DL manuals
H3C
Switch
S5820V2 series
Command Reference Manual

H3C S5820V2 series Command Reference Manual

Other manuals for S5820V2 series: Configuration Manual, Security Configuration Manual, Command reference manual

Page of 137

Download

Print this page

Bookmark us

H3C S5830V2 & S5820V2 Switch Series

Network Management and Monitoring

Command Reference

Hangzhou H3C Technologies Co., Ltd.

http://www.h3c.com

Software version: Release2108

Document version: 6W101-20120531

1 2 3 4 5 6 7 Next › »

Summary of S5820V2 series

Page 1
H3c s5830v2 & s5820v2 switch series network management and monitoring command reference hangzhou h3c technologies co., ltd. Http://www.H3c.Com software version: release2108 document version: 6w101-20120531.
Page 2
Copyright © 2012, hangzhou h3c technologies co., ltd. And its licensors all rights reserved no part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of hangzhou h3c technologies co., ltd. Trademarks h3c, , aolynk, , h 3 care, , top g, , irf, n...
Page 3
Preface the h3c s5830v2 & s5820v2 documentation set includes 10 command references, which describe the commands and command syntax options available for the h3c s5830v2 & s5820v2 switch series. The network management and monitoring command reference describes network management and monitoring config...
Page 4
Conventions this section describes the conventions used in this documentation set. Command conventions convention description boldface bold text represents commands and keywords that you enter literally as shown. Italic italic text represents arguments that you replace with actual values. [ ] square...
Page 5
About the h3c s5830v2 & s5820v2 documentation set the h3c s5830v2&s5820v2 documentation set includes: category documents purposes hardware specifications and installation compliance and safety manual provides regulatory information and the safety instructions that must be followed during installatio...
Page 6
I contents ping, tracert, and system debugging commands ······································································································· 1 debugging ································································································································...
Page 7
Ii sntp authentication-keyid ······································································································································ 65 sntp ipv6 unicast-server ············································································································...
Page 10
2 syntax display debugging[ module-name ] views any view predefined user roles network-admin network-operator parameters module-name: displays the debugging settings of the specified module. To display the current module name, use the display debugging ? Command. Examples # display all enabled debug...
Page 11
3 table 1 output description field description the statistics about memory is measured in kb: memory statistics, in kb slot id of the irf member device mem memory usage information total size of the physical memory used size of the physical memory used free size of the free physical memory shared to...
Page 12
4 parent jid: 0 parent pid: 0 executable path: /sbin/scmd instance: 0 respawn: off respawn count: 1 max. Spawns per minute: 0 last started: wed jun 1 14:45:46 2011 process state: sleeping max. Core: 0 args: - tid last_cpu stack pri state hh:mm:ss:mesc name 1 0 0k 120 s 0:0:5:220 scmd table 2 output ...
Page 13
5 field description args command-line arguments passed to the process. If no arguments pass, the hyphen (-) displays. Tid thread id. Last_cpu cpu where the process is located in the last assignment. Stack stack size. Pri thread priority. State thread state: • r—in running state or waiting in the que...
Page 14
6 table 3 output description field description jid job id that uniquely identifies a process. It remains the same even if the process restarts. User username. %cpu cpu usage in percentage. %mem memory usage in percentage. Stat process state: • r—in running state or waiting in the queue. • s—in inter...
Page 15
7 5 0.0% 0.0% 0.0% [events/0] 6 0.0% 0.0% 0.0% [khelper] 29 0.0% 0.0% 0.0% [kblockd/0] 49 0.0% 0.0% 0.0% [vzmond] 52 0.0% 0.0% 0.0% [pdflush] 53 0.0% 0.0% 0.0% [pdflush] 54 0.0% 0.0% 0.0% [kswapd0] 110 0.0% 0.0% 0.0% [aio/0] 712 0.0% 0.0% 0.0% [mtdblockd] 719 0.0% 0.0% 0.0% [tnetjob] 720 0.0% 0.0% 0...
Page 16
8 examples # display log information about all processes. Display process log name jid pid normal-exit core start-time end-time pkeyinit 832 832 y n 2010-12-20 09:45:45 2010-12-20 09:45:45 knphase2 837 837 y n 2010-12-20 09:45:45 2010-12-20 09:45:45 pkgm 834 834 y n 2010-12-20 09:45:45 2010-12-20 09...
Page 17
9 parameters slot slot-number: specifies an irf member device id. If this option is not specified, the command displays state information about processes on the master device. Usage guidelines when the process starts, it requests text, data, stack, and dynamic memories, where: • text memory stores t...
Page 18
10 display process memory heap use the display process memory heap command to display the heap memory statistics for a specified process. Syntax display process memory heap job job-id [ verbose ][ slot slot-number ] views any view predefined user roles network-admin network-operator parameters job j...
Page 19
11 summary: total virtual memory heap space (in bytes) : 2293760 total physical memory heap space (in bytes) : 58368 total allocated memory (in bytes) : 42368 the output shows that job 48 is allocated with 60 blocks each with a size of 16 bytes (52 already used and 8 available), 1265 blocks each wit...
Page 20
12 slot slot-number: specifies an irf member device id. If this option is not specified, the command displays state information about processes on the master device. Usage guidelines when the process runs abnormally, use this command to diagnose and locate the failures. Examples # display the memory...
Page 21
13 usage guidelines the address displayed using this command is in hexadecimal form. Using this address and the display process memory heap address command, you can check the memory information about the address. Examples # display addresses of memory blocks with a size of 16 bytes used by job 1. Di...
Page 22
14 slot slot-number: specifies an irf member device id. If this option is not specified, the command displays state information about processes on the master device. Usage guidelines if the keyword dumbtty is not specified, the statistics is displayed in interactive mode: • the system automatically ...
Page 23
15 4 4 115 s 0 0k 00:00:06 0.00% [ksoftirqd/0] 5 5 99 s 0 0k 00:00:00 0.00% [watchdog/0] 6 6 115 s 0 0k 00:00:01 0.00% [events/0] 7 7 115 s 0 0k 00:00:00 0.00% [khelper] 4797 4797 120 s 8 28832k 00:00:02 0.00% comsh 5117 5117 120 s 8 1496k 00:00:00 0.00% top # display the process statistics as if on...
Page 24
16 2 2 115 s 0 0k 00:00:00 0.00% [kthreadd] 3 3 99 s 0 0k 00:00:00 0.00% [migration/0] 4 4 115 s 0 0k 00:00:06 0.00% [ksoftirqd/0] 5 5 99 s 0 0k 00:00:00 0.00% [watchdog/0] 7 7 115 s 0 0k 00:00:00 0.00% [khelper] 4796 4796 120 s 11 2744k 00:00:00 0.00% login 4797 4797 120 s 8 28832k 00:00:03 0.00% c...
Page 25
17 thread states: 2 running, 111 sleeping, 0 stopped, 0 zombie cpu states: 86.57% idle, 0.83% user, 11.74% kernel, 0.83% interrupt memory: 755m total, 414m available, page size 4k jid pid pri state fds mem hh:mm:ss cpu name 864 864 120 s 24 27020k 00:00:43 8.95% syslogd 1173 1173 120 r 24 2664k 00:0...
Page 26
18 field description memory memory state, in kb: • total memory. • memory available. • page size. Jid job id that uniquely identifies a process. It remains the same even if the process restarts . Pid process id. Pri process priority. State process state: • r—in running state or waiting in the queue....
Page 27
19 slot slot-number: specifies an irf member device id. If this option is not specified, the command displays state information about processes on the master device. Usage guidelines if the keyword dumbtty is not specified, the statistics are displayed in interactive mode: • the system automatically...
Page 28
20 cpu states: 94.43% idle, 0.76% user, 3.64% kernel, 1.15% interrupt memory: 755m total, 417m available, page size 4k jid tid last_cpu pri state hh:mm:ss max cpu name 1176 1176 0 120 r 00:00:01 1 3.42% top 866 866 0 120 s 00:00:12 1 0.85% devd 881 881 0 120 s 00:00:09 1 0.64% diagd 1 1 0 120 s 00:0...
Page 29
21 1176 1176 0 120 r 00:00:04 1 1.86% top 866 866 0 120 s 00:00:14 1 0.87% devd 1 1 0 120 s 00:00:07 1 0.49% scmd 730 730 0 0 s 00:00:04 1 0.12% [dibc] 762 762 0 120 s 00:00:22 1 0.12% [mnet] # enter q to exit the interactive mode. Table 11 output description field description 84 processes; 107 thre...
Page 31
23 -v: displays non icmp echo reply received. If this keyword is not specified, the system does not display non icmp echo reply. -vpn-instance vpn-instance-name: specifies the mpls l3vpn to which the destination belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If th...
Page 32
24 ping 1.1.2.2 (1.1.2.2): 56 data bytes 56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=4.685 ms rr: 1.1.2.1 1.1.2.2 1.1.1.2 1.1.1.1 56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=4.834 ms (same route) 56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=4.770 ms (same route) 56 bytes from 1.1.2.2: icmp_s...
Page 34
26 56 bytes from 2001::2, icmp_seq=1 hlim=64 time=23.000 ms 56 bytes from 2001::2, icmp_seq=2 hlim=64 time=20.000 ms 56 bytes from 2001::2, icmp_seq=3 hlim=64 time=4.000 ms 56 bytes from 2001::2, icmp_seq=4 hlim=64 time=16.000 ms --- 2001::2 ping6 statistics --- 5 packet(s) transmitted, 5 packet(s) ...
Page 35
27 field description 56 bytes from 2001::2, icmp_seq=1 hlim=64 dst=2001::1 idx=3 time=62.000 ms received the icmpv6 reply from the device whose ipv6 address is 2001::2. • the number of data bytes is 56. • the packet sequence is 1. • the hop limit value is 64. • the destination address is 2001::1 (sp...
Page 36
28 usage guidelines caution: this command is for testing and diagnosis purposes. Manually starting or stopping a process might affect device operation or ongoing services. Before using this command, be sure you fully understand its impact or get help from an h3c engineer. A process stopped by the pr...
Page 37
29 -w timeout: specifies the timeout time of the reply packet of a probe packet. The timeout argument is in the range of 1 to 65535 milliseconds. The default value is 5000 milliseconds. Host: ip address or host name (a string of 1 to 255 characters) for the destination. Usage guidelines after having...
Page 38
30 field description mpls label=100048 exp=0 ttl=1 s=1 icmp timeout packets on an mpls network, carrying mpls label information: • label—label value that is used to identify a forwarding equivalence class (fec). • exp—reserved, usually used for class of service (cos). • ttl—ttl value. • s—mpls suppo...
Page 39
31 icmp error message (probably because the destination is unreachable or sending icmp timeout/destination unreachable packets is disabled). To abort the tracert operation during the execution of the command, press ctrl+c. Examples # display the path the packets traverse from source to destination w...
Page 40
32 ntp commands display ntp-service ipv6 sessions use the display ntp-service ipv6 sessions command to display information about all ipv6 ntp associations. Syntax display ntp-service ipv6 sessions [ verbose ] views any view predefined user roles network-admin network-operator parameters verbose: dis...
Page 41
33 field description reference reference clock id of the ntp server • if the reference clock is the local clock, the value of this field is related to the value of the clock stratum field: { when the value of the clock stratum field is 0 or 1, this field is displayed as "local." { when the clock str...
Page 42
34 xmttime: 00000000.00000000 thu, feb 7 2036 6:28:16.000 roundtrip delay samples: 0.000 0.000 0.000 0.000 0.000 0.000 0.000 0.000 offset samples: 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 filter order: 0 1 2 3 4 5 6 7 total sessions: 1 table 17 output description field description clock source ipv6 a...
Page 43
35 field description local mode operation mode of the local device: • unspec—the mode is unspecified. • sym_active—active mode. • sym_passive—passive mode. • client—client mode. • server—server mode. • broadcast—broadcast or multicast server mode. • bclient—broadcast or multicast client mode. Local ...
Page 44
36 field description xmttime transmit timestamp in the ntp message filter order dispersion information reference clock status status of the local clock. The field is displayed only when you use the ntp-service refclock-master command to set the local clock as a reference clock. When the reach field ...
Page 45
37 table 18 output description field description source • when the reference clock is the local clock, the field is displayed as local(number), which indicates that the ip address of the local clock is 127.127.1.Number, where number represents the ntp process number in the range of 0 to 3. • when th...
Page 46
38 clock stratum: 2 clock status: configured, master, sane, valid reference clock id: 127.127.1.0 vpn instance: not specified local mode: client, local poll interval: 6 peer mode: server, peer poll interval: 6 offset: 0.2862ms, roundtrip delay: 3.2653ms, dispersion: 4.5166ms root roundtrip delay: 0....
Page 47
39 field description reference clock id reference clock id of the ntp server. • if the reference clock is the local clock, the value of this field is related to the value of the clock stratum field: { when the value of the clock stratum field is 0 or 1, this field is displayed as "locl." { when the ...
Page 48
40 field description sync distance synchronization distance relative to the upper-level clock, in seconds, and calculated from dispersion and roundtrip delay values. Precision accuracy of the system clock version ntp version, in the range of 1 to 4. Source interface source interface. If the source i...
Page 49
41 clock precision: 2^-10 root delay: 0.00000 ms root dispersion: 3.96367 ms reference time: d0c5fc32.92c70b1e wed, dec 29 2010 18:28:02.573 # display the ntp service status when time is not synchronized. Display ntp-service status clock status: unsynchronized clock stratum: 16 reference clock id: n...
Page 50
42 field description reference clock id for an ipv4 ntp server: the field represents the ip address of the remote server when the local device is synchronized to a remote ntp server. The field represents the local clock when the local device uses the local clock as a reference source. • when the loc...
Page 51
43 view any view predefined user roles network-admin network-operator examples # display the brief information of each ntp server from the local device back to the primary reference source. Display ntp-service trace server 127.0.0.1 stratum 3, jitter 0.000, synch distance 0.0000. Server 3000::32 str...
Page 52
44 predefined user roles network-admin parameters peer: allows time requests and ntp control queries (such as alarms, authentication status, and time server information) from a peer device and allows the local device to synchronize itself to a peer device. Query: allows only ntp control queries from...
Page 53
45 undo ntp-service authentication enable default ntp authentication is disabled. Views system view predefined user roles network-admin usage guidelines you need to enable ntp authentication in networks that require time synchronization security to make sure that ntp clients are only synchronized to...
Page 54
46 usage guidelines in a network where there is a high security demand, the ntp authentication feature must be enabled for a system running ntp. This feature enhances the network security by means of the client-server key authentication, which prohibits a client from synchronizing to a device that h...
Page 55
47 system-view [sysname] interface vlan-interface 1 [sysname-vlan-interface1] ntp-service broadcast-client related commands ntp-service broadcast-server ntp-service broadcast-server use the ntp-service broadcast-server command to configure the device to operate in ntp broadcast server mode and use t...
Page 56
48 • ntp-service reliable authentication-keyid ntp-service inbound disable use the ntp-service in-interface disable command to disable an interface from receiving ntp messages. Use the undo ntp-service in-interface disable command to restore the default. Syntax ntp-service in-interface disable undo ...
Page 57
49 parameters peer: allows time requests and ntp control queries (such as alarms, authentication status, and time server information) and allows the local device to synchronize itself to a peer device. Query: allows only ntp control queries from a peer device to the local device. Server: allows time...
Page 58
50 default all interfaces are enabled to receive ipv6 ntp messages. Views interface view predefined user roles network-admin usage guidelines to disable an interface on the device from synchronizing the peer devices in the corresponding subnet or disable the device from being synchronized by the pee...
Page 59
51 [sysname-vlan-interface1] ntp-service ipv6 multicast-client ff21::1 related commands ntp-service ipv6 multicast-client ntp-service ipv6 multicast-server use the ntp-service ipv6 multicast-server command to configure the device to operate in ipv6 ntp multicast server mode and use the current inter...
Page 60
52 ntp-service ipv6 source use the ntp-service ipv6 source command to specify the source interface for ipv6 ntp messages. Use the undo ntp-service ipv6 source command to restore the default. Syntax ntp-service ipv6 source interface-type interface-number undo ntp-service ipv6 source default no source...
Page 62
54 related commands • ntp-service authentication enable • ntp-service authentication-keyid • ntp-service reliable authentication-keyid ntp-service ipv6 unicast-server use the ntp-service ipv6 unicast-server command to specify an ipv6 ntp server for the device. Use the undo ntp-service ipv6 unicast-s...
Page 63
55 if you include vpn-instance vpn-instance-name in the undo ntp-service unicast-server command, the command removes the ntp server with the ip address of ip-address in the specified vpn. If you do not include vpn-instance vpn-instance-name in this command, the command removes the ntp server with th...
Page 64
56 related commands display ntp-service sessions ntp-service multicast-client use the ntp-service multicast-client command to configure the device to operate in ntp multicast client mode and use the current interface to receive ntp multicast packets. Use the undo ntp-service multicast-client command...
Page 65
57 default the device does not operate in any ntp association mode. View vlan interface view predefined user roles network-admin parameters ip-address: multicast ip address, in the range of 224.0.1.0 to 224.0.1.255, and defaults to 224.0.1.1. A multicast server and client must be configured with the...
Page 66
58 predefined user roles network-admin parameters ip-address: ip address of the local clock, which is 127.127.1.U, where u is the ntp process id in the range of 0 to 3. If you do not specify ip-address, it defaults to 127.127.1.0. Stratum: stratum level of the local clock, in the range of 1 to 15 an...
Page 67
59 usage guidelines when ntp authentication is enabled, a client can be synchronized only to a server that can provide a trusted authentication key. Before you use the command, make sure that ntp authentication is enabled and an authentication key is configured. The key automatically changes to untr...
Page 68
60 if you do not want the ip address of an interface on the local device to become the destination address for response messages, use this command. • if you have specified the source interface for ntp messages in the ntp-service unicast-server or ntp-service unicast-peer command, the interface speci...
Page 69
61 vpn-instance vpn-instance-name: specifies the mpls l3vpn to which the symmetric-passive peer belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the symmetric-passive peer is on the public network, do not specify this option. Authentication-keyid keyid: specifies...
Page 70
62 predefined user roles network-admin parameters ip-address: ip address of the ntp server. It must be a unicast address, rather than a broadcast address, a multicast address or the ip address of the local clock. Server-name: host name of the ntp server, a case-insensitive string of 1 to 255 charact...
Page 71
63 sntp commands display sntp ipv6 sessions use the display sntp ipv6 sessions command to display information about all ipv6 sntp associations. Syntax display sntp ipv6 sessions views any view predefined user roles network-admin network-operator examples # display brief information about all ipv6 sn...
Page 72
64 syntax display sntp sessions views any view predefined user roles network-admin network-operator examples # display brief information about all sntp associations. Display sntp sessions sntp server stratum version last receive time 1.0.1.11 2 4 tue, may 17 2011 9:11:20.833 (synced) table 23 output...
Page 73
65 usage guidelines you need to enable sntp authentication in networks that require time synchronization security to make sure that sntp clients are only synchronized to authenticated ntp servers. To authenticate an ntp server, set an authentication key and specify it as a trusted key. Examples # en...
Page 74
66 a maximum of 128 keys can be set for the device by repeatedly executing the command. Examples # set an md5 authentication key, with the key id of 10 and key value of betterkey, in simple text. System-view [sysname] sntp authentication enable [sysname] sntp authentication-keyid 10 authentication-m...
Page 75
67 usage guidelines when you specify an ipv6 ntp server for the device, the device is synchronized to the ntp server, but the ntp server is not synchronized to the device. If you include vpn-instance vpn-instance-name in the undo ntp-service unicast-server command, the command removes the ntp server...
Page 76
68 examples # enable ntp authentication, and specify the md5 encryption algorithm, with the key id of 37 and key value of betterkey, in simple text. System-view [sysname] sntp authentication enable [sysname] sntp authentication-keyid 37 authentication-mode md5 simple betterkey # specify this key as ...
Page 77
69 usage guidelines when you specify an ntp server for the device, the device is synchronized to the ntp server, but the ntp server is not synchronized to the device. If you include vpn-instance vpn-instance-name in the undo ntp-service unicast-server command, the command removes the ntp server with...
Page 78
70 information center commands display info-center use the display info-center command to display state information for output destinations. Syntax display info-center views any view predefined user roles network-admin network-operator examples # display state information for output destinations. Di...
Page 79
71 field description monitor monitoring terminal state: • enabled—logs can be output to the monitoring terminal. • disabled—logs cannot be output to the monitoring terminal. Log host: enabled ip address: 192.168.0.1, port number: 5000, host facility: local7 ip address: 192.168.0.2, port number: 5001...
Page 80
72 predefined user roles network-admin network-operator parameters reverse: displays log entries chronologically, with the most recent entry at the top. If this keyword is not specified, the log entries will be displayed chronologically, with the oldest entry at the top. Level severity: displays log...
Page 81
73 the rest is omitted here. Table 26 output description field description log buffer • enabled—logs can be output to the log buffer. • disabled—logs cannot be output to the buffer. Max buffer size maximum capacity of the log buffer. Actual buffer size actual capacity of the log buffer. Dropped mess...
Page 82
74 table 27 output description field description slot id of the irf member device. Emerg represents emergency. For more information, see table 25 . Alert represents alert. For more information, see table 25 . Crit represents critical. For more information, see table 25 . Error represents error. For ...
Page 83
75 info-center enable use the info-center enable command to enable information center. Use the undo info-center enable command to disable information center. Syntax info-center enable undo info-center enable default information center is enabled. Views system view predefined user roles network-admin...
Page 84
76 info-center logbuffer size use the info-center logbuffer size command to set the maximum number of logs that can be stored in a log buffer. Use the undo info-center logbuffer size command to restore the default. Syntax info-center logbuffer [ size buffersize ] undo info-center logbuffer [ size ] ...
Page 85
77 predefined user roles network-admin examples # enable the output of logs to the log file. System-view [sysname] info-center logfile enable info-center logfile frequency use the info-center logfile frequency command to configure the frequency with which the system saves the log file. Use the undo ...
Page 86
78 undo info-center logfile size-quota default the maximum storage space reserved for a log file is 10 mb. Views system view predefined user roles network-admin parameters size: specifies the maximum storage space reserved for a log file, in mb. Usage guidelines the log file has a specific capacity....
Page 87
79 examples # create a directory with the name test under flash root directory. Mkdir test directory flash:/test created. # set the directory to save the log file to flash:/test. System-view [sysname] info-center logfile switch-directory flash:/test related commands info-center logfile enable info-c...
Page 88
80 info-center loghost use the info-center loghost command to specify a log host and to configure the related parameters. Use the undo info-center loghost command to restore the default configurations on a log host. Syntax info-center loghost host-ipv4-address [ port port-number ] [ facility local-n...
Page 89
81 views system view predefined user roles network-admin parameters interface-type interface-number: specifies the egress interface for logs by the interface type and interface number. Usage guidelines after the source ip address of logs is specified, no matter which physical interface is used to ou...
Page 90
82 output destinatio n system informati on source log security log hidden log enabled/ disabled level enabled/ disabled level enabled/ disabled level log host all supported modules enabled informatio nal disabled n/a enabled informatio nal log buffer all supported modules enabled informatio nal disa...
Page 91
83 • after you separately set the output rules for a module, you must use the module-name argument to modify or remove the rules. The new configuration by using the default keyword is invalid on the module. Examples # output vlan module's log information with a severity level of at least emergency t...
Page 92
84 [sysname] display interface ten-gigabitethe after the above information is displayed, you can input rnet to complete your input of the display interface ten-gigabitethernet command, and then press the enter key to execute the command. # enable the synchronous information output function, and then...
Page 93
85 • yyyy: represents the year. None: indicates no time information is provided. Examples # configure the time stamp format for log information as boot. System-view [sysname] info-center timestamp boot related commands info-center timestamp loghost info-center timestamp loghost use the info-center t...
Page 94
86 syntax logfile save views any view predefined user roles 2: system level usage guidelines you can specify the directory to save the security log file with the info-center logfile switch-directory command. All contents in the log file buffer will be cleared after they are successfully saved into t...
Page 95
87 undo terminal logging level default the lowest level of the logs that can be output to the console is 7 (debug), and that of the logs that can be output to the monitor terminal is 6 (informational). Views user view predefined user roles network-admin parameters severity: specifies a log level by ...
Page 96
88 examples # enable the monitoring of logs on the current terminal. Terminal monitor the current terminal is enabled to display logs. Terminal debugging use terminal debugging to enable the display of debugging information on the current terminal (console/monitor terminal). Use undo terminal debugg...
Page 97
89 snmp commands the snmp agent sends notifications (traps and informs) to inform the nms of significant events, such as link state changes and user logins or logouts. Unless otherwise stated, the trap keyword in the command line includes both traps and informs. Display snmp-agent community use the ...
Page 99
91 examples # display information about all snmp groups. Display snmp-agent group group name: groupv3 security model: v3 noauthnopriv readview: viewdefault writeview: notifyview: storage-type: nonvolatile table 30 output description field description group name snmp group name. Security model securi...
Page 100
92 examples # display the local engine id. Display snmp-agent local-engineid snmp local engine id: 800007db7f0000013859 related commands snmp-agent local-engineid display snmp-agent mib-view use the display snmp-agent mib-view command to display mib views. Syntax display snmp-agent mib-view [ exclud...
Page 101
93 subtree mask: storage-type: nonvolatile view type: excluded view status: active view name: viewdefault mib subtree: snmpmodules.18 subtree mask: storage-type: nonvolatile view type: excluded view status: active viewdefault is the default mib view. The output shows that except for the mib objects ...
Page 102
94 parameters ip-address: specifies the ip address of a remote snmp entity to display its snmp engine id. Usage guidelines every snmp agent has one snmp engine to provide services for sending and receiving messages, authenticating and encrypting messages, and controlling access to managed objects. I...
Page 103
95 2 mib objects altered successfully. 7 getrequest-pdu accepted and processed. 7 getnextrequest-pdu accepted and processed. 1653 getbulkrequest-pdu accepted and processed. 1669 getresponse-pdu accepted and processed. 2 setrequest-pdu accepted and processed. 0 trap pdus accepted and processed. 0 alt...
Page 105
97 views any view usage guidelines you can use the snmp-agent trap enable command to enable or disable the notification function of a module. For a module that has sub-modules, the notification function status is enable if the trap function of any of its sub-modules is enabled. Examples # display th...
Page 106
98 group name: mygroupv3 engine id: 800063a203000fe240a1a6 storage-type: nonvolatile userstatus: active username: userv3code group name: groupv3code engine id: 800063a203000fe240a1a6 storage-type: nonvolatile userstatus: active acl: 2001 table 33 output description field description username snmp us...
Page 107
99 syntax snmp-agent undo snmp-agent default snmp agent is disabled. Views system view predefined user roles network-admin usage guidelines the snmp-agent command is optional for an snmp configuration task. The snmp agent is automatically enabled when you perform any command that begins with snmp-ag...
Page 108
100 specified-engineid engineid: uses a user-defined engine id to calculate the encrypted key. The engineid argument specifies an snmp engine id as a hexadecimal string. It must comprise an even number of hexadecimal characters, in the range of 10 to 64. All-zero and all-f strings are invalid. Usage...
Page 109
101 mib-view view-name: specifies the mib view available for the community. The view-name argument represents a mib view name, a string of 1 to 32 characters. A mib view represents a set of accessible mib objects. If no mib view is specified, the specified community can access the mib objects in the...
Page 111
103 you can create up to 20 snmp groups, including snmpv1, snmpv2c, and snmpv3 groups. Examples # create the snmpv3 group group1 and assigns the no authentication, no privacy security model to the group. System-view [sysname] snmp-agent group v3 group1 related commands • display snmp-agent group • s...
Page 113
105 default the system creates the viewdefault view when the snmp agent is enabled. In this default mib view, all mib objects in the iso subtree but the snmpusmmib, snmpvacmmib, and snmpmodules.18 subtrees are accessible. Views system view predefined user roles network-admin parameters excluded: den...
Page 114
106 use the undo snmp-agent packet max-size command to restore the default packet size. Syntax snmp-agent packet max-size byte-count undo snmp-agent packet max-size default the snmp agent can receive and send snmp messages that are up to 1500 bytes long. Views system view predefined user roles netwo...
Page 115
107 usage guidelines to send snmpv3 inform notifications to an nms, you must configure the snmp engine id of the nms on the snmp agent. The nms accepts the snmpv3 inform notifications from the snmp agent only if the engine id in the notifications is the same as its local engine id. You can configure...
Page 116
108 use the undo snmp-agent sys-info location command to restore the default location. Syntax snmp-agent sys-info location sys-location undo snmp-agent sys-info location default the location is hangzhou, china. Views system view predefined user roles network-admin parameters sys-location: specifies ...
Page 117
109 v2c: specifies snmpv2c. V3: specifies snmpv3. Usage guidelines configure the snmp agent with the same snmp version as the nms for successful communications between them. Examples # enable snmpv1 and snmpv3. System-view [sysname] snmp-agent sys-info version v1 v3 related commands display snmp-age...
Page 118
110 params securityname security-string: specifies the authentication parameter. The security-string argument specifies an snmpv1 or snmpv2c community name or an snmpv3 username, a string of 1 to 32 characters. V1: specifies snmpv1. V2c: specifies snmpv2c. V3: specifies snmpv3. • authentication: spe...
Page 119
111 views system view predefined user roles network-admin parameters configuration: specifies configuration notifications. If configuration notifications are enabled, the system checks the running configuration and the startup configuration every 10 minutes for any change and generates a notificatio...
Page 120
112 predefined user roles network-admin parameters seconds: sets a lifetime in seconds, in the range of 1 to 2592000. Usage guidelines when congestion occurs or the target host is not reachable, the snmp agent buffers notifications in a queue. The notification lifetime sets how long a notification c...
Page 123
115 group-name: specifies an snmpv3 group name, a case-sensitive string of 1 to 32 characters. Remote ip-address: specifies the ip address of the remote snmp entity. To send snmpv3 informs to an nms, you must specify the ip address of the nms in the snmp-agent usm-user v3 command and map the ip addr...
Page 124
116 for secrecy, the system always displays the authentication and privacy keys in cipher text. • if you specify the cipher keyword, the system considers the keys as having been encrypted, and displays them as they are. • if you specify the simple keyword, the system considers the keys as in plain t...
Page 125
117 related commands • display snmp-agent usm-user • snmp-agent calculate-password • snmp-agent group.
Page 127
119 table 35 output description field description mirroring group number of the mirroring group type type of the mirroring group: • local • remote source • remote destination status status of the mirroring group: • active • incomplete—the mirroring group is not configured completely and cannot take ...
Page 128
120 mirroring-group mirroring-port (interface view) use the mirroring-group mirroring-port command to configure a source port for a mirroring port. Use the undo mirroring-group mirroring-port command to remove a source port from the mirroring group. Syntax mirroring-group group-id mirroring-port { b...
Page 129
121 related commands mirroring-group mirroring-group mirroring-port (system view) use the mirroring-group mirroring-port command to configure source ports for a mirroring group. Use the undo mirroring-group mirroring-port command to remove source ports from a mirroring group. Syntax mirroring-group ...
Page 130
122 # create remote source group 2, configure ten-gigabitethernet 1/0/2 as a source port of the mirroring group, and configure the mirroring group to monitor the bidirectional traffic of the port. System-view [sysname] mirroring-group 2 remote-source [sysname] mirroring-group 2 mirroring-port ten-gi...
Page 131
123 examples # create remote source group 1, and configure port ten-gigabitethernet 1/0/1 as its egress port in system view. System-view [sysname] mirroring-group 1 remote-source [sysname] mirroring-group 1 monitor-egress ten-gigabitethernet 1/0/1 # create remote source group 2, and configure port t...
Page 132
124 examples # create local mirroring group 1, and configure port ten-gigabitethernet 1/0/1 as its monitor port. System-view [sysname] mirroring-group 1 local [sysname] interface ten-gigabitethernet 1/0/1 [sysname-ten-gigabitethernet1/0/1] mirroring-group 1 monitor-port # create remote destination g...
Page 133
125 use a monitor port only for port mirroring to make sure that the data monitoring device receives and analyzes only the mirrored traffic rather than a mix of mirrored traffic and normally forwarded traffic. Do not configure a port of an existing mirroring group as the monitor port. Examples # cre...
Page 134
126 usage guidelines you can configure reflector ports only for remote source groups but not for local mirroring groups or remote destination groups. Use a port that is not being used on the device as the reflector port and do not connect a network cable to the reflector port. When a port is configu...
Page 135
127 usage guidelines you can configure a remote probe vlan only for a remote source group or remote destination group but not for a local mirroring group. When a vlan is configured as a remote probe vlan, use the remote probe vlan for port mirroring exclusively. The remote mirroring groups on the so...
Page 136
128 index d i l m n p r s t d debugging, 1 display debugging, 1 display info-center, 70 display logbuffer, 71 display logbuffer summary, 73 display logfile summary, 74 display memory, 2 display mirroring-group, 118 display ntp-service ipv6 sessions, 32 display ntp-service sessions, 36 display ntp-se...
Page 137
129 ntp-service multicast-client, 56 ntp-service multicast-server, 56 ntp-service refclock-master, 57 ntp-service reliable authentication-keyid, 58 ntp-service source, 59 ntp-service unicast-peer, 60 ntp-service unicast-server, 61 p ping, 21 ping ipv6, 24 process, 27 r reset logbuffer, 86 s snmp-age...