Contents Using ping, tracert, and system debugging ····················································· 1 Ping ···································································································································································· 1 Using a ping command to test network connectivity ·················································································· 1 Ping example ············································································································································· 1 Tracert ································································································································································ 3 Prerequisites ·············································································································································· 4 Using a tracert command to identify failed or all nodes in a path ······························································· 5 System debugging ·············································································································································...
Page 4
FIPS compliance ·············································································································································· 44 Information center configuration task list ········································································································· 44 Outputting system information to the console ·································································································· 45 Outputting system information to the monitor terminal ···················································································· 45 Outputting system information to a log host ····································································································· 46 Outputting system information to the trap buffer ······························································································ 47 Outputting system information to the log buffer ·······························································································...
Page 5
Port mirroring classification and implementation ······················································································ 88 Configuring local port mirroring ························································································································ 90 Local port mirroring configuration task list ································································································ 90 Creating a local mirroring group ··············································································································· 91 Configuring source ports for a local mirroring group ················································································ 91 Configuring source CPUs for a local mirroring group ··············································································· 92 Configuring the monitor port for a local mirroring group ···········································································...
Page 6
Configuring the collaboration function ···································································································· 132 Configuring threshold monitoring ··········································································································· 133 Configuring the NQA statistics function ·································································································· 136 Configuring the saving function of NQA history records ········································································ 136 Scheduling an NQA operation ················································································································ 137 Displaying and maintaining NQA ··················································································································· 138 NQA configuration examples ·························································································································...
Page 7
Terminology ··········································································································································· 177 IPv6 NetStream key technologies ·················································································································· 178 Flow aging ·············································································································································· 178 Data export ············································································································································· 178 IPv6 NetStream export format ················································································································ 179 IPv6 NetStream configuration task list ··········································································································· 179 Enabling IPv6 NetStream on an interface ······································································································ 180 Configuring IPv6 NetStream data export ······································································································· 180 Configuring IPv6 NetStream traditional data export ···············································································...
Page 8
Configuring the DNS server ··················································································································· 206 Configuring ACS and CPE attributes through ACS ················································································ 206 Configuring CWMP at the CLI ················································································································ 206 Enabling CWMP ············································································································································· 207 Configuring the ACS attributes ······················································································································ 207 Configuring the ACS URL ······················································································································ 208 Configuring the ACS username and password ······················································································ 208 Configuring CPE attributes ····························································································································...
Page 9
Document conventions and icons ······························································· 243 Conventions ··················································································································································· 243 Network topology icons ·································································································································· 244 Support and other resources ······································································ 245 Accessing Hewlett Packard Enterprise Support ···························································································· 245 Accessing updates ········································································································································· 245 Websites ················································································································································ 246 Customer self repair ······························································································································· 246 Remote support ······································································································································ 246 Documentation feedback ·······················································································································...
Using ping, tracert, and system debugging Use the ping, tracert, and system debugging utilities to test network connectivity and identify network problems. Ping The ping utility sends ICMP echo requests (ECHO-REQUEST) to the destination device. Upon receiving the requests, the destination device responds with ICMP echo replies (ECHO-REPLY) to the source device.
Figure 1 Network diagram Test procedure # Use the ping command on Device A to test connectivity to Device C. <DeviceA> ping 1.1.2.2 PING 1.1.2.2: 56 data bytes, press CTRL_C to break Reply from 1.1.2.2: bytes=56 Sequence=1 ttl=254 time=205 ms Reply from 1.1.2.2: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 1.1.2.2: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 1.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms...
1.1.1.2 1.1.1.1 Reply from 1.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms Record Route: 1.1.2.1 1.1.2.2 1.1.1.2 1.1.1.1 Reply from 1.1.2.2: bytes=56 Sequence=5 ttl=254 time=1 ms Record Route: 1.1.2.1 1.1.2.2 1.1.1.2 1.1.1.1 --- 1.1.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/11/53 ms The test procedure with the ping –r command (see...
Enable sending of ICMP timeout packets on the intermediate devices (devices between the source and destination devices). If the intermediate devices are HPE devices, execute the ip ttl-expires enable command on the devices. For more information about this command, see Layer 3—IP Services Command Reference.
• Enable sending of ICMPv6 timeout packets on the intermediate devices (devices between the source and destination devices). If the intermediate devices are HPE devices, execute the ipv6 hoplimit-expires enable command on the devices. For more information about this command, see Layer 3—IP Services Command Reference.
Figure 3 Relationship between the protocol-debugging switch and screen-output switch Debugging a feature module Output of debugging commands is memory intensive. To guarantee system performance, enable debugging only for modules that are in an exceptional condition. When debugging is complete, use the undo debugging all command to disable all the debugging functions.
Ping and tracert example Network requirements As shown in Figure 4, Device A failed to Telnet to Device C. Determine whether Device A and Device C can reach each other. If they cannot reach each other, locate the failed nodes in the network. Figure 4 Network diagram Test procedure Use the ping command to test connectivity between Device A and Device C.
Page 17
Use the debugging ip icmp command on Device A and Device C to verify that they can send and receive the specific ICMP packets, or use the display ip routing-table command to verify the availability of active routes between Device A and Device C.
Configuring NTP This chapter provides an overview of NTP configuration. Overview NTP is typically used in large networks to dynamically synchronize time among network devices. It guarantees higher clock accuracy than manual system clock setting. In a small network that does not require high clock accuracy, you can keep time synchronized among devices by changing their system clocks one by one.
Figure 5 Basic work flow of NTP The synchronization process is as follows: • Device A sends Device B an NTP message, which is timestamped when it leaves Device A. The timestamp is 10:00:00 am (T1). • When this NTP message arrives at Device B, it is timestamped by Device B. The timestamp is 11:00:01 am (T2).
Page 20
Figure 6 Clock synchronization message format The main fields are described as follows: • LI (Leap Indicator)—A 2-bit leap indicator. If set to 11, it warns of an alarm condition (clock unsynchronized). If set to any other value, it is not to be processed by NTP. •...
• Originate Timestamp—The local time at which the request departed from the client for the service host. • Receive Timestamp—The local time at which the request arrived at the service host. • Transmit Timestamp—The local time at which the reply departed from the service host for the client.
Page 22
Symmetric peers mode Figure 8 Symmetric peers mode In symmetric peers mode, devices that operate in symmetric active mode and symmetric passive mode exchange NTP messages with the Mode field 3 (client mode) and 4 (server mode). Then the device that operates in symmetric active mode periodically sends clock synchronization messages, with the Mode field in the messages set to 1 (symmetric active).
Multicast mode Figure 10 Multicast mode In multicast mode, a server periodically sends clock synchronization messages to the user-configured multicast address, or, if no multicast address is configured, to the default NTP multicast address 224.0.1.1, with the Mode field in the messages set to 5 (multicast mode). Clients listen to the multicast messages from servers.
Figure 11 Network diagram NTP configuration task list Task Remarks Configuring NTP operation modes Required. Configuring optional parameters Optional. Configuring the DSCP value for NTP messages Optional. Configuring NTP authentication Optional. Configuring NTP operation modes Devices can implement clock synchronization in one of the following modes: •...
Step Command Remarks By default, no NTP server is specified. ntp-service unicast-server In this command, the ip-address [ vpn-instance argument must be a unicast vpn-instance-name ] { ip-address address, rather than a broadcast Specify an NTP server for | server-name } address, a multicast address or the device.
broadcast server for sending NTP broadcast messages and on each broadcast client for receiving broadcast messages. Configuring a broadcast client Step Command Remarks Enter system view. system-view Enter Layer 3 Ethernet This command enters the view of interface interface-type interface view or VLAN the interface for sending NTP interface-number interface view.
Step Command Remarks Enter Layer 3 Ethernet This command enters the view of interface interface-type interface view or VLAN the interface for sending NTP interface-number multicast messages. interface view. ntp-service multicast-server A multicast server can Configure the device to [ ip-address ] synchronize broadcast clients operate in NTP multicast [ authentication-keyid keyid | ttl...
Step Command Remarks Enter Layer 3 Ethernet interface interface-type interface view or VLAN interface-number interface view. Disable the interface from By default, an interface is enabled ntp-service in-interface disable receiving NTP messages. to receive NTP messages. Configuring the allowed maximum number of dynamic sessions NTP has the following types of associations: •...
Configuring access-control rights From the highest to lowest, the NTP service access-control rights are peer, server, synchronization, and query. If a device receives an NTP request, it performs an access-control right match and uses the first matched right. If no matched right is found, the device drops the NTP request.
Configuring NTP authentication in client/server mode Follow these instructions to configure NTP authentication in client/server mode: • A client can synchronize to the server only when you configure all the required tasks on both the client and server. • On the client, if NTP authentication is not enabled or no key is specified to associate with the NTP server, the client is not authenticated.
Configuring NTP authentication in symmetric peers mode Follow these instructions to configure NTP authentication in symmetric peers mode: • An active symmetric peer can synchronize to the passive symmetric peer only when you configure all the required tasks on both the active symmetric peer and passive symmetric peer. •...
Step Command Remarks By default, no NTP authentication key is configured. ntp-service Configure an NTP authentication-keyid keyid Configure the same authentication key. authentication-mode md5 authentication key on the active [ cipher | simple ] value symmetric peer and passive symmetric peer. Configure the key as a ntp-service reliable By default, the authentication key...
Step Command Remarks You can associate a non-existing key with the broadcast server. To enable NTP authentication, you Associate the specified key ntp-service broadcast-server must configure the key and with the broadcast server. authentication-keyid keyid specify it as a trusted key after associating the key with the broadcast server.
Step Command Remarks You can associate a non-existing key with the multicast server. To enable NTP authentication, you Associate the specified key ntp-service multicast-server must configure the key and with the multicast server. authentication-keyid keyid specify it as a trusted key after associating the key with the multicast server.
Clock stratum: 16 Reference clock ID: none Nominal frequency: 64.0000 Hz Actual frequency: 64.0000 Hz Clock precision: 2^7 Clock offset: 0.0000 ms Root delay: 0.00 ms Root dispersion: 0.00 ms Peer dispersion: 0.00 ms Reference time: 00:00:00.000 UTC Jan 1 1900 (00000000.00000000) # Specify Device A as the NTP server of Device B so that Device B synchronizes to Device A.
Page 36
Figure 13 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure Device B: # Specify Device A as the NTP server of Device B. <DeviceB> system-view [DeviceB] ntp-service unicast-server 3.0.1.31 Display the NTP status of Device B after clock synchronization. [DeviceB] display ntp-service status Clock status: synchronized Clock stratum: 3...
Clock precision: 2^18 Clock offset: -21.1982 ms Root delay: 15.00 ms Root dispersion: 775.15 ms Peer dispersion: 34.29 ms Reference time: 15:22:47.083 UTC Sep 19 2005 (C6D95647.153F7CED) The output shows that Device C has synchronized to Device B because it has a higher stratum than Device B.
[SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] ntp-service broadcast-server Configure Switch A: # Configure Switch A to operate in broadcast client mode and receive broadcast messages on VLAN-interface 2. <SwitchA> system-view [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ntp-service broadcast-client Configure Switch B: # Configure Switch B to operate in broadcast client mode and receive broadcast messages on VLAN-interface 2.
Page 39
• Switch A and Switch D operate in multicast client mode and receive multicast messages through VLAN-interface 3 and VLAN-interface 2 respectively. Figure 15 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 15. (Details not shown.) Configure Switch C: # Configure Switch C to operate in multicast server mode and send multicast messages through VLAN-interface 2.
Page 40
# Display NTP session information for Switch D, which shows that an association has been set up between Switch D and Switch C. [SwitchD-Vlan-interface2] display ntp-service sessions source reference stra reach poll offset delay disper ************************************************************************** [1234] 3.0.1.31 127.127.1.0 -16.0 31.0 16.6 note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured...
Clock stratum: 3 Reference clock ID: 1.0.1.11 Nominal frequency: 64.0000 Hz Actual frequency: 64.0000 Hz Clock precision: 2^7 Clock offset: 0.0000 ms Root delay: 31.00 ms Root dispersion: 1.05 ms Peer dispersion: 7.81 ms Reference time: 14:53:27.371 UTC Sep 19 2005 (C6D94F67.5EF9DB22) The output shows that Device B has synchronized to Device A.
Page 43
Configuration procedure Set the IP address for each interface as shown in Figure 17. (Details not shown.) Configure Switch A: # Configure Switch A to operate in NTP broadcast client mode and receive NTP broadcast messages on VLAN-interface 2. <SwitchA> system-view [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ntp-service broadcast-client Configure Switch B:...
Page 44
# NTP authentication is enabled on Switch B, but not enabled on Switch C, so Switch B cannot synchronize to Switch C. [SwitchB-Vlan-interface2] display ntp-service status Clock status: unsynchronized Clock stratum: 16 Reference clock ID: none Nominal frequency: 100.0000 Hz Actual frequency: 100.0000 Hz Clock precision: 2^18 Clock offset: 0.0000 ms...
Configuration procedure Before you perform the following configuration, be sure you have completed MPLS VPN-related configurations, and make sure of the reachability between CE 1 and PE 1, between PE 1 and PE 2, and between PE 2 and CE 3. For information about configuring MPLS VPN, see MPLS Configuration Guide.
Page 47
<PE1> system-view [PE1] ntp-service unicast-peer vpn-instance vpn1 10.1.1.1 # Display NTP session information and status information on PE 1 a certain period of time later. This information should show that PE 1 has synchronized to CE 1, with the clock stratum level [PE1] display ntp-service status Clock status: synchronized Clock stratum: 2...
Configuring the information center This chapter describes how to configure the information center. Overview The information center collects and classifies system information as follows: • Receives system information including log, trap, and debugging information from source modules. • Outputs the information to different information channels, according to output rules. •...
Corresponding Severity Severity Description keyword in value commands Critical condition. For example, the device temperature Critical exceeds the upper limit, the power module fails, or the critical fan tray fails. Error Error condition. For example, the link state changes. errors Warning condition.
Default output rules of system information A default output rule specifies the system information source modules, information type, and severity levels for an output destination. Table 3 shows the default output rules. Table 3 Default output rules Trap Debug Source Destinatio module Status...
Page 51
IP address) • If the system information is in the HPE format, the field is displayed as the system name of the device that generated the system information. You can use the sysname command to modify the local system name. For more information, see Fundamentals Command Reference.
Page 52
UNICOM format. This optional field identifies the source of the information. It is displayed only when the system information is sent to a log host in HPE format. It can take one of the following values: source •...
Timestamp Description Example parameters %May 30 05:36:29:579 2003 Sysname FTPD/5/FTPD_LOGIN: User ftp Current date and time, in the format of mm dd hh:mm:ss:xxx yyy. (192.168.1.23) has logged in date successfully. All system information supports this parameter. May 30 05:36:29:579 2003 is a timestamp in the date format.
Configurations for the information output destinations function independently. Outputting system information to the console Step Command Remarks Enter system view. system-view Optional. Enable the information info-center enable center. Enabled by default. Optional. info-center channel Specify a name for a channel channel-number name Table 2 for default channel...
Step Command Remarks Enter system view. system-view Optional. Enable the information info-center enable center. Enabled by default. Optional. info-center channel Specify a name for a channel channel-number name Table 2 for default channel identified by its number. channel-name names. Optional. info-center monitor channel By default, system information is Configure an output channel...
Set the format to UNICOM: Optional. info-center format unicom Set the system Use either approach. • information format. Set the format to HPE: HPE by default. undo info-center format By default, no log host or related parameters are specified. info-center loghost [ vpn-instance...
Step Command Remarks Optional. info-center channel Specify a name for a channel channel-number name Table 2 for default channel identified by its number. channel-name names. Optional. info-center trapbuffer [ channel Configure an output channel By default, system information is { channel-number | for the trap buffer and set the output to the trap buffer through channel-name } | size buffersize ]...
Outputting system information to the SNMP module The SNMP module receives the trap information only, and discards the log and debugging information. To monitor device running status, trap information is usually sent to the SNMP NMS. For this purpose, you must configure output of traps to the SNMP module, and set the trap sending parameters for the SNMP module.
Step Command Remarks Optional. info-center channel Specify a name for a channel channel-number name Table 2 for default channel identified by its number. channel-name names. Optional. info-center syslog channel Configure an output channel By default, system information is { channel-number | for the Web interface.
Step Command Remarks By default, log file overwrite-protection is disabled. The all-port-powerdown keyword causes the system to shut down all physical ports, including the console port, the info-center logfile management Ethernet port, IRF Enable log file overwrite-protection ports, and ports configured with overwrite-protection.
alarm threshold for the security log file usage. When the alarm threshold is reached, the system outputs a message to inform the administrator. The administrator can log in to the device as the security log administrator and back up the security log file to prevent the loss of important data. By default, security logs are not saved into the security log file.
Page 62
Task Command Remarks • Display the contents of the specified file: more file-url • Display information about all files and folders: dir [ /all ] [ file-url ] • Create a folder in a specified directory on the storage medium: mkdir directory •...
If system information, such as log information, is output before you input any information under the current command line prompt, the system does not display the command line prompt. If system information is output when you are inputting some interactive information (non Y/N confirmation information), the system displays your previous input in a new line but does not display the command line prompt.
Task Command Remarks display logbuffer [ reverse ] [ level Display the state and the log severity | size buffersize | slot slot-number ] Available in any view. * [ | { begin | exclude | include } information of the log buffer. regular-expression ] display logbuffer summary [ level Display the summary of the log...
[Sysname] info-center source ip channel console log level informational state on [Sysname] quit # Enable the display of log information on the console. (This function is enabled by default.) <Sysname> terminal monitor Info: Current terminal monitor is on. <Sysname> terminal logging Info: Current terminal logging is on.
b. Create a subdirectory named Device in directory /var/log/, and then create file info.log in the Device directory to save logs from Device. # mkdir /var/log/Device # touch /var/log/Device/info.log c. Edit the file syslog.conf in directory /etc/ and add the following content. # Device configuration messages local4.info /var/log/Device/info.log...
# Configure an output rule to output to the log host the log information that has a severity level of at least informational. [Sysname] info-center source default channel loghost log level informational state on debug state off trap state off Disable the output of unnecessary information of all modules on the specified channel in the output rule.
Page 69
Figure 23 Network diagram Configuration considerations The configuration in this example includes two parts: Log in to the device as the system administrator Enable saving security logs into the security log file and set the saving interval to one hour. Create a local user seclog with the password 123123123123, and authorize this user as the security log administrator.
Page 70
# According to the network plan, the user logs in to the device through SSH or Telnet, so configure the authentication mode of the VTY user interface as scheme. [Sysname] user-interface vty 0 15 [Sysname-ui-vty0-15] authentication-mode scheme [Sysname-ui-vty0-15] quit Configuration performed by the security log administrator # Log in to the device as user seclog.
Page 71
# Display the contents of the security log file. <Sysname> more securitylog/seclog.log %@157 Nov 2 16:12:01:750 2009 Sysname SHELL/4/LOGIN: Trap 1.3.6.1.4.1.25506.2.2.1.1.3.0.1: login from Console %@158 Nov 2 16:12:01:750 2009 Sysname SHELL/5/SHELL_LOGIN:Console logged in from aux0. The content of other logs is not shown. # Back up the security log file onto SFTP server 192.168.1.2.
Configuring SNMP This chapter provides an overview of the Simple Network Management Protocol (SNMP) and guides you through the configuration procedure. Overview SNMP is an Internet standard protocol widely used for a management station to access and operate the devices on a network, regardless of their vendors, physical characteristics and interconnect technologies.
Figure 25 MIB tree A MIB view represents a set of MIB objects (or MIB object hierarchies) with certain access privilege and is identified by a view name. The MIB objects included in the MIB view are accessible while those excluded from the MIB view are inaccessible. A MIB view can have multiple view records each identified by a view-name oid-tree pair.
Configuring SNMP basic parameters SNMPv3 differs from SNMPv1 and SNMPv2c in many ways. Their configuration procedures are described in separate sections. Configuring SNMPv3 basic parameters Step Command Remarks Enter system view. system-view Optional. By default, the SNMP agent is disabled. You can also enable the SNMP Enable the SNMP agent.
Step Command Remarks snmp-agent group v3 group-name [ authentication | privacy ] [ read-view read-view ] Configure an SNMPv3 By default, no SNMP group [ write-view write-view ] group. exists. [ notify-view notify-view ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * snmp-agent calculate-password...
Page 76
Step Command Remarks Optional. By default, the SNMP agent is disabled. You can also enable the SNMP agent Enable the SNMP service by using any command that snmp-agent agent. begins with snmp-agent except the snmp-agent calculate-password and snmp-agent ifmib long-ifindex enable commands.
Step Command Remarks Configure the Optional. maximum size (in snmp-agent packet max-size By default, the SNMP agent can receive bytes) of SNMP byte-count and send the SNMP packets up to 1500 packets for the bytes. SNMP agent. Set the DSCP value Optional.
• An NM-specific ifindex format change invalidates the NM-specific ifindex dependent settings, and these settings cannot become valid until you switch the format back. To use these settings in the new format, you must re-configure them. For example, if an RMON alarm group or private alarm group has alarm variables in the format OID/variable-name.NM-specific-ifindex, you must reconfigure these variables after an NM-specific ifindex format change.
Traps fall into generic traps and vendor-specific traps. Generic traps include authentication, coldstart, linkdown, linkup and warmstart. All other traps are vendor-defined. SNMP traps generated by a module are sent to the information center. You can configure the information center to enable or disable outputting the traps from a module by severity and set output destinations.
Page 80
• Complete the basic SNMP settings and verify that they are the same as on the NMS. If SNMPv1 or SNMPv2c is used, you must configure a community name. If SNMPv3 is used, you must configure an SNMPv3 user and MIB view. •...
Displaying and maintaining SNMP Task Command Remarks Display SNMP agent system display snmp-agent sys-info [ contact | information, including the location | version ]* [ | { begin | exclude | Available in any view. contact, physical location, and include } regular-expression ] SNMP version.
Page 82
Figure 27 Network diagram Configuration procedure Configure the SNMP agent: # Configure the IP address of the agent, and make sure the agent and the NMS can reach each other. (Details not shown.) # Specify SNMPv1 and SNMPv2c, and create a read-only community public and a read and write community private.
Command = Trap Enterprise = 1.3.6.1.4.1.43.1.16.4.3.50 GenericID = 4 SpecificID = 0 Time Stamp = 8:35:25.68 SNMPv3 configuration example Network requirements As shown in Figure 28, the NMS (1.1.1.2/24) uses SNMPv3 to monitor and manage the interface status of the agent (1.1.1.1/24), and the agent automatically sends traps to report events to the NMS. The NMS and the agent perform authentication when they set up an SNMP session.
Set the authentication key to 123456TESTauth&! and the privacy key to 123456TESTencr&!. Set the timeout time and maximum number of retries. For information about configuring the NMS, see the NMS manual. NOTE: The SNMP settings on the agent and the NMS must match. Verify the configuration: # Try to get the count of sent traps from the agent.
Page 85
Figure 29 Network diagram Configuration procedure This example assumes that you have configured all required SNMP settings for the NMS and the agent (see "SNMPv1/SNMPv2c configuration example" or "SNMPv3 configuration example"). # Enable displaying log messages on the configuration terminal. (This function is enabled by default. Skip this step if you are using the default.) <Agent>...
Page 86
Field Description errorStatus Error status, with noError meaning no error. Value set by the SET operation. This field is null for a GET operation. If the value is a character string that has invisible characters value or characters beyond the ASCII range 0 to 127, the string is displayed in hexadecimal format, for example, value = <81-43>[hex].
RMON groups Among the RFC 2819 defined RMON groups, HPE device implements the statistics group, history group, event group, and alarm group supported by the public MIB. HPE device also implements a private alarm group, which enhances the standard alarm group.
Page 88
The history statistics table records traffic statistics collected for each sampling interval. The sampling interval is user-configurable. Event group The event group defines event indexes and controls the generation and notifications of the events triggered by the alarms defined in the alarm group and the private alarm group. The events can be handled in one of the following ways: •...
If a private alarm entry crosses a threshold multiple times in succession, the RMON agent generates an alarm event only for the first crossing. For example, if the value of a sampled alarm variable crosses the rising threshold multiple times before it crosses the falling threshold, only the first crossing triggers a rising alarm event.
Step Command Create an entry in the RMON history rmon history entry-number buckets number interval control table. sampling-interval [ owner text ] Configuring the RMON alarm function Follow these guidelines when you configure the RMON alarm function: • To send traps to the NMS when an alarm is triggered, configure the SNMP agent as described "Configuring SNMP."...
Maximum number of Entry Parameters to be compared entries Alarm variable formula (alarm-variable), sampling interval (sampling-interval), sampling type (absolute, changeratio Prialarm or delta), rising threshold (threshold-value1) and falling threshold (threshold-value2) Displaying and maintaining RMON Task Command Remarks display rmon statistics [ interface-type Display RMON statistics.
multicast packets : 6 , CRC alignment errors : 0 undersize packets : 0 , oversize packets fragments , jabbers collisions , utilization # Get the traffic statistics through SNMP from the terminal. (Details not shown.) Alarm group configuration example Network requirements Configure the RMON alarm group on the RMON agent in Figure 33...
Page 95
Sampling interval : 5(sec) Rising threshold : 100(linked with event 1) Falling threshold : 50(linked with event 2) When startup enables : risingOrFallingAlarm Latest value # Display statistics for GigabitEthernet 1/0/1. <Sysname> display rmon statistics gigabitethernet 1/0/1 EtherStatsEntry 1 owned by user1-rmon is VALID. Interface : GigabitEthernet1/0/1<ifIndex.3>...
Bidirectional—Copies packets both received and sent on a mirroring source. NOTE: On the HPE 5800&5820X switch series, if incoming traffic is mirrored, the mirrored traffic is sent with the same VLAN tag (if any) as the original traffic. If the outgoing traffic is mirrored, the mirrored traffic carries the same VLAN tag as the original traffic did before it was sent out of the mirroring ports.
The remote probe VLAN specially transmits mirrored packets to the destination device. Both the reflector port and egress port reside on a source device and send mirrored packets to the remote probe VLAN. The egress port must belong to the remote probe VLAN, but the reflector port may not. For more information about the reflector port, egress port, remote probe VLAN, and Layer 2 remote port mirroring, see "Port mirroring classification and...
Page 98
remote probe VLAN and transmit the packets to the destination device. When it receives the mirrored packets, the destination device checks whether their VLAN IDs are the same as the remote probe VLAN ID. If yes, the device forwards the packets to the data monitoring device through the monitor port.
Figure 36 Layer 3 remote port mirroring implementation The source device sends one copy of packets received on the source port GigabitEthernet 1/0/1 to the tunnel interface, which serves as the monitor port in the local mirroring group created on the source device.
A source port on the HPE 5800 is assigned a maximum of four mirroring resources. Therefore, a port, when serving as a unidirectional source port, can be added to up to four mirroring groups.
Configuring source CPUs for a local mirroring group Step Command Remarks 1. Enter system view. system-view 2. Configure source mirroring-group group-id By default, no source CPU is CPUs local mirroring-cpu slot slot-number-list configured for a local mirroring group. mirroring group. { both | inbound | outbound } NOTE: A mirroring group can contain multiple source CPUs.
Step Command Remarks 3. Configure the current port as By default, a port does not serve [ mirroring-group group-id ] the monitor port for a local as the monitor port for any local monitor-port mirroring group. mirroring group. Using the remote probe VLAN to enable local mirroring to support multiple monitor ports In typical local port mirroring configuration, you can configure only one monitor port in a local mirroring group.
Configuration procedure To configure local port mirroring with multiple monitor ports: Step Command Remarks 1. Enter system view. system-view 2. Create a remote source mirroring-group group-id By default, no mirroring group mirroring group. remote-source exists on a device. • (Approach 1) In system view: mirroring-group group-id mirroring-port mirroring-port-list { both | inbound | outbound }...
resulting in undesired duplicates. For more information about GVRP, see Layer 2—LAN Switching Configuration Guide. Do the following to configure Layer 2 remote port mirroring: • On the source device, configure the source ports/CPUs, the remote probe VLAN, and the egress port for the remote source group.
Page 105
A source port on the HPE 5800 is assigned a maximum of four mirroring resources. Therefore, a port, when serving as a unidirectional source port, can be added to up to four mirroring groups.
Page 106
Either you can configure the egress port for a mirroring group in system view, or you can assign the current port to it as the egress port in interface view. The two configuration methods lead to the same result. When you configure the egress port for the remote source group, follow these guidelines: •...
Step Command Remarks mirroring-group group-id By default, no remote probe 2. Configure the remote probe remote-probe vlan VLAN is configured for a remote VLAN. rprobe-vlan-id source group. Configuring a remote destination group (on the destination device) To configure a remote destination group, make the following configurations on the destination device: Creating a remote destination group Step...
Step Command Remarks 3. Configure the current port as By default, a port does not serve [ mirroring-group group-id ] the monitor port for a remote as the monitor port for any remote monitor-port destination group. destination group. Configuring the remote probe VLAN for a remote destination group When you configure the remote probe VLAN for the remote destination group, follow these guidelines: •...
Layer 3 remote port mirroring configuration task list To configure Layer 3 remote port mirroring, create a local mirroring group on the source device as well as on the destination device, and configure source ports/CPUs and the monitor port for each mirroring group.
A source port on the HPE 5800 is assigned a maximum of four mirroring resources. Therefore, a port, when serving as a unidirectional source port, can be added to up to four mirroring groups.
Step Command Remarks mirroring-group group-id 2. Configure source mirroring-cpu slot By default, no source CPU is configured for CPUs for a local slot-number-list { both | inbound | a local mirroring group. mirroring group. outbound } NOTE: A mirroring group can contain multiple source CPUs. Configuring the monitor port for a local mirroring group CAUTION: Do not enable the spanning tree feature on the monitor port.
Step Command Remarks 3. Configure the current port as By default, a port does not serve [ mirroring-group group-id ] the monitor port for a local as the monitor port for any local monitor-port mirroring group. mirroring group. Configuration restrictions and guidelines •...
Local port mirroring configuration example Network requirements On the network shown in Figure • Device A connects to the marketing department through GigabitEthernet 1/0/1 and to the technical department through GigabitEthernet 1/0/2. It connects to the server through GigabitEthernet 1/0/3. •...
mirroring CPU: monitor port: GigabitEthernet1/0/3 After the configurations are completed, you can monitor all packets received and sent by the marketing department and the technical department on the server. Local port mirroring with multiple monitor ports configuration example Network requirements As shown in Figure 38, Dept.
[DeviceA] mirroring-group 1 remote-probe vlan 10 Layer 2 remote port mirroring configuration example Network requirements As shown in Figure 39, configure Layer 2 remote port mirroring to enable the server to monitor the bidirectional traffic of the marketing department. Figure 39 Network diagram Configuration procedure Configure Device A (the source device): # Create a remote source group.
Page 116
[DeviceB] vlan 2 # Disable MAC address learning for the remote probe VLAN. [DeviceB-vlan2] mac-address mac-learning disable [DeviceB-vlan2] quit # Configure GigabitEthernet 1/0/1 as a trunk port that permits the packets from VLAN 2 to pass through. [DeviceB] interface gigabitethernet 1/0/1 [DeviceB-GigabitEthernet1/0/1] port link-type trunk [DeviceB-GigabitEthernet1/0/1] port trunk permit vlan 2 [DeviceB-GigabitEthernet1/0/1] quit...
Layer 3 remote port mirroring configuration example Network requirements As shown in Figure 40, configure Layer 3 remote port mirroring and create a GRE tunnel to enable the server to monitor the bidirectional traffic of the marketing department through a GRE tunnel. Figure 40 Network diagram Configuration procedure Configure IP addresses and subnet masks for related ports and the tunnel interfaces according...
[DeviceA-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [DeviceA-ospf-1-area-0.0.0.0] network 50.1.1.0 0.0.0.255 [DeviceA-ospf-1-area-0.0.0.0] quit [DeviceA-ospf-1] quit # Create local mirroring group 1. [DeviceA] mirroring-group 1 local # Configure GigabitEthernet1/0/1 as a source port and Tunnel 0 as the monitor port of local mirroring group 1. [DeviceA] mirroring-group 1 mirroring-port gigabitethernet 1/0/1 both [DeviceA] mirroring-group 1 monitor-port tunnel 0 Enable the OSPF protocol on Device B (the intermediate device).
Page 119
# Create local mirroring group 1. [DeviceC] mirroring-group 1 local # Configure GigabitEthernet 1/0/1 as a source port and GigabitEthernet 1/0/2 as the monitor port of local mirroring group 1. [DeviceC] mirroring-group 1 mirroring-port gigabitethernet 1/0/1 inbound [DeviceC] mirroring-group 1 monitor-port gigabitethernet 1/0/2 # Disable the spanning tree feature on the monitor port GigabitEthernet 1/0/2.
Configuring flow mirroring This chapter describes how to configure flow mirroring. Overview Flow mirroring copies specified packets to a specified destination for analysis and monitoring. Flow mirroring is implemented through QoS policies. You can use flow mirroring to flexibly classify packets by defining match criteria and obtain accurate statistics.
In a traffic behavior, you can configure only one type of flow mirroring. Mirroring traffic to an interface On an HPE 5800 switch, you can configure actions of mirroring matching packets to up to four ports in a traffic behavior. On an HPE 5820X switch, you can configure actions of mirroring matching packets to two ports in a traffic behavior.
Step Command Remarks By default, no mirroring action is configured for a traffic behavior. mirror-to interface interface-type To configure actions of mirroring interface-number [ destination-ip matching packets to multiple Configure the action of destination-ip-address source-ip ports, execute this command mirroring traffic to an source-ip-address [ dscp multiple times.
To apply a QoS policy to an interface: Step Command Remarks 1. Enter system view. system-view • Enter interface view: Use one method. interface interface-type Settings in interface view take interface-number 2. Enter interface view or port effect on the current interface. •...
Step Command 1. Enter system view. system-view 2. Enter control plane view. control-plane slot slot-number 3. Apply a QoS policy to the control plane. qos apply policy policy-name inbound For more information about the control-plane and qos apply policy commands, see ACL and QoS Command Reference.
Page 125
Figure 41 Network diagram Configuration procedure Monitor the traffic sent by the technical department to access the Internet: # Create ACL 3000 to allow packets from the technical department (on subnet 192.168.2.0/24) to access the Internet. <DeviceA> system-view [DeviceA] acl number 3000 [DeviceA-acl-adv-3000] rule permit tcp source 192.168.2.0 0.0.0.255 destination-port eq www [DeviceA-acl-adv-3000] quit...
Page 126
[DeviceA] acl number 3001 [DeviceA-acl-adv-3001] rule permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255 time-range work [DeviceA-acl-adv-3001] quit # Create traffic class mkt_c, and configure the match criterion as ACL 3001. [DeviceA] traffic classifier mkt_c [DeviceA-classifier-mkt_c] if-match acl 3001 [DeviceA-classifier-mkt_c] quit # Create traffic behavior mkt_b, and configure the action of mirroring traffic to port GigabitEthernet 1/0/3.
Configuring NQA This chapter provides an overview of NQA configuration. Overview Network quality analyzer (NQA) allows you to monitor link status, measure network performance, verify the service levels for IP services and applications, and troubleshoot network problems. NQA provides the following types of operations. •...
Figure 43 Collaboration Application modules Detection module VRRP Associates with a Associates with detection entry a track entry Track Static routing module Sends the Sends the track detection result entry status Policy-based routing The following describes how a static route destined for 192.168.0.88 is monitored through collaboration.
Task Remarks Required for NQA operation types of TCP, UDP echo, UDP Configuring the NQA server jitter, and voice. Complete these tasks to configure the NQA client: Task Remarks Enabling the NQA client Required. Configuring an ICMP echo operation Configuring a DHCP operation Configuring a DNS operation Configuring an FTP operation Configuring an HTTP operation...
Step Command Remarks • Approach 1: nqa server tcp-connect ip-address port-number Configure a listening service. Use at least one approach. • Approach 2: nqa server udp-echo ip-address port-number Configure the ToS value in Optional. nqa server { tcp-connect | the packet sent by the TCP udp-echo } tos tos By default, the ToS value is 0.
Step Command Remarks Optional. Configure the string to be By default, the string is the filled in the payload of each data-fill string hexadecimal number ICMP echo request. 00,010,203,040,506,070,809. Optional. Specify the VPN where the vpn-instance vpn-instance-name By default, the operation is operation is performed.
Configuring a DNS operation A DNS operation measures the time the NQA client uses to translate a domain name into an IP address through a DNS server. A DNS operation simulates domain name resolution and does not save the obtained DNS entry. To configure a DNS operation: Step Command...
Step Command Remarks By default, no source IP address is specified. Configure the source IP The source IP address must be address of FTP request source ip ip-address the IP address of a local interface. packets. The local interface must be up. Otherwise, no FTP requests can be sent.
Step Command Remarks Optional. By default, the operation type for Configure the operation operation { get | post } the HTTP is get, which means type. obtaining data from the HTTP server. Specify the destination url url website URL. Optional. Specify the HTTP version.
Step Command Remarks By default, no destination IP address is configured. Configure the destination The destination IP address must destination ip ip-address address of UDP packets. be the same as that of the listening service on the NQA server. By default, no destination port number is configured.
Step Command Remarks Specify the SNMP type and type snmp enter its view. Configure the destination By default, no destination IP destination ip ip-address address of SNMP packets. address is configured. Optional. Specify the source port of source port port-number By default, no source port number SNMP packets.
Step Command Remarks Optional. By default, no source IP address is specified. Configure the source IP The source IP address must be source ip ip-address address of TCP packets. the IP address of a local interface. The local interface must be up. Otherwise, no TCP packets can be sent out.
Step Command Remarks Optional. By default, no source IP address is specified. Configure the source IP The source IP address must be source ip ip-address address of UDP packets. that of an interface on the device and the interface must be up. Otherwise, no UDP packets can be sent out.
Page 139
Step Command Remarks Enter system view. system-view Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation operation-tag created. view. Specify the voice type and type voice enter its view. By default, no destination IP address is configured.
Step Command Remarks 14. Configure how long the NQA client waits for a response Optional. probe packet-timeout from the server before it packet-timeout The default is 5000 milliseconds. regards the response as timed out. Configuring a DLSw operation A DLSw operation measures the response time of a DLSw device. To configure a DLSw operation: Step Command...
Step Command Remarks Optional. By default, the interval is 0 milliseconds. Only one operation Specify the interval at which frequency interval is performed. the NQA operation repeats. If the operation is not completed when the interval expires, the next operation does not start. Optional.
Step Command Remarks reaction item-number Not configured by default. checked-element probe-fail Configure a reaction entry. threshold-type consecutive You cannot modify the content of consecutive-occurrences an existing reaction entry. action-type trigger-only Exit to system view. quit See High Availability Associate Track with NQA. Configuration Guide.
Page 143
• In voice operation view, the reaction trap command supports only the test-complete keyword. Configuration procedure To configure threshold monitoring: Step Command Remarks Enter system system-view view. Create an NQA By default, no operation and nqa entry admin-name operation-tag NQA operation is enter NQA created.
Page 144
Step Command Remarks • Enable sending traps to the NMS when specified conditions are met: reaction trap { probe-failure consecutive-probe-failures | test-complete | test-failure cumulate-probe-failures } • Configure a reaction entry for monitoring the duration of an NQA operation (not supported for UDP jitter and voice operations): reaction item-number checked-element probe-duration threshold-type { accumulate...
Configuring the NQA statistics function NQA collects statistics for an operation in a statistics group. To view information about the statistics groups, use the display nqa statistics command. To set the interval for collecting statistics, use the statistics interval command. If a new statistics group is to be saved when the number of statistics groups reaches the upper limit, the oldest statistics group is deleted.
Step Command Remarks Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation operation-tag created. view. type { dhcp | dlsw | dns | ftp | http | Enter NQA operation type icmp-echo | snmp | tcp | udp-echo view.
Displaying and maintaining NQA Task Command Remarks display nqa history [ admin-name Display history records of NQA operation-tag ] [ | { begin | exclude | Available in any view. operations. include } regular-expression ] display nqa reaction counters Display the current monitoring [ admin-name operation-tag [ item-number ] ] Available in any view.
Page 148
Configuration procedure # Assign each interface an IP address. (Details not shown.) # Configure static routes or a routing protocol to make sure that the devices can reach each other. (Details not shown.) # Create an ICMP echo operation, and specify 10.2.2.2 as the destination IP address. <DeviceA>...
NQA entry (admin admin, tag test1) history record(s): Index Response Status Time Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.2 Succeeded 2011-08-23 15:00:01.1 Succeeded 2011-08-23 15:00:01.1 Succeeded 2011-08-23 15:00:01.1 Succeeded 2011-08-23 15:00:01.1 The output shows that the packets sent by Device A can reach Device B through Device C.
Last succeeded probe time: 2011-11-22 09:56:03.2 Extended results: Packet loss in test: 0% Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the DHCP operation.
[DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the DNS operation after a period of time. [DeviceA] undo nqa schedule admin test1 # Display the results of the DNS operation. [DeviceA] display nqa result admin test1 NQA entry (admin admin, tag test1) test results: Destination IP address: 10.2.2.2 Send operation times: 1 Receive response times: 1...
Page 152
[DeviceA] nqa entry admin test1 [DeviceA-nqa-admin-test1] type ftp # Specify the IP address of the FTP server 10.2.2.2 as the destination IP address. [DeviceA-nqa-admin-test1-ftp] destination ip 10.2.2.2 # Specify 10.1.1.1 as the source IP address. [DeviceA-nqa-admin-test1-ftp] source ip 10.1.1.1 # Set the FTP username to admin, and the password to systemtest. [DeviceA-nqa-admin-test1-ftp] username admin [DeviceA-nqa-admin-test1-ftp] password simple systemtest # Configure the device to upload the file config.txt to the FTP server.
HTTP operation configuration example Network requirements As shown in Figure 48, configure an HTTP operation on the NQA client to test the time required to obtain data from the HTTP server. Figure 48 Network diagram Configuration procedure # Assign each interface an IP address. (Details not shown.) # Configure static routes or a routing protocol to make sure that the devices can reach each other.
Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: Packet(s) arrived late: 0 # Display the history records of the HTTP operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history record(s): Index...
Page 155
# Start the UDP jitter operation. [DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the UDP jitter operation after a period of time. [DeviceA] undo nqa schedule admin test1 # Display the results of the UDP jitter operation. [DeviceA] display nqa result admin test1 NQA entry (admin admin, tag test1) test results: Destination IP address: 10.2.2.2...
Start time: 2011-05-29 13:56:14.0 Life time: 47 seconds Send operation times: 410 Receive response times: 410 Min/Max/Average round trip time: 1/93/19 Square-Sum of round trip time: 206176 Extended results: Packet loss in test: 0% Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0...
Page 157
Configuration procedure Assign each interface an IP address. (Details not shown.) Configure static routes or a routing protocol to make sure that the devices can reach each other. (Details not shown.) Configure Device B: # Set the SNMP version to all. <DeviceB>...
The output shows that Device A uses 50 milliseconds to receive a response from the SNMP agent. TCP operation configuration example Network requirements As shown in Figure 51, configure a TCP operation to test the time the NQA client uses to establish a TCP connection to the NQA server on Device B.
Last succeeded probe time: 2011-11-22 10:27:25.1 Extended results: Packet loss in test: 0% Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the TCP operation.
# Enable the saving of history records. [DeviceA-nqa-admin-test1-udp-echo] history-record enable [DeviceA-nqa-admin-test1-udp-echo] quit # Start the UDP echo operation. [DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the UDP echo operation after a period of time. [DeviceA] undo nqa schedule admin test1 # Display the results of the UDP echo operation.
Page 161
# Enable the NQA server. <DeviceB> system-view [DeviceB] nqa server enable # Configure a listening service to listen on IP address 10.2.2.2 and UDP port 9000. [DeviceB] nqa server udp-echo 10.2.2.2 9000 Configure Device A: # Create a voice operation. <DeviceA>...
Page 162
Negative SD square sum: 53655 Negative DS square sum: 1691776 One way results: Max SD delay: 343 Max DS delay: 985 Min SD delay: 343 Min DS delay: 985 Number of SD delay: 1 Number of DS delay: 1 Sum of SD delay: 343 Sum of DS delay: 985 Square sum of SD delay: 117649 Square sum of DS delay: 970225...
Sum of SD delay: 1390 Sum of DS delay: 1079 Square sum of SD delay: 483202 Square sum of DS delay: 973651 SD lost packet(s): 0 DS lost packet(s): 0 Lost packet(s) for unknown reason: 0 Voice scores: Max MOS value: 4.38 Min MOS value: 4.38 Max ICPIF value: 0 Min ICPIF value: 0...
Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the DLSw operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history record(s): Index Response...
[SwitchA-nqa-admin-test1-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [SwitchA-nqa-admin-test1-icmp-echo] quit # Start the ICMP operation. [SwitchA] nqa schedule admin test1 start-time now lifetime forever Create track entry 1, and associate it with reaction entry 1 of the NQA operation on Switch A. [SwitchA] track 1 nqa entry admin test1 reaction 1 Verifying the configuration # On Switch A, display information about all track entries.
Page 166
Destination/Mask Proto Cost NextHop Interface 10.2.1.0/24 Direct 0 10.2.1.2 Vlan3 10.2.1.2/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 The output shows that the static route does not exist, and the status of the track entry is negative.
Configuring sFlow Sampled Flow (sFlow) is a traffic monitoring technology. As shown in Figure 56, the sFlow system involves an sFlow agent embedded in a device and a remote sFlow collector. The sFlow agent collects interface counter information and packet content information and encapsulates the sampled information in sFlow packets.
Configuring the sFlow agent and sFlow collector information Step Command Remarks Enter system system-view view. Optional. Not specified by default. The device periodically checks whether the sFlow agent has an IP address. If the sFlow agent has no IP address configured, the device automatically selects an interface IP address Configure an for the sFlow agent but does not save the IP address.
Step Command Remarks Optional. Set the maximum number of The default setting is 128 bytes. bytes of a packet (starting sflow flow max-header length Hewlett Packard Enterprise from the packet header) that recommends using the default flow sampling can copy. value.
Page 170
Figure 57 Network diagram Configuration procedure Configure the sFlow agent and sFlow collector information: # Configure the IP address 3.3.3.1/16 for GigabitEthernet 1/0/3. <Device> system-view [Device] interface GigabitEthernet 1/0/3 [Device-GigabitEthernet1/0/3] ip address 3.3.3.1 16 [Device-GigabitEthernet1/0/3] quit # Configure the IP address for the sFlow agent. [Device] sflow agent ip 3.3.3.1 # Specify sFlow collector ID 2, IP address 3.3.3.2, and description of netserver for the sFlow collector.
6343 1400 6343 1400 6343 1400 6343 1400 6343 1400 6343 1400 sFlow Port Information: Interface CID Interval(s) FID MaxHLen Rate Mode Status GE1/0/1 4000 Random Active The output shows that GigabitEthernet 1/0/1 enabled with sFlow is active, the counter sampling interval is 120 seconds, and the packet sampling interval is 4000.
Configuring NetStream This chapter describes how to configure NetStream. Hardware compatibility The HPE 5820X Switch Series does not support NetStream. Overview Conventional ways to collect traffic statistics, like SNMP and port mirroring, cannot provide precise network management because of inflexible statistical methods or the high cost of required dedicated servers.
• NSC—Usually a program running in UNIX or Windows. The NSC parses the packets sent from the NDE, and then it stores the statistics to the database for the NDA. The NSC gathers the data from multiple NDEs, and then it filters and aggregates the total received data. •...
Page 174
Aggregation data export NetStream aggregation merges the flow statistics according to the aggregation criteria of an aggregation mode, and it sends the summarized data to the NetStream server. This process is the NetStream aggregation data export, which uses less bandwidth than traditional data export. For example, the aggregation mode configured on the NDE is protocol-port, which means that it aggregates statistics about flow entries by protocol number, source port, and destination port.
• If enormous traffic flows are on the network, configure NetStream sampling. • Decide which export format is used for NetStream data export. • Configure the timer for NetStream flow aging. • To reduce the bandwidth consumption of NetStream data export, configure NetStream aggregation.
Step Command Remarks Enter system view. system-view Enter Layer 2 or Layer 3 interface interface-type Ethernet interface view. interface-number Enable NetStream on ip netstream { inbound | outbound } Disabled by default. the interface. Configuring NetStream filtering and sampling Before you configure NetStream filtering and sampling, use the ip netstream command to enable NetStream.
Step Command Quit the class view. quit Create a traffic behavior and enter its view. traffic behavior behavior-name Configure the NetStream filtering action for a netstream filter { deny | permit } traffic behavior. Quit the traffic behavior view. quit Create a policy and enter its view.
Configuring NetStream data export To allow the NDE to export collected statistics to the NetStream server, configure the source interface out of which the data is sent and the destination address to which the data is sent. Configuring traditional data export Step Command Remarks...
Page 180
aggregation view are not provided, the configurations in system view apply to the aggregation data export. • The aging of NetStream hardware aggregation entries is exactly the same as the aging of NetStream traditional data entries. • The NetStream hardware aggregation data export and NetStream traditional data export are mutually exclusive.
Configuring attributes of NetStream data export Step Command Remarks Enter system view. system-view Optional. Configure the version ip netstream export version { 5 | for NetStream export By default, NetStream traditional data format. export uses version 5. Configuring the refresh rate for NetStream version 9 templates Version 9 is template-based and supports user-defined formats, so the NetStream-enabled device needs to resend a new template to the NetStream server for an update.
Periodical aging Periodical aging uses the following methods: • Inactive flow aging—A flow is considered inactive if no packet for this NetStream entry arrives in the time specified by the ip netstream timeout inactive command. The inactive flow entry remains in the cache until the inactive timer expires. Then the inactive flow is aged out and its statistics, which can no longer be displayed by the display ip netstream cache command, are sent to the NetStream server.
Task Command Remarks Display information about NetStream display ip netstream export [ | { begin | Available in any exclude | include } regular-expression ] data export. view. display ip netstream template [ slot Display the configuration and status of Available in any slot-number ] [ | { begin | exclude | the NetStream flow record templates.
Page 184
• Device A exports NetStream traditional data in version 5 export format to port 5000 of the NetStream server at 4.1.1.1/16. • Device A performs NetStream aggregation in the modes of protocol-port, source-prefix, destination-prefix, and prefix. Use the version 8 export format to send the aggregation data of different modes to the destination address at 4.1.1.1, with UDP ports 3000, 4000, 6000, and 7000, respectively.
Page 185
[DeviceA-ns-aggregation-dstpre] ip netstream export host 4.1.1.1 6000 [DeviceA-ns-aggregation-dstpre] quit # Configure the aggregation mode as prefix, and in aggregation view, configure the destination address and destination UDP port number for the NetStream prefix aggregation data export. [DeviceA] ip netstream aggregation prefix [DeviceA-ns-aggregation-prefix] enable [DeviceA-ns-aggregation-prefix] ip netstream export host 4.1.1.1 7000 [DeviceA-ns-aggregation-prefix] quit...
Configuring IPv6 NetStream This chapter describes how to configure IPv6 NetStream. Hardware compatibility The HPE 5820X Switch Series does not support IPv6 NetStream Overview Legacy ways to collect traffic statistics, like SNMP and port mirroring, cannot provide precise network management because of inflexible statistical methods or the high cost of required dedicated servers.
• NSC—Usually a program running in UNIX or Windows. The NSC parses the packets sent from the NDE, and then it stores the statistics to the database for the NDA. The NSC gathers the data from multiple NDEs. • NDA—A tool for analyzing network traffic. The NDA collects statistics from the NSC, performs further processing, and then generates various reports for applications of traffic billing, network planning, and attack detection and monitoring.
The data includes statistics about each flow. However, this method consumes more bandwidth and CPU than the aggregation method, and it requires a large cache size. In most cases, not all statistics are necessary for analysis. Aggregation data export IPv6 NetStream aggregation merges the flow statistics according to the aggregation criteria of an aggregation mode, and it sends the summarized data to the IPv6 NetStream server.
Task Remarks Select a command as required. Configuring IPv6 NetStream aggregation data export Configuring attributes of IPv6 NetStream data export Optional. Enabling IPv6 NetStream on an interface Step Command Remarks Enter system view. system-view Enter Layer 2 or Layer 3 interface interface-type Ethernet interface view.
Configuring IPv6 NetStream aggregation data export IPv6 NetStream aggregation can be implemented by software or hardware. The term of NetStream aggregation refers to the implementation by software, unless otherwise noted. IPv6 NetStream hardware aggregation directly merges the statistics about data flows at the hardware layer according to the aggregation criteria of the specified aggregation mode, and it stores the data in the cache.
Step Command Remarks Optional. By default, the interface connecting to the NetStream server is used as the source interface. • Source interfaces in different Configure the source aggregation views can be different. interface for IPv6 ipv6 netstream export source • If no source interface is configured NetStream interface interface-type...
Task Command Remarks display ipv6 netstream cache Display the IPv6 NetStream entry Available in any [ verbose ] [ slot slot-number ] [ | { begin information in the cache. view. | exclude | include } regular-expression ] display ipv6 netstream export [ | Display information about IPv6 NetStream Available in any { begin | exclude | include }...
IPv6 NetStream aggregation data export configuration example Network requirements As shown in Figure 64, configure IPv6 NetStream on Device A to meet the following requirements: • Device A exports IPv6 NetStream traditional data to port 5000 of the NetStream server at 4.1.1.1/16.
Page 194
[DeviceA-ns6-aggregation-srcpre] quit # Configure the aggregation mode as destination-prefix, and in aggregation view, configure the destination address and destination UDP port number for the IPv6 NetStream destination-prefix aggregation data export. [DeviceA] ipv6 netstream aggregation destination-prefix [DeviceA-ns6-aggregation-dstpre] enable [DeviceA-ns6-aggregation-dstpre] ipv6 netstream export host 4.1.1.1 6000 [DeviceA-ns6-aggregation-dstpre] quit # Configure the aggregation mode as prefix, and in aggregation view, configure the destination address and the destination UDP port number for the IPv6 NetStream prefix aggregation data...
For more information about NetStream, see "Configuring NetStream" NOTE: • The device supports only the fixed mode. • The HPE 5820X Switch Series does not support a sampler. Configuration procedure To configure a sampler: Step Command Remarks Enter system view.
Sampler configuration example Network requirements As shown in Figure 65, configure IPv4 NetStream on Device to collect statistics on incoming and outgoing traffic on GigabitEthernet 1/0/2. The NetStream data is sent to port 5000 on the NSC at 12.110.2.2/16. Configure fixed sampling in the inbound direction to select the first packet out of 256 packets.
Configuring IPC This chapter provides an overview of IPC and describes the IPC monitoring commands. Overview Inter-Process Communication (IPC) provides a reliable communication mechanism among processing units, typically CPUs. IPC is typically used on a distributed device or in an IRF fabric to provide reliable inter-card or inter-device transmission.
Figure 66 Relationship between a node, link and channel Packet sending modes IPC uses one of the following modes to send packets for upper layer application modules: • Unicast—One node sends packets to another node. • Multicast—One node sends packets to multiple nodes. This mode includes broadcast, a special multicast.
Displaying and maintaining IPC Task Command Remarks display ipc node [ | { begin | exclude | include } Display IPC node information. Available in any view. regular-expression ] display ipc channel { node Display channel information for a node-id | self-node } [ | { begin | Available in any view.
Configuring PoE Overview IEEE 802.3af-compliant power over Ethernet (PoE) enables a power sourcing equipment (PSE) to supply power to powered devices (PDs) through Ethernet interfaces over straight-through twisted pair cables. Examples of PDs include IP telephones, wireless APs, portable chargers, card readers, Web cameras, and data collectors.
Complete these tasks to configure PoE: Task Remarks Enabling PoE for a PoE interface Required. Detecting PDs: • Enabling the PSE to detect nonstandard PDs Optional. • Configuring a PD disconnection detection mode Optional. Configuring the maximum PoE interface power Optional.
To enable PoE for a PoE interface: Step Command Remarks Enter system view. system-view interface interface-type Enter PoE interface view. interface-number Enable PoE for the PoE By default, this function is poe enable interface. disabled. Optional. Configure a description for By default, no description for the the PD connected to the PoE poe pd-description text...
Configuring the maximum PoE interface power The maximum PoE interface power is the maximum power that the PoE interface can provide to the connected PD. If the PD requires more power than the maximum PoE interface power, the PoE interface does not supply power to the PD. To configure the maximum PSE power: Step Command...
Step Command Remarks Enter system view. system-view Configure PoE interface By default, this policy is not power management priority poe pd-policy priority configured. policy. interface interface-type Enter PoE interface view. interface-number Optional. Configure the power supply poe priority { critical | high | By default, low is the power priority for a PoE interface.
The device supports multiple PoE profiles. You can define PoE configurations based on each PD, save the configurations for different PDs into different PoE profiles, and apply the PoE profiles to the access interfaces of PDs accordingly. Configuring a PoE profile If a PoE profile is applied, it cannot be deleted or modified before you cancel its application.
Step Command Apply the PoE profile to the current PoE apply poe-profile { index index | name interface. profile-name } Upgrading PSE processing software in service You can upgrade the PSE processing software in service in either of the following two modes: •...
Task Command Remarks Display the configurations and display poe-profile [ index index | name profile-name ] [ | { begin | exclude | include } applications of the PoE Available in any view. profile. regular-expression ] Display all information about the configurations and display poe-profile interface interface-type applications of the PoE profile...
[Sysname-GigabitEthernet1/0/3] poe priority critical [Sysname-GigabitEthernet1/0/3] quit # Enable PoE on GigabitEthernet 1/0/11 and GigabitEthernet 1/0/12, and configure the maximum power of GigabitEthernet 1/0/12 as 9000 milliwatts. [Sysname] interface gigabitethernet 1/0/11 [Sysname-GigabitEthernet1/0/11] poe enable [Sysname-GigabitEthernet1/0/11] quit [Sysname] interface gigabitethernet 1/0/12 [Sysname-GigabitEthernet1/0/12] poe enable [Sysname-GigabitEthernet1/0/12] poe max-power 9000 After the configuration takes effect, the IP telephones and AP devices are powered and can work normally.
Page 209
Solution You can drop the AC input undervoltage threshold below the AC input overvoltage threshold.
The basic CWMP network elements include: • ACS—Autoconfiguration server, the management device in the network. In this document, ACS refers to a server installed with the HPE IMC BIMS system. • CPE—Customer premises equipment, the managed device in the network.
Basic CWMP functions Automatic configuration file deployment The network administrator can create different configuration files on the ACS for access switches according to their service functions to realize fast configuration. After a connection is established between the ACS and a CPE, the ACS determines the type of the CPE and delivers the corresponding configuration file to the CPE.
• CPE address (ConnectionRequestURL) • CPE username (ConnectionRequestUsername) • CPE password (ConnectionRequestPassword) CWMP mechanism Autoconnection between ACS and CPE At the first startup, a CPE automatically obtains the following settings from the DHCP server, in addition to an IP address: •...
Page 213
RPC methods CWMP provides the following major remote procedure call methods for an ACS to manage or monitor a CPE: • Get—The ACS gets the value of one or more parameters from the CPE. • Set—The ACS sets the value of one or more parameters on the CPE. •...
When accessed by the CPE, the DHCP server sends the ACS parameters in DHCP Option 43 to the CPE. If the DHCP server is an HPE switch that supports DHCP Option 43, you can configure the ACS parameters at the CLI with the command option 43 hex 01length URL username password,...
• length is a hexadecimal string that indicates the total length of the URL username password arguments. No space is allowed between the 01 keyword and the length value. • URL is the ACS address. • username is the ACS username. •...
Configuring the ACS URL You can assign only one ACS to a CPE and the ACS URL you configured overwrites the old one, if any. To configure the ACS URL: Step Command Remarks Enter system view. system-view Enter CWMP view. cwmp By default, no ACS URL is Configure the ACS URL.
Step Command Remarks Enter system view. system-view Enter CWMP view. cwmp Configure the CPE By default, no CPE username is username for connection to cwmp cpe username username configured for connection to the the CPE. CPE. Optional. You can specify a username without a password that is used in Configure the CPE the authentication.
Step Command Remarks Optional. Configure the interval cwmp cpe inform interval By default, the CPE sends an between sending the Inform seconds Inform message every 600 messages. seconds. To configure the CPE to send an Inform message at a specific time: Step Command Remarks...
Step Command Remarks Optional. Configure the timeout value cwmp cpe wait timeout seconds of the CPE close-wait timer. The default setting is 30 seconds. Configuring the CPE working mode Configure the device to operate in one of the following CPE modes depending on its position in the network: •...
CWMP configuration example Configuration guidelines Before configuring the ACS server, make sure the HPE IMC BIMS software is installed on the server. The BIMS functions and web interface might change along with software updates. If your web interface is different from that in this example, see the user manual came with your server.
Configuration procedure Configuring the ACS server ACS server configuration includes the following tasks: • Setting the username and password for accessing the ACS server. • Adding information about CPEs and divide CPEs into different groups. • Binding configuration files to different CPE groups. Other configurations on the ACS server keep their default value.
Page 223
b. Select Group Management > Device Group from the navigation tree to enter the device group page. c. Click Add to enter the page for adding a device group. Figure 74 Add Device Group page d. Set the group name and click OK. Add a device class: a.
Page 224
Figure 76 Add Device page b. Input device information and click OK. Figure 77 Adding device succeeded Repeat the previous steps to add information about DeviceB and DeviceC to the ACS server, and the adding operation of switches in equipment room A is completed. Bind different configuration files to different CPE groups to realize auto-deployment: a.
Page 225
Figure 78 Deployment Guide page Select the configuration file to be deployed and set it as the startup configuration as the deployment strategy on the Auto Deploy Configuration page. Figure 79 Auto Deploy Configuration page Click Select Class and enter the page for selecting device type.
Page 226
Figure 80 Selecting a device class Select the Device_A device class and click OK, and the auto deploy configuration page appears. Click OK to complete the task. Figure 81 Deploying task succeeded Configuration of the switches in room B is the same as that of the switches in room A except that you need to perform the following configuration: •...
Page 227
Configuring the DHCP server In this example, the DHCP server is an HPE switch supporting the Option 43 function. If your DHCP server is not an HPE switch supporting the Option 43 function, see the user manual came with your server.
Configuring cluster management Cluster management is supported only in non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. Cluster management overview Why cluster management Cluster management enables managing large numbers of dispersed network devices in groups and offers the following advantages: •...
Figure 83 Network diagram Network manager 69.110.1.1/24 IP network Administrator 69.110.1.100/24 Member Cluster Member Member Candidate As shown in Figure 83, the device configured with a public IP address and performing the management function is the management device, the other managed devices are member devices, and the device that does not belong to any cluster but can be added to a cluster is a candidate device.
Page 231
Introduction to NDP NDP is used to discover the information about directly connected neighbors, including the device name, software version, and connecting port of the adjacent devices. NDP works in the following ways: • A device running NDP periodically sends NDP packets to its neighbors. An NDP packet carries NDP information (including the device name, software version, and connecting port, etc.) and the holdtime, which indicates how long the receiving devices will keep the NDP information.
Page 232
You should specify the management device before creating a cluster. The management device discovers and defines a candidate device through NDP and NTDP protocols. The candidate device can be automatically or manually added to the cluster. After the candidate device is added to the cluster, it can obtain the member number assigned by the management device and the private IP address used for cluster management.
Management VLAN The management VLAN is a VLAN used for communication in a cluster; it limits the cluster management range. Through configuration of the management VLAN, the following functions can be implemented: • Management packets (including NDP, NTDP and handshake packets) are restricted within the management VLAN, therefore isolated from other packets, which enhances security.
Task Remarks Cluster member management Optional Enabling NDP Required Enabling NTDP Required Configuring the Manually collecting topology information Optional member devices Enabling the cluster function Required Deleting a member device from a cluster Optional Configuring access between the management device and its member Optional devices Adding a candidate device to a cluster...
Step Command Remarks • In system view: ndp enable interface interface-list • Use either command. In Ethernet interface view or Layer 2 Enable the NDP aggregate interface view: By default, NDP is Disabled feature for the port(s). interface interface-type globally and also on all ports. interface-number ndp enable NOTE:...
Step Command Remarks Optional. Enable NTDP for the port. ntdp enable NTDP is Disabled on all ports by default. NOTE: You are recommended to disable NTDP on the port which connects with the devices that do not need to join the cluster, preventing the management device from adding the device which needs not to join the cluster and collecting the topology information of this device.
addition, you can configure to manually initiate topology information collection on the management device or NTDP-enabled device, thus managing and monitoring devices in real time, regardless of whether a cluster is created. To configure to manually collect topology information: Task Command Remarks Manually collect topology...
Step Command Remarks • Manually establish a cluster: build cluster-name Use either method. Establish a cluster. • Automatically establish a By default, the device is not the cluster: management device. auto-build [ recover ] CAUTION: Handshake packets use UDP port 40000. For a cluster to be established successfully, make sure that the port is not in use before establishing it.
the holdtime, it changes the state of the member device to Disconnect. When the communication is recovered, the member device needs to be re-added to the cluster (this process is automatically performed). • If the management device receives handshake packets from the member device within the holdtime, the state of the member device remains Active.
Cluster member management You can manually add a candidate device to a cluster, or remove a member device from a cluster. If a member device needs to be rebooted for software upgrade or configuration update, you can remotely reboot it through the management device. Adding a member device Step Command...
Enabling the cluster function ”Enabling the cluster function.” Deleting a member device from a cluster Step Command Enter system view. system-view Enter cluster view. cluster Delete a member device from the cluster. undo administrator-address Configuring access between the management device and its member devices After having successfully configured NDP, NTDP and cluster, you can configure, manage and monitor the member devices through the management device.
Adding a candidate device to a cluster To add a candidate device to a cluster: Step Command Enter system view. system-view Enter cluster view. cluster Add a candidate device to the cluster. administrator-address mac-address name name Configuring advanced cluster management functions This section covers these topics: •...
Step Command Remarks Enter cluster view. cluster Add a device to the blacklist. black-list add-mac mac-address Optional. Remove a device from the black-list delete-mac { all | Optional. blacklist. mac-address } topology accept { all [ save-to Confirm the current topology and { ftp-server | local-flash } ] | Optional.
Step Command Remarks snmp-host ip-address Configure the SNMP NM By default, no SNMP host is [ community-string read string1 host shared by the cluster. configured. write string2 ] Configure the NM interface nm-interface vlan-interface Optional. of the management device. interface-name CAUTION: To isolate management protocol packets of a cluster from packets outside the cluster, you are recommended to configure to prohibit packets from the management VLAN from passing the ports...
Configuring web user accounts in batches Configuring web user accounts in batches enables you to configure on the management device the username and password used to log in to the devices (including the management device and member devices) within a cluster through web and synchronize the configurations to the member devices in the whitelist.
Task Command Remarks display cluster current-topology [ mac-address mac-address [ to-mac-address mac-address ] | Display the current topology member-id member-number Available in any view information. [ to-member-id member-number ] ] [ | { begin | exclude | include } regular-expression ] display cluster members Display the information about [ member-number | verbose ] [ | { begin |...
Page 247
[DeviceA-GigabitEthernet1/0/1] ndp enable [DeviceA-GigabitEthernet1/0/1] quit # Enable NTDP globally and for port GigabitEthernet 1/0/1. [DeviceA] ntdp enable [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] ntdp enable [DeviceA-GigabitEthernet1/0/1] quit # Enable the cluster function. [DeviceA] cluster enable Configure the member device Device C: As the configurations of the member devices are the same, the configuration procedure of Device C is not shown.
Page 248
# Configure ports GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3 as Trunk ports and allow packets from the management VLAN to pass. [DeviceB] interface gigabitethernet 1/0/2 [DeviceB-GigabitEthernet1/0/2] port link-type trunk [DeviceB-GigabitEthernet1/0/2] port trunk permit vlan 10 [DeviceB-GigabitEthernet1/0/2] quit [DeviceB] interface gigabitethernet 1/0/3 [DeviceB-GigabitEthernet1/0/3] port link-type trunk [DeviceB-GigabitEthernet1/0/3] port trunk permit vlan 10 [DeviceB-GigabitEthernet1/0/3] quit...
Configuring packet capture The packet capture feature facilitates network problem identification. Packets captured are stored in the packet capture buffer on the device. You can display the packets at the CLI, or export them to a .pcap file and analyze them by using packet analysis software such as Ethereal or Wireshark. Configuring the packet capture function When you configure this function, follow these guidelines: •...
Step Command Remarks Optional. Stop packet capture before you display, save, or clear the buffered contents. The device automatically stops packet capture when: • The packet capture function operates in linear mode, and Stop packet capture. packet capture stop the packet capture buffer is full.
Page 251
Configuration procedure Enable the packet capture function on the switch: # Create an ACL rule for IPv4 basic ACL 2000 to permit packets with a source address in 192.168.1.0/24. <Switch> system-view [Switch] acl number 2000 [Switch-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255 [Switch-acl-basic-2000] quit [Switch] quit # Configure the switch to capture packets based on ACL 2000, and start packet capture...
Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...
Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements. Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking...
Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title, part number, edition, and publication date located on the front cover of the document. For online help...
Index A C D E F H I N O P R S T U Configuring PoE interface through PoE profile,195 Configuring SNMP basic parameters,65 Accessing Hewlett Packard Enterprise Support,245 Configuring SNMP logging,69 Accessing updates,245 Configuring SNMP traps,69 Adding a candidate device to a cluster,233 Configuring the ACS attributes,207...
Page 258
Displaying and maintaining packet capture,241 NQA configuration task list,119 Displaying and maintaining PoE,197 NTP configuration examples,25 Displaying and maintaining port mirroring,103 NTP configuration task list,15 Displaying and maintaining RMON,82 Displaying and maintaining sFlow,160 Outputting system information to a log host,46 Displaying and maintaining SNMP,72 Outputting system information to the...
Page 259
Saving security logs into the security log file,51 Saving system information to the log file,50 Tracert,3 sFlow configuration example,160 Troubleshooting PoE,199 sFlow configuration task list,158 Troubleshooting sFlow configuration,162 SNMP configuration examples,72 SNMP configuration task list,64 Upgrading PSE processing software in service,197 Switching the NM-specific interface index format,68...
Need help?
Do you have a question about the 5820X Series and is the answer not in the manual?
Questions and answers