Page 1 2. Port 3. VLAN 4. Network Protocol 5. Routing Protocol 6. Multicast 7. QoS/ACL 8. Integrated Management 9. STP 10. Security 11. Reliability 12. System Management 13. Auto Detecting 14. Appendix Quidway S3500 Series Ethernet Switches Command Manual Huawei Technologies Proprietary...
Page 2 31190185 Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. If you purchase the products from the sales agent of Huawei Technologies Co., Ltd., please contact our sales agent. If you purchase the products from Huawei Technologies Co., Ltd. directly, Please feel free to contact our local office, customer care center or company headquarters.
Page 3 Copyright © 2005 Huawei Technologies Co., Ltd. All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks , HUAWEI, C&C08, EAST8000, HONET,...
Page 4: About This Manual
It is used for assisting the users in data Switches Operation Manual configurations and typical applications. Organization There are 14 modules in the manual. Getting Started This module introduces the commands used for accessing the Ethernet Switch. Port Huawei Technologies Proprietary...
Page 5 This module introduces the commands used for system management and maintenance. Auto Detecting This module introduces the commands used for auto-detecting configuration. Appendix This module includes all the commands in this command manual, which are arranged alphabetically. Intended Audience Huawei Technologies Proprietary...
Page 6 Optional alternative items are grouped in square brackets [ x | y | ... ] * and separated by vertical bars. Many or none can be selected. A line starting with the # sign is comments. Huawei Technologies Proprietary...
Page 7 VI. Symbols Eye-catching symbols are also used in the manual to highlight the points worthy of special attention during the operation. They are defined as follows: Caution, Warning, Danger: Means reader be extremely careful during the operation. Huawei Technologies Proprietary...
Page 8 Note, Comment, Tip, Knowhow, Thought: Means a complementary description. Huawei Technologies Proprietary...
Page 9: Getting Started
HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Getting Started Huawei Technologies Proprietary...
Page 10: Table Of Contents
1.1.23 shell ........................1-18 1.1.24 speed........................1-19 1.1.25 stopbits ........................ 1-19 1.1.26 super ........................1-20 1.1.27 super password ....................1-21 1.1.28 sysname ......................1-22 1.1.29 system-view......................1-22 1.1.30 telnet........................1-23 1.1.31 user-interface ...................... 1-23 1.1.32 user privilege level ....................1-24 Huawei Technologies Proprietary...
Page 11: Chapter 1 Logging In Switch Commands
By default, users logging in via the Console port do not need to pass any terminal authentication, whereas the password is required for authenticating the Modem and Telnet users when they log in. Example # Configure local password authentication. [Quidway-ui-aux0] authentication-mode password 1.1.2 auto-execute command Syntax auto-execute command text Huawei Technologies Proprietary...
Page 12: Command-Privilege Level
# Configure to automatically telnet 10.110.100.1 after the user logs in via VTY 0. [Quidway-ui-vty0] auto-execute command telnet 10.110.100.1 1.1.3 command-privilege level Syntax command-privilege level level view view command undo command-privilege view view command View System view Huawei Technologies Proprietary...
Page 13: Databits
XMODEM, TFTP and commands for file system operations are at management level (3). Example # Configure the precedence of the command "interface" as 0. [Quidway] command-privilege level 0 view system interface 1.1.4 databits Syntax databits { 7 | 8 } undo databits View User interface view Huawei Technologies Proprietary...
Page 14: Display History-Command
View Any view Parameter None Description Using display history-command command, you can view the saved history commands. For the related command, see history-command max-size. Example # Display history commands. <Quidway> display history-command quit display his Huawei Technologies Proprietary...
Page 15: Display User-Interface
Table 1-1 Output description of the display user-interface command Field Description Current user interface is in use Current user interface is in use and work in asynchronous mode Absolute index of user interface Type Type and relative index of user interface Tx/Rx User interface speed Huawei Technologies Proprietary...
Page 16: Display Users
Indicates the interval from the latest input till now in seconds. Type User type Displays initial connection location, namely the host IP address of IPaddress the incoming connection. Display the name of the user using this user interface, namely the Username login username of the user. Huawei Technologies Proprietary...
Page 17: Flow-Control
Specifies the absolute/relative number of the user interface. Configured together with the type, it will specify the user interface number of the corresponding type. If the type is not specified, number will specify an absolute user interface number. Huawei Technologies Proprietary...
Page 18: Header
After inputting the end character, press the <Enter> key to exit the interact process. Description Using header command, you can configure to display header when user login. Using undo header command, you can configure not to display the header. Huawei Technologies Proprietary...
Page 19 Go on inputting the rest text and end your input with the first letter: Hello! Welcome % (Press the <Enter> key) [Quidway] When you log on the switch again, the terminal displays the configured session establishment title. [Quidway] quit <Quidway> quit Huawei Technologies Proprietary...
Page 20: History-Command Max-Size
[Quidway-ui-aux0] history-command max-size 20 1.1.12 idle-timeout Syntax idle-timeout minutes [ seconds ] undo idle-timeout View User interface view Parameter minutes: Specifies the minute, ranging from 0 to 35791. seconds: Specifies the second, ranging from 0 to 59. Huawei Technologies Proprietary 1-10...
Page 21: Language-Mode
Using language-mode command, you can switch between different language environments of command line interface for convenience of different users. By default, the value is English. Example # Switch from English mode to Chinese mode. <Quidway> language-mode chinese 1.1.14 lock Syntax lock View User view Huawei Technologies Proprietary 1-11...
Page 22: Parity
Using undo parity command, you can restore the default parity mode. This command can only be performed in AUX user interface view. By default, the mode is set to none. Example # Set mark parity on the AUX (Console) port. [Quidway-ui-aux0] parity mark Huawei Technologies Proprietary 1-12...
Page 23: Protocol Inbound
Using quit command, you can return to the lower level view from the current view. If the current view is user view, you can quit the system. There are three levels of views, which are listed from low to high as follows: User view Huawei Technologies Proprietary 1-13...
Page 24: Return
Combination key <Ctrl+Z> performs the same function with the return command. For the related command, see quit. Example # Return to user view from system view. [Quidway] return <Quidway> 1.1.19 screen-length Syntax screen-length screen-length undo screen-length View User interface view Huawei Technologies Proprietary 1-14...
Page 25: Send
Description Using send command, you can send messages between different user interfaces. Example # Send message to all the user interfaces. <Quidway> send all 1.1.21 service-type Syntax For S3552 series, S3528 series, S3526E series and S3526C: Huawei Technologies Proprietary 1-15...
Page 26 Management level: These are commands that influence the basic operation of the system and system support module, which plays a supporting role on service. Huawei Technologies Proprietary 1-16...
Page 27: Set Authentication Password
The result is determined by the input. A plain text password is a sequential character string of no more than 16 digits, for example, huawei918. The length of an encrypted password must be 24 digits and in encrypted text, for example, _(TT8F]Y\5SQ=^Q`MAF4<1!!. Huawei Technologies Proprietary 1-17...
Page 28: Shell
Modem or Telnet. If no password has been set, the following prompt will be displayed “Login password has not been set !” Example # Configure the local authentication password on VTY 0 to huawei. [Quidway-ui-vty0] set authentication password simple huawei 1.1.23 shell...
Page 29: Speed
This command can only be performed in AUX user interface view. Example # Configure the transmission speed on the AUX (Console) port as 9600bit/s. [Quidway-ui-aux0] speed 9600 1.1.25 stopbits Syntax stopbits { 1 | 1.5 | 2 } undo stopbits Huawei Technologies Proprietary 1-19...
Page 30: Super
Login users are classified into four levels that correspond to the four command levels respectively. After users of different levels log in, they can only use commands at the levels that are equal to or lower than its own level. For the related commands, see super password, quit. Huawei Technologies Proprietary 1-20...
Page 31: Super Password
The password in plain text is required when performing authentication, regardless whether the configuration is plain text or encrypted text. Example # Configure the password to zbr for changing the user from the current level to level 3. Huawei Technologies Proprietary 1-21...
Page 32: Sysname
# Configure the hostname of switch to Switch. [Quidway] sysname Switch [Switch] 1.1.29 system-view Syntax system-view View User view Parameter None Description Using system-view command, you can enter system view from user view. For the related commands, see quit, return. Huawei Technologies Proprietary 1-22...
Page 33: Telnet
For the related command, see display tcp status. Example # Log in to switch Quidway2 at 129.102.0.1 from the current Quidway1 switch. <Quidway1> telnet 129.102.0.1 <Quidway2> 1.1.31 user-interface Syntax user-interface [ type ] first-number [ last-number ] View System view Huawei Technologies Proprietary 1-23...
Page 34: User Privilege Level
By default, a user can access the commands at Level 3 after logging in through the AUX user interface, and the commands at Level 0 after logging in through the VTY user interface. Example # Configure to use commands level 0 after logging in from VTY 0 user interface. Huawei Technologies Proprietary 1-24...
Page 35 User view commands: cluster Run cluster command language-mode Specify the language environment ping Ping function quit Exit from current command view super Privilege specified user priority level telnet Establish one TELNET connection tracert Trace route function Huawei Technologies Proprietary 1-25...
Page 36 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Port Huawei Technologies Proprietary...
Page 37 Chapter 2 Ethernet Port Link Aggregation Commands............. 2-1 2.1 Ethernet Port Link Aggregation Commands ..............2-1 2.1.1 display link-aggregation ..................2-1 2.1.2 link-aggregation....................... 2-2 Chapter 3 Port Isolation Configuration Commands ..............3-1 3.1 Port Isolation Configuration Commands................3-1 3.1.1 port-isolate enable....................3-1 Huawei Technologies Proprietary...
Page 38 Command Manual - Port Quidway S3500 Series Ethernet Switches Table of Contents 3.1.2 port-isolate uplink-port vlan ..................3-1 Huawei Technologies Proprietary...
Page 39: Chapter 1 Ethernet Port Configuration Commands
100% broadcast traffic is allowed to pass through. Example # Enable 20% broadcast cast to pass, i.e. 80% broadcast storm suppression is made on broadcast traffic of port. [Quidway-Ethernet0/1] broadcast-suppression 20 1.1.2 description Syntax description text undo description Huawei Technologies Proprietary...
Page 40: Display Interface
If only the port type is specified, all the information of the ports of this type will be displayed. If both port type and port number are specified, the information of the designated port will be displayed. Huawei Technologies Proprietary...
Page 41: Ethernet Frame Format
- aborts, 0 deferred, 0 collisions, 0 late collisions - lost carrier, - no carrier Table 1-1 Output description of the display interface command Field Description The current state of Ethernet port (enabled or Ethernet0/1 current state disabled) IP Sending Frames' Format Ethernet frame format Huawei Technologies Proprietary...
Page 42 Untagged VLAN ID The VLANs with packets untagged Last 5 minutes output: packets/sec 0 bytes/sec The input/output rate and the passing packet number on this port in the last 5 minutes. Last minutes input: packets/sec 0 bytes/sec Huawei Technologies Proprietary...
Page 43: Display Loopback-Detection
If it has been enabled, then the time interval of the detection and the current port loopback information will also be displayed. Note that S3526/S3526 FS/S3526 FM/S3526E/S3526C Ethernet Switches support this command in S3500 series switches. Example # Display if the port loopback detection is enabled. Huawei Technologies Proprietary...
Page 44: Display Port
<Quidway> display port hybrid Now, the following hybrid ports exist: Ethernet0/1 Ethernet0/2 The above information displays that the current system has two Hybrid ports, Ethernet0/1 and Ethernet0/2. 1.1.6 duplex Syntax duplex { auto | full | half } Huawei Technologies Proprietary...
Page 45: Flow-Constrain
5. flow-value: Traffic threshold on the port, in the range of 0 to 4294967295. It defaults to bps: Bytes per second. pps: Packets per second. Description Use the flow-constrain command to define traffic threshold on the port. Huawei Technologies Proprietary...
Page 46: Flow-Constrain Method
By default, only trap messages are sent when actual traffic on the port exceeds the threshold. Example # Configure the system to disable the port and send trap messages when actual traffic on the port exceeds the threshold. <Quidway> system-view System View: return to User View with Ctrl+Z. Huawei Technologies Proprietary...
Page 47: Flow-Control
# Enable flow control on Ethernet0/1. [Quidway-Ethernet0/1] flow-control 1.1.10 flow-interval Syntax flow-interval interval undo flow-interval View Ethernet port view Parameter interval: Specifies time interval, ranging from 5 to 300 in seconds. The step is 5. The default value is 300. Huawei Technologies Proprietary...
Page 48: Interface
1 to 4. For S3552F Ethernet Switch, the slot number ranges from 1 to 7. Slot 1 to 6 represent the 100M Ethernet ports provided by the six modules on front panel respectively and the port number range from 1 to 8. Huawei Technologies Proprietary 1-10...
Page 49: Loopback
By default, the port will not perform the loopback test. Example # Perform the internal loop test for Ethernet0/1. [Quidway-Ethernet0/1] loopback internal 1.1.13 loopback-detection control enable Syntax loopback-detection control enable Huawei Technologies Proprietary 1-11...
Page 50: Loopback-Detection Enable
Using loopback-detection enable command, you can enable the port loopback detection. If there is a loopback port found, the switch will put it under control. Using undo loopback-detection enable command, you can disable the port loopback detection. Huawei Technologies Proprietary 1-12...
Page 51: Loopback-Detection Interval-Time
For the related command, see display loopback-detection. Example # Configure the detection interval for the external loopback condition of each port to 10 seconds. [Quidway] loopback-detection interval-time 10 1.1.16 loopback-detection per-vlan enable Syntax loopback-detection per-vlan enable undo loopback-detection per-vlan enable Huawei Technologies Proprietary 1-13...
Page 52: Mdi
Using mdi command, you can configure the network cable type of the Ethernet ports. Using undo mdi command, you can restore the default type. By default, the network cable type will be recognized automatically. Note that this command only has effect 10/100Base-TX and 1000Base-T ports. Huawei Technologies Proprietary 1-14...
Page 53: Port Access Vlan
1.1.19 port hybrid pvid vlan Syntax port hybrid pvid vlan vlan_id undo port hybrid pvid View Ethernet port view Parameter vlan_id: VLAN ID defined in IEEE802.1Q, ranging from1 to 4094 and the default vlan_id is 1. Huawei Technologies Proprietary 1-15...
Page 54: Port Hybrid Vlan
Hybrid port can belong to multiple VLANs. If the port hybrid vlan vlan_id_list { tagged | untagged } command is used for many times, the VLANs carried by the hybrid port is the set of vlan_id_list. Huawei Technologies Proprietary 1-16...
Page 55: Port Link-Type
For example, you cannot configure a trunk port directly as hybrid port, but first set it as access port and then as hybrid port. By default, the port is access port. Example # Configure Ethernet port Ethernet0/1 as trunk port. [Quidway-Ethernet0/1] port link-type trunk Huawei Technologies Proprietary 1-17...
Page 56: Port Trunk Permit Vlan
# Join the trunk port Ethernet0/1 to VLAN 2, 4 and 50-100. [Quidway-Ethernet0/1] port trunk permit vlan 2 4 50 to 100 1.1.23 port trunk pvid vlan Syntax port trunk pvid vlan vlan_id undo port trunk pvid View Ethernet port view Huawei Technologies Proprietary 1-18...
Page 57: Reset Counters Interface
If only the port type is specified, all the information on the ports of this type will be cleared. If both port type and port number are specified, the information on the designated port will be cleared. Huawei Technologies Proprietary 1-19...
Page 58: Shutdown
{ 10 | 100 | auto } For 1000M Ethernet port, this command is in the following format: speed { 10 | 100 | 1000 | auto } The undo form of this command is: undo speed View Ethernet port view Huawei Technologies Proprietary 1-20...
Page 59: Virtual-Cable-Test
Note that S3552G/S3552P/S3528G/S3528P/S3552F Ethernet Switches support this configuration in S3500 series switches. Example # Display the information of the cable test. [Quidway-Ethernet0/1] virtual-cable-test Cable pair: RX Status:Open Cable Error lenth:5 metres Cable pair: TX Status:Open Cable Error lenth:5 metres Huawei Technologies Proprietary 1-21...
Page 60: Vlan-Vpn Enable
Note that if anyone of GVRP, GMRP, STP, 802.1x, NTDP and NDP has been enabled on a port, VLAN VPN cannot be enabled on it. S3552G/S3552P/S3528G/S3528P/S3552F Ethernet Switches support this configuration in S3500 series switches. Example # Enable VLAN VPN on Ethernet0/1. [Quidway-Ethernet0/1] vlan-vpn enable Huawei Technologies Proprietary 1-22...
Page 61: Chapter 2 Ethernet Port Link Aggregation Commands
For the related command, see link-aggregation. Example # Display the related information of the aggregation group with the master port number as Ethernet0/1. <Quidway> display link-aggregation ethernet0/1 Master port: Ethernet0/1 Other sub-ports: Ethernet0/2 Mode: both Huawei Technologies Proprietary...
Page 62: Link-Aggregation
For satisfactory payload balance effect, it is recommended that you configure the Ethernet ports to be aggregated to operate at the same speed and with the same duplex attribute. For the related command, see display link-aggregation. Huawei Technologies Proprietary...
Page 63 Command Manual - Port Quidway S3500 Series Ethernet Switches Chapter 2 Ethernet Port Link Aggregation Commands Example # Configure outgoing load balance on the port depending on the source and destination MAC addresses. [Quidway] link-aggregation ethernet0/1 to ethernet0/2 both Huawei Technologies Proprietary...
Page 64: Chapter 3 Port Isolation Configuration Commands
By default, port L2 isolation is not enabled in a VLAN, that is, L2 forwarding is available between the ports in a VLAN. Example # Enable port L2 isolation in the VLAN. [Quidway-vlan1] port-isolate enable 3.1.2 port-isolate uplink-port vlan Syntax port-isolate uplink-port vlan vlan-id undo port-isolate uplink-port vlan vlan-id Huawei Technologies Proprietary...
Page 65 Trunk port and that it is the only uplink port in that VLAN. You cannot enable port isolation and link aggregation concurrently on a port. Example # Configure the Ethernet0/1 port as uplink port. [Quidway-Ethernet0/1] port-isolate uplink-port vlan 1 Huawei Technologies Proprietary...
Page 66 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual VLAN Huawei Technologies Proprietary...
Page 67 3.2.1 display gvrp statistics ....................3-5 3.2.2 display gvrp status ....................3-6 3.2.3 gvrp ......................... 3-6 3.2.4 gvrp registration....................... 3-7 Chapter 4 Super VLAN Configuration Commands ..............4-1 4.1 Super VLAN Configuration Commands................4-1 4.1.1 display supervlan..................... 4-1 Huawei Technologies Proprietary...
Page 68 Command Manual - VLAN Quidway S3500 Series Ethernet Switches Table of Contents 4.1.2 subvlan ........................4-3 4.1.3 supervlan......................... 4-3 Huawei Technologies Proprietary...
Page 69: Chapter 1 Vlan Configuration Commands
# Specify a description character string “RESEARCH” for current VLAN. [Quidway-vlan1] description RESEARCH 1.1.2 display interface vlan-interface Syntax display interface vlan-interface [ vlan_id ] View Any view Parameter vlan_id: ID of VLAN interface, ranging from 1 to 4094. Huawei Technologies Proprietary...
Page 70: Display Vlan
Using display vlan command, you can view related information about the specified or all VLANs. If vlan_id or all is specified, information of specified VLAN or all VLANs is displayed. It includes: VLAN ID, VLAN state, whether the routing function has been enable on this Huawei Technologies Proprietary...
Page 71: Interface Vlan-Interface
Using interface vlan-interface command, you can configure VLAN interface or enter VLAN interface view. Using undo interface vlan-interface command, you can cancel one VLAN interface. For the related command, see display interface vlan-interface. Example # Enter VLAN-interface 1 view of VLAN interface. [Quidway] interface vlan-interface 1 Huawei Technologies Proprietary...
Page 72: Ip Address
IP address. For the related command, see display vlan, display interface vlan-interface. Example # Specify IP address and mask for VLAN interface 1. [Quidway-Vlan-interface1] ip address 1.1.1.1 255.0.0.0 1.1.6 name Syntax name string undo name Huawei Technologies Proprietary...
Page 73: Port
10 is the maximal. Description Using port command, you can add one port or one group of ports to VLAN. Using undo port command, you can cancel one port or one group of ports from VLAN. Huawei Technologies Proprietary...
Page 74: Shutdown
Shutting down or starting VLAN interface will not take any effect on any Ethernet port of this VLAN. Example # Restart interface after shutting down the interface. [Quidway-Vlan-interface1] shutdown [Quidway-Vlan-interface1] undo shutdown Huawei Technologies Proprietary...
Page 75: Vlan
{ enable | disable } View System view Parameter enable: Enable VLAN features of equipment. disable: Disable the VLAN features of equipment. Description Using vlan { enable | disable } command, you can enable/disable the VLAN features of equipment. Huawei Technologies Proprietary...
Page 76: Protocol-Based Vlan Configuration Commands
Using the display protocol-vlan interface command, you can view the protocol information and protocol index configured on the specific port, to which you can refer when you use the protocol-based VLAN and add/delete a protocol. For the related commands, see display interface. Huawei Technologies Proprietary...
Page 77: Display Protocol-Vlan Vlan
For the related commands, see display vlan. Example # Display the protocol information and protocol index configured on the VLANs from VLAN10 to VLAN20 [Quidway] display protocol-vlan vlan 10 to 20 VLAN ID: 10 VLAN Type: Protocol-based VLAN Huawei Technologies Proprietary...
Page 78: Port Hybrid Protocol-Vlan Vlan
VLAN before you associate it with the protocol-based VLAN. Otherwise, it cannot be associated with the VLAN. For the related commands, see display protocol-vlan interface. Example # Associate Ethernet0/1 with protocols 0 to 6 in VLAN 3 [Quidway-Ethernet0/1] port hybrid protocol-vlan vlan 3 0 to 6 Huawei Technologies Proprietary 1-10...
Page 79: Protocol-Vlan
Note that the format of mode llc dsap ff ssap ff is the same as that of ipx raw, and the system first matches ipx raw, so the configuration of vlan-type protocol mode llc dsap ff ssap ff does not function. For the related commands, see display protocol-vlan vlan. Huawei Technologies Proprietary 1-11...
Page 80 Quidway S3500 Series Ethernet Switches Chapter 1 VLAN Configuration Commands Example # Specify VLAN 3 to be based on IP protocol. [Quidway-vlan3] protocol-vlan ip # Specify VLAN 5 to be based on the 123.34.56.0 network segment. [Quidway-vlan5] protocol-vlan ip 123.34.56.0 Huawei Technologies Proprietary 1-12...
Page 81: Chapter 2 Isolate-User-Vlan Configuration Commands
Vlan ID : 3 Secondary Vlan ID : 4-5 Vlan ID: 3 Vlan Type: static Isolate-user-VLAN Type : Isolate-user-VLAN Route Interface: not configured Description: VLAN 0003 Tagged Ports: none Untagged Ports: Ethernet0/4 Ethernet0/8 Ethernet0/18 Vlan ID: 4 Huawei Technologies Proprietary...
Page 82: Isolate-User-Vlan
By default, there is no any corresponding relationship between isolate-user-vlan and Secondary vlan created by the user. Before the command is run, isolate-user-vlan and Secondary vlan must include ports. After the command is run, the mapping relationship between isolate-user-vlan and Huawei Technologies Proprietary...
Page 83: Isolate-User-Vlan Enable
Ethernet switch, the Trunk port cannot be configured. If the Trunk port is configured, then the isolate-user-vlan cannot be configured. For the related commands, see display isolate-user-vlan. Example # Configure VLAN 5 as isolate-user-vlan. [Quidway-vlan5] isolate-user-vlan enable Huawei Technologies Proprietary...
Page 84: Chapter 3 Garp/Gvrp Configuration Commands
Number Of GMRP Frames Received Number Of GVRP Frames Received Number Of GMRP Frames Transmitted Number Of GVRP Frames Transmitted Number Of Frames Discarded The above information indicates that the numbers of GVRP/GMRP packets received/sent and discarded on Ethernet0/1 are 0. Huawei Technologies Proprietary...
Page 85: Display Garp Timer
: 1000 centiseconds GARP Hold Time : 10 centiseconds 3.1.3 garp timer Syntax garp timer { hold | join | leave } timer_value undo garp timer { hold | join | leave } View Ethernet port view Huawei Technologies Proprietary...
Page 86: Garp Timer Leaveall
For the related command, see display garp timer. Example # Set Join timer of GARP as 300ms. [Quidway-Ethernet0/1] garp timer join 30 3.1.4 garp timer leaveall Syntax garp timer leaveall timer_value undo garp timer leaveall View System view Huawei Technologies Proprietary...
Page 87: Reset Garp Statistics
Using reset garp statistics command, you can reset the GARP statistics information (such as the received/sent packets or discarded packets by GVRP/GMRP). If the command has no parameter, it will clear the GARP statistics information of all the ports. Huawei Technologies Proprietary...
Page 88: Gvrp Configuration Command
# Display the GVRP statistics information about Ethernet0/1. <Quidway> display gvrp statistics interface ethernet0/1 GVRP statistics on port Ethernet0/1 GVRP Status : Enabled GVRP Failed Registrations GVRP Last Pdu Origin : 0000-0000-0000 GVRP Registration Type : Normal Huawei Technologies Proprietary...
Page 89: Display Gvrp Status
This command can be used to enable/disable global GVRP in System view or enable/disable port GVRP in Ethernet port view. Before enabling port GVRP, the user must enable global GVRP first and port GVRP must be enabled/disabled on Trunk port. Huawei Technologies Proprietary...
Page 90: Gvrp Registration
By default, the registration type is normal. This command can be only used on Trunk port. For the related commands, see display gvrp statistics. Example # Set the GVRP registration type of Ethernet0/1 as fixed. [Quidway-Ethernet0/1] gvrp registration fixed Huawei Technologies Proprietary...
Page 91: Chapter 4 Super Vlan Configuration Commands
# view the mapping relationship between Super VLAN and Sub VLAN. [Quidway] display supervlan 2 Supervlan ID : ARP proxy: enabled Subvlan ID : VLAN ID: 2 VLAN Type: static It is a Super VLAN. ARP proxy enabled. Huawei Technologies Proprietary...
Page 92 Broadcast MAX-ratio: 100% Tagged Ports: none Untagged Ports: Ethernet0/4 VLAN ID: 5 VLAN Type: static It is a Sub VLAN. Route Interface: not configured Description: VLAN 0005 Name: VLAN 0005 Broadcast MAX-ratio: 100% Tagged Ports: none Untagged Ports: Ethernet0/5 Huawei Technologies Proprietary...
Page 93 VLAN and the specific sub VLAN. For the related commands, see display supervlan. Example # Establish the mapping relationship between sub VLAN 3, 4, 5, 9 and super VLAN 10. [Quidway-vlan10] subvlan 3 to 5 9 4.1.3 supervlan Syntax supervlan undo supervlan Huawei Technologies Proprietary...
Page 94 Using supervlan commmand, you can set current VLAN to super VLAN. Using undo supervlan commmand, you can cancel the super VLAN type of current VLAN. For the related commands, see display supervlan. Example # Set the VLAN 2 to super VLAN. [Quidway-vlan2] supervlan Huawei Technologies Proprietary...
Page 95: Network Protocol
HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Network Protocol Huawei Technologies Proprietary...
Page 96 Chapter 4 DHCP Client Configuration Commands ..............4-1 4.1 DHCP Client Configuration Commands................4-1 4.1.1 debugging dhcp client ..................... 4-1 4.1.2 display dhcp client....................4-2 4.1.3 ip address dhcp-alloc ....................4-2 Chapter 5 DHCP Relay Configuration Commands..............5-1 5.1 DHCP Relay Configuration Commands................5-1 Huawei Technologies Proprietary...
Page 97 6.2.19 domain-name ...................... 6-21 6.2.20 expired......................... 6-22 6.2.21 gateway-list ......................6-22 6.2.22 nbns-list ....................... 6-23 6.2.23 netbios-type......................6-24 6.2.24 network........................ 6-25 6.2.25 option........................6-25 6.2.26 reset dhcp server conflict ..................6-26 6.2.27 reset dhcp server ip-in-use.................. 6-27 Huawei Technologies Proprietary...
Page 98 9.1.7 display am user-bind ....................9-6 9.1.8 port-isolate enable....................9-6 9.1.9 port-isolate uplink-port vlan ..................9-7 Chapter 10 IP Performance Configuration Commands ............10-1 10.1 IP Performance Configuration Commands ..............10-1 10.1.1 display fib ......................10-1 10.1.2 display icmp statistics..................10-2 Huawei Technologies Proprietary...
Page 99 10.1.4 display ip statistics....................10-4 10.1.5 display tcp statistics..................... 10-6 10.1.6 display tcp status....................10-7 10.1.7 reset ip statistics....................10-8 10.1.8 reset tcp statistics....................10-8 10.1.9 tcp timer fin-timeout..................... 10-9 10.1.10 tcp timer syn-timeout..................10-9 10.1.11 tcp window....................... 10-10 Huawei Technologies Proprietary...
Page 100: Chapter 1 Ip Address Configuration Commands
<Quidway> display ip host Host Flags Address(es) static 1.1.1.1 static 2.2.2.4 1.1.2 display ip interface Syntax display ip interface interface-type interface-number View Any view Parameter interface-type: Port type. Interface-number: Port number. See the description of the interface command for details. Huawei Technologies Proprietary...
Page 101: Ip Address
By default, all interfaces’ IP addresses are null. Generally, it is enough to configure one IP address for an interface. You can also configure 10 IP addresses for an interface at most, so that it can be connected to Huawei Technologies Proprietary...
Page 102: Ip Host
Using ip host command, you can configure the host name and the host IP address. Using undo ip host command, you can cancel the host name and the host IP address. By default, Host name and corresponding IP address are null. For the related command, see display ip host. Huawei Technologies Proprietary...
Page 103 Command Manual - Network Protocol Quidway S3500 Series Ethernet Switches Chapter 1 IP Address Configuration Commands Example # Set Lanswtich1’s IP address to be 202.38.0.8. [Quidway] ip host Lanswitch1 202.38.0.8 Huawei Technologies Proprietary...
Page 104: Chapter 2 Arp Configuration Commands
# Configure that the device learns the ARP entry where the MAC address is multicast MAC address. [Quidway] undo arp check enable 2.1.2 arp probe ip Syntax arp probe ip ip-address undo arp probe ip [ ip-address ] View VLAN interface view Huawei Technologies Proprietary...
Page 105: Arp Source-Suppression Cache
For the related command, see display arp source-suppression. In S3500 Series Ethernet Switches, only S3552G, S3552P, S3528G, S3528P and S3552F supports this command. Example # Configure the number of source IP addresses to be suppressed is 10. Huawei Technologies Proprietary...
Page 106: Arp Source-Suppression Enable
In S3500 Series Ethernet Switches, only S3552G, S3552P, S3528G, S3528P and S3552F supports this command. For the related command, see display arp source-suppression. Example # Enable ARP source address suppression. [Quidway] arp source-suppression enable 2.1.5 arp source-suppression limit Syntax arp source-suppression limit limit-value undo arp source-suppression limit Huawei Technologies Proprietary...
Page 107: Arp Timer Probe
Using arp timer probe command, you can configure the ARP probing interval. Using undo arp timer probe command, you can restore the default ARP probing interval. In S3500 Series Ethernet Switches, only S3526, S3526 FM, S3526 FS supports this command. For the related command, see display arp probe. Huawei Technologies Proprietary...
Page 108: Arp Static
The parameter vlan-id must be the ID of a VLAN that has been created by the user, and the Ethernet port specified behind this parameter must belong to the VLAN. For the related command, see reset arp, display arp, debugging arp. Huawei Technologies Proprietary...
Page 109: Arp Timer Aging
For the related command, see display arp timer aging. Example # Configure the dynamic ARP aging timer to 10 minutes. [Quidway] arp timer aging 10 2.1.9 debugging arp packet Syntax debugging arp packet undo debugging arp packet View User view Parameter None Huawei Technologies Proprietary...
Page 110: Display Arp
Target Ethernet address. If the packet is ARP request packet, target_eth_addr the target IP address will be 0 target_ip_addr Target IP address 2.1.10 display arp Syntax display arp [ dynamic | static | ip-address ] View Any view Huawei Technologies Proprietary...
Page 111: Display Arp Probe
Port to which the static ARP entry belongs Aging Aging time of dynamic ARP entry in minutes Type Type of ARP entry 2.1.11 display arp probe Syntax display arp probe [ interface vlan-interface vlan-id ] View Any view Parameter vlan-id: VLAN interface. Huawei Technologies Proprietary...
Page 112: Display Arp Source-Suppression
2.1.12 display arp source-suppression Syntax display arp source-suppression View Any view Parameter None Description Using display arp source-suppression command, you can view ARP source suppression information. Example # Display ARP source suppression information. <Quidway> display arp source-suppression Huawei Technologies Proprietary...
Page 113: Display Arp Timer Aging
Clear the static ARP mapping entries interface interface-name: Clear the ARP mapping entries that are related to the specified. port, represented with interface-name= interface-type interface-number. interface-type is port type and interface-number is port number. For details about Huawei Technologies Proprietary 2-10...
Page 114: Gratuitous Arp Configuration Commands
IP address conflict. Use the undo arp send-gratuitous enable command to disable this function. By default, the gratuitous ARP packet sending is enabled. Gratuitous ARP function is to implement the following functions by sending out gratuitous ARP packets: Huawei Technologies Proprietary 2-11...
Page 115: Gratuitous-Arp-Learning Enable
By default, gratuitous ARP packet learning is disabled. Related command: arp send-gratuitous enable, debugging arp packet. Example # Enable gratuitous ARP packet learning on the switch Quidway A. <QuidwayA> system-view System View: return to User View with Ctrl+Z. [QuidwayA] gratuitous-arp-learning enable Huawei Technologies Proprietary 2-12...
Page 116: Chapter 3 Arp Proxy Configuration Commands
See arp proxy enable for related configuration. Example # Display the ARP proxy status of interface VLAN 2 [Quidway] display arp proxy 3.1.2 arp proxy Syntax arp proxy enable undo arp proxy enable View VLAN virtual interface view Parameter None Huawei Technologies Proprietary...
Page 117 Use the arp proxy enable command to enable ARP proxy. Use the undo arp proxy enable command to disable ARP proxy. See display arp proxy for related configuration. Example # Enable the ARP proxy of VLAN 2 virtual interface. [Quidway-Vlan-interface2] arp proxy enable Huawei Technologies Proprietary...
Page 118: Chapter 4 Dhcp Client Configuration Commands
Using the debugging dhcp client command, you can enable DHCP client debugging. Using the undo debugging dhcp client command, you can disable DHCP client debugging. By default, all DHCP client debugging is disabled. Example # Enable DHCP client event debugging. <Quidway> debugging dhcp client event Huawei Technologies Proprietary...
Page 119: Display Dhcp Client
2002.09.21 01:05:03 Server IP: 169.254.0.1 Transaction ID = 0x3d8a7431 Default router: 2.2.2.2 DNS server: 1.1.1.1 Domain name: huawei.com Client ID: HUAWEI-00e0.fc0a.c3ef-Ethernet0/0 Next timeout will happen after 0 days 11 hours 56 minutes 1 seconds. 4.1.3 ip address dhcp-alloc Syntax ip address dhcp-alloc...
Page 120 IP address using DHCP. Using the undo ip address dhcp-alloc command, you can remove the configuration. By default, the VLAN interface doest not obtain IP address using DHCP. Example # Configure VLAN interface to obtain IP address using DHCP. [Quidway-Vlan-interface1] ip address dhcp-alloc Huawei Technologies Proprietary...
Page 121: Chapter 5 Dhcp Relay Configuration Commands
VLAN interface. By default, the switch disables DHCP security features function. Example # Enable the security features of DHCP relay on VLAN1 interface. [Quidway-Vlan-interface1] address-check enable 5.1.2 debugging dhcp-relay Syntax debugging dhcp-relay undo debugging dhcp-relay Huawei Technologies Proprietary...
Page 122 ClientHardAddress: 0010-dc19-695d DHCP ServerIpAddress: 192.168.1.2 *0.7200230-DHCP-8-dhcp_debug: From DHCP Server to client: Interface: VLAN-Interface 1 ServerGroupNo: 0 Type: dhcp-ack ClientHardAddress: 0010-dc19-695d AllocatedIpAddress: 10.1.1.1 *0.7200580-DHCP-8-largehop: Discard DHCP request packet because of too large hop count! *0.7200725-DHCP-8-invalidpkt: Wrong DHCP packet! Huawei Technologies Proprietary...
Page 123: Dhcp-Security Static
DHCP Server group before you change corresponding IP address of the DHCP Server group. For the related command, see display dhcp-security. Example # Configure the user IP address and MAC address of DHCP Server group as 1.1.1.1 and 0005-5D02-F2B3 respectively. [Quidway] dhcp-security static 1.1.1.1 0005-5D02-F2B3 Huawei Technologies Proprietary...
Page 124: Dhcp-Server
[Quidway-Vlan-interface1] dhcp-server 1 5.1.5 dhcp-server detect Syntax dhcp-server detect undo dhcp-server detect View System view Parameter None Description Using dhcp-server detect command, you can enable DHCP pseudo-server detection. Using undo dhcp-server detect command, you can disable DHCP pseudo-server detection. Huawei Technologies Proprietary...
Page 125: Dhcp-Server Ip
1.1.1.1 and 2.2.2.2 respectively. [Quidway] dhcp-server 1 ip 1.1.1.1 2.2.2.2 # Delete the IP addresses of the master/slave DHCP Server in DHCP Server group1. [Quidway] undo dhcp-server 1 5.1.7 display dhcp-security Syntax display dhcp-security [ ip_address ] View Any view Huawei Technologies Proprietary...
Page 126: Display Dhcp-Server
View Any view Parameter groupNo: DHCP Server group. Description Using display dhcp-server command, you can view the related information of DHCP Server group. For the related command, see dhcp-server ip, dhcp-server, display dhcp-server interface vlan-interface, debugging dhcp-relay. Huawei Technologies Proprietary...
Page 127 Number of OFFER packets received by DHCP DHCP_OFFER messages relay Number of ACK packets received by DHCP DHCP_ACK messages relay Number of NAK packets received by DHCP DHCP_NAK messages relay Number of DECLINE packets received by DHCP_DECLINE messages DHCP relay Huawei Technologies Proprietary...
Page 128: Display Dhcp-Server Interface Vlan-Interface
# View the information of the DHCP Server group corresponding to VLAN-Interface 2. <Quidway> display dhcp-server interface vlan-interface 2 The DHCP Server group of this interface is 0 The information shown above indicates that vlan-interface 2 is configured with a DHCP Server group with ID as 0. Huawei Technologies Proprietary...
Page 129: Chapter 6 Dhcp Configuration Commands
By default, the DHCP service is enabled. Only after the DHCP service is enabled can other DHCP configurations take effect. This configuration is essential to both DHCP server and DHCP relay. Example # Enable the DHCP service. [Quidway] dhcp enable Huawei Technologies Proprietary...
Page 130: Dhcp Select
Example # Allocate addresses selected from a global address pool on the local DHCP server to the clients sending DHCP messages destined to the current device. [Quidway-Vlan-interface1] dhcp select global Huawei Technologies Proprietary...
Page 131: Dhcp Server Detect
All DHCP server debugging. error: Debugging of the DHCP server on such errors as occurring in DHCP message processing and address allocation. events: Debugging of the DHCP server on such events as address allocation and timeout of a ping attempt. Huawei Technologies Proprietary...
Page 132: Dhcp Server Dns-List
[ to vlan-interface vlan_id ]: specifies VLAN interfaces. all: All VLAN interfaces or IP addresses. Description Using the dhcp server dns-list command, you can define a list of DNS server addresses in one or multiple DHCP address pools on the specified VLAN interface(s). Huawei Technologies Proprietary...
Page 133: Dhcp Server Domain-Name
Domain name to be allocated to the clients using the DHCP address pool on the VLAN interface, which is a string of 3 to 50 characters. interface vlan-interface vlan_id [ to vlan-interface vlan_id ]: Specifies VLAN interfaces. all: All VLAN interfaces. Huawei Technologies Proprietary...
Page 134: Dhcp Server Expired
Number of hours in the range of 0 to 23. minute minute: Number of minutes in the range of 0 to 59. unlimited: Unlimited address lease. interface vlan-interface vlan_id [ to vlan-interface vlan_id ]: Specifies VLAN interfaces. Huawei Technologies Proprietary...
Page 135: Dhcp Server Forbidden-Ip
By default, all IP addresses in address pools participate in automatic address allocation. For the related commands, see dhcp server ip-pool, network, static-bind ip-address, and dhcp server static-bind. Huawei Technologies Proprietary...
Page 136: Dhcp Server Ip-Pool
[ ip-address ] undo dhcp server nbns-list { ip-address | all } Following is the command for configuring in system view a NetBIOS server address list in DHCP address pools on multiple VLAN interfaces: Huawei Technologies Proprietary...
Page 137: Dhcp Server Netbios-Type
{ b-node | h-node | m-node | p-node } undo dhcp server netbios-type Following is the command for configuring in system view the NetBIOS node type of the clients using the DHCP address pools on multiple VLAN interfaces: Huawei Technologies Proprietary...
Page 138: Dhcp Server Option
Following is the command for configuring in VLAN interface view a DHCP option for the DHCP address pool on the current VLAN interface: dhcp server option code { ascii ascii-string | hex hex-string | ip-address ip-address [ ip-address ] } undo dhcp server option code Huawei Technologies Proprietary 6-10...
Page 139: Dhcp Server Ping
[Quidway] interface vlan-interface 1 [Quidway-Vlan-interface1] dhcp server option 100 hex 11 22 6.2.10 dhcp server ping Syntax dhcp server ping { packets number | timeout milliseconds } undo dhcp server ping { packets | timeout } Huawei Technologies Proprietary 6-11...
Page 140: Dhcp Server Static-Bind
DHCP address pool on the current VLAN interface. Using the undo dhcp server static-bind command, you can remove the binding. By default, no static address binding is configured in any VLAN interface address pool. Huawei Technologies Proprietary 6-12...
Page 141: Display Dhcp Server Conflict
Address Discover Time 10.110.1.2 Jan 11 2003 11:57: 7 PM Table 6-1 Description of the output information of display dhcp server conflict Field Description Address Conflicted IP address Discover Time Time when the conflict is discovered Huawei Technologies Proprietary 6-13...
Page 142: Display Dhcp Server Expired
Information of expired address leases in global address pools Information of expired address leases in VLAN interface Interface pool address pools IP address IP address in a binding Hardware address MAC address in a binding Lease expiration Lease expiration time Huawei Technologies Proprietary 6-14...
Page 143: Display Dhcp Server Free-Ip
[ vlan-interface vlan_id ] | all } View Any view Parameter ip ip-address: Specifies an IP address. pool [ pool-name ]: Name of a global address pool. If no address pool is specified, all the global address pools apply. Huawei Technologies Proprietary 6-15...
Page 144: Display Dhcp Server Statistics
IP address IP address in a binding Hardware address MAC address in a binding Lease expiration Lease expiration time Type Address binding type 6.2.16 display dhcp server statistics Syntax display dhcp server statistics View Any view Huawei Technologies Proprietary 6-16...
Page 145 Table 6-4 Description of the output of display dhcp server statistics Field Description Global Pool Statistics information about global address pools Statistics information about VLAN interface address Interface Pool pools Pool Number Number of address pools Huawei Technologies Proprietary 6-17...
Page 146: Display Dhcp Server Tree
VLAN interface. If no interface is specified, address pools on all VLAN interfaces apply. all: All DHCP address pools. Description Using the display dhcp server tree command, you can view the tree of DHCP address pools. Example # Display the tree of DHCP address pools. Huawei Technologies Proprietary 6-18...
Page 147 Table 6-5 Description of the output of display dhcp server tree Field Description Global pool Information about global address pools Interface pool Information about VLAN interface address pools Pool Name Address pool name network Address ranges available for allocation Huawei Technologies Proprietary 6-19...
Page 148: Dns-List
{ ip-address | all } View DHCP address pool view Parameter ip-address: IP address of DNS server. You can configure up to eight IP addresses separated by spaces in a command. all: IP addresses of all the configured DNS servers. Huawei Technologies Proprietary 6-20...
Page 149: Domain-Name
For the related commands, see dhcp server ip-pool and dhcp server domain-name. Example # Specify “mydomain.com” as the domain name to be assigned to the clients using global DHCP address pool 0. [Quidway] dhcp server ip-pool 0 [Quidway-dhcp-0] domain-name mydomain.com Huawei Technologies Proprietary 6-21...
Page 150: Expired
# IP addresses from DHCP address pool 0 can be leased for 1 day, 2 hours, and 3 minutes. [Quidway] dhcp server ip-pool 0 [Quidway-dhcp-0] expired day 1 hour 2 minute 3 6.2.21 gateway-list Syntax gateway-list ip-address [ ip-address ] undo gateway-list { ip-address | all } View DHCP address pool view Huawei Technologies Proprietary 6-22...
Page 151: Nbns-List
DHCP address pool. Using the undo nbns-list command, you can remove one or all NetBIOS server addresses from the global address pool. By default, no NetBIOS server address is configured. If you configure NetBIOS server list for multiple times, the latest NetBIOS server list will replace the previous one. Huawei Technologies Proprietary 6-23...
Page 152: Netbios-Type
By default, clients are h-nodes. For the related commands, see dhcp server ip-pool, dhcp server netbios-byte, and nbns-list. Example # Specify clients using global DHCP address pool 0 to be b-nodes. [Quidway] dhcp server ip-pool 0 [Quidway-dhcp-0] netbios-type b-node Huawei Technologies Proprietary 6-24...
Page 153: Network
{ ascii ascii-string | hex hex-string | ip-address ip-address [ ip-address ] } undo option code View DHCP address pool view Parameter code: User-defined option value, which is in the range of 2 to 254. ascii ascii-string: ASCII string comprising 1 to 63 characters. Huawei Technologies Proprietary 6-25...
Page 154: Reset Dhcp Server Conflict
Using the reset dhcp server conflict command, you can clear the statistics information about DHCP address conflict. For the related command, see display dhcp server conflict. Example # Clear statistics information about all the address conflicts. <Quidway> reset dhcp server conflict all Huawei Technologies Proprietary 6-26...
Page 155: Reset Dhcp Server Ip-In-Use
Using the reset dhcp server statistics command, you can clear statistic information about the DHCP server, including such information as the number of DHCP address pools, automatic and manual address bindings and expired ones, and the number of unknown messages, DHCP requests, and responses. Huawei Technologies Proprietary 6-27...
Page 156: Static-Bind Ip-Address
Example # Bind the MAC address 0000-e03f-0305 with the IP address 10.1.1.1 using the mask 255.255.255.0. [Quidway-dhcp-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0 [Quidway-dhcp-0] static-bind mac-address 0000-e03f-0305 6.2.30 static-bind mac-address Syntax static-bind mac-address mac-address undo static-bind mac-address Huawei Technologies Proprietary 6-28...
Page 157: Dhcp Relay Configuration Commands
VLAN interface view Parameter None Description Use the address-check dhcp-relay enable command to activate the dynamic entries generated by the DHCP relay. Use the address-check dhcp-relay disable command to deactivate the dynamic entries generated by the DHCP relay Huawei Technologies Proprietary 6-29...
Page 158: Address-Check No-Matched
The so called unknown machine is a device which IP and MAC addresses are not contained in any DHCP security table entry. This configuration takes effect only when the DHCP security feature is enabled on the VLAN interface. Huawei Technologies Proprietary 6-30...
Page 159: Debugging Dhcp Relay
Using the undo debugging dhcp relay command, you can disable DHCP relay debugging. By default, DHCP relay debugging is disabled. Example # Enable DHCP relay event debugging. <Quidway> debugging dhcp relay event 6.3.4 dhcp relay release Syntax dhcp relay release client-ip mac-address [ server-ip ] Huawei Technologies Proprietary 6-31...
Page 160: Dhcp Relay Security Address-Check
View VLAN interface view Parameter None Description Using the dhcp relay security address-check enable command, you can enable the security feature of DHCP relay to check the validity of user addresses on the VLAN Huawei Technologies Proprietary 6-32...
Page 161: Dhcp Relay Security
# Map the IP address 1.1.1.1 to the MAC address 0005-5D02-F2B3 for security check in DHCP relay. [Quidway] dhcp relay security 1.1.1.1 0005-5D02-F2B3 static 6.3.7 display dhcp relay address Syntax display dhcp relay address [ interface vlan-interface vlan_id | all ] View Any view Huawei Technologies Proprietary 6-33...
Page 162: Display Dhcp Relay Statistics
<Quidway> display dhcp relay statistics Bad Packets recieved: DHCP packets received from clients: DHCP DISCOVER packets received: DHCP REQUEST packets received: DHCP INFORM packets received: DHCP DECLINE packets received: DHCP packets received from servers: DHCP OFFER packets received: Huawei Technologies Proprietary 6-34...
Page 163: Display Dhcprelay-Security
{ ip-address | all } Following is the command for configuring in system view DHCP server address to which multiple VLAN interfaces relay packets: ip relay address ip-address { interface vlan-interface vlan_id [ to vlan-interface vlan_id ] | all } Huawei Technologies Proprietary 6-35...
Page 164: Ip Relay Address Cycle
Using the undo ip relay address cycle command, you can disable DHCP servers to share the load. By default, DHCP servers do not share the load and requests from DHCP clients are only sent to the DHCP server configured first. Huawei Technologies Proprietary 6-36...
Page 165: Reset Dhcp Relay Statistics
Using the reset dhcp relay statistics command, you can clear the statistics information about DHCP relay. For the related command, see display dhcp relay statistics. Example # Clear the statistics information about DHCP relay. <Quidway> reset dhcp relay statistics Huawei Technologies Proprietary 6-37...
Page 166: Chapter 7 Dhcp Snooping Configuration Commands
By default, DHCP snooping function is not enabled. Related command: display dhcp-snooping. Note that: You must first disable DHCP relay (no DHCP server is configured on any Layer 3 port) before enabling DHCP snooping on the switch. Example # Enable DHCP snooping. <Quidway> system-view Huawei Technologies Proprietary...
Page 167: Dhcp-Snooping Trust
Use the display dhcp-snooping command to view the association table recorded by DHCP snooping, including the user IP address allocated by the DHCP server, MAC address, lease time of the IP address, VLAN where the switch port for the user belong. Huawei Technologies Proprietary...
Page 168: Display Dhcp-Snooping Trust
DHCP-Snooping function and the information about the trusted ports. For the related command, see dhcp-snooping trust. Example # Display the status of the DHCP-Snooping function and the information about the trusted ports. <Quidway> display dhcp-snooping trust dhcp-snooping is enabled Huawei Technologies Proprietary...
Page 169 Command Manual - Network Protocol Quidway S3500 Series Ethernet Switches Chapter 7 DHCP Snooping Configuration Commands dhcp-snooping trust become effective Interface Trusted ================================= Ethernet0/1 Trusted Huawei Technologies Proprietary...
Page 170: Chapter 8 Bootp Client Configuration Commands
Using the undo debugging bootp client command, you can disable BOOTP client debugging. By default, BOOTP client debugging is disabled. Example # Enable BOOTP client debugging. <Quidway> debugging bootp client 8.1.2 display bootp client Syntax display bootp client [ interface vlan-interface vlan-id ] View Any view Huawei Technologies Proprietary...
Page 171: Ip Address Bootp-Alloc
IP address using BOOTP. Using the undo ip address bootp-alloc command, you can remove the configuration. By default, the VLAN interface does not obtain IP address using BOOTP. For the related command, see display bootp client. Huawei Technologies Proprietary...
Page 172 Command Manual - Network Protocol Quidway S3500 Series Ethernet Switches Chapter 8 BOOTP Client Configuration Commands Example # Configure VLAN interface 1 to obtain IP address using BOOTP. [Quidway-Vlan-interface1] ip address bootp-alloc Huawei Technologies Proprietary...
Page 173: Chapter 9 Access Management Configuration Commands
ARP setting. Example # Enable the access management function. [Quidway] am enable 9.1.2 am ip-pool Syntax am ip-pool address-list undo am ip-pool { all | address-list } Huawei Technologies Proprietary...
Page 174: Am Isolate
Syntax am isolate interface-list undo am isolate interface-list View Ethernet port view Parameter interface-list: Specifies a list of ports isolated from the specified port in the { { interface-type interface-number | interface-name } [ to { interface-type Huawei Technologies Proprietary...
Page 175: Am Trap Enable
Using am trap enable command, you can enable the access management trap function. Using undo am trap enable command, you can disable the access management trap function. By default, The access management trap disabled. Example # Enable the access management trap. [Quidway] am trap enable Huawei Technologies Proprietary...
Page 176: Am User-Bind
Do not perform “Port+IP+MAC” and “Port+IP” on the same port. S3526E/S3526C switches support this command. Example # Bind port Ethernet0/1 and IP address 192.10.1.1. [Quidway] am user-bind interface ethenet0/1 ip-addr 192.10.1.1 9.1.6 display am Syntax display am [ interface-list ] Huawei Technologies Proprietary...
Page 177 X.X.X.X (number), of these, “X.X.X.X” IP Pools represents the first address, and “number” represents that “number” consecutive IP addresses from the beginning of this address are within the IP pools Isolate Ports Isolate ports. NULL represents no configuration Huawei Technologies Proprietary...
Page 178: Display Am User-Bind
Note that S3526E/S3526C switches support this command. Example # Display binding information of Ethernet0/1 port. <Quidway> display am user-bind interface ethernet0/1 Port NULL 129.10.1.1 Ethernet0/1 9.1.8 port-isolate enable Syntax port-isolate enable undo port-isolate enable View VLAN view Parameter None Huawei Technologies Proprietary...
Page 179: Port-Isolate Uplink-Port Vlan
If the uplink port is the kind of trunk port, it is recommended configure the trunk port to allow all the VLAN traffic to pass through and configure it to be the only uplink port in the VLAN where the port isolation is enabled. Huawei Technologies Proprietary...
Page 180 Command Manual - Network Protocol Quidway S3500 Series Ethernet Switches Chapter 9 Access Management Configuration Commands Example # Configure the port Ethernet1/0/1 as an uplink port. [Quidway-Ethernet1/0/1] port-isolate uplink-port vlan 1 Huawei Technologies Proprietary...
Page 181: Chapter 10 Ip Performance Configuration Commands
D – Dynamic route G – Gateway route Flag H – Local host route S – Static route U – Route in UP status R – Unreachable route L – Route generated by ARP or ESIS Huawei Technologies Proprietary 10-1...
Page 182: Display Icmp Statistics
Table 10-2 Description of the output information of the display icmp statistics command Field Description bad formats Number of input packets in bad format bad checksum Number of input packets with wrong checksum echo Number of input/output echo request packets Huawei Technologies Proprietary 10-2...
Page 183: Display Ip Socket
Using the display ip socket command, you can display the information about the sockets in the current system. Example # Display the information about the socket of TCP type. <Quidway> display ip socket socktype 1 SOCK_STREAM: Task = VTYD(18), socketid = 1, Proto = 6, Huawei Technologies Proprietary 10-3...
Page 184: Display Ip Statistics
TCP is able to cache data rb_cc The current data size in the receiving buffer socket option The option of the socket socket state The state of the socket 10.1.4 display ip statistics Syntax display ip statistics View Any view Huawei Technologies Proprietary 10-4...
Page 185 Number of packets that are sent by the local device Output: dropped Number of dropped packets during transmission no route Number of packets that cannot be routed compress fails Number of packets that cannot be compressed Huawei Technologies Proprietary 10-5...
Page 186: Display Tcp Statistics
All these displayed information are measured in packet. For the related commands, see display tcp status, reset tcp statistics. Example # View statistics about TCP packets. [Quidway]display tcp statistics Received packets: Total: 753 Huawei Technologies Proprietary 10-6...
Page 187: Display Tcp Status
Closed connections: 0 (dropped: 0, initiated dropped: 0) 10.1.6 display tcp status Syntax display tcp status View Any view Parameter None Description Using display tcp status command, you can view the TCP connection state. Example # Display the state of all TCP connections. Huawei Technologies Proprietary 10-7...
Page 188: Reset Ip Statistics
Using reset ip statistics command, you can reset the IP statistics information. For the related commands, see display ip interface, display ip statistics. Example # Reset the IP statistics information. <Quidway> reset ip statistics 10.1.8 reset tcp statistics Syntax reset tcp statistics View User view Parameter None Huawei Technologies Proprietary 10-8...
Page 189: Tcp Timer Fin-Timeout
For the related command, see tcp timer syn-timeout, tcp window. Example # Configure the TCP finwait timer value as 800 seconds. [Quidway] tcp timer fin-timeout 800 10.1.10 tcp timer syn-timeout Syntax tcp timer syn-timeout time-value undo tcp timer syn-timeout Huawei Technologies Proprietary 10-9...
Page 190: Tcp Window
Socket. Using undo tcp window command, you can restore the default size of the buffer. For the related command, see tcp timer fin-timeout, tcp timer syn-timeout. Example # Configure the size of the transmission and receiving buffers as 3KB. Huawei Technologies Proprietary 10-10...
Page 191 Command Manual - Network Protocol Quidway S3500 Series Ethernet Switches Chapter 10 IP Performance Configuration Commands [Quidway] tcp window 3 Huawei Technologies Proprietary 10-11...
Page 192: Routing Protocol
HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Routing Protocol Huawei Technologies Proprietary...
Page 193 2.1.13 rip authentication-mode..................2-10 2.1.14 rip input........................ 2-11 2.1.15 rip metricin......................2-12 2.1.16 rip metricout......................2-13 2.1.17 rip output ......................2-13 2.1.18 rip split-horizon ....................2-14 2.1.19 rip version......................2-15 2.1.20 rip work........................ 2-16 2.1.21 summary......................2-16 Huawei Technologies Proprietary...
Page 194 3.1.34 ospf dr-priority ..................... 3-35 3.1.35 ospf mtu-enable ....................3-35 3.1.36 ospf network-type....................3-36 3.1.37 ospf timer dead....................3-37 3.1.38 ospf timer hello ....................3-38 3.1.39 ospf timer poll ...................... 3-39 3.1.40 ospf timer retransmit ................... 3-39 Huawei Technologies Proprietary...
Page 195 4.1.23 display bgp routing-table peer................4-23 4.1.24 display bgp routing-table regular-expression ............4-24 4.1.25 filter-policy export ....................4-25 4.1.26 filter-policy import ....................4-25 4.1.27 group ........................4-26 4.1.28 import-route ......................4-27 4.1.29 ip as-path-acl....................... 4-27 4.1.30 ip community-list....................4-28 Huawei Technologies Proprietary...
Page 196 5.1.3 apply cost ........................ 5-3 5.1.4 apply cost-type ......................5-3 5.1.5 apply ip next-hop ..................... 5-4 5.1.6 apply local-preference..................... 5-5 5.1.7 apply origin ......................5-5 5.1.8 apply tag........................5-6 5.1.9 display ip ip-prefix ....................5-7 5.1.10 display route-policy ....................5-7 Huawei Technologies Proprietary...
Page 197 6.1 Route Capacity Configuration Commands ................ 6-1 6.1.1 display memory ....................... 6-1 6.1.2 display memory limit....................6-2 6.1.3 memory auto-establish disable ................6-3 6.1.4 memory auto-establish enable ................6-4 6.1.5 memory { safety | limit } ................... 6-4 Huawei Technologies Proprietary...
Page 198: Chapter 1 Static Route Configuration Commands
Only current used route, i.e., best route, is displayed using display ip routing-table command. Example # View the summary of routing table. <Quidway> display ip routing-table Routing Table: public net Destination/Mask Protocol Pre Cost Nexthop Interface 10.153.25.0/24 DIRECT 10.153.25.200 Vlan-interface1 Huawei Technologies Proprietary...
Page 199: Display Ip Routing-Table Acl
This command is used in track display of route policy to display the route that passed the filtering rule according the input basic ACL number or name. The command is only applicable to display the route that passed basic ACL filtering rules. Huawei Technologies Proprietary...
Page 200 *NextHop: 127.0.0.1 Interface: 127.0.0.1(InLoopBack0) Vlinkindex: 0 State: <NoAdvise Int ActiveU Retain Gateway Unicast> Age: 7:24 Cost: 0/0 Table 1-2 Description of information generated by the command display ip routing-table acl verbose Field Description Destination Destination address Mask Mask Huawei Technologies Proprietary...
Page 201 Chapter 1 Static Route Configuration Commands Field Description Protocol Routing protocol Preference Routing preference Nexthop Next hop address Output interface, through which the data packet destined for the Interface destination network segment is sent Vlinkindex Virtual link index Huawei Technologies Proprietary...
Page 202 The route with Static flag will not be cleared from the routing table after you save it and reboot the router. Static Generally, the static route configured manually in the router belongs to a Static route. Unicast Unicast route Time to live Cost Value of the cost Huawei Technologies Proprietary...
Page 203: Display Ip Routing-Table Ip_Address
# There is corresponding route in natural mask range. Display the summary. <Quidway> display ip routing-table 169.0.0.0 Destination/Mask Protocol Pre Cost Nexthop Interface 169.0.0.0/16 Static 2.1.1.1 LoopBack1 For detailed description of the output information, see Table 1-1. Huawei Technologies Proprietary...
Page 204 **Destination: 169.0.0.0 Mask: 255.0.0.0 Protocol: #Static Preference: 60 *NextHop: 2.1.1.1 Interface: 2.1.1.1(LoopBack1) Vlinkindex: 0 State: <Int ActiveU Static Unicast> Age: 3:47 Cost: 0/0 **Destination: 169.0.0.0 Mask: 255.254.0.0 Protocol: #Static Preference: 60 *NextHop: 2.1.1.1 Interface: 2.1.1.1(LoopBack1) Vlinkindex: 0 Huawei Technologies Proprietary...
Page 205: Display Ip Routing-Table Ip_Address1 Ip_Address2
<Quidway>display ip routing-table 1.1.1.0 24 2.2.2.0 24 Routing tables: Summary count: 3 Destination/Mask Protocol Pre Cost Nexthop Interface 1.1.1.0/24 DIRECT 1.1.1.1 Vlan-interface1 1.1.1.1/32 DIRECT 127.0.0.1 InLoopBack0 2.2.2.0/24 DIRECT 2.2.2.1 Vlan-interface2 For detailed description of the output information, see Table 1-1. Huawei Technologies Proprietary...
Page 206: Display Ip Routing-Table Ip-Prefix
[Quidway] display ip routing-table ip-prefix abc2 verbose Routes matched by ip-prefix abc2: Generate Default: no + = Active Route, - = Last Active, # = Both * = Next hop in use Summary count: 2 **Destination: 10.1.1.0 Mask: 255.255.255.0 Huawei Technologies Proprietary...
Page 207: Display Ip Routing-Table Protocol
Display OSPF route information. ospf-ase: Display OSPF ASE route information. ospf-nssa: Display OSPF NSSA route information. rip: Display RIP route information. Description Using display ip routing-table protocol command, you can view the route information of specified protocol. Huawei Technologies Proprietary 1-10...
Page 208: Display Ip Routing-Table Radix
Summary count: 1 Destination/Mask Protocol Pre Cost Nexthop Interface 1.2.3.0/24 STATIC 1.2.4.5 Vlan-interface10 For detailed description of the output information, see Table 1-1. 1.1.7 display ip routing-table radix Syntax display ip routing-table radix View Any view Parameter None Huawei Technologies Proprietary 1-11...
Page 209: Display Ip Routing-Table Statistics
The statistics of routing information includes total route amount, the route amount added or deleted by protocol, amount of the routes that are labeled deleted but not deleted, the active route amount and inactive route amount. Huawei Technologies Proprietary 1-12...
Page 210: Display Ip Routing-Table Verbose
Number of deleted routes (such routes will be freed in a period of time) freed Number of freed routes 1.1.9 display ip routing-table verbose Syntax display ip routing-table verbose View Any view Parameter None Huawei Technologies Proprietary 1-13...
Page 211 Mask: 255.0.0.0 Protocol: #DIRECT Preference: 0 *NextHop: 127.0.0.1 Interface: 127.0.0.1(InLoopBack0) State: <NoAdvise Int ActiveU Retain Unicast> **Destination: 127.0.0.1 Mask: 255.255.255.255 Protocol: #DIRECT Preference: 0 *NextHop: 127.0.0.1 Interface: 127.0.0.1(InLoopBack0) State: <NotInstall NoAdvise Int ActiveU Retain Gateway Unicast> Huawei Technologies Proprietary 1-14...
Page 212: Static Route Configuration Commands
Specify the next hop IP address of the route. preference-value: Preference level of the route in the range from 1 to 255. reject: Indicate an unreachable route. blackhole: Indicate a blackhole route. Huawei Technologies Proprietary 1-15...
Page 213 If it is failed to detect the routing table, a packet will be forwarded along the default route. For different configuration of preference level, flexible routing management policy can be adopted. For the related commands, see display ip routing-table, delete static-routes all and ip route-static default-preference. Huawei Technologies Proprietary 1-16...
Page 214: Ip Route-Static Default-Preference
For the related commands, see display ip routing-table, ip route-static. Example # Configure the default preference of static routes as 120. [Quidway] ip route-static default-preference 120 Huawei Technologies Proprietary 1-17...
Page 215: Chapter 2 Rip Configuration Commands
This command is ineffective to RIP-2 since RIP-2 packets have no zero fields. Example # Configure not to perform zero check for RIP-1 packet. [Quidway-rip] undo checkzero Huawei Technologies Proprietary...
Page 216: Default Cost
View Any view Parameter None Description Using display rip command, you can view the current RIP running state and its configuration information. Example # Display the current running state and configuration information of the RIP. Huawei Technologies Proprietary...
Page 217: Filter-Policy Export
Name of address prefix list used for filtering the destination addresses of the routing information. route-policy-name: Route policy name that filters routing information. After enabling RIP protocol, you can determine which routes are to be sent/received based on acl/cost/interface/ip/ip-prefix/tag fields. Huawei Technologies Proprietary...
Page 218: Filter-Policy Import
Name of address prefix list used for filtering the destination addresses of the routing information. gateway ip-prefix-name: Name of address prefix list used for filtering the addresses of the neighboring routers advertising the routing information. Huawei Technologies Proprietary...
Page 219: Host-Route
In some special cases, RIP receives a great number of host routes in the same network segment. These routes cannot help the path searching much but occupy a lot of resources. In this case, the undo host-route command can be used to reject a host route. Huawei Technologies Proprietary...
Page 220: Import-Route
However, this router can still forward packets until the Garbage Collection timer times out (defaults to 120 seconds). For the related commands, see default cost. Example # Import a static route with cost 4. [Quidway-rip] import-route static cost 4 Huawei Technologies Proprietary...
Page 221: Network
129.102.1.1 with both the display current-configuration command and the display rip command are shown as the network 129.102.0.0. For the related commands, see rip work . Example # Enable the RIP on the interface with the network address as 129.102.0.0. Huawei Technologies Proprietary...
Page 222: Peer
Usually, it is not recommended to use this command. Example # Specify the sending destination address 202.38.165.1. [Quidway-rip] peer 202.38.165.1 2.1.10 preference Syntax preference value undo preference View RIP view Parameter value: Preference level, ranging from 1 to 255. By default, the value is 100. Huawei Technologies Proprietary...
Page 223: Reset
Using reset command, you can reset the system configuration parameters of RIP. When you need to re-configure parameters of RIP, this command can be used to restore to the default setting. Example # Reset the RIP system. [Quidway-rip] reset 2.1.12 rip Syntax undo rip View system view Huawei Technologies Proprietary...
Page 224: Rip Authentication-Mode
Interface view Parameter simple: Simple text authentication mode. password: Simple text authentication key. md5: MD5 cipher text authentication mode. usual: Specify the MD5 cipher text authentication packet to use the general packet format (RFC1723 standard format). Huawei Technologies Proprietary 2-10...
Page 225: Rip Input
# Set MD5 authentication at Vlan-interface 1 with the key string as aaa and the packet type as usual. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] rip version 2 [Quidway-Vlan-interface1] rip authentication-mode md5 usual aaa 2.1.14 rip input Syntax rip input undo rip input Huawei Technologies Proprietary 2-11...
Page 226: Rip Metricin
Using rip metricin command, you can configure the additional route metric added to the route when an interface receives RIP packets. Using undo rip metricin command, you can restore the default value of this additional route metric. For the related commands, see rip metricout. Huawei Technologies Proprietary 2-12...
Page 227: Rip Metricout
# Set the additional route metric to 2 when the interface Vlan-interface 1 transmits RIP packets. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] rip metricout 2 2.1.17 rip output Syntax rip output undo rip output View Interface view Huawei Technologies Proprietary 2-13...
Page 228: Rip Split-Horizon
By default, an interface is enabled to use split horizon when transmitting RIP packets. Normally, split horizon is necessary for reducing route loop. Only in some special cases, split horizon should be disabled to ensure the correct execution of protocols. Huawei Technologies Proprietary 2-14...
Page 229: Rip Version
When running RIP-2 in multicast mode, the interface only receives and transmits RIP-2 multicast packets, receives RIP-2 broadcast packets, but does not receive RIP-1 packets. Example # Configure the interface Vlan-interface 1 as RIP-2 broadcast mode. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] rip version 2 broadcast Huawei Technologies Proprietary 2-15...
Page 230: Rip Work
For the related commands, see network, rip input, rip output. Example # Disable the interface Vlan-interface 1 to run the RIP. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] undo rip work 2.1.21 summary Syntax summary undo summary View RIP view Parameter None Huawei Technologies Proprietary 2-16...
Page 231 For the related commands, see rip version. Example # Set RIP version on the interface Vlan-interface 1 as RIP-2 and disable the route aggregation. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] rip version 2 [Quidway-Vlan-interface1] quit [Quidway] rip [Quidway-rip] undo summary Huawei Technologies Proprietary 2-17...
Page 232: Chapter 3 Ospf Configuration Commands
The ABR only transmits an aggregated route to other areas. Route aggregation refers to that the routing information is processed in the ABR and for each network segment configured with route aggregation, there is only one route transmitted to other areas. Huawei Technologies Proprietary...
Page 233: Area
Example # Enter OSPF Area 0 view. [Quidway-ospf] area 0 [Quidway-ospf-area-0.0.0.0] 3.1.3 asbr-summary Syntax asbr-summary ip-address mask [ not-advertise | tag value ] undo asbr-summary ip-address mask View OSPF view Parameter ip-address: Matched IP address. Huawei Technologies Proprietary...
Page 234: Authentication-Mode
Use simple text authentication mode. md5: Use MD5 cipher text authentication mode. Description Using authentication-mode command, you can configure one area of OSPF to support the authentication attribute. Using undo authentication-mode command, you can cancel the authentication attribute of this area. Huawei Technologies Proprietary...
Page 235: Default Cost
Example # Specify the default routing cost for OSPF to import external routes as 10. [Quidway-ospf] default cost 10 Huawei Technologies Proprietary...
Page 236: Default Interval
3.1.7 default limit Syntax default limit routes undo default limit View OSPF view Parameter routes: Default value to the imported external routes in a unit time, ranging from 200 to 2147483647. By default, the value is 1000. Huawei Technologies Proprietary...
Page 237: Default Tag
For the related commands, see default type. Example # Set the default tag of OSPF imported external route of the autonomous system as 10. [Quidway-ospf] default tag 10 Huawei Technologies Proprietary...
Page 238: Default Type
View OSPF Area view Parameter value: Specify the cost value of the default route transmitted by OSPF to the STUB or NSSA area, ranging from 0 to 16777214. The default value is 1. Huawei Technologies Proprietary...
Page 239: Default-Route-Advertise
2. route-policy route-policy-name: if the default route match the route-policy specified by route-policy-name, route-policy will affect the value in ase lsa. The length of route-policy-name parameter ranges from 1 to 16 character string. Huawei Technologies Proprietary...
Page 240: Display Debugging Ospf
OSPF and all processes. For related commands, see debugging ospf. Example # Display the debugging states of global OSPF and all processes. <Quidway> display debugging ospf OSPF EVENT debugging switch is on 3.1.13 display ospf abr-asbr Syntax display ospf abr-asbr Huawei Technologies Proprietary...
Page 241: Display Ospf Asbr-Summary
The local output interface 3.1.14 display ospf asbr-summary Syntax display ospf asbr-summary [ ip-address mask ] View Any view Parameter ip-address: Matched IP address in dotted decimal format. mask: IP address mask in dotted decimal format. Huawei Technologies Proprietary 3-10...
Page 242 Destination network segment mask Mask Status information, including two values: The summary routing information to the network DoNotAdvertise status segment will not be advertised The summary routing information to the network Advertise segment will be advertised Huawei Technologies Proprietary 3-11...
Page 243: Display Ospf Brief
Table 3-3 Description of information generated by the command display ospf brief Field Description RouterID Router ID of the router Border routers for connection to the area, including Border Router autonomous system border router (ASBR) and area border router (ABR) spf-schedule-interval Interval of SPF schedule Huawei Technologies Proprietary 3-12...
Page 244: Display Ospf Cumulative
Interval of hello packet Timers Dead Interval of dead neighbors Poll Interval of poll Retransmit Interval of retransmitting LSA Transmit Delay Delay time of transmitting LSA 3.1.16 display ospf cumulative Syntax display ospf cumulative View Any view Huawei Technologies Proprietary 3-13...
Page 245 Inter Area: 0 ASE: 0 Table 3-4 Description of information generated by the command display ospf cumulative Field Description Type Type of input/output OSPF packet IO Statistics Input Number of received packets Output Number of transmitted packets Huawei Technologies Proprietary 3-14...
Page 246: Display Ospf Error
Using display ospf error command, you can view the OSPF error information. Example # Display the OSPF error information. <Quidway> display ospf error OSPF packet error statistics: 0: IP: received my own packet 0: OSPF: wrong packet type Huawei Technologies Proprietary 3-15...
Page 247 OSPF: packet size > ip length OSPF packet size exceeds IP packet length OSPF: transmit error OSPF transmission error OSPF: interface down OSPF interface is down, unavailable OSPF: unknown neighbor OSPF neighbors are unknown HELLO: netmask mismatch Network mask mismatch Huawei Technologies Proprietary 3-16...
Page 248 LS UPD: unknown LSA type Link state update packet: unknown LSA type OSPF routing: next hop not Next hop of OSPF routing does not exist exist DD: MTU option mismatch MTU option of DD packet is mismatched Huawei Technologies Proprietary 3-17...
Page 249: Display Ospf Interface
Backup Designated Router BDR on the network in which the interface resides OSPF timers, defining as follows: Hello Interval of hello packet Timers Dead Interval of dead neighbors Poll Interval of poll Retransmit Interval of retransmitting LSA Huawei Technologies Proprietary 3-18...
Page 250: Display Ospf Lsdb
<Quidway> display ospf lsdb Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Age Len Sequence Metric Where 2.2.2.2 2.2.2.2 465 36 8000000c SpfTree 1.1.1.1 1.1.1.1 449 36 80000004 SpfTree 10.153.17.89 2.2.2.2 465 32 80000004 SpfTree Huawei Technologies Proprietary 3-19...
Page 251 Link State Data Base type : ASE ls id : 2.2.0.0 adv rtr: 1.1.1.1 ls age: len: 36 seq#: 80000001 chksum: 0xfcaf Options: (DC) Net mask:255.255.0.0 Tos 0 metric: 1 E type : 2 Forwarding Address: 0.0.0.0 Huawei Technologies Proprietary 3-20...
Page 252: Display Ospf Nexthop
Syntax display ospf nexthop View Any view Parameter None Description Using display ospf nexthop command, you can view the information about the next-hop Example # Display the OSPF next-hop information. <Quidway> display ospf nexthop Next hops: Huawei Technologies Proprietary 3-21...
Page 253: Display Ospf Peer
# View the information of OSPF peer. <Quidway> display ospf peer Area 0.0.0.0 interface 10.153.17.88(Vlan-interface1)'s neighbor(s) RouterID: 2.2.2.2 Address: 10.153.17.89 State: Full Mode: Nbr is Master Priority: 1 DR: 10.153.17.89 BDR: 10.153.17.88 Dead timer expires in 31s Huawei Technologies Proprietary 3-22...
Page 254 ATM. It indicates that OSPF router does not receive the message from Attempt a certain neighbor router within a period of time, but still attempts to send Hello packet to the adjacent routers for their communications with a lower frequency. Huawei Technologies Proprietary 3-23...
Page 255: Display Ospf Request-Queue
Using display ospf request-queue command, you can view the information about the OSPF request-queue. Example # Display the information of OSPF request-queue. <Quidway> display ospf request-queue The Router's Neighbors is RouterID: 1.1.1.1 Address: 1.1.1.1 Interface: 1.1.1.3 Area: 0.0.0.0 LSID:1.1.1.3 AdvRouter:1.1.1.3 Sequence:80000017 Age:35 Huawei Technologies Proprietary 3-24...
Page 256: Display Ospf Retrans-Queue
OSPF retransmission queue. Example # Display the information of OSPF retransmission queue. <Quidway> display ospf retrans-queue Retransmit List The Router's Neighbors is RouterID: 162.162.162.162 Address: 103.169.2.2 Interface: 103.169.2.5 Area: 0.0.0.1 Retrans list: Type: ASE LSID:129.11.77.0 AdvRouter:103.160.1.1 Huawei Technologies Proprietary 3-25...
Page 257: Display Ospf Routing
<Quidway> display ospf routing Routing for Network Destination Cost Type NextHop AdvRouter Area 10.110.0.0/16 1 Net 10.110.10.1 1.1.1.1 10.10.0.0/16 1 Stub 10.10.0.1 3.3.3.3 Total Nets: 2 Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0 Huawei Technologies Proprietary 3-26...
Page 258: Display Ospf Vlink
# View OSPF virtual links information. <Quidway> display ospf vlink Virtual-link Neighbor-id -> 2.2.2.2, State: Full Cost: 0 State: Full Type: Virtual Transit Area: 0.0.0.2 Timers: Hello 10, Dead 40, Poll 0, Retransmit 5, Transmit Delay 1 Huawei Technologies Proprietary 3-27...
Page 259: Filter-Policy Export
Using filter-policy export command, you can configure the rule of OSPF filtering the advertised routing information. Using undo filter-policy export command, you can cancel the filtering rules that have been set. By default, no filtering of the distributed routing information is performed. Huawei Technologies Proprietary 3-28...
Page 260: Filter-Policy Import
In some cases, it may be required that only the routing information meeting some conditions can be received. Then, the filter-policy command can be used to set the filtering conditions for the routing information to be received. Only the routing information passing the filtration can be received. Huawei Technologies Proprietary 3-29...
Page 261: Import-Route
By default, the routing information of other protocols is not imported. Note: You are recommended to configure the route type, cost and tag together in one command; otherwise, the new configuration overwrites the old one. Huawei Technologies Proprietary 3-30...
Page 262: Network
# Specify the interfaces whose master IP addresses are in the segment range of 10.110.36.0 to run the OSPF protocol and specify the number of the OSPF area (where these interfaces are located) as 6. [Quidway-ospf] area 6 [Quidway-ospf-area-0.0.0.6] network 10.110.36.0.0 0.0.0.255 Huawei Technologies Proprietary 3-31...
Page 263: Nssa
On ASBR, the no-import-route parameter enables the external route imported by OSPF through import-route command not to be advertised to NSSA area. Example # Configure area 1 as NSSA area. [Quidway-ospf] area 1 [Quidway-ospf-area-0.0.0.1] network 36.0.0.0 0.255.255.255 [Quidway-ospf-area-0.0.0.1] nssa 3.1.31 ospf Syntax ospf undo ospf Huawei Technologies Proprietary 3-32...
Page 264: Ospf Authentication-Mode
16 characters. And it will be displayed in a cipher text form in a length of 24 characters when display current-configuration command is executed. Inputting the MD5 key in a cipher text form with 24 characters is also supported. Huawei Technologies Proprietary 3-33...
Page 265: Ospf Cost
# Set the area 1 where the network segment 131.119.0.0 of Interface Vlan-interface 1 is located to support MD5 cipher text authentication. The authentication key identifier is set to 15 and the authentication key is Huawei. [Quidway-ospf] area 1 [Quidway-ospf-area-0.0.0.1] network 131.119.0.0 0.0.255.255 [Quidway-ospf-area-0.0.0.1] authentication-mode md5...
Page 266: Ospf Dr-Priority
# Set the priority of the interface Vlan-interface 1 to 8, when electing the DR. [Quidway] interface Vlan-interface 1 [Quidway-Vlan-interface1] ospf dr-priority 8 3.1.35 ospf mtu-enable Syntax ospf mtu-enable undo ospf mtu-enable View Interface view Parameter None. Huawei Technologies Proprietary 3-35...
Page 267: Ospf Network-Type
Using undo ospf network-type command, you can restore the default network type of the OSPF interface. OSPF divides networks into four types by link layer protocol: Broadcast: If Ethernet or FDDI is adopted, OSPF defaults the network type to broadcast. Huawei Technologies Proprietary 3-36...
Page 268: Ospf Timer Dead
[Quidway-Vlan-interface1] ospf network-type nbma 3.1.37 ospf timer dead Syntax ospf timer dead seconds undo ospf timer dead View Interface view Parameter seconds: Dead interval of the OSPF neighbor. It is in second and ranges from 1 to 65535. Huawei Technologies Proprietary 3-37...
Page 269: Ospf Timer Hello
By default, the interval is 10 seconds for an interface of p2p or broadcast type to transmit Hello messages, and 30 seconds for an interface of nbma or p2mp type. For the related commands, see ospf timer dead. Huawei Technologies Proprietary 3-38...
Page 270: Ospf Timer Poll
Poll seconds should be no less than 3 times of Hello. Example # Configure to transmit poll Hello packet from interface Vlan-interface 2 every 120 seconds. [Quidway-Vlan-interface2] ospf timer poll 120 3.1.40 ospf timer retransmit Syntax ospf timer retransmit interval undo ospf timer retransmit Huawei Technologies Proprietary 3-39...
Page 271: Ospf Trans-Delay
1 second. Description Using ospf trans-delay command, you can configure the LSA transmitting delay on an interface. Using undo ospf trans-delay command, you can restore the default value of the LSA transmitting delay on an interface. Huawei Technologies Proprietary 3-40...
Page 272: Peer
NBMA type. Using undo peer command, you can cancel the configured neighboring point. Example # Configure the IP address of neighboring router as 10.1.1.1. [Quidway-ospf] peer 10.1.1.1 3.1.43 preference Syntax preference [ ase ] value undo preference [ ase ] Huawei Technologies Proprietary 3-41...
Page 273: Reset Ospf
Using reset ospf all command, you can reset all the OSPF process. The reset ospf all command can be used to reset the OSPF process and the following results are expected: Clear invalid LSA immediately without waiting for LSA timeout. Huawei Technologies Proprietary 3-42...
Page 274: Router Id
When the router ID is configured manually, the IDs of any two routers cannot be same in the autonomous system. So, the IP address of certain interface might as well be selected as the ID of this router. Huawei Technologies Proprietary 3-43...
Page 275: Silent-Interface
OSPF routing information. On a switch, this command can disable/enable the specified VLAN interface to send OSPF packets Example # Disable interface Vlan-interface 2 to transmit OSPF packet. [Quidway-ospf] silent-interface Vlan-interface 2 Huawei Technologies Proprietary 3-44...
Page 276: Snmp-Agent Trap Enable Ospf
By default, the switch does not send TRAP packets in case of OSPF anomalies. For detailed configuration of SNMP TRAP, refer to the module “System Management" in this manual. Example # Enable the TRAP function for OSPF process 100. [Quidway] snmp-agent trap enable ospf 100 Huawei Technologies Proprietary 3-45...
Page 277: Spf-Schedule-Interval
# Set the OSPF route calculation interval of Quidway to 6 seconds. [Quidway-ospf] spf-schedule-interval 6 3.1.49 stub Syntax stub [ no-summary ] undo stub View OSPF Area view Parameter no-summary: ABR is disabled to transmit Summary LSAs to the STUB area. Huawei Technologies Proprietary 3-46...
Page 278: Vlink-Peer
4 times of the hello seconds. The default value is 40 seconds. simple password: Specify the simple text authentication password, not exceeding 8 characters, of the interface. This value must equal the authentication key of the virtually linked peer. Huawei Technologies Proprietary 3-47...
Page 279 For the related commands, see authentication-mode, display ospf. Example # Create a virtual link to 10.110.0.3 and use the MD5 cipher authentication mode. [Quidway-ospf] area 10.0.0.0 [Quidway-ospf-area-10.0.0.0] vlink-peer 10.110.0.3 md5 3 345 Huawei Technologies Proprietary 3-48...
Page 280: Chapter 4 Bgp Configuration Commands
[ as-set | attribute-policy route-policy-name | detail-suppressed origin-policy route-policy-name suppress-policy route-policy-name ]* View BGP view Parameter address: Address of the aggregated route. mask: Network mask of the aggregated route. as-set: Create a route with segment of AS_SET. Huawei Technologies Proprietary...
Page 281: Bgp
The same work can be done attribute-policy by using peer route-policy, etc. Example # Create an aggregated record in BGP routing table. [Quidway-bgp] aggregate 168.328.0.0 255.255.0.0 4.1.2 bgp Syntax bgp as-number undo bgp [as-number ] Huawei Technologies Proprietary...
Page 282: Compare-Different-As-Med
If there are several routes available to one destination address, the route with smaller MED parameter can be selected as the final route item. Do not use this command unless it is determined that the same IGP and routing selection mode are adopted by different autonomous systems. Huawei Technologies Proprietary...
Page 283: Confederation Id
AS confederation. For external members, Confederation 9 is a unified AS domain. [Quidway] bgp 41 [Quidway-bgp] confederation id 9 [Quidway-bgp] confederation peer-as 38 39 40 [Quidway-bgp] group Confed38 external [Quidway-bgp] peer Confed38 as-number 38 Huawei Technologies Proprietary...
Page 284: Confederation Nonstandard
64000 and 65000. [Quidway] bgp 64000 [Quidway-bgp] confederation id 100 [Quidway-bgp] confederation peer-as 65000 [Quidway-bgp] confederation nonstandard 4.1.6 confederation peer-as Syntax confederation peer-as as-number-1 [... as-number-n ] undo confederation peer-as [ as-number-1 ] [... as-number-n ] View BGP view Huawei Technologies Proprietary...
Page 285: Dampening
The penalty value of a route when it start to be reused. The range is 1 to 20000. By default, the value is 750. suppress: The penalty threshold of a route when it start to be suppressed. The range is 1 to 20000. By default, the value is 2000. Huawei Technologies Proprietary...
Page 286: Debugging Bgp
Indicating to enable BGP Open packet information debugging. packet: Indicating to enable BGP packet information debugging. route-refresh: Indicating to enable BGP route-refresh packet information debugging. update: Indicating to enable BGP Update packet information debugging. receive: Information of receiving packets. Huawei Technologies Proprietary...
Page 287: Default Local-Preference
Configuring different local preferences will affect BGP routing selection. When a router running BGP gets routes with the same destination address but different next hops through different internal peers, it will select the route of highest local preference to this destination. Huawei Technologies Proprietary...
Page 288: Default Med
RTB and RTC is Ethernet. So the MED of RTA can be configured as 25 to allow RTC to select the route transmitted by RTB first. [Quidway-bgp] default med 25 4.1.11 display bgp group Syntax display bgp group [ group-name ] View Any view Huawei Technologies Proprietary...
Page 289: Display Bgp Network
Members in this peer group route-policy Name of configured route policy filter-policy Configured export and import route filter for BGP Configured access control list ip-prefix Configured IP address prefix list 4.1.12 display bgp network Syntax display bgp network Huawei Technologies Proprietary 4-10...
Page 290: Display Bgp Paths
Configured route policy 4.1.13 display bgp paths Syntax display bgp paths as-regular-expression View Any view Parameter as-regular-expression: Matched AS path regular expression. Description Using display bgp paths command, you can view the information about AS paths Huawei Technologies Proprietary 4-11...
Page 291: Display Bgp Peer
With it, route loop can be avoided 4.1.14 display bgp peer Syntax display bgp peer peer-address verbose display bgp peer [ verbose ] View Any view Parameter peer-address: Specify the peer to be displayed. Huawei Technologies Proprietary 4-12...
Page 292 Type of peer: Internal for IBGP, and External for EBGP State State of peer Flags Flags of peer Last State Last state before entering current state Last Event Last event of neighbor state machine Last Error Last error of neighbor state machine Options Options Huawei Technologies Proprietary 4-13...
Page 293: Display Bgp Routing-Table
H - history, I - internal, S – aggregate suppressed Dest/Mask Next-hop Local-pref Origin As-path ----------------------------------------------------------------------- 129.1.1.0/24 5.5.5.5 129.1.2.0/24 5.5.5.5 129.1.3.0/24 5.5.5.5 129.1.4.0/24 5.5.5.5 129.1.5.0/24 5.5.5.5 129.1.6.0/24 5.5.5.5 129.1.7.0/24 5.5.5.5 129.1.8.0/24 5.5.5.5 129.1.9.0/24 5.5.5.5 129.1.10.0/24 5.5.5.5 Huawei Technologies Proprietary 4-14...
Page 294: Display Bgp Routing-Table As-Path-Acl
As-path passes. With it, route loop can be avoided 4.1.16 display bgp routing-table as-path-acl Syntax display bgp routing-table as-path-acl acl-number View Any view Parameter acl-number: Specify matched AS path list number ranging from 1 to 199. Huawei Technologies Proprietary 4-15...
Page 295 22.1.0.0/16 200.1.7.2 88.1.0.0/16 0.0.0.0 Table 4-7 Description of information generated by the command display bgp routing-table as-path-acl Field Description Dest/Mask Destination address/Mask Pref Preference Nexthop IP address of next hop MULTI_EXIT_DISC attribute value Local-pref Local preference Huawei Technologies Proprietary 4-16...
Page 296: Display Bgp Routing-Table Cidr
^ - best, D - damped, H - history, I - internal, S – aggregate suppressed Dest/Mask Pref Next-Hop Local-pref Origin As-path -------------------------------------------------------------------- 22.1.0.0/16 200.1.7.2 88.1.0.0/16 0.0.0.0 For detailed description of the output information, see Table 5-6. Huawei Technologies Proprietary 4-17...
Page 297: Display Bgp Routing-Table Community
S – aggregate suppressed Dest/Mask Pref Next-Hop Local-pref Origin As-path -------------------------------------------------------------------- 1.0.0.0/8 172.10.0.2 2.0.0.0/8 172.10.0.2 For detailed description of the output information, see Table 5-6. 4.1.19 display bgp routing-table community-list Syntax display bgp routing-table community-list community-list-number [ whole-match ] Huawei Technologies Proprietary 4-18...
Page 298 10.10.10.1 4.4.4.0/24 10.10.10.1 9.9.9.0/24 10.10.10.1 10.10.10.0/24 0 10.10.10.2 10.10.10.0/24 256 10.10.10.1 For detailed description of the output information, see Table 5-6. 4.1.20 display bgp routing-table dampened Syntax display bgp routing-table dampened View Any view Parameter None Huawei Technologies Proprietary 4-19...
Page 299 The route is learned from exterior gateway protocol (EGP). Short for INCOMPLETE: indicates that the original source of the route information is unknown (learned by other methods). BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE Huawei Technologies Proprietary 4-20...
Page 300: Display Bgp Routing-Table Different-Origin-As
For detailed description of the output information, see Table 5-6. 4.1.22 display bgp routing-table flap-info Syntax display bgp routing-table flap-info [ { regular-expression as-regular-expression } | { as-path-acl acl-number } | { network-address [ mask [ longer-match ] ] } ] View Any view Huawei Technologies Proprietary 4-21...
Page 301 The dampened route to the destination network 11.1.0.0 Source The nexthop of the route Keepup-time The time that route damping has continued Damping-lim The time before dampening turns invalid and the route can be reused. Flap-times The times of the route flap Huawei Technologies Proprietary 4-22...
Page 302: Display Bgp Routing-Table Peer
BGP peer advertised or received. Example # Display the routing information advertised by BGP peer 10.10.10.1. [Quidway] display bgp routing table peer 10.10.10.1 advertised Flags: # - valid, ^ - best, D - damped, H - history, Huawei Technologies Proprietary 4-23...
Page 303: Display Bgp Routing-Table Regular-Expression
S – aggregate suppressed Destination/Mask Pref Next-hop Local-Pref Origin Path -------------------------------------------------------------------- 1.1.1.0/24 10.10.10.1 1.1.2.0/24 10.10.10.1 1.1.3.0/24 10.10.10.1 2.2.3.0/24 10.10.10.1 4.4.4.0/24 10.10.10.1 9.9.9.0/24 10.10.10.1 10.10.10.0/24 256 10.10.10.1 For detailed description of the output information, see Table 5-6. Huawei Technologies Proprietary 4-24...
Page 304: Filter-Policy Export
[Quidway-bgp] filter-policy 2000 export 4.1.26 filter-policy import Syntax filter-policy gateway ip-prefix-name import undo filter-policy gateway ip-prefix-name import filter-policy { acl-number | ip-prefix ip-prefix-name } import undo filter-policy { acl-number | ip-prefix ip-prefix-name } import View BGP view Huawei Technologies Proprietary 4-25...
Page 305: Group
Then add all the peers to the peer group so that they have the same configuration as this peer group. Huawei Technologies Proprietary 4-26...
Page 306: Import-Route
# Import routes of RIP. [Quidway-bgp] import-route rip 4.1.29 ip as-path-acl Syntax ip as-path-acl acl-number { permit | deny } as-regular-expression undo ip as-path-acl acl-number View System view Parameter acl-number: Number of AS path list ranging from 1 to 199. Huawei Technologies Proprietary 4-27...
Page 307: Ip Community-List
Used not to send the matched route to any peer. no-export: Does not announce the route to the AS or the association outside, but can advertise to other sub-ASs. as-regular-expression: Community attribute of the regular expression. Huawei Technologies Proprietary 4-28...
Page 308: Network
BGP. Using undo network command, you can cancel the existing configuration. By default, there is no networks sent through BGP Example # Advertise routes to network segment 10.0.0.0/16. [Quidway-bgp] network 10.0.0.0 255.255.0.0 4.1.32 peer advertise-community Syntax peer { group-name | peer-address } advertise-community Huawei Technologies Proprietary 4-29...
Page 309: Peer Allow-As-Loop
Using peer allow-as-loop command, you can configure the repeating time of local AS. Using undo peer allow-as-loop command, you can remove the repeating time of local For the related commands, see display current-configuration, display bgp routing-table peer, display bgp routing-table group Huawei Technologies Proprietary 4-30...
Page 310: Peer As-Number
{ group-name | peer-address } as-path-acl acl-number { import | export } undo peer { group-name | peer-address } as-path-acl acl-number { import | export } View BGP view Parameter group-name: Specify name of the peer group. peer-address: Specify IP address of the peer. Huawei Technologies Proprietary 4-31...
Page 311: Peer Connect-Interface
Usually, BGP uses the optimal route to update the source interface of the packets. However, you can set the mode of the interface to Loopback in order to send route updates even if the interface is not work normally. Huawei Technologies Proprietary 4-32...
Page 312: Peer Default-Route-Advertise
# Configure a peer group named test to generate a default route. [Quidway-bgp] peer test default-route-advertise 4.1.38 peer description Syntax peer { group-name | peer-address } description description-line undo peer { group-name | peer-address } description View BGP view Huawei Technologies Proprietary 4-33...
Page 313: Peer Ebgp-Max-Hop
Description Using peer ebgp-max-hop command, you can allow to establishing EBGP connection with the peer on indirectly connected network. Using undo peer ebgp-max-hop command, you can cancel the existing configuration. By default, this feature is disabled. Huawei Technologies Proprietary 4-34...
Page 314: Peer Enable
[Quidway-bgp] undo peer 18.10.0.9 enable 4.1.41 peer filter-policy Syntax peer { group-name | peer-address } filter-policy list-number { import | export } undo peer { group-name | peer-address } filter-policy list-number { import | export } View BGP view Huawei Technologies Proprietary 4-35...
Page 315: Peer Group
Then add all the peers to the peer group so that they have the same configuration as this peer group. Huawei Technologies Proprietary 4-36...
Page 316: Peer Ip-Prefix
# Configure the route filtering policy of the peer group based on the ip-prefix 1. [Quidway-bgp] peer group1 ip-prefix list1 export 4.1.44 peer next-hop-local Syntax peer { group-name | peer-address } next-hop-local undo peer { group-name | peer-address } next-hop-local Huawei Technologies Proprietary 4-37...
Page 317: Peer Password
24 characters in the event of inputting the password in cipher text mode when parameter cipher is configured in the command. Huawei Technologies Proprietary 4-38...
Page 318: Peer Public-As-Only
# Adopt MD5 authentication on the TCP connection set up between the local router at 10.1.100.1 and the peer router at 10.1.100.2. [Quidway-bgp] peer 10.1.100.2 password simple huawei # Perform the similar configuration on the peer. [Quidway-bgp] peer 10.1.100.1 password simple huawei 4.1.46 peer public-as-only...
Page 319: Peer Reflect-Client
[Quidway-bgp] peer test reflect-client 4.1.48 peer route-policy Syntax peer { group-name | peer-address } route-policy route-policy-name { import | export } undo peer { group-name | peer-address } route-policy route-policy-name { import | export } View BGP view Huawei Technologies Proprietary 4-40...
Page 320: Peer Route-Update-Interval
30 seconds for external peer/peer group. Description Using peer route-update-interval command, you can configure the interval for the transmission route of a peer/peer group. Using undo peer route-update-interval command, you can restore the interval to the default value. Huawei Technologies Proprietary 4-41...
Page 321: Peer Timer
The timer configured by using this command has a higher priority than the one configured by using the timer command. Example # Configure Keepalive and Holdtime intervals of the peer group “test”. [Quidway-bgp] peer test timer keep-alive 60 hold 180 4.1.51 reflect between-clients Syntax reflect between-clients undo reflect between-clients Huawei Technologies Proprietary 4-42...
Page 322: Reflector Cluster-Id
By default, each route reflector uses its Router ID as the cluster ID. For the related commands, see reflect between-clients, peer reflect-client. Example # Set the cluster ID of the route reflector as 80. Huawei Technologies Proprietary 4-43...
Page 323: Refresh Bgp
{ all | peer-address [ flap-info ] } View User view Parameter peer-address: Reset connection with a specified BGP peer. all: Reset all the connections with BGP. flap-info: Reset the flap-info of a record at this peer address. Huawei Technologies Proprietary 4-44...
Page 324: Reset Bgp Dampening
# Reset the route attenuation information of the specified route. <Quidway>reset bgp dampening 20.1.0.0 255.255.0.0 4.1.56 reset bgp flap-info Syntax reset bgp flap-info [ regular-expression as-regular-expression | as-path-acl acl-number } | network-address [ mask ] ] View User view Huawei Technologies Proprietary 4-45...
Page 325: Reset Bgp Group
Using reset bgp group command, you can reset the connections between the BGP and all the members of a group. For the related commands, see peer group. Example # Reset BGP connections of all members from group1. <Quidway> reset bgp group group1 4.1.58 summary automatic Syntax summary automatic Huawei Technologies Proprietary 4-46...
Page 326: Timer
Using timer command, you can configure the Keep-alive and Hold-time timer of BGP. Using undo timer command, you can restore the default value of the Keep-alive and Hold-time of the timer. Example # Configure the Keep-alive timer as 30 seconds and Hold-time timer as 90 seconds. Huawei Technologies Proprietary 4-47...
Page 327: Undo Synchronization
This command means BGP does not synchronize with IGP in current system. You need not configure it for S3500 Series Ethernet Switches don’t support synchronization of BGP and IGP at present. Example # Cancel the synchronization of BGP and IGP. [Quidway-bgp] undo synchronization Huawei Technologies Proprietary 4-48...
Page 328: Chapter 5 Ip Routing Policy Configuration Commands
AS sequence number added in front of the original AS path. By default, no AS number is set. If the match condition of Route-policy is matched, the AS attribute of the transmitting route will be changed. Huawei Technologies Proprietary...
Page 329: Apply Community
# Configure one Route-policy applycommunity, whose node serial number is 16 and match mode is permit, and enter Route policy view to set match conditions and attribute modification actions to be executed. [Quidway] route-policy applycommunity permit node 16 [Quidway-route-policy] if-match as-path 8 [Quidway-route-policy] apply community no-export Huawei Technologies Proprietary...
Page 330: Apply Cost
View Route policy View Parameter internal: Use the cost type of IGP as MED value of BGP to advertise route to EBGP peer. external: external cost type of IS-IS. S3500 series don’t support this parameter at present. Huawei Technologies Proprietary...
Page 331: Apply Ip Next-Hop
Example # Set the next hop address of route information as 193.1.1.8 when it is used for setting route information attribute. [Quidway-route-policy] apply ip next-hop 193.1.1.8 Huawei Technologies Proprietary...
Page 332: Apply Local-Preference
Set the BGP route information source as internal route egp: Set the BGP route information source as external route as-number: Specifies AS number of external route. incomplete: Setting the BGP route information source as unknown source. Huawei Technologies Proprietary...
Page 333: Apply Tag
Example # Define one apply sub-statement. When it is used for setting route information attribute, it sets the tag area of route information as 100. [Quidway-route-policy] apply tag 100 Huawei Technologies Proprietary...
Page 334: Display Ip Ip-Prefix
Mode: permit or deny ip-prefix / mask Address and network segment length of ip-prefix Greater-equal value of ip-prefix network segment length Less-equal value of ip-prefix network segment length 5.1.10 display route-policy Syntax display route-policy [ route-policy-name ] View Any view Huawei Technologies Proprietary...
Page 335: Filter-Policy Export
Number of routes not matching the conditions denied set by if-match clause 5.1.11 filter-policy export Syntax filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol ] undo filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol ] View Routing protocol view Huawei Technologies Proprietary...
Page 336: Filter-Policy Import
Parameter acl-number: The access control list number used for matching the destination address field of the routing information. ip-prefix ip-prefix-name: The prefix address list name. Its matching object is the destination address field of the routing information. Huawei Technologies Proprietary...
Page 337: If-Match { Acl | Ip-Prefix
Using if-match { acl | ip-prefix } command, you can configure the IP address range to match the Route-policy. Using undo if-match { acl | ip-prefix } command, you can cancel the setting of the match rule. Huawei Technologies Proprietary 5-10...
Page 338: If-Match As-Path
200. Then the route-policy named test is defined. The node No.10 of this route-policy defines a if-match sub-statement, which quotes the definition of as-path. [Quidway] ip as-path-acl 2 permit 100:200 [Quidway] route-policy test permit node 10 [Quidway-route-policy] if-match as-path 2 Huawei Technologies Proprietary 5-11...
Page 339: If-Match Community
The node No.10 of the route-policy defines a if-match sub-statement, which quotes the definition of the community-list. [Quidway] ip community-list 1 permit 100:200 [Quidway] route-policy test permit node 10 [Quidway-route-policy] if-match community 1 5.1.16 if-match cost Syntax if-match cost value undo if-match cost Huawei Technologies Proprietary 5-12...
Page 340: If-Match Interface
Using undo if-match interface command, you can cancel the setting of matching condition. By default, no if-match sub-statement is defined. It matches the corresponding interface of route next hop when filtering route. Huawei Technologies Proprietary 5-13...
Page 341: If-Match Ip Next-Hop
Example # Define a if-match sub-statement. It permits the routing information, whose route next hop address passes the filtration of the prefix address list p1, to pass this if-match sub-statement. [Quidway-route-policy] if-match ip next-hop ip-prefix p1 Huawei Technologies Proprietary 5-14...
Page 342: If-Match Tag
View System view Parameter ip-prefix-name: The specified address prefix list name. It identifies one address prefix list uniquely. index-number: Identify an item in the prefix address list. The item with smaller index-number will be tested first. Huawei Technologies Proprietary 5-15...
Page 343: Route-Policy
[Quidway] ip ip-prefix p1 permit 10.0.192.0 8 greater-equal 17 less-equal 18 5.1.21 route-policy Syntax route-policy route-policy-name { permit | deny } node { node-number } undo route-policy route-policy-name [ permit | deny | node node-number ] Huawei Technologies Proprietary 5-16...
Page 344 Example # Configured one Route-policy policy1, whose node number is 10 and if-match mode is permit, and enter Route policy view. [Quidway] route-policy policy1 permit node 10 [Quidway-route-policy] Huawei Technologies Proprietary 5-17...
Page 345: Chapter 6 Route Capacity Configuration Commands
System Total The total number of the Ethernet switch memory in byte. Memory(bytes) Total Used The total number of the used Ethernet switch memory in byte. Memory(bytes) Used Rate The used rate of the Ethernet switch memory Huawei Technologies Proprietary...
Page 346: Display Memory Limit
The information displayed by this command includes the Ethernet switch memory limit, the size of the idle memory, the times of the connection disconnecting, the times of the connection reestablishment and the current state. The displayed information is described specifically in the following table: Huawei Technologies Proprietary...
Page 347: Memory Auto-Establish Disable
By default, when the idle memory of the Ethernet switch recovers to a safety value, connections of all the routing protocols will always recover (when the idle memory of the Ethernet switch reduces to a lower limit, the connection will be disconnected forcibly). You shall use the command cautiously. Huawei Technologies Proprietary...
Page 348: Memory Auto-Establish Enable
# Enable memory resume of the current Ethernet switch and recover connections of all the protocols automatically. [Quidway] memory auto-establish enable 6.1.5 memory { safety | limit } Syntax memory { safety safety-value | limit limit-value }* undo memory [ safety | limit ] Huawei Technologies Proprietary...
Page 349 For the related commands, see memory auto-establish disable, memory auto-establish enable and display memory limit. Example # Set the lower limit of the Ethernet switch idle memory to 1Mbytes and the safety value to 3Mbytes. [Quidway] memory safety 3 limit 1 Huawei Technologies Proprietary...
Page 350 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Multicast Huawei Technologies Proprietary...
Page 351 4.1.1 debugging igmp....................... 4-1 4.1.2 display igmp group ....................4-1 4.1.3 display igmp interface ..................... 4-2 4.1.4 display igmp port ..................... 4-3 4.1.5 igmp group-policy....................4-4 4.1.6 igmp group-policy vlan .................... 4-5 4.1.7 igmp host-join ......................4-6 Huawei Technologies Proprietary...
Page 352 Chapter 6 Multicast VLAN Configuration Commands ............... 6-1 6.1 Multicast VLAN Configuration Commands ................ 6-1 6.1.1 service-type multicast....................6-1 Chapter 7 Multicast MAC Address Configuration Commands ..........7-1 7.1 Multicast MAC Address Configuration Commands ............7-1 7.1.1 mac-address multicast .................... 7-1 Huawei Technologies Proprietary...
Page 353: Chapter 1 Gmrp Configuration Commands
Table 1-1 Description of information generated by the command debugging gmrp event Field Description GMRP: Max number of GMRP Maximum number of entries reached for GMRP entries reached local database 1.1.2 display gmrp statistics Syntax display gmrp statistics [ interface interface-list ] Huawei Technologies Proprietary...
Page 354: Display Gmrp Status
1.1.3 display gmrp status Syntax display gmrp status View Any view Parameter None Description Using display gmrp status command, you can view the status of global GMRP. This command can be used for displaying the enabled/disabled status of global GMRP. Huawei Technologies Proprietary...
Page 355: Gmrp
Ethernet port view, GMRP will be enabled on a port. Before enabling GMRP on a port, you shall enable GMRP globally. For the related command, see display gmrp status, display gmrp statistics. Example # Enable GMRP globally. [Quidway] gmrp Huawei Technologies Proprietary...
Page 356: Chapter 2 Igmp Snooping Configuration Commands
# Display the IGMP Snooping configuration information of the switch. <Quidway> display igmp-snooping configuration Enable IGMP-Snooping. The router port timeout is 300 second(s). The max response timeout is 50 second(s). The member port timeout is 500 second(s). Huawei Technologies Proprietary...
Page 357: Display Igmp-Snooping Group
IP group(s):the following ip group(s) match to one mac group. IP group address:230.45.45.1 Member port(s):Ethernet0/12 MAC group(s): MAC group address:01-00-5e-2d-2d-01 Member port(s):Ethernet0/12 We can know from the information listed above that : There is a multicast group in VLAN 2; The router port is Ethernet 0/1; Huawei Technologies Proprietary...
Page 358: Display Igmp-Snooping Statistics
Received IGMP V1 report packet(s) number:0. Received IGMP V2 report packet(s) number:0. Received IGMP leave packet(s) number:0. Received error IGMP packet(s) number:0. Sent IGMP specific query packet(s) number:0. 2.1.4 igmp-snooping Syntax igmp-snooping { enable | disable } Huawei Technologies Proprietary...
Page 359: Igmp-Snooping Fast-Leave
After waiting for a period of time, if it receives no respond, igmp-snooping then removes the port form the group. By configuring this command, igmp-snooping Huawei Technologies Proprietary...
Page 360: Igmp-Snooping Group-Limit
By default, the maximum number of multicast groups permited on a port is unlimited. Example # Set the maximum number of multicast groups permited on Ethernet0/1 is 256. [Quidway-Ethernet0/1] igmp-snooping group-limit 256 2.1.7 igmp-snooping group-policy Syntax igmp-snooping group-policy acl_number vlan vlanid undo igmp-snooping group-policy vlan vlanid View Ethernet port view Huawei Technologies Proprietary...
Page 361 Most devices just broadcast unknown multicast packets, s o to prevent the case where multicast data flow is sent as unknown multicast packets to the filtered ports, this function is generally configured in combination with the unknown multicast dropping function. For the related command, see unknown-multicast drop enable. Huawei Technologies Proprietary...
Page 362: Igmp-Snooping Host-Aging-Time
2.1.8 igmp-snooping host-aging-time Syntax igmp-snooping host-aging-time seconds undo igmp-snooping host-aging-time View System view Parameter seconds: Specifies the port aging time of the multicast group member, ranging from 200 to 1000 and measured in seconds; By default, 260. Huawei Technologies Proprietary...
Page 363: Igmp-Snooping Max-Response-Time
The set maximum response time decides the time limit for the switch to respond to IGMP Snooping general query packets. For the related command, see igmp-snooping, igmp-snooping router-aging-time. Example # Configure to respond the IGMP Snooping packet within 50s. [Quidway] igmp-snooping max-response-time 50 Huawei Technologies Proprietary...
Page 364: Igmp-Snooping Router-Aging-Time
# Set the aging time of the IGMP Snooping router port to 500 seconds. [Quidway] igmp-snooping router-aging-time 500 2.1.11 reset igmp-snooping statistics Syntax reset igmp-snooping statistics View User view Parameter None Description Using reset igmp-snooping statistics command, you can reset the IGMP Snooping statistics information. Huawei Technologies Proprietary...
Page 365 Command Manual - Multicast Quidway S3500 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Commands For the related command, see igmp-snooping. Example # Clear IGMP Snooping statistics information. <Quidway> reset igmp-snooping statistics Huawei Technologies Proprietary 2-10...
Page 366: Chapter 3 Multicast Common Configuration Commands
By default, the debugging function is disabled. Example # Enable multicast packet forwarding debugging functions. <Quidway> debugging multicast forwarding 3.1.2 debugging multicast kernel-routing Syntax debugging multicast kernel-routing undo debugging multicast kernel-routing View User view Parameter None Huawei Technologies Proprietary...
Page 367: Debugging Multicast Status-Forwarding
3.1.4 display multicast forwarding-table Syntax display multicast forwarding-table [ group-address [ mask { mask | mask-length } ] | source-address [ mask { mask | mask-length } ] | incoming-interface { interface-type interface-number | register } ]* View Any view Huawei Technologies Proprietary...
Page 368 Table 3-1 Description of information generated by the command display multicast forwarding-table Field Description Multicast Forwarding Cache Table Multicast forwarding cache table Total 2 entries Total number of entries 00002 Sequence number of entries (4.4.4.4, 224.2.149.17) (s,g) Huawei Technologies Proprietary...
Page 369: Display Multicast Routing-Table
Register interface of PIM-SM. Description Using display multicast routing-table command, you can view the information of IP multicast routing table. This command displays the multicast routing table information, while the display multicast forwarding-table command displays the multicast forwarding table information. Huawei Technologies Proprietary...
Page 370 Downstream interface list: Downstream interface list: has an interface Vlan-interface 2 (its IP address Vlan-interface2(2.2.2.4), Protocol is 2.2.2.4). The downstream interface is 0x1: IGMP configured with IGMP groups. Matched 3 entries 3 entries in total meeting the requirement Huawei Technologies Proprietary...
Page 371: Display Multicast Vif
Multicast virtual interface Vlan-interface 1, LclAddr:4.4.4.6, RmtAddr:0.0.0.0 (IP address 4.4.4.6) In 16 pkts(18691 bytes), Out 0 pkts(0 16 received packets (18691 bytes); 0 bytes) forwarded packets (0 bytes) 3.1.7 multicast routing-enable Syntax multicast routing-enable undo multicast routing-enable Huawei Technologies Proprietary...
Page 372 IP multicast routing. By default, IP multicast routing is disabled. For the related commands, see pim dm and pim sm. Example # Enable IP multicast routing. <Quidway> system-view [Quidway] multicast routing-enable Huawei Technologies Proprietary...
Page 373: Chapter 4 Igmp Configuration Commands
By default, IGMP debugging functions are disabled. Example # Enable all IGMP debugging functions <Quidway> debugging igmp all 4.1.2 display igmp group Syntax display igmp group [ group-address | interface interface-type interface-number ] View Any view Huawei Technologies Proprietary...
Page 374: Display Igmp Interface
Time passed since multicast group is discovered (hh: mm: ss). Specifies when the member will be removed from the multicast Expires group (hh: mm: ss). 4.1.3 display igmp interface Syntax display igmp interface [ interface-type interface-number ] View Any view Huawei Technologies Proprietary...
Page 375: Display Igmp Port
If no parameter is specified, this command displays the information of all the ports. The IGMP configuration information of all the ports will be displayed. For the related command, see igmp host-join, igmp group-policy. Huawei Technologies Proprietary...
Page 376: Igmp Group-Policy
Description Using igmp group-policy command, you can set the filter of multicast groups on an interface to control the accessing to the IP multicast groups. Using undo igmp group-policy command, you can remove the filter configured. Huawei Technologies Proprietary...
Page 377: Igmp Group-Policy Vlan
VLAN, and the IGMP protocol must be enabled on this port; otherwise, the configuration does not function. For the related command, see igmp host-join, igmp host-join vlan, igmp host-join port. Huawei Technologies Proprietary...
Page 378: Igmp Host-Join
Example # Add port Ethernet 0/1 in VLAN-interface10 to the multicast group at 225.0.0.1. [Quidway-Vlan-interface10] igmp host-join 225.0.0.1 port Ethernet 0/1 4.1.8 igmp host-join vlan Syntax igmp host-join group-address vlan vlanid undo igmp host-join group-address vlan vlanid Huawei Technologies Proprietary...
Page 379: Igmp Max-Response-Time
4.1.9 igmp max-response-time Syntax igmp max-response-time seconds undo igmp max-response-time View Interface view Parameter seconds: Maximum response time in the IGMP query messages in second in the range from 1 to 25. By default, the value is 10 seconds. Huawei Technologies Proprietary...
Page 380: Igmp Timer Other-Querier-Present
In IGMP version 1, the selection of a query is determined by the multicast routing protocol. In IGMP version 2, the router with the lowest IP address on the shared network segment acts as the querier. For the related commands, see igmp timer query and display igmp interface. Huawei Technologies Proprietary...
Page 381: Igmp Timer Query
For the related command, see igmp timer other-querier-present. Example # Configure to transmit the host-query message every 60 seconds via VLAN-interface2. [Quidway-Vlan-interface2] igmp timer query 60 4.1.12 igmp version Syntax igmp version { 1 | 2 } undo igmp version View Interface view Huawei Technologies Proprietary...
Page 382 All routers on a subnet must support the same version of IGMP. After detecting the presence of IGMP Version 1 system, a router cannot automatically switch to Version 1. Example # Run IGMP Version 1 on VLAN-interface10. [Quidway-Vlan-interface10] igmp version 1 Huawei Technologies Proprietary 4-10...
Page 383: Chapter 5 Pim Configuration Commands
For the related command, see pim sm. Example # Configure the Ethernet switch as C-BSR with priority 2 (and the C-BSR address is designated as the IP address of VLAN-interface10). [Quidway] pim [Quidway-pim] c-bsr vlan-interface 10 24 2 Huawei Technologies Proprietary...
Page 384: C-Rp
[Quidway-pim] c-rp vlan-interface 10 group-policy 2000 5.1.3 debugging pim common Syntax debugging pim common { all | event | packet | timer } undo debugging pim common { all | event | packet | timer } View User view Huawei Technologies Proprietary...
Page 385: Debugging Pim Dm
PIM-DM timer. warning: debugging information of PIM-DM warning message. recv: debugging information of PIM-DM receiving packets. send: debugging information of PIM-DM sending packets. assert | graft | graft-ack | join | prune: packets type. Huawei Technologies Proprietary...
Page 386: Debugging Pim Sm
Using debugging pim sm command, you can enable PIM-SM debugging functions. Using undo debugging pim sm command, you can disable the debugging functions. By default, PIM-SM debugging functions are disabled. Example # Enable all PIM-SM debugging functions <Quidway> debugging pim sm all Huawei Technologies Proprietary...
Page 387: Display Pim Bsr-Info
Table 5-1 Output description of the display pim bsr-info command Field Description Boot trap router Priority Priority of BSR Mask Length: 30 Length of mask Expires: 00:01:55 Expire time 5.1.7 display pim interface Syntax display pim interface [ interface interface-type interface-number ] View Any view Huawei Technologies Proprietary...
Page 388: Display Pim Neighbor
PIM query interval Hello packet interval PIM DR Designated router 5.1.8 display pim neighbor Syntax display pim neighbor [ interface interface-type interface-number ] View Any view Parameter interface-type interface-number: Interface type and interface number, used to specify the interface. Huawei Technologies Proprietary...
Page 389: Display Pim Routing-Table
IP address of the multicast source. incoming-interface interface-type interface-number: Route entry with the specified incoming interface. null: Specifies the incoming interface type as Null. dense-mode: Specifies the multicast routing protocol as PIM-DM. sparse-mode: Specifies the multicast routing protocol as PIM-SM. Huawei Technologies Proprietary...
Page 390: Display Pim Rp-Info
Table 5-4 Output description about PIM routing table Field Description Rendezvous Point (S,G) (source address, multicast group) PIM-SM PIM Sparse Mode Shortest Path Tree Reverse Path Forwarding 5.1.10 display pim rp-info Syntax display pim rp-info [ group-address ] Huawei Technologies Proprietary...
Page 391: Pim
Priority: 0 Uptime: 00:39:50 Expires: 00:01:40 5.1.11 pim Syntax undo pim View System view Parameter None Description Using pim command, you can enter the PIM view. Using undo pim command, you can clear the configurations in PIM view. Huawei Technologies Proprietary...
Page 392: Pim Bsr-Boundary
BSR domains. By default, no domain border is set. For the related command, see c-bsr. Example # Configure domain border on VLAN-interface10. [Quidway-Vlan-interface10] pim bsr-boundary 5.1.13 pim dm Syntax pim dm undo pim dm Huawei Technologies Proprietary 5-10...
Page 393: Pim Sm
PIM-SM protocol. By default, PIM-SM is disabled. Once enabled PIM-SM on an interface, PIM-DM cannot be enabled on the same interface and vice versa. Example # Enable PIM-SM on VLAN-interface10. [Quidway-Vlan-interface10] pim sm Huawei Technologies Proprietary 5-11...
Page 394: Pim Timer Hello
Using register-policy command, you can configure a RP to filter the register messages sent by the DR in the PIM-SM network and to accept the specified messages only. Using undo register-policy command, you can remove the configured message filtering. Huawei Technologies Proprietary 5-12...
Page 395: Spt-Switch-Threshold
PIM leaf router switches from the RPT to the SPT. Using undo spt-switch-threshold command, you can restore the default setting. Example # Configure the threshold for switching from RPT to source SPT as 0kbps. [Quidway] pim [Quidway-pim] spt-switch-threshold 0 Huawei Technologies Proprietary 5-13...
Page 396: Static-Rp
The new configuration overwrites the old one if you run the command for a second time. For related command, see display pim rp-info. Example # Configure 10.110.0.6 as a static RP. [Quidway] multicast routing-enable [Quidway] pim [Quidway-pim] static-rp 10.110.0.6 Huawei Technologies Proprietary 5-14...
Page 397: Chapter 6 Multicast Vlan Configuration Commands
VLAN, and therefore the bandwidth is saved. Additionally, the absolute isolation between the multicast VLAN and the user VLANs guarantees the security of the network. Example # Set VLAN 2 to multicast VLAN. <Quidway> system-view [Quidway] vlan 2 [Quidway-vlan2] service-type multicast Huawei Technologies Proprietary...
Page 398: Chapter 7 Multicast Mac Address Configuration Commands
# Create a multicast MAC address entry on the switch, with its multicast address as 0100-5e0a-0805, forwarding port as Ethernet 1/0/1 and it belonging to VLAN1. <Quidway> system-view System View: return to User View with Ctrl+Z. [Quidway] mac-address multicast 0100-5e0a-0805 interface Ethernet 1/0/1 vlan Huawei Technologies Proprietary...
Page 399 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual QoS/ACL Huawei Technologies Proprietary...
Page 400 1.3.11 time-range ......................1-39 Chapter 2 QoS Commands......................2-1 2.1 QoS Configuration Commands List of S3526 Series Switches......... 2-1 2.1.1 display qos cos-local-precedence-map..............2-1 2.1.2 display qos-global all....................2-1 2.1.3 display qos-global mirrored-to................. 2-3 2.1.4 display qos-global traffic-priority................2-4 Huawei Technologies Proprietary...
Page 401 2.3.3 display qos cos-drop-precedence-map..............2-39 2.3.4 display qos cos-local-precedence-map..............2-39 2.3.5 display qos-global all..................... 2-40 2.3.6 display qos-interface all..................2-40 2.3.7 display qos-interface drop-mode................2-41 2.3.8 display qos-interface queue-scheduler ..............2-41 2.3.9 display qos-interface traffic-shape ................ 2-43 Huawei Technologies Proprietary...
Page 402 Chapter 3 Logon user’s ACL control commands ..............3-1 3.1 Logon user’s ACL control commands................3-1 3.1.1 acl..........................3-1 3.1.2 ip http acl ......................... 3-1 3.1.3 snmp-agent community................... 3-2 3.1.4 snmp-agent group ....................3-3 3.1.5 snmp-agent usm-user ..................... 3-4 Huawei Technologies Proprietary...
Page 403: Chapter 1 Acl Commands
Using acl command, you can configure a numbered or named ACL, and enter the corresponding ACL view. Using undo acl command, you can cancel all the rules of a numbered or named ACL or all the ACLs. By default, the ACLs are matched in config order. Huawei Technologies Proprietary...
Page 404 For related configurations, refer to the command rule. Example # Configure to follow depth-first order to match the rules of ACL 1. [Quidway] acl number 1 match-order auto Huawei Technologies Proprietary...
Page 405: Display Acl Config
10.0.0.1 0 (0 times matched) Basic ACL 2020, 1 rule, rule 2 permit 20.0.0.1 0 (0 times matched) Basic ACL std1, 2 rules, rule 1 permit 20.0.0.1 0 (0 times matched) rule 2 permit 30.0.0.1 0 (0 times matched) Huawei Technologies Proprietary...
Page 406: Display Acl Running-Packet-Filter All
<Quidway> display acl running-packet-filter all acl std1 rule 0 running acl std1 rule 1 running The display information shows all the activated ACLs of the switch. 1.1.4 display time-range Syntax display time-range { all | name } View Any view Huawei Technologies Proprietary...
Page 407 , the last time is the ending time. # Display the time range named tm1. <Quidway> display time-range tm1 Current time is 14:37:31 4-3-2003 Thursday Time-range : tm1 ( Inactive ) from 08:30 2-5-2005 to 18:00 2-19-2005 Huawei Technologies Proprietary...
Page 408: Packet-Filter
ACL will be activated. Description Using packet-filter command, you can activate the ACL. Using undo packet-filter command, you can disable the ACL. Example # Activate ACL 2000. [Quidway] packet-filter ip-group 2000 Huawei Technologies Proprietary...
Page 409: Reset Acl Counter
Commonly, this command is used reset traffic-statistic to reset the statistics information of the traffic-statistic command. Example # Clear the statistics information of ACL 2000. <Quidway> reset acl counter 2000 Huawei Technologies Proprietary...
Page 410: Rule
Name of a time range, during which a rule takes effect. Note: The following parameters are attributes carried by the data packets. The ACL rules are defined according to the values of these parameters. The parameter for define a basic ACL Huawei Technologies Proprietary...
Page 411 ICMP packet. type specifies the ICMP packet type with a number in the range of 0 to 255 or characters. code, ranging from 0 to 255, is used for icmp when ICMP packet type are not specified with characters. Huawei Technologies Proprietary...
Page 412 S3526 has some restrictions on ACL configuration in implementing QOS function using traffic classification. The restriction details are listed in the following table. Huawei Technologies Proprietary 1-10...
Page 413 } [ rule rule ] } ANY-NET. local-precedence pre-value For the ACL used in priority tag, if the destination addresses destination MAC addresses for two rules are the same, the new rule will overwrite the previous one. Huawei Technologies Proprietary 1-11...
Page 414 MAC-any stands for lay-2 ACL rule from source MAC address to any destination MAC address, such as “rule 0 permit ingress 00e0-fc01-0101 1 egress any time-range huawei”, and so do any-MAC, IP-any, any-IP, NET-any and any-NET rules. For the MAC-MAC rule, the source and destination MAC addresses must be configured in the same VLAN.
Page 415: Time-Range
End time of the special time range, format as hh:mm. days-of-the-week: Determines in which day(s) of a week in the special time range a command takes effect. You can specify this parameter with any of the following values. Numbers (ranging from 0 to 6); Huawei Technologies Proprietary 1-13...
Page 416: Acl Configuration Command List Of S3526E And S3526C
{ number acl-number | name acl-name | all } View System view Parameter number acl-number: Access list number, ranging from: 2000 to 2999: Basic ACL. 3000 to 3999: Advanced ACL. 4000 to 4999: L2 ACL. 5000 to 5999: User-defined ACL. Huawei Technologies Proprietary 1-14...
Page 417 An ACL is configured with multiple sub-rules. The latest S3526E and S3526C sub-rule will be matched first. For related configurations, refer to the command rule. Example # Configure to follow depth-first order to match the rules of ACL 2000. Huawei Technologies Proprietary 1-15...
Page 418: Display Acl Config
10.0.0.1 0 (0 times matched) Basic ACL 2020, 1 rule, rule 2 permit 20.0.0.1 0 (0 times matched) Basic ACL std1, 2 rules, rule 1 permit 20.0.0.1 0 (0 times matched) rule 2 permit 30.0.0.1 0 (0 times matched) Huawei Technologies Proprietary 1-16...
Page 419: Display Acl Running-Packet-Filter All
<Quidway> display acl running-packet-filter all acl std1 rule 0 running acl std1 rule 1 running The display information shows all the activated ACLs of the switch. 1.2.4 display time-range Syntax display time-range { all | name } View Any view Huawei Technologies Proprietary 1-17...
Page 420 , the last time is the ending time. # Display the time range named tm1. <Quidway> display time-range tm1 Current time is 14:37:31 4-3-2003 Thursday Time-range : tm1 ( Inactive ) from 08:30 2-5-2005 to 18:00 2-19-2005 Huawei Technologies Proprietary 1-18...
Page 421: Packet-Filter
English letters (that is [a to z, A to Z]), excluding space and quotation marks. rule rule: Specifies the rule in the ACL to be activated, ranging from 0 to 127. If it is not specified, all the rules in the ACL will be activated. Huawei Technologies Proprietary 1-19...
Page 422: Reset Acl Counter
The case includes: ACL cited by route policy function, ACL used for control logon user, etc. The ACL number ranges from 2000 to 3999. Huawei Technologies Proprietary 1-20...
Page 423: Rule
{ interface-name | interface-type interface-num } }* | any } ] [ time-range name ] undo rule rule-id IV. define/delete a rule for user-defined acl rule [ rule-id ] { permit | deny } { rule-string rule-mask offset }&<1-8> [ time-range name ] undo rule rule-id Huawei Technologies Proprietary 1-21...
Page 424 UDP. port1 [ port2 ]: TCP or UDP port number of packets, expressed with characters or numbers. The numbers are in the range of 0 to 65535 and refer to mnemonic symbol table for character values. Huawei Technologies Proprietary 1-22...
Page 425 32 bits (corresponding to the 0s in wildcard) of the destination MAC address. interface { interface-name | interface-type interface-num } the L2 port forwarding the packets. any represents all the packets forwarded by all the ports. The parameter of user-defined ACL Huawei Technologies Proprietary 1-23...
Page 426: Time-Range
] [ to end-time end-date ] | from start-time start-date [ to end-time end-date ] } undo time-range time-name [ start-time to end-time days-of-the-week [ from start-time start-date ] [ to end-time end-date ] | from start-time start-date [ to end-time end-date ] ] View System view Huawei Technologies Proprietary 1-24...
Page 427: Acl Configuration Command List Of S3552 Series Switches
S3552 Series Ethernet Switches include S3552G, S3552P, S3528G, and S3528P Ethernet Switches. 1.3.1 acl Syntax acl { number acl-number | name acl-name [advanced | basic | link ] } [ match-order { config | auto } ] Huawei Technologies Proprietary 1-25...
Page 428 ACL is cited by software to filter and classify data. Due the chips installed, the hardware match order of ACL’s sub-rule is different in different switch models. The details are listed in the following table. Huawei Technologies Proprietary 1-26...
Page 429: Display Acl Config
Example # Display the content of all the ACLs. <Quidway> display acl config all Basic ACL 2010, 1 rule, rule 1 permit 10.0.0.1 0 (0 times matched) Basic ACL 2020, 1 rule, Huawei Technologies Proprietary 1-27...
Page 430: Display Acl Running-Packet-Filter All
# Display the ACL running state on all the interfaces. <Quidway> display acl running-packet-filter all acl std1 rule 0 running acl std1 rule 1 running The display information shows all the activated ACLs of the switch. Huawei Technologies Proprietary 1-28...
Page 431: Display Flow-Template
Configures to display all the time range. name: Specifies the name of the time range. Description Using display time-range command, you can view the configuration and status of the current time range. You will see the active or inactive state outputs respectively. Huawei Technologies Proprietary 1-29...
Page 432 08:30 2-5-2005 The content of time-range: the first time is the 18:00 2-19-2005 beginning time , the last time is the ending time. Huawei Technologies Proprietary 1-30...
Page 433: Flow-Template User-Defined
Destination MAC domain in the Ethernet packet header, in the length of 6 bytes. dport: Destination port domain, in the length of 2 bytes. dscp: DSCP domain in the IP packet header, in the length of 1 byte. Huawei Technologies Proprietary 1-31...
Page 434 The dscp, ip-precedence and tos fields jointly occupy one byte. One byte is occupied no matter you define one, two or three of these fields. The fragment field is 0 in length in flow template, so it can be ignored in calculating the total length of template elements. Huawei Technologies Proprietary 1-32...
Page 435: Packet-Filter
ACL, only the rules including these elements defined in template can be sent to target hardware and referenced for such QoS functions as packet filtering, traffic policing, priority re-labeling. Otherwise, the rules cannot be activated on the hardware. The ACL combined mode is following. Huawei Technologies Proprietary 1-33...
Page 436 This command supports activating the Layer-2 and Layer-3 ACLs. However the actions of the ACLs should be consistent. If the actions conflict (one is permit and the other is deny), they cannot be activated. Example # Activate ACL 2000 on Ethernet0/1. [Quidway-Ethernet0/1] packet-filter ip-group 2000 Huawei Technologies Proprietary 1-34...
Page 437: Reset Acl Counter
Commonly, this command is used to reset the statistics information of the traffic-statistic command. Example # Clear the statistics information of ACL 2000. <Quidway> reset acl counter 2000 Huawei Technologies Proprietary 1-35...
Page 438: Rule
Name of a time range, during which a rule takes effect. Note: The following parameters are attributes carried by the data packets. The ACL rules are defined according to the values of these parameters. The parameter for define a basic ACL Huawei Technologies Proprietary 1-36...
Page 439 S3552 series switch does not support icmp-type type code parameters when configure ACL rules. established: Used when protocol is tcp to indicate that the rule takes effect on the first SYN packet to establish TCP connection. Huawei Technologies Proprietary 1-37...
Page 440 [Quidway-acl-adv-3000] rule 1 permit tcp established source 1.1.1.1 0 destination 2.2.2.2 0 # Add a rule to a basic ACL. [Quidway-acl-basic-2000] rule 1 permit source 1.1.1.1 0 fragment # Add a rule to an L2 ACL. [Quidway-acl-link-4000] rule 1 permit ingress 1 egress any Huawei Technologies Proprietary 1-38...
Page 441: Time-Range
Example # Configure a time range being effective since zero hour on January 1, 2000 and forever. [Quidway] time-range test from 0:0 1-1-2000 Huawei Technologies Proprietary 1-39...
Page 442: Chapter 2 Qos Commands
Description Using display cos-local-precedence-map command, view “COS->Local-precedence” map. Example # Display “COS->Local -precedence” map. <Quidway> display qos cos-local-precedence-map cos-local-precedence-map: cos : ------------------------------------------------------------------------- local-precedence : 2.1.2 display qos-global all Syntax display qos-global all View Any view Parameter None Huawei Technologies Proprietary...
Page 443 Priority action: Local precedence 0 traffic. Matches: acl std1 rule 1 running “Priority action: Local precedence 0” indicates the action of resetting the priority Priority action: Local precedence 0 of the packets matching the classification rule. Huawei Technologies Proprietary...
Page 444: Display Qos-Global Mirrored-To
ACL of traffic to be mirrored and the observing port. For the related command, see mirrored-to. Example # Display the settings of traffic mirror. <Quidway> display qos-global mirrored-to mirrored-to Matches: acl std1 rule 0 running Mirrored to: Ethernet0/1 Huawei Technologies Proprietary...
Page 445: Display Qos-Global Traffic-Priority
For the related command, see traffic-priority. Example # Display the settings of traffic priority. <Quidway> display qos-global traffic-priority traffic-priority Matches: acl std1 rule 0 running Priority action: Local precedence 0 Matches: acl std1 rule 1 running Priority action: Local precedence 0 Huawei Technologies Proprietary...
Page 446: Display Qos-Global Traffic-Statistic
For the related command, see traffic-statistic. Example # Display the traffic statistics information. <Quidway> display qos-global traffic-statistic traffic-statistic Matches: acl std1 rule 0 running 0 packets Matches: acl std1 rule 1 running Huawei Technologies Proprietary...
Page 447: Display Qos-Interface Queue-Scheduler
For the related command, see queue-scheduler. Example # Display the queue scheduling mode and parameters. <Quidway> display qos-interface queue-scheduler Queue scheduling mode: strict-priority The display information shows the queue scheduling mode of the switch is strict-priority. Huawei Technologies Proprietary...
Page 448: Mirrored-To
For the related command, see display qos-global mirrored-to. Example # Mirrors the packets matching the ACL 2000 rules, whose action is permit, to the port Ethernet0/1. [Quidway] mirrored-to ip-group 2000 interface e0/1 Huawei Technologies Proprietary...
Page 449: Priority
Example # Set the priority of Ethernet0/1 port to 7. [Quidway-Ethernet0/1] priority 7 2.1.9 priority trust Syntax priority trust undo priority View Ethernet port view Parameter None Huawei Technologies Proprietary...
Page 450: Qos Cos-Local-Precedence-Map
Specifies the mapping value of “COS 3->local-prec”, which ranges from 0 to 7. cos4-map-local-prec: Specifies the mapping value of “COS 4->local-prec”, which ranges from 0 to 7. cos5-map-local-prec: Specifies the mapping value of “COS 5->local-prec”, which ranges from 0 to 7. Huawei Technologies Proprietary...
Page 451 If needed, you can change “COS->Local-precedence” map using the command. Example # Configure “COS->Local-precedence” map. [Quidway] qos cos-local-precedence-map 0 1 2 3 4 5 6 7 After the configuration, the “COS->Local-precedence” map is shown in Table 1-6. Table 2-6 “COS->Local-precedence” map COS Value Local Precedence Huawei Technologies Proprietary 2-10...
Page 452 For WRR, the sum of all the weights should equal 100. For the related command, see display qos-interface queue-scheduler. Example # Configure to perform WRR with the weights of the four queues as 20, 20, 30 and 30 respectively. [Quidway-Ethernet0/1] queue-scheduler wrr 20 20 30 30 Huawei Technologies Proprietary 2-11...
Page 453: Reset Traffic-Statistic
Reset statistic information of traffic. This command is used in the case of filtering or classifying the data transmitted by the reset traffic-statistic hardware of switch. Commonly, this command is used to reset the statistics information of the traffic-statistic command. Huawei Technologies Proprietary 2-12...
Page 454: Traffic-Priority
For the related command, see display qos-global traffic-priority. Example # Marks the priority for the packets matching the permit rules of ACL 2000. It sets the local preference to 0: [Quidway] traffic-priority ip-group 2000 local-precedence 0 Huawei Technologies Proprietary 2-13...
Page 455: Traffic-Statistic
For the related command, see display qos-global traffic-statistic. Note: S3526, S3026 FM, S3026 FS only support the statistics for the data matching the IP-IP or MAC-MAC rule. Example # Count the packets matching the ACL 2000 rules with action permit. Huawei Technologies Proprietary 2-14...
Page 456: Qos Configuration Commands List Of S3526E And S3526C
<Quidway> display qos cos-local-precedence-map cos-local-precedence-map: cos : ------------------------------------------------------------------------- local-precedence : 2.2.2 display qos-global all Syntax display qos-global all View Any view Parameter None Description Using display qos-global all command, you can view the settings of all the QoS parameters. Huawei Technologies Proprietary 2-15...
Page 457 Priority action: dscp ef the classification rule to the traffic. Matches: acl std1 rule 1 running “Priority action: dscp ef” indicates the action of resetting the priority of the packets matching Priority action: dscp ef the classification rule. Huawei Technologies Proprietary 2-16...
Page 458: Display Qos-Global Mirrored-To
Using display qos-global mirrored-to command, you can view the settings of the traffic mirror. This command is used for displaying the settings of traffic mirror. The information displayed includes the ACL of traffic to be mirrored and the observing port. For the related command, see mirrored-to. Huawei Technologies Proprietary 2-17...
Page 459: Display Qos-Global Traffic-Priority
This command is used for displaying the settings of traffic priority. The information displayed includes the ACL corresponding to the traffic tagged with priority, priority type and value. For the related command, see traffic-priority. Example # Display the settings of traffic priority. Huawei Technologies Proprietary 2-18...
Page 460: Display Qos-Global Traffic-Redirect
ACL corresponding to the traffic to be redirected, the destination port of redirection. For the related command, see traffic-redirect. Example # Display the settings of the redirection. <Quidway> display qos-global traffic-redirect traffic-redirect Matches: acl std1 rule 0 running Huawei Technologies Proprietary 2-19...
Page 461 The statistics information of traffic-statistic command includes the matched times of the transmitted data by switch. User can use display qos-global traffic-statistic command to display the statistics information. For the related command, see traffic-statistic. Example # Display the traffic statistics information. <Quidway> display qos-global traffic-statistic Huawei Technologies Proprietary 2-20...
Page 462: Display Qos-Interface All
If you set the port parameters, the configuration information about the specified port will be displayed. Example # Display the QoS settings of all the ports. <Quidway> display qos-interface all Huawei Technologies Proprietary 2-21...
Page 463: Display Qos-Interface Line-Rate
| interface-type interface-num: Specifies a port of the switch. For detailed information, refer to the port command manual. Description Using display qos-interface line-rate command, you can view the settings of outgoing line rate on the port. Huawei Technologies Proprietary 2-22...
Page 464: Display Qos-Interface Traffic-Limit
If you set the port parameters, the configuration information about the specified port will be displayed. The information displayed includes the ACL of the traffic to be limited, the limited average rate and the settings of some related policing action. For the related command, see traffic-limit. Huawei Technologies Proprietary 2-23...
Page 465: Display Queue-Scheduler
The action can be “drop” or “remark-dscp”. 2.2.10 display queue-scheduler Syntax display queue-scheduler View Any view Parameter None Description Using display queue-scheduler command, you can view the queue scheduling mode and parameters. Huawei Technologies Proprietary 2-24...
Page 466: Line-Rate
{ user-group acl-number | acl-name [ rule rule ] | { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] }* } interface { interface-name | interface-type interface-num } Huawei Technologies Proprietary 2-25...
Page 467 For the related command, see display qos-global mirrored-to. Example # Mirrors the packets matching the ACL 2000 rules, whose action is permit, to the port Ethernet0/1. [Quidway] mirrored-to ip-group 2000 interface e0/1 Huawei Technologies Proprietary 2-26...
Page 468: Priority
Example # Set the priority of Ethernet0/1 port to 7. [Quidway-Ethernet0/1] priority 7 2.2.14 priority trust Syntax priority trust undo priority View Ethernet port view Parameter None Huawei Technologies Proprietary 2-27...
Page 469: Qos Cos-Local-Precedence-Map
Specifies the mapping value of “COS 3->local-prec”, which ranges from 0 to 7. cos4-map-local-prec: Specifies the mapping value of “COS 4->local-prec”, which ranges from 0 to 7. cos5-map-local-prec: Specifies the mapping value of “COS 5->local-prec”, which ranges from 0 to 7. Huawei Technologies Proprietary 2-28...
Page 470 If needed, you can change “COS->Local-precedence” map using the command. Example # Configure “COS->Local-precedence” map. [Quidway] qos cos-local-precedence-map 0 1 2 3 4 5 6 7 After the configuration, the “COS->Local-precedence” map is shown in Table 1-6. Table 2-17 “COS->Local-precedence” map COS Value Local Precedence Huawei Technologies Proprietary 2-29...
Page 471: Queue-Scheduler
Using undo queue-scheduler command, you can restore the default queue scheduler. By default, the value is strict-priority. For WRR and Delay bounded WRR, the sum of all the weights should equal 100. For the related command, see display queue-scheduler. Huawei Technologies Proprietary 2-30...
Page 472: Reset Traffic-Statistic
0 to 127. If you do not set this parameter, all the rules will be considered. Description Using reset traffic-statistic command, you can reset the traffic statistics information. This command is used for clearing the statistics information about all the traffic or a specified one. Huawei Technologies Proprietary 2-31...
Page 473: Traffic-Limit
{ acl-number | acl-name } [ rule rule ]: Specifies a basic or advanced ACL. acl-number: Specifies the ACL sequence number, ranging from 2000 to 3999. acl-name: Specifies the ACL name with a character string starting with English letters ([a-z, A-Z]) Huawei Technologies Proprietary 2-32...
Page 474: Traffic-Priority
{ acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] }* } View System view Parameter user-group { acl-number | acl-name } [ rule rule ]: Specifies a user-defined ACL. acl-number: Specifies the ACL sequence number, ranging from 5000 to 5999. acl-name: Huawei Technologies Proprietary 2-33...
Page 475 For the related command, see display qos-global traffic-priority. Example # Marks the priority for the packets matching the permit rules of ACL 2000. It sets the local preference to 0: [Quidway] traffic-priority ip-group 2000 local-precedence 0 Huawei Technologies Proprietary 2-34...
Page 476: Traffic-Redirect
Description Using traffic-redirect command, you can activate the ACL to recognize and redirect the traffic(whose action is permit). Using undo traffic-redirect command, you can cancel the redirection. For the related command, see display qos-global traffic-redirection. Huawei Technologies Proprietary 2-35...
Page 477: Traffic-Statistic
0 to 127. If you do not set this parameter, all the rules will be considered. Description Using traffic-statistic command, you can activate the ACL to recognize and count the traffic(whose action is permit). Using undo traffic-statistic command, you can cancel the traffic statistics. Huawei Technologies Proprietary 2-36...
Page 478: Qos Configuration Commands Of S3552 Series Switches
Using the display mirror command, you can view port mirroring configuration, including monitored ports, monitor port and monitor direction, etc. For the related command, see mirroring-port, monitor-port. Example # Display port mirroring configuration. [Quidway] display mirror Monitor port: Ethernet0/1 Mirroring port: Ethernet0/3 inbound Ethernet0/4 outbound Huawei Technologies Proprietary 2-37...
Page 479: Display Qos Conform-Level
Conform-level → Service group” and “Local-precedence + Conform-level → 802.1p priority” mapping tables. Example # Display “DSCP + Conform-level → Service group” mapping table. <Quidway> display qos conform-level 0 dscp-policed-service-map Conform-level 0 : Dscp-policed-service Map : dscp dscp local-precedence drop-precedence -------------------------------------------------------------------------- --------- Huawei Technologies Proprietary 2-38...
Page 480: Display Qos Cos-Drop-Precedence-Map
Using the display qos cos-drop-precedence-map command, you can view “CoS → Drop-precedence” mapping table. Example # Display “CoS → Drop-precedence” mapping table. <Quidway> display qos cos-drop-precedence-map cos-drop-precedence-map: cos : ------------------------------------------------------------------- drop-precedence : 2.3.4 display qos cos-local-precedence-map Syntax display qos cos-local-precedence-map Huawei Technologies Proprietary 2-39...
Page 481: Display Qos-Global All
Using the display qos-global all command, you can view all QoS configuration items. Example # Display all QoS configuration items. <Quidway> display qos-global all 2.3.6 display qos-interface all Syntax display qos-interface [ interface-name | interface-type interface-num ] all Huawei Technologies Proprietary 2-40...
Page 482: Display Qos-Interface Drop-Mode
For the related command, see drop-mode. Example # Display drop mode of all ports. <Quidway>display qos-interface drop-mode 2.3.8 display qos-interface queue-scheduler Syntax display qos-interface interface-name interface-type interface-num queue-scheduler Huawei Technologies Proprietary 2-41...
Page 483 For the related command, see queue-scheduler. Example # Display queue scheduling mode. <Quidway>display qos-interface queue-scheduler Ethernet0/1 Port scheduling: QID: scheduling-group weight ----------------------------------- wrr , group1 wrr , group2 Ethernet0/2 Port scheduling: QID: scheduling-group weight ----------------------------------- … Huawei Technologies Proprietary 2-42...
Page 484: Display Qos-Interface Traffic-Shape
| interface-type interface-num: Port of the switch Description Using the display qos-interface mirrored-to command, you can view traffic mirroring configuration. For the related command, see mirrored-to. Example # Display traffic mirroring configuration. <Quidway>display qos-interface mirrored-to Huawei Technologies Proprietary 2-43...
Page 485: Display Qos-Interface Traffic-Limit
Using the display qos-interface traffic-priority command, you can view priority re-labeling configuration, including the corresponding ACL, priority type and priority level. For the related command, see traffic-priority. Example # Display priority re-labeling configuration. <Quidway> display qos-interface traffic-priority Huawei Technologies Proprietary 2-44...
Page 486: Display Qos-Interface Traffic-Redirect
| interface-type interface-num: Port of the switch Description Using the display qos-interface traffic-statistic command, you can view traffic statistics, including the corresponding ACL and packet counts. For the related command, see traffic-statistic. Example # Display traffic statistics. <Quidway> display qos-interface traffic-statistic Huawei Technologies Proprietary 2-45...
Page 487: Drop-Mode
Example # Select WRED drop mode for the port Ethernet0/1, use the threshold of WRED 0. [Quidway-Ethernet0/1] drop-mode wred 0 2.3.16 dscp Syntax dscp dscp-list : dscp-value cos-value local-precedence-value drop-precedence undo dscp [ dscp-list ] Huawei Technologies Proprietary 2-46...
Page 488: Dscp
[Quidway-conform-level-0] dscp 56 : 56 7 7 0 The following is a configured “DSCP + Conform-level → Service group” mapping table. Table 2-19 “DSCP + Conform-level → Service group” mapping table Conform Policed-DS Policed-80 Policed-Loc Policed-Drop DSCP -level 2.1p alprec Precedence Huawei Technologies Proprietary 2-47...
Page 489: Local-Precedence
802.1p priority value corresponding to Local-precedence 3, in the range of cos-value4: 802.1p priority value corresponding to Local-precedence 4, in the range of cos-value5: 802.1p priority value corresponding to Local-precedence 5, in the range of Huawei Technologies Proprietary 2-48...
Page 490: Mirrored-To
The following is a configured “Local-precedence + Conform-level → 802.1p priority” mapping table. Table 2-20 “Local-precedence + Conform-level → 802.1p priority” mapping table Local-precedence 802.1p 2.3.18 mirrored-to Syntax mirrored-to inbound acl-rule { cpu | monitor-interface } undo mirrored-to inbound acl-rule Huawei Technologies Proprietary 2-49...
Page 491 Specifies the rule in the ACL to be activated, ranging from 0 to 127. If it is not specified, all the rules in the ACL will be activated. cpu: Mirrors the traffic to the CPU. monitor-interface : Mirrors data stream to the monitoring port. Huawei Technologies Proprietary 2-50...
Page 492: Mirroring-Port
| outbound | both: Indicates to monitor the packets of which direction. Inbound means to monitor inbound packets; outbound means to monitor outbound packets; both means to monitor packets of both directions. Huawei Technologies Proprietary 2-51...
Page 493: Monitor-Port
You can only specify one monitor port. You should first remove the setting of all corresponding monitored ports before canceling the configuration of the monitor port. For the related command, see display mirror. Huawei Technologies Proprietary 2-52...
Page 494: Priority
Example # Configure the port Ethernet0/1 with priority value 7. [Quidway-Ethernet0/1] priority 7 2.3.22 priority trust Syntax priority trust undo priority View Ethernet port view Parameter None Huawei Technologies Proprietary 2-53...
Page 495: Qos Conform-Level
“DSCP + Conform-level → Service group” and “Local-precedence + Conform-level → 802.1p priority” mapping tables. Example # Create and enter conform-level 0 view. [Quidway] qos conform-level 0 [Quidway-conform-level-0] 2.3.24 qos cos-drop-precedence-map Syntax cos-drop-precedence-map cos0-map-drop-prec cos1-map-drop-prec cos2-map-drop-prec cos3-map-drop-prec cos4-map-drop-prec cos5-map-drop-prec cos6-map-drop-prec cos7-map-drop-prec Huawei Technologies Proprietary 2-54...
Page 496 The allocation rule is based on the packet 802.1p priority: use the 802.1p priority value as the CoS value, obtain local precedence value and drop-precedence respectively from “CoS → Local-precedence” mapping table and “CoS → Drop-precedence” mapping table. Huawei Technologies Proprietary 2-55...
Page 497: Qos Cos-Local-Precedence-Map
CoS 5 → Local precedence mapping value, in the range of 0~7. cos6-map-local-prec: CoS 6 → Local precedence mapping value, in the range of 0~7. cos7-map-local-prec: CoS 7 → Local precedence mapping value, in the range of 0~7. Huawei Technologies Proprietary 2-56...
Page 498 “CoS → Drop-precedence” mapping table. Example # Configure “CoS → Local-precedence” mapping table. [Quidway] qos cos-local-precedence-map 0 1 2 3 4 5 6 7 The following is the configured "CoS → Local-precedence” mapping table. Huawei Technologies Proprietary 2-57...
Page 499 Minimum average queue length to trigger random yellow packet dropping, in the range of 0~65535. yellow-max-threshold: Maximum average queue length to trigger complete yellow packet dropping, in the range of 0~65535. Huawei Technologies Proprietary 2-58...
Page 500: Queue-Scheduler
2.3.27 queue-scheduler Syntax queue-scheduler wrr { group1 { queue-id queue-weight } &<1-8> | group2 { queue-id queue-weight } &<1-8> }* undo queue-scheduler [ queue-id ] &<1-8> View Ethernet port view Parameter wrr: Weighted round Robin algorithm Huawei Technologies Proprietary 2-59...
Page 501 # Set queues 0~5 in WRR algorithm, queues 0, 1 and 2 belong to group 2, with weight respectively as 20, 20 and 10; queues 3, 4 and 5 belong to group 1, with weight respectively as 20, 20 and 10. Set queues 6 and 7 in SP algorithm, the default one. Huawei Technologies Proprietary 2-60...
Page 502: Reset Traffic-Statistic
2.3.29 traffic-limit Syntax traffic-limit inbound acl-rule cir cbs ebs [ pir ] [ conform { { remark-cos | remark-drop-priority }* | remark-policed-service } ] [ exceed { forward | drop } ] undo traffic-limit inbound acl-rule Huawei Technologies Proprietary 2-61...
Page 503 Excess burst size, in units of byte, with the value ranging 0~10000000. pir: Peak information rate, in units of kbps, with the value ranging 8~1000000. remark-cos: Sets 802.1p priority based on conform-level and local precedence. Huawei Technologies Proprietary 2-62...
Page 504 # Initiate traffic limit on the packets match the permitted rules in ACL 4000, the detailed setting: CIR is 200 kbps; CBS is 25000 bytes; EBS is 25000bytes; drop the over-threshold packets. [Quidway-Ethernet0/1] traffic-limit inbound link-group 4000 200 25000 25000 conform remark-policed-service exceed-action drop Huawei Technologies Proprietary 2-63...
Page 505: Traffic-Priority
{ acl-number | acl-name }: activate the L2 ACL. acl-number: Specifies the ACL number, ranging from 4000 to 4999. acl-name: Specifies the ACL name with a character string started with English letters (that is [a to z, A to Z]), excluding space and quotation marks. Huawei Technologies Proprietary 2-64...
Page 506 "DSCP + Conform-Level → Service group mapping table. For more information about this mapping table, see the qos conform-level and dscp commands. In DSCP + conform-level to service map used by packet priority remark function, the conform-level equal 0. Huawei Technologies Proprietary 2-65...
Page 507: Traffic-Redirect
Link ACL { acl-number | acl-name } rule rule One rule in IP ACL and ip-group { acl-number | acl-name } rule rule link-group one rule in Link ACL { acl-number | acl-name } rule rule Huawei Technologies Proprietary 2-66...
Page 508 Note: The redirection configuration is valid only when the action taken by ACLs is permit. You can use the next-hop ip-addr1 ip-addr2 parameter realizing the policy routing function. For the related command, see display qos-interface traffic-redirection. Huawei Technologies Proprietary 2-67...
Page 509: Traffic-Shape
You can also run traffic shaping for a specific outbound queue, i.e. all traffic in this queue, by selecting the queue queue-id parameter in the command. It is recommended to configure traffic shaping on all the traffic at the port. Huawei Technologies Proprietary 2-68...
Page 510: Traffic-Statistic
Only one rule in IP ACL ip-group { acl-number | acl-name } rule rule All rules in Link ACL link-group { acl-number | acl-name } Only one rule in Link ACL link-group { acl-number | acl-name } rule rule Huawei Technologies Proprietary 2-69...
Page 511 If you choose traffic-limit and traffic-statistic, however, then the untrusted mode is invalid. For the related command, see display qos-interface traffic-statistic. Example # Count the packets match the permitted rules in ACL 2000. [Quidway-Ethernet0/1] traffic-statistic inbound ip-group 2000 Huawei Technologies Proprietary 2-70...
Page 512: Wred
See the QoS/ACL module in Operation Manual for more information about red, yellow and green packets. Example # Create and enter WRED 0 view. [Quidway] wred 0 [Quidway-wred-0] Huawei Technologies Proprietary 2-71...
Page 513: Chapter 3 Logon User's Acl Control Commands
# Performs ACL control over the users that telnet to the local switch. (Suppose ACL 2020 has been defined.) [Quidway] user-interface vty 0 4 [Quidway-user-interface-vty0-4] acl 2020 inbound 3.1.2 ip http acl Syntax ip http acl acl-number undo ip http acl View System view Huawei Technologies Proprietary...
Page 514: Snmp-Agent Community
Using snmp-agent community command, you can configure the community name, and perform the ACL control over the network management user through the parameter acl acl-number. Using undo snmp-agent community command, you can cancel the configuration of community name. Huawei Technologies Proprietary...
Page 515: Snmp-Agent Group
Chapter 3 Logon user’s ACL control commands Example # Configures huawei as the community name, allows read-only access to the switch by the name, meanwhile, performs the ACL control to the network management user by ACL 2020. (Suppose ACL 2020 has been defined.) [Quidway] snmp-agent community read huawei acl 2020 3.1.4 snmp-agent group...
Page 516: Snmp-Agent Usm-User
SNMP group. Example # Creates a new SNMP group: huawei, and perform the ACL control to the group through ACL 2021. (Suppose ACL 2021 has been defined.) [Quidway] snmp-agent group v1 huawei acl 2021 3.1.5 snmp-agent usm-user...
Page 517 SNMP group, meanwhile delete the configuration of ACL control. Example # Adds a user huawei for huaweigroup (an SNMP group), configures to authenticate with HMAC-MD5-96 and sets authentication password as hello, meanwhile perform the ACL control to the user through ACL 2020 . (Suppose ACL 2020 has been defined.)
Page 518 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Integrated Management Huawei Technologies Proprietary...
Page 519 2.3.6 cluster enable ......................2-17 2.3.7 cluster switch-to..................... 2-18 2.3.8 delete-member ...................... 2-19 2.3.9 display cluster......................2-20 2.3.10 display cluster candidates ................... 2-22 2.3.11 display cluster members ..................2-23 2.3.12 ftp-server ......................2-25 2.3.13 holdtime....................... 2-26 2.3.14 ip-pool........................2-27 Huawei Technologies Proprietary...
Page 520 Command Manual - Integrated Management Quidway S3500 Series Ethernet Switches Table of Contents 2.3.15 logging-host......................2-27 2.3.16 port-tagged ......................2-28 2.3.17 reboot member ....................2-29 2.3.18 snmp-host......................2-29 2.3.19 tftp-server ......................2-30 2.3.20 timer ........................2-31 Huawei Technologies Proprietary...
Page 521: Chapter 1 Stack Function Configuration Commands
# Display the stack information on the master switch. <stack_0.Quidway> display stacking Main device for stack. Total members:2 # Display the stack member information on the master switch. <stack_0.Quidway> display stacking members Member number: 0 Name:stack_0.Quidway Device:Quidway S3526 Huawei Technologies Proprietary...
Page 522: Stacking
This command can only be used to switch from the master switch to a slave switch and the user level remains the same while switching. To switch from a slave switch back to a master switch, input <quit>. Huawei Technologies Proprietary...
Page 523: Stacking Ip-Pool
After a stack has been established, the slave switch will exit the stack automatically if the stack port is disconnected. Example # Establish a stack. [Quidway] stacking enable 1.1.4 stacking ip-pool Syntax stacking ip-pool from-ip-address ip-address-number [ ip-mask ] undo stacking ip-pool Huawei Technologies Proprietary...
Page 524 Otherwise, some switches cannot be added into the stack automatically. Example # Set the optional IP address range in public network for a stack. [Quidway] stacking ip-pool 129.10.1.1 5 Huawei Technologies Proprietary...
Page 525: Chapter 2 Hgmp V2 Configuration Commands
Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Interface: Ethernet0/2 Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Interface: Ethernet0/3 Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Interface: Ethernet0/4 Huawei Technologies Proprietary...
Page 526 Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Interface: Ethernet0/17 Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Interface: Ethernet0/18 Status: Enabled, Pkts Snd: 0, Pkts Rvd: 0, Pkts Err: 0 Huawei Technologies Proprietary...
Page 527 The current device transmits NDP packet every 60 Hello Timer: 60(s) seconds. A neighbor keeps the NDP information of the current Aging Timer: 180(s) device for 180 seconds. Interface: Ethernet0/1 Port number, specify a port Status: Enabled NDP is enabled on the port Huawei Technologies Proprietary...
Page 528: Ndp Enable
Ethernet port view. Using undo ndp enable command, you can disable NDP on a system in system view, or disable it on a port in Ethernet port view. Example # Enable system NDP. [Quidway] ndp enable Huawei Technologies Proprietary...
Page 529: Ndp Timer Hello
5 to 255 in units of second. By default, NDP is aged in 180 seconds. Description Using ndp timer aging command, you can configure how long a device will hold the NDP packets received from the local device. After the aging timer expires, the device Huawei Technologies Proprietary...
Page 530: Reset Ndp Statistics
Key word to helps specify a port range. Description Using reset ndp statistics command, you can reset the NDP counters to clear the NDP statistics information. Example # Clear NDP statistics information. <Quidway> reset ndp statistics Huawei Technologies Proprietary...
Page 531: Ntdp Configuration Commands
Hops for topology collection. Timer Interval of periodic topology collection. Delay that the device forwards topology collection Hop Delay request. Port Delay Delay that the port forwards topology collection request. Last collection total time Time taken by last collection. Huawei Technologies Proprietary...
Page 532: Display Ntdp Device-List
IP address and mask length of the VLAN1 on the device # Display the detailed device information collected through NTDP. <Quidway> display ntdp device-list verbose Hostname : Quidway : 00e0-fc10-0000 Platform : Quidway S3026 Version: Huawei Versatile Routing Platform Software Huawei Technologies Proprietary...
Page 533: Ntdp Enable
Command Manual - Integrated Management Quidway S3500 Series Ethernet Switches Chapter 2 HGMP V2 Configuration Commands VRP (tm) Software, Version 3.10 Quidway S3026 Software Version 3026-005, RELEASE SOFTWARE Copyright (c) 2000-2002 By HUAWEI TECH CO., LTD. Cluster Candidate device Stack Candidate device...
Page 534: Ntdp Explore
In this case, NTDP is supposed to be disabled on the uplink ports. Example # Enable NTDP on Ethernet0/1. [Quidway-Ethernet0/1] ntdp enable 2.2.4 ntdp explore Syntax ntdp explore View User view Parameter None Huawei Technologies Proprietary 2-10...
Page 535: Ntdp Hop
This command is only effective on the topology-collecting device. The broader collection scope requires more memory of the topology-collecting device. Example # Set a limit of 5 hops for topology collection. [Quidway] ntdp hop 5 Huawei Technologies Proprietary 2-11...
Page 536: Ntdp Timer
View System view Parameter time: The time that the collected device wait before forwarding the topology-collection request, ranging from 1 to 1000 milliseconds. By default, the value is 200ms. Huawei Technologies Proprietary 2-12...
Page 537: Ntdp Timer Port-Delay
To avoid network congestion resulted from collecting device’s receiving large amount of responses simultaneously, you can configure each collected device to delay response for a period of time after receiving the topology request. Then, the first port will start to forward the topology request packet. Huawei Technologies Proprietary 2-13...
Page 538: Cluster Configuration Commands
Otherwise, the user has to input the password before adding the candidate. Its device password will become the administrator device password if the candidate device is added to the cluster system. Huawei Technologies Proprietary 2-14...
Page 539: Administrator-Address
Quidway S3500 Series Ethernet Switches Chapter 2 HGMP V2 Configuration Commands Example # Add the candidate device, with MAC address 00E0-fc00-35e7 and super-password huawei, to the cluster, and its member number is 6. [Huawei_0.Quidway-cluster] add-member 6 mac-address 00E0-fc00-35e7 password huawei 2.3.2 administrator-address...
Page 540 # Set up a cluster automatically. [Quidway-cluster] auto-build 2.3.4 build Syntax build name undo build View Cluster view Parameter name: Cluster name with no more than 8 characters, including and only including letters, numerals, subtraction sign “-” and underline “_”. Huawei Technologies Proprietary 2-16...
Page 541: Cluster
Using it on an administrator device, you can rename a cluster. Using it on a candidate device, you can create a cluster. Example # Configure the current switch as the administrator device and specifies HUAWEI as the cluster name. [Quidway-cluster] build HUAWEI 2.3.5 cluster...
Page 542: Cluster Switch-To
Using cluster switch-to command, you can switch between administrator device and member devices for convenient management. A member device in a cluster can be managed through the administrator device. The user can operate on an administrator device and switchover to a specified member Huawei Technologies Proprietary 2-18...
Page 543: Delete-Member
If the administrator device and the member device still cannot intercommunicate, the member will be deleted, however, the cluster information on the member device may not be deleted. Huawei Technologies Proprietary 2-19...
Page 544: Display Cluster
# Display information about cluster on the administrator device. <Quidway> display cluster Cluster name:"sss" Role:Administrator Handshake timer:10 sec Handshake hold-time:60 sec IP-Pool:1.1.1.1/20 No logging host configured No SNMP host configured No FTP server configured No TFTP server configured. Huawei Technologies Proprietary 2-20...
Page 545 Member state Member status Member number Number of member device Handshake timer Value of handshake timer Handshake hold-time Value of handshake hold-time Administrator device mac address MAC address of administrator device Administrator status Status of administrator device Huawei Technologies Proprietary 2-21...
Page 546: Display Cluster Candidates
# Display the information about the specified candidate device. <Quidway> display cluster candidates mac-address 00e0-fc61-c4c0 Hostname : LSW1 : 00e0-fc61-c4c0 IP: 1.5.6.9/16 Platform : Quidway S3526 # Display the detailed information about all the candidate devices. <Quidway> display cluster candidates verbose Hostname : Quidway Huawei Technologies Proprietary 2-22...
Page 547: Display Cluster Members
This command can only be performed on the administrator device. Using member-num or verbose parameter to display detail information of a certain member or all the members Example # Display configuration information about the member devices. Huawei Technologies Proprietary 2-23...
Page 548 Member status:Cmdr Hops to administrator device:0 IP: 1.1.200.210/16 Version: Huawei Versatile Routing Platform Software VRP (tm) Software, Version 3.10 Copyright (c) 2000-2002 By HUAWEI TECH CO., LTD. Quidway S3526 3526-003 Member number: 1 Name:Huawei_1.Quidway Device:Quidway S3026 MAC Address:00e0-fc00-a01f Member status:Up...
Page 549: Ftp-Server
Command Manual - Integrated Management Quidway S3500 Series Ethernet Switches Chapter 2 HGMP V2 Configuration Commands Quidway S3026 Software Version 3026-005, RELEASE SOFTWARE Copyright (c) 2000-2002 By HUAWEI TECH CO., LTD. Member number: 2 Name:Huawei_2.LSW1 Device:Quidway S3526 MAC Address:00e0-fc07-4de0 Member status:Up Hops to administrator device:1 IP: 1.5.6.7/16...
Page 550: Holdtime
The commands can only be executed on the administrator device, which will advertise the cluster timer value to the member devices. Example # Set the cluster holdtime as 50 seconds. [Huawei_0.Quidway-cluster] holdtime 50 Huawei Technologies Proprietary 2-26...
Page 551: Ip-Pool
The commands can only be executed on a switch of non-cluster member. The IP address pool of an existing cluster cannot be modified. Example # Configure the IP address pool of a cluster. [Quidway-cluster] ip-pool 10.200.0.1 20 2.3.15 logging-host Syntax logging-host ip-address undo logging-host View Cluster view Huawei Technologies Proprietary 2-27...
Page 552: Port-Tagged
Using undo port-tagged command, you can cancel VLAN check for the communication inside a cluster on the administrator device. By default, VLAN check is performed. Example # Configure VLAN check for the communication inside a cluster. [Huawei_0.Quidway-cluster] port-tagged vlan 1 Huawei Technologies Proprietary 2-28...
Page 553: Reboot Member
Example # Reset the cluster member 2. [Huawei_0.Quidway-cluster] reboot member 2 2.3.18 snmp-host Syntax snmp-host ip-address undo snmp-host View Cluster view Parameter ip-address: IP address of the SNMP host configured for the cluster. Huawei Technologies Proprietary 2-29...
Page 554: Tftp-Server
Assign an IP address for TFTP server of the cluster, then the member devices can access the server via the administrator device. Example # Configure IP address for TFTP server on the administrator device. [Huawei_0.Quidway-cluster] tftp-server 1.0.0.9 Huawei Technologies Proprietary 2-30...
Page 555: Timer
This command can only be executed on the administrator device, which will advertise the cluster timer value to the member devices. Example # Configure to send handshake packets once every 3 seconds. [Huawei_0.Quidway-cluster] timer 5 Huawei Technologies Proprietary 2-31...
Page 556 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Huawei Technologies Proprietary...
Page 557 1.1.29 stp mcheck ......................1-27 1.1.30 stp mode......................1-28 1.1.31 stp point-to-point ....................1-29 1.1.32 stp region-configuration..................1-30 1.1.33 stp root-protection ....................1-30 1.1.34 stp tc-protection....................1-31 1.1.35 stp timer forward-delay..................1-32 1.1.36 stp timer hello ...................... 1-33 Huawei Technologies Proprietary...
Page 558 Chapter 2 BPDU TUNNEL Configuration Commands..............2-1 2.1 BPDU TUNNEL Configuration Commands ............... 2-1 2.1.1 vlan-vpn tunnel ......................2-1 Chapter 3 Digest Snooping Configuration Commands............. 3-1 3.1 Digest Snooping Configuration Commands ..............3-1 3.1.1 stp config-digest-snooping ..................3-1 Huawei Technologies Proprietary...
Page 559: Chapter 1 Mstp Configuration Commands
For the related command, see instance, region-name, revision-level, vlan-mapping modulo, check region-configuration . Example # Manually activate MST region configurations. [Quidway-mst-region] active region-configuration 1.1.2 check region-configuration Syntax check region-configuration Huawei Technologies Proprietary...
Page 560 Table 1-1 the display Information Field Description Format selector Factor to selelct protocol type prescribed in MSTP Region name Region name of MST region Revision level MSTP revision level of MST region Instance Vlans Mapped VLAN mapping table of MST region Huawei Technologies Proprietary...
Page 561: Display Stp
CIST common root, region root, internal path cost of the switch to the CIST common root, CIST root port of the switch, and whether to enable BPDU protection; Huawei Technologies Proprietary...
Page 562 Table 1-2 the display Information Field Description MSTID MST instance ID of the port Port Port number STP State STP State of the port, which can be up or down. Guard Type Guard Type of the port, which can be Huawei Technologies Proprietary...
Page 563: Display Stp Region-Configuration
Table 1-3 the display Information Field Description Format selector Selection factor descripted in the MSTP protocol Region name Region name of MST region Revision level MSTP revision level of MST region Instance Vlans Mapped VLAN mapping table of MST region Huawei Technologies Proprietary...
Page 564: Instance
, vlan-mapping modulo, active region-configuration . Example # Map VLAN 2 to STI 1. [Quidway-mst-region] instance 1 vlan 2 1.1.6 region-name Syntax region-name name Huawei Technologies Proprietary...
Page 565: Reset Stp
MSTP revision level, is used for determining the region to which the switch belongs. For the related command, see instance, revision-level, check region-configuration , vlan-mapping modulo, active region-configuration . Example # Set the MST region name of the switch as huawei. [Quidway-mst-region] region-name huawei 1.1.7 reset stp Syntax...
Page 566 MST region to which the switch belongs. For the related command, see instance, region-name, check region-configuration , vlan-mapping modulo and active region-configuration . Example # Set the MSTP revision level of the switch MST region to 5. [Quidway-mst-region] revision-level 5 Huawei Technologies Proprietary...
Page 567: Stp
For the related command, see stp mode, stp interface. Example # Enable MSTP globally. [Quidway] stp enable # Disable MSTP on Ethernet0/1. [Quidway-Ethernet0/1] stp disable 1.1.10 stp bpdu-protection Syntax stp bpdu-protection undo stp bpdu-protection View System view Huawei Technologies Proprietary...
Page 568: Stp Bridge-Diameter
System view Parameter bridgenum: Ranges from 2 to 7 and defaults to 7. Description Using stp bridge-diameter command, you can configure the switching network diameter. Using undo stp bridge-diameter command, you can restore the default network diameter. Huawei Technologies Proprietary 1-10...
Page 569: Stp Edged-Port
Using stp edged-port disable command, you can configure the current Ethernet port as a non-edge port. Using undo stp edged-port command, you can restore the default state, i.e., non-edge port. By default, all the switch ports are configured as non-edge port. Huawei Technologies Proprietary 1-11...
Page 570: Stp Cost
By default, the path costs of a port on different STIs take the values associated with the port speeds. For more description, refer to the table offered in the configuration guideline of the stp interface cost command. Huawei Technologies Proprietary 1-12...
Page 571: Stp Priority
# Set the path cost of Ethernet 0/3 on STI 2 to 200. [Quidway-Ethernet0/3] stp instance 2 cost 200 1.1.14 stp priority Syntax stp [ instance instance-id ] priority priority undo stp [ instance instance-id ] priority View System view Parameter instance-id: Ranges from 0 to 16. Huawei Technologies Proprietary 1-13...
Page 572: Stp Port Priority
MSTIs. Thus the traffic from different VLANs can run over different physical links, thereby implementing the VLAN-based load-balancing. MSTP will recalculate the port role and transit its state, upon the port priority changes. Huawei Technologies Proprietary 1-14...
Page 573: Stp Root Primary
(Hello time, Forward Delay and Max Age). The Hello time got in this way may not be as good as expected. You can specify the hello-time centi-senconds Huawei Technologies Proprietary 1-15...
Page 574: Stp Root Secondary
Configure the current switch as the secondary root of the designated STI. bridge-diameter bridgenum: Specify the network diameter of the spanning tree, ranging from 2 to 7. hello-time centi-senconds: Specify the Hello Time of the spanning tree, ranging from 100 to 1000 and measured in centiseconds. Huawei Technologies Proprietary 1-16...
Page 575: Stp Interface
| interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual. &<1-10> means that the preceding parameters can be entered up to 10 times. Huawei Technologies Proprietary 1-17...
Page 576: Stp Interface Edged-Port
| interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual. &<1-10> means that the preceding parameters can be entered up to 10 times. enable: Configure the current port as an edge port. Huawei Technologies Proprietary 1-18...
Page 577: Stp Interface Cost
Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions Huawei Technologies Proprietary 1-19...
Page 578 Above 10G/s 1-200000 For the related command, see stp cost . Example # Set the path cost of Ethernet 0/3 on STI 2 to 400 in system view. [Quidway] stp interface ethernet 0/3 instance 2 cost 400 Huawei Technologies Proprietary 1-20...
Page 579: Stp Interface Port Priority
For the related command, see stp port priority. Example # Set the priority of Ethernet 0/3 on STI 2 to 16 in system view. [Quidway] stp interface ethernet 0/3 instance 2 port priority 16 Huawei Technologies Proprietary 1-21...
Page 580: Stp Interface Loop-Protection
Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions Huawei Technologies Proprietary 1-22...
Page 581: Stp Interface Point-To-Point
Indicates the Ethernet port connected to a point-to-point link. force-false: Indicates the Ethernet port not connected to a point-to-point link. auto: Configure to automatically check if the link to the Ethernet port is a point-to-point link. Huawei Technologies Proprietary 1-23...
Page 582: Stp Interface Root-Protection
| interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual. &<1-10> means that the preceding parameters can be entered up to 10 times. Huawei Technologies Proprietary 1-24...
Page 583: Stp Interface Transit-Limit
| interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual. &<1-10> means that the preceding parameters can be entered up to 10 times. Huawei Technologies Proprietary 1-25...
Page 584: Stp Loop-Protection
Using stp loop-protection command, you can enable loop protection function. Using undo stp loop-protection command, you can restore the restore setting. By default, the loop protection function is not enabled. Example # Enable loop protection function in Ethernet 0/1. [Quidway-Ethernet0/1] stp loop-protection Huawei Technologies Proprietary 1-26...
Page 585: Stp Max-Hops
Hops configured on the root bridge in an MST region will be adopted by other switches in the same region. Example # Set the Max Hops of an MST region to 35. [Quidway] stp max-hops 35 1.1.29 stp mcheck Syntax stp mcheck View System view\Ethernet port view Parameter None Huawei Technologies Proprietary 1-27...
Page 586: Stp Mode
In MSTP mode, the switch ports send MSTP BPDU packets (when connected to the STP switch) and the switch provides multiple spanning tree function. For the related command, see stp mcheck, stp, stp interface, stp interface mcheck. Huawei Technologies Proprietary 1-28...
Page 587: Stp Point-To-Point
For the related command, see stp interface point-to-point. Example # Configure Ethernet 0/3 to be connected to the point-to-point link. [Quidway-Ethernet0/3] stp point-to-point force-true Huawei Technologies Proprietary 1-29...
Page 588: Stp Region-Configuration
VLAN mapping table of the region. Example # Enter MST region view. [Quidway] stp region-configuration [Quidway-mst-region] 1.1.33 stp root-protection Syntax stp root-protection undo stp root-protection View Ethernet port view Parameter None Huawei Technologies Proprietary 1-30...
Page 589: Stp Tc-Protection
Using the stp tc-protection enable command, you can enable the protection function from being attacked by TC-BPDU packets on the switch. Using the stp tc-protection disable command, you can disable the protection function. By default, the protection from TC-BPDU packet attack is enabled. Huawei Technologies Proprietary 1-31...
Page 590: Stp Timer Forward-Delay
The root bridge will determine the state transition time according to the configured values, while the other switches will apply the forward delay configured on it. When configuring Hello time, Forward Delay and Max Age, please guarantee the following equations: Huawei Technologies Proprietary 1-32...
Page 591: Stp Timer Hello
Hello Time configured on the root bridge. When configuring Hello time, Forward Delay and Max Age, remember to guarantee the following equations: 2 * (Forward Delay -1.0 seconds) >= Max Age Max Age >= 2 * (Hello Time + 1.0 seconds) Huawei Technologies Proprietary 1-33...
Page 592: Stp Timer Max-Age
Max Age configured on the CIST root bridge. When you configure Hello time, Forward Delay and Max Age, ensure the following formulas equal: 2 * (Forward Delay -1.0 seconds) >= Max Age Max Age >= 2 * (Hello Time + 1.0 seconds) Huawei Technologies Proprietary 1-34...
Page 593: Stp Transit-Limit
Hello Time via every port can be limited and MSTP will not occupy too many bandwidth resources when the network topology flaps. For the related command, see stp interface transit-limit. Example # Set a limit of 5 to the packets transmitted via Ethernet 0/1. [Quidway-Ethernet0/1] stp transit-limit 5 Huawei Technologies Proprietary 1-35...
Page 594: Vlan-Mapping Modulo
1 maps to MSTI 1, vlan 2 maps to MSTI2 ...vlan 16 maps to MSTI16, vlan 17 maps to MSTI 1, and so on.) For the related command, see region-name, revision-level, display configuration, active configuration, . Example # Map VLAN to STI modulo 16. [Quidway-mst-region] vlan-mapping modulo 16 Huawei Technologies Proprietary 1-36...
Page 595: Chapter 2 Bpdu Tunnel Configuration Commands
By default, BPDU Tunnel is disabled. Example # Enable BPDU Tunnel on the switch. [Quidway] vlan-vpn tunnel Huawei Technologies Proprietary...
Page 596: Chapter 3 Digest Snooping Configuration Commands
BPDUs and insert corresponding configuration digests in its BPDUs destined for these switches, through which switches of different type are capable of communicating with each other in a MSTP domain. Huawei Technologies Proprietary...
Page 597 To change domain configuration, be sure to disable digest snooping first to prevent broadcast storm. Example # Enable digest snooping on GigabitEthernet1/0/1 interface. <Quidway> system-view System View: return to User View with Ctrl+Z. [Quidway] interface GigabitEthernet1/0/1 [Quidway-GigabitEthernet1/0/1] stp config-digest-snooping [Quidway-GigabitEthernet1/0/1] quit [Quidway] stp config-digest-snooping Huawei Technologies Proprietary...
Page 598 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Security Huawei Technologies Proprietary...
Page 599 2.1.10 portal server ......................2-11 2.1.11 portal upload......................2-12 2.1.12 reset portal ......................2-13 Chapter 3 AAA & RADIUS Protocol Configuration Commands..........3-1 3.1 AAA Configuration Commands..................3-1 3.1.1 access-limit......................3-1 3.1.2 attribute ........................3-2 3.1.3 cut connection ......................3-3 Huawei Technologies Proprietary...
Page 600 3.2.18 retry realtime-accounting..................3-34 3.2.19 retry stop-accounting................... 3-35 3.2.20 secondary accounting ..................3-36 3.2.21 secondary authentication ..................3-36 3.2.22 server-type ......................3-37 3.2.23 state........................3-38 3.2.24 stop-accounting-buffer enable................3-39 3.2.25 timer ........................3-40 3.2.26 timer quiet......................3-41 Huawei Technologies Proprietary...
Page 601 Chapter 6 System-guard Configuration Commands ..............6-1 6.1 System-guard Configuration Commands ................6-1 6.1.1 display system-guard ip-record ................6-1 6.1.2 display system-guard state ..................6-2 6.1.3 system-guard enable....................6-3 6.1.4 system-guard detect-maxnum................. 6-4 6.1.5 system-guard detect-threshold................6-5 6.1.6 system-guard no-learn-dip enable ................6-5 Huawei Technologies Proprietary...
Page 602: Chapter 1 802.1X Configuration Commands
The output information of this command can help the user to verify the current 802.1x configurations so as to troubleshoot 802.1x . For the related commands, see reset dot1x statistics, dot1x, dot1x retry, dot1x max-user, dot1x port-control, dot1x port-method, dot1x timer. Huawei Technologies Proprietary...
Page 603: Dot1X
Authenticate Mode is auto Port Control Type is Mac-based ReAuthenticate is disabled Max on-line user number is 256 … (Omitted) 1.1.2 dot1x Syntax dot1x [ interface interface-list ] undo dot1x [ interface interface-list ] View System view/Ethernet port view Huawei Technologies Proprietary...
Page 604: Dot1X Authentication-Method
[Quidway] dot1x interface Ethernet 0/1 # Enable the 802.1x globally. [Quidway] dot1x 1.1.3 dot1x authentication-method Syntax For S3552G, S3552P, S3528G, S3528P, S3526E, S3526E FM, S3526E FS and S3526C: dot1x authentication-method { chap | pap | eap } undo dot1x authentication-method Huawei Technologies Proprietary...
Page 605 However, the S3526, S3526 FM, and S3526 FS switches support EAP-MD5 authentication only. Please note: To realize PAP, CHAP or EAP authentication, RADIUS server should support PAP, CHAP or EAP authentication respectively. For the related command, see display dot1x. Huawei Technologies Proprietary...
Page 606: Dot1X Dhcp-Launch
# Disable the switch to trigger the authentication over the users who configure static IP addresses in DHCP environment. [Quidway] dot1x dhcp-launch 1.1.5 dot1x guest-vlan Syntax dot1x guest-vlan vlan-id [ interface interface-list ] undo dot1x guest-vlan vlan-id [ interface interface-list ] View System view/Ethernet port view Huawei Technologies Proprietary...
Page 607: Dot1X Max-User
# Set the authentication mode to port-based. [Quidway] dot1x port-method portbased # Enable Guest VLAN on all ports. [Quidway] dot1x guest-vlan 1 1.1.6 dot1x max-user Syntax dot1x max-user user-number [ interface interface-list ] undo dot1x max-user [ interface interface-list ] Huawei Technologies Proprietary...
Page 608: Dot1X Port-Control
# Configure the interface Ethernet 0/1 to hold no more than 32 users. [Quidway] dot1x max-user 32 interface Ethernet 0/1 1.1.7 dot1x port-control Syntax dot1x port-control { auto | authorized-force | unauthorized-force } [ interface interface-list ] undo dot1x port-control [ interface interface-list ] View System view/Ethernet port view Huawei Technologies Proprietary...
Page 609 Ethernet port view and it has effect only on the current interface. For the related commands, see display dot1x. Example # Configure the interface Ethernet 0/1 to be in unauthorized-force state. [Quidway] dot1x port-control unauthorized-force interface Ethernet 0/1 Huawei Technologies Proprietary...
Page 610: Dot1X Port-Method
It has effect on all the interfaces when no interface is specified. The parameter interface-list cannot be input when the command is executed in Ethernet Port view and it has effect only on the current interface. For the related commands, see display dot1x. Huawei Technologies Proprietary...
Page 611: Dot1X Quiet-Period
For the related commands, see display dot1x , dot1x timer. Example # Enable quiet-period timer. [Quidway] dot1x quiet-period 1.1.10 dot1x re-authenticate Syntax dot1x re-authenticate [ interface interface-list ] undo dot1x re-authenticate [ interface interface-list ] View System view/Ethernet port view Huawei Technologies Proprietary 1-10...
Page 612: Dot1X Retry
Syntax dot1x retry max-retry-value undo dot1x retry View System view Parameter max-retry-value: Specifies the maximum times an Ethernet switch can retransmit the authentication request frame to the supplicant, ranging from 1 to 10. By default, the Huawei Technologies Proprietary 1-11...
Page 613: Dot1X Retry-Version-Max
After sending client version request frame for the first time, if the switch receives no response from the client response within a certain period of time (set by the version Huawei Technologies Proprietary 1-12...
Page 614: Dot1X Supp-Proxy-Check
Using dot1x supp-proxy-check command, you can configure the control method for 802.1x access users via proxy logon the specified interface. Using undo dot1x supp-proxy-check command, you can cancel the control method set for the 802.1x access users via proxy. Huawei Technologies Proprietary 1-13...
Page 615: Dot1X Timer
Chapter 1 802.1x Configuration Commands Note that when performing this function, the user logging on via proxy need to run Huawei 802.1x client program,( Huawei 802.1x client program version V1.29 or above is needed). This command is used to set on the specified interface when executed in system view.
Page 616 86400, in seconds. By default, the value is 3600. ver-period: Client version request timeout timer. If the supplicant device failed to send the version response packet within the time set by this timer, then the authenticator device will resend the version request packet. Huawei Technologies Proprietary 1-15...
Page 617: Dot1X Version-Check
In system view, if the interface-list parameter is not specified, it means that to enable the 802.1x client version authentication feature on all interfaces; if the interface-list parameter is specified, it means that to enable the feature on the specified interfaces. In Huawei Technologies Proprietary 1-16...
Page 618: Reset Dot1X Statistics
If the port type and port number are specified, the 802.1x statistics on the specified port will be cleared. For the related commands, see display dot1x. Example # Clear the 802.1x statistics on Ethernet 0/1. <Quidway> reset dot1x statistics interface Ethernet 0/1 Huawei Technologies Proprietary 1-17...
Page 619: Chapter 2 Portal Configuration Commands
Enables Portal server debugging. tcp-cheat: Enables TCP spoofing debugging. Description Use the debugging portal command to enable Portal debugging. Use the undo debugging portal command to disable Portal debugging. Example # Enable all Portal debugging. <Quidway> debugging portal all Huawei Technologies Proprietary...
Page 620: Display Portal
# Display Portal information. <Quidway> display portal This operation may take few minutes ,please wait Run Method: Direct Free IP: 1)IP = 192.168.0.200 Net Mask = 255.255.255.255 Authenticate network: 1)IP = 1.1.1.1 Net Mask = 255.255.0.0 VLAN = 3 Huawei Technologies Proprietary...
Page 621 Note: URL = uniform resource locator HTTP = hypertext transfer protocol ARP = address resolution protocol MAC = media access control # Display Portal ACM statistics. <Quidway> display portal acm statistics ACM Statistics Running State Statistics WAIT_MAC_ACK Huawei Technologies Proprietary...
Page 622 Timeout waiting for authentication acknowledgement WAIT_LOGIN_ACK Timeout waiting for login acknowledgement Timeout waiting for ACL update. For re-DHCP WAIT_ACL_ACK authentication, it is 0. Timeout waiting for NEW IP. For direct authentication WAIT_NEW_IP and Layer 3 Portal authentication, it is 0. Huawei Technologies Proprietary...
Page 623: Portal
New IP timer timeout count. For Direct authentication PT_MSG_TMR_NIP and Layer 3 Portal authentication, it is 0. Error/RCV Error information statistics, including memory errors, ERR/SND MSG ERR received and sent error messages Note: ACL = access control list 2.1.3 portal Syntax portal server-name Huawei Technologies Proprietary...
Page 624: Portal Arp-Handshake
Maximum number of retries for ARP handshaking, in the range of 3 to 10. By default, it is 5. Description Use the portal arp-handshake command to configure time interval and maximum times of retries for ARP handshaking between a Portal switch and a host. Huawei Technologies Proprietary...
Page 625: Portal Auth-Network
Use the undo portal auth-network command to remove the configuration. By default, no authentication network segments are configured. This command is only valid for Layer 3 Portal authentication. Example # Configure Portal authentication network segment 192.168.0.200/16. [Quidway] portal auth-network 192.168.0.200 255.255.0.0 vlan 1 Huawei Technologies Proprietary...
Page 626: Portal Delete-User
Internet service provider (ISP) as a free IP address. All users can access these free IP addresses without restriction. You can configure up to 8 free IP addresses for the system. The Portal server uses automatically a free IP address. Huawei Technologies Proprietary...
Page 627: Portal Free-User
These devices can access all networks without authentication. Authentication-free user information contains the IP address, MAC address, connected switch port, and VLAN. The user whose information matches all the authentication-free user information is allowed to access the Internet without authentication. Huawei Technologies Proprietary...
Page 628: Portal Method
Use the portal method command to specify authentication mode for Portal. Use the undo portal method command to restore the default authentication mode. By default, direct authentication is selected. Example # Set Portal authentication to redhcp. Huawei Technologies Proprietary 2-10...
Page 629: Portal Server
Shared key for communication with Portal server, in the range of 1 to 16 characters. By default, it is huawei. port: Port from which packets are sent to Portal server, in the range of 1 to 65,534. By default, it is 50100.
Page 630: Portal Upload
An uplink refers to the port by which a switch connects to an uplink network device. Example # Configure the uplink port with Portal rate limitation as ethernet 0/1. [Quidway] portal upload interface ethernet 0/1 Huawei Technologies Proprietary 2-12...
Page 631: Reset Portal
Clears Portal ACM statistics, that is, clear the information about authentication, connection and management. server: Clears Portal server statistics. tcp-cheat: Clears TCP spoofing statistics. Description Use the reset portal command to clear Portal statistics. Example # Clear Portal ACM statistics. <Quidway> reset portal acm statistics Huawei Technologies Proprietary 2-13...
Page 632: Chapter 3 Aaa & Radius Protocol Configuration Commands
ISP domain. The supplicants may contend for the network resources. So setting a suitable limit to the amount will guarantee the reliable performance for the existing supplicants. Example # Set a limit of 500 supplicants for the ISP domain named huawei163.net. [Quidway-isp-huawei163.net] access-limit enable 500 Huawei Technologies Proprietary...
Page 633: Attribute
It should be noted that the argument nas-ip must be defined for a user bound with a remote port, which is unnecessary, however, in the event of a user bound with a local port. For the related command, see display local-user. Huawei Technologies Proprietary...
Page 634: Cut Connection
: Configures to cut the connection according to user name . user-name is the argument specifying the username. It is a character string not exceeding 80 characters, excluding “/”, “:”, “*”, “?”, “<” and “>”. The @ character can Huawei Technologies Proprietary...
Page 635: Display Connection
Configures to display the user specified with IP address. The argument ip-address is in the hexadecimal format (ip-address). vlan vlanid: Configures to display the user specified with VLAN ID. Here, vlanid ranges from 1 to 4094. Huawei Technologies Proprietary...
Page 636: Display Domain
The output information can help with ISP domain diagnosis and troubleshooting. Note that the accounting scheme to be displayed should have been created. Huawei Technologies Proprietary...
Page 637: Display Local-User
Ethernet accessing users, 802.1x supplicants for example. ssh means that: the specified user type is SSH. (S3526, S3526 FM and S3526 FS switches don’t support SSH.) Huawei Technologies Proprietary...
Page 638: Idle-Cut
Table 3-1 Output description of the display local-user command Field Description State The state of the user Idle-Cut The state of the idle-cut switch Access-Limit The limit to the number of access users. Bind location Indicates whether the port is bound with or not Huawei Technologies Proprietary...
Page 639 ISP domains. Because the attributes of ISP users, such as username and password structures, service types, may be different, it is necessary to separate them by setting ISP domains. In ISP domain view, you can configure a Huawei Technologies Proprietary...
Page 640 The user template of the switch you are using may only provide user idle-cut settings. After a user is authenticated, if Huawei Technologies Proprietary...
Page 641: Local-User
Using local-user command, you can configure a local user and enter the local user view. Using undo local-user command, you can cancel a specified local user. By default, no local user. For the related commands, see display local-user , service-type. Huawei Technologies Proprietary 3-10...
Page 642: Local-User Password-Display-Mode
For the related commands, see display local-user , password. Example # Force all the accessing users to display passwords in cipher text. [Quidway] local-user password-display-mode cipher-force 3.1.11 messenger Syntax messenger time { enable limit interval | disable } undo messenger time Huawei Technologies Proprietary 3-11...
Page 643: Name
# Configure to start the sending of alert messages when the user’s remaining online time is 30 minutes and send the messages at an interval of five minutes. [Quidway-isp-system] messenger time enable 30 5 3.1.12 name Syntax name string undo name Huawei Technologies Proprietary 3-12...
Page 644: Password
If local-user password-display-mode cipher-force has been adopted, the user efforts of using the password command to set the password display mode to simple text (simple) will render useless. For the related command, see display local-user. Huawei Technologies Proprietary 3-13...
Page 645: Radius-Scheme
The specified RADIUS server group shall have been created. For the related commands, see radius scheme, display radius. Example ! The following example designates the current ISP domain, huawei163.net, to use the RADIUS server, huawei. [Quidway-isp-huawei163.net] radius-scheme Huawei 3.1.15 self-service-url Syntax...
Page 646: Service-Type
# In the default ISP domain "system", configure the URL address of the page used to change user password self-service server http://10.153.89.94/selfservice/modPasswd1x.jsp|userName. [Quidway] domain system [Quidway-isp-system] self-service-url enable http://10.153.89.94/selfservice/modPasswd1x.jsp|userName 3.1.16 service-type Syntax For S3552G, S3552P, S3528G, S3528P, S3526E, S3526E FM, S3526E FS and S3526C: Huawei Technologies Proprietary 3-15...
Page 647: State
Using undo service-type command, you can cancel the specified service type for the user. Example # Set to provide the lan-access service for the user huawei1. [Quidway-luser-huawei1] service-type lan-access 3.1.17 state Syntax state { active | block } View ISP domain view/Local user view Huawei Technologies Proprietary 3-16...
Page 648: Vlan-Assignment-Mode
# Set the user huawei1 to be in the block state. [Quidway-luser-huawei1] state block 3.1.18 vlan-assignment-mode Syntax vlan-assignment-mode { integer | string } View ISP domain view Parameter integer: Specify the dynamic VLAN delivery mode as integer. string: Specify the dynamic VLAN delivery mode as string. Huawei Technologies Proprietary 3-17...
Page 649: Radius Protocol Configuration Commands
Maximum number for sending Accounting-On packets. It ranges from 1 to 256 and defaults to 15. Interval: Time interval for sending Accounting-On packets. It ranges from 1 to 30 in seconds and defaults to 3. Huawei Technologies Proprietary 3-18...
Page 650 VLAN interface as NAS-IP. Among S3500 series ethernet switches, S3552G, S3552P, S3528G, S3528P, S3526E, S3526E FM, S3526E FS and S3526C support this function, and S3526, S3526 FM and S3526 FS don’t. Example # Enable user reauthentication at reboot. Huawei Technologies Proprietary 3-19...
Page 651: Accounting Optional
# Enable the selection of RADIUS accounting of the RADIUS scheme named as CAMS. [Quidway-radius-cams] accounting optional 3.2.3 data-flow-format Syntax data-flow-format data { byte | giga-byte | kilo-byte | mega-byte } packet { giga-packet | kilo-packet | mega-packet | one-packet } undo data-flow-format Huawei Technologies Proprietary 3-20...
Page 652: Display Local-Server Statistics
By default, the data unit is byte and the data packet unit is one-packet. For the related command, see display radius. Example # Set the unit of data flow that send to RADIUS Server Huawei is kilo-byte and the data packet unit is kilo-packet. [Quidway-radius-huawei] data-flow-format data kilo-byte packet kilo-packet 3.2.4 display local-server statistics...
Page 653: Display Radius
For the related command, see radius scheme. Example # Display the configuration information of all the RADIUS schemes. <Quidway> display radius ------------------------------------------------------------------ SchemeName =system Index=0 Type=huawei Primary Auth IP =127.0.0.1 Port=1645 State=block Primary Acct IP =127.0.0.1 Port=1646 State=block Huawei Technologies Proprietary 3-22...
Page 654 Port=1812 State=block Second Acct IP =0.0.0.0 Port=1813 State=block Auth Server Encryption Key= huawei Acct Server Encryption Key= huawei Accounting method = required Accounting method = required TimeOutValue(in second)=3 RetryTimes=3 RealtimeACCT(in minute)=12 Permitted send realtime PKT failed counts Quiet-interval(min) Retry sending times of noresponse acct-stop-PKT =500...
Page 655 The time is expressed in the format hh:mm:ss-yyyy/mm/dd. When this parameter is specified, all the stopping accounting requests saved in the time range since start-time to stop-time will be displayed. Huawei Technologies Proprietary 3-24...
Page 656: Display Stop-Accounting-Buffer
Configures to set/delete the encryption key for RADIUS accounting packet. authentication: Configures to set/delete the encryption key for RADIUS authentication/authorization packet. string: Specifies the key with a character string not exceeding 16 characters. By default, the key is “huawei”. Huawei Technologies Proprietary 3-25...
Page 657 Example 1: # Set the authentication/authorization key of the RADIUS scheme, huawei, to “hello”. [Quidway-radius-huawei] key authentication hello Example 2: # Set the accounting packet key of the RADIUS scheme, huawei, to “ok”. [Quidway-radius-huawei] key accounting ok 3.2.9 local-server Syntax...
Page 658: Nas-Ip
RADIUS function, i.e. realize basic RADIUS function on the switch. Caution: When using local RADIUS server function of Huawei, remember the number of UDP port used for authentication is 1645 and that for accounting is 1646. The password configured by this command must be the same as that of the RADIUS authentication/authorization packet configured by the command key authentication in RADIUS scheme view.
Page 659: Primary Accounting
0.0.0.0, and the UDP port number of this server is 1813; as for the "system" RADIUS scheme created by the system, the IP address of the primary accounting server is 127.0.0.1, and the UDP port number is 1646. Huawei Technologies Proprietary 3-28...
Page 660: Primary Authentication
For the related commands, see key, radius scheme, state. Example # Set the IP address of the primary accounting server of RADIUS scheme, “huawei”, to 10.110.1.2 and the UDP port 1813 to provide RADIUS accounting service. [Quidway-radius-huawei] primary accounting 10.110.1.2 1813 3.2.12 primary authentication...
Page 661: Radius Nas-Ip
For the related commands, see key, radius scheme , state. Example # Set the IP address of the primary authentication/authorization server of RADIUS scheme, “huawei”, to 10.110.1.1 and the UDP port 1812 to provide RADIUS authentication/authorization service. [Quidway-radius-huawei] primary authentication 10.110.1.1 1812 3.2.13 radius nas-ip...
Page 662: Radius Scheme
For the related commands, see key, retry realtime-accounting, radius-scheme, timer realtime-accounting, stop-accounting-buffer enable, retry stop-accounting, server-type, state, user-name-format, retry , display radius, display radius statistics . Example # Create a RADIUS scheme named “huawei” and enters its view. [Quidway] radius scheme huawei [Quidway-radius-huawei] Huawei Technologies Proprietary 3-31...
Page 663: Reset Radius Statistics
Configures to delete the stopping accounting requests from the buffer according to the saving time. Start-time specifies the start time of the saving time range and stop-time specifies the stop time of the saving time range. The Huawei Technologies Proprietary 3-32...
Page 664: Retry
<Quidway> reset stop-accounting-buffer time-range 0:0:0-2002/08/31 23:59:59-2002/08/31 3.2.17 retry Syntax retry retry-times undo retry View RADIUS scheme view Parameter retry-times: Specifies the maximum times of retransmission, ranging from 1 to 20. By default, the value is 3. Huawei Technologies Proprietary 3-33...
Page 665: Retry Realtime-Accounting
For the related command, see radius scheme. Example # Set to retransmit the RADIUS request packet no more than 5 times for the RADIUS scheme huawei. [Quidway-radius-huawei] retry 5 3.2.18 retry realtime-accounting Syntax retry realtime-accounting retry-times undo retry realtime-accounting...
Page 666: Retry Stop-Accounting
For the related command, see radius scheme Example # Allow the real-time accounting request failing to be responded for up to 10 times. [Quidway-radius-huawei] retry realtime-accounting 10 3.2.19 retry stop-accounting Syntax retry stop-accounting retry-times...
Page 667: Secondary Accounting
For the related commands, see key, radius scheme, state. Example # Set the IP address of the second accounting server of RADIUS scheme, huawei, to 10.110.1.1 and the UDP port 1813 to provide RADIUS accounting service. [Quidway-radius-huawei] secondary accounting 10.110.1.1 1813 3.2.21 secondary authentication...
Page 668: Server-Type
RADIUS scheme view Parameter huawei: Configures the switch system to support the RADIUS server of Huawei type, which requires the RADIUS client end (switch system) and RADIUS server to interact according to the private RADIUS protocol regulation and packet format of Huawei Technologies Co., Ltd.
Page 669: State
Quidway Series Ethernet Switches support standard RADIUS protocol and the extended RADIUS service platform developed by Huawei Technologies. For the related command, see radius scheme. Example # Set RADIUS server type of RADIUS scheme, “huawei” to huawei. [Quidway-radius-huawei] server-type huawei 3.2.23 state Syntax...
Page 670: Stop-Accounting-Buffer Enable
For the related commands, see radius scheme, primary authentication, secondary authentication, primary accounting, secondary accounting. Example # Set the second authentication server of RADIUS scheme, “huawei”, to be active. [Quidway-radius-huawei] state secondary authentication active 3.2.24 stop-accounting-buffer enable Syntax...
Page 671: Timer
For the related commands, see reset stop-accounting-buffer, radius scheme, display stop-accounting-buffer. Example # Indicate that, for the RADIUS scheme “Huawei”, the switch will save the stopping accounting request packets in the buffer [Quidway-radius-huawei] stop-accounting-buffer enable 3.2.25 timer...
Page 672: Timer Quiet
S3526E FM, S3526E FS and S3526C support this function, and S3526, S3526 FM and S3526 FS don’t. Example # Set the quiet time interval of the RADIUS server group “huawei” to 3 minutes. [Quidway] radius scheme huawei [Quidway-radius-huawei] timer quiet 3 3.2.27 timer realtime-accounting...
Page 673: User-Name-Format
500 to 999 ≥1000 ≥15 For the related commands, see retry realtime-accounting , radius scheme. Example # Set the real-time accounting interval of RADIUS scheme, “huawei”, to 15 minutes. [Quidway-radius-huawei] timer realtime-accounting 15 3.2.28 user-name-format Syntax user-name-format { with-domain | without-domain }...
Page 674 (excluding their respective domain names.) For the related command, see radius scheme. Example # Specify to send the username without domain name to RADIUS server. [Quidway-radius-huawei] user-name-format without-domain Huawei Technologies Proprietary 3-43...
Page 675: Chapter 4 Ead Configuration Commands
RADIUS scheme. The switch only responds to packets from the authentication server and security policy server after the user gets online. Example # Configure the security policy server with IP address 192.168.0.1. <Quidway>system-view System View: return to User View with Ctrl+Z. [Quidway] radius scheme Quidway Huawei Technologies Proprietary...
Page 676 Command Manual - Security Quidway S3500 Series Ethernet Switches Chapter 4 EAD Configuration Commands [Quidway-radius-Quidway] session-control-server 192.168.0.1 [Quidway-radius-Quidway ] display current-configuration radius scheme Quidway primary authentication 1.1.11.29 1812 secondary authentication 127.0.0.1 1645 user-name-format without-domain session-control-server 192.168.0.1 Huawei Technologies Proprietary...
Page 677: Chapter 5 Habp Configuration Commands
# Display HABP debugging state. [Quidway] display debugging habp HABP Debugging switch is on 5.1.2 display habp Syntax display habp View Any view Parameter None Description Using the display habp command, you can view configuration information and state of HABP attribute. Huawei Technologies Proprietary...
Page 678: Display Habp Table
Using the display habp table command, you can view HABP MAC address table. Example # Display HABP MAC address table. [Quidway] display habp table Holdtime Receive Port 001f-3c00-0030 Ethernet0/1 5.1.4 display habp traffic Syntax display habp traffic Huawei Technologies Proprietary...
Page 679: Habp Enable
802.1x authentication is skipped, packets will be filtered by 802.1x attribute, so the management over them is also impossible. When 802.1x attribute are enabled, HABP attribute should be enabled meanwhile. Example # Enable HABP attribute at a switch. Huawei Technologies Proprietary...
Page 680: Habp Server Vlan
[Quidway] habp server vlan 2 5.1.7 habp timer Syntax habp timer interval undo habp timer View System view Parameter interval: Time interval to send HABP request packets, in range of 5~600 seconds. By default, the time interval is 20 seconds. Huawei Technologies Proprietary...
Page 681 The command is only available on the switch whose HABP mode is set as server. Example # Define the time interval to send HABP request packets as 50 seconds. [Quidway] habp timer 50 Huawei Technologies Proprietary...
Page 682: Chapter 6 System-Guard Configuration Commands
# Display the record of the IP packets that the switch CPU receives during this detection interval.. [Quidway] display system-guard ip-record SrcIP[00]: DstIP[00]: RxPortNum: SrcIP[01]: DstIP[01]: RxPortNum: SrcIP[02]: DstIP[02]: RxPortNum: SrcIP[03]: DstIP[03]: RxPortNum: SrcIP[04]: DstIP[04]: RxPortNum: … (Omitted) Huawei Technologies Proprietary...
Page 683: Display System-Guard State
Disable dest IP addr learning from all ip addr in the list Table 6-2 Description of information generated by the command display system-guard state Field Description Ip-Attack threshold The max number of the learned IP addresses Deny threshold Threshold of consecutive detection time Huawei Technologies Proprietary...
Page 684: System-Guard Enable
For S3526E, S3526E FM, S3526E FS and S3526C: If the packets from the host with the source IP address needs to be handled by the switch CPU, the switch reduces the priority of the packets and drops the packets that has been sent to the CPU. Huawei Technologies Proprietary...
Page 685: System-Guard Detect-Maxnum
By default, the max detection count of affected hosts is 30. Example # Set the max detection count of affected hosts to 50. [Quidway] system-guard detect-maxnum 50 Huawei Technologies Proprietary...
Page 686: System-Guard Detect-Threshold
IP address exceed 50 for consecutive 3 times. Example # Set the IP-record-threshold, record-times-threshold, isolate-time of system-guard function to 50, 3, 5 [Quidway] system-guard detect-threshold 50 3 5 6.1.6 system-guard no-learn-dip enable Syntax system-guard no-learn-dip enable undo system-guard no-learn-dip enable Huawei Technologies Proprietary...
Page 687 IP address in the response, thus preventing the hosts from the virus attacks of destination address scanning. This command is only effective to the S3526, S3526 FM and S3526 FS. Example # Enable the switch not to learn the destination IP address in the packets. [Quidway] system-guard no-learn-dip enable Huawei Technologies Proprietary...
Page 688 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Reliability Huawei Technologies Proprietary...
Page 689 1.1.3 vrrp authentication-mode ..................1-3 1.1.4 vrrp method ......................1-4 1.1.5 vrrp ping-enable ...................... 1-5 1.1.6 vrrp vrid preempt-mode................... 1-5 1.1.7 vrrp vrid priority......................1-6 1.1.8 vrrp vrid timer ......................1-7 1.1.9 vrrp vrid track......................1-8 1.1.10 vrrp vrid virtual-ip....................1-8 Huawei Technologies Proprietary...
Page 690: Chapter 1 Vrrp Configuration Commands
Vlan-interface1 | Virtual Router 1 : INITIALIZE --> MASTER Table 1-1 Description of information generated by the command display vrrp Field Description Vlan-Interface1 Interface in which virtual router resides Virtual Router1 VRID of virtual router INITIALIZE Initial state MASTER New state Huawei Technologies Proprietary...
Page 691: Display Vrrp
Master IP : 0.0.0.0 Table 1-2 Description of information generated by the command display vrrp Field Description Run Method Run method: real or virtual MAC method Virtual IP ping Whether to enable to ping through virtual IP Huawei Technologies Proprietary...
Page 692: Vrrp Authentication-Mode
Indicates to perform simple character authentication. md5: Indicates to perform the AH authentication with MD5 algorithm. key: Authentication key. When simple authentication is configured, the key cannot exceed 8 characters. When md5 authentication is configured, the key cannot exceed 8 characters. Huawei Technologies Proprietary...
Page 693: Vrrp Method
When the authentication type and key are set, the upper/lower cases are not necessary to be matched. Example # Specify the authentication type and key for a VRRP virtual router. [Quidway-vlan-interface2] vrrp authentication-mode simple huawei 1.1.4 vrrp method Syntax vrrp method { real-mac | virtual-mac }...
Page 694: Vrrp Ping-Enable
You can only use the commands before configuring the backup group. Example # Enable the function to ping the virtual IP address of the backup group. [Quidway] vrrp ping-enable 1.1.6 vrrp vrid preempt-mode Syntax vrrp vrid virtual-router-ID preempt-mode [ timer delay delay-value ] Huawei Technologies Proprietary...
Page 695: Vrrp Vrid Priority
View VLAN interface view. Parameter virtual-router-ID: VRRP virtual router ID, ranging from 1 to 255. priority: Priority value, ranging from 1 to 254; By default, the priority value is 100. Huawei Technologies Proprietary...
Page 696: Vrrp Vrid Timer
You are supposed to set the identical timer value for the switches in the same virtual router to avoid improper configuration. Example # Configure the Master to transmit VRRP packets every 15 seconds. [Quidway-vlan-interface2] vrrp vrid 1 timer advertise 15 Huawei Technologies Proprietary...
Page 697: Vrrp Vrid Track
A single virtual router supports up to 8 tracks. Example # Configure to track the interface. [Quidway-vlan-interface2] vrrp vrid 1 track vlan-interface 1 reduced 50 1.1.10 vrrp vrid virtual-ip Syntax vrrp vrid virtual-router-ID virtual-ip ip-address undo vrrp vrid virtual-router-ID [ virtual-ip virtual-address ] Huawei Technologies Proprietary...
Page 698 # Add a virtual IP address to an existing virtual router. [Quidway-vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.11 # Delete a virtual IP address. [Quidway-vlan-interface2] undo vrrp vrid 1 virtual-ip 10.10.10.10 # Delete a virtual router. [Quidway-vlan-interface2] undo vrrp vrid 1 Huawei Technologies Proprietary...
Page 699: System Management
HUAWEI Quidway S3500 Series Ethernet Switches Command Manual System Management Huawei Technologies Proprietary...
Page 700 1.4 FTP Client Commands ....................1-18 1.4.1 ascii ........................1-18 1.4.2 binary........................1-18 1.4.3 bye......................... 1-19 1.4.4 cd........................... 1-19 1.4.5 cdup........................1-20 1.4.6 close ........................1-20 1.4.7 debugging......................1-21 1.4.8 delete........................1-21 1.4.9 dir .......................... 1-22 1.4.10 disconnect ......................1-22 Huawei Technologies Proprietary...
Page 701 3.1.8 reboot ........................3-5 3.1.9 temperature-limit ..................... 3-6 Chapter 4 System Maintenance Commands ................4-1 4.1 Basic System Configuration and Management Commands..........4-1 4.1.1 clock datetime ......................4-1 4.1.2 clock summer-time ....................4-1 4.1.3 clock timezone......................4-3 Huawei Technologies Proprietary...
Page 702 5.1 SNMP Configuration Commands..................5-1 5.1.1 display snmp-agent community................5-1 5.1.2 display snmp-agent ....................5-1 5.1.3 display snmp-agent group..................5-2 5.1.4 display snmp-agent mib-view.................. 5-3 5.1.5 display snmp-agent statistics .................. 5-4 5.1.6 display snmp-agent sys-info contact............... 5-5 Huawei Technologies Proprietary...
Page 703 7.1.4 display ntp-service trace ..................7-4 7.1.5 ntp-service access ....................7-4 7.1.6 ntp-service authentication enable ................7-5 7.1.7 ntp-service authentication-keyid................7-5 7.1.8 ntp-service broadcast-client ..................7-6 7.1.9 ntp-service broadcast-server................... 7-7 7.1.10 ntp-service in-interface disable ................7-8 7.1.11 ntp-service max-dynamic-sessions ............... 7-8 Huawei Technologies Proprietary...
Page 704 8.1.11 rsa local-key-pair destroy ..................8-9 8.1.12 rsa peer-public-key....................8-10 8.1.13 ssh server authentication-retries ................. 8-10 8.1.14 ssh server rekey-interval ..................8-11 8.1.15 ssh server timeout....................8-12 8.1.16 ssh user assign rsa-key ..................8-12 8.1.17 ssh user username authentication-type .............. 8-13 Huawei Technologies Proprietary...
Page 705: Chapter 1 File System Management Commands
Using cd command, you can change the current user configuration path on the Ethernet Switch. Example # Change the current working directory of the switch to flash. <Quidway>cd flash: <Quidway>pwd flash: 1.1.2 copy Syntax copy fileurl-source fileurl-dest View User view Parameter fileurl-source: Source file name. fileurl-dest: Destination file name. Huawei Technologies Proprietary...
Page 706: Delete
However they will be displayed, using the dir /all command. The files deleted by the delete command can be recovered with the undelete command or deleted permanently from the recycle bin, using the reset recycle-bin command. Huawei Technologies Proprietary...
Page 707 Directory of flash:/test/ -rwxrwxrwx 1 noone nogroup Sep 20 2003 14:28:52 test.txt 7932928 bytes total (4966400 bytes free) # Display all files with the names starting with "t" in the directory flash:/test/ <Quidway> dir flash:/test/t* Directory of flash:/test/ Huawei Technologies Proprietary...
Page 708: File Prompt
If the prompt mode is set as quiet, that is, no prompt for file operations, some non-recoverable operations may lead to system damage. Example # Configure the prompt mode of file operation as quiet. [Quidway] file prompt quiet Huawei Technologies Proprietary...
Page 709: Format
Description Using mkdir command, you can create directory in the specified directory on the storage device. The directory to be created cannot have the same name as that of other directory or file in the specified directory. Huawei Technologies Proprietary...
Page 710: More
Other users can share the project (.dsp) file, but they should export the makefiles locally. 1.1.9 move Syntax move fileurl-source fileurl-dest View User view Parameter fileurl-source: Source file name. Huawei Technologies Proprietary...
Page 711 Sep 20 2003 14:27:58 test -rwxrwxrwx 1 noone nogroup Sep 20 2003 14:41:44 sample.txt 7932928 bytes total (4963328 bytes free) <Quidway> dir flash:/test/ Directory of flash:/test/ drwxrwxrwx 1 noone nogroup Sep 20 2003 14:36:11 7932928 bytes total (4963328 bytes free) Huawei Technologies Proprietary...
Page 712: Pwd
If the destination file name is the same as an existing directory name, operation fails. If the destination file name is the same as an existing file name, prompt whether to overwrite. Example # Display the current directory information. <Quidway> dir Huawei Technologies Proprietary...
Page 713: Reset Recycle-Bin
Name of the file to be deleted. Description Using reset recycle-bin command, you can permanently delete files from the recycle bin. The delete command only puts the file into the recycle bin, but reset recycle-bin command will delete this file permanently. Huawei Technologies Proprietary...
Page 714: Rmdir
Parameter directory: Directory name. Description Using rmdir command, you can cancel a directory. The directory to be deleted must be empty. Example # Delete the directory huawei. <Quidway> rmdir huawei Rmdir huawei?[Y/N]:y % Removed directory huawei 1.1.14 undelete Syntax undelete file-url...
Page 715: Configuration File Management Commands
1 noone nogroup Sep 20 2003 14:27:58 test -rwxrwxrwx 1 noone nogroup Sep 20 2003 14:54:16 sample.bak 7932928 bytes total (4962304 bytes free) 1.2 Configuration File Management Commands 1.2.1 reset saved-configuration Syntax reset saved-configuration View User view Huawei Technologies Proprietary 1-11...
Page 716: Save
This will delete the configuration in the flash memory. The switch configurations will be erased to reconfigure. Are you sure?[Y/N] 1.2.2 save Syntax save View User view Parameter None Description Using save command, you can save the current configuration files to Flash memory. Huawei Technologies Proprietary 1-12...
Page 717: Ftp Server Configuration Commands
Server. You can perform this command to verify the configuration after setting FTP parameters. Example # Display the configuration of FTP Server parameters. <Quidway> display ftp-server FTP server is running Max user number User count Timeout value(in minute) Huawei Technologies Proprietary 1-13...
Page 718: Display Ftp-User
Using undo ftp server command, you can close FTP Server and disable FTP user logon. By default, FTP Server is shut down. Perform this command to easily start or shut down FTP Server, preventing Ethernet Switch from being attacked by some unknown user. Huawei Technologies Proprietary 1-14...
Page 719: Ftp Timeout
# Set the connection timeout to 36 minutes. [Quidway] ftp timeout 36 1.3.5 local-user Syntax local-user user-name undo local-user { user-name | all [ service-type { telnet | ftp | lan-access } ] } View System view Huawei Technologies Proprietary 1-15...
Page 720: Password
Specifies to display passwords in cipher text. password: Defines a password, which is a character string of up to 16 characters if it is in simple text and of up to 24 characters if it is in cipher text. Huawei Technologies Proprietary 1-16...
Page 721: Service-Type
Using service-type command, you can configure a service type for a particular user. Using undo service-type command, you can cancel the specified service type for the user. Example # Set to provide the lan-access service for the user huawei1. Huawei Technologies Proprietary 1-17...
Page 722: Ftp Client Commands
# Configure to transmit data in the ASCII mode. [ftp] ascii 200 Type set to A. 1.4.2 binary Syntax binary View FTP Client view Parameter None Description Using binary command, you can configure file transmission type as binary mode. Huawei Technologies Proprietary 1-18...
Page 723: Bye
Using cd command, you can change the working path on the remote FTP Server. This command is used to access another directory on FTP Server. Note that the user can only access the directories authorized by the FTP server. Huawei Technologies Proprietary 1-19...
Page 724: Cdup
Using close command, user can disconnect FTP client side from FTP server side without exiting FTP client side view. That is to say, you can terminate the control connection and data connection with the remote FTP Server at the same time. Related command: open. Huawei Technologies Proprietary 1-20...
Page 725: Debugging
View FTP Client view Parameter remotefile: File name. Description Using delete command, you can cancel the specified file. This command is used to delete a file. Example # Delete the file temp.c [ftp] delete temp.c Huawei Technologies Proprietary 1-21...
Page 726: Dir
FTP client side view. This command terminates the control connection and data connection with the remote FTP Server at the same time. Example # Terminate connection with the remote FTP Server and stays in FTP Client view. [ftp] disconnect Huawei Technologies Proprietary 1-22...
Page 727: Ftp
Using get command, you can download a remote file and save it locally. If no local file name is specified, it will be considered the same as that on the remote FTP Server. Example # Download the file temp1.c and saves it as temp.c [ftp] get temp1.c temp.c Huawei Technologies Proprietary 1-23...
Page 728: Lcd
Remote file to be queried. localfile: Saved local file name. Description Using ls command, you can query a specified file. If no parameter is specified, all the files will be shown. Example # Query file temp.c [ftp] ls temp.c Huawei Technologies Proprietary 1-24...
Page 729: Mkdir
Using open command, you can establish control connection with the remote FTP Server in the FTP Client view. Related command: close. Example # Establish control connection with the FTP Server, which IP address is 1.1.1.1. [ftp] open 1.1.1.1 Trying ... Huawei Technologies Proprietary 1-25...
Page 730: Passive
By default, the data transmission mode is passive mode Example # Set the data transmission to passive mode. [ftp] passive 1.4.18 put Syntax put localfile [ remotefile ] View FTP Client view Parameter localfile: Local file name. Huawei Technologies Proprietary 1-26...
Page 731: Pwd
Using pwd command, you can view the current directory on the remote FTP Server. Example # Show the current directory on the remote FTP Server. [ftp] pwd "flash:/temp" is current directory. 1.4.20 quit Syntax quit View FTP Client view Parameter None Huawei Technologies Proprietary 1-27...
Page 732: Remotehelp
Example # Show the syntax of the protocol command user. [ftp] remotehelp user 214 Syntax: USER <sp> <username> 1.4.22 rmdir Syntax rmdir pathname View FTP Client view Parameter pathname: Directory name of remote FTP Server. Huawei Technologies Proprietary 1-28...
Page 733: User
# Log in the FTP Server with username tom and password bjhw. [ftp] user tom bjhw 1.4.24 verbose Syntax verbose undo verbose View FTP Client view Parameter None Description Using verbose command, you can enable verbose. Using undo verbose command, you can disable verbose. Huawei Technologies Proprietary 1-29...
Page 734: Tftp Configuration Commands
For the related commands, see tftp get, tftp put. Example # Transmit the files in text format. [Quidway] tftp ascii 1.5.2 tftp get Syntax tftp get //A.A.A.A/xxx.yyy mmm.nnn View System view Huawei Technologies Proprietary 1-30...
Page 735: Tftp Put
TFTP server (at A.A.A.A) and saving it as mmm.nnn. For the related commands, see tftp, tftp get. Example # Upload the vrpcfg.txt to the TFTP server at 1.1.3.214 and save it as Temp.txt. [Quidway] tftp ascii [Quidway] tftp put vrpcfg.txt //1.1.3.214/temp.txt Huawei Technologies Proprietary 1-31...
Page 736: Mac-Address
2.1.2 display mac-address Syntax display mac-address [ mac-addr [ vlan vlan-id ] | [ static | dynamic ] [ interface { interface-name | interface-type interface-num } ] [ vlan vlan-id ] [ count ] ] View Any view Huawei Technologies Proprietary...
Page 737 # Show the information of the entry with MAC address at 00e0-fc01-0101 on S3526. [Quidway] display mac-address 00e0-fc01-0101 MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s) 00e0-fc01-0101 Learned Ethernet0/1 2.1.3 mac-address Syntax mac-address { static | dynamic } mac-addr interface { interface-name | interface-type interface-num } vlan vlan-id Huawei Technologies Proprietary...
Page 738: Mac-Address Max-Mac-Count
# Configure the port number corresponding to the MAC address 00e0-fc01-0101 as Ethernet0/1 in the address table, and sets this entry as static entry. [Quidway] mac-address static 00e0-fc01-0101 interface ethernet 0/1 vlan 2 2.1.4 mac-address max-mac-count Syntax mac-address max-mac-count count undo mac-address max-mac-count Huawei Technologies Proprietary...
Page 739: Mac-Address Timer
System view Parameter aging age: Specifies the aging time (measured in seconds) of the Layer-2 dynamic address table entry, ranging from 10 to 1000000. By default, the aging time is 300 seconds. no-aging : No aging time. Huawei Technologies Proprietary...
Page 740 If aging time is set too short, the Ethernet switch may delete valid MAC address table. Example # Configure the entry aging time of Layer-2 dynamic address table to be 500 seconds. [Quidway] mac-address timer aging 500 Huawei Technologies Proprietary...
Page 741: Chapter 3 Device Management Commands
The specifed file will be booted next time! <Quidway> 3.1.2 boot bootrom Syntax boot bootrom file-url View User view Parameter file-url: File path and file name of Bootrom. Description Using boot bootrom command, you can upgrade bootrom. Huawei Technologies Proprietary...
Page 742: Display Boot-Loader
3.1.4 display cpu Syntax display cpu View Any view Parameter None Description Using display cpu command, you can display CPU occupancy. Example # Display CPU occupancy. <Quidway> display cpu CPU busy status: 18% in last 5 seconds Huawei Technologies Proprietary...
Page 743: Display Device
Example # Show the card information. <Quidway> display device SlotNo SubSNo PortNum PCBVer FPGAVer CPLDVer BootRomVer AddrLM Type REV.0 MAIN The following table describes the displaying information. Huawei Technologies Proprietary...
Page 744: Display Fan
Perform this command to see if they work normally. Example # Display the working state of the fans. <Quidway> display fan 1 State: Normal 2 State: Normal The above information indicates that all fans work normally. Huawei Technologies Proprietary...
Page 745: Display Memory
System Total Memory(bytes) The Total Memory of switch, unit in byte Total Used Memory(bytes) The Total used Memory of switch, unit in byte Used Rate The memory used rate 3.1.8 reboot syntax reboot View User view Parameter None. Huawei Technologies Proprietary...
Page 746: Temperature-Limit
Upper temperature limit, ranging from 50 to 80, unit in℃. Description Using temperature-limit command, you can configure temperature limit. Using undo temperature-limit command, you can restore temperature limit to default value. Example # Set the lower and upper temperature limit. <Quidway> temperature-limit 0 10 75 Huawei Technologies Proprietary...
Page 747: Chapter 4 System Maintenance Commands
Example # Set the current date of Ethernet Switch to 0:0:0, 2001/01/1. <Quidway> clock datetime 0:0:0 2001/01/01 4.1.2 clock summer-time Syntax clock summer-time zone_name { one-off | repeating } start-time start-date end-time end-date offset-time undo clock summer-time Huawei Technologies Proprietary...
Page 748: Clock Summer-Time
# Set the summer time for z2 that starts at 06:00:00 on 08/06 and ends at 06:00:00 on 01/09 in each year from 2002 on with the time adding 1 hour. <Quidway> clock summer-time repeating 06:00:00 2002/06/08 06:00:00 2002/09/01 01:00:00 Huawei Technologies Proprietary...
Page 749: Clock Timezone
# Set the name of the local time zone as Z5 with the time adding 5 hours compared with the UTC. <Quidway> clock timezone z5 add 05:00:00 4.1.4 sysname Syntax sysname sysname undo sysname View System view Huawei Technologies Proprietary...
Page 750: System Status And System Information Display Commands
The maximum date and time the system can display is 23:59:59 9999/12/31. For the related commands, see clock. Example # View the current system date and clock. <Quidway> display clock 15:50:45 UTC Mon 2001/2/12 Huawei Technologies Proprietary...
Page 751: Display Current-Configuration
When there is much configuration information, you can use the regular expression to filter the output information. For specific rules about the regular expression, refer to the corresponding operation manual. For the related command, see save, reset saved-configuration and display saved-configuration. Huawei Technologies Proprietary...
Page 752 127.0.0.1 key nec interface Aux0/0 vlan 1 interface Ethernet0/1 interface Ethernet0/2 interface Ethernet0/3 interface Ethernet0/4 interface Ethernet0/5 interface Ethernet0/6 interface Ethernet0/7 Huawei Technologies Proprietary...
Page 753 0 user-interface vty 0 4 return # View the lines containing the character string “10*” in the configuration information. The “*” indicates that the “0” before it can appear 0 times or multiple consecutive times. Huawei Technologies Proprietary...
Page 754 <Quidway> display current-configuration configuration sysname Quidway radius scheme system server-type nec primary authentication 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain domain system radius-scheme system access-limit disable state active idle-cut disable self-service-url disable messenger time disable domain default enable system Huawei Technologies Proprietary...
Page 755: Display Debugging
Show all the enabled debugging when there is no parameter. For the related commands, see debugging. Example # Show all the enabled debugging. <Quidway> display debugging IP packet debugging switch is on. 4.2.4 display saved-configuration Syntax display saved-configuration Huawei Technologies Proprietary...
Page 756 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain domain system radius-scheme system access-limit disable state active idle-cut disable self-service-url disable messenger time disable domain default enable system local-server nas-ip 127.0.0.1 key nec interface Aux0/0 Huawei Technologies Proprietary 4-10...
Page 757 Ethernet0/3 interface Ethernet0/4 interface Ethernet0/5 interface Ethernet0/6 interface Ethernet0/7 interface Ethernet0/8 interface Ethernet0/9 interface Ethernet0/10 interface Ethernet0/11 interface Ethernet0/12 interface Ethernet0/13 interface Ethernet0/14 interface Ethernet0/15 interface Ethernet0/16 interface Ethernet0/17 interface Ethernet0/18 interface Ethernet0/19 interface Ethernet0/20 Huawei Technologies Proprietary 4-11...
Page 758: Display Users
Using display users command, you can view information about users connected to the switch. Example # Display the status of the current users. <Quidway> display users Delay IPaddress Username F 0 AUX 0 00:00:00 4.2.6 display version Syntax display version Huawei Technologies Proprietary 4-12...
Page 759: System Debug Commands
4.3 System Debug Commands 4.3.1 debugging Syntax debugging { all | module-name [ debugging-option ] } undo debugging { all | module-name [ debugging-option ] } View User view Parameter all: Enable or disable all the debugging. Huawei Technologies Proprietary 4-13...
Page 760: Display Diagnostic-Information
When the Ethernet switch does not run well, you can collect all sorts of information about the switch to locate the source of fault. However, each module has its corresponding display command, which make it difficult for you to collect all the Huawei Technologies Proprietary 4-14...
Page 761: Network Connection Test Commands
20:12:39 UTC Mon 2000/5/8 ---------------display version--------------- Huawei Versatile Routing Platform Software VRP (tm) software, Version 3.10 Copyright (c) 2000-2002 HUAWEI TECH CO., LTD. 4.4 Network Connection Test Commands 4.4.1 ping Syntax ping [ -a ip-address ] [-c count ] [ -d ] [ -f ] [ -h ttl ] [ -i {interface-type interface-num |...
Page 762 ICMP ECHO-REPLY to the source host after receiving ICMP ECHO-REQUEST. Perform ping command to troubleshoot the network connection and line quality. The output information includes: Huawei Technologies Proprietary 4-16...
Page 763: Tracert
-f: Configure to verify the -f switch, first-TTL specifies an initial TTL, ranging from 0 to the maximum TTL. -m: Configure to verify the -m switch, max-TTL specifies a maximum TTL larger than the initial TTL. Huawei Technologies Proprietary 4-17...
Page 764 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms Huawei Technologies Proprietary 4-18...
Page 765: Log Commands
Without parameter, display channel command shows the configurations of all the channels. Example # Show details about the information channel 0. <Quidway> display channel 0 channel number:0, channel name:console MODU_ID NAME ENABLE LOG LEVEL ENABLE TRAP LEVEL ENABLE DEBUGGING LEVEL ffff0000 all warning debugging debugging Huawei Technologies Proprietary 4-19...
Page 766: Display Info-Center
Trap buffer: enabled, max buffer size:1024, current buffer size:256 current messages:0, channel number:3, channel name:trapbuffer dropped messages:0, overwrote messages:0 Information timestamp setting: Huawei Technologies Proprietary 4-20...
Page 767: Info-Center Channel Name
[Quidway] info-center channel 0 name execconsole 4.5.4 info-center console channel Syntax info-center console channel { channel-number | channel-name } undo info-center console channel View System view Parameter channel-number: Channel number, ranging from 0 to 9, that is, system has ten channels. Huawei Technologies Proprietary 4-21...
Page 768: Info-Center Enable
Only after the system log function is enabled can the system output the log information to the info-center loghost and console, etc. For the related commands, see info-center loghost, info-center logbuffer, info-center console channel, info-center monitor channel, display info-center. Example # Enable the system log function. [Quidway] info-center enable Huawei Technologies Proprietary 4-22...
Page 769: Info-Center Logbuffer
[Quidway] info-center logbuffer size 50 4.5.7 info-center loghost Syntax info-center loghost host-ip-addr [ channel { channel-number | channel-name } ] [ facility local-number ] [ language { chinese | english } ] undo info-center loghost host-ip-addr Huawei Technologies Proprietary 4-23...
Page 770: Info-Center Loghost Source
For the related commands, see info-center enable,display info-center. Example # Configure to send log information to the UNIX workstation at 202.38.160.1. [Quidway] info-center loghost 202.38.160.1 4.5.8 info-center loghost source Syntax info-center loghost source interface-name undo info-center loghost source View System view Huawei Technologies Proprietary 4-24...
Page 771: Info-Center Monitor Channel
Using undo info-center monitor channel command, you can restore the channel to output the log information to the user terminal to default value. By default, Ethernet switches do not output log information to user terminal. Huawei Technologies Proprietary 4-25...
Page 772: Info-Center Snmp Channel
{ modu-name | default } channel { channel-number | channel-name } [ { log | trap | debug } * { level severity | state state } * ] undo info-center source { modu-name | default } channel { channel-number | channel-name } Huawei Technologies Proprietary 4-26...
Page 773 Channel number to be set. channel-name: Channel name to be set. The name can be channel6, channel7, channel8, channel9, console, logbuffer, loghost, monitor, snmpagent, trapbuffer. state: Set the state of the information. state: Specify the state as on or off. Huawei Technologies Proprietary 4-27...
Page 774 Example # Configure to enable the log information of VLAN module in SNMP channel and allows the output of the information with a level higher than emergencies. [Quidway] info-center source vlan channel snmp log level emergencies Huawei Technologies Proprietary 4-28...
Page 775: Info-Center Timestamp
# Configure the debugging information timestamp format as boot. [Quidway] info-center timestamp debugging boot 4.5.13 info-center trapbuffer Syntax info-center trapbuffer [ size buffersize ] [ channel { channel-number | channel-name } ] undo info-center trapbuffer [ channel | size ] View System view Huawei Technologies Proprietary 4-29...
Page 776: Reset Logbuffer
[Quidway] info-center trapbuffer size 30 4.5.14 reset logbuffer Syntax reset logbuffer View User view Parameter None Description Using reset logbuffer command, you can reset information in log buffer. Example # Clear information in log buffer. <Quidway> reset logbuffer Huawei Technologies Proprietary 4-30...
Page 777: Reset Trapbuffer
Using undo terminal debugging command, you can configure not to display the debugging information on the terminal. By default, the displaying function is disabled. For the related commands, see debugging. Example # Enable the terminal display debugging. <Quidway> terminal debugging Huawei Technologies Proprietary 4-31...
Page 778: Terminal Logging
Using terminal monitor command, you can enable the log debugging/log/trap on the terminal monitor. Using undo terminal monitor command, you can disable these functions. By default, enable these functions for the console user and disable them for the terminal user. Huawei Technologies Proprietary 4-32...
Page 779: Terminal Trapping
Using terminal trapping command, you can enable terminal trap information display. Using undo terminal trapping command, you can disable this function. By default, this function is enabled. Example # Enable trap information display. <Quidway> terminal trapping Huawei Technologies Proprietary 4-33...
Page 780: Snmp Configuration Commands
# Display the currently configured community names. <Quidway> display snmp-agent community community name:public group name:public storage-type: nonVolatile community name:tom group name:huawei storage-type: nonVolatile 5.1.2 display snmp-agent Syntax display snmp-agent { local-engineid | remote-engineid } View Any view Huawei Technologies Proprietary...
Page 781: Display Snmp-Agent Group
Using display snmp-agent group command, you can view group name, safe mode, state of various views and storage modes. Example # Display SNMP group name and safe mode. <Quidway> display snmp-agent group Group name: huawei Security model: v2c noAuthnoPriv Readview: ViewDefault Writeview: <no specified> Notifyview :<no specified>...
Page 782: Display Snmp-Agent Mib-View
MIB view configuration information of the Ethernet switch. Example # Display the information about the currently configured MIB view. <Quidway> display snmp-agent mib-view View name:mv MIB Subtree:internet Storage-type: nonVolatile -included active View name:test MIB Subtree:internet Storage-type: nonVolatile -included active Huawei Technologies Proprietary...
Page 783: Display Snmp-Agent Statistics
Indicate the line state in the table Caution: If the SNMP Agent is disabled, "Snmp Agent disabled" will be displayed after you execute the above display commands. 5.1.5 display snmp-agent statistics Syntax display snmp-agent statistics View Any view Parameter None Huawei Technologies Proprietary...
Page 784: Display Snmp-Agent Sys-Info Contact
0 Trap PDUs accepted and processed 5.1.6 display snmp-agent sys-info contact Syntax display snmp-agent sys-info contact View Any view Parameter None Description Using display snmp-agent sys-info contact command, you can view the character string sysContact (system contact). Huawei Technologies Proprietary...
Page 785: Display Snmp-Agent Sys-Info Location
BeiJing China 5.1.8 display snmp-agent sys-info version Syntax display snmp-agent sys-info version View Any view Parameter None Description Using display snmp-agent sys-info version command, you can view the version information about the running SMNMP in the system. Huawei Technologies Proprietary...
Page 786: Display Snmp-Agent Usm-User
The following table describes the output fields. Table 5-3 Output description of the display snmp-agent usm-user command Field Description User name Name of SNMP user Engine ID Character string identifying SNMP device UserStatus The status of the user, may be active or inactive. Huawei Technologies Proprietary...
Page 787: Snmp-Agent Local-Engineid
{ read | write } community-name [ [ mib-view view-name ] [ acl acl-list ] ] undo snmp-agent community community-name View System view Parameter read: Indicate that MIB object can only be read. write: Indicate that MIB object can be read and written. Huawei Technologies Proprietary...
Page 788: Snmp-Agent Group
SNMP. Using undo snmp-agent community command, you can cancel the settings of community access name. Example # Configure community name as huawei and permits read-only access by this community name. [Quidway] snmp-agent community read huawei # Configure community name as mgr and permits read-write access.
Page 789: Snmp-Agent Mib-View
Any change of the SNMP group notify view will affect all the users related to this group. Please do not specify the notify view when configuring SNMP group. Example # Create an SNMP group named huawei. [Quidway] snmp-agent group v3 huawei. 5.1.13 snmp-agent mib-view Syntax...
Page 790: Snmp-Agent Packet Max-Size
| v3 } * | all } } undo snmp-agent sys-info { [ contact ] [ location ] | version { { v1 | v2c | v3 } * | all } } View System view Huawei Technologies Proprietary 5-11...
Page 791: Snmp-Agent Target-Host
SNMP. Using undo snmp-agent sys-info location command, you can restore the default value. By default, the contact information is "HuaWei Beijing China", the system location is "Beijing China", the SNMP version is SNMP V3. Example # Set system location as Building 3/Room 214.
Page 792: Snmp-Agent Trap Enable
Example # Enable sending Trap message to myhost.huawei.com with community name huawei. [Quidway] snmp-agent trap enable [Quidway] snmp-agent target-host trap address udp-domain 2.2.2.2 params securityname huawei # Enable sending Trap packets to 2.2.2.2 with the community name public...
Page 793 Example # Enable to send the trap packet of SNMP authentication failure to 10.1.1.1. The community name is huawei. [Quidway] snmp-agent trap enable standard authentication [Quidway] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname huawei...
Page 794: Snmp-Agent Trap Life
Length of queue, ranging from 1 to 1000; By default, the length is 100. Description Using snmp-agent trap queue-size command, you can configure the information queue length of Trap packet sent to destination host. Using undo snmp-agent trap queue-size command, you can restore the default value. Huawei Technologies Proprietary 5-15...
Page 795: Snmp-Agent Trap Source
[ authentication-mode { md5 | sha } authpassstring [ privacy-mode { des56 privpassstring } ] ] [ acl acl-list ] undo snmp-agent usm-user v3 username groupname { local | engineid engine-id } View System view Huawei Technologies Proprietary 5-16...
Page 796 For V1 and V2C, this command will add a new community name. For V3, it will add a new user for an SNMP group. Example # Add a user wang for huawei (an SNMP group), configures to authenticate with MD5 and sets authentication password as pass. [Quidway] snmp-agent usm-user v3 wang huawei authentication-mode md5 pass...
Page 797: Undo Snmp-Agent
Using undo snmp-agent command, you can disable all versions of SNMP running on the server. Perform any command of snmp-agent will enable SNMP Agent. Example # Disable the running SNMP agents of all SNMP versions. [Quidway] undo snmp-agent Huawei Technologies Proprietary 5-18...
Page 798: Chapter 6 Rmon Configuration Commands
Using display rmon alarm command, you can view RMON alarm information. For the related commands, see rmon alarm. Example # Display the RMON alarm information. <Quidway> display rmon alarm Alarm table 1 owned by HUAWEI is VALID. Samples absolute value : 1.3.6.1.2.1.16.1.1.1.4.1 <etherStatsOctets.1> Sampling interval : 10(sec) Rising threshold...
Page 799: Display Rmon Event
Example # Show the RMON event. <Quidway> display rmon event Event table 1 owned by HUAWEI is VALID. Description: null. Will cause log-trap when triggered, last triggered at 0days 00h:02m:27s. Table 6-2 Output description of the display rmon event command...
Page 800: Display Rmon Eventlog
Example # Show event log of RMON. <Quidway> display rmon eventlog 1 Event table 1 owned by HUAWEI is VALID. Generates eventLog 1.1 at 0days 00h:01m:39s. Description: The 1.3.6.1.2.1.16.1.1.1.4.1 defined in alarm table 1, less than(or =) 100 with alarm value 0. Alarm sample type is absolute.
Page 801: Display Rmon History
For the related commands, see rmon history. Example # Show the RMON history information. <Quidway> display rmon history ethernet 2/1 History control entry 1 owned by HUAWEI is VALID Samples interface : Ethernet2/1<ifEntry.642> Sampling interval : 10(sec) with 10 buckets max...
Page 802: Display Rmon Prialarm
Number of collision packets utilization Utilization 6.1.5 display rmon prialarm Syntax display rmon prialarm [ prialarm-table-entry ] View Any view Parameter prialarm-table-entry:entry of extended alarm table. Description Using display rmon prialarm command, you can view information about extended alarm table. Huawei Technologies Proprietary...
Page 803: Display Rmon Statistics
Chapter 6 RMON Configuration Commands For the related commands, see rmon prialarm. Example # display alarm information about extended RMON. <Quidway> display rmon prialarm Prialarm table 1 owned by HUAWEI is VALID. Samples absolute value : .1.3.6.1.2.1.16.1.1.1.4.1 Sampling interval : 10(sec)
Page 804 For the related commands, see rmon statistics. Example # Show RMON statistics. <Quidway> display rmon statistics Ethernet 2/1 Statistics entry 1 owned by HUAWEI is VALID. Interface : Ethernet2/1<ifEntry.642> Received octets , packets broadcast packets...
Page 805: Rmon Alarm
Falling threshold, ranging from 0 to 2147483647. event-entry2: Event number corresponding to the falling threshold, ranging from 0 to 65535. owner text: Specifies the creator of the alarm. Length of the character string ranges from 1 to 127. Huawei Technologies Proprietary...
Page 806: Rmon Event
Event management of RMON defines the way to deal with event number and event-log, send trap message or log while sending trap message. In this way, alarm events may obtain corresponding treatment Huawei Technologies Proprietary...
Page 807: Rmon History
6.1.10 rmon prialarm Syntax rmon prialarm entry-number alarm-var [ alarm-des ] sampling-timer { delta | absolute | changeratio } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 entrytype { forever | cycle cycle-period } [ owner text ] Huawei Technologies Proprietary 6-10...
Page 808 RMON alarm table. The number of instances can be created in the table depends on the hardware resource of the product. Example # Delete line 10 from the extended RMON alarm table. [Quidway] undo rmon prialarm 10 Huawei Technologies Proprietary 6-11...
Page 809: Rmon Statistics
Statistics includes collision, CRC (Cyclic Redundancy Check) and queue, undersized or oversized packet, timeout, fragment, broadcast, multicast, unicast, and bandwidth utility. Example # Add the entry 20 to the statistics table of Ethernet1/1. [Quidway-ethernet1/1] rmon statistic 20 Huawei Technologies Proprietary 6-12...
Page 810: Chapter 7 Ntp Configuration Commands
NTP clock synchronization information debugging. validity: NTP remote host validity debugging. Description Using debugging ntp-service command, you can debug different NTP services. Using undo debugging ntp-service command, you can disable corresponding debugging function. By default, no debugging function is enabled. Huawei Technologies Proprietary...
Page 811: Display Ntp-Service Sessions
Example <Quidway> display ntp-service sessions source refid poll reach delay offset disp ******************************************************************** [12345]212.125.95.4 131.188.3.221 64 377 339.8 10.8 note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured 7.1.3 display ntp-service status Syntax display ntp-service status View Any view Huawei Technologies Proprietary...
Page 812 Root delay from local equipment to the master reference clock. root dispersion Dispersion of the local clock relative to the NTP server clock peer dispersion Dispersion of the remote NTP server. reference time Reference timestamp Huawei Technologies Proprietary...
Page 813: Display Ntp-Service Trace
The IP address list number, ranging from 2000 to 2999. Description Using ntp-service access command, you can set the authority to access the local equipment. Using undo ntp-service access command, you can cancel the access authority settings. Huawei Technologies Proprietary...
Page 814: Ntp-Service Authentication Enable
Using undo ntp-service authentication enable command, you can disable this function. By default, the authentication is disabled. Example # Enable NTP authentication function. [Quidway] ntp-service authentication enable 7.1.7 ntp-service authentication-keyid Syntax ntp-service authentication-keyid number authentication-mode md5 value Huawei Technologies Proprietary...
Page 815: Ntp-Service Broadcast-Client
NTP broadcast client mode. By default, the NTP broadcast client mode is disabled. Designate an interface on the local Ethernet Switch to receive NTP broadcast messages and operate in broadcast client mode. The local Ethernet Switch listens to Huawei Technologies Proprietary...
Page 816: Ntp-Service Broadcast-Server
Example # Configure to broadcast NTP packets via Vlan-Interface1 and encrypt them with Key 4 and set the NTP version number as 3. [Quidway] interface vlan-interface1 Huawei Technologies Proprietary...
Page 817: Ntp-Service In-Interface Disable
# Disable Vlan-Interface1 to receive NTP message. [Quidway] interface vlan-interface1 [Quidway-Vlan-Interface1] ntp-service in-interface disable 7.1.11 ntp-service max-dynamic-sessions Syntax ntp-service max-dynamic-sessions number undo ntp-service max-dynamic-sessions View System view Parameter number: The maximum sessions can be created locally, ranging from 0 to 100. Huawei Technologies Proprietary...
Page 818: Ntp-Service Multicast-Client
Example # Configure to receive NTP multicast packet via Vlan-Interface1 and the multicast group corresponding to these packets located at 224.0.1.1. [Quidway] interface vlan-interface 1 [Quidway-Vlan-Interface1] ntp-service multicast-client 224.0.1.1 Huawei Technologies Proprietary...
Page 819: Ntp-Service Multicast-Server
Example # Configure to transmit NTP multicast packets encrypted with Key 4 via Vlan-Interface1 at 224.0.1.1 and use NTP version 3. [Quidway] interface vlan-interface 1 [Quidway-Vlan-Interface1] ntp-service multicast-server 224.0.1.1 authentication-keyid 4 version 3 Huawei Technologies Proprietary 7-10...
Page 820: Ntp-Service Refclock-Master
# Set the local clock as the NTP master clock to provide synchronized time for its peers and locate it at stratum 3. [Quidway] ntp-service refclock-master 3 7.1.15 ntp-service reliable authentication-keyid Syntax ntp-service reliable authentication-keyid number undo ntp-service reliable authentication-keyid number View System view Huawei Technologies Proprietary 7-11...
Page 821: Ntp-Service Source-Interface
Specify an interface. The source IP address of the packets will be taken from the address of the interface. interface-type: Specify the interface type and determine an interface with the interface-number parameter. interface-number: Specify the interface number and determine an interface with the interface-type parameter. Huawei Technologies Proprietary 7-12...
Page 822: Ntp-Service Unicast-Peer
Specify the interface name. When a local device sends an NTP message to a peer, the source IP address of the message is taken from the address of the interface. interface-type: Specify the interface type and determine an interface together with the interface-number parameter. Huawei Technologies Proprietary 7-13...
Page 823: Ntp-Service Unicast-Server
NTP version number, ranging from 1 to 3. authentication-keyid: Define authentication key. keyid: Key ID used for transmitting messages to a remote server, ranging from 0 to 4294967295. source-interface: Specify the name of an interface. Huawei Technologies Proprietary 7-14...
Page 824 By operating in client mode, a local device can be synchronized by a remote server, but not synchronize any remote server. Example # Designate the server at 128.108.22.44 to synchronize the local device and use NTP version 3. [Quidway] ntp-service unicast-server 128.108.22.44 version 3 Huawei Technologies Proprietary 7-15...
Page 825: Chapter 8 Ssh Configuration Commands
By default, debugging function is disabled. For the related commands, see ssh server authentication-retries, ssh server rekey-interval, ssh server timeout. Example # Print debugging information in running SSH <Quidway> debugging ssh server vty 0 00:23:20: SSH0: starting SSH control process Huawei Technologies Proprietary...
Page 826: Display Rsa Local-Key-Pair Public
08B84DDB 5F4DB8E7 A115B74E 2D41D96C AC61D276 AA027E41 DD48DE64 696E0934 EB872805 02030100 01 % Key pair was generated at: 12:26:45 UTC 2002/4/4 Key name: rtvrp_Server Usage: Encryption Key Key Data: 30670260 C05280D9 BA0D56C8 7BE43379 8634CDE7 83ABA9A2 3F36280E 25995487 4FF6AD7A 0E57871C 761E6D92 9914D8C5 CC577388 5B580B94 C2172C8F 36039EED Huawei Technologies Proprietary...
Page 827: Display Rsa Peer-Public-Key
Key address: Data: 30818602 8180739A 291ABDA7 04F5D93D C8FDF84C 42746319 91C164B0 DF178C55 FA833591 C7D47D53 81D09CE8 2913D7ED F9C08511 D83CA4ED 2B30B809 808EB0D1 F52D045D E40861B7 4A0E1355 23CCD74C AC61F8E5 8C452B2F 3F2DA0DC C48E3306 367FE187 BDD94401 8B3B69F3 CBB0A573 202C16BB 2FC1ACF3 EC8F828D 55A36F1C DDC4BB45 504F0201 25 Huawei Technologies Proprietary...
Page 828: Display Ssh Server
VTY0 1.5 DES Session started 1 Quidway VTY3 1.5 DES Session started 1 switch 8.1.5 display ssh user-information Command display ssh user-information [ username ] View Any view Parameter username: Valid SSH user named defined by AAA Huawei Technologies Proprietary...
Page 829: Peer-Public-Key End
For the related commands, see rsa peer-public-key, public-key-code end. Example # Quit public key view. <Quidway>system-view System View: return to User View with Ctrl+Z. [Quidway] rsa peer-public-key quidway003 [Quidway-rsa-public-key] peer-public-key end [Quidway] Huawei Technologies Proprietary...
Page 830: Protocol Inbound
# Disable Telnet on vty0 through vty4, only SSH available. <Quidway>system-view System View: return to User View with Ctrl+Z. [Quidway] user-interface vty 0 4 [Quidway-ui-vty0-4] protocol inbound ssh [Quidway-ui-vty0-4] 8.1.8 public-key-code begin Command public-key-code begin View Public key edit view Huawei Technologies Proprietary...
Page 831: Public-Key-Code End
8.1.9 public-key-code end Command public-key-code end View Public key edit view Parameter None Description Using the public-key-code end command, you can save the configured public key and return to the public key view from the public key edit view. Huawei Technologies Proprietary...
Page 832: Rsa Local-Key-Pair Create
For a successful SSH logon, you must configure and generate the local RSA key pairs. To generate local key pairs, you just need to execute the command once, with no further action required even after the system is rebooted. Huawei Technologies Proprietary...
Page 833: Rsa Local-Key-Pair Destroy
This command is just a one-time instruction, so the result will not be stored in the configuration file. For the related commands, see rsa local-key-pair create. Example # Remove all key pairs at the server. <Quidway>system-view Huawei Technologies Proprietary...
Page 834: Rsa Peer-Public-Key
# Enter the public key view. <Quidway>system-view System View: return to User View with Ctrl+Z. [Quidway] rsa peer-public-key quidway002 [Quidway-rsa-public-key] 8.1.13 ssh server authentication-retries Command ssh server authentication-retries times undo ssh server authentication-retries View System view Huawei Technologies Proprietary 8-10...
Page 835: Ssh Server Rekey-Interval
By default, system doesn’t update the server key. For the related commands, see display ssh server. Example # Define update interval of server key pair as 3 hours. <Quidway>system-view System View: return to User View with Ctrl+Z. Huawei Technologies Proprietary 8-11...
Page 836: Ssh Server Timeout
View System view Parameter keyname: Configures client public key, consisting of 1~32 characters. username: Valid local user name or user name defined by remote RADIUS system. Huawei Technologies Proprietary 8-12...
Page 837: Ssh User Username Authentication-Type
By default, user can’t logon the switch through SSH or TELNET, so you have to specify authentication type for a new user. The new configuration takes effects at the next logon. For the related commands, see display ssh user-information. Huawei Technologies Proprietary 8-13...
Page 838 Command Manual - System Management Quidway S3500 Series Ethernet Switches Chapter 8 SSH Configuration Commands Example # Specify zhangsan’s authentication type as password. <Quidway>system-view System View: return to User View with Ctrl+Z. [Quidway] ssh user zhangsan authentication-type password [Quidway] Huawei Technologies Proprietary 8-14...
Page 839 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Auto Detecting Huawei Technologies Proprietary...
Page 840 1.1.5 retry ......................... 1-5 1.1.6 timer loop......................... 1-5 1.1.7 timer wait ......................... 1-6 Chapter 2 Auto Detect Implementation Commands ..............2-1 2.1.1 ip route-static......................2-1 2.1.2 standby detect-group ....................2-2 2.1.3 vrrp vrid track detect-group ..................2-3 Huawei Technologies Proprietary...
Page 841: Chapter 1 Auto Detect Configuration Commands
# Create a detecting group numbered 10. <Quidway> system-view System View: return to User View with Ctrl+Z. [Quidway] detect-group 10 [Quidway-detect-group-10] 1.1.2 detect-list Syntax detect-list list-number ip address ip-address [ nexthop ip-address ] undo detect-list list-number ip address ip-address [ nexthop ip-address ] Huawei Technologies Proprietary...
Page 842: Display Detect-Group
System View: return to User View with Ctrl+Z. [Quidway] detect-group 10 [Quidway-detect-group-10] detect-list 1 ip address 202.13.1.55 nexthop 1.1.1.1 1.1.3 display detect-group Syntax display detect-group [ group-number ] View Any view Parameter group-number: Specifies the detecting group number, which ranges from 1 to 100. Huawei Technologies Proprietary...
Page 843 The number of an IP address contained in the detect-list detecting group. ip address The IP address of the interface to be detected. next-hop The IP address of the interface taken as the next hop. Huawei Technologies Proprietary...
Page 844 IP address contained in the detecting group and stops detecting. By default, the and keyword is specified. Example # Specify the or keyword for detecting group 10. <Quidway> system-view System View: return to User View with Ctrl+Z. [Quidway] detect-group 10 [Quidway-detect-group-10] option or Huawei Technologies Proprietary...
Page 845: Retry
15. Description Use the timer loop command to set the detecting interval, that is, the frequency to perform auto detect. Example # Set the detecting interval of detecting group 10 to 60 seconds. <Quidway> system-view Huawei Technologies Proprietary...
Page 846: Timer Wait
Use the timer wait command to set the timeout time of a detection. Example # Set the timeout time to 3 seconds for detecting group 3. <Quidway> system-view System View: return to User View with Ctrl+Z. [Quidway] detect-group 10 [Quidway-detect-group-10] timer wait 3 Huawei Technologies Proprietary...
Page 847: Chapter 2 Auto Detect Implementation Commands
Specifies the route to be a black hole. If you specify this keyword when executing this command, all outbound interfaces are the Null 0 interfaces regardless of Huawei Technologies Proprietary...
Page 848: Standby Detect-Group
Use the undo standby detect-group command to disable VLAN interface backup function. You can enable VLAN interface backup function by auto detecting results in the following ways: Enable the primary interface when the result of the detecting group is reachable. Huawei Technologies Proprietary...
Page 849: Vrrp Vrid Track Detect-Group
Decrease the preference value of a backup group when the result of the detecting group is unreachable. Restore the preference value of a backup group when the result of the detecting group is reachable. Huawei Technologies Proprietary...
Page 850 [Quidway-detect-group-10] detect-list 1 ip 202.13.1.55 # Specify to decrease the preference value of backup group 1 by 20 when the result of detecting group 10 is unreachable. [Quidway] interface vlan-interface 2 [Quidway- vlan-interface2] vrrp vrid 1 track detect-group 10 reduced 20 Huawei Technologies Proprietary...
Page 851 HUAWEI Quidway S3500 Series Ethernet Switches Command Manual Appendix Huawei Technologies Proprietary...
Page 852 Command Manual - Appendix Quidway S3500 Series Ethernet Switches Table of Contents Table of Contents Appendix A Command Index .......................A-1 Huawei Technologies Proprietary...
Page 853 2-14 Command address-check QACL Command address-check dhcp-relay QACL Command 6-29 address-check no-matched QACL Command 6-30 Multicast Protocol administrator-address 2-15 Command Integrated aggregate Management Command am enable QACL Command am ip-pool QACL Command am isolate QACL Command Huawei Technologies Proprietary...
Page 854 QACL Command 2-11 arp source-suppression cache QACL Command arp source-suppression enable QACL Command arp source-suppression limit QACL Command arp static QACL Command arp timer aging QACL Command arp timer probe QACL Command Integrated asbr-summary Management Command Huawei Technologies Proprietary...
Page 855 Command broadcast-suppression VLAN Command Multicast Protocol build 2-16 Command Auto Detecting 1-19 Command c-bsr STP Command Auto Detecting Command Auto Detecting 1-19 Command Auto Detecting cdup 1-20 Command System check region-configuration Management Command Integrated checkzero Management Command Huawei Technologies Proprietary...
Page 856 Command Integrated confederation nonstandard Management Command Integrated confederation peer-as Management Command Getting Started Conventions Command Auto Detecting copy Command c-rp STP Command Reliability cut connection Command Integrated dampening Management Command databits Port Command Reliability data-flow-format 3-20 Command Huawei Technologies Proprietary...
Page 857 STP Command debugging pim sm STP Command Reliability debugging portal Command Auto Detecting debugging ssh server Command System debugging vrrp Management Command Integrated default cost Management Command Integrated default cost Management Command Integrated default interval Management Command Huawei Technologies Proprietary...
Page 858 QACL Command 6-33 dhcp relay security address-check QACL Command 6-32 dhcp select QACL Command dhcp server detect QACL Command dhcp server dns-list QACL Command dhcp server domain-name QACL Command dhcp server expired QACL Command Huawei Technologies Proprietary...
Page 859 QACL Command display arp QACL Command display arp probe QACL Command display arp proxy QACL Command display arp source-suppression QACL Command display arp timer aging QACL Command 2-10 Integrated display bgp group Management Command Huawei Technologies Proprietary...
Page 860 Integrated display bgp routing-table peer Management 4-23 Command Integrated display bgp routing-table regular-expression Management 4-24 Command Auto Detecting display boot-loader Command display bootp client QACL Command Auto Detecting display channel 4-19 Command Auto Detecting display clock Command Huawei Technologies Proprietary...
Page 861 QACL Command 6-18 display dhcprelay-security QACL Command 6-35 display dhcp-security QACL Command display dhcp-server QACL Command display dhcp-server interface vlan-interface QACL Command display dhcp-snooping QACL Command display dhcp-snooping trust QACL Command Auto Detecting display diagnostic-information 4-14 Command Huawei Technologies Proprietary...
Page 862 STP Command display igmp interface STP Command display igmp port STP Command display igmp-snooping configuration STP Command display igmp-snooping group STP Command display igmp-snooping statistics STP Command Auto Detecting display info-center 4-20 Command display interface VLAN Command Huawei Technologies Proprietary A-10...
Page 863 Command display ip socket QACL Command 10-3 display ip statistics QACL Command 10-4 Network Protocol display isolate-user-vlan Command display link-aggregation VLAN Command Reliability display local-server statistics 3-21 Command Reliability display local-user Command display loopback-detection VLAN Command Huawei Technologies Proprietary A-11...
Page 864 Command Integrated display ospf abr-asbr Management Command Integrated display ospf asbr-summary Management 3-10 Command Integrated display ospf brief Management 3-12 Command Integrated display ospf cumulative Management 3-13 Command Integrated display ospf error Management 3-15 Command Huawei Technologies Proprietary A-12...
Page 865 Command display qos conform-level Security Command 2-38 display qos cos-drop-precedence-map Security Command 2-39 display qos cos-local-precedence-map Security Command display qos cos-local-precedence-map Security Command 2-15 display qos cos-local-precedence-map Security Command 2-39 display qos-global all Security Command Huawei Technologies Proprietary A-13...
Page 866 Security Command 2-24 Reliability display radius 3-22 Command Reliability display radius statistics 3-23 Command Integrated display rip Management Command Auto Detecting display rmon alarm Command Auto Detecting display rmon event Command Auto Detecting display rmon eventlog Command Huawei Technologies Proprietary A-14...
Page 867 Command Auto Detecting display snmp-agent sys-info version Command Auto Detecting display snmp-agent usm-user Command Auto Detecting display ssh server Command Auto Detecting display ssh user-information Command Multicast Protocol display stacking Command Reliability display stop-accounting-buffer 3-24 Command Huawei Technologies Proprietary A-15...
Page 868 Network Protocol display vlan Command System display vrrp Management Command dns-list QACL Command 6-20 Reliability domain Command domain-name QACL Command 6-21 Reliability dot1x Command Reliability dot1x authentication-method Command Reliability dot1x dhcp-launch Command Reliability dot1x guest-vlan Command Huawei Technologies Proprietary A-16...
Page 869 Security Command 2-46 duplex VLAN Command expired QACL Command 6-22 Auto Detecting file prompt Command Integrated filter-policy export Management Command Integrated filter-policy export Management 3-28 Command Integrated filter-policy export Management 4-25 Command Integrated filter-policy export Management Command Huawei Technologies Proprietary A-17...
Page 870 1-15 Command Multicast Protocol ftp-server 2-25 Command Network Protocol garp timer Command Network Protocol garp timer leaveall Command gateway-list QACL Command 6-22 Auto Detecting 1-23 Command gmrp STP Command gratuitous-arp-learning enable QACL Command 2-12 Huawei Technologies Proprietary A-18...
Page 871 Port Command 1-10 Integrated if-match { acl | ip-prefix } Management 5-10 Command Integrated if-match as-path Management 5-11 Command Integrated if-match community Management 5-12 Command Integrated if-match cost Management 5-12 Command Integrated if-match interface Management 5-13 Command Huawei Technologies Proprietary A-19...
Page 872 4-27 Management Command Auto Detecting info-center channel name 4-21 Command Auto Detecting info-center console channel 4-21 Command Auto Detecting info-center enable 4-22 Command Auto Detecting info-center logbuffer 4-23 Command Auto Detecting info-center loghost 4-23 Command Huawei Technologies Proprietary A-20...
Page 873 QACL Command ip http acl Security Command Integrated ip ip-prefix Management 5-15 Command ip relay address QACL Command 6-35 ip relay address cycle QACL Command 6-36 Integrated ip route-static 1-15 Management Command ip route-static Huawei Technologies Proprietary A-21...
Page 874 Command lock Port Command 1-11 Multicast Protocol logging-host 2-27 Command loopback VLAN Command 1-11 loopback-detection control enable VLAN Command 1-11 loopback-detection enable VLAN Command 1-12 loopback-detection interval-time VLAN Command 1-13 loopback-detection per-vlan enable VLAN Command 1-13 Huawei Technologies Proprietary A-22...
Page 875 Security Command 2-49 mirroring-port Security Command 2-51 Auto Detecting mkdir Command Auto Detecting mkdir 1-25 Command monitor-port Security Command 2-52 Auto Detecting more Command Auto Detecting move Command multicast routing-enable STP Command Network Protocol name Command Huawei Technologies Proprietary A-23...
Page 876 Multicast Protocol ntdp timer 2-12 Command Multicast Protocol ntdp timer hop-delay 2-12 Command Multicast Protocol ntdp timer port-delay 2-13 Command Auto Detecting ntp-service access Command Auto Detecting ntp-service authentication enable Command Auto Detecting ntp-service authentication-keyid Command Huawei Technologies Proprietary A-24...
Page 877 Detecting open 1-25 Command option QACL Command 6-25 option Getting Started Organization Command Integrated ospf Management 3-32 Command Integrated ospf authentication-mode Management 3-33 Command Integrated ospf cost Management 3-34 Command Integrated ospf dr-priority Management 3-35 Command Huawei Technologies Proprietary A-25...
Page 878 Security Command 1-33 parity Port Command 1-12 Auto Detecting passive 1-26 Command Reliability password 3-13 Command Auto Detecting password 1-16 Command Integrated peer Management Command Integrated peer Management 3-41 Command Integrated peer advertise-community 4-29 Management Command Huawei Technologies Proprietary A-26...
Page 879 Integrated peer group Management 4-36 Command Integrated peer ip-prefix Management 4-37 Command Integrated peer next-hop-local Management 4-37 Command Integrated peer password Management 4-38 Command Integrated peer public-as-only Management 4-39 Command Integrated peer reflect-client Management 4-40 Command Huawei Technologies Proprietary A-27...
Page 880 VLAN Command 1-18 port trunk pvid vlan VLAN Command 1-18 Reliability portal Command Reliability portal arp-handshake Command Reliability portal auth-network Command Reliability portal delete-user Command Reliability portal free-ip Command Reliability portal free-user Command Huawei Technologies Proprietary A-28...
Page 881 Security Command 2-27 priority trust Security Command 2-53 protocol inbound Port Command 1-13 Auto Detecting protocol inbound Command Network Protocol protocol-vlan 1-11 Command Auto Detecting public-key-code begin Command Auto Detecting public-key-code end Command Auto Detecting 1-26 Command Huawei Technologies Proprietary A-29...
Page 882 3-31 Command Reliability radius-scheme 3-14 Command Auto Detecting reboot Command Multicast Protocol reboot member 2-29 Command Integrated reflect between-clients Management 4-42 Command Integrated reflector cluster-id Management 4-43 Command Integrated refresh bgp Management 4-44 Command Huawei Technologies Proprietary A-30...
Page 883 QACL Command 6-26 reset dhcp server ip-in-use QACL Command 6-27 reset dhcp server statistics QACL Command 6-27 Reliability reset dot1x statistics 1-17 Command Network Protocol reset garp statistics Command reset igmp-snooping statistics STP Command Huawei Technologies Proprietary A-31...
Page 884 Security Command 2-61 Auto Detecting reset trapbuffer 4-31 Command Reliability retry 3-33 Command retry Reliability retry realtime-accounting 3-34 Command Reliability retry stop-accounting 3-35 Command return Port Command 1-14 System revision-level Management Command Integrated Management Command Huawei Technologies Proprietary A-32...
Page 885 Command Auto Detecting rmon event Command Auto Detecting rmon history 6-10 Command Auto Detecting rmon prialarm 6-10 Command Auto Detecting rmon statistics 6-12 Command Integrated route-policy Management 5-16 Command Integrated router id Management 3-43 Command Huawei Technologies Proprietary A-33...
Page 886 1-17 Command service-type multicast STP Command Reliability session-control-server Command set authentication password Port Command 1-17 shell Port Command 1-18 shutdown VLAN Command 1-20 Network Protocol shutdown Command Integrated silent-interface Management 3-44 Command snmp-agent community Security Command Huawei Technologies Proprietary A-34...
Page 887 Multicast Protocol snmp-host 2-29 Command speed Port Command 1-19 speed VLAN Command 1-20 Integrated spf-schedule-interval Management 3-46 Command spt-switch-threshold STP Command 5-13 Auto Detecting ssh server authentication-retries 8-10 Command Auto Detecting ssh server rekey-interval 8-11 Command Huawei Technologies Proprietary A-35...
Page 888 Command stopbits Port Command 1-19 System Management Command System stp bpdu-protection Management Command System stp bridge-diameter Management 1-10 Command System stp config-digest-snooping Management Command System stp cost Management 1-12 Command System stp edged-port Management 1-11 Command Huawei Technologies Proprietary A-36...
Page 889 Management 1-26 Command System stp max-hops Management 1-27 Command System stp mcheck Management 1-27 Command System stp mode Management 1-28 Command System stp point-to-point 1-29 Management Command System stp port priority Management 1-14 Command Huawei Technologies Proprietary A-37...
Page 890 Management 1-35 Command Integrated stub Management 3-46 Command Network Protocol subvlan Command Integrated summary Management 2-16 Command Integrated summary automatic Management 4-46 Command super Port Command 1-20 super password Port Command 1-21 Network Protocol supervlan Command Huawei Technologies Proprietary A-38...
Page 891 4-33 Command Auto Detecting tftp 1-30 Command Auto Detecting tftp get 1-30 Command Auto Detecting tftp put 1-31 Command Multicast Protocol tftp-server 2-30 Command Integrated timer Management 4-47 Command Multicast Protocol timer 2-31 Command Huawei Technologies Proprietary A-39...
Page 892 Security Command 2-69 Auto Detecting undelete 1-10 Command Auto Detecting undo snmp-agent 5-18 Command Integrated undo synchronization 4-48 Management Command Auto Detecting user 1-29 Command user privilege level Port Command 1-24 user-interface Port Command 1-23 Huawei Technologies Proprietary A-40...
Page 893 Management Command System vrrp method Management Command System vrrp ping-enable Management Command System vrrp vrid preempt-mode Management Command System vrrp vrid priority Management Command System vrrp vrid timer Management Command System vrrp vrid track Management Command Huawei Technologies Proprietary A-41...
Page 894 Command Manual - Appendix Quidway S3500 Series Ethernet Switches Appendix A Command Index vrrp vrid track detect-group System vrrp vrid virtual-ip Management Command wred Security Command 2-71 Huawei Technologies Proprietary A-42...

Huawei quidway s3526 series Getting Started

Section 1

Chapter 1 Logging in Switch Commands

Section 2

Chapter 2 Ethernet Port Link Aggregation Commands

Chapter 3 Port Isolation Configuration Commands

Section 3

Chapter 4 Super VLAN Configuration Commands

Section 4

Chapter 5 DHCP Relay Configuration Commands

Chapter 6 DHCP Configuration Commands

Chapter 7 DHCP Snooping Configuration Commands

Chapter 8 BOOTP Client Configuration Commands

Chapter 9 Access Management Configuration Commands

Chapter 10 IP Performance Configuration Commands

Section 5

Quick Links

Chapters

Related Manuals for Huawei quidway s3526 series

Summary of Contents for Huawei quidway s3526 series