-type interface-number
The PD connected to an interface is powered on or powered off manually. l Optional: Configure a board to allow high inrush current during power-on. If a PD does not comply with IEEE 802.3at or 802.3af, high inrush current is generated when the PD is powered on. In this case, the PSE cuts off the power of the PD to protect itself. If the PSE is required to provide power for the PD, the PSE must allow high inrush current. 1. Run:
system-view

poe high-inrush enable
A PoE board is configured to allow high inrush current during power-on. By default, a board does not allow high inrush power during power-on. l Optional: Set the percentage of the reserved PoE power against the total PoE power. The S5300 can dynamically allocate power to each interface according to the power consumption of each interface. The power consumption of a PD keeps changing when the PD is running. The S5300 periodically calculates the total power consumption of all the PDs connected to the device. If the total power consumption exceeds the upper threshold of the board, the S5300 cuts off the power of the PDs on the interfaces of low priority to ensure that other PDs can run normally. Sometimes, the power consumption increases sharply and the available power of the device cannot support the burst increase of power. At this time, the software system has not found
8 PoE Configuration
that the total power consumption exceeded the upper threshold; therefore, the S5300 does not power off interfaces of low priority in time. As a result, the PoE power supply is shut down for overload protection, and thus all PDs are powered off. This problem can be solved by setting proper reserved power. When the power consumption increases sharply, the reserved power can support the system running. Then the system software has time to power off interfaces of low priority to ensure stable running of other PDs. 1. Run:
system-view

poe power-reserved reserved-power-percent [ slot slot-id ]
The percentage of the reserved PoE power against the total PoE power is set. By default, 20% of the total PoE power is reserved. l Optional: Set the alarm threshold of power consumption percentage. 1. Run:
system-view

poe power-threshold thresholdvalue [ slot slot-id ]
The alarm threshold of power consumption percentage is set. By default, the alarm threshold is 90%. That is, an alarm is generated when the consumed power accounts for 90% of the total power. ----End
8.3.3 Configuring the PoE Function on an Interface

In an interface view, you can enable the PoE function, set the maximum output power, set the power supply priority, and specify the power-off time segment.
Procedure
Step 1 Enable the PoE function on an interface. 1. Run:
system-view


poe enable
The PoE function is enabled.

8 PoE Configuration
By defult, the PoE function is enabled on all interfaces. Step 2 Optional: Set the maximum output power of an interface. 1. Run:
system-view


poe power maximum-power
The maximum output power of the interface is set. By default, the maximum output power of an interface is 30000 mW. Step 3 Optional: Set the power supply priority of an interface. 1. Run:
system-view


poe priority { critical | high | low }
The power supply priority of the interface is set. By default, the power supply priority of an interface is low. The priorities in descending order are critical, high, and low. Step 4 Optional: (Optional) Set the power-off time range of a PoE interface. 1. Run:
system-view

time-range time-name { start-time to end-time days | from time1 date1 [ to time2 date2 ] }
The power-off time range of a PoE interface is set. 3. Run:


poe power-off time-range time-range-name
The power-off time range takes effect on the interface. Step 5 Optional: Enable an interface to check compatibility of PDs.

NOTE
8 PoE Configuration
Before enabling an interface to check compatibility of PDs, you must enable PoE on the PSE. After this function is enabled, the interface can detect the PDs that do not comply with IEEE 802.3af.
1.
Run:
system-view


poe legacy enable
The interface is enabled to check compatibility of PDs. By default, an interface does not check compatibility of PDs. Step 6 Optional: Power on an interface forcibly. If the PSE cannot identify the PD connected to an interface, you can forcibly power on the interface. Before powering on the interface, ensure that the system power is sufficient. 1. Run:
system-view


poe force-power
The interface is forcibly powered on. By default, an interface cannot provide power for unidentified PDs. ----End

Prerequisite
The PoE power supply and PoE board are installed, and the PoE function is configured.
Procedure
Step 1 Run the display poe-power command to view the status of the PoE power supply. Step 2 Run the display poe device command to view information about the devices that support the PoE function. Step 3 Run the display poe information command to view the PoE information.
8 PoE Configuration
Step 4 Run the display poe power interface interface-type interface-number command to view the output power of an interface. Step 5 Run the display poe power-state interface interface-type interface-number command to view the status of PoE power supply on an interface. ----End

This section provides an example for configuring PoE on the S5300. 8.4.1 Example for Configuring PoE on the Switch
8.4.1 Example for Configuring PoE on the Switch

As shown in Figure 8-1, Switch supports PoE. Switch A, Switch B, and the AP can be powered through PoE.
NOTE
Switch A, Switch B, and the AP are devices of other vendors and need to be powered through PoE.
l l l
Switch A is connected to GE 0/0/1 on Switch; the maximum power consumption of Switch A is 12000 mw; Switch A is connected to the data server and needs to be powered first. Switch B is connected to GE 0/0/2 on Switch; the maximum power consumption of Switch B is 12000 mw; Switch B is connected to common users who access the Internet. The AP is connected to GE 0/0/3 on Switch; the maximum power consumption of the AP is 2500 mw; the AP is connected to users who access the Internet wirelessly.
Switch provides power for Switch A, Switch B, and the AP in automatic mode, and is enabled with compatibility detection for PDs. Figure 8-1 Networking diagram of PoE configurations
Switch GE0/0/1 SwitchA GE0/0/3 GE0/0/2 AP
SwitchB
8-8
Issue 03 (2011-01-30)
8 PoE Configuration
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Enable PoE on GE 0/0/1 of Switch, and configure the maximum power and the power supply priority of GE 0/0/1. Enable PoE on GE 0/0/2 of Switch, and set the maximum power consumption of GE 0/0/2. Enable PoE on GE 0/0/3 of Switch, and set the maximum power consumption of GE 0/0/3. Configure the maximum power consumption of the interface connecting the AP on Switch. Configure the power supply management of Switch to be in automatic mode.
Data Preparation
To complete the configuration, you need the following data: l l Number of an interface on which PoE is to be enabled Maximum power consumption of an interface
1. # Enable PoE on GE 0/0/1 of Switch, and configure the maximum power and the power supply priority GE 0/0/1.
<Switch> system-view [Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] poe enable [Switch-GigabitEthernet0/0/1] poe power 12000 [Switch-GigabitEthernet0/0/1] poe priority critical [Switch-GigabitEthernet0/0/1] quit
2.
# Enable PoE on GE 0/0/2 of Switch, and set the maximum power consumption of GE 0/0/2 to 20000 mW.
[Switch] interface gigabitethernet 0/0/2 [Switch-GigabitEthernet0/0/2] poe enable [Switch-GigabitEthernet0/0/2] poe power 20000 [Switch-GigabitEthernet0/0/2] quit
3.
# Enable PoE on GE 0/0/3 of Switch, and set the maximum power consumption of GE 0/0/3 to 2500 mW.
[Switch] interface gigabitethernet 0/0/3 [Switch-GigabitEthernet0/0/3] poe enable [Switch-GigabitEthernet0/0/3] poe power 2500 [Switch-GigabitEthernet0/0/3] quit
4.
# Configure the power supply management of Switch to be in automatic mode.

[Switch] poe power-management auto
Configuration Files
Configuration file of Switch
# sysname Switch # interface GigabitEthernet0/0/1 poe power 12000 poe priority critical # interface GigabitEthernet0/0/2 poe power 20000
Issue 03 (2011-01-30)
8-9
8 PoE Configuration
# interface GigabitEthernet0/0/3 poe power 2500 # interface GigabitEthernet0/0/4 # return
8-10
Issue 03 (2011-01-30)
9 ALS Configuration
9
About This Chapter
ALS Configuration
This chapter describes the Automatic Laser Shutdown (ALS) configuration on the S5300. 9.1 ALS Overview The ALS mechanism controls the pulse of the laser of an optical module by detecting the Loss of Signal (LOS) on an optical interface. 9.2 ALS Features Supported by the S5300 This section describes the ALS features supported by the S5300. 9.3 Configuring ALS Configuring ALS of the laser of an optical module in the interface view provides security protection and saves energy. 9.4 Configuration Examples This section provides a configuration example of ALS.
Issue 03 (2011-01-30)
9-1
9 ALS Configuration
9.1 ALS Overview

The ALS mechanism controls the pulse of the laser of an optical module by detecting the Loss of Signal (LOS) on an optical interface. When ALS is disabled, if the fiber link is faulty, the optical interface is not disabled and the laser of an optical module is enabled though data communication is interrupted. If the laser of an optical module still sends pulses after data communication is interrupted, energy is wasted and eyes of operators may be hurt. When ALS is enabled, if the fiber link is faulty, the software automatically disables the laser of an optical module from sending pulses on the optical interface after detecting the LOS on the optical interface. When the faulty fiber link is recovered, the software detects that the LOS of the optical interface is cleared. Then the software enables the laser to send pulses. The ALS mechanism protects operators against laser injury and saves energy.
9.2 ALS Features Supported by the S5300

This section describes the ALS features supported by the S5300.
Applicable Environment of ALS

l The switches are connected through fibers. When switches are connected through fibers, the ALS function can be enabled on interfaces of switches to protect users against laser radiation to eyes, as shown in Figure 9-1. Figure 9-1 Connecting switches through fibers
TX
RX
RX SwitchA
l
TX SwitchB
The switch and the optical network terminal (ONT) are connected through fibers. In the application of fiber to the home (FTTH), if ONT users perform improper operations on the fiber because of lack of knowledge about radiation or children touch the fiber, the radiation of the laser harms eyes. To solve this problem, you can enable the ALS function on the switch to protect safety of users. Figure 9-2 shows the connection. Figure 9-2 Connecting the switch and ONT through the fiber
TX
RX
RX Switch
TX ONT
9-2
Issue 03 (2011-01-30)
9 ALS Configuration
Influence of the ALS Function on Link Data Communication Recovery

When ALS is disabled, the optical module laser of the switch is still working. After the fiber link is recovered, the LOS is cleared and the interface becomes Up rapidly. When ALS is enabled, the switch controls the laser by detecting the LOS on the interface. This delays the recovery of data communication on the link. l ALS is enabled on both ends of the fiber link. As shown in Figure 9-1, two switches are connected through the fiber. The interfaces of the two switches are enabled with ALS and work in automatic restart mode. After the fiber link is recovered, the process for interfaces of Switch A and Switch B changing from Down to Up is as follows: 1. 2. 3. 4. 5. l Switch A sends pulses periodically. Switch B receives pulses of Switch A after the fiber link is recovered. The LOS on the interface of Switch B is cleared, and the interface becomes Up and sends signals. Switch A receives signals of Switch B. The LOS on the interface of Switch A is cleared, the interface becomes Up, and data communication is recovered.
ALS is enabled on one end of the fiber link. As shown in Figure 9-1, two switches are connected through the fiber. ALS is disabled on the interface of Switch A and enabled on the interface of Switch B, and the interface work in automatic restart mode. After the fiber link is recovered, the process for interfaces of Switch A and Switch B changing from Down to Up is as follows: 1. 2. 3. 4. 5. The optical module laser of Switch A is still working. Switch B receives optical signals of Switch A immediately after the fiber link is recovered. The LOS on the interface of Switch B is cleared, and the interface becomes Up and sends signals. Switch A receives signals of Switch B. The LOS on the interface of Switch A is cleared, the interface becomes Up, and data communication is recovered.
After ALS is enabled on an interface, the communication recovery speed on the interface is reduced. Packets are discarded if traffic is transmitted on the interface.
9.3 Configuring ALS

Configuring ALS of the laser of an optical module in the interface view provides security protection and saves energy. 9.3.1 Establishing the Configuration Task Before configuring ALS, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately. 9.3.2 Enabling ALS on an Interface The ALS configuration takes effect only after ALS is enabled on an interface. 9.3.3 (Optional) Setting the Restart Mode of the Laser
9 ALS Configuration
The laser can work in automatic restart mode or manual restart mode. By default, the laser works in automatic restart mode. 9.3.4 (Optional) Starting the Laser Manually When the laser works in automatic restart mode, you need to manually open the laser so that the laser sends one pulse. 9.3.5 (Optional) Setting the ALS Pulse Interval and Width of the Laser You can set the proper laser pulse interval and width to ensure energy conservation and emission deduction and timely detection of fiber link recovery. 9.3.6 Checking the Configuration After ALS is configured, you can the ALS configuration on a specified interface or in a specified slot, including the ALS status, laser status, ALS restart mode, and ALS pulse interval and width.

Before configuring ALS, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This helps you complete the configuration task quickly and accurately.
The S5300 controls the laser of an optical module by detecting the LOS on the optical interface; thus, the S5300 provides security protection and saves energy. According to the actual networking requirements, after ALS is enabled, you can: l l l Set the restart mode of the laser of an optical module through a command. Set the ALS pulse interval and width of the laser of an optical module through commands. View the ALS configuration on interfaces of different optical modules through commands.
Before configuring ALS, complete the following task: Ensure that the S5300 has an optical module.
Data Preparation
To configure ALS, you need the following data. No. 1 Data ALS pulse interval of the laser ALS pulse width of the laser
9.3.2 Enabling ALS on an Interface

The ALS configuration takes effect only after ALS is enabled on an interface.
9 ALS Configuration
Context
The constraints on ALS are as follows: l Only optical interfaces support ALS. Electrical interfaces do not support ALS. When optical interfaces transmit services undirectionally, they do not support ALS. The hardware must provide support for the software to detect the LOS on an optical interface and control the laser on an interface. l The link aggregation group does not support ALS.
Procedure
Step 1 Run:
system-view


als enable
ALS is enabled on the interface. By default, ALS is disabled on an interface. ----End
9.3.3 (Optional) Setting the Restart Mode of the Laser

The laser can work in automatic restart mode or manual restart mode. By default, the laser works in automatic restart mode.
Prerequisite
ALS is enabled on the interface.
Context
If the laser of an optical module works in automatic restart mode, the laser starts automatically at ALS pulse intervals. If the laser of an optical module is set to work in manual restart mode, you must start the laser manually. Then the laser sends a pulse. If the fiber link recovery is detected in time, you can use the manual restart mode so that the laser can send pulses immediately. Therefore, data communication can be recovered rapidly. By default, the laser works in automatic restart mode after ALS is enabled on all the interfaces.
Procedure
Step 1 Run:
system-view
Issue 03 (2011-01-30)
9-5
9 ALS Configuration


als restart mode manual
The restart mode of the laser is set to manual. The ALS pulse width of the interface in manual restart mode is the same as that in automatic restart mode. ----End
9.3.4 (Optional) Starting the Laser Manually

When the laser works in automatic restart mode, you need to manually open the laser so that the laser sends one pulse.
Prerequisite
The interface is enabled with ALS and works in manual restart mode.
Context
When an interface detects the LOS, the laser of the optical module stops sending pulses. If the als restart command is not used, the laser will not be restarted. If the interface still detects the LOS after the laser is started manually, the laser is stopped again. If the interface detects that the LOS is cleared, the laser of an optical module sends pulses and data communication is recovered.
Procedure
Step 1 Run:
system-view


als restart
The laser of an optical module is started manually. Then the laser sends a pulse. ----End
9-6
Issue 03 (2011-01-30)
9 ALS Configuration
9.3.5 (Optional) Setting the ALS Pulse Interval and Width of the Laser
You can set the proper laser pulse interval and width to ensure energy conservation and emission deduction and timely detection of fiber link recovery.
Prerequisite
The interface is enabled with ALS and works in automatic restart mode.
Context
The ALS pulse width refers to the duration in which a laser sends pulses; the ALS pulse interval refers to the period between rising edges of pulses. A smaller pulse width and a greater pulse interval saves more energy but reduces the speed of fiber link recovery.
Procedure
Step 1 Run:
system-view


als restart pulse-interval pulse-interval
The ALS pulse interval of the laser on the interface is set. By default, the ALS pulse interval is 100s. Step 4 Run:
als restart pulse-width pulse-width
The ALS pulse width of the laser on the interface is set. By default, the ALS pulse width is 2s. ----End

After ALS is configured, you can the ALS configuration on a specified interface or in a specified slot, including the ALS status, laser status, ALS restart mode, and ALS pulse interval and width.
Prerequisite
The ALS configurations are complete on the S5300.
9 ALS Configuration
Procedure
l l Run the display als configuration slot slot-id command to view the ALS configurations of member switches. Run the display als configuration interface interface-type interface-number command to check the ALS configuration on the specified interface.
----End

This section provides a configuration example of ALS. 9.4.1 Example for Configuring ALS Through the ALS function, a laser can automatically stop sending pulses when a link is faulty and recover pulse transmission after the link is recovered.
9.4.1 Example for Configuring ALS

Through the ALS function, a laser can automatically stop sending pulses when a link is faulty and recover pulse transmission after the link is recovered.
As shown in Figure 9-3, the LPUs that support ALS are installed in slot 1 of Switch A and Switch B, GE 0/0/1 of Switch A and Switch B are connected through a fiber. When data transmission is interrupted by faults occurred on the fiber link, if the laser of the optical module sends pulses continuously, the energy is wasted and potential risks are caused. After ALS is enabled on both interfaces of the fiber link, the laser stops sending pulses if a fault occurs on the fiber link. If the faulty link is recovered, the laser starts to send pulses. Figure 9-3 ALS application
GE0/0/1
GE0/0/1
SwitchA
SwitchB
The configuration roadmap is as follows: 1. 2. 3. Enable ALS on GE 0/0/1 on Switch A and Switch B. Configure the lasers of GE 0/0/1 on Switch A and Switch B to work in automatic restart mode. Set the ALS pulse intervals and widths of the lasers of GE 0/0/1 on Switch A and Switch B.
9-8
9 ALS Configuration
Data Preparation
To complete the configuration, you need the following data: l l ALS pulse interval and width of the laser of the optical module on GE 0/0/1 of Switch A ALS pulse interval and width of the laser of the optical module on GE 0/0/1 of Switch B
Procedure
Step 1 Enable ALS on GE 0/0/1 of Switch A, configure the laser of the interface to work in automatic restart mode, and set the ALS pulse interval and width to 200s and 3s. # Enable ALS.
<SwitchA> system-view [SwitchA] interface gigabitethernet 0/0/1 [SwitchA-GigabitEthernet0/0/1] als enable
# Set the ALS pulse interval and width of the laser.

[SwitchA-GigabitEthernet0/0/1] undo als restart mode manual [SwitchA-GigabitEthernet0/0/1] als restart pulse-interval 200 [SwitchA-GigabitEthernet0/0/1] als restart pulse-width 3
Step 2 Enable ALS on GE 0/0/1 of Switch B, configure the laser of the interface to work in automatic restart mode, and set the ALS pulse interval and width to 200s and 3s. # Enable ALS.
<SwitchB> system-view [SwitchB] interface gigabitethernet 0/0/1 [SwitchB-GigabitEthernet0/0/1] als enable
# Set the ALS pulse interval and width of the laser.

[SwitchA-GigabitEthernet0/0/1] undo als restart mode manual [SwitchB-GigabitEthernet0/0/1] als restart pulse-interval 200 [SwitchB-GigabitEthernet0/0/1] als restart pulse-width 3
Step 3 Verify the configuration. # Run the display als configuration interface interface-type interface-number command on Switch A and Switch B, and you can view the ALS configuration.
<SwitchA> display als configuration interface gigabitethernet0/0/1 ------------------------------------------------------------------------------Interface ALS Laser Restart Interval(s) Width(s) Status Status Mode ------------------------------------------------------------------------------GigabitEthernet0/0/1 Enable Off Auto 200 3 ------------------------------------------------------------------------------<SwitchB> display als configuration interface gigabitethernet0/0/1 ------------------------------------------------------------------------------Interface ALS Laser Restart Interval(s) Width(s) Status Status Mode ------------------------------------------------------------------------------GigabitEthernet0/0/1 Enable Off Auto 200 3 -------------------------------------------------------------------------------
----End
9 ALS Configuration
Configuration Files
l Configuration file of Switch A
# sysname SwitchA # interface GigabitEthernet0/0/1 als enable als restart pulse-interval 200 als restart pulse-width 3 # return
Configuration file of Switch B

# sysname SwitchB # interface GigabitEthernet0/0/1 als enable als restart pulse-interval 200 als restart pulse-width 3 # return
9-10
Issue 03 (2011-01-30)
10 Restarting and Resetting
10
About This Chapter
Restarting and Resetting
This chapter introduces the basics of the BootROM software and the Versatile Routing Platform (VRP) system software, and describes how to restart the S5300. 10.1 Introduction This section introduces the required knowledge in restarting and resetting the S5300. 10.2 Restarting the S5300 Immediately This section describes how to restart the S5300 immediately. 10.3 Restarting the S5300 at a Fixed Time This section describes how to restart the S5300 at a fixed time.
Issue 03 (2011-01-30)
10-1
10.1 Introduction
This section introduces the required knowledge in restarting and resetting the S5300. 10.1.1 Process of Starting the S5300 10.1.2 Process of Starting the BootROM
10.1.1 Process of Starting the S5300

The software of the S5300 consists of the BootROM and the VRP. After the S5300 is powered on, the BootROM and the VRP start the system in turn as shown in Figure 10-1. Figure 10-1 Process of starting the S5300
Start
BootROM starts
Press Ctrl+B No
Yes
Enter the BootROM menu Upgrade the VRP
Quit the BootROM menu VRP starts
Enter the command line interface
End
The advanced BootROM starts the VRP.
10.1.2 Process of Starting the BootROM

NOTE
To check the BootROM startup process, you need to connect the Console port of the switch to a terminal by using a serial port cable.
The BootROM compares the current configuration with the configuration file. If they are the same, the BootROM asks you whether to reboot the system. The message is as follows:
Info: The system is now comparing the configuration, please wait. System will reboot! Continue?[Y/N]:y BIOS LOADING ... Copyright (c) 2008-2010 HUAWEI TECH CO., LTD. CX22EFFE (Ver124, Jun 9 2010, 17:41:46) Press Ctrl+B to enter BOOTROM menu ... 0
Press Ctrl+B within two seconds. The system prompts you to enter the password of the advanced BootROM menu as follows: The default password is huawei.
password: BOOTROM MENU 1. Boot with default mode 2. Enter serial submenu 3. Enter startup submenu 4. Enter ethernet submenu 5. Enter filesystem submenu 6. Modify BOOTROM password 7. Reboot Enter your choice(1-7):
In the advanced BootROM menu, you can choose to upgrade the VRP or specify the VRP version to be loaded when the S5300 is started. The BootROM initializes the serial interface and the console interface, decompresses the logical files on the logical chip and the VRP, and then starts the VRP. The terminal displays information as follows:
Decompressing Image file ... done PPI DEV SysInit......OK Hard system init.................OK Begin to start the system, please waiting ...... VOS VOS CFM PAT VOS VFS init.....................OK monitor init.................OK init advance.................OK init ........................OK VFS init hind ...............OK
VRP_Root begin... VRP_InitializeTask begin... Init the Device Link.............OK CFG_PlaneInit begin..............OK CFM_Init begin...................OK CLI_CmdInit begin................OK VRP_RegestAllLINKCmd begin.......OK create task begin................ task init begin... Recover configuration...OK!done Press ENTER to get started.
When the terminal displays the preceding information, it indicates that the starting of the VRP is complete. Press Enter to enter a Command Line Interface (CLI).
10.2 Restarting the S5300 Immediately

This section describes how to restart the S5300 immediately.
10.2.1 Restarting the S5300 Immediately Through Command Lines 10.2.2 Restarting the S5300 Through the Power Button on the S5300
10.2.1 Restarting the S5300 Immediately Through Command Lines

Context
CAUTION
The reboot command can paralyze the network for a while. Therefore, run the reboot command with caution. Before restarting the S5300, check whether to save the configuration file and whether the file contents are correct. For details on saving the configuration file, refer to the Configuration Guide - Basic Configuration.
Procedure
Step 1 Run:
reboot
The S5300 is restarted immediately. ----End
10.2.2 Restarting the S5300 Through the Power Button on the S5300
Context
CAUTION
The action can paralyze the network for a while. Therefore, perform this action with caution. Before restarting the S5300, check whether to save the configuration file and whether the file contents are correct. For details on saving the configuration file, see the Quidway S5300 Series Ethernet Switches Configuration Guide - Basic Configuration.
Procedure
Step 1 Press the power button on the S5300 to power off the running S5300. Step 2 Press the power button on the S5300 again to restart the S5300. ----End
10.3 Restarting the S5300 at a Fixed Time

This section describes how to restart the S5300 at a fixed time.
Procedure
Step 1 Run:
schedule reboot { at time | delay interval [ force ] }
The function of restarting the S5300 at a fixed time is enabled. The S5300 does not support the function of restarting the S5300 at a fixed time by default. ----End
Issue 03 (2011-01-30)
10-5

Configuration Guide - Device Management (V100R005C01 - 03)

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Configuration Guide - Device Management (V100R005C01 - 03)

Загружено:

Авторское право:

Доступные форматы

Quidway S5300 Series Ethernet Switches V100R005C01

Configuration Guide - Device Management

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

About This Document

About This Document

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

About This Document

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Changes in Issue 03 (2011-01-30)

Changes in Issue 02 (2010-12-01)

Changes in Issue 01 (2010-08-15)

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

2 NAP Configuration.................................................................................................................... 2-1

4 Using display commands to check the status of the device...............................................4-1

6 Monitoring the Device Through the Information Center..................................................6-1

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

10 Restarting and Resetting.......................................................................................................10-1

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Default Configuration File

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.2 Auto-Config Features Supported by the S5300

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Figure 1-1 Basic process of Auto-Config

Load the existing configuration file

No Start the switch according to default configurations

Load default configurations and initiate Auto-Config No

Yes Configuration file is obtained within 24 consecutive timeout periods?

Delete the timer for obtaining a configuration file

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.3 Deploying Unconfigured Switches (Same Network Segment)

1.3.1 Establishing the Configuration Task

SwitchB DHCP Server SwitchC FTP/TFTP Server

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.3.2 Configuring the DHCP Server

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.3.3 Configuring the FTP/TFTP Server

1.3.4 Checking the Configuration

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.4 Deploying Unconfigured Switches (Different Network Segments)

1.4.1 Establishing the Configuration Task

SwitchA Network SwitchB DHCP Relay DHCP Server SwitchC

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.4.2 Configuring the DHCP Server

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway S5300 Series Ethernet Switches Configuration Guide - Device Management

1.4.3 Configuring DHCP Relay

1.4.4 Configuring the FTP/TFTP Server