- DL manuals
- H3C
- Switch
- S9500 Series
- Operation Manual
H3C S9500 Series Operation Manual
Summary of S9500 Series
Page 1
H3c s9500 series routing switches operation manual hangzhou h3c technologies co., ltd. Http://www.H3c.Com manual version: t2-081655-20080530-c-2.03 product version: s9500-cmw520-r2132.
Page 2
Copyright © 2007-2008, hangzhou h3c technologies co., ltd. And its licensors all rights reserved no part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of hangzhou h3c technologies co., ltd. Trademarks h3c, , aolynk, , h 3 care, , top g, , i...
Page 3: About This Manual
About this manual related documentation in addition to this manual, each h3c s9500 series routing switches documentation set includes the following: manual description h3c s9500 series routing switches installation manual it introduces the installation procedure, commissioning, maintenance and monit...
Page 4
Part contents 03 ip routing volume includes ip routing overview, bgp configuration, is-is configuration, ospf configuration, rip configuration, routing policy configuration, static routing configuration, ipv6 bgp configuration, ipv6 is-is configuration, ipv6 ospfv3 configuration, ipv6 ripng configur...
Page 6
Iii. Symbols convention description warning means reader be extremely careful. Improper operation may cause bodily injury. Caution means reader be careful. Improper operation may cause data loss or damage to equipment. Note means a complementary description..
Page 7
Operation manual h3c s9500 series routing switches ip services volume organization manual version t2-081655-20080530-c-2.03 product version s9500-cmw520-r2132 organization the ip services volume is organized as follows: features (operation manual) description arp address resolution protocol (arp) is...
Page 8
Operation manual h3c s9500 series routing switches ip services volume organization features (operation manual) description udp helper udp helper functions as a relay agent that converts udp broadcast packets into unicast packets and forwards them to a specified server. The volume describes: z udp he...
Page 9: Table of Contents
Operation manual – arp h3c s9500 series routing switches table of contents i table of contents chapter 1 arp configuration....................................................................................................... 1-1 1.1 arp overview.........................................................
Page 10
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-1 chapter 1 arp configuration when configuring arp, go to these sections for information you are interested in: z arp overview z configuring arp z configuring gratuitous arp z configuring arp source suppression z ...
Page 11
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-2 z hardware type: this field specifies the type of a hardware address. The value “1” represents an ethernet address. Z protocol type: this field specifies the type of the protocol address to be mapped. The hexade...
Page 12
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-3 all-zero mac address. Because the arp request is sent in broadcast mode, all hosts on this subnet can receive the request, but only the requested host (namely, host b) will process the request. 3) host b compare...
Page 13
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-4 note: usually arp dynamically implements and automatically seeks mappings from ip addresses to mac addresses, without manual intervention. 1.2 configuring arp 1.2.1 configuring a static arp entry a static arp en...
Page 14
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-5 to do… use the command… remarks enter system view system-view — enter vlan interface view interface vlan-interface interface-number — set the maximum number of dynamic arp entries that the interface can learn ar...
Page 15
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-6 1.2.5 enabling the support for arp requests from a natural network when learning mac addresses, if the device finds that the source ip address of an arp packet and the ip address of the inbound interface are not...
Page 16
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-7 [sysname] vlan 10 [sysname-vlan10] quit [sysname] interface ethernet 1/1/1 [sysname-ethernet1/1/1] port access vlan 10 [sysname-ethernet1/1/1] quit [sysname] interface vlan-interface 10 [sysname-vlan-interface10...
Page 17
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-8 1.4 configuring arp source suppression 1.4.1 introduction to arp source suppression if hosts on a network attack the device by sending large amounts of ip packets whose ip addresses cannot be resolved, the follo...
Page 18
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-9 next hop unreachable (an ip packet that arp cannot resolve the mac address of the next hop), a device with this function creates a black hole route immediately and the forwarding chip simply drops all packets to...
Page 19
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-10 to do… use the command… remarks enter system view system-view — enable the arp active acknowledgement function arp anti-attack active-ack enable required disabled by default. 1.7 configuring arp packet source m...
Page 20
Operation manual – arp h3c s9500 series routing switches chapter 1 arp configuration 1-11 to do… use the command… remarks display the configuration information of arp source suppression display arp source-suppression available in any view clear arp entries from the arp mapping table reset arp { all ...
Page 21
Operation manual – arp h3c s9500 series routing switches chapter 2 proxy arp configuration 2-1 chapter 2 proxy arp configuration when configuring proxy arp, go to these sections for information you are interested in: z proxy arp overview z enabling proxy arp z displaying and maintaining proxy arp z ...
Page 22
Operation manual – arp h3c s9500 series routing switches chapter 2 proxy arp configuration 2-2 2.3 displaying and maintaining proxy arp to do… use the command… remarks display whether proxy arp is enabled display proxy-arp [ interface interface-type interface-number ] available in any view display w...
Page 23
Operation manual – arp h3c s9500 series routing switches chapter 2 proxy arp configuration 2-3 [sysname-vlan1] vlan 2 [sysname-vlan2] quit [sysname] interface vlan-interface 1 [sysname-vlan-interface1] ip address 192.168.10.99 255.255.255.0 [sysname-vlan-interface1] proxy-arp enable [sysname-vlan-in...
Page 24: Table of Contents
Operation manual – dhcp h3c s9500 series routing switches table of contents i table of contents chapter 1 dhcp overview............................................................................................................ 1-1 1.1 introduction to dhcp ..............................................
Page 25
Operation manual – dhcp h3c s9500 series routing switches table of contents ii chapter 3 dhcp relay agent configuration .............................................................................. 3-1 3.1 introduction to dhcp relay agent ...............................................................
Page 26: Chapter 1 Dhcp Overview
Operation manual – dhcp h3c s9500 series routing switches chapter 1 dhcp overview 1-1 chapter 1 dhcp overview when configuring dhcp, go to these sections for information you are interested in: z introduction to dhcp z dhcp address allocation z dhcp message format z protocols and standards 1.1 introd...
Page 27
Operation manual – dhcp h3c s9500 series routing switches chapter 1 dhcp overview 1-2 ip addresses for a long time, and some clients only need temporary ip addresses. Dhcp supports three mechanisms for ip address allocation based on various needs. Z manual allocation: the network administrator assig...
Page 28
Operation manual – dhcp h3c s9500 series routing switches chapter 1 dhcp overview 1-3 note: z after the client receives the dhcp-ack message, it will probe whether the ip address assigned by the server is in use by broadcasting gratuitous arp. If the client receives no response within specified time...
Page 29
Operation manual – dhcp h3c s9500 series routing switches chapter 1 dhcp overview 1-4 figure 1-3 dhcp message format z op: message type defined in option field. 1 = request, 2 = reply z htype,hlen: hardware address type and length of a dhcp client. Z hops: number of relay agents a request message tr...
Page 30
Operation manual – dhcp h3c s9500 series routing switches chapter 1 dhcp overview 1-5 z rfc 1542: clarifications and extensions for the bootstrap protocol z rfc 3046: dhcp relay agent information option.
Page 31
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-1 chapter 2 dhcp server configuration when configuring the dhcp server, go to these sections for information you are interested in: z introduction to dhcp server z dhcp server configuration task list z en...
Page 32
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-2 the address pool database is organized as a tree. The root of the tree is the address pool for natural networks, branches are address pools for subnets, and leaves are addresses statically bound to clie...
Page 33
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-3 note: keep the ip addresses for dynamic allocation within the subnet where the interface of the dhcp server or dhcp relay agent resides to avoid wrong ip address allocation. 2.1.3 ip address allocation ...
Page 34
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-4 2.4 enabling the dhcp server on an interface with the dhcp server enabled on an interface, upon receiving a client’s request, the dhcp server will assign an ip address from its address pool to the dhcp ...
Page 35
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-5 task remarks configuring a domain name for the client configuring dns servers for the client configuring wins servers and netbios node type for the client configuring the bims server information for the...
Page 36
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-6 a dhcp address pool now supports only one static binding, which can be a mac-to-ip or id-to-ip binding. To configure the static binding in a dhcp address pool, use the following commands: to do… use the...
Page 37
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-7 you can specify the lease duration for a dhcp address pool different from others, and a dhcp address pool can only have the same lease duration. A lease does not enjoy the inheritance attribute. To conf...
Page 38
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-8 to do… use the command… remarks specify the domain name for the client domain-name domain-name required not specified by default 2.5.5 configuring dns servers for the client when a dhcp client wants to ...
Page 39
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-9 to configure wins servers and netbios node type in the dhcp address pool, use the following commands: to do… use the command… remarks enter system view system-view — enter dhcp address pool view dhcp se...
Page 40
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-10 to configure the gateways in the dhcp address pool, use the following commands: to do… use the command… remarks enter system view system-view — enter dhcp address pool view dhcp server ip-pool pool-nam...
Page 41
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-11 to do… use the command… remarks enter system view system-view — enter dhcp address pool view dhcp server ip-pool pool-name — specify the tftp server tftp-server ip-address ip-address optional not speci...
Page 42
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-12 option corresponding name in rfc corresponding command command parameter 44 netbios over tcp/ip name server option nbns-list ip-address 46 netbios over tcp/ip node type option netbios-type hex 58 renew...
Page 43
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-13 to enable unauthorized dhcp server detection, use the following commands: to do… use the command… remarks enter system view system-view — enable unauthorized dhcp server detection dhcp server detect re...
Page 44
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-14 2.7 enabling the dhcp sever to handle option 82 upon receiving a dhcp request with option 82, a dhcp server, if enabled to handle option 82, returns a dhcp response carrying option 82 to assign an ip a...
Page 46
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-16 2.9 dhcp server configuration examples 2.9.1 static ip address assignment configuration example i. Network requirements switch b (dhcp client) obtains a static ip address, dns server address, and gatew...
Page 47
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-17 2.9.2 dynamic ip address assignment configuration example i. Network requirements z the dhcp server (switch a) assigns ip address to clients in subnet 10.1.1.0/24, which is subnetted into 10.1.1.0/25 a...
Page 48
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-18 iii. Configuration procedure 1) specify vlan interfaces and ip addresses for vlan interfaces (omitted). 2) configure the dhcp server # enable dhcp system-view [sysname] dhcp enable # exclude ip address...
Page 49
Operation manual – dhcp h3c s9500 series routing switches chapter 2 dhcp server configuration 2-19 iii. Solution 1) disconnect the client’s network cable and ping the client’s ip address on another host with a long timeout time to check whether there is a host using the same ip address. 2) if a ping...
Page 50
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-1 chapter 3 dhcp relay agent configuration when configuring the dhcp relay agent, go to these sections for information you are interested in: z introduction to dhcp relay agent z configuring dhcp rel...
Page 51
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-2 figure 3-1 dhcp relay agent application no matter whether a relay agent exists or not, the dhcp server and client interact with each other in a similar way (see section 1.2.2 “ dynamic ip address a...
Page 52
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-3 task remarks enabling dhcp required enabling the dhcp relay agent on interfaces required correlating a dhcp server group with relay agent interfaces required configuring the dhcp relay agent to sen...
Page 53
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-4 note: z if the dhcp client obtains an ip address via the dhcp relay agent, the address pool of the subnet which the ip address of the dhcp relay agent belongs to must be configured on the dhcp serv...
Page 54
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-5 note: z you can specify at most twenty dhcp server groups on s9500 series routing switches. Z up to eight dhcp server addresses can be configured for each dhcp server group. The ip addresses of dhc...
Page 55
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-6 means you can manually configure ip-to-mac bindings on the dhcp relay agent, so that users can access external network using fixed ip addresses. For avoidance of invalid ip address configuration, y...
Page 56
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-7 z if the server returns a dhcp-nak message, which means the ip address is still in use, the relay agent will not age it out. To configure dynamic binding update interval, use the following commands...
Page 57
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-8 3.2.7 configuring the dhcp relay agent to support option 82 i. Introduction to option 82 option 82 is the relay agent option in the options field of the dhcp message. It records the location inform...
Page 58
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-9 z sub-option 1: padded with the user-specified access node identifier, and the type, number, pvc identifier (used when the interface type is atm), and vlan id of the interface that received the cli...
Page 59
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-10 if a client’s request message has… handling strategy padding format the dhcp relay agent will… — normal forward the message after adding the option 82 padded in normal format. No option 82 — verbo...
Page 60
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-11 note: z to support option 82, it is required to perform related configuration on both the dhcp server and relay agent. Refer to 2.7 “ enabling the dhcp sever to handle option 82 ” for dhcp server ...
Page 61
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-12 3.4 dhcp relay agent configuration example i. Prerequisites z vlan-interface 1 on the dhcp relay agent (switch a) connects to the network where dhcp clients reside. The ip address of vlan-interfac...
Page 62
Operation manual – dhcp h3c s9500 series routing switches chapter 3 dhcp relay agent configuration 3-13 [sysname] interface vlan-interface 1 [sysname-vlan-interface1] dhcp relay server-select 1 note: performing the configuration on the dhcp server is also required to guarantee the client-server comm...
Page 63: Table of Contents
Operation manual – dns h3c s9500 series routing switches table of contents i table of contents chapter 1 dns configuration....................................................................................................... 1-1 1.1 dns overview ........................................................
Page 64
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-1 chapter 1 dns configuration when configuring dns, go to these sections for information you are interested in: z dns overview z configuring domain name resolution z displaying and maintaining dns z dns configurat...
Page 65
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-2 4) the dns client returns the resolution result to the application after receiving a response from the dns server. Figure 1-1 dynamic domain name resolution figure 1-1 shows the relationship between user program...
Page 66
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-3 currently, the device supports static and dynamic dns services. Note: if an alias is configured for a domain name on the dns server, the device can resolve the alias into the ip address of the host. 1.2 configur...
Page 67
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-4 to do… use the command… remarks configure dns suffixes dns domain domain-name optional no dns suffix is configured by default note: z you may configure up to six dns servers and ten dns suffixes. Z you can use t...
Page 68
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-5 ii. Network diagram figure 1-2 network diagram for static domain name resolution iii. Configuration procedure # configure a mapping between host name host.Com and ip address 10.1.1.2. System-view [sysname] ip ho...
Page 69
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-6 ii. Network diagram figure 1-3 network diagram for dynamic domain name resolution iii. Configuration procedure note: z before performing the following configuration, make sure that there is a route between the d...
Page 70
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-7 figure 1-4 create a zone # create a mapping between host name and ip address. Figure 1-5 add a host in figure 1-5 , right click zone com, and then select new host to bring up a dialog box as shown in figure 1-6 ...
Page 71
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-8 figure 1-6 add a mapping between domain name and ip address 2) configure dns client device # enable dynamic domain name resolution. System-view [sysname] dns resolve # configure ip address 2.1.1.2 for the dns se...
Page 72
Operation manual – dns h3c s9500 series routing switches chapter 1 dns configuration 1-9 iii. Solution z use the display dns dynamic-host command to check that the specified domain name is in the cache. Z if there is no defined domain name, check that dynamic domain name resolution is enabled and th...
Page 73: Table of Contents
Operation manual – ip addressing h3c s9500 series routing switches table of contents i table of contents chapter 1 ip addressing configuration ...................................................................................... 1-1 1.1 ip addressing overview ..........................................
Page 74
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-1 chapter 1 ip addressing configuration when assigning ip addresses to interfaces on your device, go to these sections for information you are interested in: z ip addressing overview z configur...
Page 75
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-2 figure 1-1 ip address classes table 1-1 describes the address ranges of these five classes. Currently, the first three classes of ip addresses are used in quantity. Table 1-1 ip address class...
Page 76
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-3 1.1.3 subnetting and masking subnetting was developed to address the risk of ip address exhaustion resulting from fast expansion of the internet. The idea is to break a network down into smal...
Page 77
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-4 1.1.4 ip unnumbered logically, to enable ip on an interface, you must assign this interface a unique ip address. Yet, you can borrow an ip address already configured on one of other interface...
Page 78
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-5 1.2.2 ip addressing configuration example i. Network requirements as shown in figure 1-3 , the vlan-interface 1 on switch is connected to a lan comprising two segments: 172.16.1.0/24 and 172....
Page 79
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-6 ping 172.16.1.2: 56 data bytes, press ctrl_c to break reply from 172.16.1.2: bytes=56 sequence=1 ttl=255 time=25 ms reply from 172.16.1.2: bytes=56 sequence=2 ttl=255 time=27 ms reply from 17...
Page 80
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-7 1.3.1 configuration prerequisites assign a primary ip address to the interface from which you want to borrow the ip address. 1.3.2 configuration procedure follow these steps to configure ip u...
Page 81
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-8 to save ip addresses, configure the pos interfaces to borrow ip addresses from the vlan interfaces. The ip address of vlan-interface 1 on switch a is 172.16.10.1/24, and the ip address of vla...
Page 82
Operation manual – ip addressing h3c s9500 series routing switches chapter 1 ip addressing configuration 1-9 [sysnameb] interface pos 2/1/1 [sysnameb-pos2/1/1] ip address unnumbered interface vlan-interface 1 [sysnameb-pos2/1/1] link-protocol ppp [sysnameb-pos2/1/1] quit # create a route to the segm...
Page 83: Table of Contents
Operation manual – ip performance h3c s9500 series routing switches table of contents i table of contents chapter 1 ip performance configuration.................................................................................... 1-1 1.1 ip performance overview...........................................
Page 84
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-1 chapter 1 ip performance configuration when configuring ip performance, go to these sections for information you are interested in: z ip performance overview z enabling forwarding of direct...
Page 85
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-2 note: s9500 series routing switches can still receive broadcasts from a designated udp port even if they are disabled from receiving directed broadcasts. 1.2.1 enabling forwarding of direct...
Page 86
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-3 1.2.3 configuration example i. Network requirements as shown in figure 1-1 , the host’s interface and vlan-interface 3 of switch a are on the same network segment (1.1.1.0/24). Vlan-interfa...
Page 87
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-4 after the above configurations, if you ping the subnet broadcast address (2.2.2.255) of vlan-interface 2 of switch a on the host, the ping packets can be received by vlan-interface 2 of swi...
Page 88
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-5 1.4 configuring tcp mss for the interface the tcp maximum segment size (mss) on an interface determines whether tcp packets need to be fragmented when forwarded. If the size of a packet is ...
Page 89
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-6 note: when performing hardware forwarding, s9500 series routing switches will not forward icmp redirect packets even if the above conditions are satisfied. Icmp redirect packets function si...
Page 90
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-7 note: when performing hardware forwarding, s9500 series routing switches will not forward icmp destination unreachable packets even if the above conditions are satisfied. Ii. Disadvantage o...
Page 91
Operation manual – ip performance h3c s9500 series routing switches chapter 1 ip performance configuration 1-8 1.6 displaying and maintaining ip performance to do… use the command… remarks display current tcp connection state display tcp status display tcp connection statistics display tcp statistic...
Page 92: Table of Contents
Operation manual – udp helper h3c s9500 series routing switches table of contents i table of contents chapter 1 udp helper configuration .......................................................................................... 1-1 1.1 introduction to udp helper.........................................
Page 93
Operation manual – udp helper h3c s9500 series routing switches chapter 1 udp helper configuration 1-1 chapter 1 udp helper configuration when configuring udp helper, go to these sections for information you are interested in: z introduction to udp helper z configuring udp helper z displaying and ma...
Page 94
Operation manual – udp helper h3c s9500 series routing switches chapter 1 udp helper configuration 1-2 protocol udp port number time service 37 netbios name service (netbios-ns) 137 netbios datagram service (netbios-ds) 138 terminal access controller access control system (tacacs) 49 1.2 configuring...
Page 95
Operation manual – udp helper h3c s9500 series routing switches chapter 1 udp helper configuration 1-3 caution: z the udp helper enabled device cannot forward dhcp broadcast packets. That is to say, the udp port number cannot be set to 67 or 68. Z the dns, netbios-ds, netbios-ns, tacacs, tftp, and t...
Page 96
Operation manual – udp helper h3c s9500 series routing switches chapter 1 udp helper configuration 1-4 ii. Network diagram figure 1-1 network diagram for udp helper configuration i iii. Configuration procedure note: the following configuration assumes that a route from switch a to the network segmen...
Page 97
Operation manual – udp helper h3c s9500 series routing switches chapter 1 udp helper configuration 1-5 ii. Network diagram figure 1-2 network diagram for udp helper configuration ii iii. Configuration procedure note: the following configuration assumes that a route from switch a to the network segme...
Page 98: Table of Contents
Operation manual – ipv6 basics h3c s9500 series routing switches table of contents i table of contents chapter 1 ipv6 basics configuration .......................................................................................... 1-1 1.1 ipv6 overview....................................................
Page 99
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-1 chapter 1 ipv6 basics configuration when configuring ipv6 basics, go to these sections for information you are interested in: z ipv6 overview z ipv6 basics configuration task list z configuring b...
Page 100
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-2 1.1.1 ipv6 features i. Header format simplification ipv6 cuts down some ipv4 header fields or move them to the ipv6 extension headers to reduce the length of the basic ipv6 header. Ipv6 uses the ...
Page 101
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-3 z stateless address configuration means that a host automatically configures an ipv6 address and related information on basis of its own link-layer address and the prefix information advertised b...
Page 102
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-4 z if an ipv6 address contains two or more consecutive groups of zeros, they can be replaced by the double-colon :: option. For example, the above-mentioned address can be represented in the short...
Page 103
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-5 the type of an ipv6 address is designated by the first several bits called format prefix. Table 1-1 lists the mappings between address types and format prefixes. Table 1-1 mapping between address...
Page 104
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-6 table 1-2 reserved ipv6 multicast addresses address application ff01::1 node-local scope all-nodes multicast address ff02::1 link-local scope all-nodes multicast address ff01::2 node-local scope ...
Page 105
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-7 1.1.3 introduction to ipv6 neighbor discovery protocol ipv6 neighbor discovery protocol (ndp) uses five types of icmpv6 messages to implement the following functions: z address resolution z neigh...
Page 106
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-8 icmpv6 message number function used to respond to an ns message neighbor advertisement (na) message 136 when the link layer changes, the local node sends an na message to notify neighbor nodes of...
Page 107
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-9 2) after receiving the ns message, node b judges whether the destination address of the packet is its solicited-node multicast address. If yes, node b learns the link-layer address of node a, and...
Page 108
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-10 iv. Router/prefix discovery and address autoconfiguration router/prefix discovery means that a node locates the neighboring routers, and learns the prefix of the network where the host is locate...
Page 109
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-11 figure 1-5 working procedure of the pmtu discovery the working procedure of the pmtu discovery is as follows: 1) the source host uses its mtu to fragment packets and then sends them to the desti...
Page 110
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-12 z rfc 2375: ipv6 multicast address assignments z rfc 2460: internet protocol, version 6 (ipv6) specification. Z rfc 2461: neighbor discovery for ip version 6 (ipv6) z rfc 2462: ipv6 stateless ad...
Page 111
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-13 1.3.2 configuring an ipv6 unicast address ipv6 site-local addresses and global unicast addresses can be configured in either of the following ways: z eui-64 format: when the eui-64 format is ado...
Page 112
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-14 note: z after an ipv6 site-local address or global unicast address is configured for an interface, a link-local address will be generated automatically. The automatically generated link-local ad...
Page 113
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-15 caution: you can adopt either of the following two methods to configure a static neighbor entry for a vlan interface. Z after a static neighbor entry is configured by using the first method, the...
Page 114
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-16 table 1-4 parameters in an ra message and their descriptions parameters description cur hop limit when sending an ipv6 packet, a host uses the value of this parameter to fill the cur hop limit f...
Page 115
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-17 follow these steps to configure parameters related to an ra message: to do… use the command… remarks enter system view system-view — configure the current hop limit ipv6 nd hop-limit value optio...
Page 116
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-18 to do… use the command… remarks set the retrans timer ipv6 nd ns retrans-timer value optional by default, the local interface sends ns messages at intervals of 1,000 milliseconds and the retrans...
Page 117
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-19 1.5 configuring pmtu discovery 1.5.1 configuring the interface mtu ipv6 routing devices do not support packet fragmentation. After an ipv6 routing device receives an ipv6 packet, if the packet s...
Page 118
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-20 the aging time is invalid for static pmtu. Follow these steps to configure the aging time for pmtu: to do… use the command… remarks enter system view system-view — configure aging time for pmtu ...
Page 119
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-21 in the load sharing mode of ipv6 fib, the device can decide how to select an equal cost multi-path (ecmp) route to forward packets. Currently, two load sharing modes are supported: z load sharin...
Page 120
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-22 follow these steps to configure the capacity and update period of the token bucket: to do… use the command… remarks enter system view system-view — configure the capacity and update period of th...
Page 121
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-23 to do… use the command… remarks enter system view system-view — enable the dynamic domain name resolution function dns resolve required disabled by default. Configure an ipv6 dns server dns serv...
Page 122
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-24 1.10 displaying and maintaining ipv6 basics configuration to do… use the command… remarks display dns suffix information display dns domain [ dynamic ] display ipv6 dynamic domain name cache inf...
Page 124
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-26 iii. Configuration procedure z configure switch a # enable the ipv6 packet forwarding function. System-view [switcha] ipv6 # configure the interface vlan-interface 2 to automatically generate a ...
Page 125
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-27 ff02::2 ff02::1 mtu is 1500 bytes nd dad is enabled, number of dad attempts: 1 nd reachable time is 30000 milliseconds nd retransmit interval is 1000 milliseconds hosts use stateless autoconfig ...
Page 126
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-28 bytes=56 sequence=2 hop limit=255 time = 60 ms reply from fe80::20f:e2ff:fe00:1 bytes=56 sequence=3 hop limit=255 time = 60 ms reply from fe80::20f:e2ff:fe00:1 bytes=56 sequence=4 hop limit=255 ...
Page 127
Operation manual – ipv6 basics h3c s9500 series routing switches chapter 1 ipv6 basics configuration 1-29 bytes=56 sequence=5 hop limit=255 time = 60 ms --- 3001::2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 50/60/70 ms 1.12 troublesho...
Page 128: Table of Contents
Operation manual – dual stack h3c s9500 series routing switches table of contents i table of contents chapter 1 dual stack configuration............................................................................................ 1-1 1.1 dual stack overview ..............................................
Page 129
Operation manual – dual stack h3c s9500 series routing switches chapter 1 dual stack configuration 1-1 chapter 1 dual stack configuration when configuring dual stack, go to these sections for information you are interested in: z dual stack overview z configuring dual stack note: the term “router” in...
Page 130
Operation manual – dual stack h3c s9500 series routing switches chapter 1 dual stack configuration 1-2 1.2 configuring dual stack you must enable the ipv6 packet forwarding function before dual stack. Otherwise, the device cannot forward ipv6 packets even if ipv6 addresses are configured for interfa...
Page 131: Table of Contents
Operation manual – tunneling h3c s9500 series routing switches table of contents i table of contents chapter 1 tunneling configuration ............................................................................................. 1-1 1.1 introduction to tunneling ........................................
Page 132
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-1 chapter 1 tunneling configuration note: z the term “router” in this document refers to a router in a generic sense or an ethernet switch running a routing protocol. Z at present, the s9500 does not s...
Page 133
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-2 the network. A tunnel is a virtual point-to-point connection. In practice, the virtual interface that supports only point-to-point connections is called tunnel interface. One tunnel provides one chan...
Page 134
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-3 1) a host in the ipv6 network sends an ipv6 packet to the device at the source end of the tunnel. 2) after determining according to the routing table that the packet needs to be forwarded through the...
Page 135
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-4 a manually configured tunnel is a point-to-point link. One link is a separate tunnel. The ipv6 manually configured tunnel is mainly used for stable connections requiring regular secure communication ...
Page 136
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-5 between the 6to4 network (with the address prefix starting with 2002) and the ipv6 network is realized. Figure 1-2 principle of 6to4 tunnel and 6to4 relay 5) isatap tunnel with the application of the...
Page 137
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-6 iv. Expedite termination if expedite termination is disabled, a tunneled packet arriving at the destination node is first forwarded to the tunnel service loopback interface for processing, then the o...
Page 138
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-7 v. Tunnel hybrid insertion in practice, many cards only support ipv4. However, a tunnel can only be established over ipv6 cards. After tunnel packets arrive on the destination node, it is very likely...
Page 139
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-8 1.2 tunneling configuration task list complete these tasks to configure the tunneling feature: task remarks configuring ipv6 manually configured tunnel optional configuring automatic ipv4-compatible ...
Page 140
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-9 to do… use the command… remarks create a tunnel interface and enter tunnel interface view interface tunnel number required by default, there is no tunnel interface on the device. Ipv6 address { ipv6-...
Page 141
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-10 note: for the configuration of tunnel interface mtu, refer to the ipv6 mtu command in ipv6 basics commands of ip services volume. Caution: z after a tunnel interface is deleted, all the above featur...
Page 142
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-11 ii. Network diagram figure 1-5 network diagram for an ipv6 manually configured tunnel (on switches) iii. Configuration procedure the following example shows how to configure an ipv6 manually configu...
Page 143
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-12 # reference link aggregation group 1 and enable expedite termination in tunnel interface view. [switcha-tunnel0/0/1] aggregation-group 1 [switcha-tunnel0/0/1] expediting enable [switcha-tunnel0/0/1]...
Page 144
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-13 iv. Configuration verification after the above configurations, you can successfully ping the ipv6 address of the peer tunnel interface from one switch. 1.4 configuring automatic ipv4-compatible ipv6...
Page 145
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-14 to do… use the command… remarks configure an automatic ipv4-compatible ipv6 tunnel tunnel-protocol ipv6-ipv4 auto-tunnel required by default, the tunnel is a gre tunnel. The same tunnel type should ...
Page 146
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-15 caution: z for automatic ipv4-compatible ipv6 tunnels, 6to4 tunnels, or isatap tunnels, their tunnel interfaces must have different source addresses. Z no destination address needs to be configured ...
Page 147
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-16 # enable the ipv6 forwarding function. System-view [switcha] ipv6 # configure an ipv4 address for the interface vlan-interface 12. [switcha] vlan 12 [switcha-vlan12] port gigabitethernet3/1/1 [switc...
Page 148
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-17 # configure an automatic ipv4-compatible ipv6 tunnel. [switchb] interface tunnel 0/0/1 [switchb-tunnel0/0/1] ipv6 address ::2.1.1.2/96 [switchb-tunnel0/0/1] source vlan-interface 12 [switchb-tunnel0...
Page 149
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-18 to do… use the command… remarks enable the ipv6 packet forwarding function ipv6 required by default, the ipv6 packet forwarding function is disabled. Create a tunnel interface and enter tunnel inter...
Page 150
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-19 to do… use the command… remarks configure an address and mask for the expedite termination subnet expediting subnet ip-address mask optional by default, no expedite termination subnet is configured ...
Page 151
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-20 1.5.3 configuration example i. Network requirements isolated ipv6 domains are interconnected through a 6to4 tunnel established in the ipv4 network. Ii. Network diagram figure 1-7 network diagram for...
Page 152
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-21 [switcha] ip route-static 5.1.1.1 24 [nexthop] # configure an ipv6 address for the interface vlan-interface 101. [switcha] vlan 101 [switcha-vlan101] port gigabitethernet 1/1/2 [switcha-vlan101] qui...
Page 153
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-22 [switchb] interface vlan-interface 100 [switchb-vlan-interface100] ip address 5.1.1.1 24 [switchb-vlan-interface100] quit # configure a route from the interface vlan-interface 100 to the interface v...
Page 154
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-23 iv. Configuration verification after the above configuration, you can successfully ping host b from host a or ping host a from host b. 1.6 configuring 6to4 relay 1.6.1 configuration prerequisites an...
Page 155
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-24 1.6.3 configuration example i. Network requirements ipv6 networks (site 1 and site 2) are isolated by an ipv4 network. To make the two sites communicate through switch a and switch b, establish a 6t...
Page 156
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-25 [switcha-vlan101] port gigabitethernet 4/1/5 [switcha-vlan101] interface vlan-interface 101 [switcha-vlan-interface101] ipv6 address 2001:1::101 32 [switcha-vlan-interface101] quit # configure a 6to...
Page 157
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-26 [switchb] ip route-static 11.0.0.0 24 [nexthop] # configure an ipv6 address for the interface vlan-interface 102. [switchb] vlan 102 [switchb-vlan102] port gigabitethernet 4/1/5 [switchb] interface ...
Page 158
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-27 1.7.2 configuration procedure follow these steps to configure an isatap tunnel: to do… use the command… remarks enter system view system-view — enable the ipv6 packet forwarding function ipv6 requir...
Page 159
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-28 to do… use the command… remarks configure a link aggregation group id to be referenced by the tunnel interface aggregation-group aggregation-group-id required enable the expedite termination functio...
Page 160
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-29 1.7.3 configuration example i. Network requirements the destination address of a tunnel is an isatap address. It is required that ipv6 hosts in the ipv4 network can access the ipv6 network via an is...
Page 161
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-30 [switch-gigabitethernet1/1/3] stp disable [switch-gigabitethernet1/1/3] port link-aggregation group 1 [switch-gigabitethernet1/1/3] quit # reference link aggregation group 1 and enable expedite term...
Page 162
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-31 # a link-local address (fe80::5efe:2.1.1.2) in the isatap format is automatically generated for the isatap interface. Configure an ipv4 address for the isatap switch on the isatap interface. C:\>ipv...
Page 163
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-32 1.8.2 configuration procedure follow these steps to configure an ipv4 over ipv4 tunnel: to do… use the command… remarks enter system view system-view — create a tunnel interface and enter tunnel int...
Page 164
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-33 caution: z if the tunnel interface addresses at the two ends of a tunnel are not in the same network segment, a forwarding route through the tunnel to the peer must be configured so that the encapsu...
Page 165
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-34 [switcha-vlan-interface100] ip address 10.1.1.1 255.255.255.0 [switcha-vlan-interface100] quit # configure an ipv4 address for the interface vlan-interface 101 (the physical interface of the tunnel)...
Page 166
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-35 [switchb] vlan 100 [switchb-vlan100] port ethernet 1/1/1 [switchb-vlan100] quit [switchb] interface vlan-interface 100 [switchb-vlan-interface100] ip address 10.1.3.1 255.255.255.0 [switchb-vlan-int...
Page 167
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-36 iv. Configuration verification after the above configuration, you can successfully ping the address of the access interface of the peer ipv4 group from one switch. 1.9 configuring tunnel hybrid inse...
Page 169
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-38 1.9.3 configuration example i. Network requirement z switch a and switch b are configured with ipv6 cards and ipv4 cards. In this example, the tunnel type used for networking is an ipv6 manually con...
Page 170
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-39 # configure an ipv4 address for the interface vlan-interface 12. [switcha] interface vlan-interface 12 [switcha-vlan-interface12] ipv6 address 1000::1 64 [switcha-vlan-interface12] quit # configure ...
Page 171
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-40 [switcha-classifier-1] if-match acl 3000 [switcha-classifier-1] quit [switcha] traffic behavior 1 [switcha-behavior-1] redirect link-aggregation group 1 [switcha] qos policy 1 [switcha-qospolicy-1] ...
Page 172
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-41 [switchb-ripng-1] quit [switchb] interface tunnel 3/0/0 [switchb-tunnel3/0/0] ripng 1 enable # configure an acl and redirect the tunnel packets that come from the ipv4 cards and should be terminated...
Page 173
Operation manual – tunneling h3c s9500 series routing switches chapter 1 tunneling configuration 1-42 note: for details about bgp, refer to bgp commands and bgp4+ commands in ip routing volume. 1.11 troubleshooting tunneling configuration symptom: after the configuration of related parameters such a...
Page 174: Table of Contents
Operation manual – adjacency table h3c s9500 series routing switches table of contents i table of contents chapter 1 adjacency table configuration.................................................................................. 1-1 1.1 adjacency table overview .........................................
Page 175
Operation manual – adjacency table h3c s9500 series routing switches chapter 1 adjacency table configuration 1-1 chapter 1 adjacency table configuration when configuring adjacency table, go to these sections for information you are interested in: z adjacency table overview z displaying and maintaini...
Page 176
Operation manual – adjacency table h3c s9500 series routing switches chapter 1 adjacency table configuration 1-2 z service type: type of service corresponding to the adjacency table, such as ppp and ip over atm. Currently, only ppp is supported. 1.2 displaying and maintaining the adjacency table to ...