H3C SR6600 Configuration Manual
Hide thumbs
Also See for SR6600:
- Command reference manual (265 pages) ,
- Fundamentals configuration manual (184 pages) ,
- Configuration manual (145 pages)
Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Configuration Manual
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for H3C SR6600
Summary of Contents for H3C SR6600
- Page 1 H3C SR6600/SR6600-X Routers OAA Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SR6600X-CMW520-R3303 SR6602-CMW520-R3303 SR6602X_MCP-CMW520-R3303 SR6600-CMW520-R3303-RPE SR6600-CMW520-R3303-RSE Document version: 20150715-C-1.14...
- Page 2 Copyright © 2007-2015, Hangzhou H3C Technologies Co., Ltd. and its licensors All rights reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
- Page 3 The OAA Configuration Guide describes the Open Application Architecture (OAA) supported protocols (such as ACFP and ACSEI), their configurations, and the configuration of the H3C open application platform (OAP) card. This preface includes: •...
- Page 4 Asterisk marked square brackets enclose optional syntax choices separated by vertical [ x | y | ... ] * bars, from which you select one choice, multiple choices, or none. The argument or keyword and argument combination before the ampersand (&) sign can &<1-n>...
-
Page 5: Obtaining Documentation
Obtaining documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] –... -
Page 6: Technical Support
[Technical Support & Documents > Software Download] – Provides the documentation released with the software version. Technical support service@h3c.com http://www.h3c.com Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments. -
Page 7: Table Of Contents
Contents Configuring OAP modules ·········································································································································· 1 Logging in to the operating system of an OAP module ································································································ 1 Logging in through the console port on the OAP module ···················································································· 1 Logging in through the management Ethernet port of the OAP module by using SSH ···································· 2 ... -
Page 8: Configuring Oap Modules
Configuring OAP modules The H3C Open Application Architecture (OAA) provides an open interface for third-party vendors to develop value-added applications (such as firewall and IPS) and integrate the applications into H3C products. H3C has developed some application-specific modules called "Open Application Platform (OAP) module."... -
Page 9: Logging In Through The Management Ethernet Port Of The Oap Module By Using Ssh
Assign an IP address to the management Ethernet port of the OAP module, and make sure the SSH client (the H3C device or a PC that has the SSH client software installed) and the management Ethernet port can reach each other. -
Page 10: Resetting Oap Modules
Task Command • In standalone mode: oap connect slot slot-number Switch to the CLI of the OAP module from the device. • In IRF mode: oap connect chassis chassis-number slot slot-number Using the oap connect command is the same as logging in to the CLI of the OAP module through the AUX port. -
Page 11: Configuring Acfp
Configuring ACFP The following matrix shows the ACFP feature and router compatibility: SR6604-X/SR6608-X/SR6 SR6602 SR6602-X SR6604/SR6608/SR6616 616-X Yes when RPE-X1 and RSE-X1 MPUs are used and no when MCP MPUs Yes. are used. Overview The Application Control Forwarding Protocol (ACFP) is designed based on the OAA architecture and operates in the server/client model (see Figure 1). -
Page 12: Acfp Traffic Management
ACFP traffic management ACFP collaboration provides a mechanism that enables the ACFP client to manage the traffic on the ACFP server by implementing the following functions: • Mirroring and redirecting the traffic on the ACFP server to the ACFP client. Permitting/denying the traffic from the ACFP server. - Page 13 FlowID-context (carrying the preamble Flow ID as the context ID) VLANID-context (carrying VLAN ID as the context ID) NOTE: SR6600 routers support only VLANID-context. ACFP server information indicates the collaboration capabilities of an ACFP server. ACFP clients can access this information through a collaboration protocol or collaboration MIB.
- Page 14 DestIfFailAction—Actions to be taken for all rules in the policy when the policy's dest-interface is • down. For forwarding-first devices, select the delete action to continue forwarding the redirected and mirrored packets; for security-first devices, select the reserve action to discard the redirected and mirrored packets.
-
Page 15: Acfp Usage Guidelines
number of a matched packet must be greater than the starting destination port number and less than the ending destination port number. Starting destination port number • Ending destination port number • Pro—Protocol type: GRE, ICMP, IGMP, OSPF, TCP, UDP, or IP. •... -
Page 16: Acfp Configuration Task List
ACFP configuration task list Task Remarks Enabling the ACFP server on the device Required. Configuring the ACFP client (the OAP module) Required. Enabling the ACFP trap function on the device Optional. Enabling the ACFP server on the device Step Command Remarks Enter system view. -
Page 17: Displaying And Maintaining Acfp
Trap message Level Expiration period of ACFP collaboration policy timed out Notifications The generated trap messages are sent to the information center of the device. With the parameters for the information center set, the output rules for traps (that is, whether the traps are allowed to be output and the output destinations) are decided. - Page 18 Permit all packets whose source IP address is 192.168.1.1/24. • • Deny all packets whose source IP address is 192.168.1.2/24. Figure 2 Network diagram ACFP client Router GE3/0/3 GE3/0/2 GE3/0/1 ACFP server Host A Host B Host C Host D 192.168.1.1/24 192.168.1.2/24 192.168.2.1/24...
- Page 19 Set the value of the node hh3cAcfpRuleRowStatus to 4 to create an ACFP rule, and assign index 1.2.2 to the rule. Set the value of the node hh3cAcfpRuleAction to 2 to specify the deny action. Set the value of the node hh3cAcfpRuleSrcIP to 192.168.1.2 and set the value of the node hh3cAcfpRuleSrcIPMask to 0.0.0.255 to match packets from 192.168.1.2/24.
-
Page 20: Configuring Acsei
Overview H3C ACFP Client and Server Exchange Information (ACSEI) provides a method for exchanging information between an ACFP server and its ACFP clients. As a supporting protocol for ACFP collaboration, ACSEI makes sure an ACFP server can cooperate with its ACFP clients to provide services. -
Page 21: Acsei Timers
ACSEI timers An ACSEI server uses two timers, which can be set at the CLI: • Clock synchronization timer—Used to periodically trigger the ACSEI server to send clock synchronization advertisements to the ACSEI clients. Client monitoring timer—Used to periodically trigger the ACSEI server to send monitoring requests •... -
Page 22: Displaying Acsei Client Information On The Server Side
Displaying ACSEI client information on the server side Task Command Remarks display acsei client summary [ client-id ] [ | Display ACSEI client summary. { begin | exclude | include } Available in any view. regular-expression ] display acsei client info [ client-id ] [ | { begin Display ACSEI client information. -
Page 23: Index
Index A C D E L O R Enabling the ACFP server on the device,9 Enabling the ACFP trap function on the device,9 ACFP configuration example,10 ACFP configuration task list,9 Logging in to the operating system of an OAP module,1 Configuring the ACFP client (the OAP module),9 Configuring the ACSEI...
Need help?
Do you have a question about the SR6600 and is the answer not in the manual?
Questions and answers