Professional Documents
Culture Documents
Configuration Guide - Device Management (V200R001C01 - 03) PDF
Configuration Guide - Device Management (V200R001C01 - 03) PDF
Configuration Guide - Device Management (V200R001C01 - 03) PDF
V200R001C01
03
Date
2011-11-27
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Website:
http://www.huawei.com
Email:
support@huawei.com
Issue 03 (2011-11-27)
Commissioning engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol
Description
DANGER
WARNING
CAUTION
Issue 03 (2011-11-27)
TIP
NOTE
ii
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention
Description
Boldface
Italic
[]
{ x | y | ... }
[ x | y | ... ]
{ x | y | ... }*
[ x | y | ... ]*
&<1-n>
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
iii
Issue 03 (2011-11-27)
iv
Contents
Contents
About This Document.....................................................................................................................ii
1 Displaying the Device Status......................................................................................................1
1.1 Display Commands.............................................................................................................................................2
1.2 Displaying the AR1200-S Status........................................................................................................................2
1.2.1 Displaying AR1200-S Information...........................................................................................................2
1.2.2 Displaying Versions..................................................................................................................................3
1.2.3 Displaying Power Information..................................................................................................................3
1.2.4 Displaying Temperature............................................................................................................................3
1.2.5 Viewing Fan Status....................................................................................................................................4
1.2.6 Displaying CPU Usage..............................................................................................................................4
1.2.7 Displaying Memory Usage........................................................................................................................4
1.2.8 Displaying Interface Status........................................................................................................................5
1.2.9 Displaying Electronic Labels.....................................................................................................................5
1.2.10 Displaying Diagnostic Information.........................................................................................................6
1.2.11 Displaying Health Status.........................................................................................................................6
1.2.12 Checking Interface Card Work Mode......................................................................................................6
Contents
3 PoE Configuration.......................................................................................................................49
3.1 Introduction to PoE...........................................................................................................................................50
3.2 PoE Features Supported by the AR1200-S.......................................................................................................50
3.3 Configuring PoE Functions..............................................................................................................................50
3.3.1 Establishing the Configuration Task.......................................................................................................51
3.3.2 Configuring the PoE Function Globally..................................................................................................51
3.3.3 Configuring the PoE Function on an Interface........................................................................................53
3.3.4 Checking the Configuration.....................................................................................................................55
3.4 Configuration Examples...................................................................................................................................56
3.4.1 Example for Configuring PoE.................................................................................................................56
4 Mirroring Configuration............................................................................................................59
4.1 Introduction to Mirroring..................................................................................................................................60
4.2 Mirroring Features Supported by the AR1200-S.............................................................................................60
4.3 Configuring Local Port Mirroring....................................................................................................................62
4.3.1 Establishing the Configuration Task.......................................................................................................62
4.3.2 Configuring a Local Observing Interface................................................................................................63
4.3.3 Configuring a Local Mirrored Interface..................................................................................................63
Issue 03 (2011-11-27)
vi
Contents
5 Hardware Management..............................................................................................................78
5.1 Introduction to Hardware Management............................................................................................................79
5.2 Hardware Management Supported by the AR1200-S......................................................................................79
5.3 Powering On and Off the Board.......................................................................................................................79
5.3.1 Establishing the Configuration Task.......................................................................................................79
5.3.2 Powering Off a Board..............................................................................................................................80
5.3.3 Powering On a Board..............................................................................................................................80
5.3.4 Checking the Configuration.....................................................................................................................80
5.4 Backing Up Electronic Labels..........................................................................................................................81
5.4.1 Establishing the Configuration Task.......................................................................................................81
5.4.2 Backing Up Electronic Labels.................................................................................................................81
5.5 Setting Fan Speed.............................................................................................................................................82
5.5.1 Establishing the Configuration Task.......................................................................................................82
5.5.2 Setting Fan Speed....................................................................................................................................83
5.5.3 Checking the Configuration.....................................................................................................................83
5.6 Resetting the LPU.............................................................................................................................................83
5.6.1 Establishing the Configuration Task.......................................................................................................83
5.6.2 Resetting the LPU....................................................................................................................................84
5.6.3 Checking the Configuration.....................................................................................................................84
6 Auto-Config..................................................................................................................................86
6.1 Auto-Config Overview.....................................................................................................................................87
6.2 Auto-Config Features Supported by the AR1200-S.........................................................................................87
6.3 Deploying Unconfigured Routers ....................................................................................................................92
6.3.1 Establishing the Configuration Task.......................................................................................................92
6.3.2 Configuring the DHCP Server.................................................................................................................94
6.3.3 Configuring the FTP/TFTP Server..........................................................................................................96
6.3.4 Checking the Configuration.....................................................................................................................97
6.4 Configuration Examples...................................................................................................................................98
6.4.1 Example for Configuring the Auto-Config Function..............................................................................98
Issue 03 (2011-11-27)
vii
Issue 03 (2011-11-27)
CAUTION
The display diagnostic-information command cannot be simultaneously run on multiple
terminals connected to the AR1200-S. If this occurs, the AR1200-S CPU usage rises and the
network performs less efficiently.
Table 1-1 Common display commands
Command
Description
display current-configuration
display device
display version
display this
display diagnostic-information
Procedure
l
Run:
display device [ slot slot-id ]
Procedure
l
Run:
display version [ slot slot-id ]
Procedure
Step 1 Run:
display power
Procedure
l
Run:
display temperature { all | slot slot-id }
Issue 03 (2011-11-27)
Procedure
l
Run:
display fan
Procedure
Step 1 Run:
display cpu-usage [ slot slot-id ]
Procedure
l
Run:
display memory-usage [ slot slot-id ]
If slot slot-id is not specified, the memory usage of the active main control board is
displayed.
----End
Context
There are two ways to display interface status:
1.
2.
Procedure
display interface interface-type interface-number
2.
3.
4.
----End
Procedure
Step 1 Run:
display elabel [ slot-id ] [ brief ]
Procedure
l
Run:
display diagnostic-information
CAUTION
When this command is being executed, system performance will be degraded, for example,
the CPU usage increases. Therefore, do not use this command when the system is operating
normally.
----End
Procedure
l
Run:
display health
Context
Only the work mode of the interface cards with configurable work modes can be displayed.
The work mode of these interface cards can be changed: 2E1/T1-M, 1E1/T1-M, 2E1/T1-F, 1E1/
T1-F, 4G.SHDSL, and 1CPOS-155M.
Procedure
Step 1 Run:
display workmode
Issue 03 (2011-11-27)
Issue 03 (2011-11-27)
Issue 03 (2011-11-27)
Information Classification
The information center receives and processes information of the following types:
l
Logs
Debugging information
Alarms
Severity Level
Description
Emergencies
Alert
Critical
Error
Issue 03 (2011-11-27)
Threshold
Severity Level
Description
Warning
Notification
Informational
Debugging
When information filtering based on severity levels is enabled, only the information whose
severity level threshold is less than or equal to the configured value is output.
For example, if the severity level value is configured to 6, only information with a severity level
ranging from 0 to 6 is output.
The information center receives logs, alarms, and debugging information from all modules.
The information center outputs information with different severity levels to different
information channels according to the configuration.
Generally, the information center distributes three types of information classified into eight
levels to 10 information channels. Information is then output to different directions.
As shown in Figure 2-1, logs, alarms, and debugging information have default output channels.
They can be customized to be output from other channels. For example, logs can be configured
to be output to the log cache through Channel 6 rather than the default Channel 4.
Issue 03 (2011-11-27)
10
Information
channel
Output
direction
Console
Console
Logs
Traps
3
4
Debugs
Monitor
Loghost
Loghost
Trapbuffer
Trap buffer
Logbuffer
Log buffer
5 SNMP agent
Direction of logs
Direction of alarms
Direction of debugging
information
channel6
channel7
channel8
Remote terminal
channel9
SNMP agent
Logfile
Issue 03 (2011-11-27)
Channel
Number
Default
Channel Name
Output
Direction
Description
Console
Console
Monitor
Monitor
Loghost
Log host
11
Channel
Number
Default
Channel Name
Output
Direction
Description
Trapbuffer
Trap buffer
Logbuffer
Log buffer
Snmpagent
SNMP agent
Unspecified
Unspecified
Unspecified
Unspecified
Unspecified
Unspecified
Channel9
Log file
In the case of multiple log hosts, logs can be output through one channel or several channels.
For example, some logs can be output to a log host through Channel 2 (loghost) and some logs
can be output to another log host through Channel 6. For easy management, the name of Channel
6 can be changed.
Format of Logs
Syslog is a sub-function of the information center. It outputs information to a log host through
port 514.
Figure 2-2 shows the format of logs.
Figure 2-2 Format of the output logs
Issue 03 (2011-11-27)
12
Indication
Description
TIMESTAMP
HOSTNAME
Host name
%%
Huawei logo
dd
Version number
AAA
Module name
Log level
CCC
Brief description
(l)
Information type
DDD
Log ID
YYYY
Descriptor
Format of Alarms
Figure 2-3 shows the format of the output alarms.
Figure 2-3 Format of the output alarms
13
Indication
Description
TimeStamp
HostName
Host name
ModuleName
Module name
Severity
Severity level
Severity of traps.
Brief
Brief information
Description
Description
Issue 03 (2011-11-27)
14
Applicable Environment
The system logs the operation information about devices in real time. It then outputs logs to the
log buffer, log file, console, terminal, and log host for storage and future reference. In this
manner, when faults occur on devices, users can locate the faults based on the logs.
Pre-configuration Tasks
Before configuring the log output, complete the following tasks:
l
Ensuring that the route between the router and the log host is reachable
Data Preparation
To configure the log output, you need the following data.
No.
Data
l Channel number
l Channel name
Module name
Context
The information center classifies and outputs information. When it is heavily loaded with
information processing, system performance degrades.
Procedure
Step 1 Run:
system-view
15
Procedure
Step 1 Run:
system-view
A channel is named.
----End
Context
Binary logs provide the function of filtering specified logs by their IDs. To filter certain logs,
the user can obtain IDs of these logs through log resolution tools and add these IDs to the log
filtering list.
After that, the information center does not send these logs in each output direction.
Procedure
Step 1 Run:
system-view
&<1-50>
One or more IDs are added and a space is used to separate these IDs.
NOTE
Currently, only 50 IDs can be shielded. The aggregation of these shielded IDs is called a log ID filtering
list. The log ID filtering list is arranged by ID values.
----End
16
Context
A data dictionary is used to transform binary logs into text logs. A data dictionary is the
aggregation of log IDs and fixed information required in the log, such as the level, mnemonic
symbol, and format string. The generated data dictionary is downloaded by the external
resolution tool.
Procedure
Step 1 Run:
system-view
Procedure
l
Run the following command on the router enabled with the information center:
system-view
Run:
info-center source { module-name | default } channel { channel-number |
channel-name } [ log { state { off | on } | level severity } * ]
Run the following command on the router enabled with the information center:
system-view
Run:
info-center logbuffer [ channel { channel-number | channel-name } ]
The channel through which logs are output to the log buffer is configured.
3.
(Optional) Run:
info-center logbuffer [ channel { channel-number | channel-name } | size
buffersize ] *
17
After the information center is enabled, logs are output to the log buffer through
Channel 4 by default and the log buffer can cache a maximum of 512 logs.
----End
Context
NOTE
The default log storage medium is usb0. If usb0 is unavailable, the default log storage medium is usb1. If
both usb0 and usb1 are unavailable, the log files cannot be saved. The log storage path is in the format of
storage medium name:/logfile, for example, usb0:/logfile.
Procedure
Step 1 Send logs to a channel.
1.
Run:
system-view
Run:
info-center source { module-name | default }channel { channel-number | channelname } [ log { state { off | on } | level severity } * ]
Run:
info-center logfile channel { channel-number | channel-name }
The channel through which logs are output to the log file is configured.
Step 3 (Optional) Configure the size of the log file output by the information center.
1.
Run:
info-center logfile size size
Procedure
Step 1 Configure the logs to be output through the channel.
Issue 03 (2011-11-27)
18
1.
Run:
info-center source { module-name | default } channel { channel-number |
channel-name } [ log { state { off | on } | level severity } * ]
Run:
info-center console channel { channel-number | channel-name }
The channel through which logs are output to the Console is configured.
2.
Run:
quit
Run:
terminal logging
Procedure
Step 1 Configure the logs to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ log { state { off | on } | level severity } * ]
Run:
info-center monitor channel { channel-number | channel-name }
Issue 03 (2011-11-27)
19
The information channel through which logs are output to the terminal is configured.
2.
Run:
quit
Run:
system-view
Run:
terminal logging
Procedure
Step 1 Configure the logs to be output through the channel.
1.
Run:
info-center source { module-name | default } channel { channel-number |
channel-name } [ log { state { off | on } | level severity } * ]
The channel through which logs are output to the log host is configured.
By default, logs are not output to the log host after the information center is enabled.
The system supports the configuration of a maximum of eight log hosts to realize backup
among log hosts.
----End
20
Prerequisite
The configurations of the information center function are complete.
Procedure
l
Run the display info-center [ statistics ] command to check the information recorded by
an information center.
Run the display logbuffer command to view the information recorded by a log buffer.
Run the display info-center filter-id { id } command to check whether the ID of a single
log is added into the filtering list.
Run the display info-center filter-id command to check whether IDs of all logs are added
into the filtering list.
----End
Example
Run the display channel [ channel-number | channel-name ] command to check the contents of
information channels.
<Huawei> display channel
channel number: 0, channel name: console
MODU_ID NAME
ENABLE LOG_LEVEL
ENABLE TRAP_LEVEL
ffff0000 default Y
warning
Y
debugging
ENABLE DEBUG_LEVEL
Y
debugging
ENABLE DEBUG_LEVEL
Y
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
Issue 03 (2011-11-27)
21
Run the display info-center command to check the contents of information center.
Information Center: enabled
Log host:
Console:
channel number: 0, channel name: console
Monitor:
channel number: 1, channel name: monitor
SNMP Agent:
channel number: 5, channel name: snmpagent
Log buffer:
enabled
max buffer size: 1024, current buffer size: 512
current messages: 6, channel number: 4, channel name: logbuffer
dropped messages: 0, overwritten messages: 0
Trap buffer:
enabled
max buffer size: 1024, current buffer size: 256
current messages: 0, channel number: 3, channel name: trapbuffer
dropped messages: 0, overwritten messages: 0
Logfile:
channel number: 9, channel name: channel9, language: English
Information timestamp setting:
log - date, trap - date, debug - date
Sent messages = 25, Received messages = 25
Run the display logbuffer command to view the logs in the log buffer.
<Huawei> display logbuffer
Logging buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 512
Channel number: 4, Channel name: logcy
Dropped messages: 0
Overwritten messages: 0
Current messages: 1
Aug 21 2007 18:33:31+00:00 AR200-V2R2C00-161 %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Som
e packets are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-Count=
474)
Run the display info-center filter-id [ id ] command to check whether the log with the ID being
1098649600 is added into the filtering list.
<Huawei> display info-center filter-id 1098649600
ID
: 1098649600
Content
: LSPM return error to TE when processing tunnel commit event!
(TunnelName=[STRING], ErrorCode=[ULONG])
Filtered Number : 0
Run the display info-center filter-id command to check whether IDs of all logs are added into
the filtering list.
<Huawei> display info-center filter-id
ID:
3221442627
Content:
The message was discarded because module batch doesn't begin. (
SourceModuleId=[ULONG], SourceModuleSubId=[ULONG], DestinationModuleId=[ULONG],
DestinationModuleSubId=[ULONG])
Filtered Number: 0
ID:
3491254537
Content:
Add the route [STRING] that have other flags besides deleted fl
ag [USHORT]
Filtered Number: 0
Issue 03 (2011-11-27)
22
Applicable Environment
The device can generate alarms in specific situations to draw attention of the administrators.
Alarms can be output to the alarm buffer, log file, Console, terminal, and Network Management
System (NMS), through which the administrator can easily locate and rectify the fault.
Pre-configuration Tasks
Before enabling alarm output, complete the following tasks:
l
Data Preparation
To configure alarm output, you need the following data.
No.
Data
l Channel number
l Channel name
Module name
Context
Classifying and outputting a large amount of information degrades system performance.
Issue 03 (2011-11-27)
23
Procedure
Step 1 Run:
system-view
Context
Do as follows on the router configured with the information center.
Procedure
Step 1 Run:
system-view
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure the alarms to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ trap { state { off | on } | level severity } * ]
Issue 03 (2011-11-27)
24
Run:
info-center trapbuffer [ channel { channel-number | channel-name } ]
Run:
(optional)info-center trapbuffer [ channel {
| size buffersize ] *
channel-number | channel-name }
The channel through which alarms are output to the alarm buffer is configured.
After the information center is enabled, alarms default to be output through Channel 3 to
the alarm buffer and the alarm buffer can contain 256 pieces of information.
----End
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Send logs to the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ trap { state { off | on } | level severity } * ]
25
Step 2 Configure the channel through which alarms are output to the log file.
1.
Run:
info-center logfile channel { channel-number | channel-name }
The channel through which alarms are output to the log file is configured.
By default, alarms are output through Channel 9 to the log file after the information center
is enabled.
Step 3 (Optional) Configure the size of the log file output by the information center.
1.
Run:
info-center logfile size size
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure the alarms to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ trap { state { off | on } | level severity } * ]
Run:
info-center console channel { channel-number | channel-name }
The channel through which alarms are output to the Console is configured.
By default, alarms are output to the Console through Channel 0.
Issue 03 (2011-11-27)
26
2.
Run:
quit
Run the following command on the router configured with the information center:
terminal monitor
Run:
terminal trapping
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure the alarms to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ trap { state { off | on } | level severity } * ]
Run:
info-center monitor channel { channel-number | channel-name }
The channel through which alarms are output to the VTY terminal is configured.
By default, alarms are output to the VTY terminal through Channel 1.
2.
Run:
quit
Issue 03 (2011-11-27)
27
Run:
terminal monitor
Run:
terminal trapping
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure the alarms to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ trap { state { off | on } | level severity } * ]
Run:
info-center snmp channel { channel-number | channel-name }
The channel through which alarms are output to the SNMP agent is configured.
By default, alarms are output to the SNMP agent through Channel 5.
2.
Run:
snmp-agent
28
Prerequisite
The configurations of the alarm output function are complete.
Procedure
l
Run the display info-center [ statistics ] command to check the information recorded by
the information center.
Run the display trapbuffer [ size value ] command to check the information recorded by
the alarm buffer.
----End
Example
Run the display info-center command to show channels.
<Huawei> display channel
channel number: 0, channel name: console
MODU_ID NAME
ENABLE LOG_LEVEL
ENABLE TRAP_LEVEL
ffff0000 default Y
warning
Y
debugging
ENABLE DEBUG_LEVEL
Y
debugging
ENABLE DEBUG_LEVEL
Y
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
ENABLE DEBUG_LEVEL
N
debugging
Issue 03 (2011-11-27)
29
Run the display info-center command to show the data recorded by info-center.
<Huawei> display info-center
Information Center: enabled
Log host:
Console:
channel number: 0, channel name: console
Monitor:
channel number: 1, channel name: monitor
SNMP Agent:
channel number: 5, channel name: snmpagent
Log buffer:
enabled
max buffer size: 1024, current buffer size: 512
current messages: 6, channel number: 4, channel name: logbuffer
dropped messages: 0, overwritten messages: 0
Trap buffer:
enabled
max buffer size: 1024, current buffer size: 256
current messages: 0, channel number: 3, channel name: trapbuffer
dropped messages: 0, overwritten messages: 0
Logfile:
channel number: 9, channel name: channel9, language: English
Information timestamp setting:
log - date, trap - date, debug - date
Sent messages = 25, Received messages = 25
Run the display trapbuffer command. If alarms in the alarm buffer are displayed, it means that
the configuration is successful.
<Huawei> display trapbuffer
Trapping buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 256
Channel number: 3, Channel name: trapbuffer
Dropped messages: 0
Overwritten messages: 713
Current messages: 1
#Aug 23 2007 18:47:19+00:00 AR200-V2R2C00-161 SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OI
D=1.3.6.1.4.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.
216.1 exceed the speed-limit value configed 5.
Context
CAUTION
Debugging degrades system performance. Therefore, after debugging, run the undo debugging
all command to disable debugging immediately. When the CPU usage is close to 100%,
debugging ARP may cause boards to reset. So, confirm the action before you use the command.
Issue 03 (2011-11-27)
30
Applicable Environment
When faults occur on a device, you can enable the information center to output debugging
information for easy faults location and analysis.
Pre-configuration Tasks
Before enabling the output of debugging information, complete the following tasks:
l
Data Preparation
To enable the output of debugging information, you need the following data.
No.
Data
l Channel number
l Channel name
Module name
Context
Classifying and outputting a large amount of information degrades system performance.
Procedure
Step 1 Run:
system-view
31
Context
Do as follows on the router configured with the information center.
Procedure
Step 1 Run:
system-view
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure debugging information to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ debug { state { off | on } | level severity } * ]
32
Step 2 Configure the channel through which debugging information is output to the log file.
1.
Run:
info-center logfile channel { channel-number | channel-name }
The channel through which debugging information is output to the log file is configured.
Step 3 (Optional) Configure the size of the log file output by the information center.
1.
Run:
info-center logfile size size
By default, the debugging information is not saved in the log file. If you want the debugging
information to be saved in the log file, run the info-center source default channel 9
debug state on level severity command to add records to the information channel.
----End
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure debugging information to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ debug { state { off | on } | level severity } * ]
Run:
info-center console channel { channel-number | channel-name }
The channel through which debugging information is output to the console is configured.
2.
Run:
quit
33
Run:
terminal monitor
Run:
terminal debugging
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure debugging information to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ debug { state { off | on } | level severity } * ]
Run:
info-center monitor channel { channel-number | channel-name }
The channel through which debugging information is output to the terminal is configured.
2.
Run:
quit
Run:
terminal monitor
Issue 03 (2011-11-27)
34
Run:
terminal debugging
Procedure
Step 1 Configure debugging information to be output through the channel.
1.
Run:
system-view
Run:
info-center source { module-name | default } channel { channel-number | channelname } [ debug { state { off | on } | level severity } * ]
The channel through which debugging information is output to the log host is configured.
By default, debugging information is not output to the log host after the information center
is enabled.
The system supports the configuration of a maximum of eight log hosts to realize backup
among log hosts.
----End
Prerequisite
The configurations of the debugging information function are complete.
Procedure
l
Issue 03 (2011-11-27)
35
Run the display info-center [ statistics ] command to check the information recorded by
an information center.
----End
Example
Run the display channel command. For example:
<Huawei> display channel 0
channel number: 0, channel name: console
MODU_ID NAME
ENABLE LOG_LEVEL
ENABLE TRAP_LEVEL
ffff0000 default Y
warning
Y
debugging
416e0000 ARP
Y
warning
Y
debugging
ENABLE DEBUG_LEVEL
Y
debugging
Y
debugging
Context
CAUTION
Statistics about the information center cannot be restored after being cleared. So, confirm the
action before you use the command.
Issue 03 (2011-11-27)
36
Procedure
l
To clear statistics about the information center, run the reset info-center statistics
command in the user view.
To clear statistics about the log buffer, run the reset logbuffer command in the user view.
To clear statistics about the alarm buffer, run the reset trapbuffer command in the user
view.
----End
Networking Requirements
As shown in Figure 2-4, Router A is required to transport logs to a File Transfer Protocol (FTP)
server. Maintenance engineers can easily obtain the operating status of Router A and locate any
faults occurring on it.
NOTE
The default log storage medium is usb0. If usb0 is unavailable, the default log storage medium is USB 1.
If both usb0 and usb1 are unavailable, the log files cannot be saved. The log storage path is in the format
of storage medium name:/logfile, for example, usb0:/logfile.
10.2.1.1/16
GE1/0/0
IP network
RouterA
FTP Server
10.1.1.1/16
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
3.
4.
Issue 03 (2011-11-27)
37
Data Preparation
To complete the configuration, you need the following data:
l
Procedure
Step 1 Configure the routing protocol to make the router and the FTP server reachable. (The detailed
procedure is not mentioned here.)
Step 2 Configure the user name and password that are used on the FTP server. (The configuration details
are not provided here.)
Step 3 Enable the information center:
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] info-center enable
Issue 03 (2011-11-27)
38
# View the received logs on the FTP server. (The display is omitted here.)
----End
Configuration Files
#
sysname RouterA
#
info-center source IP channel 9 log level warning
#
interface GigabitEthernet1/0/0
ip address 10.2.1.1 255.255.0.0
#
ip route-static 10.1.0.0 255.255.0.0 10.2.1.2
#
return
Networking Requirements
As shown in Figure 2-5, logs of multiple types and severity levels must be output to different
log hosts through information channels.
Router sends the logs (with a severity level as notification) generated on the Forwarding
Information Base (FIB) module and the IP module to the log host Server 1. Server 3 functions
as a backup router of Server 1.
Router sends the logs (with a severity level as warning) generated on the Point-to-Point Protocol
(PPP) module and the AAA module to the log host Server 1. Server 4 functions as a backup
router of Server 2.
Both the Router s and the log hosts need to be configured.
Issue 03 (2011-11-27)
39
10.1.1.2/24
Server 3
10.1.1.1/24
Server1
GE1/0/0
172.16.0.1/24
Router
Server 4
10.2.1.2/24
Server 2
10.2.1.1/24
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
3.
4.
5.
6.
Data Preparation
To complete the configuration, you need the following data:
l
Procedure
Step 1 Configure routing protocols to make the router and log server routable. (The detailed procedure
is not mentioned here.)
Step 2 Configure the channel for outputting logs.
# Enable the information center.
<Huawei> system-view
[Huawei] info-center enable
40
info-center
info-center
info-center
info-center
source
source
source
source
# Specify Server 2 as the log server and Server 4 as the backup log server to receive the logs
from the PPP module and the AAA module. The logs are output by Local4.
[Huawei] info-center loghost 10.2.1.1 channel loghost1 facility local4 language
english
[Huawei] info-center loghost 10.2.1.2 channel loghost1 facility local4 language
english
41
management settings and can therefore receive, filter, save, and forward the Syslog messages
sent by the device.
For the procedure for configuring log services on the HUAWEI iManager N200, refer to the
HUAWEI iManager N2000 DM - Compound Package User Manual Volume I.
Step 8 Verify the configuration.
# Display the configuration of the log host.
<Huawei> display info-center
Information Center: enabled
Log host:
the interface name of the source address:GigabitEthernet1/0/0
10.1.1.1, channel number: 2, channel name: loghost
language: english, host facility: local2
10.1.1.2, channel number: 2, channel name: loghost
language: english, host facility: local2
10.2.1.1, channel number: 6, channel name: loghost1
language: english, host facility: local4
10.2.1.2, channel number: 6, channel name: loghost1
language: english, host facility: local4
Console:
channel number : 0, channel name : console
Monitor:
channel number : 1, channel name : monitor
SNMP Agent:
channel number : 5, channel name : snmpagent
Log buffer:
enabled
max buffer size: 1024, current buffer size: 512
current messages: 218, channel number: 4, channel name: logbuffer
dropped messages: 0, overwritten messages: 0
Trap buffer:
enabled
max buffer size: 1024, current buffer size: 256
current messages: 256, channel number: 3, channel name: trapbuffer
dropped messages: 0, overwritten messages: 150
Logfile:
channel number: 9, channel name: channel9, language: English
Information timestamp setting:
log - date, trap - date, debug - boot
Sent messages = 683, Received messages = 682
----End
Configuration Files
#
info-center channel 6 name loghost1
info-center source FIB channel 2 log level notification
info-center source IP channel 2 log level notification
info-center source PPP channel 6 log level warning
info-center source AAA channel 6 log level warning
info-center loghost source GigabitEthernet1/0/0
info-center loghost 10.1.1.1 facility local2
info-center loghost 10.1.1.2 facility local2
info-center loghost 10.2.1.1 channel 6 facility local4
info-center loghost 10.2.1.2 channel 6 facility local4
#
interface GigabitEthernet1/0/0
ip address 172.16.0.1 255.255.255.0
#
ip route-static 10.1.1.0 255.255.255.0 172.16.0.2
ip route-static 10.2.1.0 255.255.255.0 172.16.0.2
Issue 03 (2011-11-27)
42
#
return
Networking Requirements
As shown in Figure 2-6, binary logs generated on Router A are sent to the log host in real time.
Users or maintenance personnel can analyze the log through log analysis tools and locate the
fault.
Figure 2-6 Example for Configuring Binary Logs to be sent to the Log Host
GE1/0/0
10.1.1.1/24
RouterA
Loghost
10.1.1.6/24
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
3.
4.
Data Preparation
To complete the configuration, you need to perform the following data:
l
User name and password used for logging into the FTP server
Procedure
Step 1 Configure routes between Router A and Loghost. (The detailed procedure is not mentioned here.)
Step 2 Enable the information center.
# Enable the information center.
<Huawei> system-view
Issue 03 (2011-11-27)
43
After the data dictionary is sent successfully, a prompt is displayed indicating Info: Succeeded
in creating a data dictionary.. For further confirmation, you can check whether the data
dictionary is successfully sent to the log server.
Step 5 Configure binary logs to be sent to the log host.
[Huawei] info-center loghost 10.1.1.6 binary
----End
Configuration Files
#
Issue 03 (2011-11-27)
44
interface GigabitEthernet1/0/0
ip address 10.1.1.1 255.255.255.0
#
info-center filter-id 1077514264
info-center loghost 10.1.1.6 binary
#
return
Networking Requirements
As shown in Figure 2-7, alarms are required to be output first to the SNMP agent and then to
the NM Station through SNMP Agent.
Figure 2-7 Networking diagram of outputting alarms to the SNMP Agent
GE1/0/0
Agent
NM Station
10.1.1.1/24
10.1.1.2/24
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
Specify the module enabled to output logs and configure the channel through which the
alarm is output.
3.
4.
Data Preparation
To complete the configuration, you need the following data:
l
Severities of alarms
Procedure
Step 1 Enable the information center.
<Huawei> system-view
[Huawei] info-center enable
Step 2 Specify the module enabled to output alarms and configure the channel used to output alarms.
# Specify the module enabled to output alarms and configure the channel used to output alarms.
Issue 03 (2011-11-27)
45
By default, alarms are output through the SNMP agent and information about all modules is displayed.
# View the alarms output through the channel selected by SNMP agent.
[Huawei] display channel 7
channel number: 7, channel name: channel7
MODU_ID NAME
ENABLE LOG_LEVEL
ENABLE TRAP_LEVEL
ENABLE DEBUG_LEVEL
ffff0000 default Y
debugging
Y
debugging
N
debugging
c16a0000 IP
Y
debugging
Y
informational N
debugging
46
----End
Configuration Files
#
info-center source IP channel 7 trap level informational
info-center snmp channel 7
#
interface GigabitEthernet1/0/0
ip address 10.1.1.2 255.255.255.0
#
snmp-agent
snmp-agent local-engineid 000007DB7F00000100003598
snmp-agent sys-info version v2c
snmp-agent target-host trap-hostname nms address 10.1.1.1 udp-port 162 trapparamsname trapnms
snmp-agent target-host trap-paramsname trapnms v2C securityname public
snmp-agent trap enable
#
return
Networking Requirements
As shown in Figure 2-8, it is required to output the debugging information of the Address
Resolution Protocol (ARP) module to the console.
Figure 2-8 Networking diagram of outputting information to the console
Console
Router
PC
Configuration Roadmap
The configuration roadmap is as follows:
Issue 03 (2011-11-27)
47
1.
2.
Set the logs to be output to the console and the information module.
3.
4.
Enable the terminal monitor function and display the debugging information.
Data Preparation
To complete the configuration, you need the following data:
l
Procedure
Step 1 Enable the information center.
<Huawei> system-view
Info: Current terminal monitor is on.
[Huawei] info-center enable
Info: Current terminal debugging is on.
Step 2 Allow the debugging on the ARP module to be output to the Console with the severity level of
the information as debugging.
[Huawei] info-center source arp channel console debug level debugging
[Huawei] info-center console channel console
[Huawei] quit
Step 3 Enable the terminal monitor function to display the debugging information.
<Huawei> terminal monitor
<Huawei> terminal debugging
ENABLE DEBUG_LEVEL
Y
debugging
Y
debugging
----End
Configuration Files
#
info-center source ARP channel 0
#
return
Issue 03 (2011-11-27)
48
3 PoE Configuration
PoE Configuration
Issue 03 (2011-11-27)
49
3 PoE Configuration
The AR1200-S complies with the legacy power supply standard, and can also provide
power for PDs that do not comply with the legacy standard.
The AR1200-S can provide power and transmit data at the same time through signal lines
1, 3, 2, and 6 of the category-3 or category-5 twisted pair. If the PD can obtain power only
through idle lines 4, 5, 7, and 8 of the twisted pair, the AR1200-S can provide power through
a converter.
The AR1200-S provides power for devices through Ethernet electrical interfaces on the
main control board at a distance of up to 100 m.
l When the AR1200-S provides power for a PD, the PD can work without other external power supplies.
l If a PD has an external power supply, the AR1200-S and the external power supply of the PD work in
redundancy mode.
Issue 03 (2011-11-27)
50
3 PoE Configuration
Applicable Environment
The AR1200-S can detect whether a device connected to it needs power supply and provide
power for it.
According to the actual requirements on the network, you can perform the following operations
by using commands:
l
Set the maximum output power, power supply management mode, and reserved power of
a board.
Set the backup mode of the PoE power supplies. Currently, the AR1200-S supports one
backup mode: 1+0, meaning that PoE power supplies are not backed up.
Set the maximum output power and power supply priority of an interface.
Pre-configuration Tasks
Before configuring the PoE function, complete the following task:
Installing the PoE power supply and PoE board on the AR1200-S
Procedure
l
The maximum output power of a board that you can set depends on the number of PoE power supplies
and the capability of the PoE power supplies.
1.
Run:
system-view
Run:
poe max-power slot_max_power slot slot-id
Issue 03 (2011-11-27)
51
3 PoE Configuration
Run:
system-view
Run:
poe power-management { auto | manual } slot slot-id
The PoE power supply management mode of the board in the specified slot is set.
By default, the AR1200-S uses the automatic power management mode.
l
Run:
system-view
Run:
poe high-inrush enable slot slot-id
The PoE board is configured to allow high inrush current during power-on.
By default, a board does not allow high inrush power during power-on.
l
Optional: Set the percentage of the reserved PoE power to the total PoE power.
The AR1200-S can dynamically allocate power to each interface according to the power
consumption of each interface. The power consumption of a PD keeps changing when the
PD is running. The AR1200-S periodically calculates the total power consumption of all
the PDs connected to boards. If the total power consumption exceeds the upper threshold
of the board, the AR1200-S cuts off the power of the PDs on the interfaces of low priority
to ensure that other PDs can run normally.
Sometimes, the power consumption increases sharply and the available power of a board
or the entire equipment cannot support the burst increase of power. At this time, the software
system has not found that the total power consumption exceeded the upper threshold;
therefore, the AR1200-S does not power off interfaces of low priority in time. As a result,
the PoE power supply is shut down for overload protection, and all PDs are powered off.
This problem can be solved by setting proper reserved power. When the power consumption
increases sharply, the reserved power can support the system running. Then the system
software has time to power off interfaces of low priority to ensure stable running of other
PDs.
1.
Run:
system-view
Issue 03 (2011-11-27)
52
3 PoE Configuration
Run:
poe power-reserved power-reserved
The percentage of the reserved PoE power to the total PoE power is set.
By default, 20% of the total PoE power is reserved.
l
Run:
system-view
Run:
poe-power backup-mode using-power-num
The backup mode of the PoE power supplies used by the board in a slot is set.
NOTE
By default, the backup mode of the AR1200-S PoE power supplies is 1+0.
Run:
system-view
Run:
poe-power utilization-threshold thresholdvalue
Procedure
l
Run:
system-view
Run:
interface interface-type interface-number
Issue 03 (2011-11-27)
53
3 PoE Configuration
Run:
poe enable
The PoE function is enabled. By default, the PoE function is enabled on all interfaces.
NOTE
Currently, only Ethernet 0/0/4 to Ethernet 0/0/7 on the SRU of the AR1200-S support PoE.
Run:
system-view
Run:
interface interface-type interface-number
Run:
poe power port_max_power
Run:
system-view
Run:
interface interface-type interface-number
Run:
poe priority { critical | high | low }
Run:
system-view
Run:
poe { power-on | power-off } interface interface-type interface-number
Issue 03 (2011-11-27)
54
3 PoE Configuration
When the manual power management mode is adopted, you must manually power on or power
off PDs on interfaces.
Run:
system-view
Run:
time-range time-name { start-time to end-time days | from time1 date1
[ to time2 date2 ] }
To configure multiple time ranges with the same name on the AR1200-S, run the preceding
command with the same value of time-name repeatedly.
3.
Run:
interface interface-type interface-number
Run:
poe power-off time-range time-name
Before enabling an interface to check compatibility of PDs, you must enable PoE on the PSE. After
this function is enabled, the interface can detect the PDs that do not comply with IEEE 802.3af or
802.3at.
1.
Run:
system-view
Run:
interface interface-type interface-number
Run:
poe legacy enable
55
3 PoE Configuration
Prerequisite
The PoE power supply and PoE board are installed, and the PoE function is configured.
Procedure
Step 1 Run the display poe-power command to view the status of the PoE power supply.
Step 2 Run the display poe device command to view information about the devices that support the
PoE function.
Step 3 Run the display poe information [ slot slot-id ] command to view the PoE information.
Step 4 Run the display poe power interface interface-type interface-number command to view the
output power of an interface.
Step 5 Run the display poe power slot slot-id command to view the output power of the interfaces on
the board in the specified slot.
Step 6 Run the display poe power-state interface interface-type interface-number command to view
the status of PoE power supply on an interface.
Step 7 Run the display poe power-state slot slot-id command to view the status of the PoE power
supply on the board in the specified slot.
----End
Networking Requirements
As shown in Figure 3-1, the requirements as follows:
l
The PD connected to Ethernet 0/0/7 requires the input power of no more than 20 mW.
Issue 03 (2011-11-27)
56
3 PoE Configuration
Ethernet0/0/4
Ethernet0/0/5
Ethernet0/0/6
Ethernet0/0/7
IP Phone
PD
IP Phone
PD
Configuration Roadmap
The configuration roadmap is as follows:
1.
In the system view, set the maximum output power of the PoE board in slot 0.
2.
In the interface view, set the power supply priority of Ethernet 0/0/6.
3.
In the interface view, set the maximum output power of Ethernet 0/0/7.
Data Preparation
To complete the configuration, you need the following data:
l
Procedure
Step 1 In the system view, set the maximum output power of the PoE board in slot 0.
# Set the maximum output power of the PoE board in slot 0 to 100 W.
NOTE
57
3 PoE Configuration
----End
Configuration Files
#
poe max-power 100000 slot 0
#
interface Ethernet0/0/6
poe priority critical
#
interface Ethernet0/0/7
poe power 20
#
return
Issue 03 (2011-11-27)
58
4 Mirroring Configuration
Mirroring Configuration
Issue 03 (2011-11-27)
59
4 Mirroring Configuration
Definition
Mirroring is a function that copies the packets on the mirrored interface (source interface) to the
observing interface (destination interface). When the observing interface is connected to a
monitoring device, you can use the monitoring device to analyze the packets copied to the
observing interface for network monitoring and fault troubleshooting.
Terms
Mirroring is classified into port mirroring and flow mirroring. Port mirroring and flow mirroring
involve the following interfaces:
l
Observing interface
An observing interface is connected to a monitoring device and is used to export the traffic
copied from the mirrored interface.
Mirrored interface
A mirrored interface is the interface to be observed. In port mirroring, all the packets passing
through the mirrored interface are copied to the observing interface. In flow mirroring, all
the packets matching the traffic classifier rules are copied to the observing interface.
Issue 03 (2011-11-27)
60
4 Mirroring Configuration
Mirrored
interface
Router
Mirrored
interface
Observing
interface
Interface
Packet flows
Copied packet flows
Monitoring
device
Flow mirrored
interface
Router
Flow mirrored
interface
Observing
interface
Interface
Traffic classification match
Monitoring device
Packet flows
Mirrored flows
Copied packet flows
Issue 03 (2011-11-27)
61
4 Mirroring Configuration
Applicable Environment
An intranet has high requirements for information security and privacy protection. You can
configure mirroring on an interface to monitor incoming and outgoing data packets. The
management server that has the monitoring software installed can capture these packets for
analysis and fault location.
To monitor and analyze all the packets passing through the mirrored interface that is located on
the same AR1200-S as the observing interface, configure local port mirroring on the AR1200S.
Issue 03 (2011-11-27)
62
4 Mirroring Configuration
Pre-configuration Tasks
Ensuring that the link layer protocol status of interfaces is Up
Data Preparation
To configure local port mirroring, you need the following data.
No.
Data
Context
After an interface is configured as the observing interface, other configurations are not
recommended on the interface. Otherwise, the following situations may occur:
l
If other service traffic exists on the observing interface in addition to mirrored packets, the
packet source cannot be differentiated.
If congestion occurs on the observing interface, mirrored packets may be discarded because
the priority of mirrored is low.
Procedure
Step 1 Run:
system-view
----End
63
4 Mirroring Configuration
Context
If you want to configure an Eth-Trunk as a mirrored interface, run the interface eth-trunk trunkid command to create an Eth-Trunk first. Pay attention to the following points when you use an
Eth-Trunk as a mirrored interface:
l
Procedure
Step 1 Run:
system-view
To ensure that mirroring packets sent from the observing interface carry the same as that of the original
packets, the downstream mirrored interface and observing interface on the SRU of the AR1220 must be
configured with the same VLAN tag.
If the downstream mirroring interface is configured with an ACL, the ACL does not take effect for mirroring
packets. After the mirrored interface is specified, all packets on the interface are mirrored regardless of
whether a traffic policy is configured.
----End
Prerequisite
The configurations of port mirroring are complete.
Procedure
l
Issue 03 (2011-11-27)
Run the display observe-port command to check the observing interface in port mirroring.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
64
4 Mirroring Configuration
Run the display port-mirroring command to check the mirrored interface in port
mirroring.
----End
Applicable Environment
An intranet has high requirements for information security and privacy protection. You can
configure mirroring on an interface to monitor incoming and outgoing data packets. The
management server that has the monitoring software installed can capture these packets for
analysis and fault location.
To monitor and analyze the packets with some characteristics passing through the mirrored
interface that is located on the same AR1200-S as the observing interface, configure local port
mirroring on the AR1200-S.
Pre-configuration Tasks
None.
Data Preparation
To configure local flow mirroring, you need the following data.
No.
Data
Names of the traffic classifier, traffic behavior, traffic policy, and traffic classification
rules
65
4 Mirroring Configuration
Context
After an interface is configured as the observing interface, other configurations are not
recommended on the interface. Otherwise, the following situations may occur:
l
If other service traffic exists on the observing interface in addition to mirrored packets, the
packet source cannot be differentiated.
If congestion occurs on the observing interface, mirrored packets may be discarded because
the priority of mirrored is low.
Procedure
Step 1 Run:
system-view
----End
Procedure
Step 1 Run:
system-view
Issue 03 (2011-11-27)
66
4 Mirroring Configuration
The flows matching rules are mirrored to the specified observing interface.
observe-port-index specifies the observing interface index. The value of this parameter must be
the same as the value set in 4.4.2 Configuring a Local Observing Interface.
----End
Procedure
Step 1 Create a traffic policy.
1.
Run:
system-view
Run:
traffic policy policy-name
Run:
classifier classifier-name behavior behavior-name
Run:
quit
Run:
interface interface-type interface-number
Run:
traffic-policy policy-name inbound
In flow mirroring, when a WAN-side interface is used as a mirrored interface, the AR1200-S supports
inter-board mirroring. When a LAN-side interface is used as a mirrored interface, the AR1200-S does not
support inter-board mirroring.
----End
Issue 03 (2011-11-27)
67
4 Mirroring Configuration
Prerequisite
The configurations of local flow mirroring are complete.
Procedure
l
Run the display observe-port command to check the observing interface in local port
mirroring.
Run the display port-mirroring command to check the mirrored interface in local port
mirroring.
Run the display traffic behavior user-defined [ behavior-name ] command to check the
configuration of the traffic behavior.
Run the display traffic classifier user-defined [ classifier-name ] command to check the
configuration of the traffic classifier.
----End
Applicable Environment
Local port mirroring or local flow mirroring requires that an observing port needs to be directly
connected to a monitoring device. If the observing port is not directly connected to a mirroring
device, capture packets using mirroring to locate faults so that packets entering the device
interface can be displayed on the terminal or saved to the device.
If mirrored packets are saved to the device, log in to the device through FTP and download the
mirrored packets for analysis.
NOTE
Issue 03 (2011-11-27)
68
4 Mirroring Configuration
Pre-configuration Tasks
Ensuring that the interface link layer protocol status is Up and the storage memory is sufficient
for mirrored packets
Procedure
Step 1 Run:
system-view
Step 3 Run:
capture-packet interface interface-type interface-number [ acl acl-number ]
destination { file file-name | terminal } * [ car cir cir-value | time-out time out
value | packet-num packet number | packet-len { packet length | total-packet ] *
Rules are defined to capture mirrored packets on the device and display the packet information
on the terminal.
----End
Example
After the configuration is complete, mirrored packets are displayed on the terminal or saved to
the device. If mirrored packets are saved to the device, download the mirrored packets for
analysis. The following shows information about mirrored packets displayed on the terminal:
Info: Captured packets will be showed on terminal.
[Huawei]
Packet: 1
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 2
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 3
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 4
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
Issue 03 (2011-11-27)
69
4 Mirroring Configuration
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 5
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 6
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 7
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 8
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 9
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 10
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 11
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------Packet: 12
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Issue 03 (2011-11-27)
70
4 Mirroring Configuration
Packet: 13
------------------------------------------------------ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------------------------------------------capture report----------------------file: NULL
interface: GigabitEthernet1/0/0
acl: 2000
car: 64pps timeout: 60s
packets: 100 (expected) 13 (actual)
length: 128 (expected)
-------------------------------------------------------
Networking Requirements
As shown in Figure 4-3, the R&D department and marketing department are connected to
Ethernet0/0/0 and Ethernet0/0/1 on the Router. The server (that is, the monitoring device) that
has the monitoring software installed is connected to Ethernet0/0/2 on the Router to analyze the
captured packets. To ensure information security, configure local port mirroring on the Router
to monitor all the packets sent by the R&D department and marketing department.
Figure 4-3 Networking diagram of local port mirroring
R&D
department
LSWA
Eth0/0/0
Eth0/0/2
Router
Server
Eth0/0/1
Marketing
department
Issue 03 (2011-11-27)
LSWB
71
4 Mirroring Configuration
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
Data Preparation
To complete the configuration, you need the following data:
l
Procedure
Step 1 Configure an observing interface.
# Configure Ethernet0/0/2 on the Router as an observing interface.
<Huawei> system-view
[Huawei] observe-port 1 interface Ethernet 0/0/2
# Configure Ethernet0/0/1 on the Router as the local mirrored interface to monitor the packets
sent by the marketing department.
[Huawei] interface Ethernet 0/0/1
[Huawei-Ethernet0/0/1] port-mirroring to observe-port 1 inbound
[Huawei-Ethernet0/0/1] quit
[Huawei] quit
# View the packet statistics on Ethernet0/0/0, Ethernet0/0/1, and Ethernet0/0/2. The number of
packets on Ethernet0/0/2 equals the sum of the numbers of packets on Ethernet0/0/0 and
Issue 03 (2011-11-27)
72
4 Mirroring Configuration
Ethernet0/0/1. Alternatively, view all the packets received by Ethernet0/0/0 and Ethernet0/0/1
by using the server. Packets on Ethernet0/0/0 and Ethernet0/0/1 are mirrored by the Router.
<Huawei> display interface Ethernet 0/0/0
Ethernet0/0/0 current state : UP
Description:HUAWEI, AR Series, Ethernet0/0/0 Interface
Switch Port,The Maximum Frame Length is 1628
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 10e0-1220-8001
Last physical up time
: 2010-10-07 22:24:31 UTC-05:00
Last physical down time : 2010-10-05 22:22:22 UTC-05:00
Current system time: 2010-10-22 15:48:52-05:13
Port Mode: COMMON FIBER
Speed : 100, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi
: NORMAL
Last 300 seconds input rate 728 bits/sec, 0 packets/sec
Last 300 seconds output rate 32 bits/sec, 0 packets/sec
Input peak rate 13608 bits/sec,Record time: 2008-03-07 22:24:32
Output peak rate 528 bits/sec,Record time: 2008-03-07 22:24:34
Input: 62754 packets, 8937914 bytes
Unicast:
0, Multicast:
Broadcast:
0, Jumbo:
Discard:
0, Total Error:
CRC:
0, Giants:
Jabbers:
0, Throttles:
Runts:
0, DropEvents:
Alignments:
0, Symbols:
Ignoreds:
0, Frames:
Output: 6816 packets, 477120 bytes
Unicast:
0, Multicast:
Broadcast:
0, Jumbo:
Discard:
0, Total Error:
62754
0
0
0
0
0
0
0
6816
0
0
Collisions:
0, ExcessiveCollisions:
0
Late Collisions:
0, Deferreds:
0
Buffers Purged:
0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.00%
<Huawei> display interface Ethernet 0/0/1
Ethernet0/0/1 current state : UP
Description:HUAWEI, AR Series, Ethernet0/0/1 Interface
Switch Port,The Maximum Frame Length is 1628
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 10e0-1220-8001
Last physical up time
: 2010-10-07 22:24:31 UTC-05:00
Last physical down time : 2010-10-05 22:22:22 UTC-05:00
Current system time: 2010-10-22 15:48:52-05:13
Port Mode: COMMON FIBER
Speed : 100, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi
: NORMAL
Last 300 seconds input rate 728 bits/sec, 0 packets/sec
Last 300 seconds output rate 32 bits/sec, 0 packets/sec
Input peak rate 13608 bits/sec,Record time: 2008-03-07 22:24:32
Output peak rate 528 bits/sec,Record time: 2008-03-07 22:24:34
Input: 51924 packets, 7850076 bytes
Unicast:
0, Multicast:
Broadcast:
0, Jumbo:
Discard:
0, Total Error:
CRC:
Jabbers:
Runts:
Alignments:
Ignoreds:
Issue 03 (2011-11-27)
0,
0,
0,
0,
0,
Giants:
Throttles:
DropEvents:
Symbols:
Frames:
51924
0
0
0
0
0
0
0
73
4 Mirroring Configuration
6817
0
0
Collisions:
0, ExcessiveCollisions:
0
Late Collisions:
0, Deferreds:
0
Buffers Purged:
0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.00%
<Huawei> display interface Ethernet 0/0/2
Ethernet0/0/2 current state : UP
Description:HUAWEI, AR Series, Ethernet0/0/2 Interface
Switch Port,The Maximum Frame Length is 1628
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 10e0-1220-8001
Last physical up time
: 2010-10-07 22:24:31 UTC-05:00
Last physical down time : 2010-10-05 22:22:22 UTC-05:00
Current system time: 2010-10-22 15:48:52-05:13
Port Mode: COMMON FIBER
Speed : 100, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi
: NORMAL
Last 300 seconds input rate 728 bits/sec, 0 packets/sec
Last 300 seconds output rate 32 bits/sec, 0 packets/sec
Input peak rate 13608 bits/sec,Record time: 2008-03-07 22:24:32
Output peak rate 528 bits/sec,Record time: 2008-03-07 22:24:34
Input: 114678 packets, 16787990 bytes
Unicast:
0, Multicast:
Broadcast:
0, Jumbo:
Discard:
0, Total Error:
CRC:
0,
Jabbers:
0,
Runts:
0,
Alignments:
0,
Ignoreds:
0,
Output: 0 packets, 0 bytes
Unicast:
0,
Broadcast:
0,
Discard:
0,
114678
0
0
Giants:
Throttles:
DropEvents:
Symbols:
Frames:
0
0
0
0
0
Multicast:
Jumbo:
Total Error:
0
0
0
Collisions:
0, ExcessiveCollisions:
Late Collisions:
0, Deferreds:
Buffers Purged:
0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.00%
0
0
----End
Configuration Files
l
Issue 03 (2011-11-27)
74
4 Mirroring Configuration
Networking Requirements
As shown in Figure 4-4, an enterprise's R&D department connects to the Router through
Ethernet0/0/0. A server with the monitoring software installed is connected to Ethernet0/0/1 on
the Router to analyze the captured packets. The enterprise needs to monitor all the IPv4 packets
sent from host 192.168.1.10/24 in the R&D department.
Figure 4-4 Local flow mirroring network
R&D
department
Eth0/0/0
Eth0/0/1
Router
Server
HostA
192.168.1.10/24
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
Create a traffic classifier to match the IPv4 packets with the source IP address
192.168.1.10/24.
3.
Create a traffic behavior and bind it to the local flow mirroring action.
4.
Create a traffic policy and bind it to the traffic classifier and traffic behavior.
5.
Data Preparation
To complete the configuration, you need the following data:
l
Traffic classifier, c1
Traffic behavior, b1
Traffic policy, p1
Issue 03 (2011-11-27)
75
4 Mirroring Configuration
Procedure
Step 1 Configure the local observing interface.
# Configure Ethernet0/0/1 on the Router as the observing interface.
<Huawei> system-view
[Huawei] observe-port 1 interface Ethernet 0/0/1
Step 3 Create a traffic behavior named b1 and configure the local flow mirroring action in the traffic
behavior.
[Huawei] traffic behavior b1
[Huawei-behavior-b1] mirroring to observe-port 1
[Huawei-behavior-b1] quit
----End
Issue 03 (2011-11-27)
76
4 Mirroring Configuration
Configuration Files
l
Issue 03 (2011-11-27)
77
5 Hardware Management
Hardware Management
Issue 03 (2011-11-27)
78
5 Hardware Management
Application Environment
Powering on and off boards remotely reduces energy consumption and facilitates board
operations.
NOTE
The AR200-S boards are hot swappable. Therefore, you do not need to remotely power off boards before
hot swapping them.
Pre-configuration Tasks
Powering on the router
Data Preparation
To configure the commands for powering on or powering off the board, you need the following
data.
Issue 03 (2011-11-27)
79
No.
Data
5 Hardware Management
Procedure
l
Procedure
Step 1 Run the following command in any view:
power on slot slot-id
Context
Configuring power-on and power-off of the board is complete.
Procedure
Step 1 Run the display device [ slot slot-id ] command in any view to check the board status.
----End
Result
After boards are powered off, the power status is displayed as PowerOff. After boards are
powered on, the power status is displayed as PowerOn.
Issue 03 (2011-11-27)
80
5 Hardware Management
Applicable Environment
Electronic labels play an important role in handling network faults and replacing hardware in
batches. Therefore, backing up electronic labels is a must.
l
When a fault occurs on the network, you can obtain information on related hardware
conveniently and accurately and improve the efficiency of maintenance tasks by using
electronic labels. For example, you can run queries on the maintenance cases of the
knowledge base, the preparation of spare boards, and the tests of related indexes. In
addition, you can efficiently analyze and trace defects in the hardware by analyzing and
collecting statistics on the electronic labels of the faulty hardware.
When you need to replace hardware in batches, you can accurately view the distribution of
hardware in the entire network through the electronic labels recorded in the archive systems
of clients' devices. In this manner, you can pre-estimate the impact of hardware replacement
and formulate corresponding policies to make batch hardware replacement more efficient.
Pre-configuration Tasks
Before backing up electronic labels, ensure that the AR1200-S and the FTP server are routable.
Data Preparation
To back up electronic labels, you need the following data.
No.
Data
(Optional, applicable to backing up the electronic label to the FTP server) Address
of the FTP server, and user name and password
(Optional, applicable to backing up the electronic label to the TFTP server) Address
of the TFTP server
81
5 Hardware Management
Procedure
l
Run:
backup elabel filename [ slot-id ]
Run:
backup elabel ftp ftp-server-address filename username password [ slotid ]
Run:
backup elabel tftp tftp-server-address filename [ slot-id ]
Applicable Environment
When fan speed does not adapt to the current application environment of the device, you can
adjust the fan speed.
Pre-configuration Tasks
Powering on the router
Data Preparation
To set fan speed, you need the following data.
Issue 03 (2011-11-27)
No.
Data
82
5 Hardware Management
Context
Check the upper and lower thresholds of board temperature and current temperature of boards
using the display temperature { all | slot slot-id } command. If the temperature of a board
exceeds the upper threshold, adjust the fan speed on the AR1200-S.
Procedure
Step 1 Run:
system-view
Context
Adjusting fan speed is complete.
Procedure
l
Run the display fan command to check the status, running mode, and speed of the fan.
----End
83
5 Hardware Management
Applicable Environment
When the LPU fails to be upgraded or fails to work normally, you need to reset the LPU.
Pre-configuration Tasks
Powering on the router
Data Preparation
To reset the LPU, you need the following data.
No.
Data
Context
CAUTION
When the LPU works abnormally, try to find and remove the fault rather than resetting the LPU
directly to avoid service interruption.
Procedure
Step 1 Run:
reset slot slot-id
Context
Resetting the LPU is complete.
Procedure
l
Issue 03 (2011-11-27)
84
5 Hardware Management
Run the display reset-reason [ slot slot-id ] command to check the reason for resetting the
LPU.
----End
Issue 03 (2011-11-27)
85
6 Auto-Config
Auto-Config
Issue 03 (2011-11-27)
86
6 Auto-Config
Auto-Config Functions
When a new or unconfigured router is powered on, a version file, patch file, and configuration
file must be loaded to the router. If routers are located dispersedly, the maintenance personnel
have to manually configure each router, which requires a heavy workload. The Auto-Config
function implements remote device configuration and reduces maintenance costs. The routers
running Auto-Config automatically downloads version file, patch file, and configuration file.
Auto-Config Advantages
Maintenance personnel do not need to manually configure each device. Auto-Config simplifies
network configurations and implements unified management and remote debugging on routers.
Intermediate File
The intermediate file arnet.ini is used in the Auto-Config process. The intermediate file records
the mappings between the router's MAC address (or ESN) and system software name, version
number, patch file name, and configuration file name. If the version file, patch file, and
configuration file are stored on the FTP or TFTP server, its system software name extension
must be .cc, the patch file name extension must be .pat, and the configuration file name extension
must be .zip or .cfg. After the router obtains the IP address of the FTP or TFTP server, it
downloads the file arnet.ini from the FTP or TFTP server to search for the names of the required
system software, version number, patch file, and configuration file, and then downloads files
from the FTP or TFTP server.
NOTE
Auto-Config uses Option 67 to obtain the configuration file first. If Option 67 is not configured, AutoConfig obtains the intermediate file.
Each row in the intermediate file describes a device. The intermediate file contains information about a
maximum of 1000 devices.
Issue 03 (2011-11-27)
87
6 Auto-Config
NOTE
l When configuring the intermediate file, enter the MAC address and ESN, or either of them. The
configuration file is mandatory, and the version file and patch file are optional. The three files can be
configured in any sequence.
l A MAC address (or an ESN), a system software name, patch file name, and configuration file name
are separated by semicolons. A MAC address is in xxxx-xxxx-xxxx-xxxx or xx-xx-xx-xx format. The
file name is case insensitive and contains only letters, digits, and underscores.
l The system software name and version information must be available in the intermediate file, and
version information in the system software name must be the same as that in the intermediate file.
Version information must be contained in the system software.
Auto-Config Process
Figure 6-1 shows the Auto-Config process.
Issue 03 (2011-11-27)
88
6 Auto-Config
No
Yes
Are
DHCP Reply
packets
valid?
Yes
No
Parse Option
parameters
Is there
ACS Option
information?
Yes
No
No
Is there
Option
information about
the configuration
file?
End
Yes
Are there
the version file
name and
version
information?
No
No
Yes
Yes
Does the
device need to be
upgraded?
No
Yes
Can a
patch file be
downloaded to
the device?
No
Is the
version file
obtained?
Yes
Set it as the version
file for next startup
Obtain a configuration
file
Is the
configuration file
obtained?
No
Yes
Set it as the
configuration file for
next startup
Yes
Issue 03 (2011-11-27)
No
Is the patch
file obtained?
No
Yes
Set it as the patch file
for next startup
89
6 Auto-Config
Parsing Options
1.
2.
If the received DHCP Reply packet contains Option 43, ACS information needs
to be configured. After the basic ACS configuration is complete, the Auto-Config
process ends, and Auto-Config is suspended to wait for ACS deployment.
b.
If the received DHCP Reply packet does not contain Option 67, the intermediate
file needs to be obtained. Then the router downloads the intermediate file
arnet.ini from the FTP or TFTP server and obtains information about the files
to be downloaded from the intermediate file. Subsequently, the process of
obtaining files is started.
c.
If the received DHCP Reply packet contains Option 67, the process of obtaining
files is started.
Obtaining files
1.
2.
3.
Issue 03 (2011-11-27)
90
6 Auto-Config
be obtained after 30 days, the process of downloading the configuration file stops and
waits to be handled manually.
l
Option Parameters
Table 6-1 Option parameters
Option
Description
Option 6
Option 15
Option 43
For example:
URL=http://192.168.1.40:80/acs;
Option 66
Option 67
Option 141
Option 142
FTP password.
Option 143
Option 145
For example:
vrpfile=auto_V200R001C00.cc;vrpver=V200R001C00;patchfile=auto_
V200R001C00.pat;
NOTE
Version information must be contained in the system software.
Issue 03 (2011-11-27)
91
Option
Description
Option 146
6 Auto-Config
opervalue=OPERATEVALUE;delaytime=DELAYTIME;
l opervalue=0: indicates that no file will be deleted from the file system
when the space is insufficient. opervalue=1: indicates that version
files will be deleted from the file system when the space is insufficient.
By default, no file will be deleted from the file system when the space
is insufficient.
l delaytime: specifies the delay in restarting a device after a
configuration file is downloaded to the device, in seconds. By default,
the delay is 0 seconds.
NOTE
The maximum delay in restarting a device is 1 day. If the configured delay is longer
than 1 day, the actual delay is 1 day.
Option 147
Option 150
NOTE
You can use the following methods to configure an FTP or TFTP server:
l
To configure a TFTP server, configure Options 6, 15, and 66 and obtain a TFTP server address from
a DNS server.
To configure a TFTP server, configure Option 150 and obtain the TFTP server address.
To configure an FTP server, configure Options 141, 142, and 143 and obtain the TFTP user name,
FTP password, and FTP server address.
Applicable Environment
As shown in Figure 6-2, the physical link between the router and DHCP relay agent functions
properly, and there are reachable routes between the DHCP relay agent and servers. The
intermediate file, version file, and configuration file are stored on the FTP/TFTP server. After
the DHCP server and FTP/TFTP server are configured, routers can be configured by using AutoConfig.
Issue 03 (2011-11-27)
92
6 Auto-Config
NOTE
Only Layer 3 Ethernet interfaces on the main control board support Auto-Config.
If the received DHCP Reply packet contains Option 43, the auto-configuration server (ACS) is used for
deployment.
DNS Server
FTP/TFTP Server
GE0/0/1
LAN
CPE
IP network
DHCP Relay
DHCP Server
ACS Server
Pre-configuration Tasks
Before deploying routers, complete the following task:
l
Ensuring that physical links between routers and the DHCP server and FTP/TFTP server
work properly
Data Preparation
To deploy routers, you need the following data.
Issue 03 (2011-11-27)
N
o.
Data
Information about the interface that connects an AR1200-S to the DHCP server
93
6 Auto-Config
N
o.
Data
MAC addresses or ESNs of routers, version files (optional), patch files (optional), and
configuration files
Context
After a new AR1200-S or an unconfigured AR1200-S is powered on, the Auto-Config process
starts automatically.
To stop the Auto-Config process, use either of the following methods:
l
Run the undo autoconfig enable command in the system view. You can run the display
autoconfig-status command to check whether the Auto-Config process stops.
Run the save command in the system view to save the temporary configuration file, restart
the AR1200-S, and then perform configurations.
When you connect to the console port of an AR1200-S that does not have a startup configuration
file, the system displays "Warning: Auto-Config is working. Do you want to stop Auto-Config?
[y/n]:"
l
CAUTION
If you choose n but still perform configurations through the console port, the DHCP,
routing, DNS, and VTY configurations will be lost.
Before powering on the Auto-Config-enabled routers, configure the DHCP server and file server;
otherwise, the routers cannot obtain configuration files.
NOTE
l The DHCP server must be configured with option parameters by referring to 6.2 Auto-Config Features
Supported by the AR1200-S.
l Here, an AR is used to describe how to configure the DHCP server based on a global address pool.
When the AR functions as a DHCP server, configure the DHCP server by referring to Configuring a
DHCP Server Based on a Global Addrss Poolor Configuring a DHCP Server Based on an Interface
Address Pool.
l If routers and the DHCP server are on different network segments, configure a DHCP relay agent by
referring to Configuring a DHCP Relay Agent.
Issue 03 (2011-11-27)
94
6 Auto-Config
Procedure
Step 1 Run:
system-view
DHCP is enabled.
Step 3 Run:
interface interface-type interface-number
The interface is configured to use a global address pool. Users going online through this interface
can obtain IP addresses from the global address pool.
Step 6 Run:
quit
The IP address of the egress gateway is configured for the DHCP client.
Step 10 Run:
option code { ascii ascii-string | hex hex-string | ip-address ip-address &<1-8> }
Issue 03 (2011-11-27)
95
6 Auto-Config
NOTE
----End
Context
NOTE
l On an FTP server, the IP address must be the same as that contained in Option 143 configured on the
DHCP server. On a TFTP server, the IP address must be the same as that contained in Option 150 or
Option 6, 15, and 66 configured on the DHCP server.
Procedure
Step 1 Run:
system-view
After the DHCP client obtains configuration files from the FTP server, run the undo ftp server command
to disable the FTP server immediately to ensure FTP server security.
Step 3 (Optional) Configure the authentication information, authorization mode, and working directory
for FTP users.
1.
96
6 Auto-Config
The IP address of the FTP server must be the same as that contained in Option 143 configured on the DHCP
server.
The configuration file is obtained using Option 67 in the Auto-Config process. If Option 67 is not
configured, the process of obtaining the intermediate file is started.
The intermediate file is configured based on the MAC addresses or ESNs of routers, version
files, patch files, and configuration files. For details about the format of the intermediate file,
see 6.2 Auto-Config Features Supported by the AR1200-S.
1.
2.
Configure the intermediate file. For example, if the MAC address of an AR3200 is
0018-82C5-AA89 and the ESN is 9300070123456789, the version file name is
auto_V200R001C01.cc, the version number is V200R001C01, the patch file name is
auto_V200R001C01.pat, the configuration file name is auto_V200R001C01.cfg,and the
contents of the intermediate file arnet.ini are as follows:
MAC=0018-82C5AA89;ESN=9300070123456789;vrpfile=auto_V200R001C01.cc;vrpver=V200R001C01
;patchfile=auto_V200R001C01.pat;cfgfile=auto_V200R001C01.cfg;
Step 7 Save the intermediate file, version file, patch file, and configuration file to the working directory
on the FTP server.
----End
Prerequisite
The configurations of the DHCP server and FTP/TFTP server are complete.
Issue 03 (2011-11-27)
97
6 Auto-Config
Procedure
Step 1 Five minutes after routers are powered on, check address allocation on the DHCP server to check
whether the routers are connected to the DHCP server.
NOTE
If the routers are connected to the DHCP server, log in to the routers using Telnet but do not configure the
routers.
Step 2 Five minutes after the routers obtain IP addresses, check the log about file downloading from
the FTP/TFTP server, or log in to the routers to check whether correct version files, patch files,
and configuration files have been downloaded and check the running status of Auto-Config by
using the display autoconfig-status command.
NOTE
Do not save a configuration file to a router to be configured immediately after the configuration file is
downloaded; otherwise, only a temporary configuration file is saved because the configurations have not
taken effect.
Step 3 After correct files are downloaded to the routers, the routers are restarted according to the setting
of Option 146. You can run the display autoconfig activating-config { delay | remanenttime } command to check whether the configuration takes effect.
----End
Networking Requirements
When a new router or a non-configured router accesses the network, the configuration file,
version file, and patch file are required to be configured. To reduce the maintenance cost, the
router uses the Auto-Config function to automatically load the configuration file, version file,
and patch file. The router then can be managed remotely.
As shown in Figure 6-3, the AR1200-S connects to the DHCP server through GE0/0/1 and
supports the Auto-Config function. The AR1200-S can automatically load the configuration file,
version file, and patch file stored on the FTP server after the FTP server and DHCP server are
configured.
Issue 03 (2011-11-27)
98
6 Auto-Config
HostA
Eth1/0/0
192.168.2.6/24
HostB
Router
GE0/0/1
Eth1/0/0
192.168.1.6/24
Eth1/0/0
DHCP Server
FTP Server
HostC
Configuration Roadmap
The configuration roadmap is as follows:
1.
Configure the DHCP server so that a router can obtain IP addresses and option parameters.
2.
3.
4.
Save the intermediate file, version file, patch file, and configuration file to the working
directory on the FTP server.
NOTE
This example describes how to configure the Auto-Config function on an AR1200-S. Option 67 is specified
to carry the configuration file when the DHCP server is configured.
Data Preparation
To complete the configuration, you need the following data:
l
Issue 03 (2011-11-27)
99
6 Auto-Config
Procedure
Step 1 Configure the DHCP server.
<DHCP Server> system-view
[DHCP Server] dhcp enable
[DHCP Server] interface ethernet 1/0/0
[DHCP Server-Ethernet1/0/0] ip address 192.168.2.6 255.255.255.0
[DHCP Server-Ethernet1/0/0] dhcp select global
[DHCP Server-Ethernet1/0/0] quit
[DHCP Server] ip pool auto-config
[DHCP Server] network 192.168.2.0 mask 255.255.255.0
[DHCP Server] gateway-list 192.168.2.6
[DHCP Server] option 67 ascii auto_V200R002C00B002.cfg
[DHCP Server] option 141 ascii user
[DHCP Server] option 142 ascii huawei
[DHCP Server] option 143 ip-address 192.168.1.6
[DHCP Server] option 145 ascii
vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfile=auto_V200R002C00B
002.pat;
Issue 03 (2011-11-27)
100
6 Auto-Config
192.168.2.1
192.168.2.254
253
1
252
0
0
0
-----------------------------------------------------------------------------
Five minutes after the router obtains the IP address, run the display autoconfig-status command
to check whether correct version files, patch files, and configuration files have been downloaded
and check the running status of Auto-Config.
<AR1200-S> display autoconfig-status
Running: Yes
Can deploy configurations with a USB disk:
No
Stop
: No
Reason : -Suspend: Yes
Reason : The unknown reason cause getting
fil
The status of DHCP phase:
Operation result: Successful
Failed reason
: -The status of setting ACS phase:
URL
: -User name
: -Password
: -Operation result: -Failed reason
: -The status of getting middle file phase:
File name
: -Operation result: -Failed reason
: -The status of getting system software phase:
File name
: auto_V200R002C00B001.cc
Operation result: Suspend
Failed reason
: The unknown reason cause getting file from file server failed
The status of getting patch file phase:
File name
: auto_V200R002C00B002.pat
Operation result: -Failed reason
: -The status of getting configuration file phase:
File name
: auto_V200R002C00B002.cfg
Operation result: -Failed reason
: -The status of activating configuration phase:
Remained time
: -Operation result: -Failed reason
: --
----End
Configuration Files
Configuration file of the DHCP server
#
dhcp enable
#
ip pool auto-config
gateway-list 192.168.2.6
network 192.168.2.0 mask 255.255.255.0
Issue 03 (2011-11-27)
101
6 Auto-Config
Issue 03 (2011-11-27)
102