- DL manuals
- H3C
- Switch
- H3C S7500E Series
- Operation Manual
H3C H3C S7500E Series Operation Manual - page 913
Operation Manual – ARP
H3C S7500E Series Ethernet Switches
Chapter 1 ARP Configuration
1-7
[Sysname-vlan-interface10] quit
[Sysname] arp static 192.168.1.1 000f-e201-0000 10 gigabitethernet2/0/10
1.3 Configuring Gratuitous ARP
1.3.1 Introduction to Gratuitous ARP
A gratuitous ARP packet is a special ARP packet, in which the source IP address and
destination IP address are both the IP address of the sender, the source MAC address
is the MAC address of the sender, and the destination MAC address is a broadcast
address.
A device can implement the following functions by sending gratuitous ARP packets:
z
Determining whether its IP address is already used by another device.
z
Informing other devices of its MAC address change so that they can update their
ARP entries.
A device receiving a gratuitous ARP packet can add the information carried in the
packet to its own dynamic ARP mapping table if it finds no corresponding ARP entry for
the ARP packet in the cache.
1.3.2 Configuring Gratuitous ARP
Follow these steps to configure gratuitous ARP:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable the device to send
gratuitous ARP packets
when receiving ARP
requests from another
network segment
gratuitous-arp-sending
enable
Required
By default, a device
cannot send gratuitous
ARP packets when
receiving ARP requests
from another network
segment.
Enable the gratuitous
ARP packet learning
function
gratuitous-arp-learning
enable
Required
Enabled by default.
1.4 Configuring ARP Source Suppression
1.4.1 Introduction to ARP Source Suppression
If a host attacks the device on a network by sending large amounts of IP packets whose
IP addresses cannot be resolved:
Summary of H3C S7500E Series
Page 1
H3c s7500e series ethernet switches operation manual hangzhou h3c technologies co., ltd. Http://www.H3c.Com manual version: 20071025-c-1.01 product version: release 6000
Page 2
Copyright © 2007, hangzhou h3c technologies co., ltd. And its licensors all rights reserved no part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of hangzhou h3c technologies co., ltd. Trademarks h3c, , aolynk, , h 3 care, , top g, , irf, n...
Page 3: About This Manual
About this manual related documentation in addition to this manual, each h3c s7500e series ethernet switches documentation set includes the following: manual description h3c s7500e series ethernet switches command manual it is used for assisting the users in using various commands. (see the electron...
Page 4
Part contents 10 ip routing overview introduces the basic routing information and the classification of routing protocols. 11 ipv4 routing introduces ipv4 routing related configurations, such as static routing, rip, ospf, is-is, bgp, and route policy. 12 ipv6 routing introduces ipv6 routing related ...
Page 6
Iii. Symbols convention description warning means reader be extremely careful. Improper operation may cause bodily injury. Caution means reader be careful. Improper operation may cause data loss or damage to equipment. Note means a complementary description..
Page 7: Table of Contents
Operation manual – product overview h3c s7500e series ethernet switches table of contents i table of contents chapter 1 obtaining the documentation .................................................................................... 1-1 1.1 cd-rom .......................................................
Page 8
Operation manual – product overview h3c s7500e series ethernet switches chapter 1 obtaining the documentation 1-1 chapter 1 obtaining the documentation h3c technologies co., ltd. Provides various ways for you to obtain documentation, through which you can obtain the product documentations and those ...
Page 9
Operation manual – product overview h3c s7500e series ethernet switches chapter 1 obtaining the documentation 1-2 1.3 software release notes with software upgrade, new software features may be added. You can acquire the information about the newly added software features through software release not...
Page 10
Operation manual – product overview h3c s7500e series ethernet switches chapter 2 documentation and product version 2-1 chapter 2 documentation and product version 2.1 documentation and software version h3c s7500e series ethernet switches operation manual and h3c s7500e series ethernet switches comm...
Page 11: Chapter 3 Product Overview
Operation manual – product overview h3c s7500e series ethernet switches chapter 3 product overview 3-1 chapter 3 product overview 3.1 preface h3c s7500e series ethernet switches (hereinafter referred to as the s7500e series) are cost-effective layer 3 switch with high capacity. It is designed to ope...
Page 12
Operation manual – product overview h3c s7500e series ethernet switches chapter 3 product overview 3-2 srpu chassis lsq1mp ua0 lsq1srp2xb0 (salience vi-10ge) lsq1srpb0 (salience vi) lsq1srp1cb0 (salience vi-turbo) s7510e no yes yes yes s7506e-v no yes yes yes note: h3c s7500e series ethernet switch ...
Page 13
Operation manual – product overview h3c s7500e series ethernet switches chapter 3 product overview 3-3 module software feature 06-link aggregation z static link aggregation control protocol (lacp) link aggregation z manual link aggregation 07-mac address table management z configuring dynamic, stati...
Page 14
Operation manual – product overview h3c s7500e series ethernet switches chapter 3 product overview 3-4 module software feature 16-aaa radius hwtacacs z authentication, authorization, and accounting (aaa) z remote authentication dial-in user service (radius) z huawei terminal access controller access...
Page 15
Operation manual – product overview h3c s7500e series ethernet switches chapter 3 product overview 3-5 module software feature 28-system maintenance and debugging z configuring command levels z configuring online help for command lines z configuring system time z displaying and configuring system de...
Page 16
Operation manual – product overview h3c s7500e series ethernet switches chapter 4 networking applications 4-1 chapter 4 networking applications s7500e series switches can: z be used as core layer devices of small-sized network. Z be used for high-speed links for data centers. Z be used as distributi...
Page 17
Operation manual – product overview h3c s7500e series ethernet switches chapter 4 networking applications 4-2 4.2 providing high-speed links for data centers getrunk 10ge/getrunk 10ge/getrunk s7500e core network s7500e s7500e figure 4-2 application of s7500e series switches in data center.
Page 18: Table of Contents
Operation manual – login h3c s7500e series ethernet switches table of contents i table of contents chapter 1 logging into an ethernet switch ............................................................................... 1-1 1.1 logging into an ethernet switch...........................................
Page 19
Operation manual – login h3c s7500e series ethernet switches table of contents ii chapter 4 logging in using modem............................................................................................ 4-1 4.1 introduction ...........................................................................
Page 20
Operation manual – login h3c s7500e series ethernet switches chapter 1 logging into an ethernet switch 1-1 chapter 1 logging into an ethernet switch when logging into an ethernet switch, go to these sections for information you are interested in: z logging into an ethernet switch z introduction to u...
Page 21
Operation manual – login h3c s7500e series ethernet switches chapter 1 logging into an ethernet switch 1-2 1.2.2 user interface number two kinds of user interface index exist: absolute user interface index and relative user interface index. 1) the absolute user interface indexes are as follows: z au...
Page 22
Operation manual – login h3c s7500e series ethernet switches chapter 1 logging into an ethernet switch 1-3 to do… use the command… remarks set the history command buffer size history-command max-size value optional the default history command buffer size is 10. That is, a history command buffer can ...
Page 24
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-1 chapter 2 logging in through the console port when logging in through the console port, go to these sections for information you are interested in: z introduction z setting up the connectio...
Page 25
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-2 after logging into a switch, you can perform configuration for aux users. Refer to console port login configuration for more. 2.2 setting up the connection to the console port z connect the...
Page 26
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-3 figure 2-3 specify the port used to establish the connection figure 2-4 set port parameters terminal window z turn on the switch. The user will be prompted to press the enter key if the swi...
Page 27
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-4 2.3 console port login configuration 2.3.1 common configuration table 2-2 lists the common configuration of console port login. Table 2-2 common configuration of console port login configur...
Page 28
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-5 configuration description define a shortcut key for aborting tasks optional the default shortcut key combination for aborting tasks is . Define a shortcut key for starting terminal sessions...
Page 29
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-6 authentication mode console port login configuration description configure the password configure the password for local authentication required password perform common configuration perfor...
Page 30
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-7 2.4 console port login configuration with authentication mode being none 2.4.1 configuration procedure follow these steps to perform console port login configuration (with authentication mo...
Page 31
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-8 to do… use the command… remarks make terminal services available shell optional by default, terminal services are available in all user interfaces. Set the maximum number of lines the scree...
Page 32
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-9 2.4.2 configuration example i. Network requirements assume the switch is configured to allow you to login through telnet, and your user level is set to the administrator level (level 3). Af...
Page 33
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-10 # set the maximum number of lines the screen can contain to 30. [h3c-ui-aux0] screen-length 30 # set the maximum number of commands the history command buffer can store to 20. [h3c-ui-aux0...
Page 35
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-12 to do… use the command… remarks set the timeout time for the user interface idle-timeout minutes [ seconds ] optional the default timeout time of a user interface is 10 minutes. With the t...
Page 36
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-13 z the history command buffer can store up to 20 commands. Z the timeout time of the aux user interface is 6 minutes. Ii. Network diagram user pc running telnet ethernet ethernet2/0/1 figur...
Page 37
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-14 [h3c-ui-aux0] idle-timeout 6 after the above configuration, to ensure a successful login, the console user needs to change the corresponding configuration of the terminal emulation program...
Page 38
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-15 to do… use the command… remarks enter aux user interface view user-interface aux 0 — configure to authenticate users locally or remotely authentication-mode scheme [ command- authorization...
Page 39
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-16 to do… use the command… remarks set history command buffer size history-command max-size value optional the default history command buffer size is 10. That is, a history command buffer can...
Page 40
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-17 table 2-6 determine the command level scenario authentication mode user type command command level the user privilege level level command is not executed, and the service-type terminal [ l...
Page 41
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-18 z the history command buffer can store up to 20 commands. Z the timeout time of the aux user interface is 6 minutes. Ii. Network diagram user pc running telnet ethernet ethernet2/0/1 figur...
Page 42
Operation manual – login h3c s7500e series ethernet switches chapter 2 logging in through the console port 2-19 [h3c-ui-aux0] history-command max-size 20 # set the timeout time of the aux user interface to 6 minutes. [h3c-ui-aux0] idle-timeout 6 after the above configuration, to ensure a successful ...
Page 43
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-1 chapter 3 logging in through telnet when logging in through telnet, go to these sections for information you are interested in: z introduction z telnet configuration with authentication mode being no...
Page 44
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-2 note: z after you log into the switch through telnet, you can issue commands to the switch by way of pasting session text, which cannot exceed 2000 bytes, and the pasted commands must be in the same ...
Page 45
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-3 configuration remarks define a shortcut key for aborting tasks optional the default shortcut key combination for aborting tasks is . Make terminal services available optional by default, terminal ser...
Page 46
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-4 authentication mode telnet configuration remarks configure the password configure the password for local authentication required password perform common configuration perform common telnet configurat...
Page 47
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-5 to do… use the command… remarks enter system view system-view — enter one or more vty user interface views user-interface vty first -number [ last-number ] — configure not to authenticate users loggi...
Page 48
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-6 to do… use the command… remarks set the timeout time of the vty user interface idle-timeout minutes [ seconds ] optional the default timeout time of a user interface is 10 minutes. With the timeout t...
Page 49
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-7 ii. Network diagram figure 3-1 network diagram for telnet configuration (with the authentication mode being none) iii. Configuration procedure # enter system view, and enable the telnet service. Syst...
Page 50
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-8 to do… use the command… remarks enter system view system-view — enter one or more vty user interface views user-interface vty first -number [ last-number ] — configure to authenticate users logging i...
Page 51
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-9 to do… use the command… remarks set the history command buffer size history-command max-size value optional the default history command buffer size is 10. That is, a history command buffer can store ...
Page 52
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-10 3.3.2 configuration example i. Network requirements assume that you are a level 3 aux user and want to perform the following configuration for telnet users logging into vty 0: z authenticate users l...
Page 53
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-11 [h3c-ui-vty0] history-command max-size 20 # set the timeout time to 6 minutes. [h3c-ui-vty0] idle-timeout 6 3.4 telnet configuration with authentication mode being scheme 3.4.1 configuration procedu...
Page 54
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-12 to do… use the command… remarks enter one or more vty user interface views user-interface vty first -number [ last-number ] — configure to authenticate users locally or remotely authentication-mode ...
Page 55
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-13 to do… use the command… remarks set the timeout time for the user interface idle-timeout minutes [ seconds ] optional the default timeout time of a user interface is 10 minutes. With the timeout tim...
Page 56
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-14 table 3-6 determine the command level when users logging into switches are authenticated in the scheme mode scenario authenticat ion mode user type command command level the user privilege level lev...
Page 57
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-15 scenario authenticat ion mode user type command command level the user privilege level level command is executed, and the service-type command does not specify the available command level. Level 0 t...
Page 58
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-16 iii. Configuration procedure # enter system view, and enable the telnet service. System-view [h3c] telnet server enable # create a local user named guest and enter local user view. [h3c] local-user ...
Page 59
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-17 z execute the following commands in the terminal window to enable the telnet server function and assign an ip address to the management vlan interface of the switch. # enable the telnet server funct...
Page 60
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-18 figure 3-5 launch telnet step 5: enter the password when the telnet window displays “login authentication” and prompts for login password. The cli prompt (such as ) appears if the password is correc...
Page 61
Operation manual – login h3c s7500e series ethernet switches chapter 3 logging in through telnet 3-19 figure 3-6 network diagram for telnetting to another switch from the current switch step 1: configure the user name and password for telnet on the switch operating as the telnet server. Refer to sec...
Page 62
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-1 chapter 4 logging in using modem when logging in using modem, go to these sections for information you are interested in: z introduction z configuration on the administrator side z configuration on the ...
Page 63
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-2 4.3 configuration on the switch side 4.3.1 modem configuration perform the following configuration on the modem directly connected to the switch: at&f ----------------------- restore the factory setting...
Page 64
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-3 i. Configuration on switch when the authentication mode is none refer to console port login configuration with authentication mode being none . Ii. Configuration on switch when the authentication mode i...
Page 65
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-4 console port pstn telephone line modem serial cable telephone number of the romote end: 82882285 modem modem figure 4-1 establish the connection by using modems step 4: launch a terminal emulation utili...
Page 66
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-5 figure 4-3 call the modem step 5: provide the password when prompted. If the password is correct, the prompt (such as ) appears. You can then configure or manage the switch. You can also enter the chara...
Page 67
Operation manual – login h3c s7500e series ethernet switches chapter 4 logging in using modem 4-6 to do … use the command … remarks enter system view system-view — enter aux user interface view user-interface aux 0 — enable the modem to accept incoming calls, initiate outgoing calls, or both modem [...
Page 68
Operation manual – login h3c s7500e series ethernet switches chapter 5 logging in through nms 5-1 chapter 5 logging in through nms when logging in through nms, go to these sections for information you are interested in: z introduction z connection establishment using nms 5.1 introduction you can als...
Page 69
Operation manual – login h3c s7500e series ethernet switches chapter 5 logging in through nms 5-2 5.2 connection establishment using nms switch nms network figure 5-1 network diagram for logging in through an nms.
Page 70
Operation manual – login h3c s7500e series ethernet switches chapter 6 specifying source for telnet packets 6-1 chapter 6 specifying source for telnet packets when specifying source ip address/interface for telnet packets, go to these sections for information you are interested in: z introduction z ...
Page 71
Operation manual – login h3c s7500e series ethernet switches chapter 6 specifying source for telnet packets 6-2 ii. Specifying source ip address/interface for telnet packets in system view follow these steps to specify source ip address/interface for telnet packets in system view: to do… use the com...
Page 72
Operation manual – login h3c s7500e series ethernet switches chapter 7 controlling login users 7-1 chapter 7 controlling login users when controlling login users, go to these sections for information you are interested in: z introduction z controlling telnet users z controlling network management us...
Page 75
Operation manual – login h3c s7500e series ethernet switches chapter 7 controlling login users 7-4 ii. Network diagram switch 10.110.100.46 host a ip network host b 10.110.100.52 figure 7-1 network diagram for controlling telnet users using acls iii. Configuration procedure # define a basic acl. Sys...
Page 76
Operation manual – login h3c s7500e series ethernet switches chapter 7 controlling login users 7-5 7.3.2 controlling network management users by source ip addresses follow these steps to control network management users by source ip addresses: to do… use the command… remarks enter system view system...
Page 77
Operation manual – login h3c s7500e series ethernet switches chapter 7 controlling login users 7-6 community command) take effect in the network management systems that adopt snmpv1 or snmpv2c. Similarly, as snmp group name and snmp user name are features of snmpv2c and the higher snmp versions, the...
Page 78
Operation manual – login h3c s7500e series ethernet switches chapter 7 controlling login users 7-7 [h3c] snmp-agent usm-user v2c h3cuser h3cgroup acl 2000
Page 79: Table of Contents
Operation manual – vlan h3c s7500e series ethernet switches table of contents i table of contents chapter 1 vlan configuration .................................................................................................... 1-1 1.1 introduction to vlan...............................................
Page 80
Operation manual – vlan h3c s7500e series ethernet switches table of contents ii chapter 4 gvrp configuration .................................................................................................... 4-1 4.1 introduction to gvrp................................................................
Page 81
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-1 chapter 1 vlan configuration when configuring vlan, go to these sections for information you are interested in: z introduction to vlan z configuring basic vlan attributes z configuring basic vlan interface a...
Page 82
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-2 a vlan is not restricted by physical factors, that is to say, hosts that reside in different network segments may belong to the same vlan, users in a vlan can be connected to the same switch, or span across ...
Page 83
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-3 z the tpid field, 16 bits in length and with a value of 0x8100, indicates that a packet carries a vlan tag with it. Z the priority field, three bits in length, indicates the 802.1p priority of a packet. For ...
Page 85
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-5 follow these steps to configure basic vlan interface attributes: to do… use the command… remarks enter system view system-view — create a vlan interface or enter vlan interface view interface vlan-interface ...
Page 86
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-6 1.4 configuring port-based vlan 1.4.1 introduction to port-based vlan this is the simplest and yet the most effective way of classifying vlans. It groups vlan members by port. After added to a vlan, a port c...
Page 87
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-7 inbound packets handling port type untagged packets tagged packets outbound packets handling access tag each packet with the default vlan tag. Z receive the packets with the default vlan tag. Z drop the pack...
Page 88
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-8 to do… use the command… remarks add access ports to the current vlan port interface-list required by default, all the ports belong to vlan 1 follow these steps to configure an access-port-based vlan in ether...
Page 89
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-9 to do… use the command… remarks enter system view system-view — enter ethernet port view interface interface-type interface-number enter ethernet port view or port group view enter port group view port-group...
Page 90
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-10 to do… use the command… remarks enter system view system-view — enter ethernet port view interface interface-type interface-number enter ethernet port view or port group view enter port group view port-grou...
Page 91
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-11 in this approach, inbound packets are assigned with different vlan ids based on their protocol type and encapsulation format. The protocols that can be used to categorize vlans include: ip, ipx, and appleta...
Page 93
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-13 1.6 configuring ip-subnet-based vlan 1.6.1 introduction in this approach, vlans are categorized based on the source ip addresses and the subnet masks of packets. After receiving an untagged packet from a po...
Page 94
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-14 to do… use the command… remarks configure the association between the hybrid port and the ip-subnet-based vlan port hybrid ip-subnet-vlan vlan vlan-id required 1.7 displaying and maintaining vlan to do... U...
Page 95
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-15 z this port allows packets from vlan 2, vlan 6 to vlan 50, and vlan 100 to pass through. Ii. Network diagram figure 1-4 network diagram for port-based vlan configuration iii. Configuration procedure 1) conf...
Page 96
Operation manual – vlan h3c s7500e series ethernet switches chapter 1 vlan configuration 1-16 ip packet frame type: pktfmt_ethnt_2, hardware address: 0000-fc00-6504 description: ethernet2/0/1 interface loopback is not set media type is twisted pair port hardware type is 100_base_t unknown-speed mode...
Page 97
Operation manual – vlan h3c s7500e series ethernet switches chapter 2 isolate-user-vlan configuration 2-1 chapter 2 isolate-user-vlan configuration when configuring isolate-user vlan, go to these sections for information you are interested in: z introduction to isolate-user-vlan z configuring isolat...
Page 98
Operation manual – vlan h3c s7500e series ethernet switches chapter 2 isolate-user-vlan configuration 2-2 2.2 configuring isolate-user-vlan configure the isolate-user-vlan through the following steps: 1) configure the isolate-user-vlan; 2) configure the secondary vlan 3) add ports to the isolate-use...
Page 99
Operation manual – vlan h3c s7500e series ethernet switches chapter 2 isolate-user-vlan configuration 2-3 note: after a mapping is configured, the system disallows adding ports to and removing ports or vlans from the mapped isolate-user-vlan and secondary vlan. 2.3 displaying and maintaining isolate...
Page 100
Operation manual – vlan h3c s7500e series ethernet switches chapter 2 isolate-user-vlan configuration 2-4 iii. Configuration procedure the following are the configuration procedures for device b and device c. 1) configure device b # configure the isolate-user-vlan. System-view [deviceb] vlan 5 [devi...
Page 101
Operation manual – vlan h3c s7500e series ethernet switches chapter 2 isolate-user-vlan configuration 2-5 isolate-user-vlan vlan id : 5 secondary vlan id : 2-3 vlan id: 5 vlan type: static isolate-user-vlan type : isolate-user-vlan route interface: not configured description: vlan 0005 broadcast max...
Page 102
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-1 chapter 3 voice vlan configuration when configuring voice vlan, go to these sections for information you are interested in: z introduction to voice vlan z configuring voice vlan z displaying and mainta...
Page 103
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-2 note: z as the first 24 bits of a mac address (in binary format), an oui address is a globally unique identifier assigned to a vendor by ieee (institute of electrical and electronics engineers). Z the ...
Page 104
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-3 table 3-2 voice vlan operating mode and the corresponding voice traffic types voice vlan operating mode voice traffic type port link type access: the traffic type is not supported trunk: supported prov...
Page 105
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-4 note: z the default vlans for all ports are vlan 1. Using commands, users can either configure the default vlan of a port, or configure to allow a certain vlan to pass through the port. For more inform...
Page 106
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-5 to do... Use the command... Remarks enable the security mode of the voice vlan voice vlan security enable optional enabled by default configure the oui address for the voice vlan voice vlan mac-address...
Page 107
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-6 to do... Use the command... Remarks enter system view system-view — enable the security mode of a voice vlan voice vlan security enable optional enabled by default configure the oui address of a voice ...
Page 108
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-7 note: z only one vlan of a device can have the voice vlan function enabled at a time, and the vlan must be an exsiting static vlan. Z a port that has the link aggregation control protocol (lacp for sho...
Page 109
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-8 ii. Network diagram figure 3-1 voice vlan under automatic mode iii. Configuration procedure # create vlan 2 and vlan 6. System-view [devicea] vlan 2 [devicea-vlan2] quit [devicea] vlan 6 [devicea-vlan6...
Page 110
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-9 [devicea-ethernet2/0/1] voice vlan enable [devicea-ethernet2/0/1] return iv. Verification # display information about the oui addresses, oui address masks, and descriptive strings. Display voice vlan o...
Page 111
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-10 ii. Network diagram figure 3-2 voice vlan under manual mode iii. Configuration procedure # configure the voice vlan to work in security mode and only allows legal voice packets to pass through the voi...
Page 112
Operation manual – vlan h3c s7500e series ethernet switches chapter 3 voice vlan configuration 3-11 iv. Verification # display information about the oui addresses, oui address masks, and descriptive strings. Display voice vlan oui oui address mask description 0001-e300-0000 ffff-ff00-0000 siemens ph...
Page 113
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-1 chapter 4 gvrp configuration garp vlan registration protocol (gvrp) is a garp application. It functions based on the operating mechanism of garp to maintain and propagate dynamic vlan registration informatio...
Page 114
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-2 join messages, leave messages, and leaveall message make sure the reregistration and deregistration of garp attributes are performed in an orderly way. Through message exchange, all attribute information tha...
Page 115
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-3 attributes of other participants. When a port receives an attribute declaration, it registers the attribute; when a port receives an attribute withdrawal, it deregisters the attribute. Garp participants send...
Page 116
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-4 field description value attribute event event described by the attribute 0: leaveall event 1: joinempty event 2: joinin event 3: leaveempty event 4: leavein event 5: empty event attribute value attribute val...
Page 117
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-5 4.2 configuring gvrp note: gvrp can only be configured on trunk ports. Complete the following tasks to configure gvrp: task remarks enabling gvrp required configuring garp timers optional 4.2.1 enabling gvrp...
Page 118
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-6 4.2.2 configuring garp timers follow these steps to configure garp timers: to do… use the command… remarks enter system view system-view –– configure the garp leaveall timer garp timer leaveall timer-value o...
Page 119
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-7 4.3 displaying and maintaining gvrp to do… use the command… remarks display statistics about garp display garp statistics [ interface interface-list ] available in any view display garp timers for specified ...
Page 120
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-8 # enable gvrp globally. System-view [devicea] gvrp # configure port ethernet 2/0/1 as a trunk port, allowing all vlans to pass. [devicea] interface ethernet 2/0/1 [devicea-ethernet2/0/1] port link-type trunk...
Page 121
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-9 4.4.2 gvrp configuration example ii i. Network requirements configure gvrp for dynamic vlan information registration and update among devices. Specify fixed gvrp registration on device a and normal gvrp regi...
Page 122
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-10 [deviceb-ethernet2/0/1] gvrp [deviceb-ethernet2/0/1] quit # create vlan 3 (a static vlan). [sysname] vlan 3 3) verify the configuration # display dynamic vlan information on device a. [devicea] display vlan...
Page 123
Operation manual – vlan h3c s7500e series ethernet switches chapter 4 gvrp configuration 4-11 [devicea-ethernet2/0/1] quit # create vlan 2 (a static vlan). [devicea] vlan 2 2) configure device b # enable gvrp globally. System-view [deviceb] gvrp # configure port ethernet 2/0/1 as a trunk port, allow...
Page 124: Table of Contents
Operation manual – ip addressing and performance h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ip addressing configuration ...................................................................................... 1-1 1.1 ip addressing overview ........................
Page 125
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-1 chapter 1 ip addressing configuration when assigning ip addresses to interfaces on your device, go to these sections for information you are interested in: z ip addressing o...
Page 126
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-2 table 1-1 describes the address ranges of these five classes. Currently, the first three classes of ip addresses are used in quantity. Table 1-1 ip address classes and range...
Page 127
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-3 net-id and subnet-id whereas the part containing consecutive zeros identifies the host-id. Figure 1-2 shows how a class b network is subnetted. Figure 1-2 subnet a class b n...
Page 128
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-4 note: this chapter only covers how to assign an ip address manually. For the other approach, refer to dhcp configuration. This section includes: z assigning an ip address to...
Page 129
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-5 1.2.2 ip addressing configuration example i. Network requirements as shown in figure 1-3 , the interface vlan 1 on a switch is connected to a lan comprising two segments: 17...
Page 130
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-6 ping 172.16.1.2: 56 data bytes, press ctrl_c to break reply from 172.16.1.2: bytes=56 sequence=1 ttl=255 time=25 ms reply from 172.16.1.2: bytes=56 sequence=2 ttl=255 time=2...
Page 131
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 1 ip addressing configuration 1-7 1.3 displaying and maintaining ip addressing to do… use the command… remarks display information about a specified or all layer 3 interfaces display ip interface [ interface...
Page 132
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-1 chapter 2 ip performance configuration when configuring ip performance, go to these sections for information you are interested in: z ip performance overview z enabling rec...
Page 133
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-2 to do… use the command… remarks enter system view system-view — enable the device to receive directed broadcasts ip forward-broadcast required by default, the device is dis...
Page 134
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-3 ii. Network diagram figure 2-1 network diagram for receiving and forwarding directed broadcasts (on a switch) iii. Configuration procedure z configure switch a # enable swi...
Page 135
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-4 2.3 configuring tcp attributes 2.3.1 configuring tcp optional parameters tcp optional parameters that can be configured include: z synwait timer: when sending a syn packet,...
Page 136
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-5 i. Advantage of sending icmp error packets there are three kinds of icmp error packets: redirect packets, timeout packets and destination unreachable packets. Their sending...
Page 137
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-6 z if the source uses “strict source routing" to send packets, but the intermediate device finds the next hop specified by the source is not directly connected, the device w...
Page 138
Operation manual – ip addressing and performance h3c s7500e series ethernet switches chapter 2 ip performance configuration 2-7 2.5 displaying and maintaining ip performance to do… use the command… remarks display current tcp connection state display tcp status display tcp connection statistics disp...
Page 139: Table of Contents
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches table of contents i table of contents chapter 1 qinq configuration ..................................................................................................... 1-1 1.1 introduction to qinq...............................
Page 140
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-1 chapter 1 qinq configuration when configuring qinq, go to these sections for information you are interested in: z introduction to qinq z configuring basic qinq z configuring selective qinq z c...
Page 141
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-2 advantages of qinq: z addresses the shortage of public vlan id resource z enables customers to plan their own vlan ids, with running into conflicts with public network vlan ids. Z provides an ...
Page 142
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-3 figure 1-2 vlan tag structure of an ethernet frame an s7500e switch determines whether a received frame is vlan tagged by comparing its own tpid with the tpid field in the received frame. If t...
Page 143
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-4 protocol type value is-is 0x8000 lacp 0x8809 802.1x 0x888e cluster 0x88a7 reserved 0xfffd/0xfffe/0xffff 1.2 configuring basic qinq follow these steps to configure basic qinq: to do... Use the ...
Page 145
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-6 caution: z before enabling selective qinq on a port, enable basic qinq on the port first. Selective qinq enjoys higher priority than basic qinq. Therefore, a received frame will be tagged with...
Page 146
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-7 z third-party devices are deployed between provider a and provider b, with a tpid value of 0x8200. The expected result of the configuration is as follows: z vlan 10 of customer a and customer ...
Page 147
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-8 # configure the port as a hybrid port permitting frames of vlan 1000, vlan 2000, and vlan 3000 to pass through with the outer vlan tag removed. [providera] interface ethernet 2/0/1 [providera-...
Page 148
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-9 # configure vlan 1000 as the default vlan. [providera] interface ethernet 2/0/2 [providera-ethernet2/0/2] port access vlan 1000 # enable basic qinq. Tag frames from vlan 10 with the outer vlan...
Page 149
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 1 qinq configuration 1-10 [providerb] interface ethernet 2/0/3 [providerb-ethernet2/0/3] port access vlan 3000 # enable basic qinq to tag frames of all customer vlans with the outer vlan tag 3000. [providerb-ethernet2...
Page 150
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-1 chapter 2 bpdu tunneling configuration when configuring bpdu tunneling, go to these sections for information you are interested in: z introduction to bpdu tunneling z configuring bpd...
Page 151
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-2 ii. Bpdu transparent transmission as shown in figure 2-1 , the upper part is the service provider network, and the lower part represents the customer networks. The customer networks ...
Page 152
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-3 2.2 configuring bpdu isolation perform the following tasks to configure bpdu isolation: to do... Use the command... Remarks enter system view system-view — enable bpdu tunneling glob...
Page 153
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-4 to do... Use the command... Remarks enter ethernet port view interface interface-type interface-number enter ethernet port view or port group view enter port group view port-group { ...
Page 154
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-5 2.5 bpdu tunneling configuration example i. Network requirements z customer a, customer b, customer c, and customer d are customer network access devices. Z provider a, provider b, a...
Page 155
Operation manual – qinq-bpdu tunneling h3c s7500e series ethernet switches chapter 2 bpdu tunneling configuration 2-6 2) configuration on provider b # configure bpdu isolation on ethernet 2/0/2. System-view [providerb] interface ethernet 2/0/2 [providerb-ethernet2/0/2] port access vlan 4 [providerb-...
Page 156: Table of Contents
Operation manual – port correlation configuration h3c s7500e series ethernet switches table of contents i table of contents chapter 1 port correlation configuration................................................................................... 1-1 1.1 ethernet port configuration ...................
Page 157
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-1 chapter 1 port correlation configuration when configuring ethernet ports, go to these sections for information you are interested in: z ethernet port configuration z mai...
Page 158
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-2 similarly, if you configure the transmission rate for an ethernet port by using the speed command with the auto keyword specified, the transmission rate is determined th...
Page 159
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-3 to do... Use the command... Remarks enable flow control flow-control required turned off by default 1.1.3 configuring the suppression time of physical-link-state change ...
Page 160
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-4 to do... Use the command... Remarks enter system view system-view — enter ethernet port view interface interface-type interface-number — enable loopback test loopback { ...
Page 161
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-5 to do... Use the command... Remarks enter system view system-view — enter manual port group view port-group manual port-group-name — enter port group view enter aggregat...
Page 162
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-6 to do... Use the command... Remarks enter system view system-view — enter ethernet port view interface interface-type interface-number enter ethernet port view or port g...
Page 163
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-7 to do… use the command… remarks enter system view system-view — interface interface-type interface-number configure the interval for collecting port statistics flow-inte...
Page 164
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-8 1.1.9 enabling loopback detection on an ethernet port loop occurs when a port receives the packets that it sent out. Loops may cause broadcast storm. The purpose of loop...
Page 165
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-9 caution: z loopback detection on a given port is enabled only after the loopback-detection enable command has been issued in both system view and the port view of the po...
Page 166
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-10 caution: although the storm suppression function and the storm constrain function can all be used to control specific type of traffic, they conflict with each other. So...
Page 167
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 1 port correlation configuration 1-11 to do… use the command… remarks specify to send trap messages when the traffic detected exceeds the upper threshold or drops down below the lower threshold from a point...
Page 169
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 2 port isolation configuration 2-1 chapter 2 port isolation configuration when configuring port isolation, go to these sections for information you are interested in: z introduction to port isolation z conf...
Page 170
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 2 port isolation configuration 2-2 to do… use the command… remarks add a port to an isolation group as an ordinary port port-isolate enable group group-number required no ports are added to the isolation gr...
Page 171
Operation manual – port correlation configuration h3c s7500e series ethernet switches chapter 2 port isolation configuration 2-3 system-view [device] interface ethernet 2/0/1 [device-ethernet2/0/1] port-isolate enable [device-ethernet2/0/1] quit [device] interface ethernet 2/0/2 [device-ethernet2/0/...
Page 172: Table of Contents
Operation manual – link aggregation h3c s7500e series ethernet switches table of contents i table of contents chapter 1 link aggregation overview ........................................................................................ 1-1 1.1 link aggregation............................................
Page 173
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-1 chapter 1 link aggregation overview this chapter covers these topics: z link aggregation z approaches to link aggregation z load sharing in a link aggregation group z service loop group z ...
Page 174
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-2 table 1-1 consistency considerations for ports in an aggregation category considerations stp state of port-level stp (enabled or disabled) attribute of the link (point-to-point or otherwis...
Page 175
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-3 1.2 approaches to link aggregation two ways are available for implementing link aggregation, as described in manual link aggregation and static lacp link aggregation . 1.2.1 manual link ag...
Page 176
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-4 iii. Port configuration considerations in manual aggregation as mentioned above, in a manual aggregation group, only ports with configurations consistent with those of the reference port c...
Page 177
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-5 4) as there is a limit on the number of selected ports, not all selected-port candidates can become selected ports. Before the limit is reached, all the candidates are set to the selected ...
Page 178
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-6 forwarding port according to the source mac address and destination mac address. Z for a unicast ip packet with a known destination ip address, the switch selects the forwarding port accor...
Page 179
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 1 link aggregation overview 1-7 z these ports can be configured only with the physical configuration such as speed and duplex mode, qos, and acl. Other conflicting configurations, such as stp cannot be configured. Z thes...
Page 180
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-1 chapter 2 link aggregation configuration when configuring link aggregation, go to these sections for information you are interested in: z configuring link aggregation z displaying and...
Page 181
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-2 z for a manual aggregation group containing only one port, the only way to remove the port from it is to remove the aggregation group. Z to make an aggregation group to function prope...
Page 182
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-3 note: when making configuration, be aware that after a load-balancing aggregation group changes to a non-load balancing group due to resources exhaustion, either of the following may ...
Page 183
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-4 note: z you can remove any service loop group except those that are currently referenced by modules. Z for a service loop group containing only one port, the only way to remove the po...
Page 184
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-5 to do… use the command… remarks display detailed information about specified or all link aggregation groups display link-aggregation verbose [ agg-id ] available in any view clear the...
Page 185
Operation manual – link aggregation h3c s7500e series ethernet switches chapter 2 link aggregation configuration 2-6 # add ports ethernet 2/0/1 through ethernet 2/0/3 to the group. [switcha] interface ethernet 2/0/1 [switcha-ethernet2/0/1] port link-aggregation group 1 [switcha-ethernet2/0/1] interf...
Page 186: Table of Contents
Operation manual – mac address table management h3c s7500e series ethernet switches table of contents i table of contents chapter 1 mac address table management configuration ..................................................... 1-1 1.1 introduction to mac address table.................................
Page 187: Configuration
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-1 chapter 1 mac address table management configuration when configuring mac address table management, go to these sections for information you are interested in:...
Page 188
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-2 note: dynamically learned mac addresses cannot overwrite static mac address entries, but the latter can overwrite the former. As shown in figure 1-1 , when for...
Page 189
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-3 1.2.1 configuring mac address entries follow these steps to add, modify, or remove entries in the mac address table: to do… use the command… remarks enter syst...
Page 190
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-4 1.2.3 disabling mac address learning on an ethernet port or port group after enabling global mac address learning, you may disable the function on a per-port b...
Page 192
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-6 note: the maximum number of mac addresses that can be learned on a port cannot be applied to the cross-board aggregation group to which the port belongs, that ...
Page 193
Operation manual – mac address table management h3c s7500e series ethernet switches chapter 1 mac address table management configuration 1-7 # display the mac address entry for port ethernet 2/0/1. [sysname] display mac-address interface ethernet 2/0/1 mac addr vlan id state port index aging time(s)...
Page 194: Table of Contents
Operation manual – ip source guard h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ip source guard configuration .................................................................................. 1-1 1.1 ip source guard overview ......................................
Page 195
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-1 chapter 1 ip source guard configuration when configuring ip source guard, go to these sections for information you are interested in: z ip source guard overview z configuring a static b...
Page 196
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-2 to do… use the command… remarks enter system view system-view — enter interface view interface interface-type interface-number — configure a static binding entry user-bind { ip-address ...
Page 198
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-4 ii. Network diagram 192.168.0.1/24 mac address: 00-01-02-03-04-06 host a 192.168.0.2/24 mac address: 00-01-02-03-04-07 host b 192.168.0.3/24 mac address: 00-01-02-03-04-05 host c eth2/0...
Page 199
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-5 [switchb-ethernet2/0/1] user-bind ip-address 192.168.0.1 mac-address 0001-0203-0406 [switcha-ethernet2/0/1] quit # configure port ethernet 2/0/2 of switch b to allow only ip packets wit...
Page 200
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-6 note: for detailed configuration of dhcp server, refer to dhcp configuration in this manual. Ii. Network diagram figure 1-2 network diagram for configuring dynamic binding iii. Configur...
Page 201
Operation manual – ip source guard h3c s7500e series ethernet switches chapter 1 ip source guard configuration 1-7 0001-0203-0406 192.168.0.1 1 ethernet2/0/1 dhcp-snp -----------------1 binding entries queried, 1 listed------------------ # display the dynamic entries of dhcp snooping and check it is...
Page 202: Table of Contents
Operation manual – mstp h3c s7500e series ethernet switches table of contents i table of contents chapter 1 mstp configuration .................................................................................................... 1-1 1.1 mstp overview .....................................................
Page 203
Operation manual – mstp h3c s7500e series ethernet switches table of contents ii 1.6.1 configuration prerequisites................................................................................... 1-40 1.6.2 configuration procedure ......................................................................
Page 204
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-1 chapter 1 mstp configuration when configuring mstp, go to these sections for information you are interested in: z mstp overview z configuring the root bridge z configuring leaf nodes z performing mcheck z co...
Page 205
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-2 iii. Basic concepts in stp 1) root bridge a tree network must have a root; hence the concept of “root bridge” has been introduced in stp. There is one and only one root bridge in the entire network, and the ...
Page 206
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-3 figure 1-1 a schematic diagram of designated bridges and designated ports iv. Path cost path cost is a reference value used for link selection in stp. By calculating the path cost, stp selects relatively “ro...
Page 207
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-4 z forward delay: forward delay of the port. Note: for the convenience of description, the description and examples below involve only four parts of a configuration bpdu: z root bridge id (in the form of devi...
Page 208
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-5 note: principle for configuration bpdu comparison: z the configuration bpdu that has the lowest root bridge id has the highest priority. Z if all the configuration bpdus have the same root bridge id, they wi...
Page 209
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-6 step description 3 the device compares the calculated configuration bpdu with the configuration bpdu on the port of which the port role is to be defined, and does different things according to the comparison...
Page 210
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-7 table 1-4 initial state of each device device port name bpdu of port ap1 {0, 0, 0, ap1} device a ap2 {0, 0, 0, ap2} bp1 {1, 0, 1, bp1} device b bp2 {1, 0, 1, bp2} cp1 {2, 0, 2, cp1} device c cp2 {2, 0, 2, cp...
Page 211
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-8 device comparison process bpdu of port after comparison z port bp1 receives the configuration bpdu of device a {0, 0, 0, ap1}. Device b finds that the received configuration bpdu is superior to the configura...
Page 212
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-9 device comparison process bpdu of port after comparison z port cp1 receives the configuration bpdu of device a {0, 0, 0, ap2}. Device c finds that the received configuration bpdu is superior to the configura...
Page 213
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-10 figure 1-3 the final calculated spanning tree note: to facilitate description, the spanning tree calculation process in this example is simplified, while the actual process is more complicated. 2) the bpdu ...
Page 214
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-11 root port and designated port begin to forward data as soon as they are elected, a temporary loop may occur. 3) stp timers stp calculations need three important timing parameters: forward delay, hello time,...
Page 215
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-12 note: z in rstp, a newly elected root port can enter the forwarding state rapidly if this condition is met: the old root port on the device has stopped forwarding data and the upstream designated port has s...
Page 216
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-13 figure 1-4 basic concepts in mstp 1) mst region a multiple spanning tree region (mst region) is composed of multiple devices in a switched network and network segments among them. These devices have the fol...
Page 217
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-14 the same vlan-to-instance mapping (vlan 1 is mapped to mst instance 1, vlan 2 to mst instance 2, and the rest to cist). Mstp achieves load balancing by means of the vlan-to-instance mapping table. 3) ist in...
Page 218
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-15 a boundary port is a port that connects an mst region to another mst configuration, or to a single spanning-tree region running stp, or to a single spanning-tree region running rstp. During mstp calculation...
Page 219
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-16 figure 1-5 port roles figure 1-5 helps understand these concepts. Where, z devices a, b, c, and d constitute an mst region. Z port 1 and port 2 of device a connect to the common root bridge. Z port 5 and po...
Page 220
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-17 a port state is not exclusively associated with a port role. Table 1-6 lists the port state(s) supported by each port role (“ √” indicates that the port supports this state, while “—“ indicates that the por...
Page 221
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-18 in addition to basic mstp functions, many management-facilitating special functions are provided, as follows: z root bridge hold z root bridge backup z root guard z bpdu guard z loop guard z tc-bpdu guard 1...
Page 222
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-19 task remarks configuring an mst region required configuring the work mode of mstp device optional configuring the timeout factor optional configuring the maximum transmission rate of ports optional configur...
Page 223
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-20 to do... Use the command... Remarks configure the mst region name region-name name optional the mst region name is the mac address by default. Instance instance-id vlan vlan-list configure the vlan-to-insta...
Page 224
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-21 ii. Configuration example # configure the mst region name to be “info”, the mstp revision level to be 1, and vlan 2 through vlan 10 to be mapped to instance 1 and vlan 20 through vlan 30 to instance 2. Syst...
Page 225
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-22 note that: z upon specifying the current device as the root bridge or a secondary root bridge, you cannot change the priority of the device. Z you can configure the current device as the root bridge or a se...
Page 226
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-23 1.3.3 configuring the work mode of mstp device mstp and rstp can recognize each other’s protocol packets, so they are mutually compatible. However, stp is unable to recognize mstp packets. For hybrid networ...
Page 227
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-24 to do... Use the command... Remarks enter system view system-view — configure the priority of the current device stp [ instance instance-id ] priority priority optional 32768 by default caution: z upon spec...
Page 228
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-25 to do... Use the command... Remarks enter system view system-view — configure the maximum hops of the mst region stp max-hops hops optional 20 by default note: a larger maximum hops setting means a larger s...
Page 229
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-26 note: z network diameter is a parameter that indicates network size. A bigger network diameter represents a larger network size. Z based on the network diameter you configured, mstp automatically sets an op...
Page 230
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-27 caution: z the length of the forward delay time is related to the network diameter of the switched network. Typically, the larger the network diameter is, the longer the forward delay time should be. Note t...
Page 231
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-28 1.3.8 configuring the timeout factor after the network topology is stabilized, each non-root-bridge device forwards configuration bpdus to the surrounding devices at the interval of hello time to check whet...
Page 232
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-29 i. Configuration procedure follow these steps to configure the maximum transmission rate of a port or a group of ports: to do... Use the command... Remarks enter system view system-view — enter ethernet int...
Page 233
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-30 i. Configuration procedure follow these steps to specify a port or a group of ports as edge port(s): to do... Use the command... Remarks enter system view system-view — enter ethernet interface view interfa...
Page 234
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-31 i. Configuration procedure follow these steps to configure whether a port or a group of ports connect to point-to-point links: to do... Use the command... Remarks enter system view system-view — enter ether...
Page 235
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-32 1.3.12 configuring the mode a port uses to recognize/send mstp packets a port can send/recognize mstp packets of two formats: z 802.1s-compliant standard format, and z compatible format by default, the pack...
Page 236
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-33 ii. Configuration example # configure gigabitethernet 2/0/1 to receive and send standard-format mstp packets. System-view [sysname] interface gigabitethernet 2/0/1 [sysname-gigabitethernet2/0/1] stp complia...
Page 237
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-34 to do... Use the command... Remarks enable the mstp feature on the port(s) stp enable optional mstp is disabled on ports by default and automatically enabled on all ports after it is enabled globally on the...
Page 238
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-35 1.4.5 configuring ports as edge ports refer to configuring ports as edge ports in the section about root bridge configuration. 1.4.6 configuring path costs of ports path cost is a parameter related to the r...
Page 239
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-36 link speed duplex state 802.1d-1998 802.1t private standard 100 mbps single port aggregated link 2 ports aggregated link 3 ports aggregated link 4 ports 19 19 19 19 200,000 100,000 66,666 50,000 200 180 160...
Page 240
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-37 caution: z if you change the standard that the device uses in calculating the default path cost, the port path cost value set through the stp cost command will be out of effect. Z when the path cost of a po...
Page 241
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-38 note: z when the priority of a port is changed, mstp will re-calculate the role of the port and initiate a state transition. Z generally, a lower configured value priority indicates a higher priority of the...
Page 242
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-39 stp-compatible mode. In this case, you can perform an mcheck operation to force the port to migrate to the mstp (or rstp) mode. You can perform mcheck on a port through two approaches, which lead to the sam...
Page 243
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-40 2) method 2: perform mcheck in ethernet interface view. System-view [sysname] interface gigabitethernet 2/0/1 [sysname-gigabitethernet2/0/1] stp mcheck 1.6 configuring digest snooping as defined in ieee 802...
Page 244
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-41 to do... Use the command... Remarks enable global digest snooping stp config-digest-snooping required not enabled by default caution: z you can only enable the digest snooping feature on the device connecte...
Page 245
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-42 ii. Network diagram ge2/0/1 device a device b third-party device root port designated port blocked port ge2/0/1 ge2/0/1 ge2/0/2 ge2/0/2 ge2/0/2 figure 1-6 digest snooping configuration iii. Configuration pr...
Page 246
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-43 figure 1-7 and figure 1-8 show the rapid state transition mechanism on mstp and rstp designated ports. Root port blocks other non-edge ports upstream switch downstream switch root port changes to forwarding...
Page 247
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-44 z configure the same region name, revision level and vlan-to-instance mappings on the two devices, making them in the same region. 1.7.2 configuration procedure follow these steps to configure no agreement ...
Page 248
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-45 ii. Network diagram device a third-party device root port designated port ge2/0/1 ge2/0/1 figure 1-9 no agreement check configuration iii. Configuration procedure # enable no agreement check on gigabitether...
Page 249
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-46 1.8.2 enabling bpdu guard for access layer devices, the access ports generally connect directly with user terminals (such as pcs) or file servers. In this case, the access ports are configured as edge ports...
Page 250
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-47 playing the role of designated port on all mst instances. Once this port receives a configuration bpdu with a higher priority from an mst instance, it immediately sets that instance port to the listening st...
Page 251
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-48 note: it is recommended that you enable the loop guard feature on your device. Follow these steps to enable loop guard: to do... Use the command... Remarks enter system view system-view — enter ethernet int...
Page 252
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-49 to do... Use the command... Remarks configure the maximum number of times the device deletes forwarding address entries within a certain period of time immediately after it receives tc-bpdus stp tc-protecti...
Page 253
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-50 1.10 mstp configuration example i. Network requirements configure mstp so that packets of different vlans are forwarded along different spanning trees. The specific configuration requirements are as follows...
Page 254
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-51 [devicea-mst-region] region-name example [devicea-mst-region] instance 1 vlan 10 [devicea-mst-region] instance 3 vlan 30 [devicea-mst-region] instance 4 vlan 40 [devicea-mst-region] revision-level 0 # activ...
Page 255
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-52 [deviceb] display stp region-configuration oper configuration format selector :0 region name :example revision level :0 instance vlans mapped 0 1 to 9, 11 to 29, 31 to 39, 41 to 4094 1 10 3 30 4 40 3) confi...
Page 256
Operation manual – mstp h3c s7500e series ethernet switches chapter 1 mstp configuration 1-53 # enter mst region view. System-view [deviced] stp region-configuration [deviced-mst-region] region-name example # configure the region name, vlan-to-instance mappings and revision level of the mst region. ...
Page 257: Table of Contents
Operation manual – ip routing overview h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ip routing overview.................................................................................................... 1-1 1.1 ip routing and routing table........................
Page 258
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-1 chapter 1 ip routing overview go to these sections for information you are interested in: z ip routing and routing table z routing protocol overview z displaying and maintaining a routing tab...
Page 259
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-2 z destination address: destination ip address or destination network. Z network mask: specifies, in company with the destination address, the address of the destination network. A logical and...
Page 260
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-3 router a router b router h router e 16.0.0.2 17.0.0.3 15.0.0.0 12.0.0.0 17.0.0.0 11.0.0.0 16.0.0.0 13.0.0.0 14.0.0.0 router c router d router f router g 11.0.0.1 12.0.0.1 12.0.0.2 15.0.0.1 15...
Page 261
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-4 i. Operational scope z interior gateway protocols (igps): work within an autonomous system, including rip, ospf, and is-is. Z exterior gateway protocols (egps): work between autonomous system...
Page 262
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-5 routing approach priority direct 0 ospf 10 is-is 15 static 60 rip 100 ospf ase 150 ospf nssa 150 ibgp 255 ebgp 255 unknown 256 note: z the smaller the priority value, the higher the priority....
Page 263
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-6 under normal circumstances, packets are forwarded through the main route. When the main route goes down, the route with the highest priority among the backup routes is selected to forward pac...
Page 264
Operation manual – ip routing overview h3c s7500e series ethernet switches chapter 1 ip routing overview 1-7 to do… use the command… remarks display routing information permitted by an ipv4 prefix list display ip routing-table ip-prefix ip-prefix-name [ verbose ] display routes of a routing protocol...
Page 265: Table of Contents
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents i table of contents chapter 1 static routing configuration...................................................................................... 1-1 1.1 introduction ...................................................
Page 266
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents ii 2.4.8 configuring rip-to-mib binding............................................................................ 2-16 2.5 displaying and maintaining rip..............................................................
Page 267
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents iii 3.7.3 specifying an lsa transmission delay ................................................................ 3-34 3.7.4 specifying spf calculation interval...........................................................
Page 268
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents iv 4.4.8 configuring route redistribution .......................................................................... 4-24 4.4.9 configuring is-is route leaking..........................................................
Page 269
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents v 5.5.1 prerequisites ......................................................................................................... 5-27 5.5.2 configuration procedure ......................................................
Page 270
Operation manual – ipv4 routing h3c s7500e series ethernet switches table of contents vi 6.5 displaying and maintaining the routing policy................................................................ 6-10 6.6 routing policy configuration example ......................................................
Page 271
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 1 static routing configuration 1-1 chapter 1 static routing configuration when configuring a static route, go to these sections for information you are interested in: z introduction z configuring a static route z displaying ...
Page 272
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 1 static routing configuration 1-2 you can create the default route with both destination and mask being 0.0.0.0, and some dynamic routing protocols, such as ospf, rip and is-is, can also generate the default route. 1.1.3 ap...
Page 274
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 1 static routing configuration 1-4 1.4 configuration example i. Network requirements the ip addresses and masks of the switches and hosts are shown in the following figure. Static routes are required for interconnection betw...
Page 275
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 1 static routing configuration 1-5 routing tables: public destinations : 7 routes : 7 destination/mask proto pre cost nexthop interface 0.0.0.0/0 static 60 0 1.1.4.2 vlan500 1.1.2.0/24 direct 0 0 1.1.2.3 vlan300 1.1.2.3/32 d...
Page 276
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-1 chapter 2 rip configuration note: the term “router” in this document refers to a router in a generic sense or a layer 3 switch. When configuring rip, go to these sections for information you are inter...
Page 277
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-2 ii. Rip routing table a rip router has a routing table containing routing entries of all reachable destinations, and each routing entry contains: z destination address: ip address of a host or a netwo...
Page 278
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-3 2.1.2 operation of rip the following procedure describes how rip works. 1) after rip is enabled, the router sends request messages to neighboring routers. Neighboring routers return response messages ...
Page 279
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-4 figure 2-1 shows the format of ripv1 message. Figure 2-1 ripv1 message format z command: type of message. 1 indicates request, and 2 indicates response. Z version: version of rip, 0x01 for ripv1. Z af...
Page 280
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-5 iii. Ripv2 authentication ripv2 sets the afi field of the first route entry to 0xffff to identify authentication information. See figure 2-3 . Figure 2-3 ripv2 authentication message z authentication ...
Page 281
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-6 2.2 configuring rip basic functions 2.2.1 configuration prerequisites before configuring rip basic functions, configure ip addresses for interfaces, making all adjacent nodes reachable to each other a...
Page 282
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-7 to do… use the command… remarks enter interface view interface interface-type interface-number — enable the interface to receive rip messages rip input optional enabled by default enable the interface...
Page 284
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-9 to do… use the command… remarks define an outbound additional routing metric rip metricout value optional 1 by default 2.3.2 configuring ripv2 route summarization route summarization means that subnet...
Page 285
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-10 note: you need to disable ripv2 route automatic summarization before advertising a summary route on an interface. 2.3.3 disabling host route reception sometimes a router may receive many host routes ...
Page 286
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-11 note: the router enabled to advertise a default route does not receive default routes from rip neighbors. 2.3.5 configuring inbound/outbound route filtering the device supports route filtering. You c...
Page 287
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-12 to do… use the command… remarks enter system view system-view –– enter rip view rip [ process-id ] –– configure a priority for rip preference [ route-policy route-policy-name ] value optional 100 by ...
Page 289
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-14 ii. Enabling poison reverse the poison reverse function allows an interface to advertise the routes received from it, but the metric of these routes is set to 16, making them unreachable. Follow thes...
Page 290
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-15 2.4.5 enabling source ip address check on incoming rip updates you can enable source ip address check on incoming rip updates. For a message received on an ethernet interface, rip compares the source...
Page 291
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-16 2.4.7 specifying a rip neighbor usually, rip sends messages to broadcast or multicast addresses. On non broadcast or multicast links, you need to manually specify rip neighbors. If a specified neighb...
Page 292
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-17 2.5 displaying and maintaining rip to do… use the command… remarks display rip current status and configuration information display rip [ process-id ] display all active routes in rip database displa...
Page 293
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-18 [switcha-rip-1] quit # configure switch b. System-view [switchb] rip [switchb-rip-1] network 192.168.1.0 [switchb-rip-1] network 10.0.0.0 [switchb-rip-1] quit # display the rip routing table of switc...
Page 294
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-19 note: since ripv1 routing information has a long aging time, it will still exist until aged out after ripv2 is configured. 2.6.2 configuring rip route redistribution i. Network requirements as shown ...
Page 295
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-20 [switchb-rip-100] version 2 [switchb-rip-100] undo summary [switchb-rip-100] quit [switchb] rip 200 [switchb-rip-200] network 3.0.0.0 [switchb-rip-200] version 2 [switchb-rip-200] undo summary [switc...
Page 296
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-21 routing tables: public destinations : 9 routes : 9 destination/mask proto pre cost nexthop interface 1.1.1.0/24 direct 0 0 1.1.1.1 vlan100 1.1.1.1/32 direct 0 0 127.0.0.1 inloop0 2.1.1.0/24 direct 0 ...
Page 297
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 2 rip configuration 2-22 2.7 troubleshooting rip 2.7.1 no rip updates received symptom: no rip updates are received when the links work well. Analysis: after enabling rip, you must use the network command to enable correspon...
Page 298
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-1 chapter 3 ospf configuration open shortest path first (ospf) is a link state interior gateway protocol developed by the ospf working group of the internet engineering task force (ietf). At present, o...
Page 299
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-2 z area partition: allows an as to be split into different areas for ease of management and the routing information transmitted between areas is summarized to reduce network bandwidth consumption. Z e...
Page 300
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-3 z hello packet: periodically sent to find and maintain neighbors, containing the values of some timers, information about the dr, bdr and known neighbors. Z dd packet (database description packet): d...
Page 301
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-4 into the local subnet, the type 10 is flooded into the local area, and the type 11 is flooded throughout the whole as. Vi. Neighbor and adjacency in ospf, the “neighbor” and “adjacency” are two diffe...
Page 302
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-5 area 0 area 1 area 2 area 3 area 4 figure 3-1 ospf area partition after area partition, area border routers perform route summarization to reduce the number of lsas advertised to other areas and mini...
Page 303
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-6 figure 3-2 ospf router types iii. Backbone area and virtual links each as has a backbone area, which is responsible for distributing routing information between none-backbone areas. Routing informati...
Page 304
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-7 another application of virtual links is to provide redundant links. If the backbone area cannot maintain internal connectivity due to a physical link failure, configuring a virtual link can guarantee...
Page 305
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-8 nssa area. When traveling to the nssa abr, type-7 lsas are translated into type-5 lsas by the abr for advertisement to other areas. In the following figure, the ospf as contains three areas: area 1, ...
Page 306
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-9 segment. The abr in the area distributes only the summary lsa to reduce the scale of lsdbs on routers in other areas. 2) asbr route summarization if summarization for redistributed routes is configur...
Page 307
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-10 z p2mp (point-to-multipoint): by default, ospf considers no link layer protocol as p2mp, which is a conversion from other network types such as nbma in general. On p2mp networks, packets are sent to...
Page 308
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-11 the new dr in a very short period by avoiding adjacency establishment and dr reelection. Meanwhile, other routers elect another bdr, which requires a relatively long period but has no influence on r...
Page 309
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-12 3.1.5 ospf packet formats ospf packets are directly encapsulated into ip packets. Ospf has the ip protocol number 89. The ospf packet format is shown below (taking a lsu packet as an example). Figur...
Page 310
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-13 note: md5 authentication data is added following an ospf packet rather than contained in the authentication field. Ii. Hello packet a router sends hello packets periodically to neighbors to find and...
Page 311
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-14 iii. Dd packet two routers exchange database description (dd) packets describing their lsdbs for database synchronization, contents in dd packets including the header of each lsa (uniquely represent...
Page 312
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-15 requesting the missing lsas. The packets contain the digests of the missing lsas. The following figure shows the lsr packet format. Figure 3-12 lsr packet format major fields: z ls type: type number...
Page 313
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-16 vi. Lsack packet lsaack (link state acknowledgment) packets are used to acknowledge received lsu packets, contents including lsa headers to describe the corresponding lsas. Multiple lsas can be ackn...
Page 314
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-17 figure 3-16 router lsa format major fields: z link state id: id of the router that originated the lsa. Z v (virtual link): set to 1 if the router that originated the lsa is a virtual link endpoint. ...
Page 315
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-18 figure 3-17 network lsa format major fields: z link state id: the interface address of the dr z network mask: the mask of the network (a broadcast or nbma network) z attached router: the ids of the ...
Page 316
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-19 note: a type-3 lsa can be used to advertise a default route, having the link state id and network mask set to 0.0.0.0. 4) as external lsa an as external lsa originates from an asbr, describing routi...
Page 317
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-20 an nssa external lsa originates from the asbr in a nssa and is flooded in the nssa area only. It has the same format as the as external lsa. Figure 3-20 nssa external lsa format 3.1.6 supported ospf...
Page 318
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-21 distributed routers support ospf hot standby (hsb). Ospf backups necessary information of the active main board (amb) into the standby main board. Once the amb fails, the smb begins to work to ensur...
Page 319
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-22 task remarks configuring ospf packet timers optional specifying an lsa transmission delay optional specifying spf calculation interval optional specifying the lsa minimum repeat arrival interval opt...
Page 320
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-23 to ensure ospf stability, you need to decide on router ids and configure them manually. Any two routers in an as must have different ids. In practice, the id of a router is the ip address of one of ...
Page 321
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-24 3.4 configuring ospf area parameters splitting an ospf as into multiple areas reduces the number of lsas in the networks and extends the ospf application. For those non-backbone areas residing on th...
Page 323
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-26 3.5.2 configuring the ospf network type for an interface follow these steps to configure the ospf network type for an interface: to do… use the command… remarks enter system view system-view — enter...
Page 324
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-27 to do… use the command… remarks enter system view system-view — enter interface view interface interface-type interface-number — configure a router priority for the interface ospf dr-priority priori...
Page 326
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-29 note: since ospf is a link state-based interior gateway protocol, routing information is contained in lsas. However, ospf cannot filter lsas. Using the filter-policy import command is to filter rout...
Page 328
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-31 to do… use the command… remarks configure the maximum number of equivalent load-balanced routes maximum load-balancing maximum optional the default number is 4. 3.6.8 configuring a priority for ospf...
Page 330
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-33 z configure ospf network management functions, such as binding ospf mib with a process, sending trap information and collecting log information. 3.7.1 prerequisites before configuring ospf network o...
Page 331
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-34 to do… use the command… remarks specify the retransmission interval ospf timer retransmit interval optional the retransmission interval defaults to 5 seconds. Note: z the hello and dead intervals re...
Page 334
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-37 note: z different ospf processes can disable the same interface from sending ospf packets. Use of the silent-interface command disables only the interfaces associated with the current process rather...
Page 336
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-39 3.7.11 configuring the maximum number of external lsas in lsdb follow these steps to configure the maximum number of external lsas in the link state database: to do… use the command… remarks enter s...
Page 337
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-40 3.7.14 configuring ospf network management follow these steps to configure ospf network management: to do… use the command… remarks enter system view system-view — bind ospf mib to an ospf process o...
Page 338
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-41 3.8 displaying and maintaining ospf to do… use the command… remarks display ospf brief information display ospf [ process-id ] brief display ospf statistics display ospf [ process-id ] cumulative di...
Page 339
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-42 to do… use the command… remarks reset ospf counters reset ospf [ process-id ] counters [ neighbor[ interface-type interface-number ] [ router-id ] ] reset an ospf process reset ospf [ process-id ] p...
Page 340
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-43 2) configure ospf basic functions # configure switch a. System-view [switcha] ospf [switcha-ospf-1] area 0 [switcha-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [switcha-ospf-1-area-0.0.0.0] quit...
Page 341
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-44 [switcha] display ospf peer verbose ospf process 1 with router id 10.2.1.1 neighbors area 0.0.0.0 interface 10.1.1.1(vlan-interface100)'s neighbors router id: 10.3.1.1 address: 10.1.1.2 gr state: no...
Page 342
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-45 [switcha] display ospf lsdb ospf process 1 with router id 10.2.1.1 link state database area: 0.0.0.0 type linkstate id advrouter age len sequence metric router 10.2.1.1 10.2.1.1 1069 36 80000012 0 r...
Page 343
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-46 ping 10.4.1.1: 56 data bytes, press ctrl_c to break request time out reply from 10.4.1.1: bytes=56 sequence=2 ttl=253 time=15 ms reply from 10.4.1.1: bytes=56 sequence=3 ttl=253 time=1 ms reply from...
Page 344
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-47 # display abr/asbr information on switch c. [switchc] display ospf abr-asbr ospf process 1 with router id 10.4.1.1 routing table to abr and asbr type destination area cost nexthop rttype intra 10.2....
Page 345
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-48 [switcha-ospf-1-area-0.0.0.1] stub [switcha-ospf-1-area-0.0.0.1] quit [switcha-ospf-1] quit # configure switch c. [switchc] ospf [switchc-ospf-1] area 1 [switchc-ospf-1-area-0.0.0.1] stub [switchc-o...
Page 346
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-49 [switchc] display ospf routing ospf process 1 with router id 10.4.1.1 routing tables routing for network destination cost type nexthop advrouter area 0.0.0.0/0 4 inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2...
Page 347
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-50 iii. Configuration procedure 1) configure ip addresses for interfaces. 2) configure ospf basic functions (refer to configuring ospf basic functions ). 3) configure area 1 as an nssa area. # configur...
Page 348
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-51 [switchc] ospf [switchc-ospf-1] import-route static [switchc-ospf-1] quit # display ospf routing information on switch d. [switchd-ospf-1] display ospf routing ospf process 1 with router id 10.5.1.1...
Page 349
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-52 ii. Network diagram figure 3-24 network diagram for ospf dr election configuration iii. Configuration procedure 1) configure ip addresses for interfaces (omitted) 2) configure ospf basic functions #...
Page 350
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-53 # configure switch d. System-view [switchd] router id 4.4.4.4 [switchd] ospf [switchd-ospf-1] area 0 [switchd-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 [switchd-ospf-1-area-0.0.0.0] quit [swi...
Page 351
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-54 # configure switch b. [switchb] interface vlan-interface 1 [switchb-vlan-interface1] ospf dr-priority 0 [switchb-vlan-interface1] quit # configure switch c. [switchc] interface vlan-interface 1 [swi...
Page 352
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-55 note: in the above output, you can find the priority configuration does not take effect immediately. 4) restart ospf process (omitted) # display neighbor information on switch d. [switchd] display o...
Page 353
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-56 note: if the neighbor state is full, it means switch d has established the adjacency with the neighbor. If the neighbor state is 2-way, it means the two switches are neither the dr nor the bdr, and ...
Page 354
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-57 ii. Network diagram figure 3-25 network diagram for ospf virtual link configuration iii. Configuration procedure 1) configure ip addresses for interfaces (omitted) 2) configure ospf basic functions ...
Page 355
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-58 total nets: 2 intra area: 2 inter area: 0 ase: 0 nssa: 0 note: since area 2 has no direct connection to area 0, the ospf routing table of router a has no route to area 2. 3) configure a virtual link...
Page 356
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-59 3.10 troubleshooting ospf configuration 3.10.1 no ospf neighbor relationship established i. Symptom no ospf neighbor relationship can be established. Ii. Analysis if the physical link and lower laye...
Page 357
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 3 ospf configuration 3-60 4) display information about area configuration using the display current-configuration configuration ospf command. If more than two areas are configured, at least one area is connected to the backb...
Page 358
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-1 chapter 4 is-is configuration when configuring is-is, go to these sections for information you are interested in: z is-is overview z is-is configuration task list z configuring is-is basic functions...
Page 359
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-2 z routing domain (rd). A group of iss exchange routing information with the same routing protocol in a routing domain. Z area. An area is a division unit in a routing domain. The is-is protocol allo...
Page 360
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-3 generally, a router only needs one area address, and all nodes in the same routing domain must share the same area address. However, a router can have three area addresses at most to support smooth ...
Page 361
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-4 4.1.2 is-is area i. Two-level hierarchy is-is uses two-level hierarchy in the routing domain to support large scale routing networks. A large routing domain is divided into multiple areas. The level...
Page 362
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-5 figure 4-2 is-is topology figure 4-3 shows another network topology running the is-is protocol. The level-1-2 routers connect the level-1 and level-2 routers, and also form the is-is backbone togeth...
Page 363
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-6 note: the is-is backbone does not need to be a specific area. Both the is-is level-1 and level-2 routers use the spf algorithm to generate the shortest path tree (spt). Iii. Interface routing hierar...
Page 364
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-7 z point-to-point network, such as ppp, hdlc. Note: for the non-broadcast multi-access (nbma) network, such as atm, you need to configure point-to-point or broadcast network on its configured subinte...
Page 365
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-8 using pseudonodes can reduce the resources used by spf and simplify the network topology. Note: on is-is broadcast networks, all routers are adjacent with each other. The dis is responsible for the ...
Page 366
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-9 z r(reserved): set to 0. Z pdu type: for detail information, refer to table 4-1 . Z version: set to 1(0x01). Z maximum area address: maximum number of area addresses supported. Table 4-1 pdu type ty...
Page 367
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-10 figure 4-7 l1/l2 lan iih format z reserved/circuit type: the first 6 bits are reserved with value 0. The last 2 bits indicates router types: 00 means reserved, 01 indicates l1, 10 indicates l2, and...
Page 368
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-11 figure 4-8 p2p iih format instead of the priority and lan id fields in the lan iih, the p2p iih has a local circuit id field. Iv. Lsp packet format the link state pdus (lsp) carries link state info...
Page 369
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-12 figure 4-9 l1/l2 lsp format z pdu length: total length of the pdu in bytes. Z remaining lifetime: lsp remaining lifetime in seconds. Z lsp id: consists of the system id, the pseudonode id (one byte...
Page 370
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-13 figure 4-10 lsdb overload z is type: type of the router generating the lsp. V. Snp format the sequence number pdu (snp) confirms the latest received lsps. It is similar to the acknowledge packet, b...
Page 371
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-14 psnp only contains the sequence numbers of one or multiple latest received lsps. It can acknowledge multiple lsps at one time. When lsdbs are not synchronized, a psnp is used to request new lsps fr...
Page 372
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-15 clv code name pdu type 9 lsp entries snp 10 authentication information iih, lsp, snp 128 ip internal reachability information lsp 129 protocols supported iih, lsp 130 ip external reachability infor...
Page 373
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-16 common lsp or non-zero for a pseudonode lsp), and lsp number (lsp fragment number) of the node or pseudo node that generated the lsp. The 1-byte lsp number field, allowing a maximum of only 256 fra...
Page 374
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-17 originating system only. Therefore, the is-is routers not supporting lsp fragment extension can operate normally without modifying the extended lsp fragments received, but some limitation is impose...
Page 375
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-18 z rfc 3786 - extending the number of is-is lsp fragments beyond the 256 limit z rfc 3787 - recommendations for interoperable ip networks using is-is z rfc 3847 - restart signaling for is-is 4.2 is-...
Page 376
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-19 4.3 configuring is-is basic functions 4.3.1 configuration prerequisites before the task, configure an ip address for each interface, making all adjacent nodes reachable to each other at the network...
Page 377
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-20 4.4 configuring is-is routing information control 4.4.1 configuration prerequisites before the configuration, accomplish the following tasks first: z configure an ip address on each interface, and ...
Page 379
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-22 to do… use the command… remarks enable automatic is-is cost calculation auto-cost enable required disabled by default. Note: in the case no interface cost is specified in interface view or system v...
Page 380
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-23 the size of routing tables, as well as the lsp and lsdb generated by the router itself. Both is-is and redistributed routes can be summarized. Follow these steps to configure route summarization: t...
Page 383
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-26 note: if multiple routers in the broadcast network have the same highest dis priority, the router with the highest mac address becomes the dis. This rule applies even all routers’ dis priority is 0...
Page 384
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-27 note: z on the broadcast link, you can specify different intervals for level-1 and level-2 hello packets; if no level is specified, the interval applies to both level-1 and level-2 hello packets, b...
Page 385
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-28 the router will discard a lsp with incorrect checksum. You can configure the router to ignore the incorrect checksum, which means a lsp will be processed even with an incorrect lsp checksum. On the...
Page 387
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-30 to do… use the command... Remarks enter system view system-view –– enter is-is view isis [ process-id ] –– configure the spf calculation intervals timer spf maximum-interval [ minimum-interval [ in...
Page 388
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-31 note: the local host name on the local is overwrites the remote host name on the remote is. 4.5.8 configuring is-is authentication for area authentication, the area authentication password is encap...
Page 389
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-32 note: the level-1 and level-2 keywords in the isis authentication-mode command are only supported on a vlan interface of a switch, and the interface must be configured with the isis enable command ...
Page 390
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-33 4.5.11 enabling an interface to send small hello packets follow these steps to enable an interface to send small hello packets (without the padding field): to do… use the command… remarks enter sys...
Page 391
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-34 to do… use the command… remarks display the host-name-to-system-id mapping table display isis name-table [ process-id ] available in any view display is-is neighbor information display isis peer [ ...
Page 392
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-35 ii. Network diagram figure 4-14 network diagram for is-is basic configuration iii. Configuration procedure 1) configure ip addresses for interfaces (omitted) 2) configure is-is # configure switch a...
Page 393
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-36 [switchc] interface vlan-interface 100 [switchc-vlan-interface100] isis enable 1 [switchc-vlan-interface100] quit [switchc] interface vlan-interface 200 [switchc-vlan-interface200] isis enable 1 [s...
Page 394
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-37 [switchb] display isis lsdb database information for isis(1) -------------------------------- level-1 link state database lspid seq num checksum holdtime length att/p/ol ---------------------------...
Page 395
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-38 *-self lsp, +-self lsp(extended), att-attached, p-partition, ol-overload [switchd] display isis lsdb database information for isis(1) -------------------------------- level-2 link state database ls...
Page 396
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-39 isis(1) ipv4 level-1 forwarding table ------------------------------------- ipv4 destination intcost extcost exitinterface nexthop flags ------------------------------------------------------------...
Page 397
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-40 4.7.2 dis selection configuration i. Network requirements as shown in figure 4-15 , switch a, b, c and switch d reside in is-is area 10 on a broadcast network (ethernet). Switch a and switch b are ...
Page 398
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-41 [switchb-vlan-interface100] quit # configure switch c. System-view [switchc] isis 1 [switchc-isis-1] network-entity 10.0000.0000.0003.00 [switchc-isis-1] is-level level-1 [switchc-isis-1] quit [swi...
Page 399
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-42 [switcha] display isis interface interface information for isis(1) --------------------------------- interface: vlan-interface100 id ipv4.State ipv6.State mtu type dis 001 up down 1497 l1/l2 no/no ...
Page 400
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-43 interface: vlan-interface100 circuit id: 0000.0000.0001.01 state: up holdtime: 21s type: l1(l1l2) pri: 64 system id: 0000.0000.0003 interface: vlan-interface100 circuit id: 0000.0000.0001.01 state:...
Page 401
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 4 is-is configuration 4-44 interface: vlan-interface100 circuit id: 0000.0000.0001.01 state: up holdtime: 7s type: l1 pri: 100 [switchc] display isis interface interface information for isis(1) ------------------------------...
Page 402
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-1 chapter 5 bgp configuration the border gateway protocol (bgp) is a dynamic inter-as route discovery protocol. When configuring bgp, go to these sections for information you are interested in: z bgp ov...
Page 403
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-2 z supporting cidr z substantially reducing bandwidth occupation by advertising updating routes only and applicable to advertising a great amount of routing information on the internet z eliminating ro...
Page 404
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-3 z length: the 2-byte unsigned integer indicates the total length of the message. Z type: this 1-byte unsigned integer indicates the type code of the message. The following type codes are defined: 1–op...
Page 405
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-4 figure 5-3 bgp update message format each update message can advertise a group of feasible routes with similar attributes, which are contained in the network layer reachable information (nlri) field. ...
Page 406
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-5 v. Keepalive keepalive messages are sent between peers to maintain connectivity. Its format contains only the message header. Vi. Route-refresh a route-refresh message is sent to a peer to request the...
Page 407
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-6 name category aggregator optional transitive community optional transitive multi_exit_disc (med) optional non-transitive originator_id optional non-transitive cluster_list optional non-transitive ii. ...
Page 408
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-7 figure 5-6 as_path attribute in general, a bgp router does not receive routes containing the local as number to avoid routing loops. Note: the current implementation supports using the peer allow-as-l...
Page 409
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-8 z when sending a received route to an ebgp peer, a bgp speaker sets the next_hop for the route to the address of the sending interface. Z when sending a route received from an ebgp peer to an ibgp pee...
Page 410
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-9 in general, bgp compares meds of routes to the same as only. Note: you can use the compare-different-as-med command to force bgp to compare med values of routes to different ass. 5) local_pref this at...
Page 411
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-10 z no_advertise: after received, routes with this attribute cannot be advertised to other bgp peers. Z no_export_subconfed: after received, routes with this attribute cannot be advertised out the loca...
Page 412
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-11 on route recursion is always enabled on the switch rather than configured using commands. Bgp differs from igp in the implementation of load balancing in the following: z igp routing protocols such a...
Page 413
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-12 only once, with as_path unchanged, next_hop changed to router c’s address. Other bgp transitive attributes apply according to route selection rules. Iii. Bgp route advertisement rules bgp supports th...
Page 414
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-13 routing table can the ibgp router add the route into its bgp routing table and advertise the route to the ebgp peer. You can disable the synchronization feature in the following cases: z the local as...
Page 415
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-14 figure 5-12 bgp route dampening iii. Peer group a peer group is a collection of peers with the same attributes. When a peer joins the peer group, the peer obtains the same configuration as the peer g...
Page 416
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-15 besides using the well-known community attribute, you can define the extended community attribute using a community list to help define a routing policy. V. Route reflector ibgp peers should be fully...
Page 417
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-16 figure 5-14 network diagram for route reflectors when clients of a route reflector are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. The system supports ...
Page 418
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-17 figure 5-15 confederation network diagram from the perspective of a non-confederation speaker, it needs not know sub-ass in the confederation. The id of the confederation is the number of the as. In ...
Page 419
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-18 z mp_unreach_nlri: multiprotocol unreachable nlri, for withdrawing unfeasible routes the above two attributes are both optional non-transitive, so bgp speakers not supporting multi-protocol ignore th...
Page 420
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-19 task remarks configuring bgp basic functions required configuring bgp route redistribution optional configuring bgp route summarization optional advertising a default route to a peer or peer group op...
Page 421
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-20 5.3.1 prerequisites the neighboring nodes are accessible to each other at the network layer. 5.3.2 configuration procedure follow these steps to configure bgp basic functions: to do… use the command…...
Page 423
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-22 note: z it is required to specify for a bgp router a router id, a 32-bit unsigned integer and the unique identifier of the router in the as. Z you can specify a router id manually. If not, the system...
Page 424
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-23 5.4.2 configuring bgp route redistribution bgp can advertise the routing information of the local as to peering ass, but it redistributes routing information from igp into bgp rather than self-findin...
Page 425
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-24 follow these steps to configure bgp route summarization: to do… use the command… remarks enter system view system-view — enter bgp view bgp as-number — configure automatic route summarization summary...
Page 428
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-27 5.4.8 configuring bgp route dampening by configuring bgp route dampening, you can suppress unstable routes from neither adding them to the local routing table nor advertising them to bgp peers. Follo...
Page 429
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-28 to do… use the command… remarks configure the default med value default med med-value optional 0 by default enable the comparison of med of routes from different ass compare-differe nt-as-med optiona...
Page 431
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-30 note: z using a routing policy can set preferences for routes matching it. Routes not matching it use the default preferences. Z if other conditions are identical, the route with the smallest med val...
Page 432
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-31 bgp command to soft-reset bgp connections, to refresh the bgp routing table and apply the new policy without tearing down bgp connections. 3) configure bgp authentication bgp employs tcp as the trans...
Page 434
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-33 note: z the maximum keepalive interval should be one third of the holdtime and no less than 1 second. The holdtime is no less than 3 seconds unless it is set to 0. Z the intervals set with the peer t...
Page 435
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-34 to do… use the command… remarks enter system view system-view — enter bgp view bgp as-number — create an ibgp peer group group group-name [ internal ] configu re an ibgp peer group add a peer into th...
Page 437
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-36 to do… use the command… remarks configure the cluster id of the route reflector reflector cluster-id cluster-id optional by default, a route reflector uses its router id as the cluster id. Note: z in...
Page 438
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-37 note: z a confederation contains 32 sub-ass at most. The as-number of a sub-as takes effect in the confederation only. Z if routers not compliant with rfc 3065 exist in the confederation, you can use...
Page 439
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-38 to do… use the command… remarks display bgp routing information originating from different ass display bgp routing-table different-origin-as display bgp routing flap statistics display bgp routing-ta...
Page 441
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-40 [switchb] bgp 65009 [switchb-bgp] router-id 2.2.2.2 [switchb-bgp] peer 9.1.1.2 as-number 65009 [switchb-bgp] peer 9.1.3.2 as-number 65009 [switchb-bgp] quit # configure switch c. System-view [switchc...
Page 442
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-41 peer v as msgrcvd msgsent outq prefrcv up/down state 9.1.1.2 4 65009 56 56 0 0 00:40:54 established 9.1.3.2 4 65009 49 62 0 0 00:44:58 established 200.1.1.2 4 65008 49 65 0 1 00:44:03 established you...
Page 443
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-42 i 8.0.0.0 200.1.1.2 0 100 0 65008i note: from the above outputs, you can find switch a has learned no route to as65009, and switch c has learned network 8.0.0.0 but the next hop 200.1.1.2 is unreacha...
Page 444
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-43 * i 9.1.3.0/24 9.1.3.1 0 100 0 ? *>i 200.1.1.0 9.1.3.1 0 100 0 ? You can find the route 8.0.0.0 becomes valid with the next hop being switch a. # ping 8.1.1.1 on switch c. [switchc] ping 8.1.1.1 ping...
Page 445
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-44 system-view [switcha] bgp 65008 [switcha-bgp] router-id 1.1.1.1 [switcha-bgp] peer 3.1.1.1 as-number 65009 # inject network 8.1.1.0/24 to the bgp routing table. [switcha-bgp] network 8.1.1.0 24 [swit...
Page 446
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-45 destination/mask proto pre cost nexthop interface 8.1.1.0/24 o_ase 150 1 9.1.1.1 vlan300 9.1.1.0/24 direct 0 0 9.1.1.2 vlan300 9.1.1.2/32 direct 0 0 127.0.0.1 inloop0 9.1.2.0/24 direct 0 0 9.1.2.1 vl...
Page 447
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-46 5.9.3 bgp load balancing and med attribute configuration i. Network requirements z configure bgp on all switches; switch a is in as65008, and switch b and c in as65009. Z between switch a and b, and ...
Page 448
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-47 # configure switch c. System-view [switchc] bgp 65009 [switchc-bgp] router-id 3.3.3.3 [switchc-bgp] peer 200.1.2.2 as-number 65008 [switchc-bgp] peer 9.1.1.1 as-number 65009 [switchc-bgp] network 9.1...
Page 449
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-48 *> 8.0.0.0 0.0.0.0 0 0 i *> 9.1.1.0/24 200.1.1.1 0 0 65009i *> 200.1.2.1 0 0 65009i the route 9.1.1.0/24 has two next hops 200.1.1.1 and 200.1.2.1, and both are the optimal. 4) configure med # config...
Page 450
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-49 ii. Network diagram figure 5-19 network diagram for bgp community configuration iii. Configuration procedure 1) configure ip addresses for interfaces (omitted) 2) configure ebgp # configure switch a....
Page 451
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-50 bgp local router id : 2.2.2.2 local as number : 20 paths: 1 available, 1 best bgp routing table entry information of 9.1.1.0/24: from : 200.1.2.1 (1.1.1.1) original nexthop: 200.1.2.1 as-path : 10 or...
Page 452
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-51 paths: 1 available, 1 best bgp routing table entry information of 9.1.1.0/24: from : 200.1.2.1 (1.1.1.1) original nexthop: 200.1.2.1 community : no-export as-path : 10 origin : igp attribute value : ...
Page 453
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-52 [switcha-bgp] router-id 1.1.1.1 [switcha-bgp] peer 192.1.1.2 as-number 200 # inject network 1.0.0.0/8 to the bgp routing table. [switcha-bgp] network 1.0.0.0 [switcha-bgp] quit # configure switch b. ...
Page 454
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-53 status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, s - stale origin : i - igp, e - egp, ? - incomplete network nexthop med locprf prefval path/ogn *> 1.0.0.0 19...
Page 455
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-54 ii. Network diagram device interface ip address device interface ip address switch a vlan-int100 200.1.1.1/24 switch d vlan-int400 10.1.3.2/24 vlan-int200 10.1.1.1/24 vlan-int200 10.1.5.1/24 vlan-int...
Page 456
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-55 [switchb-bgp] peer 10.1.1.1 as-number 65001 [switchb-bgp] quit # configure switch c. System-view [switchc] bgp 65003 [switchc-bgp] router-id 3.3.3.3 [switchc-bgp] confederation id 200 [switchc-bgp] c...
Page 457
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-56 system-view [switchf] bgp 100 [switchf-bgp] router-id 6.6.6.6 [switchf-bgp] peer 200.1.1.1 as-number 200 [switchf-bgp] network 9.1.1.0 255.255.255.0 [switchf-bgp] quit 5) verify above configuration #...
Page 458
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-57 h - history, i - internal, s - suppressed, s - stale origin : i - igp, e - egp, ? - incomplete network nexthop med locprf prefval path/ogn *>i 9.1.1.0/24 10.1.3.1 0 100 0 100i [switchd] display bgp r...
Page 459
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-58 ii. Network diagram device interface ip address device interface ip address switch a vlan-int101 1.0.0.1/8 switch d vlan-int400 195.1.1.1/24 vlan-int100 192.1.1.1/24 vlan-int300 194.1.1.1/24 vlan-int...
Page 460
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-59 [switchd-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [switchd-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [switchd-ospf-1-area-0.0.0.0] quit [switchd-ospf-1] quit 3) configure bgp connectio...
Page 461
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-60 [switcha-route-policy] if-match acl 2000 [switcha-route-policy] apply cost 50 [switcha-route-policy] quit [switcha] route-policy apply_med_100 permit node 10 [switcha-route-policy] if-match acl 2000 ...
Page 462
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 5 bgp configuration 5-61 [switchc] bgp 200 [switchc-bgp] peer 193.1.1.1 route-policy localpref import [switchc-bgp] quit # display the routing table on switch d. [switchd] display bgp routing-table total number of routes: 2 ...
Page 463
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-1 chapter 6 routing policy configuration note: the term “router” refers to a router in a generic sense or a layer 3 switch running routing protocols. A routing policy is used on a router for ...
Page 464
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-2 when distributing or receiving routing information, a router can use a routing policy to filter routing information. For example, a router receives or advertises only routing information th...
Page 465
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-3 v. Extended community list extended community list (extcommunity-list) applies to bgp only. It involves two attributes: route-target extcommunity for vpn, source of origin extcommunity. An ...
Page 466
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-4 task creating a routing policy defining if-match clauses for the routing policy configuring a routing policy defining apply clauses for the routing policy 6.3 defining filtering lists 6.3.1...
Page 467
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-5 system-view [sysname] ip ipv6-prefix abc index 10 deny 10.1.0.0 16 [sysname] ip ipv6-prefix abc index 20 deny 10.2.0.0 16 [sysname] ip ipv6-prefix abc index 30 deny 10.3.0.0 16 [sysname] ip...
Page 468
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-6 6.3.5 defining an extended community list you can define multiple items for an extended community list that is identified by number. During matching, the relation between items is logic or,...
Page 470
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-8 to do… use the command… remarks match routes having as path attributes specified in the as path list (s) if-match as-path as-path-number & optional not configured by default match routes ha...
Page 471
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-9 6.4.4 defining apply clauses for the routing policy follow these steps to define apply clauses for a route-policy: to do… use the command… remarks enter system view system-view — create a r...
Page 472
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-10 to do… use the command… remarks set a preference for the matched routing protocol apply preference preference optional not set by default set a preferred value for bgp routes apply preferr...
Page 473
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-11 z on switch b, configure route redistribution from is-is to ospf and apply a routing policy to set attributes of redistributed routes, setting the cost of route 172.17.1.0/24 to 100, tag o...
Page 474
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-12 [switchb] isis [switchb-isis-1] is-level level-2 [switchb-isis-1] network-entity 10.0000.0000.0002.00 [switchb-isis-1] quit [switchb] interface vlan-interface 200 [switchb-vlan-interface20...
Page 475
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-13 4) configure filtering lists # configure an acl with the number of 2002, letting pass route 172.17.2.0/24. [switchb] acl number 2002 [switchb-acl-basic-2002] rule permit source 172.17.2.0 ...
Page 476
Operation manual – ipv4 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-14 192.168.2.0/24 1 type2 1 192.168.1.2 192.168.2.2 total nets: 5 intra area: 1 inter area: 0 ase: 4 nssa: 0 6.7 troubleshooting routing policy configuration 6.7.1 ipv4 routing information fi...
Page 477: Table of Contents
Operation manual – ipv6 routing h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ipv6 static routing configuration ............................................................................. 1-1 1.1 introduction to ipv6 static routing ...............................
Page 478
Operation manual – ipv6 routing h3c s7500e series ethernet switches table of contents ii 3.1.4 timers of ospfv3................................................................................................... 3-3 3.1.5 ospfv3 features supported.........................................................
Page 479
Operation manual – ipv6 routing h3c s7500e series ethernet switches table of contents iii 4.5 ipv6 is-is configuration example ..................................................................................... 4-5 chapter 5 ipv6 bgp configuration .....................................................
Page 480
Operation manual – ipv6 routing h3c s7500e series ethernet switches table of contents iv 5.9 ipv6 bgp configuration examples.................................................................................. 5-23 5.9.1 ipv6 bgp basic configuration ........................................................
Page 481
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 1 ipv6 static routing configuration 1-1 chapter 1 ipv6 static routing configuration note: z the term “router” in this document refers to a layer 3 switch running routing protocols. Z at present, the lsq1gp12ea boards in the ...
Page 482
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 1 ipv6 static routing configuration 1-2 1.2.1 configuration prerequisites z enabling ipv6 packet forwarding z ensuring that the neighboring nodes are ipv6 reachable 1.2.2 configuring an ipv6 static route follow these steps t...
Page 483
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 1 ipv6 static routing configuration 1-3 ii. Network diagram figure 1-1 network diagram for static routes iii. Configuration procedure 1) configure the ipv6 addresses of all vlan interfaces (omitted) 2) configure ipv6 static ...
Page 484
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 1 ipv6 static routing configuration 1-4 destination: ::/0 protocol : static nexthop : 4::2 preference: 60 interface : vlan200 cost : 0 destination: ::1/128 protocol : direct nexthop : ::1 preference: 0 interface : inloop0 co...
Page 485
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-1 chapter 2 ipv6 ripng configuration note: z the term “router” in this document refers to a layer 3 switch running routing protocols. Z at present, the lsq1gp12ea boards in the s7500e series do n...
Page 486
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-2 z destination address: ipv6 address of a host or a network. Z next hop address: ipv6 address of a neighbor along the path to the destination. Z egress interface: outbound interface that forward...
Page 487
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-3 figure 2-3 shows the format of the ipv6 prefix rte. Ipv6 prefix (16 octets) route tag prefix length metric 0 7 15 31 figure 2-3 ipv6 prefix rte format z ipv6 prefix: destination ipv6 address pr...
Page 488
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-4 2.2 configuring ripng basic functions in this section, you are presented with the information to configure the basic ripng features. You need to enable ripng first before configuring other task...
Page 489
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-5 z define an ipv6 acl before using it for route filtering. Refer to acl configuration for related information. Z define an ipv6 address prefix list before using it for route filtering. Refer to ...
Page 491
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-7 to do... Use the command... Remarks enter system view system-view — enter ripng view ripng [ process-id ] — configure a ripng priority preference [ route-policy route-policy-name ] preference o...
Page 492
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-8 follow these steps to configure ripng timers: to do... Use the command... Remarks enter system view system-view — enter ripng view ripng [ process-id ] — configure ripng timers timers { garbage...
Page 493
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-9 to do... Use the command... Remarks enable the split horizon function ripng split-horizon optional enabled by default note: generally, you are recommended to enable the split horizon to prevent...
Page 494
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-10 2.4.4 configuring the maximum number of equal cost routes for load balancing follow these steps to configure the maximum number of equal cost ripng routes for load balancing: to do... Use the ...
Page 495
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-11 iii. Configuration procedure 1) configure the ipv6 address for each interface (omitted) 2) configure basic ripng functions # configure switch a. System-view [switcha] ipv6 [switcha] ripng 1 [s...
Page 496
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-12 [switchb] display ripng 1 route route flags: a - aging, s - suppressed, g - garbage-collect ---------------------------------------------------------------- peer fe80::20f:e2ff:fe23:82f5 on vl...
Page 497
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 2 ipv6 ripng configuration 2-13 [switchb] display ripng 1 route route flags: a - aging, s - suppressed, g - garbage-collect ---------------------------------------------------------------- peer fe80::20f:e2ff:fe23:82f5 on vl...
Page 498
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-1 chapter 3 ipv6 ospfv3 configuration note: z the term “router” in this document refers to a layer 3 switch running routing protocols. Z at present, the lsq1gp12ea boards in the s7500e series do...
Page 499
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-2 figure 3-1 ospfv3 packet header major fields: z version #: version of ospf, which is 3 for ospfv3. Z type: type of ospf packet, from 1 to 5 are hello, dd, lsr, lsu, and lsack respectively. Z p...
Page 500
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-3 3.1.4 timers of ospfv3 timers in ospfv3 include: z ospfv3 packet timer z lsa delay timer z spf timer i. Ospfv3 packet timer hello packets are sent periodically between neighboring routers for ...
Page 501
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-4 3.2 ipv6 ospfv3 configuration task list complete the following tasks to configure ospfv3: task remarks configuring ospfv3 basic functions required configuring an ospfv3 stub area optional conf...
Page 502
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-5 to do... Use the command... Remarks enter system view system-view — enable ospfv3 and enter its view ospfv3 [ process-id ] required specify a router id router-id router-id required enter inter...
Page 503
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-6 3.4.2 configuring an ospfv3 stub area follow these steps to configure an ospfv3 stub area: to do... Use the command... Remarks enter system view system-view — enter ospfv3 view ospfv3 [ proces...
Page 505
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-8 3.5.3 configuring ospfv3 inbound route filtering you can configure ospfv3 to filter routes that are computed from received lsas according to some rules. Follow these steps to configure inbound...
Page 506
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-9 to do... Use the command... Remarks specify the maximum number of load-balanced routes maximum load-balancing maximum optional 4 by default 3.5.6 configuring a priority for ospfv3 a router may...
Page 507
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-10 note: z using the import-route command on a router makes the router become an asbr. Z since ospfv3 is a link state based routing protocol, it cannot directly filter lsas to be advertised. The...
Page 508
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-11 to do... Use the command... Remarks configure the dead interval ospfv3 timer dead seconds [ instance instance-id ] optional 40 seconds by default configure the lsa retransmission interval osp...
Page 509
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-12 3.6.4 ignoring mtu check for dd packets when lsas are few in dd packets, it is unnecessary to check mtu in dd packets in order to improve efficiency. Follow these steps to ignore mtu check fo...
Page 510
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-13 to do... Use the command... Remarks enter system view system-view — enter ospfv3 view ospfv3 [ process-id ] — enable the logging on neighbor state changes log-peer-change required enabled by ...
Page 512
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-15 system-view [switcha] ipv6 [switcha] ospfv3 [switcha-ospfv3-1] router-id 1.1.1.1 [switcha-ospfv3-1] quit [switcha] interface vlan-interface 300 [switcha-vlan-interface300] ospfv3 1 area 1 [sw...
Page 513
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-16 [switchd] interface vlan-interface 400 [switchd-vlan-interface400] ospfv3 1 area 2 [switchd-vlan-interface400] quit # display ospfv3 neighbor information on switch b. [switchb] display ospfv3...
Page 514
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-17 nexthop : fe80::f40d:0:93d0:1 interface: vlan400 *destination: 2001:2::/64 type : i cost : 1 nexthop : directly-connected interface: vlan400 *destination: 2001:3::/64 type : ia cost : 4 nexth...
Page 515
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-18 type : i cost : 1 nexthop : directly-connected interface: vlan400 *destination: 2001:3::/64 type : ia cost : 4 nexthop : fe80::f40d:0:93d0:1 interface: vlan400 4) configure area 2 as a totall...
Page 516
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-19 ii. Network diagram figure 3-3 network diagram for ospfv3 dr election configuration iii. Configuration procedure 1) configure ipv6 addresses for interfaces (omitted) 2) configure ospfv3 basic...
Page 517
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-20 [switchc-ospfv3-1] quit [switchc] interface vlan-interface 100 [switchc-vlan-interface100] ospfv3 1 area 0 [switchc-vlan-interface100] quit # configure switch d system-view [switchd] ipv6 [sw...
Page 518
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-21 [switchb-vlan-interface200] quit #configure the dr priority of switch c as 2. [switchc] interface vlan-interface 100 [switchc-vlan-interface100] ospfv3 dr-priority 2 [switchc-vlan-interface10...
Page 519
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-22 3.3.3.3 2 full/backup 00:00:32 vlan100 0 3.9 troubleshooting ospfv3 configuration 3.9.1 no ospfv3 neighbor relationship established i. Symptom no ospf neighbor relationship can be established...
Page 520
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 3 ipv6 ospfv3 configuration 3-23 3) use the display ospfv3 lsdb command to display link state database information to check integrity. 4) display information about area configuration using the display current-configuration c...
Page 521
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-1 chapter 4 ipv6 is-is configuration note: z ipv6 is-is supports all the features of ipv4 is-is except that it advertises ipv6 routing information instead. This document describes only ipv6 is-is...
Page 522
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-2 4.2 configuring ipv6 is-is basic functions note: you can implement ipv6 inter-networking through configuring ipv6 is-is in ipv6 network environment. 4.2.1 configuration prerequisites before the...
Page 523
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-3 4.3 configuring ipv6 is-is routing information control 4.3.1 configuration prerequisites you need to complete the ipv6 is-is basic function configuration before configuring this task. 4.3.2 con...
Page 524
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-4 note: the ipv6 filter-policy export command, usually used in combination with the ipv6 import-route command, filters redistributed routes when advertising them to other routers. If no protocol ...
Page 525
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-5 to do... Use the command... Remarks clear the is-is data information of a neighbor reset isis peer system-id [process-id] available in user view 4.5 ipv6 is-is configuration example i. Network ...
Page 526
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 4 ipv6 is-is configuration 4-6 [switcha-vlan-interface100] quit # configure switch b. System-view [switchb] isis 1 [switchb-isis-1] is-level level-1 [switchb-isis-1] network-entity 10.0000.0000.0002.00 [switchb-isis-1] ipv6 ...
Page 527
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-1 chapter 5 ipv6 bgp configuration note: z this chapter describes only configuration for ipv6 bgp. For other related information, refer to the part discussing ipv4 routing. Z at present, the lsq1gp...
Page 528
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-2 ipv6 bgp utilizes bgp multiprotocol extensions for application in ipv6 networks. The original messaging and routing mechanisms of bgp are not changed. 5.2 configuration task list complete the fol...
Page 529
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-3 task remarks configuring ipv6 bgp peer group optional configuring ipv6 bgp community optional configuring a large scale ipv6 bgp network configuring an ipv6 bgp route reflector optional 5.3 confi...
Page 530
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-4 5.3.3 advertising a local ipv6 route follow these steps to configure advertise a local route into the routing table: to do... Use the command... Remarks enter system view system-view — enter bgp ...
Page 531
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-5 5.3.5 specifying the source interface for establishing tcp connections follow these steps to specify the source interface for establishing tcp connections to a bgp peer or peer group: to do... Us...
Page 534
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-8 5.4.2 configuring ipv6 bgp route redistribution follow these steps to configure ipv6 bgp route redistribution and filtering: to do... Use the command... Remarks enter system view system-view — en...
Page 535
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-9 note: with the peer default-route-advertise command used, the local router advertises a default route with itself as the next hop to the specified peer/peer group, regardless of whether the defau...
Page 536
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-10 5.4.5 configuring route reception policy follow these steps to configure route reception policy: to do... Use the command... Remarks enter system view system-view — enter bgp view bgp as-number ...
Page 537
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-11 by default, when a bgp router receives an ibgp route, it only checks the reachability of the route’s next hop before advertisement. If the synchronization feature is configured, only the ibgp ro...
Page 538
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-12 z enabled ipv6 function z configured ipv6 bgp basic functions 5.5.2 configuring ipv6 bgp preference and default local_pref and next_hop attributes follow these steps to perform this configuratio...
Page 539
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-13 to do... Use the command... Remarks enter system view system-view — enter bgp view bgp as-number required enter ipv6 address family view ipv6-family — configure a default med value default med m...
Page 541
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-15 to do... Use the command... Remarks enter system view system-view — enter bgp view bgp as-number required enter ipv6 address family view ipv6-family — specify keepalive interval and holdtime tim...
Page 543
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-17 to do... Use the command... Remarks configure the maximum number of load balanced routes balance number required by default, no load balancing is enabled. 5.7 configuring a large scale ipv6 bgp ...
Page 544
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-18 to do... Use the command... Remarks enter system view system-view — enter bgp view bgp as-number required not enabled by default enter ipv6 address family view ipv6-family — create an ibgp peer ...
Page 545
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-19 to do... Use the command... Remarks enter system view system-view — enter bgp view bgp as-number required not enabled by default enter ipv6 address family view ipv6-family — create an ebgp peer ...
Page 546
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-20 ii. Apply a routing policy to routes advertised to a peer/peer group follow these steps to apply a routing policy to routes advertised to a peer/peer group: to do... Use the command... Remarks e...
Page 547
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-21 note: z in general, since the route reflector forwards routing information between clients, it is not required to make clients of a route reflector fully meshed. If clients are fully meshed, it ...
Page 548
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-22 to do... Use the command... Remarks display ipv6 bgp dampening parameter information display bgp ipv6 routing-table dampening parameter display ipv6 bgp routing information originated from diffe...
Page 549
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-23 5.9 ipv6 bgp configuration examples note: some examples for ipv6 bgp configuration are similar to those of bgp-4, so refer to the sections covering bgp in the ipv4 routing part for related infor...
Page 550
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-24 # configure switch c. System-view [switchc] ipv6 [switchc] bgp 65009 [switchc-bgp] router-id 3.3.3.3 [switchc-bgp] ipv6-family [switchc-bgp-af-ipv6] peer 9:3::1 as-number 65009 [switchc-bgp-af-i...
Page 551
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-25 total number of peers : 3 peers in established state : 3 peer v as msgrcvd msgsent outq prefrcv up/down state 10::2 4 65008 3 3 0 0 00:01:16 established 9:3::2 4 65009 2 3 0 0 00:00:40 establish...
Page 552
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-26 iii. Configuration procedure 1) configure ipv6 addresses for vlan interfaces (omitted) 2) configure ipv6 bgp basic functions # configure switch a. System-view [switcha] ipv6 [switcha] bgp 100 [s...
Page 553
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 5 ipv6 bgp configuration 5-27 use the display bgp ipv6 routing-table command on switch b and switch d respectively, you can find both of them have learned the network 1::/64. 5.10 troubleshooting ipv6 bgp configuration 5.10....
Page 554
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-1 chapter 6 routing policy configuration note: at present, the lsq1gp12ea boards in the s7500e series do not support ipv6. 6.1 introduction to routing policy 6.1.1 routing policy a routing po...
Page 555
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-2 an ip prefix list is identified by name. Each ip prefix list can comprise multiple items, and each item, which is identified by an index number, can specify a matching range in the network ...
Page 556
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-3 z when receiving or advertising routing information, a routing protocol uses the routing policy to filter routing information. 6.2 defining filtering lists 6.2.1 prerequisites before config...
Page 557
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-4 [sysname] ip ip-prefix abc index 40 permit :: 0 less-equal 128 6.2.3 defining an as path list you can define multiple items for an as path acl that is identified by number. During matching,...
Page 559
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-6 note: z if a node has the permit keyword specified, routing information meeting the node’s conditions will be handled using the apply clauses of this node, without needing to match against ...
Page 560
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-7 to do... Use the command... Remarks match bgp routes having extended attributes contained in the extended community list(s) if-match extcommunity ext-comm-list-number & -16> optional not co...
Page 561
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-8 to do... Use the command... Remarks set as_path attribute for ipv6 bgp routes apply as-path as-number & [ replace ] optional not set by default specify a community list according to which t...
Page 562
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-9 note: the apply ipv6 next-hop commands do not apply to redistributed ipv6 routes respectively. 6.4 displaying and maintaining the routing policy to do... Use the command... Remarks display ...
Page 563
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-10 ii. Network diagram figure 6-1 network diagram for routing policy application to route redistribution iii. Configuration procedure 1) configure switch a # configure ipv6 addresses for vlan...
Page 564
Operation manual – ipv6 routing h3c s7500e series ethernet switches chapter 6 routing policy configuration 6-11 # configure the ipv6 address for vlan-interface 100. [switchb] ipv6 [switchb] interface vlan-interface 100 [switchb-vlan-interface100] ipv6 address 10::2 32 # enable ripng on vlan-interfac...
Page 565: Table of Contents
Operation manual – ipv6 configuration h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ipv6 basics configuration .......................................................................................... 1-1 1.1 ipv6 overview...........................................
Page 566
Operation manual – ipv6 configuration h3c s7500e series ethernet switches table of contents ii 3.3 configuring ipv6 manual tunnel ....................................................................................... 3-4 3.3.1 configuration prerequisites................................................
Page 567
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-1 chapter 1 ipv6 basics configuration when configuring ipv6 basics, go to these sections for information you are interested in: z ipv6 overview z ipv6 basics configuration task list z conf...
Page 568
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-2 1.1.1 ipv6 features i. Header format simplification ipv6 cuts down some ipv4 header fields or move them to the ipv6 extension headers to reduce the length of the basic ipv6 header. Ipv6 ...
Page 569
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-3 z stateless address configuration means that a host automatically configures an ipv6 address and related information on basis of its own link-layer address and the prefix information adv...
Page 570
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-4 z leading zeros in each group can be removed. For example, the above-mentioned address can be represented in shorter format as 2001:0:130f:0:0:9c0:876a:130b. Z if an ipv6 address contain...
Page 571
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-5 note: there are no broadcast addresses in ipv6. Their function is superseded by multicast addresses. The type of an ipv6 address is designated by the first several bits called format pre...
Page 572
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-6 z unassigned address: the unicast address "::” is called the unassigned address and may not be assigned to any node. Before acquiring a valid ipv6 address, a node may fill this address i...
Page 573
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-7 figure 1-2 convert a mac address into an eui-64 interface identifier 1.1.3 introduction to ipv6 neighbor discovery protocol ipv6 neighbor discovery protocol (ndp) uses five types of icmp...
Page 574
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-8 icmpv6 message number function used to respond to an rs message router advertisement (ra) message 134 with the ra message suppression disabled, the router regularly sends an ra message c...
Page 575
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-9 1) node a sends an ns message whose destination address is the ipv6 address of node b. 2) if node a receives an na message from node b, node a considers that node b is reachable. Otherwi...
Page 576
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-10 2) the router returns an ra message containing information such as prefix information option. (the router also regularly sends an ra message.) 3) the node automatically configures an ip...
Page 577
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-11 figure 1-5 working procedure of the pmtu discovery the working procedure of the pmtu discovery is as follows: 1) the source host uses its mtu to fragment packets and then sends them to ...
Page 578
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-12 z rfc 2375: ipv6 multicast address assignments z rfc 2460: internet protocol, version 6 (ipv6) specification. Z rfc 2461: neighbor discovery for ip version 6 (ipv6) z rfc 2462: ipv6 sta...
Page 579
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-13 1.3.2 configuring an ipv6 unicast address ipv6 site-local addresses and aggregatable global unicast addresses can be configured in the following ways: z eui-64 format: when the eui-64 f...
Page 580
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-14 note: z after an ipv6 site-local address or aggregatable global unicast address is configured for an interface, a link-local address will be generated automatically. The automatically g...
Page 582
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-16 1.4.3 configuring parameters related to an ra message you can configure whether the interface sends an ra message, the interval for sending ra messages, and parameters in ra messages. A...
Page 583
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-17 note: the values of the retrans timer field and the reachable time field configured for an interface are sent to hosts via ra messages. Furthermore, this interface sends ns messages at ...
Page 584
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-18 to do… use the command… remarks set the o flag bit to 1. Ipv6 nd autoconfig other-flag optional by default, the o flag bit is set to 0, that is, hosts acquire other information through ...
Page 585
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-19 to do… use the command… remarks configure the number of attempts to send an ns message for dad ipv6 nd dad attempts value optional 1 by default. When the value argument is set to 0, dad...
Page 586
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-20 1.6 configuring ipv6 tcp properties the ipv6 tcp properties you can configure include: z synwait timer: when a syn packet is sent, the synwait timer is triggered. If no response packet ...
Page 587
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-21 follow these steps to configure the capacity and update period of the token bucket: to do… use the command… remarks enter system view system-view — configure the capacity and update per...
Page 588
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-22 1.8.2 configuring dynamic ipv6 domain name resolution if you want to use the dynamic domain name function, you can use the following command to enable the dynamic domain name resolution...
Page 589
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-23 1.9 displaying and maintaining ipv6 basics configuration to do… use the command… remarks display dns suffix information display dns domain [ dynamic ] display ipv6 dynamic domain name c...
Page 590
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-24 to do… use the command… remarks clear ipv6 dynamic domain name cache information reset dns ipv6 dynamic-host available in user view clear ipv6 neighbor information reset ipv6 neighbors ...
Page 591
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-25 # enable the ipv6 packet forwarding function. System-view [switcha] ipv6 # configure vlan-interface 2 to automatically generate a link-local address. [switcha] interface vlan-interface ...
Page 592
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-26 mtu is 1500 bytes nd dad is enabled, number of dad attempts: 1 nd reachable time is 30000 milliseconds nd retransmit interval is 1000 milliseconds hosts use stateless autoconfig for add...
Page 593
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-27 bytes=56 sequence=3 hop limit=255 time = 60 ms reply from fe80::20f:e2ff:fe00:1 bytes=56 sequence=4 hop limit=255 time = 70 ms reply from fe80::20f:e2ff:fe00:1 bytes=56 sequence=5 hop l...
Page 594
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 1 ipv6 basics configuration 1-28 bytes=56 sequence=5 hop limit=255 time = 60 ms --- 3001::2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 50/60/70 ms 1.11 t...
Page 595
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 2 dual stack configuration 2-1 chapter 2 dual stack configuration when configuring dual stack, go to these sections for information you are interested in: z dual stack overview z configuring dual stack 2.1 dual stack o...
Page 596
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 2 dual stack configuration 2-2 to do… use the command… remarks enter system view system-view — enable the ipv6 packet forwarding function ipv6 required disabled by default. Enter interface view interface interface-type...
Page 597
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-1 chapter 3 tunneling configuration when configuring tunneling, go to these sections for information you are interested in: z introduction to tunneling z tunneling configuration task list z ...
Page 598
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-2 caution: the devices at both ends of an ipv6 over ipv4 tunnel must support ipv4/ipv6 dual stack. Figure 3-1 principle of ipv6 over ipv4 tunnel the ipv6 over ipv4 tunnel processes packets i...
Page 599
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-3 z if the ipv4 address of the tunnel destination cannot be acquired from the destination address of the ipv6 packet, it needs to be configured manually. Such a tunnel is called a configured...
Page 600
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-4 destination address of an ipv6 packet and the ipv6 address of a tunnel interface both adopt special addresses: isatap addresses. The isatap address format is prefix(64bit):0:5efe:ip-addres...
Page 601
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-5 to do… use the command… remarks create a tunnel interface and enter tunnel interface view interface tunnel number required by default, there is no tunnel interface on the device. Ipv6 addr...
Page 602
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-6 caution: z when you create a tunnel interface on a device, the slot of the tunnel interface should be that of the source port, namely, the port sending packets. In this way, the forwarding...
Page 603
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-7 ii. Network diagram figure 3-3 network diagram for an ipv6 manual tunnel iii. Configuration procedure z configuration on switch a # enable ipv6. System-view [switcha] ipv6 # configure a li...
Page 604
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-8 # enable ipv6. System-view [switchb] ipv6 # configure a link aggregation group. Disable stp on the port before adding it into the link aggregation group. [switchb] link-aggregation group 1...
Page 605
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-9 ff02::1 mtu is 1500 bytes nd reachable time is 30000 milliseconds nd retransmit interval is 1000 milliseconds hosts use stateless autoconfig for addresses [switchb] display ipv6 interface ...
Page 606
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-10 3.4 configuring 6to4 tunnel 3.4.1 configuration prerequisites ip addresses are configured for interfaces such as vlan interface and loopback interface on the device. Such an interface can...
Page 608
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-12 3.4.3 configuration example i. Network requirements isolated ipv6 networks are interconnected through a 6to4 tunnel over the ipv4 network. Ii. Network diagram figure 3-4 network diagram f...
Page 609
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-13 # configure a route to vlan-interface 100 of switch b. (here the next-hop address of the static route is represented by [nexthop]. In practice, you should configure the real next-hop addr...
Page 610
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-14 [switchb-vlan-interface100] ip address 5.1.1.1 24 [switchb-vlan-interface100] quit # configure a route to vlan-interface 100 of switch a. (here the next-hop address of the static route is...
Page 611
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-15 minimum = 0ms, maximum = 13ms, average = 3ms 3.5 configuring isatap tunnel 3.5.1 configuration prerequisites ip addresses are configured for interfaces such as vlan interface and loopback...
Page 612
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-16 to do… use the command… remarks set an isatap tunnel tunnel-protocol ipv6-ipv4 isatap required by default, the tunnel mode is manual. The same tunnel type should be configured at both end...
Page 613
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-17 3.5.3 configuration example i. Network requirements the destination address of a tunnel is an isatap address. It is required that ipv6 hosts in the ipv4 network can access the ipv6 networ...
Page 614
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-18 [switch-vlan-interface101] ip address 2.1.1.1 255.0.0.0 [switch-vlan-interface101] quit # configure an isatap tunnel. [switch] interface tunnel 1/0/3 [switch-tunnel1/0/3] ipv6 address 200...
Page 615
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-19 c:\>ipv6 if 2 interface 2: automatic tunneling pseudo-interface guid {48fce3fc-ec30-e50e-f1a7-71172aeee3ae} does not use neighbor discovery uses router discovery routing preference 1 eui-...
Page 616
Operation manual – ipv6 configuration h3c s7500e series ethernet switches chapter 3 tunneling configuration 3-20 1) the common cause is that the physical interface of the tunnel source is not up. Use the display interface tunnel or display ipv6 interface tunnel commands to view whether the physical ...
Page 617: Table of Contents
Operation manual – multicast h3c s7500e series ethernet switches table of contents i table of contents chapter 1 multicast overview ...................................................................................................... 1-1 1.1 introduction to multicast...................................
Page 618
Operation manual – multicast h3c s7500e series ethernet switches table of contents ii 2.6.4 configuring the function of dropping unknown multicast data ........................... 2-19 2.6.5 configuring igmp report suppression................................................................. 2-20 2.6...
Page 619
Operation manual – multicast h3c s7500e series ethernet switches table of contents iii chapter 5 pim configuration........................................................................................................ 5-1 5.1 pim overview................................................................
Page 620
Operation manual – multicast h3c s7500e series ethernet switches table of contents iv 5.8.1 failure of building a multicast distribution tree correctly .................................... 5-52 5.8.2 multicast data abnormally terminated on an intermediate router...................... 5-53 5.8.3 rps ...
Page 621
Operation manual – multicast h3c s7500e series ethernet switches table of contents v 7.3 configuring multicast routing and forwarding.................................................................. 7-6 7.3.1 configuration prerequisites..................................................................
Page 622
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-1 chapter 1 multicast overview note: this manual chiefly focuses on the ip multicast technology and device operations. Unless otherwise stated, the term “multicast” in this document refers to ip multicast...
Page 623
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-2 figure 1-1 unicast transmission assume that hosts b, d and e need this information. The information source establishes a separate transmission channel for each of these hosts. In unicast transmission, t...
Page 624
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-3 figure 1-2 broadcast transmission assume that only hosts b, d, and e need the information. If the information source broadcasts the information, hosts a and c also receive it. In addition to information...
Page 625
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-4 figure 1-3 multicast transmission assume that hosts b, d and e need the information. To receive the information correctly, these hosts need to join a receiver set, which is known as a multicast group. T...
Page 626
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-5 for a better understanding of the multicast concept, you can assimilate multicast transmission to the transmission of tv programs, as shown in table 1-1 . Table 1-1 an analogy between tv transmission an...
Page 627
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-6 z any other point-to-multiple-point data distribution application. 1.2 multicast models based on how the receivers treat the multicast sources, there are two multicast models: i. Asm model in the asm mo...
Page 628
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-7 hosts, and the tcp/ip stack must support reception and transmission of multicast data. 1.3.1 multicast addresses to allow communication between multicast sources and multicast group members, network-lay...
Page 629
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-8 table 1-3 some reserved multicast addresses address description 224.0.0.1 all systems on this subnet, including hosts and routers 224.0.0.2 all multicast routers on this subnet 224.0.0.3 unassigned 224....
Page 630
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-9 assigned by iana; when set to 1, the t flag indicates a transient, or dynamically assigned multicast address. Z scope: 4 bits, indicating the scope of the ipv6 internetwork for which the multicast traff...
Page 631
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-10 figure 1-5 ipv4-to-mac address mapping the high-order four bits of a multicast ipv4 address are 1110, indicating that this address is a multicast address, and only 23 bits of the remaining 28 bits are ...
Page 632
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-11 1.3.2 multicast protocols note: z generally, we refer to ip multicast working at the network layer as layer 3 multicast and the corresponding multicast protocols as layer 3 multicast protocols, which i...
Page 633
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-12 connected with the hosts. These protocols define the mechanism of establishing and maintaining group memberships between hosts and layer 3 multicast devices. 2) multicast routing protocols a multicast ...
Page 634
Operation manual – multicast h3c s7500e series ethernet switches chapter 1 multicast overview 1-13 1) igmp snooping/mld snooping running on layer 2 devices, internet group management protocol snooping (igmp snooping) and multicast listener discovery snooping (mld snooping) are multicast constraining...
Page 635
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-1 chapter 2 igmp snooping configuration when configuring igmp snooping, go to the following sections for information you are interested in: z igmp snooping overview z configuring basic functions ...
Page 636
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-2 multicast packet transmission without igmp snooping source multicast router host a receiver host b host c receiver multicast packets layer 2 switch multicast packet transmission when igmp snoop...
Page 637
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-3 z router port: a router port is a port on the ethernet switch that leads switch towards the layer 3 multicast device (dr or igmp querier). In the figure, ethernet 1/0/1 of switch a and ethernet...
Page 638
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-4 note: the port aging mechanism of igmp snooping works only for dynamic ports; a static port will never age out. 2.1.3 work mechanism of igmp snooping a switch running igmp snooping performs dif...
Page 639
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-5 z if a forwarding table entry exists for the reported group and the port is included in the outgoing port list, which means that this port is already a member port, the switch resets the member...
Page 640
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-6 forwards it through all its router ports in the vlan and all member ports for that multicast group, and performs the following: z if any igmp report in response to the group-specific query is h...
Page 641
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-7 2.2 igmp snooping configuration task list complete these tasks to configure igmp snooping: task remarks enabling igmp snooping required configuring basic functions of igmp snooping configuring ...
Page 642
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-8 note: z configurations made in igmp snooping view are effective for all vlans, while configurations made in vlan view are effective only for ports belonging to the current vlan. For a given vla...
Page 643
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-9 note: z igmp snooping must be enabled globally before it can be enabled in a vlan. Z after enabling igmp snooping in a vlan, you cannot enable igmp and/or pim on the corresponding vlan interfac...
Page 644
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-10 z enable igmp snooping in the vlan or enable igmp on the desired vlan interface z configure the corresponding port groups. Before configuring igmp snooping port functions, prepare the followin...
Page 645
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-11 to do... Use the command... Remarks configure member port aging time igmp-snooping host-aging-time interval optional 260 seconds by default 2.4.3 configuring static ports if all the hosts atta...
Page 646
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-12 2.4.4 configuring simulated joining generally, a host running igmp responds to igmp queries from the igmp querier. If a host fails to respond due to some reasons, the multicast router may deem...
Page 647
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-13 2.4.5 configuring fast leave processing the fast leave processing feature allows the switch to process igmp leave group messages in a fast way. With the fast leave processing feature enabled, ...
Page 648
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-14 caution: if fast leave processing is enabled on a port to which more than one host is attached, when one host leaves a multicast group, the other hosts attached to the port and interested in t...
Page 649
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-15 caution: it is meaningless to configure an igmp snooping querier in a multicast network running igmp. Although an igmp snooping querier does not take part in igmp querier elections, it may aff...
Page 650
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-16 ii. Configuring igmp queries and responses in a vlan follow these steps to configure igmp queries and responses in a vlan: to do... Use the command... Remarks enter system view system-view — e...
Page 652
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-18 to do... Use the command... Remarks enter system view system-view — enter igmp snooping view igmp-snooping — configure a multicast group filter group-policy acl-number [ vlan vlan-list ] requi...
Page 653
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-19 to do... Use the command... Remarks enable multicast source port filtering source-deny port interface-list required disabled by default ii. Configuring multicast source port filtering on a por...
Page 654
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-20 to do... Use the command... Remarks enter system view system-view — enter igmp snooping view igmp-snooping — enable the function of dropping unknown multicast data drop-unknown required disabl...
Page 655
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-21 to do... Use the command... Remarks enter system view system-view — enter igmp snooping view igmp-snooping — enable igmp report suppression report-aggregation optional enabled by default 2.6.6...
Page 656
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-22 2.6.7 configuring multicast group replacement for some special reasons, the number of multicast groups that can be joined on the current switch or port may exceed the number configured for the...
Page 657
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-23 caution: be sure to configure the maximum number of multicast groups allowed on a port (refer to configuring maximum multicast groups that can be joined on a port ) before configuring multicas...
Page 658
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-24 z igmp is required on router a, igmp snooping is required on switch a, and router a will act as the igmp querier on the subnet. Z perform the following configuration so that multicast data can...
Page 659
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-25 system-view [switcha] igmp-snooping [switcha-igmp-snooping] quit # create vlan 100, assign ethernet 2/0/1 through ethernet 2/0/4 to this vlan, and enable igmp snooping in the vlan. [switcha] v...
Page 660
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-26 host port(s):total 2 port. Eth2/0/3 eth2/0/4 as shown above, ethernet 2/0/3 and ethernet 2/0/4 of switch a have joined multicast group 224.1.1.1. 2.8.2 static router port configuration i. Netw...
Page 661
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-27 ii. Network diagram source 1.1.1.1/24 router a igmp querier eth1/0/1 10.1.1.1/24 eth1/0/2 1.1.1.2/24 switch a switch c switch b eth2/0/1 eth2/0/2 eth2/0/2 host c host b host a receiver receive...
Page 662
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-28 # create vlan 100, assign ethernet 2/0/1 through ethernet 2/0/3 to this vlan, and enable igmp snooping in the vlan. [switcha] vlan 100 [switcha-vlan100] port ethernet 2/0/1 to ethernet 2/0/3 [...
Page 663
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-29 total 1 mac group(s). Port flags: d-dynamic port, s-static port, a-aggregation port, c-copy port subvlan flags: r-real vlan, c-copy vlan vlan(id):100. Total 1 ip group(s). Total 1 ip source(s)...
Page 664
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-30 ii. Network diagram source 1.1.1.1/24 host a receiver switch c switch a switch b host b receiver host c receiver querier eth2/0/1 eth2/0/2 eth2/0/1 eth2/0/1 eth2/0/2 eth2/0/3 eth2/0/2 eth2/0/3...
Page 665
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-31 # create vlan 100, add ethernet 2/0/1 through ethernet 2/0/3 to vlan 100, and enable igmp snooping in this vlan. [switchb] vlan 100 [switchb-vlan100] port ethernet 2/0/1 to ethernet 2/0/3 [swi...
Page 666
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-32 ii. Analysis igmp snooping is not enabled. Iii. Solution 1) enter the display current-configuration command to view the running status of igmp snooping. 2) if igmp snooping is not enabled, use...
Page 667
Operation manual – multicast h3c s7500e series ethernet switches chapter 2 igmp snooping configuration 2-33 whether this configuration conflicts with the configured multicast group policy. If any conflict exists, remove the port as a static member of the multicast group..
Page 668
Operation manual – multicast h3c s7500e series ethernet switches chapter 3 multicast vlan configuration 3-1 chapter 3 multicast vlan configuration 3.1 introduction to multicast vlan as shown in figure 3-1 , in the traditional multicast programs-on-demand mode, when hosts that belong to different vla...
Page 669
Operation manual – multicast h3c s7500e series ethernet switches chapter 3 multicast vlan configuration 3-2 to do… use the command… remarks enter system view system-view — configure a specific vlan as a multicast vlan multicast -vlan vlan-id enable required disabled by default configure sub-vlans fo...
Page 670
Operation manual – multicast h3c s7500e series ethernet switches chapter 3 multicast vlan configuration 3-3 3.4 multicast vlan configuration example i. Network requirements z router a connects to a multicast source through ethernet 1/0/2 and to switch a, through ethernet 1/0/1. Z igmp is required on...
Page 671
Operation manual – multicast h3c s7500e series ethernet switches chapter 3 multicast vlan configuration 3-4 # enable ip multicast routing, enable pim-dm on each interface and enable igmp on ethernet 1/0/1. System-view [routera] multicast routing-enable [routera] interface ethernet 1/0/1 [routera-eth...
Page 672
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-1 chapter 4 igmp configuration when configuring igmp, go to the following sections for the information you are interested in: z igmp overview z configuring basic functions of igmp z adjusting igmp perform...
Page 673
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-2 router is needed for sending igmp query messages (often referred to as queries). So, a querier election mechanism is required to determine which router will act as the igmp querier on the subnet. In igm...
Page 674
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-3 4) host c, which is on the same subnet, hears the report from host b for joining g1. Upon hearing the report, host c will suppress itself from sending a report message for the same multicast group, beca...
Page 675
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-4 timer; otherwise, it assumes the querier to have timed out and initiates a new querier election process. Ii. “leave group” mechanism in igmpv1, when a host leaves a multicast group, it does not send any...
Page 676
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-5 as shown in figure 4-2 , the network comprises two multicast sources, source 1 (s1) and source 2 (s2), both of which can send multicast data to multicast group g. Host b is interested only in the multic...
Page 677
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-6 z is_in: the source filtering mode is include, namely, the report sender requests the multicast data from only the sources defined in the specified multicast source list. If the specified multicast sour...
Page 678
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-7 task remarks configuring igmp message options optional configuring igmp query and response parameters optional adjusting igmp performance configuring igmp fast leave processing optional note: z configur...
Page 679
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-8 to do... Use the command... Remarks enter system view system-view — enable ip multicast routing multicast routing-enable required disabled by default enter interface view interface interface-type interf...
Page 680
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-9 follow these steps to configure an interface as a statically connected member of a multicast group: to do... Use the command... Remarks enter system view system-view — enter interface view interface int...
Page 681
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-10 4.4.1 configuration prerequisites before adjusting igmp performance, complete the following tasks: z configure any unicast routing protocol so that all devices in the domain are interoperable at the ne...
Page 682
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-11 to do... Use the command... Remarks enable the insertion of the router-alert option into igmp messages send-router-alert optional by default, igmp messages carry the router-alert option. Ii. Configurin...
Page 683
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-12 an appropriate setting of the maximum response time for igmp queries allows hosts to respond to queries quickly and avoids bursts of igmp traffic on the network caused by reports simultaneously sent by...
Page 684
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-13 to do... Use the command... Remarks enter system view system-view — enter interface view interface interface-type interface-number — configure igmp query interval igmp timer query interval optional 60 ...
Page 685
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-14 4.4.4 configuring igmp fast leave processing igmp fast leave processing is implemented by igmp snooping. For details, see configuring fast leave processing . 4.5 displaying and maintaining igmp to do.....
Page 686
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-15 4.6 igmp configuration example i. Network requirements z receivers receive vod information through the multicast mode. Receivers of different organizations form stub networks n1 and n2, and host a and ...
Page 687
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-16 configure the ospf protocol for interoperation among the switches. Ensure the network-layer interoperation among switch a, switch b and switch c on the pim network and dynamic update of routing informa...
Page 688
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-17 querier for igmp: 10.110.2.1 (this router) total 1 igmp group reported 4.7 troubleshooting igmp 4.7.1 no member information on the receiver-side router i. Symptom when a host sends a report for joining...
Page 689
Operation manual – multicast h3c s7500e series ethernet switches chapter 4 igmp configuration 4-18 4.7.2 inconsistent memberships on routers on the same subnet i. Symptom different memberships are maintained on different igmp routers on the same subnet. Ii. Analysis z a router running igmp maintains...
Page 690
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-1 chapter 5 pim configuration when configuring pim, go to these sections for information you are interested in: z pim overview z configuring pim-dm z configuring pim-sm z configuring pim-ssm z configuring ...
Page 691
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-2 note: to facilitate description, a network comprising pim-capable routers is referred to as a “pim domain” in this document. 5.1.1 introduction to pim-dm pim-dm is a type of dense mode multicast protocol...
Page 692
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-3 note: every activated interface on a router sends hello messages periodically, and thus learns the pim neighboring information pertinent to the interface. Ii. Spt establishment the process of building an...
Page 693
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-4 figure 5-1 spt establishment the “flood and prune” process takes place periodically. A pruned state timeout mechanism is provided. A pruned branch restarts multicast forwarding when the pruned state time...
Page 694
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-5 iv. Assert if multiple multicast routers exist on a multi-access subnet, duplicate packets may flow to the same subnet. To shut off duplicate flows, the assert mechanism is used for election of a single ...
Page 695
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-6 pim-sm is a type of sparse mode multicast protocol. It uses the “pull mode” for multicast forwarding, and is suitable for large- and medium-sized networks with sparsely and widely distributed multicast g...
Page 696
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-7 i. Neighbor discovery pim-sm uses exactly the same neighbor discovery mechanism as pim-dm does. Refer to neighbor discovery . Ii. Dr election pim-sm also uses hello messages to elect a designated router ...
Page 697
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-8 1) routers on the multi-access network send hello messages to one another. The hello messages contain the router priority for dr election. The router with the highest dr priority will become the dr. 2) i...
Page 698
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-9 figure 5-4 bsr and c-rps iv. Rpt establishment figure 5-5 rpt establishment in a pim-sm domain as shown in figure 5-5 , the process of building an rpt is as follows: 1) when a receiver joins a multicast ...
Page 699
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-10 the multicast data addressed to the multicast group g flows through the rp, reaches the corresponding dr along the established rpt, and finally is delivered to the receiver. When a receiver is no longer...
Page 700
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-11 3) the subsequent multicast data from the multicast source travels along the established spt to the rp, and then the rp forwards the data along the rpt to the receivers. When the multicast traffic arriv...
Page 701
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-12 ii. Relationship between bsr admin-scope regions and the global scope zone a better understanding of the global scope zone and bsr admin-scope regions should be based on two aspects: geographical space ...
Page 702
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-13 figure 5-8 relationship between bsr admin-scope regions and the global scope zone in group address ranges in figure 5-8 , the group address ranges of admin-scope-scope regions bsr1 and bsr2 have no inte...
Page 703
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-14 the ssm model provides a solution for source-specific multicast. It maintains the relationships between hosts and routers through igmpv3. In actual application, part of the pim-sm technique is adopted t...
Page 704
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-15 as shown in figure 5-9 , host b and host c are multicast information receivers. They send igmpv3 report messages denoted as (include s, g) to the respective drs to express their interest in the informat...
Page 705
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-16 5.2 configuring pim-dm 5.2.1 pim-dm configuration task list complete these tasks to configure pim-dm: task remarks enabling pim-dm required enabling state refresh optional configuring state refresh para...
Page 706
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-17 to do... Use the command... Remarks enable pim-dm pim dm required disabled by default caution: z all the interfaces of the same router must work in the same pim mode. Z pim-dm cannot be used for multica...
Page 707
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-18 control the propagation scope of state refresh messages, you need to configure an appropriate ttl value based on the network size. Follow these steps to configure state refresh parameters: to do... Use ...
Page 708
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-19 5.3 configuring pim-sm note: a device can serve as a c-rp and a c-bsr at the same time. 5.3.1 pim-sm configuration task list complete these tasks to configure pim-sm: task remarks configuring pim-sm req...
Page 709
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-20 z bootstrap timeout time z an acl rule defining a legal c-rp address range and the range of multicast groups to be served z c-rp-adv interval z c-rp timeout time z the ip address of a static rp z an acl...
Page 710
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-21 5.3.4 configuring a bsr note: the bsr is dynamically elected from a number of c-bsrs. Because it is unpredictable which router will finally win a bsr election, the commands introduced in this section mu...
Page 711
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-22 perform neighbor check and rpf check on bsr messages and discard unwanted messages. 2) when a router in the network is controlled by an attacker or when an illegal router is present in the network, the ...
Page 713
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-24 to do... Use the command... Remarks enter system view system-view — enter interface view interface interface-type interface-number — configure a bsr admin-scope region boundary pim bsr-boundary required...
Page 714
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-25 note: about the bootstrap timeout time: z by default, the bootstrap timeout time is determined by this formula: bootstrap timeout = bootstrap interval × 2 + 10. The default bootstrap interval is 60 seco...
Page 715
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-26 ii. Configuring a c-rp in a pim-sm domain, you can configure routers that intend to become the rp as c-rps. The bsr collects the c-rp information by receiving the c-rp-adv messages from c-rps or auto-rp...
Page 716
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-27 device, the device can receive these two types of messages and record the rp information carried in such messages. Follow these steps to enable auto-rp: to do... Use the command... Remarks enter system ...
Page 717
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-28 note: z the commands introduced in this section are to be configured on c-rps. Z for the configuration of other timers in pim-sm, refer to configuring pim common timers . 5.3.6 configuring pim-sm regist...
Page 718
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-29 to do... Use the command... Remarks configure a filtering rule for register messages register-policy acl-number optional no register filtering rule by default configure the device to calculate the check...
Page 719
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-30 note: typically, you need to configure the above-mentioned parameters on the receiver-side dr and the rp only. Since both the dr and rp are elected, however, you should carry out these configurations on...
Page 720
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-31 when deploying a pim-sm domain, you are recommended to enable pim-sm on all interfaces of non-border routers (border routers are pim-enabled routers located on the boundary of bsr admin-scope regions). ...
Page 721
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-32 note: the commands introduced in this section are to be configured on all routers in the pim domain. Caution: z make sure that the same ssm group range is configured on all routers in the entire domain....
Page 722
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-33 5.5.2 configuration prerequisites before configuring pim common information, complete the following tasks: z configure any unicast routing protocol so that all devices in the domain are interoperable at...
Page 723
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-34 note: z generally, a smaller distance from the filter to the multicast source results in a more remarkable filtering effect. Z this filter works not only on independent multicast data but also on multic...
Page 724
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-35 new generation id. If a pim router finds that the generation id in a hello message from the upstream router has changed, it assumes that the status of the upstream neighbor is lost or the upstream neigh...
Page 725
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-36 to do... Use the command... Remarks configure the prune delay time (lan-delay) pim hello-option lan-delay interval optional 500 milliseconds by default configure the prune override interval pim hello-op...
Page 726
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-37 to do... Use the command... Remarks enter system view system-view — enter pim view pim — configure the hello interval timer hello interval optional 30 seconds by default configure assert timeout time ho...
Page 727
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-38 note: if there are no special networking requirements, we recommend that you use the default settings. 5.5.6 configuring join/prune message limits a larger join/prune message size will result in loss of...
Page 728
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-39 to do... Use the command... Remarks view the information about unacknowledged graft messages display pim grafts available in any view view the pim information on an interface or all interfaces display p...
Page 729
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-40 z switch a connects to stub network n1 through vlan-interface 100, and to switch d through vlan-interface 103. Z switch b and switch c connect to stub network n2 through their respective vlan-interface ...
Page 730
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-41 among the switches through a unicast routing protocol. Detailed configuration steps are omitted here. 2) enable ip multicast routing, and enable pim-dm on each interface # enable ip multicast routing on...
Page 731
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-42 carry out the display pim neighbor command to view the pim neighboring relationships among the switches. For example: # view the pim neighboring relationships on switch d. [switchd] display pim neighbor...
Page 732
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-43 the information on switch b and switch c is similar to that on switch a. # view the pim routing table information on switch d. [switchd] display pim routing-table total 0 (*, g) entry; 1 (s, g) entry (1...
Page 733
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-44 ii. Network diagram ether net ether net et hernet n1 n2 vlan- int101 vlan- int10 1 device interface ip address device interface ip address switch a vlan-int100 10.110.1.1/24 switch d vlan-int300 10.110....
Page 734
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-45 system-view [switcha] multicast routing-enable [switcha] interface vlan-interface 100 [switcha-vlan-interface100] igmp enable [switcha-vlan-interface100] pim sm [switcha-vlan-interface100] quit [switcha...
Page 735
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-46 [switcha] display pim bsr-info elected bsr address: 192.168.9.2 priority: 0 hash mask length: 30 state: accept preferred scope: not scoped uptime: 01:40:40 next bsr message scheduled at: 00:01:42 # view...
Page 736
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-47 assume that host a needs to receive information addressed to the multicast group g (225.1.1.1/24). An rpt will be built between switch a and switch e. When the multicast source s (10.110.5.100/24) regis...
Page 737
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-48 rp: 192.168.9.2 protocol: pim-sm, flag: spt act uptime: 00:00:42 upstream interface: vlan-interface300 upstream neighbor: null rpf prime neighbor: null downstream interface(s) information: total number ...
Page 738
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-49 z igmpv3 is to run between switch a and n1, and between switch b/switch c and n2. Ii. Network diagram ether net ether net et hernet n1 n2 vlan- int101 vlan- int10 1 device interface ip address device in...
Page 739
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-50 # enable ip multicast routing on switch a, enable pim-sm on each interface, and enable igmpv3 on vlan-interface 100, which connects switch a to the stub network. System-view [switcha] multicast routing-...
Page 740
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-51 toward the multicast source. Switches on the spt path (switch a and switch d) have generated an (s, g) entry, while switch e, which is not on the spt path, does not have multicast routing entries. You c...
Page 741
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-52 5.8 troubleshooting pim configuration 5.8.1 failure of building a multicast distribution tree correctly i. Symptom none of the routers in the network (including routers directly connected with multicast...
Page 742
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-53 2) check that pim is enabled on the interfaces, especially on the rpf interface. Use the display pim interface command to view the pim information on each interface. If pim is not enabled on the interfa...
Page 743
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-54 5.8.3 rps unable to join spt in pim-sm i. Symptom an rpt cannot be established correctly, or the rps cannot join the spt to the multicast source. Ii. Analysis z as the core of a pim-sm domain, the rps s...
Page 744
Operation manual – multicast h3c s7500e series ethernet switches chapter 5 pim configuration 5-55 z the rp is the core of a pim-sm domain. Make sure that the rp information on all routers is exactly the same, a specific group g is mapped to the same rp, and unicast routes are available to the rp. Ii...
Page 745
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-1 chapter 6 msdp configuration when configuring msdp, go to these sections for information you are interested in: z msdp overview z msdp configuration task list z configuring basic functions of msdp z con...
Page 746
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-2 caution: z msdp is applicable only if the intra-domain multicast protocol is pim-sm. Z msdp is meaningful only for the any-source multicast (asm) model. 6.1.2 how msdp works i. Msdp peers with one or mo...
Page 747
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-3 data from the multicast source arrives, the receiver-side msdp peer forwards the data to the receivers along the rpt. Z intermediate msdp peer: an msdp peer with multicast remote msdp peers, like rp 2. ...
Page 748
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-4 rp 1 dr 1 source pim-sm 1 pim-sm 3 pim-sm 2 pim-sm 4 rp 3 rp 2 dr 2 msdp peers sa message join message multicast packets register message receiver figure 6-2 msdp peering relationships the process of im...
Page 749
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-5 hop towards dr 1 at the multicast source side, so that it can directly join the spt rooted at the source over other pim-sm domains. Then, the multicast data can flow along the spt to rp 2 and is forward...
Page 750
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-6 sa message msdp peers as 1 as 2 as 3 as 4 as 5 rp 1 rp 2 rp 3 rp 4 rp 5 rp 6 rp 7 rp 8 rp 9 mesh group source (1) (2) (3) (3) (4) (7) (6) (5) (4) static rpf peers figure 6-3 diagram for rpf check for sa...
Page 751
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-7 an ebgp route exists between two msdp peers in different ass. Because the sa message is from an msdp peer (rp 7) in a different as, and the msdp peer is the next hop on the ebgp route to the source-side...
Page 752
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-8 1) the multicast source registers with the nearest rp. In this example, source registers with rp 1, with its multicast data encapsulated in the register message. When the register message arrives to rp ...
Page 753
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-9 6.2 msdp configuration task list complete these tasks to configure msdp: task remarks enabling msdp required creating an msdp peer connection required configuring basic functions of msdp configuring a s...
Page 754
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-10 6.3.2 enabling msdp follow these steps to enable msdp: to do... Use the command... Remarks enter system view system-view — enable ip multicast routing multicast routing-enable required disabled by defa...
Page 755
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-11 to do... Use the command... Remarks enter system view system-view — enter msdp view msdp — configure a static rpf peer static-rpf-peer peer-address [ rp-policy ip-prefix-name ] required no static rpf p...
Page 756
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-12 6.4.3 configuring an msdp mesh group an as may contain multiple msdp peers. You can use the msdp mesh group mechanism to avoid sa message flooding among these msdp peers and optimize the multicast traf...
Page 757
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-13 when a new msdp peer is created, or when a previously deactivated msdp peer connection is reactivated, or when a previously failed msdp peer attempts to resume operation, a tcp connection is required. ...
Page 758
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-14 message containing the multicast packet in an sa message and sends it out. After receiving the sa message, the remote rp decapsulates the sa message and delivers the multicast data contained in the reg...
Page 759
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-15 to do... Use the command... Remarks configure a filtering rule for sa request messages peer peer-address sa-request-policy [ acl acl-number ] optional sa request messages are not filtered by default ca...
Page 760
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-16 to do... Use the command... Remarks configure the minimum ttl value of multicast packets to be encapsulated in sa messages peer peer-address minimum-ttl ttl-value optional 0 by default 6.5.5 configurin...
Page 761
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-17 to do... Use the command... Remarks view the detailed information about the status of msdp peers display msdp peer-status [ peer-address ] available in any view view the (s, g) entry information in the...
Page 762
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-18 ii. Network diagram vla n-int103 vla n-int103 vla n-int20 0 vlan- int30 0 vlan- int40 0 device interface ip address device interface ip address switch a vlan-int103 10.110.1.2/24 switch d vlan-int104 1...
Page 763
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-19 system-view [switcha] multicast routing-enable [switcha] interface vlan-interface 103 [switcha-vlan-interface103] pim sm [switcha-vlan-interface103] quit [switcha] interface vlan-interface 100 [switcha...
Page 764
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-20 [switchc-bgp] quit # configure ibgp on switch e, and redistribute ospf routes. [switche] bgp 200 [switche-bgp] router-id 3.3.3.3 [switche-bgp] peer 192.168.3.1 as-number 200 [switche-bgp] import-route ...
Page 765
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-21 # view the information about bgp peering relationships on switch c. [switchc] display bgp peer bgp local router id : 2.2.2.2 local as number : 200 total number of peers : 2 peers in established state :...
Page 766
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-22 * 192.168.1.1 0 0 100? *> 192.168.3.0 0.0.0.0 0 0 ? * i 192.168.3.2 0 100 0 ? *> 192.168.3.1/32 0.0.0.0 0 0 ? *> 192.168.3.2/32 0.0.0.0 0 0 ? * i 192.168.3.2 0 100 0 ? When the multicast source in pim-...
Page 767
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-23 state: up up/down time: 00:15:47 resets: 0 connection interface: vlan-interface101 (192.168.1.1) number of sent/received messages: 16/16 number of discarded output messages: 0 elapsed time since last c...
Page 768
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-24 ii. Network diagram vlan-int101 vlan -int102 switch b switch a source 1 as 100 pim-sm 1 pim-sm 3 pim-sm 2 loop0 switch c switch d switch e switch f source 2 vlan-int100 vla n-int103 vlan-int101 vlan-in...
Page 769
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-25 system-view [switcha] multicast routing-enable [switcha] interface vlan-interface 103 [switcha-vlan-interface103] pim sm [switcha-vlan-interface103] quit [switcha] interface vlan-interface 100 [switcha...
Page 770
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-26 # configure switch b as a static rpf peer of switch c. [switchc] ip ip-prefix list-c permit 192.168.0.0 16 greater-equal 16 less-equal 32 [switchc] msdp [switchc-msdp] peer 192.168.3.2 connect-interfac...
Page 771
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-27 [switche] display msdp brief msdp peer brief information configured up listen connect shutdown down 1 1 0 0 0 0 peer's address state up/down time as sa count reset count 192.168.3.1 up 00:16:40 ? 13 0 ...
Page 772
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-28 ii. Network diagram loop10 lo op0 loo p2 0 loop10 loop 20 loop 0 receiver 1 source 1 switch a switch b switch c switch d switch e vl an -in t1 01 vl an -in t1 01 vla n-in t10 2 vla n-in t10 2 vlan-int1...
Page 773
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-29 [switchb] interface vlan-interface 100 [switchb-vlan-interface100] igmp enable [switchb-vlan-interface100] pim sm [switchb-vlan-interface100] quit [switchb] interface vlan-interface 103 [switchb-vlan-i...
Page 774
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-30 you can use the display msdp brief command to view the brief information of msdp peering relationships between the switches. # view the brief msdp peer information on switch b. [switchb] display msdp b...
Page 775
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-31 protocol: pim-sm, flag: spt 2msdp act uptime: 00:46:28 upstream interface: vlan-interface103 upstream neighbor: 10.110.2.2 rpf prime neighbor: 10.110.2.2 downstream interface(s) information: total numb...
Page 776
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-32 upstream interface: vlan-interface104 upstream neighbor: 10.110.4.2 rpf prime neighbor: 10.110.4.2 downstream interface(s) information: total number of downstreams: 1 1: vlan-interface200 protocol: pim...
Page 777
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-33 argument, all the (s, g) entries will be filtered off, namely no (s, g) entries of the local domain will be advertised. Z if the import-source command is not executed, the system will advertise all the...
Page 778
Operation manual – multicast h3c s7500e series ethernet switches chapter 6 msdp configuration 6-34 4) verify that the c-bsr address is different from the anycast rp address..
Page 779: Configuration
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-1 chapter 7 multicast routing and forwarding configuration when configuring multicast routing and forwarding, go to these sections for information you are interested in: z mult...
Page 780
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-2 7.1.2 rpf mechanism when creating multicast routing table entries, a multicast routing protocol uses the reverse path forwarding (rpf) mechanism to ensure multicast data deli...
Page 781
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-3 unicast route; instead, it relies on the existing unicast routing information or multicast static routes in creating multicast routing entries. When performing an rpf check, ...
Page 782
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-4 source 192.168.0.1/24 receiver receiver router a router b router c pos5/1 pos5/0 pos5/0 pos5/1 multicast packets destination/mask ip routing table on router c 192.168.0.0/24 ...
Page 783
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-5 unicast rpf route and the optimal multicast static route respectively from the routing tables, and uses one of them as the rpf route after comparison. Figure 7-2 multicast st...
Page 784
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-6 z request, with the igmp type field set to 0x1f, and z response, with the igmp type field set to 0x1e. Iii. Process of multicast traceroute 1) the querier sends a query to th...
Page 785
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-7 z the maximum number of routing entries in a multicast forwarding table 7.3.2 enabling ip multicast routing before configuring any layer 3 multicast functionality, you must e...
Page 788
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-10 routing protocol. In addition, newly added downstream nodes cannot be installed to the routing entry into the forwarding table. If the configured maximum number of routing e...
Page 790
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-12 caution: z the reset command clears the information in the multicast routing table or the multicast forwarding table, and thus may cause failure of multicast transmission. Z...
Page 791
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-13 iii. Configuration procedure 1) configure the interface ip addresses and enable unicast routing on each switch configure the ip address and subnet mask for each interface as...
Page 792
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-14 [switchb] display multicast rpf-info 50.1.1.100 rpf information about source 50.1.1.100: rpf interface: vlan-interface102, rpf neighbor: 30.1.1.2 referenced route/mask: 50.1...
Page 793
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-15 ii. Network diagram switch a switch b switch c vlan-int102 30.1.1.2/24 vlan-int101 20.1.1.2/24 vlan-int101 20.1.1.1/24 vlan-int102 30.1.1.1/24 source 1 source 2 receiver 40....
Page 794
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-16 [switchc] interface vlan-interface 300 [switchc-vlan-interface300] pim dm [switchc-vlan-interface300] quit [switchc] interface vlan-interface 102 [switchc-vlan-interface102]...
Page 795
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-17 as shown above, the rpf routes to source 2 exist on switch b and switch c. The source is the configured static route. 7.6 troubleshooting multicast routing and forwarding 7....
Page 796
Operation manual – multicast h3c s7500e series ethernet switches chapter 7 multicast routing and forwarding configuration 7-18 ii. Analysis if a multicast forwarding boundary has been configured through the multicast boundary command, any multicast packet will be kept from crossing the boundary. Iii...
Page 797: Table of Contents
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches table of contents i table of contents chapter 1 802.1x configuration ................................................................................................... 1-1 1.1 802.1x overview ...........................
Page 798
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches table of contents ii 3.2.3 vlan assigning ...................................................................................................... 3-3 3.2.4 acl assigning....................................................
Page 799
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-1 chapter 1 802.1x configuration when configuring 802.1x, go to these sections for information you are interested in: z 802.1x overview z configuring 802.1x z configuring a guest vlan ...
Page 800
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-2 figure 1-1 architecture of 802.1x z supplicant system: a system at one end of the lan segment, which is authenticated by the authenticator system at the other end. A supplicant syste...
Page 801
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-3 ii. Controlled port and uncontrolled port an authenticator provides ports for supplicants to access the lan. Each of the ports can be regarded as two logical ports: a controlled port...
Page 802
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-4 z after a user passes the authentication, the authentication server passes information about the user to the authenticator, which then controls the status of the controlled port acco...
Page 803
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-5 ii. Eap packet format an eapol frame of the type of eap-packet carries an eap packet in its packet body field. The format of the eap packet is shown in figure 1-4 . 0 15 code data le...
Page 804
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-6 bytes. If the eap packet is longer than 253 bytes, it can be fragmented and encapsulated into multiple eap-message attributes. 0 15 type string 7 length n eap packets figure 1-6 enca...
Page 805
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-7 z eap-md5: eap-md5 authenticates the identity of a supplicant. The radius server sends an md5 challenge (through an eap-request/md5 challenge packet) to the supplicant. Then the supp...
Page 806
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-8 1) when a user launches the 802.1x client software and enters the registered username and password, the 802.1x client software generates an eapol-start frame and sends it to the auth...
Page 807
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-9 note: in eap relay mode, a supplicant must use the same authentication method as that of the radius server, no matter whichever of the above mentioned authentication methods is used....
Page 808
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-10 different from the authentication process in eap relay mode, it is the authenticator that generates the random challenge for encrypting the user password information in eap terminat...
Page 809
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-11 user goes offline, all other users get offline at the same time. With the macbased method, each user of a port must be authenticated separately, and when an authenticated user goes ...
Page 810
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-12 note: z with a hybrid port, the vlan assigning will fail if you have configured the assigned vlan to carry tags. Z with a hybrid port, you cannot configure an assigned vlan to carry...
Page 811
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-13 1.2 configuring 802.1x 1.2.1 configuration prerequisites 802.1x provides a user identity authentication scheme. However, 802.1x cannot implement the authentication scheme solely by ...
Page 812
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-14 to do… use the command… remarks set the maximum number of attempts to send an authentication request to a supplicant dot1x retry max-retry-value optional 2 by default set timers dot...
Page 813
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-15 1.2.3 configuring 802.1x for a port i. Enabling 802.1x for a port follow these steps to enable 802.1x for a port: to do… use the command… remarks enter system view system-view — in ...
Page 814
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-16 z the 802.1x proxy detection function depends on the online user handshake function. Be sure to enable handshake before enabling proxy detection and to disable proxy detection befor...
Page 815
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-17 note: z you can specify a tagged vlan as the guest vlan for a hybrid port, but the guest vlan does not take effect. Similarly, if a guest vlan for a hybrid port is in operation, you...
Page 816
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-18 authentication when no response from the radius server is received. If the radius accounting fails, the authenticator gets users offline. Z a server group with two radius servers is...
Page 817
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-19 # add local access user localuser, enable the idle cut function, and set the idle cut interval. System-view [sysname] local-user localuser [sysname-luser-localuser] service-type lan...
Page 818
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-20 # set radius1 as the radius scheme for users of the domain and specify to use local authentication as the secondary scheme. [sysname-isp-aabbcc.Net] authentication default radius-sc...
Page 819
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-21 ii. Network diagrams internet update server authenticator server supplicant vlan 10 eth2/0/4 vlan 1 eth2/0/1 vlan 5 eth2/0/2 vlan 2 eth2/0/3 switch figure 1-11 network diagram for g...
Page 820
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-22 internet update server authenticator server supplicant vlan 10 eth2/0/4 vlan 5 eth2/0/1 vlan 5 eth2/0/2 vlan 2 eth2/0/3 vlan 5 switch figure 1-13 network diagram when the supplicant...
Page 821
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-23 [sysname-ethernet2/0/1] dot1x port-method portbased # set the port access control mode to auto. [sysname-ethernet2/0/1] dot1x port-control auto [sysname-ethernet2/0/1] quit # create...
Page 822
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-24 ii. Network diagram figure 1-14 network diagram for acl assigning iii. Configuration procedure # configure the ip addresses of the interfaces. (omitted) # configure the radius schem...
Page 823
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 1 802.1x configuration 1-25 after completing the above configurations, you can use the ping command to verify whether the acl 3000 assigned by the radius server functions. [sysname] ping 10.0.0.1 ping 10.0.0.1...
Page 824
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 2 ead fast deployment configuration 2-1 chapter 2 ead fast deployment configuration when configuring ead fast deployment, go to these sections for information you are interested in: z ead fast deployment overv...
Page 825
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 2 ead fast deployment configuration 2-2 2.2.2 configuration procedure i. Configuring a freely accessible network segment a freely accessible network segment, also called a free ip, is a network segment that us...
Page 826
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 2 ead fast deployment configuration 2-3 iii. Setting the ead rule timeout time with the ead fast deployment function, a user is authorized by an ead rule (generally an acl rule) to access the freely accessible...
Page 827
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 2 ead fast deployment configuration 2-4 ii. Network diagram host switch eth2/0/1 free ip: web server 192.168.1.3/24 internet 192.168.1.10/24 192.168.1.1/24 192.168.1.0/24 figure 2-1 network diagram for ead fas...
Page 828
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 2 ead fast deployment configuration 2-5 reply from 192.168.1.3: bytes=32 time reply from 192.168.1.3: bytes=32 time reply from 192.168.1.3: bytes=32 time reply from 192.168.1.3: bytes=32 time ping statistics f...
Page 829
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-1 chapter 3 mac authentication configuration when configuring mac authentication, go to these sections for information you are interested in: z mac authentication overview ...
Page 830
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-2 if the authentication succeeds, the user will be granted permission to access the network resources. 3.1.2 local mac authentication in local mac authentication, the devic...
Page 831
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-3 caution: if the quiet mac is the same as the static mac configured or an authentication-passed mac, then the quiet function is not effective. 3.2.3 vlan assigning for sep...
Page 832
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-4 caution: for local authentication: z the type of username and password of a local user must be consistent with that used for mac authentication. Z all the letters in the ...
Page 833
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-5 to do… use the command… remarks configure the username and password for mac authentication mac-authentication user-name-format { fixed [ account name ] [ password { ciphe...
Page 834
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-6 z a local user uses aaa as the username and 123456 as the password for authentication. Z set the offline detect timer to 180 seconds and the quiet timer to 3 minutes. Ii....
Page 835
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-7 user name format is fixed account fixed username:aaa fixed password:123456 offline detect period is 180s quiet period is 60s. Server response timeout value is 100s the ma...
Page 836
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-8 # configure a radius scheme. System-view [sysname] radius scheme 2000 [sysname-radius-2000] primary authentication 10.1.1.1 1812 [sysname-radius-2000] primary accounting ...
Page 837
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-9 silent mac user info: mac addr from port port index gigabitethernet2/0/1 is link-up mac address authentication is enabled authenticate success: 1, failed: 0 current onlin...
Page 838
Operation manual – 802.1x - mac authentication h3c s7500e series ethernet switches chapter 3 mac authentication configuration 3-10 [sysname-radius-2000] key accounting abc [sysname-radius-2000] user-name-format without-domain [sysname-radius-2000] quit # create an isp domain and specify the aaa sche...
Page 839: Table of Contents
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches table of contents i table of contents chapter 1 aaa/radius/hwtacacs configuration ................................................................. 1-1 1.1 aaa/radius/hwtacacs overview ...........................................
Page 840
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches table of contents ii 1.6.2 displaying and maintaining radius..................................................................... 1-38 1.6.3 displaying and maintaining hwtacacs ...................................................
Page 841: Configuration
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-1 chapter 1 aaa/radius/hwtacacs configuration when configuring aaa/radius/hwtacacs, go to these sections for information you are interested in: z aaa/radius/hwtacacs overview z aa...
Page 842
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-2 user nas radius server hwtacacs server internet figure 1-1 aaa networking diagram when a user tries to establish a connection to the nas and obtain the rights to access other ne...
Page 843
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-3 aaa can be implemented through multiple protocols. Currently, the device supports using radius and hwtacacs for aaa, and radius is often used in practice. 1.1.2 introduction to ...
Page 844
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-4 ii. Security authentication mechanism information exchanged between the radius client and the radius server is authenticated with a shared key, which is never transmitted over t...
Page 845
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-5 3) the radius server authenticates the username and password. If the authentication succeeds, it sends back an access-accept message containing the information of user’s right. ...
Page 846
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-6 table 1-1 main values of the code field code packet type description 1 access-request from the client to the server. A packet of this type carries user information for the serve...
Page 847
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-7 z value: value of the attribute, up to 253 bytes. Its format and content depend on the type and length fields. Table 1-2 radius attributes no. Attribute type no. Attribute type ...
Page 848
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-8 no. Attribute type no. Attribute type 30 called-station-id 77 connect-info 31 calling-station-id 78 configuration-token 32 nas-identifier 79 eap-message 33 proxy-state 80 messag...
Page 849
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-9 figure 1-5 segment of a radius packet containing an extended attribute 1.1.3 introduction to hwtacacs huawei terminal access controller access control system (hwtacacs) is an en...
Page 850
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-10 ii. Basic message exchange process of hwtacacs the following takes telnet user as an example to describe how hwtacacs performs user authentication, authorization, and accountin...
Page 851
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-11 4) upon receiving the request, the hwtacacs client asks the user for the username. 5) the user enters the username. 6) after receiving the username from the user, the hwtacacs ...
Page 852
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-12 1.2 aaa/radius/hwtacacs configuration task list i. Aaa configuration task list task remarks creating an isp domain required configuring isp domain attributes optional configuri...
Page 853
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-13 task remarks specifying security policy servers optional enabling the listening port of the radius client optional iii. Hwtacacs configuration task list task remarks creating a...
Page 854
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-14 1.3.2 creating an isp domain for the nas, each accessing user belongs to an isp domain. Up to 16 isp domains can be configured on a nas. If a user does not provide the isp doma...
Page 856
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-16 to do… use the command… remarks enter system view system-view — create an isp domain and enter isp domain view domain isp-name required specify the default authentication schem...
Page 857
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-17 1.3.5 configuring an aaa authorization scheme for an isp domain in aaa, authorization is a separate process at the same level as authentication and accounting. Its responsibili...
Page 859
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-19 specified accounting server. Accounting is not required, and therefore accounting scheme configuration is optional. If you do not perform any accounting configuration, the syst...
Page 860
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-20 note: z with the accounting optional command configured, a user that will be disconnected otherwise can use the network resources even when there is no available accounting ser...
Page 862
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-22 note: z with the local-user password-display-mode cipher-force command configured, a local user password is always displayed in cipher text, regardless of the configuration of ...
Page 864
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-24 1.4.2 specifying the radius authentication/authorization servers follow these steps to specify the radius authentication/authorization servers: to do… use the command… remarks ...
Page 865
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-25 to do… use the command… remarks specify the primary radius accounting server primary accounting ip-address [ port-number ] specify the secondary radius accounting server second...
Page 866
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-26 1.4.4 setting the shared key for radius packets the radius client and radius server use the md5 algorithm to encrypt packets exchanged between them and a shared key to verify t...
Page 867
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-27 note: z the maximum number of retransmission attempts of radius packets multiplied by the radius server response timeout period cannot be greater than 75. Z refer to the timer ...
Page 868
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-28 z if the secondary server fails, the device restores the status of the primary server to active immediately. If the primary server has resumed, the device turns to use the prim...
Page 870
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-30 note: z some earlier radius servers cannot recognize usernames that contain an isp domain name, therefore before sending a username including a domain name to such a radius ser...
Page 871
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-31 to do… use the command… remarks enter system view system-view — create a radius scheme and enter radius scheme view radius scheme radius-scheme-name required not defined by def...
Page 872
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-32 note: z if more than one interface of the device is enabled with portal, the interfaces may use different security policy servers. You can specify up to eight security policy s...
Page 873
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-33 1.5.2 specifying the hwtacacs authentication servers follow these steps to specify the hwtacacs authentication servers: to do… use the command… remarks enter system view system...
Page 874
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-34 note: z it is recommended to specify only the primary hwtacacs authorization server if backup is not required. Z the ip addresses of the primary and secondary authorization ser...
Page 875
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-35 note: z it is recommended to specify only the primary hwtacacs accounting server if backup is not required. Z the ip addresses of the primary and secondary accounting servers c...
Page 877
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-37 to do… use the command… remarks set the quiet timer for the primary server timer quiet minutes optional 5 minutes by default set the real-time accounting interval timer realtim...
Page 878
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-38 1.6.2 displaying and maintaining radius to do… use the command… remarks display the configuration information of a specified radius scheme or all radius schemes display radius ...
Page 879
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-39 1.7 aaa/radius/hwtacacs configuration examples 1.7.1 aaa for telnet users by a hwtacacs server i. Network requirements as shown in figure 1-7 , configure the switch to use the ...
Page 880
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-40 [switch-hwtacacs-hwtac] primary authorization 10.1.1.1 49 [switch-hwtacacs-hwtac] primary accounting 10.1.1.1 49 [switch-hwtacacs-hwtac] key authentication expert [switch-hwtac...
Page 881
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-41 note: configuration of separate aaa for other types of users is similar to that given in this example. The only difference lies in the access type. Ii. Network diagram figure 1...
Page 882
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-42 [switch-radius-rd] quit # create local user named telnet. [switch] local-user hello [switch-luser-hello] service-type telnet [switch-luser-hello] password simple hello [switch-...
Page 883
Operation manual – aaa radius hwtacacs h3c s7500e series ethernet switches chapter 1 aaa/radius/hwtacacs configuration 1-43 symptom2: radius packets cannot reach the radius server. Analysis: 1) the communication link between the nas and the radius server is down (at the physical layer and data link ...
Page 884: Table of Contents
Operation manual – portal h3c s7500e series ethernet switches table of contents i table of contents chapter 1 portal configuration .................................................................................................... 1-1 1.1 portal overview................................................
Page 885
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-1 chapter 1 portal configuration when configuring portal, go to these sections for information you are interested in: z portal overview z portal configuration task list z displaying and maintaining portal ...
Page 886
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-2 z security authentication mechanism: the security authentication mechanism works after the identity authentication process to check that the required anti-virus software, virus definition updates and os ...
Page 887
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-3 z during authentication, interacting with the portal server, the authentication/accounting server, and the security policy server for identity authentication, security authentication and accounting. Z af...
Page 888
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-4 caution: z because a portal client uses an ip address as its id, ensure that there is no network address translation (nat) device between the authentication client, access device, portal server, and auth...
Page 889
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-5 from this point of view, the difference between these two authentication modes lies in whether or not a layer 3 forwarding device can be present between the authentication client and the access device. T...
Page 890
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-6 the portal server or predefined free websites to pass, but redirects those destined for other websites to the portal server. The portal server provides a web page for the user to enter the username and p...
Page 891
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-7 for portal authentication, the re-dhcp authentication process is as follows: step 1 through step 6 are the same as those in the direct authentication/layer 3 portal authentication process. 1) after recei...
Page 892
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-8 z the portal-enabled interfaces of the access device are configured with valid ip addresses or have obtained valid ip addresses through dhcp. Z the portal server and the radius server have been installed...
Page 893
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-9 caution: z the destination port number that the device uses for sending packets to the portal server unsolicitedly must be the same as that the remote portal server actually uses. Z the portal server par...
Page 894
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-10 note: z if you specify both a vlan and an interface in a portal-free rule, the interface must belong to the vlan. Z you cannot configure two or more portal-free rules with the same filtering conditions....
Page 896
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-12 1.8 portal configuration examples 1.8.1 example for configuring direct portal authentication i. Network requirements z the switch is configured for direct authentication. Before portal authentication, u...
Page 897
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-13 [switch-radius-rs1] primary accounting 192.168.0.112 [switch-radius-rs1] key authentication radius [switch-radius-rs1] key accounting radius # specify that the isp domain name should not be included in ...
Page 898
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-14 1.8.2 example for configuring re-dhcp portal authentication i. Network requirements z the switch is configured for re-dhcp authentication. Users obtain ip addresses through the dhcp server. Before porta...
Page 899
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-15 iii. Configuration procedure note: z for re-dhcp authentication, you need to configure a public address pool (20.20.20.0/24, in this example) and a private address pool (10.0.0.0/24, in this example) on...
Page 900
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-16 [switch–vlan-interface100] portal server newpt method redhcp [switch–vlan-interface100] quit # configure the ip address of the interface connected with the portal server. [switch] interface vlan-interfa...
Page 901
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-17 # configure the portal server as follows: z name: newpt z ip address: 192.168.0.111 z key: portal z port number: 50100 z url: http://192.168.0.111/portal. System-view [switcha] portal server newpt ip 19...
Page 902
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-18 ii. Network diagram switch host 2.2.2.2/24 gateway : 2.2.2.1/24 vlan-int100 2.2.2.1/24 vlan-int2 192.168.0.100/24 portal server 192.168.0.111/24 192.168.0.112/24 security policy server 192.168.0.113/24 ...
Page 903
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-19 2) configure an authentication domain # create an isp domain named dm1 and enter its view. [switch] domain dm1 # configure the isp domain to use radius scheme rs1. [switch-isp-dm1] authentication portal...
Page 904
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-20 [switch] quit # configure the ip address of the interface connected with the portal server. [switch] interface vlan-interface 2 [switch–vlan-interface2] ip address 192.168.0.100 255.255.255.0 1.9 troubl...
Page 905
Operation manual – portal h3c s7500e series ethernet switches chapter 1 portal configuration 1-21 when the user uses the disconnect attribute on the client to log out, the portal server actively sends a req_logout message to the access device. The source port is 50100 and the destination port of the...
Page 906: Table of Contents
Operation manual – arp h3c s7500e series ethernet switches table of contents i table of contents chapter 1 arp configuration....................................................................................................... 1-1 1.1 arp overview.......................................................
Page 907
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-1 chapter 1 arp configuration when configuring arp, go to these sections for information you are interested in: z arp overview z configuring arp z configuring gratuitous arp z configuring arp source suppression ...
Page 908
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-2 1.1.2 arp message format figure 1-1 arp message format the following explains the fields in figure 1-1 . Z hardware type: this field specifies the hardware address type. The value “1” represents ethernet. Z pr...
Page 909
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-3 2) if host a finds no entry for host b, host a buffers the packet and broadcasts an arp request, in which the source ip address and source mac address are respectively the ip address and mac address of host a ...
Page 910
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-4 1) a dynamic entry is automatically created and maintained by arp. It can get aged, be updated by a new arp packet, or be overwritten by a static arp entry. When the aging timer expires or the port goes down, ...
Page 911
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-5 to do… use the command… remarks configure a non-permanent static arp entry arp static ip-address mac-address required no non-permanent static arp entry is configured by default. Caution: the vlan-id argument m...
Page 912
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-6 1.2.4 enabling the support for arp requests from a natural network when learning mac addresses, if the device finds that the source ip address of an arp packet and the ip address of the inbound interface are n...
Page 913
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-7 [sysname-vlan-interface10] quit [sysname] arp static 192.168.1.1 000f-e201-0000 10 gigabitethernet2/0/10 1.3 configuring gratuitous arp 1.3.1 introduction to gratuitous arp a gratuitous arp packet is a special...
Page 914
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-8 z the device sends large amounts of arp request messages to the destination subnet, which increases the load of the destination subnet. Z the device continuously resolves destination ip addresses, which increa...
Page 915
Operation manual – arp h3c s7500e series ethernet switches chapter 1 arp configuration 1-9 above process. This protects the device against the ip packet attack efficiently, reducing the load of the cpu. 1.5.2 enabling arp defense against ip packet attack the arp defense against ip packet attack func...
Page 916
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-1 chapter 2 proxy arp configuration when configuring proxy arp, go to these sections for information you are interested in: z proxy arp overview z enabling proxy arp z displaying and maintaining proxy arp ...
Page 917
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-2 2.3 displaying and maintaining proxy arp to do… use the command… remarks display whether proxy arp is enabled display proxy-arp [ interface vlan-interface vlan-id ] available in any view display whether ...
Page 918
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-3 [switch] vlan 2 [switch-vlan2] quit [switch] interface vlan-interface 1 [switch-vlan-interface1] ip address 192.168.10.99 255.255.255.0 [switch-vlan-interface1] proxy-arp enable [switch-vlan-interface1] ...
Page 919
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-4 [switchb-vlan2] port gigabitethernet 2/0/1 [switchb-vlan2] port gigabitethernet 2/0/2 [switchb-vlan2] port gigabitethernet 2/0/3 [switchb-vlan2] quit [switchb] interface gigabitethernet 2/0/2 [switchb-gi...
Page 920
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-5 ii. Network diagram figure 2-3 network diagram for local proxy arp configuration in isolate-user-vlan iii. Configuration procedure 1) configure the switch b # create vlan 2, vlan 3, and vlan 5 on switch ...
Page 921
Operation manual – arp h3c s7500e series ethernet switches chapter 2 proxy arp configuration 2-6 [switcha-vlan-interface5] ip address 192.168.10.100 255.255.0.0 ping host b on host a to verify that the two hosts are not reachable to each other, which indicates they are isolated at layer 2. # configu...
Page 922: Table of Contents
Operation manual – dhcp h3c s7500e series ethernet switches table of contents i table of contents chapter 1 dhcp overview............................................................................................................ 1-1 1.1 introduction to dhcp.............................................
Page 923
Operation manual – dhcp h3c s7500e series ethernet switches table of contents ii 2.8 displaying and maintaining the dhcp server................................................................. 2-17 2.9 dhcp server configuration examples...................................................................
Page 924: Chapter 1 Dhcp Overview
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-1 chapter 1 dhcp overview when configuring arp, go to these sections for information you are interested in: z introduction to dhcp z dhcp address allocation z dhcp message format z dhcp options z protocols and stan...
Page 925
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-2 note: when residing in a different subnet from the dhcp server, the dhcp client can get the ip address and other configuration parameters from the server via a dhcp relay agent. For information about the dhcp rel...
Page 926
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-3 3) if several dhcp servers send offers to the client, the client accepts the first received offer, and broadcasts it in a dhcp-request message to formally request the ip address. 4) all dhcp servers receive the d...
Page 927
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-4 figure 1-3 dhcp message format z op: message type defined in option field. 1 = request, 2 = reply z htype,hlen: hardware address type and length of a dhcp client. Z hops: number of relay agents a request message ...
Page 928
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-5 1.4 dhcp options 1.4.1 dhcp options overview the dhcp message adopts the same format as the bootstrap protocol (bootp) message for compatibility, but differs from it in the option field, which identifies new feat...
Page 929
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-6 i. Relay agent option (option 82) option 82 is the relay agent option in the option field of the dhcp message. It records the location information of the dhcp client. When a dhcp relay agent receives a client’s r...
Page 930
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-7 figure 1-7 sub-option 1 in verbose padding format note: in the above figure, except that the vlan id field has a fixed length of 2 bytes, all the other padding contents of sub-option 1 are length variable. Z sub-...
Page 931
Operation manual – dhcp h3c s7500e series ethernet switches chapter 1 dhcp overview 1-8 1.5 protocols and standards z rfc2131: dynamic host configuration protocol z rfc2132: dhcp options and bootp vendor extensions z rfc1542: clarifications and extensions for the bootstrap protocol z rfc 3046: dhcp ...
Page 932
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-1 chapter 2 dhcp server configuration when configuring the dhcp server, go to these sections for information you are interested in: z introduction to dhcp server z dhcp server configuration task list z ...
Page 933
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-2 2.1.2 dhcp address pool i. Address pool structure in response to a client’s request, the dhcp server selects an idle ip address from an address pool and sends it together with other parameters such as...
Page 934
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-3 for example, two address pools are configured on the dhcp server. The ranges of ip addresses that can be dynamically assigned are 1.1.1.0/24 and 1.1.1.0/25 respectively. If the ip address of the inter...
Page 935
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-4 follow these steps to enable dhcp: to do… use the command… remarks enter system view system-view — enable dhcp dhcp enable required disabled by default. 2.4 enabling the dhcp server on an interface wi...
Page 936
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-5 2.5 configuring an address pool for the dhcp server 2.5.1 configuration task list complete the following tasks to configure an address pool: task remarks creating a dhcp address pool required configur...
Page 937
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-6 2.5.3 configuring an address allocation mode caution: you can configure either the static binding or dynamic address allocation for an address pool as needed. It is required to specify an address rang...
Page 938
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-7 note: z use the static-bind ip-address command together with static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration. Z in a dhcp address pool, if...
Page 939
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-8 to do… use the command… remarks exclude ip addresses from automatic allocation dhcp server forbidden-ip low-ip-address [ high-ip-address ] optional except ip addresses of the dhcp server interfaces, a...
Page 940
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-9 to do… use the command… remarks enter system view system-view — enter dhcp address pool view dhcp server ip-pool pool-name — specify dns servers for the client dns-list ip-address & required not speci...
Page 942
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-11 to do… use the command… remarks specify gateways gateway-list ip-address & required no gateway is specified by default. 2.5.9 configuring option 184 parameters for the client with voice service to as...
Page 943
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-12 2.5.10 configuring the tftp server and bootfile name for the client this task is to specify the ip address and name of a tftp server and the bootfile name in the dhcp address pool. The dhcp clients u...
Page 944
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-13 to do… use the command… remarks specify the bootfile name bootfile-name bootfile-name optional not specified by default. 2.5.11 configuring self-defined dhcp options by configuring self-defined dhcp ...
Page 945
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-14 option option name corresponding command command parameter 58 renewal (t1) time value expired hex 59 rebinding (t2) time value expired hex 66 tftp server name tftp-server ascii 67 bootfile name bootf...
Page 946
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-15 to do… use the command… remarks enter system view system-view — enable unauthorized dhcp server detection dhcp server detect required disabled by default. Note: with the unauthorized dhcp server dete...
Page 947
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-16 if the server is configured to ignore option 82, it will assign an ip address to the client without adding option 82 in the response message. I. Configuration prerequisites before performing this con...
Page 949
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-18 the dhcp server configuration for the two types is the same. I. Network requirements z the dhcp server (switch a) assigns ip address to clients in subnet 10.1.1.0/24, which is subnetted into 10.1.1.0...
Page 950
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-19 configure the dhcp server # enable dhcp. System-view [switcha] dhcp enable # exclude ip addresses (addresses of the dns server, wins server and gateways). [switcha] dhcp server forbidden-ip 10.1.1.2 ...
Page 951
Operation manual – dhcp h3c s7500e series ethernet switches chapter 2 dhcp server configuration 2-20 iii. Solution 1) disconnect the client’s network cable and ping the client’s ip address on another host with a long timeout time to check whether there is a host using the same ip address. 2) if a pi...
Page 952
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-1 chapter 3 dhcp relay agent configuration when configuring the dhcp relay agent, go to these sections for information you are interested in: z introduction to dhcp relay agent z configuration task...
Page 953
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-2 ip network dhcp server dhcp relay agent dhcp client dhcp client dhcp client dhcp client figure 3-1 dhcp relay agent application no matter whether a relay agent exists or not, the dhcp server and ...
Page 954
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-3 if the dhcp relay agent supports option 82, it will handle a client’s request according to the contents defined in option 82, if any. The handling strategies are described in the table below. If ...
Page 955
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-4 follow these steps to enable dhcp: to do… use the command… remarks enter system view system-view — enable dhcp dhcp enable required disabled by default. 3.3.2 enabling the dhcp relay agent on an ...
Page 956
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-5 to do… use the command… remarks enter system view system-view — create a dhcp server group and add a server into the group dhcp relay server-group group-id ip ip-address required not created by d...
Page 957
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-6 to do… use the command… remarks enter system view system-view — configure the dhcp relay agent to send a dhcp-release request dhcp relay release ip client-ip required 3.3.5 configuring the dhcp r...
Page 958
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-7 note: z the dhcp relay address-check enable command is independent of other commands of the dhcp relay agent. That is, the invalid address check takes effect when this command is executed, regard...
Page 959
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-8 iii. Enabling unauthorized dhcp servers detection there are unauthorized dhcp servers on networks, which reply dhcp clients with wrong ip addresses. With this feature enabled, upon receiving a dh...
Page 960
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-9 to do… use the command… remarks enable the relay agent to support option 82 dhcp relay information enable required disabled by default. Configure the handling strategy for requesting messages con...
Page 962
Operation manual – dhcp h3c s7500e series ethernet switches chapter 3 dhcp relay agent configuration 3-11 [switcha-vlan-interface1] dhcp select relay [switcha-vlan-interface1] quit # configure dhcp server group 1 with the dhcp server 10.1.1.1, and correlate the dhcp server group 1 with vlan-interfac...
Page 963
Operation manual – dhcp h3c s7500e series ethernet switches chapter 4 dhcp client configuration 4-1 chapter 4 dhcp client configuration when configuring the dhcp client, go to these sections for information you are interested in: z introduction to dhcp client z enabling the dhcp client on an interfa...
Page 964
Operation manual – dhcp h3c s7500e series ethernet switches chapter 4 dhcp client configuration 4-2 note: z an interface can be configured to acquire an ip address in multiple ways, but these ways are exclusive. The latest configuration will overwrite the previous configuration. Z after the dhcp cli...
Page 965
Operation manual – dhcp h3c s7500e series ethernet switches chapter 4 dhcp client configuration 4-3 note: to implement the dhcp client-server model, you need to perform related configuration on the dhcp server. For details, refer to dhcp server configuration examples ..
Page 966
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-1 chapter 5 dhcp snooping configuration when configuring dhcp snooping, go to these sections for information you are interested in: z dhcp snooping overview z configuring dhcp snooping basic functions...
Page 967
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-2 ii. Ensuring dhcp clients to obtain ip addresses from valid dhcp servers if there is an unauthorized dhcp server on a network, the dhcp clients may obtain invalid ip addresses. With dhcp snooping, t...
Page 968
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-3 ports, ge2/0/3 on switch a, ge2/0/1 on switch b, ge2/0/3 and ge2/0/4 on switch c, which are not directly connected to dhcp clients, from recording client’s ip-to-mac bindings. Dhcp snooping switch a...
Page 969
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-4 if a client’s requesting message has… handling strategy padding format the dhcp snooping device will… drop random drop the message. Keep random forward the message without changing option 82. Normal...
Page 970
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-5 note: z you need to specify the ports connected to the valid dhcp servers as trusted to ensure that dhcp clients can obtain valid ip addresses. The trusted port and the port connected to the dhcp cl...
Page 971
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-6 note: z to support option 82, it is required to perform related configuration on both the dhcp server and the device enabled with dhcp snooping. Refer to configuring the handling mode for option 82 ...
Page 972
Operation manual – dhcp h3c s7500e series ethernet switches chapter 5 dhcp snooping configuration 5-7 ii. Network diagram figure 5-3 network diagram for dhcp snooping configuration iii. Configuration procedure # enable dhcp snooping. System-view [switchb] dhcp-snooping # specify gigabitethernet 2/0/...
Page 973: Table of Contents
Operation manual – acl h3c s7500e series ethernet switches table of contents i table of contents chapter 1 acl overview .............................................................................................................. 1-1 1.1 introduction to acl ............................................
Page 974
Operation manual – acl h3c s7500e series ethernet switches table of contents ii 2.7 ipv4 acl configuration example ...................................................................................... 2-9 2.7.1 network requirements.......................................................................
Page 975: Chapter 1 Acl Overview
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-1 chapter 1 acl overview in order to filter traffic, network devices use sets of rules, called access control lists (acls), to identify and handle packets. When configuring acls, go to these chapters for information ...
Page 976
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-2 z software-based application: an acl is referenced by a piece of upper layer software. For example, an acl can be referenced to configure login user control behavior, thus controlling telnet, snmp and web users. No...
Page 977
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-3 1.2.2 ipv4 acl naming when creating an ipv4 acl, you can specify a unique name for it. Afterwards, you can identify the acl by its name. An ipv4 acl can have only one name. Whether to specify a name for an acl is u...
Page 978
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-4 2) if two rules are present with vpn instances, look at the protocol range in addition. Then compare packets against the rule with the protocol carried on ip specified prior to the other. 3) if the protocol ranges ...
Page 979
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-5 ii. Benefits of using the step with the step and rule numbering/renumbering mechanism, you do not need to assign rules numbers when defining them. The system will assign a newly defined rule a number that is the sm...
Page 980
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-6 table 1-2 ipv6 acl categories category acl number matching criteria basic ipv6 acl 2000 to 2999 source ipv6 address advanced ipv6 acl 3000 to 3999 source ipv6 address, destination ipv6 address, protocol carried on ...
Page 981
Operation manual – acl h3c s7500e series ethernet switches chapter 1 acl overview 1-7 ii. Depth-first match for an advanced ipv6 acl the following shows how your switch performs depth-first match in an advanced ipv6 acl: 1) sort rules by protocol range first, and compare packets against the rule wit...
Page 982
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-1 chapter 2 ipv4 acl configuration when configuring an ipv4 acl, go to these sections for information you are interested in: z creating a time range z configuring a basic ipv4 acl z configuring an advanced ...
Page 983
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-2 may use the time-range test from 00:00 01/01/2004 to 23:59 12/31/2004 command. Z compound time range created using the time-range time-name start-time to end-time days { from time1 date1 [ to time2 date2 ...
Page 984
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-3 2.2.1 configuration prerequisites if you want to reference a time range to a rule, define it with the time-range command first. 2.2.2 configuration procedure follow these steps to configure a basic ipv4 a...
Page 990
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-9 caution: z the source ipv4 acl and the destination ipv4 acl must be of the same type. Z the generated acl does not take the name of the source ipv4 acl. 2.6 displaying and maintaining ipv4 acls to do... U...
Page 991
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-10 2.7.2 network diagram eth2/0/4 eth2/0/1 eth2/0/2 eth2/0/3 192.168.4.1 switch r&d department marketing department salary query server president`s office 192.168.2.0/24 192.168.3.0/24 192.168.1.0/24 figure...
Page 992
Operation manual – acl h3c s7500e series ethernet switches chapter 2 ipv4 acl configuration 2-11 # configure traffic behavior b_rd to deny matching packets. [switch] traffic behavior b_rd [switch-behavior-b_rd] filter deny [switch-behavior-b_rd] quit # configure class c_market for packets matching i...
Page 993
Operation manual – acl h3c s7500e series ethernet switches chapter 3 ipv6 acl configuration 3-1 chapter 3 ipv6 acl configuration when configuring ipv6 acls, go to these sections for information you are interested in: z creating a time range z configuring a basic ipv6 acl z configuring an advanced ip...
Page 995
Operation manual – acl h3c s7500e series ethernet switches chapter 3 ipv6 acl configuration 3-3 [sysname] acl ipv6 number 2000 [sysname-acl6-basic-2000] rule permit source 2030:5060::9050/64 [sysname-acl6-basic-2000] rule deny source fe80:5060::8050/96 # verify the configuration. [sysname-acl6-basic...
Page 997
Operation manual – acl h3c s7500e series ethernet switches chapter 3 ipv6 acl configuration 3-5 3.3.3 configuration examples # create ipv6 acl 3000 to permit the tcp packets with the source address 2030:5060::9050/64 to pass. System-view [sysname] acl ipv6 number 3000 [sysname-acl6-adv-3000] rule pe...
Page 999
Operation manual – acl h3c s7500e series ethernet switches chapter 3 ipv6 acl configuration 3-7 # configure class c_rd for packets matching ipv6 acl 2000. [switch] traffic classifier c_rd [switch-classifier-c_rd] if-match acl ipv6 2000 [switch-classifier-c_rd] quit # configure traffic behavior b_rd ...
Page 1000: Table of Contents
Operation manual – qos h3c s7500e series ethernet switches table of contents i table of contents chapter 1 qos overview .............................................................................................................. 1-1 1.1 introduction ...................................................
Page 1001
Operation manual – qos h3c s7500e series ethernet switches table of contents ii 4.3.1 configuration procedure ......................................................................................... 4-3 4.3.2 configuration examples ......................................................................
Page 1002
Operation manual – qos h3c s7500e series ethernet switches table of contents iii 7.3.2 network diagram ..................................................................................................... 7-6 7.3.3 configuration procedure.................................................................
Page 1003: Chapter 1 Qos Overview
Operation manual – qos h3c s7500e series ethernet switches chapter 1 qos overview 1-1 chapter 1 qos overview 1.1 introduction quality of service (qos) is a concept generally existing in occasions where service supply-demand relations exist. Qos measures the ability to meet the service needs of custo...
Page 1004
Operation manual – qos h3c s7500e series ethernet switches chapter 1 qos overview 1-2 the new services have one thing in common: they all have special requirements for delivery performances such as bandwidth, delay, and delay jitter. For example, video conferencing and vod require the guarantee of h...
Page 1005
Operation manual – qos h3c s7500e series ethernet switches chapter 1 qos overview 1-3 within a certain period of time is improperly controlled and the traffic goes beyond the assignable network resources. 1.4.2 influence of congestion congestion may cause a series of negative influences: z congestio...
Page 1006
Operation manual – qos h3c s7500e series ethernet switches chapter 1 qos overview 1-4 z congestion management: congestion management is necessary for solving resource competition. Congestion management is generally to cache packets in the queues and arrange the forwarding sequence of the packets bas...
Page 1007: Configuration
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-1 chapter 2 traffic classification, tp, and lr configuration when configuring traffic classification, tp, and lr, go to these section for information you are interested in: z traff...
Page 1008
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-2 scheduling is performed on the packets; when congestion get worse, congestion avoidance is performed on the packets. 2.1.2 priority the following describes several types of prece...
Page 1009
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-3 services with low delay, low packet loss ratio, low jitter, and assured bandwidth (such as virtual leased line); z assured forwarding (af) class: this class is further divided in...
Page 1010
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-4 2) 802.1p priority 802.1p priority lies in layer 2 packet headers and is applicable to occasions where the layer 3 packet header does not need analysis but qos must be assured at...
Page 1011
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-5 the precedence is called 802.1p priority because the related applications of this precedence are defined in detail in the 802.1p specifications. 2.2 tp and lr overview if the tra...
Page 1012
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-6 bucket is enough to forward the packets, the traffic is conforming to the specification; otherwise, the traffic is nonconforming or excess. When the token bucket evaluates the tr...
Page 1013
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-7 z forwarding conforming packets or non-conforming packets. Z dropping conforming or non-conforming packets. Z marking a conforming packet with a new 802.1p precedence value and f...
Page 1014
Operation manual – qos h3c s7500e series ethernet switches chapter 2 traffic classification, tp, and lr configuration 2-8 2.4.2 lr configuration examples limit the outbound rate of ethernet 2/0/1 to 640 kbps. # enter system view system-view # enter interface view [sysname] interface ethernet 2/0/1 #...
Page 1015
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-1 chapter 3 qos policy configuration when configuring qos policy, go to these sections for information that you are interested in: z overview z configuring a qos policy z displaying and maintaining qos po...
Page 1016
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-2 1) define a class and define a group of traffic classification rules in class view. 2) define a traffic behavior and define a group of qos actions in traffic behavior view. 3) define a policy and specif...
Page 1017
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-3 table 3-1 the form of the match-criteria argument form description acl access-list-number specifies an acl to match packets. The access-list-number argument is in the range 2000 to 4999. In a class conf...
Page 1018
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-4 form description service-vlan-id vlan-id-list specifies to match the packets of the vlans of the operator’s network. The vlan-id-list argument is a list of vlan ids, in the form of vlan-id to vlan-id or...
Page 1019
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-5 i. Configuration procedure follow these steps to define a traffic behavior: to do… use the command… remarks enter system view system-view — create a traffic behavior and enter the corresponding traffic ...
Page 1020
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-6 to do… use the command… remarks remark ip precedence for packets remark ip-precedence ip-precedence-value remark local precedence for packets remark local-precedence local-precedence remark the service ...
Page 1021
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-7 note: in a qos policy with multiple class-to-traffic-behavior associations, if the action of creating an outer vlan tag, the action of setting customer network vlan id, or the action of setting service ...
Page 1023
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-9 table 3-2 the support for the inbound direction and the outbound direction sc lpu sa lpu ea lpu lpu type action inbound outbound inbound outbound inbound outbound traffic account ing supporte d supporte...
Page 1024
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-10 sc lpu sa lpu ea lpu lpu type action inbound outbound inbound outbound inbound outbound remark ing the dscp precede nce for packets supporte d supported supporte d not supported support ed not supporte...
Page 1025
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-11 caution: to ensure that a qos policy can be applied successfully, follow these guidelines when configuring a behavior for the policy: z the action of creating an outer vlan tag cannot be configured wit...
Page 1026
Operation manual – qos h3c s7500e series ethernet switches chapter 3 qos policy configuration 3-12 [sysname] interface ethernet 2/0/1 [sysname-ethernet2/0/1] qos apply policy test_policy inbound [sysname-ethernet2/0/1] quit # apply the qos policy to the inbound direction of the specified vlans. [sys...
Page 1027
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-1 chapter 4 congestion management when configuring congestion management, go to these section for information that you are interested in: z overview z congestion management policy z configuring an sp queue z...
Page 1028
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-2 figure 4-1 diagram for sp queuing sp queue-scheduling algorithm is specially designed for critical service applications. An important feature of critical services is that they demand preferential service i...
Page 1029
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-3 figure 4-2 diagram for wrr queuing a port of the switch supports eight outbound queues. The wrr queue-scheduling algorithm schedules all the queues in turn to ensure that every queue can be assigned a cert...
Page 1030
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-4 to do… use the command… remarks enter system view system-view — enter port view interface interface-type interface-number enter port view or port group view enter port group view port-group { manual port-g...
Page 1031
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-5 to do… use the command… remarks enter system view system-view — enter port view interface interface-type interface-number enter port view or port group view enter port group view port-group { manual port-g...
Page 1032
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-6 4.5 configuring sp+wrr queues as required, you can configure part of the queues on the port to adopt the sp queue-scheduling algorithm and parts of queues to adopt the wrr queue-scheduling algorithm. Throu...
Page 1033
Operation manual – qos h3c s7500e series ethernet switches chapter 4 congestion management 4-7 z configure queue 0, queue 1, queue 2 and queue 3 on ethernet2/0/1 to be in sp queue scheduling group. Z configure queue 4, queue 5, queue 6 and queue 7 on ethernet2/0/1 to be in wrr queue scheduling group...
Page 1034: Chapter 5 Priority Mapping
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-1 chapter 5 priority mapping when configuring priority mapping, go to these sections for information you are interested in: z priority mapping overview z configuring a priority mapping table z configuring the por...
Page 1035
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-2 table 5-1 the default values of dot1p-lp mapping and dot1p-dp mapping imported priority value dot1p-lp mapping dot1p-dp mapping 802.1p precedence (dot1p) local precedence (lp) drop precedence (dp) 0 2 0 1 0 0 2...
Page 1036
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-3 5.2 configuring a priority mapping table you can modify the priority mapping tables in a switch as required. Follow the two steps to configure priority mapping tables: z enter priority mapping table view; z con...
Page 1037
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-4 802.1p precedence local precedence 6 3 7 3 ii. Configuration procedure # enter system view. System-view # enter dot1p-lp priority mapping table view. [sysname] qos map-table dot1p-lp # modify dot1p-lp priority ...
Page 1038
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-5 to do… use the command… remarks enter system view system-view — enter port view interface interface-type interface-number enter port view or port group view enter port group view port-group { manual port-group-...
Page 1039
Operation manual – qos h3c s7500e series ethernet switches chapter 5 priority mapping 5-6 to do… use the command… remarks enter system view system-view — enter port view interface interface-type interface-number enter port view or port group view enter port group view port-group { manual port-group-...
Page 1040
Operation manual – qos h3c s7500e series ethernet switches chapter 6 traffic mirroring configuration 6-1 chapter 6 traffic mirroring configuration when configuring traffic mirroring, go to these sections for information that you are interested in: z overview z configuring traffic mirroring z display...
Page 1041
Operation manual – qos h3c s7500e series ethernet switches chapter 6 traffic mirroring configuration 6-2 to do… use the command… remarks enter system view system-view — enter traffic behavior view traffic behavior behavior-name required configure traffic mirroring action in the traffic behavior mirr...
Page 1042
Operation manual – qos h3c s7500e series ethernet switches chapter 6 traffic mirroring configuration 6-3 # enter system view. System-view # configure basic ipv4 acl 2000 to match packets with the source ip address 192.168.0.1. [sysname] acl number 2000 [sysname-acl-basic-2000] rule permit source 192...
Page 1043
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-1 chapter 7 vlan mapping configuration 7.1 vlan mapping overview vlan mapping includes the following types: z one-to-one vlan mapping z many-to-one vlan mapping z one-to-two vlan mapping z two-to-two vl...
Page 1044
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-2 for downlink data streams, change the svlan of the traffic to the original cvlan of the traffic by applying a qos policy to the port. 7.1.3 applying one-to-one vlan mapping one-to-one vlan mapping is ...
Page 1045
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-3 7.2 configuring one-to-one vlan mapping you need to perform one-to-one vlan mapping on the corridor switches shown in figure 7-1 to use vlans to isolate different services of different users. 7.2.1 co...
Page 1046
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-4 to do... Use the command... Remarks exit to system view quit — enter port view of the uplink port interface interface-type interface-number — set the link type of the uplink port to trunk port link-ty...
Page 1047
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-5 to do... Use the command... Remarks specify the svlan for the vlan mapping if-match service-vlan-id vlan-id-value required exit to system view quit — create a traffic behavior and enter traffic behavi...
Page 1048
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-6 7.3.2 network diagram pc iptv voip vlan 1 vlan 2 vlan 3 pc iptv voip vlan 1 vlan 2 vlan 3 pc iptv voip vlan 1 vlan 2 vlan 3 pc iptv voip vlan 1 vlan 2 vlan 3 home gateway home gateway switch b …… swit...
Page 1049
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-7 # configure uplink policies to map the cvlans to different svlans. [switcha] traffic classifier c1 [switcha-classifier-c1] if-match customer-vlan-id 1 [switcha-classifier-c1] traffic classifier c2 [sw...
Page 1050
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-8 [switcha-classifier-c55] traffic classifier c66 [switcha-classifier-c66] if-match service-vlan-id 302 [switcha-classifier-c66] quit [switcha] traffic behavior b11 [switcha-behavior-b11] remark custome...
Page 1051
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-9 # apply the uplink policy p2 to the inbound direction of gigabitethernet 2/0/2. [switcha-gigabitethernet2/0/2] qos apply policy p2 inbound # apply the downlink policy p22 to the outbound direction of ...
Page 1052
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-10 [switchb-policy-p1] classifier c2 behavior b2 [switchb-policy-p1] classifier c3 behavior b3 [switchb-policy-p1] quit [switchb] qos policy p2 [switchb-policy-p2] classifier c1 behavior b4 [switchb-pol...
Page 1053
Operation manual – qos h3c s7500e series ethernet switches chapter 7 vlan mapping configuration 7-11 [switchb] interface gigabitethernet 2/0/1 [switchb-gigabitethernet2/0/1] port link-type trunk [switchb-gigabitethernet2/0/1] port trunk permit vlan 111 211 311 # enable basic qinq on gigabitethernet ...
Page 1054: Table of Contents
Operation manual – port mirroring h3c s7500e series ethernet switches table of contents i table of contents chapter 1 port mirroring configuration ...................................................................................... 1-1 1.1 introduction to port mirroring ..............................
Page 1055
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-1 chapter 1 port mirroring configuration when configuring port mirroring, go to these sections for information you are interested in: z introduction to port mirroring z configuring local po...
Page 1056
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-2 1.1.2 implementing port mirroring port mirroring is implemented through port mirroring groups, which fall into these three categories: local port mirroring group, remote source port mirro...
Page 1057
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-3 z destination device destination device contains destination mirroring port, and remote destination port mirroring groups are created on destination devices. Upon receiving a mirrored pac...
Page 1058
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-4 note: z a local mirroring group is effective only when it has both source ports and the destination port configured. Z it is not recommended to enable stp, rstp or mstp on the destination...
Page 1059
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-5 to do… use the command… remarks configure the remote port mirroring vlan for the mirroring group mirroring-group group-id remote-probe vlan rprobe-vlan-id required note: z all ports in a ...
Page 1060
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-6 to do… use the command… remarks in system view mirroring-group group-id monitor-port monitor-port-id interface interface-type interface-number [ mirroring-group group-id ] monitor-port ad...
Page 1062
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-8 iii. Configuration procedure configure switch c. # create a local port mirroring group. System-view [switchc] mirroring-group 1 local # add port ethernet 2/0/1 and ethernet 2/0/2 to the p...
Page 1063
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-9 ethernet 2/0/2 to the port mirroring group as two source ports. Configure port ethernet 2/0/3 as the outbound mirroring port. Z configure port ethernet 2/0/3 of switch a, port ethernet 2/...
Page 1064
Operation manual – port mirroring h3c s7500e series ethernet switches chapter 1 port mirroring configuration 1-10 [switcha-ethernet2/0/3] port link-type trunk [switcha-ethernet2/0/3] port trunk permit vlan 2 2) configure switch b. # configure port ethernet 2/0/1 as a trunk port and configure the por...
Page 1065: Table of Contents
Operation manual – snmp-rmon h3c s7500e series ethernet switches table of contents i table of contents chapter 1 snmp configuration.................................................................................................... 1-1 1.1 snmp overview..................................................
Page 1066
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-1 chapter 1 snmp configuration when configuring snmp, go to these sections for information you are interested in: z snmp overview z snmp configuration z configuring snmp logging z trap configuration z dis...
Page 1067
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-2 z get operation: nms gets the value of a certain variable of agent through this operation. Z set operation: nms can reconfigure certain values in the agent mib (management information base) to make the ...
Page 1068
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-3 figure 1-1 relationship between nms, agent and mib mib stores data using a tree structure. The node of the tree is the managed object and can be uniquely identified by a path starting from the root node...
Page 1070
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-5 to do… use the command… remarks enter system view system-view — enable snmp agent snmp-agent required disabled by default you can enable snmp agent through this command or any commands that begin with s...
Page 1071
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-6 caution: the validity of a usm user depends on the engine id of the snmp agent. If the engine id used for usm user creation is not identical to the current engine id, the usm user is invalid. 1.3 config...
Page 1072
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-7 note: z logs occupy storage space of the device, thus affecting the performance of the device. Therefore, you are recommended to disable snmp logging. Z when snmp logging is enabled, snmp logs will be o...
Page 1073
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-8 to do… use the command… remarks set to enable the device to send traps of interface state change enable snmp trap updown optional transmission of traps of interface state change is allowed by default. C...
Page 1074
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-9 note: the extended linkup/linkdown traps comprise the standard linkup/linkdown traps defined in rfc plus interface description and interface type. If the extended messages are not supported on nms, you ...
Page 1075
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-10 ii. Network diagram terminal agent nms console vlan-int2 1.1.1.1/24 1.1.1.2/24 figure 1-3 network diagram for snmp (on a switch) iii. Configuration procedure 1) configuring snmp agent # configure the s...
Page 1076
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-11 note: the configurations on the agent and the nms must match. 1.7 snmp logging configuration example i. Network requirements z nms and agent are connected through an ethernet z the ip address of nms is...
Page 1077
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 1 snmp configuration 1-12 z the following log information is displayed on the terminal when nms performs the get operation to agent. %jan 1 02:49:40:566 2006 sysname snmp/6/get: seqno = srcip = op = node = value= z the followin...
Page 1078
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-1 chapter 2 rmon configuration when configuring rmon, go to these sections for information you are interested in: z rmon overview z configuring rmon z displaying and maintaining rmon z rmon configuration ...
Page 1079
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-2 z embedding rmon agents in network devices such as routers, switches, and hubs to provide the rmon probe function. Rmon nmss exchange data with rmon agents with basic snmp commands to gather network man...
Page 1080
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-3 iii. Private alarm group the private alarm group calculates the sampled values of alarm variables and compares the result with the defined threshold, thereby realizing a more comprehensive alarming func...
Page 1082
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-5 note: z two entries with the same configuration cannot be created. If the parameters of a newly created entry are identical to the corresponding parameters of an existing entry, the system considers the...
Page 1083
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-6 to do… use the command… remarks display rmon history information and the latest history sampling information display rmon history [ interface-type interface-number ] available in any view display rmon a...
Page 1084
Operation manual – snmp-rmon h3c s7500e series ethernet switches chapter 2 rmon configuration 2-7 statistics entry 1 owned by user1-rmon is valid. Interface : ethernet2/0/1 etherstatsoctets : 42615916 , etherstatspkts : 410801 etherstatsbroadcastpkts : 322849 , etherstatsmulticastpkts : 81004 ethers...
Page 1085: Table of Contents
Operation manual – ntp h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ntp configuration ....................................................................................................... 1-1 1.1 ntp overview......................................................
Page 1086
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-1 chapter 1 ntp configuration when configuring ntp, go to these sections for information you are interested in: z ntp overview z configuring the operation modes of ntp z configuring the local clock as a referenc...
Page 1087
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-2 advantages of ntp: z ntp uses a stratum to describe the clock precision, and is able to synchronize time among all devices within the network. Z ntp supports access control and md5 authentication. Z ntp can un...
Page 1088
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-3 z when the ntp message leaves switch b, switch b timestamps it. The timestamp is 11:00:02 am (t3). Z when switch a receives the ntp message, the local time of switch a is 10:00:03 am (t4). Up to now, switch a ...
Page 1089
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-4 li vn mode stratum poll precision 0 7 15 23 31 root delay (32 bits) root dispersion (32 bits) reference identifier (32 bits) receive timestamp (64 bits) transmit timestamp (64 bits) authenticator (optional 96 ...
Page 1090
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-5 z originate timestamp: the local time at which the request departed the client for the service host. Z receive timestamp: the local time at which the request arrived at the service host. Z transmit timestamp: ...
Page 1091
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-6 ii. Symmetric peers mode figure 1-4 symmetric peers mode a device working in the symmetric active mode periodically sends clock synchronization messages, with the mode field in the message set to 1 (symmetric ...
Page 1092
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-7 the network delay between client and the server. Then, the client enters the broadcast client mode and continues listening to broadcast messages, and synchronizes its local clock based on the received broadcas...
Page 1093
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-8 z the ntp client on a ce can be synchronized to the ntp server on a provider edge device (pe). Z the ntp client on a pe can be synchronized to the ntp server on a ce through a designated vpn instance. Z the nt...
Page 1094
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-9 note: a single switch can have a maximum of 128 associations at the same time, including static associations and dynamic associations. A static association refers to an association that a user has manually cre...
Page 1095
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-10 note: z in the ntp-service unicast-server command, ip-address must be a host address, rather than a broadcast address, a multicast address or the ip address of the local clock. Z when the interface sending th...
Page 1096
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-11 note: z in the symmetric mode, you should use the ntp-service refclock-master command or any ntp configuration command in configuring the operation modes of ntp to enable ntp; otherwise, a symmetric-passive p...
Page 1097
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-12 ii. Configuring the broadcast server to do… use the command… remarks enter system view system-view — enter interface view interface interface-type interface-number enter the interface used to send ntp broadca...
Page 1098
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-13 ii. Configuring the multicast server to do… use the command… remarks enter system view system-view — enter interface view interface interface-type interface-number enter the interface used to send ntp multica...
Page 1099
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-14 1.4 configuring optional parameters of ntp 1.4.1 configuring the interface to send ntp messages after you specify the interface used to send ntp messages, the source ip address of the ntp message will be conf...
Page 1100
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-15 1.5 configuring access-control rights with the following command, you can configure the ntp service access-control right to the local device. There are four access-control rights, as follows: z query : contro...
Page 1101
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-16 note: the access-control right mechanism provides only a minimum degree of security protection for the system running ntp. A more secure method is identity authentication. 1.6 configuring ntp authentication t...
Page 1102
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-17 1.6.2 configuration procedure i. Configuring ntp authentication for a client follow these steps to configure ntp authentication for a client: to do… use the command… remarks enter system view system-view — en...
Page 1103
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-18 to do… use the command… remarks configure an ntp authentication key ntp-service authentication-keyid keyid authentication-mode md5 value required no ntp authentication key by default configure the key as a tr...
Page 1104
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-19 1.8 ntp configuration examples 1.8.1 configuring ntp server/client mode i. Network requirements z the local clock of switch a is to be used as a reference source, with the stratum level of 2. Z switch b works...
Page 1105
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-20 [switchb] display ntp-service status clock status: synchronized clock stratum: 3 reference clock id: 1.0.1.11 nominal frequency: 100.0000 hz actual frequency: 100.0000 hz clock precision: 2^7 clock offset: 0....
Page 1106
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-21 ii. Network diagram switch a switch b switch c 3.0.1.31/24 3.0.1.32/24 3.0.1.33/24 figure 1-8 network diagram for ntp symmetric peers mode configuration iii. Configuration procedure 1) configuration on switch...
Page 1107
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-22 nominal frequency: 100.0000 hz actual frequency: 100.0000 hz clock precision: 2^7 clock offset: -21.1982 ms root delay: 15.00 ms root dispersion: 775.15 ms peer dispersion: 34.29 ms reference time: 15:22:47.0...
Page 1108
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-23 ii. Network diagram vlan-int3 1.0.1.11/24 vlan-int3 1.0.1.10/24 vlan-int2 3.0.1.31/24 vlan-int2 3.0.1.32/24 vlan-int2 3.0.1.30/24 switch a switch b switch c switch d figure 1-9 network diagram for ntp broadca...
Page 1109
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-24 # view the ntp status of switch d after clock synchronization. [switchd] display ntp-service status clock status: synchronized clock stratum: 3 reference clock id: 3.0.1.31 nominal frequency: 100.0000 hz actu...
Page 1110
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-25 ii. Network diagram vlan-int3 1.0.1.11/24 vlan-int3 1.0.1.10/24 vlan-int2 3.0.1.31/24 vlan-int2 3.0.1.32/24 vlan-int2 3.0.1.30/24 switch a switch b switch c switch d figure 1-10 network diagram for ntp multic...
Page 1111
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-26 actual frequency: 100.0000 hz clock precision: 2^7 clock offset: 0.0000 ms root delay: 31.00 ms root dispersion: 8.31 ms peer dispersion: 34.30 ms reference time: 16:01:51.713 utc apr 25 2007 (c6d95f6f.B6872b...
Page 1112
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-27 [switcha-vlan-interface3] ntp-service multicast-client # view the ntp status of switch a after clock synchronization. [switcha] display ntp-service status clock status: synchronized clock stratum: 3 reference...
Page 1113
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-28 ii. Network diagram figure 1-11 network diagram for configuration of ntp server/client mode with authentication iii. Configuration procedure 1) configuration on switch a: # specify the local clock as the refe...
Page 1114
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-29 clock stratum: 3 reference clock id: 1.0.1.11 nominal frequency: 100.0000 hz actual frequency: 100.0000 hz clock precision: 2^7 clock offset: 0.0000 ms root delay: 31.00 ms root dispersion: 1.05 ms peer dispe...
Page 1115
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-30 ii. Network diagram vlan-int3 1.0.1.11/24 vlan-int3 1.0.1.10/24 vlan-int2 3.0.1.31/24 vlan-int2 3.0.1.32/24 vlan-int2 3.0.1.30/24 switch a switch b switch c switch d figure 1-12 network diagram for configurat...
Page 1116
Operation manual – ntp h3c s7500e series ethernet switches chapter 1 ntp configuration 1-31 now, switch d can receive broadcast messages through vlan-interface 2, and switch c can send broadcast messages through vlan-interface 2. Upon receiving a broadcast message from switch c, switch d synchronize...
Page 1117: Table of Contents
Operation manual – dns h3c s7500e series ethernet switches table of contents i table of contents chapter 1 dns configuration....................................................................................................... 1-1 1.1 dns overview ......................................................
Page 1118
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-1 chapter 1 dns configuration when configuring dns, go to these sections for information you are interested in: z dns overview z configuring the dns client z configuring the dns proxy z displaying and maintainin...
Page 1119
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-2 1.1.2 dynamic domain name resolution i. Resolving procedure dynamic domain name resolution is implemented by querying the dns server. The resolution procedure is as follows: 1) a user program sends a name quer...
Page 1120
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-3 for example, a user can configure com as the suffix for aabbcc.Com. The user only needs to type aabbcc to get the ip address of aabbcc.Com. The resolver can add the suffix and delimiter before passing the name...
Page 1121
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-4 figure 1-2 dns proxy networking application ii. Operation of a dns proxy 1) a dns client considers the dns proxy as the dns server, and sends a dns request to the dns proxy, that is, the destination address of...
Page 1122
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-5 note: the ip address you last assign to the host name will overwrite the previous one if there is any. You may create up to 50 static mappings between domain names and ip addresses. 1.2.2 configuring dynamic d...
Page 1123
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-6 1.4 displaying and maintaining dns to do… use the command… remarks display the static domain name resolution table display ip host display dns server information display dns server [ dynamic ] available in any...
Page 1124
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-7 reply from 10.1.1.2: bytes=56 sequence=3 ttl=128 time=2 ms reply from 10.1.1.2: bytes=56 sequence=4 ttl=128 time=2 ms reply from 10.1.1.2: bytes=56 sequence=5 ttl=128 time=2 ms --- host.Com ping statistics ---...
Page 1125
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-8 # enter dns server configuration page. Select start > programs > administrative tools > dns. # create zone com. In figure 1-5 , right click forward lookup zones, select new zone, and then follow the instructio...
Page 1126
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-9 in figure 1-6 , right click zone com, and then select new host to bring up a dialog box as shown in figure 1-7 . Enter host name host and ip address 3.1.1.1. Figure 1-7 add a mapping between domain name and ip...
Page 1127
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-10 reply from 3.1.1.1: bytes=56 sequence=4 ttl=126 time=1 ms reply from 3.1.1.1: bytes=56 sequence=5 ttl=126 time=1 ms --- host.Com ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet l...
Page 1128
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-11 this configuration may vary with different dns servers. When a windows 2000 server acts as the dns server, refer to dynamic domain name resolution configuration example for related configuration information. ...
Page 1129
Operation manual – dns h3c s7500e series ethernet switches chapter 1 dns configuration 1-12 1.6 troubleshooting dns configuration i. Symptom after enabling the dynamic domain name resolution, the user cannot get the correct ip address. Ii. Solution z use the display dns dynamic-host command to verif...
Page 1130: Table of Contents
Operation manual – file system management h3c s7500e series ethernet switches table of contents i table of contents chapter 1 file system management configuration ................................................................... 1-1 1.1 file system management .........................................
Page 1131
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-1 chapter 1 file system management configuration when configuring the file system management, go to these sections for information you are interested in: z file system manag...
Page 1132
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-2 1.1.2 directory operations directory operations include create, delete, display the current path, display specified directory or file information as shown in the following...
Page 1133
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-3 to do… use the command… remarks empty the recycle bin reset recycle-bin [ /force ] optional available in user view display the contents of a file more file-url optional cu...
Page 1134
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-4 1.1.4 storage device operations i. Naming rules naming rules of the storage devices are as follows: z if there is only one storage device of the same type on the device, t...
Page 1135
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-5 when a device is unmounted, it is in a logically disconnected state, you can then remove the storage device from the system safely. To mount a device, you are reconnecting...
Page 1137
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-7 1.2 configuration file management the device provides the configuration file management function with a user-friendly operating interface for you to manage the configurati...
Page 1138
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-8 1.2.2 saving the current configuration you can modify the configuration on your device at the command line interface (cli). To use the modified configuration for your subs...
Page 1139
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-9 note: z fast saving mode is suitable for environments where power supply is stable. The safe mode, however, is preferred where stable power supply is unavailable or remote...
Page 1140
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-10 note: if you specify the file-name argument when executing the save command, the system saves the current configuration with specified path; if you do not specify the fil...
Page 1141
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-11 caution: the configuration file must use “.Cfg” as its extension name and the startup configuration file must be saved under the root directory of the device 1.2.6 backin...
Page 1142
Operation manual – file system management h3c s7500e series ethernet switches chapter 1 file system management configuration 1-12 note: before backup, you should: z ensure that the server is reachable, the server is enabled with tftp service, and the client has permission to read and write. Z use th...
Page 1144
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-1 chapter 2 ftp configuration when configuring ftp, go to these sections for information you are interested in: z ftp overview z configuring the ftp client z configuring the ftp server z displ...
Page 1145
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-2 figure 2-1 ftp configuration caution: z the ftp function is available when a route exists between the ftp server and the ftp client. Z when a device serving as the ftp server logs onto the d...
Page 1146
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-3 the source address specified with the ftp client source command is valid for all ftp connections and the source address specified with the ftp command is valid only for the current ftp conne...
Page 1147
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-4 to do… use the command… remarks log onto the remote ftp server directly in user view ftp ipv6 [ server-address [ service-port ] [ source ipv6 source-ipv6-address ] [ -i interface-type interf...
Page 1148
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-5 to do… use the command… remarks download a file from the ftp server get remotefile [ localfile ] optional upload a file to the ftp server put localfile [ remotefile ] optional view the worki...
Page 1149
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-6 2.2.3 ftp client configuration example i. Network requirements z use your device as an ftp client to download a startup file from the ftp server. Z the ip address of the ftp server is 10.1.1...
Page 1150
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-7 password: 230 user logged in. [ftp] binary 200 type set to i. [ftp] get aaa. App bbb.App 227 entering passive mode (10.1.1.1,4,1). 125 binary mode data connection already open, transfer star...
Page 1151
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-8 to do… use the command… remarks enter system view system-view — enable the ftp server ftp server enable required disabled by default. Configure the idle-timeout timer ftp timeout minutes opt...
Page 1152
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-9 to do… use the command… remarks specify the directory an ftp user can access work-directory directory-name optional by default, the ftp users can access the root directory of the device. Set...
Page 1153
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-10 system-view [sysname] local-user abc [sysname-luser-abc] password simple pwd [sysname-luser-abc] level 3 # specify abc to use ftp, and authorize its access to certain directory. [sysname-lu...
Page 1154
Operation manual – file system management h3c s7500e series ethernet switches chapter 2 ftp configuration 2-11 note: z when upgrading the configuration file with ftp, put the new file under the root directory. Z after you finish upgrading the bootrom program through ftp, you must execute the bootrom...
Page 1155
Operation manual – file system management h3c s7500e series ethernet switches chapter 3 tftp configuration 3-1 chapter 3 tftp configuration when configuring tftp, go to these sections for information you are interested in: z tftp overview z configuring the tftp client z displaying and maintaining th...
Page 1156
Operation manual – file system management h3c s7500e series ethernet switches chapter 3 tftp configuration 3-2 figure 3-1 tftp configuration diagram before using tftp, the administrator needs to configure ip addresses for the tftp client and server, and make sure that there is a route between the tf...
Page 1157
Operation manual – file system management h3c s7500e series ethernet switches chapter 3 tftp configuration 3-3 z if the source address is specified with the tftp client source command and then with the tftp command, the source address configured with the latter one is used to communicate with a tftp...
Page 1158
Operation manual – file system management h3c s7500e series ethernet switches chapter 3 tftp configuration 3-4 3.3 displaying and maintaining the tftp client to do… use the command… remarks display the configuration of the tftp client display tftp client configuration available in any view 3.4 tftp ...
Page 1159
Operation manual – file system management h3c s7500e series ethernet switches chapter 3 tftp configuration 3-5 # assign vlan-interface 1 an ip address 1.1.1.1/16, making sure that the port connected to pc belongs to the same vlan. [sysname] interface vlan-interface 1 [sysname-vlan-interface1] ip add...
Page 1160: Table of Contents
Operation manual – information center h3c s7500e series ethernet switches table of contents i table of contents chapter 1 information center configuration.............................................................................. 1-1 1.1 information center overview...................................
Page 1161
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-1 chapter 1 information center configuration when configuring information center, go to these sections for information you are interested in: z information center overview z configu...
Page 1162
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-2 table 1-1 severity description severity severity value description emergencies 0 the system is unavailable. Alerts 1 information that demands prompt reaction critical 2 critical i...
Page 1163
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-3 information channel number default channel name default output destination 4 logbuffer log buffer (receives log information, a buffer inside the router for recording information.)...
Page 1164
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-4 module name description eth ethernet module ftps ftp server module garp generic attribute registration protocol module ha high availability module hwcm huawei configuration manage...
Page 1165
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-5 module name description vlan virtual local area network module vos virtual operating system module vrrp virtual router redundancy protocol module vty virtual type terminal module ...
Page 1166
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-6 ii. Timestamp timestamp records the time when system information is generated to allow users to check and identify system events. Note that there is a space between the timestamp ...
Page 1167
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-7 task remarks setting to output system information to the trap buffer optional setting to output system information to the log buffer optional setting to output system information ...
Page 1168
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-8 table 1-4 default output rules for different output destinations log trap debug output destina tion module s allowe d enable d/disab led severit y enable d/disab led severit y ena...
Page 1169
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-9 to do… use the command… remarks enable the monitoring of system information on the console terminal monitor optional enabled on the console and disabled on the monitor terminal by...
Page 1171
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-11 1.2.4 setting to output system information to a log host to do… use the command… remarks enter system view system-view — enable information center info-center enable optional ena...
Page 1172
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-12 to do… use the command… remarks name the channel with a specified channel number info-center channel channel-number name channel-name optional refer to table 1-2 for default chan...
Page 1175
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-15 note: z to ensure that the device works normally, use the info-center logfile size-quota command to set a logfile to be no smaller than 1 mb and no larger than 10 mb. Z use the i...
Page 1177
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-17 iii. Configuration procedure before the configuration, make sure that there is a route between device and pc. 1) configuring the device # enable information center. System-view [...
Page 1178
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-18 # mydevice configuration messages local4.Info /var/log/mydevice/information note: be aware of the following issues while editing the /etc/syslog.Conf file: z comments must be on ...
Page 1179
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-19 1) configuring the device # enable information center. System-view [sysname] info-center enable # specify the host with ip address 1.2.0.1/16 as the log host, use channel loghost...
Page 1180
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-20 note: be aware of the following issues while editing the /etc/syslog.Conf file: z comments must be on a separate line and must begin with the # sign. Z the selector/action pair m...
Page 1181
Operation manual – information center h3c s7500e series ethernet switches chapter 1 information center configuration 1-21 iii. Configuration procedure # enable information center. System-view [sysname] info-center enable # use channel console to output log information to the console (optional, conso...
Page 1182: Table of Contents
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches table of contents i table of contents chapter 1 basic configurations................................................................................................... 1-1 1.1 basic configurations...................
Page 1183
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches table of contents ii 3.2.9 identifying and diagnosing pluggable transceivers............................................... 3-9 3.3 displaying and maintaining device management configuration ........................
Page 1184
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-1 chapter 1 basic configurations while performing basic configurations of the system, go to these sections for information you are interested in: z basic configurations z cli feat...
Page 1185
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-2 1.1.2 configuring the device name to do… use the command… remarks enter system view system-view — configure the device name sysname sysname optional the device name is h3c by de...
Page 1186
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-3 table 1-1 relationship between the configuration and display of the system clock configuration system clock displayed by the display clock command example 1 date-time configure:...
Page 1187
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-4 configuration system clock displayed by the display clock command example if date-time is not in the summer time range, date-time is displayed. Configure: clock summer-time ss o...
Page 1188
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-5 configuration system clock displayed by the display clock command example if the value of "date-time"±"zone-offset" is not in the summer-time range, "date-time"±"zone-offset" is...
Page 1189
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-6 z incoming banner, also called user interface banner, displayed when a user interface is activated by a modem user. Z login banner, welcome information at login authentications,...
Page 1190
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-7 to do… use the command… remarks configure the banner to be displayed before login header motd text optional 1.1.5 configuring cli hotkeys follow these steps to configure cli hot...
Page 1191
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-8 hotkey function displays the next command in the history command buffer. Displays the previous command in the history command buffer. Redisplays the current line information. Pa...
Page 1192
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-9 table 1-3 default command levels level privilege command 0 visit ping, tracert, telnet 1 monitor refresh, reset, send 2 system all configuration commands except for those at man...
Page 1193
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-10 caution: z when you configure the password for switching user level with the super password command, the user level is defaulted to 3 if no user level is specified. Z you can s...
Page 1194
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-11 diagnostic-information command has the same effect as that of the commands display clock , display version, display device, and display current-configuration. Note: z for the d...
Page 1195
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-12 example, for the keyword ethernet, you only need to input eth when you execute a command with this keyword. 1.2.2 online help with command lines the following are the types of ...
Page 1196
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-13 4) enter a character string followed by a >. All the commands starting with this string are displayed. C? Cd clock copy 5) enter a command followed by a character string and a ...
Page 1197
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-14 key function key deletes the character to the left of the cursor and move the cursor back one character. Left-arrow key or the cursor moves one character space to the left. Rig...
Page 1198
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-15 character meaning remarks $ ending sign, the string before it appears only at the end of a line. Regular expression "user$” matches a string ends with “user”, not “usera”. . Fu...
Page 1199
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-16 action function displays information on the previous page. Displays information on the next page. 1.2.7 saving history commands the cli can automatically save the commands that...
Page 1200
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 1 basic configurations 1-17 table 1-7 common command line errors error information cause the command was not found. The keyword was not found. Parameter type error % unrecognized command found at '^' posi...
Page 1201
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 2 system maintaining and debugging 2-1 chapter 2 system maintaining and debugging when maintaining and debugging the system, go to these sections for information you are interested in: z system maintainin...
Page 1202
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 2 system maintaining and debugging 2-2 ii. The tracert command by using the tracert command, you can trace the routers involved in delivering a packet from source to destination. This is useful for identi...
Page 1203
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 2 system maintaining and debugging 2-3 off on off on debugging information protocol debugging switch screen output switch 1 3 1 2 3 off on on 1 3 1 2 3 1 3 debugging information screen output switch proto...
Page 1205
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 2 system maintaining and debugging 2-5 note: z the debugging commands are usually used by administrators in diagnosing network failure. Z output of the debugging information may reduce system efficiency, ...
Page 1206
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-1 chapter 3 device management when configuring device management, go to these sections for information you are interested in: z device management overview z configuring device manage...
Page 1207
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-2 3.2 configuring device management 3.2.1 rebooting a device when a fault occurs to a running device, you can remove the fault by rebooting the device, depending on the actual situat...
Page 1208
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-3 3.2.2 specifying a boot rom file for the next device boot a boot rom file is an application file used to boot the device. When multiple boot rom files are available on the storage ...
Page 1209
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-4 note: restart the device to validate the upgraded boot rom. 3.2.4 configuring a detection interval when detecting an exception on a port, the operation, administration and maintena...
Page 1210
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-5 if you repeatedly insert and remove different subcards or interface cards to create or delete a large amount of logical interface, the interface indexes will be used up, which will...
Page 1211
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-6 table 3-1 traffic forwarding modes supported by s7500e srpus srpu model supported traffic forwarding mode feature recommended application environment enhanced layer 2 forwarding mo...
Page 1213
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-8 note: z the s7500e series ethernet switches support multiple types of lpus, where only ea lpus support working mode configuration. Z the working mode configuration of an lpu does n...
Page 1214
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-9 note: z when the srpu of the s7500e switch is lsq1srp1cb, it is recommended not to modify the default working mode the ea lpus as other modes. Z when the srpu of the s7500e switch ...
Page 1215
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-10 note: for pluggable transceivers supported by s7500e series ethernet switches, refer to h3c s7500e series ethernet switches installation manual . Ii. Identifying pluggable transce...
Page 1216
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-11 to do… use the command… remarks display the current alarm information of the pluggable transceiver(s) display transceiver alarm interface [interface-type interface-number ] availa...
Page 1217
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-12 3.4 device management configuration example 3.4.1 remote upgrade configuration example i. Network requirements z device serves as the ftp client. The aaa.App program which include...
Page 1218
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-13 z configuration on device caution: if the size of the flash on the device is not large enough, delete the original application programs from the flash before downloading. # enter ...
Page 1219
Operation manual – system maintaining and debugging h3c s7500e series ethernet switches chapter 3 device management 3-14 # when the srpus of the device work in the active-standby mode, you need to upgrade the program of the standby srpu, specify it as the application program for the next boot, and u...
Page 1220: Table of Contents
Operation manual – ha h3c s7500e series ethernet switches table of contents i table of contents chapter 1 vrrp configuration .................................................................................................... 1-1 1.1 introduction to vrrp ................................................
Page 1221
Operation manual – ha h3c s7500e series ethernet switches table of contents ii 2.3 displaying and maintaining ha.......................................................................................... 2-2.
Page 1222
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-1 chapter 1 vrrp configuration when configuring vrrp, go to these sections for information you are interested in: z introduction to vrrp z configuring vrrp for ipv4 z configuring vrrp for ipv6 z ipv4-based vrrp ...
Page 1223
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-2 apparently, this approach to enabling hosts on a network to communicate with external networks is easy to configure but it imposes a very high requirement of performance stability on the device acting as the g...
Page 1224
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-3 host a host b host c switch a switch b switch c virtual router network figure 1-2 network diagram for vrrp as shown in figure 1-2 , switch a, switch b, and switch c form a virtual router, which has its own ip ...
Page 1225
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-4 ii. Working mode a switch in a standby group can work in one of the following two modes: z non-preemption mode once a switch in the standby group becomes the master, it stays as the master as long as it operat...
Page 1226
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-5 ii. Vrrp preemption delay timer in an unstable network, a backup switch may fail to receive the packets from the master switch due to network congestion, thus causing the members in the group to change their s...
Page 1227
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-6 z ip address: virtual ip address entry of the standby group. The allowed number is given by the count ip addrs field. Z authentication data: authentication key. Currently, this field is used only for simple au...
Page 1228
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-7 z authentication data: authentication key. Currently, this field is used only for simple authentication and is 0 for any other authentication modes. 1.1.5 principles of vrrp z with vrrp enabled, the switches d...
Page 1229
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-8 figure 1-5 vrrp in master/backup mode at the beginning, switch a is the master and therefore can forward packets to external networks, while switch b and switch c are backups and are thus in the state of liste...
Page 1230
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-9 host a host b host c switch a backup switch b backup switch c master virtual router 2 virtual router 3 virtual router 1 master backup backup backup master backup network figure 1-6 vrrp in load balancing mode ...
Page 1231
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-10 task remarks configuring standby group priority, preemption mode and interface tracking optional configuring vrrp packet attributes optional 1.2.2 enabling users to ping virtual ip addresses you can configure...
Page 1232
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-11 z virtual ip address is associated with real mac address of the interface when an ip address owner exists in a standby group, if you associate the virtual ip address with the virtual mac address, two mac addr...
Page 1233
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-12 to do… use the command… remarks enter system view system-view — enter the specified interface view interface interface-type interface-number — create standby group and configure virtual ip address of the stan...
Page 1234
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-13 ii. Configuration procedure by configuring switch priority, preemption mode and interface tracking, you can decide which switch in the standby group serves as the master. Follow these steps to configure stand...
Page 1235
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-14 to do… use the command… remarks enter system view system-view — enter the specified interface view interface interface-type interface-number — configure the authentication mode and authentication key when the...
Page 1236
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-15 1.3 configuring vrrp for ipv6 1.3.1 vrrp for ipv6 configuration task list complete these tasks to configure vrrp for ipv6: task remarks enabling users to ping virtual ipv6 addresses optional configuring the a...
Page 1237
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-16 1.3.3 configuring the association between virtual ipv6 address and mac address after the virtual ipv6 address of a standup group is associated with the mac address, the master switch takes the configured mac ...
Page 1238
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-17 1.3.4 creating standby group and configuring virtual ipv6 address you need to configure a virtual ipv6 address for a standby group when creating the standby group. A vrrp standby group is created automaticall...
Page 1239
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-18 1.3.5 configuring standby group priority, preemption mode and interface tracking i. Configuration prerequisites before configuring these features, you should first create the standby group and configure the v...
Page 1240
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-19 1.3.6 configuring vrrp packet attributes i. Configuration prerequisites before configuring the relevant attributes of vrrp packets, you should first create the standby group and configure the virtual ipv6 add...
Page 1241
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-20 1.4 ipv4-based vrrp configuration examples this section provides these configuration examples: z single vrrp standby group configuration example z vrrp interface tracking configuration example z multiple vrrp...
Page 1242
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-21 [switcha-vlan-interface2] ip address 202.38.160.1 255.255.255.0 # create standby group 1 and set its virtual ip address to be 202.38.160.111. [switcha-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # ...
Page 1243
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-22 ipv4 standby information: run method : virtual-mac virtual ip ping : enable interface : vlan-interface2 vrid : 1 adver. Timer : 1 admin status : up state : backup config pri : 100 run pri : 100 preempt mode :...
Page 1244
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-23 internet is not available, packets sent from host a to host b are forwarded by switch b. Ii. Network diagram host a switch a switch b virtual ip address: 202.38.160.111/24 vlan-int2 202.38.160.1/24 vlan-int2 ...
Page 1245
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-24 2) configure switch b # configure vlan 2. System-view [switchb] vlan 2 [switchb-vlan2] port gigabitethernet 2/0/5 [switchb-vlan2] quit [switchb] interface vlan-interface 2 [switchb-vlan-interface2] ip address...
Page 1246
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-25 vrid : 1 adver. Timer : 5 admin status : up state : backup config pri : 100 run pri : 100 preempt mode : yes delay time : 0 auth type : simple text key : hello virtual ip : 202.38.160.111 master ip : 202.38.1...
Page 1247
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-26 master ip : 202.38.160.2 the above information indicates that if vlan-interface 3 on switch a is not available, the priority of switch a is reduced to 80 and it becomes the backup. Switch b becomes the master...
Page 1248
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-27 [switcha-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # configure the priority of switch a in standby group 1 to 110. [switcha-vlan-interface2] vrrp vrid 1 priority 110 # create a standby group 2 an...
Page 1249
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-28 config pri : 100 run pri : 100 preempt mode : yes delay time : 0 auth type : none virtual ip : 202.38.160.112 master ip : 202.38.160.2 # display detailed information of the standby group on switch b. [switchb...
Page 1250
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-29 1.5.1 single vrrp standby group configuration example i. Network requirements z host a needs to access host b on the internet, using fe80::10 as its default gateway. Z switch a and switch b belong to standby ...
Page 1251
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-30 [switcha-vlan-interface2] vrrp ipv6 vrid 1 priority 110 # set switch a to work in preemption mode. [switcha-vlan-interface2] vrrp ipv6 vrid 1 preempt-mode # enable switch a to send ra messages. [switcha-vlan-...
Page 1252
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-31 virtual ip ping : enable interface : vlan-interface2 vrid : 1 adver. Timer : 100 admin status : up state : backup config pri : 100 run pri : 100 preempt mode : yes delay time : 0 auth type : none virtual ip :...
Page 1253
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-32 ii. Network diagram host a switch a switch b virtual ipv6 address: fe80::10 vlan-int2 fe80::1 vlan-int2 fe80::2 host b gateway: fe80::10 vlan-int3 internet figure 1-11 network diagram for vrrp interface track...
Page 1254
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-33 [switcha-vlan-interface2] vrrp ipv6 vrid 1 track interface vlan-interface 3 reduced 30 2) configure switch b # configure vlan 2. System-view [switchb] ipv6 [switchb] vlan 2 [switchb-vlan2] port gigabitetherne...
Page 1255
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-34 # display detailed information of standby group 1 on switch b. [switchb-vlan-interface2] display vrrp ipv6 verbose ipv6 standby information: run method : virtual-mac virtual ip ping : enable interface : vlan-...
Page 1256
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-35 admin status : up state : master config pri : 100 run pri : 100 preempt mode : yes delay time : 5 auth type : simple text key : hello virtual ip : fe80::10 virtual mac : 0000-5e00-0201 master ip : fe80::2 the...
Page 1257
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-36 [switcha] vlan 2 [switcha-vlan2] port gigabitethernet 2/0/5 [switcha-vlan2] quit [switcha] interface vlan-interface 2 [switcha-vlan-interface2] ipv6 address fe80::1 link-local [switcha-vlan-interface2] ipv6 a...
Page 1258
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-37 preempt mode : yes delay time : 0 auth type : none virtual ip : fe80::10 virtual mac : 0000-5e00-0201 master ip : fe80::1 interface : vlan-interface2 vrid : 2 adver. Timer : 100 admin status : up state : back...
Page 1259
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-38 the above information indicates that in standby group 1 switch a is the master, switch b is the backup and the host with the default gateway of fe80::10 accesses the internet through switch a; in standby grou...
Page 1260
Operation manual – ha h3c s7500e series ethernet switches chapter 1 vrrp configuration 1-39 the vrrp advertisement interval is set too short. Solution : increase the interval to sent vrrp advertisement or introduce a preemption delay..
Page 1261: Chapter 2 Ha Configuration
Operation manual – ha h3c s7500e series ethernet switches chapter 2 ha configuration 2-1 chapter 2 ha configuration when configuring ha, go to these sections for information you are interested in: z introduction to ha z configuring ha z displaying and maintaining ha 2.1 introduction to ha high avail...
Page 1262
Operation manual – ha h3c s7500e series ethernet switches chapter 2 ha configuration 2-2 to do… use the command… remarks enable automatic synchronization between the amb and smb slave auto-update config optional enabled by default. Enable the manual switchover between the amb and smb slave switchove...
Page 1263: Table of Contents
Operation manual – ssh h3c s7500e series ethernet switches table of contents i table of contents chapter 1 ssh configuration....................................................................................................... 1-1 1.1 ssh overview.......................................................
Page 1264
Operation manual – ssh h3c s7500e series ethernet switches table of contents ii 2.3.6 terminating the connection to the remote sftp server ...................................... 2-6 2.4 sftp configuration example ..........................................................................................
Page 1265
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-1 chapter 1 ssh configuration when configuring ssh, go to these sections for information you are interested in: z ssh overview z configuring the device as an ssh server z configuring the device as an ssh client ...
Page 1266
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-2 key-based algorithm is usually classified into symmetric key algorithm and asymmetric key algorithm. 1.1.2 asymmetric key algorithm asymmetric key algorithm means that a key pair exists at both ends. The key p...
Page 1267
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-3 protocol version number, while the software version number is used for debugging. Z the client receives and resolves the packet. If the protocol version of the server is lower but supportable, the client uses ...
Page 1268
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-4 z the server authenticates the client. If the authentication fails, the server informs the client by sending a message, which includes a list of available methods for re-authentication. Z the client selects a ...
Page 1269
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-5 v. Interactive session in this stage, the server and the client exchanges data in this way: z the client encrypts and sends the command to be executed to the server. Z the server decrypts and executes the comm...
Page 1270
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-6 1.2.2 enabling ssh server follow these steps to enable ssh server: to do… use the command… remarks enter system view system-view — enable the ssh server function ssh server enable required disabled by default ...
Page 1271
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-7 1.2.4 configuring rsa keys i. Creating the rsa key pair for successful ssh login, you must create the rsa key pair first. Follow these steps to create an rsa key pair: to do… use the command… remarks enter sys...
Page 1272
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-8 1.2.5 configuring a client public key note: this configuration task is only necessary for ssh users using publickey authentication. For an ssh user that uses publickey authentication to login, the server must ...
Page 1273
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-9 to do… use the command… remarks return from public key code view to public key view public-key-code end — when you exit public key code view, the system automatically saves the public key. Return from public k...
Page 1274
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-10 caution: z after passing aaa authentication, an aaa user without ssh user account still can log on to the server using password authentication and stelnet or sftp service. Z an ssh server supports up to 1024 ...
Page 1275
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-11 z setting the ssh user authentication timeout period z setting the maximum number of ssh authentication attempts setting the above parameters can help avoid malicious guess at and cracking of the keys and use...
Page 1276
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-12 1.3.2 specifying a source ip address/interface for ssh client this configuration task allows you to specify a source ip address or interface for the client to access the ssh server, improving service manageab...
Page 1277
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-13 ii. Disable first-time authentication for successful authentication of an ssh client not supporting first-time authentication, the server host public key must be configured on the client and the public key na...
Page 1278
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-14 to do... Use the command… remarks establish a connection between the ssh client and the ipv4 server, and specify the preferred key exchange algorithm, encryption algorithms, and hmac algorithms for them ssh2 ...
Page 1279
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-15 to do… use the command… remarks display the mappings between host public keys and ssh servers saved on a client display ssh server-info available in any view display information about a specified or all ssh u...
Page 1280
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-16 [switch-ui-vty0-4] authentication-mode scheme # enable the user interface to support ssh. [switch-ui-vty0-4] protocol inbound ssh [switch-ui-vty0-4] quit # create local user “client001”, and set the user comm...
Page 1281
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-17 figure 1-3 ssh client configuration interface from the window shown in figure 1-3 , click open. If the connection is normal, you will be prompted to enter the username client001 and password aabbcc. . 1.5.2 w...
Page 1282
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-18 iii. Configuration procedure 1) configure the ssh server # generate an rsa key pair and enable ssh server. System-view [switch] public-key local create rsa [switch] ssh server enable # configure an ip address...
Page 1283
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-19 figure 1-5 generate a client key pair (1) while generating the key pair, you must move the mouse continuously and keep the mouse off the green process bar shown in figure 1-6 . Otherwise, the process bar stop...
Page 1284
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-20 figure 1-6 generate a client key pair (2) after the key pair is generated, click save public key to save the key in a file by entering a file name (key.Pub in this case)..
Page 1285
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-21 figure 1-7 generate a client key pair (3) likewise, to save the private key, click save private key. A warning window pops up to prompt you whether to save the private key without any protection. Click yes an...
Page 1286
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-22 # specify the private key file and establish a connection with the ssh server launch putty.Exe to enter the following interface. In the host name (or ip address) text box, enter the ip address of the server (...
Page 1287
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-23 figure 1-10 ssh client configuration interface (2) from the window shown in figure 1-10 , click open. If the connection is normal, you will be prompted to enter the username client002 to enter the configurati...
Page 1288
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-24 iii. Configuration procedure configure the ssh server # create an rsa key pair and enable the ssh server. System-view [switchb] public-key local create rsa [switchb] ssh server enable # create an ip address f...
Page 1289
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-25 [switcha-pkey-key-code]308201b73082012c06072a8648ce3804013082011f0281810 0d757262c4584c44c211f18bd96e5f0 [switcha-pkey-key-code]61c4f0a423f7fe6b6b85b34cef72ce14a0d3a5222fe08cece 65be6c265854889dc1edbd13ec8b27...
Page 1290
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-26 1.6.2 when using publickey authentication i. Network requirements z as shown in figure 1-12 , switch a (the ssh client) needs to log on to switch b (the ssh server) through ssh protocol. Z publickey authentic...
Page 1291
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-27 note: before performing the following tasks, you must generate an rsa key pair (using the client software) on the client, save the public key in a file named key.Pub, and then upload the file to the ssh serve...
Page 1292
Operation manual – ssh h3c s7500e series ethernet switches chapter 1 ssh configuration 1-28 the server is not authenticated. Continue? [y/n]:y do you want to save the server public key? [y/n]:n ***************************************************************** * copyright (c) 2004-2007 hangzhou h3c t...
Page 1293: Chapter 2 Sftp Service
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-1 chapter 2 sftp service when configuring sftp, go to these sections for information you are interested in: z sftp overview z configuring an sftp server z configuring an sftp client z sftp configuration example 2.1 s...
Page 1294
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-2 note: when the device functions as the sftp server, only one client can access the sftp server at a time. If the sftp client uses winscp, a file on the server cannot be modified directly; it can only be downloaded ...
Page 1295
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-3 2.3.2 establishing a connection to the sftp server this configuration task is to enable the sftp client to establish a connection with the remote sftp server and enter sftp client view. Follow these steps to enable...
Page 1299
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-7 ii. Network diagram figure 2-1 network diagram for sftp configuration iii. Configuration procedure configure the sftp server (switch b) # generate an rsa key pair and enable ssh server. System-view [switchb] public...
Page 1300
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-8 note: if you set the ssh authentication method to publickey, you need to configure the host public key of switcha. For the specific configuration, refer to when using publickey authentication . # enable the sftp se...
Page 1301
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-9 this operation may take a long time.Please wait... File successfully removed sftp-client> dir -rwxrwxrwx 1 noone nogroup 1759 aug 23 06:52 config.Cfg -rwxrwxrwx 1 noone nogroup 225 aug 24 08:01 pubkey2 -rwxrwxrwx 1...
Page 1302
Operation manual – ssh h3c s7500e series ethernet switches chapter 2 sftp service 2-10 -rwxrwxrwx 1 noone nogroup 225 aug 24 08:01 pubkey2 -rwxrwxrwx 1 noone nogroup 283 aug 24 07:39 pubkey1 drwxrwxrwx 1 noone nogroup 0 sep 01 06:22 new drwxrwxrwx 1 noone nogroup 0 sep 02 06:33 new2 -rwxrwxrwx 1 noo...
Page 1303: Table of Contents
Operation manual – poe h3c s7500e series ethernet switches table of contents i table of contents chapter 1 poe configuration ....................................................................................................... 1-1 1.1 poe overview .....................................................
Page 1304
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-1 chapter 1 poe configuration when configuring poe, go to these sections for information you are interested in: z poe overview z poe configuration task list z configuring the poe power z configuring the pse z co...
Page 1305
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-2 z pse pse is a card or subcard. Pse manages its own poe interfaces independently. Pse examines the ethernet cables connected to poe interfaces, searches for the devices, classifies them, and supplies power to ...
Page 1306
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-3 1.3 configuring the poe power the maximum poe power refers to the maximum power that the device can provide for all pses. To avoid a power failure to the pse owing to overload, the sum of the power consumption...
Page 1307
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-4 usually, you can adopt the command line to configure a single poe interface, and adopt a poe configuration file to configure multiple poe interfaces at the same time. Caution: you can adopt either mode to conf...
Page 1308
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-5 to do… use the command… remarks configure a description for the pd connected to the poe interface poe pd-description string optional by default, no description for the pd connected to the poe interface is avai...
Page 1309
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-6 caution: z after a poe configuration file is applied to a poe interface, other poe configuration files can not take effect on this poe interface. Z if a poe configuration file is already applied to a poe inter...
Page 1310
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-7 pse will preempt the power of the pse with a lower priority level. In the latter case, the pse whose power is preempted will be disconnected, but its configuration will remain unchanged. After you change the p...
Page 1311
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-8 note: if the sudden increase of the power of the pd results in pse power overload, power supply to the pd on the poe interface with a lower priority will be stopped. If the guaranteed remaining pse power (powe...
Page 1312
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-9 z monitoring poe power means monitoring the voltage of the poe power. Z when the current power utilization of the pse is above or below the alarm threshold for the first time, the system will send a trap messa...
Page 1313
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-10 1.8 upgrading pse processing software online you can upgrade the pse processing software online in either of the following two modes: z refresh mode this mode enables you to update the pse processing software...
Page 1314
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-11 1.10 displaying and maintaining poe to do… use the command… remarks display the mapping between id, module, and slot of all pses. Display poe device display the power state and information of the specified po...
Page 1315
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-12 1.11 poe configuration example i. Network requirements z the device is equipped with two poe-supporting cards, which are inserted in slot 3 and slot 5 respectively. The pse ids are 10 and 16. Z allocate 400 w...
Page 1316
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-13 [sysname] interface gigabitethernet 3/0/2 [sysname-gigabitethernet3/0/2] poe enable [sysname-gigabitethernet3/0/2] quit [sysname] interface gigabitethernet 5/0/1 [sysname-gigabitethernet5/0/1] poe enable [sys...
Page 1317
Operation manual – poe h3c s7500e series ethernet switches chapter 1 poe configuration 1-14 solution : z in the first case, you can solve the problem by removing the original configurations of those configurations. Z in the second case, you need to modify some configurations in the poe configuration...
Page 1318: Table of Contents
Operation manual – rrpp h3c s7500e series ethernet switches table of contents i table of contents chapter 1 rrpp configuration .................................................................................................... 1-1 1.1 rrpp overview......................................................
Page 1319
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-1 chapter 1 rrpp configuration when configuring rrpp, go to these sections for information you are interested in: z rrpp overview z rrpp configuration task list z configuring master node z configuring transit ...
Page 1320
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-2 i. Rrpp domain the interconnected devices with the same domain id and control vlans constitute an rrpp domain. An rrpp domain contains multiple rrpp rings, in which one ring serves as the primary ring and ot...
Page 1321
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-3 primary ring and an assistant-edge node on the subring. This node is used in conjunction with the edge node to detect the integrity of the primary ring and perform loop guard. As shown in figure 1-1 , ring 1...
Page 1322
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-4 z the hello timer is used for the primary port to send health packets. Z the fail timer is used for the secondary port to receive health packets from the master node. If the secondary port receives the healt...
Page 1323
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-5 1.1.3 typical rrpp networking here are several typical networking applications. I. Single ring device a device b device c device d master node transit node domain 1 ring 1 transit node transit node figure 1-...
Page 1324
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-6 iii. Single-domain intersecting rings figure 1-4 single-domain intersecting rings there are two or more rings in the network topology and two common nodes between rings. In this case, you only need to define...
Page 1325
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-7 1.1.4 how rrpp works i. Polling mechanism the primary port of the master node sends health packets across the control vlan periodically. Z if the ring works properly, the secondary port of the master node wi...
Page 1326
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-8 1.1.5 protocols and standards related standard: rfc 3619. 1.2 rrpp configuration task list complete the following tasks to configure rrpp task description configuring master node required configuring transit...
Page 1327
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-9 note: z if you need to transparently transmit rrpp packets on a device without enabling rrpp, you should ensure only the two ports accessing an rrpp ring permits the packets of the control vlan. Otherwise, t...
Page 1328
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-10 to do… use the command… remarks enable rrpp rrpp enable required by default, rrpp is disabled. Caution: z the control vlan configured for an rrpp domain must be a new one. Z control vlan configuration is re...
Page 1329
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-11 1.4 configuring transit node 1.4.1 configuration procedure follow these steps to configure transit node: to do… use the command… remarks enter system view system-view — create an rrpp domain and enter its v...
Page 1330
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-12 z specify the device as the transit node of primary ring 1 in rrpp domain 1, gigabitethernet 3/0/1 as the primary port and gigabitethernet 3/0/2 as the secondary port. Ii. Configuration procedure system-vie...
Page 1331
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-13 to do… use the command… remarks enable the primary ring ring ring-id enable required by default, the rrpp ring is disabled. Enable the subring ring ring-id enable required by default, the rrpp ring is disab...
Page 1332
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-14 [sysname-gigabitethernet3/0/1] link-delay 0 [sysname-gigabitethernet3/0/1] quit [sysname] interface gigabitethernet 3/0/2 [sysname-gigabitethernet3/0/2] link-delay 0 [sysname-gigabitethernet3/0/2] quit [sys...
Page 1333
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-15 to do… use the command… remarks enable the primary ring ring ring-id enable required by default, the rrpp ring is disabled. Enable the subring ring ring-id enable required by default, the rrpp ring is disab...
Page 1334
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-16 [sysname-gigabitethernet3/0/1] link-delay 0 [sysname-gigabitethernet3/0/1] quit [sysname] interface gigabitethernet 3/0/2 [sysname-gigabitethernet3/0/2] link-delay 0 [sysname-gigabitethernet3/0/2] quit [sys...
Page 1335
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-17 1.8.1 configuring single ring topology i. Networking requirements z device a, device b, device c and device d constitute rrpp domain 1; z specify the control vlan of rrpp domain 1 as vlan 4092; z device a, ...
Page 1336
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-18 [devicea-gigabitethernet3/0/1] link-delay 0 [devicea-gigabitethernet3/0/1] quit [devicea] interface gigabitethernet 3/0/2 [devicea-gigabitethernet3/0/2] link-delay 0 [devicea-gigabitethernet3/0/2] quit [dev...
Page 1337
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-19 4) perform the following configuration on device d: system-view [deviced] interface gigabitethernet 3/0/1 [deviced-gigabitethernet3/0/1] link-delay 0 [deviced-gigabitethernet3/0/1] quit [deviced] interface ...
Page 1338
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-20 figure 1-7 networking diagram for single-domain intersecting rings configuration ii. Configuration considerations first, determine the primary ring and subring in an rrpp domain, node mode of a device on ea...
Page 1339
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-21 [device a] rrpp enable 2) perform the following configuration on device b: system-view [deviceb] interface gigabitethernet 3/0/1 [deviceb-gigabitethernet3/0/1] link-delay 0 [deviceb-gigabitethernet3/0/1] qu...
Page 1340
Operation manual – rrpp h3c s7500e series ethernet switches chapter 1 rrpp configuration 1-22 [device c] rrpp enable 4) perform the following configuration on device d: system-view [deviced] interface gigabitethernet 3/0/1 [deviced-gigabitethernet3/0/1] link-delay 0 [deviced-gigabitethernet3/0/1] qu...
Page 1341: Table of Contents
Operation manual – appendix h3c s7500e series ethernet switches table of contents i table of contents appendix a acronyms ..................................................................................................................A-1.
Page 1342: Appendix A Acronyms
Operation manual – appendix h3c s7500e series ethernet switches appendix a acronyms a-1 appendix a acronyms a aaa authentication, authorization and accounting abr area border router acl access control list arp address resolution protocol as autonomous system asbr autonomous system border router b bd...
Page 1343
Operation manual – appendix h3c s7500e series ethernet switches appendix a acronyms a-2 icmp internet control message protocol igmp internet group management protocol igp interior gateway protocol ip internet protocol l lsa link state advertisement lsdb link state database m mac medium access contro...
Page 1344
Operation manual – appendix h3c s7500e series ethernet switches appendix a acronyms a-3 t tcp/ip transmission control protocol/ internet protocol tftp trivial file transfer protocol tos type of service ttl time to live u udp user datagram protocol v vlan virtual lan vod video on demand vrrp virtual ...