Huawei AR150 Series Configuration Manual - Device Management
  1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Network Router
  5. AR150 series
  6. Configuration manual - device management

Huawei AR150 Series Configuration Manual - Device Management

Enterprise routers
Hide thumbs Also See for AR150 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Product Description
Huawei AR150&200 Series Enterprise Routers
V200R002C00
Configuration Guide - Device
Management
Issue
02
Date
2012-03-30
HUAWEI TECHNOLOGIES CO., LTD.

Advertisement

Table of Contents
loading

Related Manuals for Huawei AR150 Series

Summary of Contents for Huawei AR150 Series

  • Page 1 Huawei AR150&200 Series Enterprise Routers V200R002C00 Configuration Guide - Device Management Issue Date 2012-03-30 HUAWEI TECHNOLOGIES CO., LTD.
  • Page 2 All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope.

  • Page 3: About This Document

    Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement NOTE important points of the main text. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 4: Command Conventions

    The following information is modified: 6.3.2 Configuring the DHCP Server 2.7.1 Example for Outputting Logs to the Log File 2.7.2 Example for Outputting Logs to Log Hosts Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 5 Huawei AR150&200 Series Enterprise Routers Configuration Guide - Device Management About This Document Changes in Issue 01 (2011-12-30) Initial commercial release. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 6: Table Of Contents

    2.3.10 Outputting Logs to the Log Host......................18 2.3.11 Checking the Configuration........................18 2.4 Enabling Alarm Output............................21 2.4.1 Establishing the Configuration Task.......................21 2.4.2 Enabling the Information Center......................21 2.4.3 (Optional) Naming an Information Channel...................22 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 7 4.3.1 Establishing the Configuration Task.......................61 4.3.2 Configuring a Local Observing Interface....................62 4.3.3 Configuring a Local Mirrored Interface....................62 4.3.4 Checking the Configuration........................63 4.4 Configuring Local Flow Mirroring........................63 4.4.1 Establishing the Configuration Task.......................64 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 8 6.3.2 Configuring the DHCP Server.......................103 6.3.3 Configuring the FTP/TFTP Server......................105 6.3.4 Checking the Configuration........................106 6.4 Configuration Examples..........................107 6.4.1 Example for Configuring the Auto-Config Function................107 7 Fault Management........................112 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 9 7.4.2 Configuring Delayed Event Reporting....................118 7.4.3 Checking the Configuration........................118 7.5 Maintenance..............................119 7.5.1 Clearing Alarm Messages........................120 7.5.2 Clearing Event Messages........................120 7.6 Configuration Examples..........................121 7.6.1 Example for Configuring Alarm Management..................121 Issue 02 (2012-03-30) Huawei Proprietary and Confidential viii Copyright © Huawei Technologies Co., Ltd.

  • Page 10: Displaying The Device Status

    This section describes the functions of display commands and lists the display commands in common use. 1.2 Displaying the AR150/200 Status This section describes how to use the display commands to show the AR150/200 version, CPU usage, and memory usage. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 11: Display Commands

    The display commands can be used to collect current information about the version, device, and diagnosis of the AR150/200 in order to maintain and troubleshooting networks. Table 1-1 lists the display commands in common use. For details, see the Huawei AR150&200 Series Enterprise Routers - Command Reference. CAUTION The display diagnostic-information command cannot be simultaneously run on multiple terminals connected to the AR150/200.

  • Page 12: Displaying Versions

    1.2.4 Displaying CPU Usage View the CPU usage statistics and threshold configurations. Procedure Step 1 Run: display cpu-usage CPU usage statistics are displayed. Step 2 Run: display cpu-usage configuration Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 13: Displaying Memory Usage

    Use the display elabel command to view information about electronic labels, including the board type, BOM code, description, manufacture date, vendor name, issuing number, Common Language Equipment Identification (CLEI) code, and sales BOM code. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 14: Displaying Diagnostic Information

    Use the display health command to view health status information, including CPU usage, memory usage, power supply status, fan status, and temperature. Procedure Run: display health Health status is displayed. ----End Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 15: Information Center Configuration

    This section describes how to run the following commands to delete messages in the buffer of the information center. Note that deleted messages cannot be restored. 2.7 Information Center Configuration Examples This section provides information center configuration examples. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 16: Introduction To The Information Center

    These faults can be caused by improper operation or a wrong process. They do not affect services but should be given attention. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 17 They can be customized to be output from other channels. For example, logs can be configured to be output to the log cache through Channel 6 rather than the default Channel 4. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 18 Loghost Log host Outputs logs, alarms, and debugging information to the log host. Information is saved to the log host in the file format for easy reference. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 19 Figure 2-2 shows the format of logs. Figure 2-2 Format of the output logs TIMESTAMP HOSTNAME %%ddAAA/B/CCC(l)[DDD]: YYYY Table 2-3 describes each field in a log message. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 20 There is a space between the timestamp and the host name. HOSTNAME Host name By default, the name is Huawei. Huawei logo Indicates that log information is output by a Huawei device. Version number Identifies the version of the log format.

  • Page 21: Enabling Log Output

    There is a space between the timestamp and the host name. HostName Host name By default, the name is Huawei.There is a space between the sysname and module name. ModuleName Module name Indicates the name of the module that generates an alarm.

  • Page 22: Enabling The Information Center

    The information center classifies and outputs information. When it is heavily loaded with information processing, system performance degrades. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: info-center enable The information center is enabled. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 23: Optional) Naming An Information Channel

    2.3.5 (Optional) Configuring the Function of Generating a Data Dictionary To resolve log files on the log server, transform binary logs into text logs through the data dictionary. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 24: Outputting Logs To The Log Buffer

    The channel through which logs are output to the log buffer is configured. (Optional) Run: info-center logbuffer [ channel { channel-number | channel-name } | size buffersize ] The size of the log buffer is configured. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 25: Outputting Logs To A Log File

    By outputting logs to the console, you can view the operating status of the device on the console. Procedure Step 1 Configure the logs to be output through the channel. Do as follows on the router configured with the information center, run: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 26: Outputting Logs To The Terminal

    Logs can be output only after the information center is enabled. Step 2 Configure the information channel through which logs are output to the terminal. Run: info-center monitor channel { channel-number | channel-name } Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 27: Outputting Logs To The Log Host

    The system supports the configuration of a maximum of eight log hosts to realize backup among log hosts. ----End 2.3.11 Checking the Configuration Checking the Configuration of Information Center Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 28 ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default debugging debugging debugging channel number: 9, channel name: channel9 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default debugging debugging debugging Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 29 Content : The message was discarded because module batch doesn't begin. (SourceModuleId=[ULONG], SourceModuleSubId=[ULONG], DestinationModuleId=[ULONG], DestinationModuleSubId=[ULONG]) Filtered Number : 0 : 3491254537 Module : BGP Alias : ADD_DELETED_ROUTE Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 30: Enabling Alarm Output

    IP address of Network Management System 2.4.2 Enabling the Information Center If the information center function is disabled, you can enable it. By default, this function is enabled. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 31: Optional) Naming An Information Channel

    Context Do as follows on the router configured with the information center: Procedure Step 1 Configure the alarms to be output through the channel. Run: system-view Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 32: Outputting Alarms To The Log File

    Alarms are added to the information channel. For the specific modules, the default configurations are as follows: For the log information, the state is on and the allowed information level is warning. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 33: Outputting Alarms To The Console

    For the alarm information, the state is on and the allowed information level is debugging. For the debugging information, the state is off. Step 2 Configure the channel through which alarms are output to the console. Run: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 34: Outputting Alarms To The Terminal

    Step 2 Configure the channel through which alarms are output to the VTY terminal. Run: info-center monitor channel { channel-number | channel-name } The channel through which alarms are output to the VTY terminal is configured. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 35: Outputting Alarms To The Snmp Agent

    { channel-number | channel-name } The channel through which alarms are output to the SNMP agent is configured. By default, alarms are output to the SNMP agent through Channel 5. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 36: Checking The Configuration

    ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default debugging debugging debugging channel number: 7, channel name: channel7 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default debugging debugging debugging Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 37: Enabling The Output Of Debugging Information

    2.5 Enabling the Output of Debugging Information This section describes how to configure a specific module to output debugging information to log files, consoles, terminals, or SNMP agents. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 38: Establishing The Configuration Task

    If the information center function is disabled, you can enable it. By default, this function is enabled. Context Classifying and outputting a large amount of information degrades system performance. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 39: Optional) Naming An Information Channel

    { module-name | default } channel { channel-number | channel- name } [ debug { state { off | on } | level severity } Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 40: Outputting Debugging Information To The Console

    For the log information, the state is on and the allowed information level is warning. For the alarm information, the state is on and the allowed information level is debugging. For the debugging information, the state is off. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 41: Outputting Debugging Information To The Terminal

    For the debugging information, the state is off. Step 2 Configure the channel through which debugging information is output to the terminal. Run: info-center monitor channel { channel-number | channel-name } Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 42: Outputting Debugging Information To The Log Host

    The system supports the configuration of a maximum of eight log hosts to realize backup among log hosts. ----End 2.5.8 Checking the Configuration After configuring the debugging message output, you can view the configuration of the information center. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 43: Maintaining Information Center

    2.6 Maintaining Information Center This section describes how to run the following commands to delete messages in the buffer of the information center. Note that deleted messages cannot be restored. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 44: Information Center Configuration Examples

    The default log storage medium is Flash memory. The log storage path is in the format of storage medium name:/logfile, for example, Flash:/logfile. Figure 2-4 Networking diagram of log output to the log file 10.2.1.1/16 Eth1/0/0 IP network RouterA FTP Server 10.1.1.1/16 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 45 Step 6 Configure logs to be output to the FTP server. # Log in to the FTP server. <RouterA> ftp 10.1.1.1 # Configure logs to be output to the FTP server. [RouterA-ftp] put log.log [RouterA-ftp] quit Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 46: Example For Outputting Logs To Log Hosts

    Router sends the logs (with a severity level as notification) generated on the Forwarding Information Base (FIB) module and the IP module to the log host Server 1. Server 3 functions as a backup router of Server 1. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 47 Step 1 Configure routing protocols to make the router and log server routable. (The detailed procedure is not mentioned here.) Step 2 Configure the channel for outputting logs. # Enable the information center. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 48 # Configure the module enabled to output logs and the severity levels of logs allowed to be output. [Huawei] info-center source fib channel loghost log level notification [Huawei] info-center source ip channel loghost log level notification [Huawei] info-center source ppp channel loghost1 log level warning [Huawei] info-center source aaa channel loghost1 log level warning Step 5 Configure the source interface that sends logs.
  • Page 49 Syslog messages sent by the device. For the procedure for configuring log services on the HUAWEI iManager N200, refer to the HUAWEI iManager N2000 DM - Compound Package User Manual Volume I.

  • Page 50: Example For Configuring Binary Logs To Be Sent To The Log Host

    ID of the log to be filtered IP address of the FTP server User name and password used for logging into the FTP server IP address of the log host Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 51 9, channel name: channel9, language: English Information timestamp setting: log - date, trap - date, debug - date Sent messages = 15274, Received messages = 15274 ----End Configuration Files Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 52: Example For Outputting Alarms To The Snmp Agent

    Step 2 Specify the module enabled to output alarms and configure the channel used to output alarms. # Specify the module enabled to output alarms and configure the channel used to output alarms. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 53 Huawei AR150&200 Series Enterprise Routers Configuration Guide - Device Management 2 Information Center Configuration [Huawei] info-center source ip channel channel7 trap level informational state on NOTE By default, alarms are output through the SNMP agent and information about all modules is displayed.

  • Page 54: Example For Outputting The Debugging Information To The Console

    Resolution Protocol (ARP) module to the console. Figure 2-8 Networking diagram of outputting information to the console Console Router Configuration Roadmap The configuration roadmap is as follows: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 55 Step 2 Allow the debugging on the ARP module to be output to the Console with the severity level of the information as debugging. [Huawei] info-center source arp channel console debug level debugging [Huawei] info-center console channel console [Huawei] quit Step 3 Enable the terminal monitor function to display the debugging information.

  • Page 56: Poe Configuration

    This section describes the PoE features supported by the AR150/200. 3.3 Configuring PoE Functions This section describes how to configure PoE functions. 3.4 Configuration Examples This section provides an example for configuring PoE on the AR150/200. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 57: Introduction To Poe

    The AR150/200 does not support built-in power modules. It provides only one external PoE power module and its default power is 100 W. 3.3 Configuring PoE Functions This section describes how to configure PoE functions. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 58: Establishing The Configuration Task

    PoE power supplies. Run: system-view The system view is displayed. Run: poe max-power slot_max_power slot slot-id The maximum output power of a board is set. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 59 PDs. Run: system-view The system view is displayed. Run: poe power-reserved power-reserved The percentage of the reserved PoE power to the total PoE power is set. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 60: Configuring The Poe Function On An Interface

    Run: interface interface-type interface-number The interface view is displayed. Run: poe enable The PoE function is enabled. By default, the PoE function is enabled on all interfaces. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 61 The PD connected to an interface is powered on or powered off manually. NOTE When the manual power management mode is adopted, you must manually power on or power off PDs on interfaces. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 62: Checking The Configuration

    After the PoE configurations are complete, you can view the PoE power status, device information, and PoE configuration on an interface. Prerequisites The PoE power supply and PoE board are installed, and the PoE function is configured. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 63: Configuration Examples

    The maximum output power of the PoE board in slot 0 is 100 W. The PD connected to Ethernet 0/0/7 requires the input power of no more than 20 mW. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 64 # Set the maximum output power of the PoE board in slot 0 to 100 W. NOTE On the AR150/200, the unit of the output power is mW. <Huawei> system-view [Huawei] poe max-power 100000 slot 0 Step 2 Set the maximum output power of Ethernet 0/0/7. <Huawei> system-view [Huawei] interface ethernet 0/0/7...
  • Page 65 3 PoE Configuration [Huawei] interface ethernet 0/0/6 [Huawei-Ethernet0/0/6] poe priority critical Step 4 Verify the configuration. # Display the PoE power supply status of the LPU in slot 0. <Huawei> display poe power-state slot 0 PortName PowerOn/Off Enabled Priority Status...

  • Page 66: Mirroring Configuration

    4.8 Configuration Examples This section describes the networking requirements, configuration roadmap, and data preparation for mirroring and provides the configuration examples. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 67: Introduction To Mirroring

    In port mirroring, all the packets passing through a mirrored interface are copied to an observing interface. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 68 Figure 4-2 Networking diagram of local flow mirroring Flow mirrored interface Router Flow mirrored Observing interface interface Interface Traffic classification match Monitoring device Packet flows Mirrored flows Copied packet flows Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 69: Remote Port Mirroring

    If the packets passing through the mirrored port match the traffic classification rules contained in the traffic policy, the packets are copied to the observing device. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 70: Configuring Local Port Mirroring

    AR150/200 as the observing interface, configure local port mirroring on the AR150/200. Pre-configuration Tasks Ensuring that the link layer protocol status of interfaces is Up Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 71: Configuring A Local Observing Interface

    If you want to configure an Eth-Trunk as a mirrored interface, run the interface eth-trunk trunk- id command to create an Eth-Trunk first. Pay attention to the following points when you use an Eth-Trunk as a mirrored interface: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 72: Checking The Configuration

    To monitor and analyze the packets with same characteristics passing through the mirrored interface that is located on the same AR150/200 as the observing interface, configure local port mirroring on the AR150/200. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 73: Establishing The Configuration Task

    If congestion occurs on the observing interface, mirrored packets may be discarded because the priority of mirrored is low. Procedure Step 1 Run: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 74: Configuring Complex Traffic Classification

    4.4.3 Configuring Complex Traffic Classification Select proper traffic classification rules and configure complex traffic classification as required. For the configuration procedure, see Configuring Traffic Classification in the Huawei AR150&200 Series Enterprise Routers Configuration Guide - QoS. 4.4.4 Creating a Local Traffic Behavior Configure the local flow mirroring action to copy the packets matching traffic classification rules to the observing interface.

  • Page 75: Checking The Configuration

    Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the configuration of the traffic policy. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 76: Configuring Remote Port Mirroring

    The observing and mirrored devices may use public addresses or private addresses. If they use private addresses, a VPN tunnel must be configured to allow them to communicate through the public network. For details about VPN tunnel configuration, see Huawei AR150&200 Series Enterprise Routers Configuration Guide - VPN.

  • Page 77: Configuring The Observing Server

    If you want to configure an Eth-Trunk as a mirrored interface, run the interface eth-trunk trunk- id command to create an Eth-Trunk first. Pay attention to the following points when you use an Eth-Trunk as a mirrored interface: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 78: Checking The Configuration

    Example Run the display observe-server command to check information about the observing server. <Huawei> display observe-server ---------------------------------------------------------------------- Index destination-ip : 20.1.1.2 source-ip : 10.1.1.1 dscp Used ---------------------------------------------------------------------- Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 79: Configuring Remote Flow Mirroring

    Packet flows Copied packet flows Pre-configuration Tasks Configuring a routing protocol to allow the mirrored interface and mirrored devices to communicate with each other Configuration Guide - VPN Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 80: Configuring The Observing Server

    4.6.3 Configuring Complex Traffic Classification Select proper traffic classification rules and configure complex traffic classification as required. For the configuration procedure, see Configuring Traffic Classification in the Huawei AR150&200 Series Enterprise Routers Configuration Guide - QoS. 4.6.4 Configuring the Traffic Behavior The traffic behavior copies the packets matching the configured traffic classifier to the observing device.

  • Page 81: Configuring A Traffic Policy

    Step 2 Apply the traffic policy to an interface. Run: interface interface-type interface-number The mirrored interface view is displayed. Run: traffic-policy policy-name inbound The traffic policy is applied to the flow mirrored interface. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 82: Checking The Configuration

    Packet capturing rate must be lower than 256 pps. If the traffic is heavy, some packets matching rules may not be captured. l Currently, the AR150/200 supports the following mirrored interfaces: Ethernet interface, ATM interface, Serial interface, VLANIF interface, Dialer interface, and Eth-trunk interface. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 83 00 00 00 00 00 00 00 00 00 00 00 00 ------------------------------------------------------- Packet: 4 ------------------------------------------------------- ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 84 00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ------------------------------------------------------- Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 85: Configuration Examples

    R&D department and marketing department. Figure 4-7 Networking diagram of local port mirroring Eth0/0/0 LSWA R&D department Eth0/0/2 Router Server Eth0/0/1 LSWB Marketing department Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 86 Step 1 Configure an observing interface. # Configure Ethernet0/0/2 on the Router as an observing interface. <Huawei> system-view [Huawei] observe-port 1 interface Ethernet 0/0/2 Step 2 Configure mirrored interfaces. # Configure Ethernet0/0/0 on the Router as the local mirrored interface to monitor the packets sent by the R&D department.
  • Page 87 Output peak rate 528 bits/sec,Record time: 2008-03-07 22:24:34 Input: 51924 packets, 7850076 bytes Unicast: Multicast: 51924 Broadcast: Jumbo: Discard: Total Error: CRC: Giants: Jabbers: Throttles: Runts: DropEvents: Alignments: Symbols: Ignoreds: Frames: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 88 Output bandwidth utilization : 0.00% ----End Configuration Files Configuration file of the Router observe-port interface Ethernet0/0/2 interface Ethernet0/0/0 mirror to observe-port inbound interface Ethernet0/0/1 mirror to observe-port inbound return Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 89: Example For Configuring Local Flow Mirroring

    Type and number of the observing interface Type and number of the mirrored interface Observing interface index, 1 Traffic classifier, c1 Traffic behavior, b1 Traffic policy, p1 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 90 # Create IPv4 ACL 2000 on the Router to match the IPv4 packets with destination address 192.168.1.10. <Huawei> system-view [Huawei] acl number 2000 [Huawei-acl-basic-2000] rule permit source 192.168.1.10 0 [Huawei-acl-basic-2000] quit # Create a traffic classifier named c1 and bind it to ACL 2000. [Huawei] traffic classifier c1...

  • Page 91: Example For Configuring Remote Port Mirroring

    NOTE The hosts on the enterprise network use private addresses; therefore, a GRE tunnel must be configured on the public network to ensure communication. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 92 Observing server index, 1 Procedure Step 1 Configure IP addresses for interfaces. # Assign an IP address to each interface on the Router. This example describes the configuration on RouterA. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 93 # Check the configuration of the observing server. <RouterA> display observe-server ---------------------------------------------------------------------- Index destination-ip : 192.168.2.2 source-ip : 192.168.1.1 dscp Used ---------------------------------------------------------------------- # Check the configuration of the mirrored interface. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 94 Ethernet1/0/1 ip address 30.1.1.1 255.255.255.0 ip route-static 0.0.0.0 0.0.0.0 30.1.1.2 ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1 interface Tunnel0/0/1 ip address 10.1.1.2 255.255.255.0 tunnel-protocol source 30.1.1.1 destination 20.1.1.1 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 95: Example For Configuring Remote Flow Mirroring

    Configure IP addresses and default routes for all interfaces on RouterA and RouterB, as shown in Figure 4-10. Configure a GRE tunnel to allow the hosts with private addresses to communicate over the public network. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 96 [RouterB-Tunnel0/0/1] tunnel-protocol gre [RouterB-Tunnel0/0/1] ip address 10.1.1.2 24 [RouterB-Tunnel0/0/1] source 30.1.1.1 [RouterB-Tunnel0/0/1] destination 20.1.1.1 [RouterB-Tunnel0/0/1] quit # Configure a static route from RouterA to the observing device. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 97 # View the traffic policy configuration. <RouterA> display traffic policy user-defined p1 User Defined Traffic Policy Information: Policy: p1 Classifier: c1 Operator: OR Behavior: b1 mirror to observe-server ----End Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 98 Ethernet1/0/0 ip address 192.168.2.1 255.255.255.0 interface Ethernet1/0/1 ip address 30.1.1.1 255.255.255.0 ip route-static 0.0.0.0 0.0.0.0 30.1.1.1 ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1 interface Tunnel0/0/1 ip address 10.1.1.2 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 99 Huawei AR150&200 Series Enterprise Routers Configuration Guide - Device Management 4 Mirroring Configuration 255.255.255.0 tunnel-protocol source 30.1.1.1 destination 20.1.1.1 return Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 100: Hardware Management

    5.2 Hardware Management Supported by the AR150/200 This section describes the hardware management operations supported by the AR150/200. 5.3 Backing Up Electronic Labels This section describes how to back up electronic labels. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 101: Introduction To Hardware Management

    Before backing up electronic labels, ensure that the AR150/200 and the FTP server are routable. Data Preparation To back up electronic labels, you need the following data. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 102: Backing Up Electronic Labels

    Electronic labels are backed up to a TFTP server. ----End 5.3.3 Checking the Configuration After backing up elabels, you can check whether the operation is successful. Context The elabels have been backed up. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 103 Configuration Guide - Device Management 5 Hardware Management Procedure Run the display elabel [ slot slot-id ] [ brief ] command in any view to check elabel information. ----End Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 104: Auto-Config

    6.3 Deploying Unconfigured Routers This section describes how to deploy unconfigured Routers. 6.4 Configuration Examples This section provides examples for configuring Auto-Config, including networking requirements, configuration notes, and configuration roadmap. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 105: Auto-Config Overview

    9300070123456789, the system software name is auto_V200R001C00.cc, the version is V200R001C00, the patch file is auto_V200R001C00.pat, and the configuration file is auto_V200R001C00.cfg, the contents of the intermediate file arnet.ini are as follows: MAC=0018-82C5- AA89;ESN=9300070123456789;vrpfile=auto_V200R001C00.cc;vrpver=V200R001C00;patchfile =auto_V200R001C00.pat;cfgfile=auto_V200R001C00.cfg; Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 106 Version information must be contained in the system software. Auto-Config Process Figure 6-1 shows the Auto-Config process. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 107 The timer expires, and the device is restarted Set it as the version Set it as the patch file file for next startup for next startup Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 108 If the configuration file fails to be obtained, it is downloaded once every 30 minutes. If it cannot be obtained after 3 days, it is downloaded once every 2 hours. If it cannot Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 109 Non-configuration file information, such as system software information, version information and patch file information, in the following format: vrpfile=VRPFILENAME;vrpver=VRPVERSION;patchfile=PATCHFILENAME; For example: vrpfile=auto_V200R001C00.cc;vrpver=V200R001C00;patchfile=auto_ V200R001C00.pat; NOTE Version information must be contained in the system software. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 110: Deploying Unconfigured Routers

    FTP/TFTP server. After the DHCP server and FTP/TFTP server are configured, routers can be configured by using Auto- Config. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 111 Information about the interface that connects an AR150/200 to the DHCP server Address pool of the DHCP server IP address range and mask of the DHCP server Egress gateway of routers Option parameters of the DHCP server Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 112: Configuring The Dhcp Server

    Do you want to stop Auto-Config? [y/n]:". Enter Y. Before powering on the Auto-Config-enabled routers, configure the DHCP server and file server; otherwise, the routers cannot obtain configuration files. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 113 The range of IP addresses that can be dynamically allocated is configured. Step 9 Run: gateway-list ip-address &<1-8> The IP address of the egress gateway is configured for the DHCP client. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 114: Configuring The Ftp/Tftp Server

    Step 3 (Optional) Configure the authentication information, authorization mode, and working directory for FTP users. For TACACS authentication users: l Run: set default ftp-directory directory The default FTP working directory is configured. For AAA authentication users: l Run: Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 115: Checking The Configuration

    FTP server. ----End 6.3.4 Checking the Configuration You can view the configuration in different phases of the Auto-Config process to check whether Auto-Config runs properly. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 116: Configuration Examples

    Auto-Config function. The AR150/200 can automatically load the configuration file, version file, and patch file stored on the FTP server after the FTP server and DHCP server are configured. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 117 – IP address: 192.168.2.6/24 – Address pool: 192.168.2.0/24 – Option 67 (configuration file): auto_V200R002C00B002.cfg – Option 141 (FTP user name): user – Option 142 (FTP password): huawei – Option 143 (FTP server address): 192.168.1.6 – Option 145 (non-configuration file): vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfile=auto_V2 00R002C00B002.pat;...
  • Page 118 [DHCP Server] network 192.168.2.0 mask 255.255.255.0 [DHCP Server] gateway-list 192.168.2.6 [DHCP Server] option 67 ascii auto_V200R002C00B002.cfg [DHCP Server] option 141 ascii user [DHCP Server] option 142 ascii huawei [DHCP Server] option 143 ip-address 192.168.1.6 [DHCP Server] option 145 ascii vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfile=auto_V200R002C00B 002.pat;...
  • Page 119 Remained time : -- Operation result: -- Failed reason : -- ----End Configuration Files Configuration file of the DHCP server dhcp enable ip pool auto-config gateway-list 192.168.2.6 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 120 Configuration file of the FTP server ftp server enable local-user user1 password simple huawei local-user user1 ftp-directory flash:/ local-user user1 service-type ftp interface Ethernet1/0/0 ip address 192.168.1.6 255.255.255.0 Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 121: Fault Management

    This section describes how to maintain fault management. 7.6 Configuration Examples This section provides examples for configuring fault management, including networking requirements, configuration notes, and configuration roadmap. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 122: Introduction To Fault Management

    Before configuring alarm management, complete the following task: Installing system software to the router and powering it on Data Preparation Before configuring alarm management, you need the following data. Data Alarm name Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 123: Setting The Alarm Severity Level

    7.3.3 Configuring Delaying Alarm Reporting To control the frequency at which alarms are reported, you can set a period after which a generated alarm is reported. Procedure Step 1 Run: system-view Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 124: Configuring Correlated Alarm Suppression

    Step 1 Run: system-view The system view is displayed. Step 2 Run: alarm The alarm view is displayed. Step 3 Run: correlation-analyze enable Correlated alarm suppression is enabled. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 125: Checking The Configuration

    Run the display alarm active command to view active alarms. For example: <Huawei> display alarm active A/B/C/D/E/F/G/H/I/J A=Sequence, B=RootKindFlag(Independent|RootCause|nonRootCause) C=Generating time, D=Clearing time E=ID, F=Name, G=Level, H=State Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 126: Configuring Event Management

    Warning/End/OID 1.3.6.1.4.1.2011.5.25.219.2.6.5 Fan is invalid.(Index=16397, Ent ityPhysicalIndex=16397, PhysicalName="FAN Card 0/1", EntityTrapFaultID=139264) Run the display alarm information [ name alarm-name ] command to view information about a specified alarm. For example: <Huawei> display alarm information name hwPatchNeedResetBoardTrap ********************************** AlarmName: hwPatchNeedResetBoardTrap AlarmType: Alarm...

  • Page 127: Configuring Delayed Event Reporting

    NMS when the delay period expires and discards the following ones. ----End 7.4.3 Checking the Configuration After event management is configured, you can check event information. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 128: Maintenance

    4/Independent/2011-08-17 16:13:33/-/0xc0dc2000/entConfigChange/Warning/Start/O ID 1.3.6.1.2.1.47.2.0.1 Entity MIB change. Run the display event information [ name event-name ] command to view information about a specified event. For example: <Huawei> display event information name hwICLogfileNumberUpper ********************************** EventName: hwICLogfileNumberUpper EventType: Critical Event EventLevel: NA...

  • Page 129: Clearing Alarm Messages

    Therefore, before deleting event messages, be sure that the NMS no longer needs these event messages. In routine maintenance, you can run the following commands in the event view to clear event messages. Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 130: Configuration Examples

    To complete the configuration, you need the following data: Alarm name Alarm severity level Period after which a generated alarm is reported Type and number of the interface on which alarms are filtered Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 131 [Huawei-alarm] alarm-name linkDown severity major Step 3 Configure the linkDown alarm to be reported to the NMS 5 seconds after it is generated. [Huawei-alarm] delay-suppression enable [Huawei-alarm] suppression alarm-name linkDown cause-period 5 Step 4 Configure alarm filtering on Ethernet 1/0/0. [Huawei] alarm...
  • Page 132 CONFIGURATION trap-name linkDown alarm suppression alarm-name linkDown cause-period 5 correlation-analyze enable mask interface Ethernet1/0/0 alarm-name linkDown severity major return Issue 02 (2012-03-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

This manual is also suitable for:

Ar200 series

Table of Contents