Professional Documents
Culture Documents
Table of Contents ......................................................................................... Chapter 1 Maintenance Terminal Configuration ........................................... 1.1 Configuring the Local Serial Terminal ............................................... 1.2 Configuring the Remote Serial Terminal ........................................... 1.3 Configuring the Telnet Environment ................................................. Chapter 2 Basic System Operations ............................................................ 2.1 Command Line Operation Characteristics ........................................ 2.1.1 Intelligent Matching ................................................................... 2.1.2 Edit Characteristics ................................................................... 2.1.3 Display Characteristics ............................................................. 2.1.4 Command Line Error Prompts .................................................. 2.1.5 Command Modes ..................................................................... 2.2 Online Help ....................................................................................... 2.3 Setting the Interactive Mode ............................................................. 2.4 Switching the Terminal Languages ................................................... 2.5 Setting the System Time ................................................................... 2.6 Setting the System Name ................................................................. 2.7 Setting the Terminal Type ................................................................. 2.8 Setting the Timeout Exit .................................................................... 2.9 Setting the Terminal Screen Length ................................................. 2.10 Setting the Terminal Screen Clearance .......................................... 2.11 Viewing the Hardware/Software Version ........................................ 2.12 Viewing History Commands ............................................................ 2.13 Viewing the CPU Occupancy Ratio ................................................ 2.14 Network Testing Tools .................................................................... Chapter 3 User Management ....................................................................... 3.1 Overview ........................................................................................... 3.2 Adding/Deleting a User ..................................................................... 3.2.1 Adding a User ........................................................................... 3.2.2 Deleting a User ......................................................................... 3.3 Modifying User Attributes .................................................................. 3.4 Viewing User Information .................................................................. Chapter 4 Line Configuration ....................................................................... 4.1 Overview ........................................................................................... 4.2 Entering Line Configuration Mode .................................................... 4.3 Configuring the Attributes of an Asynchronous Interface.................. 4.4 Defining HyperTerminal Attributes .................................................... 4.5 Viewing Line Information ................................................................... Chapter 5 Board Management ..................................................................... i 1-1 1-1 1-7 1-7 2-1 2-2 2-2 2-2 2-3 2-4 2-4 2-6 2-7 2-8 2-8 2-8 2-9 2-9 2-9 2-10 2-10 2-11 2-11 2-11 3-1 3-1 3-2 3-2 3-3 3-4 3-5 4-1 4-1 4-3 4-3 4-4 4-6 5-1
5.1 Overview ........................................................................................... 5.2 Viewing a Board ................................................................................ 5.3 Adding a Board ................................................................................. 5.4 Confirming a Board ........................................................................... 5.5 Deleting a Board ............................................................................... 5.6 Resetting a Board ............................................................................. 5.7 Replacing a Board ............................................................................ Chapter 6 Network Management Configuration ........................................... 6.1 Overview ........................................................................................... 6.2 Configuring SNMP ............................................................................ 6.2.1 Overview ................................................................................... 6.2.2 Setting the Community Name................................................... 6.2.3 Setting the Trap Sending .......................................................... 6.2.4 Setting Management Attributes ................................................ 6.2.5 Setting the SNMP Packet Size ................................................. 6.2.6 Setting the Name of Local or Remote Device .......................... 6.2.7 Setting an SNMP V3 Group...................................................... 6.2.8 Adding/Deleting a User to/from an SNMP Group ..................... 6.2.9 Creating/Modifying/Deleting/Viewing the View Information ...... 6.3 Configuring the Outband NMS .......................................................... 6.3.1 Setting the IP Address of an Outband Port .............................. 6.3.2 Setting Outband NMS Routes .................................................. 6.3.3 Outband NMS Configuration Example ..................................... 6.4 Configuring the Inband NMS ............................................................. 6.4.1 Setting the IP Address of Inband NMS ..................................... 6.4.2 Setting Inband NMS Routes ..................................................... 6.4.3 Adding an ACL ......................................................................... 6.4.4 Inband NMS Configuration Example ........................................ Chapter 7 RMON Configuration ................................................................... 7.1 Overview ........................................................................................... 7.2 Configuring RMON ............................................................................ 7.2.1 Adding/Deleting an Entry to/from the Alarm Table ................... 7.2.2 Adding/Deleting an Entry to/from the Event Table ................... 7.2.3 Adding/Deleting an Entry to/from the History Control Table ..... 7.2.4 Adding/Deleting an Entry to/from the Statistics Table .............. 7.2.5 Viewing RMON Information ...................................................... 7.3 RMON Configuration Example ..........................................................
5-1 5-2 5-4 5-5 5-6 5-6 5-7 6-1 6-1 6-1 6-1 6-4 6-4 6-5 6-6 6-6 6-6 6-7 6-8 6-8 6-9 6-9 6-10 6-11 6-11 6-12 6-12 6-14 7-1 7-1 7-2 7-2 7-3 7-3 7-4 7-4 7-5
8.1 Overview ........................................................................................... 8.2 Configuring MAC Address Table ...................................................... 8.2.1 Adding/Modifying/Deleting Address Items ................................ 8.2.2 Enabling/Disabling the Address Learning................................. 8.2.3 Setting the MAC Address Learning for a Port .......................... 8.2.4 Setting the System MAC Address Aging .................................. 8.2.5 Restoring the Default MAC Address of Main Control Boards ... 8.3 Viewing the MAC Address Table ...................................................... Chapter 9 DHCP Relay Configuration .......................................................... 9.1 Overview ........................................................................................... 9.2 Configuring a DHCP Server .............................................................. 9.2.1 Setting a DHCP Server ............................................................. 9.2.2 Setting the DHCP Relay Standard Mode (VLAN Interface)...... 9.2.3 Setting DHCP Option60............................................................ 9.2.4 Setting the MAC Address Segment .......................................... 9.3 Enabling the Switching Between DHCP L2/L3 Relay ....................... 9.4 Configuring the DHCP Relay Agent Information Option ................... 9.4.1 Enabling/Disabling DHCP Option82 ......................................... 9.4.2 Setting Whether a DHCP packet Includes a Sub-option .......... 9.4.3 Setting the Maximum Length of DHCP Packets ....................... 9.4.4 Viewing the Information on DHCP Option82 Configuration ...... 9.5 Configuration Example ...................................................................... 9.6 DHCP Relay Troubleshooting ........................................................... Chapter 10 ARP Configuration ..................................................................... 10.1 Overview ......................................................................................... 10.2 Configuring the Static ARP ............................................................. Chapter 11 STP Configuration ..................................................................... 11.1 Overview ......................................................................................... 11.1.1 Introduction to STP ................................................................. 11.1.2 Specific Calculation Process of STP Algorithm ...................... 11.1.3 Setting the BPDU Forwarding Mechanism in STP ................. 11.2 Configuring RSTP ........................................................................... 11.2.1 Enabling/Disabling RSTP ....................................................... 11.2.2 Setting/Switching the Operating Mode of RSTP..................... 11.2.3 Setting the Network Diameter ................................................. 11.2.4 Setting the Parameters of a Specified Bridge ......................... 11.2.5 Setting the Parameters of a Specified Port ............................ 11.2.6 Viewing RSTP Information ..................................................... Chapter 12 Cluster Management Configuration ........................................... 12.1 Overview ......................................................................................... 12.1.1 Brief Introduction to Cluster Management ..............................
8-1 8-2 8-2 8-3 8-3 8-4 8-5 8-5 9-1 9-1 9-2 9-3 9-5 9-6 9-7 9-9 9-10 9-11 9-12 9-13 9-13 9-14 9-15 10-1 10-1 10-2 11-1 11-1 11-1 11-1 11-6 11-7 11-8 11-9 11-10 11-10 11-12 11-14 12-1 12-1 12-1
12.1.1 Cluster Roles .......................................................................... 12.1.2 Brief Introduction to HGMP ..................................................... 12.2 Configuring HDP ............................................................................. 12.2.1 Setting HDP ............................................................................ 12.2.2 Viewing HDP Information ....................................................... 12.3 Configuring HTP ............................................................................. 12.3.1 Introduction to HTP ................................................................. 12.3.2 Setting HTP ............................................................................ 12.3.3 Viewing HTP Information ........................................................ 12.4 Configuring a Cluster ...................................................................... 12.4.1 Enabling/Disabling the Cluster Function................................. 12.4.2 Setting the Cluster IP Address Pool ....................................... 12.4.3 Specify the Command Device ................................................ 12.4.4 Adding/Deleting a Cluster Member ......................................... 12.4.5 Setting the Cluster Parameters .............................................. 12.4.6 Setting the Member Accessing ............................................... 12.4.7 Viewing Cluster Information .................................................... 12.5 Cluster Management Configuration Example ................................. Chapter 13 AAA and RADIUS Configuration ............................................... 13.1 Overview ......................................................................................... 13.1.1 Introduction to AAA ................................................................. 13.1.2 Introduction to RADIUS .......................................................... 13.1.3 Implementing AAA on the MA5300 ........................................ 13.2 Configuring AAA ............................................................................. 13.2.1 Setting an Authentication/Authorization Scheme ................... 13.2.2 Setting an Accounting Scheme .............................................. 13.2.3 Creating/Deleting an ISP Domain ........................................... 13.2.4 Configuring a User.................................................................. 13.2.5 Viewing AAA Information ........................................................ 13.3 Configuring RADIUS ....................................................................... 13.3.1 Creating/Deleting a RADIUS Server Group ............................ 13.3.2 Setting the IP Address and Port Number of RADIUS Server ................................................................................................ 13.3.3 Setting the Encryption Key of RADIUS Packet ....................... 13.3.4 Setting the Response Timeout Timer of RADIUS Server ....... 13.3.5 Setting the Retransmit Times of RADIUS Request Packet .... 13.3.6 Setting the Realtime Accounting Interval ................................ 13.3.7 Setting the Maximum Failure Count of Realtime Accounting Request .......................................................................... 13.3.8 Setting the Maximum Times for Resending Account-Stop Request .............................................................................................
12-2 12-3 12-5 12-6 12-7 12-8 12-8 12-9 12-12 12-12 12-14 12-14 12-15 12-15 12-17 12-19 12-22 12-22 13-1 13-1 13-1 13-1 13-2 13-3 13-5 13-6 13-6 13-10 13-11 13-11 13-14 13-14 13-15 13-16 13-16 13-16 13-17 13-18
13.3.9 Setting the RADIUS Server Type ........................................... 13.3.10 Setting the RADIUS Server State ......................................... 13.3.11 Setting the Format of Username Sent to RADIUS Server .... 13.4 Viewing RADIUS Information .......................................................... 13.5 AAA and RADIUS Configuration Example ...................................... 13.6 Fault Diagnosis and Troubleshooting ............................................. Chapter 14 802.1x Configuration ................................................................. 14.1 Overview ......................................................................................... 14.1.1 Introduction to 802.1x ............................................................. 14.1.2 802.1x System Architecture .................................................... 14.1.3 802.1x Authentication Process ............................................... 14.1.4 Implementing 802.1x on MA5300 ........................................... 14.2 Configuring 802.1x .......................................................................... 14.2.1 Enabling/Disabling 802.1x ...................................................... 14.2.2 Setting the Port Access Control Mode.................................... 14.2.3 Setting the Port Access Control Method................................. 14.2.4 Setting the Number of Users Per Port .................................... 14.2.5 Enabling/Disabling the DHCP Trigger Authentication ............ 14.2.6 Setting the Authenticator-to-Supplicant Frame-Retry Times ................................................................................................. 14.2.7 Configuring the Timer Parameters ......................................... 14.2.8 Viewing 802.1x Information .................................................... 14.3 802.1x Configuration Example ........................................................ 14.3.1 802.1x Access (Local Authentication) .................................... 14.3.2 802.1x Access (Remote Authentication) ................................ Chapter 15 ACL Configuration ..................................................................... 15.1 Introduction to ACL ......................................................................... 15.1.1 Overview................................................................................. 15.1.2 Setting the Match Order ......................................................... 15.1.3 ACLs Supported by the MA5300 ............................................ 15.2 Configuring an ACL ......................................................................... 15.2.1 Setting the Time Range .......................................................... 15.2.2 Defining an ACL ..................................................................... 15.2.3 Activating an ACL ................................................................... 15.2.4 Viewing ACL Information ........................................................ 15.3 ACL Configuration Example............................................................ Chapter 16 QoS Configuration ..................................................................... 16.1 Overview ......................................................................................... 16.2 Configuring QoS ............................................................................. 16.2.1 Setting the Traffic Policing ...................................................... 16.2.2 Setting the Port Rate Limit......................................................
13-18 13-18 13-19 13-19 13-20 13-20 14-1 14-1 14-1 14-1 14-3 14-4 14-4 14-5 14-6 14-6 14-7 14-7 14-7 14-7 14-8 14-8 14-9 14-11 15-1 15-1 15-1 15-1 15-2 15-3 15-3 15-4 15-9 15-11 15-12 16-1 16-1 16-5 16-6 16-7
16.2.3 Setting the Packet Redirection ............................................... 16.2.4 Setting the Priority Tag ........................................................... 16.2.5 Setting the Queue Scheduling ................................................ 16.2.6 Setting the Traffic Mirroring .................................................... 16.2.7 Setting Traffic Statistics .......................................................... 16.2.8 Viewing QoS Information ........................................................ 16.3 QoS Configuration Example ........................................................... Chapter 17 IP Performance Configuration ................................................... 17.1 Configuring the TCP Attributes ....................................................... 17.2 Viewing and Debugging the IP Performance .................................. 17.3 IP Performance Troubleshooting .................................................... Chapter 18 Overview of IP Routing Protocol................................................ 18.1 IP Routing and Routing Table ......................................................... 18.1.1 Route and Route Segment ..................................................... 18.1.2 Route Selection through the Routing Table ............................ 18.2 Route Management Policy .............................................................. 18.2.1 Routing Protocols and Routing Priority ................................... 18.2.2 Load Sharing and Route Backup ............................................ 18.3 Configuring a Static Route .............................................................. 18.3.1 Overview................................................................................. 18.3.2 Setting a Static Route ............................................................. 18.3.3 Viewing a Static Route ........................................................... 18.3.4 Static Route Configuration Example....................................... 18.3.5 Static Route Troubleshooting ................................................. 18.4 Configuring OSPF ........................................................................... 18.4.1 Overview................................................................................. 18.4.2 Setting OSPF .......................................................................... 18.4.3 Viewing OSPF Information ..................................................... 18.4.4 OSPF Configuration Example (Setting DR Election by OSPF Preference) ............................................................................. 18.4.5 OSPF Configuration Example (Setting OSPF Virtual Links) ................................................................................................. 18.4.6 OSPF Troubleshooting ...........................................................
16-7 16-7 16-9 16-9 16-10 16-11 16-12 17-1 17-1 17-2 17-2 18-1 18-1 18-1 18-2 18-4 18-4 18-5 18-5 18-5 18-6 18-8 18-9 18-10 18-10 18-10 18-15 18-34 18-35 18-38 18-39
19.2.3 Setting the Port Broadcast Storm Suppression ...................... 19.2.4 Setting the Port Priority Level ................................................. 19.2.5 Setting the Maximum Multicast Group Counts ....................... 19.2.6 Enabling/Disabling the Long Frames on an Ethernet Port ..... 19.2.7 Setting the MAC Address Learning for an Ethernet Port ........ 19.2.8 Setting the Port Aggregation .................................................. 19.2.9 Adding an Ethernet Port to a VLAN ........................................ 19.2.10 Setting the Ethernet Port Working Mode .............................. 19.2.11 Enabling/Disabling an Ethernet Port ..................................... 19.3 Viewing/Clearing Ethernet Port Information .................................... 19.3.1 Viewing Ethernet Port Information .......................................... 19.3.2 Clearing the Ethernet Port Information ................................... Chapter 20 xDSL Port Configuration ............................................................ 20.1 Overview ......................................................................................... 20.2 Configuring an xDSL port ................................................................ 20.2.1 Setting the Parameters of an xDSL Port ................................ 20.2.2 Description of xDSL Port Status ............................................. 20.2.3 Blocking/Unblocking an xDSL Port ......................................... 20.2.4 Activating/Deactivating an xDSL Port ..................................... 20.3 Configuring an xDSL Line Profile .................................................... 20.3.1 Adding a VDSL line profile...................................................... 20.3.2 Adding an ADSL/ADSL2+ Line profile .................................... 20.3.3 Adding an SHDSL Line Profile ............................................... 20.3.4 Deleting an xDSL Line Profile ................................................. 20.3.5 Modifying an xDSL Line Profile .............................................. 20.3.6 Viewing an xDSL Line Profile ................................................. 20.4 Configuring an xDSL Alarm Profile ................................................. 20.4.1 Adding a VDSL Alarm Profile ................................................. 20.4.2 Adding an ADSL/ADSL2+ Alarm Profile ................................. 20.4.3 Adding an SHDSL Alarm Profile ............................................. 20.4.4 Deleting an xDSL Alarm Profile .............................................. 20.4.5 Modifying an xDSL Alarm Profile ............................................ 20.4.6 Viewing the Configurations of an xDSL Alarm Profile ............ 20.4.7 Binding/Unbinding an xDSL Alarm Profile .............................. 20.5 Viewing the Information of an xDSL Port ........................................ 20.6 Maintaining an xDSL Port ............................................................... 20.6.1 Resetting an xDSL Port and Chipset ...................................... 20.6.2 Setting xDSL Port Loopback .................................................. 20.6.3 Testing the ATM Link Connectivity of an ADSL Port .............. 20.6.4 Single-ended Test of an ADSL2+ Port ................................... 20.6.5 Viewing the Bit Allocation of an ADSL2+ Port ........................
19-5 19-5 19-6 19-6 19-6 19-7 19-8 19-8 19-9 19-9 19-9 19-9 20-1 20-1 20-4 20-4 20-8 20-8 20-8 20-10 20-10 20-13 20-21 20-24 20-24 20-25 20-26 20-26 20-29 20-33 20-35 20-36 20-36 20-37 20-37 20-39 20-39 20-39 20-40 20-41 20-42
20.6.6 Viewing the Power State of an ADSL Port ............................. 20.7 VDSL CPE Management ................................................................ 20.7.1 Enabling/Disabling VDSL CPE Binding .................................. 20.7.2 Enabling/Disabling the Automatic Upgrade of VDSL CPE ..... 20.8 VDSL Configuration Example ......................................................... 20.8.1 Configuration Procedure......................................................... 20.8.2 Networking Description ........................................................... 20.8.3 Data Configuration.................................................................. 20.8.4 Verification .............................................................................. 20.9 ADSL/ADSL2+ Configuration Example ........................................... 20.9.1 Configuration Procedure......................................................... 20.9.2 Networking Description ........................................................... 20.9.3 Data Configuration.................................................................. 20.9.4 Verification .............................................................................. 20.10 SHDSL Configuration Example ..................................................... 20.10.1 Configuration Procedure ....................................................... 20.10.2 Networking Description......................................................... 20.10.3 Data Configuration ................................................................ 20.10.4 Verification ............................................................................ Chapter 21 PVC and Access Configuration ................................................. 21.1 Configuring a Single PVC ............................................................... 21.1.1 Setting the VPI and VCI .......................................................... 21.1.2 Setting the Connection Type of a Single PVC ........................ 21.1.3 Enabling/Disabling the Single-PVC Multi-service Dispatch .... 21.1.4 Viewing the Single-PVC Configuration ................................... 21.2 Configuring Multiple PVCs .............................................................. 21.2.1 Enabling/Disabling the Multi-PVC Function ............................ 21.2.2 Adding PVCs to a Port............................................................ 21.2.3 Deleting a PVC from a Port .................................................... 21.2.4 Modifying the PVC Configurations of a Port ........................... 21.2.5 Viewing the Configuration of Multi-PVC ................................. 21.3 Configuring IPoA ............................................................................. 21.3.1 Overview................................................................................. 21.3.2 Setting an IPoA Connection (Single-PVC) ............................. 21.3.3 Setting an IPoA Connection (Multi-PVC) ................................ 21.3.4 Setting the Source MAC Address ........................................... 21.3.5 Setting the Default IP Address of the Upper Layer Gateway ............................................................................................ 21.3.6 Setting the Mode of Obtaining Peer End IP Address ............. 21.3.7 Viewing IPoA information ....................................................... 21.3.8 L2 IPoA Access Configuration Example .................................
20-42 20-43 20-43 20-44 20-45 20-45 20-45 20-46 20-47 20-47 20-47 20-48 20-48 20-50 20-50 20-50 20-50 20-51 20-52 21-1 21-1 21-2 21-3 21-3 21-5 21-6 21-7 21-8 21-8 21-8 21-9 21-10 21-10 21-12 21-13 21-14 21-15 21-16 21-17 21-19
21.3.9 L3 IPoA Access Configuration Example ................................. 21.4 Configuring PPPoA ......................................................................... 21.4.1 Overview................................................................................. 21.4.2 Setting Up a PPPoA Connection (Single PVC) ...................... 21.4.3 Setting Up a PPPoA Connection (Multi-PVC) ........................ 21.4.4 Setting the PPPoA Source MAC Address .............................. 21.4.5 Setting the PPPoA Destination MAC Address........................ 21.4.6 Setting the PPPoA Session ID Area ....................................... 21.4.7 Viewing PPPoA Information ................................................... 21.4.8 PPPoA Access Configuration Example-Static Mode .............. 21.4.9 PPPoA Access Configuration Example-Dynamic Mode ......... 21.5 Configuring PITP ............................................................................. 21.5.1 Overview................................................................................. 21.5.2 Setting PITP V Mode .............................................................. 21.5.3 Setting the PITP P Mode ........................................................ 21.6 PPPoE Plus Configuration Example ............................................... Chapter 22 VLAN Configuration ................................................................... 22.1 Overview ......................................................................................... 22.2 Configuring a Common VLAN......................................................... 22.2.1 Configuring a Common VLAN ................................................ 22.2.2 Configuring VLANs in Batches ............................................... 22.2.3 Configuring the VLAN Trunk................................................... 22.2.4 Configuring a VLAN Interface ................................................. 22.2.5 VLAN Configuration Example (Configuring LAN Interconnection) ................................................................................. 22.2.6 VLAN Configuration Example (Configuring VLAN Trunk Interconnection) ................................................................................. 22.3 Configuring a Smart VLAN .............................................................. 22.3.1 Setting/Canceling a VLAN as a Smart VLAN ......................... 22.3.2 Adding/Deleting an Upstream Port to/from a Smart VLAN ..... 22.3.3 Adding/Deleting an Downstream Port to/from a Smart VLAN ................................................................................................. 22.3.4 Viewing Smart VLAN Information ........................................... 22.3.5 Smart VLAN Configuration Example (Access Mode) ............. 22.3.6 Smart VLAN Configuration Example (Trunk Mode) ................ 22.3.7 Smart VLAN Configuration Example-Comprehensive Application ......................................................................................... 22.4 Configuring a MUX VLAN ............................................................... 22.4.1 Enabling/Disabling a MUX VLAN ........................................... 22.4.2 Configuring the MUX VLAN Configuration Profile .................. 22.4.3 Specifying the Upstream Port and Range of Local MUX VLANs ...............................................................................................
21-22 21-24 21-24 21-26 21-27 21-28 21-28 21-28 21-30 21-30 21-33 21-35 21-35 21-36 21-37 21-40 22-1 22-1 22-1 22-2 22-4 22-5 22-6 22-7 22-11 22-14 22-14 22-15 22-15 22-16 22-17 22-18 22-20 22-24 22-26 22-26 22-27
22.4.4 Specifying the Cascading Port and Range of Cascaded MUX VLANs ...................................................................................... 22.4.5 Setting the MUX VLANs for a Specified Service Board .......... 22.4.6 Setting the MUX VLAN for a Specified Port ........................... 22.4.7 Viewing MUX VLAN information ............................................. 22.4.8 Basic Application of MUX VLAN ............................................. 22.4.9 MUX VLAN Cascading Application ......................................... 22.4.10 Comprehensive MUX VLAN Application .............................. 22.4.11 Notes for Using MUX VLAN ................................................. 22.5 Configuring a QinQ VLAN ............................................................... 22.5.1 Overview................................................................................. 22.5.2 Setting a Common VLAN as a QinQ VLAN ............................ 22.5.3 Adding/Deleting an Upstream Port to/from a QinQ VLAN ...... 22.5.4 Adding/Deleting a Downstream Port to/from a QinQ VLAN ... 22.5.5 Configuring a QinQ VLAN PVC .............................................. 22.5.6 Viewing the Configuration of a QinQ VLAN ............................ 22.5.7 QinQ VLAN Configuration Example ....................................... 22.6 Configuring VLAN Stacking ............................................................ 22.6.1 Overview................................................................................. 22.6.2 Configuring a Common VLAN as a VLAN Stacking ............... 22.6.3 Adding/Deleting an Upstream Port to/from a VLAN Stacking ............................................................................................. 22.6.4 Adding/Deleting a Downstream Port to/from a VLAN Stacking ............................................................................................. 22.6.5 Configuring the Inner VLAN Tag for a VLAN Stacking Port/PVC ............................................................................................ 22.6.6 Configuring a Port/PVCs Inner Priority ................................ 22.6.7 Configuring a VLAN Stacking PVC ......................................... 22.6.8 Viewing the Configuration of a VLAN Stacking ...................... 22.6.9 VLAN Stacking Configuration Example .................................. Chapter 23 IGMP Snooping Configuration ................................................... 23.1 Overview ......................................................................................... 23.1.1 IGMP Snooping Principle ....................................................... 23.1.2 Implementation of IGMP Snooping ......................................... 23.2 Configuring IGMP Snooping ........................................................... 23.2.1 Enabling/Disabling IGMP Snooping Globally ......................... 23.2.2 Setting the Aging Time of Multicast Group Member Port ....... 23.2.3 Setting the Aging Time of the Router Port .............................. 23.2.4 Setting the Maximum Response Time.................................... 23.2.5 Enabling a User to Leave a Multicast Group Fast .................. 23.2.6 Setting a Router Port .............................................................. 23.2.7 Viewing IGMP Snooping Information ......................................
22-28 22-28 22-29 22-29 22-30 22-34 22-39 22-44 22-45 22-45 22-46 22-46 22-47 22-48 22-49 22-49 22-51 22-51 22-53 22-53 22-54 22-55 22-55 22-56 22-56 22-57 23-1 23-1 23-1 23-2 23-5 23-6 23-6 23-6 23-6 23-7 23-7 23-7
23.3 Configuring Multicast VLAN ............................................................ 23.3.1 Setting the Upstream Port of a Multicast VLAN ...................... 23.3.2 Setting the Downstream Port of a Multicast VLAN ................. 23.3.3 Viewing the Multicast VLAN ................................................... 23.3.4 Multicast VLAN Configuration Example .................................. 23.4 Troubleshooting IGMP Snooping .................................................... Chapter 24 IGMP Proxy Configuration ......................................................... 24.1 Overview ......................................................................................... 24.2 Configuring Basic IGMP Proxy ....................................................... 24.2.1 Enabling/Disabling IGMP Proxy ............................................. 24.2.2 Setting the Master Upstream Port .......................................... 24.2.3 Setting the Parameters for a Multicast Router........................ 24.2.4 Setting the Static Multicast Members of an IGMP Proxy Group ................................................................................................. 24.3 Configuring the Program Library and Authority Profile ................... 24.3.1 Maintaining a Program Library ............................................... 24.3.2 Setting the Authority Profile .................................................... 24.3.3 Setting the User Authority ....................................................... 24.4 Viewing IGMP Proxy Information .................................................... Chapter 25 ISU Configuration ...................................................................... 25.1 Overview ......................................................................................... 25.2 Configuring an ISU Board ...............................................................
23-8 23-9 23-10 23-10 23-11 23-14 24-1 24-1 24-2 24-2 24-3 24-3 24-5 24-6 24-8 24-10 24-13 24-16 25-1 25-1 25-2
26.5 Loading ........................................................................................... 26.5.1 Loading the Version Supporting Auto Online Upgrading ........ 26.5.2 Loading the Version Not Supporting Auto Online Upgrading .......................................................................................... 26.6 Backup ............................................................................................ 26.6.1 Viewing and Saving the System Configuration Files .............. 26.6.2 Backing Up the System Data Using TFTP ............................. 26.6.3 Backing Up the System Data Using FTP ................................ 26.7 Patch Management ......................................................................... 26.7.1 Overview................................................................................. 26.7.2 Procedure for Patch Operations ............................................. 26.8 Patch Loading Examples ................................................................ Chapter 27 Logs and Alarms........................................................................ 27.1 Log Management ............................................................................ 27.1.1 Viewing Logs .......................................................................... 27.1.2 Setting the Log Host ............................................................... 27.2 Configuring Alarms ......................................................................... 27.2.1 Viewing Alarm Records .......................................................... 27.2.2 Viewing the Alarm Configuration ............................................ 27.2.3 Setting Alarm Levels............................................................... 27.2.4 Setting the Alarm Output on a CLI Terminal........................... 27.2.5 Setting Alarm Statistics ........................................................... 27.2.6 Setting the Alarm Threshold ................................................... 27.2.7 Viewing/Clearing Alarm Statistics ........................................... 27.2.8 Viewing Basic Alarm Information ............................................ Chapter 28 Active/Standby Switchover ........................................................ 28.1 Overview ......................................................................................... 28.1.1 Basic Principles ...................................................................... 28.1.2 Active/Standby Switchover Modes ......................................... 28.2 Preconditions for Active/Standby Switchover ................................. 28.3 MA5300+Dual-ISU Active/Standby Switchover .............................. 28.4 ESM+EIU Active/Standby Switchover ............................................ 28.4.1 Establishing the Switch-over Environment ............................. 28.4.2 Active/Standby Switchover Configuration Commands ........... 28.4.3 Setting the Automatic Switchover ........................................... 28.4.4 Setting the Manual Switchover ............................................... Chapter 29 Environment Monitoring Management....................................... 29.1 Overview ......................................................................................... 29.2 Configuration Procedure ................................................................. 29.3 Configuring an EMU........................................................................ 29.3.1 Adding/Deleting/Viewing an EMU ...........................................
26-11 26-12 26-12 26-19 26-19 26-21 26-22 26-23 26-23 26-25 26-25 27-1 27-1 27-1 27-2 27-2 27-4 27-6 27-6 27-7 27-8 27-9 27-10 27-10 28-1 28-1 28-1 28-2 28-3 28-3 28-8 28-8 28-8 28-10 28-10 29-1 29-1 29-2 29-2 29-3
29.3.2 Entering the EMU Configuration Mode ................................... 29.5 Configuring EMU-Power 4875/4845 ............................................... 29.4.1 Setting H303ESC Environment Monitor Parameters .............. 29.4.2 Viewing the H303ESC Environment Information .................... 29.5 Configuring EMU-Power 4875/4845 ............................................... 29.5.1 Configuring the 4875/4845 Power Module ............................. 29.5.2 Viewing the Information on POWER4875/4845 ..................... 29.6 Configuring EMU-DIS ..................................................................... 29.6.1 Setting DIS Parameters .......................................................... 29.6.2 Viewing DIS Information ......................................................... 29.7 Configuration Example .................................................................... 29.7.1 Setting H303ESC ................................................................... 29.7.2 Setting a DIS ..........................................................................
29-5 29-6 29-6 29-7 29-8 29-9 29-10 29-11 29-12 29-12 29-13 29-13 29-16
Part 5 Appendix
Table of Contents ......................................................................................... Appendix A Acronyms and Abbreviations .................................................... i A-1
Index ................................................................................................
HUAWEI
1. Basic Operations 2. Basic Configuration 3. Service Configuration 4. Maintenance Operations 5. Appendix
Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. Please feel free to contact our local office or company headquarters.
Trademarks
TELLIN, InfoLink, Netkey, Quidway, SYNLOCK, Radium, M900/M1800, TELESIGHT, Quidview, Musa, Airbridge, Tellwin, Inmedia, VRP, DOPRA, iTELLIN, HUAWEI OptiX, C&C08 iNET, NETENGINE, OptiX, iSite, U-SYS, iMUSE, OpenEye, Lansway, SmartAX, infoX, and TopEng are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this manual are the property of their respective holders.
Notice
The information in this manual is subject to change without notice. Every effort has been made in the preparation of this manual to ensure accuracy of the contents, but all statements, information, and recommendations in this manual do not constitute the warranty of any kind, express or implied.
Related Manuals
The following manuals provide information about the MA5300/5303. Manual SmartAX MA5300/5303 Broadband Access System Technical Manual SmartAX MA5300/5303 Broadband Access System Operation Manual SmartAX MA5300/5303 Broadband Access System Command Help (CD-ROM) SmartAX MA5300/5303 Broadband Access System Hardware Description SmartAX MA5300 Broadband Access System Installation Manual SmartAX MA5303 Broadband Access System Installation Manual SmartAX MA5300/5303 Broadband Access System Troubleshooting Manual Documentation CD ROM Content It provides an overall introduction to the MA5300 Series, including the major functions, system structure, service implementation, management & maintenance, networking & applications. It is used for assisting the users in general operations of the MA5300 Series, data configurations and typical applications. It introduces all commands available in the MA5300 Series, as well as the command usage and examples. It is only available in electronic form. It introduces the hardware components of the MA5300 and MA5303, including the service frames, boards, and cables. It provides information on the system installation of the MA5300. It provides information on the system installation of the MA5303. It assists you in analyzing and handling some common faults. It contains the package of documentation.
Special care shall be taken in configuring data for the MA5303 slot. The system will issue alarms for configurations in the wrong slot number.
Organization
The manual assists the users in general operations, data configurations and typical applications of the MA5300. There are four parts in the manual, including: Part 1 Basic Operations details the maintenance terminal configuration, basic system operation, user management, line management, board management, network management configuration and RMON configuration. Part 2 Basic Configuration details the MAC address management, DHCP Relay configuration, ARP configuration, STP configuration, cluster management configuration, AAA and RADIUS configuration, 802.1x configuration, ACL and QoS configuration and routing protocol configuration.
Part 3 Service Configuration describes configuration of Ethernet, VDLS, ADSL, ADSL2+ and SHDSL ports, PVC and access configuration, VLAN configuration, multicast configuration and ISU configuration. Part 4 Maintenance Operations elaborates on maintenance operations including file management, loading & backup, patch management, log & alarm management, , active/standby switchover, and environment monitoring management. Appendix lists acronyms and abbreviations involved in this manual.
Intended Audience
The manual is intended for the following readers: Network designers Network administrators xDSL system engineers
Conventions
The manual uses the following conventions:
I. General conventions
Convention Arial Boldface Courier New Description Normal paragraphs are in Arial. Headings are in Boldface. Terminal Display is in Courier New.
Convention { x | y | ... } *
Description Alternative items are grouped in braces and separated by vertical bars. A minimum of one or a maximum of all can be selected. Optional alternative items are grouped in square brackets and separated by vertical bars. Many or none can be selected.
[ x | y | ... ] *
[]
V. Mouse operation
Action Click Double Click Drag Description Press the left button or right button quickly (left button by default). Press the left button twice continuously and quickly. Press and hold the left button and drag it to a certain position.
VI. Symbols
Eye-catching symbols are also used in the manual to highlight the points worthy of special attention during the operation. They are defined as follows:
Caution: Means reader be extremely careful during the operation. Note: Means a complementary description.
Table of Contents
Table of Contents
01-Basic Operations
Chapter 1 Maintenance Terminal Configuration ........................................................................ 1-1 1.1 Configuring the Local Serial Terminal ............................................................................... 1-1 1.2 Configuring the Remote Serial Terminal ........................................................................... 1-7 1.3 Configuring the Telnet Environment .................................................................................. 1-7 Chapter 2 Basic System Operations ........................................................................................... 2-1 2.1 Command Line Operation Characteristics......................................................................... 2-2 2.1.1 Intelligent Matching ................................................................................................. 2-2 2.1.2 Edit Characteristics ................................................................................................. 2-2 2.1.3 Display Characteristics............................................................................................ 2-3 2.1.4 Command Line Error Prompts ................................................................................ 2-4 2.1.5 Command Modes .................................................................................................... 2-4 2.2 Online Help ........................................................................................................................ 2-6 2.3 Setting the Interactive Mode .............................................................................................. 2-7 2.4 Switching the Terminal Languages.................................................................................... 2-8 2.5 Setting the System Time.................................................................................................... 2-8 2.6 Setting the System Name .................................................................................................. 2-8 2.7 Setting the Terminal Type.................................................................................................. 2-9 2.8 Setting the Timeout Exit..................................................................................................... 2-9 2.9 Setting the Terminal Screen Length .................................................................................. 2-9 2.10 Setting the Terminal Screen Clearance......................................................................... 2-10 2.11 Viewing the Hardware/Software Version ....................................................................... 2-10 2.12 Viewing History Commands........................................................................................... 2-11 2.13 Viewing the CPU Occupancy Ratio ............................................................................... 2-11 2.14 Network Testing Tools ................................................................................................... 2-11 Chapter 3 User Management........................................................................................................ 3-1 3.1 Overview ............................................................................................................................ 3-1 3.2 Adding/Deleting a User...................................................................................................... 3-2 3.2.1 Adding a User.......................................................................................................... 3-2 3.2.2 Deleting a User........................................................................................................ 3-3 3.3 Modifying User Attributes................................................................................................... 3-4 3.4 Viewing User Information................................................................................................... 3-5 Chapter 4 Line Configuration....................................................................................................... 4-1 4.1 Overview ............................................................................................................................ 4-1 4.2 Entering Line Configuration Mode ..................................................................................... 4-3 4.3 Configuring the Attributes of an Asynchronous Interface .................................................. 4-3
Huawei Technologies Proprietary i
Table of Contents
4.4 Defining HyperTerminal Attributes..................................................................................... 4-4 4.5 Viewing Line Information ................................................................................................... 4-6 Chapter 5 Board Management ..................................................................................................... 5-1 5.1 Overview ............................................................................................................................ 5-1 5.2 Viewing a Board................................................................................................................. 5-2 5.3 Adding a Board .................................................................................................................. 5-4 5.4 Confirming a Board............................................................................................................ 5-5 5.5 Deleting a Board ................................................................................................................ 5-6 5.6 Resetting a Board .............................................................................................................. 5-6 5.7 Replacing a Board ............................................................................................................. 5-7 Chapter 6 Network Management Configuration......................................................................... 6-1 6.1 Overview ............................................................................................................................ 6-1 6.2 Configuring SNMP ............................................................................................................. 6-1 6.2.1 Overview ................................................................................................................. 6-1 6.2.2 Setting the Community Name ................................................................................. 6-4 6.2.3 Setting the Trap Sending ........................................................................................ 6-4 6.2.4 Setting Management Attributes............................................................................... 6-5 6.2.5 Setting the SNMP Packet Size................................................................................ 6-6 6.2.6 Setting the Name of Local or Remote Device......................................................... 6-6 6.2.7 Setting an SNMP V3 Group .................................................................................... 6-6 6.2.8 Adding/Deleting a User to/from an SNMP Group ................................................... 6-7 6.2.9 Creating/Modifying/Deleting/Viewing the View Information .................................... 6-8 6.3 Configuring the Outband NMS........................................................................................... 6-8 6.3.1 Setting the IP Address of an Outband Port............................................................. 6-9 6.3.2 Setting Outband NMS Routes................................................................................. 6-9 6.3.3 Outband NMS Configuration Example.................................................................. 6-10 6.4 Configuring the Inband NMS ........................................................................................... 6-11 6.4.1 Setting the IP Address of Inband NMS ................................................................. 6-11 6.4.2 Setting Inband NMS Routes.................................................................................. 6-12 6.4.3 Adding an ACL ...................................................................................................... 6-12 6.4.4 Inband NMS Configuration Example..................................................................... 6-14 Chapter 7 RMON Configuration ................................................................................................... 7-1 7.1 Overview ............................................................................................................................ 7-1 7.2 Configuring RMON ............................................................................................................ 7-2 7.2.1 Adding/Deleting an Entry to/from the Alarm Table.................................................. 7-2 7.2.2 Adding/Deleting an Entry to/from the Event Table.................................................. 7-3 7.2.3 Adding/Deleting an Entry to/from the History Control Table ................................... 7-3 7.2.4 Adding/Deleting an Entry to/from the Statistics Table............................................. 7-4 7.2.5 Viewing RMON Information..................................................................................... 7-4 7.3 RMON Configuration Example .......................................................................................... 7-5
Table of Contents
02-Basic Configuration
Chapter 8 MAC Address Management ........................................................................................ 8-1 8.1 Overview ............................................................................................................................ 8-1 8.2 Configuring MAC Address Table ....................................................................................... 8-2 8.2.1 Adding/Modifying/Deleting Address Items .............................................................. 8-2 8.2.2 Enabling/Disabling the Address Learning ............................................................... 8-3 8.2.3 Setting the MAC Address Learning for a Port......................................................... 8-3 8.2.4 Setting the System MAC Address Aging ................................................................ 8-4 8.2.5 Restoring the Default MAC Address of Main Control Boards ................................. 8-5 8.3 Viewing the MAC Address Table ....................................................................................... 8-5 Chapter 9 DHCP Relay Configuration ......................................................................................... 9-1 9.1 Overview ............................................................................................................................ 9-1 9.2 Configuring a DHCP Server............................................................................................... 9-2 9.2.1 Setting a DHCP Server ........................................................................................... 9-3 9.2.2 Setting the DHCP Relay Standard Mode (VLAN Interface).................................... 9-5 9.2.3 Setting DHCP Option60 .......................................................................................... 9-6 9.2.4 Setting the MAC Address Segment ........................................................................ 9-7 9.3 Enabling the Switching Between DHCP L2/L3 Relay........................................................ 9-9 9.4 Configuring the DHCP Relay Agent Information Option.................................................. 9-10 9.4.1 Enabling/Disabling DHCP Option82 ..................................................................... 9-11 9.4.2 Setting Whether a DHCP packet Includes a Sub-option....................................... 9-12 9.4.3 Setting the Maximum Length of DHCP Packets ................................................... 9-13 9.4.4 Viewing the Information on DHCP Option82 Configuration .................................. 9-13 9.5 Configuration Example .................................................................................................... 9-14 9.6 DHCP Relay Troubleshooting.......................................................................................... 9-15 Chapter 10 ARP Configuration................................................................................................... 10-1 10.1 Overview ........................................................................................................................ 10-1 10.2 Configuring the Static ARP ............................................................................................ 10-2 Chapter 11 STP Configuration ................................................................................................... 11-1 11.1 Overview ........................................................................................................................ 11-1 11.1.1 Introduction to STP ............................................................................................. 11-1 11.1.2 Specific Calculation Process of STP Algorithm .................................................. 11-1 11.1.3 Setting the BPDU Forwarding Mechanism in STP.............................................. 11-6 11.2 Configuring RSTP.......................................................................................................... 11-7 11.2.1 Enabling/Disabling RSTP.................................................................................... 11-8 11.2.2 Setting/Switching the Operating Mode of RSTP ................................................. 11-9 11.2.3 Setting the Network Diameter ........................................................................... 11-10 11.2.4 Setting the Parameters of a Specified Bridge ................................................... 11-10 11.2.5 Setting the Parameters of a Specified Port....................................................... 11-12 11.2.6 Viewing RSTP Information ................................................................................ 11-14
Table of Contents
Chapter 12 Cluster Management Configuration....................................................................... 12-1 12.1 Overview ........................................................................................................................ 12-1 12.1.1 Brief Introduction to Cluster Management .......................................................... 12-1 12.1.1 Cluster Roles....................................................................................................... 12-2 12.1.2 Brief Introduction to HGMP ................................................................................. 12-3 12.2 Configuring HDP ............................................................................................................ 12-5 12.2.1 Setting HDP......................................................................................................... 12-6 12.2.2 Viewing HDP Information .................................................................................... 12-7 12.3 Configuring HTP ............................................................................................................ 12-8 12.3.1 Introduction to HTP ............................................................................................. 12-8 12.3.2 Setting HTP ......................................................................................................... 12-9 12.3.3 Viewing HTP Information .................................................................................. 12-12 12.4 Configuring a Cluster ................................................................................................... 12-12 12.4.1 Enabling/Disabling the Cluster Function ........................................................... 12-14 12.4.2 Setting the Cluster IP Address Pool.................................................................. 12-14 12.4.3 Specify the Command Device........................................................................... 12-15 12.4.4 Adding/Deleting a Cluster Member ................................................................... 12-15 12.4.5 Setting the Cluster Parameters ......................................................................... 12-17 12.4.6 Setting the Member Accessing ......................................................................... 12-20 12.4.7 Viewing Cluster Information .............................................................................. 12-22 12.5 Cluster Management Configuration Example.............................................................. 12-23 Chapter 13 AAA and RADIUS Configuration ............................................................................ 13-1 13.1 Overview ........................................................................................................................ 13-1 13.1.1 Introduction to AAA ............................................................................................. 13-1 13.1.2 Introduction to RADIUS....................................................................................... 13-1 13.1.3 Implementing AAA on the MA5300 ..................................................................... 13-2 13.2 Configuring AAA ............................................................................................................ 13-3 13.2.1 Setting an Authentication/Authorization Scheme................................................ 13-5 13.2.2 Setting an Accounting Scheme ........................................................................... 13-6 13.2.3 Creating/Deleting an ISP Domain ....................................................................... 13-6 13.2.4 Configuring a User ............................................................................................ 13-10 13.2.5 Viewing AAA Information .................................................................................. 13-11 13.3 Configuring RADIUS.................................................................................................... 13-11 13.3.1 Creating/Deleting a RADIUS Server Group ...................................................... 13-14 13.3.2 Setting the IP Address and Port Number of RADIUS Server ........................... 13-14 13.3.3 Setting the Encryption Key of RADIUS Packet ................................................. 13-15 13.3.4 Setting the Response Timeout Timer of RADIUS Server ................................. 13-16 13.3.5 Setting the Retransmit Times of RADIUS Request Packet .............................. 13-16 13.3.6 Setting the Realtime Accounting Interval .......................................................... 13-16 13.3.7 Setting the Maximum Failure Count of Realtime Accounting Request ............. 13-17 13.3.8 Setting the Maximum Times for Resending Account-Stop Request................. 13-18 13.3.9 Setting the RADIUS Server Type...................................................................... 13-18
Huawei Technologies Proprietary iv
Table of Contents
13.3.10 Setting the RADIUS Server State ................................................................... 13-18 13.3.11 Setting the Format of Username Sent to RADIUS Server .............................. 13-19 13.4 Viewing RADIUS Information....................................................................................... 13-19 13.5 AAA and RADIUS Configuration Example .................................................................. 13-20 13.6 Fault Diagnosis and Troubleshooting .......................................................................... 13-20 Chapter 14 802.1x Configuration ............................................................................................... 14-1 14.1 Overview ........................................................................................................................ 14-1 14.1.1 Introduction to 802.1x.......................................................................................... 14-1 14.1.2 802.1x System Architecture ................................................................................ 14-1 14.1.3 802.1x Authentication Process............................................................................ 14-3 14.1.4 Implementing 802.1x on MA5300 ....................................................................... 14-4 14.2 Configuring 802.1x......................................................................................................... 14-4 14.2.1 Enabling/Disabling 802.1x................................................................................... 14-5 14.2.2 Setting the Port Access Control Mode ................................................................ 14-6 14.2.3 Setting the Port Access Control Method ............................................................. 14-6 14.2.4 Setting the Number of Users Per Port ................................................................ 14-7 14.2.5 Enabling/Disabling the DHCP Trigger Authentication......................................... 14-7 14.2.6 Setting the Authenticator-to-Supplicant Frame-Retry Times .............................. 14-7 14.2.7 Configuring the Timer Parameters ...................................................................... 14-7 14.2.8 Viewing 802.1x Information................................................................................. 14-8 14.3 802.1x Configuration Example....................................................................................... 14-8 14.3.1 802.1x Access (Local Authentication)................................................................. 14-9 14.3.2 802.1x Access (Remote Authentication)........................................................... 14-11 Chapter 15 ACL Configuration................................................................................................... 15-1 15.1 Introduction to ACL ........................................................................................................ 15-1 15.1.1 Overview ............................................................................................................. 15-1 15.1.2 Setting the Match Order ...................................................................................... 15-1 15.1.3 ACLs Supported by the MA5300......................................................................... 15-2 15.2 Configuring an ACL ....................................................................................................... 15-3 15.2.1 Setting the Time Range ...................................................................................... 15-3 15.2.2 Defining an ACL .................................................................................................. 15-4 15.2.3 Activating an ACL................................................................................................ 15-9 15.2.4 Viewing ACL Information................................................................................... 15-11 15.3 ACL Configuration Example ........................................................................................ 15-12 Chapter 16 QoS Configuration................................................................................................... 16-1 16.1 Overview ........................................................................................................................ 16-1 16.2 Configuring QoS ............................................................................................................ 16-5 16.2.1 Setting the Traffic Policing .................................................................................. 16-6 16.2.2 Setting the Port Rate Limit .................................................................................. 16-7 16.2.3 Setting the Packet Redirection............................................................................ 16-7 16.2.4 Setting the Priority Tag........................................................................................ 16-7
Table of Contents
16.2.5 Setting the Queue Scheduling ............................................................................ 16-9 16.2.6 Setting the Traffic Mirroring................................................................................. 16-9 16.2.7 Setting Traffic Statistics..................................................................................... 16-10 16.2.8 Viewing QoS Information .................................................................................. 16-11 16.3 QoS Configuration Example ........................................................................................ 16-12 Chapter 17 IP Performance Configuration................................................................................ 17-1 17.1 Configuring the TCP Attributes ...................................................................................... 17-1 17.2 Viewing and Debugging the IP Performance................................................................. 17-2 17.3 IP Performance Troubleshooting ................................................................................... 17-2 Chapter 18 Overview of IP Routing Protocol............................................................................ 18-1 18.1 IP Routing and Routing Table........................................................................................ 18-1 18.1.1 Route and Route Segment.................................................................................. 18-1 18.1.2 Route Selection through the Routing Table ........................................................ 18-2 18.2 Route Management Policy............................................................................................. 18-4 18.2.1 Routing Protocols and Routing Priority ............................................................... 18-4 18.2.2 Load Sharing and Route Backup ........................................................................ 18-5 18.3 Configuring a Static Route............................................................................................. 18-5 18.3.1 Overview ............................................................................................................. 18-5 18.3.2 Setting a Static Route ......................................................................................... 18-6 18.3.3 Viewing a Static Route ........................................................................................ 18-8 18.3.4 Static Route Configuration Example ................................................................... 18-9 18.3.5 Static Route Troubleshooting............................................................................ 18-10 18.4 Configuring OSPF........................................................................................................ 18-10 18.4.1 Overview ........................................................................................................... 18-10 18.4.2 Setting OSPF .................................................................................................... 18-15 18.4.3 Viewing OSPF Information................................................................................ 18-34 18.4.4 OSPF Configuration Example (Setting DR Election by OSPF Preference)...... 18-35 18.4.5 OSPF Configuration Example (Setting OSPF Virtual Links)............................. 18-38 18.4.6 OSPF Troubleshooting...................................................................................... 18-39
03-Service Configuration
Chapter 19 Ethernet Port Configuration ................................................................................... 19-1 19.1 Overview ........................................................................................................................ 19-1 19.2 Configuring an Ethernet Port ......................................................................................... 19-4 19.2.1 Setting Port Physical Properties.......................................................................... 19-4 19.2.2 Setting the Port Flow Control .............................................................................. 19-4 19.2.3 Setting the Port Broadcast Storm Suppression .................................................. 19-5 19.2.4 Setting the Port Priority Level.............................................................................. 19-5 19.2.5 Setting the Maximum Multicast Group Counts.................................................... 19-5 19.2.6 Enabling/Disabling the Long Frames on an Ethernet Port.................................. 19-6 19.2.7 Setting the MAC Address Learning for an Ethernet Port .................................... 19-6 19.2.8 Setting the Port Aggregation ............................................................................... 19-7
Huawei Technologies Proprietary vi
Table of Contents
19.2.9 Adding an Ethernet Port to a VLAN .................................................................... 19-8 19.2.10 Setting the Ethernet Port Working Mode .......................................................... 19-8 19.2.11 Enabling/Disabling an Ethernet Port ................................................................. 19-8 19.3 Viewing/Clearing Ethernet Port Information .................................................................. 19-9 19.3.1 Viewing Ethernet Port Information ...................................................................... 19-9 19.3.2 Clearing the Ethernet Port Information ............................................................... 19-9 Chapter 20 xDSL Port Configuration......................................................................................... 20-1 20.1 Overview ........................................................................................................................ 20-1 20.2 Configuring an xDSL port .............................................................................................. 20-4 20.2.1 Setting the Parameters of an xDSL Port............................................................. 20-4 20.2.2 Description of xDSL Port Status.......................................................................... 20-8 20.2.3 Blocking/Unblocking an xDSL Port ..................................................................... 20-8 20.2.4 Activating/Deactivating an xDSL Port ................................................................. 20-8 20.3 Configuring an xDSL Line Profile................................................................................. 20-10 20.3.1 Adding a VDSL line profile ................................................................................ 20-10 20.3.2 Adding an ADSL/ADSL2+ Line profile .............................................................. 20-13 20.3.3 Adding an SHDSL Line Profile .......................................................................... 20-21 20.3.4 Deleting an xDSL Line Profile ........................................................................... 20-24 20.3.5 Modifying an xDSL Line Profile ......................................................................... 20-24 20.3.6 Viewing an xDSL Line Profile............................................................................ 20-25 20.4 Configuring an xDSL Alarm Profile .............................................................................. 20-26 20.4.1 Adding a VDSL Alarm Profile ............................................................................ 20-26 20.4.2 Adding an ADSL/ADSL2+ Alarm Profile ........................................................... 20-29 20.4.3 Adding an SHDSL Alarm Profile ....................................................................... 20-33 20.4.4 Deleting an xDSL Alarm Profile......................................................................... 20-35 20.4.5 Modifying an xDSL Alarm Profile ...................................................................... 20-36 20.4.6 Viewing the Configurations of an xDSL Alarm Profile....................................... 20-36 20.4.7 Binding/Unbinding an xDSL Alarm Profile ........................................................ 20-37 20.5 Viewing the Information of an xDSL Port..................................................................... 20-37 20.6 Maintaining an xDSL Port ............................................................................................ 20-39 20.6.1 Resetting an xDSL Port and Chipset ................................................................ 20-39 20.6.2 Setting xDSL Port Loopback ............................................................................. 20-39 20.6.3 Testing the ATM Link Connectivity of an ADSL Port ........................................ 20-40 20.6.4 Single-ended Test of an ADSL2+ Port.............................................................. 20-41 20.6.5 Viewing the Bit Allocation of an ADSL2+ Port .................................................. 20-42 20.6.6 Viewing the Power State of an ADSL Port........................................................ 20-42 20.7 VDSL CPE Management ............................................................................................. 20-43 20.7.1 Enabling/Disabling VDSL CPE Binding ............................................................ 20-43 20.7.2 Enabling/Disabling the Automatic Upgrade of VDSL CPE ............................... 20-44 20.8 VDSL Configuration Example ...................................................................................... 20-45 20.8.1 Configuration Procedure ................................................................................... 20-45 20.8.2 Networking Description ..................................................................................... 20-45
Huawei Technologies Proprietary vii
Table of Contents
20.8.3 Data Configuration ............................................................................................ 20-46 20.8.4 Verification......................................................................................................... 20-47 20.9 ADSL/ADSL2+ Configuration Example ....................................................................... 20-47 20.9.1 Configuration Procedure ................................................................................... 20-47 20.9.2 Networking Description ..................................................................................... 20-48 20.9.3 Data Configuration ............................................................................................ 20-48 20.9.4 Verification......................................................................................................... 20-50 20.10 SHDSL Configuration Example ................................................................................. 20-50 20.10.1 Configuration Procedure ................................................................................. 20-50 20.10.2 Networking Description ................................................................................... 20-50 20.10.3 Data Configuration .......................................................................................... 20-51 20.10.4 Verification....................................................................................................... 20-52 Chapter 21 PVC and Access Configuration.............................................................................. 21-1 21.1 Configuring a Single PVC .............................................................................................. 21-1 21.1.1 Setting the VPI and VCI ...................................................................................... 21-2 21.1.2 Setting the Connection Type of a Single PVC .................................................... 21-3 21.1.3 Enabling/Disabling the Single-PVC Multi-service Dispatch ................................ 21-3 21.1.4 Viewing the Single-PVC Configuration ............................................................... 21-5 21.2 Configuring Multiple PVCs............................................................................................. 21-6 21.2.1 Enabling/Disabling the Multi-PVC Function ........................................................ 21-7 21.2.2 Adding PVCs to a Port ........................................................................................ 21-8 21.2.3 Deleting a PVC from a Port................................................................................. 21-8 21.2.4 Modifying the PVC Configurations of a Port ....................................................... 21-8 21.2.5 Viewing the Configuration of Multi-PVC.............................................................. 21-9 21.3 Configuring IPoA.......................................................................................................... 21-10 21.3.1 Overview ........................................................................................................... 21-10 21.3.2 Setting an IPoA Connection (Single-PVC)........................................................ 21-12 21.3.3 Setting an IPoA Connection (Multi-PVC) .......................................................... 21-13 21.3.4 Setting the Source MAC Address ..................................................................... 21-14 21.3.5 Setting the Default IP Address of the Upper Layer Gateway............................ 21-15 21.3.6 Setting the Mode of Obtaining Peer End IP Address........................................ 21-16 21.3.7 Viewing IPoA information .................................................................................. 21-17 21.3.8 L2 IPoA Access Configuration Example ........................................................... 21-19 21.3.9 L3 IPoA Access Configuration Example ........................................................... 21-22 21.4 Configuring PPPoA...................................................................................................... 21-24 21.4.1 Overview ........................................................................................................... 21-24 21.4.2 Setting Up a PPPoA Connection (Single PVC)................................................. 21-26 21.4.3 Setting Up a PPPoA Connection (Multi-PVC)................................................... 21-27 21.4.4 Setting the PPPoA Source MAC Address......................................................... 21-28 21.4.5 Setting the PPPoA Destination MAC Address .................................................. 21-28 21.4.6 Setting the PPPoA Session ID Area ................................................................. 21-28 21.4.7 Viewing PPPoA Information .............................................................................. 21-30
Huawei Technologies Proprietary viii
Table of Contents
21.4.8 PPPoA Access Configuration Example-Static Mode ........................................ 21-30 21.4.9 PPPoA Access Configuration Example-Dynamic Mode ................................... 21-33 21.5 Configuring PITP.......................................................................................................... 21-35 21.5.1 Overview ........................................................................................................... 21-35 21.5.2 Setting PITP V Mode......................................................................................... 21-36 21.5.3 Setting the PITP P Mode................................................................................... 21-37 21.6 PPPoE Plus Configuration Example............................................................................ 21-40 Chapter 22 VLAN Configuration ................................................................................................ 22-1 22.1 Overview ........................................................................................................................ 22-1 22.2 Configuring a Common VLAN ....................................................................................... 22-1 22.2.1 Configuring a Common VLAN............................................................................. 22-2 22.2.2 Configuring VLANs in Batches............................................................................ 22-4 22.2.3 Configuring the VLAN Trunk ............................................................................... 22-5 22.2.4 Configuring a VLAN Interface ............................................................................. 22-6 22.2.5 VLAN Configuration Example (Configuring LAN Interconnection)...................... 22-7 22.2.6 VLAN Configuration Example (Configuring VLAN Trunk Interconnection) ....... 22-11 22.3 Configuring a Smart VLAN .......................................................................................... 22-14 22.3.1 Setting/Canceling a VLAN as a Smart VLAN.................................................... 22-14 22.3.2 Adding/Deleting an Upstream Port to/from a Smart VLAN ............................... 22-15 22.3.3 Adding/Deleting an Downstream Port to/from a Smart VLAN .......................... 22-15 22.3.4 Viewing Smart VLAN Information...................................................................... 22-16 22.3.5 Smart VLAN Configuration Example (Access Mode)........................................ 22-17 22.3.6 Smart VLAN Configuration Example (Trunk Mode) .......................................... 22-18 22.3.7 Smart VLAN Configuration Example-Comprehensive Application ................... 22-20 22.4 Configuring a MUX VLAN ............................................................................................ 22-24 22.4.1 Enabling/Disabling a MUX VLAN ...................................................................... 22-26 22.4.2 Configuring the MUX VLAN Configuration Profile............................................. 22-26 22.4.3 Specifying the Upstream Port and Range of Local MUX VLANs...................... 22-27 22.4.4 Specifying the Cascading Port and Range of Cascaded MUX VLANs............. 22-28 22.4.5 Setting the MUX VLANs for a Specified Service Board.................................... 22-28 22.4.6 Setting the MUX VLAN for a Specified Port...................................................... 22-29 22.4.7 Viewing MUX VLAN information ....................................................................... 22-29 22.4.8 Basic Application of MUX VLAN ....................................................................... 22-30 22.4.9 MUX VLAN Cascading Application ................................................................... 22-34 22.4.10 Comprehensive MUX VLAN Application......................................................... 22-39 22.4.11 Notes for Using MUX VLAN ............................................................................ 22-44 22.5 Configuring a QinQ VLAN............................................................................................ 22-45 22.5.1 Overview ........................................................................................................... 22-45 22.5.2 Setting a Common VLAN as a QinQ VLAN ...................................................... 22-46 22.5.3 Adding/Deleting an Upstream Port to/from a QinQ VLAN ................................ 22-46 22.5.4 Adding/Deleting a Downstream Port to/from a QinQ VLAN.............................. 22-47 22.5.5 Configuring a QinQ VLAN PVC......................................................................... 22-48
Huawei Technologies Proprietary ix
Table of Contents
22.5.6 Viewing the Configuration of a QinQ VLAN ...................................................... 22-49 22.5.7 QinQ VLAN Configuration Example .................................................................. 22-49 22.6 Configuring VLAN Stacking ......................................................................................... 22-51 22.6.1 Overview ........................................................................................................... 22-51 22.6.2 Configuring a Common VLAN as a VLAN Stacking.......................................... 22-53 22.6.3 Adding/Deleting an Upstream Port to/from a VLAN Stacking........................... 22-53 22.6.4 Adding/Deleting a Downstream Port to/from a VLAN Stacking ........................ 22-54 22.6.5 Configuring the Inner VLAN Tag for a VLAN Stacking Port/PVC ..................... 22-55 22.6.6 Configuring a Port/PVCs Inner Priority............................................................. 22-55 22.6.7 Configuring a VLAN Stacking PVC ................................................................... 22-56 22.6.8 Viewing the Configuration of a VLAN Stacking................................................. 22-56 22.6.9 VLAN Stacking Configuration Example ............................................................ 22-57 Chapter 23 IGMP Snooping Configuration ............................................................................... 23-1 23.1 Overview ........................................................................................................................ 23-1 23.1.1 IGMP Snooping Principle .................................................................................... 23-1 23.1.2 Implementation of IGMP Snooping ..................................................................... 23-2 23.2 Configuring IGMP Snooping .......................................................................................... 23-5 23.2.1 Enabling/Disabling IGMP Snooping Globally...................................................... 23-6 23.2.2 Setting the Aging Time of Multicast Group Member Port ................................... 23-6 23.2.3 Setting the Aging Time of the Router Port .......................................................... 23-6 23.2.4 Setting the Maximum Response Time ................................................................ 23-6 23.2.5 Enabling a User to Leave a Multicast Group Fast .............................................. 23-7 23.2.6 Setting a Router Port........................................................................................... 23-7 23.2.7 Viewing IGMP Snooping Information .................................................................. 23-7 23.3 Configuring Multicast VLAN........................................................................................... 23-8 23.3.1 Setting the Upstream Port of a Multicast VLAN .................................................. 23-9 23.3.2 Setting the Downstream Port of a Multicast VLAN ........................................... 23-10 23.3.3 Viewing the Multicast VLAN .............................................................................. 23-10 23.3.4 Multicast VLAN Configuration Example ............................................................ 23-11 23.4 Troubleshooting IGMP Snooping................................................................................. 23-14 Chapter 24 IGMP Proxy Configuration ...................................................................................... 24-1 24.1 Overview ........................................................................................................................ 24-1 24.2 Configuring Basic IGMP Proxy ...................................................................................... 24-2 24.2.1 Enabling/Disabling IGMP Proxy .......................................................................... 24-2 24.2.2 Setting the Master Upstream Port....................................................................... 24-3 24.2.3 Setting the Parameters for a Multicast Router .................................................... 24-3 24.2.4 Setting the Static Multicast Members of an IGMP Proxy Group ......................... 24-5 24.3 Configuring the Program Library and Authority Profile .................................................. 24-6 24.3.1 Maintaining a Program Library ............................................................................ 24-8 24.3.2 Setting the Authority Profile............................................................................... 24-10 24.3.3 Setting the User Authority ................................................................................. 24-13 24.4 Viewing IGMP Proxy Information................................................................................. 24-16
Huawei Technologies Proprietary x
Table of Contents
Chapter 25 ISU Configuration .................................................................................................... 25-1 25.1 Overview ........................................................................................................................ 25-1 25.2 Configuring an ISU Board.............................................................................................. 25-2
04-Maintenance Operations
Chapter 26 System Maintenance ............................................................................................... 26-1 26.1 Overview ........................................................................................................................ 26-1 26.2 Configuring the File System........................................................................................... 26-1 26.2.1 Directory Related Operations.............................................................................. 26-1 26.2.2 File-Related Operations ...................................................................................... 26-2 26.2.3 Memory Device Related Operations ................................................................... 26-2 26.3 Configuring FTP and TFTP............................................................................................ 26-3 26.3.1 Overview ............................................................................................................. 26-3 26.3.2 Setting FTP ......................................................................................................... 26-4 26.3.3 Setting TFTP ....................................................................................................... 26-6 26.4 Auto Online Upgrading .................................................................................................. 26-7 26.4.1 Upgrading from a Previous Version to the First Version That Supports Automatic Upgrading....................................................................................................................... 26-7 26.4.2 Upgrading a Previous Version to That Later than the First Version Supporting Auto Online Upgrading ................................................................................................. 26-11 26.4.3 Upgrading a Version Supporting Auto Online Upgrading or Later Versions..... 26-11 26.5 Loading ........................................................................................................................ 26-11 26.5.1 Loading the Version Supporting Auto Online Upgrading .................................. 26-12 26.5.2 Loading the Version Not Supporting Auto Online Upgrading ........................... 26-12 26.6 Backup ......................................................................................................................... 26-19 26.6.1 Viewing and Saving the System Configuration Files ........................................ 26-19 26.6.2 Backing Up the System Data Using TFTP........................................................ 26-21 26.6.3 Backing Up the System Data Using FTP .......................................................... 26-22 26.7 Patch Management...................................................................................................... 26-23 26.7.1 Overview ........................................................................................................... 26-23 26.7.2 Procedure for Patch Operations........................................................................ 26-25 26.8 Patch Loading Examples ............................................................................................. 26-25 Chapter 27 Logs and Alarms...................................................................................................... 27-1 27.1 Log Management ........................................................................................................... 27-1 27.1.1 Viewing Logs ....................................................................................................... 27-1 27.1.2 Setting the Log Host............................................................................................ 27-2 27.2 Configuring Alarms ........................................................................................................ 27-2 27.2.1 Viewing Alarm Records....................................................................................... 27-4 27.2.2 Viewing the Alarm Configuration......................................................................... 27-6 27.2.3 Setting Alarm Levels ........................................................................................... 27-6 27.2.4 Setting the Alarm Output on a CLI Terminal ....................................................... 27-7 27.2.5 Setting Alarm Statistics ....................................................................................... 27-8
Table of Contents
27.2.6 Setting the Alarm Threshold................................................................................ 27-9 27.2.7 Viewing/Clearing Alarm Statistics ..................................................................... 27-10 27.2.8 Viewing Basic Alarm Information ...................................................................... 27-10 Chapter 28 Active/Standby Switchover..................................................................................... 28-1 28.1 Overview ........................................................................................................................ 28-1 28.1.1 Basic Principles ................................................................................................... 28-1 28.1.2 Active/Standby Switchover Modes...................................................................... 28-2 28.2 Preconditions for Active/Standby Switchover ................................................................ 28-3 28.3 MA5300+Dual-ISU Active/Standby Switchover ............................................................. 28-3 28.4 ESM+EIU Active/Standby Switchover ........................................................................... 28-8 28.4.1 Establishing the Switch-over Environment.......................................................... 28-8 28.4.2 Active/Standby Switchover Configuration Commands........................................ 28-8 28.4.3 Setting the Automatic Switchover ..................................................................... 28-10 28.4.4 Setting the Manual Switchover.......................................................................... 28-10 Chapter 29 Environment Monitoring Management .................................................................. 29-1 29.1 Overview ........................................................................................................................ 29-1 29.2 Configuration Procedure................................................................................................ 29-2 29.3 Configuring an EMU ...................................................................................................... 29-2 29.3.1 Adding/Deleting/Viewing an EMU ....................................................................... 29-3 29.3.2 Entering the EMU Configuration Mode ............................................................... 29-5 29.4 Configuring EMUH303ESC ......................................................................................... 29-6 29.4.1 Setting H303ESC Environment Monitor Parameters .......................................... 29-6 29.4.2 Viewing the H303ESC Environment Information ................................................ 29-7 29.5 Configuring EMUPower 4875/4845 ............................................................................. 29-8 29.5.1 Configuring the 4875/4845 Power Module.......................................................... 29-9 29.5.2 Viewing the Information on POWER4875/4845................................................ 29-10 29.6 Configuring EMUDIS ................................................................................................. 29-11 29.6.1 Setting DIS Parameters .................................................................................... 29-12 29.6.2 Viewing DIS Information.................................................................................... 29-12 29.7 Configuration Example ................................................................................................ 29-13 29.7.1 Setting H303ESC .............................................................................................. 29-13 29.7.2 Setting a DIS ..................................................................................................... 29-16
05-Appendix
Appendix A Acronyms and Abbreviations .................................................................................A-1 Index ................................................................................................................................................ i-1
HUAWEI
Table of Contents
Table of Contents
Chapter 1 Maintenance Terminal Configuration ........................................................................ 1-1 1.1 Configuring the Local Serial Terminal ............................................................................... 1-1 1.2 Configuring the Remote Serial Terminal ........................................................................... 1-6 1.3 Configuring the Telnet Environment .................................................................................. 1-7 Chapter 2 Basic System Operations ........................................................................................... 2-1 2.1 Command Line Operation Characteristics......................................................................... 2-2 2.1.1 Intelligent Matching ................................................................................................. 2-2 2.1.2 Edit Characteristics ................................................................................................. 2-2 2.1.3 Display Characteristics............................................................................................ 2-3 2.1.4 Command Line Error Prompts ................................................................................ 2-4 2.1.5 Command Modes .................................................................................................... 2-4 2.2 Online Help ........................................................................................................................ 2-6 2.3 Setting the Interactive Mode .............................................................................................. 2-7 2.4 Switching the Terminal Languages.................................................................................... 2-8 2.5 Setting the System Time.................................................................................................... 2-8 2.6 Setting the System Name .................................................................................................. 2-8 2.7 Setting the Terminal Type.................................................................................................. 2-9 2.8 Setting the Timeout Exit..................................................................................................... 2-9 2.9 Setting the Terminal Screen Length .................................................................................. 2-9 2.10 Setting the Terminal Screen Clearance......................................................................... 2-10 2.11 Viewing the Hardware/Software Version ....................................................................... 2-10 2.12 Viewing History Commands........................................................................................... 2-11 2.13 Viewing the CPU Occupancy Ratio ............................................................................... 2-11 2.14 Network Testing Tools ................................................................................................... 2-11 Chapter 3 User Management........................................................................................................ 3-1 3.1 Overview ............................................................................................................................ 3-1 3.2 Adding/Deleting a User...................................................................................................... 3-2 3.2.1 Adding a User.......................................................................................................... 3-2 3.2.2 Deleting a User........................................................................................................ 3-3 3.3 Modifying User Attributes................................................................................................... 3-4 3.4 Viewing User Information................................................................................................... 3-5 Chapter 4 Line Configuration....................................................................................................... 4-1 4.1 Overview ............................................................................................................................ 4-1 4.2 Entering Line Configuration Mode ..................................................................................... 4-3 4.3 Configuring the Attributes of an Asynchronous Interface .................................................. 4-3 4.4 Defining HyperTerminal Attributes..................................................................................... 4-5
Table of Contents
4.5 Viewing Line Information ................................................................................................... 4-6 Chapter 5 Board Management ..................................................................................................... 5-1 5.1 Overview ............................................................................................................................ 5-1 5.2 Viewing a Board................................................................................................................. 5-2 5.3 Adding a Board .................................................................................................................. 5-4 5.4 Confirming a Board............................................................................................................ 5-5 5.5 Deleting a Board ................................................................................................................ 5-6 5.6 Resetting a Board .............................................................................................................. 5-6 5.7 Replacing a Board ............................................................................................................. 5-7 Chapter 6 Network Management Configuration......................................................................... 6-1 6.1 Overview ............................................................................................................................ 6-1 6.2 Configuring SNMP ............................................................................................................. 6-1 6.2.1 Overview ................................................................................................................. 6-1 6.2.2 Setting the Community Name ................................................................................. 6-4 6.2.3 Setting the Trap Sending ........................................................................................ 6-4 6.2.4 Setting Management Attributes............................................................................... 6-5 6.2.5 Setting the SNMP Packet Size................................................................................ 6-6 6.2.6 Setting the Name of Local or Remote Device......................................................... 6-6 6.2.7 Setting an SNMP V3 Group .................................................................................... 6-7 6.2.8 Adding/Deleting a User to/from an SNMP Group ................................................... 6-8 6.2.9 Creating/Modifying/Deleting/Viewing the View Information .................................... 6-8 6.3 Configuring the Outband NMS........................................................................................... 6-9 6.3.1 Setting the IP Address of an Outband Port............................................................. 6-9 6.3.2 Setting Outband NMS Routes............................................................................... 6-10 6.3.3 Outband NMS Configuration Example.................................................................. 6-10 6.4 Configuring the Inband NMS ........................................................................................... 6-11 6.4.1 Setting the IP Address of Inband NMS ................................................................. 6-12 6.4.2 Setting Inband NMS Routes.................................................................................. 6-12 6.4.3 Adding an ACL ...................................................................................................... 6-13 6.4.4 Inband NMS Configuration Example..................................................................... 6-14 Chapter 7 RMON Configuration ................................................................................................... 7-1 7.1 Overview ............................................................................................................................ 7-1 7.2 Configuring RMON ............................................................................................................ 7-2 7.2.1 Adding/Deleting an Entry to/from the Alarm Table.................................................. 7-2 7.2.2 Adding/Deleting an Entry to/from the Event Table.................................................. 7-3 7.2.3 Adding/Deleting an Entry to/from the History Control Table ................................... 7-3 7.2.4 Adding/Deleting an Entry to/from the Statistics Table............................................. 7-4 7.2.5 Viewing RMON Information..................................................................................... 7-4 7.3 RMON Configuration Example .......................................................................................... 7-5
Figure 1-1 Setting up the serial port configuration environment 2) Select the menu in this way to start the HyperTerminal and set up the related port connection: [Start/Program/Accessories/Communication/HyperTerminal] See Figure 1-2.
Figure 1-2 Selecting the serial port for connection Select the standard character terminal or PC terminal serial port that is actually connected to the MA5300. Assume it is serial port 2 here. 3) Click <OK> to display the COM2 Properties dialog box. Then set the serial port parameters to the values in Table 1-1. Table 1-1 Recommended configuration of serial port parameters Parameter baud rate data bits stop bits parity flow control 9600 bit/s 8 1 none none Value
Note that the setting of baud rate should be the same as of the serial port parameter. The default baud rate for the system is 9600 bit/s. See Figure 1-3.
Figure 1-3 Setting console port parameters 4) Click <OK> to display the HyperTerminal interface. See Figure 1-4.
Figure 1-4 HyperTerminal interface 5) Select [File/Properties] menu in the HyperTerminal interface. Then click the [Settings] tab to choose VT100 or Auto Detection as the type of terminal emulation. See Figure 1-5.
Figure 1-5 Defining the terminal type 6) Next, click [ASCII Setup] to set the properties of ASCII code. See Figure 1-6.
Note: For pasting files to the HyperTerminal, Character delay controls the transmission speed of each character and Line delay controls the time interval of every line. Too short delay may cause character missing. When the commands for file pasting functions are abnormal, such values should be modified.
7)
Enter the user name and password in the prompt box for registration. Then wait until the command line prompt (such as MA5300>) appears. By default, the super user name is root and the super user password is admin. If you fail to log in to the MA5300, click [Hang-up] first and [Dial] next. Then press the <Enter> key. If you still cannot log in, return to last step to check the parameter settings and physical connection, and then try again.
After the configuration completes, you should check whether the MA5300 can ping the IP address of the PC. If yes, the configuration is successful. Otherwise, check the network interface address and network status indicators.
Note: When the PC used for the Telnet test is located in the same segment as that of the MA5300, you only need to configure a maintenance port or a VLAN IP address. If they are not in the same subnet, you need to configure the route.
Note: The Telnet environment configuration example shown below is based on Windows 98. Different operating systems offer different prompts, but have similar configuration procedure.
1)
Set up the local configuration environment. To set up the local configuration environment, you need only to connect the PCs network port with the MA5300 through LAN. See Figure 1-8.
MA5300
CON ETH MON
LAN
ESM
PC
PC
Figure 1-8 Setting up the local configuration environment through LAN 2) Set up the remote configuration environment.
Huawei Technologies Proprietary 1-8
To set up the remote configuration environment, you need to connect the PC with the MA5300 through WAN network port. See Figure 1-9.
MA5300 LAN PC WAN
CON ETH MON
PC
PC
ESM
Figure 1-10 Interface for running Telnet application 2) Select [Terminal/Preferences] menu to set the Telnet terminal preferences. See Figure 1-11.
Figure 1-11 Setting Telnet terminal preferences 3) Select [Connection/Remote system] menu in the Telnet interface. Then enter the IP address of the MA5300 in the [Connect] dialog box to set up Telnet connection with the MA5300. See Figure 1-12.
The default user name and password for an administrator is root and admin respectively.
2)
Change the terminal display language View the terminal display language Set the system time View the system time Set the system name Set the terminal type View the terminal type Set the length terminal screen
Set the terminal screen clearance View the hardware/software version View history commands View the CPU occupancy ratio Use network test tools Enable/Disable the timeout exit Set the displayable commands number of history
history size
Note: For command line format, refer to II Command conventions in the preface of the manual.
The command line descriptor facilitates incomplete searching. It can offer explanation for any key word input as long as that key word does not cause confusion. For example, you can just enter en or ena for enable. 2) Auto key word matching
When entering a key word, you can enter a part of the key word, and then press the <Space> key to display the completely-matched key word. By doing this, you do not need to enter long key words, thus making the operation more convenient. If no correct match is found, you cannot proceed with the next key word or parameter. Therefore, when you are operating the system through the CLI, the command lines displayed are always in complete form. If you cannot enter a space, it indicates that you have entered a wrong command. In this case you should check and enter the correct one.
Key <BackSpace>
Functionality Delete the character before the cursor and move the cursor forward. When reaching the beginning of the command, the cursor stops. Delete a character in the position of the current cursor.
<Delete> Left arrow <Ctrl+A> Right arrow <Ctrl+D> key key <> <> or or
Move the cursor leftward for the length of one character. Move the cursor rightward for the length of one character. Display history commands. (For some display terminals which do not support up/down arrow keys, you can use <Ctrl+P> or <Ctrl+N> to select the last or next history command.) Delete the characters before the current cursor and move the cursor to the beginning of the line. Delete the characters after the current cursor and move the cursor to the end of the line. Move the cursor to the beginning of the line. Move the cursor to the end of the line. Undo current input by pressing such key twice.
exit
exit end
MA5300(config-...)#
Figure 2-1 Diagram of the relationship between the command modes Table 2-5 lists the functionalities and characteristics of the command modes. Table 2-5 Functionalities and characteristics of command modes Command mode User mode EXEC Functionality To show basic system information. To make basic system configuration. To configure the equipment and global attributes. To configure FE port attributes. Prompt Entry You can enter the mode directly after log-on MA5300>enable
MA5300>
Privileged mode Global configuration mode Fast Ethernet (FE) port configuration mode Gigabit Ethernet (GE) port configuration mode VDSL port configuration mode
MA5300#
MA5300(config)#
MA5300#config terminal MA5300(config) # interface ethernet slot/subslot/port MA5300(config) # interface gigabit-ethernet slot/subslot/port MA5300(config) # interface vdsl slot/subslot/port
MA5300(config-if-ethern et7/1/0)#
MA5300(config-if-gigabi tethernet-7/1/0)#
MA5300 (config-if-vdsl2/0/0)#
Command mode ADSL port configuration mode SHDSL port configuration mode
Functionality To configure ADSL port attributes. To configure SHDSL port attributes To configure the attributes of IP interface corresponding to VLAN and VLAN interface. To configure VLAN attributes. To configure Line attributes.
MA5300 (config-if-shdsl2/0/0)#
MA5300(config-if-vlan-i nterface1)#
MA5300 (config-vlan1)#
MA5300 (config-line0)#
Note: To exit command mode level by level, you can run the command exit. To exit from the current mode to privileged mode, you can run the command end. To exit privileged mode and enter user EXEC mode, you can run the command disable. By default, the command line prompt uses MA5300 as its prefix. It can be modified using the command hostname. What is included in the bracket is used to describe current configuration mode.
You can type ? after the command line prompt to display the current mode and all commands available in that mode.
Huawei Technologies Proprietary 2-6
You can type ? after an incomplete key word to obtain online help information on that key word.
MA5300>s? -------------------------------------------------------------------Command Of user Mode: -------------------------------------------------------------------send[3] show[13] system send command group,3 sub-command. show command group,13 sub-command. Show used percent of memory.
You can type ? after a complete key word to obtain brief online help information on the current command and its parameters.
MA5300>show ? -------------------------------------------------------------------Command Of user Mode: -------------------------------------------------------------------alarm[4] board alarm command group, 4 sub-command. Show information of board.
After the interactive mode is disabled, if you press the <Enter> key after typing an incomplete command, the system will prompt you with error information.
MA5300#no smart
^
% Incomplete command, and error detected at '^' marker.
Note: For some terminal tools allowing terminal type setting (such as HyperTerminal, Telnet and neterm), you can use the associated menu to set the terminal emulation type so that the type of the terminal tool is consistent with that of terminal in the system.
To disable the screen splitting function, you can run the command length 0. To restore the default setting, you can run the command no length. The default terminal screen length is 24 lines.
MA5300(config-line0)#length 12
This example shows how to view the detailed information of all boards.
MA5300#show version scout -------------------------------------------------------------------SlotID BoardName Software BIOS CPLD
-------------------------------------------------------------------0 1 2 3 4 5 6 7 H531ESMA V100R005B01D061-Jul 21 2004, 16:05:47 V1.09 300 H531EVDA H531EADA V100R005B01D061-Jul 7 2004, 19:25:14 V1.09 V1.08 100 200
--------------------------------------------------------------------
I. ping
To check the network connectivity and the host reachability, you can run the command ping.
MA5300#ping 10.11.106.133 PING 10.11.106.133: 56 data bytes, press CTRL_C to break
Reply from 10.11.106.133: bytes=56 Sequence=0 ttl=125 time = 6 ms Reply from 10.11.106.133: bytes=56 Sequence=1 ttl=125 time = 6 ms
II. tracert
To check the gateways passed by a data packet sent from the host to the destination, you can run the command tracert. This aims to check the connectivity of network and locate faults in the network. First, the host sends a data packet with the Time to Live (TTL) value as 1 is sent to the destination. During the first hop, the system returns an Internet Control Message
Protocol (ICMP) message to indicate the failure in transmitting the data packet due to TTL timeout. Then, the data packet is re-sent, its TTL is 2. The system also returns TTL timeout in the second hop. In this way, the process continues until the data packet reaches the destination. Doing so will record the source address of each ICMP TTL timeout message, so as to provide a path that an IP packet passes along the way to the destination.
MA5300#tracert 10.11.106.133 traceroute to 10.11.106.133 max hops 30 ,packet 40 bytes press CTRL_C to break 1 2 3 4 253 ms * * 4 ms 476 ms * * 4 ms 508 ms * * 5 ms 10.11.120.62 Request timed out. Request timed out. 10.11.106.133
An account, also called a user name, consists of 131 characters. All the user names are unique, case insensitive and free of any space or @. 2) Password
A password consists of 115 characters. A common user can only modify his own password, while an administrator can modify the passwords of other users. The password is case sensitive. A user needs to enter their valid user names and passwords to log in before he/she can maintain the MA5300 through the command line terminal. 3) Reentry count
Whether a user name can be used to log in to the MA5300 from multiple terminals at the same time depends on the reentry count. The count is in the range of 04. If the count is set to 0, the user cannot log in to the MA5300. It is recommended that you set the reentry count to 1. When you log in to the MA5300, the system will check whether your user name matches your password, and whether your user name is being used at the moment. It depends on the reentry count whether you are allowed to log in, if your user name is in use. 4) Authority
In terms of authority, operation users are divided into: Common users, who can only perform some simple query operations and run some system commands. Operators, who are allowed to configure the MA5300, such as setting system time. Administrators: who are of the highest level. They can configure, manage, and maintain user accounts and authorities.
Huawei Technologies Proprietary 3-1
The users with higher authority can run lower level commands, but the users with lower authority cannot run higher level commands. After passing the login authentication, all users first enter user EXEC mode, and then other modes, depending on their authorities. Even in the same command mode, users with different authorities are entitled to perform different operations. 5) Appending information
Appending information is optional, which can be the users phone number or address. It is a string of up to 35 characters. 6) Callback attributes
Callback attributes are used in the callback of remote Modem dialup. The user management involves: Adding/Deleting a User Modifying User Attributes Viewing User Information Table 3-1 lists the commands for user management. Table 3-1 Commands for user management To Add/Delete a user Modify the user level Modify a user password Modify the permitted reentry count Modify the appending information Modify the user callback attributes View the information on a user Use (no) terminal user name terminal user level terminal user password terminal user reenter terminal user apdinfo terminal user callback show terminal user In Privileged mode Privileged mode Privileged mode Privileged mode Privileged mode Privileged mode User EXEC mode
To add an authorized user, you can run the command terminal user name. When adding a user, you need to enter the following: User name Password User level Reentry count Appending information Callback attributes
Note: Only the administrator can add a new user. All user names are unique and free of @domain. Multiple users can be added at a time, and up to 126 users can be added.
This example shows how to add a common user Huawei. The reentry count is 2, and the appending information is 8008302118 (namely the users telephone number).
MA5300#terminal user name User Name( <32 chars):huawei User Password(<=16 chars): Confirm Password(<=16 chars): User's Level(1--3). 1. Common User(1) 2. Operator(10) 3. Administrator(15):2
Permitted Reenter Number(0--4):3 User's Appended Info(<=50 chars):8008302118 User's call-back dialstring(<=32 chars): Callback-verify?[Y|N]n This user has been added Repeat this operation? [Y|N]n
Note: Users cannot delete themselves. The user root cannot be deleted. A user who is logging in cannot be deleted. To delete this user, disconnect it first. Multiple users can be deleted at a time.
However, common users and operators can only modify their own passwords. To do this, they need to enter the old passwords.
Note: You can use this command to display the information on a user with a level equal or lower than yours only.
Note: On the MA5300, the AUX port and the Console port refer to the same port. Therefore, only two types of lines are available: AUX line and VTY line.
The numbering of virtual line: The first virtual line is vty0, the second one is vty1, and so forth.
Set the transmission rate Set the flow control mode Set parity bits Set stop bits Set data bits Enable/Disable terminal service EXEC
(no) speed (no) flowcontrol (no) parity (no) stopbits (no) databits (no) exec lockable lock (no) length (no) history size show line
configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration
Set the terminal line to be lockable Lock a terminal line Set the terminal screen length Set the size of history command buffer View Line information
2)
Note: When logging in to the system through the serial port, make sure that the line parameter settings are the same as those of the terminal. Any change of the line parameters, such as bit rate and flow control mode, will lead to system breakdown.
By default, the EXEC terminal service is enabled on all lines. To disable EXEC terminal service, you can run the command no exec. However, since the AUX port itself is the console port, the AUX port does not support the command no exec for the sake of safety. It is supported on other lines apart from the AUX port. This example shows how to run the command no exec on line 1.
MA5300(config-line1)#no exec
Once this command is executed, Telnet will be disabled, and the system will prompt:
%Connection refused by remote host!
MA5300(config)#show line
2)
MA5300(config)#show line 0
I 0
AUX 0
MA5303
Service board
In Global configuration mode Global configuration mode Global configuration mode Global configuration mode
--------------------------------------------------------------0 1 2 3 4 5 6 7 ESMA Normal E4FE E4FE EADA Auto_find EVDA EVDA EVDA Auto_find Auto_find Auto_find
---------------------------------------------------------------
Depending on the user operations and running conditions, boards can be in different status. Table 5-3 lists all board status. Table 5-3 Board status Status Comm Fail Comm OK Remark Service board. It indicates the physical link communication fails. Service board. It indicates the physical link communication is normal.
Remark Service board. It indicates the board is registered successfully, and is running normally. Service board. The board is in fault status. ESM board ESM board Service board. The board is being configured. Service board. It refers to the status displayed by the system when a board is just inserted, but not confirmed yet.
Table 5-4 shows the subboards attached to the ESMA/ESME and ISUA/ISUE boards. Table 5-4 The subboards attached to the MA5300 boards Subboard type E4FA E4FB O1FAB O1FAF O2FAB O2FAF O4FAB O4FAF O4FBB O4FBF O2GAA O2GAE O1GAA O1GAE O2GAX O4FS Description 4xFE electrical port subboard 4xFE electrical port subboard 1xFE multi-mode optical port subboard 1xFE single-mode optical port subboard 2xFE multi-mode optical port subboard 2xFE single-mode optical port subboard 4xFE multi-mode optical port subboard 4xFE single-mode optical port subboard 4xFE multi-mode optical port subboard 4xFE single-mode optical port subboard 2xGE multi-mode optical port subboard 2xGE single-mode optical port subboard 1xGE multi-mode optical port subboard 1xGE single-mode optical port subboard 2xGE single-mode/multi-mode optical port subboard 4xFE optical port swappable module subboard, SFP Applicable board ESMA/ESME ISUA/ISUE ESMA/ESME/ESMB ESMA/ESME/ESMB ESMA/ESME/ESMB ESMA/ESME/ESMB ESMA/ESME/ESMB ESMA/ESME/ESMB ISUA/ISUE ISUA/ISUE ESMA/ESME/ESMB, ISUA/ISUE ESMA/ESME/ESMB, ISUA/ISUE ESMA/ESME/ESMB, ISUA/ISUE ESMA/ESME/ESMB, ISUA/ISUE ESMA/ESME ESMB
Description 2xFE optical port swappable module 4xGE optical port swappable module 2xGE optical port swappable module subboard, subboard, subboard, SFP SFP SFP
Note that even after a board is added successfully off line, the system will still prompt you that the communication with the ESM board fails.
Note: ESPA board is a passive board that can work normally without any connection with the backplane. Therefore, no operation on this board is required. (ESP is short for Ethernet Splitter board). When a service board other than ESPA is inserted into an idle slot, the system will make registration automatically and identify the board type. Auto registration is not available for the ESPA board. The ESPA board should be used in combination with the EVDA and EADA boards in the proportion of 1:2 (for ESPA and EVDA) and 1:1 (for ESPA and EADA).
This example shows how to enter the frame and slot number to confirm the specified board.
MA5300(config)#board confirm 0/12 0 frame 12 slot board confirm successfully
Board 1: V100R003B02D063 (DISABLED). Please update to correct version. 0 frame 1 slot board confirm successfully
Note: The ESM board cannot be deleted. When the ISU boards residing in slot 14/15 are enabled through the backplane, they cannot be deleted by running the command board delete. To delete the ISU boards, you can run the command no inner-isu. You can also delete other boards working in normal status. Such command should be used with due care, as board deletion operation cannot be undone, and it will clear all data of the board.
Note: Resetting the system will result in loss of unsaved data. It is recommended that you run the command write to save the system data before the reset operation. To avoid affecting the service, make due consideration before you reset the system. In general, the system should be reset after new application or data is loaded.
Note: You can perform this operation no matter whether the board is in normal or faulty status. If an old-type board is in normal status, it will be reset after this command is run, because its type is not consistent with the type of the board configured. Then, you can remove the old-type board and insert the new-type board.
This example shows how to replace the EADA board in slot 6 with the EADB board.
MA5300(config)#board replace 0/6 eadb Are you sure to replace this board? (y/n)[n]:y Frame 0 slot 6 board replace successfully
1 1 1 1 5 A
Figure 6-1 MIB tree structure As shown in the above figure, the managed object B can be uniquely identified with a string of numbers {1.2.1.1}. This number string is the object identifier of B. The function of the Management Information Base (MIB) is to describe the hierarchical structure of a tree. It is a set defined by the standard variables of the monitored network device. SNMP allows you to set the community name, add users/groups, add views, and configure an ACL, offering very high security. With the ACL modules access list, the system can screen a specific IP address so that users with the IP address cannot access the Agent. There are two versions of SNMP: V1/2C and V3. The configuration of SNMP V1/2C involves: Enabling/Disabling SNMP V1/2C Adding Community names Enabling/Disabling sending trap The configuration of SNMP V3 involves: Enabling/Disabling SNMP Adding a user Adding a group Adding a view Enabling/Disabling sending trap The first running of the command snmp-server will enable all SNMP versions. You can run the command no snmp-server to disable all SNMP versions. Table 6-1 lists the commands for SNMP management.
2 2 2
B 6
Table 6-1 Commands for SNMP management To Add/Delete names community Use (no) snmp-server community (no) snmp-server enable traps (no) snmp-server trap-source (no) snmp-server trap-source (no) snmp-server contact (no) snmp-server location (no) snmp-server packetsize (no) snmp-server engineid (no) group snmp-server Global mode Global mode Global mode Global mode Global mode Global mode Global mode Global mode Global mode Global mode Global mode In configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration
Set the Trap source address Set the sysContact Set the sysLocation Set the SNMP packet size Set the SNMP server engine ID Add/Delete an SNMP group Add/Delete an SNMP group user Create/Update information on view View the information community names View the information sysContact View the sysLocation View the statistics View the engine ID SNMP SNMP packet server on on the on on
show community
All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
show snmp contact show snmp location show snmp show snmp engineid show snmp group show snmp user show snmp view
View the information SNMP groups View the information SNMP users
Note: The operation of setting a community name is only applicable to SNMP V1/V2C. The operations of setting a local/remote devices name, SNMP group, user, and view are only applicable to SNMP V3. Though the V1/V2C option is available to the setting of user and group, any such a setting is invalid. Other settings are applicable to both versions.
To view the community names after completing the setting, you can run the command show snmp community.
2)
To enable sending Trap, you need to set the Trap destination address by running the command snmp-server host. To cancel the setting, you can run the command no snmp-server host. The only difference between configuring SNMP V1 and SNMP V2C lies in the version selection. This example shows how to set the IP address of the destination host for sending Trap as 10.71.53.108 and SNMP version as 1 using the community name of private.
MA5300(config)#snmp-server host 10.71.53.108 version 1 private
3)
To set Trap source address, you can run the command snmp-server trap-source. To cancel the setting, you can run the command no snmp-server trap-source. This example shows how to set the source address for sending Trap as vlan-interface 1000.
MA5300(config)#snmp-server trap-source vlan-interface 1000
By default, sysLocation is BeiJing China. After the configuration completes, you can run the command show snmp location to view the information on the device location.
MA5300(config)#snmp-server location Shenzhen China MA5300(config)#show snmp location The physical location of this node: Shenzhen China
To add an SNMP group, you can run the command snmp-server group. To delete an SNMP group, you can run the command no snmp-server group. After the configuration completes, you can run the command show snmp group to view the information on the SNMP group. Table 6-2 Parameter specification Parameter auth Description Indicates to authenticate only the first-level password, namely the authentication protocol password. Indicates to authenticate the passwords of both levels, namely the authentication protocol password and privacy protocol password. Indicates that no authentication is required. Indicates to define the read, write and notify attributes of a node in a view. Indicates to apply the ACL to prevent illegal access to the Agent.
This example shows how to add an SNMP group 5300, and authenticate the firstlevel password only. The attributes of nodes 5300a, 5300b, and 5300c are read, write and notify respectively.
MA5300(config)#snmp-server group 5300 v3 auth read 5300a write 5300b notify 5300c MA5300(config)#show snmp group Group name: 5300 Readview: 5300a Notifyview :5300c Storage-type: nonVolatile Security model: v3 auth Writeview: 5300b
To delete a user from an SNMP group, you can run the command no snmp-server user. After the configuration completes, you can run the command show snmp user to view the information on the SNMP user. This example shows how to add the user huawei to an SNMP group, which belongs to group 5300. Authenticate the authentication protocol password only. The password is of hello.
MA5300(config)#snmp-server user huawei 5300 v3 auth md5 hello MA5300(config)#show snmp user User name: huawei Engine ID: 800007DB00E0FC1119C26877 active
Storage-type: nonVolatile View name:ViewDefault Storage-type: nonVolatile View name:ViewDefault Storage-type: nonVolatile View name:ViewDefault Storage-type: nonVolatile View name:ViewDefault Storage-type: nonVolatile
Setting the IP Address of an Outband Port Setting Outband NMS Routes Outband NMS Configuration Example
This example shows how to create a route destined to 10.71.8.0 subnet so that IP packets from the MA5300 are to be forwarded through the gateway 10.71.53.1
MA5300(config)#ip route 10.71.8.0 255.255.255.0 10.71.53.1
MA5300
E E V A D D A A
ETH
MA5200
S M B
ESM
HRB
Figure 6-2 Outband NMS networking 1) The outband port (namely the ETH port) on the ESM board of the MA5300 is connected to port 7 on the MA5200s HRB board through a crossover network cable. 2) 3) 4) 5) The IP address of the MA5300 outband NMS is: 10.10.20.1 255.255.255.0. Only the IP addresses within 10.10.21.1/24 can Telnet to the MA5300. The IP address of port 7 of the HARB board on the MA5200 is: 10.10.20.254/24. The IP address of port 0 on the MA5200s HRB board is: 10.10.40.1/30.
Note: The function of ACL for Telnet is applicable to outband/inband NMS. This chapter only describes its application to outband NMS, which is almost the same as its application to inband NMS.
2)
3) 4)
Add an NM route. Set the community name and the access authority.
5) 6) 7) 8)
Enable Trap sending. Set Trap destination address. Specify IP address of the outband NMS as the Trap destination address. Save the Data.
MA5300(config)#write
I. Creating an NM VLAN
To create an NM VLAN, you can run the command vlan.
MA5300(config)#vlan 1000
data packets, namely the standard ACL, which consists of the data-based ACL and name-based ACL.
I. Defining an ACL
Two match orders of the sub-rules of an ACL are available: config Indicates to follow the user defined configuration order when formulating the matching rule. auto Indicates to allow the system to sort automatically (in depth-first order) when formulating the matching rule. The default setting is config.
Note: When creating an ACL, you must use the inverse mask if a whole segment needs to be added into the ACL. When the access of only one host is allowed, the parameter 0 needs to be input at the end of the IP address.
This example shows how to define ACL 1, which permits the access of the users within the segment 10.72.53.0/24 of VLAN 1000.
MA5300(config)#access-list 200 deny ingress 1000 egress any MA5300(config)#access-list 1 permit 10.72.53.0 0.0.0.255 MA5300(config)#access-list 201 permit ingress 1000 egress any
MA5300
E E V A D D A A
E7/2/0
MA5200
S M B
ESM
HAB
HRB
Figure 6-3 Inband NMS networking 1) 2) 3) 4) 5) Port Ethernet 0/7/0 on the MA5300s ESM board is connected to port 0 on the MA5200s HAB board. The service VLAN ID is 4000. The IP address of the MA5300 inband NMS is 10.10.20.1/24. The NM VLAN ID is 1000. The IP address of the NMS is 10.10.21.1/24 (not included in this Figure). The IP address of the MA5200s VT interface is 10.10.20.254/24. The IP address of port 0 of the MA5200 HRB board is 10.10.40.1/30.
2)
MA5300(config)#access-list extended telnet_limit MA5300(config-ext-nacl-telnet_limit)#deny ip any 10.10.20.1 0 MA5300(config-ext-nacl-telnet_limit)#permit 10.10.20.1 0 ip 10.10.21.1 0.0.0.255
3)
Activate an ACL.
4) 5)
You can set a service VLAN in various ways. In this example, assume that the service VLAN (whose ID is 4000) is a Smart VLAN. Create a VLAN whose ID is 4000, and set it as a Smart VLAN.
MA5300(config)#vlan 4000 MA5300(config-vlan4000)#vlan-type smart
Set the port Ethernet 7/2/0 as the trunk port which transparently transmits NM VLAN (whose ID is 1000).
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 1000 Please wait... Done.
6)
7) 8) 9)
Enable the Trap sending. Set the Trap destination address. Set the IP address of the inband NMS as the Trap source address.
The MA5300 performs RMON using the second method. With the RMON-supportive SNMP Agent running on the network monitor, the NMS can obtain such information as: Overall traffic of the segment connected to the managed network device port Error statistics and performance statistics With the information, the NMS is able to mange the network remotely.
Figure 7-1 Parameter description Parameter delta absolute rising-threshold falling-threshold owner Description The sampling type is of delta value. The sampling type is of absolute value. Upper limit of threshold value Lower limit of threshold value Creator of the entry
Table 7-2 Parameter description Parameter buckets interval owner Description This control line corresponds to the history control table capacity, which is in the range from 1 to 10. Sampling time, in the range from 5s to 3600s. Creator of the entry
This example shows how to delete entry 15 from the history control table.
MA5300(config)# no rmon history 15
Table 7-3 Commands for viewing RMON information To View RMON statistics Use show rmon statistics In All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
View the history information on RMON View the alarm information on RMON
MA5300
CON ETH MON
Internet PC
PC
ESM
Figure 7-2 RMON configuration networking Requirement: Add an entry to the RMON statistics table for the Ethernet port performance. This will ease network administrators query.
MA5300# show rmon statistic ethernet 7/1/1 Interface Ethernet7/1/1, with ethernet statistics table index 1, is VALID,
Dropped packet events (due to lack of resources): 0. Packets received of length (in octets): 64: 62300, 65-127: 42709, 128-255: 17515, 256-511: 8016, 512-1023: 9013, 1024-1518: 41030.
HUAWEI
Table of Contents
Table of Contents
Chapter 8 MAC Address Management ........................................................................................ 8-1 8.1 Overview ............................................................................................................................ 8-1 8.2 Configuring MAC Address Table ....................................................................................... 8-2 8.2.1 Adding/Modifying/Deleting Address Items .............................................................. 8-2 8.2.2 Enabling/Disabling the Address Learning ............................................................... 8-3 8.2.3 Setting the MAC Address Learning for a Port......................................................... 8-3 8.2.4 Setting the System MAC Address Aging ................................................................ 8-4 8.2.5 Restoring the Default MAC Address of Main Control Boards ................................. 8-5 8.3 Viewing the MAC Address Table ....................................................................................... 8-5 Chapter 9 DHCP Relay Configuration ......................................................................................... 9-1 9.1 Overview ............................................................................................................................ 9-1 9.2 Configuring a DHCP Server............................................................................................... 9-2 9.2.1 Setting a DHCP Server ........................................................................................... 9-3 9.2.2 Setting the DHCP Relay Standard Mode (VLAN Interface).................................... 9-5 9.2.3 Setting DHCP Option60 .......................................................................................... 9-6 9.2.4 Setting the MAC Address Segment ........................................................................ 9-7 9.3 Enabling the Switching Between DHCP L2/L3 Relay........................................................ 9-9 9.4 Configuring the DHCP Relay Agent Information Option.................................................. 9-10 9.4.1 Enabling/Disabling DHCP Option82 ..................................................................... 9-11 9.4.2 Setting Whether a DHCP packet Includes a Sub-option....................................... 9-12 9.4.3 Setting the Maximum Length of DHCP Packets ................................................... 9-13 9.4.4 Viewing the Information on DHCP Option82 Configuration .................................. 9-13 9.5 Configuration Example .................................................................................................... 9-14 9.6 DHCP Relay Troubleshooting.......................................................................................... 9-15 Chapter 10 ARP Configuration................................................................................................... 10-1 10.1 Overview ........................................................................................................................ 10-1 10.2 Configuring the Static ARP ............................................................................................ 10-2 Chapter 11 STP Configuration ................................................................................................... 11-1 11.1 Overview ........................................................................................................................ 11-1 11.1.1 Introduction to STP ............................................................................................. 11-1 11.1.2 Specific Calculation Process of STP Algorithm .................................................. 11-1 11.1.3 Setting the BPDU Forwarding Mechanism in STP.............................................. 11-6 11.2 Configuring RSTP.......................................................................................................... 11-7 11.2.1 Enabling/Disabling RSTP.................................................................................... 11-8 11.2.2 Setting/Switching the Operating Mode of RSTP ................................................. 11-9 11.2.3 Setting the Network Diameter ........................................................................... 11-10
Table of Contents
11.2.4 Setting the Parameters of a Specified Bridge ................................................... 11-10 11.2.5 Setting the Parameters of a Specified Port....................................................... 11-12 11.2.6 Viewing RSTP Information ................................................................................ 11-14 Chapter 12 Cluster Management Configuration....................................................................... 12-1 12.1 Overview ........................................................................................................................ 12-1 12.1.1 Brief Introduction to Cluster Management .......................................................... 12-1 12.1.1 Cluster Roles....................................................................................................... 12-2 12.1.2 Brief Introduction to HGMP ................................................................................. 12-3 12.2 Configuring HDP ............................................................................................................ 12-5 12.2.1 Setting HDP......................................................................................................... 12-6 12.2.2 Viewing HDP Information .................................................................................... 12-7 12.3 Configuring HTP ............................................................................................................ 12-8 12.3.1 Introduction to HTP ............................................................................................. 12-8 12.3.2 Setting HTP ......................................................................................................... 12-9 12.3.3 Viewing HTP Information .................................................................................. 12-12 12.4 Configuring a Cluster ................................................................................................... 12-12 12.4.1 Enabling/Disabling the Cluster Function ........................................................... 12-14 12.4.2 Setting the Cluster IP Address Pool.................................................................. 12-14 12.4.3 Specify the Command Device........................................................................... 12-15 12.4.4 Adding/Deleting a Cluster Member ................................................................... 12-15 12.4.5 Setting the Cluster Parameters ......................................................................... 12-17 12.4.6 Setting the Member Accessing ......................................................................... 12-20 12.4.7 Viewing Cluster Information .............................................................................. 12-22 12.5 Cluster Management Configuration Example.............................................................. 12-23 Chapter 13 AAA and RADIUS Configuration ............................................................................ 13-1 13.1 Overview ........................................................................................................................ 13-1 13.1.1 Introduction to AAA ............................................................................................. 13-1 13.1.2 Introduction to RADIUS....................................................................................... 13-2 13.1.3 Implementing AAA/RADIUS on the MA5300 ...................................................... 13-2 13.2 Configuring AAA ............................................................................................................ 13-3 13.2.1 Setting an Authentication/Authorization Scheme................................................ 13-5 13.2.2 Setting an Accounting Scheme ........................................................................... 13-6 13.2.3 Creating/Deleting an ISP Domain ....................................................................... 13-6 13.2.4 Configuring a User ............................................................................................ 13-10 13.2.5 Viewing AAA Information .................................................................................. 13-11 13.3 Configuring RADIUS.................................................................................................... 13-11 13.3.1 Creating/Deleting a RADIUS Server Group ...................................................... 13-14 13.3.2 Setting the IP Address and Port Number of RADIUS Server ........................... 13-14 13.3.3 Setting the Encryption Key of RADIUS Packet ................................................. 13-15 13.3.4 Setting the Response Timeout Timer of RADIUS Server ................................. 13-16 13.3.5 Setting the Retransmit Times of RADIUS Request Packet .............................. 13-16 13.3.6 Setting the Realtime Accounting Interval .......................................................... 13-16
Huawei Technologies Proprietary ii
Table of Contents
13.3.7 Setting the Maximum Failure Count of Realtime Accounting Request ............. 13-17 13.3.8 Setting the Maximum Times for Resending Account-Stop Request................. 13-18 13.3.9 Setting the RADIUS Server Type...................................................................... 13-18 13.3.10 Setting the RADIUS Server State ................................................................... 13-18 13.3.11 Setting the Format of Username Sent to RADIUS Server .............................. 13-19 13.4 Viewing RADIUS Information....................................................................................... 13-19 13.5 AAA and RADIUS Configuration Example .................................................................. 13-20 13.6 Fault Diagnosis and Troubleshooting .......................................................................... 13-20 Chapter 14 802.1x Configuration ............................................................................................... 14-1 14.1 Overview ........................................................................................................................ 14-1 14.1.1 Introduction to 802.1x.......................................................................................... 14-1 14.1.2 802.1x System Architecture ................................................................................ 14-1 14.1.3 802.1x Authentication Process............................................................................ 14-3 14.1.4 Implementing 802.1x on MA5300 ....................................................................... 14-4 14.2 Configuring 802.1x......................................................................................................... 14-4 14.2.1 Enabling/Disabling 802.1x................................................................................... 14-5 14.2.2 Setting the Port Access Control Mode ................................................................ 14-6 14.2.3 Setting the Port Access Control Method ............................................................. 14-6 14.2.4 Setting the Number of Users Per Port ................................................................ 14-7 14.2.5 Enabling/Disabling the DHCP Trigger Authentication......................................... 14-7 14.2.6 Setting the Authenticator-to-Supplicant Frame-Retry Times .............................. 14-7 14.2.7 Configuring the Timer Parameters ...................................................................... 14-7 14.2.8 Viewing 802.1x Information................................................................................. 14-8 14.3 802.1x Configuration Example....................................................................................... 14-8 14.3.1 802.1x Access (Local Authentication)................................................................. 14-9 14.3.2 802.1x Access (Remote Authentication)........................................................... 14-11 Chapter 15 ACL Configuration................................................................................................... 15-1 15.1 Introduction to ACL ........................................................................................................ 15-1 15.1.1 Overview ............................................................................................................. 15-1 15.1.2 Setting the Match Order ...................................................................................... 15-1 15.1.3 ACLs Supported by the MA5300......................................................................... 15-2 15.2 Configuring an ACL ....................................................................................................... 15-3 15.2.1 Setting the Time Range ...................................................................................... 15-3 15.2.2 Defining an ACL .................................................................................................. 15-4 15.2.3 Activating an ACL................................................................................................ 15-9 15.2.4 Viewing ACL Information................................................................................... 15-11 15.3 ACL Configuration Example ........................................................................................ 15-12 Chapter 16 QoS Configuration................................................................................................... 16-1 16.1 Overview ........................................................................................................................ 16-1 16.2 Configuring QoS ............................................................................................................ 16-5 16.2.1 Setting the Traffic Policing .................................................................................. 16-6
Table of Contents
16.2.2 Setting the Port Rate Limit .................................................................................. 16-7 16.2.3 Setting the Packet Redirection............................................................................ 16-7 16.2.4 Setting the Priority Tag........................................................................................ 16-7 16.2.5 Setting the Queue Scheduling ............................................................................ 16-9 16.2.6 Setting the Traffic Mirroring................................................................................. 16-9 16.2.7 Setting Traffic Statistics..................................................................................... 16-10 16.2.8 Viewing QoS Information .................................................................................. 16-11 16.3 QoS Configuration Example ........................................................................................ 16-12 Chapter 17 IP Performance Configuration................................................................................ 17-1 17.1 Configuring the TCP Attributes ...................................................................................... 17-1 17.2 Viewing and Debugging the IP Performance................................................................. 17-2 17.3 IP Performance Troubleshooting ................................................................................... 17-2 Chapter 18 Overview of IP Routing Protocol............................................................................ 18-1 18.1 IP Routing and Routing Table........................................................................................ 18-1 18.1.1 Route and Route Segment.................................................................................. 18-1 18.1.2 Route Selection through the Routing Table ........................................................ 18-2 18.2 Route Management Policy............................................................................................. 18-4 18.2.1 Routing Protocols and Routing Priority ............................................................... 18-4 18.2.2 Load Sharing and Route Backup ........................................................................ 18-5 18.3 Configuring a Static Route............................................................................................. 18-5 18.3.1 Overview ............................................................................................................. 18-5 18.3.2 Setting a Static Route ......................................................................................... 18-6 18.3.3 Viewing a Static Route ........................................................................................ 18-8 18.3.4 Static Route Configuration Example ................................................................... 18-9 18.3.5 Static Route Troubleshooting............................................................................ 18-10 18.4 Configuring OSPF........................................................................................................ 18-10 18.4.1 Overview ........................................................................................................... 18-10 18.4.2 Setting OSPF .................................................................................................... 18-15 18.4.3 Viewing OSPF Information................................................................................ 18-34 18.4.4 OSPF Configuration Example (Setting DR Election by OSPF Preference)...... 18-35 18.4.5 OSPF Configuration Example (Setting OSPF Virtual Links)............................. 18-38 18.4.6 OSPF Troubleshooting...................................................................................... 18-39
To Set the limit of MAC address learning for a port Configure system address aging MAC
Use mac-address-table max-mac-count no-limit slot (no) mac-address-table aging-time restore default-switch-mac-addr (no) mac-address-table mac-learning disable
In Global configuration mode Global configuration mode Global configuration mode Port configuration mode Global configuration mode/Port configuration mode All modes except the user EXEC mode
Restore the default MAC address of main control boards Enable/Disable the port MAC address learning
mac-address-table max-mac-count
show mac-address-table
Caution: The MA5300 does not support the parameters blackhole and permanent, the use of which will result in failure in adding addresses.
If necessary, the administrator is entitled to add, modify or delete items contained in the address table. To delete the unicast address items associated with a port, the administrator can run this command: mac-address-table { static | permanent | blackhole | dynamic } To delete the address items of a certain type, such as dynamic address items, static address items, permanent address items and blackhole address items, the administrator can run this command:
no mac-address-table { static | permanent | blackhole | dynamic } If an entered address already exits in the address table, you should modify the corresponding item by setting the port associated with the address as input port, and the property of the address item as input. The address item involves: Dynamic item Static item Permanent item Blackhole item This example shows how to add the static address 0800.4e35.dc71 to port Ethernet 7/2/1.
MA5300(config)#mac-address-table static 0800.4e35.dc71 interface e7/2/1 vlan 1
On the other hand, if the aging time is set too long, the idle address item will remain in the address table for too long. This will exhaust the resources of the address table, and make the MA5300 unable to update the address table in accordance with the networking change. As a result, a large number of packets will be broadcasted due to the failure in finding the destination addresses. Therefore, proper setting of the aging time is the prerequisite for putting the address aging function into full play. To properly configure address aging time, you can run this command: mac-address-table { aging-time age | table-full } To restore the default value of the address aging time, you can run the command no mac-address-table aging-time. The default value of address aging time is 300s.
2)
3)
You can view an MAC address table in light of the VLAN, port, and static/dynamic MAC address. View the MAC address by VLAN.
MA5300(config)#show mac-address-table vlan 1 MAC ADDR TIME 0020.ed2b.8c27 1 Learned Ethernet7/2/0 N/A VLAN ID STATE PORT INDEX AGING
DHCP client
DHCP server
Figure 9-1 DHCP Relay schematic diagram When the DHCP client starts up and performs DHCP initialization, it will broadcast the request packet on the local subnet. If there is a DHCP server on the local subnet (such as the Ethernet on the right side of the figure), the DHCP configuration is carried out directly without DHCP Relay. If there is no DHCP server on the local subnet (such as the Ethernet on the left side of the figure), the DHCP Relay network device (such as the MA5300 in the figure)
Huawei Technologies Proprietary 9-1
connected to the local subnet will process the received broadcast packets and forward them to a DHCP server on some other subnets. The DHCP server will then make associated configuration based on the information provided by the client and transmit the configuration information to the clients through the DHCP Relay. That completes the dynamic configuration for the clients.
dhcp-server select-mode
Add/Delete a client address table entry to/from the DHCP server group Create/Delete domain a DHCP
(no) dhcp-client
MAC
dhcp mac-range
View the information on a DHCP domain View the information on an MAC address segment Bind/Unbind a VLAN interface with/from a DHCP server group
show mac-range
(no) dhcp-server
To Enable/Disable the DHCP security features on a VLAN Set the corresponding gateway IP address of a DHCP domain Set the corresponding gateway IP address of an MAC address Bind/unbind a DHCP server group with/from a DHCP domain Set the range of an MAC address segment
In VLAN interface configuration mode VLAN interface configuration mode VLAN interface configuration mode DHCP domain configuration mode MAC address segment configuration mode MAC address segment configuration mode All modes except the user EXEC mode All modes except the user EXEC mode
dhcp mac-range
(no) dhcp-server
start end
Bind/Unbind the DHCP server group with/from an MAC address segment View the DHCP selection mode Server
(no) dhcp-server
View the information on a DHCP server group View the information on the information of DHCP Server group bound with a VLAN interface View the information on a client address table entry of a DHCP server group
show dhcp-server
show dhcp-client
Note that the secondary servers IP address cannot be configured independently. Instead, it must be configured together with the primary servers IP address. By default, the IP address of the DHCP server is not configured. To specify the IP address of the primary/secondary DHCP server, you can run this command: dhcp-server groupNo ip ipaddress1 [ ipaddress2 ] To delete the IP address, you can run the command no dhcp-server groupNo. This example shows how to set the IP addresses of primary and secondary DHCP servers in DHCP Server group 1 as 1.1.1.1 and 2.2.2.2 respectively.
MA5300(config)# dhcp-server 1 ip 1.1.1.1 2.2.2.2
option-60
mac-section
This example shows how to set Option60 as the DHCP Server selection mode.
MA5300(config)# dhcp-server select-mode option-60
After the setting, you can run the command show dhcp configuration to view the DHCP Server selection mode.
To view the information on a DHCP server group, you can run the command show dhcp-server. 2) View the DHCP Server selection mode.
To view the DHCP server selection mode, you can run the command show dhcp configuration.
MA5300(config)#show dhcp configuration DHCP relay mode: layer-3 DHCP server select mode: Option-60
This example shows how to view the client address table entries.
MA5300#show dhcp-client IP Address 2.2.2.2 3.3.3.3 MAC Address 0005.5d02.f2b2 0005.5d02.f2b3 Type Static Dynamic
To delete an MAC address segment, you can run the command no dhcp mac-range. This example shows how to create an MAC address segment, and name it as abc.
MA5300(config)# dhcp mac-range abc MA5300(mac-range-abc)#
III. Binding/Unbinding the DHCP server group with/from an MAC address segment
When the MAC address segment configuration mode is adopted for selecting DHCP server, DHCP packets destined to an MAC address segment will be forwarded to the DHCP server bound with the MAC address segment. An MAC address segment can only be bound with one DHCP server group. To bind a DHCP server group with an MAC address segment, you can run the command (no) dhcp-server group-number. This example shows how to bind MAC address segment abc with server group 3.
MA5300(mac-range-abc)# dhcp-server 3
Mac-start
Configure the uplink port for the DHCP L2 Relay View the configuration of DHCP L2/L3
This example shows how to set the DHCP Relay mode as L3.
MA5300(config)# dhcp relay-mode layer-3
Enabling/Disabling DHCP Option82 Setting Whether a DHCP packet Includes a Sub-option Setting the Maximum Length of DHCP Packets Viewing the Information on DHCP Option82 Configuration Table 9-3 lists the commands for configuring DHCP Option82. Table 9-3 Commands for configuring DHCP Option82 To Use In Global configuration mode/Port configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode
dhcp option82
Select mode
the DHCP
Relay
Configure the uplink port of DHCP L2 Relay Specify whether the sub-option is included in DHCP packets Set the maximum length of DHCP packets View the information on DHCP Option82 View the DHCP Option82 statistics Clear the DHCP Option82 statistics
To enable or disable the DHCP Option82 function, you can run a command in global configuration mode without entering any parameter. To enable or disable the DHCP Option82 function for a specific port or the associated PVC, you can run a command in either global configuration mode or Ethernet/VDSL/ADSL/SHDSL port configuration mode. Ports of ESM boards do not support the DHCP Option82 function. When setting the DHCP Option82 function for an ADSL port, note the follows: PVC parameters shall be input. The specified PVC is available. Selecting the parameter all will enable/disable the DHCP Option82 function for all PVCs of the ADSL port. Deleting a PVC will delete the DHCP Option82 configuration of the PVC. To enable the systems DHCP Option82 function, you can run the command dhcp option82 in global configuration mode. To disable the systems DHCP Option82, you can run the command no dhcp option82.
Frame relay DLCI ATM virtual Circuit No. Virtual circuit No. of cable data RID: Terminal circuit identifier, which is unique in the global. If the two options are excluded from DHCP packets, it means the DHCP Option82 function is disabled. By default, the two sub-options are included in DHCP packets. To include/exclude Circuit ID or Remote ID into DHCP packets, you can run the following command: dhcp option82 sub-option { circuit-id | remote-id } { enable | disable } This example shows how to set the Circuit ID sub-option included in DHCP packets, and set the Remote ID sub-option excluded from DHCP packets.
MA5300(config)# dhcp option82 sub-option MA5300(config)# dhcp option82 sub-option circuit-id remote-id enable disable
With the port specified but no PVC parameter input, the command displays the global configuration and configuration of the specified port (or the configuration of all PVCs under the port if it is an ADSL port). With both port and PVC parameters specified, the command displays the global configuration and configuration of the specified port (or the configuration of the specified PVC if it is an ADSL port).
1.99.255.36
1.88.255.36
MA5300(config-VLAN-Interface2)# dhcp-server 1
Configure the VLAN for the DHCP Server. The DHCP Server needs to be added to a VLAN. In this example, the DHCP Server and client are added to different VLANs: DHCP Server group 1 to VLAN 4000, DHCP Server group 2 to VLAN 3001
MA5300(config)# vlan 4000 MA5300(config-vlan4000)# switchport ethernet 7/1/0 MA5300(config)# interface vlan 4000 MA5300(config-VLAN-Interface4000)# ip address 1.99.255.1 255.255.0.0 MA5300(config)# vlan 3001 MA5300(config-vlan3001)# switchport ethernet 7/1/1 MA5300(config)# interface vlan 3001 MA5300(config-VLAN-Interface3001)# ip address 1.88.255.1 255.255.0.0.
This example shows how to view the configuration of a DHCP Server group in privileged mode.
MA5300# show dhcp-server 1
This example shows how to view the number of the DHCP Server group corresponding to the VLAN interface in privileged mode.
MA5300# show dhcp-server interface vlan-interface 2 MA5300# show dhcp-server interface vlan-interface 3
II. Troubleshooting
Perform the following procedure: 1) 2) Run the command show dhcp-server groupNo to check if the IP address of the corresponding DHCP server has been configured. Run the command show dhcp configuration to view the DHCP Server selection mode. If it is Option60 or MAC-Range mode, view whether the gateway is configured for the VLAN of the associated domain. 3) 4) 5) Run the commands show vlan and show ip to check if the VLAN and the corresponding interface IP address have been configured. Ping the configured DHCP server to ensure that the link is connected. Ping the IP address of the MA5300s VLAN interface which DHCP user belongs to. This is to make sure that the DHCP server can correctly find the route of the subnet the user is on. If the ping fails, check if the default gateway of the DHCP server has been configured as the address of the VLAN interface that it belongs to. If no problem is found in the above checks, you can run the command show dhcp-server groupNo to view what packets have been received. If there are only Discover packets and no Response packet, it means the DHCP server has not sent the message to the MA5300. In this case, you shall check if the DHCP server has been configured properly. If the numbers of request and response packets are normal in the above check, you can enable the debug dhcp-relay in privileged mode, and then run the command terminal debug to output the debugging information to the console. In this way, you can view the details about all DHCP packets on the console during applying for the IP address, which is helpful for locating the problem.
1) 2) 3)
First, host B stores the IP address and MAC address of the request initiator (namely host A) contained in the request to its own ARP mapping list. Next, host B returns host A the ARP response containing the MAC address of host B. Such response will be sent directly to host A rather than broadcasted. After receiving the response, host A extracts the IP address and the MAC address of host B, and adds them to its own ARP mapping list. Then it will transmit all data packets in the waiting queue destined for host B. Two PCs are located in different subnets (Proxy ARP)
ARP Proxy refers to the process where the ARP request sent from a host in a network to a host in another network is answered by the router of the two networks. For the host initiating the request, the router which deals with the request is the destination host. The router serves as the Proxy of the destination host by forwarding the packets to it. The involved ARP address translation is the same as last step. In general, ARP is implemented dynamically. The translation of IP address into MAC address can proceed without intervention from the Administrator. The following only introduces the configuration of static ARP.
This example shows how to add a static ARP item to establish the mapping between the IP address of 129.102.0.1 and the MAC address of 00e0.fc01.0000, and pass port Ethernet 7/1/1 of VLAN 1.
MA5300(config)#arp 129.102.0.1 00e0.fc01.0000 1 ethernet7/1/1
2)
3)
4)
MA5300 A vdsl 3/0/1 vdsl 3/0/7 MA5300 B vdsl 3/0/4 4 vdsl 3/0/1 vdsl 3/0/5 5 10 vdsl 3/0/2
MA5300 C
Figure 11-1 MA5300 network topology To simplify the descriptions, this example only describes the first four items of the configuration BPDU: Root ID (expressed with device priority) Path cost to the root Designated switch ID (expressed with device priority) Designated port ID (expressed with port number) As shown in Figure 11-1, the priority levels of MA5300 A, B and C are 0, 1 and 2 respectively, and the path costs of their links are 5, 10 and 4 respectively.
I. Initial state
When initialized, every port of a device will generate the configuration BPDU, in which the device itself serves as the root; root path cost is 0; the ID of the device is the ID of the designated device; and the local port is the designated port. See Table 11-1. Table 11-1 The configuration BPDU of each port Equipment Configuration item Configuration BPDU of vdsl 3/0/1 MA5300 A Configuration BPDU of vdsl 3/0/2 Configuration BPDU of vdsl 3/0/7 MA5300 B Configuration BPDU of vdsl 3/0/4 Configuration BPDU of vdsl 3/0/1 MA5300 C Configuration BPDU of vdsl 3/0/5 {2, 0, 2, vdsl 3/0/5} {1, 0, 1, vdsl 3/0/4} {2, 0, 2, vdsl 3/0/1} {0, 0, 0, vdsl 3/0/2} {1, 0, 1, vdsl 3/0/7} Data {0, 0, 0, vdsl 3/0/1}
III. Specifying the root port, block the redundant links and update the configuration BPDU of the designated port
1) 2) If a port receives the optimum configuration BPDU, the port will be the root port. Its configuration BPDU will remain the same. Other ports with configuration BPDU updated in step 2 will be blocked and not allowed to forward any data. In addition, these ports will only receive configuration BPDU, and their configuration BPDU will remain the same. 3) The port whose configuration BPDU is not updated in step 2 will be the designated port. Its configuration BPDU will be modified as follows: Replace the root ID with the root ID in the configuration BPDU of the root port. Replace the root path cost with the root path cost in the configuration BPDU of the root port plus the path cost corresponding to the root port. Replace the designated device ID with the local device ID. Replace the designated port ID with the local port ID. The comparison process of each switch is as follows: MA5300 A:
Port vdsl 3/0/1 receives the configuration BPDU from MA5300 B and finds out that the local configuration BPDU priority is higher than that of the received one, so it discards the received configuration BPDU. That is similar for port vdsl 3/0/2. Then MA5300 A finds itself to be both the root and the designated device in the configuration BPDU of every port; so MA5300 A regards itself as the root, and retains the configuration BPDU of each port. After that it will transmit configuration BPDU to others regularly. By now, the configuration BPDUs of the two ports are as follows: Configuration BPDU of port vdsl 3/0/1: {0, 0, 0, vdsl 3/0/1}. Configuration BPDU of port vdsl 3/0/2: {0, 0, 0, vdsl 3/0/2}. MA5300 B: Port vdsl 3/0/7 receives the configuration BPDU from MA5300 A and finds that the received BPDU has a higher priority than that of the local one, so it updates its configuration BPDU. Port vdsl 3/0/4 receives the configuration BPDU from MA5300 C and finds that priority of the local BPDU is higher than that of the received one, so it discards the received BPDU. At this moment, the configuration BPDUs of each port are as follows: Configuration BPDU of vdsl 3/0/7: {0, 0, 0, vdsl 3/0/1} Configuration BPDU of vdsl 3/0/4: {1, 0, 1, vdsl 3/0/4} MA5300 B compares the configuration BPDUs of the ports and selects port vdsl 3/0/7 BPDU as the optimum one. Therefore, vdsl 3/0/7 is elected as the root port, and the configuration BPDUs of MA5300 B ports are updated as follows. The configuration BPDU of the root port vdsl 3/0/7 retains as {0, 0, 0, vdsl 3/0/1}. Port vdsl 3/0/4 updates root ID with that in the optimum configuration BPDU, the path cost to root with 5, sets the designated device as the local device ID and the designated port ID as the local port ID. Thus the configuration BPDU becomes {0, 5, 1, vdsl 3/0/4}. After that, all the designated ports of MA5300 B transmit the configuration BPDUs regularly. MA5300 C: Port vdsl 3/0/1 receives from port vdsl 3/0/4 of MA5300 B the configuration BPDU {1, 0, 1, vdsl 3/0/4} that has not been updated. This triggers the update. As a result, the configuration BPDU is updated to {1, 0, 1, vdsl 3/0/4}.
Port vdsl 3/0/5 receives the configuration BPDU {0, 0, 0, vdsl 3/0/2} from MA5300 A. This triggers the update. As a result the configuration BPDU is updated to {0, 0, 0, vdsl 3/0/2}. After the above comparison process, configuration BPDU of port vdsl 3/0/5 is elected as the optimum one, and port vdsl 3/0/5 is thus designated as the root port. Its configuration BPDU will remain unchanged then. However, vdsl 3/0/1 will be blocked, but its BPDU also remains same. It will not receive the data (excluding the STP packet) forwarded from MA5300 B before spanning tree calculation is triggered again by some new events. For example, the link from MA5300 B to MA5300C is down, or the port receives a better configuration BPDU. Then port vdsl 3/0/1 will receive the updated configuration BPDU, {0, 5, 1, vdsl 3/0/4}, from MA5300 B. Since this configuration BPDU is better then the old one, the old BPDU will be updated to {0, 5, 1, vdsl 3/0/4}. Meanwhile, port vdsl 3/0/5 receives the configuration BPDU from MA5300 A, but its configuration BPDU will not be updated and remain {0, 0, 0, vdsl 3/0/2}. By comparison: The configuration BPDU of vdsl 3/0/1 is elected as the optimum one, and port vdsl 3/0/1 is elected as the root port, whose BPDU will not change. While port vdsl 3/0/5 will be blocked and retain its BPDU, but it will not receive the data forwarded from MA5300 A until spanning tree calculation is triggered again by some changes. For example, the link from MA5300 B to MA5300 C is down. By now, the spanning tree becomes stable. Figure 11-2 shows the tree in which MA5300 A is the root.
MA5300 A vdsl 3/0/1 vdsl 3/0/7 MA5300 B vdsl 3/0/4 4 vdsl 3/0/1 vdsl 3/0/5 5 vdsl 3/0/2
MA5300 C
Figure 11-2 Stable spanning tree Many things are simplified in this example for the ease of description. For example, the root ID and the designated device ID in actual calculation should comprise both device priority and device MAC address. Designated port ID should comprise port priority and
Huawei Technologies Proprietary 11-5
port MAC address. In the update process of a configuration BPDU, other configuration BPDUs besides the first four items will make modifications in light of certain rules. However, the process of calculations is basically the same as this.
Enable/Disable SPT
spanning-tree disable ]
enable
Set the priority of a specified bridge Set the Forward Delay of a specified bridge Set the Hello Time of a specified bridge Set the Max Age specified bridge of a
(no) forward-time
spanning-tree
Run mCheck
spanning-tree mcheck
Use
In Ethernet port configuration mode/VDSL port configuration mode Ethernet port configuration mode/VDSL port configuration mode Ethernet port configuration mode/VDSL port configuration mode Ethernet port configuration mode/VDSL port configuration mode Ethernet port configuration mode/VDSL port configuration mode All modes except the user EXEC mode Privileged mode
(no) transit-limit
spanning-tree
(no) port-priority
spanning-tree
To disable RSTP for a device, you can run the command spanning-tree disable. To restore the default value, you can run the command no spanning-tree.
has been propagated throughout the network before the data frame forwarding is resumed. The bridge Forward Delay is related to network diameter. So in general, you should set the Forward Delay to a larger value for a larger network diameter. If the Forward Delay is set too short, temporary redundant paths redundancy may be generated. If the Forward Delay is set too long, the recovery of network connection may take a long time. It is recommended that you use the default setting, which is 15 seconds. To set the value of Forward Delay, you can run the command spanning-tree forward-time. To restore the default value, you can run the command no spanning-tree forward-time.
To restore the default value, you can run the command no spanning-tree max-age.
Note that configuring path cost for the Ethernet port or VDSL port will cause recalculation of spanning tree. It is recommended to use the default value and let RSTP calculate the path cost on the current Ethernet port. By default, the bridge gets the path cost of a port in light of the link speed directly. To set the path cost of specified port, you can run the command spanning-tree cost. To restore the default value, you can run the command no spanning-tree cost.
To restore the default value, you can run the command no spanning-tree point-to-point.
69.110.1.1
Member device
Member device
Member device
Candidate device
Figure 12-1 Networking diagram of a cluster The advantages of a cluster are as follows: Simplifies the configuration management tasks.
To configure and manage multiple devices, you only need to implement operations on the command device. Provides topology discovery and collection function. Not limited by network topology structure. Saves IP address. Only one public network IP address is configured on the command device.
It refers to the device that is not a member of any cluster yet, but is well qualified to be a member device of a cluster. Figure 12-2 illustrates the rules for role switchover.
Candidate device
as e ted evic a ign dd es man D m co
Command device
Member device
Figure 12-2 Rules of changing roles Each cluster shall have one, but only one command device. The command device will identify and discover the candidate device by collecting Huawei Discovery Protocol / Huawei Topology Protocol (HDP/HTP) information. You can specify a candidate device as a member device of the cluster. A candidate device becomes a member device after it is added to a cluster. If a member device is removed from the cluster, it becomes a candidate device again. When setting the cluster functions, you shall configure the following in the command device: Enabling the HDP on the devices and ports Setting HDP parameters Enabling the HTP on the devices and ports Setting HTP parameters Enabling cluster functions Setting cluster parameters In addition, you shall configure the following for member devices and candidate devices: Enabling the HDP on the devices and ports Enabling cluster functions
HUAWEI Topology Protocol (HTP) Cluster Management Protocol The functions of HGMP are as follows.
I. HDP
HDP is used for discovering the information on the directly connected neighbors, including device type, software/hardware version, and connected ports. It can also provide the information on device ID, port address, device capability and hardware platform. The device that supports HDP transmits HDP packets to all ports. Meanwhile, it also receives HDP packets sent by neighboring devices and maintain the HDP information table in light of those packets. Features of HDP: HDP is only used for discovering the information on the directly connected neighbors. The device that supports HDP will not forward HDP packets after receiving them. HDP is not limited by STP. HDP packets can pass the ports blocked by STP.
II. HTP
HTP is used for collecting network topology information, providing the information on devices that can join a cluster. A topology collection device (such as a command switch) transmits topology a request packet to all devices in the network. The device that receives the request will send a response packet to the topology collection device, and copy the request packet to all its adjacent devices. The response packet consists of HDP information of the device and connection information of all its adjacent devices. Based on the analysis of these topology information, the topology collection device can learn the network topology structure. A command switch in a cluster can enable HTP to collect topology information periodically. The collection of topology information can also be performed manually aiming at the change of member devices, to ensure the switch can obtain the latest network topology information in time.
Note: For the command device, you shall enable HDP on the device and the port, and set the HDP parameters. While for member devices and candidate devices, you only need to enable HDP on the devices and relevant ports. When HDP runs, they will use the HDP parameters sent by the command device.
Table 12-1 lists the commands for configuring HDP. Table 12-1 Commands for configuring HDP To Enable/Disable global HDP Use (no) hdp run In Global configuration mode Port configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode Privileged mode
In general, HDP timer is supposed to be shorter than the HDP holdtime. Otherwise, HDP information table will be unstable. By default, HDP is transmitted every 60 seconds. To set HDP timer, you can run the command hdp timer. To restore the default value, you can run the command no hdp timer.
00e0.fc00.0020 Ethernet7/2/1
Version:
huawei Versatile Routing Platform Software VRP (tm) Lanswitch Platform Software Version V100R002B09D004 SmartAX MA5300 Software Version V100R002B02D002, RELEASE SOFTWARE Copyright (c) 2000-2002 By HUAWEI TECH CO., LTD. Compiled Jul 30 2002 18:14:59
Note: For the command device, you shall enable HTP on the device and port and set the HTP parameters. While for the member device and candidate device, you only need to enable HTP on the device and relevant ports and then they will use the HTP parameters sent by the command device during the protocol operation.
Table 12-2 lists the commands for configuring HTP. Table 12-2 Commands for configuring HTP To Enable/Disable global HTP (no) htp run Use In Global configuration mode Port configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Privileged mode All modes except the user EXEC mode
Set the topology collection range Set the delay for collected device to forward topology collection request Set the delay for collected port to forward topology collection request Set the topology collection interval Start the topology collection View HTP information
By default, the global HTP is enabled. To enable global HTP, you can run the command htp run. To disable global HTP, you can run the command no htp run.
To restore the default value, you can run the command no htp timer.
Hop Delay : 200 ms Port Delay: 20 ms Last collection total time: 0ms
This example shows how to view the devices list collected by HTP.
MA5300(config)#show htp device-list Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater MAC 00e0.fc00.0020 00e0.fc11.19c2 HOP 1 0 PLATFORM Quidway S2016 SmartAX MA5300 IP CAPABILITY TS RTS
Setting the Cluster Parameters Setting the Member Accessing Viewing Cluster Information
Note: For the command device, you shall enable the cluster function and set cluster parameters. For member devices and candidate devices, you only need to enable the cluster function. In this case, the command device can manage them.
Table 12-3 lists the commands for cluster management. Table 12-3 Commands for cluster management To Enable/Disable function cluster Use (no) cluster run (no) cluster ip-pool (no) cluster enable (no) cluster member cluster setup (no) cluster holdtime In Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Privileged mode Global configuration mode Global configuration mode
Set cluster IP address pool Specify the command device Add/Delete a cluster member manually Set up a cluster automatically Set cluster holdtime Set cluster timer to specify the handshaking message interval Add VLAN tag to cluster packets on the Trunk port Set the VLAN to which the command devices uplink ports belong Reset a member device Set/Cancel cluster security check Set the cluster FTP server
(no) cluster timer (no) cluster tagged trunk-port cluster uplink vlan-interface cluster reset member (no) cluster security cluster ftp server
To Set the cluster TFTP server Set the cluster NMS host Set the cluster log host Switch from the command device to a member device View cluster information
Use cluster tftp server cluster snmp host cluster logging host rcommand show cluster
In Global configuration mode Global configuration mode Global configuration mode Privileged mode All modes except the user EXEC mode
Note that you can only perform the above configuration before creating a cluster. If the cluster has already been created, then the IP address pool of the existing cluster cannot be modified. To set the cluster IP address pool, you can run the command cluster ip-pool. To restore the default value, you can run the command no cluster ip-pool.
MA5300(config)#cluster ip-pool 10.11.116.8 24
To delete specified member devices in a cluster, you can run the command no cluster member. This example shows how to add a cluster member: the number is 2, the MAC address is 00E0.fc00.2222 and the password to enter privileged mode is grandkey.
huawei_0. MA5300(config)# cluster member 2 mac-address 00E0.fc00.2222
password grandkey
Note: Adding/deleting a cluster member must be performed on a command device. Number assignation is not necessary for the newly added member device, since the command device will automatically assign a number for the member device. When a device is added into a cluster, the system will also automatically set the privileged user password of the new member device the same as that of the command device.
III. Adding the VLAN tag to cluster packets on the Trunk port
In cluster management, the HDP and part of the HTP and Cluster packets sent by the cluster device have no VLAN header of 802.1Q. However, in practice, when the MA5300s Trunk port connects with some devices (such as MA5100 and MA5105) for cluster management application, the opposite devices can only accept the packets with VLAN headers, or else the packets with no VLAN headers will be discarded, and cluster management cannot work normally. To forcedly add VLAN headers of 802.1Q to all cluster management packets sent by the Trunk port of the MA5300, you can run the command cluster tagged trunk-port. The VLAN added is 1, which is the managed VLAN of the cluster. To cancel the function, you can run the command no cluster tagged trunk-port. By default, the function is disabled. When the MA5300 connects with the MA5100 or the MA5105 through the Trunk port, and cluster management is required, this function must be enabled.
IV. Setting the VLAN to which the command devices uplink ports belong
In cluster management, an NMS can access a member device only through a managed IP address of the command device, while the IP address must belong to interface VLAN 1. If it belongs to other interface VLANs, the command device cannot implement NAT conversion correctly. However, when the MA5300 is used as an L3 forwarding device, its managed IP address is not necessarily configured in VLAN 1. Sometimes it is configured in other VLANs to which uplink ports belong. In this case, an NMS cannot access member devices when it uses the managed IP address of other VLANs. Hence, for the IP address that the MA5300 accesses currently, you must specify which VLAN it belongs to manually. If the managed IP address exists in VLAN 1 already, no setting is required. For example, the MA5300s uplink port Ethernet 7/2/3 belongs to VLAN 3. The IP address of interface-vlan 3 is 10.11.50.1, which is the IP address that the NMS accesses. The uplink port of the cluster device belongs to VLAN 3.
For example, you can delete the booting configuration file on the member device and reset it. This helps to recover the normal communication between command device and member devices. In general, messages within a cluster can only be forwarded in VLAN 1. If the user has performed any wrong configuration on a member device, such as setting the port (on the member devices) connected with the command device as a VLAN 2 port, communication between the command device and member device will fail. To solve the problem, the user can configure the VLAN checking function on a command device. Then messages sent by the command device to the member devices within the cluster will carry such information. When a member device receives the messages, it will automatically add a port into VLAN 1 if it finds that the port of received messages does not belong to VLAN 1. This helps to ensure normal communication with the command device. When running the command cluster reset member, you can decide whether to delete the configuration file with the eraseflash parameter. To perform VLAN security check in cluster internal communication, you can run the command cluster security. To cancel VLAN security check, you can run the command no cluster security.
VI. Setting FTP/TFTP server, SNMP and log hosts for a cluster
After setting up a cluster, you can configure the FTP/TFTP server, SNMP and log hosts for the cluster on a command device. Member devices can then access the configured server through the command device, and output trap and log messages to SNMP and the configured log host respectively. To configure the FTP server, you can run the command cluster ftp server. To configure the TFTP server, you can run the command cluster tftp server. To configure the SNMP host, you can run the command cluster snmp host. To configure the log host, you can run the command cluster logging host. This example shows how to configure the FTP server for the cluster.
MA5300(config)#cluster ftp server 164.23.1.100
Authorization is required when you switch from the command device to a member device. You can perform the switchover after you pass the authorization. However, if the privileged user password of the member device is different from that of the command device, the switchover will be rejected. The user level will be inherited from the command device after you switch to the member device. For example, the privileged user will retain as a privileged user after you switch from the command device to a member device. Authorization is also required when you switch from a member device to the command device. After passing the authorization, the system will enter user EXEC mode automatically. This example shows how to switch to the member device from the command device.
huawei_0.MA5300(config)#rcommand 1 Press CTRL_] to quit telnet mode. Trying ... ...
Connected to
huawei_1.Quidway#
This example shows how to switch back to the command device from the member device.
huawei_1.Quidway#exit The connection was closed by the remote host! huawei_0.MA5300(config)#
Connected to
huawei_1.MA5300(config)#load bootrom tftp cluster 0/9 Whether to load other boards of same type ? (y/n):[n]n Board name[EADA]: File name [eadaboot.app]: Whether to start loading? (y/n)[n]:y
Load(backup,duplicate,...) begins,please wait and notice the rate of progress. Any operation such as reboot or switchover will cause failure and unpredictable result. huawei_1.MA5300(config)#
INFO
MAJOR
2004-11-16 15:26:02
ALARM NAME
: Load start
PARAS INFO
This example shows how to back up the configuration file of a member device through TFTP.
huawei_1.MA5300(config)#tftp put vrpcfg.txt //cluster/vrpcfg.txt .. Uploading succeeds! huawei_1.MA5300_B(config)#
This example shows how to download files for a member device through FTP.
huawei_1.MA5300(config)#ftp cluster Trying ... Connected. 220-Serv-U FTP-Server v2.5f for WinSock ready... 220 This FTP server is an unregistered 45 day try-out version of Serv-U User(none):aaa 331 User name okay, need password. Password: 230 User logged in, proceed.
ftp>get SERV-U.ini serv-u.ini 200 PORT Command successful. 150 Opening ASCII mode data connection for SERV-U.ini (815 bytes). 226 Transfer complete. FTP: 815 byte(s) received in 0.270 second(s) 3.01Kbyte(s)/sec. ftp>bye 220 This FTP server is an unregistered 45 day try-out version of Serv-U
huawei_1.MA5300(config)#dir { <cr>|/all<K>|flash: }: Directory of flash:/ 0 * 1 * 2 3 -rw-rw-rw-rw5324224 11966048 4290 815 Nov 08 2004 11:00:54 Nov 08 2004 11:25:37 Nov 16 2004 16:07:51 Nov 16 2004 16:13:07 ma53esmar005b02d061.bin ma53io.bin vrpcfg.txt serv-u.ini
Heartbeat interval:8 Heartbeat hold-time:80 IP-Pool:10.11.116.8/24 No logging host configured. No SNMP host configured. No FTP server configured. No TFTP server configured.
! Enable HDP and HTP on the device and on a port. ! Enable the cluster function. 2) Set the command device.
! Enable HDP and HTP on the device and on a port. ! Enable the cluster function.
Huawei Technologies Proprietary 12-22
! Set the IP address pool within the cluster. ! Set up the cluster (by specifying the command device). ! Start the topology information collection process (optional). ! Add/delete cluster members (manual or auto). ! Configure the FTP server, TFTP server, log host and SNMP host within the cluster.
SNMP host /logging host 63.172.55.4 FTP server/ TFTP server 63.172.55.1 Network
Cluster
Command device
Member device
Member device
Figure 12-3 Networking diagram of cluster management Assume that three MA5300s form a cluster and the command device manages two member devices. The command device is connected to the two member devices through ports Ethernet 7/1/1 and Ethernet 7/1/2. It is connected to the external network through port Ethernet 7/1/0, which belongs to VLAN 2. The IP address of VLAN 2 is 163.172.55.1. The IP address pool used by cluster members: 172.16.0.1, 255.255.255.248 For the FTP/TFTP server The same FTP server and TFTP server are used within the entire cluster. The IP address of the FTP/TFTP server: 63.172.55.1 The IP address of NM server and log host: 69.172.55.4
2)
! Enable HDP on the device and HDP on ports Ethernet 7/1/1 and Ethernet 7/1/2.
MA5300(config)#hdp run MA5300(config)#interface ethernet7/1/1 MA5300(config-if-Ethernet7/1/1)#hdp enable MA5300(config-if-Ethernet7/1/1)#exit MA5300(config)#interface ethernet7/1/2 MA5300(config-if-Ethernet7/1/2)#hdp enable
! Enable HTP on the device and HTP on ports Ethernet 7/1/1 and Ethernet 7/1/2.
MA5300(config)#htp run MA5300(config)#interface ethernet7/1/1 MA5300(config-if-Ethernet7/1/1)# htp enable MA5300(config-if-Ethernet7/1/1)#exit MA5300(config)#interface ethernet7/1/2 MA5300(config-if-Ethernet7/1/2)# htp enable
! Set the IP address pool within the cluster, with the start address 172.16.0.1. There are eight addresses in total.
MA5300(config)#cluster ip-pool 172.16.0.1 255.255.255.248
! Configure the FTP server, TFTP server, log host and SNMP host within the cluster.
huawei_0.MA5300(config)#cluster ftp server 63.172.55.1 huawei_0.MA5300(config)#cluster tftp server 63.172.55.1 huawei_0.MA5300(config)#cluster snmp host 69.172.55.4 huawei_0.MA5300(config)#cluster logging host 69.172.55.4
IV. Verification
With the above steps, member devices are added successfully.
Remote Authentication Dial-In User Service (RADIUS), is a kind of distributed information switching protocol in Client/Server architecture. It is often used for managing a large number of scattered dial-in users. RADIUS server performs AAA through a simple user database, and adjusts the information on a users services in light of the users service type and authority. A Network Access Server (NAS) serves as a client of RADIUS. Through the NAS, a user can send its AAA request to a designated RADIUS server. To access other networks or gain the authority for using some network resources, a user needs to connect to a NAS through one certain network. In this case, the NAS will forward the users AAA information to the RADIUS server. The RADIUS protocol regulates how to transmit the user information and accounting information between the NAS and the RADIUS server. The RADIUS server is responsible for the following: Receiving user connection requests Authenticating users Returning all configuration information necessary for the client to the NAS The authentication information is transmitted between the NAS and RADIUS using the cipher keys. A user's password can be transmitted on the network only when it is encrypted. This is to prevent the information from being intercepted or stolen. The RADIUS configuration only defines some parameters between the NAS and the RADIUS server. To validate those parameters, a RADIUS solution needs to be configured in domain configuration mode. Besides, the RADIUS authentication and accounting are specified.
MA5300 ISP1 L2
authen-scheme
acct-scheme radius-scheme
To Set the ISP domain state Set the number of access users allowed in the ISP domain Set the idle-cut attribute Set the attributes Specify domain user the template ISP
In ISP domain configuration mode ISP domain configuration mode ISP domain configuration mode ISP domain configuration mode Global configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode / display All modes except the user EXEC mode All modes except the user EXEC mode
access-limit
idle-cut data user-template global setting domain-default (no) user set user AAA
default
Add/Delete a local user Modify a local user View the information View the information relevant
show aaa
AAA
statistic
View the relevant information on the authentication/authorization scheme table View the relevant information on the accounting scheme table View the information connection
show connect
View the relevant information on the ISP domain View the relevant information on a local user
show user
After one authentication/authorization scheme is added, the scheme is effective only when it is explicitly used in a certain user field (specifying a user category). When the system quotes the radius authentication/authorization scheme, you need to configure the RADIUS server. For details, refer to 13.3 Configuring RADIUS. The remote RADIUS server shall have been configured with relevant user information. When the system quotes the local authentication/authorization scheme, you need to add local users to the system and set the attributes of the users. When the system quotes the simple authentication/authorization scheme, once there exists a local user using that scheme, that user only needs to input its user name to enjoy the network service.
Note: The second authentication/authorization method is a policy used for a second authentication/authorization when there is no result from the first authentication/authorization, (for example, when the remote RADIUS server has generated no response). The second-time authentication/authorization method is optional. It is not configured by default. If the first-time authentication/authorization gives a clear result, such as a rejection response from the RADIUS server), there is no need to perform the second authentication/authorization. The local and simple authentication/authorization methods are similar. They cannot be used as the first and second authentication/authorization methods at the same time.
Where, enable indicates to enable accounting on the user. offline indicates to disconnect the user when the accounting fails.
Since users from different ISPs may have different attributes (like the composition of user name and password, service type/authority and accounting modes), the MA5300 supports multiple ISP domains application. For example, an MA5300 may be used to connect users from both an ISP 163 and users from another ISP 169 at the same time. In ISP domain configuration mode of the MA5300, you can configure a complete set of exclusive ISP domain attributes for each ISP domain, including the AAA policy (authentication/authorization method, accounting method, and the RADIUS server group used). For the MA5300, each access user belongs to one ISP domain. If a user does not report its ISP domain name, the system will put it into the default domain.
authentication/authorization scheme to be used. Then this scheme will be applied to all users under this ISP domain. This example shows how to specify the authentication/authorization scheme named auth to be used by the domain huawei163.net.
MA5300(config-isp-huawei163.net)#authen-scheme auth
IV. Specifying the RADIUS server group used by the ISP domain
To quote an accounting scheme in the ISP domain, you need to configure it first. For details on the RADIUS server group configuration, refer to 13.3 Configuring RADIUS. If the RADIUS authentication or accounting is required, you can run the command radius-scheme to specify the RADIUS server group used by the ISP domain. By default, the default RADIUS server group is used. This example shows how to specify the server group radius1 to be used by the domain huawei163.net for authentication and accounting.
MA5300(config-isp-huawei163.net)# radius-scheme radius1
VI. Setting the number of access users allowed in the ISP domain
By default, there is no limit on the number of access users for any ISP domain. However, since the MA5300 supports up to 1024 access users at the same time, there is a limit on the number of access users in an ISP domain. To set the maximum number of users allowed in the ISP, you can run the command access-limit.
MA5300(config-isp-huawei163.net)#access-limit enable 30
By default, the maximum idle time is 30 minutes and the minimum traffic is 3000 bytes. To set the idle-cut period and the traffic limit, you can run the command idle-cut.
MA5300(config-isp-huawei163.net)#idle-cut data 20 2000
Where, enable indicates to set the default ISP domain. yes indicates that, for a user not reporting its ISP domain name, the system will put it to the default domain and add that name to the user name. Note: If the system is not configured with a default ISP domain, the access users who have not reported the domain name are not allowed to obtain any network service.
A local user can be in active or block state. If the user is in block state, the user is not allowed to request for any network service. To modify the state, you can run the command set user username state.
View AAA statistic information View the authentication/authorization scheme table View the account scheme table
show connect
View relevant information on the ISP domain View relevant information on a local user
show domain:
show user
of primary/secondary RADIUS servers with the same configuration but two different IP addresses. So, the attributes of each RADIUS server group include IP addresses of the primary and secondary servers, shared key and RADIUS server type. In fact, RADIUS configuration only defines some necessary parameters using for information switching between the NAS and RADIUS Server. To validate these parameters, you need to configure, in the configuration mode, an ISP domain to use the RADIUS server group and specify it to use RADIUS AAA schemes. For more about the configuration commands, refer to 13.2 Configuring AAA. The configuration of RADIUS involves: Creating/Deleting a RADIUS Server Group Setting the IP Address and Port Number of RADIUS Server Setting the Encryption Key of RADIUS Packet Setting the Response Timeout Timer of RADIUS Server Setting the Retransmit Times of RADIUS Request Packet Setting the Realtime Accounting Interval Setting the Maximum Failure Count of Realtime Accounting Request Setting the Maximum Times for Resending Account-Stop Request Setting the RADIUS Server Type Setting the RADIUS Server State Setting the Format of Username Sent to RADIUS Server Viewing RADIUS Information Table 13-3 lists the commands for configuring RADIUS. Table 13-3 Commands for configuring RADIUS To Create/Delete server group a RADIUS Use (no) radius-server host In Global configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode
Set the IP address and port number of RADIUS server Set the IP address and port number of primary/secondary accounting servers Set the encryption key of authentication/authorization packets Set the encryption key of accounting packets
key auth
key acct
To Set the response timeout timer of RADIUS server Set the retransmit times of RADIUS request packets Set the realtime accounting interval Set the maximum failure count of realtime accounting request Set the retransmit times of account-stop request packet timeout
Use
In RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode RADIUS server group configuration mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode Privileged mode
retransmit
realtime-acct-timeout
permit-failed-count
resend-acctstop-pkt
server-type
state
username-format
info
View the statistic information on RADIUS packets View the relevant parameters and states of RADIUS server groups View the stop accounting request packets that have not received response Clear the statistic information on RADIUS packet Delete the account-stop request packets that have not received response
show radius-sum
show radius-setting
Privileged mode
Table 13-4 Parameter description Parameter primary auth Description Used to set the IP address and port number of the primary RADIUS authentication/authorization server. Used to set the IP address and port number of the primary RADIUS accounting server.
primary acct
Description Used to set the IP address and port number of the secondary RADIUS authentication/authorization server. Used to set the IP address and port number of the secondary RADIUS accounting server.
second acct
In a real application, you need to set the above parameters based on the actual requirements. For example, you may Specify four groups of different data to map four RADIUS servers. Specify two servers as the primary and secondary authentication/authorization/account servers to each other. You can specify "A" as the primary authentication/authorization server and the secondary accounting server, while specifying "B" as the secondary authentication/authorization server and the primary accounting server. Set four groups of same data so that each server functions as both the primary and secondary server. To guarantee the normal interaction between the MA5300 and RADIUS server, you need to ensure the normal routes between the RADIUS server and the MA5300 before setting the IP address and UDP port of the RADIUS server. In addition, because RADIUS protocol uses different UDP ports to receive or transmit authentication/authorization and accounting packets, you need to set the number of an authentication/authorization port different from that of an accounting port. Suggested by RFC2138/2139, the authentication/authorization port number is 1812 and the accounting port number is 1813. However, you may use values other than the suggested ones. (Especially for some earlier RADIUS Servers, the authentication/authorization port number is often set to 1645 and the accounting port number is 1646.) Make sure that settings of the RADIUS service port on the MA5300 are consistent with those on RADIUS server.
By default, the keys are all huawei. To set the RADIUS authentication/authorization packet key, you can run the command key auth. To set the RADIUS accounting packet key, you can run the command key acct.
MA5300(config-radius-radius1)# key auth money MA5300(config-radius-radius1)# key acct money
RADIUS are required. When there are a large number of users (equal to or more than 1000), we suggest a larger value. Table 13-5 lists the recommended ratios of the realtime accounting interval to the number of users. Table 13-5 Recommended ratio of realtime accounting interval to number of users Number of users 1 to 99 100 to 499 500 to 999 1000 Realtime accounting interval (minute) 3 6 12 15
To
set
the
realtime
accounting
interval,
you
can
run
the
command
realtime-acct-timeout.
MA5300(config-radius-radius1)#realtime-acct-timeout 12
authentication/authorization server or an accounting server), if the primary is disconnected from the MA5300 due to a fault, the MA5300 will automatically turn to exchange packets with the secondary server. However, after the primary one recovers, the MA5300 will not resume the communication with it at once. Instead, it continues communicating with the secondary one. The MA5300 will turn to the primary one again only when the secondary one also fails. You can run the command state to set the primary server state to up. In such a case, the communication between the NAS and the primary server can recover right after a fault is removed.
Huawei Technologies Proprietary 13-18
By default, the state of each server in a RADIUS server group is down. After configuring the IP address of each server, its state will become up. When the primary and secondary servers are both up or down at the same time, the MA5300 will send the packets to the primary server only.
Note: If it is specified that a RADIUS server group does not allow usernames carrying ISP domain names, the RADIUS server group shall not be at the same time used in more than one domain. Otherwise, the RADIUS server will mistake the two users in different domains as the same user since they have the same username.
show radius-setting Displays related parameters and state of a RADIUS server group. show noresponse-acctstop-pkt Displays the stop accounting request packets that have not received response. delete noresponse-acctstop-pkt Deletes the stop accounting request packets that have not received response.
6)
There might be some communication fault between the MA5300 and RADIUS server, which can be discovered through running ping RADIUS command server on MA5300. To avoid this, make sure that the communication between the MA5300 and RADIUS is normal.
III. Fault 3: User cannot send charging bill to the RADIUS server after being authenticated and authorized.
Troubleshooting: 1) If the ISP domain including the user has not adopted the accounting scheme and the system is configured not to keep accounting by default, the users bill will not be sent to the RADIUS server. In this case, make sure that the ISP domain including the user explicitly adopts RADIUS server for accounting. 2) The accounting port number may be set improperly. To avoid this, set a proper number. 3) The accounting service and authentication/authorization service are provided on different servers, but the NAS requires the services to be provided on one server (by specifying the same IP address). To avoid this, make sure the settings of servers are based on the actual conditions. 4) Local accounting and disabling RADIUS accounting may have been configured in the AAA accounting scheme.
So if accounting by RADIUS server is adopted, you need to enable RADIUS accounting in AAA accounting scheme explicitly.
The LAN access control device needs to provide the Authenticator System of 802.1x. The devices at the user side such as the computers need to be installed with the 802.1x client Supplicant software, for example, the 802.1x client provided by Huawei. (or by Microsoft Windows XP). The 802.1x Authentication Sever system normally stays in the carriers AAA center. Authenticator and Authentication Sever exchange information through EAP frames. The Supplicant and the Authenticator exchange information through the EAPoL frame defined by IEEE 802.1x. Authentication data are encapsulated in the EAP frame, which is to be encapsulated in the packets of other AAA upper layer protocols (namely RADIUS) so as to go through the complicated network to reach the Authentication Server. Such procedure is called EAP Relay. (EAP and EAPoL are short for Extensible Authentication Protocol and Extensible Authentication Protocol over LANs respectively). There are two types of ports for the Authenticator. One is the Uncontrolled Port, and the other is the Controlled Port. The Uncontrolled Port is always in bi-directional connection state. The user can access and share the network resources any time through the ports. The Controlled Port will be in connecting state only after the user passes the authentication. Then the user is allowed to access the network resources. Figure 14-1 shows the 802.1x system architecture.
Authenticator PAE
Uncontrolled Port
EAPoL LAN
RADIUS
Access Allowed
Figure 14-2 802.1x authentication process From the above introduction, we can see that 802.1x provides a solution to authentication based on user ID. However, 802.1x itself is not enough to implement the plan. The administrator of the access device should configure the AAA scheme by selecting RADIUS or local authentication so as to assist 802.1x to implement the authentication based on user ID. For detailed description of AAA, refer to 13.2 Configuring AAA.
Enabling/Disabling the DHCP Trigger Authentication Setting the Authenticator-to-Supplicant Frame-Retry Times Configuring the Timer Parameters Viewing 802.1x Information Table 14-1 lists the commands for configuring 802.1x. Table 14-1 Commands for configuring 802.1x To Enable/Disable 802.1x Use (no) dot1x Global mode/Port mode Global mode/Port mode Global mode/Port mode Global mode/Port mode dot1x Global mode Global mode Global mode In configuration configuration configuration configuration configuration configuration configuration configuration configuration
Set the port access control mode Set the port access control method Set the maximum number of users per port Enable the DHCP trigger authentication Set the Authenticator-to-Supplicant frame-retransmit times Set the timer parameter View the 802.1x information
dot1x port-control
dot1x port-method
configuration
configuration
Note: You can configure 802.1x on a single port, but it will take effect only right after 802.1x is enabled globally. Do not enable 802.1x and RSTP at the same time. Otherwise the normal operation of MA5300 may not be guaranteed.
Default values of these timers are: quiet-period-value: 60s. tx-period-value: 30s. supp-timeout-value: 30s. server-timeout-value: 100s.
E V
E A FE71/0
D D A A
ESM
MA5300
RTU
RTU
PC1
PC2
Figure 14-3 802.1x access network (local authentication) 1) PC1 connects to port 0/0/0 on the EVDA board of the MA5300. PC2 connects to port 1/0/0 on the EADA board of the MA5300. PC1 and PC2 are installed with 802.1x client software. 2) 3) 4) 5) The IP address of the DHCP server is 10.1.3.1/24, and its gateway is 10.1.3.254. ADSL/VDSL ports are activated through the default profiles. The ADSL RTU works in 1483B mode, and its VPI/VCI is 0/35. Local authentication is adopted for 802.1x users, and no accounting is performed.
MA5300(config)#no smart MA5300(config)#vlan 100 MA5300(config-vlan100)#vlan-type smart MA5300(config-vlan100)#svlan-upport gigabitEthernet 7/1/0 MA5300(config-vlan100)#svlan-downport vdsl 0/0/0 MA5300(config-vlan100)#svlan-downport adsl 1/0/0 MA5300(config-vlan100)#exit
2)
3)
4)
5) 6)
Set the MAC address control. Add an accounting scheme and an authentication scheme.
MA5300(config)#aaa accounting test disable New acct scheme. MA5300(config)#aaa authentication test local New authen scheme.
7)
Add a domain, and bind it with the authentication and accounting schemes.
MA5300(config)#domain huawei New Domain added. MA5300(config-isp-huawei)#acct-scheme test MA5300(config-isp-huawei)#authen-scheme test MA5300(config-isp-huawei)#state active MA5300(config-isp-huawei)#exit
8)
IV. Verification
With the above steps, the dialup from PC1 and PC2 respectively succeeds. After dialup succeeds, both PC1 and PC2 can ping the Server.
ESM
MA5300
LPU LPU
S8016
RTU
RTU
Figure 14-4 802.1x access network (remote authentication) 1) PC1 connects to port 0/0/0 on the EVDA board of the MA5300. PC2 connects to port 1/0/0 on the EADA board of the MA5300. PC1 and PC2 are installed with 802.1x client software. 2) 3) 4) 5) The IP address of the DHCP server is 10.1.3.1/24, and its gateway is 10.1.3.254. ADSL/VDSL ports are activated through the default profiles. The ADSL RTU works in 1483B mode, and its VPI/VCI is 0/35. The S8016 is configured with VLAN 100 and VLAN 200. VLAN 100 corresponds to the L3 interface of 10.1.1.254/24; VLAN 200 corresponds to the L3 interface of 10.1.3.254/24. The DHCP relay is enabled on the S8016.
MA5300(config)#no smart MA5300(config)#vlan 100 MA5300(config-vlan100)#vlan-type smart MA5300(config-vlan100)#svlan-upport gigabitEthernet 7/1/0 MA5300(config-vlan100)#svlan-downport vdsl 0/0/0 MA5300(config-vlan100)#svlan-downport adsl 1/0/0 MA5300(config-vlan100)#exit
2)
3)
4)
5) 6)
Set the MAC address control. Add an accounting scheme and an authentication scheme, and set the Radius server.
MA5300(config)#aaa accounting test enable offline New acct scheme. MA5300(config)#aaa authentication test radius next local MA5300(config)#radius-server host test MA5300(config-radius-test)#primary auth 10.10.1.1 MA5300(config-radius-test)#primary acct 10.10.1.2 MA5300(config-radius-test)#second auth 10.10.1.2 MA5300(config-radius-test)#second acct 10.10.1.1 MA5300(config-radius-test)#key auth huawei MA5300(config-radius-test)#key acct huawei MA5300(config-radius-test)#exit New authen scheme.
7)
Add a domain, and bind it with the authentication and accounting schemes.
MA5300(config)#domain huawei New Domain added. MA5300(config-isp-huawei)#acct-scheme test MA5300(config-isp-huawei)#authen-scheme test MA5300(config-isp-huawei)#radius-scheme test MA5300(config-isp-huawei)#state active MA5300(config-isp-huawei)#exit
8)
IV. Verification
With the above steps, the dialup from PC1 and PC2 respectively succeeds. After dialup succeeds, both PC1 and PC2 can ping the server.
Huawei Technologies Proprietary 14-12
For example, 129.102.1.1 0.0.0.0 specifies a host, 129.102.1.1, while 129.102.1.1 0.0.255.255 specifies a network segment, 129.102.0.1129.102.255.255. Obviously, the former listed ahead of the latter in the ACL. The specific standard is as follows: For a standard ACL, the source address wildcards are compared directly. If the wildcards are the same, follow the configuration sequence. For an extended ACL, the source address wildcards are compared first. If the wildcards are the same, the destination address wildcards are then compared. If the destination address wildcards are again the same, the ranges of port numbers will be compared, and the port number with smaller range will be listed ahead. If the port numbers are still in the same range, follow the configuration sequence.
Item Sub-rules that can be defined by one equipment Number of absolute time range Number of periodic time range
Max. No.
Create/Delete the absolute time range Create/Delete the periodic time range View the information time range
There are two kinds of time ranges, absolute and periodic time ranges.
Huawei Technologies Proprietary 15-3
The absolute time range is in the form of year/month/day/hour/minute. The periodic time range is in the form of the week/hour/minute.
This example shows how to set a time range to be valid when it is configured until 22:00, Dec 10th, 2000.
MA5300 (config-timerange-wend2)# absolute end 22:00 12-10-2000
Table 15-3 lists the commands for defining the numbered standard ACL. Table 15-3 Commands for defining the numbered standard ACL To Define a numbered standard ACL Use access-list access-list-number1 { deny | permit | } { source-addr source-wildcard | any } [ fragments ] [ time-range time-range-name ] access-list access-list-number2 { permit | deny } [ protocol ] [ established ] { source-addr source-wildcard | any } [ operator port1 [ port2 ] ] { dest-addr dest-wildcard | any } [ operator port1 [ port2 ] ] [ icmp-type [ icmp-code ] ] [ fragments ] { [ precedence precedence ] [ tos tos ] | [ dscp dscp ] } [ time-range time-range-name ] access-list access-list-number3 { permit | deny } [ protocol ] [ cos vlan-pri ] ingress { { [ source-vlan-id ] [ source-mac-addr source-mac-wildcard ] } | any } egress { { dest-mac-addr dest-mac-wildcard } | any } [ time-range time-range-name ] access-list access-list-number4 { permit | deny } { rule-string rule-mask offset }&<1-20> [ time-range time-range-name ] access-list access-list-number match-order { config | auto } no access-list { all | { access-list-number | access-list-name } [subitem ] } Global mode In configuration
Global mode
configuration
Define an L2 ACL
Global mode
configuration
Define a user-defined ACL Define the match order of ACL Delete ACLs or sub-rules
Global mode
configuration
configuration
configuration
When defining the ACL, you can run the command access-list for times to define multiple rules for an ACL. 2) Define a named standard ACL.
Table 15-4 lists the commands for defining the named standard ACL. Perform these configurations in corresponding mode.
Table 15-4 Commands for defining the named standard ACL To Create/Enter the named standard ACL mode (global configuration mode) Define a standard ACL (named standard ACL mode) Create/Enter the named extended ACL mode (global configuration mode) Use access-list standard name [ match order { config | auto } ] { permit | deny } { source-addr source-wildcard | any } [ fragments ] [ time-range time-range-name ] access-list extended [ match-order { config | auto } ] name
ACL
(named
{ permit | deny } [ protocol ] [ established ] { source-addr source-wildcard | any } [ operator port1 [ port2 ] ] { dest-addr dest-wildcard | any } [ operator port1 [ port2 ] ] [ icmp-type [ icmp-code ] ] { [ precedence precedence ] [ tos tos ] | [ dscp dscp ] } [ fragments ] [ time-range time-range-name ] access-list link name [ match-order { config | auto } ] { permit | deny } [ protocol ] [ cos vlan-pri ] ingress { { [ source-vlan-id ] [ source-mac-addr source-mac-wildcard ] } | any } egress { { dest-mac-addr dest-mac-wildcard } | any } [ time-range time-range-name ] access-list user name [ match-order { config | auto } ] { permit | deny } { rule-string rule-mask offset }&<1-20> [ time-range time-range-name ]
Define an L2 ACL
(global
When defining an ACL, you can run the command { permit | deny } for times to define multiple rules for the ACL. Besides, once the user specifies the match order of an ACL, he/she cannot modify it later.
Table 15-5 Parameter description Parameter permit deny time-range fragment Description Allows the pass-through of the desired packets. Denies the pass-through of the desired packets. Indicates that the ACL is effective within the time range. Indicates that the ACL is effective only to fragmented packets. Indicates that the ACL is effective only to the first SYN packet after the establishment of TCP. Specifies the IP priority. Classifies the data packets based on DSCP values which range 063. Classifies the data packets based on ToS values which range 015. Specifies an 802.1p priority level, in the range of 07. Specifies the source information of data packets. Specifies the destination information of data packets.
3)
Example
This example shows how to set a rule for ACL 1 to deny the packets sent by host 202.110.10.10.
MA5300(config)# access-list 1 deny 202.110.10.10 0
This example shows how to set a rule for standard ACL example to deny the packets sent by host 202.110.10.10.
MA5300 (config)# access-list standard example MA5300 (config-std-nacl-example)# deny 202.110.10.10 0
This example shows how to create an L2 ACL named example and specify its match order as auto.
MA5300 (config)# access-list link example match-order auto
The standard ACL is defined on the basis of L3 source IP address, and processes the data packets. The classification rules are defined on the basis of packet attributes such as the source IP, destination IP, TCP or UDP port number in use and the packet priority. The extended ACL is able to analyze three kinds of packet priorities, including 802.1p priority, IP priority and DSCP priority. The rules of L2 ACL are defined on the basis of the L2 information such as source MAC address, source VLAN ID, L2 protocol type, L2 ports receiving and forwarding the packet and destination MAC address to process the data packets. The user defined ACL matches any of the first 80 bytes in L2 data frames and processes them accordingly.
Figure 15-1 Schematic diagram of the first 64 bytes of data frames The description and offset values of each letter in the above figure are shown in Table 15-6. Table 15-6 Description of each letter and their offset values Letter A Meaning Destination address Source address MAC Offset 0 Letter O Meaning TTL field Protocol number (6 refers to TCP and 17 refers to UDP) IP checksum Source IP address Destination address IP Offset 34
MAC
35
C D E
Length field of data frame VLAN tag field DSAP (Destination Service Access Point) field SSAP (Source Service Access Point) field
12 14 18
Q R S
36 38 42
19
46
Letter G H I J K L M N
Meaning Ctrl field org code field Encapsulated data type IP version number ToS field IP packet length ID number Flags field
Offset 20 21 24 26 27 28 30 32
Meaning destination
Offset 48 50 54 58 59 60 62
Serial number Acknowledgement field IP header length and reserved bit Reserved bit and flags bit Window Size field Others
In Table 15-6, the offset of each field is their offset in the 802.3 data frame of SNAP + tag. For the user defined ACL, user can use the rule mask and offset parameters to extract any byte from the first 80 bytes of data frame, and then compare the extracted byte with user defined rules to filter matched data frames for processing. User defined rules can be some certain attributes of the data. To filter all TCP messages, you can define the rule as 06, rule mask as FF and offset as 35. Then the rule mask and offset will work together to extract the contents in the TCP protocol number field of the received data frame to compare with the rules, and then find all the matched TCP messages.
Note: At present, user defined ACL is only applicable for filtering snap+tagged data frames, which are compliant with 802.3 standards. Table 15-6 only lists the statistics of the ESMA/ESME board. For the ESMB board, it does not have the letters E, F, G, and H. Starting from letter I, each offset value is 8 less than the corresponding value of the ESMA/ESME board.
To activate the L2 and L3 ACLs at the same time, make sure that the actions of the combination items are consistent. If the actions conflict (one is permit and the other is deny), they cannot be activated. The MA5300 activates L2 and L3 ACLs by the following means: the sub-rule 1 of the L2 ACL group combines with the sub-rule 1 of the L3 ACL group, and the sub-rule 2 of the L2 ACL group combines with the sub-rule 2 of the L3 ACL group, and so on. If the sub-rules of the two ACL groups are not identical, then the unmatched sub-rules will be activated respectively. To activate/deactivate an ACL, you can run the following command in global configuration mode: (no) access-group { user-group { access-list-number | access-list-name } [ subitem subitem ] { in | out } | { [ ip-group { access-list-number | access-list-name } [ subitem subitem ] { in | out } ] [ link-group { access-list-number | access-list-name } [ subitem subitem ] { in | out } ] } } Table 15-7 Parameter description Parameter in out user-group ip-group link-group Input direction Output direction Indicates user defined ACLs. Indicates standard or extended ACLs. Indicates L2 ACLs. Indicates which sub-item in an ACL to be activated, in the range from 0 to 127. With this parameter not specified, it indicates all sub-items in an ACL will be activated. Description
subitem
This example shows how to activate ACL 1 and ACL 200 of port vdsl 2/0/0.
MA5300(config-if-Vdsl2/0/0)# access-group ip-group 1 link-group 200 in
Note: The ACL configured for an ADSL port or SHDSL port is only applicable to IP packets. If an ACL is configured for an ADSL or SHDSL port, the ACL is also applicable to other ports on the same board.
MA5300
Financial Dept.
Management Dept.
Figure 15-2 Access control configuration example Different departments on a company network are interconnected through the ports vdsl 2/0/0vdsl 2/0/2 of the MA5300. The payment query server of the Financial Dept. is connected to the MA5300 through Ethernet 7/1/0 (at 129.110.1.2). It is required to properly set the ACL and prohibit the departments other than the Office of President to access the payment query server between 8:00 am and
12:00 am. The Office of President (at 129.111.1.2) can access the server at any time without limitation.
Note: Only the commands related to ACL configuration are listed below.
1)
2)
! Define the rules for other department to access the payment server.
MA5300(config-ext-nacl-traffic-to-payserver)# 0.0.0.0 time-range time-on-duty deny ip any 129.110.1.2
! Define the rules for the Office of President to access the payment server.
MA5300(config-ext-nacl-traffic-to-payserver)# permit ip 129.111.1.2 0.0.0.0 129.110.1.2 0.0.0.0
3)
I. Traffic
Traffic refers to all packets passing through an MA5300.
VI. Redirection
You can specify a new port to forward the packets on the QoS policy on demand.
Figure 16-1 Priority queue diagram The PQ is specially designed for the key services application. A significant feature of the key service is the demand for service priority to reduce the response delay when congestion occurs. The PQ divides all packets into up to four kinds: High-priority queue Medium-priority queue Normal-priority queue Low-priority queues These four queues are indicated as the Queue 3, 2, 1 and 0 in turn, whose priorities descend one by one. The queue scheduling strictly obeys the descend priority order. The PQ gives preference to and forwards the packets in the higher-priority queue first. When the higher-priority queue is empty, it will send the packets in the lower-priority group. In this way, the key service packets are put in the higher-priority queue and the non-key service packets, like E-mail, are put in the lower-priority queue. This ensures that the key service packets are transmitted first, while the non-key service packets are transmitted during the idle gaps of key service traffic processing. The PQ has a drawback. When congestion occurs, if there are many packets queuing in the higher-priority queue, which will take a long time to transmit, the packets in the lower-priority queue will be starved without service.
2)
WRR
WRR defines 4 or 8 egress queues for each port. The round scheduling ensures every queue gets some time of service. For example, you can set the weight value of the WRR algorithm for 100M port as 50, 30, 10 and 10 (corresponding to the w3, w2, w1 and w0 respectively). Thus the low-priority queue can be guaranteed to get the minimum bandwidth of 10 Mbit/s, avoiding the case in PQ scheduling that the messages in the lower-priority queues may not get any service for a long time. Another advantage of WRR is that the service time is assigned to each queue flexibly, although it is the round multiple queue scheduling. When a queue is empty, it will switch to the next queue at once, making good use of the bandwidth resource. 3) Delay bounded WRR
Compared with common WRR, the Delay bounded WRR is special in that it guarantees packets in the highest-priority queue to be forwarded before the specified delay times out.
X. Traffic mirroring
This function is to copy the specified data packets to the monitor port for network diagnosis and troubleshooting.
(no) line-rate
Set/Cancel redirection
the
packet
(no) traffic-redirect
(no) mirrored-to
subitem
ip-group link-group
This example shows how to set traffic restriction on those packets received by port vdsl 2/0/0. The packets match rule permit in ACL1. The normal traffic flow is set as 50 Mbps. The packets that exceed the flow will be discarded.
MA5300(config-if-Vdsl2/0/0)# rate-limit input ip-group 1 50 exceed-action drop
This example shows how to redirect the packets matching the rule permit of ACL 1 at port vdsl 2/0/0 to port vdsl 2/0/1,
MA5300(config-if-Vdsl2/0/0)# traffic-redirect ip-group 1 interface vdsl2/0/1
subitem ] ] [ link-group { access-list-number | access-list-name } [ subitem subitem ] ] } } { [ dscp dscp-value ] [ ip-precedence { pre-value | from-cos } ] [ cos { pre-value | from-ipprec } ] [ local-precedence pre-value ] } Table 16-3 Parameter description Parameter dscp ip-precedence from-cos cos from-ipprec local-precedence Description Classifies the data packets based on DSCP values which range 063. Specifies the IP priority which range 07. Specifies the IP priority the same as 802.1p priority. Specifies an 802.1p priority level, in the range of 07. Specifies 802.1p priority the same as IP priority. Specifies local priority, in the range of 07.
Note: The description of other parameters is the same as that of traffic policing.
This example shows how to tag the packets matching the rule permit of ACL 1 at port vdsl 2/0/0, and set the local preference to 0.
MA5300(config-if-Vdsl2/0/0)# local-precedence 0 traffic-priority input ip-group 1
The MA5300 supports to tag the packets with the following: IP precedence (specified by ip-precedence in the command traffic-priority) DSCP (specified by dscp in the command traffic-priority) 802.1p preference (specified by cos in the command traffic-priority) You can tag the packets with different priority levels at requirements on QoS policy. The MA5300 puts the packets into corresponding egress queues in light of the 802.1p preference or the local preference (specified by local-precedence in the command traffic-priority). If both the 802.1p preference and local preference have been specified in the command traffic-priority, the MA5300 will put the packets into corresponding queues in light of the 802.1p preference first.
Note: When WRR algorithm or delay bound WRR algorithm is adopted, the queue weight of all queues totals 100. The ESMA board supports up to 4 queues, and adopts an 8- bit weight for every queue. The bandwidth allocated to a queue is in direct proportion to the weight of the queue. The ESMB board supports up to 8 queues, and uses a 4-bit weight (15 is the maximum) for every queue. Therefore, the bandwidth allocated to a queue shall be calculated by the maximum weight of 15.
This example shows how to set the queue for the ESMA board as WRR, the weight of four queues is 20, 20, 30, 30 respectively.
MA5300(config)# queue-scheduler wrr 20 20 30 30
This example shows how to set the queue for the ESMB board as WRR, and the weights of eight queues are 10, 10, 10, 10, 10, 10, 20, and 20 respectively.
MA5300(config)#queue-scheduler wrr 10 10 10 10 10 10 20 20
After the setting, the actual weights of the eight queues are 10, 10, 10, 10, 10, 10, 15, and 15 respectively.
mirrored-to { input | output } { user-group { access-list-number | access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number | access-list-name } [ subitem subitem ] ] [ link-group { access-list-number | access-list-name } [subitem subitem ] ] } } [ interface interface-name | interface-type interface-num ]
This example shows how to mirror the packets which are received by port Ethernet 7/1/0 and matching the rule permit of ACL1 to port Ethernet 7/1/1.
MA5300(config-if-Ethernet7/1/0)# e7/1/1 mirrored-to input ip-group 1 interface
{ [ ip-group { access-list-number |
This example shows how to perform traffic statistics on the packets received by port vdsl 2/0/0 and matching the rule permit of ACL1.
MA5300(config-if-Vdsl2/0/0)# traffic-statistic input ip-group 1
show queue-scheduler
This example shows how to display the parameter setting of traffic limit.
MA5300# show qos-interface rate-limit Ethernet7/1/1: rate-limit Input: Matches: access-list 1 subitem 0 Target rate: 10 Mbps Ethernet7/1/2: rate-limit Input: Matches: access-list 10 subitem 0 running running
This example shows how to display the queue scheduling mode and parameters.
MA5300#show queue-scheduler Queue scheduling mode: strict-priority
MA5300
Financial Dept.
Management Dept.
Figure 16-2 QoS configuration example Different departments on a company network are interconnected through ports vdsl 2/0/0vdsl 2/0/of the MA5300. The payment query server of the Financial Dept. is connected to the MA5300 through port Ethernet 7/1/0 (at 129.110.1.2). It is required to limit the traffic from other department to the server to 20 M at most. Set the DSCP preference of those not matching the rule to 1.
2)
! Set the average rate of the traffic-to-payserver to 20 M, and the DSCP of the packets exceeding average rate to 1.
MA5300(config-if-Vdsl2/0/0)# rate-limit input ip-group traffic-to-payserver 20 exceed-action set-dscp-value 1 MA5300(config-if-Vdsl2/0/1)# rate-limit input ip-group traffic-to-payserver 20 exceed-action set-dscp-value 1 MA5300(config-if-Vdsl2/0/2)# rate-limit input ip-group traffic-to-payserver 20 exceed-action set-dscp-value 1
Restore the default setting of TCP synwait timer Set the time of FIN_WAIT_2 timer TCP
Restore the default setting for the time of TCP FIN_WAIT_2 timer Set the size of the TCP Socket receive & transmit buffer Restore the default setting for the size of the TCP Socket receive & transmit buffer
no tcp window-size
View the IP VLAN interface list Enable/Disable the IP debugging switch Enable/Disable debugging switch the TCP
show ip interface
debug ip packet debug tcp packet debug tcp transaction debug udp
Enable the output of TCP session debugging switch Enable the output debugging switch of UDP
A
Segment
R R R
Figure 18-1 Concept of route segment As the network may vary greatly in size, the actual length of each route segment is quite different. Hence, the path length in different networks can be measured with the number of route segments multiplied by a weighted coefficient. Suppose that a router is a node in the networks, and a route segment is a link in the interconnected networks, the routing in the interconnected networks is similar to that in a simple network. A route with a minimum of hops may not be the optimal selection. For example, the route passing three routing hops of LANs may be much faster than that passing two route segments of WANs.
Output interface It indicates from which interface of the router an IP packet will be forwarded. Next hop IP address It indicates the next router that an IP packet will pass. Routing protocol type It includes local direct, OSPF, RIP, static. Route priority It refers to the priority of a route in the IP routing table. For the same destination, there may be several routes with different next hops. These routes may be discovered by different routing protocols, or static routes configured manually. The route with the highest priority (smallest value) will be the optimal one. Multiple routes with different priorities to the same destination can be configured, and only one route is selected for IP packet forwarding according to the priority. Based on the destination of a route, the routes can be classified as: Subnetwork route, whose destination is a subnetwork. Host route, whose destination is a host. Based on the connection mode between the destination and the router, it can be classified as: Direct routing Network of the destination is directly connected to the router. Indirect routing Network of the destination is not directly connected to the router. To avoid too large a routing table, a default route can be defined. Once a packet fails to find a route in the routing table, the default route will be selected for forwarding. For complex interconnected networks as in Figure 18-2, the digit in each network is the network address. Router 8 is connected with three networks. It has three IP addresses and three physical ports. Its routing table is as shown in the diagram.
16.0.0.2 15.0.0.2 15.0.0.0 15.0.0.1 R2 14.0.0.2 13.0.0.1 14.0.0.0 R1 14.0.0.1 12.0.0.3 12.0.0.2 12.0.0.0 R3 13.0.0.2 13.0.0.0 13.0.0.4 16.0.0.0 R6 16.0.0.2
Routing table of Router8 Network of the destination host 10.0.0.0 11.0.0.0 12.0.0.0 13.0.0.0 14.0.0.0 15.0.0.0 16.0.0.0 Forward from which router Directly Directly 11.0.0.2 Directly 13.0.0.2 10.0.0.2 10.0.0.2 Via which port 2 1 1 3 3 2 2
R5 13.0.0.3
11.0.0.2 R4 12.0.0.1
In this table, "0" indicates the direct route, and "255" indicates any route from an unknown source. Except for the direct route (DIRECT) and the BGP (IBGP, EBGP), the priority of each dynamic routing protocol can be defined as required. Additionally, the priority of each static route can be different.
When a static route to a destination has the "reject" attribute, all the IP packets to this destination will be discarded, and the source host will be informed that the destination is unreachable. Blackhole route When a static route to a destination is of the "blackhole" attribute, all the IP packets to this destination will be discarded, and the source host will not be informed. The attributes "reject" and "blackhole" are usually used to control the range of reachable destinations of a router and help to troubleshoot the network faults.
Global mode
configuration
To
Use no ip route ip-address { mask | mask-length } [ interface-type interface number | gateway-address ] [ preference value ] ip route 0.0.0.0 { 0.0.0.0 | 0 } { interface-type interface -number | gateway-address } [ preference value ] [ reject | blackhole ] no ip route 0.0.0.0 { 0.0.0.0 | 0 } [ interface-type interface -number | gateway-address ] [ preference value ]
In
Global mode
configuration
Global mode
configuration
Global mode
configuration
The ip-address is in dotted decimal notation. Since 1s in 32-bit mask must be consecutive, the mask can be indicated either in the dotted decimal format or in mask length. (Mask length refers to the number of 1s in a mask). 2) Sending interface or next hop address
In defining a static route, you can specify the sending interface (interface-type interface number), or the next hop address (gateway-address). Whether to specify the sending interface or the next hop address depends on the actual conditions. In the following cases, the sending interface can be specified: For an interface supporting resolution from the network address to the link layer address (such as the Ethernet interface that supports ARP), when ip-address and mask (or mask-length) together specify a host address, and this destination address is in the directly connected network, the sending interface can be specified. For a point-to-point interface, the address of the peer interface connected to this one is that of the next hop of the route. So you can specify the sending interface by just designating the next hop address. In fact, all route entries shall specify the next hop address. When sending IP packets, the router first finds the route included in the routing table according to the destination address of the packets. Once the next hop IP address is specified, the router can find the corresponding link layer address, and forward IP packets to the address. 3) Priority
For configuring preference-value, you can apply the routing management policy flexibly.
In one command, the preference value can be input multi-times, but only the latest one is valid. 4) Other parameters
The attributes reject and blackhole respectively indicates the unreachable route and the blackhole route. This example shows how to set t the next hop for the default route to 129.102.0.2.
MA5300(config)# ip route 0.0.0.0 0.0.0.0 129.102.0.2
1.1.3.1/24 1.1.3.2/24
MA5300 C
1.1.4.2/24
Figure 18-3 Networking diagram of the static route configuration example As shown in Figure 18-3, the mask of all the IP addresses in the figure is 255.255.255.0. It is required that all the hosts or MA5300s be interconnected in pairs through static routes.
! Set the default gateway of the Host A to be 1.1.5.2 ! Set the default gateway of the Host B to be 1.1.4.2 ! Set the default gateway of the Host C to be 1.1.1.2 By now, all the hosts or MA5300s in the figure can be interconnected in pairs.
Multicast Packets can be broadcasted on the link layer using the multicast address. The whole network can be regarded as consisting of multiple ASs. Information synchronization of the ASs can be realized through dynamical discovery and transmission of the AS link status. Each AS can also be further divided into several areas. If the interfaces of a router are allocated to multiple areas, this router is called an Area Border Router (ABR). An ABR is located at the area boundary and is connected to multiple areas. All ABRs and the routers between the ABRs comprise a backbone area. (The backbone area is identified with area 0) As all areas shall be connected with the backbone area, the concept of virtual link is introduced to ensure that logical connectivity remains between in the physically divided areas. The router that exchanges routing information with other ASs is called Autonomous System Boundary Router (ASBR), which advertises AS external routes in the whole autonomous system.
state. Then the number of adjacency relations between the routers on a multi-access network is greatly reduced. In OSPF, interface-based packet authentication is used to ensure the security of route calculation; and packets can be transmitted and received in the IP multicast mode.
To run OSPF, a router must have a router ID. If no ID is configured, the system will automatically select an IP address from the current interface IP addresses as the Router ID. 2) DR and BDR DR
Huawei Technologies Proprietary 18-12
Suppose there is a broadcast network where the routers are directly connected without other in-between routing devices. To enable the individual routers to broadcast the information of their local statuses to the whole AS, all routers in the environment should set up adjacency. In this case, a route change of any router will result in many information deliveries, which are both unnecessary and a waste of bandwidth. In order to solve the problem, OSPF defines the DR. All the routers only need to transmit information to the DR for broadcasting the network link states. Which router can be the DR in its segment is not specified manually. Rather, DR is elected by all the routers in the segment. BDR If the DR fails due to some fault, a new DR must be elected by and synchronized with the other routers on the segment. In this process, which will take a relatively long time, the route calculation is incorrect. To shorten this process, BDR is defined in OSPF. BDR is a backup for DR. DR and BDR are elected in the meantime. The adjacencies are also set up between the BDR and all the routers on the segment, and routing information is exchanged between them. If the DR in use fails, the BDR will become a DR immediately. 3) Area
As the growing of network size and increasing of routers, a great deal of OSFP packets will be generated and transmitted in the network. This will lower the network bandwidth utility. In addition, each change will cause all the routes in the network to compute the route again. To solve the above problems, OSPF divides an AS into different areas. Areas logically group the routers. The borders of areas are some routers. A router connects the backbone area and a non-backbone area is called ABR. An ABR can connect to the backbone area either physically or logically. 4) Backbone area and virtual link Backbone area Not all OSPF areas are equal. One area is different from all other areas. Its area ID is 0 and it is usually called the backbone area. Virtual link Since all OSPF areas should be connected logically, virtual link is adopted so that the physically separated areas can still maintain the logic connectivity. 5) Route summary
AS is divided into different areas which are interconnected through OSPF ABRs. The routing information between areas can be reduced through route summary. This help to reduce the size of routing table and improve the calculation speed of the router.
After finding an intra-area route of an area, the ABR will look up the routing table and encapsulate each OSPF route into an LSA and send it outside the area.
To Set OSPF NSSA Set the route summarization between OSPF areas Set/Cancel OSPF virtual links Set the area authentication Set plaintext authentication Set MD5 authentication Redistribute routes of other protocols Set the parameters for OSPF to redistribute external routes Redistribute default routes into the OSPF routing table Set route preference Set the OSPF route filtering Set the MTU filling for an interface transmitting DD packets Disable/Enable an interface to send OSPF packets
Use (no) area nssa (no) area range (no) area virtual-link (no)area authentication (no) ip ospf authentication-key (no) ip ospf message-digest-key (no) redistribute (no) default redistribute (no) default-information originate (no) preference (no) distribute-list
In OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode
(no) passive-interface
I. Enabling/Disabling OSPF
To enable OSPF and enter OSPF configuration mode, you can run the command router ospf. To disable OSPF, you can run the command no router ospf. By default, OSPF is disabled.
To set/cancel the router ID, you can run the command (no) router-id. This example shows how to set the MA5300s ID as 10.1.1.3.
MA5300 (config)# router id 10.1.1.3
Note: Enabling OSPF is related to a segment. wildcard-mask is similar to the reverse mask of IP address. Where, 1 indicates the corresponding bit in an IP address is ignored, while 0 indicates the bit is reserved. For 10.121101.1/16, the wildcard mask should be 0.0.255.255. area-id is the ID of an area where a router locates. To assure OSPF works normally, the area ID of all routers belonging to a specific area must be the same.
Broadcast: If Ethernet or FDDI is adopted, the default network type of OSPF is broadcast. Non-Broadcast Multi-access (NBMA) If ATM is adopted as a link layer protocol, the default network type of OSPFis NBMA. Point-to-Multipoint (p2mp) No link layer protocol is regarded to be p2mp by default. A p2mp network must be compulsorily changed from other network types. The common practice is to change a non fully matched NBMA into a p2mp network. Point-to-point (p2p) When the link layer protocol is PPP, LAPB or POS, the default network type of OSPF is p2p. NBMA refers to Non Broadcast MultiAccess networks. ATM network is a typical NBMA network. You can specify the transmit interval for the Hello packet between adjacent routers before the adjacency is set up. The following configuration is recommended: The interface can be configured as the non-broadcast mode on the broadcast network without multi-access capability. If direct access is not available to all routers in the NBMA network, the interface type can be configured as point-to-multipoint. If router has only one opposite end in the NBMA network, interface type can be changed to point-to-point. The following describes the differences between NBMA and point-to-multipoint: In OSPF, NBMA refers fully connected, nonbroadcast and multi-access networks. In comparison, a point-to-multipoint network does not necessarily require the network to be fully connected. Both DR and BDR should be elected on NBMA. However, there is no DR or BDR in the point-to-multipoint network. NBMA is a default network type. For example, if the link layer protocol is ATM, OSPF regards the network type is NBMA by default (no matter whether the network is fully connected or not). However, point-to-multipoint network is not the default network type. You have to manually change another network type to point-to-multipoint. (The most common practice is to change a non-fully connected NBMA into a point-to-multipoint network.) In the NBMA network, packet is unicast. The neighbors must be configured manually. However, in the point-to-multipoint network, the packet is broadcast. Since the link layer of the MA5300 is Ethernet, OSPF takes the network type as broadcast. Usually, do not change the network type. After the interface has been configured with a new network type, the original network type of the interface is removed automatically.
Huawei Technologies Proprietary 18-18
To set the network type for an interface, you can run the command ip ospf network. To restore the default setting, you can run the command no ip ospf network. This example shows how to set the network type for interface VLAN-Interface1 to NBMA.
MA5300(config)# interface vlan-interface 1 MA5300(config-Vlan-Interface1)# ip ospf network non-broadcast
If the DR is unavailable due to some fault, a new DR should be elected and be synchronized. This may be time consuming, and route calculation is incorrect during the process. To shorten the process, OSPF puts forward the concept of BDR. BDR is actually a backup of DR and is elected together with DR. BDR also creates adjacency with all routers in the local network segment and exchanges routing information with them. When DR fails, BDR will become DR immediately without re-election. With the adjacency already created, this takeover process is instant. Of course, a new BDR needs to be elected again. It may take a long time, but this will not affect the route calculation. The following shall be noted: DR in the network segment is not necessarily the router with the highest priority. Similarly, BDR is not necessarily the router with the second highest priority. For example, if a new router is added after the DR and BDR are elected, this new router will not become the DR of the network segment even it has the highest priority. DR is a concept adopted in a specific network segment, and defined in regard to the interface of the router. A router may be the DR on one interface or BDR/DR Other on another interface. DR will be elected only on a broadcast interface or an NBMA interface. It is unnecessary for DR election on a point-to-point interface or a point-to-multipoint interface. By default, the priority of the Interface is 1 in the DR election. The value can be taken from 0 to 255. To set the interface priority in DR election, you can run the command ip ospf priority. To restore the default setting, you can run the command no ip ospf priority. This example shows how to set the priority of interface VLAN-Interface 1 in DR election to 8.
MA5300(config)# interface vlan-interface 1 MA5300(config-Vlan-Interface1)# ip ospf priority 8
Note that after the network type is modified, hello interval and dead interval are both restored to the default values. To set the dead interval between adjacent routers, you can run the command ip ospf dead-interval. To restore the default setting, you can run the command no ip ospf dead-interval. For example, set the dead interval for the neighbors on interface VLAN-Interface 1 to 60s.
Stub area is an optional attribute, but not all areas comply with the configuration condition. Usually, a Stub area is located at the boundary of the autonomous system, namely a non-backbone area where there is only one ABR. To ensure that the route outside the area is still reachable, ABR of this area generates a default route (0.0.0.0) and advertises it to other non-ABR routers in the area. In Stub area configuration, pay attention to the following points: The backbone area cannot be set as a Stub area and virtual link cannot go through a Stub area. To set an area as a Stub area, all routers in this area must be configured with this attribute. There should be no ASBRs in Stub area. That is, the external routes of AS cannot be redistributed to the interior of the area. By default, Stub area is not configured. The cost for sending the route to the Stub area is 1. To set an area as a Stub area, or to cancel the setting, you can run the command area area-id stub [ no-summary ]. To set the cost of the default route sent to Stub area, you can run the command area area-id default-cost. To restore the default setting, you can run the command no area area-id default-cost. Parameter description: no-summary: Forbids the ABR to send Type 3 LSAs to Stub area, to reduce LSAs sent to the Stub area This example shows how to set OSPF area 1 as a Stub area, and forbid ABR to send Summary LSAs to the Stub area.
MA5300(config-router-ospf)# area 1 stub no-summary
Also, there are other two ASs respectively running RIP. Area 1 is defined as an NSSA. After RIP routes of the Area 1 are propagated to the NSSA ASBR, the NSSA ASBR will generate Type-7 LSAs which will be propagated in Area 1. When the Type-7 LSAs reach the NSSA ABR, the NSSA ABR will transform it into Type-5 LSA, which will be propagated to Area 0 and Area 2. On the other hand, RIP routes of the AS running RIP will be transformed into Type-5 LSAs that will be propagated in the OSPF AS. However, Type-5 LSAs will not reach Area 1 because Area 1 is an NSSA. NSSAs and Stub areas have the same approach in this aspect. Similar to a Stub area, the NSSA cannot be configured with virtual links.
RIP NSSA ABR area1 NSSA NSSA ASBR
area2
area0
RIP
Figure 18-4 NSSA area All the routers connected to the NSSA should run the command nssa to set the area with the NSSA attribute. To set an area as an NSSA area or to cancel the setting, you can run this command: (no) area area-id nssa [ default-information-originate ] [ no-redistribute ] [ no-summary ] To set the default cost value of the route to the NSSA, you can run the command area area-id default-cost. To restore the default setting, you can run the command no area area-id default-cost. Table 18-5 Parameter description Parameter Description Used to generate the default Type-7 LSAs. The default Type-7 LSA route will be generated on an ABR, even though no default route 0.0.0.0 is in the routing table. On an ASBR, however, the default Type-7 LSA route can be generated only if the default route 0.0.0.0 is in the routing table.
default-information-originate
Parameter
Description Used on the ASBR to prevent the external routes that OSPF imported through the command import-route from advertising to the NSSA. Generally, if an NSSA router is both the ASBR and ABR, this keyword will be used. Disables ABRs sending of summary_net LSAs (Type-3 LSA) to the NSSA. This is to reduce the number of LSAs sent to the NSSA.
no-redistribute
no-summary
Note: Before running the command, you need to run the command network to specify the area range first. Or the system prompts that the area is not configured. By default, no Stub area is configured. The cost of the default route to the Stub area is 1.
They are to be summarized into one network segment: 202.38.0.0 255.255.0.0 Once the summarized network segment of a specific network is added to an area, the internal routes within this summarized segment of the area will not be broadcasted separately to other areas. Instead, only the route summary of the entire summarized network segment will be broadcasted. If the network segment range is defined with the key word notadvertise, the route summary of the network segment will not be broadcasted. This network segment is described with the IP address/mask. Receiving the summarized network segment and defining the network segment can reduce the volume of the routing information exchanged between areas. Note that route summarization is only effective when configured on an ABR. By default, routes are not summarized between areas. To set/cancel OSPF route summarization between areas, you can run this command: (no) area area-id range address mask [advertise | notadvertise] Table 18-6 Parameter description Parameter advertise Description Broadcasts the routes that reach the network segment to other areas. Indicates the routes that reach the network segment will not be broadcasted, for shielding of some network segments which external areas cannot access.
notadvertise
This example shows how to summarize the two network segments 36.42.10.0 and 36.42.110.0 of OSPF area 1 into one summarized route 36.42.0.0, and send it to other areas.
MA5300(config-router-ospf)# network 36.42.10.0 MA5300(config-router-ospf)# network 36.42.110.0 0.255.255.255 area 1 0.0.0.255 area 1
If physical connectivity cannot be ensured due to the limitation of the network topological structure, setting up a virtual link can address this requirement. A virtual link is a logic connection created in the internal route area of a non-backbone area between two ABRs. At both ends of the virtual link are two ABRs. Virtual link configuration will be effective only when it is configured at both ends simultaneously. The virtual link is identified by the peer router ID. The area providing the internal route in a non-backbone area is called a Transit Area. Its area ID should also be specified in virtual link configuration. The virtual link will be activated after the route passing through the Transit Area has been calculated. This is like a point-to-point connection between two end points. On this virtual, various interface parameters (such as the transmit interval of the Hello packet) can be configured, just as the same case on a physical interface. "Logic Channel" means that multiple routers running OSPF between two ABRs only function to forward packets (since destination addresses of the protocol packets are not the routers, the packets are transparent to the routers and are transmitted as ordinary IP packets.); whereas routing information are transmitted directly between two ABRs. The synchronization mode of routers in this Transit Area is not changed. Note that if the AS is divided into more than one area, the following conditions must be met: One of them must be the backbone area. Other areas must be connected with the backbone area directly or logically. The backbone area itself should be connected. Perform these operations in OSPF configuration mode. Table 18-7 Creating and setting virtual link To Use area area-id virtual-link router-id [ hello-interval seconds] [retransmit-interval seconds] [transmit-delay seconds] [dead-interval seconds] [ authentication-key password | message-digest-key keyid md5 key ] no area area-id virtual-link router-id In
created
By default, area-id and router-id have no default values. The default value of other parameters: hello-interval: 10s. retransmit-interval: 5s
transmit-delay: 1s dead-interval: 40s. This example shows how to create a virtual link from 36.0.0.0 to 36.3.4.5, and adopts MD5 authentication.
MA5300(config-router-ospf)# area 36.0.0.0 virtual-link 36.3.4.5 MA5300(config-router-ospf)# message-digest-key 3 md5 345 area 36.0.0.0 virtual-link 36.3.4.5
This example shows how to set area 10.12.10.1 to use MA5 authentication.
MA5300(config-router-ospf)#area 10.12.10.1 authentication message-digest
Table 18-8 Configuring packet authentication mode To Set the plaintext authentication for packets on the interface Cancel the use of plaintext authentication for packets on the interface Set the use of MD5 authentication for packets on the interface Cancel the use of MD5 authentication for packets on the interface Use ip ospf authentication-key password no ip ospf authentication-key ip ospf message-digest-key key-id md5 key no ip ospf message-digest-key In VLAN interface configuration mode VLAN interface configuration mode VLAN interface configuration mode VLAN interface configuration mode
Note: The plaintext authentication password is valid only when plaintext authentication is configured. The MD5 authentication password is valid only when MD5 authentication is configured.
This example shows how to set plaintext authentication for interface VLAN1 to authenticate OSPF packets, and the password is abcdefgh.
MA5300(config)# interface vlan-interface 1 MA5300(config-Vlan-Interface1)# ip ospf authentication-key abcdefgh
The Intra-area route and inter-area route describe the network structure inside the AS. The external route describes how to select the route to a destination outside the AS. External route Type 1: Indicates that IGP routes are received (such as RIP, STATIC). Since this type of routes is more credible, the calculated cost of the external route and the cost of the route inside the AS are in the same numeric level and it is comparable with the cost of the OSPF route. That is, Cost of Type 1 external route = Cost from the local router to the corresponding ASBR = Cost from the ASBR to the destination address of the route. External route Type 2: Indicates that EGP routes are received. Since this type of route is less credible, OSPF protocol considers that the cost from the ASBR to the outside of the AS is much greater than that from inside the AS to the ASBR. Only the former cost is taken into consideration when calculating the routing cost. That is, Cost to external route Type 2 = Cost from ASBR to the route destination address. If the values are equal, then also consider the cost from the local router to the corresponding ASBR. To redistribute/cancel route information of other protocols, you can run this command: (no) redistribute protocol [ metric metric ] [ tag tag-value ] [ type 1 | 2 ] [ route-map map-name ] protocol specifies the source routing protocols that can be redistributed. At present, they are connected, static, rip, is-is and BGP. By default, OSPF does not redistribute routing information of other protocols. This example shows how to specify the redistributed RIP route as Type 2, with route tag as 33 and route cost as 50.
MA5300 (config-router-ospf)# redistribute ospfase rip type 2 tag 33 metric 50
Table 18-9 Setting parameters for OSPF to redistribute external routes To Set the interval when OSPF to redistribute external routes Restore the default interval when OSPF redistributes external routes Set the upper limit for the routes that OSPF redistributes each time Restore the default upper limit for the external routes that can be imported at a time Set the cost for the OSPF to redistribute external routes Restore the default cost for the OSPF to redistribute external routes Set the tag for the OSPF to redistribute external routes Restore the default tag for the OSPF to redistribute external routes Set the type of external routes that OSPF will redistribute Restore the default type of the external routes redistributed by OSPF default seconds Use redistribute interval In OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode
This example shows how to set the default interval when OSPF redistributes external routes to 10s.
MA5300(config-router-ospf)# default redistribute interval 10
This example shows how to specify the default type of the route redistributed by OSPF as Type 1 route.
MA5300 (config-router-ospf)# default redistribute type 1
XXI. Redistributing the default routes into the OSPF routing table
Default routes cannot be redistributed through the command redistribute. To redistribute default routes into the routing table, you can run this command: default-information originate [ always ] [ metric metric-value ] [ type type-value ] [ route-map map-name ] By default, OSPF does not redistribute any default route. If the host has the default route, ase lsa of the default route will be generated. If not, it will not be generated.
MA5300(config-router-ospf)# default-information originate
Even the host has no default route, ase lsa of the default route will still be generated and broadcasted to OSPF route area.
MA5300(config-router-ospf)# default-information originate always
Table 18-10 Setting the OSPF filtering the distributed route To Set the OSPF filtering of the redistributed route Use distribute-list {access-list-number | prefix-list prefix-list-name [gateway prefix-list-name ] }in no distribute-list {access-list-number | prefix-list prefix-list-name [gateway prefix-list-name ] }in distribute-list { access-list-number | prefix prefix-list-name } out [ routingprocess ] no distribute-list { access-list-number | prefix prefix-list-name } out [ routingprocess ] In OSPF configuration mode OSPF configuration mode OSPF configuration mode OSPF configuration mode
This example shows how to filter the routes redistributed in light of the rules specified in ACL2.
MA5300(config)# access-list 2 permit 20.0.0.0 MA5300(config)# access-list 2 deny any MA5300(config-router-ospf)# distribute-list 2 in 0.255.255.255
For detailed description, refer to part Setting Route Filtering in Route Policy.
show ip ospf cumulative show ip ospf database [ adv-router ip-address ] [ asbr-summary | database-summary |external | network | router | self-originate | summary ] [ ip-address ][ adv-router ] [ self-originate ] show ip ospf neighbor
View OSPF neighbor information View OSPF next hop information View OSPF routing table information
All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
In All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
View OSPF retransmission-lists View OSPF ABR and ASBR information View OSPF interface information View OSPF error information
Figure 18-5 Configure DR election by OSPF preference Four MA5300s (MA5300 A, MA5300 B, MA5300 C and MA5300 D), which can perform the router functions and run OSPF, are located on the same segment, as shown in the Figure 18-5. Requirements: Preference of MA5300 A is 100, the highest on the network, so MA5300 A is elected as the DR. MA5300 C has the second highest preference, so it is elected as the BDR.
Huawei Technologies Proprietary 18-35
Preference of MA5300 B is 0, which means that it cannot be a DR. MA5300 D has no preference, so its default preference is 1.
MA5300 A(config)# interface vlan-interface 1 MA5300 A(config-Vlan-Interface1)# ip address 192.1.1.1 255.255.255.0 MA5300 A(config-Vlan-Interface1)# ip ospf priority 100 MA5300 A(config)# router id 1.1.1.1 MA5300 A(config)# router ospf MA5300 A(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0
2)
Configure MA5300 B.
MA5300 B(config)# interface vlan-interface 1 MA5300 B(config-Vlan-Interface1)# ip address 192.1.1.2 255.255.255.0 MA5300 B(config-Vlan-Interface1)# ip ospf priority 0 MA5300 B(config)# router id 2.2.2.2 MA5300 B(config)# router ospf MA5300 B(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0
3)
Configure MA5300 C.
MA5300 C(config)# interface vlan-interface 1 MA5300 C(config-Vlan-Interface1)# ip address 192.1.1.3 255.255.255.0 MA5300 C(config-Vlan-Interface1)# ip ospf priority 2 MA5300 C(config)# router id 3.3.3.3 MA5300 C(config)# router ospf MA5300 C(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0
4)
Configure MA5300 D.
MA5300 D(config)# interface vlan-interface 1 MA5300 D(config-Vlan-Interface1)# ip address 192.1.1.4 255.255.255.0 MA5300 D(config)# router id 4.4.4.4 MA5300 D(config)# router ospf MA5300 D(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0
You can run the command show ip ospf neighbor on MA5300 A to show OSPF neighbor. Note that MA5300 A has three neighbors.
MA5300 A(config)# show ip ospf neighbor Neighbor 4.4.4.4 3.3.3.3 2.2.2.2 pri 1 2 0 State full/DRother full/BDR full/DRother Address 192.1.1.4 192.1.1.3 192.1.1.2 Interface Vlan-Interface1 Vlan-Interface1 Vlan-Interface1
The status of every neighbor is FULL, which means that MA5300 A has created adjacency with all neighbors. Only DR and BDR have created adjacency with all routers on the network. MA5300 A is DR and MA5300 C is BDR on the network. All other neighbors are DRother, which means that they are neither DR nor BDR.
Huawei Technologies Proprietary 18-36
5)
You can run show ip ospf neighbor on MA5300 A to show OSPF neighbors. Note that preference of MA5300 B has been changed to 200, but it is not DR.
MA5300 A(config)# show ip ospf neighbor Neighbor 4.4.4.4 3.3.3.3 2.2.2.2 pri 1 2 200 State full/DRother full/BDR full/DRother Address 192.1.1.4 192.1.1.3 192.1.1.2 Interface Vlan-Interface1 Vlan-Interface1 Vlan-Interface1
Only when the existing DR does not exist on the network, will DR be changed. Shut down MA5300 A and run show ip ospf neighbor on MA5300 D to show neighbors. Note that MA5300 C, which used to be BDR, now becomes DR; and MA5300 B now becomes BDR.
MA5300 D(config)# show ip ospf neighbor Neighbor 3.3.3.3 2.2.2.2 pri 2 200 State full/DR full/BDR Address 192.1.1.3 192.1.1.2 Interface Vlan-Interface1 Vlan-Interface1
If all routers are moved from the network and then added into the network again, MA5300 B will be chosen as DR (whose preference is 200) and MA5300 A will become BDR (whose preference is 100). Shut down all MA5300s and reboot them. This operation will bring about a new election of DR/BDR.
MA5300 D(config)# show ip ospf neighbor Neighbor 1.1.1.1 3.3.3.3 2.2.2.2 pri 100 2 200 State full/BDR Deadtime 00:00:33 Address Interface Vlan-Interface1 Vlan-Interface1 Vlan-Interface1
Area 0
193.1.1.2/24 Area 1
Figure 18-6 Configure OSPF virtual link Area 2 is not directly connected with Area 0 in Figure 18-6. Area 1 serves as the Transit Area to connect Area 2 and Area 0. A virtual link is configured between MA5300 B and MA5300 C in Area 1.
MA5300 A(config)# interface vlan-interface 1 MA5300 A(config-Vlan-Interface1)# ip address 192.1.1.1 255.255.255.0 MA5300 A(config)# router id 1.1.1.1 MA5300 A(config)# router ospf MA5300 A(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0
2)
Configure MA5300 B.
MA5300 B(config)# interface vlan-interface 7 MA5300 B(config-Vlan-Interface7)# ip address 192.1.1.2 255.255.255.0 MA5300 B(config)# interface vlan-interface 8 MA5300 B(config-Vlan-Interface8)# ip address 193.1.1.2 255.255.255.0 MA5300 B(config)# router id 2.2.2.2 MA5300 B(config)# router ospf MA5300 B(config-router-ospf)# network 192.1.1.0 0.0.0.255 area 0 MA5300 B(config-router-ospf)# network 193.1.1.0 0.0.0.255 area 1 MA5300 B(config-router-ospf)# area 1 virtual-link 3.3.3.3
3)
Configure MA5300 C.
MA5300 C(config-Vlan-Interface1)# ip address 152.1.1.1 255.255.255.0 MA5300 C(config)# interface vlan-interface 2 MA5300 C(config-Vlan-Interface2)# ip address 193.1.1.1 255.255.255.0 MA5300 C(config)# router id 3.3.3.3 MA5300 C(config)# router ospf MA5300 C(config-router-ospf)# network 193.1.1.0 0.0.0.255 area 1 MA5300 C (config-router-ospf)# network 152.1.1.0 0.0.0.255 area 2 MA5300 C(config-router-ospf)# area 1 virtual-link 2.2.2.2
If an Area is set as the Stub area, then the area must be set as a Stub area in all the routers connected to this area. The interface types of two adjacent routers should be consistent. If more than two areas are configured, then at least one area should be configured as the backbone area. That is the area ID is 0. Ensure the backbone area is connected with all the other areas. The virtual links cannot pass through the Stub area.
RTA
area0
RTB
area1
RTC
area2
RTD
Figure 18-7 Schematic diagram of OSPF areas The virtual link cannot pass through the Stub area, and the backbone area (area 0) cannot be configured as the Stub area, i.e. if a virtual link is set up between RTB and RTC, then area 1 cannot be configured as the Stub area and area 0 cannot be configured as the Stub area either. In the above figure, only area 2 can be configured as the Stub area. The router in the Stub area cannot receive external routes. Make sure in the backbone area the connections between various nodes are normal.
HUAWEI
Table of Contents
Table of Contents
Chapter 19 Ethernet Port Configuration ................................................................................... 19-1 19.1 Overview ........................................................................................................................ 19-1 19.2 Configuring an Ethernet Port ......................................................................................... 19-4 19.2.1 Setting Port Physical Properties.......................................................................... 19-4 19.2.2 Setting the Port Flow Control .............................................................................. 19-4 19.2.3 Setting the Port Broadcast Storm Suppression .................................................. 19-5 19.2.4 Setting the Port Priority Level.............................................................................. 19-5 19.2.5 Setting the Maximum Multicast Group Counts.................................................... 19-5 19.2.6 Enabling/Disabling the Long Frames on an Ethernet Port.................................. 19-6 19.2.7 Setting the MAC Address Learning for an Ethernet Port .................................... 19-6 19.2.8 Setting the Port Aggregation ............................................................................... 19-7 19.2.9 Adding an Ethernet Port to a VLAN .................................................................... 19-8 19.2.10 Setting the Ethernet Port Working Mode .......................................................... 19-8 19.2.11 Enabling/Disabling an Ethernet Port ................................................................. 19-8 19.3 Viewing/Clearing Ethernet Port Information .................................................................. 19-9 19.3.1 Viewing Ethernet Port Information ...................................................................... 19-9 19.3.2 Clearing the Ethernet Port Information ............................................................... 19-9 Chapter 20 xDSL Port Configuration......................................................................................... 20-1 20.1 Overview ........................................................................................................................ 20-1 20.2 Configuring an xDSL port .............................................................................................. 20-4 20.2.1 Setting the Parameters of an xDSL Port............................................................. 20-4 20.2.2 Description of xDSL Port Status.......................................................................... 20-8 20.2.3 Blocking/Unblocking an xDSL Port ..................................................................... 20-8 20.2.4 Activating/Deactivating an xDSL Port ................................................................. 20-8 20.3 Configuring an xDSL Line Profile................................................................................. 20-10 20.3.1 Adding a VDSL line profile ................................................................................ 20-10 20.3.2 Adding an ADSL/ADSL2+ Line profile .............................................................. 20-13 20.3.3 Adding an SHDSL Line Profile .......................................................................... 20-21 20.3.4 Deleting an xDSL Line Profile ........................................................................... 20-24 20.3.5 Modifying an xDSL Line Profile ......................................................................... 20-24 20.3.6 Viewing an xDSL Line Profile............................................................................ 20-25 20.4 Configuring an xDSL Alarm Profile .............................................................................. 20-26 20.4.1 Adding a VDSL Alarm Profile ............................................................................ 20-26 20.4.2 Adding an ADSL/ADSL2+ Alarm Profile ........................................................... 20-29 20.4.3 Adding an SHDSL Alarm Profile ....................................................................... 20-33 20.4.4 Deleting an xDSL Alarm Profile......................................................................... 20-35 20.4.5 Modifying an xDSL Alarm Profile ...................................................................... 20-36
Huawei Technologies Proprietary i
Table of Contents
20.4.6 Viewing the Configurations of an xDSL Alarm Profile....................................... 20-36 20.4.7 Binding/Unbinding an xDSL Alarm Profile ........................................................ 20-37 20.5 Viewing the Information of an xDSL Port..................................................................... 20-37 20.6 Maintaining an xDSL Port ............................................................................................ 20-39 20.6.1 Resetting an xDSL Port and Chipset ................................................................ 20-39 20.6.2 Setting xDSL Port Loopback ............................................................................. 20-39 20.6.3 Testing the ATM Link Connectivity of an ADSL Port ........................................ 20-40 20.6.4 Single-ended Test of an ADSL2+ Port.............................................................. 20-41 20.6.5 Viewing the Bit Allocation of an ADSL2+ Port .................................................. 20-42 20.6.6 Viewing the Power State of an ADSL Port........................................................ 20-42 20.7 VDSL CPE Management ............................................................................................. 20-43 20.7.1 Enabling/Disabling VDSL CPE Binding ............................................................ 20-43 20.7.2 Enabling/Disabling the Automatic Upgrade of VDSL CPE ............................... 20-44 20.8 VDSL Configuration Example ...................................................................................... 20-45 20.8.1 Configuration Procedure ................................................................................... 20-45 20.8.2 Networking Description ..................................................................................... 20-45 20.8.3 Data Configuration ............................................................................................ 20-46 20.8.4 Verification......................................................................................................... 20-47 20.9 ADSL/ADSL2+ Configuration Example ....................................................................... 20-47 20.9.1 Configuration Procedure ................................................................................... 20-47 20.9.2 Networking Description ..................................................................................... 20-48 20.9.3 Data Configuration ............................................................................................ 20-48 20.9.4 Verification......................................................................................................... 20-50 20.10 SHDSL Configuration Example ................................................................................. 20-50 20.10.1 Configuration Procedure ................................................................................. 20-50 20.10.2 Networking Description ................................................................................... 20-50 20.10.3 Data Configuration .......................................................................................... 20-51 20.10.4 Verification....................................................................................................... 20-52 Chapter 21 PVC and Access Configuration.............................................................................. 21-1 21.1 Configuring a Single PVC .............................................................................................. 21-1 21.1.1 Setting the VPI and VCI ...................................................................................... 21-2 21.1.2 Setting the Connection Type of a Single PVC .................................................... 21-3 21.1.3 Enabling/Disabling the Single-PVC Multi-service Dispatch ................................ 21-3 21.1.4 Viewing the Single-PVC Configuration ............................................................... 21-5 21.2 Configuring Multiple PVCs............................................................................................. 21-6 21.2.1 Enabling/Disabling the Multi-PVC Function ........................................................ 21-7 21.2.2 Adding PVCs to a Port ........................................................................................ 21-8 21.2.3 Deleting a PVC from a Port................................................................................. 21-8 21.2.4 Modifying the PVC Configurations of a Port ....................................................... 21-8 21.2.5 Viewing the Configuration of Multi-PVC.............................................................. 21-9 21.3 Configuring IPoA.......................................................................................................... 21-10 21.3.1 Overview ........................................................................................................... 21-10
Huawei Technologies Proprietary ii
Table of Contents
21.3.2 Setting an IPoA Connection (Single-PVC)........................................................ 21-12 21.3.3 Setting an IPoA Connection (Multi-PVC) .......................................................... 21-13 21.3.4 Setting the Source MAC Address ..................................................................... 21-14 21.3.5 Setting the Default IP Address of the Upper Layer Gateway............................ 21-15 21.3.6 Setting the Mode of Obtaining Peer End IP Address........................................ 21-16 21.3.7 Viewing IPoA information .................................................................................. 21-17 21.3.8 L2 IPoA Access Configuration Example ........................................................... 21-19 21.3.9 L3 IPoA Access Configuration Example ........................................................... 21-22 21.4 Configuring PPPoA...................................................................................................... 21-24 21.4.1 Overview ........................................................................................................... 21-24 21.4.2 Setting Up a PPPoA Connection (Single PVC)................................................. 21-26 21.4.3 Setting Up a PPPoA Connection (Multi-PVC)................................................... 21-27 21.4.4 Setting the PPPoA Source MAC Address......................................................... 21-28 21.4.5 Setting the PPPoA Destination MAC Address .................................................. 21-28 21.4.6 Setting the PPPoA Session ID Area ................................................................. 21-28 21.4.7 Viewing PPPoA Information .............................................................................. 21-30 21.4.8 PPPoA Access Configuration Example-Static Mode ........................................ 21-30 21.4.9 PPPoA Access Configuration Example-Dynamic Mode ................................... 21-33 21.5 Configuring PITP.......................................................................................................... 21-35 21.5.1 Overview ........................................................................................................... 21-35 21.5.2 Setting PITP V Mode......................................................................................... 21-36 21.5.3 Setting the PITP P Mode................................................................................... 21-37 21.6 PPPoE Plus Configuration Example............................................................................ 21-40 Chapter 22 VLAN Configuration ................................................................................................ 22-1 22.1 Overview ........................................................................................................................ 22-1 22.2 Configuring a Common VLAN ....................................................................................... 22-1 22.2.1 Configuring a Common VLAN............................................................................. 22-2 22.2.2 Configuring VLANs in Batches............................................................................ 22-4 22.2.3 Configuring the VLAN Trunk ............................................................................... 22-5 22.2.4 Configuring a VLAN Interface ............................................................................. 22-6 22.2.5 VLAN Configuration Example (Configuring LAN Interconnection)...................... 22-7 22.2.6 VLAN Configuration Example (Configuring VLAN Trunk Interconnection) ....... 22-11 22.3 Configuring a Smart VLAN .......................................................................................... 22-14 22.3.1 Setting/Canceling a VLAN as a Smart VLAN.................................................... 22-14 22.3.2 Adding/Deleting an Upstream Port to/from a Smart VLAN ............................... 22-15 22.3.3 Adding/Deleting an Downstream Port to/from a Smart VLAN .......................... 22-15 22.3.4 Viewing Smart VLAN Information...................................................................... 22-16 22.3.5 Smart VLAN Configuration Example (Access Mode)........................................ 22-17 22.3.6 Smart VLAN Configuration Example (Trunk Mode) .......................................... 22-18 22.3.7 Smart VLAN Configuration Example-Comprehensive Application ................... 22-20 22.4 Configuring a MUX VLAN ............................................................................................ 22-24 22.4.1 Enabling/Disabling a MUX VLAN ...................................................................... 22-26
Huawei Technologies Proprietary iii
Table of Contents
22.4.2 Configuring the MUX VLAN Configuration Profile............................................. 22-26 22.4.3 Specifying the Upstream Port and Range of Local MUX VLANs...................... 22-27 22.4.4 Specifying the Cascading Port and Range of Cascaded MUX VLANs............. 22-28 22.4.5 Setting the MUX VLANs for a Specified Service Board.................................... 22-28 22.4.6 Setting the MUX VLAN for a Specified Port...................................................... 22-29 22.4.7 Viewing MUX VLAN information ....................................................................... 22-29 22.4.8 Basic Application of MUX VLAN ....................................................................... 22-30 22.4.9 MUX VLAN Cascading Application ................................................................... 22-34 22.4.10 Comprehensive MUX VLAN Application......................................................... 22-39 22.4.11 Notes for Using MUX VLAN ............................................................................ 22-44 22.5 Configuring a QinQ VLAN............................................................................................ 22-45 22.5.1 Overview ........................................................................................................... 22-45 22.5.2 Setting a Common VLAN as a QinQ VLAN ...................................................... 22-46 22.5.3 Adding/Deleting an Upstream Port to/from a QinQ VLAN ................................ 22-46 22.5.4 Adding/Deleting a Downstream Port to/from a QinQ VLAN.............................. 22-47 22.5.5 Configuring a QinQ VLAN PVC......................................................................... 22-48 22.5.6 Viewing the Configuration of a QinQ VLAN ...................................................... 22-49 22.5.7 QinQ VLAN Configuration Example .................................................................. 22-49 22.6 Configuring VLAN Stacking ......................................................................................... 22-51 22.6.1 Overview ........................................................................................................... 22-51 22.6.2 Configuring a Common VLAN as a VLAN Stacking.......................................... 22-53 22.6.3 Adding/Deleting an Upstream Port to/from a VLAN Stacking........................... 22-53 22.6.4 Adding/Deleting a Downstream Port to/from a VLAN Stacking ........................ 22-54 22.6.5 Configuring the Inner VLAN Tag for a VLAN Stacking Port/PVC ..................... 22-55 22.6.6 Configuring a Port/PVCs Inner Priority............................................................. 22-55 22.6.7 Configuring a VLAN Stacking PVC ................................................................... 22-56 22.6.8 Viewing the Configuration of a VLAN Stacking................................................. 22-56 22.6.9 VLAN Stacking Configuration Example ............................................................ 22-57 Chapter 23 IGMP Snooping Configuration ............................................................................... 23-1 23.1 Overview ........................................................................................................................ 23-1 23.1.1 IGMP Snooping Principle .................................................................................... 23-1 23.1.2 Implementation of IGMP Snooping ..................................................................... 23-2 23.2 Configuring IGMP Snooping .......................................................................................... 23-5 23.2.1 Enabling/Disabling IGMP Snooping Globally...................................................... 23-6 23.2.2 Setting the Aging Time of Multicast Group Member Port ................................... 23-6 23.2.3 Setting the Aging Time of the Router Port .......................................................... 23-6 23.2.4 Setting the Maximum Response Time ................................................................ 23-6 23.2.5 Enabling a User to Leave a Multicast Group Fast .............................................. 23-7 23.2.6 Setting a Router Port........................................................................................... 23-7 23.2.7 Viewing IGMP Snooping Information .................................................................. 23-7 23.3 Configuring Multicast VLAN........................................................................................... 23-8 23.3.1 Setting the Upstream Port of a Multicast VLAN .................................................. 23-9
Huawei Technologies Proprietary iv
Table of Contents
23.3.2 Setting the Downstream Port of a Multicast VLAN ........................................... 23-10 23.3.3 Viewing the Multicast VLAN .............................................................................. 23-10 23.3.4 Multicast VLAN Configuration Example ............................................................ 23-11 23.4 Troubleshooting IGMP Snooping................................................................................. 23-14 Chapter 24 IGMP Proxy Configuration ...................................................................................... 24-1 24.1 Overview ........................................................................................................................ 24-1 24.2 Configuring Basic IGMP Proxy ...................................................................................... 24-2 24.2.1 Enabling/Disabling IGMP Proxy .......................................................................... 24-2 24.2.2 Setting the Master Upstream Port....................................................................... 24-3 24.2.3 Setting the Parameters for a Multicast Router .................................................... 24-3 24.2.4 Setting the Static Multicast Members of an IGMP Proxy Group ......................... 24-5 24.3 Configuring the Program Library and Authority Profile .................................................. 24-6 24.3.1 Maintaining a Program Library ............................................................................ 24-8 24.3.2 Setting the Authority Profile............................................................................... 24-10 24.3.3 Setting the User Authority ................................................................................. 24-13 24.4 Viewing IGMP Proxy Information................................................................................. 24-16 Chapter 25 ISU Configuration .................................................................................................... 25-1 25.1 Overview ........................................................................................................................ 25-1 25.2 Configuring an ISU Board.............................................................................................. 25-2
1000Base-LX
1000 Mbit/s
The MA5300 Ethernet port adopts the format of slot number /sub-slot number /port number: FE Ethernet port: The slot number is 7 or 8. The sub-slot number is 1 or 2. The FE port number is in the range of 03. GE Ethernet port: The slot number is 7 or 8. The sub-slot number is 1. The GE port number is in the range of 05.
Note: The GE subboard can be attached to subslot 1 only. The port number is related to the subboard position. When it is attached to subslot 1, port 0 or 1, the port number is in the range of 01. When it is attached to subslot, port 2 or 3, the port number is in the range of 23. When subslot 1 is attached with 4FE subboard, the GE port number is 45, which are virtual GE port used for connecting with ISU or EIU through the backplane. The slot number of the MA5303s Ethernet port is 7. Other numbers are the same as those of the MA5300.
The configuration of Ethernet port involves: Setting Port Physical Properties Setting the Port Flow Control Setting the Port Broadcast Storm Suppression Setting the Port Priority Level Setting the Maximum Multicast Group Counts Enabling/Disabling the Long Frames on an Ethernet Port Setting the MAC Address Learning for an Ethernet Port Setting the Port Aggregation Adding an Ethernet Port to a VLAN Setting the Ethernet Port Working Mode Enabling/Disabling an Ethernet Port Viewing/Clearing Ethernet Port Information Table 19-2 lists the commands for configuring an Ethernet port. Table 19-2 Commands for configuring an Ethernet port To Enter fast Ethernet port configuration mode Enter gigabit Ethernet port configuration mode Set the duplex mode of an Ethernet port Set an Ethernet ports bit rate Set an Ethernet ports network cable type Use Interface ethernet Interface gigabitethernet (no) duplex (no) speed (no) mdi In Global configuration mode Global configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode
To Enable/Disable a ports flow control Enable/disable traffic suppression Set the priority level of an Ethernet port Set the maximum multicast group counts of a port Enable/Disable long frames on an Ethernet port Set MAC address learning for an Ethernet port Set the number of MAC addresses that can be learned by a port Add an Ethernet port to a VLAN Set the working mode of an Ethernet port Set the VLANs that can pass Trunk port Set the default VLAN of Trunk port Enable/Disable Ethernet port an
In Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Ethernet port configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode All modes except the user EXEC mode Privileged mode
multicast max-group-count
(no) jumboframe
(no) mac-address-table mac-learning (no) mac-address-table max-mac-count (no) switchport access vlan switchport mode (no) switchport trunk allowed vlan (no) switchport trunk native vlan (no) shutdown (no) mac-address-table max-mac-count no-limit (no) link-aggregation
Set the limit of MAC address learning for an Ethernet port Set Ethernet aggregation port
View the aggregation information of an Ethernet port View the information of a port Clear the statistics of an Ethernet port
show link-aggregation
show interface
clear interface
To
disable
Ethernet
port
aggregation,
you
can
run
the
command
no
link-aggregation.
MA5300(config)#link-aggregation ingress-egress Ethernet7/2/0 to Ethernet7/2/1
Untagged VLAN ID: 3 160 packets output, 0 packets/sec, 0 bytes/sec 57648 bytes, 136 multicasts, 4 broadcasts, 0 pauses 118 packets input, 0 packets/sec, 0 bytes/sec 8984 bytes, 0 multicasts, 94 broadcasts, 0 pauses 0 CRC errors 0 long frames
the port type and port ID are specified, it only clears the information on the specified port. This example shows how to clear the statistics of Ethernet 7/2/0.
MA5300(config)#clear interface e7/2/0
Note: The contents marked for xDSL port configuration in this chapter are the common attributes of VDSL, ADSL and SHDSL. The contents specifically marked for either VDSL, or ADSL or SHDSL port configuration are the particular attributes of each type of port. The configuration of the ADSL board is similar to that of the ADSL2+ board. With no special explanation, the contents described in this chapter are applicable to both the ADSL and ADSL2+ boards.
The MA5300 supports such xDSL as VDSL, ADSL and SHDSL. Each frame can be equipped with up to 14 xDSL service boards, which can reside in any slot in the frame. Table 20-1 Specifications of subscriber lines provided by xDSL boards Service VDSL ADSL ADSL2+ SHDSL Board EVDA EADA EADB ESHA Port quantity of each board 24 48 24 Line quantity of frame 336 672 336
The xDSL port is numbered in the format of slot number/subslot number/port number. Table 20-2 lists the range of xDSL port number.
Table 20-2 Range of xDSL port number Service VDSL ADSL/ADSL2+ SHDSL 06, 915 0 Slot number Subslot number Port 023 047 023
The configuration of xDSL involves: Setting the Parameters of an xDSL Port Blocking/Unblocking an xDSL Port Configuring an xDSL Line Profile Activating/Deactivating an xDSL Port Configuring an xDSL Alarm Profile Binding/Unbinding an xDSL Alarm Profile Viewing the Information of an xDSL Port Table 20-3 lists the commands for configuring xDSL boards Table 20-3 Commands for configuring xDSL boards To Enter VDSL port configuration mode Enter ADSL port configuration mode Enter SHDSL port configuration mode Enter VDSL board configuration mode Enter ADSL board configuration mode Enter SHDSL board configuration mode Add an xDSL line profile Delete an xDSL line profile Modify an xDSL line profile View the information on xDSL line profiles Use interface vdsl interface adsl interface shdsl board-vdsl board-adsl board-shdsl vdsl/adsl/shdsl line-profile add vdsl/adsl/shdsl line-profile delete vdsl/adsl/shdsl line-profile modify show vdsl/adsl/shdsl line-profile In Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode
To Activate an xDSL port Deactivate an xDSL port Add an xDSL alarm profile Delete an xDSL alarm profile Modify an xDSL alarm profile View the information on xDSL alarm profiles Bind an xDSL alarm profile View the information on xDSL port configuration View the line configuration View the information on an activated line View the office-end/RTU's version information View the performance statistics of a port Block/Unblock xDSL ports Activate/Deactivate xDSL ports Reset an xDSL port Reset an xDSL chipset Loop back an xDSL port View port Ethernet statistics View the configuration of a port Bind/Unbind remote equipment
Use vdsl/adsl/shdsl activate vdsl/adsl/shdsl deactivate vdsl/adsl/shdsl alarm-profile add vdsl/adsl/shdsl alarm-profile delete vdsl/adsl/shdsl alarm-profile modify show vdsl/adsl/shdsl alarm-profile alarm-config show (vdsl/adsl/shdsl) port state show line-config show (vdsl/adsl/shdsl) line state show port version
In Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode xDSL board configuration mode VDSL board configuration mode All modes except the user EXEC mode VDSL port configuration mode
show statistics performance (no)block activate/ deactivate port reset chipset reset (no) loopback show statistics frame show interface (no) vdsl bind cpe
To Auto-upgrade parameters of VDSL remote equipment Auto-upgrade the patch of VDSL remote equipment Check the connectivity of ADSL ports ATM link Set single-end test for an ADSL port View the bit-allocation diagram of an ADSL port View the power status of an ADSL port View single-end test results of an ADSL port
Use vdsl auto-upgrade remote-parameter vdsl auto-upgrade remote-patch atm-ping adsl test selt
In Global configuration mode/VDSL port configuration mode Global configuration mode/VDSL port configuration mode ADSL board configuration mode ADSL board configuration mode ADSL board configuration mode ADSL board configuration mode All modes except the user EXEC mode
Note: You can enter xDSL port configuration mode to set one single xDSL port. You can enter xDSL board configuration mode to set all ports of an xDSL board.
Table 20-4 Commands for configuring parameters of an xDSL port To Set the duplex mode of a VDSL port (no) duplex Use In VDSL port configuration mode VDSL port configuration mode VDSL port configuration mode VDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode xDSL port configuration mode Global configuration mode
(no) speed
VDSL
(no) flow-control
Enable/Disable the traffic suppression Set the priority level of an Ethernet port Set the maximum multicast group counts of a port Set MAC address learning of a port Set the MAC learning limit address
(no) priority
(no) multicast max-group-count (no) mac-address-table mac-learning (no) mac-address-table max-mac-count no-limit (no) mac-address-table max-mac-count
Set the number of learnable MAC addresses that can be learned by a port Add an xDSL port to a VLAN Set the working mode of an xDSL port Set the VLANs that can pass Trunk port Set the default VLAN of Trunk port
switchport mode
(no) switchport trunk allowed vlan (no) switchport trunk native vlan
(no) link-aggregation
To View the aggregation information of a VDSL port Set the upstream/downstream rate of an ADSL port Set the upstream/downstream rate of an SHDSL port Bind the IP address of an ADSL/SHDSL port Set MAC address filtering for an ADSL port
In All modes except the user EXEC mode ADSL/SHDSL port configuration mode ADSL/SHDSL port configuration mode ADSL/SHDSL port configuration mode Global configuration mode
(no) static-user
Note: The available duplex modes of a VDSL port include: full duplex, half-duplex and auto negotiation. The rates supported by a VDSL port include: 10 Mbit/s, 100 Mbit/s and auto-negotiation. The EVDA board supports up to 6 VDSL port aggregation groups, one of which can have up to 8 VDSL ports.
To set ADSL port upstream/downstream rate limit, you can run the command adsl car. To restore the default setting, you can run the command no adsl car.
MA5300(config-if-Adsl11/0/0)#adsl car ds-band 255 us-band 255
To set SHDSL port upstream/downstream rate limit, you can run the command shdsl car. To restore the default setting, you can run the command no shdsl car.
MA5300(config-if-Shdsl15/0/0)#shdsl car ds-band 36 us-band 36
To view the IP address binding information on a port, you can run the command show static-user.
MA5300#show static-user adsl 1/0/0 The static user info: Adsl1/0/0 : 10.71.53.2
After the operation, you can run the command show adsl smac-filter-table to view the MAC addresses included in the filtering table.
Huawei Technologies Proprietary 20-7
no block
blocked deactivated
activate
activated
block block
deactivate
This example shows how to block port 0 on the ADSL board in slot 1.
MA5300(config-board-Adsl1)#block 0
included in the line profile, such as the upstream and downstream line rates, noise margin. The office-end negotiates with the RTU to confirm whether the MA5300 can work normally under the aforementioned conditions. If the training succeeds, the office-end can communicate with the RTU and get ready for transmission. It is in port activation status now. For an online Customer Premises Equipment (CPE), the activation process ends upon the completion of the training. When the CPE gets offline, the communication terminates, and the office-end is in listening state. Once the CPE gets online, the training process begins automatically. When the training succeeds, the port is activated. When a port is activated, it binds with a line profile. If no line profile number is entered, the system will activate the port using the profile which is bound with the port last time. If a port is activated for the first time, it binds with the default line profile. In board configuration mode, you can run the command activate to activate an xDSL port, or the command deactivate to deactivate an xDSL port. In global configuration mode, you can run the command vdsl/adsl/shdsl activate to activate an xDSL port in a specified board, or the command vdsl/adsl/shdsl deactivate to deactivate an xDSL port. This example shows how to activate all ports of the VDSL board in slot 4 by using line profile 1 in board configuration mode.
MA5300(config-board-Vdsl4)#activate all 1
This example shows how to activate all ports of the VDSL board in slot 4 by using line profile 1 in global configuration mode.
MA5300(config)#vdsl activate all 1
This example shows how to deactivate ports adsl 1/0/0-adsl 1/0/12 in global configuration mode.
MA5300(config)#adsl deactivate adsl 1/0/0 to adsl 1/0/12
Note: When an ADSL port is deactivated, the communication between ATU-R and ATU-C terminates. To enable service transmission, you should re-activate the port first.
LINE-PROFILE-1
1 ADSL 2
LINE-PROFILE-1
LINE-PROFILE-2 LINE-PROFILE-10 0
ADSL2+
100
SHDSL
LINE-PROFILE-1
Figure 20-2 Procedure for configuring VDSL profile This example shows how to add VDSL line profile 3.
MA5300(config)#vdsl line-profile add 3 Start profile 3 adding.
During input,press 'CTRL+C' to quit,then settings at this time are neglected. > Line config profile > VDSL link auto train bandplan 1-plan998 2-10base-s (1~2)[2]: 1-enable 2-disable (1~2)[1]:
> Target bit rate in downstream (780~25000 kbps) [12500]: > Target bit rate in upstream (780~25000 kbps) [12500]: > Target downstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Target upstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Signal to noise ratio margin in downstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Signal to noise ratio margin in upstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Will you set downstream PSDMask?(y/n)[n]:y > PSDMask for band of 30m 1810-2000kHz. 1-enable 2-disable (1~2)[2]: > Will you set upstream PSDMask?(y/n)[n]: Add profile 3 successfully
Table 20-6 Parameters of a VDSL line profile Parameter Profile index Description You can enter a profile index or press <Enter> to enable the system to allocate a profile index. The profile index is unique. When the auto training is enabled, the link will try to operate at the set rate while maintaining the SNR margin. The training may lead to the link rate being lower than or equal to the expected rate. If the link working at the lowest rate is still not able to meet the expected SNR requirement, it will be disconnected. When the auto training is disabled, the link will turn the set rate into the expected rate. If the link fails to reach the expected rate, it will be disconnected, regardless of the SNR. You are recommended to enable the auto training. In the process of setting up VDSL connection, if the line is in good conditions, and the calculated downstream rate of a VDSL line is higher than the maximum value set, the bit rate will be limited to the set value. Meanwhile, the downstream noise margin will increase. If the line is in poor condition, and the calculated downstream bit rate is lower than the set maximum bit rate, the system will set up the VDSL connection at the calculated bit rate, while maintaining the target downstream noise margin. The interleave depth is closely related to the stability of VDSL connection and transmission delay. It can change the low-resistance impulse noise spectrum in the link, thus affecting the equipments error correction capability. The larger the interleave depth, the more powerful the link error correction capability, and the longer the link transmission delay. It is recommended that you set the interleave depth to 1.
Parameter
Description The target SNR margin refers to the SNR margin preserved to maintain the normal data communication at the time of the line noise deteriorating. The larger the target SNR margin, the lower the chance of error occurrence in data transmission, and the more secure the system will be. Conversely, the larger the SNR margin, the smaller the achievable maximum rate. In practice, the expected upstream/downstream SNR margin should be adjusted based on the line conditions. To avoid affecting other equipment, the transmit power of a device in each frequency is usually required to be equal to or lower than the specified value. If a VDSL device is likely to interfere with other equipment, its transmit power in some frequencies should be reduced.
Downstream/Upstream PSDMask
The radio wave band filtering function is used to reduce the performance of the equipment. This can avoid interfering with other equipment. As the use of radio wave band filtering may diminish the usable VDSL frequencies and greatly reduce the VDSL transmission performance, you are recommended to disable the radio wave filtering function.
Note: When configuring an ADSL2+ line profile, you have three options for the parameter of transmit rate adaptation in downstream/upstream: 1-fixed, 2-adaptAtStartup and 3-adaptAtRuntime. When selecting 1-fixed or 2-adaptAtStartup, skip the configuration procedure included in the imaginary boxes 1 and 2. When selecting 3-adaptAtRuntime for the downstream, you need to follow the procedure included in the imaginary box 1. When selecting 3-adaptAtRuntime for the upstream, you need to follow the procedure included in the imaginary box 2.
Select profile-ADSL
NO
Enable upstream channel bit swap Enable downstream channel bit swap
NO
Fast Select a channel mode Interleave NO Whether to set interleave delay mode? YES Set max. downstream interleave delay
Whether to set Modem noise margin? YES Set min. downstream noise margin Set max. downstream noise margin Set downstream target noise margin
NO
NO
Set min. upstream noise margin Set min. upstream rate Set max. upstream noise margin Set max. downstream rate Set upstream target noise margin
Wether to configure the Modem? YES Set ADSL2+ transmission mode Set Trellis coding Set upstream channel bit swap
Set minimum downshift time in downstream 1 Set min. upstream noise margin
Set downstream channel bit swap Set max. upstream noise margin NO Wether to set the channal mode? YES Select a channel mode Interleave NO Wether to set the interleaved delay? YES Set downstream interleaved delay Set min. upshift time in upstream Set upstream interleaved delay Whether to set the adapt mode? YES Set downstream adapt mode Set upstream adapt mode NO NO Set min. downshift time in upstream 2 B Whether to set bit rate parameters? YES Whether to set the Modem's noise margin? YES Set min. downstream noise margin Set max. downstream noise margin Set downstream target noise margin A Set min. bit rate in downstream B Set max. bit rate in downstream Set min. bit rate in upstream Set maximum bit rate in upstream Add a line profile successfully NO Fast Set SNR margin for rate downshift in upstream Set SNR margin for rate upshift in upstream Set max. upstram target noise margin
Trellis coding 1-enable 2-disable (1~2) [1]: Upstream channel bit swap 1-enable 2-disable (1~2) [2]: Downstream channel bit swap 1-enable 2-disable (1~2) [2]: Will you set channel mode? (y/n)[n]:y Please select channel mode 0-interleaved 1-fast (0~1) [1]: 0 Will you set interleave delay? (y/n)[n]:y Maximum downstream interleaved delay (0~255) [64] Maximum uptream interleaved delay (0~255) [64] Will you set noise margin for modem? (y/n)[n]:y Minimum noise margin in downstream (0~15 dB) [0]: Maximal noise margin in downstream (0~31 dB) [31]: Target noise margin in downstream(0~15 dB) [12]: Minimum noise margin in upstream (0~15 dB) [0]: Maximal noise margin in upstream (0~31 dB) [31]: Target noise margin in upstream (0~15 dB) [12]: Will you set parameters for rate? (y/n)[n]:y If you want the fixed rate, set the Minimum value equal to Maximum value. Minimum bit rate in downstream (32~8160 Kbps) [32]: Maximum bit rate in downstream (32~8160 Kbps) [6144]: Minimum bit rate in upstream (32~896 Kbps) [32]: Maximum bit rate in upstream (32~896 Kbps) [640]: Add profile 3 successfully
During input,press CTRL+C to quit,then settings at this time are neglected. please choose the type of template 0-ADSL 1-ADSL2+ (0~1)[0]: 1 Will you set basic configuration for modem? (y/n)[n]:y ADSL operating mode: 0: All(G992.1,G992.2,G992.3,G992.4,G992.5,T1.413) 1: Full rate(G992.1,G992.3,G992.5 or T1.413) 2: G992.2(g.lite) G992.4(g.lite.bis) 3: T1.413 4: G992.1(g.dmt) G992.3(g.dmt.bis) G992.5 5: g.hs(G992.5,G992.3,G992.1,G992.4,G992.2,G992.5 is prior) 6: G992.1 7: G992.2 8: G992.3 9: G992.4 10: G992.5 Please select (0~10) [0]:
Trellis coding 1-enable 2-disable (1~2) [1]: Upstream channel bit swap 1-enable 2-disable (1~2) [2]: 1 Downstream channel bit swap 1-enable 2-disable (1~2) [2]: 1 Will you set channel mode? (y/n)[n]:y Please select channel mode 0-interleaved 1-fast 2-fastOrInterleaved (0~2) [0]: 1 Will you set rate adapt mode ? (y/n)[n]:y Adapt mode in downstream 1-fixed 2-adaptAtStartup 3-adaptAtRuntime(1~3)[2]: Adapt mode in upstream 1-fixed 2-adaptAtStartup 3-adaptAtRuntime (1~3)[2]: Will you set noise margin for modem? (y/n)[n]:y Minimum noise margin in downstream (0~15 dB) [0]: Maximal noise margin in downstream (0~31 dB) [31]: Target noise margin in downstream(0~15 dB) [6]: Minimum noise margin in upstream (0~15 dB) [0]: Maximal noise margin in upstream (0~31 dB) [31]: Target noise margin in upstream (0~15 dB) [6]: Will you set parameters for rate? (y/n)[n]:y Minimum bit rate in downstream (32~28800 Kbps) [32]: Maximum bit rate in downstream (32~28800 Kbps) [24544]: Minimum bit rate in upstream (32~1560 Kbps) [32]: Maximum bit rate in upstream (32~1560 Kbps) [1024]: Add profile 5 successfully
Table 20-7 Paramters of an ADSL line profile Parameter Profile index Description You can enter a profile index, or press <Enter> to enable the system to allocate a profile index. The profile index is unique. Currently, there are three ADSL working modes: G992.1 mode, G992.2 mode and T1.413 mode. The G992.2 adopts rather narrow frequency spectrum and low upstream/downstream bit rate. Its frequency spectrum is only half of that of G992.1 mode or T1.413 mode, and its upstream and downstream bit rates are 512 Kbps and 1536 Kbps respectively. The G992.1 and the T1.413 adopt similar bit rate: 6144 Kbps in downstream, and 640Kbps in upstream. The trellis coding algorithm is used to boost SNR and enhance line stability. It is usually enabled. When the conditions of an ADSL line get worse, the SNR of some sub-carriers may deteriorate, resulting in failures in bearing the allocated bits. With the bit swap function, the system can swap the allocated bits from one sub-carrier to another to avoid possible disconnection due to the variation in characteristics. To enable the bit swap, make sure that the ATU-Cs EADA board and the ATU-R support the function. There are two channel modes: the interleave mode and the fast working mode. Compared with the fast working mode, the interleave mode features stable line connection, but longer transmission delay. For common Internet access service, the interleave mode is recommended. For services which are delay sensitive, such as Voice On Demand (VOD), the fast mode is recommended. The interleave delay is deeply related to the stability of ADSL connection and transmission delay: the larger the interleave delay, the higher the ADSL connection stability, and the longer the transmission delay. There are three adapt modes: 1-fixed, 2-adaptAtStartup, 3-adaptAtRuntime. The noise margin refers to the additional tolerable noise which does not lead to the deterioration of current line rate. The Modems noise margin is proportional to the ADSL connection stability. The larger the Modem noise margin, the higher the connection stability. In the process of ADSL connection establishment, if the calculated noise margin is lower than the preset one, the port activation will fail.
Trellis coding
Channel mode
Parameter
Description In the process of ADSL connection establishment, if the calculated target noise margin of an ADSL line is higher than the set maximum noise margin, the system will limit the downstream maximum noise margin to the set value. The target noise margin is the preserved noise margin to ensure normal communication in the case of line noise deterioration. The larger the target noise margin, the higher the chance of occurrence of the line error, and the more secure the system may be. Conversely, the larger the target nose margin, the smaller the traffic, and the lower the data transmission rate. Therefore, the target noise margin shall be adjusted based on the actual line conditions.
in
When the noise margin reaches this value, the system starts to adjust the bit rate downwards. When the noise margin reaches this value, the system starts to adjust the bit rate upwards. When the noise margin reaches SNR margin for rate upshift, the system will keep the current bit rate for a certain period before adjusting the bit rate upwards. When the noise margin reaches SNR margin for rate downshift, the system will keep the current bit rate for a certain period before adjusting the bit rate downwards. In the process of ADSL connection establishment, if the calculated upward/downward bit rate is lower than this value, the port activation will fail. In the process of setting up ADSL connection, if the line is in good condition, and the calculated downstream/upstream bit rate of an ADSL line is higher than the set maximum value, the system will limit the bit rate to the set value while increasing the noise margin. If the line is in poor condition, and the calculated downstream/upstream bit rate is lower than the set maximum bit rate, the system will set up the ADSL connection at the calculated bit rate, while maintaining the target noise margin.
adslAtucConfMinDownshift Time
in
in
Note: When a line is in good condition, its SNR is very high. In this case, the chipset decreases the transmit power to reduce its SNR margin. The power decrease is under a certain limit: 12 dBm for ADSL or 40 dBm for ADSL2+. Therefore, the system is considered normal when the SNR exceeds the maximum value.
Whether to use the parameters of the default profle to create a new one?
NO
YES
Set min. line rate Set max. line rate Set PSD mode Set the transmission mode Set remote enable
NO
Set upstream target SNR margin Set downstream worst case target SNR margin Set downstream target SNR margin Set upstream worst case target SNR margin Add a line profile successfully
Figure 20-5 Procedure for adding an SHDSL line profile To add an SHDSL line profile, you can run the command shdsl line-profile. This example shows how to add SHDSL line profile 3.
MA5300(config)#shdsl line-profile add 3 Start profile 3 adding.
During input,press 'CTRL+C' to quit,then settings at this time are neglected. >Do you use the default data to create a line profile?(y/n)[y]:n >G.SHDSL minimum line rate:(192~2304 kbps)[2048]: >G.SHDSL maximum line rate:(192~2304 kbps)[2048]: >Power Spectral Density mode (1--symmetric 2--asymmetric)[1]: >Transmission mode (1--G.991.2 Annex A 2--G.991.2 Annex B 3--support Annex A&B)[2]: >Remote enable (1--enabled 2--disabled)[1]: >Do you config the target SNR margin?(y/n)[n]:y >Downstream current target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[y]: >Downstream worst case target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y >Upstream current target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y >Upstream worst case target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y Add profile 3 successfully.
Table 20-8 lists the parameters of an SHDSL line profile. Table 20-8 Parameters of an SHDSL line profile Parameters Profile index G.SHDSL minimum rate line Description You can enter a profile index or press <Enter> to enable the system to allocate a profile index. The profile index is unique. Set the minimum bit rate of a line. In the process of setting up an SHDSL connection, if the calculated downstream/upstream bit rate of an SHDSL line is higher than the set maximum value, the system will limit the bit rate to the set value while increasing the noise margin. If the calculated downstream/upstream bit rate is lower than the set maximum bit rate, the system will set up the SHDSL connection at the calculated bit rate, while maintaining the target noise margin. There are two types of PSD: the asymmetrical PSD and symmetrical PSD. There are two types of SHDSL transmission modes: ITU-T G.991.2 Annex A and ITU-T G.991.2 Annex B.
Density
Transmission mode
Description This parameter specifies whether to manage the STU-R. The target noise margin is the preserved noise margin to ensure normal communication in the case of line noise deterioration. The larger the target noise margin, the higher the chance of occurrence of the line error, and the more secure the system may be. Conversely, the larger the target nose margin, the smaller the traffic, and the lower the data transmission rate. Therefore, the target noise margin shall be adjusted based on the actual line conditions.
To modify a specified SHDSL line profile, you can run the command shdsl line-profile modify.
Note: In an ADSL line profile, the rate of channel mode Interleave is independent of that of Fast. After the channel mode of a profile is modified, the new modes rate will be used.
After the profile is modified, the system will prompt you whether to validate the profile configuration at once. If yes, the system will disconnect all xDSL ports using this profile for several seconds; if not, you can validate it by deactivating the ports first and then activating them. Board resetting can also validate a modified profile.
DownSnr
UpSnr
AutoTrain
Rate(Kbps) Rate(Kbps) Margin(dB) Margin(dB) -------------------------------------------------------------------1 LINE-PROFILE-1 12500 12500 6.0 6.0 enable
The Plan998 line-profile: Index Profile Name DownStream DownStream UpStream UpStream RateAdaptMode
RateAdaptMode MaxRate(Kbps)
MaxRate(Kbps)
Note: The MA5300 is designed with a default xDSL alarm profile. It is named as ALARM-PROFILE-1, and numbered 1 The default alarm profile of VDSL and SHDSL cannot be modified or deleted. The default alarm profile of ADSL cannot be deleted, but it can be modified.
Whether to set the ATU-C's alarm threshold parameters? YES Set the number of Loss of Frame Seconds Set the number of Loss of Signal Seconds Set the number of Loss of Power Seconds
NO
Whether to set the ATU-R's alarm threshold parameters? YES Set the number of Loss of Frame Seconds
NO
Set thenumber of Loss of Signal Seconds Set the number of Loss of Power Seconds Set the number of Errored Seconds Set the number of Loss of Link Seconds
Set thenumber of unavailable seconds Whether to report the initial failure at ATU-R? Add an alarm profile successfully
Table 20-9 lists the parameters of a VDSL alarm profile. Table 20-9 Paramters of a VDSL alarm profile Parameters Profile index Description You can enter a profile index or press <Enter> to enable the system to allocate a profile index. The index is unique. Within any given 15-minute period, if the number of downstream lost frame seconds exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid.
atuc/atur thresh-15-min-lofs
Description Within any given 15-minute period, if the number of lost signal seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of lost power seconds exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid.
atuc/atur thresh-15-min-lprs
atuc/atur thresh-15-min-ess atuc/atur thresh-15-min-lols atuc/atur thresh-15-min-sess atuc/atur thresh-15-min-uass atuc/atur init failure trap
Within any given 15-minute period, if the number of errored seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of lost link seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of severely errored seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of unavailable seconds exceeds the preset value, an alarm will be generated. If it is enable, an alarm will be generated when initialization fails.
YES Set the number of Loss of Frame Seconds Set the number of Loss of Signal Seconds Set the number of Loss of Link Seconds Set the number of Loss of Power Seconds Set the number of Errored Seconds
NO
YES Set the number of Loss of Frame Seconds Set thenumber of Loss of Signal Seconds Set the number of Loss of Power Seconds Set the number of Errored Seconds
Set the number of failed fast retrain seconds Set thenumber of severely errored seconds
Set thethreshold of positive difference between the current and the past transmit rate in fast mode Set theThreshold of negative difference between the current and the past transmit rate in fast mode
Set theThreshold of positive difference between the current and the past transmit rate in interleaved mode
Threshold of negative difference between the current and the past transmit rate in interleaved mode Add an alarm profile successfullly
Figure 20-7 Procedure for adding an ADSL/ADSL2+ alarm profile This example shows how to add ADSL2+ alarm profile 2.
MA5300(config)#adsl alarm-fprofile add { <cr>|INTEGER<U><2,16> }:2 Start profile 2 adding. During input,press 'CTRL+C' to quit,then settings at this time are neglected. > Will you set threshold for modem at near end of line? (y/n)[n]:y > [atuc thresh-15-min-lofs]The number of loss of frame seconds within any given 15-minute performance data collection period (0~900) [0]:
> [atuc thresh-15-min-loss]The number of loss of signal seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-lols]The number of loss of link seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-lprs]The number of loss of power seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-ess]The number of loss of errored seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-failedfastr]The number of fast retrain failed seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-sesl]The number of severe errored seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-15-min-uasl]The number of unavailable seconds within any given 15-minute performance data collection period (0~900) [0]: > [atuc thresh-fast-rate-up]The threshold for fast channels, if the
difference between the current Tx rate and the previous Tx rate larger than it (0~28800 Kbps) [0]: > [atuc thresh-fast-rate-down]The threshold for fast channels, if the difference between the current Tx rate and the previous Tx rate less than it (0~28800 Kbps) [0]: > [atuc thresh-interleave-rate-up]The threshold for interleave channels, if the difference between the current Tx rate and the previous Tx rate larger than it (0~28800 Kbps) [0]: > [atuc thresh-interleave-rate-down]The threshold for interleave channels, if the difference between the current Tx rate and the previous Tx rate less than it (0~28800 Kbps) [0]: > [atuc init failure trap]Enables and disables the InitFailureTrap 1-enable 2-disable (1~2) [2]: > Will you set threshold for modem at remote end of line? (y/n)[n]:y > [atur thresh-15-min-lofs]The number of loss of frame seconds within any given 15-minute performance data collection period (0~900) [0]: > [atur thresh-15-min-loss]The number of loss of signal seconds within any given 15-minute performance data collection period (0~900) [0]: > [atur thresh-15-min-lprs]The number of loss of power seconds within any given 15-minute performance data collection period (0~900) [0]: > [atur thresh-15-min-ess]The number of loss of errored seconds within any given 15-minute performance data collection period (0~900) [0]: > [atur thresh-15-min-sesl]The number of severe errored seconds within any given 15-minute performance data collection period (0~900) [0]: > [atur thresh-15-min-uasl]The number of unavailable seconds within any given 15-minute performance data collection period (0~900) [0]:
difference between the current Tx rate and the previous Tx rate larger than it (0~1536 Kbps) [0]: > [atur thresh-fast-rate-down]The threshold for fast channels, if the difference between the current Tx rate and the previous Tx rate less than it (0~1536 Kbps) [0]: > [atur thresh-interleave-rate-up]The threshold for interleave channels, if the difference between the current Tx rate and the previous Tx rate larger than it (0~1536 Kbps) [0]: > [atur thresh-interleave-rate-down]The threshold for interleave channels, if the difference between the current Tx rate and the previous Tx rate less than it (0~1536 Kbps) [0]: Add profile 2 successfully
Table 20-10 lists the parameters of an ADSL/ADSL2+ alarm profile. Table 20-10 Parameters of an ADSL/ADSL2+ alarm profile Parameter Profile index Description You can enter a profile index or press <Enter> to enable the system to designate an index for it. The profile index is unique. Within any given 15-minute period, if the number of downstream lost frame seconds exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid. Within any given 15-minute period, if the number of lost signal seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of lost link seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of lost power seconds exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid. Within any given 15-minute period, if the number of errored seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of failed retrain events exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the number of severely errored seconds exceeds the preset value, an alarm will be generated.
atuc/atur thresh-15-min-lofs
atuc/atur thresh-15-min-loss
atuc/atur thresh-15-min-lols
atuc/atur thresh-15-min-lprs
atuc/atur thresh-15-min-ess
atuc/atur thresh-15-min-failedfastr
atuc/atur thresh-15-min-sesl
Description Within any given 15-minute period, if the number of unavailable seconds exceeds the preset value, an alarm will be generated. Within any given 15-minute period, if the positive difference between the current and the past transmit bit rates in fast mode exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid. Within any given 15-minute period, if the negative difference between the current and the past transmit bit rates in fast mode exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid. Within any given 15-minute period, if the positive difference between the current and the past transmit bit rates in fast mode exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid. Within any given 15-minute period, if the negative difference between the current and the past transmit bit rates in fast mode exceeds the preset value, an alarm will be generated. Currently, the parameter is invalid.
atuc/atur thresh-fast-rate-up
atuc/atur thresh-fast-rate-down
atuc/atur thresh-interleave-rate-up
atuc/atur thresh-interleave-rate-down
Whether to use the parameters of the default profle to create a new one? NO Set loop attenuation threshold Set SNR threshold Set ES threshold Set SES threshold Set CRC abnomalies threshold Set LOSW threshold Set UAS threshold Add an alarm profiel successfully
YES
Figure 20-8 Procedure for adding an SHDSL alarm profile. This example shows how to add SHDSL alarm profile 3.
MA5300(config)#shdsl line-profile add 3 Start profile 3 adding. During input,press 'CTRL+C' to quit,then settings at this time are neglected. >Do you use the default data to create a line profile?(y/n)[y]:n >G.SHDSL minimum line rate:(192~2304 kbps)[2048]: >G.SHDSL maximum line rate:(192~2304 kbps)[2048]: >Power Spectral Density mode (1--symmetric 2--asymmetric)[1]: >Transmission mode (1--G.991.2 Annex A 2--G.991.2 Annex B 3--support Annex A&B)[2]: >Remote enable (1--enabled 2--disabled)[1]: >Do you config the target SNR margin?(y/n)[n]:y >Downstream current target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[y]:
>Downstream worst case target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y >Upstream current target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y >Upstream worst case target SNR margin(0~10 dB)[0]: Do you want to use it?(y/n)[n]:y Add profile 3 successfully.
Table 20-11 lists the parameters of an SHDSL alarm profile. Table 20-11 Parameters of an SHDSL alarm profile Parameter Profile index Description You can enter a profile number or press <Enter> to enable the system to designate a number for it. The profile index is unique, in the range of 216. attenuation The system collects performance data generated within any 15-minute period. If the loop attenuation exceeds the threshold, the system will issue an alarm. The system collects SNR related performance data generated within any 15-minute period. If the SNR margin exceeds the threshold, the system will issue an alarm. The system collects ES related performance data generated within any 15-minute period. If the accumulative ES exceeds the threshold, the system will issue an alarm. The system collects SES related performance data generated within any 15-minute period. If the accumulative SES exceeds the threshold, the system will issue an alarm. The system collects CRC related performance data generated within any 15-minute period. If the accumulative CRC exceeds the threshold, the system will issue an alarm. The system collects LOSW related performance data generated within any 15-minute period. If the LOSW exceeds the threshold, the system will issue an alarm. The system collects UAS related performance data generated within any 15-minute period. If the UAS exceeds the threshold, the system will issue an alarm.
Loop threshold
(ES)
To delete a specified ADSL alarm profile, you can run the command adsl alarm-profile delete. To delete a specified SHDSL alarm profile, you can run the command shdsl alarm-profile delete. This example shows how to delete VDSL alarm profile 2.
MA5300(config)#vdsl alarm-profile delete 2 The vdsl line alarm profile will be deleted . Are you sure?[Y/N]y
: DISABLE : 0 : 0 : 0 : 0 : 0 : 0 : 0 : DISABLE
office-end/remote-end transmit power, upstream/downstream SNR margin, office-end/ remote-end mean square deviation, office-end/remote-end bit error count, and deactivation count. To view the version of a VDSL office-end/remote-end Modem, including the hardware version, software version and patch version, you can run the command show port version. To view the Ethernet statistics of a VDSL port, you can run the command show statistics frame. To view the performance statistics of a VDSL port, including performance statistics for last 15 minutes and last 24 hours, and all performance statistics currently available, you can run the command show statistics performance. 1) This example shows how to view the line profile information of port vdsl 4/0/23.
MA5300(config-board-vdsl4)#show line config 23 Interface AutoTrain Rate(Kbps) Margin(dB) Vdsl4/0/23 LINE-PROFILE-1 12500 12500 6.0 6.0 enable Rate(Kbps) Margin(dB) Profile Name DownStream UpStream DownSnr UpSnr
2)
This example shows how to view the information of an activated port vdsl 14/0/23.
MA5300(config-board-vdsl14)#show line state 23 Vdsl14/0/23 vdsl link status The actual down-stream rate(Kbps) The actual up-stream rate(Kbps) : active : 12500 : 12500
The down-stream interleave delay(ms): 1 The up-stream interleave delay(ms) Remote tx-power(dBm/Hz) Local tx-power(dBm/Hz) Remote SNR(dB) Local SNR(dB) Remote SNR Margin(dB) Local SNR Margin(dB) Remote MSE(dB) Local MSE(dB) Remote RS count Local RS count DownTimes : 1 : -89.720 : -66.770 : 38.240 : 27.220 : 13.1 : 8.0 : 21.800 : 17.160 : 0 : 0 : 1
3)
This example shows how to view the version of office-end/remote-end Modem of port vdsl 4/0/23.
MA5300(config-board-vdsl4)#show port version 23
-----------Local--------------------Remote---------Interface Vdsl4/0/23 Hw 0x81 Sw 0x2 Patch 0x0 Hw 0x32 Sw 0xb4 Patch 0x50
To set office-end/remote-end loopback for an xDSL port, you can run the command loopback. After a port is set with loopback, it is no longer able to forward data packets correctly. If not properly isolated, it may cause broadcast storm. Therefore, upon the completion of test, you should disable the loopback immediately running the command no loopback. By default, port loopback is disabled. This example shows how to enable loopback for port vdsl 4/0/0.
MA5300(config-if-Vdsl4/0/0)#loopback remote
The command loopback is just used to set loopback for a port. CPU alone cannot send test frames. To enable the CPU to send test frames, it should be assisted with the ports of auxiliary equipment. To perform port loopback test: Select a test port and connect it with the auxiliary equipment. Set a VLAN containing the testing port and the port to be tested (xDSL port) to protect the normal service. Set the xDSL port with loopback by using the command loopback. Cancel the port settings that might affect the port, such as STP (system test plan), and clear port statistics. For VDSL remote loopback, it is suggested that the working mode of a VDSL port be set as full duplex mode, and the rate be set as non-auto-negotiation. Send a certain number of data packets at a rate lower than 10Mbits/s using the auxiliary equipment; Stop sending data packets and verify the number of received data packets. If the number of the received packets equals that of the transmitted packets, the link is in normal state. To disable the port loopback setting, you can run the command no loopback.
ATM-PING adsl1/0/0 0/35, press CTRL_C to break atm-ping successfully. Sequence=0 atm-ping successfully. Sequence=1 atm-ping successfully. Sequence=2 atm-ping successfully. Sequence=3 atm-ping successfully. Sequence=4 --- Atm-ping adsl1/0/0 0/35 statistics --5 oam f5 loopback cells transmitted 5 oam f5 loopback cells received 0.00% cell loss
DESCRIPTION : ADSL port status changed REASON ADVICE : Don't care! : Needn't repair!
Note: When you run commands to enable a binding, the associated port should be activated (with exception of the command vdsl bind cpe bind-id local).
In port configuration mode, you can upgrade the parameters of the CPE connected to a port:
MA5300(config-if-Vdsl4/0/0)#vdsl auto-upgrade remote-parameter
In port configuration mode, you can upgrade the patches of the CPE connected to a port.
Internet
E V D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 20-9 Networking diagram of the VDSL service application Networking description: 1) The PC is connected to port 0 of the VDSL service board EVDA (assume it resides in slot 2) through VDSL modem. The upstream/downstream bandwidth should be 2 M. Other parameters adopt the default values.
2) 3)
The EVDAs ports belong to VLAN 2. The upstream ports working mode is set as Trunk, through which VLAN can pass. Service data is uplinked through the ESMs port FE7/2/0.
III. Setting the upstream port as Trunk, allowing VLAN 2 to pass through
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 2 Please wait... Done. MA5300(config-if-Ethernet7/2/0)#exit
> Target bit rate in downstream (780~25000 kbps) [12500]: 20000 > Target bit rate in upstream (780~25000 kbps) [12500]: 20000 > Target downstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Target upstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Signal to noise ratio margin in downstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Signal to noise ratio margin in upstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Will you set downstream PSDMask?(y/n)[n]: > Will you set upstream PSDMask?(y/n)[n]:
VI. Binding port vdsl 2/0/0 with the default alarm profile
MA5300(config))#vdsl alarm-config vdsl2/0/0 1
20.8.4 Verification
With the above steps, you can access the Internet through your PC.
Note: The service configuration of ADSL2+ differ from those of ADSL only in the configuration of the board, line profile and alarm profile. Other procedures for ADSL2+ and ADSL are the same.
Internet
E A D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 20-10 Networking of an ADSL2+ service application Networking description: 1) The PC is connected to port 0 of the ADSL service board EADA (assume it resides in slot 1) through ADSL modem. The upstream/downstream bandwidth should be 6 M. Other parameters adopt the default values. 2) 3) The EADAs ports belong to VLAN 10. The upstream ports working mode is set as Trunk, through which VLAN 10 can pass. Service data is uplinked through the ESMs port FE7/2/0.
III. Setting the upstream port as Trunk, allowing VLAN 10 to pass through
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 10 Please wait... Done. MA5300(config-if-Ethernet7/2/0)#exit
> Will you set basic configuration for modem? (y/n)[n]: > Will you set channel mode? (y/n)[n]: > Will you set noise margin for modem? (y/n)[n]: > Will you set parameters for rate? (y/n)[n]:y > If you want the fixed rate, set the Minimum value equal to Maximum value. > Minimum bit rate in downstream (32~8160 Kbps) [32]: 6144 > Maximum bit rate in downstream (32~8160 Kbps) [6144]: 6144 > Minimum bit rate in upstream (32~896 Kbps) [32]: > Maximum bit rate in upstream (32~896 Kbps) [640]:32 Add profile 3 successfully
VI. Binding port adsl 1/0/0 with the default alarm profile
MA5300(config))#adsl alarm-config adsl 1/0/0 1
20.9.4 Verification
With the above steps, you can access the Internet through your PC.
Internet
E S H A
FE7/2/0
ESM MODEM
MA5300
PC
1)
The PC is connected to port 0 of the SHDSL service board ESHA (assume it resides in slot 4) through SHDSL modem. The upstream/downstream bandwidth should be 2 M. Other parameters adopt the default values.
2) 3)
The ESHAs ports belong to VLAN 20. The upstream ports working mode is set as Trunk, through which VLAN 20 can pass. Service data is uplinked through the ESMs port FE7/2/0.
III. Setting the upstream port as Trunk, allowing VLAN 20 to pass through
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 20 Please wait... Done. MA5300(config-if-Ethernet7/2/0)#exit
VI. Binding port adsl 4/0/0 with the default alarm profile
MA5300(config)#shdsl alarm-config shdsl4/0/0 1
20.10.4 Verification
With the above steps, you can access the Internet through your PC.
(no) pvc
adsl/shdsl
line
To...
Use...
In... Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode Global configuration mode/ADSL port configuration mode Global configuration mode/ADSL port configuration mode
connect-type
show interface
Note: The ADSL/SHDSL ports fixed PVC must be consistent with the PVC of the remote Modem in terms of VPI and VCI settings. Otherwise, the connection from the port to the Modem will fail.
This example shows how to set the PVC of port adsl 1/0/0 as 0/35.
MA5300(config-if-Adsl1/0/0)#adsl pvc vpi 0 vci 35
To view the settings, you can run the command show adsl line config or show line config.
MA5300(config)#show adsl line config adsl1/0/0 interface LineProfile AlarmProfile ---Pvc--- -----Car----- CodingType LineType vpi vci dsBand usBand
Note: An ADSL port with single PVC function enabled can be added to up to three VLANs only.
An ADSL port can belong to an MUX VLAN and a Smart VLAN at the same time. That is because the port accesses PPPoE service through a common VLAN (or MUX VLAN), while IAD/STB service through a Smart VLAN. When an ADSL ports single-PVC multi-service function is enabled, the port will become a Trunk port automatically. A ports single-PVC multi-service function and multi-PVC function cannot coexist. If the ports multi-PVC function is enabled, you cannot enable its single-PVC function. This example shows how to enable the single-PVC multi-service dispatch function of port adsl 1/0/0.
MA5300(config)#multi-service dispatch enable adsl1/0/0
To enable the PPP service, and specify the VLAN and priority for PPP packet forwarding, you can run this command: multi-service forward ppp enable [vlan vlan-id ] [priority priority ] To disable PPP service, you can run the command multi-service forward ppp disable. This example shows how to enable port adsl 1/0/0s PPP service, and forward PPP packets through VLAN 10 at the priority of 7 in global configuration mode.
MA5300(config)#multi-service forward ppp enable vlan 10 priority 7 adsl1/0/0
This example shows how to disable PPP service for port adsl 1/0/0.
MA5300(config)#multi-service forward ppp disable adsl1/0/0
This example shows how to set PPP service priority of port adsl 1/0/0 as 4.
MA5300(config)#multi-service forward ppp priority 4 adsl1/0/0
2)
To enable IAD/STB service and specify the VLAN and priority for forwarding IAD/STB packets, or to modify relevant parameters, you can run this command: multi-service forward iad-stb [ vlan vlan-id ] [ priority priority ] In global configuration mode, enable port adsl 1/0/0s IAD/STB service, in which the packets are forwarded through VLAN 20 and with the priority of 0.
This example shows how to set the priority of port adsl 1/0/0s PPP service as 4.
MA5300(config)#multi-service forward ppp priority 4 adsl1/0/0
Note: Before configuring the VLAN for PPP and IAD/STB services, you need to add the port to the VLAN. For a Smart VLAN, you can do this by adding the port to the Smart VLAN as an upstream or downstream port, rather than running the command switchport. PPP and IAD/STB services cannot belong to the same VLAN. The priority of PPP service is usually lower than that of IAD/STB service. (0 is for the lowest priority, and 7 is for the highest priority).
Local-Tx-Rate 0 Kbps, Remote-Tx-Rate 0 Kbps, _ADSL_TX three-degree-priority mode: disable PVC: vpi is 0, vci is 35 CAR: ds-band is 255, us-band is 255 PVID is 1 Max mac-address learning count: 16 Max multicast group count: 2 Multi-service dispatch: enable PPP: VLAN 10 Priority: 4, IAD-STB: VLAN 20 Priority: 0 Multi-Pvc mode: disable TwoTagMode : common Port mode: trunk Vlan passing : 1(default vlan), 10, 20 Vlan allowed : 1(default vlan), 10, 20 Output: 0 bytes PPP: 0 bytes, VOIP: 0 bytes, multicast: 0 bytes Input : 0 bytes PPP: 0 bytes, VOIP: 0 bytes To CPU : 0 packets Discard: 0 packets
Note: You can set a PVC in either global configuration mode (requiring specific port number input) or port configuration mode.
Table 21-2 lists the commands for configuring a PVC. Table 21-2 Commands for configuring a PVC To Enable/Disable multi-PVC function on a port Use multipvc enable/disable In Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode All modes except the user EXEC mode All modes except the user EXEC mode
multipvc add
in
multipvc delete
in
multipvc modify
View the multi-PVC information of a port View the single-PVC multi-service information of a port
show multipvc
show interface
After the above step, you can run the command show multipvc to view the multi-PVC configuration.
MA5300(config)#show multipvc Enabled multi-pvc function port(s) : Adsl3/0/0 Adsl3/0/1 Adsl3/0/2 Shdsl4/0/0 Shdsl4/0/1
Support Down MultiCast Stream : enable Support IGMP packet Output Input To CPU PVC 2 : disable PVC 3 : disable PVC 4 : disable PVC 5 : disable PVC 6 : disable PVC 7 : disable PVC 8 : disable : 0 packets, 0 cells : 0 packets, 0 cells : 0 packets : enable
In IPoA encapsulation mode, the user PC is configured with private network address. The RTU needs to be configured with both private and public network addresses. The private network address and the user PC are located in the same segment. With the IPoA function, the RTU can obtain its public IP address through both static configuration and dynamic allocation. The PC is configured with a private IP address. To access the public network, the RTU converts the private IP address into a public one through NAT. When offering IPoA function, the MA5300 works in L2 static mode or L3 dynamic mode. It terminates IPoA packets, and converts them into IPoE packets. In these two modes, the MA5300 adopts different configurations and mechanisms.
I. L2 mechanism
In this mode, the PVCs of the MA5300 shall contain the IP address of the upper layer gateway. With the IP address, the MA5300 can automatically obtain the MAC address of the upper layer gateway to set up an upstream route. At the same time, the MA5300 can also obtain the IP address of the RTU through the Reverse Address Resolution Protocol (RARP). When you create an IPoA PVC, the MA5300 can allocate a source MAC address for the PVC through its source MAC address pool. Using the source MAC address and destination IP address of the PVC, the MA5300 can form an ARP entry and an upstream route. It also informs the upper layer router to refresh the ARP table.
II. L3 mechanism
When the MA5300 works in this mode, you need to set the IP address of the VLAN used for packet forwarding as that of IPoA gateway. The MA5300 can obtain the IP address of the RTU. This IP address, together with the allocated source MAC address, forms the ARP entry of the downstream route. In this mode, the MA5300 first terminates IPoA packets, and then performs L3 routing and forwarding locally, regardless of the configuration on the L3 device.
The IPoA configuration involves: Setting an IPoA Connection (Single-PVC) Setting an IPoA Connection (Multi-PVC) Setting the Source MAC Address Setting the Default IP Address of the Upper Layer Gateway Setting the Mode of Obtaining Peer End IP Address Viewing IPoA information Table 21-3 lists the commands for configuring IPoA. Table 21-3 Commands for configuring IPoA To... Use... In... Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode Global configuration mode ADSL port configuration mode/SHDSL port configuration mode ADSL port configuration mode/SHDSL port configuration mode
connect-type ipoa-llc
multipvc add
multipvc modify
multipvc delete
Set the source MAC address Set the default IP address of the upper layer gateway Set the mode of obtaining peer end IP address
In... All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
show atm ipoa config show atm ipoa config atm-terminated source-mac show atm ipoa config atm-terminated dest-address show atm atm-terminated source-mac ipoa
View the information on the source MAC address pool View the information on the default gateway addresses View the information on the use state of source MAC addresses
Note: It only describes the PVC associated with IPoA here. For other types of PVCs, refer to related chapters. A PVC can be configured in port configuration mode or global configuration mode. The following only describes how to configure a PVC in global configuration mode. To configure a PVC in port configuration mode, the input of port parameters is not required.
Parameter
Meaning
Description You need to set the IP address for the VLAN to which the ADSL port belongs. The IP address is used as the address of the upper layer gateway. Run the command atm-terminated ipoa dest-ip ip to set the default IP address first. -
Remark in L2 mode.
dest-dynamic
default-ip
The MA5300 adopts the default IP address of the upper layer gateway. The MA5300 adopts the IP address specified for upper layer gateway.
ip address
Through the IP address, the system can obtain the destination MAC address from the IPoE packets.
This example shows how to set an IPoA connection for port adsl 1/0/1. Assume that the MA5300 works in L3 mode, port adsl 1/0/1 belongs to VLAN 10, and VLAN 10 is configured with an IP address.
MA5300(config)#connect-type ipoa-llc adsl 1/0/1 dest-dynamic
This example shows how to set an IPoA connection for port adsl 1/0/2. Assume that the MA5300 works in L2 mode, and uses the IP address of the upper layer gateway.
MA5300(config)#connect-type ipoa-llc adsl 1/0/2 dest-static default-ip
Note: For details on the description of parameters, refer to 21.3.2 Setting an IPoA Connection (Single-PVC). By default, the system works in L2 mode, and uses the IP address of the upper layer gateway. PVCs configured for an ADSL port must not belong to the same VLAN. The VLAN to which these PVCs belong shall already exist. If the system works in L3 mode, you need to set the IP address for the VLAN.
This example shows how to add an IPoA PVC to port adsl 1/0/0. Assume that the PVC belongs to VLAN10, and the MA5300 works in L2 mode.
MA5300(config)#multipvc add adsl1/0/0 pvcindex 2 vpi 50 vci 50 connect-type ipoa-llc vlan 10
The management of MAC address pool is based on demands. When a PVC is created, it is also allocated with an MAC address. When a PVC is deleted, the MAC address of the PVC is also released. To set or modify a source MAC address pool manually, you can run this command: atm-terminated source-mac H.H.H [ scope scope-value ] To delete a source MAC address pool, you can run the command no atm-terminated source-mac. By default, an MAC address pool supports 1792 MAC addresses. The MA5300 is configured with a default MAC address segment, which ranges from 00e0.fc20.3bb9 to 00e0.fc20.4bb8, totally 4096 addresses. The segment is divided into 4 sections, one section for every frame, and 1024 MAC addresses per section. Therefore, the MA5300 can be subtended with up to 4 frames. 00e0.fc20.3bb900e0.fc20.3fb8 00e0.fc20.3fb900e0.fc20.43b8 00e0.fc20.43b900e0.fc20.47b8 00e0.fc20.47b900e0.fc20.4bb8 Description of the source MAC address: If you have configured an MAC address pool manually for the system, the MAC address range in this address pool overrides the default one. If no MAC address pool is configured manually in the system, the default one will be used. The section number is the frame number plus 1. You can run the command frameid set to specify the number of a frame. When modifying an MAC address pool configured manually, you cannot modify an MAC address already distributed. For a system configured with an MAC address pool, you need to delete the configured one and reset the system before the default one can be used. You cannot delete an MAC address pool in use. You can configure only one MAC address pool in the MA5300. This example shows how to set an MAC address pool: its start source MAC address is 00e0.fc01.0203, and its capacity is 256.
MA5300(config)#atm-terminated source-mac 00e0.fc01.0203 scope 256
To set the IP address of the upper layer gateway, you can specify it when setting an IPoA PVC, or run the command atm-terminated ipoa dest-ip ip. To delete the default IP address, you can run the command no atm-terminated ipoa dest-ip ip. If the IP address of the upper layer gateway is in use, you cannot delete it. This example shows how to set the IP address of the upper layer gateway as 20.1.1.1.
MA5300(config)#atm-terminated ipoa dest-ip ip 20.1.1.1
ip-address ipaddress
Bind the port with the peer end IP address of the PVC
The system will obtain the peer end IP address through dynamic protocol. minute minutes determines the interval at which the system sends InATMARP packets. The default value is 15 minutes. The system will obtain the MAC address of the upper layer gateway through dynamic protocol. minute minutes determines the interval at which upper layer MAC address is refreshed. The default value is 3 minutes.
This example shows how to set the peer end IP address as 20.30.40.50 for the IPoA PVC of port adsl 2/0/0.
MA5300(config-if-Adsl2/0/0)#atm ipoa pvc vpi 0 vci 35 protocol ip ip-address 20.30.40.50
This example shows how to set the interval at which port adsl 2/0/0 sends InATMARP packets over IPoA PVC [0/35] as 20 minutes.
MA5300(config-if-Adsl2/0/0)#atm ipoa pvc vpi 0 vci 35 protocol ip inarp minute 20
------------------------------------------------------------
This example shows how to view the information on the source MAC address pool.
MA5300(config)#show atm ipoa config atm-terminated source-mac Source MAC pool information: -----------------------------------------------------------Source_MAC_begin Scope Used_num Remained_num
------------------------------------------------------------
This example shows how to view the information on the default gateway address.
A5300(config)#show atm ipoa config atm-terminated dest-address Default destination gateway address information: ---------------------------------------------------
--------------------------------------------------20.1.1.1 0000.0000.0000 2
---------------------------------------------------
II. Viewing the information on the use state of source MAC addresses
To view the information on the use state of source MAC addresses, you can run the command show atm ipoa atm-terminated source-mac. This example shows how to view the information on all source MAC addresses being used.
MA5300(config)#show atm ipoa atm-terminated source-mac all Source MAC mapped with PVC information: -------------------------------------------------------Source_MAC PVC[Interface VPI/VCI]
---------------------------------------------------------
Source MAC address : 00e0.fc01.020a Source protocol address : NULL Destination MAC address : 00e0.fc12.e3f3 Destination gateway IP The InATMARP interval : 10.1.1.2(Local route interface) : 15(minute)
This example shows how to view the packet statistics of PVC 2 which belongs to port adsl 1/0/0.
MA5300(config)#show atm ipoa pvc adsl 1/0/0 pvcindex 2 statistic -----------------------------------------------------------PVC[Adsl1/0/0 30/100] ATM packet statistics -----------------------------------------------------------The number of ATM packet received : 0 The number of error ATM packet received: 0 The number of ATM packet sent: 8 The number of error ATM packet sent: 1 The number of InATMARP requests received: 0 The number of InATMARP requests sent: 9 The number of InATMARP replies received: 0 The number of InATMARP replies sent: 0 The number of invalid InATMARP requests received: 0 The number of times that not receive an InATMARP reply: 1 The number of times that InATMARP reply expired: 8 ------------------------------------------------------------
I. Configuration procedure
To configure L2 IPoA access, do as follows: 1) 2) 3) 4) 5) Set the Modem encapsulation type as IPoA. Set the source MAC address pool. Set the IP address for the default upper layer gateway. Set the access mode of a port as IPoA. (Optional.) Set the IP address acquiring mode for the peer end of a PVC.
Huawei Technologies Proprietary 21-19
6) 7)
Internet
E A D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 21-1 Networking for L2 IPoA application Networking description: The MA5300 connects to the ADSL Modem through port adsl 1/0/1 on the EADA board, and connects to the upstream device through port Ethernet 7/2/0. The ADSL port belongs to VLAN 100. The MA5300 uses the default source MAC address pool. Configurations of the ADSL Modem: It works in IPoA (encapsulation type is RFC 1577) access mode NAT and DHCP Server are enabled The PVCs VPI/VCI is 0/35 The user subnet address is 192.168.1.1/24 The IPoA address is 10.1.1.1 The remote end IP address is 10.1.1.254 The router connects to the MA5300s port FE 7/2/0 through ETH 1, whose IP address is 10.1.1.254/24.
2) 3)
Set the default upper layer address. Set the access mode of port adsl 1/0/1as IPoA, and specify the default gateway address.
4)
5) 6)
Activate port adsl 1/0/1 using the default profile. View the configuration.
------------------------------------------------------------
This example shows how to view the configuration of port adsl 1/0/1.
MA5300(config)#show atm ipoa pvc adsl 1/0/0 { <cr>|to<K>|Adsl<K>|statistic<K>|pvcindex<K>|vpi<K> }: Adsl1/0/0: PVC 1 PVC connect type PVC Map VLAN Source MAC address : Enable : IPOA-LLC : VPI is 0,VCI is 35 : 100 : 00e0.fc20.3bb9
IV. Verification
With the above steps, the user can access the Internet through dialup.
E A D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 21-2 Networking for the L3 IPoA application The networking description:
The MA5300 connects to the ADSL Modem through port adsl 1/0/1 on the EADA board, and connects to the upstream device through port Ethernet 7/2/0. Port ADSL1/0/1 belongs to VLAN 100, and the VLAN interfaces IP address is 10.1.1.254/24. The MA5300 uses the default source MAC address pool. Configurations of the ADSL Modem: It works in IPoA (encapsulation type is RFC 1577) access mode NAT and DHCP Server are enabled The PVCs VPI/VCI is 0/35 The user subnet address is 192.168.1.1/24 The IPoA address is 10.1.1.1 The remote end IP address is 10.1.1.254 The router connects to the MA5300s FE 7/2/0 through ETH 1. The IP address of the routers ETH 1 is 10.1.1.254/24, and that of ETH 2 is 20.1.1/30.
2)
3) 4)
Set the access mode of port adsl 1/0/1 as IPoA. Set the peer end IP address of a PVC.
5) 6)
Activate port adsl 1/0/1 using the default profile. Add the default route connecting to upper layer equipment.
7)
This example shows how to view the detailed information of an IPoA PVC.
MA5300(config)#show atm ipoa pvc adsl 1/0/0 { <cr>|to<K>|Adsl<K>|statistic<K>|pvcindex<K>|vpi<K> }: Adsl1/0/1: PVC 1 PVC connect type PVC Map VLAN Source MAC address : Enable : IPOA-LLC : VPI is 0,VCI is 35 : 100 : 00e0.fc20.3bb9
Source protocol address : 10.1.1.1(Dynamic) Destination MAC address : 00e0.fc15.173c Destination gateway IP The InATMARP interval The ARP interval : 10.1.1.254(Local route interface) : 15(minute) : 3(minute)
This example shows how to view the configuration of VLAN 100s interface.
MA5300(config)#show interface vlan-interface 100 Vlan-interface100 is up, line protocol is up
Description : HUAWEI, Quidway Series, Vlan-interface100 Interface The Maximum Transmit Unit is 1500 Internet Address is 10.1.1.254/24 IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is
00e0.fc12.e3f3
IV. Verification
With the above steps, the user can access the Internet through dialup.
Setting Up a PPPoA Connection (Single PVC) Setting Up a PPPoA Connection (Multi-PVC) Setting the PPPoA Source MAC Address Setting the PPPoA Destination MAC Address Setting the PPPoA Session ID Area Viewing PPPoA Information Table 21-6 lists the commands for configuring PPPoA. Table 21-6 Commands for configuring PPPoA To Use In Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode/ADSL port configuration mode/SHDSL port configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode All modes except the user EXEC mode
connection
connect-type
multipvc add
multipvc modify
multipvc delete
Set the PPPoA source MAC address pool Set the PPPoA destination MAC address Set the PPPoA Session ID area Modify the Session ID area of a slot View the PPPoA connection
(no) atm-terminated source-mac atm-terminated dest-mac atm-terminated start-session-id atm-terminated session-id show pppoa connection
Note: It only describes the PVC associated with IPoA here. For other types of PVCs, refer to related chapters.
static
This example shows how to set a PPPoA-LLC connection for port adsl 1/0/0.
Note: For details on the description of parameters, refer to 21.4.2 Setting Up a PPPoA Connection (Single PVC).
Note that: By default, static mode is adopted. PVCs configured for an ADSL/SHDSL port must not belong to the same VLAN. One ADSL/SHDSL port can allow up to one PVC adopting dynamic mode. This example shows how to add a PPPoA PVC to port adsl 1/0/5. Assume that the PVC belongs to VLAN10, and static mode is adopted.
MA5300(config)#multipvc add adsl1/0/5 pvcindex 2 vpi 10 vci 100 connect-type pppoa-llc static vlan 10
This example shows how to delete PVC 2 which belongs to port adsl 1/0/0.
MA5300(config)#multipvc delete adsl1/0/0 pvcindex 2
The specified Session ID must be in the range specified by running the command atm-terminated start-session-id. This example shows how to set the start number and range of Session ID area to 1 and 2016 respectively.
MA5300(config)#atm-terminated start-session-id 1 scope 2016
-------------------------------------------------------0 1 2 3 4 5 6 9 10 11 12 13 14 15 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 49 97 145 193 241 289 337 385 433 481 529 577 625 48 96 144 192 240 288 336 384 432 480 528 576 624 672
This example shows how to set the Session ID of the board in slot 2 to use area 1, and change the area with the one used by slot 0.
MA5300(config)#atm-terminated session-id 2 1 swap
To view the information on PPPoA connection, you can run the command show pppoa connection.
MA5300(config)#show pppoa connection all interface pvcindex source-mac dest-mac session-id mode
2)
View the static configuration of PPPoA access. To view the information on destination MAC address, you can run the command show atm-terminated dest-mac. To view the configuration of Session ID, you can run the command show atm-terminated session-id.
I. Configuration procedure
To configure PPPoA Access in static mode, do as follows: 1) 2) 3) 4) 5) 6) 7) Set the Modems encapsulation type as PPPoA. Set the source MAC address pool. Set the destination MAC address. Set PPPoA Session ID. Set the access mode of a port as PPPoA. Activate the port. View the configuration.
ESM MODEM
ISU
PC
Figure 21-3 Networking for the PPPoA application (static mode) Networking description: 1) 2) 3) 4) The MA5300 connects to the ADSL Modem through port adsl 1/0/2 on the EADA board. The ESM connects to the ISU through the backplanes GE interface. The PPPoA access adopts static mode. Configurations of the ADSL Modem: It works in PPPoA access mode NAT and DHCP Server are enabled The PVCs VPI/VCI is 0/35 The user subnet address is 192.168.1.1/24 5) The ISU board is configured with built-in DHCP Server function. The user subnet address is 10.1.1.110.1.1.10. The gateway is 10.1.1.254/24 The ISU adopts local authentication/non-accounting mode for PPPoE users (the account is test@isp/test).
GigabitEthernet7/1/1 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/1 has been connected to inner-isu. MA5300(config)#interface gigabitEthernet 7/1/1 MA5300(config-if-GigabitEthernet7/1/1)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/1/1)#switchport trunk allowed vlan 100 Please wait... Done. MA5300(config-if-Ethernet7/1/1)#exit
2)
Set a source MAC address pool. This step is not required if the address pool has been configured during the IPoA configuration.
MA5300(config)#atm-terminated source-mac 0001.0203.0000 scope 1000
3) 4) 5) 6) 7)
Set the PPPoA destination MAC address using the ISUs MAC address.
MA5300(config)#atm-terminated dest-mac pppoa 0002.0003.0000
Set the PPPoA Session ID, and make sure that it is identical with that of the ISU.
MA5300(config)#atm-terminated start-session-id 2049 scope 1000
This example shows how to view the configuration of the PPPoA Session ID.
MA5300(config)#show atm-terminated session-id
This example shows how to view the configuration of the PPPoA connection.
MA5300(config)#show pppoa connection all interface pvcindex source-mac dest-mac session-id mode
This example shows how to view the configuration of port adsl 1/0/2.
MA5300(config)#show interface adsl1/0/2
This example shows how to view the configuration of the ISU board.
[ISU]interface Virtual-Template 1 [ISU-Virtual-Template1]ppp authentication-mode chap [ISU-Virtual-Template1]quit [ISU]interface GigabitEthernet 10 [ISU-GigabitEthernet10]pppoe-server bind virtual-template 1 [ISU-GigabitEthernet10]quit [ISU]ip pool huawei local [ISU-ip-pool-huawei]gateway 10.1.1.254 255.255.255.0
[ISU-ip-pool-huawei]section 0 10.1.1.1 10.1.1.10 [ISU-ip-pool-huawei]dns-server 100.1.1.254 [ISU-ip-pool-huawei]dns-server 100.1.1.253 secondary [ISU-ip-pool-huawei]netbios-name-server 200.1.1.254 [ISU-ip-pool-huawei]netbios-name-server 200.1.1.253 secondary [ISU-ip-pool-huawei]quit [ISU]aaa [ISU-aaa]authentication-scheme auth1 [ISU-aaa-authen-auth1]authentication-mode local [ISU-aaa-authen-auth1]quit [ISU-aaa]accounting-scheme acct1 [ISU-aaa-accounting-acct1]accounting-mode local [ISU-aaa-accounting-acct1]quit [ISU-aaa]domain isp [ISU-aaa-domain-isp]authentication-scheme auth1 [ISU-aaa-domain-isp]accounting-scheme acct1 [ISU-aaa-domain-isp]ip-pool huawei [ISU-aaa-domain-isp]quit [ISU-aaa]quit [ISU]local-aaa-server [ISU-local-aaa-server]user test@isp password test [ISU-local-aaa-server]quit [ISU]portvlan gigabitethernet 10 vlan 100 [ISU-gigabitethernet10-10-vlan100-100]access-type layer2-subscriber [ISU-gigabitethernet10-10-vlan100-100]default-domain authentication isp [ISU-gigabitethernet10-10-vlan100-100]authentication-method pppoe [ISU-gigabitethernet10-10-vlan100-100]quit
IV. Verification
With the above steps, the user can access the Internet through dialup.
E A D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 21-4 Networking for the PPPoA application (dynamic mode) Networking description: 1) 2) 3) 4) The MA5300 connects to the ADSL Modem through port adsl 1/0/0 on the EADA board. IP address is obtained dynamically for Internet access. The default MAC address pool is used. The MA5300s service is implemented through VLAN 100. Configurations of the ADSL Modem: It works in PPPoA access mode NAT and DHCP Server are enabled The PVCs VPI/VCI is 0/35 The user subnet address is 192.168.1.1/24
2)
MA5300(config-if-GigabitEthernet7/1/1)#exit
3)
4) 5)
This example shows how to view the configuration of the PPPoA connection.
MA5300(config)#show pppoa connection all interface pvcindex source-mac dest-mac session-id mode
This example shows how to view the use state of source MAC address.
MA5300(config)#show atm ipoa Source MAC pool information: -----------------------------------------------------------Source_MAC_begin Scope Used_num Remained_num config atm-terminated source-mac
------------------------------------------------------------
This example shows how to view the configuration of port adsl 1/0/0.
MA5300(config)#show interface adsl 1/0/0
IV. Verification
With the above steps, the user can access the Internet through dialup.
QoS strategy sending Configuration information sending PITP is designed to offer additional VLAN resources, and enable IPTN QoS and unified maintenance and management. Supporting PITP, the MA5300, together with the ISN8850 or the ESR8825, use the port information included in PPPoE request packets for user labeling and user account and port binding. PITP works in two modes: V mode and P mode, corresponding to the key words of vmode and pmode. When one mode is enabled, the other one is disabled. The default mode is PITP P mode, namely PPPoE Plus mode. Table 21-8 lists the commands for configuring PITP V/P mode. Table 21-8 Commands for configuring PITP V/P mode To... Enable/Disable PITP V mode Set the encapsulation PITP V mode Enable/Disable Plus Ethernet type in PPPoE Use... pitp vmode enable/disable Global mode Global mode Global mode Global mode Global mode Global mode Global mode In... configuration
configuration
pitp pmode enable/disable (no) pitp pmode uplink-port allowed show pitp configuration pmode
configuration
Enable/Disable an upstream port for PPPoE Plus packets View the PPPoE Plus configuration View PPPoE statistics Clear PPPoE statistics View the V configuration Plus Plus mode
configuration
show pitp pmode statistics clear pitp pmode statistics show state pitp vmode config
To view the configuration of PTIP V mode, you can run the command show pitp vmode config state.
MA5300(config)#show pitp vmode config state PITP is enable.
To view the configuration, you can run the command show pitp vmode config ethernet-type.
MA5300(config)#show pitp vmode config ethernet-type PITP protocol ethernet-type is: 0x8200.
Note: PPPoE Plus does not change other fields of a PPPoE packet. PPPoE Plus is compatible with common VLAN, Smart VLAN, MUX VLAN, IGSP and IGMP Proxy. PPPoE Plus can coexist with DHCP Option82 in any PVC of a port.
This example shows how to enable the PPPoE Plus for PVCs of port adsl 1/0/0 in global configuration mode.
MA5300(config)#pitp pmode enable adsl1/0/0 pvc vpi 8 vci 35
2)
After capturing the port/PVC information included in the PPPoE packets, the MA5300 will forward packets to the ports which are included in the same VLAN and allow the transmission of PPPoE Plus packets upstream. To enable an upstream port for PPPoE Plus packets, you can run the command pitp pmode uplink-port allowed. To disable an upstream port for PPPoE Plus packets, you can run the command no pitp pmode uplink-port allowed. By default, the ESM boards FE/GE ports allow the transmission of PPPoE Plus packets upstream. This example shows how to enable an upstream port for PPPoE Plus packets.
MA5300(config)#no pitp pmode uplink-port allowed ethernet 7/1/0
3)
To view the PPPoE Plus configuration, you can run the command show pitp pmode configuration. The configuration comprises the global switch, PPPoE Plus upstream port, and port/PVC switch. With no parameter specified, the command displays the configuration in both global configuration mode and port/PVC configuration mode. With the port specified only, the command displays the configuration in both global configuration mode and port configuration mode. For an ADSL port, the command displays the configuration of all PVCs of the port. With both the port and PVC specified, the command displays the configuration in both global configuration mode and port configuration mode. For an ADSL port, the command displays the configuration for the specified PVC. For ADSL ports without PVC, the command displays these ports in the last line. This example shows how to view the configuration of all PVCs of port adsl 1/0/0.
MA5300(config)#show pitp pmode configuration adsl 1/0/0 { <cr>|to<K>|pvc<K> }: PITP pmode is disabled globally Port-string writing is enabled The uplink-port allowed: Ethernet7/1/1 GigabitEthernet7/1/4 Ethernet7/1/2 GigabitEthernet7/1/5 Ethernet7/1/3
4)
To view PPPoE Plus statistics, you can run the command show pitp pmode statistics. To clear PPPoE Plus statistics, you can run the command clear pitp pmode statistics. This example shows how to view the PPPoE Plus statistics.
MA5300(config)#show pitp pmode statistics PITP pmode packet statistics: PITP pmode total received PADI packet: 163 PITP pmode total received PADR packet: 13 PITP pmode total received PADT packet: 2 PITP pmode total received ERR packet: 0 PITP pmode total send fail packet: 0 PITP pmode total received untrust packet: 0
This example shows how to clear the PPPoE Plus packet statistics.
MA5300(config)#clear pitp pmode statistics
E A D A
FE7/2/0
ESM MODEM
MA5300
PC
Figure 21-5 Networking of a PPPoE Plus application Figure 21-5 shows the networking of PPPoE Plus application. The configuration data for the network is as follows: The ESM boards upstream port is connected to the built-in PPPoE Server with accounting and authentication functions. PC1 connects to port 1/0/11 of the MA5300s EVDA board. The ESM boards port 7/1/0 serves as the PPPoE Pluss upstream port. Port vdsl 1/0/11 and port Ethernet 7/1/0 belong to VLAN 2. The ISN8850 is used to offer PPPoE Server function and terminate the PPPoE packets.
2)
Configure port Ethernet 7/1/0 as the PPPoE Pluss upstream port, and define the port as a Trunk port allowing the pass of VLAN 2.
MA5300(config)#pitp pmode uplink-port allowed ethernet 7/1/0 MA5300(config-vlan2)#interface ethernet7/1/0 MA5300(config-if-Ethernet7/1/0)#switchport mode trunk
3) 4) 5)
Enable PPPoE Plus globally. Enable PPPoE Plus for port vdsl 1/0/11. View the configuration.
MA5300(config)#show pitp pmode configuration vdsl1/0/11 { <cr>|to<K>|pvc<K> }: PITP pmode is enabled globally Port-string writing is enabled The uplink-port allowed: Ethernet7/1/0 Ethernet7/1/3 Ethernet7/1/1 GigabitEthernet7/1/4 Ethernet7/1/2 GigabitEthernet7/1/5
-------------------------------------------------------------Vdsl1/0/11 Enable
IV. Verification
With the above steps, the user can access the Internet through dialup.
Configuring the VLAN Trunk Configuring a VLAN Interface Table 22-1 lists the commands for configuring a common VLAN. Table 22-1 Commands for configuring a common VLAN To Create/Delete a VLAN Add/Delete interface a VLAN Use (no) vlan (no) interface vlan-interface (no) switchport In Global configuration mode Global configuration mode VLAN configuration mode VLAN interface configuration mode VLAN interface configuration mode Port configuration mode
Add/Delete a port to/from a VLAN Set/Delete the IP address for a VLAN interface Enable/Disable a VLAN interface Specify/Cancel a Trunk port Specify the VLAN(s) to allow its traffic to pass a Trunk port Set the default VLAN ID of the Trunk port View the information View VLAN information VLAN interface
(no) ip address
(no) shutdown (no) switchport mode (no) switchport trunk allowed (no) switchport trunk native show vlan show interface vlan-interface
Port configuration mode All modes except the user EXEC mode All modes except the user EXEC mode
This example shows how to create VLAN 2 and enter VLAN configuration mode.
MA5300(config)#vlan 2 MA5300(config-vlan2)#
Note: Ports on the same ADSL or SHDSL board cannot communicate with each other even though they are included in the same VLAN. However, ports on different ADSL or SHDSL boards but included in the same VLAN can communicate with each other.
To add a port to a VLAN, you can run the command switchport. To delete a port from a VLAN, you can run the command no switchport.
Note: On a board, the logical number of a GE port is usually larger than that of an FE port, regardless of their actual slot numbers. When you add/delete FE and GE ports to/from a VLAN in batches, the operation is based on logical port numbers. If the end port number is a GE port number, all FE ports between the start and end port numbers will be added to the VLAN.
This example shows how to add all VDSL ports in slot 5 to VLAN 2.
MA5300(config-vlan2)#switchport vdsl 5/0/0 to vdsl 5/0/23
This example shows how to delete all VDSL ports in slot 5 from VLAN 2.
MA5300(config-vlan2)#no switchport vdsl 5/0/0 to vdsl 5/0/23
To view the detailed information on all VLANs, you can run the command show vlan all. To view the detailed information on a specific VLAN, you can run the command show vlan id. This example shows how to view the brief information on a VLAN.
MA5300(config)#show vlan Now, the following vlan exist(s): 1(default), 2
Note: VLAN batch configuration and MUX VLAN are designed to realize the same function, but they are incompatible with each other. If a ports VLAN does not exit, the system will create a VLAN for the port automatically. A VLAN list cannot contain a Smart VLAN. A port list cannot contain a Trunk port.
Description : HUAWEI, Quidway Series, Vlan-interface1 Interface The Maximum Transmit Unit is 1500 Internet Address is 10.71.53.2/25 IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is
00e0.fc11.19c3
I. Networking description
E E V A D D A A FE7/2/0
ESM
MA5300
MODEM
MODEM
PC1
PC2
Figure 22-1 Application of LAN Interconnection 1) 2) 3) 4) 5) 6) PC1 is connected to port 0/0/0 on the MA5300s EVDA board. The IP address of PC1 is 10.1.1.1/24. PC2 is connected to port 1/0/0 on the MA5300s EADA board. The IP address of PC2 is 10.1.1.2/24. Both port 0/0/0 and port 1/0/0 belong to VLAN 2. The upstream rate for the VDSL user is 1.5 Mbit/s, and the downstream rate is 4 Mbit/s. The upstream rate for the ADSL user is 0.5 Mbit/s, and the downstream rate is 2 Mbit/s. The working mode is the interleaved mode. The Modem works in 1483B mode with VPI/VCI of 0/35
2)
Add a VDSL line profile with these attributes: Upstream rate: 1.5 Mbit/s Downstream rate: 4 Mbit/s Signal noise ratio: 6 Interleaved depth for both upstream and downstream:1 Auto train: enabled
Huawei Technologies Proprietary 22-8
PSDMask: disabled
MA5300(config)#vdsl line-profile add 2 Start profile 2 adding. During input,press 'CTRL+C' to quit,then settings at this time are neglected. > VDSL link auto train 1-enable 2-disable (1~2)[1]:
> Target bit rate in downstream (780~25000 kbps) [12500]:4000 > Target bit rate in upstream (780~25000 kbps) [12500]:1500 > Target downstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Target upstream interleaved depth 0,1,2,8,16 (0~16) [1]: > Signal to noise ratio margin in downstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Signal to noise ratio margin in upstream:precision 0.1dB(0.0~31.0 dB) [6.0]: > Will you set downstream PSDMask?(y/n)[n]: > Will you set upstream PSDMask?(y/n)[n]: Add profile 2 successfully
3)
To add an ADSL line profile with these attributes: Upstream rate: 0.5M Downstream rate is 2M Working mode: interleave mode
MA5300(config)#adsl line-profile add 3 Start profile 3 adding. During input,press 'CTRL+C' to quit,then settings at this time are neglected. > Will you set basic configuration for modem? (y/n)[n]:y > ADSL operating mode: > > > > > > 0: All(G992.1, G992.2, T1.413) 1: Full rate(G992.1 or T1.413) 2: G992.2(g.lite) 3: T1.413 4: G992.1(g.dmt) 5: g.hs(G992.1 and G992.2, G992.1 is prior) (0~5) [0]:
> Trellis coding 1-enable 2-disable (1~2) [1]: > Upstream channel bit swap 1-enable 2-disable (1~2) [2]: > Downstream channel bit swap 1-enable 2-disable (1~2) [2]: > Will you set channel mode? (y/n)[n]:y > Please select channel mode 0-interleaved 1-fast (0~1) [1]: 0 > Will you set interleave depth? (y/n)[n]:y > Maximum downstream interleaved depth 2,4,8,16,32,64,128 DMT (2~128) [64]: > Maximum upstream interleaved depth 2,4,8,16,32,64,128 DMT (2~128) [64]: > Will you set noise margin for modem? (y/n)[n]:y > Minimum noise margin in downstream (0~15 dB) [0]:
> Maximal noise margin in downstream (0~31 dB) [31]: > Target noise margin in downstream(0~15 dB) [12]: > Minimum noise margin in upstream (0~15 dB) [0]: > Maximal noise margin in upstream (0~31 dB) [31]: > Target noise margin in upstream (0~15 dB) [12]: > Will you set parameters for rate? (y/n)[n]:y > If you want the fixed rate, set the Minimum value equal to Maximum value. > Minimum bit rate in downstream (32~8160 Kbps) [32]: > Maximum bit rate in downstream (32~8160 Kbps) [6144]:2048 > Minimum bit rate in upstream (32~896 Kbps) [32]: > Maximum bit rate in upstream (32~896 Kbps) [640]:512 Add profile 3 successfully
4)
Set a PVC If the ADSL port is connected with one user. Set multiple PVCs if the ADSL port is connected with multiple users. Here only one user is connected to the ADSL port.
MA5300(config)#interface adsl 1/0/0 MA5300(config-if-Adsl1/0/0)#adsl pvc vpi 0 vci 35 MA5300(config-if-Adsl1/0/0)#exit
5)
This example shows how to activate port vdsl 0/0/0 and bind it with line profile 2.
MA5300(config)#vdsl activate vdsl 0/0/0 2
This example shows how to activate port adsl 1/0/0, and bind it with line profile 3.
MA5300(config)#adsl activate adsl 1/0/0 3
Rate(Kbps) Rate(Kbps) Margin(dB) Margin(dB) -------------------------------------------------------------------1 2 LINE-PROFILE-1 LINE-PROFILE-2 12500 4000 12500 1500 6.0 6.0 6.0 6.0 enable enable
MA5300(config)#show adsl line-profile all Index ProfileName Target SnrMgn (dB) Atuc-Max txRate (Kbps) Atur-Max txRate (Kbps) trans-mode chan-mode
-------------------------------------------------------------------1 2 3 LINE-PROFILE-1 LINE-PROFILE-2 LINE-PROFILE-3 12 12 12 6144 6144 2048 640 640 512 all all all FAST INTERLEAVE INTERLEAVE
2)
MA5300(config)#show vdsl line state vdsl 0/0/0 Vdsl0/0/0 vdsl link status The actual down-stream rate(Kbps) The actual up-stream rate(Kbps)
The down-stream interleave delay(ms): 1 The up-stream interleave delay(ms) Rmote tx-power(dBm/Hz) Local tx-power(dBm/Hz) Remote SNR(dB) Local SNR(dB) Remote SNR Margin(dB) Local SNR Margin(dB) Remote MSE(dB) Local MSE(dB) Remote RS count Local RS count DownTimes : 1 : -89.720 : -66.770 : 38.240 : 27.220 : 13.1 : 8.0 : 21.800 : 17.160 : 0 : 0 : 1
3)
MA5300(config)#show vlan 2 Vlan ID: 2 Vlan Type: static Route Interface: not configured Tagged Ports: none
V. Verification
Ping PC2 from PC1. If the pinging succeeds, ports vdsl 0/0/0 and adsl 1/0/0 can interconnect with each other.
I. Networking description
E E V A D D A A GE7/1/0 M P U FE2/0/15 GE1/0/0 N E T
ESM
MA5300
LPU LPU
S8016
RTU
RTU
Figure 22-2 Application of VLAN interconnection 1) 2) 3) 4) PC1 is connected to port 0/0/0 on the MA5300s EVDA board. The IP address of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254. PC2 is connected to port 1/0/0 on the MA5300s EADA board. The IP address of PC2 is 10.1.1.2/24. The IP address of the Server is 10.1.3.1/24; the IP address of the gateway is 10.1.3.254. Port 0/0/0 belongs to VLAN 10, and port 1/0/0 belongs to VLAN 20. The MA5300 is connected to an S8016 through a GE port (Trunk mode) that allows the pass of the traffic of VLAN 10 and VLAN 20. 5) 6) 7) The ADSL/VDSL ports are activated using the default line profile respectively. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. VLAN 10, VLAN 20, VLAN 100 and VLAN 200 are configured on the S8016. VLAN 100 is the Super VLAN, which includes two sub VLANs: VLAN 10 and VLAN 20. The IP address of VLAN 100 is 10.1.1.254/24, and the IP address of VLAN 200 is 10.1.3.254/24.
2)
3)
MA5300(config)#interface gigabitethernet 7/1/0 MA5300(config-if-GigabitEthernet7/1/0)#switchport mode trunk MA5300(config-if-GigabitEthernet7/1/0)#switchport trunk allowed vlan 10 20
Last DOWN time : 0000-00-00 Full-duplex, 1000M Flow control is disabled Broadcast max-ratio is 1% Allow jumbo frame to pass PVID is 1 Priority is 0 Max multicast group count: 2 Port mode: trunk
Vlan passing : 1(default vlan), 10, 20 Vlan allowed : 1(default vlan), 10, 20 Trunking encapsulation: dot1q 68 packets output, 0 packets/sec, 0 bytes/sec 5680 bytes, 68 multicasts, 0 broadcasts, 0 pauses 0 packets input, 0 packets/sec, 0 bytes/sec 0 bytes, 0 multicasts, 0 broadcasts, 0 pauses 0 CRC errors
V. Verification
Ping PC2 from PC1. If the pinging succeeds, ports vdsl 0/0/0 and adsl 1/0/0 can interconnect with each other.
If an upstream port of a Smart VLAN is a Trunk port, make sure that the VLANs allowed to pass the port cannot include a Smart VLAN when running the command switchport trunk allowed vlan. Otherwise, the system will prompt error, because the upstream port of a Smart VLAN definitely allows the Smart VLAN to pass it.
MA5300(config-vlan10)#svlan-upport e7/2/0 MA5300(config-vlan10)#exit MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan all Please wait... This command is ignored, for there is a smartvlan in vlan-list
To add a downstream port to a Smart VLAN, you can run the command svlan-downport. To delete a downstream port from a Smart VLAN, you can run the command no svlan-downport. This example shows how to add port adsl 1/0/0 to VLAN 12 in VLAN configuration mode.
MA5300(config-vlan12)# svlan-downport adsl 1/0/0
This example shows how to add port Ethernet 7/1/0 to VLAN 12 in VLAN configuration mode.
MA5300(config-if-Ethernet7/1/0)#svlan-downport vlan 12
Note: To add/delete a port to/from a Smart VLAN, you can only run the command (no)svlan-upport or (no) svlan-downport. You cannot run the command (no) switchport, which applies to a common VLAN only.
ESM
MA5300
LPU LPU
S8016
RTU
RTU
Figure 22-3 Application of Smart VLAN (Access mode) 1) 2) 3) 4) PC1 is connected to port 0/0/0 on the MA5300s EVDA board. The IP address of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254. PC2 is connected to port 1/0/0 on the MA5300s EADA board. The IP address of PC2 is 10.1.1.2/24; the IP address of the gateway 10.1.1.254. The IP address of the Server is 10.1.3.1/24; the IP address of the gateway is 10.1.3.254. Set VLAN 100 as the Smart VLAN. The upstream port of the Smart VLAN is GigabitEthernet 7/1/0, which is an access port. The downstream ports include vdsl 0/0/0 and adsl 1/0/0. 5) 6) 7) The ADSL/VDS ports are activated using the default line profile respectively. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. VLAN 100 and VLAN 200 are configured on the S8016. The IP address of VLAN 100 is 10.1.1.254/24. The IP address of VLAN 200 is 10.1.3.254/24.
2)
MA5300(config)#show vlan 100 Vlan ID: 100 Vlan Type: static, smart Route Interface: not configured Tagged Ports: none
2)
IV. Verification
With the above steps: 1) 2) Both PC1 and PC2 can ping the Server. PC1 and PC2 cannot ping each other.
ESM
MA5300
LPU LPU
S8016
RTU
RTU
Figure 22-4 Application of Smart VLAN (Trunk mode) 1) PC1 is connected to port 0/0/0 on the MA5300s EVDA board. The IP address of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254.
Huawei Technologies Proprietary 22-18
2) 3) 4)
PC2 is connected to port 1/0/0 on the MA5300s EADA board. The IP address of PC2 is 10.1.1.2/24; the IP address of the gateway 10.1.1.254. The IP address of the Server is 10.1.3.1/24; the IP address of the gateway is 10.1.3.254. Set VLAN 200 as the Smart VLAN. The upstream port of Smart VLAN is GigabitEthernet 7/1/0, which is a Trunk port. The downstream ports include vdsl 0/0/0 and adsl 1/0/0.
5) 6) 7) 8)
The ADSL/VDSL ports are activated using the default line profile respectively. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. The MA5300's management VLAN is VLAN 100, ands the management IP address is 10.1.1.100/24. VLAN 100 and VLAN 200 are configured on the S8016. The IP address of VLAN 100 is 10.1.1.254/24, and the IP address of VLAN 200 is 10.1.3.254/24.
2)
3)
Add management VLAN 100 and set the management IP address as 10.1.1.100.
MA5300(config)#vlan 100 MA5300(config-vlan100)#exit MA5300(config)#interface vlan-interface 100 MA5300(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0 MA5300(config-if-Vlan-interface100)#exit
4) 5)
MA5300(config)#interface gigabitEthernet 7/1/0 MA5300(config-if-GigabitEthernet7/1/0)#switchport mode trunk Please wait... Done. MA5300(config-if-GigabitEthernet7/1/0)#switchport trunk allowed vlan 100 Please wait... Done. MA5300(config-if-GigabitEthernet7/1/0)#exit
MA5300(config)#show vlan 200 Vlan ID: 200 Vlan Type: static, smart Route Interface: not configured Tagged Ports: GigabitEthernet7/1/0 Untagged Ports: Vdsl0/0/0 Adsl1/0/0
2)
IV. Verification
With the above steps: 1) 2) 3) Both PC1 and PC2 can ping the Server. PC1 and PC2 cannot ping each other. On the S8016 console, you can ping the MA5300's management IP address.
MA5300 A
E E V A D D A A
ESM
ESM
ISU
RTU
RTU
RTU
RTU
PC1
PC2
PC3
PC4
1)
PC1 and PC3 are connected to port 0/0/0 on the EVDA board of each MA5300 respectively. The IP address of PC1 is 10.1.1.1/24. The IP address of PC3 is 10.1.1.3/24. The IP address of the gateway 10.1.1.254.
2)
PC2 and PC4 are connected to port 1/0/0 on the EADA board of each MA5300 respectively. The IP address of PC2 is 10.1.1.2/24. The IP address of PC4 is 10.1.1.4/24. The IP address of the gateway 10.1.1.254.
3)
The service VLAN of master node (namely MA5300 A) and slave node (namely MA5300 B) is VLAN 200. MA5300 A's FE port 7/2/0 is connected with MA5300 B's FE port 7/2/0.
4)
MA5300 A's management VLAN is VLAN 100, and the management IP address is 10.1.1.100/24. MA5300 B's management VLAN is VLAN 101, and the management IP address is 10.1.1.101/24.
5) 6) 7) 8)
MA5300 A's ESM board is connected with the ISU board through the backplane. The ADSL/VDSL ports are activated using the default line profile respectively. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. On the ISU board, PC1, PC2, PC3 and PC4 are VLAN-bound access users. The ISU board is configured with built-in DHCP Server function. The IP address of the gateway is 10.1.1.254/24.
Add management VLAN 101 and set the management IP address as 10.1.1.101.
MA5300B(config)#vlan 101 MA5300B(config-vlan101)#exit MA5300B(config)#interface vlan-interface 101 MA5300B(config-if-Vlan-interface101)#ip address 10.1.1.101 255.255.255.0 MA5300B(config-if-Vlan-interface101)#exit
Add a route.
MA5300B(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
MA5300B(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300B(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done. MA5300B(config-if-Ethernet7/1/0)#exit
2)
Configure data for MA5300 A Create VLAN 200. Set it as a Smart VLAN and then add upstream/downstream ports to it.
MA5300A(config)#no smart MA5300A(config)#vlan 200 MA5300A(config-vlan200)#vlan-type smart MA5300A(config-vlan200)#svlan-upport gigabitEthernet 7/1/0 MA5300A(config-vlan200)#svlan-downport Ethernet 7/2/0 MA5300A(config-vlan200)#svlan-downport vdsl 0/0/0 MA5300A(config-vlan200)#svlan-downport adsl 1/0/0 MA5300A(config-vlan200)#exit
Add management VLAN 100 and set the management IP address as 10.1.1.100.
MA5300A(config)#vlan 100 MA5300A(config-vlan100)#exit MA5300A(config)#interface vlan-interface 100 MA5300A(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0 MA5300A(config-if-Vlan-interface100)#exit
Add a route.
MA5300A(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Enable the GE port used for connecting the ESM board and ISU board. Configure the parameters of the port.
MA5300A(config)#inner-isu 15 GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/5 has been connected to inner-isu.
Set the downstream port as a Trunk port, so that it allows management VLAN to pass.
MA5300A(config)#interface ethernet 7/2/0 MA5300A(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300A(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done.
Set the working mode of the upstream port, so that it allows VLAN 100 and VLAN 101 to pass.
MA5300A(config)#interface gigabitEthernet 7/1/5 MA5300A(config-if-GigabitEthernet7/1/5)#switchport mode trunk Please wait... Done. MA5300A(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 100 101 Please wait... Done. MA5300A(config-if-GigabitEthernet7/1/5)#exit
3)
Service configuration for the ISU board Configure the address pool.
<ISU>system-view [ISU]ip pool huawei local [ISU-ip-pool-huawei]gateway 10.1.1.254 255.255.255.0 [ISU-ip-pool-huawei]section 0 10.1.1.1 10.1.1.253 [ISU-ip-pool-huawei]excluded-ip-address 10.1.1.1 [ISU-ip-pool-huawei]excluded-ip-address 10.1.1.2 [ISU-ip-pool-huawei]excluded-ip-address 10.1.1.3 [ISU-ip-pool-huawei]excluded-ip-address 10.1.1.4 [ISU-ip-pool-huawei]dns-server 100.1.1.254 [ISU-ip-pool-huawei]dns-server 100.1.1.253 secondary [ISU-ip-pool-huawei]quit
[ISU-gigabitethernet10-10-vlan200-200]default-domain authentication isp [ISU-gigabitethernet10-10-vlan200-200]authentication-method bind [ISU-gigabitethernet10-10-vlan200-200]static-user 10.1.1.1 detect [ISU-gigabitethernet10-10-vlan200-200]static-user 10.1.1.2 detect [ISU-gigabitethernet10-10-vlan200-200]static-user 10.1.1.3 detect [ISU-gigabitethernet10-10-vlan200-200]static-user 10.1.1.4 detect [ISU-gigabitethernet10-10-vlan200-200]quit
III. Verification
1) 2) 3) 4) Run the command winipcfg on PC1, PC2, PC3 and PC4 respectively to obtain the IP addresses allocated by the DHCP Server. Ping the gateway IP address on the ISU from PC1, PC2, PC3, and PC4 respectively. The pinging succeeds. Any two PCs cannot ping each other successfully. If PC1 and PC2 cannot ping each other, please confirm whether the ARP proxy switch is enabled. If not, you can run the command arp-proxy enable to enable it.
Viewing MUX VLAN information Table 22-3 lists the commands for configuring a MUX VLAN. Table 22-3 Commands for configuring a MUX VLAN To Enable/Disable a MUX VLAN Use (no) mux-vlan In Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode
VLAN
Specify the upstream port and the range of local MUX VLAN Specify the cascading port and the range of cascaded MUX VLANs Set the MUX VLAN for a specified service board Set the MUX VLAN for a specified port
mux-vlan uplink-port
mux-vlan cascading-port
mux-vlan slot
mux-vlan interface
show mux-vlan
Caution: Enabling/Disabling MUX VLAN will cause the reset of the system. When MUX VLAN is enabled, the system will back up the configuration files in common mode. Then at the next startup, the system will use the configuration files in MUX VLAN mode. When MUX VLAN is disabled, the system will back up the configuration files in MUX VLAN mode. Then at the next startup, the system will use the configuration files in common mode. In MUX VLAN mode, you need to configure the MUX VLAN profile first, and then configure related features for the VLAN.
To enable MUX VLAN function, you can run the command mux-vlan. To disable MUX VLAN function, you can run the command no mux-vlan. By default, MUX VLAN is disabled. This example shows how to enable MUX VLAN.
MA5300(config)#mux-vlan System will be restarted. Turn to mux mode?[Y/N]:y
Table 22-4 Parameters description Parameter start-vlanid vlan-num-per-group vlan-group-num Description The start MUX VLAN ID, which must be a multiplier of 8. The number of VLANs in each group or slot. The maximum number of MUX VLAN groups that can be configured Range 83976 24, 48 or 64 1166 Default value 128 48 80
Parameter vlan-group-num is optional. With this parameter not specified, the system can calculate the maximum number of MUX VLAN groups that can be configured in light of start-vlanid and vlan-num-per-group input. The calculation formula is INT ((4k start-vlanid) / vlan-num-per-group). INT indicates that it takes an integer value. This example shows how to restore the default settings of the MUX VLAN profile.
MA5300(config)#mux-vlan config-profile 128 48 80
22.4.3 Specifying the Upstream Port and Range of Local MUX VLANs
If the upstream port and the range of local MUX VLAN are specified, the system will automatically allocate VLANs to all ports (including ADSL ports and VDSL ports) on the xDSL interface boards. This helps to simplify the data configuration. The upstream port of MUX VLAN can only be the ESM's FE port or GE port. The calculation formula for local MUX VLAN's start VLAN ID is: Local MUX VLAN's start VLAN ID =Start VLAN ID of the configuration profile + N X the number of VLANs in each group. N is of an integer. For example, if the configuration profile start VLAN ID is 8, and each group has 48 VLANs, the local MUX VLAN's VLAN ID can be 8, 56, or 104. The number of local MUX VLAN groups cannot exceed the number specified in the MUX VLAN configuration profile. The number of VLANs in a group is determined by the configuration profile. To specify the upstream port and the range of local MUX VLAN, you can run the command mux-vlan uplink-port. To cancel the setting, you can run the command no mux-vlan uplink-port. To view the MUX VLAN information, you can run the command show mux-vlan. This example shows how to specify the upstream port of local MUX VLAN as Ethernet 7/2/0. The local MUX VLAN's start VLAN ID is 128. The group number is 14.
MA5300(config)#mux-vlan config-profile 32 48 95 MA5300(config)#mux-vlan uplink-port interface ethernet 7/2/0 local-vlan 128 14
Now, the system will automatically allocate VLANs for the 14 interface boards. The start VLAN ID is 128. Each board, namely one VLAN group, has 48 VLANs. The first board contains VLANs 128175. The second board contains VLANs 176223. The same rule applies to the rest interface boards.
22.4.4 Specifying the Cascading Port and Range of Cascaded MUX VLANs
If multiple MA5300s are cascaded, you can enable the system to automatically allocate VLANs for those MA5300s by specifying the cascading port and the range of cascaded MUX VLANs. The cascading port of a MUX VLAN must be the ESM board's FE port or GE port. The calculation formula for cascaded MUX VLAN's start VLAN ID is: Cascaded MUX VLAN's start VLAN ID = Start VLAN ID of the configuration profile + N x the number of VLANs in each group. N is an integer. The VLAN ID range cannot conflict with the range of the local MUX VLAN's VLAN ID. For example, if the configuration profile start VLAN ID is 8, and each group has 48 VLANs, the local MUX VLAN's VLAN ID can be 8, 56, or 104. The start VLAN ID of the cascaded MUX VLAN can be 680, 728 or 776. The number of cascaded MUX VLAN groups cannot exceed the number specified in the MUX VLAN configuration profile. The number of VLANs in a group is determined by the configuration profile. To specify the cascading port and range of the cascaded MUX VLANs, you can run the command mux-vlan cascading-port. To cancel the setting, you can run the command no mux-vlan cascading-port. To view the MUX VLAN information, you can run the command show mux-vlan. This example shows how to specify port Ethernet 7/2/1 as a cascading port. The start VLAN ID of cascaded MUX VLANs is 800. The group number is 14.
MA5300(config)#mux-vlan cascading-vlan 800 14 Please wait... Done. cascading-port interface ethernet 7/2/1
This example shows how to cancel the MUX VLAN setting of port adsl 1/0/0.
MA5300(config-if-Adsl1/0/0)#mux-vlan idle
The vlan number in one group:48 The mux-vlan group number :80
ESM
ISU
RTU
RTU
PC1
PC2
Figure 22-6 Basic application of MUX VLAN 1) 2) 3) 4) 5) 6) 7) 8) PC1 is connected to port 0/0/0 on the MA5300s EVDA board; PC2 is connected to port 1/0/0 on the MA5300s EADA board. Both PC1 and PC2 access the Internet by obtaining IP address dynamically. Each port of the EVDA board or the EADA board belongs to a different VLAN. The VLANs range from 128 to 799. The ESM board is connected with the ISU board through the backplane. The ADSL/VDSL ports are activated using the default profile. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. The MA5300s management VLAN ID is 100, and the management IP address is 10.1.1.100/24. Both PC1 and PC2 are considered by the ISU as the users of a specific VLAN. The ISU board adopts the built-in DHCP Server function. The IP address of the gateway is 10.1.1.254/24.
MA5300(config)#mux-vlan System will be restarted. Turn to mux mode?[Y/N]:y //Log in to the system after the system restarts. Username:root Password:
2)
Define the upstream ports of MUX VLAN and the range of the local MUX VLAN.
uplink-port interface gigabitEthernet 7/1/5
3)
Enable the GE port which connects the ESM board with ISU board, and configure the parameters of the GE port.
MA5300(config)#inner-isu 15 GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/5 has been connected to inner-isu.
4)
5)
MA5300(config)#vlan 100 MA5300(config-vlan100)#exit MA5300(config)#interface vlan-interface 100 MA5300(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0 MA5300(config-if-Vlan-interface100)#exit
6) 7)
Add a route. Set the working mode for the upstream port, so that it allows the management VLAN to pass.
MA5300(config)#interface gigabitEthernet 7/1/5 MA5300(config-if-GigabitEthernet7/1/5)#switchport mode trunk Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 100 Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#exit
8)
<ISU>system-view [ISU]ip pool huawei local [ISU-ip-pool-huawei]gateway 10.1.1.254 255.255.255.0 [ISU-ip-pool-huawei]section 0 10.1.1.1 10.1.1.253 [ISU-ip-pool-huawei]quit
The vlan number in one group:48 The mux-vlan group number :80
2)
MA5300(config)#show mux-vlan
IV. Verification
1) 2) 3) 4) Run the command winipcfg on PC1 and PC2 to obtain the IP addresses allocated by the DHCP Server. Ping the gateway IP address on the ISU from PC1and PC2 respectively. The pinging succeeds. PC1 and PC2 can ping each other successfully. If PC1 and PC2 cannot ping each other, please confirm whether the ARP proxy switch is enabled. If not, you can run the command arp-proxy enable to enable it.
MA5300 B
E E V A D D A A
MA5300 A
E E V A D D A A
ESM
ESM
ISU
RTU
RTU
RTU
RTU
PC1
PC2
PC3
PC4
Figure 22-7 Cascading application of MUX VLAN 1) PC1 and PC3 are connected to port 0/0/0 on the EVDA board of each MA5300 respectively. PC2 and PC4 are connected to port 1/0/0 on the EADA board of each MA5300 respectively. 2) 3) PC1, PC2, PC3 and PC4 access the Internet by obtaining IP address dynamically. Master node (namely MA5300 A) and slave node (namely MA5300 B) adopt MUX VLAN. Each port of the EVDA and EADA boards belongs to a different VLAN. MA5300 As VLANs range 128799; MA5300 Bs VLANs range 8001471. 4) MA5300 A's management VLAN is VLAN 100, and the management IP address is 10.1.1.100/24. MA5300 B's management VLAN is VLAN 101, and the management IP address is 10.1.1.101/24. 5) 6) 7) 8) MA5300 A's ESM board is connected with the ISU board through the backplane's GE port. The ADSL/VDSL ports are activated using the default line profile. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. On the ISU board, PC1, PC2, PC3 and PC4 are VLAN-bound access users. The ISU board is configured with built-in DHCP Server function. The IP address of the gateway is 10.1.1.254/24.
Configure the upstream port of the MUX VLAN and the range of local MUX VLAN. The default MUX VLAN configuration profile (start VLAN ID is 128, each group has 48 VLANs) is used.
MA5300B(config)#mux-vlan uplink-port interface ethernet 7/2/0 local-vlan 800 14 Please wait... Done.
Add management VLAN 101, and set the management IP address as 10.1.1.101.
MA5300B(config)#vlan 101 MA5300B(config-vlan101)#exit MA5300B(config)#interface vlan-interface 101 MA5300B(config-if-Vlan-interface101)#ip address 10.1.1.101 255.255.255.0 MA5300B(config-if-Vlan-interface101)#exit
Add a route.
MA5300B(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Configure the working mode of the upstream port, so that it allows management VLAN 101 to pass.
MA5300B(config)#interface ethernet 7/2/0 MA5300B(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300B(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done. MA5300B(config-if-Ethernet7/2/0)#exit
2)
Configure the upstream port of the MUX VLAN and the range of local MUX VLAN. The default MUX VLAN configuration profile (start VLAN ID is 128, each group has 48 VLANs) is used.
MA5300A(config)#mux-vlan local-vlan 128 14 Please wait... Done. uplink-port interface gigabitEthernet 7/1/5
Configure the cascading port of MUX VLAN and the range of the cascading MUX VLAN.
MA5300A(config)#mux-vlan cascading-vlan 800 14 Please wait... Done. cascading-port interface Ethernet 7/2/0
Enable the GE port used for connecting the ESM board and ISU board. Configure the parameters of the port.
MA5300A(config)#inner-isu 15 GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/5 has been connected to inner-isu.
Add management VLAN 100, and set the management IP address as 10.1.1.100.
MA5300A(config)#vlan 100 MA5300A(config-vlan100)#exit MA5300A(config)#interface vlan-interface 100 MA5300A(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0 MA5300A(config-if-Vlan-interface100)#exit
Add a route.
MA5300A(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Configure the working mode of the downstream port, so that it allows management VLAN 101 to pass.
MA5300A(config)#interface ethernet 7/2/0 MA5300A(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300A(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done. MA5300A(config-if-Ethernet7/2/0)#exit
Set the working mode of the upstream port, so that it allows management VLAN 100 and VLAN 101 to pass.
MA5300A(config)#interface gigabitEthernet 7/1/5 MA5300A(config-if-GigabitEthernet7/1/5)#switchport mode trunk Please wait... Done. MA5300A(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 100 to 101 Please wait... Done. MA5300A(config-if-GigabitEthernet7/1/5)#exit
3)
<ISU>system-view [ISU]ip pool huawei local [ISU-ip-pool-huawei]gateway 10.1.1.254 255.255.255.0 [ISU-ip-pool-huawei]section 0 10.1.1.1 10.1.1.253 [ISU-ip-pool-huawei]quit
[ISU-local-aaa-server]batch-user gigabitethernet 10 128 1344 domain isp [ISU-local-aaa-server]batch-user gigabitethernet 10 100 2 domain isp [ISU-local-aaa-server]quit
The vlan number in one group:48 The mux-vlan group number :80
2)
MA5300A(config)#show mux-vlan Mux-vlan is enabled Uplink port: interface GigabitEthernet7/1/5 Local mux-vlan ID: 128~799 Vlan-group(s) number: 14 Mux-vlan(s) number: 672 1 cascading port(s) exist Interface Ethernet7/2/0 Mux-vlan ID: 800~1471 Vlan group(s) number: 14 Mux-Vlan(s) number: 672
14 I/O board(s) configured Slot: 00 Slot: 01 Slot: 02 Slot: 03 Slot: 04 Slot: 05 Slot: 06 Slot: 09 Slot: 10 Slot: 11 Slot: 12 mux-vlan: 128~175 mux-vlan: 176~223 mux-vlan: 224~271 mux-vlan: 272~319 mux-vlan: 320~367 mux-vlan: 368~415 mux-vlan: 416~463 mux-vlan: 464~511 mux-vlan: 512~559 mux-vlan: 560~607 mux-vlan: 608~655
IV. Verification
1) 2) 3) 4) Run the command winipcfg on PC1 and PC2 to obtain the IP addresses allocated by the DHCP Server. Ping the gateway IP address on the ISU from PC1, PC2, PC3 and PC4 respectively. The pinging succeeds. Any two PCs can ping each other successfully. If PC1 and PC2 cannot ping each other, please confirm whether the ARP proxy switch is enabled. If not, you can run the command arp-proxy enable to enable it.
MA5300 A
E E V A D D A A
ESM
ESM
ISU
RTU
RTU
RTU
RTU
PC1
PC2
PC3
PC4
Figure 22-8 Comprehensive MUX VLAN application 1) PC1 and PC3 are connected to port 0/0/0 on the EVDA board of each MA5300 respectively. PC2 and PC4 are connected to port 1/0/0 on the EADA board of each MA5300 respectively. 2) 3) PC1 and PC2 access the Internet by obtaining IP address dynamically; PC3 and PC4 access the Internet in PPP dial-up mode. Master node (namely MA5300 A) does not use MUX VLAN, and all of its users belong to VLAN 10; slave node (namely MA5300 B) uses MUX VLAN; all ports of the EVDA board and EADA board belong to a different VLAN; the VLAN ID ranges 128 799.
Huawei Technologies Proprietary 22-39
4)
MA5300 As management VLAN is VLAN 100, and the management IP address is 10.1.1.100/24. The MA5300 Bs management VLAN is VLAN 101, and the management IP is 10.1.1.101/24.
5) 6) 7) 8)
The MA5300 A's ESM board is connected with the ISU board through the backplane. The ADSL/VDSL ports are activated using the default line profile. The ADSL RTU works in 1483B mode with VPI/VCI of 0/35. On the ISU board, PC1, PC2 are VLAN-bound access users. PC3 and PC4 are PPP dial-up users. The ISU board is configured with built-in DHCP Server function. The IP address of the gateway is 10.1.1.254/24.
Set the MUX VLAN configuration profile: start number is 128, each group has 64 VLANs.
MA5300(config)#mux-vlan config-profile 128 64
Configure the upstream port of the MUX VLAN and the range of local MUX VLAN.
MA5300(config)#mux-vlan uplink-port interface ethernet 7/2/0 local-vlan 128 14
Add management VLAN 101, and set the management IP address as 10.1.1.101.
MA5300(config)#vlan 101 MA5300(config-vlan101)#exit MA5300(config)#interface vlan-interface 101 MA5300(config-if-Vlan-interface101)#ip address 10.1.1.101 255.255.255.0 MA5300(config-if-Vlan-interface101)#exit
Add a route
MA5300(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Configure the working mode of the downstream port, so that it allows management VLAN 101 to pass.
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done. MA5300(config-if-Ethernet7/2/0)#exit
2)
Configure the parameters of MA5300 A. Enable the GE port which connects the ESM board with ISU board, and configure parameters of the port.
MA5300(config)#inner-isu 15 GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/5 has been connected to inner-isu.
Add service VLAN 10, which includes ADSL/VDSL user ports. Activate ADSL/VDSL ports. (These users are PPP dial-up users).
MA5300(config)#vlan 10 MA5300(config-vlan10)#switchport vdsl 0/0/0 MA5300(config-vlan10)#switchport adsl 1/0/0 MA5300(config-vlan10)#exit MA5300(config)#vdsl activate vdsl 0/0/0 1 MA5300(config)#adsl activate adsl 1/0/0 1
Add management VLAN 100, and set the management IP address as 10.1.1.100.
MA5300(config)#vlan 100 MA5300(config-vlan100)#exit MA5300(config)#interface vlan-interface 100 MA5300(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0 MA5300(config-if-Vlan-interface100)#exit
Add a route.
MA5300(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Configure the working mode of the downstream port, so that it allows management VLAN 101 to pass.
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101 Please wait... Done. MA5300(config-if-Ethernet7/2/0)#exit
Configure the working mode of the upstream port as "Trunk", so that it allows management VLAN 100 and VLAN 101 to pass.
MA5300(config)#interface gigabitEthernet 7/1/5
MA5300(config-if-GigabitEthernet7/1/5)#switchport mode trunk Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 10 100 to 101 Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#exit
first two bytes), is invariably 14 bytes long. MA5300(config-user-nacl-vlan_relay)#permit 0100 0f00 14 //Allow VLANs 256 - 511 to pass through. MA5300(config-user-nacl-vlan_relay)#permit 0200 0f00 14 //Allow VLANs 512 - 767 to pass through. MA5300(config-user-nacl-vlan_relay)#permit 0300 0fe0 14 //Allow VLANs 768 - 799 to pass through. MA5300(config-user-nacl-vlan_relay)#exit
Apply the traffic rule to the ingress port and the egress port of MA5300 A.
MA5300(config)#interface gigabitEthernet 7/1/5 MA5300(config-if-GigabitEthernet7/1/5)#traffic-redirect vlan_relay interface ethernet 7/2/0 MA5300(config-if-GigabitEthernet7/1/5)#exit MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#traffic-redirect vlan_relay interface gigabitEthernet 7/1/5 MA5300(config-if-Ethernet7/2/0)#exit input user-group input user-group
3)
Configure the ISU board. Configure the virtual terminal (VT) profile (PPPoE dial-up users).
<ISU>system-view [ISU]interface virtual-template 1 [ISU-Virtual-Template1]ppp authentication-mode chap [ISU-Virtual-Template1]quit [ISU]interface gigabitethernet 10 [ISU-gigabitEthernet10]pppoe-server bind virtual-template 1 [ISU- gigabitEthernet10]quit
III. Verification
1) 2) 3) 4) 5) Run the command winipcfg on PC1 and PC2 respectively to obtain the IP addresses allocated by the DHCP Server. Start the dialup software on PC2 and PC4 respectively to obtain the IP addresses allocated by the DHCP server. Ping the gateway IP address on the ISU board from PC1, PC2, PC3 and PC4 respectively. The pinging succeeds. Any two PCs can ping each other successfully. If PC1 and PC2 cannot ping each other, please confirm whether the ARP proxy switch is enabled. If not, you can run the command arp-proxy enable to enable it.
Ethernet port configuration mode QinQ VLAN configuration mode ADSL/SHDSL port configuration mode Global configuration mode/Port configuration mode
multipvc add
In Global configuration mode/Port configuration mode Global configuration mode/Port configuration mode All modes except the user EXEC mode
Modify a QinQ VLAN PVCs attributes View the configuration of a QinQ VLAN
multipvc modify
A QinQ VLAN can share an upstream port with other QinQ VLANs, VLAN Stackings, and Smart VLANs. For an upstream port of a QinQ VLAN, its default PVID is 1. You cannot define the default VLAN as a QinQ VLAN or Stacking VLAN. You can run the command switchport trunk native to modify the PVID. The upstream port of a QinQ VLAN can be an aggregated port. You can directly add an aggregated port to the QinQ VLAN, or add a Trunk port to the QinQ VLAN first, and then aggregate it with other ports. This example shows how to set port Ethernet 7/1/0 as a Trunk port, and then add it to QinQ VLAN 10.
A5300(config)#interface ethernet7/1/0 MA5300(config-if-Ethernet7/1/0)#switchport mode trunk MA5300(config-if-Ethernet7/1/0)#switchport trunk allowed vlan 10 { <cr>|INTEGER<U><2,4000>|to<K> }: Please wait... Done.
This example shows how to add a downstream port to a QinQ VLAN in ADSL port configuration mode.
This example shows how to view the brief information on a QinQ VLAN.
MA5300(config)#show vlan q-in-q { <cr>|all<K>|INTEGER<U><1,4000> }: Now, the following q-in-q vlan exist(s): 10, 20
I. Configuration procedure
1) 2) 3) 4) 5) Create a common VLAN, and set it as a QinQ VLAN. Add a port to the QinQ VLAN as the upstream port. Add a port to the QinQ VLAN as the downstream port. Set the PVC attributes of the QinQ VLANs downstream port as multi-PVC. View the configuration.
MAN BRAS
E A D A FE7/2/0 E A D A FE7/2/0
BRAS
ESM
ESM
Figure 22-9 Networking of a QinQ VLAN application Company A's Office A connects to MA5300 A through a LAN Switch, while Office B connects to MA5300 B through a LAN Switch. MA5300 A and MA5300 B share the same the same configuration. Presume that the two companies use one ADSL port. The networking is described as follows: The PCs Modem connects to the MA5300s port adsl 1/0/2, and connects to the upstream through port FE 7/2/0. The multi-PVC function is enabled for port adsl 1/0/2, and the port connects to Company A through PVC 1. VLAN 50 is defined as a QinQ VLAN. The MA5300 A and the MA5300 B share the same configuration.
2)
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/12/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/12/0)#switchport trunk allowed vlan 50 { <cr>|INTEGER<U><2,4000>|to<K> }: Please wait... Done.
3)
Add a port to the QinQ VLAN as the downstream port, enable the multi-PVC function for the port, and connect the port to the PC through PVC 1. Make sure that the PVCs VPI/VCI is the same as that of the Modem.
MA5300(config)#interface adsl 1/0/2 MA5300(config-if-adsl1/0/2)#multipvc enable MA5300(config-if-adsl1/0/2)#multipvc modify pvcindex 1 vlan 50 q-in-q
4) 5)
Activate the port using the default profile. View the QinQ VLANs configuration.
MA5300(config)#show vlan q-in-q all Vlan ID: 50 Vlan Type: static, q-in-q Route Interface: not configured Upstream Ports: Ethernet7/12/0 Downstream Ports: Adsl1/0/2
6)
IV. Verification
With the above steps, company A's two offices can communicate with each other.
The MA5300 forwards VLAN Stacking packets according to the following procedure: Upstream packet forwarding Upon receiving an untagged packet, the MA5300 adds two VLAN tags (SP VLAN+Customer VLAN) to it according to port/PVC settings, and then forwards it according to the SP VLAN and DMAC/SMAC. If the received packet is tagged, the MA5300 discards it. Downstream packet forwarding The MA5300 first specifies the downstream PVC according to the SP VLAN+DMAC/SMAC table. Next, it removes the SP VLAN and Customer VLAN tags, and then forwards the packet from the VLAN Stacking port. The configuration of a VLAN Stacking involves: Configuring a Common VLAN as a VLAN Stacking Adding/Deleting an Upstream Port to/from a VLAN Stacking Configuring the Inner VLAN Tag for a VLAN Stacking Port/PVC Adding/Deleting a Downstream Port to/from a VLAN Stacking Adding/Deleting a Downstream Port to/from a VLAN Stacking Viewing the Configuration of a VLAN Stacking Table 22-6 lists the commands for configuring a VLAN Stacking. Table 22-6 Commands for configuring a VLAN Stacking To... Set a common VLAN as a VLAN Stacking Add/Delete an Upstream Port to/from a VLAN Stacking Add/Delete a Downstream Port to/from a VLAN Stacking Add/Delete a Downstream Port to/from a VLAN Stacking Configure the Inner VLAN Tag for a VLAN Stacking Port/PVC Configure the inner priority of a VLAN Stacking Add a PVC to a VLAN Stacking Use... (no) vlan-type stacking (no) switchport trunk allowed In VLAN configuration mode Ethernet port configuration mode VLAN Stacking configuration mode ADSL/SHDSL port configuration mode VLAN Stacking configuration mode/ADSL(SHDSL) port configuration mode Global configuration mode /ADSL(SHDSL) port configuration mode Global configuration mode/ADSL(SHDSL) port configuration mode
(no) stack-port
(no) vlan
stack-port
(no) inner-label
(no) inner-priority
multipvc add
To... Delete a PVC to a VLAN Stacking Modify a PVC of a VLAN Stacking View the configuration of a VLAN Stacking
In Global configuration mode/ADSL(SHDSL) port configuration mode Global configuration mode/ADSL(SHDSL) port configuration mode All modes except the user EXEC mode
For an upstream port of a VLAN Stacking, its default PVID is 1, and you cannot define its default VLAN as a QinQ VLAN or VLAN Stacking. But you can run the command switchport trunk native to modify the PVID. The upstream port of a VLAN Stacking can be an aggregated port. You can directly add an aggregated port to the VLAN Stacking, or add a Trunk port to the VLAN Stacking first, and then aggregate it with other ports. This example shows how to set port Ethernet 7/1/0 as a Trunk port, and then add it to VLAN Stacking 10.
MA5300(config)#interface ethernet7/1/0 MA5300(config-if-Ethernet7/1/0)#switchport mode trunk MA5300(config-if-Ethernet7/1/0)#switchport trunk allowed vlan 10 { <cr>|INTEGER<U><2,4000>|to<K> }: Please wait... Done.
This example shows how to add a downstream port to a VLAN Stacking in ADSL port configuration mode.
MA5300(config)# interface adsl5/0/0
22.6.5 Configuring the Inner VLAN Tag for a VLAN Stacking Port/PVC
Ports or PVCs of a VLAN Stacking contain two tags: The outer VLAN ID for labeling ISPs, and the inner VLAN tag for labeling users. The outer VLAN ID refers to the ID of the created VLAN Stacking. To set or modify an inner VLAN tag, you can run the command inner-label. To restore the default value of NA, you can run the command no inner-label. You can set the inner VLAN tag of a PVC when adding the PVC to the VLAN Stacking. The tag value ranges 14095. In VLAN Stacking configuration mode: inner-label { port label-id | port-list start-label startlabel-id } In ADSL and SHDSL port configuration mode: inner-label label-id You can configure the inner VLAN tags for ports in batches. Once the first ports tag number is specified, ports following it will increase accordingly. To enable the VLAN Stacking function, you need to set the inner VLAN tag. The inner VLAN tag is independent of the outer VLAN ID. You can adopt the same or different values for them. A ports inner VLAN tag does not occupy any VLAN resources. Before setting the inner VLAN tag for a port, make sure that a VLAN Stacking is created. Deleting a port from a VLAN Stacking also deletes the ports inner VLAN tag. This example shows how to set the inner VLAN tag of port adsl 1/0/7 as 10, and those of ports adsl 1/0/8adsl 1/0/10 as 100102 in VLAN Stacking configuration mode.
MA5300(config-vlan50)#inner-label adsl1/0/7 10 MA5300(config-vlan50)#inner-label adsl1/0/8 to adsl1/0/10 start-label 100
This example shows how to set port adsl 1/0/7s inner VLAN tag as 50 in ADSL port configuration mode.
MA5300(config-if-adsl1/0/7)#innerv-label 50
In VLAN Stacking configuration mode, delete port adsl 1/0/7s inner VLAN tag.
MA5300(config-if-adsl1/0/7)#innerv-label 50
To view the configuration, you can run the command show interface. This example shows how to set port adsl 1/0/0s inner priority as 7. Presume that port adsl 1/0/0 is included in a VLAN Stacking.
MA5300(config)#inner-priority adsl1/0/0 7
This example shows how to view the brief information on VLAN Stackings.
MA5300(config)#show vlan stacking { <cr>|all<K>|INTEGER<U><1,4000> }: Now, the following stacking vlan exist(s): 50
I. Configuration procedure
1) 2) 3) 4) Create a VLAN Stacking. Add a port to the VLAN Stacking as the upstream/downstream port. Set the inner tag for a port. View the configuration.
ISP1 BRAS
E A D A FE7/2/0
MAN BRAS
E A D A FE7/2/0
ISP2
ESM
MA5300 A
ESM
MA5300 B
Company A
Company B
Figure 22-10 The networking of a VLAN Stacking application In this example, the networking can be described as follows: Company A is the wholesale leased line service customer of ISP 1, and company B is that of ISP 2.
Company A connects to MA5300 A, and company B connects to MA5300 B. MA5300 A and MA5300 B have the same configuration. The following configuration is based on one ADSL port. The PCs Modem connects to the MA5300s port adsl 1/0/2, and connects to the upstream through port FE 7/2/0. The outer VLAN is used for labeling the ISP, and the inner VLAN is used for labeling users. In this example, VLAN 50 is for labeling ISP 1, and VLAN 51 is for labeling ISP 2.
2)
MA5300(config)#interface ethernet 7/2/0 MA5300(config-if-Ethernet7/2/0)#switchport mode trunk Please wait... Done. MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 50 { <cr>|INTEGER<U><2,4000>|to<K> }: Please wait... Done.
3)
4)
5) 6)
Activate port adsl 1/0/2 using the default profile. View the configuration.
MA5300(config)#show vlan stacking 50 { <cr>|to<K> }: Vlan ID: 50 Vlan Type: static, stacking Route Interface: not configured Upstream Ports: Ethernet7/2/0 Downstream Ports Adsl1/0/2 Customer VlanID 10 Customer Priority 0
IV. Verification
With the above steps, company A can connect to ISP 1, and company B can connect to ISP 2.
VOD Server
Video stream
Video stream
Video stream
Figure 23-1 Transmission of multicast messages when IGMP Snooping is not running
Huawei Technologies Proprietary 23-1
When IGMP Snooping is running, multicast (rather than broadcast) for messages will be performed in L2. Refer to Figure 23-2.
Video stream Multicast router Internet VOD Server
Video stream
Video stream
Video stream
When a port is added to the IP multicast group, an aging timer will be started for this port. The aging time is set on the timer. If no IGMP report message is received before the timer times out, the MA5300 will send IGMP query message for a specific group to this port. Maximum time to respond the query When sending the IGMP specific query messages to the multicast members, the MA5300 starts a timer for the response to the query. The maximum time to respond to the query is the time set on the timer. During the set time, if no IGMP report message is received, the MA5300 will delete this port from the ports of multicast members.
Internet
Router running IGMP IGMP message MA5300 running IGMP Snooping IGMP message
Figure 23-3 Implementation of IGMP Snooping The following describes how IGMP Snooping processes the received IGMP messages. IGMP general query message This message is sent from the multicast router to the multicast group member, querying which multicast groups have members. Upon receiving IGMP general query messages on the original port connecting the router, the MA5300 resets
Huawei Technologies Proprietary 23-3
the aging-time timer of the router port. Upon receiving IGMP general query messages on a new port, the MA5300 informs the multicast router that a host will join a multicast group and start the aging timer for this router port. IGMP specific group query message This message is sent from the multicast router to the multicast group member, querying whether a member exists in a specific multicast group. Upon receiving IGMP specific group query messages, the MA5300 sends the messages to the queried IP multicast group. IGMP report message This message is sent from the host to the multicast router. It is used to apply for joining a multicast group or respond to an IGMP query message. Upon receiving IGMP report messages, the MA5300 judges the existence of the MAC multicast group which the message will join. If the corresponding MAC multicast group does not exist, and the message only informs the router that a member will join a multicast group. The MA5300 will create a new MAC multicast group. Then it adds the port receiving report messages into the MAC multicast group, and then starts the aging timer of this port. All the router ports existing in the VLAN to which this port belongs will be added into this MAC multicast forwarding table. At the same time, a new IP multicast group will be set up, to which the port receiving the report message will be added. If the MAC multicast group corresponding to the report message exists but the port receiving report message is not in it, the MA5300 will add this port into the MAC multicast group and start the aging timer for it. Then judge whether the IP multicast group corresponding to the message exists. If not, an IP multicast group will be created and the port receiving report message will be added into it. If yes, the port receiving report message will be added into the IP multicast group. If the MAC multicast group corresponding to the message exists, and the port receiving report message exists in the MAC multicast group, the aging timer on the port receiving report message will be reset. IGMP leave message It is the message sent by multicast group member to the multicast router, informing the router that the host has left a multicast group. Upon receiving a leave message of an IP multicast group, the MA5300 sends specific group query messages to the port which receives this leave message, to confirm whether other members of this multicast group exist among the hosts connected with the port. At the same time, a response query timer is started.
If no report message of this multicast group is received before the timer times out, the port will be deleted from the corresponding MAC multicast group. If MAC multicast group has no multicast member ports, the MA5300 will inform the multicast router to delete the branch from the multicast tree.
Global configuration mode Global configuration mode/Port configuration mode Global configuration mode/Port configuration mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
Set a router port View IGMP Snooping information View IGMP Snooping statistics View the IP/MAC multicast group of a VLAN
To view all configuration information of IGMP Snooping, you can run the command show igmp-snooping configuration.
MA5300(config)#show igmp-snooping configuration Enable IGMP-Snooping. The router port timeout is 260 second(s).
The max response timeout is 10 second(s). The member port timeout is 260 second(s). **********Multicast group number allowed in port list********* All value is set to default:2
2)
To view the IGMP Snooping statistics on the received and sent messages, you can run the command show igmp-snooping statistics. This command is used to diagnose IGMP Snooping when no MAC multicast group is created as expected. 3) View the information on IP/MAC multicast group in a VLAN.
To view the information on IP/MAC multicast groups in a VLAN, you can run the command show igmp-snooping group.
MA5300# show igmp-snooping group ***************Multicast group table*************** Vlan(id):1. Router port(s): Gigabitethernet7/1/0 IP group(s):the following ip group(s) match to one mac group. IP group address:224.1.2.3 Member port(s):vdsl4/0/3 MAC group(s): MAC group address:01-00-5e-01-02-03 Member port(s):vdsl4/0/3
Note: The router port is not displayed together with IP/MAC multicast group members. Instead, it is displayed separately before all multicast groups in the local VLAN.
corresponding multicast port is not found in the multicast address table of that VLAN, the device will discard the response message and the multicast will fail. When a multicast VLAN is realized, if the MA5300 receives a multicast message without a VLAN tag from an upstream device, the receiving port, as the upstream port of a multicast VLAN, will send this message to the multicast VLAN. When the corresponding multicast port is found in the multicast address table of that multicast VLAN, the device will then send the response message to this port. In this way, multicast is successfully realized. A multicast VLAN includes upstream ports and downstream ports. The upstream port refers to the port connected to the upstream device, while the downstream port refers to the port connected to the user. The configuration of a multicast VLAN involves: Setting the Upstream Port of a Multicast VLAN Setting the Downstream Port of a Multicast VLAN Viewing the Multicast VLAN Table 23-2 lists the commands for configuring a multicast VLAN. Table 23-2 Commands for configuring a multicast VLAN To Set the upstream port of a multicast VLAN Set the downstream port of a multicast VLAN View the multicast VLAN Use mvlan-upport interface mvlan-downport interface show multivlan Global mode Global mode In configuration configuration
This example shows how to set port GE 7/1/0 as the upstream port.
MA5300(config)#mvlan-upport interface GigabitEthernet 7/1/0
MA5300
E E V A D D A A
CON ETH MON
ESM
ISU
RTU
RTU
Figure 23-4 Networking for configuring multicast VLAN 1) 2) 3) PC1 is connected to port 0/0/0 on the MA5300's EVDA board. PC1 is a VLAN-access user on the ISU board. PC1 accesses VLAN 128. PC2 is connected to port 1/0/0 on the MA5300's EADA board. PC2 is a PPPoE-access user on the ISU board. The IP address of the Server (DHCP Server, multicast server) is 10.0.0.1/24. The gateway IP address is 10.0.0.254. Three programs are added in the Server. Their IP addresses are 224.10.0.1, 224.10.0.2, and 224.10.0.3 respectively. 4) 5) The ADSL/VDSL ports are activated by using their default line profiles. The ADSL RTU works in 1483 mode with VPI/VCI of 0/35.
2)
3)
4)
Enable the GE port connecting the ESM and the ISU, and set related data for the port.
MA5300(config)#inner-isu 15 GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y Inner-isu in slot 15 is enabled. GigabitEthernet7/1/5 has been connected to inner-isu. MA5300(config)#interface gigabitEthernet 7/1/5 MA5300(config-if-GigabitEthernet7/1/5)#switchport mode trunk Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan all Please wait... Done. MA5300(config-if-GigabitEthernet7/1/5)#exit
5)
6)
Set the ISU board. Set the virtual terminal (VT) profile (PPPoE dial-up users).
<ISU>system-view [ISU]interface virtual-template 1 [ISU-Virtual-Template1]ppp authentication-mode chap [ISU-Virtual-Template1]quit [ISU]interface gigabitethernet 10 [ISU-GigabitEthernet10]pppoe-server bind virtual-template 1 [ISU-GigabitEthernet10]quit
MA5300(config)#show igmp-snooping group ***************Multicast group table*************** Vlan(id):4067.Total ip group:2,mac group:2. Router port(s):GigabitEthernet7/1/5 IP group(s):the following ip group(s) match to one mac group.
MAC group address:01-00-5e-0a-00-02 Member port(s):Vdsl0/0/0 IP group(s):the following ip group(s) match to one mac group. IP group address:224.10.0.1 Member port(s):Vdsl0/0/0 MAC group(s): MAC group address:01-00-5e-0a-00-01 Member port(s):Vdsl0/0/0
2)
IV. Verification
With the above steps, PC1 and PC2 can access programs successfully after the authentication. If the MA5300 is not configured with a multicast VLAN, PC1 and PC2 can pass the authentication, but they cannot demand any programs.
2) 3)
If the multicast group created by IGMP Snooping is not correct, turn to professional maintenance personnel. Proceed with diagnosis 3 if the multicast group is correct.
Diagnosis 3: Multicast forwarding table created by the bottom layer is wrong. Troubleshooting 3: 1) Enable IGMP Snooping group debugging switch by running the command debug igmp-snooping groups in privileged mode, and then run the command show igmp-snooping group to check whether the MAC multicast forwarding table in the bottom layer is consistent with that created by IGMP Snooping. 2) You can also run the command show mac vlan in privileged mode to check whether the MAC multicast forwarding table created by the bottom layer under VLAN ID is consistent with that created by IGMP Snooping. 3) If they are not consistent, turn to maintenance personnel.
Set the Master Upstream Port Set the robustness variable of the IGMP Proxy router Set the source IP address used in sending IGMP query packets. Set the interval general query
(no) igmp-proxy router robustness-variable (no) igmp-proxy router querier-ip (no) igmp-proxy router query-interval (no) igmp-proxy router gen-response-time (no) igmp-proxy router quick-leave
Set the maximum response time for general query Set the quick-leave mode for a port Set IGMP Proxy multicast members static
igmp-proxy group
Note: The IGMP Proxy feature is not compatible with IGMP Snooping, L3 multicast routing or multicast VLAN. However, the IGMP Proxy function is compatible with such functions as Smart VLAN and MUX VLAN.
After setting the upstream port successfully, if you want to modify the VLAN to which the port belongs, you must cancel the upstream port attributes first.
The no form of the following commands for setting parameters is used to restore default values.
igmp-proxy router gen-response-time time no igmp-proxy router gen-response-time time is in the range of 10025500ms. The default is 10000ms. This example shows how to set the gen-response-time to 5000ms.
MA5300(config)#igmp-proxy router gen-response-time 5000
Rename a program
Add/Delete a program to/from an authority profile Set the authentication mode for IGMP Proxy multicast users
igmp-proxy auth-mode
Block/Unblock user
multicast
To
Use
In Global configuration mode/Port configuration mode Global configuration mode/Port configuration mode Global configuration mode Global configuration mode Global configuration mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
Set the maximum number of programs accessible for a multicast user at a time
igmp-proxy max-program-number
user
Set the authority of an IGMP Proxy multicast IP-based user Set the authority of an IGMP Proxy multicast MAC-based user Set the authority of an IGMP Proxy multicast board-based user View the programs program library in a
ip
mac
View the configuration of an authority profile View the configuration of user authority View IGMP information PROXY
IGMP
Proxy
vlanid | default } ]
[ host
program-name | index
-------------------------------------------------------------------
Table 24-3 Parameters of commands for maintaining a program library Parameter default-name multicast-ip Name The default name of a program Program IP address Description When the program name is not specified, the system will automatically assign a name for the program. D type IP address only With the parameter default, it indicates to bind a program to the master upstream port. If a port is specified, the program will be bound to the specified slave upstream port. The system sends IGMP packets to the bound upstream port, in which case the IP address used is that of the transmit port. If the transmit port is not configured with IP address, no IGMP packets will be sent. In the case of disable, MA5300 will not send any IGMP packet. With the pre-join function enabled, the MA5300 can apply for multicast traffic in advance towards the upstream device. Once a real user is demanding a program, the MA5300 can implement forwarding when the forwarding table entry is added, which shortens the delay in program demanding.
bind
host
prejoin
programs of different multicast sources, for example, multicast sources S1 and S2, have the same IP address such as 224.1.1.1. Then if the user is accessing programs from 224.1.1.1, the programs from both S1 and S2 will be sent to the user.
This example shows how to rename authority profile 1 with the default name.
MA5300(config)#igmp-proxy profile rename index 1 default-name
This example shows how to add two programs, CCTV-2 and CCTV-3, to profile 1 (the default name is profile-1).
MA5300(config)#igmp-proxy profile modify index 1 join program name cctv-2 MA5300(config)#igmp-proxy profile modify index 1 join program name cctv-3
This example shows how to delete program CCTV-2 from the profile.
MA5300(config)#igmp-proxy profile modify index 1 remove program name cctv-2 Are you sure to remove the multicast program? (y/n)[n]:y
Note: Before specifying an authority profile, make sure that the profile exists. The programs to be added to a profile must already exist in the library. The system will prompt nothing if the program to be deleted does not exist in the authority profile. The program will be deleted if it exists in the authority profile. If a user is demanding the program which has been deleted, the user will be deleted from the program.
-------------------------------------------------------------------
This example shows how to view the detailed information on an authority profile.
MA5300# show igmp-proxy profile all detail Total: 2 -------------------------------------------------------------------Index: 0 Profile name : VIP Programs(Total: 2) : CCTV-1 CCTV-2
-------------------------------------------------------------------
II. Setting the authentication authority for an IGMP Proxy multicast user
The authentication authority can be port-based, MAC-based, IP-based and board-based. 1) Set the port-based authentication authority for an IGMP Proxy multicast user.
To bind a multicast user with an authority profile, you can run this command: igmp-proxy user interface [ to interface ] bind { profile { index profile-index | name profile-name } | noauth } [ max-program-number maxProgramnum ] To block/unblock a user port, you can run this command:
Huawei Technologies Proprietary 24-13
(no) igmp-proxy user interface-list block To cancel the authorization settings for a user port, you can run this command: igmp-proxy user interface [ to interface ] delete To set the maximum number of programs accessible for a multicast user at a time, you can run this command: igmp-proxy user interface-list max-program-number number This example shows how to bind a user with an authority profile in light of the authority index.
MA5300(config)#igmp-proxy max-program-number 6 user adsl 2/0/0 bind profile index 12
This example shows how to authorize a user port with unlimited authorizations.
MA5300(config)#igmp-proxy max-program-number 8 user adsl 2/0/0 to adsl 2/0/10 bind noauth
This example shows how to set the maximum number of programs accessible currently for a user port.
MA5300(config)#igmp-proxy user adsl 2/0/0 max-program-number 4
2)
To Add an IP user, you can run this command: igmp-proxy user ip add IP-address [ to IP-address ] [ bind { noauth | profile { name profile-name | index profile-index } } | block ] To modify the attributes of an IP user, you can run this command: igmp-proxy user ip modify { all | IP-address | index user-index } { bind { noauth | profile { name profile-name | index profile-index } } | block } To delete an IP user, you can run this command: igmp-proxy user ip delete { all | IP-address | index user-index } To block an IP user, you can run this command: no igmp-proxy user ip { all | IP-address | index user-index } block 3) Set the authority of an IGMP Proxy multicast MAC-based user
igmp-proxy user mac add mac-address [ bind { noauth profile-name | index profile-index } } | block ]
| profile { name
To modify the attributes of an MAC user, you can run this command: igmp-proxy user mac modify { all | mac-address | index < user-index } { bind { noauth | profile { name profile-name | index profile-index } } | block } To delete an MAC user, you can run this command: igmp-proxy user mac delete { all | <mac-address> | index < user-index > } To unblock an MAC user, you can run this command: no igmp-proxy user mac { all | <mac-address> | index < user-index > } block 4) Set the authority of an IGMP Proxy multicast board-based user.
The command format is: igmp-proxy user board slotid [ to slotid2] max-program-number Parameter description: Parameter noauth Description Specifies that no authorization is needed for the user. This type of users is entitled to access all programs. Blocks a user port. When a port is blocked, the associated users will be disabled to view the on-going program, and will be no longer allowed to access any program until it is unblocked using no form of the command. Defines the maximum number of programs accessible for the user.
block
max-program-number
MA5300(config)#show igmp-proxy user ethernet 7/1/0 detail Total: 1 ------------------------------------------------------------------User: Ethernet7/1/0 Profile: profile-1 (1) Program: cctv-3 Max Program Number: 2 Block: No ------------------------------------------------------------------The number of displayed user(s) is: 1
------------------------------------------------------------------Robustness-variable: 5 Query-interval: 120 second(s) General-query-response-time: 5000 millisecond(s) Specific-query-response-time: 3000 millisecond(s) Querier-ip: 0.0.0.1
This example shows how to view the multicast information related to port Ethernet 7/1/2.
MA5300(config)#show igmp-proxy group interface ethernet 7/1/2 ********************Multicast group table******************* Port Ethernet7/1/2 have joined 1 group(s): CCTV-1(224.1.1.1) static
------------------------------------------------------------
The ISU board provides a serial port and an Ethernet port for ISU configuration and maintenance. For details, refer to Intelligent Service Unit Operation Manual. Table 25-1 lists the commands for configuring the ISU board in the MA5300. Table 25-1 Commands for configuring the ISU board in the MA5300 To Establish/Cancel a connection between the ESM board and the ISU board through the backplane Enable/Disable the dual-ISU function View the information on the connection Use In
(no) inner-isu
Global mode
configuration
inner-isu
Global mode
configuration
Pay attention to the rules for numbering a GE port. The numbers for the GE ports succeed those of the FE ports only when the FE subboard resides in subslot 1. For example, when the ports of the 4-port FE subboard are numbered as e7/1/0, e7/1/1, e7/1/2 and e7/1/3, the GE ports are numbered as g7/1/4 and g7/1/5. When the ports of the 2-port FE subboard are numbered as e7/1/0 and e7/1/1, the GE ports are numbered as g7/1/2 and g7/1/3.
In other cases, the GE ports are numbered as g7/1/0 and g7/1/1, regardless of whether the subboard is inserted or not. When residing in slot 14, the ISU board connects to the ESM board through the first GE channel. When residing in slot 15, the ISU board connects to the ESM board through the second GE channel. If the GE channels between the ISU and ESM boards are enabled, the GE port on the ESM board is disabled
HUAWEI
Table of Contents
Table of Contents
Chapter 26 System Maintenance ............................................................................................... 26-1 26.1 Overview ........................................................................................................................ 26-1 26.2 Configuring the File System........................................................................................... 26-1 26.2.1 Directory Related Operations.............................................................................. 26-1 26.2.2 File-Related Operations ...................................................................................... 26-2 26.2.3 Memory Device Related Operations ................................................................... 26-2 26.3 Configuring FTP and TFTP............................................................................................ 26-3 26.3.1 Overview ............................................................................................................. 26-3 26.3.2 Setting FTP ......................................................................................................... 26-4 26.3.3 Setting TFTP ....................................................................................................... 26-6 26.4 Auto Online Upgrading .................................................................................................. 26-7 26.4.1 Upgrading from a Previous Version to the First Version That Supports Automatic Upgrading....................................................................................................................... 26-7 26.4.2 Upgrading a Previous Version to That Later than the First Version Supporting Auto Online Upgrading ......................................................................................................... 26-11 26.4.3 Upgrading a Version Supporting Auto Online Upgrading or Later Versions..... 26-11 26.5 Loading ........................................................................................................................ 26-11 26.5.1 Loading the Version Supporting Auto Online Upgrading .................................. 26-12 26.5.2 Loading the Version Not Supporting Auto Online Upgrading ........................... 26-12 26.6 Backup ......................................................................................................................... 26-19 26.6.1 Viewing and Saving the System Configuration Files ........................................ 26-19 26.6.2 Backing Up the System Data Using TFTP........................................................ 26-21 26.6.3 Backing Up the System Data Using FTP .......................................................... 26-22 26.7 Patch Management...................................................................................................... 26-23 26.7.1 Overview ........................................................................................................... 26-23 26.7.2 Procedure for Patch Operations........................................................................ 26-25 26.8 Patch Loading Examples ............................................................................................. 26-25 Chapter 27 Logs and Alarms...................................................................................................... 27-1 27.1 Log Management ........................................................................................................... 27-1 27.1.1 Viewing Logs ....................................................................................................... 27-1 27.1.2 Setting the Log Host............................................................................................ 27-2 27.2 Configuring Alarms ........................................................................................................ 27-2 27.2.1 Viewing Alarm Records....................................................................................... 27-4 27.2.2 Viewing the Alarm Configuration......................................................................... 27-6 27.2.3 Setting Alarm Levels ........................................................................................... 27-6 27.2.4 Setting the Alarm Output on a CLI Terminal ....................................................... 27-7 27.2.5 Setting Alarm Statistics ....................................................................................... 27-8
Huawei Technologies Proprietary i
Table of Contents
27.2.6 Setting the Alarm Threshold................................................................................ 27-9 27.2.7 Viewing/Clearing Alarm Statistics ..................................................................... 27-10 27.2.8 Viewing Basic Alarm Information ...................................................................... 27-10 Chapter 28 Active/Standby Switchover..................................................................................... 28-1 28.1 Overview ........................................................................................................................ 28-1 28.1.1 Basic Principles ................................................................................................... 28-1 28.1.2 Active/Standby Switchover Modes...................................................................... 28-2 28.2 Preconditions for Active/Standby Switchover ................................................................ 28-3 28.3 MA5300+Dual-ISU Active/Standby Switchover ............................................................. 28-3 28.4 ESM+EIU Active/Standby Switchover ........................................................................... 28-8 28.4.1 Establishing the Switch-over Environment.......................................................... 28-8 28.4.2 Active/Standby Switchover Configuration Commands........................................ 28-8 28.4.3 Setting the Automatic Switchover ..................................................................... 28-10 28.4.4 Setting the Manual Switchover.......................................................................... 28-10 Chapter 29 Environment Monitoring Management .................................................................. 29-1 29.1 Overview ........................................................................................................................ 29-1 29.2 Configuration Procedure................................................................................................ 29-2 29.3 Configuring an EMU ...................................................................................................... 29-2 29.3.1 Adding/Deleting/Viewing an EMU ....................................................................... 29-3 29.3.2 Entering the EMU Configuration Mode ............................................................... 29-5 29.4 Configuring EMUH303ESC ......................................................................................... 29-6 29.4.1 Setting H303ESC Environment Monitor Parameters .......................................... 29-6 29.4.2 Viewing the H303ESC Environment Information ................................................ 29-7 29.5 Configuring EMUPower 4875/4845 ............................................................................. 29-8 29.5.1 Configuring the 4875/4845 Power Module.......................................................... 29-9 29.5.2 Viewing the Information on POWER4875/4845................................................ 29-10 29.6 Configuring EMUDIS ................................................................................................. 29-11 29.6.1 Setting DIS Parameters .................................................................................... 29-12 29.6.2 Viewing DIS Information.................................................................................... 29-12 29.7 Configuration Example ................................................................................................ 29-13 29.7.1 Setting H303ESC .............................................................................................. 29-13 29.7.2 Setting a DIS ..................................................................................................... 29-16
Note: It is recommended that you use the command with the guidance of supporting technicians.
Disable the FTP server. Set/Cancel the authentication authorization. FTP and
no ftp server
(no) user
tftp get
tftp put
show ftp-server
show ftp-user
password 0 huawei
This example shows how to view the information on an online FTP user.
MA5300# show ftp-user username 5300 password huawei host 10.110.3.5 port 1074 topdir flash:/5300 idle 2
V. FTP client
The FTP client is an application module provided by the MA5300. If an FTP user is connected to the MA5300 as the FTP client, the FTP user can run commands to perform such operations as creating or deleting directories. For details about the commands relevant to FTP client, refer to MA5300/5303 Broadband Access System Command Help.
To upload a file to the TFTP server, you can run the command tftp put. This example shows how to upload a file text.txt to the TFTP server (10.71.53.108).
MA5300(config)#tftp put test.txt //10.71.53.108/test.txt
26.4.1 Upgrading from a Previous Version to the First Version That Supports Automatic Upgrading
The process of auto online upgrading is simple. You only need to load two BIN files. As the previous version varies greatly with that supporting auto online upgrading, the process of upgrading is complicated. The upgrading involves the BOOTROM of service boards, program files, CPLD of ESM boards, and local language files. You need to upgrade them in light of this order: 1) 2) 3) 4) 5) 6) Interface boards (EADA/EVDA) ESM boards BOOTROM of service boards Applications CPLD of ESM boards Local language files
4) 5) 6) 7) 8) 9)
Copy the BOOTROM files loaded in last step [esmaboot.app] to Flash memory of the standby ESM board [copy....]. Load BOOTROM files of all service boards to Flash memory of the active ESM board [tftp get or FTP]. Load CPLD files of all service boards to Flash memory of the active ESM board [tftp get or FTP]. Load APP files of all service boards to Flash memory of the active ESM board [tftp get or FTP]. Copy the BOOTROM, CPLD and APP files loaded in last step to Flash memory of the standby ESM board [copy...]. Online upgrade BOOTROM files of all service boards [load bootrom flash ...]. flash ...].
10) Online upgrade BOOTROM files of the standby ESM board [load bootrom 11) Online upgrade BOOTROM files of the active ESM board [load bootrom flash ...]. 12) Online upgrade CPLD files of all service boards [load cpld flash ...]. 13) Online upgrade CPLD files of the active and standby ESM boards [load cpld flash ...]. 14) Load BIN files of the ESM boards [ma53esma.bin] to Flash memory of the active ESM board [tftp get or FTP]. 15) Copy the BIN files [ma53esma.bin] loaded in last step to Flash memory of the standby ESM board [copy...]. 16) Reset the system [reboot system]. 17) Check whether the upgrading process is normal, including loading progress, version program status, and board status. 18) Format Flash memory of the standby ESM board to 32M [format slot8#flash: 32M]. 19) Copy the system configuration files (vrpcfg.txt) to the standby ESM board [copy ..]. 20) Copy the BIN files of the active ESM board [ma53esma.bin] to Flash memory of the standby ESM board [copy...]. 21) Copy all BOOTROM, CPLD and APP files just loaded to the active ESM board to Flash memory of the standby ESM board [copy...]. 22) Format Flash memory of the active ESM board to 32M [format flash: 32M]. 23) Copy the system configuration files (vrpcfg.txt) in the standby ESM board to Flash memory of the active ESM board [copy ..]. 24) Copy the BIN files [ma53esma.bin] in the standby ESM board to Flash memory of the active ESM board [copy ..]. 25) Load BIN files [ma53io.bin] of service boards to Flash memory of the active ESM board [tftp get or FTP]. 26) Delete all service boards BOOTROM, CPLD and APP files from Flash memory of the standby ESM board [delete /u]. You do not have to delete these files if
Flash memory of the standby ESM board is sufficient for the service boards BIN files [ma53io.bin]. 27) Copy the BIN files [ma53io.bin] just loaded to the active ESM board to Flash memory of the standby ESM board [copy...]. 28) Check whether the active and standby ESM boards contain ma53esma.bin, ma53io.bin and vrpcfg.txt [dir]. 29) Check whether the startup files are normal [show startup-file information]. 30) Delete all BOOTROM, CPLD and APP files in the active and standby ESM boards [delete]. 31) Set the name of the startup file for the active and standby ESM boards [set bootapp ma53esma.bin].
19) Set the name of the startup file for the ESM board [set bootapp ma53esma.bin].
26.4.2 Upgrading a Previous Version to That Later than the First Version Supporting Auto Online Upgrading
To upgrade previous versions to those later than the version supporting auto online upgrading, do as follows: Upgrade the version not supporting auto online upgrading to the one supporting auto online upgrading. Upgrade the version supporting auto online upgrading to the later version.
Note: You can run either the command tftp get or load startup-file tftp to load BIN files. To copy files to the standby board, you can run the command load startup-file tftp, instead of tftp get.
26.5 Loading
The MA5300 manages the following program files: host software program files, multi-language resource file and service board program files. The storage media used in the MA5300 includes BOOTROM, SDRAM, SRAM and Flash memory.
BOOTROM stores the BIOS program files which are used to initialize the system. There are two types of BIOS files: basic BIOS and extended BIOS. The basic BIOS refer to the common programs for system boot. The extended BIOS refer to programs for board initialization. SDRAM stores the host software programs. SRAM stores the operation logs and alarm information. Flash memory stores the host software programs, configuration files and multi-language resource files.
Note: To load the ESM programs and configuration files, make selections in the [Boot] menu. When rebooting the system, press <Ctrl+B> according to the prompt on the serial port maintenance terminal, and then follow the prompt on the screen to load the programs. It is prohibited to load programs and configuration files through the network port of the standby board.
When you are executing the program loading command, the system will prompt you to enter the following information. Specify the protocol used in program loading. The loading can be performed either through the serial port or the maintenance network port. In loading through the serial port, Xmodem is used. In loading through network port, TFTP is used. In loading through the network port, you need to specify the name of the file to be loaded and the IP address of the PC where the file is saved, and activate the TFTP server in the PC. In loading through the serial port, you should use the file sending function of HyperTerminal to send program files. Select Xmodem as the protocol used to send files. Specify the slot number for the board to be loaded. For service boards, you can enter the keyword all to load all boards of the same type. For the ESM board, you cannot load the active ESM and standby ESM at the same time. Specify the board to be loaded.
Note: All service boards of the same type can be loaded simultaneously, except the active/standby ESM boards. The TFTP server and the MA5300 should be set to share the same network segment. Otherwise, additional setting of gateway is required.
Loading files using Xmodem 1) Start HyperTerminal. Connect the serial port of the host with the configuration serial port of the ESM board using serial port cable, and start HyperTerminal. Telnet users are prohibited to load files using Xmodem protocol. 2) Run the command load program.
In global configuration mode, you can run the command load program, and select Xmodem as the desired protocol.
MA5300#load program xmodem 0/7 Current baud rate is 9600bps, and it can be modified via 'baudrate' command. Are you sure to use this baud rate? (y/n)[n]:y Whether to load other boards of same type ? (y/n):[n]n Board name[ESMA]:ESMA Whether to start loading? (y/n)[n]:y Load(backup,duplicate,...) begins,please wait and notice the rate of progress. Any operation such as reboot or switchover will cause failure and unpredictable result. Please select the menu [Transmit\Send File] to begin sending file...
3)
Send files.
In HyperTerminal, select [Send/Send Files], select Xmodem as the desired protocol and select the name of the file to be sent. After that, click <Send>. See Figure 26-1.
Loading files using TFTP 1) Set the IP address of the PCs network port. Connect the serial port of a PC with the configuration serial port of the ESM board, and then log in to the ESM board through the PC. Set the IP address of the PC's network port to make it share the same network segment with the ESMs Ethernet port.
Given that the address of the ESM maintenance network port is 10.11.104.142, and the subnet mask is 255.255.252.0. Therefore, the address of the PC network port can be set to 10.11.104.141, and the subnet mask to 255.255.252.0. Make sure that the host is able to ping the IP address of the ESMs network maintenance port. 2) Run the TFTP application.
Run the TFTP program in the PC, and click <Settings>. In the pop-up dialog box, enter the directory in the Base Directory text box for the program file to be loaded. See Figure 26-2 and Figure 26-3.
3)
Load programs.
In global configuration mode, you can run the command load program to load the host program and select TFTP as the desired protocol.
MA5300#load program tftp 10.11.104.141 0/7 Whether to load other boards of same type ? (y/n):[n]n Board name[ESMA]:ESMA File name [ESMA.bin]: 5300.esm Whether to start loading? (y/n)[n]:Y Load(backup,duplicate) begins, please wait and notice the rate of progress. Any operation such as reboot or switchover will cause failure and unpredictable result. MA5300(config)# ! 1[2003-01-06 04:16:39]:ALM-3-AlarmInfo: ALARM 5334 INFO MAJOR 0x0b200001 ----- 2003-01-06 04:16:39 ALARM NAME : Load start PARAS INFO : FrameID: 0, SlotID: 7, Load type: Host program DESCRIPTION : Load start REASON : Load start ADVICE : Not need to process --- END
4)
To view the loading progress, you can run the command show progress load.
MA5300(config)#show progress load FrameID/SlotID: Board name: Operation type: File type: Operation phase: Rate of process: 0/7 ESMA Load Host program Transfer file from outside to inside 7%
5)
Loading completes.
If everything goes normal, when the loading completes, the system will prompt this:
MA5300# Note: the new database or program will take effect after system is restarted ! 1[2003-01-06 04:19:25]:ALM-3-AlarmInfo: ALARM 5335 INFO MAJOR 0x0b200002 ----- 2003-01-06 04:19:25 ALARM NAME : Load complete PARAS INFO : FrameID: 0, SlotID: 7, Load type: Host program DESCRIPTION : Load complete REASON : Load complete ADVICE : Not need to process --- END
The above display shows that the program has been successfully loaded and saved in Flash memory of the ESM board.
Note: If the loading fails, you should check these items: Whether the address of the TFTP server is correctly entered. Whether the TFTP server can ping the address of the ESM Ethernet port. Whether the TFTP program in the TFTP server is activated. Whether the directory for the TFTP program is correctly set. Whether the name of the file to be loaded is correctly entered.
After the loading completes, you can run the command reboot to reset the system, and then run the newly loaded program if necessary. If the loaded program is new, you should also load the associated multi-language resource file after resetting the system. Next, you can run the command show version to view the version of the system and verify whether the version of the loaded program is correct.
Note: The multi-language resource file to be loaded should match the version of the in-service system. Otherwise, the loading will fail. If the newly loaded program and configuration file are of a new version, you should restart them before loading the new multi-language resource file. The common language resource file is loaded together with the host programs. So upon completion of loading the host program, you only need to load the local language resource file.
The multi-language resource file can be loaded either through the serial port or the network port. The information to be entered in the loading process is similar to that for loading program file. This example shows how to load the multi-language resource file info_loc.res to the active ESM board through the network port. Assume the IP address of the TFTP server is 10.105.33.44.
MA5300#load language local tftp 10.105.33.44 info_loc.res active
The procedure involved is similar to that for loading the program of the ESM board through the network port. This example shows how to load the multi-language resource file info_loc.res to the active ESM board through a serial port.
MA5300#load language local xmodem active
The procedure involved is similar to that for loading the program of the ESM board through the serial port.
Note: When loading service boards, you can enter the keyword all to replace f/s. This command enables you to load all boards of the same type in the system. If the service board has a maintenance serial port or network port, you can use either of them (usually embedded in the board) to load the software of the board. The procedure involved is similar to that of loading the host software. When the board loading completes, the system will automatically reset to run the new board programs. This is different from loading the ESM board.
26.6 Backup
To ensure the usability of the system and the security of configuration files, the MA5300 enables you to save and backup the configuration files. Table 26-5 lists the differences in file saving and file backup. Table 26-5 The comparison between file saving and file backup To Source of configuration file Destination the SDRAM board) Flash board) Save (active/standby (active/standby Backup MA5300 Flash (active board) PC or network terminal Program Object of management Data Data Language
In addition, the MA5300 also allows you to erase the configuration file as desired during the service configuration.
Commands are organized based on command modes. Commands in the same mode are organized together, forming a segment. Two segments are usually separated with a blank line or comment line (beginning with !). The segment is usually arranged in the order of global configuration, physical port configuration and logical port configuration. The configuration file is ended with end.
Note: Run the command erase with caution and under the technicians instructions. Before erasing a configuration file, you should back up the system configuration files to avoid loss of important configuration files.
Figure 26-4 Selecting the directory for the configuration file using TFTP Run the command tftp. Run the command tftp in privileged mode, and select TFTP as the desired protocol.
MA5300(config)#tftp put vrpcfg.txt //10.71.53.108/vrpcfg.txt . Uploading succeeds!
At this moment, the TFTP application will display the progress of the backup process. After the backup completes, you can find the backup file of vrpcfg.txt in D:\WINDOWS\Desktop\load.
Connect the serial port of the PC with the configuration serial port of the ESM board, and then log on to the ESM board through the PC. Next, set the IP address of the PC network port to enable it to share the same network segment with the maintenance network port or Ethernet network port of the ESM board. 2) Run FTP application.
Start the FTP application, and select [Security/Users/rights] to enter the window shown in Figure 26-5. In the pop-up window, you can set the basic attributes of the FTP. For example, in the Home Directory text box, you can enter the directory for the backup configuration file to be placed, or select New User] to add an FTP user.
Figure 26-5 Setting the configuration file directory and user name using FTP 3) Run the command ftp.
ftp>put vrpcfg.txt 200 PORT command okay 150 "D:\WINDOWS\DESKTOP\LOAD\vrpcfg.txt" file ready to receive in ASCII mode 226 Transfer finished successfully. FTP: 1956 byte(s) sent in 0.440 second(s) 4.44Kbyte(s)/sec.
At this moment, the FTP application will display the progress of the backup process. After the backup completes, you can find the backup file of vrpcfg.txt in D:\WINDOWS\Desktop\load.
For the MA5300, patch files may be in three states. Idle It is the initial status, which indicates that there is no patch. Deactive It means the patch files have been loaded to the host, but not activated yet. That is, the patch code has not been validated. Active The patch code has been validated. You can modify the status of the patch files by using the command run or deactivate. Running The patch files are running. You cannot deactivate but delete the patch files in this status.
Note: The Running status differs from the Active status only in that patch files in the Running status can be restored to the Running status after system rebooting, while patch files in the Active status can be restored to the Deactive status. The Active status can be comprehended as running the patch on trial basis. Through the trial running, you can confirm whether the patch file is up to the expectation in functionality. The patches passing the trial running can then be put into normal operation.
In the MA5300, the patch files in the active ESM and those in the standby ESM are managed separately. You can distinguish them with the commands active and standby. At present, the MA5300 does not support standby ESM patch files. Table 26-6 lists the patch-related commands. Table 26-6 Commands for patch-related operations To Load patch files Activate patch files Deactivate patch files Run patch files formally Delete patch files load patch patch activate patch deactivate patch run patch delete Use In Privileged mode Privileged mode Privileged mode Privileged mode Privileged mode
Use
patch operation success MA5300(config)#show patch all active Host version: Patch version: Patch number: Number of formal patch: Number of temporary patch: Number of run patch: Number of actived patch: Number of deactived patch: MA5300V100R005 MA5300V100R005SP01 1 1 0 0 1 0
patch operation success MA5300(config)#show patch all active Host version: Patch version: Patch number: Number of formal patch: Number of temporary patch: Number of run patch: MA5300V100R005 MA5300V100R005SP01 1 1 0 1
By far, the patch files of SP01 have been loaded successfully. They are in the running status.
-------------------------------------------------------------------No. 4 Cmd: UserName root exit Date&Time 2003-06-18 08:21:43 LogMode AUX IP-Address --
-------------------------------------------------------------------No. 3 Cmd: UserName root parity none Date&Time 2003-06-18 08:03:53 LogMode AUX IP-Address --
--------------------------------------------------------------------
An alarm ID consists of 4 bytes, and corresponds to only one alarm. It can be queried running the command show alarm list. 2) Alarm serial number
It is an integer. Every alarm is assigned with a different serial number. In general, the serial number is associated with the sequence of alarm occurrence. Therefore, it corresponds to one (and only one) alarm specifically. 3) Alarm levels
Available alarm levels are: critical, major, minor and warning (in descending order). The critical alarm, such as power circuit fault or output clock fault, refers to the global alarm that affects the normal equipment operation and should be eliminated at once. The major alarm, such as broken fiber or physical line fault, refers to the local board or line alarm that may lead to abnormality in services if not handled in time. The minor alarm refers to the general fault alarm or event alarm which describes whether every board or line is normal. For example, such alarms may indicate the occurrence of bit errors in a specific physical line. The warning alarm refers to the change of status or occurrence of events that do not affect the system performance and service running, but may interest the operators. Some of them are the prompt information concerning the recovery of the system to normality. 4) Alarm classes Alarms can be divided into 3 classes, namely running alarms (event), fault alarms (fault) and recovery alarms (restore). 5) Alarm types
Alarms can be divided into 5 types, namely communication alarms, service-quality alarms, process-error alarms, equipment alarms and environmental alarms. 6) Alarm parameters
They are included in a reported alarm to describe the location of the alarm. For example, in the case of board alarm, the parameters mainly include the frame number, slot number and port number. 7) Report alarms to NMS workstations
The system can support up to 32 NMS workstations. Whether an alarm should be sent to NMS workstations or not is decided by the associated switch. 8) Report alarms to CLI terminals
You can run relevant commands to set whether some alarms should be sent to the CLI terminals.
alarm
Alarm management involves: Viewing Alarm Records Viewing the Alarm Configuration Setting Alarm Levels Setting the Alarm Output on a CLI Terminal Setting the Alarm Threshold Setting Alarm Statistics Viewing/Clearing Alarm Statistics Viewing Basic Alarm Information
The information in an alarm record involves: Time of occurrence Serial number Alarm level Alarm class Alarm description Alarm parameters The MA5300 can store up to of 1,000 alarms. When there are more than 1,000 alarms, the new alarms will overwrite the old ones automatically. Therefore, once a system fault occurs, you should view the alarm information and make records at once, for fear that the alarm that may be helpful for fault locating is overwritten. Table 27-3 lists the commands for viewing the latest alarm records. Table 27-3 Commands for viewing alarms To View by alarm serial number Use show alarm history alarmsn sn In All modes except the user EXEC mode id All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode All modes except the user EXEC mode
View by alarm ID
alarmid
show alarm history alarmlevel level [startnum number] show alarm history alarmtype type_value [startnum number] show alarm history alarmclass class [startnum number] show alarm history alarmtime datebegin timebegin dateend timeend [startnum number] show alarm history all [startnum number]
View by time
Note: The system has saved 1000 history alarms in the host. To view even earlier history alarms, you can resort to the databases in the NMS.
Note: Care should be taken whenever you set the alarm level. In usual conditions, the default alarm level is a reasonable one. The system can automatically keep a recovery alarm and the corresponding fault alarm at the same level. It means when you set the alarm level of a fault alarm, the system will set the alarm level of its corresponding recovery alarm to the same level. Similarly, when you set the alarm level of a recovery alarm, the alarm level of the corresponding fault alarm will be the same.
After the settings, you can run the command show alarm configuration to view whether the alarm is output to CLI.
Note: When the output of a specific alarm to the CLI is enabled or disabled, it applies to all of the CLI terminals. The alarm screening function mentioned above is inapplicable for the NM terminal, as the NM terminal will offer more powerful alarm screening function. The alarm output settings have no impact on alarm generation. Alarms generated in the system will still be recorded and can be traced. The modes offered for alarm output setting may affect each other. Whether or not to output an alarm is determined by the latest setting. The system can automatically keep a recovery alarm and the corresponding fault alarm to be of the same output tag. It means when you set the output tag of a fault alarm, the system will set the output tag of its corresponding recovery alarm to be the same. Similarly, when you set the output tag of a recovery alarm, the output tag of the corresponding fault alarm will be the same.
After the setting, you can run the command show alarm configuration alarmed to view the alarm statistics flag.
Note: The modes offered for alarm statistics setting may affect each other. Whether statistics collection for an alarm is enabled is determined by the latest setting. In practice, the statistics flag of a recovery alarm may differ from that of a fault alarm. The concerns for them may also vary. Therefore, the fault alarm and recovery alarm should be set separately. It is prohibited to set statistics flag for a threshold-crossing alarm.
Note: In practice, the statistics of a recovery alarm may differ from that of a fault alarm. The concerns for them may also vary. Therefore, the fault alarm and recovery alarm should be set separately. If you are not concerned about the threshold alarm for a certain type of alarms, set the corresponding threshold as 0 to disable threshold alarm reporting.
Note: The system will automatically clear the associated statistics if alarms of a certain type are not generated for a long time (within two days). Therefore, you do not need to clear such statistics in usual conditions.
I. Data synchronization
The MA5300 performs data synchronization in a centralized manner: The data synchronization module offers a unified synchronization interface, the software modules register the data to be synchronized, and finally the data synchronization module carries out the data synchronization for the active/standby boards. The data that can be synchronized include: Configuration data Basic running data Dynamic service data There are two states of data synchronization. Sufficient data synchronization When all data variations of the active board are completely synchronized with the data of the standby board, such synchronization is called sufficient data synchronization. Insufficient data synchronization When only part of data variations of the active board is synchronized with the data of the standby board, such synchronization is called insufficient data synchronization.
II. Smoothness
The active/standby switchover means the standby board is promoted to be the active one. Before performing active/standby switchover, the MA5300 needs to check the
Huawei Technologies Proprietary 28-1
consistency between the data blocks to be synchronized and generate new data. In general, this process is referred to as smoothness.
active/standby switchover, perform simple board resetting and enable low-level system recovery function to ensure the normality of the system. In insufficient running data synchronization, the system prohibits using the active/standby switchover command for forced active/standby switchover. Other forced switching approaches will not lead to system reset or affect the configuration files. However, it may lead to service board reset. In insufficient service data synchronization, the system allows using active/standby switchover command for forced active/standby switchover. The active/standby switchover will not affect the original services, alarms, logs and connections.
I. Networking description
MA5300 E A D A
G7/1/1
G8/1/1
G9
G9 E6 4.0.1.1/24 E7 4.0.2.2/24
HUB
4.0.1.1/24 E6 4.0.2.1/24 E7
ESM1 ESM2
ISU1 ISU2
PC2 4.0.1.100/16
MT800
PC1
Value
3)
Configuration at ISU2
Value
Since only one of ESM1 and ESM2 is in active status, you just need to configure the active ESM. The configuration data will be synchronized to the standby ESM automatically. 2) Set port G7/1/1 as Trunk port, allowing the pass-through of all VLANs.
MA5300(config)#interface gigabitEthernet 7/1/1 MA5300(config-if-GigabitEthernet7/1/1)#switchport mode trunk MA5300(config-if-GigabitEthernet7/1/1)#switchport trunk allowed vlan all Please wait........................................... Done. MA5300(config-if-GigabitEthernet7/1/1)#
3)
Create VLAN 2, designate port adsl 1/0/0 to VLAN 2 and activate the port.
4)
As the two ISU boards are designated with different MAC addresses, you can run these commands to set the destination MAC addresses for PPPoA and IPoA:
MA5300(config)#atm-terminated dest-mac pppoa support-misu slot7
The first MAC address is the MAC address of ISU1 connected with the ESM board residing in Slot 7; the second MAC address is the MAC address of ISU2 board connected with the ESM board residing in slot 8. 5) 6) Set the connection type of port adsl 1/0/0 as auto. Enable the uplink port of the standby ESM board.
Huawei Technologies Proprietary 28-5
By default, the GE and FE ports of the standby ESM board are disabled. You need to enable these ports used for packet transmission manually. 7) Add two ISU boards through the device management function.
MA5300(config)#inner-isu support-misu
If running the command inner-isu, you can only add one ISU board. If using the above command, you can add two ISU boards at the same time. At this moment, you can view two ISU boards running the command show board. 8) Configure MISU.
MA5300(config)#misu uplink-port slot 7 interface GigabitEthernet7/1/1 MA5300(config)#misu uplink-port slot 8 interface GigabitEthernet8/1/1 MA5300(config)#misu enable
These commands are used to specify a port of the two ESM boards for ISU active/standby switchover, and then enable dual-ISU active/standby switchover.
This configuration can be performed in the same manner as configuring a single ISU. Designate port Ethernet 6 for PPP and VLAN access, and then add several user accounts. For details, refer to Intelligent Service Unit Processing Unit Operation Manual. 2) Enable PPPoA function.
To offer PPPoA access, you need to enable PPPoA function first. 3) Add a default upstream route and a default route for the communication between two ISUs.
ISU1 configuration:
[ISU]inter eth 6.0 [ISU-Ethernet6.0]ip address 4.0.1.1 255.255.255.0 [ISU-Ethernet6.0]quit [ISU]inter eth 7.0 [ISU-Ethernet7.0]ip address 4.0.2.1 255.255.255.0 [ISU-Ethernet7.0]quit [ISU]portvlan eth 6 vlan 0 [ISU-ethernet6-6-vlan0-0]access-type interface [ISU-ethernet6-6-vlan0-0]quit
[ISU-ethernet7-7-vlan0-0]access-type interface [ISU-ethernet7-7-vlan0-0]quit [ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.1.100 [ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.2.2 preference 200
ISU2 configuration:
[ISU]inter eth 6.0 [ISU-Ethernet6.0]ip address 4.0.1.1 255.255.255.0 [ISU-Ethernet6.0]quit [ISU]inter eth 7.0 [ISU-Ethernet7.0]ip address 4.0.2.2 255.255.255.0 [ISU-Ethernet7.0]quit [ISU]portvlan eth 6 vlan 0 [ISU-ethernet6-6-vlan0-0]access-type interface [ISU-ethernet6-6-vlan0-0]quit [ISU]portvlan eth 7 vlan 0 [ISU-ethernet7-7-vlan0-0]access-type interface [ISU-ethernet7-7-vlan0-0]quit [ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.1.100 [ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.2.1 preference 200
To enable NMS devices in the public network to access the two ISU boards at the same time, you need to add a low-priority default route between the ISUs ports Ethernet 7. 4) Enable HRP function.
You can run the above commands to configure the uplink/downlink port needed for the dual-ISU active/standby switchover, and enable the HRP packet reception function.
IV. Verification
1) When the system is in normal status, run the command show misu on the ESM board.
MA5300(config)#show misu [MISU information] function status: Enable shakehand timer: 3 (sec) upper-port of ESM board in slot 8: GigabitEthernet7/1/1 ESM board in slot 8 is in master status ISU board status is Normal
upper-port of ISU board is up upper-port of ESM board in slot 7: GigabitEthernet7/1/1 ESM board in slot 7 is in slave status ISU board status is Normal upper-port of ISU board is administratively down
The above shows that the two ISUs are in normal status, the uplink port of the ISU board connected with the active ESM board is enabled, while the uplink port of the ISU board connected with standby ESM board is disabled. When viewing the indicators of the HUB, you can find that one of the two ports connecting the uplink ports of two ISU boards is UP and the other is DOWN. 2) 3) Configure PPPoA access on the MT800 (an ADSL Modem). The system prompts success and allocates an IP address. Disconnect the uplink port of the ISU board (connected with the active ESM) with the HUB. Several seconds later, the system starts to implement ESM active/standby switchover. The original active ESM board prints Master board is ready to reset for bas connection down. The original standby ESM board becomes the active one. 4) 5) Interrupt MT800s PPPoA access, and then redial. The PPPoA access is restored. You can ping PC2 from PC1. Check the HUBs indicators. You can find that the UP one of the two uplink ports connected with ISU turns into DOWN, and the other turns into UP.
Use (no) standby backup config (no) standby configure system switch-over update
In
Privileged mode
active/standby
2)
Disable the switch for synchronizing the configuration files on active/standby boards.
MA5300#no standby backup config Config file automatic backup to standby board switch status: Off.
To perform active/standby switchover between the two ESM boards, follow the steps below strictly: Enable the switch for synchronizing the configuration files on active/standby boards by running the command standby backup configure. Synchronize the configuration data in the standby board with those in the active board by running the command standby update configure. Switch the ESM board manually by running the command system switch-over. This example shows how to perform ESM board switchover manually.
MA5300#standby backup configure Configure file automatic backup to standby board switch status: On MA5300#standby update configure The configuration file will be written to the flash memory of standby board Are you sure to continue? (y/n)[n]:y Now synchronizing startup-configure to standby. Please wait for a while(2 minutes in worst case)... Synchronize startup-configure to standby successfully. MA5300#system switch-over Are you sure to switch over? (y/n)[n]:n
After configuring data in the active ESM board, you can run the command write to save the configuration data. At the same time, the system saves the configuration data in the standby board by synchronizing the active/standby configuration data. When the active ESM board is unplugged or is faulty, the system switches the standby ESM board to an active one, ensuring the normality of ongoing service.
After configuring the data in the active ESM board, you can run the command write to save the data. In the mean time, the system saves the data in the standby board.
When the active ESM board is unplugged, you can run the command system
switch-over to switch over the active/standby board manually. This can change the
standby board into the active one.
MA5300#system switch-over Are you sure to switch over? (y/n)[n]:n
Note:
Up to two EMUs (one FAN and one other EMU) can be configured in one MA5300 cabinet.
In
configuration
Global configuration mode Global configuration mode All modes except the user EXEC mode and privileged mode
show emu
Note:
The subnode number for H303ESC is always 30. The default subnode for FAN, POWER4875, POWER4845 and DIS is 0 respectively. You can configure these subnodes, but they must be consistent with the DIP settings on the hardware. No subnode is allowed to conflict with others when the system monitors multiple EMUs at the same time.
com It refers to the method for communication between the EMU and the ESM board, which can be back, fore and random. back means the EMU shall communicate with the ESM board through the serial port on the backplane of the cabinet. fore means the EMU shall communicate with the ESM board through the serial port on the front panel of the ESM board. random means the EMU shall use either the back or fore mode to communicate. It is applicable to the communication between slave frames.
Note:
Pay attention to the following when selecting the communication method: The EMU FAN can only work in back mode. Other EMUs can only work in fore mode.
DESCRIPTION : EMU is faulty or cannot communicate with the host. REASON : (1) EMU fault, (2) Communication serial port damaged or line fault, (3) EMU reset manually ADVICE : (1) Replace the EMU, (2) Check the communication serial port and line.
Note:
The EMU type cannot be changed after the configuration. If you need to change it, first delete the EMU, and then add a new one. If an EMU in the cabinet has been replaced, first delete the original EMU, and then add the new one.
Used or not : Used EMU state Frame ID Subnode COM Port : Normal : 0 : 30 : Fore
--------------------------------------------------------------------
Use esc analog esc digital esc com esc power esc 4810 show esc system parameter esc power show 4810 esc
In
H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode H303ESC environment monitor mode
Set the 4810 power module parameters View the parameters H303ESC system module
View the 4810 power module information View the environment information
In
POWER4875 monitor mode POWER4875 monitor mode environment environment
POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode
power module-num power module-parameter power off power supply-parameter power digital-backup show power alarm show power environment info show power environment parameter
Set 4875/4845 power-off threshold Set 4875/4845 power supply parameter Set 4875/4845 power backup digital View the 4875/4845 power alarm information View the 4875/4845 power environment information View the 4875/4845 power environment parameters
To
View the 4875/4845 power running information View the 4875/4845 power system parameters Set 4875/4845 power off temperature
In
POWER4875/POWER4845 environment monitor mode POWER4875/POWER4845 environment monitor mode POWER4845 environment monitor mode
Use distribution alarmset distribution buzzers distribution humidity distribution temperature distribution input distribution outside_analog distribution outside_digital distribution lamp
In
DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode DIS environment monitor mode
Set the humidity alarm threshold Set the threshold temperature alarm
Set the -48V input alarm threshold Set the analog parameters of external sensors of the power distribution frame Set the digital parameters of external sensors of the power distribution frame Set the lamp parameter of the cabinet
To
View the configuration parameter of distribution frame View the environment parameter of distribution frame
In
DIS environment monitor mode DIS environment monitor mode
lamp.
DESCRIPTION : EMU is faulty or cannot communicate with the host. REASON : (1) EMU fault, (2) Communication serial port damaged or line fault, (3) EMU reset manually ADVICE : (1) Replace the EMU, (2) Check the communication serial port and line. --- END
Note:
The subnode number for EMU-H303ESC is always 30.
-------------------------------------------------------------------
Note:
If the state of EMU is Fault, check the following: Whether H303ESC works normally. Whether the physical connection is correct. Whether the EMU type, cabinet ID, subnode number and communication serial port are correct.
This example shows how to enter H303ESC mode to check the environment information.
MA5300(config)#interface emu 0 MA5300(config-if-h303esc-0)#show esc environment info MA5300(config-if-h303esc-0)# EMU ID: 0 Fan control mode :Auto H303ESC environment state Fan run state: Open
-----------------Analog Environment Info-------------------------ID Name 0 1 2 3 4 5 6 7 Temperature Humidity State Value 20 80 AlmUpper AlmLower Unit 5 0 -128 -128 -128 -128 -128 -128 C %R.H.
Normal -128.00 127 Normal -128.00 127 Normal -128.00 127 Normal -128.00 127 Normal -128.00 127 Normal -128.00 127
----------------Digital Environment Info--------------------------ID Name 0 2 4 6 8 Wring Door2 Theft_Alarm Water_Alarm Window_Broken State Value |ID Name |1 |3 |5 |7 |9 Door1 Fire_Alarm Fog Peculiar_Smell State Alarm Value 1
10 -
|11 -
--------------------------------------------------------------------
Note:
If there is a temperature alarm and access control alarm when you check the environment state, change the temperature threshold and the level of the access control respectively to eliminate these alarms. Too high a temperature is prompted because the upper threshold for temperature alarm is set to only 20C; while the access control alarm is generated since the door is not closed.
This example shows how to set the temperature alarm, with the upper and lower threshold as 55C and 5C respectively.
MA5300(config-if-h303esc-0)#esc analog { analogid<U><0,7> }:0 { alarm-upper-limit<S><1,4> }:55 { alarm-lower-limit<S><1,4> }:5 { <cr>|measure-upper-limit<S><1,4> }:
This example shows how to set the effective level of access control to a high level.
MA5300(config-if-h303esc-0)#esc digital { digitalid<U><0,21> }:1 { low-level<K>|high-level<K> }:high-level { <cr>|name<S><0,19> }:
------------------Analog Environment Info-------------------------ID Name 0 1 2 3 Temperature Humidity State Value 55 80 AlmUpper AlmLower Unit 5 0 -128 -128 C %R.H. -
---------------Digital Environment Info--------------------------ID Name 0 2 4 6 8 Wring Door2 Theft_Alarm Water_Alarm Window_Broken State Value |ID Name |1 |3 |5 |7 |9 Door1 Fire_Alarm Fog Peculiar_Smell State Value
Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1
Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1 Normal 1
10 12 14 16 18 20 -
--------------------------------------------------------------------
Now the states of both temperature and access control are normal.
Used or not : Used EMU state Frame ID Subnode COM Port : Normal : 0 : 0 : Fore
Note:
If the EMU state is Fault, ensure the following: The physical connection is correct. The connection line between distribution frame and MA5300 is correct and functions well. The switches 15 of the DIP switch S1 on the DIS has been set to ON. The EMU type, frame ID, subnode number and communication serial port are configured correctly.
This example shows how to enter DIS environment monitor mode to check the environment information.
MA5300(config-if-dis-1)#show distribution environment info MA5300(config-if-dis-1)# EMU ID: 1 distribution environment info
------------------Analog Environment Info-------------------------ID Name 0 1 2 3 4 5 input -48V 1 input -48V 2 temperature humidity State Value AlmUpper AlmLower Unit 60 60 55 80 42 42 5 0 -128 -128 volt volt C %R.H. -
----------------Digital Environment Info--------------------------ID Name 0 2 4 6 8 State Value |ID Name |1 |3 |5 |7 |9 State Value
output ctrl digital 1Normal output ctrl digital 3Normal board +12V Normal -
output ctrl digital 2Normal output ctrl digital 4Normal board +24V Normal -
--------------------------------------------------------------------
By now you can set various environment parameters of DIS. The configuration procedure for different EMUs is similar. You can refer to the above two examples while configuring other EMUs. For related commands, refer to the previous description in this chapter. Note that the key word of configuration commands in EMU configuration mode is different.
Huawei Technologies Proprietary 29-17
For H303ESC, it is esc For FAN, it is fan For power 4875/4845, it is power For DIS, it is distribution
HUAWEI
Part 5 Appendix
Table of Contents
Table of Contents
Appendix A Acronyms and Abbreviations .................................................................................A-1
E ES ESM EAD ESH ESP EVD F FE FIFO FTP G GARP GE GMRP GVRP H HDP HTP HGMP I IAB ICMP IETF IGMP IGP IP ISU IPoA IPoE L LOSW LAN LSDB Loss of SYNC Failure Local Area Network Link-State DataBase
Huawei Technologies Proprietary A-2
Errored Second Ethernet Switch Main Control board Ethernet ADSL access board Ethernet SHDSL board Ethernet Splitter board Ethernet over VDSL access board
Generic Attribute Registration Protocol Gigabit Ethernet GARP Multicast Registration Protocol GARP VLAN Registration Protocol
Huawei Discovery Protocol Huawei Topology Protocol Huawei Group Management Protocol
Internet Architecture Board Internet Control Message Protocol Internet Engineering Task Force Internet Group Management Protocol Interior Gateway Protocol Internet Protocol Intelligent Service Unit Internet Protocol Over ATM IP over Ethernet
LSA LSR LSU LSAck M MAC MIB MTU N NAS NBMA NIC NMS NSSA NVRAM O OSPF P PIM-DM PIM-SM PITP PPPoE PPPoA PQ PVC Q QoS QinQ R RADIUS RARP RID RIP RMON
Link-State Advertisement Link State Request Link State Update Link State Acknowledgment
Network Access Server Non Broadcast MultiAccess Network Information Center Network Management System Not-So-Stubby Area Nonvolatile Random Access Memory
Protocol-Independent Multicast-Dense Mode Protocol-Independent Multicast-Sparse Mode Policy Information Transfer Protocol Point-to-Point Protocol Over Ethernet Point-to-Point Protocol Over ATM Priority Queuing Permanent Virtual Channel
Remote Authentication Dial-In User Service Reverse Address Resolution Protocol Remote ID Routing Information Protocol Remote Network Monitoring
Huawei Technologies Proprietary A-3
RSTP S SES SHDSL SNMP STP SYN T TCP/IP TFTP TOS TTL U UAS UDP V VCI VPI VDSL VLAN VOD VT VTP VTY W WAN WRR X xDSL
Severely Errored Seconds Single-pair High-speed Digital Subscriber Line Simple Network Management Protocol Spanning Tree Protocol Synchronization
Transmission Control Protocol/ Internet Protocol Trivial File Transfer Protocol Type of Service Time To Live
Virtual Channel Identifier Virtual Path Identifier Very-high-data-rate Digital Subscriber Line Virtual Local Area Network Video On Demand Virtual Terminal VLAN Trunk Protocol Virtual Type Terminal
Index
Index
Numerics
201+, 13-18 4875/4845 power module, 29-9 4875/4845 power-off threshold, 29-10 802.1x authentication process, 14-4 configuration, 14-4 system architecture, 14-2 ADSL line profile, 20-13 ADSL/ADSL2+ alarm profile, 20-29 SHDSL alarm profile, 20-33 SHDSL line profile, 20-21 VDSL alarm profile, 20-26 VDSL line profile, 20-10 aging time multicast group member port, 23-6 router port, 23-6 alarm class, 27-3 alarm ID, 27-2 alarm level, 27-3 alarm management, 27-4 alarm parameter, 27-3 alarm serial number, 27-3 alarm statistics setting, 27-8 viewing/clearing, 27-10 alarm table, 7-2 alarm threshold, 27-9 alarm type, 27-3 ARP, 10-1 ARP address translation implementation, 10-1 necessity, 10-1 ARP Proxy, 10-2 AS, 18-10 ASBR, 18-11 ASCII code, 1-5 authentication/authorization scheme local, 13-5 radius, 13-5 simple, 13-5 auto key word matching, 2-2 auto online upgrading, 26-7 AUX, 4-1
A
AAA, 13-1 ABR, 18-11 accounting scheme, 13-6 account-stop request, 13-18 ACL, 6-13 absolute time range, 15-4 activating, 6-14 data-based, 6-13 defining, 6-13 inband NMS networking, 6-14 name-based, 6-13 periodic time range, 15-4 sub-rule, 6-13 ACL match order auto, 15-1 config, 15-1 ACL module, 1-10 active/standby switchover data synchronization, 28-1 smoothness, 28-1 active/standby switchover mode auto, 28-2 forced, 28-2 manual, 28-2 normal, 28-2 active/standby switchover requirement, 28-3 add
Index device name, 6-6 DHCP, 9-1 DHCP L2/L3 relay, 9-9 DHCP Option60, 9-6 DHCP Option82 enabling/disabling, 9-11 DHCP packet CID, 9-12 maximum length, 9-13 RID, 9-12 DHCP Relay application, 9-14 DHCP relay mode L2, 9-9 L3, 9-9 DHCP relay standard mode, 9-5 DHCP Relay troubleshooting, 9-15 DHCP server IP address, 9-3 selection mode, 9-4 DIS parameters, 29-12 display characteristic, 2-3 DR, 18-11 dual-ISU function, 25-3 duplex mode, 19-4
B
backbone area, 18-13 backup, 26-19 basic operation command, 2-1 basic system operation, 2-1 BDR, 18-13 blackhole route, 18-6 board adding, 5-4 confirming, 5-5 deleting, 5-6 replacing, 5-7 viewing, 5-2 board management resetting service board, 5-6 resetting system or ESM board, 5-7
C
CAR, 20-6 CLI, 1-1 command matching, 2-2 command mode, 2-4 command mode characteristics, 2-5 community name read-only, 6-4 read-write, 6-4 configuration environment, 1-8 Controlled Port, 14-2 CPE, 20-9 CPU occupancy ratio, 2-11
E
EAP, 14-2 EAPoL, 14-2 EAPoL-Encapsulated-ASF-Alert, 14-3 EAPoL-Key, 14-3 EAPoL-Logoff, 14-3 EAPoL-Start, 14-3 EAP-Packet, 14-3 edit characteristic, 2-2 edit function, 2-2 EMU configuration adding, 29-3 deleting, 29-5 viewing, 29-5 EMU function, 29-1 EMU-H303ESC, 29-6 encryption key, 13-12, 13-15
D
database description packet, 18-12 DDN, 6-1 default ISP domain, 13-9 Delay bounded WRR, 16-4 delete xDSL alarm profile, 20-35 xDSL line profile, 20-24 destination address, 18-2 destination MAC address PPPoA, 21-28
Operation Manual SmartAX MA5300/5303 Broadband Access System error prompt, 2-4 Ethernet port aggregation, 19-7 MAC address learning, 19-6 event table, 7-3
Index
I
ICMP, 2-12 idle-cut, 13-8 IEEE 802.1x, 14-1 IGMP, 23-1 IGMP leave message, 23-4 IGMP query message general, 23-3 specific group, 23-4 IGMP report message, 23-4 iGMP Snooping router port, 23-2 IGMP Snooping aging time multicast group member port, 23-2 router port, 23-2 enabling/disabling, 23-6 MAC multicast group, 23-2 maximum time to respond, 23-3 multicast member port, 23-2 inband IP address, 6-12 route, 6-12 inband NMS, 6-1 inband port, 1-7 intelligent matching, 2-2 interactive mode, 2-7 inter-exchange, 2-5 IP address binding, 20-7 IP Hotel, 13-18 IPoA, 21-10 IPoA connection multi-PVC, 21-13 single PVC, 21-12 IPoE, 21-10 ISDN line, 6-1 ISP domain, 13-6 ISP domain state, 13-8 ISU, 25-1
F
FE Ethernet port, 19-1 FIFO, 16-1 file system, 26-1 flow control mode, 4-4 FTP, 26-4 FTP client, 26-5 FTP server authentication/authorization, 26-4 enabling/disabling, 26-4 timeout, 26-5
G
GE Ethernet port, 19-1
H
H303ESC environment monitor 4810 power module, 29-7 analog, 29-7 digital, 29-7 extended serial port, 29-7 fan control, 29-6 power module, 29-7 hardware/software version, 2-10 hello packet, 18-12 history commands, 2-11 history control table, 7-3 HyperTerminal EXEC terminal service, 4-5 history buffer, 4-6 line locking, 4-5 terminal screen, 4-6 timeout exit, 4-5 HyperTerminal interface, 1-3
L
L2 mechanism, 21-10 Huawei Technologies Proprietary i-3
Operation Manual SmartAX MA5300/5303 Broadband Access System L3 mechanism, 21-10 LAN, 1-7 line data bit, 4-4 parity bit, 4-4 stop bit, 4-4 line configuration, 4-1 line management asynchronous interface, 4-3 entering line configuration mode, 4-3 line numbering mode absolute, 4-1 relative, 4-1 link state acknowledgement packet, 18-12 request packet, 18-12 update packet, 18-12 loading, 26-11 local maintenance, 1-1 local MUX VLAN upstream port, 22-27 local serial terminal, 1-1 local user adding/deleting, 13-10 connecting, 13-11 modifying, 13-10 log management, 27-1 logic channel, 18-27 LSA, 18-11 LSDB, 18-11 MAC address table, 8-1 MAC source address PPPoA, 21-28 maintenance operation directory-related, 26-1 file-related, 26-2 memory device related, 26-2 master upstream port, 24-3 maximum failure count, 13-12, 13-17 MIB, 6-2 MIB tree structure, 6-2 monitor modules, 29-1 MTU, 9-13 multicase router parameter fast leave, 24-5 gen-response-time, 24-4 query-interval, 24-4 robustness variable, 24-4 source IP address, 24-4 sp-response-time, 24-5 multicast VLAN downstream port, 23-10 upstream port, 23-9 multi-service dispatch, 21-3 MUX VLAN, 22-1 basic application, 22-30 cascading application, 22-34 comprehensive application, 22-39 MUX VLAN configuration, 22-24 MUX VLAN configuration profile, 22-26
Index
M
MAC address aging time, 8-4 restoring, 8-5 viewing, 8-5 MAC address item, 8-2 MAC address learning count, 8-4 enable/disable, 8-4 limit, 8-4 MAC address segment, 9-7
N
named standard ACL, 15-5 NAS, 13-2 NBMA, 18-18 network mask, 18-2 network testing tool ping, 2-11 tracert, 2-11 next hop IP address, 18-3 NSSA, 18-14 numbered standard ACL, 15-4
O
OAM, 20-40 on/off control, 29-9 online help, 2-6 operation user management adding, 3-2 deleting, 3-3 modifying, 3-4 viewing, 3-5 OSPF, 18-10 OSPF packets, 18-12 outband IP address, 6-9 route, 6-10 outband NMS, 6-1 outband NMS networking, 6-10 outband port, 1-7 output interface, 18-3
Q
QinQ packet forwarding downstream, 22-45 upstream, 22-45 QinQ VLAN, 22-1 downstream port, 22-47 upstream port, 22-46 QinQ VLAN application, 22-50 QinQ VLAN PVC adding, 22-48 deleting, 22-48 modifying, 22-48 queue scheduling, 16-3, 16-9
R
RADIUS, 13-2 RADIUS server state, 13-18 RARP, 21-10 reachable route, 18-5 realtime accounting interval, 13-16 remote maintenance, 1-1 remote serial terminal, 1-6 reset xDSL chipset, 20-39 xDSL port, 20-39 retransmit time, 13-12, 13-16 RMON, 7-1 route priority, 18-3 route summary, 18-13 routing protocol, 18-4 routing protocol type, 18-3 routing table, 18-2 RS-232 serial cable, 1-1
P
p2mp, 18-18 p2p, 18-18 packet filtering, 16-2 packet redirection, 16-7 password authentication protocol, 6-7 privacy protocol, 6-7 patch management, 26-23 PITP, 21-35 PITP V mode, 21-36 port access auto, 14-6 force-authorized, 14-6 force-unauthorized, 14-6 port rate limit, 16-7 Portal, 13-18 PPPoA, 21-24 PPPoA connection multi-PVC, 21-27 single PVC, 21-26 PPPoE Plus, 21-37 PQ, 16-3
S
Session ID, 21-28 single PVC configuration, 21-1 single-ended test, 20-41 Smart VLAN, 22-1 downstream port, 22-15 Huawei Technologies Proprietary i-5
Operation Manual SmartAX MA5300/5303 Broadband Access System upstream port, 22-15 Smart VLAN application access mode, 22-17 comprehensive application, 22-20 Trunk mode, 22-18 Smart VLAN configuration, 22-14 SNMP group, 6-8 SNMP packet size, 6-6 SNMP V1/2C, 6-2 SNMP V3, 6-2 SNMP V3 group, 6-7 source MAC address IPoA, 21-14 static ARP, 10-2 static route parameter, 18-7 statistic table, 7-4 stub area, 18-14 synchronization insufficient configuration data, 28-2 insufficient running data, 28-3 insufficient service data, 28-3 SysContact, 6-5 SysLocation, 6-6 system data backup FTP, 26-22 TFTP, 26-21 system name, 2-8 system time, 2-8 terminal type ANSI, 2-9 VT, 2-9 TFTP transfer mode, 26-6 TFTP server file downloading, 26-6 file uploading, 26-6 timeout exit, 2-9 traffic, 16-1 traffic classification, 16-1 traffic mirroring, 16-9 traffic policing, 16-6 traffic statistics, 16-4 transmission rate, 4-3 Trap, 6-4 TTL, 2-11
Index
U
Uncontrolled Port, 14-2 unreachable route, 18-5 user attribute account, 3-1 appending information, 3-2 authority, 3-1 callback attribute, 3-2 password, 3-1 reentry count, 3-1 user management, 3-1 user template, 13-9
T
TCP attribute buffer size, 17-1 finwait timer, 17-1 synwait timer, 17-1 telnet application, 1-9 telnet environment, 1-7 terminal emulation, 1-4 terminal language general language, 2-8 local language, 2-8 terminal screen clearance, 2-10 terminal screen length, 2-9
V
VDSL CPE auto-upgrade, 20-44 VDSL CPE binding, 20-43 virtual link, 18-13 VLAN, 22-1 VLAN Stacking, 22-1 downstream port, 22-54 upstream port, 22-53 VLAN Stacking application, 22-57 VLAN Stacking packet forwarding upstream, 22-52
Operation Manual SmartAX MA5300/5303 Broadband Access System VLAN Trunk, 22-5 VOD, 23-7 VTY, 4-1
Index
X
xDSL port activation, 20-8 loopback, 20-39 status, 20-8
W
WAN, 1-7 WRR, 16-4
i. ii.