Page 1 H3C S3610&S5510 Series Ethernet Switches Operation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: 20081229-C-1.01 Product Version: Release 5303...
Page 2 Copyright © 2006-2008, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
Page 3: About This Manual
About This Manual Related Documentation In addition to this manual, each H3C S3610&S5510 Series Ethernet Switches documentation set includes the following: Manual Description H3C S3610&S5510 Series Ethernet It is used for assisting the users in using Switches Command Manual-Release various commands.
Page 4: Table Of Contents
Part Contents Address Table Introduces MAC address forwarding table Management and the related configuration. 8 IP Source Guard Introduces IP Source Guard configuration. Introduces STP, BRDU tunnel and the related 9 MSTP configurations. Introduces IPv6 basic configuration and 10 IPv6 application, IPv6 tunneling, and so on.
Page 5 Part Contents Introduces basic configuration for file system 28 File System Management management. Introduces the configuration to analyze and 29 Information Center diagnose networks using the information center. System Maintaining Introduces daily system maintenance and Debugging debugging. Introduces related 31 NQA configuration.
Page 6 Convention Description Optional alternative items are grouped in square brackets [ x | y | ... ] and separated by vertical bars. One or none is selected. Alternative items are grouped in braces and separated by { x | y | ... } * vertical bars.
Page 7 3.3 Software Features ......................3-3 Chapter 4 Networking Applications..................... 4-1 4.1 H3C S3610 Series Ethernet Switches Networking Applications ........4-1 4.1.1 Broadband Ethernet Access for Residential Communities ........4-1 4.1.2 Application in Networks of Branches or Small- to Medium-Sized Enterprises ....4-1 4.1.3 Application in Large Enterprise and Campus Networks..........
Page 8: Chapter 1 Obtaining The Documentation
For the latest software documentation, go to the H3C website. 1.2 H3C Website To query and download the documentation for this version, go to the website of H3C with reference of the following Table. Table 1-1 Acquire product documentation from the H3C website Access the homepage of H3C at http:// www.h3c.com and click...
Page 9: Software Release Notes
Operation Manual – Product Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 Obtaining the Documentation 1.3 Software Release Notes With software upgrade, new software features may be added. You can acquire the information about the newly added software features through software release notes.
Page 10 Chapter 2 Documentation and Software Version Chapter 2 Documentation and Software Version 2.1 Software Version for the Manual H3C S3610&S5510 Series Ethernet Switches Operation Manual Release 5303 and H3C S3610&S5510 Series Ethernet Switches Command Manual Release 5303 correspond to the following software version of the S3610&S5510 series switches: Release 5303.
Page 11: Chapter 3 Product Overview
Chapter 3 Product Overview Chapter 3 Product Overview 3.1 Preface H3C S3610&S5510 Series Ethernet Switches are wire speed L2/L3 Ethernet switches developed by H3C Technology. They are intelligent network management switches intended for a network environment where high performance, dense port distribution, and ease of installation are required.
Page 12 Operation Manual – Product Overview H3C S3610&S5510 Series Ethernet Switches Chapter 3 Product Overview Power Number Number of Number of Console supply unit service 100 Mbps 1,000 Mbps Model port (PSU) ports ports uplink ports S3610-52M Up to 48×10/100 Mbps electrical ports or AC-input 48×100 Mbps SFP ports (depending on...
Page 13: Software Features
Combo ports Matching ports S5510-24P/S5510-24F 3.3 Software Features H3C S3610&S5510 series Ethernet switches provide abundant software features to meet different requirements of users. The following table lists the features of each part. Table 3-5 Features of S3610&S5510 series Ethernet switches Part...
Page 14: Mac Address Table
Operation Manual – Product Overview H3C S3610&S5510 Series Ethernet Switches Chapter 3 Product Overview Part Feature Static link aggregation using LACP (Link Aggregation 06-Link Control Protocol) Aggregation Manually created link aggregation group Configuring dynamic, static, and blackhole MAC addresses 07-MAC Address...
Page 15 Operation Manual – Product Overview H3C S3610&S5510 Series Ethernet Switches Chapter 3 Product Overview Part Feature Internet group management protocol (IGMP) Snooping Multicast listener discovery (MLD)-Snooping Internet group management protocol (IGMP) 15-Multicast Protocol Protocol-independent multicast-dense mode (PIM-DM) Protocol-independent multicast-sparse mode (PIM-SM) Multicast source discovery protocol (MSDP) 802.1x authentication...
Page 16 Operation Manual – Product Overview H3C S3610&S5510 Series Ethernet Switches Chapter 3 Product Overview Part Feature Simple network management protocol (SNMP) compatible with SNMP v1/v2 25- SNMP-RMON Remote monitoring (RMON) 26-NTP Network time protocol (NTP) Static DNS 27-DNS Dynamic DNS...
Page 17: Chapter 4 Networking Applications
Applications 4.1.1 Broadband Ethernet Access for Residential Communities On the broadband access network of a residential community, an H3C S3610 switch is located in the center. It is downlinked to Layer 2 switches (such as S3100 series) to reach the Ethernet users and uplinked to a core Layer 3 switch through a GE extension module to connect to the MAN backbone.
Page 18 Figure 4-2 H3C S3610 series application in branch network of midsize/large enterprise 4.1.3 Application in Large Enterprise and Campus Networks In a large enterprise or campus network, the H3C S3610 series are located at the convergence layer. They are downlinked to Layer 2 switches, S3100 Series for example;...
Page 19 Full IPv4 networking and full IPv6 networking are similar. At the early stage of IPv6 implementation, however, IPv4/IPv6 hybrid networks are common. This gives full play to the IPv4/IPv6 dual-stack and IPv6 over IPv4 tunneling features provided by the H3C S3610 series and enables flexible networking.
Page 20 Applications 4.2.1 Broadband Ethernet Access for Residential Communities An H3C S5510 series Ethernet switch can operate on the distribution layer of a broadband MAN. You can connect it to a backbone router or Layer 3 switch in the uplink direction through its GigabitEthernet optical ports, and connect it to Layer 2/Layer 3 devices operating as the portal devices of community networks through its GigabitEthernet optical ports.
Page 21 4.2.2 Application in Networks of Branches or Small/Medium-Sized and Large Enterprises In the branches of a small-/medium-sized or large enterprises, you can use H3C S5510 series Ethernet switches as the backbone layer devices. In this case, network devices can connect to an S5510 Ethernet switch in the following ways.
Page 22 4.2.3 Application in Large Enterprise and Campus Networks H3C S5510 series Ethernet switches can operate as the distribution layer devices in the networks of large enterprises and campus networks. In this case, you can connect...
Page 23 Full IPv4 networking and full IPv6 networking are similar. At the early stage of IPv6 implementation, however, IPv4/IPv6 hybrid networks are common. This gives full play to the IPv4/IPv6 dual-stack and IPv6 over IPv4 tunneling features provided by the H3C S5510 series and enables flexible networking.
Page 24 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Logging into an Ethernet Switch ................1-1 1.1 Logging into an Ethernet Switch ..................1-1 1.2 Introduction to the User Interface ..................1-1 1.2.1 Supported User Interfaces ..................
Page 25 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Table of Contents Chapter 4 Logging in Using Modem.................... 4-1 4.1 Introduction ........................4-1 4.2 Configuration on the Administrator Side................4-1 4.3 Configuration on the Switch Side..................4-1 4.3.1 Modem Configuration....................4-1 4.3.2 Switch Configuration ....................
Page 26: Logging Into An Ethernet Switch
VTY users. Note: As the AUX port and the Console port of a H3C series switch are the same one, you will be in the AUX user interface if you log in through this port. 1.2.2 User Interface Number Two kinds of user interface index exist: absolute user interface index and relative user interface index.
Page 27: Common User Interface Configuration
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 1 Logging into an Ethernet Switch VTY user interfaces: Numbered after AUX user interfaces and increases in the step of 1 A relative user interface index can be obtained by appending a number to the identifier of a user interface type.
Page 28 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 1 Logging into an Ethernet Switch To do… Use the command… Remarks Optional The default timeout time of a user interface is 10 minutes. With the timeout time being 10 minutes, the...
Page 29: Chapter 2 Logging In Through The Console Port
Chapter 2 Logging in Through the Console Port Chapter 2 Logging in Through the Console Port Note: The default system name of S3610&S5510 series Ethernet switches is H3C, that is, the command line prompt is H3C. All the following examples take H3C as the command line prompt.
Page 30 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Figure 2-1 Diagram for setting the connection to the Console port If you use a PC to connect to the Console port, launch a terminal emulation utility (such as Terminal in Windows 3.X or HyperTerminal in Windows 9X/Windows...
Page 31: Console Port Login Configuration
Figure 2-4 Set port parameters terminal window Turn on the switch. The user will be prompted to press the Enter key if the switch successfully completes POST (power-on self test). The prompt (such as <H3C>) appears after the user presses the Enter key.
Page 32 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Table 2-2 Common configuration of Console port login Configuration Description Optional Baud rate The default baud rate is 9,600 bps. Optional Check mode...
Page 33: Console Port Login Configurations For Different Authentication Modes
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Caution: Changing of Console port configuration terminates the connection to the Console port. To establish the connection again, you need to modify the configuration of the termination emulation utility running on your PC accordingly.
Page 34: Console Port Login Configuration With Authentication Mode Being None
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Authenticatio Console port login Description n mode configuration Optional configuration Specify to specifies Local authentication is perform local whether to performed by default.
Page 35 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port To do… Use the command… Remarks Required Configure not to authentication-mode By default, users logging in authenticate users none through the Console port are not authenticated.
Page 36 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port To do… Use the command… Remarks Optional The default history command Set the history command history-command buffer size is 10. That is, a...
Page 37 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port The screen can contain up to 30 lines. The history command buffer can contain up to 20 commands. The timeout time of the AUX user interface is 6 minutes.
Page 38: Console Port Login Configuration With Authentication Mode Being Password
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port the PC, to make the configuration consistent with that on the switch. Refer to section 2.2 “Setting Up the Connection to the Console Port”...
Page 39 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port To do… Use the command… Remarks Optional Define a shortcut key escape-key { default | The default shortcut key for aborting tasks character } combination for aborting tasks is <...
Page 40 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Scenario Command Authentication level User type Command mode The user privilege level Determined level command already by the level executed argument 2.5.2 Configuration Example I.
Page 41 [H3C-ui-aux0] authentication-mode password # Set the local password to 123456 (in plain text). [H3C-ui-aux0] set authentication password simple 123456 # Specify commands of level 2 are available to the user logging into the AUX user interface. [H3C-ui-aux0] user privilege level 2 # Set the baud rate of the Console port to 19,200 bps.
Page 42: Console Port Login Configuration With Authentication Mode Being Scheme
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port 2.6 Console Port Login Configuration with Authentication Mode Being Scheme 2.6.1 Configuration Procedure To do… Use the command… Remarks — Enter system view...
Page 43 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port To do… Use the command… Remarks Optional Set the The default baud rate of the AUX baud speed speed-value port (also the Console port) is rate 9,600 bps.
Page 44 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port To do… Use the command… Remarks Optional Set history The default history command history-command command buffer buffer size is 10. That is, a history...
Page 45 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port Table 2-6 Determine the command level Scenario Command Authentication level User type Command mode Level 0 The user privilege level level command is not executed, and...
Page 46 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port The history command buffer can store up to 20 commands. The timeout time of the AUX user interface is 6 minutes. II. Network diagram...
Page 47 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 2 Logging in Through the Console Port [H3C-ui-aux0] history-command max-size 20 # Set the timeout time of the AUX user interface to 6 minutes. [H3C-ui-aux0] idle-timeout 6 After the above configuration, to ensure a successful login, the console user needs to change the corresponding configuration of the terminal emulation program running on the PC, to make the configuration consistent with that on the switch.
Page 48: Chapter 3 Logging In Through Telnet
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Chapter 3 Logging in Through Telnet 3.1 Introduction You can telnet to a remote switch to manage and maintain the switch. To achieve this, you need to configure both the switch and the Telnet terminal properly.
Page 49: Telnet Configurations For Different Authentication Modes
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Table 3-2 Common Telnet configuration Configuration Description Optional Configure the command level available to users By default, commands of level 0 are logging into the VTY user...
Page 50 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Table 3-3 Telnet configurations for different authentication modes Authentication Telnet configuration Description mode Perform Perform Optional common common Telnet None Refer to Table 3-2. configuration...
Page 51: Telnet Configuration With Authentication Mode Being None
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet 3.2 Telnet Configuration with Authentication Mode Being None 3.2.1 Configuration Procedure To do… Use the command… Remarks — Enter system view system-view user-interface vty Enter one or more VTY —...
Page 52 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet To do… Use the command… Remarks Optional The default history command buffer size is Set the history command history-command 10. That is, a history buffer size...
Page 53 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Do not authenticate users logging into VTY 0. Commands of level 2 are available to users logging into VTY 0. Telnet protocol is supported. The screen can contain up to 30 lines.
Page 54: Telnet Configuration With Authentication Mode Being Password
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet 3.3 Telnet Configuration with Authentication Mode Being Password 3.3.1 Configuration Procedure To do… Use the command… Remarks — Enter system view system-view user-interface vty Enter one or more VTY —...
Page 55 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet To do… Use the command… Remarks Optional By default, the screen can Set the maximum number contain up to 24 lines. screen-length of lines the screen can...
Page 56 # Configure to authenticate users logging into VTY 0 using the local password. [H3C-ui-vty0] authentication-mode password # Set the local password to 123456 (in plain text). [H3C-ui-vty0] set authentication password simple 123456 # Specify commands of level 2 are available to users logging into VTY 0. [H3C-ui-vty0] user privilege level 2 # Configure Telnet protocol is supported.
Page 57: Telnet Configuration With Authentication Mode Being Scheme
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet [H3C-ui-vty0] history-command max-size 20 # Set the timeout time to 6 minutes. [H3C-ui-vty0] idle-timeout 6 3.4 Telnet Configuration with Authentication Mode Being Scheme 3.4.1 Configuration Procedure To do…...
Page 58 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet To do… Use the command… Remarks Required The specified AAA scheme Configure to determines whether to authentication-mode authenticate users authenticate users locally or scheme locally or remotely remotely.
Page 59 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet To do… Use the command… Remarks Optional The default timeout time of a user interface is 10 minutes. With the timeout time being 10 minutes, the connection to a...
Page 60 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Table 3-6 Determine the command level when users logging into switches are authenticated in the scheme mode Scenario Command Authenticat level User type Command ion mode...
Page 61 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Scenario Command Authenticat level User type Command ion mode The user privilege level level command is executed, and the Level 0 service-type command does not specify the available command level.
Page 62: Telnet Connection Establishment
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet III. Configuration procedure # Enter system view, and enable the Telnet service. <H3C> system-view [H3C] telnet server enable # Create a local user named “guest” and enter local user view.
Page 63 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 3 Logging in Through Telnet Execute the following commands in the terminal window to assign an IP address to the management VLAN interface of the switch. # Configure the IP address of the management VLAN interface to be 202.38.160.92, and .the subnet mask to be 255.255.255.0.
Page 64: Telnetting To Another Switch From The Current Switch
Step 5: Enter the password when the Telnet window displays “Login authentication” and prompts for login password. The CLI prompt (such as <H3C>) appears if the password is correct. If all VTY user interfaces of the switch are in use, you will fail to establish the connection and receive the message that says “All user interfaces are used, please try...
Page 65 You can use the ip host to assign a host name to a switch. Step 4: Enter the password. If the password is correct, the CLI prompt (such as <H3C>) appears. If all VTY user interfaces of the switch are in use, you will fail to establish the connection and receive the message that says “All user interfaces are used, please try...
Page 66: Configuration On The Administrator Side
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 4 Logging in Using Modem Chapter 4 Logging in Using Modem 4.1 Introduction The administrator can log into the Console port of a remote switch using a modem through PSTN (public switched telephone network) if the remote switch is connected to the PSTN through a modem to configure and maintain the switch remotely.
Page 67: Switch Configuration
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 4 Logging in Using Modem AT&K0 ----------------------- Disable flow control AT&R1 ----------------------- Ignore RTS signal AT&S0 ----------------------- Set DSR to high level by force ATEQ1&W ----------------------- Disable the modem from returning command response and the result, save the changes You can verify your configuration by executing the AT&V command.
Page 68: Modem Connection Establishment
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 4 Logging in Using Modem III. Configuration on switch when the authentication mode is scheme Refer to section "Console Port Login Configuration with Authentication Mode Being Scheme”. 4.4 Modem Connection Establishment Step 1: Configure the user name and password on the switch.
Page 69 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 4 Logging in Using Modem Figure 4-1 Establish the connection by using modems Step 4: Launch a terminal emulation utility on the PC and set the telephone number to call the modem directly connected to the switch, as shown in...
Page 70 Step 5: Provide the password when prompted. If the password is correct, the prompt (such as <H3C>) appears. You can then configure or manage the switch. You can also enter the character ? at anytime for help. Refer to the following chapters for information about the configuration commands.
Page 71: Http Connection Establishment
Operation Manual – Login Chapter 5 Logging in Through Web-based Network H3C S3610&S5510 Series Ethernet Switches Management System Chapter 5 Logging in Through Web-based Network Management System 5.1 Introduction An S3610&S5510 series switch has a Web server built in. You can log into an S3610&S5510 series switch through a Web browser and manage and maintain the...
Page 72 Operation Manual – Login Chapter 5 Logging in Through Web-based Network H3C S3610&S5510 Series Ethernet Switches Management System <H3C> system-view [H3C] interface vlan-interface 1 [H3C-Vlan-interface1] ip address 10.153.17.82 255.255.255.0 Step 2: Configure the user name and the password for the Web-based network management system.
Page 73: Displaying Web Users
Operation Manual – Login Chapter 5 Logging in Through Web-based Network H3C S3610&S5510 Series Ethernet Switches Management System To do… Use the command… Remarks — Enter system view system-view Required Execute this command in system Shut down the Web undo ip http enable view.
Page 74: Connection Establishment Using Nms
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 6 Logging in Through NMS Chapter 6 Logging in Through NMS 6.1 Introduction You can also log into a switch through an NMS (network management station), and then configure and manage the switch through the agent module on the switch.
Page 75: Configuring Source Ip Address For Telnet Service Packets
Operation Manual – Login Chapter 7 Configuring Source IP Address for Telnet H3C S3610&S5510 Series Ethernet Switches Service Packets Chapter 7 Configuring Source IP Address for Telnet Service Packets Go to these sections for information you are interested in: Overview...
Page 76 Operation Manual – Login Chapter 7 Configuring Source IP Address for Telnet H3C S3610&S5510 Series Ethernet Switches Service Packets II. Configuration in system view Table 7-2 Configure a source IP address for service packets in system view To do… Use the command…...
Page 77: Controlling Telnet Users
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users Chapter 8 Controlling Login Users 8.1 Introduction A switch provides ways to control different types of login users, as listed in Table 8-1. Table 8-1 Ways to control different types of login users...
Page 78: Controlling Telnet Users By Source And Destination Ip Addresses
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users To do… Use the command… Remarks — Enter system view system-view acl [ ipv6 ] number As for the acl number Create a basic ACL or...
Page 79: Controlling Telnet Users By Source Mac Addresses
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users To do… Use the command… Remarks — Quit to system view quit user-interface [ type ] — Enter user interface view first-number [ last-number ] Required...
Page 80: Controlling Network Management Users By Source Ip Addresses
III. Configuration procedure # Define a basic ACL. <H3C> system-view [H3C] acl number 2000 match-order config [H3C-acl-basic-2000] rule 1 permit source 10.110.100.52 0 [H3C-acl-basic-2000] rule 2 permit source 10.110.100.46 0 [H3C-acl-basic-2000] rule 3 deny source any [H3C-acl-basic-2000] quit # Apply the ACL.
Page 81 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users 8.3.1 Prerequisites The controlling policy against network management users is determined, including the source IP addresses to be controlled and the controlling actions (permitting or denying).
Page 82 Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users To do… Use the command… Remarks snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ] snmp-agent usm-user Apply the ACL while v3 user-name...
Page 83: Controlling Web Users By Source Ip Address
[H3C] snmp-agent community read h3c acl 2000 [H3C] snmp-agent group v2c h3cgroup acl 2000 [H3C] snmp-agent usm-user v2c h3cuser h3cgroup acl 2000 8.4 Controlling Web Users by Source IP Address You can manage a S3610&S5510 series Ethernet switch remotely through Web. Web users can access a switch through HTTP connections.
Page 84: Controlling Web Users By Source Ip Addresses
Operation Manual – Login H3C S3610&S5510 Series Ethernet Switches Chapter 8 Controlling Login Users 8.4.2 Controlling Web Users by Source IP Addresses Controlling Web users by source IP addresses is achieved by applying basic ACLs, which are numbered from 2000 to 2999.
Page 85 # Define a basic ACL. <H3C> system-view [H3C] acl number 2030 match-order config [H3C-acl-basic-2030] rule 1 permit source 10.110.100.52 0 [H3C-acl-basic-2030] rule 2 deny source any # Apply the ACL to only permit the Web users sourced from the IP address of 10.110.100.52 to access the switch.
Page 86 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 VLAN Configuration ....................1-1 1.1 Introduction to VLAN......................1-1 1.1.1 VLAN Overview ....................... 1-1 1.1.2 VLAN Fundamental....................1-2 1.1.3 VLAN Classification....................1-3 1.2 Configuring Basic VLAN Attributes ..................1-4 1.3 Basic VLAN Interface Configuration ..................
Page 87 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Table of Contents 3.1.3 Protocols and Standards..................3-5 3.2 GVRP Configuration Task List................... 3-5 3.3 Configuring GVRP ......................3-5 3.3.1 Enabling GVRP ....................... 3-5 3.3.2 Configuring GARP Timers..................3-6 3.4 Displaying and Maintaining GVRP..................3-7 3.5 GVRP Configuration Examples ..................
Page 88: Introduction To Vlan
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Chapter 1 VLAN Configuration When configuring VLAN, go to these sections for information you are interested in: Introduction to VLAN Configuring Basic VLAN Attributes Basic VLAN Interface...
Page 89: Vlan Fundamental
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration A VLAN is not restricted by physical factors, that is to say, hosts that reside in different network segments may belong to the same VLAN, users in a VLAN can be connected to the same switch, or span across multiple switches or routers.
Page 90: Vlan Classification
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration The VLAN Tag comprises four fields: the tag protocol identifier (TPID) field, the Priority field, the canonical format indicator (CFI) field, and the VLAN ID field. The TPID field, 16 bits in length and with a value of 0x8100, indicates that a packet carries a VLAN tag with it.
Page 91: Configuring Basic Vlan Attributes
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration 1.2 Configuring Basic VLAN Attributes Follow these steps to configure basic VLAN attributes: To do… Use the command… Remarks Enter system view — system-view Optional vlan { vlan-id1 [ to...
Page 92 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration be an IP network segment and the VLAN interface can be the gateway to enable IP address-based Layer 3 forwarding. Follow these steps to configure VLAN interface basic attributes: To do…...
Page 93 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration 1.4 Port-Based VLAN Configuration 1.4.1 Introduction to Port-Based VLAN This is the simplest and yet the most effective way of classifying VLANs. It groups VLAN members by port. After added to a VLAN, a port can forward the packets of the VLAN.
Page 94 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-1 How a port handles inbound/outbound packets Inbound packets handling Outbound packets If no tag is Port type If a tag is carried in the handling...
Page 95 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration unnecessary. Thus, you can disable VLAN check on the port to have it receive packets directly and handle them as configured. Note: Disabling VLAN check on a port only affects incoming packets. When the port sends...
Page 96 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Optional Add the current Access port access vlan vlan-id By default, all Access port to a specified VLAN ports belong to VLAN 1.
Page 97 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Note: To convert a Trunk port into a Hybrid port (or vice versa), you need to use the Access port as a medium. For example, the Trunk port has to be configured as an Access port first and then a Hybrid port.
Page 98 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Note: To change the link type of a port from trunk to hybrid or vice versa, you must set the link type to access first. Ensure that the VLANs already exist before configuring them to pass through a Hybrid port.
Page 99 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration If the packet matches a protocol template, the packet will be tagged with the VLAN ID of the protocol-based VLAN defined by the protocol template. If the packet matches no protocol template, the packet will be tagged with the default VLAN ID of the port.
Page 100 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Allow the packets of protocol-based VLANs to pass through the current port hybrid vlan Required Hybrid port in untagged vlan-id-list untagged...
Page 101: Displaying And Maintaining Vlan
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Note: This feature is only applicable to Hybrid ports. Follow these steps to configure an IP-subnet-based VLAN: To do… Use the command… Remarks Enter system view system-view —...
Page 102: Vlan Configuration Example
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration To do... Use the command… Remarks Display the protocol information and protocol display protocol-vlan vlan Available in any indexes of specified { vlan-id [ to vlan-id ] | all }...
Page 103 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration [DeviceA-vlan2] quit [DeviceA] vlan 100 [DeviceA-vlan100] vlan 6 to 50 Please wait... Done. # Enter Ethernet 1/0/1 port view. [DeviceA] interface Ethernet 1/0/1 # Configure Ethernet 1/0/1 as a Trunk port and configure its default VLAN ID as 100.
Page 104 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 1 VLAN Configuration Port priority: 0 Last 300 seconds input: 0 packets/sec 0 bytes/sec Last 300 seconds output: 0 packets/sec 0 bytes/sec Input (total): - packets, - bytes - broadcasts, - multicasts...
Page 105: Introduction To Voice Vlan
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration Chapter 2 Voice VLAN Configuration When configuring Voice VLAN, go to these sections for information you are interested Introduction to Voice VLAN Configuring Voice VLAN Displaying and Maintaining Voice VLAN Voice VLAN Configuration 2.1 Introduction to Voice VLAN...
Page 106 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration Note: As the first 24 bits of a MAC address (in binary format), an OUI address is a globally unique identifier assigned to a vendor by IEEE (Institute of Electrical and Electronics Engineers).
Page 107 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration Table 2-2 Voice VLAN operating mode and the corresponding voice traffic types Port voice VLAN mode Voice traffic type Port link type Access: not supported Trunk: supported provided that...
Page 108: Configuring Voice Vlan
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration Caution: If the voice traffic sent by an IP phone is tagged and that the access port has 802.1x authentication and Guest VLAN enabled, assign different VLAN IDs for the voice VLAN, the default VLAN of the access port, and the 802.1x guest VLAN.
Page 109 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration 2.2.2 Configuring Voice VLAN Mode on a Port to Automatic Mode Follow these steps to set the port voice VLAN mode to automatic: To do... Use the command...
Page 110 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration 2.2.3 Configuring Voice VLAN Mode on a Port to Manual Mode Follow these steps to set the port voice VLAN mode to manual: To do... Use the command...
Page 111: Displaying And Maintaining Voice Vlan
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration Note: Only one VLAN of a device can have the voice VLAN function enabled at a time, and the VLAN must be an exsiting static VLAN.
Page 112 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration II. Network diagram Device A Device B Internet VLAN2 Eth1/0/1 VLAN2 010-1001 OUI:0011-2200-0000 Mask:ffff-ff00-0000 Figure 2-1 Network diagram for automatic voice VLAN mode configuration III. Configuration procedure # Create VLAN 2 and VLAN 6.
Page 113 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration # Enable the voice VLAN feature on the port. [DeviceA-Ethernet1/0/1] voice vlan enable [DeviceA-Ethernet1/0/1] return IV. Verification # Display information about the OUI addresses, OUI address masks, and descriptive strings.
Page 114 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration II. Network diagram Device A Device B Internet VLAN2 Eth1/0/1 VLAN2 010-1001 OUI:0011-2200-0000 Mask:ffff-ff00-0000 Figure 2-2 Network diagram for manual voice VLAN mode configuration III. Configuration procedure # Configure the voice VLAN to work in security mode and only allows legal voice packets to pass through the voice VLAN enabled port.
Page 115 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 2 Voice VLAN Configuration IV. Verification # Display information about the OUI addresses, OUI address masks, and descriptive strings. <DeviceA> display voice vlan oui Oui Address Mask Description 0001-e300-0000 ffff-ff00-0000...
Page 116: Introduction To Gvrp
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration Chapter 3 GVRP Configuration GARP VLAN Registration Protocol (GVRP) is a GARP application. It functions based on the operating mechanism of GARP to maintain and propagate dynamic VLAN registration information for the GVRP devices on the network.
Page 117 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration participant sends LeaveAll messages upon the expiration of the LeaveAll timer, which is triggered when the GARP participant is created. Join messages, Leave messages, and LeaveAll message make sure the reregistration and deregistration of GARP attributes are performed in an orderly way.
Page 118 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration attributes with other participants by making or withdrawing declarations of attributes and at the same time, based on received declarations or withdrawals, handles attributes of other participants. When a port receives an attribute declaration, it registers the attribute;...
Page 119 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration Field Description Value Consists of an Attribute Length, an Attribute Attribute –– Event, and an Attribute Value Number of octets occupied by an attribute, Attribute Length 2 to 255 (in bytes)
Page 120 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration forbidden registration type thus allows only VLAN 1 to pass through even though it is configured to carry all VLANs. 3.1.3 Protocols and Standards GVRP is described in IEEE 802.1Q.
Page 121: Configuring Garp Timers
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration To do… Use the command… Remarks Configure the GVRP Optional gvrp registration { fixed | registration mode on forbidden | normal } The default is normal. the port...
Page 122: Displaying And Maintaining Gvrp
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration Table 3-2 Dependencies of GARP timers Timer Lower limit Upper limit Not greater than half of the Hold 10 centiseconds join timer setting Not less than two times the hold...
Page 123: Gvrp Configuration Examples
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration 3.5 GVRP Configuration Examples 3.5.1 GVRP Configuration Example I I. Network requirements Configure GVRP for dynamic VLAN information registration and update among devices, adopting the normal registration mode on ports.
Page 124: Gvrp Configuration Example Ii
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration [DeviceB-Ethernet1/0/1] quit # Create VLAN 3 (a static VLAN). [DeviceB] vlan 3 Verify the configuration # Display dynamic VLAN information on Device A. [DeviceA] display vlan dynamic Now, the following dynamic VLAN exist(s): # Display dynamic VLAN information on Device B.
Page 125: Gvrp Configuration Example Iii
Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration [DeviceA-Ethernet1/0/1] gvrp registration fixed [DeviceA-Ethernet1/0/1] quit # Create VLAN 2 (a static VLAN). [DeviceA] vlan 2 Configure Device B # Enable GVRP globally. <DeviceB> system-view [DeviceB] gvrp # Configure port Ethernet 1/0/1 as a Trunk port, allowing all VLANs to pass.
Page 126 Operation Manual – VLAN H3C S3610&S5510 Series Ethernet Switches Chapter 3 GVRP Configuration III. Configuration procedure Configure Device A # Enable GVRP globally. <DeviceA> system-view [DeviceA] gvrp # Configure port Ethernet 1/0/1 as a Trunk port, allowing all VLANs to pass.
Page 127 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Addressing Configuration ..................1-1 1.1 IP Addressing Overview ....................1-1 1.1.1 IP Address Classes....................1-1 1.1.2 Special Case IP Addresses..................1-2 1.1.3 Subnetting and Masking..................
Page 128: Ip Addressing Overview
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration Chapter 1 IP Addressing Configuration When assigning IP addresses to interfaces on your device, go to these sections for information you are interested in:...
Page 129: Special Case Ip Addresses
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration Table 1-1 describes the address ranges of these five classes. Currently, the first three classes of IP addresses are used in quantity. Table 1-1 IP address classes and ranges...
Page 130: Configuring Ip Addresses
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration Each subnet mask comprises 32 bits related to the corresponding bits in an IP address. In a subnet mask, the part containing consecutive ones identifies the combination of net-id and subnet-id whereas the part containing consecutive zeros identifies the host-id.
Page 131: Assigning An Ip Address To An Interface
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration Note: This chapter only covers how to assign an IP address manually. For other approaches, refer to DHCP Configuration. This section includes: Assigning an IP Address to an Interface IP Addressing Configuration Example 1.2.1 Assigning an IP Address to an Interface...
Page 132: Ip Addressing Configuration Example
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration 1.2.2 IP Addressing Configuration Example I. Network requirements As shown in Figure 1-3, VLAN-interface 1 on Switch is connected to a LAN comprising two segments: 172.16.1.0/24 and 172.16.2.0/24.
Page 133 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration PING 172.16.1.2: 56 data bytes, press CTRL_C to break Reply from 172.16.1.2: bytes=56 Sequence=1 ttl=255 time=25 ms Reply from 172.16.1.2: bytes=56 Sequence=2 ttl=255 time=27 ms Reply from 172.16.1.2: bytes=56 Sequence=3 ttl=255 time=26 ms...
Page 134: Displaying And Maintaining Ip Addressing
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Addressing Configuration 1.3 Displaying and Maintaining IP Addressing To do… Use the command… Remarks Display information about display ip interface a specified or all Layer 3...
Page 135: Ip Performance Overview
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration Chapter 2 IP Performance Configuration When configuring IP performance, go to these sections for information you are interested in: IP Performance Overview Enabling Reception and Forwarding of Directed Broadcasts to a Directly...
Page 136: Enabling Reception Of Directed Broadcasts To A Directly Connected Network
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration 2.2.1 Enabling Reception of Directed Broadcasts to a Directly Connected Network If a device is enabled to receive directed broadcasts, the device will determine whether to forward them according to the configuration on the outgoing interface.
Page 137 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration 2.2.3 Configuration Example I. Network requirements As shown in Figure 2-1, the host’s interface and VLAN-interface 3 of Switch A are on the same network segment (1.1.1.0/24). VLAN-interface 2 of Switch A and VLAN-interface 2 of Switch B are on another network segment (2.2.2.0/24).
Page 138: Configuring Tcp Attributes
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration After the above configurations, if you ping the subnet broadcast address (2.2.2.255) of VLAN-interface 2 of Switch A on the host, the ping packets can be received by VLAN-interface 2 of Switch B.
Page 139 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration Note: If the MD5 authentication is enabled, the SYN Cookie feature will not function. After the MD5 authentication is disabled, the configured SYN Cookie feature will be enabled automatically.
Page 140: Configuring Tcp Optional Parameters
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration Note: With the protection against Naptha attack enabled, the device will periodically check and record the number of TCP connections in each state.
Page 141: Configuring Icmp To Send Error Packets
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration Caution: The actual length of the finwait timer is determined by the following formula: Actual length of the finwait timer = (Configured length of the finwait timer – 75) + configured length of the synwait timer 2.4 Configuring ICMP to Send Error Packets...
Page 142 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration Sending ICMP destination unreachable packets If the device receives an IP packet with the destination unreachable, it will drop the packet and send an ICMP destination unreachable error packet to the source.
Page 143: Displaying And Maintaining Ip Performance
Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration To do… Use the command… Remarks Disable sending ICMP Required destination unreachable undo ip unreachables Enabled by default. packets Note: The device stops sending “network unreachable” and “source route failure” ICMP error packets after sending ICMP destination unreachable packets is disabled.
Page 144 Operation Manual – IP Addressing and Performance H3C S3610&S5510 Series Ethernet Switches Chapter 2 IP Performance Configuration To do… Use the command… Remarks Clear statistics of IP packets reset ip statistics Available in Clear statistics of TCP reset tcp statistics...
Page 145 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 QinQ Configuration ..................... 1-1 1.1 Introduction to QinQ......................1-1 1.1.1 Understanding QinQ ....................1-1 1.1.2 Implementations of QinQ ..................1-2 1.1.3 Modification of TPID Value of QinQ Frames............1-2 1.2 Configuring Basic QinQ .....................
Page 146: Chapter 1 Qinq Configuration
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration Chapter 1 QinQ Configuration When configuring QinQ, go to these sections for information you are interested in: Introduction to QinQ Configuring Basic QinQ Configuring Selective QinQ...
Page 147: Implementations Of Qinq
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration Advantages of QinQ: Addresses the shortage of public VLAN ID resource. Enables customers to plan their own VLAN IDs, without running into conflicts with public network VLAN IDs.
Page 148: Configuring Basic Qinq
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration The systems of different vendors may set the TPID of the outer VLAN tag of QinQ frames to different values. For compatibility with these systems, the S3600 and S5510...
Page 149: Configuring Selective Qinq
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration To do... Use the command... Remarks Enter system view system-view — Enter Required interface interface-type Ethernet Use either command. interface-number Enter port view Configurations made in...
Page 150 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration Caution: An inner VLAN tag corresponds to only one outer VLAN tag. If you want to change an outer VLAN tag, you must delete the old outer VLAN tag configuration and configure a new outer VLAN tag.
Page 151: Qinq Configuration Example
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration Note: You cannot modify an existing MAC address synchronization rule. To do that, you must remove the rule and then create a new one. If you synchronize MAC addresses of the same source VLAN to different destination VLANs through configuring multiple MAC address synchronization rules, the destination VLANs will be the set of all destination VLANs specified in these rules.
Page 152 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration Frames of VLAN 10 of Customer A and frames of VLAN 10 of Customer B can be forwarded to each other through VLAN 1000 of the provider network; frames of VLAN 20 of Customer A and frames of VLAN 20 of Customer C can be forwarded to each other through VLAN 2000 of the provider network.
Page 153 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration # Configure Ethernet 1/0/1 as a Hybrid port that permits frames of VLAN 1000 and VLAN 2000 to pass, and configure the port to remove the outer tag of the fames when sending them out.
Page 154 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 1 QinQ Configuration [ProviderB] interface ethernet 1/0/1 [ProviderB-Ethernet1/0/1] port link-type trunk [ProviderB-Ethernet1/0/1] port trunk permit vlan 1000 2000 # To enable interoperability with the third-party devices in the public network, set the TPID value to be used in the outer tag to 0x8200.
Page 155: Introduction To Bpdu Tunneling
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Chapter 2 BPDU Tunneling Configuration When configuring BPDU tunneling, go to these sections for information you are interested in: Introduction to BPDU Tunneling Configuring BPDU Isolation...
Page 156 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration II. BPDU transparent transmission As shown in Figure 2-1, the upper part is the service provider network, and the lower part represents the customer networks. The customer networks include network A and network B.
Page 157: Configuring Bpdu Isolation
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration 2.2 Configuring BPDU Isolation Perform the following tasks to configure BPDU isolation: To do... Use the command... Remarks Enter system view system-view — Optional Enable BPDU tunneling...
Page 158: Configuring Destination Multicast Mac Address For Bpdu Tunnel Frames
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration To do... Use the command... Remarks Enter Ethernet interface interface-type Required port view interface-number Use either command. Enter Configurations made in Ethernet Ethernet port view will...
Page 159: Bpdu Tunneling Configuration Example
Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Follow these steps to configure destination multicast MAC address for BPDU tunnel frames: To do… Use the command… Remarks Enter system view system-view — Configure the...
Page 160 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration III. Configuration procedure Configuration on Provider A # Configure BPDU transparent transmission on Ethernet 1/0/1. <ProviderA> system-view [ProviderA] interface ethernet 1/0/1 [ProviderA-Ethernet1/0/1] port access vlan 2...
Page 161 Operation Manual – QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Note: When STP works stably on the customer network, if Customer A acts as the root bridge, the ports of Customer C and Customer D connected with Provider C can receive BPDUs from Customer A.
Page 162 Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Ethernet Port Configuration ..................1-1 1.1 Ethernet Port Configuration ....................1-1 1.1.1 Configuring a Combo Port..................1-1 1.1.2 Performing Basic Ethernet port Configuration ............1-2 1.1.3 Configuring Flow Control on an Ethernet Port ............
Page 163: Chapter 1 Ethernet Port Configuration
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Chapter 1 Ethernet Port Configuration 1.1 Ethernet Port Configuration Complete the following tasks to perform Ethernet port configuration: Task Remarks Configuring a Combo Port...
Page 164 Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Note: Currently, only dual-Combo ports are supported on S3610/S5510 series switches. II. Configuring Combo port state Follow these steps to configure the state for a double Combo port: To do...
Page 165: Configuring Flow Control On An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration To do... Use the command... Remarks Optional By default, the description Set the description string description text string is “interface index + Interface”. Optional...
Page 166: Configuring Loopback Testing On An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration To do... Use the command... Remarks interface interface-type Enter Ethernet port view — interface-number Required Enable flow control flow-control Turned off by default 1.1.4 Configuring Loopback Testing on an Ethernet Port You can enable loopback testing to check whether the Ethernet port functions properly.
Page 167: Configuring A Port Group
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration 1.1.5 Configuring a Port Group To make the configuration task easier for users, certain devices allow users to configure on a single port as well as on multiple ports in a port group. In port group view, the user only needs to input the configuration command once on one port and that configuration will apply to all ports in the port group.
Page 168: Setting The Interval For Collecting Ethernet Port Statistics
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration 1.1.6 Configuring the Broadcast Storm Suppression Ratio for an Ethernet Port You can suppress broadcast traffic by performing the configuration described in this section. When the broadcast traffic passing through a port exceeds the threshold, the system will discard the extra packets so that the broadcast traffic ratio can drop below the limit to ensure that the network functions properly.
Page 169: Enabling The Forwarding Of Jumbo Frames
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration 1.1.8 Enabling the Forwarding of Jumbo Frames Due to tremendous amount of traffic occurring in Ethernet, it is likely that some frames might have a frame size greater than the standard Ethernet frame size. By allowing...
Page 170: Configuring The Cable Type For An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration To do... Use the command... Remarks Required Enable loopback loopback-detection detection on a port enable Disabled by default Enable loopback Optional loopback-detection detection control on a...
Page 171: Testing The Cable On An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration Note: The mdi command is not supported on a Combo optical port. 1.1.11 Testing the Cable on an Ethernet Port Note: The optical ports of a Combo ports do not support this feature. The support of other Ethernet ports for this feature depends on the device model.
Page 172 Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 1 Ethernet Port Configuration To do... Use the command... Remarks Display the current ports Available in any display port { hybrid | trunk } of a specified type...
Page 173: Introduction To Port Isolation
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 2 Port Isolation Configuration Chapter 2 Port Isolation Configuration 2.1 Introduction to Port Isolation To implement Layer 2 isolation, you can add different ports to different VLANs. However, this will waste the limited VLAN resource.
Page 174: Configuring An Isolation Group
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 2 Port Isolation Configuration Uplink ports in an isolation Ports outside the isolation group group Uplink ports in the same Ordinary ports in the same isolation group isolation group...
Page 175: Port Isolation Configuration Example
Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 2 Port Isolation Configuration To do… Use the command… Remarks Required Add the port(s) to the isolation group port-isolate enable By default, an isolation group as ordinary port(s) contains no port.
Page 176 Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 2 Port Isolation Configuration Ethernet 1/0/1, Ethernet 1/0/2, Ethernet 1/0/3, and Ethernet 1/0/4 belong to the same VLAN. It is desired that Host A, Host B, and Host C cannot communicate with each other, but can access the external network.
Page 177 Operation Manual – Port Correlation Configuration H3C S3610&S5510 Series Ethernet Switches Chapter 2 Port Isolation Configuration Group ID: 1 Uplink port: Ethernet1/0/4 Ethernet1/0/1 Ethernet1/0/2 Ethernet1/0/3...
Page 178 Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Link Aggregation Overview ..................1-1 1.1 Link Aggregation ........................ 1-1 1.1.1 LACP ........................1-1 1.1.2 Consistency Considerations for Ports in an Aggregation ........1-1 1.2 Approaches to Link Aggregation..................
Page 179: Link Aggregation
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview Chapter 1 Link Aggregation Overview This chapter covers these topics: Link Aggregation Approaches to Link Aggregation Load Sharing in a Link Aggregation Group Service Loop Group Aggregation Port Group 1.1 Link Aggregation...
Page 180 Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview Table 1-1 Consistency considerations for ports in an aggregation Category Considerations State of port-level STP (enabled or disabled) Attribute of the link (point-to-point or otherwise) connected to the...
Page 181: Approaches To Link Aggregation
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview Category Considerations MAC address learning capability Setting of maximum number of MAC addresses that can be MAC address learned on the port learning Forwarding of frames with unknown destination MAC addresses after the upper limit of the MAC address table is reached 1.2 Approaches to Link Aggregation...
Page 182: Static Lacp Link Aggregation
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview In addition, unless the master port should be selected, a port that joins the group after the limit is reached will not be placed in selected state even if it should be in normal cases.
Page 183: Load Sharing In A Link Aggregation Group
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview If two ports with the same port LACP priority are present, compare their port numbers. The one with the smaller port ID wins out to become the reference port.
Page 184: Service Loop Group
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview For a known Layer 2 unicast packet, the switch selects the forwarding port based on the least significant six bits in the source MAC address and the least significant six bits in the destination MAC address.
Page 185: Aggregation Port Group
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 1 Link Aggregation Overview If this group is performing load sharing, it continues to function in this way even after all selected ports but one are removed to ensure ongoing service.
Page 186: Chapter 2 Link Aggregation Configuration
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Chapter 2 Link Aggregation Configuration When configuring link aggregation, go to these sections for information you are interested in: Configuring Link Aggregation Displaying and Maintaining Link Aggregation Link Aggregation Configuration Example 2.1 Configuring Link Aggregation...
Page 187: Configuring A Static Lacp Link Aggregation Group
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration addresses or black hole MAC addresses configured, voice VLAN-enabled ports, or 802.1x-enabled ports. After you remove a manual aggregation group, all the ports in the group are dismissed from it.
Page 188: Configuring An Aggregation Group Name
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration For a static LACP aggregation group containing only one port, the only way to remove the port from the aggregation group is to remove the aggregation group.
Page 189: Entering Aggregation Port Group View
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration Note: You can remove any service loop group except those that are currently referenced by modules. For a service loop group containing only one port, the only way to remove the port from it is to remove the service loop group.
Page 190: Link Aggregation Configuration Example
Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration To do… Use the command… Remarks Display detailed information about display link-aggregation verbose Available in any specified or all link [ agg-id ] view aggregation groups...
Page 191 Operation Manual – Link Aggregation H3C S3610&S5510 Series Ethernet Switches Chapter 2 Link Aggregation Configuration [DeviceA] interface ethernet 1/0/1 [DeviceA-Ethernet1/0/1] port link-aggregation group 1 [DeviceA-Ethernet1/0/1] interface ethernet 1/0/2 [DeviceA-Ethernet1/0/2] port link-aggregation group 1 [DeviceA-Ethernet1/0/2] interface ethernet 1/0/3 [DeviceA-Ethernet1/0/3] port link-aggregation group 1 In static aggregation approach # Create static aggregation group 1.
Page 192 Operation Manual – MAC Address Table Management H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 MAC Address Table Management Configuration ............. 1-1 1.1 Introduction to MAC Address Table................... 1-1 1.2 Configuring MAC Address Table Management ..............1-2 1.2.1 Configuring MAC Address Entries ................
Page 193: Chapter 1 Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table H3C S3610&S5510 Series Ethernet Switches Management Configuration Chapter 1 MAC Address Table Management Configuration When configuring MAC address table management, go to these sections for information you are interested in:...
Page 194: Configuring Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table H3C S3610&S5510 Series Ethernet Switches Management Configuration Note: Dynamically learned MAC addresses cannot overwrite static MAC address entries, but the latter can overwrite the former. As shown in...
Page 195: Configuring Mac Address Aging Timer
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table H3C S3610&S5510 Series Ethernet Switches Management Configuration To do… Use the command… Remarks Enter system view system-view — mac-address blackhole mac-address vlan vlan-id Add/modify a MAC mac-address { dynamic | static }...
Page 196: Displaying And Maintaining Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table H3C S3610&S5510 Series Ethernet Switches Management Configuration 1.2.3 Configuring the Maximum Number of MAC Addresses an Ethernet Port or a Port Group Can Learn To prevent a MAC address table from getting so large that it may degrade forwarding performance, you may restrict the number of MAC addresses that can be learned.
Page 197: Mac Address Table Management Configuration Example
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table H3C S3610&S5510 Series Ethernet Switches Management Configuration 1.4 MAC Address Table Management Configuration Example I. Network requirements Log onto your device from the Console port to configure MAC address table management as follows: Set the aging timer to 500 seconds for dynamic MAC address entries.
Page 198: Ip Source Guard
Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Source Guard Configuration .................. 1-1 1.1 IP Source Guard Overview ....................1-1 1.2 Configuring a Static Binding Entry ..................1-1 1.3 Configuring Port Filtering ....................
Page 199: Ip Source Guard Overview
Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration Chapter 1 IP Source Guard Configuration When configuring IP Source Guard, go to these sections for information you are interested in: IP Source Guard Overview...
Page 200: Configuring Port Filtering
Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration To do… Use the command… Remarks user-bind ip-address Required Configure a static binding ip-address No static binding entry entry [ mac-address exists by default.
Page 201: Ip Source Guard Configuration Examples
Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration 1.5 IP Source Guard Configuration Examples 1.5.1 Static Binding Entry Configuration Example I. Network requirements As shown in Figure 1-1, switches A and B and Hosts A, B and C are on an Ethernet.
Page 202 Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration [SwitchA] interface ethernet 1/0/2 [SwitchA-Ethernet1/0/2] user-bind ip-address 192.168.0.3 mac-address 0001-0203-0405 [SwitchA-Ethernet1/0/2] quit # Configure port Ethernet 1/0/1 of Switch A to allow only IP packets with the source MAC address of 00-01-02-03-04-06 and the source IP address of 192.168.0.1 to pass.
Page 203 Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration 1.5.2 Port Filtering Configuration Example I. Network requirements Switch A connects to Client A and the DHCP Server through Ethernet 1/0/1 and Ethernet 1/0/2 respectively. DHCP Snooping is enabled on Switch A.
Page 204 Operation Manual – IP Source Guard H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Source Guard Configuration # Port filtering is configured successfully on port Ethernet 1/0/1. [SwitchA] interface ethernet1/0/1 [SwitchA-Ethernet1/0/1] display this interface Ethernet1/0/1 ip check source ip-address mac-address...
Page 205: Mstp
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 MSTP Configuration ....................1-1 1.1 MSTP Overview ......................... 1-1 1.1.1 Introduction to STP ....................1-1 1.1.2 Introduction to MSTP .................... 1-11 1.1.3 Protocols and Standards..................1-18 1.2 Configuration Task List ....................
Page 206 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Table of Contents 1.6.1 Configuration Procedure ..................1-40 1.6.2 Configuration Example..................1-40 1.7 Configuring Digest Snooping ................... 1-41 1.7.1 Configuration Prerequisites................... 1-42 1.7.2 Configuration Procedure ..................1-42 1.7.3 Configuration Example..................1-43 1.8 Configuring No Agreement Check ...................
Page 207: Mstp Overview
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Chapter 1 MSTP Configuration When configuring MSTP, go to these sections for information you are interested in: MSTP Overview Configuring the Root Bridge Configuring Leaf Nodes Performing mCheck...
Page 208 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration III. Basic concepts in STP Root bridge A tree network must have a root; hence the concept of “root bridge” has been introduced in STP. There is one and only one root bridge in the entire network, and the root bridge can change alone with changes of the network topology.
Page 209 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Device A AP 1 AP 2 CP 1 BP 1 Device B Device C BP 2 CP 2 Figure 1-1 A schematic diagram of designated bridges and designated ports IV.
Page 210 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Forward delay: forward delay of the port. Note: For the convenience of description, the description and examples below involve only four parts of a configuration BPDU: Root bridge ID (in the form of device priority)
Page 211 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: Principle for configuration BPDU comparison: The configuration BPDU that has the lowest root bridge ID has the highest priority. If all the configuration BPDUs have the same root bridge ID, they will be compared for their root path costs.
Page 212 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Step Description The device compares the calculated configuration BPDU with the configuration BPDU on the port of which the port role is to be defined, and does different things according to the comparison result:...
Page 213 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Table 1-4 Initial state of each device Device Port name BPDU of port {0, 0, 0, AP1} Device A {0, 0, 0, AP2} {1, 0, 1, BP1}...
Page 214 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration BPDU of port after Device Comparison process comparison Port BP1 receives the configuration BPDU of Device A {0, 0, 0, AP1}. Device B finds that the received...
Page 215 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration BPDU of port after Device Comparison process comparison Port CP1 receives the configuration BPDU of Device A {0, 0, 0, AP2}. Device C finds that the received...
Page 216 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-3 The final calculated spanning tree Note: To facilitate description, the spanning tree calculation process in this example is simplified, while the actual process is more complicated.
Page 217: Introduction To Mstp
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration STP timers STP calculations need three important timing parameters: forward delay, hello time, and max age. Forward delay is the delay time for device state transition. A path failure will cause re-calculation of the spanning tree, and the spanning tree structure will change accordingly.
Page 218 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: In RSTP, a newly elected root port can enter the forwarding state rapidly if this condition is met: The old root port on the device has stopped forwarding data and the upstream designated port has started forwarding data.
Page 219 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-4 Basic concepts in MSTP MST region A multiple spanning tree region (MST region) is composed of multiple devices in a switched network and network segments among them. These devices have the...
Page 220 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration VLAN-to-instance mapping table As an attribute of an MST region, the VLAN-to-instance mapping table describes the mapping relationships between VLANs and MST instances. In Figure 1-4, for example,...
Page 221 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-4, for example, the common root bridge is a device in region A0. Boundary port A boundary port is a port that connects an MST region to another MST configuration, or to a single spanning-tree region running STP, or to a single spanning-tree region running RSTP.
Page 222 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Connecting to the common root bridge Edge ports Port 2 MST region Port 1 Master port Alternate port Port 6 Port 5 Backup port Designated port Port 3...
Page 223 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Table 1-6 Ports states supported by different port roles Root Role Designated port/Master Alternate port Backup port port State port √ √ Forwarding — — √ √...
Page 224 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Root guard BPDU guard Loop guard TC-BPDU guard 1.1.3 Protocols and Standards MSTP is documented in: IEEE 802.1d: Spanning Tree Protocol IEEE 802.1w: Rapid Spanning Tree Protocol IEEE 802.1s: Multiple Spanning Tree Protocol...
Page 225 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Task Remarks Configuring an MST Region Required Configuring the Work Mode of MSTP Device Optional Configuring the Timeout Factor Optional Configuring the Maximum Transmission Rate of Ports...
Page 226: Configuring The Root Bridge
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration 1.3 Configuring the Root Bridge 1.3.1 Configuring an MST Region I. Configuration procedure Follow these steps to configure an MST region: To do... Use the command... Remarks...
Page 227: Specifying The Root Bridge Or A Secondary Root Bridge
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration The configuration of MST region–related parameters, especially the VLAN-to-instance mapping table, will cause MSTP to launch a new spanning tree calculation process, which may result in network topology instability. To reduce the possibility of topology instability caused by configuration, MSTP will not immediately launch a new spanning tree calculation process when processing MST region–related configurations;...
Page 228 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration II. Specifying the current device as a secondary root bridge of a specific spanning tree Follow these steps to specify the current device as a secondary root bridge of a specific spanning tree: To do...
Page 229: Configuring The Work Mode Of Mstp Device
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration actually work. For the description of network diameter and hello time, refer to Configuring the Network Diameter of a Switched Network Configuring Timers MSTP. Alternatively, you can also specify the current device as the root bridge by setting the priority of the device to 0.
Page 230: Configuring The Priority Of The Current Device
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.4 Configuring the Priority of the Current Device The priority of a device determines whether it can be elected as the root bridge of a spanning tree. A lower value indicates a higher priority. By setting the priority of a device to a low value, you can specify the device as the root bridge of the spanning tree.
Page 231: Configuring The Network Diameter Of A Switched Network
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration When a device becomes the root bridge of the CIST or MSTI of an MST region , the maximum hop in the configuration BPDUs generated by this device defines the network diameter of the spanning tree to define how far the spanning tree can reach in this MST region.
Page 232: Configuring Timers Of Mstp
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: Network diameter is a parameter that indicates network size. A bigger network diameter represents a larger network size. Based on the network diameter you configured, MSTP automatically sets an optimal hello time, forward delay, and max age for the device.
Page 233 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Caution: The length of the forward delay time is related to the network diameter of the switched network. Typically, the larger the network diameter is, the longer the forward delay time should be.
Page 234 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.8 Configuring the Timeout Factor After the network topology is stabilized, each non-root-bridge device forwards configuration BPDUs to the surrounding devices at the interval of hello time to check whether any link is faulty.
Page 235 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Enter system view system-view — Enter Required Ethernet interface interface-type Use either command. interface interface-number Enter Configurations made in view Ethernet...
Page 236 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Enter system view system-view — Enter Required Ethernet interface interface-type Use either command. interface interface-number Configurations made in Enter view Ethernet interface view...
Page 237 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Enter system view system-view — Enter Required Ethernet interface interface-type Use either command. interface interface-number Configurations made in Enter view Ethernet interface view...
Page 238 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration By default, the packet format recognition mode of a port is auto, namely the port automatically distinguishes the two MSTP packet formats, and determines the format of packets it will send based on the recognized format.
Page 239: Enabling The Output Of Port State Transition Information
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration [Sysname-Ethernet1/0/1] stp compliance dot1s 1.3.13 Enabling the Output of Port State Transition Information In a large-scale, MSTP-enabled network, there are a large number of MSTP instances, so ports may frequently transition from one state to another. In this situation, you can enable the device to output the port state transition information of all MSTP instances or the specified MSTP instance so as to monitor the port states in real time.
Page 240: Configuring Leaf Nodes
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: You must enable MSTP for the device before any other MSTP-related configuration can take effect. To control MSTP flexibly, you can use the stp disable or undo stp command to disable the MSTP feature for certain ports so that they will not take part in spanning tree calculation and thus to save the device’s CPU resources.
Page 241 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Setting an appropriate path cost allows VLAN traffic flows to be forwarded along different physical links, thus to enable per-VLAN load balancing. The device can automatically calculate the default path cost; alternatively, you can also configure the path cost for ports.
Page 242 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Private Link speed Duplex state 802.1D-1998 802.1t standard Single Port 2,000 Aggregated Link 2 Ports 1,000 10 Gbps Aggregated Link 3 Ports Aggregated Link 4 Ports Note: In the calculation of the path cost value of an aggregated link, 802.1D-1998 does not...
Page 243: Configuring Port Priority
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Caution: If you change the standard that the device uses in calculating the default path cost, the port path cost value set through the stp cost command will be out of effect.
Page 244: Enabling Output Of Port State Transition Information
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: When the priority of a port is changed, MSTP will re-calculate the role of the port and initiate a state transition. Generally, a lower configured value priority indicates a higher priority of the port. If you configure the same priority value for all the Ethernet ports on a device, the specific priority of a port depends on the index number of that port.
Page 245 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration STP-compatible mode. In this case, you can perform an mCheck operation to force the port to migrate to the MSTP (or RSTP) mode. You can perform mCheck on a port through two approaches, which lead to the same result.
Page 246: Configuring The Vlan Ignore Feature
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Method 2: Perform mCheck in Ethernet interface view. <Sysname> system-view [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1] stp mcheck 1.6 Configuring the VLAN Ignore Feature Traffic on a VLAN in a complex network may be blocked by the spanning tree.
Page 247: Configuring Digest Snooping
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Ethernet 1/1 on Switch A and Ethernet 1/2 on Switch B allow the traffic of VLAN 1 to pass through. Ethernet 1/3 on Switch A and Ethernet 1/4 on Switch B allow the traffic of VLAN 2 to pass through.
Page 248 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration 1.7.1 Configuration Prerequisites Associated devices of different vendors are interconnected and run MSTP. 1.7.2 Configuration Procedure Follow these steps to configure Digest Snooping: To do... Use the command...
Page 249 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Caution: You can only enable the Digest Snooping feature on the device connected to another vendor’s device that uses a private key to calculate the configuration digest.
Page 250: Configuring No Agreement Check
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration III. Configuration procedure Enable Digest Snooping on Device A # Enable Digest Snooping on Ethernet 1/0/1. <DeviceA> system-view [DeviceA] interface Ethernet 1/0/1 [DeviceA-Ethernet1/0/1] stp config-digest-snooping # Enable global Digest Snooping.
Page 251 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Downstream switch Upstream Switch Proposal for rapid transition Root port blocks other non-edge ports , changes to forwarding state and sends Agreement to upstream switch Designated port...
Page 252: Configuring Protection Functions
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Required Enable No Agreement Check no-agreement-check Not enabled by default Note: The No Agreement Check feature can only take effect on the root port or Alternate port after enabled.
Page 253: Enabling Bpdu Guard
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Root guard Loop guard TC-BPDU attack guard Note: The support for the BPDU guard, root guard and loop guard functions depends on the specific device model. Among loop guard, root guard and edge port setting, only one function can take effect on the same port at the same time.
Page 254: Enabling Root Guard
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Follow these steps to enable BPDU guard: To do... Use the command... Remarks Enter system view system-view — Required Enable the BPDU guard stp bpdu-protection function for the device Disabled by default 1.9.3 Enabling Root Guard...
Page 255: Enabling Loop Guard
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Enter system view system-view — Enter Required Ethernet interface interface-type Use either command. interface interface-number Configurations made in Enter view Ethernet interface view...
Page 256 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Follow these steps to enable loop guard: To do... Use the command... Remarks Enter system view system-view — Enter Required Ethernet interface interface-type Use either command. interface...
Page 257 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Note: We recommend that you keep this feature enabled. 1.10 Configuring the Function of Transmitting BPDUs Transparently In a specific network, spanning tree calculations of the specific VLANs are not expected to be performed on all the switches.
Page 258: Displaying And Maintaining Mstp
Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration 1.11 Configuring the Function of Tagging BPDUs When switches at both ends of a VPN are engaged in STP calculations, you must enable the function of tagging BPDUs on these switches, because only tagged BPDUs are permitted to pass through a VPN.
Page 259 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks View the statistics of TC/TCN BPDUs sent and received by display stp [ instance Available in any all ports in the specified MSTP...
Page 260 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration II. Network diagram Device B Device A Permit:all VLAN Permit: Permit: VLAN 10,20 VLAN 20,30 Permit: Permit: VLAN 10,20 VLAN 20,30 Permit:VLAN 20,40 Device D Device C...
Page 261 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration Format selector Region name :example Revision level Instance Vlans Mapped 1 to 9, 11 to 29, 31 to 39, 41 to 4094 Configuration on Device B # Enter MST region view.
Page 262 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration <DeviceC> system-view [DeviceC] stp region-configuration [DeviceC-mst-region] region-name example # Configure the region name, VLAN-to-instance mappings and revision level of the MST region. [DeviceC-mst-region] instance 1 vlan 10...
Page 263 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration [DeviceD-mst-region] quit # View the MST region configuration information that has taken effect. [DeviceD] display stp region-configuration Oper configuration Format selector Region name :example Revision level Instance...
Page 264 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration [Switch A-mst-region] region-name abc [Switch A-mst-region] instance 1 vlan 10 [Switch A-mst-region] active region-configuration [Switch A-mst-region] quit # Enable the function of tagging BPDUs on Ethernet 1/0/1 and Ethernet 1/0/2 of Switch...
Page 265 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration II. Network diagram Eth 1/0/1 Eth 1/0/2 Eth 1/0/3 Eth 1/0/4 Switch A Switch B Figure 1-14 Network diagram for tagging BPDUs III. Configuration procedure Configuration on Switch A # Configure an MST region.
Page 266 Operation Manual – MSTP H3C S3610&S5510 Series Ethernet Switches Chapter 1 MSTP Configuration # Enable the function of tagging BPDUs on Ethernet 1/0/3 and Ethernet 1/0/4 of Switch [Switch B] interface Ethernet1/0/3 [Switch B-Ethernet1/0/3] stp bpdu-tagged [Switch B-Ethernet1/0/3] quit [Switch B]interface Ethernet1/0/4...
Page 267: Ipv6
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IPv6 Basics Configuration ..................1-1 1.1 IPv6 Overview........................1-1 1.1.1 IPv6 Features ......................1-2 1.1.2 Introduction to IPv6 Address ................... 1-3 1.1.3 Introduction to IPv6 Neighbor Discovery Protocol ..........1-7 1.1.4 IPv6 PMTU Discovery ...................
Page 268 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents Chapter 3 Tunneling Configuration ..................... 3-1 3.1 Introduction to Tunneling ....................3-1 3.1.1 IPv6 over IPv4 Tunnel..................... 3-1 3.2 Tunneling Configuration Task List ..................3-5 3.3 Configuring IPv6 Manual Tunnel ..................3-5 3.3.1 Configuration Prerequisites..................
Page 269: Ipv6 Overview
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Chapter 1 IPv6 Basics Configuration When configuring IPv6 basics, go to these sections for information you are interested IPv6 Overview IPv6 Basics Configuration Task List Configuring Basic IPv6 Functions...
Page 270: Ipv6 Features
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.1.1 IPv6 Features I. Header format simplification IPv6 cuts down some IPv4 header fields or move them to the IPv6 extension headers to reduce the length of the basic IPv6 header. IPv6 uses the basic header with a fixed length, thus making IPv6 packet handling simple and improving the forwarding efficiency.
Page 271: Introduction To Ipv6 Address
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Stateless address configuration means that a host automatically configures an IPv6 address and related information on basis of its own link-layer address and the prefix information advertised by a router.
Page 272 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration If an IPv6 address contains two or more consecutive groups of zeros, they can be replaced by the double-colon :: option. For example, the above-mentioned address...
Page 273 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration The type of an IPv6 address is designated by the first several bits called format prefix. Table 1-1 lists the mappings between address types and format prefixes.
Page 274 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Table 1-2 Reserved IPv6 multicast addresses Address Application FF01::1 Node-local scope all-nodes multicast address FF02::1 Link-local scope all-nodes multicast address FF01::2 Node-local scope all-routers multicast address...
Page 275: Introduction To Ipv6 Neighbor Discovery Protocol
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.1.3 Introduction to IPv6 Neighbor Discovery Protocol IPv6 Neighbor Discovery Protocol (NDP) uses five types of ICMPv6 messages to implement the following functions: Address resolution Neighbor reachability detection...
Page 276 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Figure 1-3 Address resolution The address resolution procedure is as follows: Node A multicasts an NS message. The source address of the NS message is the IPv6 address of an interface of node A and the destination address is the solicited-node multicast address of node B.
Page 277 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Figure 1-4 Duplicate address detection The DAD procedure is as follows: Node A sends an NS message whose source address is the unassigned address :: and destination address is the corresponding solicited-node multicast address of the IPv6 address to be detected.
Page 278: Ipv6 Pmtu Discovery
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Note: In addition to an address prefix, the prefix information option also contains the preferred lifetime and valid lifetime of the address prefix. After receiving a periodic RA message, the node updates the preferred lifetime and valid lifetime of the address prefix accordingly.
Page 279: Introduction To Ipv6 Dns
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Figure 1-5 Working procedure of the PMTU discovery The working procedure of the PMTU discovery is as follows: The source host uses its MTU to fragment packets and then sends them to the destination host.
Page 280: Ipv6 Basics Configuration Task List
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration RFC 2375: IPv6 Multicast Address Assignments RFC 2460: Internet Protocol, Version 6 (IPv6) Specification. RFC 2461: Neighbor Discovery for IP Version 6 (IPv6) RFC 2462: IPv6 Stateless Address Autoconfiguration...
Page 281: Configuring An Ipv6 Unicast Address
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.3.2 Configuring an IPv6 Unicast Address IPv6 site-local addresses and aggregatable global unicast addresses can be configured in the following ways: EUI-64 format: When the EUI-64 format is adopted to form IPv6 addresses, the IPv6 address prefix of an interface is the configured prefix and the interface identifier is derived from the link-layer address of the interface.
Page 282: Configuring Ipv6 Ndp
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Note: After an IPv6 site-local address or aggregatable global unicast address is configured for an interface, a link-local address will be generated automatically. The automatically generated link-local address is the same as the one generated by using the ipv6 address auto link-local command.
Page 283: Configuring The Maximum Number Of Neighbors Dynamically Learned
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Follow these steps to configure a static neighbor entry: To do... Use the command... Remarks Enter system view system-view — ipv6 neighbor ipv6-address Configure a static...
Page 284: Configuring Parameters Related To An Ra Message
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks Configure the maximum number ipv6 neighbors of neighbors dynamically learned Optional max-learning-num by an interface number 1.4.3 Configuring Parameters Related to an RA Message You can configure whether the interface sends an RA message, the interval for sending RA messages, and parameters in RA messages.
Page 285 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Parameters Description After the neighbor reachability detection shows that a neighbor is reachable, the device considers the neighbor is reachable within the reachable time. If the device needs to...
Page 286 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks ipv6 nd ra prefix Optional { ipv6-address By default, no prefix prefix-length | Configure the prefix information is configured in RA...
Page 287: Configuring The Number Of Attempts To Send An Ns Message For Dad
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.4.4 Configuring the Number of Attempts to Send an NS Message for DAD An interface sends a neighbor solicitation (NS) message for DAD after acquiring an IPv6 address.
Page 288: Configuring Ipv6 Tcp Properties
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration dynamically determined PMTU is removed and the source host re-determines an MTU to send packets through the PMTU mechanism. The aging time is invalid for static PMTU.
Page 289: Configuring Icmpv6 Packet Sending
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.7 Configuring IPv6 FIB-Based Forwarding With the caching function of IPv6 FIB enabled, the device searches the FIB cache when forwarding packets, thus reducing the time in searching IP packets and improving the forwarding efficiency.
Page 290: Enable Sending Of Multicast Echo Replies
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration ICMPv6 error packets cannot be sent out until the number of tokens in the token bucket is updated and new tokens are added to the bucket.
Page 291: Configuring Dynamic Ipv6 Domain Name Resolution
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Follow these steps to configure static IPv6 domain name resolution: To do… Use the command… Remarks Enter system view system-view — Configure a host name ipv6 host hostname...
Page 292: Displaying And Maintaining Ipv6 Basics Configuration
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.10 Displaying and Maintaining IPv6 Basics Configuration To do… Use the command… Remarks Display DNS suffix information display dns domain [ dynamic ] Display IPv6 dynamic domain display dns ipv6 dynamic-host name cache information.
Page 293: Ipv6 Configuration Example
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks Clear IPv6 dynamic domain reset dns ipv6 dynamic-host name cache information Clear FIB cache entries reset ipv6 fibcache reset ipv6 neighbors { all |...
Page 294 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration III. Configuration procedure Configuration on Switch A # Enable the IPv6 packet forwarding function. <SwitchA> system-view [SwitchA] ipv6 # Configure VLAN-interface 2 to automatically generate a link-local address.
Page 295 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration FF02::1:FF49:8048 FF02::2 FF02::1 MTU is 1500 bytes ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses # Display the IPv6 information of the interface on Switch B.
Page 296 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Reply from FE80::20F:E2FF:FE00:1 bytes=56 Sequence=2 hop limit=255 time = 60 ms Reply from FE80::20F:E2FF:FE00:1 bytes=56 Sequence=3 hop limit=255 time = 60 ms Reply from FE80::20F:E2FF:FE00:1 bytes=56 Sequence=4 hop limit=255...
Page 297: Troubleshooting Ipv6 Basics Configuration
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Reply from 3001::2 bytes=56 Sequence=5 hop limit=255 time = 60 ms --- 3001::2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 50/60/70 ms 1.12 Troubleshooting IPv6 Basics Configuration...
Page 298: Dual Stack Overview
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 2 Dual Stack Configuration Chapter 2 Dual Stack Configuration When configuring dual stack, go to these sections for information you are interested in: Dual Stack Overview Configuring Dual Stack 2.1 Dual Stack Overview Dual stack is the most direct approach to making IPv6 nodes compatible with IPv4 nodes.
Page 299 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 2 Dual Stack Configuration 2.2 Configuring Dual Stack 2.2.1 Enabling IPv4/IPv6 Dual-Stack Supporting Table 2-1 Enable IPv4/IPv6 dual-stack supporting Operation Command Remarks Enter system view system-view — Required Configure the...
Page 300 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 2 Dual Stack Configuration To do… Use the command… Remarks ipv6 address Use either Manually { ipv6-address command. Configure specify an prefix-length | IPv6 By default, no IPv6 address ipv6-address/prefix-le...
Page 301: Introduction To Tunneling
Note: NTP-related commands are available in tunnel interface view on H3C S3610&S5510 series Ethernet Switches, but NTP features cannot be enabled after you execute the NTP commands. For related information about NTP, refer to NTP Configuration.
Page 302 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: The devices at both ends of an IPv6 over IPv4 tunnel must support IPv4/IPv6 dual stack. Figure 3-1 Principle of IPv6 over IPv4 tunnel The IPv6 over IPv4 tunnel processes packets in the following way: A host in the IPv6 network sends an IPv6 packet to the device at the source end of the tunnel.
Page 303 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration If the IPv4 address is embedded into the IPv6 address, the IPv4 address of the tunnel destination can automatically be acquired from the destination address of the IPv6 packet. Such a tunnel is called an automatic tunnel.
Page 304 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration can be forwarded by the tunnel. A 6to4 tunnel interconnects IPv6 networks and overcomes the limitations of an automatic IPv4-compatible IPv6 tunnel. ISATAP tunnel With the application of the IPv6 technology, there will be more and more IPv6 hosts in the existing IPv4 network.
Page 305: Tunneling Configuration Task List
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration 3.2 Tunneling Configuration Task List Complete the following tasks to configure the tunneling feature: Task Remarks Configuring IPv6 Manual Tunnel Optional Configuring Configuring Automatic IPv4-Compatible IPv6 Tunnel...
Page 306 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks ipv6 address Required { ipv6-address Use any command. prefix-length | Configure a ipv6-address/prefix-len By default, no IPv6 global unicast gth }...
Page 307 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: After a tunnel interface is deleted, all the above features configured on the tunnel interface will be deleted. If the addresses of the tunnel interfaces at the two ends of a tunnel are not in the same network segment, a forwarding route through the tunnel to the peer must be configured so that the encapsulated packet can be forwarded normally.
Page 308 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration III. Configuration procedure Configuration on Switch A # Enable IPv6. <SwitchA> system-view [SwitchA] ipv6 # Configure a link aggregation group. Disable STP on the port before adding it into the link aggregation group.
Page 309 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchB-Ethernet1/0/1] port link-aggregation group 1 [SwitchB-Ethernet1/0/1] quit # Configure an IPv4 address for VLAN-interface 100. [SwitchB] vlan 100 [SwitchB-vlan100] port ethernet 1/0/2 [SwitchB-vlan100] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ip address 192.168.50.1 255.255.255.0...
Page 310 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Global unicast address(es): 3001::2, subnet is 3001::/64 Joined group address(es): FF02::1:FFA8:3201 FF02::1:FF00:2 FF02::2 FF02::1 MTU is 1500 bytes ND reachable time is 30000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses # Ping the IPv6 address of the peer tunnel interface from Switch A.
Page 311 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration 3.4.2 Configuration Procedure Table 3-1 Follow these steps to configure an automatic IPv4-compatible IPv6 tunnel To do… Use the command… Remarks Enter system view system-view — Required...
Page 312 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Required source { ip-address | By default, no Configure a source address for interface-type source address is the tunnel interface interface-num } configured for the tunnel interface.
Page 313 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: Only one tunnel can automatically be configured at the same tunnel source. No destination address needs to be configured for an automatic IPv4-compatible IPv6 tunnel. If the addresses of the tunnel interfaces at the two ends of a tunnel are not in the same network segment, a forwarding route through the tunnel to the peer must be configured so that the encapsulated packet can be forwarded normally.
Page 314 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration # Configure an IPv4 address for Vlan-interface100. [SwitchA] vlan 100 [SwitchA-vlan100] port ethernet 1/0/1 [SwitchA-vlan100] quit [SwitchA] interface Vlan-interface 100 [SwitchA-Vlan-interface100] ip address 2.1.1.1 255.0.0.0 [SwitchA-Vlan-interface100] quit # Configure a service-loop group.
Page 315: Configuring 6To4 Tunnel
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchB-Ethernet1/0/2] quit # Configure an automatic IPv4-comptabile IPv6 tunnel. [SwitchB] interface Tunnel 0 [SwitchB-Tunnel0] ipv6 address ::2.1.1.2/96 [SwitchB-Tunnel0] source Vlan-interface 100 [SwitchB-Tunnel0] tunnel-protocol ipv6-ipv4 auto-tunnel # Configure service-loop group 2 to be referenced by the tunnel in tunnel interface view.
Page 316 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration 3.5.2 Configuration Procedure Follow these steps to configure a 6to4 tunnel: To do… Use the command… Remarks Enter system view system-view — Required By default, the IPv6...
Page 317 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Required Reference a link aggregation aggregation-group By default, no link group aggregation-group-id aggregation group ID is referenced. Optional Enable the expedite...
Page 318 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration 3.5.3 Configuration Example I. Network requirements Isolated IPv6 networks are interconnected through a 6to4 tunnel over the IPv4 network. II. Network diagram IPv4 netwok 6to4 switch 6to4 switch...
Page 319 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration # Configure a route to VLAN-interface 100 of Switch B. (Here the next-hop address of the static route is represented by [nexthop]. In practice, you should configure the real next-hop address according to the network.)
Page 320 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ip address 5.1.1.1 24 [SwitchB-Vlan-interface100] quit # Configure a route to VLAN-interface 100 of Switch A. (Here the next-hop address of the static route is represented by [nexthop]. In practice, you should configure the real next-hop address according to the network.)
Page 321: Configuring Isatap Tunnel
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 13ms, Average = 3ms 3.6 Configuring ISATAP Tunnel...
Page 322 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Required By default, the tunnel mode is manual. The same tunnel-protocol tunnel type should Set an ISATAP tunnel ipv6-ipv4 isatap be configured at both ends of the tunnel.
Page 323 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: If the addresses of the tunnel interfaces at the two ends of a tunnel are not in the same network segment, a forwarding route through the tunnel to the peer must be configured so that the encapsulated packet can be forwarded normally.
Page 324 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration [Switch] link-aggregation group 1 mode manual [Switch] link-aggregation group 1 service-type tunnel [Switch] interface ethernet 1/0/1 [Switch-Ethernet1/0/1] stp disable [Switch-Ethernet1/0/1] port link-aggregation group 1 [Switch-Ethernet1/0/1] quit # Configure addresses for interfaces.
Page 325 Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration routing preference 1 EUI-64 embedded IPv4 address: 0.0.0.0 router link-layer address: 0.0.0.0 preferred link-local fe80::5efe:2.1.1.2, life infinite link MTU 1280 (true link MTU 65515) current hop limit 128...
Page 326: Displaying And Maintaining Tunneling Configuration
Operation Manual – IPv6 H3C S3610&S5510 Series Ethernet Switches Chapter 3 Tunneling Configuration IV. Configuration verification After the above configurations, the ISATAP host can access the host in the IPV6 network. 3.7 Displaying and Maintaining Tunneling Configuration To do… Use the command…...
Page 327: Routing Overview
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Routing Overview....................1-1 1.1 IP Routing and Routing Table.................... 1-1 1.1.1 Routing ........................1-1 1.1.2 Routing Through a Routing Table ................1-1 1.2 Routing Protocol Overview ....................
Page 328: Ip Routing And Routing Table
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview Chapter 1 IP Routing Overview Go to these sections for information you are interested in: IP Routing and Routing Table Routing Protocol Overview Displaying and Maintaining a Routing Table Note: The term “router”...
Page 329 Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview II. Contents of a routing table A routing table includes the following key items: Destination address: Destination IP address or destination network. Network mask: Specifies, in company with the destination address, the address of the destination network.
Page 330: Routing Protocol Overview
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview Destination Network Next hop Interface 11.0.0.0 11.0.0.1 12.0.0.0 12.0.0.1 13.0.0.0 12.0.0.2 14.0.0.0 14.0.0.4 15.0.0.0 14.0.0.2 16.0.0.0 14.0.0.2 17.0.0.0 11.0.0.2 Figure 1-1 A sample routing table 1.2 Routing Protocol Overview...
Page 331: Ipv4 Routing
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview I. Operational scope Interior gateway protocols (IGPs): Work within an autonomous system, including RIP, OSPF, and IS-IS. Exterior gateway protocols (EGPs): Work between autonomous systems. The most popular one is BGP.
Page 332: Load Balancing And Route Backup
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview The following table lists some routing protocols and the default priorities for routes found by them: Routing approach Priority DIRECT OSPF IS-IS STATIC OSPF ASE...
Page 333: Sharing Of Routing Information
Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview II. Route backup Route backup can help improve network reliability. With route backup, you can configure multiple routes to the same destination, expecting the one with the highest priority to be the main route and all the rest backup routes.
Page 334 Operation Manual – Routing Overview H3C S3610&S5510 Series Ethernet Switches Chapter 1 IP Routing Overview To do… Use the command… Remarks Clear statistics for the reset ip routing-table statistics Available in routing table or a VPN protocol [ vpn-instance user view...
Page 335 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Static Routing Configuration..................1-1 1.1 Introduction ........................1-1 1.1.1 Static Route......................1-1 1.1.2 Default Route ......................1-1 1.1.3 Application Environment of Static Routing.............. 1-2 1.2 Configuring a Static Route....................
Page 336 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 2.4.8 Configuring RIP-to-MIB Binding ................2-17 2.5 Displaying and Maintaining RIP..................2-17 2.6 RIP Configuration Examples.................... 2-17 2.6.1 Configuring RIP Version..................2-17 2.6.2 Configuring RIP Route Redistribution ..............2-19 2.7 Troubleshooting RIP ......................
Page 337 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 3.7.3 Specifying an LSA Transmission Delay ..............3-35 3.7.4 Specifying SPF Calculation Interval ..............3-35 3.7.5 Specifying the LSA Minimum Repeat Arrival Interval ........... 3-36 3.7.6 Specifying the LSA Generation Interval ..............3-36 3.7.7 Disabling Interfaces from Sending OSPF Packets ..........
Page 338 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 4.4.2 Specifying a Priority for IS-IS ................4-20 4.4.3 Configuring IS-IS Link Cost................... 4-21 4.4.4 Configuring the Maximum Number of Equal Cost Routes ........4-23 4.4.5 Configuring IS-IS Route Summarization ............... 4-23 4.4.6 Advertising a Default Route ..................
Page 339 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 5.4.1 Prerequisites ......................5-22 5.4.2 Configuring BGP Route Redistribution..............5-23 5.4.3 Configuring BGP Route Summarization ............... 5-23 5.4.4 Advertising a Default Route to a Peer or Peer Group........... 5-24 5.4.5 Configuring BGP Route Distribution Filtering Policies ..........
Page 340 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 6.3.1 Prerequisites ......................6-4 6.3.2 Defining an IPv4 Prefix List ..................6-4 6.3.3 Defining an AS Path List ..................6-5 6.3.4 Defining a Community List ..................6-5 6.3.5 Defining an Extended Community List..............
Page 341: Static Route
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration Chapter 1 Static Routing Configuration When configuring a static route, go to these sections for information you are interested Introduction Configuring a Static Route Displaying and Maintaining Static Routes...
Page 342: Application Environment Of Static Routing
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration You can create the default route with both destination and mask being 0.0.0.0, and some dynamic routing protocols, such as OSPF, RIP and IS-IS, can also generate the default route.
Page 343 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration 1.2.2 Configuration Procedure Follow these steps to configure a static route: To do… Use the command… Remarks Enter system view system-view — ip route-static dest-address { mask |...
Page 344: Displaying And Maintaining Static Routes
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration Note: When configuring a static route, the static route does not take effect if you specify the next hop address first and then configure it as the IP address of a local interface, such as a VLAN interface.
Page 345 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration II. Network diagram Figure 1-1 Network diagram for static route configuration III. Configuration procedure Configuring IP addresses for interfaces (omitted) Configuring static routes # Configure a default route on Switch A <SwitchA>...
Page 346 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 Static Routing Configuration 1.1.2.0/24 Direct 0 1.1.2.3 Vlan300 1.1.2.3/32 Direct 0 127.0.0.1 InLoop0 1.1.4.0/30 Direct 0 1.1.4.1 Vlan500 1.1.4.1/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32...
Page 347: Rip Overview
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration Chapter 2 RIP Configuration Note: The term “router” in this document refers to a router in a generic sense or a Layer 3 switch. When configuring RIP, go to these sections for information you are interested in:...
Page 348 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration II. RIP routing table A RIP router has a routing table containing routing entries of all reachable destinations, and each routing entry contains: Destination address: IP address of a host or a network.
Page 349: Rip Version
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.1.2 Operation of RIP The following procedure describes how RIP works. After RIP is enabled, the router sends Request messages to neighboring routers. Neighboring routers return Response messages including information about their routing tables.
Page 350 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration Figure 2-1 shows the format of RIPv1 message. Figure 2-1 RIPv1 Message Format Command: Type of message. 1 indicates request, and 2 indicates response. Version: Version of RIP, 0x01 for RIPv1.
Page 351: Supported Rip Features
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration III. RIPv2 authentication RIPv2 sets the AFI field of the first route entry to 0xFFFF to identify authentication information. See Figure 2-3. Figure 2-3 RIPv2 Authentication Message Authentication Type: 2 represents plain text authentication, while 3 represents MD5.
Page 352: Configuring Rip Basic Functions
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.2 Configuring RIP Basic Functions 2.2.1 Configuration Prerequisites Before configuring RIP basic functions, configure an IP address on each interface, and make sure all adjacent routers are reachable to each other.
Page 353 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Return to system view quit — interface interface-type Enter interface view — interface-number Optional Enable the interface to rip input...
Page 354: Configuring Rip Route Control
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Return to system — Quit view interface interface-type Enter interface view –– interface-number Specify a RIP rip version { 1 | 2...
Page 355: Configuring Ripv2 Route Summarization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Optional Define an inbound rip metricin value additional routing metric 0 by default Optional Define an outbound rip metricout value...
Page 356: Disabling Host Route Reception
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Advertise a summary rip summary-address Required route ip-address { mask | mask-length } Note: You need to disable RIPv2 route automatic summarization before advertising a summary route on an interface.
Page 357 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Required Enable RIP to advertise default-route originate cost a default route value Not enabled by default Note: The router enabled to advertise a default route does not receive default routes from RIP neighbors.
Page 358: Configuring A Priority For Rip
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.3.6 Configuring a Priority for RIP Multiple IGP protocols may run in a router. If you want RIP routes to have a higher priority than those learned by other routing protocols, you can assign RIP a smaller priority value to influence optimal route selection.
Page 359: Configuring Rip Timers
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.4.1 Configuring RIP Timers Follow these steps to configure RIP timers: To do… Use the command… Remarks Enter system view system-view –– rip [ process-id ] [ vpn-instance Enter RIP view ––...
Page 360: Configuring The Maximum Number Of Load Balanced Routes
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Optional Enable split horizon rip split-horizon Enabled by default Note: Disabling the split horizon function on a point-to-point link does not take effect.
Page 361: Enabling Source Ip Address Check On Incoming Rip Updates
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration Follow these steps to enable zero field check on incoming RIPv1 messages: To do… Use the command… Remarks Enter system view system-view –– rip [ process-id ]...
Page 362: Specifying A Rip Neighbor
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration Follow these steps to configure RIPv2 message authentication: To do… Use the command… Remarks Enter system view system-view –– Enter interface view interface interface-type interface-number ––...
Page 363: Displaying And Maintaining Rip
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.4.8 Configuring RIP-to-MIB Binding Follow these steps to bind RIP to MIB: To do… Use the command… Remarks Enter system view system-view –– Optional By default, MIB is bound...
Page 364 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration III. Configuration procedure Configure an IP address for each interface (omitted) Configure basic RIP functions # Configure Switch A. <SwitchA> system-view [SwitchA] rip [SwitchA-rip-1] network 192.168.1.0 [SwitchA-rip-1] network 172.16.0.0...
Page 365 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration -------------------------------------------------------------------------- Peer 192.168.1.2 on Vlan-interface100 Destination/Mask Nexthop Cost Flags 10.2.1.0/24 192.168.1.2 10.1.1.0/24 192.168.1.2 From the routing table, you can see RIPv2 uses classless subnet mask. Note: Since RIPv1 routing information has a long aging time, it will still exist until aged out after RIPv2 is configured.
Page 366 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration [SwitchA-rip-100] version 2 [SwitchA-rip-100] undo summary [SwitchA-rip-100] quit # Enable RIP 100 and RIP 200 and specify RIP version 2 on Switch B. <SwitchB> system-view [SwitchB] rip 100 [SwitchB-rip-100] network 1.0.0.0...
Page 367 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration [SwitchB-rip-100] import-route rip 200 [SwitchB-rip-100] quit [SwitchB] rip 200 [SwitchB-rip-200] import-route rip 100 [SwitchB-rip-200] quit # Display the routing table of Switch A. [SwitchA] display ip routing-table...
Page 368: Troubleshooting Rip
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 RIP Configuration 2.7 Troubleshooting RIP 2.7.1 No RIP Updates Received Symptom: No RIP updates are received when the links work well. Analysis: After enabling RIP, you must use the network command to enable corresponding interfaces.
Page 369: Introduction To Ospf
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Chapter 3 OSPF Configuration Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the Internet Engineering Task Force (IETF). At present, OSPF version 2 (RFC2328) is used.
Page 370 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Wide scope: Supports networks of various sizes and up to several hundred routers in an OSPF routing domain. Fast convergence: Transmits updates instantly after network topology changes for routing information synchronization in the AS.
Page 371 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration If the loopback interfaces are configured, select the highest IP address among them. If no loopback interface is configured, select the highest IP address among addresses of active interfaces on the router.
Page 372: Ospf Area Partition And Route Summarization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration NSSA LSA: Type-7 LSA, as defined in RFC 1587, originated by ASBRs in NSSAs (Not-So-Stubby Areas) and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.
Page 373 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-1 OSPF area partition After area partition, area border routers perform route summarization to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes.
Page 374 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-2 OSPF router types III. Backbone area and virtual links Each AS has a backbone area, which is responsible for distributing routing information between none-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area.
Page 375 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Another application of virtual links is to provide redundant links. If the backbone area cannot maintain internal connectivity due to a physical link failure, configuring a virtual link can guarantee logical connectivity in the backbone area, as shown below.
Page 376 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration NSSA area. When traveling to the NSSA ABR, Type-7 LSAs are translated into Type-5 LSAs by the ABR for advertisement to other areas. In the following figure, the OSPF AS contains three areas: Area 1, Area 2 and Area 0.
Page 377: Classification Of Ospf Networks
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration segment. The ABR in the area distributes only the summary LSA to reduce the scale of LSDBs on routers in other areas. ASBR route summarization If summarization for redistributed routes is configured on an ASBR, it will summarize redistributed Type-5 LSAs that fall into the specified address range.
Page 378: Dr And Bdr
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration P2MP (point-to-multipoint): By default, OSPF considers no link layer protocol as P2MP, which is a conversion from other network types such as NBMA in general. On P2MP networks, packets are sent to multicast addresses (224.0.0.5).
Page 379 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration the new DR in a very short period by avoiding adjacency establishment and DR reelection. Meanwhile, other routers elect another BDR, which requires a relatively long period but has no influence on routing calculation.
Page 380: Ospf Packet Formats
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.1.5 OSPF Packet Formats OSPF packets are directly encapsulated into IP packets. OSPF has the IP protocol number 89. The OSPF packet format is shown below (taking a LSU packet as an example).
Page 381 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration II. Hello packet A router sends hello packets periodically to neighbors to find and maintain neighbor relationships and to elect the DR/BDR, including information about values of timers, DR, BDR and neighbors already known.
Page 382 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration reduce traffic between routers. The recipient checks whether the LSA is available using the LSA header. The DD packet format: Figure 3-11 DD packet format Major fields: Interface MTU: Size in bytes of the largest IP datagram that can be sent out the associated interface, without fragmentation.
Page 383 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-12 LSR packet format Major fields: LS type: Type number of the LSA to be requested. Type 1 for example indicates the Router LSA. Link State ID: Determined by LSA type.
Page 384 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration LSAs can be acknowledged in a single Link State Acknowledgment packet. The following figure gives its format. Figure 3-14 LSAck packet format VII. LSA header format All LSAs have the same header, as shown in the following figure.
Page 385 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration VIII. Formats of LSAs Router LSA Figure 3-16 Router LSA format Major fields: Link State ID: ID of the router that originated the LSA. V (Virtual Link): Set to 1 if the router that originated the LSA is a virtual link endpoint.
Page 386 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-17 Network LSA format Major fields: Link State ID: The interface address of the DR Network Mask: The mask of the network (a broadcast or NBMA network)
Page 387 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Note: A Type-3 LSA can be used to advertise a default route, having the Link State ID and Network Mask set to 0.0.0.0. AS external LSA An AS external LSA originates from an ASBR, describing routing information to a destination outside the AS.
Page 388: Bfd-Gr
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration An NSSA external LSA originates from the ASBR in a NSSA and is flooded in the NSSA area only. It has the same format as the AS external LSA.
Page 389: Ospf Configuration Task List
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration After an OSPF GR Restarter restarts OSPF, it needs to perform the following two tasks in order to re-synchronize its LSDB with its neighbors. To obtain once again effective OSPF neighbor information, supposing the adjacencies are not changed.
Page 390 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Task Remarks Configuring OSPF Route Summarization Optional Configuring OSPF Inbound Route Filtering Optional Configuring ABR Type-3 LSA Filtering Optional Configuring an OSPF Cost for an Interface...
Page 391 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.3.1 Prerequisites Before configuring OSPF, you have configured IP addresses for interfaces, making neighboring nodes accessible with each other at the network layer. 3.3.2 Configuration Procedure To ensure OSPF stability, you need to decide on router IDs and configure them manually.
Page 392: Configuring Ospf Area Parameters
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Note: An OSPF process ID is unique, including the process ID for OSPF multi-instance, which cannot be the same as any previously configured ID. A network segment can only belong to one area.
Page 393: Configuring Ospf Network Types
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.4.2 Configuration Procedure Follow these steps to configure OSPF area parameters: To do… Use the command… Remarks Enter system view system-view — ospf [ process-id |...
Page 394: Configuring The Ospf Network Type For An Interface
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration virtual link in between. In most cases, however, the requirement cannot be satisfied, so you need to change the network type using commands. For routers having no direct link in between, you can configure the P2MP type for the related interfaces.
Page 395: Configuring A Router Priority For An Ospf Interface
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Follow these steps to configure a neighbor and its DR priority: To do… Use the command… Remarks Enter system view system-view — ospf [ process-id | router-id...
Page 396: Configuring Ospf Route Summarization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.6.1 Prerequisites Before configuring this task, you have configured: IP addresses for interfaces OSPF basic functions Corresponding filters if routing information filtering is needed. 3.6.2 Configuring OSPF Route Summarization...
Page 397: Configuring Ospf Inbound Route Filtering
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.6.3 Configuring OSPF Inbound Route Filtering Follow these steps to configure inbound route filtering: To do… Use the command… Remarks Enter system view system-view — ospf [ process-id |...
Page 398: Configuring An Ospf Cost For An Interface
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.6.5 Configuring an OSPF Cost for an Interface Follow these steps to configure an OSPF cost for an interface: To do… Use the command… Remarks Enter system view system-view —...
Page 399: Configuring A Priority For Ospf
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Optional Configure the maximum maximum-routes { external | number of OSPF routes inter | intra } number 15360 by default 3.6.7 Configuring the Maximum Number of Load-balanced Routes...
Page 400: Configuring Ospf Route Redistribution
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.6.9 Configuring OSPF Route Redistribution Follow these steps to configure OSPF route redistribution: To do… Use the command… Remarks Enter system view system-view — ospf [ process-id |...
Page 401: Configuring Ospf Network Optimization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Note: Using the import-route command cannot redistribute a default external route. To do so, you need to use the default-route-advertise command. The default-route-advertise summary cost command is applicable only to VPN, and the default route is redistributed in a Type-3 LSA.
Page 402 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Dead timer: Interval within which if the interface receives no hello packet from the neighbor, it declares the neighbor is down. LSA retransmission timer: Interval within which if the interface receives no acknowledgement packets after sending a LSA to the neighbor, it will retransmit the LSA.
Page 403: Specifying An Lsa Transmission Delay
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.7.3 Specifying an LSA Transmission Delay Since OSPF packets need time for traveling on links, extending LSA age time with a delay is necessary, especially for low speed links.
Page 404: Specifying The Lsa Minimum Repeat Arrival Interval
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.7.5 Specifying the LSA Minimum Repeat Arrival Interval After receiving the same LSA as the previously received LSA within the LSA minimum repeat arrival interval, an interface discards the LSA.
Page 405: Disabling Interfaces From Sending Ospf Packets
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Note: With this command configured, when network changes are not frequent, LSAs are generated at the minimum-interval. If network changes become frequent, LSA generation interval is incremented by incremental-interval•2 (n is the number of generation times) each time a generation occurs, up to the maximum-interval.
Page 406: Configuring Ospf Authentication
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration the stub router have such big costs, they will not send packets to the stub router for forwarding as long as there is a route with a smaller cost.
Page 407: Adding The Interface Mtu Into Dd Packets
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Configure the ospf authentication mode authentication-mode (simple authentication) simple [ plain | cipher ] for the interface password Optional ospf...
Page 408: Making External Route Selection Rules Defined In Rfc1583 Compatible
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Specify the maximum Optional lsdb-overflow-limit number of external LSAs number No limitation by default in the LSDB 3.7.12 Making External Route Selection Rules Defined in RFC1583 Compatible The selection of an external route from multiple LSAs defined in RFC2328 is different from the one defined in RFC1583.
Page 409: Enabling The Advertisement And Reception Of Opaque Lsas
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Enter system view system-view — Optional Bind OSPF MIB to The first OSPF ospf mib-binding process-id an OSPF process process is bound with OSPF MIB by default.
Page 410: Configuring Ospf Graceful Restart
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.8 Configuring OSPF Graceful Restart 3.8.1 Configuring the OSPF GR Capability You can configure the IETF standard or non IETF standard OSPF Graceful Restart capability. I. Configure the IETF standard OSPF GR capability Follow these steps to configure the standard IETF OSPF GR capability: To do…...
Page 411: Configuring The Ospf Gr Helper
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Required Enable the use of enable link-local-signaling link-local signaling Disabled by default enable Required Enable out-of-band out-of-band-resynchronizat re-synchronization Disabled by default...
Page 412: Triggering Ospf Graceful Restart
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.8.3 Triggering OSPF Graceful Restart Performing the following configuration on an OSPF router will trigger OSPF Graceful Restart. Ensure that these routers are enabled with the following capabilities first:...
Page 413: Displaying And Maintaining Ospf
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.9 Displaying and Maintaining OSPF To do… Use the command… Remarks Display OSPF brief display ospf [ process-id ] brief information Display OSPF display ospf [ process-id ] cumulative...
Page 414: Ospf Configuration Examples
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks reset ospf [ process-id ] counters Reset OSPF [ neighbor [ interface-type counters interface-number ] [ router-id ] ] Available in...
Page 415 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure OSPF basic functions # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit...
Page 416 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Display information about neighbors on Switch A. [SwitchA] display ospf peer OSPF Process 1 with Router ID 192.168.0.1 Neighbors Area 0.0.0.0 interface 192.168.0.1(Vlan-interface 100)'s neighbors Router ID: 192.168.0.2...
Page 417 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Area: 0.0.0.0 Type LinkState ID AdvRouter Sequence Metric Router 192.168.2.1 192.168.2.1 80000006 1562 Router 192.168.0.1 192.168.0.1 80000005 1562 Sum-Net 192.168.1.0 192.168.0.1 80000001 1562 Sum-Net 172.17.1.0 192.168.2.1...
Page 418: Configuring An Ospf Stub Area
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Reply from 172.16.1.1: bytes=56 Sequence=5 ttl=253 time=63 ms --- 172.16.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 16/59/94 ms 3.10.2 Configuring an OSPF Stub Area...
Page 419 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra-area 192.168.0.1 0.0.0.1 1562 192.168.1.1 Inter-area 172.17.1.1 0.0.0.1 4686 192.168.1.1 ASBR # Display OSPF routing table information on Switch C.
Page 420 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Configure Switch C. [SwitchC] ospf [SwitchC-ospf-1] stub-router [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] stub [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Display OSPF routing information on Switch C [SwitchC] display ospf routing OSPF Process 1 with Router ID 172.16.1.1...
Page 421: Configuring An Ospf Nssa Area
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 1563 Inter-area 192.168.1.1 192.168.0.1 0.0.0.1 172.16.1.0/24 Stub 172.16.1.1 172.16.1.1 0.0.0.1 192.168.1.0/24 1562 Stub 192.168.1.2 172.16.1.1 0.0.0.1 Total Nets: 3...
Page 422 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Configure Switch D to import external static routes (refer to Configuring an OSPF Stub Area) Configure Area 1 as an NSSA area. # Configure Switch A.
Page 423: Configuring Ospf Dr Election
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Display OSPF routing information on Switch D.[SwitchD-ospf-1] display ospf routing OSPF Process 1 with Router ID 172.17.1.1 Routing Tables Routing for Network Destination Cost Type...
Page 424 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration II. Network diagram Switch A Switch D Vlan-int1 Vlan-int1 196.1.1.1/24 196.1.1.4/24 Vlan-int1 Vlan-int1 196.1.1.3/24 196.1.1.2/24 Switch C Switch B Figure 3-24 Network diagram for OSPF DR election configuration III.
Page 425 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Configure Switch D. <SwitchD> system-view [SwitchD] router id 4.4.4.4 [SwitchD] ospf [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit # Display OSPF neighbor information on Switch A.
Page 426 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Configure Switch B. [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] ospf dr-priority 0 [SwitchB-Vlan-interface1] quit # Configure Switch C. [SwitchC] interface vlan-interface 1 [SwitchC-Vlan-interface1] ospf dr-priority 2 [SwitchC-Vlan-interface] quit # Display neighbor information on Switch D.
Page 427 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Note: In the above output, you can find the priority configuration does not take effect immediately. Restart OSPF process (omitted) # Display neighbor information on Switch D.
Page 428: Configuring Ospf Virtual Links
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration # Display OSPF interface information. [SwitchA] display ospf interface OSPF Process 1 with Router ID 1.1.1.1 Interfaces Area: 0.0.0.0 IP Address Type State Cost 192.168.1.1 Broadcast DR 192.168.1.1...
Page 429 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration II. Network diagram Figure 3-25 Network diagram for OSPF virtual link configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure OSPF basic functions # Configure Switch A.
Page 430 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration Total Nets: 2 Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0 Note: Since Area 2 has no direct connection to Area 0, the OSPF routing table of Router A has no route to Area 2.
Page 431: Ospf Graceful Restart Configuration Example
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration 3.10.6 OSPF Graceful Restart Configuration Example I. Network requirements Switch A, Switch B and Switch C that belong to the same autonomous system and the same OSPF routing domain are GR capable.
Page 432: Troubleshooting Ospf Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchB-Vlan-interface100] ip address 192.1.1.2 255.255.255.0 [SwitchB-Vlan-interface100] ospf dr-priority 0 [SwitchB-Vlan-interface100] quit [SwitchB] router id 2.2.2.2 [SwitchB] ospf 100 [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization [SwitchB-ospf-100] graceful-restart help 2000 [SwitchB-ospf-100] area 0 [SwitchB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255...
Page 433 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 OSPF Configuration III. Processing steps Display OSPF neighbor information using the display ospf peer command. Display OSPF interface information using the display ospf interface command. Ping the neighbor router’s IP address to check connectivity.
Page 434 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Chapter 4 IS-IS Configuration When configuring IS-IS, go to these sections for information you are interested in: IS-IS Overview IS-IS Configuration Task List Configuring IS-IS Basic Functions...
Page 435 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 4.1.1 Basic Concepts I. IS-IS terminology Intermediate system (IS). An IS, similar to a router in TCP/IP, is the basic unit in IS-IS protocol to generate and propagate routing information. In the following text, an IS is a router.
Page 436 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-1 NSAP address structure Area address The area address is composed of the IDP and the HODSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.
Page 437 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration III. NET A Network Entity Title (NET) is an NSAP with SEL being 0. It indicates the network layer information of the IS itself, with no transport layer information. Therefore, the length of NET is equal to NSAP, in the range 8 bytes to 20 bytes.
Page 438 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Note: The Level-1 routers in different areas can not establish the neighbor relationship. The neighbor relationship establishment of Level-2 routers has nothing to do with area.
Page 439 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Area 1 Area 4 Area 2 L1/L2 L1/L2 Area 3 Figure 4-3 IS-IS topology Note: The IS-IS backbone does not need to be a specific Area.
Page 440 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Since the Level-1 router simply sends the routing information for destinations outside the area to the nearest Level-1-2 router, this may cause a problem that the best path cannot be selected.
Page 441 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-4 DIS in the IS-IS broadcast network The DIS creates and updates pseudonodes as well as their LSP to describe all routers on the network.
Page 442 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration II. Common header format Figure 4-6 shows the common header format. No. of Octets Intradomain routing protocol discriminator Length indicator Version/Protocol ID extension ID length PDU type...
Page 443 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration III. Hello The hello packet is used by routers to establish and maintain the neighbor relationship. It is also called IS-to-IS hello PDU (IIH). For broadcast network, the Level-1 router uses the Level-1 LAN IIH;...
Page 444 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration No. of Octets Intradomain routing protocol discriminator Length indicator Version/Protocol ID extension ID length PDU type Version Reserved Maximum area address Reserved/Circuit type Source ID ID length...
Page 445 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-9 L1/L2 LSP format PDU Length: Total length of the PDU in bytes. Remaining Lifetime: LSP remaining lifetime in seconds. LSP ID: Consists of the system ID, the pseudonode ID (one byte) and the LSP fragment number (one byte).
Page 446 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-10 LSDB overload IS Type: Type of the router generating the LSP. V. SNP format The Sequence Number PDU (SNP) confirms the latest received LSPs. It is similar to the Acknowledge packet, but more efficient.
Page 447 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request new LSPs from neighbors.
Page 448 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration CLV Code Name PDU Type LSP Entries Authentication Information IIH, LSP, SNP IP Internal Reachability Information Protocols Supported IIH, LSP IP External Reachability Information L2 LSP...
Page 449 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration After reestablishing a neighbor relationship, the GR Restarter will synchronize the LSDB and exchange routing information with all adjacent GR capable neighbors. After that, the GR Restarter will update its own routing table and forwarding table based on the new routing information and remove the stale routes.
Page 450 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Extended LSP It is the LSP generated by a virtual system. The system ID in its LSP ID field is the virtual system ID. After additional system IDs are configured, an IS-IS router can advertise more link state information in extended LSP fragments.
Page 451 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration A host name is intuitionally easier to remember than a system ID. After enabling this feature on the router, you can see the host names instead of system IDs using the display command.
Page 452 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Task Remarks Configuring a DIS Priority for an Interface Optional Configuring IS-IS Timers Optional Disabling an Interface from Sending/Receiving IS-IS Optional Hello Packets Configuring LSP Parameters...
Page 453 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Optional is-level { level-1 | Specify a router type The default type is level-1-2 | level-2 } level-1-2. Return to system view quit ––...
Page 454 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration You can reference a routing policy to specify a priority for specific routes. For information about routing policy, refer to Routing Policy Configuration. Follow these steps to configure the IS-IS protocol priority.
Page 455 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration II. Configure a global IS-IS cost Follow these steps to configure global IS-IS cost: To do… Use the command… Remarks Enter system view system-view — isis [ process-id ]...
Page 456: Configuring The Maximum Number Of Equal Cost Routes
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Note: In the case no interface cost is specified in interface view or system view and automatic cost calculation is enabled: When the cost style is wide or wide-compatible, IS-IS automatically calculates the...
Page 457 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Follow these steps to configure route summarization: To do… Use the command... Remarks Enter system view system-view — isis [ process-id ] [ vpn-instance Enter IS-IS view ––...
Page 458: Configuring Inbound Route Filtering
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 4.4.7 Configuring Inbound Route Filtering Follow these steps to configure inbound route filtering: To do… Use the command… Remarks Enter system view system-view –– isis [ process-id ]...
Page 459: Configuring A Dis Priority For An Interface
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Follow these steps to configure IS-IS route leaking: To do… Use the command… Remarks Enter system view system-view –– isis [ process-id ] [ vpn-instance Enter IS-IS view ––...
Page 460 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Optional Specify a DIS priority for the isis dis-priority value interface [ level-1 | level-2 ] 64 by default Note: If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest MAC address becomes the DIS.
Page 461: Configuring Lsp Parameters
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Note: On the broadcast link, you can specify different intervals for Level-1 and Level-2 hello packets; if no level is specified, the interval applies to both Level-1 and Level-2 hello packets, but only takes effect on the level of the current process;...
Page 462 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration The router will discard a LSP with incorrect checksum. You can configure the router to ignore the incorrect checksum, which means a LSP will be processed even with an incorrect LSP checksum.
Page 463: Configuring Spf Parameters
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks interface interface-type Enter interface view –– interface-number Optional Not added by default If the mesh-blocked isis mesh-group Add the interface to a mesh...
Page 464: Configuring Dynamic Host Name Mapping
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command... Remarks Optional timer spf maximum-interval Configure the SPF The default SPF [ minimum-interval calculation intervals calculation interval is 10 [ incremental-interval ] ] seconds.
Page 465 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Note: The local host name on the local IS overwrites the remote host name on the remote IS. 4.5.8 Configuring IS-IS Authentication For area authentication, the area authentication password is encapsulated into the Level-1 LSP, CSNP, and PSNP packets.
Page 466: Configuring Lsdb Overload Tag
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Note: The level-1 and level-2 keywords in the isis authentication-mode command are only supported on the VLAN interface of a switch, and the interface must be configured with the isis enable command first.
Page 467: Enabling An Interface To Send Small Hello Packets
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 4.5.11 Enabling an Interface to Send Small Hello Packets Follow these steps to enable an interface to send small hello packets (without the padding field): To do…...
Page 468 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration The Graceful Restart interval on a router is used as the holdtime in the IS-IS Hello PDUs so that its neighbors can maintain the adjacencies within the interval after the router restarts.
Page 469 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks display isis lsdb [ [ l1 | l2 | level-1 | level-2 ] | [ lsp-id Display IS-IS LSDB LSPID | lsp-name lspname ] |...
Page 470 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 4.8 IS-IS Configuration Example 4.8.1 IS-IS Basic Configuration I. Network requirements As shown in Figure 4-14, Switch A, B, C and Switch D reside in an IS-IS AS. Switch A and B are Level-1 switches, Switch D is a Level-2 switch and Switch C is a Level-1-2 switch.
Page 471 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 100...
Page 472 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 0000.0000.0002.00-00 0x00000004 0xee4d 1102 0/0/0 0000.0000.0002.01-00 0x00000001 0xdaaf 1102 0/0/0 0000.0000.0003.00-00 0x00000009 0xcaa3 1161 1/0/0 0000.0000.0003.01-00 0x00000001 0xadda 1112 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload...
Page 473 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Level-2 Link State Database LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------- 0000.0000.0003.00-00* 0x00000012 0xc93c 0/0/0 0000.0000.0004.00-00 0x00000026 0x331 1173 0/0/0 0000.0000.0004.01-00 0x00000001 0xee95 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload...
Page 474 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 0.0.0.0/0 NULL Vlan100 10.1.1.1 R/-/- Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set [SwitchC] display isis route Route information for ISIS(1) ----------------------------- ISIS(1) IPv4 Level-1 Forwarding Table...
Page 475: Dis Selection Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 192.168.0.0/24 NULL Vlan300 Direct D/L/- 10.1.1.0/24 NULL Vlan300 192.168.0.1 R/-/- 10.1.2.0/24 NULL Vlan300 192.168.0.1 R/-/- 172.16.0.0/16 NULL Vlan100 Direct D/L/- Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set 4.8.2 DIS Selection Configuration...
Page 476 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration <SwitchB> system-view [SwitchB] isis 1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] isis enable 1 [SwitchB-Vlan-interface100] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00...
Page 477 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64 System Id: 0000.0000.0004 Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01 State: Up HoldTime: 30s Type: L2 PRI: 64 # Display information about IS-IS interfaces of Switch A.
Page 478 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration [SwitchA-Vlan-interface100] quit # Display IS-IS neighbors of Switch A. [SwitchA] display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01...
Page 479 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 25s Type: L1 PRI: 64 System Id: 0000.0000.0001 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01...
Page 480 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration 4.8.3 IS-IS-based Graceful Restart Configuration Example I. Network requirements Switch A, Switch B, and Switch C belong to the same IS-IS routing domain, as illustrated in Figure 4-16.
Page 481 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IS-IS Configuration # Restart Switch A. <SwitchA> reset isis all 1 Warning : Reset ISIS process? [Y/N]:y # Check the Graceful Restart status of IS-IS on Switch A.
Page 482: Bgp Overview
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Chapter 5 BGP Configuration The Border Gateway Protocol (BGP) is a dynamic inter-AS route discovery protocol. When configuring BGP, go to these sections for information you are interested in:...
Page 483: Formats Of Bgp Messages
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Supporting CIDR Substantially reducing bandwidth occupation by advertising updating routes only and applicable to advertising a great amount of routing information on the Internet Eliminating route loops completely by adding AS path information to BGP routes...
Page 484 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Length: The 2-byte unsigned integer indicates the total length of the message. Type: This 1-byte unsigned integer indicates the type code of the message. The following type codes are defined: 1–Open, 2-Update, 3-Notification, 4–Keepalive, and 5–Route-refresh.
Page 485 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-3 BGP Update message format Each Update message can advertise a group of feasible routes with similar attributes, which are contained in the network layer reachable information (NLRI) field. The Path Attributes field carries attributes of these routes that are used by BGP for routing.
Page 486: Bgp Path Attributes
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration V. Keepalive Keepalive messages are sent between peers to maintain connectivity. Its format contains only the message header. VI. Route-refresh A route-refresh message is sent to a peer to request the resending of the specified address family routing information.
Page 487 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Name Category AGGREGATOR Optional transitive COMMUNITY Optional transitive MULTI_EXIT_DISC (MED) Optional non-transitive ORIGINATOR_ID Optional non-transitive CLUSTER_LIST Optional non-transitive II. Usage of BGP path attributes ORIGIN ORIGIN is a well-known mandatory attribute and defines the origin of routing information and how a route becomes a BGP route.
Page 488 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-6 AS_PATH attribute In general, a BGP router does not receive routes containing the local AS number to avoid routing loops. Note: To meet special requirements, use the peer allow-as-loop command to receive routes containing the local AS number.
Page 489 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration When sending a received route to an EBGP peer, a BGP speaker sets the NEXT_HOP for the route to the address of the sending interface. When sending a route received from an EBGP peer to an IBGP peer, a BGP speaker does not modify the NEXT_HOP attribute.
Page 490 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration In general, BGP compares MEDs of routes to the same AS only. Note: The current implementation supports using the compare-different-as-med command to force BGP to compare MED values of routes to different ASs.
Page 491: Bgp Route Selection
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration No_Advertise: After received, routes with this attribute cannot be advertised to other BGP peers. No_Export_Subconfed: After received, routes with this attribute cannot be advertised out the local AS or other ASs in the local confederation.
Page 492 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration BGP differs from IGP in the implementation of load balancing in the following: IGP routing protocols such as RIP, OSPF compute metrics of routes, and then implement load balancing on routes with the same metric and to the same destination.
Page 493: Ibgp And Igp Synchronization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration III. BGP route advertisement rules BGP uses the following route advertisement rules: When multiple feasible routes exist, a BGP speaker advertises only the best route to its peers.
Page 494: Settlements For Problems Caused By Large Scale Bgp Networks
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration You can disable the synchronization feature in the following cases: The local AS is not a transitive AS (AS20 is a transitive AS in the above figure).
Page 495 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-12 BGP route dampening III. Peer group A peer group is a collection of peers with the same attributes. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If configuration of the peer group is changed, configuration of group members is also changed.
Page 496 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Besides using the well-known community attribute, you can define the extended community attribute using a community list to help define a routing policy. V. Route reflector IBGP peers should be fully meshed to maintain connectivity.
Page 497 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-14 Network diagram for route reflectors When clients of a route reflector are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use related commands to disable route reflection in this case.
Page 498 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration AS 65002 AS 65003 EBGP EBGP EBGP IBGP AS 100 IBGP IBGP AS 65004 AS 200 Figure 5-15 Confederation network diagram From the perspective of a non-confederation speaker, it needs not know sub-ASs in the confederation.
Page 499 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration After the restart, the GR Restarter will reestablish a GR session with its peer and send a new GR message notifying the completion of restart. Routing information is exchanged between them for the GR Restarter to create a new routing table and forwarding table with stale routing information removed.
Page 500: Ipv6 Routing
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Note: For information about the VPN extension application, refer to the part discussing MCE configuration. For information about the IPv6 extension application, refer to IPv6 BGP Configuration in IPv6 Routing.
Page 501: Configuring Bgp Basic Functions
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Task Remarks Tuning and Optimizing BGP Networks Required Configuring BGP Peer Groups Optional Configuring BGP Community Optional Configuring a Large Scale BGP Network Configuring a BGP Route Reflector...
Page 502 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks peer { group-name | Required Specify the AS number of ip-address } as-number a peer or a peer group Not specified by default...
Page 503 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Note: It is required to specify for a BGP router a router ID, a 32-bit unsigned integer and the unique identifier of the router in the AS.
Page 504: Configuring Bgp Route Redistribution
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.4.2 Configuring BGP Route Redistribution BGP can advertise the routing information of the local AS to peering ASs, but it redistributes routing information from IGP into BGP rather than self-finding. During route redistribution, BGP can filter routing information from specific routing protocols.
Page 505: Advertising A Default Route To A Peer Or Peer Group
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Follow these steps to configure BGP route summarization: To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number — Configure...
Page 506: Configuring Bgp Route Distribution Filtering Policies
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.4.5 Configuring BGP Route Distribution Filtering Policies Follow these steps to configure BGP route distribution filtering policies: To do… Use the command… Remarks Enter system view system-view —...
Page 507: Enabling Bgp And Igp Route Synchronization
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks filter-policy Filter incoming { acl-number | ip-prefix routes with an ACL ip-prefix-name } Required to choose any; or IP prefix list...
Page 508: Configuring Bgp Route Dampening
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Follow these steps to configure BGP and IGP synchronization: To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number —...
Page 509 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Optional Configure the default local default preference local-preference value 100 by default Configure the Optional default med default MED med-value...
Page 510 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Configure repeating Optional times of peer { group-name | local AS ip-address } The local AS number can number in...
Page 511: Tuning And Optimizing Bgp Networks
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Note: Using a routing policy can set preferences for routes matching it. Routes not matching it use the default preferences. If other conditions are identical, the route with the smallest MED value is selected as the best external route.
Page 512 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration bgp command to soft-reset BGP connections, to refresh the BGP routing table and apply the new policy without tearing down BGP connections. Configure BGP authentication BGP employs TCP as the transport protocol. To enhance security, you can configure BGP to perform MD5 authentication when establishing a TCP connection.
Page 513 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Disable BGP route-refresh peer { group-name | Optional ip-address } multi-protocol capability-advertise Enabled by default extensions for conventional a peer/peer...
Page 514: Configuring A Large Scale Bgp Network
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Note: The maximum keepalive interval should be one third of the holdtime and no less than 1 second. The holdtime is no less than 3 seconds unless it is set to 0.
Page 515 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.7.2 Configuring BGP Peer Groups Follow these steps to configure BGP peer groups: To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number —...
Page 516: Configuring Bgp Community
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.7.3 Configuring BGP Community Follow these steps to configure BGP community: To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number —...
Page 517: Configuring A Bgp Confederation
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Optional Configure the cluster ID of the reflector cluster-id By default, a route route reflector cluster-id reflector uses its router ID as the cluster ID.
Page 518: Configuring Bgp Gr
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Note: A confederation contains 32 sub-ASs at most. The as-number of a sub-AS takes effect in the confederation only. If routers not compliant with RFC 3065 exist in the confederation, you can use the confederation nonstandard command to make the local router compatible with these routers.
Page 519: Displaying And Maintaining Bgp
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.9 Displaying and Maintaining BGP 5.9.1 Displaying BGP To do… Use the command… Remarks Display peer group Available in display bgp group [ group-name ] information...
Page 520: Resetting Bgp Connections
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks display bgp routing-table peer Display routing ip-address { advertised-routes | information to or from a received-routes } [ network-address peer...
Page 521: Bgp Configuration Examples
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.10 BGP Configuration Examples 5.10.1 BGP Basic Configuration I. Network requirements In the following figure are all BGP switches. Between Switch A and Switch B is an EBGP connection.
Page 522 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchC-bgp] quit # Configure Switch D. <SwitchD> system-view [SwitchD] bgp 65009 [SwitchD-bgp] router-id 4.4.4.4 [SwitchD-bgp] peer 9.1.1.1 as-number 65009 [SwitchD-bgp] peer 9.1.2.1 as-number 65009 [SwitchD-bgp] quit Configure the EBGP connection # Configure Switch A.
Page 523 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale...
Page 524 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchB-bgp] import-route direct # Display BGP routing table information on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 7 BGP Local router ID is 1.1.1.1 Status codes: * - valid, >...
Page 525: Bgp And Igp Synchronization Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 0.00% packet loss round-trip min/avg/max = 16/31/47 ms 5.10.2 BGP and IGP Synchronization Configuration I. Network requirements As shown below, OSPF is used as the IGP protocol in AS65009, where Switch C is a non-BGP switch.
Page 526 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchB-bgp] import-route ospf 1 [SwitchB-bgp] quit # Display routing table information on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, >...
Page 527: Bgp Load Balancing And Med Attribute Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Total Number of Routes: 2 BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale...
Page 528 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration II. Network diagram Figure 5-18 Network diagram for BGP load balancing configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure BGP connections # Configure Switch A.
Page 529 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchC-bgp] quit # Display the routing table on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped,...
Page 530: Bgp Community Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchB] bgp 65009 [SwitchB-bgp] default med 100 # Display the routing table on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, >...
Page 531 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure EBGP # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 10 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.2.2 as-number 20 [SwitchA-bgp] network 9.1.1.0 255.255.255.0...
Page 532 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration # Display the routing table on Switch C. [SwitchC] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - damped,...
Page 533: Bgp Route Reflector Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration 5.10.5 BGP Route Reflector Configuration I. Network requirements In the following figure, all switches run BGP. Between Switch A and Switch B is an EBGP connection, between Switch C and Switch B, and between Switch C and Switch D are IBGP connections.
Page 534 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 193.1.1.2 as-number 200 [SwitchC-bgp] peer 194.1.1.2 as-number 200 [SwitchC-bgp] quit # Configure Switch D.
Page 535: Bgp Confederation Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf PrefVal Path/Ogn i 1.0.0.0 193.1.1.2 100i Switch D learned route 1.0.0.0/8 from Switch C.
Page 536 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchA-bgp] confederation peer-as 65002 65003 [SwitchA-bgp] peer 10.1.1.2 as-number 65002 [SwitchA-bgp] peer 10.1.1.2 next-hop-local [SwitchA-bgp] peer 10.1.2.2 as-number 65003 [SwitchA-bgp] peer 10.1.2.2 next-hop-local [SwitchA-bgp] quit # Configure Switch B.
Page 537 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchE] bgp 65001 [SwitchE-bgp] router-id 5.5.5.5 [SwitchE-bgp] confederation id 200 [SwitchE-bgp] peer 10.1.4.1 as-number 65001 [SwitchE-bgp] peer 10.1.5.1 as-number 65001 [SwitchE-bgp] quit Configure the EBGP connection between AS100 and AS200.
Page 538: Bgp Path Selection Configuration
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration AS-path : (65001) 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, external-confed, best, Not advertised to any peers yet # Display the BGP routing table on Switch D.
Page 539 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int101 1.0.0.1/8 Switch D Vlan-int400 195.1.1.1/24 Vlan-int100 192.1.1.1/24 Vlan-int300 194.1.1.1/24 Vlan-int200 193.1.1.1/24 Switch C Vlan-int400 195.1.1.2/24...
Page 540 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit Configure BGP connections # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 100 [SwitchA-bgp] peer 192.1.1.2 as-number 200 [SwitchA-bgp] peer 193.1.1.2 as-number 200...
Page 541 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 50 [SwitchA-route-policy] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 100 [SwitchA-route-policy] quit # Apply routing policy apply_med_50 to the route advertised to peer 193.1.1.2 (Switch...
Page 542: Troubleshooting Bgp
Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration [SwitchC] bgp 200 [SwitchC-bgp] peer 193.1.1.1 route-policy localpref import [SwitchC-bgp] quit # Display the routing table on Switch D. [SwitchD] display bgp routing-table Total Number of Routes: 2 BGP Local router ID is 194.1.1.1...
Page 543 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 BGP Configuration Use the display tcp status command to check the TCP connection. Check whether an ACL disabling TCP port 179 is configured. 5-62...
Page 544 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Chapter 6 Routing Policy Configuration A routing policy is used on a router for route inspection, filtering, attributes modification when routes are received, advertised, or redistributed.
Page 545 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration address and so on. The match criteria can be set beforehand and then apply them to a routing policy for route distribution, reception and redistribution.
Page 546 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration VI. Routing policy A routing policy is used to match against some attributes in given routing information and modify the attributes of the information if match conditions are satisfied. It can reference the above mentioned filters to define its own match criteria.
Page 547 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.3 Defining Filtering Lists 6.3.1 Prerequisites Before configuring this task, you need to decide on: IP-prefix list name Matching address range Extcommunity list sequence number 6.3.2 Defining an IPv4 Prefix List...
Page 548 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.3.3 Defining an AS Path List You can define multiple items for an AS path ACL that is identified by number. During matching, the relation between items is logical OR, that is, if the route matches one of these items, it passes the AS path ACL.
Page 549 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Follow these steps to define an extended community list: To do… Use the command… Remarks Enter system view system-view — ip extcommunity-list Required Define an extended...
Page 550 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Note: If a node has the permit keyword specified, routing information meeting the node’s conditions will be handled using the apply clauses of this node, without needing to match against the next node.
Page 551 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration To do… Use the command… Remarks if-match community Optional Match routes having community { basic-community-list-n attributes in the specified community umber [ whole-match ] |...
Page 552 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.4.4 Defining apply Clauses for the Routing Policy Follow these steps to define apply clauses for a route-policy: To do… Use the command… Remarks Enter system view system-view —...
Page 553 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration To do… Use the command… Remarks Optional Set a preference for the apply preference matched routing protocol preference Not set by default Optional Set a preferred value for...
Page 554 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration On Switch B, configure route redistribution from IS-IS to OSPF and apply a routing policy to set attributes of redistributed routes, setting the cost of route 172.17.1.0/24 to 100, tag of route 172.17.2.0/24 to 20.
Page 555 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration [SwitchB] isis [SwitchB-isis-1] is-level level-2 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable [SwitchB-Vlan-interface200] quit Configure OSPF and route redistribution # Configure Switch A: enable OSPF.
Page 556 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Configure filtering lists # Configure an ACL with the number of 2002, letting pass route 172.17.2.0/24. [SwitchB] acl number 2002 [SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [SwitchB-acl-basic-2002] quit # Configure an IP prefix list named prefix-a, letting pass route 172.17.1.0/24.
Page 557 Operation Manual – IPv4 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 192.168.2.0/24 Type2 192.168.1.2 192.168.2.2 Total Nets: 5 Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0 6.7 Troubleshooting Routing Policy Configuration 6.7.1 IPv4 Routing Information Filtering Failure I.
Page 558 Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 BFD Configuration....................... 1-1 1.1 Introduction to BFD ......................1-1 1.1.1 How BFD Works...................... 1-1 1.1.2 BFD Packet Format....................1-3 1.1.3 Protocols and Standards..................1-5 1.2 BFD Configuration Task List....................
Page 559: How Bfd Works
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration Chapter 1 BFD Configuration When configuring BFD, go to these sections for information you are interested in: Introduction to BFD BFD Configuration Task List Displaying and Maintaining BFD Note: The term “router”...
Page 560 Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration routers to which it needs to establish sessions. After a session is established, if no BFD control packet is received from the peer within the negotiated BFD interval, BFD notifies a failure to the upper-layer, which takes appropriate measures.
Page 561: Bfd Packet Format
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration During session initialization, at least one end of the two in communication must operate in the active mode for a session to be established. After a BFD session is established, there are two BFD operation modes: asynchronous and query.
Page 562 Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration Figure 1-1 BFD control packet format Vers: Protocol version. The protocol version is 1. Diag: This bit indicates the reason for the last transition of the local protocol from up to some other state.
Page 563: Bfd Configuration Task List
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration Control Plane Independent(C): If set to 1, it means the BFD implementation for the transmitting protocol is independent of its control plane. That is, BFD is implemented at the forwarding plane and takes effect even if the control plane fails.
Page 564: Configuring Bfd Basic Functions
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration Complete the following tasks to configure BFD: Task Remarks Optional Configuring BFD Basic Functions BFD basic configurations provide basis for other configuration tasks. Required Configuring BFD for Static Routing Enable BFD for the links of static routes.
Page 565 Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration To do… Use the command… Remarks Optional Configure the authentication-mode By default, the interface authentication type of the { md5 key-id key | sha1 operates in the...
Page 566: Displaying And Maintaining Bfd
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration Caution: If route flaps occur, enabling BFD may worsen the route flaps. Therefore, enable BFD with care in such cases. BFD cannot be used for a static route with the outbound interface having the spoofing attribute.
Page 567: Bfd Configuration Examples
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 1 BFD Configuration 1.7 BFD Configuration Examples 1.7.1 Configuring BFD for Static Routing I. Network requirements Switch A, Switch B, and Switch C are interconnected and reachable to one another.
Page 568: Introduction To Graceful Restart
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 2 GR Chapter 2 GR Go to these sections for information you are interested in: Introduction to Graceful Restart Basic Concepts in Graceful Restart Graceful Restart Communication Procedure Graceful Restart Mechanism for Several Commonly Used Protocols...
Page 569: Graceful Restart Communication Procedure
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 2 GR GR Session: A Graceful Restart session, which is the negotiation between the GR Restarter and the GR Helper. A GR session includes restart notification and communications across restart. Through this session, GR Restarter and GR Helper can know the GR capability of each other.
Page 570 Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 2 GR As illustrated in Figure 2-1, Router A works as GR Restarter, Router B, Router C and Router D are the GR Helpers of Router A. A GR session is established between the GR Restarter and the GR Helper.
Page 571: Graceful Restart Mechanism For Several Commonly Used Protocols
Operation Manual – BFD-GR H3C S3610&S5510 Series Ethernet Switches Chapter 2 GR As illustrated in Figure 2-3, after the GR Restarter has recovered, it will signal to all its neighbors and will reestablish GR Session. The GR Restarter obtaining topology and routing information from the GR Helper...
Page 572 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IPv6 Static Routing Configuration ................1-1 1.1 Introduction to IPv6 Static Routing ..................1-1 1.1.1 Features of IPv6 Static Routes ................1-1 1.1.2 Default IPv6 Route ....................
Page 573 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 3.1.4 Timers of OSPFv3....................3-3 3.1.5 OSPFv3 Features Supported.................. 3-3 3.1.6 Related RFCs......................3-3 3.2 IPv6 OSPFv3 Configuration Task List ................3-4 3.3 Configuring OSPFv3 Basic Functions ................3-4 3.3.1 Prerequisites ......................
Page 574 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 4.5 IPv6 IS-IS Configuration Example ..................4-5 Chapter 5 IPv6 BGP Configuration ....................5-1 5.1 IPv6 BGP Overview ......................5-1 5.2 Configuration Task List ...................... 5-2 5.3 Configuring IPv6 BGP Basic Functions ................5-3 5.3.1 Prerequisites ......................
Page 575 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Table of Contents 5.9 IPv6 BGP Configuration Examples.................. 5-24 5.9.1 IPv6 BGP Basic Configuration ................5-24 5.9.2 IPv6 BGP Route Reflector Configuration.............. 5-26 5.10 Troubleshooting IPv6 BGP Configuration..............5-28 5.10.1 No IPv6 BGP Peer Relationship Established............5-28 Chapter 6 Routing Policy Configuration ..................
Page 576: Introduction To Ipv6 Static Routing
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration Chapter 1 IPv6 Static Routing Configuration Note: The term “router” in this document refers to a Layer 3 switch running routing protocols. Verify that the system already operates in IPv4/IPv6 dual-stack mode before configuring IPv6 routing.
Page 577: Configuring An Ipv6 Static Route
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration does not match any entry in the routing table, this default route will be used to forward the packet. 1.2 Configuring an IPv6 Static Route In small IPv6 networks, IPv6 static routes can be used to forward packets.
Page 578: Ipv6 Static Routing Configuration Example
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration 1.4 IPv6 Static Routing Configuration Example I. Network requirements With IPv6 static routes configured, all hosts and switches can interact with each other. II. Network diagram Figure 1-1 Network diagram for static routes III.
Page 579 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration Display configuration information # Display the IPv6 routing table of Switch A. [SwitchA] display ipv6 routing-table Routing Table : Destinations : 7 Routes : 7...
Page 580 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration bytes=56 Sequence=3 hop limit=254 time = 62 ms Reply from 3::1 bytes=56 Sequence=4 hop limit=254 time = 63 ms Reply from 3::1 bytes=56 Sequence=5 hop limit=254...
Page 581: Introduction To Ripng
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Chapter 2 IPv6 RIPng Configuration Note: The term “router” in this document refers to a Layer 3 switch running routing protocols. Verify that the system already operates in IPv4/IPv6 dual-stack mode before configuring IPv6 routing.
Page 582: Ripng Packet Format
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration RIPng supports Split Horizon and Poison Reverse to prevent routing loops, and route redistribution. Each RIPng router maintains a routing database, including route entries of all reachable destinations.
Page 583: Ripng Packet Processing Procedure
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Figure 2-2 Next hop RTE format IPv6 next hop address is the IPv6 address of the next hop. Figure 2-3 shows the format of the IPv6 prefix RTE.
Page 584: Configuring Ripng Basic Functions
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration address, whether the port number is correct. The response packet failed the check will be discarded. 2.1.4 Protocols and Standards RFC2080: RIPng for IPv6 RFC2081: RIPng Protocol Applicability Statement RFC2453: RIP Version 2 2.2 Configuring RIPng Basic Functions...
Page 585: Configuring Ripng Route Control
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration 2.3 Configuring RIPng Route Control Before the configuration, accomplish the following tasks first: Configure an IPv6 address on each interface, and make sure all nodes are reachable.
Page 586: Configuring A Ripng Route Filtering Policy
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration 2.3.3 Advertising a Default Route Follow these steps to advertise a default route: To do... Use the command... Remarks Enter system view system-view –– interface interface-type Enter interface view ––...
Page 587: Configuring Ripng Route Redistribution
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Follow these steps to configure a RIPng priority: To do... Use the command... Remarks Enter system view system-view — Enter RIPng view ripng [ process-id ] —...
Page 588: Configuring Ripng Timers
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration 2.4.1 Configuring RIPng Timers You can adjust RIPng timers to optimize the performance of the RIPng network. Follow these steps to configure RIPng timers: To do...
Page 589: Configuring Zero Field Check On Ripng Packets
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Follow these steps to configure the split horizon: To do... Use the command... Remarks Enter system view system-view –– interface interface-type Enter interface view ––...
Page 590: Displaying And Maintaining Ripng
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration To do... Use the command... Remarks Optional Enable the zero field checkzero check Enabled by default 2.4.4 Configuring the Maximum Number of Equal Cost Routes for Load...
Page 591 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration II. Network diagram Figure 2-4 Network diagram for RIPng configuration III. Configuration procedure Configure the IPv6 address for each interface (omitted) Configure basic RIPng functions # Configure Switch A.
Page 592 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration [SwitchC-Vlan-interface200] quit [SwitchC] interface Vlan-interface 500 [SwitchC-Vlan-interface500] ripng 1 enable [SwitchC-Vlan-interface500] quit [SwitchC] interface vlan-interface 600 [SwitchC-Vlan-interface600] ripng 1 enable [SwitchC-Vlan-interface600] quit # Display the routing table of Switch B.
Page 593 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration [SwitchB-acl6-basic-2000] rule deny source 3::/64 [SwitchB-acl6-basic-2000] rule permit [SwitchB-acl6-basic-2000] quit [SwitchB] ripng 1 [SwitchB-ripng-1] filter-policy 2000 import [SwitchB-ripng-1] filter-policy 2000 export [SwitchB-ripng-1] quit # Display routing tables of Switch B and Switch A.
Page 594: Ospfv3 Overview
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Chapter 3 IPv6 OSPFv3 Configuration Note: The term “router” in this document refers to a Layer 3 switch running routing protocols. Verify that the system already operates in IPv4/IPv6 dual-stack mode before configuring IPv6 routing.
Page 595: Ospfv3 Lsa Types
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Figure 3-1 OSPFv3 packet header Major fields: Version #: Version of OSPF, which is 3 for OSPFv3. Type: Type of OSPF packet, from 1 to 5 are hello, DD, LSR, LSU, and LSAck respectively.
Page 596: Timers Of Ospfv
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.1.4 Timers of OSPFv3 Timers in OSPFv3 include: OSPFv3 packet timer LSA delay timer SPF timer I. OSPFv3 packet timer Hello packets are sent periodically between neighboring routers for finding and maintaining neighbor relationships, or for DR/BDR election.
Page 597: Ipv6 Ospfv3 Configuration Task List
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.2 IPv6 OSPFv3 Configuration Task List Complete the following tasks to configure OSPFv3: Task Remarks Configuring OSPFv3 Basic Functions Required Configuring an OSPFv3 Stub Area...
Page 598: Configuring Ospfv3 Area Parameters
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.3.2 Configuring OSPFv3 Basic Functions Follow these steps to configure OSPFv3 basic functions: To do... Use the command... Remarks — Enter system view system-view Enable OSPFv3 and enter...
Page 599: Configuring An Ospfv3 Stub Area
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.4.2 Configuring an OSPFv3 Stub Area Follow these steps to configure an OSPFv3 stub area: To do... Use the command... Remarks — Enter system view system-view —...
Page 600: Configuring Ospfv3 Routing Information Management
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks vlink-peer router-id [ hello Create and configure a seconds | retransmit seconds | Required virtual link trans-delay seconds | dead...
Page 601: Configuring Ospfv3 Inbound Route Filtering
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.5.3 Configuring OSPFv3 Inbound Route Filtering You can configure OSPFv3 to filter routes that are computed from received LSAs according to some rules. Follow these steps to configure inbound route filtering: To do...
Page 602: Configuring A Priority For Ospfv
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks Specify the maximum maximum Optional number of load-balanced load-balancing 4 by default routes maximum 3.5.6 Configuring a Priority for OSPFv3 A router may run multiple routing protocols.
Page 603: Tuning And Optimizing An Ospfv3 Network
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks filter-policy { acl6-number | ipv6-prefix Configure the filtering of Optional ipv6-prefix-name } export outgoing redistributed [ isisv6 process-id |...
Page 604: Configuring The Dr Priority For An Interface
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks — Enter system view system-view interface interface-type — Enter interface view interface-number ospfv3 timer hello Optional Configure the hello...
Page 605: Ignoring Mtu Check For Dd Packets
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks Optional ospfv3 dr-priority priority Configure the DR priority [ instance instance-id ] Defaults to 1 Note: The DR priority of an interface determines the interface’s qualification in DR election.
Page 606: Enable The Logging On Neighbor State Changes
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Note: Multiple processes can disable the same interface from sending OSPFv3 packets. Using the silent-interface command disables only the interfaces associated with the current process rather than interfaces associated with other processes.
Page 607: Displaying And Maintaining Ospfv
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.7 Displaying and Maintaining OSPFv3 To do... Use the command... Remarks Display OSPFv3 debugging state display debugging ospfv3 information Display OSPFv3 process display ospfv3 [ process-id ]...
Page 608: Ospfv3 Configuration Examples
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.8 OSPFv3 Configuration Examples 3.8.1 Configuring OSPFv3 Areas I. Network requirements In the following figure, all switches run OSPFv3. The AS is split into three areas, in which, Switch B and Switch C act as ABRs to forward routing information between areas.
Page 609 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration <SwitchB> system-view [SwitchB] ipv6 [SwitchB] ospfv3 [SwitchB-ospf-1] router-id 2.2.2.2 [SwitchB-ospf-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 0 [SwitchB-Vlan-interface100] quit [SwitchB] interface vlan-interface 200...
Page 610 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 1.1.1.1 Full/Backup 00:00:38 Vlan200 # Display OSPFv3 neighbor information on Switch C. [SwitchC] display ospfv3 peer OSPFv3 Area ID 0.0.0.0 (Process 1)
Page 611 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration [SwitchD-ospfv3-1-area-0.0.0.2] stub # Configure Switch C, and specify the cost of the default route sent to the stub area as [SwitchC] ospfv3 [SwitchC-ospfv3-1] area 2 [SwitchC-ospfv3-1-area-0.0.0.2] stub...
Page 612: Configuring Ospfv3 Dr Election
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration E1 - Type 1 external route, IA - Inter area route, I - Intra area route E2 - Type 2 external route, - Seleted route OSPFv3 Router with ID (4.4.4.4) (Process 1)
Page 613 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration # Configure Switch A <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 [SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ospfv3 1 area 0 [SwitchA-Vlan-interface100] quit # Configure Switch B <SwitchB>...
Page 614 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 2.2.2.2 2-Way/DROther 00:00:36 Vlan200 3.3.3.3 Full/Backup 00:00:35 Vlan100 4.4.4.4 Full/DR...
Page 615: Troubleshooting Ospfv3 Configuration
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 1.1.1.1 Full/DROther 00:00:33 Vlan100 2.2.2.2 Full/DROther 00:00:36 Vlan200 3.3.3.3 Full/Backup...
Page 616 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Display OSPFv3 interface information using the display ospfv3 interface command. Ping the neighbor router’s IP address to check connectivity. Check OSPF timers. The dead interval on an interface must be at least four times the hello interval.
Page 617 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration Chapter 4 IPv6 IS-IS Configuration Note: IPv6 IS-IS supports all the features of IPv4 IS-IS except that it advertises IPv6 routing information instead. This document describes only IPv6 IS-IS exclusive configuration tasks.
Page 618 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration NLPID is an 8-bit field with a value of 142 (0x8E), which indicates the network layer protocol packet. If the IS-IS router supports IPv6, the advertised routing information must be marked with the NLPID.
Page 619 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration 4.3 Configuring IPv6 IS-IS Routing Information Control 4.3.1 Configuration Prerequisites You need to complete the IPv6 IS-IS basic function configuration before configuring this task. 4.3.2 Configuration Procedure Follow these steps to configure IPv6 IS-IS routing information control: To do...
Page 620 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration To do... Use command to… Remarks ipv6 filter-policy { acl6-number | ipv6-prefix Configure the filtering of Optional ipv6-prefix-name | outgoing redistributed route-policy Not configured by default...
Page 621 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration To do... Use the command... Remarks Display IS-IS license Available in any view display isis license information display isis lsdb [ [ l1 | l2...
Page 622 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration Switch A and Switch B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch. Switch A, Switch B, and Switch C are in area 10, while Switch D is in area 20.
Page 623 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] ipv6 enable [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] isis ipv6 enable 1...
Page 624: Ipv6 Bgp Overview
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Chapter 5 IPv6 BGP Configuration Note: This chapter describes only configuration for IPv6 BGP. For other related information, refer to the part discussing IPv4 routing.
Page 625 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration The NEXT_HOP attribute of IPv6 BGP is identified by an IPv6 unicast address or IPv6 local link address. IPv6 BGP utilizes BGP multiprotocol extensions for application in IPv6 networks. The original messaging and routing mechanisms of BGP are not changed.
Page 626: Configuring Ipv6 Bgp Basic Functions
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Task Remarks Configuring IPv6 BGP Timers Optional Tuning and Optimizing Configuring IPv6 BGP Soft Reset Optional IPv6 BGP Networks Configuring the Maximum Number of Optional...
Page 627: Advertising A Local Ipv6 Route
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Required Specify an IPv6 peer and peer ipv6-address its AS number as-number as-number Not configured by default 5.3.3 Advertising a Local IPv6 Route Follow these steps to configure advertise a local route into the routing table: To do...
Page 628: Specifying The Source Interface For Establishing Tcp Connections
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Note: If you both reference a routing policy and use the command peer { ipv6-group-name | ipv6-address } preferred-value value to set a preferred value for routes from a peer, the routing policy sets a non-zero preferred value for routes matching it.
Page 629 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Note: To improve stability and reliability, you can specify a loopback interface as the source interface for establishing TCP connections to a BGP peer. By doing so, a connection failure upon redundancy availability will not affect TCP connection establishment.
Page 630: Logging Peer State Changes
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Enter BGP view Required bgp as-number Enter IPv6 address family — ipv6-family view peer { ipv6-group-name |...
Page 631: Configuring Ipv6 Bgp Route Redistribution
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Enable the state change peer { ipv6-group-name | Optional logging for a peer or peer ipv6-address } Enabled by default...
Page 632: Configuring Route Distribution Policy
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Note: If the default-route imported command is not configured, using the import-route command cannot redistribute any IGP default route. 5.4.3 Advertising a Default Route to a Peer/Peer Group Follow these steps to configure to advertise default route to a peer/peer group: To do...
Page 633: Configuring Route Reception Policy
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks peer { ipv6-group-name | Apply a routing policy to Required ipv6-address } routes advertised to a route-policy Not applied by default...
Page 634: Configuring Ipv6 Bgp And Igp Route Synchronization
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks peer { ipv6-group-name | Apply a routing policy to Required ipv6-address } routes from a peer/peer route-policy Not applied by default...
Page 635: Configuring Route Dampening
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Enter IPv6 address family — ipv6-family view Enable route Required synchronization between synchronization Not enabled by default IPv6 BGP and IGP 5.4.7 Configuring Route Dampening...
Page 636 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.5.2 Configuring IPv6 BGP Preference and Default LOCAL_PREF and NEXT_HOP Attributes Follow these steps to perform this configuration: To do... Use the command... Remarks —...
Page 637: Configuring The Med Attribute
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.5.3 Configuring the MED Attribute Follow these steps to configure the MED attribute: To do... Use the command... Remarks — Enter system view system-view Enter BGP view...
Page 638: Tuning And Optimizing Ipv6 Bgp Networks
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Configure to carry only the Optional peer { ipv6-group-name | public AS number in ipv6-address } By default, BGP updates...
Page 639: Configuring Ipv6 Bgp Timers
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.6.2 Configuring IPv6 BGP Timers Follow these steps to configure IPv6 BGP timers: To do... Use the command... Remarks — Enter system view system-view Enter BGP view...
Page 640 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks peer { ipv6-group-name | Optional ipv6-address } Enable route refresh capability-advertise Enabled by default route-refresh II. Perform manual soft-reset Follow these steps to perform manual soft reset: To do...
Page 641: Configuring A Large Scale Ipv6 Bgp Network
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Required Configure the maximum number of load balanced balance number By default, no load routes balancing is enabled. 5.7 Configuring a Large Scale IPv6 BGP Network In a large-scale IPv6 BGP network, configuration and maintenance become no convenient due to too many peers.
Page 642 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Required Enter BGP view bgp as-number Not enabled by default Enter IPv6 address family —...
Page 643: Configuring Ipv6 Bgp Community
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Required Enter BGP view bgp as-number Not enabled by default Enter IPv6 address family —...
Page 644: Configuring An Ipv6 Bgp Route Reflector
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration II. Apply a routing policy to routes advertised to a peer/peer group Follow these steps to apply a routing policy to routes advertised to a peer/peer group: To do...
Page 645: Displaying And Maintaining Ipv6 Bgp Configuration
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Note: In general, since the route reflector forwards routing information between clients, it is not required to make clients of a route reflector fully meshed. If clients are fully meshed, it is recommended to disable route reflection between clients to reduce routing costs.
Page 646: Resetting Ipv6 Bgp Connections
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Display IPv6 BGP display bgp ipv6 routing-table dampening parameter dampening parameter information Display IPv6 BGP routing display bgp ipv6 routing-table...
Page 647: Ipv6 Bgp Configuration Examples
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.9 IPv6 BGP Configuration Examples Note: Some examples for IPv6 BGP configuration are similar to those of BGP-4, so refer to the sections covering BGP in the IPv4 routing part for related information.
Page 648 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration # Configure Switch C. <SwitchC> system-view [SwitchC] ipv6 [SwitchC] bgp 65009 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] ipv6-family [SwitchC-bgp-af-ipv6] peer 9:3::1 as-number 65009 [SwitchC-bgp-af-ipv6] peer 9:2::2 as-number 65009...
Page 649: Ipv6 Bgp Route Reflector Configuration
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 10::2 4 65008 0 00:01:16 Established 9:3::2 4 65009 0 00:00:40 Established 9:1::2 4 65009 0 00:00:19 Established # Display IPv6 peer information on Switch C.
Page 650 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration III. Configuration procedure Configure IPv6 addresses for VLAN interfaces (omitted) Configure IPv6 BGP basic functions # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] bgp 100 [SwitchA-bgp] router-id 1.1.1.1...
Page 651: Troubleshooting Ipv6 Bgp Configuration
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Use the display bgp ipv6 routing-table command on Switch B and Switch D respectively, you can find both of them have learned the network 1::/64.
Page 652: Routing Policy
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Chapter 6 Routing Policy Configuration Note: Verify that the system already operates in IPv4/IPv6 dual-stack mode before configuring IPv6 routing policy. All the IPv6 routing policy related configuration mentioned in this manual assumes that the system already operates in IPv4/IPv6 dual-stack mode.
Page 653 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration II. IP prefix list IP prefix list plays a role similar to ACL, but it is more flexible than ACL and easier to understand. When an IP prefix list is applied to filtering routing information, its matching object is the destination address of routing information.
Page 654: Defining An Ipv6 Prefix List
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.1.3 Routing Policy Application A routing policy is applied in two ways: When redistributing routes from other routing protocols, a routing protocol accepts only routes passing the routing policy.
Page 655 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration For example, the following configuration filters routes 2000:1::/48, 2000:2::/48 and 2000:3::/48, but allows other routes to pass. <Sysname> system-view [Sysname] ip ipv6-prefix abc index 10 deny 2000:1:: 48...
Page 656 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.2.5 Defining an Extended Community List You can define multiple items for an extended community list that is identified by number. During matching, the relation between items is logic OR, that is, if routing information matches one of these items, it passes the extended community list.
Page 657 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.3.2 Creating a Routing Policy Follow these steps to create a routing policy: To do... Use the command... Remarks — Enter system view system-view route-policy route-policy-name...
Page 658 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration To do... Use the command... Remarks Match IPv6 BGP routes Optional having AS path attributes if-match as-path specified in the AS path as-path-number&<1-16> Not configured by default...
Page 659 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.3.4 Defining apply Clauses for the Routing Policy Follow these steps to define apply clauses for a route-policy: To do... Use the command... Remarks —...
Page 660 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration To do... Use the command... Remarks Optional Set a preference for the apply preference matched routing protocol preference Not set by default Optional Set a preferred value for...
Page 661 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration Configure three static routes on Switch A and apply a routing policy when redistributing static routes, making routes 20::0/32 and 40::0/32 pass, routes in 30::0/32 filtered out.
Page 662 Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration # Enable RIPng and redistribute static routes. [SwitchA] ripng [SwitchA-ripng-1] import-route static route-policy static2ripng Configure Switch B. # Configure the IPv6 address for VLAN-interface 100.
Page 663: Ipv6 Routing Information Filtering Failure
Operation Manual – IPv6 Routing H3C S3610&S5510 Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.6.2 IPv6 Routing Information Filtering Failure I. Symptom Filtering routing information failed, while routing protocol runs normally. II. Analysis At least one item of the IPv6 prefix list should be configured as permit mode, and at least one node of the Route-policy should be configured as permit mode.
Page 664: Multicast Protocol
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Multicast Overview ...................... 1-1 1.1 Introduction to Multicast..................... 1-1 1.1.1 Comparison of Information Transmission Techniques..........1-1 1.1.2 Roles in Multicast ....................1-4 1.1.3 Advantages and Applications of Multicast ..............
Page 665 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents 2.6.4 Configuring IGMP Report Suppression..............2-18 2.6.5 Configuring Maximum Multicast Groups that Can Be Joined on a Port....2-19 2.6.6 Configuring Multicast Group Replacement ............2-20 2.7 Displaying and Maintaining IGMP Snooping ..............2-21 2.8 IGMP Snooping Configuration Examples ................
Page 666 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents 3.8.1 Simulated Joining....................3-21 3.8.2 Static Router Port Configuration ................3-23 3.8.3 MLD Snooping Querier Configuration ..............3-26 3.9 Troubleshooting MLD Snooping ..................3-28 3.9.1 Switch Fails in Layer 2 Multicast Forwarding............3-28 3.9.2 Configured IPv6 Multicast Group Policy Fails to Take Effect .......
Page 667 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents 6.1.5 Introduction to BSR Admin-scope Regions in PIM-SM......... 6-11 6.1.6 SSM Model Implementation in PIM............... 6-13 6.1.7 Protocols and Standards..................6-15 6.2 Configuring PIM-DM ......................6-16 6.2.1 PIM-DM Configuration Task List ................6-16 6.2.2 Configuration Prerequisites...................
Page 668 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents 7.1.1 Introduction to MSDP ....................7-1 7.1.2 How MSDP Works....................7-2 7.1.3 Protocols and Standards..................7-8 7.2 MSDP Configuration Task List................... 7-9 7.3 Configuring Basic Functions of MSDP ................7-9 7.3.1 Configuration Prerequisites..................
Page 669 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Table of Contents 8.3.6 Configuring a Multicast Forwarding Range............. 8-9 8.3.7 Configuring the Multicast Forwarding Table Size ........... 8-9 8.3.8 Tracing a Multicast Path..................8-10 8.4 Displaying and Maintaining Multicast Routing and Forwarding........8-11 8.5 Configuration Examples....................
Page 670: Introduction To Multicast
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Chapter 1 Multicast Overview Note: This manual chiefly focuses on the IP multicast technology and device operations. Unless otherwise stated, the term “multicast” in this document refers to IP multicast.
Page 671 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-1 Unicast transmission Assume that Hosts B, D and E need this information. The information source establishes a separate transmission channel for each of these hosts.
Page 672 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-2 Broadcast transmission Assume that only Hosts B, D, and E need the information. If the information source broadcasts the information, Hosts A and C also receive it. In addition to information security issues, this also causes traffic flooding on the same network.
Page 673: Roles In Multicast
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-3 Multicast transmission Assume that Hosts B, D and E need the information. To receive the information correctly, these hosts need to join a receiver set, which is known as a multicast group.
Page 674: Advantages And Applications Of Multicast
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview For a better understanding of the multicast concept, you can assimilate multicast transmission to the transmission of TV programs, as shown in Table 1-1. Table 1-1 An analogy between TV transmission and multicast transmission...
Page 675: Multicast Models
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Any other point-to-multiple-point data distribution application. 1.2 Multicast Models Based on how the receivers treat the multicast sources, there are two multicast models: I. ASM model...
Page 676: Multicast Addresses
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview hosts, and the TCP/IP stack must support reception and transmission of multicast data. 1.3.1 Multicast Addresses To allow communication between multicast sources and multicast group members, network-layer multicast addresses, namely, multicast IP addresses must be provided.
Page 677 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Table 1-3 Some reserved multicast addresses Address Description 224.0.0.1 All systems on this subnet, including hosts and routers 224.0.0.2 All multicast routers on this subnet 224.0.0.3 Unassigned 224.0.0.4...
Page 678 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview assigned by IANA; when set to 1, the T flag indicates a transient, or dynamically assigned multicast address. Scope: 4 bits, indicating the scope of the IPv6 internetwork for which the multicast traffic is intended.
Page 679 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-5 IPv4-to-MAC address mapping The high-order four bits of a multicast IPv4 address are 1110, indicating that this address is a multicast address, and only 23 bits of the remaining 28 bits are mapped to a MAC address, so five bits of the multicast IPv4 address are lost.
Page 680: Multicast Protocols
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview 1.3.2 Multicast Protocols Note: Generally, we refer to IP multicast working at the network layer as Layer 3 multicast and the corresponding multicast protocols as Layer 3 multicast protocols, which include IGMP/MLD, PIM/IPv6 PIM, and MSDP;...
Page 681 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview connected with the hosts. These protocols define the mechanism of establishing and maintaining group memberships between hosts and Layer 3 multicast devices. Multicast routing protocols A multicast routing protocol runs on Layer 3 multicast devices to establish and maintain multicast routes and forward multicast packets correctly and efficiently.
Page 682: Multicast Packet Forwarding Mechanism
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 1 Multicast Overview IGMP Snooping/MLD Snooping Running on Layer 2 devices, Internet Group Management Protocol Snooping (IGMP Snooping) and Multicast Listener Discovery Snooping (MLD Snooping) are multicast constraining mechanisms that manage and control multicast groups by listening to and...
Page 683: Chapter 2 Igmp Snooping Configuration
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Chapter 2 IGMP Snooping Configuration When configuring IGMP Snooping, go to the following sections for information you are interested in: IGMP Snooping Overview IGMP Snooping Configuration Task List...
Page 684: Basic Concepts In Igmp Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.1.2 Basic Concepts in IGMP Snooping I. IGMP Snooping related ports As shown in Figure 2-2, Router A connects to the multicast source, IGMP Snooping runs on Switch A and Switch B, Host A and Host C are receiver hosts (namely, multicast group members).
Page 685: Work Mechanism Of Igmp Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: Whenever mentioned in this document, a router port is a port on the switch that leads the switch to a Layer 3 multicast device, rather than a port on a router.
Page 686 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration I. When receiving a general query The IGMP querier periodically sends IGMP general queries to all hosts and routers (224.0.0.1) on the local subnet to find out whether active multicast group members exist on the subnet.
Page 687 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: A switch does not forward an IGMP report through a non-router port. The reason is as follows: Due to the IGMP report suppression mechanism, if the switch forwards a report...
Page 688: Processing Of Multicast Protocol Messages
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration is receiving or expecting to receive multicast data for that multicast group. The switch resets the aging timer of the member port. If no IGMP report in response to the group-specific query is heard on a member...
Page 689 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Task Remarks Configuring Aging Timers for Optional Dynamic Ports Configuring IGMP Configuring Static Ports Optional Snooping Port Functions Configuring Simulated Joining Optional Configuring Fast Leave Processing...
Page 690: Configuring Basic Functions Of Igmp Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.3 Configuring Basic Functions of IGMP Snooping 2.3.1 Configuration Prerequisites Before configuring the basic functions of IGMP Snooping, complete the following task: Configure the corresponding VLANs.
Page 691: Configuring Igmp Snooping Port Functions
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Follow these steps to configure the version of IGMP Snooping: To do... Use the command... Remarks Enter system view system-view — Enter VLAN view vlan vlan-id —...
Page 692 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration If multicast group memberships change frequently, you can set a relatively small value for the member port aging timer, and vice versa. I. Configuring aging timers for dynamic ports globally Follow these steps to configure aging timers for dynamic ports globally: To do...
Page 693 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Follow these steps to configure static ports: To do... Use the command... Remarks Enter system view system-view — Enter Ethernet interface interface-type port view interface-number...
Page 694 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration After a port is configured as a simulated member host, the switch responds to IGMP general queries by sending IGMP reports through that port. When the simulated joining function is disabled on a port, the switch sends an IGMP leave group message through that port.
Page 695: Configuring Igmp Snooping Querier
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration I. Configuring fast leave processing globally Follow these steps to configure fast leave processing globally: To do... Use the command... Remarks Enter system view system-view —...
Page 696: Configuring Igmp Queries And Responses
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration IGMP last-member query interval, Maximum response time to IGMP general queries, Source address of IGMP general queries, and Source address of IGMP group-specific queries. 2.5.2 Enabling IGMP Snooping Querier...
Page 697 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration received). When the timer value comes down to 0, the host sends an IGMP report to the corresponding multicast group. An appropriate setting of the maximum response time for IGMP queries allows hosts to...
Page 698: Configuring Source Ip Address Of Igmp Queries
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration To do... Use the command... Remarks Configure the IGMP igmp-snooping Optional last-member query last-member-query-interval 1 second by default interval interval Caution: In the configuration, make sure that the IGMP general query interval is larger than the maximum response time for IGMP general queries.
Page 699: Configuring An Igmp Snooping Policy
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.6 Configuring an IGMP Snooping Policy 2.6.1 Configuration Prerequisites Before configuring an IGMP Snooping policy, complete the following task: Enable IGMP Snooping in the VLAN or enable IGMP on the desired VLAN...
Page 700: Configuring The Function Of Dropping Unknown Multicast Data
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Configuring a multicast group filter on a port or a group of ports Follow these steps to configuring a multicast group filter on a port or a group of ports: To do...
Page 701: Configuring Maximum Multicast Groups That Can Be Joined On A Port
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Layer 3 device directly connected with it will receive duplicate IGMP reports from these members. With the IGMP report suppression function enabled, within each query cycle, the Layer...
Page 702: Configuring Multicast Group Replacement
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: When the number of multicast groups a port has joined reaches the maximum number configured, the system deletes all the forwarding entries persistent to that port from the IGMP Snooping forwarding table, and the hosts on this port need to join the multicast groups again.
Page 703: Displaying And Maintaining Igmp Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Configuring multicast group replacement on a port or a group of ports Follow these steps to configure multicast group replacement on a port or a group of ports: To do...
Page 704: Igmp Snooping Configuration Examples
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: The reset igmp-snooping group command works only on an IGMP Snooping–enabled VLAN, but not on a VLAN with IGMP enabled on its VLAN interface.
Page 705 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration III. Configuration procedure Configure the IP address of each interface Configure an IP address and subnet mask for each interface as per Figure 2-3. The detailed configuration steps are omitted.
Page 706 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration [SwitchA] display igmp-snooping group vlan 100 verbose Total 1 IP Group(s). Total 1 IP Source(s). Total 1 MAC Group(s). Port flags: D-Dynamic port, S-Static port, A-Aggregation port, C-Copy port Subvlan flags: R-Real VLAN, C-Copy VLAN Vlan(id):100.
Page 707 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration uninterruptedly along the path of Switch A—Switch C in the case that the path of Switch A—Switch B—Switch C gets blocked. Note: If no static router port is configured, when the path of Switch A—Switch B—Switch C gets blocked, at least one IGMP query-response cycle must be completed before the multicast data can flow to the receivers along the new path of Switch A—Switch C,...
Page 708 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration [RouterA-Ethernet1/0/1] pim dm [RouterA-Ethernet1/0/1] quit [RouterA] interface ethernet 1/0/2 [RouterA-Ethernet1/0/2] pim dm [RouterA-Ethernet1/0/2] quit Configure Switch A # Enable IGMP Snooping globally. <SwitchA> system-view [SwitchA] igmp-snooping...
Page 709: Igmp Snooping Querier Configuration
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration [SwitchC-vlan100] port ethernet 1/0/1 to ethernet 1/0/5 [SwitchC-vlan100] igmp-snooping enable [SwitchC-vlan100] quit Verify the configuration # View the detailed information about IGMP Snooping forwarding entries in VLAN 100 on Switch A.
Page 710 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Network diagram Querier Eth1/0/1 Eth1/0/2 Switch A Switch B Switch C Eth1/0/1 Eth1/0/1 Eth1/0/2 Eth1/0/3 Eth1/0/2 Eth1/0/3 Source Receiver Receiver Receiver Host A Host B Host C 1.1.1.1/24...
Page 711 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration # Create VLAN 100, add Ethernet 1/0/1 through Ethernet 1/0/3 to VLAN 100, and enable IGMP Snooping in this VLAN. [SwitchB] vlan 100 [SwitchB-vlan100] port ethernet 1/0/1 to ethernet 1/0/3...
Page 712: Troubleshooting Igmp Snooping Configuration
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.9 Troubleshooting IGMP Snooping Configuration 2.9.1 Switch Fails in Layer 2 Multicast Forwarding I. Symptom A switch fails to implement Layer 2 multicast forwarding. II. Analysis IGMP Snooping is not enabled.
Page 713 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 2 IGMP Snooping Configuration whether this configuration conflicts with the configured multicast group policy. If any conflict exists, remove the port as a static member of the multicast group.
Page 714: Mld Snooping Overview
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Chapter 3 MLD Snooping Configuration When configuring MLD Snooping, go to these sections for information you are interested in: MLD Snooping Overview MLD Snooping Configuration Task List...
Page 715: Basic Concepts In Mld Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.1.2 Basic Concepts in MLD Snooping I. MLD Snooping related ports As shown in Figure 2-2, Router A connects to the multicast source, MLD Snooping runs on Switch A and Switch B, Host A and Host C are receiver hosts (namely, IPv6 multicast group members).
Page 716: How Mld Snooping Works
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: Whenever mentioned in this document, a router port is a router-connecting port on the switch, rather than a port on a router. On an MLD-snooping-enabled switch, the ports that received MLD general queries with the source address other than 0::0 or IPv6 PIM hello messages are router ports.
Page 717 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration I. General queries The MLD querier periodically sends MLD general queries to all hosts and routers (FF02::1) on the local subnet to find out whether IPv6 multicast group members exist on the subnet.
Page 718 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: A switch does not forward an MLD report through a non-router port. The reason is as follows: Due to the MLD report suppression mechanism, if the switch forwards a report...
Page 719: Mld Snooping Configuration Task List
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.1.4 Protocols and Standards MLD Snooping is documented in: RFC 4541: Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches 3.2 MLD Snooping Configuration Task List...
Page 720: Configuring Basic Functions Of Mld Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: Configurations made in MLD Snooping view are effective for all VLANs, while configurations made in VLAN view are effective only for ports belonging to the current VLAN.
Page 721: Configuring The Version Of Mld Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: MLD Snooping must be enabled globally before it can be enabled in a VLAN. After enabling MLD Snooping in a VLAN, you cannot enable MLD and/or IPv6 PIM on the corresponding VLAN interface, and vice versa.
Page 722 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Configure the corresponding port groups Before configuring MLD Snooping port functions, prepare the following data: Aging time of router ports Aging timer of member ports IPv6 multicast group and IPv6 multicast source addresses 3.4.2 Configuring Aging Timers for Dynamic Ports...
Page 723 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.4.3 Configuring Static Ports If all the hosts attached to a port is interested in the IPv6 multicast data addressed to a particular IPv6 multicast group, you can configure that port as a static member port for that IPv6 multicast group.
Page 724 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration To avoid this situation from happening, you can enable simulated joining on a port of the switch, namely configure the port as a simulated member host for an IPv6 multicast group.
Page 725 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration receiving MLD done multicast-address-specific queries for that IPv6 multicast group, the switch will not forward them to that port. In VLANs where only one host is attached to each port, fast leave processing helps improve bandwidth and resource usage.
Page 726: Configuring Mld Snooping Querier
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.5 Configuring MLD Snooping Querier 3.5.1 Configuration Prerequisites Before configuring MLD Snooping querier, complete the following task: Enable MLD Snooping in the VLAN. Before configuring MLD Snooping querier, prepare the following data:...
Page 727: Configuring Mld Queries And Responses
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Caution: It is meaningless to configure an MLD Snooping querier in an IPv6 multicast network running MLD. Although an MLD Snooping querier does not take part in MLD querier elections, it may affect MLD querier elections because it sends MLD general queries with a low source IPv6 address.
Page 728: Configuring Source Ipv6 Addresses Of Mld Queries
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Configuring MLD queries and responses in a VLAN Follow these steps to configure MLD queries and responses in a VLAN To do... Use the command...
Page 729: Configuring An Mld Snooping Policy
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Caution: The source IPv6 address of MLD query messages may affect MLD querier election within the segment. 3.6 Configuring an MLD Snooping Policy 3.6.1 Configuration Prerequisites...
Page 730: Configuring Dropping Unknown Ipv6 Multicast Data
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Configuring an IPv6 multicast group filter on a port or a group of ports Follow these steps to configure an IPv6 multicast group filer on a port or a group of ports: To do...
Page 731: Configuring Mld Report Suppression
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.6.4 Configuring MLD Report Suppression When a Layer 2 device receives an MLD report from an IPv6 multicast group member, the Layer 2 device forwards the message to the Layer 3 device directly connected with it.
Page 732: Configuring Ipv6 Multicast Group Replacement
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: When the number of IPv6 multicast groups that can be joined on a port reaches the maximum number configured, the system deletes all the forwarding entries persistent to that port from the MLD Snooping forwarding table, and the hosts on this port need to join IPv6 multicast groups again.
Page 733: Displaying And Maintaining Mld Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Configuring IPv6 multicast group replacement on a port or a group of ports Follow these steps to configure IPv6 multicast group replacement on a port or a group of ports: To do...
Page 734: Mld Snooping Configuration Examples
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: reset mld-snooping group command works only Snooping–enabled VLAN, but not on a VLAN with MLD enabled on its VLAN interface. The reset mld-snooping group command cannot clear MLD Snooping forwarding table entries for static joins.
Page 735 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Configure Router A # Enable IPv6 multicast routing, enable IPv6 PIM-DM on each interface, and enable MLD on Ethernet 1/0/1. <RouterA> system-view [RouterA] multicast ipv6 routing-enable...
Page 736 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Vlan(id):100. Total 1 IP Group(s). Total 1 IP Source(s). Total 1 MAC Group(s). Router port(s):total 1 port. Eth1/0/1 (D) ( 00:01:30 ) IP group(s):the following ip group(s) match to one mac group.
Page 737 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: If no static router port is configured, when the path of Switch A—Switch B—Switch C gets blocked, at least one MLD query-response cycle must be completed before the IPv6 multicast data can flow to the receivers along the new path of Switch A—Switch C,...
Page 738 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration [RouterA-Ethernet1/0/2] quit Configure Switch A # Enable MLD Snooping globally. <SwitchA> system-view [SwitchA] mld-snooping [SwitchA-mld-snooping] quit # Create VLAN 100, assign Ethernet 1/0/1 through Ethernet 1/0/3 to this VLAN, and enable MLD Snooping in the VLAN.
Page 739: Mld Snooping Querier Configuration
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration # View the detailed information about MLD Snooping forwarding table entries in VLAN 100 on Switch A. [SwitchA] display mld-snooping group vlan 100 verbose Total 1 IP Group(s).
Page 740 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Network diagram Figure 3-5 Network diagram for MLD Snooping querier configuration III. Configuration procedure Configure switch A # Enable MLD Snooping globally. <SwitchA> system-view...
Page 741: Troubleshooting Mld Snooping
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration Configuration on Switch C # Enable MLD Snooping globally. <SwitchC> system-view [SwitchC] mld-snooping [SwitchC-mld-snooping] quit # Create VLAN 100, add Ethernet 1/0/1 through Ethernet 1/0/3 to VLAN 100, and enable MLD Snooping in this VLAN.
Page 742: Configured Ipv6 Multicast Group Policy Fails To Take Effect
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 3 MLD Snooping Configuration If MLD Snooping is not enabled, use the mld-snooping command to enable MLD Snooping globally, and then use mld-snooping enable command to enable MLD Snooping in VLAN view.
Page 743: Introduction To Multicast Vlan
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 4 Multicast VLAN Configuration Chapter 4 Multicast VLAN Configuration 4.1 Introduction to Multicast VLAN As shown in Figure 4-1, in the traditional multicast programs-on-demand mode, when hosts that belong to different VLANs, Host A, Host B and Host C require multicast programs on demand service, Router A needs to forward a separate copy of the multicast data in each VLAN.
Page 744: Configuring Multicast Vlan
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 4 Multicast VLAN Configuration 4.2 Configuring Multicast VLAN Follow these steps to configure a multicast VLAN: To do… Use the command… Remarks Enter system view — system-view Required Configure a specific VLAN...
Page 745: Displaying And Maintaining Multicast Vlan
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 4 Multicast VLAN Configuration 4.3 Displaying and Maintaining Multicast VLAN To do… Use the command… Remarks Display information about display multicast-vlan a multicast VLAN and its Available in any view...
Page 746 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 4 Multicast VLAN Configuration III. Configuration procedure Configure an IP address for each interconnecting interface Configure an IP address and subnet mask for each interface as per Figure 4-2. The detailed configuration steps are omitted here.
Page 747 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 4 Multicast VLAN Configuration [SwitchA] display multicast-vlan multicast vlan 1024's subvlan list: Vlan 11-13...
Page 748: Igmp Overview
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration Chapter 5 IGMP Configuration When configuring IGMP, go to the following sections for the information you are interested in: IGMP Overview IGMP Configuration Task List IGMP Configuration Example...
Page 749 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration 5.1.2 Work Mechanism of IGMPv1 IGMPv1 manages multicast group memberships mainly based on the query and response mechanism. Of multiple multicast routers on the same subnet, all the routers can hear IGMP membership report messages (often referred to as reports) from hosts, but only one router is needed for sending IGMP query messages (often referred to as queries).
Page 750: Enhancements Provided By Igmpv
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration Upon receiving a query message, Host B or Host C (the delay timer of whichever expires first) sends an IGMP report to the multicast group address of G1, to announce its interest in G1.
Page 751: Enhancements In Igmpv
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration the router with the lowest IP address wins the querier election and all other IGMPv2 routers become non-queriers. All the non-queriers start a timer, known as “other querier present timer”. If a router receives an IGMP query from the querier before the timer expires, it resets this timer;...
Page 752 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration is interested only in the multicast data that Source 1 sends to G but not in the data from Source 2. Source 1 Host A Receiver...
Page 753: Igmp Configuration Task List
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration list. If the specified multicast source list is empty, this means that the report sender has left the reported multicast group. IS_EX: The source filtering mode is Exclude, namely, the report sender requests the multicast data from any sources but those defined in the specified multicast source list.
Page 754: Configuring Basic Functions Of Igmp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration Note: Configurations performed in IGMP view are effective on all interfaces, while configurations performed in Ethernet port view are effective on the current interface only. If a feature is not configured for an interface in Ethernet port view, the global configuration performed in IGMP view will apply to that interface.
Page 755: Configuring Igmp Versions
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration 5.3.3 Configuring IGMP Versions Because messages vary with different IGMP versions, the same IGMP version should be configured for all routers on the same subnet before IGMP can work properly.
Page 756: Adjusting Igmp Performance
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration To do... Use the command... Description Required Configure the interface as igmp static-group An interface is not a static a static member of a group-address [ source...
Page 757: Configuring Igmp Message Options
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration 5.4.2 Configuring IGMP Message Options As IGMPv2 and IGMPv3 involve group-specific and group-and-source-specific queries, and multicast groups change dynamically, a device cannot join all multicast groups.
Page 758: Configuring Igmp Query And Response Parameters
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration To do... Use the command... Description Configure the interface to Optional discard any IGMP igmp By default, the device message that does not require-router-alert does not check the carry the Router-Alert Router-Alert option.
Page 759 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration have expired and a new querier election process is launched; otherwise, the non-querier router will reset its “other querier present timer”. I. Configuring IGMP query and response parameters globally Follow these steps to configure IGMP query and response parameters globally: To do...
Page 760: Displaying And Maintaining Igmp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration To do... Use the command... Description Optional igmp timer Configure the other other-querier-present For the system default, querier present interval interval see “Note” below. Note: If not statically configured, the other querier present interval is [ IGMP query interval ] times [ IGMP robustness variable ] plus [ maximum response time for IGMP general queries ] divided by two.
Page 761: Igmp Configuration Example
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration To do... Use the command... Remarks View IGMP configuration display igmp interface [ interface-type Available in and running information interface-number ] [ verbose ] any view...
Page 762 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration II. Network diagram Figure 5-3 Network diagram for IGMP configuration III. Configuration procedure Configure the IP addresses of the switch interfaces and configure a unicast routing...
Page 763: Troubleshooting Igmp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration <SwitchB> system-view [SwitchB] multicast routing-enable [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] igmp enable [SwitchB-Vlan-interface200] igmp version 2 [SwitchB-Vlan-interface200] quit # Enable IP multicast routing on Switch C, and enable IGMP (version 2) on VLAN-interface 200.
Page 764: Inconsistent Memberships On Routers On The Same Subnet
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration If the igmp group-policy command has been configured on the interface, the interface cannot receive report messages that fail to pass filtering. III. Solution Check that the networking is correct and interface connections are correct.
Page 765 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 5 IGMP Configuration III. Solution Check the IGMP configuration. Carry out the display current-configuration command to view the IGMP configuration information on the interfaces. Carry out the display igmp interface command on all routers on the same subnet to check the IGMP-related timer settings.
Page 766: Pim Overview
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Chapter 6 PIM Configuration When configuring PIM, go to these sections for information you are interested in: PIM Overview Configuring PIM-DM Configuring PIM-SM Configuring PIM-SSM Configuring PIM Common Information...
Page 767 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Note: To facilitate description, a network comprising PIM-capable routers is referred to as a “PIM domain” in this document. 6.1.1 Introduction to PIM-DM PIM-DM is a type of dense mode multicast protocol. It uses the “push mode” for multicast forwarding, and is suitable for small-sized networks with densely distributed multicast members.
Page 768 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Note: Every activated interface on a router sends hello messages periodically, and thus learns the PIM neighboring information pertinent to the interface. II. SPT establishment The process of building an SPT is the process of “flood and prune”.
Page 769 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Figure 6-1 SPT establishment The “flood and prune” process takes place periodically. A pruned state timeout mechanism is provided. A pruned branch restarts multicast forwarding when the pruned state times out and then is pruned again when it no longer has any multicast receiver.
Page 770 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration IV. Assert If multiple multicast routers exist on a multi-access subnet, duplicate packets may flow to the same subnet. To shut off duplicate flows, the assert mechanism is used for election of a single multicast forwarder on a multi-access network.
Page 771 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration PIM-SM is a type of sparse mode multicast protocol. It uses the “pull mode” for multicast forwarding, and is suitable for large- and medium-sized networks with sparsely and widely distributed multicast group members.
Page 772 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration I. Neighbor discovery PIM-SM uses exactly the same neighbor discovery mechanism as PIM-DM does. Refer Neighbor discovery. II. DR election PIM-SM also uses hello messages to elect a designated router (DR) for a multi-access network.
Page 773 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Routers on the multi-access network send hello messages to one another. The hello messages contain the router priority for DR election. The router with the highest DR priority will become the DR.
Page 774 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Figure 6-4 BSR and C-RPs IV. RPT establishment Figure 6-5 RPT establishment in a PIM-SM domain As shown in Figure 6-5, the process of building an RPT is as follows: When a receiver joins a multicast group G, it uses an IGMP message to inform the directly connected DR.
Page 775 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The multicast data addressed to the multicast group G flows through the RP, reaches the corresponding DR along the established RPT, and finally is delivered to the receiver.
Page 776 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The subsequent multicast data from the multicast source travels along the established SPT to the RP, and then the RP forwards the data along the RPT to the receivers.
Page 777 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration II. Relationship between BSR admin-scope regions and the global scope zone A better understanding of the global scope zone and BSR admin-scope regions should be based on two aspects: geographical space and group address range.
Page 778: Ssm Model Implementation In Pim
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration BSR 1 BSR 3 G1 address G3 address BSR 2 Global G-G1-G2 address G2 address Figure 6-8 Relationship between BSR admin-scope regions and the global scope zone...
Page 779 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The SSM model provides a solution for source-specific multicast. It maintains the relationships between hosts and routers through IGMPv3. In actual application, part of the PIM-SM technique is adopted to implement the SSM model.
Page 780 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration As shown in Figure 6-9, Host B and Host C are multicast information receivers. They send IGMPv3 report messages denoted as (Include S, G) to the respective DRs to express their interest in the information of the specific multicast source S.
Page 781 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration 6.2 Configuring PIM-DM 6.2.1 PIM-DM Configuration Task List Complete these tasks to configure PIM-DM: Task Remarks Enabling PIM-DM Required Enabling State Refresh Optional Configuring State Refresh Parameters...
Page 782: Enabling State Refresh
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks Required Enable PIM-DM pim dm Disabled by default Caution: All the interfaces of the same router must work in the same PIM mode.
Page 783 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration control the propagation scope of state refresh messages, you need to configure an appropriate TTL value based on the network size. Follow these steps to configure state refresh parameters: To do...
Page 784 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration 6.3 Configuring PIM-SM Note: A device can serve as a C-RP and a C-BSR at the same time. 6.3.1 PIM-SM Configuration Task List Complete these tasks to configure PIM-SM:...
Page 785 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Bootstrap timeout time An ACL rule defining a legal C-RP address range and the range of multicast groups to be served C-RP-Adv interval C-RP timeout time...
Page 786: Configuring A Bsr
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration 6.3.4 Configuring a BSR Note: The BSR is dynamically elected from a number of C-BSRs. Because it is unpredictable which router will finally win a BSR election, the commands introduced in this section must be configured on all C-BSRs.
Page 787 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration perform neighbor check and RPF check on BSR messages and discard unwanted messages. When a router in the network is controlled by an attacker or when an illegal router...
Page 788 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks c-bsr global Required Configure a global-scope [ hash-length No global-scope C-BSRs C-BSR hash-length | priority by default priority ] * III.
Page 789 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Follow these steps to configure a BSR admin-scope region boundary: To do... Use the command... Remarks Enter system view system-view — interface interface-type Enter Ethernet port view —...
Page 790: Configuring An Rp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Note: About the bootstrap timeout time: By default, the bootstrap timeout time is determined by this formula: Bootstrap timeout = Bootstrap interval × 2 + 10. The default bootstrap interval is 60 seconds, so the default bootstrap timeout = 60 ×...
Page 791 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Follow these steps to configure a static RP To do… Use the command… Remarks Enter system view system-view — Enter PIM view — Optional static-rp rp-address...
Page 792 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Note: When configuring a C-RP, ensure a relatively large bandwidth between this C-RP and the other devices in the PIM-SM domain. An RP can serve multiple multicast groups or all multicast groups. Only one RP can forward multicast traffic for a multicast group at a moment.
Page 793 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks Optional Configure C-RP timeout c-rp holdtime interval time 150 seconds by default Note: The commands introduced in this section are to be configured on C-RPs.
Page 794 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Follow these steps to configure PIM-SM register-related parameters: To do... Use the command... Remarks Enter system view system-view — Enter PIM view — Optional Configure a filtering rule...
Page 795 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks Optional spt-switch-threshold By default, the device Disable RPT-to-SPT infinity [ group-policy switches to the SPT switchover acl-number [ order immediately after it...
Page 796: Configuring The Ssm Group Range
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The SSM group range 6.4.3 Enabling PIM-SM The SSM model is implemented based on some subsets of PIM-SM. Therefore, a router is PIM-SSM capable after you enable PIM-SM on it.
Page 797: Configuring Pim Common Information
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks Optional Configure the SSM group ssm-policy acl-number range 232.0.0.0/8 by default Note: The commands introduced in this section are to be configured on all routers in the PIM domain.
Page 798: Configuring A Pim Filter
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Task Remarks Configuring a PIM Filter Optional Configuring PIM Hello Options Optional Configuring PIM Common Timers Optional Configuring Join/Prune Message Limits Optional 6.5.2 Configuration Prerequisites Before configuring PIM common information, complete the following tasks: Configure any unicast routing protocol so that all devices in the domain are interoperable at the network layer.
Page 799: Configuring Pim Hello Options
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Follow these steps to configure a PIM filter: To do... Use the command... Remarks Enter system view system-view — Enter PIM view — Required Configure a multicast...
Page 800 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration maintains the current forwarding state for a period of time defined by LAN-delay. If the downstream router needs to continue receiving multicast data, it must send a prune override message within the prune override interval;...
Page 801: Configuring Pim Common Timers
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks Enter system view system-view — interface interface-type Enter Ethernet port view — interface-number Optional Configure the priority for pim hello-option...
Page 802 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration maintains (S, G) entries for a period of time, namely the multicast source lifetime, before deleting the (S, G) entries. I. Configuring PIM common timers globally Follow these steps to configure PIM common timers globally: To do...
Page 803: Displaying And Maintaining Pim
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Note: If there are no special networking requirements, we recommend that you use the default settings. 6.5.6 Configuring Join/Prune Message Limits A larger join/prune message size will result in loss of a larger amount of information when a message is lost;...
Page 804: Pim Configuration Examples
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration To do... Use the command... Remarks View the information Available in any about unacknowledged display pim grafts view graft messages View the PIM information display pim interface...
Page 805 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Switch A connects to stub network N1 through VLAN-interface 100, and to Switch D through VLAN-interface 103. Switch B and Switch C connect to stub network N2 through their respective VLAN-interface 200, and to Switch D through VLAN-interface 101 and VLAN-interface 102 respectively.
Page 806 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration among the switches through a unicast routing protocol. Detailed configuration steps are omitted here. Enable IP multicast routing, and enable PIM-DM on each interface # Enable IP multicast routing on Switch A, enable PIM-DM on each interface, and enable IGMPv2 on VLAN-interface 100, which connects Switch A to the stub network.
Page 807 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Carry out the display pim neighbor command to view the PIM neighboring relationships among the switches. For example: # View the PIM neighboring relationships on Switch D.
Page 808 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The information on Switch B and Switch C is similar to that on Switch A. # View the PIM routing table information on Switch D. [SwitchD] display pim routing-table Total 0 (*, G) entry;...
Page 809 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int100 10.110.1.1/24 Switch D Vlan-int300 10.110.5.1/24 Vlan-int101 192.168.1.1/24 Vlan-int101 192.168.1.2/24 Vlan-int102 192.168.9.1/24 Vlan-int105 192.168.4.2/24...
Page 810 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration <SwitchA> system-view [SwitchA] multicast routing-enable [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] igmp enable [SwitchA-Vlan-interface100] pim sm [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] pim sm [SwitchA-Vlan-interface101] quit...
Page 811 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration [SwitchA] display pim bsr-info Elected BSR Address: 192.168.9.2 Priority: 0 Hash mask length: 30 State: Accept Preferred Scope: Not scoped Uptime: 01:40:40 Next BSR message scheduled at: 00:01:42 # View the BSR information and the locally configured C-RP information in effect on Switch E.
Page 812 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Assume that Host A needs to receive information addressed to the multicast group G (225.1.1.1/24). An RPT will be built between Switch A and Switch E. When the multicast source S (10.110.5.100/24) registers with the RP, an SPT will be built between Switch D...
Page 813 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Protocol: pim-sm, Flag: SPT LOC UpTime: 00:00:42 Upstream interface: Vlan-interface300 Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: Vlan-interface105 Protocol: pim-sm, UpTime: 00:00:42, Expires:- # View the PIM routing table information on Switch E.
Page 814 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration IGMPv3 is to run between Switch A and N1, and between Switch B/Switch C and II. Network diagram Device Interface IP address Device Interface IP address...
Page 815 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration # Enable IP multicast routing on Switch A, enable PIM-SM on each interface, and enable IGMPv3 on VLAN-interface 100, which connects Switch A to the stub network.
Page 816 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration toward the multicast source. Switches on the SPT path (Switch A and Switch D) have generated an (S, G) entry, while Switch E, which is not on the SPT path, does not have multicast routing entries.
Page 817: Troubleshooting Pim Configuration
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration 6.8 Troubleshooting PIM Configuration 6.8.1 Failure of Building a Multicast Distribution Tree Correctly I. Symptom None of the routers in the network (including routers directly connected with multicast sources and receivers) has multicast forwarding entries.
Page 818: Multicast Data Abnormally Terminated On An Intermediate Router
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration Check that PIM is enabled on the interfaces, especially on the RPF interface. Use the display pim interface command to view the PIM information on each interface.
Page 819 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration 6.8.3 RPs Unable to Join SPT in PIM-SM I. Symptom An RPT cannot be established correctly, or the RPs cannot join the SPT to the multicast source.
Page 820 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 6 PIM Configuration The RP is the core of a PIM-SM domain. Make sure that the RP information on all routers is exactly the same, a specific group G is mapped to the same RP, and unicast routes are available to the RP.
Page 821: Msdp Overview
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Chapter 7 MSDP Configuration When configuring MSDP, go to these sections for information you are interested in: MSDP Overview MSDP Configuration Task List Displaying and Maintaining MSDP...
Page 822: How Msdp Works
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Caution: MSDP is applicable only if the intra-domain multicast protocol is PIM-SM. MSDP is meaningful only for the any-source multicast (ASM) model. 7.1.2 How MSDP Works I.
Page 823 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration data from the multicast source arrives, the receiver-side MSDP peer forwards the data to the receivers along the RPT. Intermediate MSDP peer: an MSDP peer with multicast remote MSDP peers, like RP 2.
Page 824 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Receiver DR 2 MSDP peers Multicast packets SA message RP 2 Join message PIM-SM 2 Register message DR 1 Source PIM-SM 4 RP 1 RP 3...
Page 825 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration hop towards DR 1 at the multicast source side, so that it can directly join the SPT rooted at the source over other PIM-SM domains. Then, the multicast data can flow along the SPT to RP 2 and is forwarded by RP 2 to the receivers along the RPT.
Page 826 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Source RP 1 RP 5 RP 9 RP 8 AS 1 AS 5 Mesh group AS 3 RP 2 RP 3 AS 2 MSDP peers RP 4...
Page 827 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration An EBGP route exists between two MSDP peers in different ASs. Because the SA message is from an MSDP peer (RP 7) in a different AS, and the MSDP peer is the next hop on the EBGP route to the source-side RP, RP 8 accepts the message and forwards it to its other peer (RP 9).
Page 828 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration The multicast source registers with the nearest RP. In this example, Source registers with RP 1, with its multicast data encapsulated in the register message. When the register message arrives to RP 1, RP 1 decapsulates the message.
Page 829: Msdp Configuration Task List
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration 7.2 MSDP Configuration Task List Complete these tasks to configure MSDP: Task Remarks Enabling MSDP Required Configuring Basic Creating an MSDP Peer Connection Required Functions of MSDP...
Page 830: Enabling Msdp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration 7.3.2 Enabling MSDP Follow these steps to enable MSDP: To do... Use the command... Remarks Enter system view system-view — Required Enable IP multicast multicast routing...
Page 831: Configuring An Msdp Peer Connection
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Follow these steps to configure a static RPF peer: To do... Use the command... Remarks Enter system view system-view — Enter MSDP view msdp — Required...
Page 832: Configuring An Msdp Mesh Group
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration 7.4.3 Configuring an MSDP Mesh Group An AS may contain multiple MSDP peers. You can use the MSDP mesh group mechanism to avoid SA message flooding among these MSDP peers and optimize the multicast traffic.
Page 833: Configuring Sa Messages Related Parameters
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration When a new MSDP peer is created, or when a previously deactivated MSDP peer connection is reactivated, or when a previously failed MSDP peer attempts to resume operation, a TCP connection is required.
Page 834: Configuring Sa Request Messages
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration message containing the multicast packet in an SA message and sends it out. After receiving the SA message, the remote RP decapsulates the SA message and delivers the multicast data contained in the register message to the receivers along the RPT.
Page 835: Configuring An Sa Message Filtering Rule
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration To do... Use the command... Remarks Optional peer peer-address Configure a filtering rule sa-request-policy [ acl SA request messages are for SA request messages acl-number ]...
Page 836: Configuring Sa Message Cache
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration To do... Use the command... Remarks Configure the minimum TTL Optional value of multicast packets peer peer-address to be encapsulated in SA minimum-ttl ttl-value 0 by default messages 7.5.5 Configuring SA Message Cache...
Page 837: Msdp Configuration Examples
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration To do... Use the command... Remarks display msdp sa-cache View the (S, G) entry [ group-address | information in the MSDP Available in any view source-address |...
Page 838 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration II. Network diagram AS 100 AS 200 Receiver Receiver Loop0 Switch G Switch F Vlan-int400 Vlan-int102 Switch B Switch A PIM-SM 3 Source 1 Receiver Vlan-int102...
Page 839 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration [SwitchC] multicast routing-enable [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] pim sm [SwitchC-Vlan-interface100] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] pim sm [SwitchC-Vlan-interface200] quit [SwitchC] interface vlan-interface 101 [SwitchC-Vlan-interface101] pim sm The configuration on Switch A, Switch B, Switch D, Switch E, Switch F and Switch G is similar to the configuration on Switch C.
Page 840 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration [SwitchD-bgp] quit # Configure EBGP on Switch F, and inject OSPF routes. [SwitchF] bgp 200 [SwitchF-bgp] router-id 3.3.3.3 [SwitchF-bgp] peer 192.168.3.1 as-number 200 [SwitchF-bgp] import-route ospf 1 [SwitchF-bgp] quit # Inject BGP routes into OSPF on Switch C.
Page 841 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 192.168.3.1 1 00:10:58 Established To view the BGP routing table information on the switches, use the display bgp routing-table command. For example: # View the BGP routing table information on Switch D.
Page 842 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration When the multicast source (Source 1) in PIM-SM 1 sends multicast information, receivers in PIM-SM 2 and PIM-SM 3 can receive the multicast data. You can use the display msdp brief command to view the brief information of MSDP peering relationships between the switches.
Page 843 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Elapsed time since last connection or counters clear: 00:17:51 Information about (Source, Group)-based SA filtering policy: Import policy: none Export policy: none Information about SA-Requests: Policy to accept SA-Request messages: none...
Page 844 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int103 10.110.1.2/24 Switch D Vlan-int300 10.110.4.1/24 Switch B Vlan-int100 10.110.2.2/24 Vlan-int102 192.168.3.1/24 Switch C Vlan-int103 10.110.1.1/24...
Page 845 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration [SwitchC-Vlan-interface100] pim sm [SwitchC-Vlan-interface100] quit [SwitchC] interface Vlan-interface 101 [SwitchC-Vlan-interface101] pim sm [SwitchC-Vlan-interface101] quit The configuration on Switch A, Switch B, Switch D, Switch E, Switch F and Switch G is similar to the configuration on Switch C.
Page 846 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration RPF prime neighbor: 10.110.1.2 Downstream interface(s) information: Total number of downstreams: 1 1: Vlan-interface101 Protocol: pim-sm, UpTime: 00:10:20, Expires: 00:03:10 # View the PIM routing information on Switch F.
Page 847 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration # View the brief MSDP peer information on Switch C. [SwitchC] display msdp brief MSDP Peer Brief Information Configured Listen Connect Shutdown Down Peer's Address State...
Page 848 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration II. Network diagram AS 100 AS 200 Receiver Receiver Loop0 Switch G Source 1 Switch F Switch A Source 3 PIM-SM 3 Receiver Switch B Switch D...
Page 849 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration # Enable IP multicast routing on Switch C, and enable PIM-SM on each interface. <SwitchC> system-view [SwitchC] multicast routing-enable [SwitchC] interface vlan-interface 101 [SwitchC-Vlan-interface101] pim sm...
Page 850 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration # Configure Switch C as a static RPF peer of Switch D. [SwitchD] ip-prefix list-c permit 192.168.0.0 greater-equal less-equal 32 [SwitchD] msdp [SwitchD-msdp] peer 192.168.3.2 connect-interface vlan-interface 102 [SwitchD-msdp] static-rpf-peer 192.168.3.2 rp-policy list-c...
Page 851: Troubleshooting Msdp
Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration [SwitchF] display msdp brief MSDP Peer Brief Information Configured Listen Connect Shutdown Down Peer's Address State Up/Down time SA Count Reset Count 192.168.3.2 00:16:40 7.8 Troubleshooting MSDP 7.8.1 MSDP Peers Stay in Down State...
Page 852 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration argument, all the (S, G) entries will be filtered off, namely no (S, G) entries of the local domain will be advertised. If the import-source command is not executed, the system will advertise all the (S, G) entries of the local domain.
Page 853 Operation Manual – Multicast Protocol H3C S3610&S5510 Series Ethernet Switches Chapter 7 MSDP Configuration Verify that the C-BSR address is different from the anycast RP address. 7-33...
Page 854: Multicast Routing And Forwarding Overview
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Chapter 8 Multicast Routing and Forwarding Configuration When configuring multicast routing and forwarding, go to these sections for information you are interested in:...
Page 855: Rpf Mechanism
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration 8.1.2 RPF Mechanism When creating multicast routing table entries, a multicast routing protocol uses the reverse path forwarding (RPF) mechanism to ensure multicast data delivery along the correct path.
Page 856 Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration unicast route; instead, it relies on the existing unicast routing information or multicast static routes in creating multicast routing entries. When performing an RPF check, a router searches its unicast routing table and multicast static routing table at the same time.
Page 857: Multicast Static Routes
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Figure 8-1 RPF check process A multicast packet from Source arrives on Vlan-int1 of Switch C, and the corresponding forwarding entry does not exist in the multicast forwarding table of Switch C.
Page 858: Multicast Traceroute
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration unicast RPF route and the optimal multicast static route respectively from the routing tables, and uses one of them as the RPF route after comparison.
Page 859: Configuring Multicast Routing And Forwarding
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Request, with the IGMP Type field set to 0x1F, and Response, with the IGMP Type field set to 0x1E. III. Process of multicast traceroute The querier sends a query to the last-hop router.
Page 860: Enabling Ip Multicast Routing
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration The maximum number of routing entries in a multicast forwarding table 8.3.2 Enabling IP Multicast Routing Before configuring any Layer 3 multicast functionality, you must enable IP multicast routing.
Page 861: Configuring A Multicast Route Match Rule
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Follow these steps to configure a multicast static route: To do... Use the command... Remarks Enter system view system-view — ip rpf-route-static source-address { mask |...
Page 862: Configuring A Multicast Forwarding Range
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Follow these steps to configure multicast load splitting: To do... Use the command... Remarks Enter system view system-view — multicast load-splitting Required Configuring multicast load...
Page 863: Tracing A Multicast Path
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration routing protocol. In addition, newly added downstream nodes cannot be installed to the routing entry into the forwarding table. If the configured maximum number of routing entries in the multicast forwarding table is smaller than the current number, the routes in excess of the configured limit will not be deleted immediately;...
Page 864: Displaying And Maintaining Multicast Routing And Forwarding
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration 8.4 Displaying and Maintaining Multicast Routing and Forwarding To do... Use the command... Remarks display multicast boundary View the multicast [ group-address [ mask | mask-length ] ]...
Page 865 Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration Caution: The reset command clears the information in the multicast routing table or the multicast forwarding table, and thus may cause failure of multicast transmission.
Page 866 Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration II. Network diagram OSPF domain Receiver External network Vlan-int200 192.168.5.1/24 Vlan-int300 Vlan-int300 192.168.3.1/24 192.168.3.2/24 Switch D Switch C Vlan-int100 10.110.1.2/24 Source 2 Vlan-int100 Switch A 10.110.1.1/24...
Page 867: Troubleshooting Multicast Routing And Forwarding
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration [SwitchC-Vlan-interface300] pim dm [SwitchC-Vlan-interface300] quit The configuration on Switch A, Switch B and Switch D is similar to the configuration on Switch C. The specific configuration steps are omitted here.
Page 868: Multicast Data Fails To Reach Receivers
Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration II. Analysis If the multicast static route is not configured or updated correctly to match the current network conditions, the route entry does not exist in the multicast route configuration table and multicast routing table.
Page 869 Operation Manual – Multicast Protocol Chapter 8 Multicast Routing and Forwarding H3C S3610&S5510 Series Ethernet Switches Configuration In the case of PIM-SM, use the display current-configuration command to check the BSR and RP information. 8-16...
Page 870: X-Habp-Mac
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 802.1x Configuration ....................1-1 1.1 802.1x Overview ........................ 1-1 1.1.1 Architecture of 802.1x ..................... 1-1 1.1.2 Operation of 802.1x....................1-3 1.1.3 EAP Encapsulation over LANs................1-4 1.1.4 EAP Encapsulation over RADIUS................
Page 871 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Table of Contents Chapter 4 MAC Authentication Configuration................4-1 4.1 MAC Authentication Overview ................... 4-1 4.1.1 RADIUS-Based MAC Authentication ..............4-1 4.1.2 Local MAC Authentication..................4-2 4.2 Related Concepts ......................4-2 4.2.1 MAC Authentication Timers ..................
Page 872 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Chapter 1 802.1x Configuration When configuring 802.1x, go to these sections for information you are interested in: 802.1x Overview Configuring 802.1x Configuring a Guest VLAN Displaying and Maintaining 802.1x 802.1x Configuration Example...
Page 873 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Figure 1-1 Architecture of 802.1x Supplicant system: A system at one end of the LAN segment, which is authenticated by the authenticator system at the other end. A supplicant system is usually a user-end device and initiates 802.1x authentication through 802.1x client...
Page 874 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration II. Controlled port and uncontrolled port An authenticator provides ports for supplicants to access the LAN. Each of the ports can be regarded as two logical ports: a controlled port and an uncontrolled port.
Page 875: Eap Encapsulation Over Lans
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration After a user passes the authentication, the authentication server passes information about the user to the authenticator, which then controls the status of the controlled port according to the instruction of the authentication server.
Page 876 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Type Description Frame for carrying alerting information compliant to Alert Standard Forum (ASF). EAPOL-Encapsulated-ASF-Alert A frame of this type carries network (a value of 0x04) management-related information like warning messages and is terminated at the authenticator.
Page 877: Eap Encapsulation Over Radius
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Length: Length of the EAP packet, including the Code, Identifier, Length, and Data fields, in bytes. Data: Content of the EAP packet. This field is zero or more bytes and its format is determined by the Code field.
Page 878 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration An 802.1x authenticator system communicates with a remotely located RADIUS server in two modes: EAP relay and EAP termination. The following description takes the first case as an example to show the 802.1x authentication process.
Page 879 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration EAPOL EAPOR Authenticator system RADUIS Supplicant system server EAPOL -Start EAP -Request / Identity RADIUS Access- Request EAP - Response / Identity (EAP- Response / Identity )
Page 880 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration After receiving the RADIUS Access-Challenge packet, the authenticator relays the contained EAP-Request/MD5 Challenge packet to the supplicant. When receiving the EAP-Request/MD5 Challenge packet, the supplicant uses the...
Page 881 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration RADIUS EAPOL Authenticator system RADUIS Supplicant system server EAPOL - Start EAP- Resquest / Identity EAP- Response / Identity EAP - Request / MD5 challenge EAP- Response / MD5 challenge...
Page 882 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration when an authenticator multicasts an EAP-Request/Identity frame. Once an authenticator sends an EAP-Request/Identity frame to a supplicant, it starts this timer. If this timer expires but it receives no response from the supplicant, it retransmits the request.
Page 883 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Note: After an 802.1x supplicant passes authentication, the authentication server sends authorization information to the authenticator. If the authorization information contains VLAN authorization information, the authenticator adds the port connecting the supplicant to the assigned VLAN.
Page 884 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration II. Guest VLAN Guest VLAN allows unauthenticated users to access some special resources. Guest VLAN is the default VLAN that a supplicant on a port can access without authentication.
Page 885 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration 1.2 Configuring 802.1x 1.2.1 Configuration Prerequisites 802.1x provides a user identity authentication scheme. However, 802.1x cannot implement the authentication scheme solely by itself. RADIUS or local authentication must be configured to work with 802.1x.
Page 886 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration To do… Use the command… Remarks Set the maximum number Optional of attempts to send an dot1x retry authentication request to max-retry-value 2 by default a supplicant...
Page 887 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration 1.2.3 Configuring 802.1x for a Port I. Enabling 802.1x for a port Follow these steps to enable 802.1x for a port: To do… Use the command…...
Page 888: Configuring A Guest Vlan
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Note that: The 802.1x proxy detection function depends on the online user handshake function. Be sure to enable handshake before enabling proxy detection and to disable proxy detection before disabling handshake.
Page 889: X Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Note: You can specify a tagged VLAN as the guest VLAN for a Hybrid port, but the guest VLAN does not take effect. Similarly, if a guest VLAN for a Hybrid port is in operation, you cannot configure the guest VLAN to carry tags.
Page 890 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration A server group with two RADIUS servers is connected to the switch. The IP addresses of the servers are 10.1.1.1 and 10.1.1.2 respectively. Use the former as the primary authentication/secondary accounting server, and the latter as the secondary authentication/primary accounting server.
Page 891 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration <Sysname> system-view [Sysname] local-user localuser [Sysname-luser-localuser] service-type lan-access [Sysname-luser-localuser] password simple localpass [Sysname-luser-localuser] attribute idle-cut 20 [Sysname-luser-localuser] quit # Create RADIUS scheme radius1 and enter its view.
Page 892: Guest Vlan Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration [Sysname-isp-aabbcc.net] authorization default radius-scheme radius1 local [Sysname-isp-aabbcc.net] accounting default radius-scheme radius1 local # Set the maximum number of users for the domain as 30. [Sysname-isp-aabbcc.net] access-limit enable 30 # Enable the idle cut function and set the idle cut interval.
Page 893 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration II. Network diagrams Figure 1-11 Network diagram for guest VLAN configuration Figure 1-12 Network diagram with VLAN 10 as the guest VLAN 1-22...
Page 894 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration Figure 1-13 Network diagram when the supplicant passes authentication III. Configuration procedure # Configure RADIUS scheme 2000. <Sysname> system-view [Sysname] radius scheme 2000 [Sysname-radius-2000] primary authentication 10.11.1.1 1812 [Sysname-radius-2000] primary accounting 10.11.1.1 1813...
Page 895 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration [Sysname-Ethernet1/0/1] dot1x port-method portbased # Set the port access control mode to auto. [Sysname-Ethernet1/0/1] dot1x port-control auto [Sysname-Ethernet1/0/1] quit # Create VLAN 10. [Sysname] vlan 10 [Sysname-vlan10] quit # Specify port Ethernet 1/0/1 to use VLAN 10 as its guest VLAN.
Page 896 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration III. Configuration procedure # Configure the IP addresses of the interfaces. (Omitted) # Configure the RADIUS scheme. <Sysname> system-view [Sysname] radius scheme 2000 [Sysname-radius-2000] primary authentication 10.1.1.1 1812 [Sysname-radius-2000] primary accounting 10.1.1.2 1813...
Page 897 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 1 802.1x Configuration 1-26...
Page 898: Chapter 2 Ead Fast Deployment Configuration
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration Chapter 2 EAD Fast Deployment Configuration When configuring EAD fast deployment, go to these sections for information you are interested in: EAD Fast Deployment Overview...
Page 899 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration 2.2.2 Configuration Procedure I. Configuring a freely accessible network segment A freely accessible network segment, also called a free IP, is a network segment that users can access before passing 802.1x authentication.
Page 900: Displaying And Maintaining Ead Fast Deployment
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration III. Setting the EAD rule timeout time With the EAD fast deployment function, a user is authorized by an EAD rule (generally an ACL rule) to access the freely accessible network segment before passing authentication.
Page 901 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration II. Network diagram Figure 2-1 Network diagram for EAD fast deployment III. Configuration procedure Configure the WEB server Before using the EAD fast deployment function, you need to configure the WEB server to provide the download service of 802.1x client software.
Page 902: Troubleshooting Ead Fast Deployment
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Ping statistics for 192.168.1.3:...
Page 903: Introduction To Habp
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 3 HABP Configuration Chapter 3 HABP Configuration When configuring HABP, go to these sections for the information you are interested in: Introduction to HABP Configuring HABP Displaying and Maintaining HABP 3.1 Introduction to HABP...
Page 904: Displaying And Maintaining Habp
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 3 HABP Configuration Follow these steps to configure an HABP server: To do… Use the command… Remarks Enter system view system-view — Optional habp enable Enable HABP Enabled by default...
Page 905: Mac Authentication Overview
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration Chapter 4 MAC Authentication Configuration When configuring MAC authentication, go to these sections for information you are interested in: MAC Authentication Overview Related Concepts Configuring MAC Authentication...
Page 906: Related Concepts
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration If the authentication succeeds, the user will be granted permission to access the network resources. 4.1.2 Local MAC Authentication In local MAC authentication, the device performs authentication of users locally and...
Page 907: Configuring Mac Authentication
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration Caution: If the quiet MAC is the same as the static MAC configured or an authentication-passed MAC, then the quiet function is not effective. 4.2.3 VLAN Assigning For separation of users from restricted network resources, a more general way is to put the users and restricted resources into different VLANs.
Page 908 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration Caution: For local authentication: The type of username and password of a local user must be consistent with that used for MAC authentication. All the letters in the MAC address to be used as the username and password of a local user must be in lower case.
Page 909: Displaying And Maintaining Mac Authentication
Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration To do… Use the command… Remarks mac-authentication Optional user-name-format By default, the user’s { fixed [ account name ] Configure the username source MAC address...
Page 910 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration A local user uses aaa as the username and 123456 as the password for authentication. Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
Page 911 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration User name format is fixed account Fixed username:aaa Fixed password:123456 Offline detect period is 180s Quiet period is 60s. Server response timeout value is 100s...
Page 912 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration # Configure a RADIUS scheme. <Sysname> system-view [Device] radius scheme 2000 [Device-radius-2000] primary authentication 10.1.1.1 1812 [Device-radius-2000] primary accounting 10.1.1.2 1813 [Device-radius-2000] key authentication abc...
Page 913 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration Silent Mac User info: MAC ADDR From Port Port Index Ethernet1/0/1 is link-up MAC address authentication is Enabled Authenticate success: 1, failed: 0 Current online user number is 1...
Page 914 Operation Manual – 802.1x-HABP-MAC Authentication H3C S3610&S5510 Series Ethernet Switches Chapter 4 MAC Authentication Configuration [Sysname-radius-2000] key accounting abc [Sysname-radius-2000] user-name-format without-domain [Sysname-radius-2000] quit # Create an ISP domain and specify the AAA schemes. [Sysname] domain 2000 [Sysname-isp-2000] authentication default radius-scheme 2000...
Page 915: Aaa-Radius-Hwtacacs
Operation Manual – AAA-RADIUS-HWTACACS H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 AAA/RADIUS/HWTACACS Configuration ..............1-1 1.1 AAA/RADIUS/HWTACACS Configuration Overview............1-1 1.1.1 Introduction to AAA ....................1-1 1.1.2 Introduction to ISP Domain ..................1-2 1.1.3 Introduction to RADIUS................... 1-3 1.1.4 Introduction to HWTACACS..................
Page 916 Operation Manual – AAA-RADIUS-HWTACACS H3C S3610&S5510 Series Ethernet Switches Table of Contents 1.6.1 Displaying and Maintaining AAA ................1-39 1.6.2 Displaying and Maintaining RADIUS..............1-39 1.6.3 Displaying and Maintaining HWTACACS ............. 1-40 1.7 AAA/RADIUS/HWTACACS Configuration Examples ............1-40 1.7.1 AAA for Telnet Users by a HWTACACS Server ........... 1-40 1.7.2 AAA for Telnet Users by Separate Servers ............
Page 917 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Chapter 1 AAA/RADIUS/HWTACACS Configuration When configuring AAA/RADIUS/HWTACACS, go to these sections for information you are interested in: AAA/RADIUS/HWTACACS Configuration Overview AAA/RADIUS/HWTACACS Configuration Task List Configuring AAA Configuring RADIUS...
Page 918: Introduction To Isp Domain
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Local authentication: User information (including username, password, and attributes) is configured on the device. Local authentication features high speed and low cost, but the amount of information that can be stored is limited by the hardware.
Page 919: Introduction To Radius
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration is the ISP domain name. The access device considers the userid part the username for authentication and the isp-name part the domain name. In a networking scenario with multiple ISPs, an access device may connect users of different ISPs.
Page 920 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Figure 1-1 Components of the RADIUS server In addition, a RADIUS server can act as the client of another AAA server to provide the proxy authentication or accounting service. A RADIUS server supports multiple user authentication methods, such as PPP-based PAP and CHAP.
Page 921 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Having received the username and password, the RADIUS client sends an authentication request (Access-Request) to the RADIUS server. The RADIUS server compares the received user information with that in the Users database.
Page 922 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Table 1-1 Main values of the Code field Code Packet type Description From the client to the server. A packet of this type carries user information for the server to authenticate the user.
Page 923 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Length: One byte for indicating the length of the attribute in bytes, including the Type, Length, and Value fields. Value: Value of the attribute, up to 253 bytes. Its format and content depend on the Type and Length fields.
Page 924: Introduction To Hwtacacs
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Figure 1-4 Segment of a RADIUS packet containing an extended attribute 1.1.4 Introduction to HWTACACS I. What is HWTACACS Huawei Terminal Access Controller Access Control System (HWTACACS) is an enhanced security protocol based on TACACS (RFC 1492).
Page 925 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Figure 1-5 Network diagram for a typical HWTACACS application II. Basic message exchange process of HWTACACS The following takes Telnet user as an example to describe how HWTACACS performs user authentication, authorization, and accounting.
Page 926 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Figure 1-6 Basic message exchange process of HWTACACS for a Telnet user A user requests to access the NAS. Upon receiving the request, the HWTACACS client sends a start-authentication packet to the HWTACACS server.
Page 927 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration After receiving the login password, the HWTACACS client sends to the HWTACACS server an authentication continuance packet carrying the login password. The HWTACACS server sends back an authentication response indicating that the user has passed authentication.
Page 928: Configuring Aaa
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration II. RADIUS configuration task list Task Remarks Creating a RADIUS Scheme Required Specifying the RADIUS Authentication/Authorization Servers Required Configuring the RADIUS Accounting Servers and Relevant Optional Parameters...
Page 929: Creating An Isp Domain
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration In AAA, users are divided into lan-access users, login users, and command line users. Except command line users, configure separate authentication/authorization/accounting policies for all the other type of users.
Page 930: Configuring Isp Domain Attributes
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration 1.3.3 Configuring ISP Domain Attributes Follow these steps to configure ISP domain attributes: To do… Use the command… Remarks Enter system view system-view — Create an ISP domain...
Page 931 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Before configuring an authentication scheme, complete these three tasks: For RADIUS or HWTACACS authentication, configure the RADIUS or HWTACACS scheme to be referenced first. The local and none authentication modes do not require any scheme.
Page 932: Configuring An Aaa Authorization Scheme For An Isp Domain
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: The authentication scheme specified with the authentication default command is for all types of users and has a priority lower than that for a specific access mode.
Page 933 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Follow these steps to configure an AAA authorization scheme for an ISP domain: To do… Use the command… Remarks Enter system view system-view — Create an ISP domain...
Page 934: Configuring An Aaa Accounting Scheme For An Isp Domain
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: The authorization scheme specified with the authorization default command is for all types of users and has a priority lower than that for a specific access mode.
Page 935 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Follow these steps to configure an AAA accounting scheme for an ISP domain: To do… Use the command… Remarks Enter system view system-view — Create an ISP domain...
Page 936: Configuring Local User Attributes
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration 1.3.7 Configuring Local User Attributes For local authentication, you must create a local user and configure the attributes. A local user represents a set of users configured on a device, which are uniquely identified by the username.
Page 937 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Optional Set the priority level of the level level user 0 by default Optional If the user is bound to a...
Page 938: Tearing Down User Connections Forcibly
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: With the local-user password-display-mode cipher-force command configured, a local user password is always displayed in cipher text, regardless of the configuration of the password command. In this case, if you use the save...
Page 939: Configuring Radius
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Enter system view system-view — Required cut connection { access-type { dot1x | mac-authentication } | all | domain isp-name Applies to...
Page 940: Configuring The Radius Accounting Servers And Relevant Parameters
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Enter system view system-view — Create a RADIUS scheme Required radius scheme and enter RADIUS radius-scheme-name Not defined by default scheme view...
Page 941 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Required The defaults are as Configure the IP address follows: and UDP port of the primary accounting primary RADIUS ip-address [ port-number ] 0.0.0.0 for the IP address,...
Page 942: Setting The Shared Key For Radius Packets
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: In practice, you can specify two RADIUS servers as the primary and secondary accounting servers respectively; or specify one server to function as both. Besides, because RADIUS uses different UDP ports to receive authentication/authorization and accounting packets, the port for authentication/authorization must be different from that for accounting.
Page 943: Setting The Maximum Number Of Radius Request Retransmission Attempts
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration 1.4.5 Setting the Maximum Number of RADIUS Request Retransmission Attempts Because RADIUS uses UDP packets to carry data, the communication process is not reliable. If a NAS receives no response from the RADIUS server before the response timeout timer expires, it is required to retransmit the RADIUS request.
Page 944: Setting The Status Of Radius Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: If you change the type of RADIUS server, the data stream destined to the original RADIUS server will be restored to the default unit. When a third-party RADIUS is used, you can configure the RADIUS server to standard or extended.
Page 945: Configuring Attributes Related To The Data Sent To The Radius Server
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Set the status of the primary state primary RADIUS authentication { active | authentication/authorization block } server Set the status of the primary...
Page 946: Setting Timers Regarding Radius Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks data-flow-format { data Optional { byte | giga-byte | The defaults are as Specify the unit for data kilo-byte | mega-byte } |...
Page 947 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration server with an IP address configured. If the secondary server is reachable, the primary server will resume active after the period specified by this timer, and the secondary server’s state does not change.
Page 948 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration device can be configured with 16 schemes at most) fail to respond to the accounting-on packets, the number of accounting-on packet retransmission attempts is too big, or the...
Page 949: Enabling The Listening Port Of The Radius Client
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Caution: If the RADIUS server and the security policy server reside on the same physical device, you do not need to configure the IP address of the security policy server.
Page 950: Specifying The Hwtacacs Authentication Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration 1.5.2 Specifying the HWTACACS Authentication Servers Follow these steps to specify the HWTACACS authentication servers: To do… Use the command… Remarks Enter system view system-view — Create a HWTACACS...
Page 951: Specifying The Hwtacacs Accounting Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Required The defaults are as Configure the IP address follows: and port of the primary primary authorization HWTACACS ip-address [ port-number ] 0.0.0.0 for the IP address,...
Page 952: Setting The Shared Key For Hwtacacs Packets
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Required The defaults are as Configure the IP address follows: and port of the secondary secondary accounting HWTACACS accounting ip-address [ port-number ] 0.0.0.0 for the IP address,...
Page 953 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks Set the shared keys for Required HWTACACS key { accounting | authentication, authentication | No shared key exists by authorization, and authorization } string default.
Page 954: Setting Timers Regarding Hwtacacs Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Note: If a HWTACACS server does not support a username with the domain name, you can configure the device to remove the domain name before sending the username to the server.
Page 955: Displaying And Maintaining Aaa
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration 1.6 Displaying and Maintaining AAA/RADIUS/HWTACACS 1.6.1 Displaying and Maintaining AAA To do… Use the command… Remarks Display the configuration information of a specified Available in any display domain [ isp-name ]...
Page 956: Displaying And Maintaining Hwtacacs
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration To do… Use the command… Remarks reset stop-accounting-buffer { radius-scheme Clear buffered radius-server-name | stop-accounting requests Available in user view session-id session-id | that get no responses...
Page 957 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration On the switch, set the shared keys for authentication, authorization, and accounting packets to expert. Configure the switch to remove the domain name from a user name before sending the user name to the HWTACACS server.
Page 958: Aaa For Telnet Users By Separate Servers
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration [Switch-isp-1] authentication login hwtacacs-scheme hwtac [Switch-isp-1] authorization login hwtacacs-scheme hwtac [Switch-isp-1] accounting login hwtacacs-scheme hwtac [Switch-isp-1] quit # You can achieve the same purpose by setting AAA schemes for all types of users.
Page 959 Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration II. Network diagram Figure 1-8 Configure AAA by separate servers for Telnet users III. Configuration procedure # Configure the IP addresses of various interfaces (omitted). # Enable the Telnet server on the switch.
Page 960: Troubleshooting Radius
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration # Configure the AAA schemes of the ISP domain. [Switch] domain 1 [Switch-isp-1] authentication login local [Switch-isp-1] authorization login hwtacacs-scheme hwtac [Switch-isp-1] accounting login radius-scheme rd [Switch-isp-1] quit # Configure the default AAA schemes for all types of users.
Page 961: Troubleshooting Hwtacacs
Operation Manual – AAA-RADIUS-HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S3610&S5510 Series Ethernet Switches Configuration Solution: Check that: The communication links between the NAS and the RADIUS server work well at both physical and link layers. The IP address of the RADIUS server is correctly configured on the NAS.
Page 962 Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 ARP Configuration....................... 1-1 1.1 ARP Overview........................1-1 1.1.1 ARP Function ......................1-1 1.1.2 ARP Message Format..................... 1-1 1.1.3 ARP Address Resolution Process................1-2 1.1.4 ARP Mapping Table ....................
Page 963: Chapter 1 Arp Configuration
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration Chapter 1 ARP Configuration When configuring ARP, go to these sections for information you are interested in: ARP Overview Configuring ARP Configuring Gratuitous ARP Configuring ARP Source Suppression Displaying and Maintaining ARP 1.1 ARP Overview...
Page 964: Arp Address Resolution Process
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration The following explains the fields in Figure 1-1. Hardware type: This field specifies the hardware address type. The value “1” represents Ethernet. Protocol type: This field specifies the type of the protocol address to be mapped.
Page 965: Arp Mapping Table
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration Figure 1-2 ARP address resolution process When Host A and Host B are not on the same subnet, Host A first sends an ARP request to the gateway. The destination IP address in the ARP request is the IP address of the gateway.
Page 966: Configuring Arp
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration receiving the ARP reply into the static ARP entry. Now the entry can be used for forwarding IP packets. Note: Usually ARP dynamically implements and automatically seeks mappings from IP addresses to MAC addresses, without manual intervention.
Page 967: Configuring The Maximum Number Of Arp Entries For A Vlan Interface
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration 1.2.2 Configuring the Maximum Number of ARP Entries for a VLAN Interface Follow these steps to set the maximum number of dynamic ARP entries that a VLAN interface can learn: To do…...
Page 968: Arp Configuration Example
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration Follow these steps to enable the ARP entry check: To do… Use the command… Remarks — Enter system view system-view Optional Enable the ARP entry arp check enable check Enabled by default.
Page 969 Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration Informing other devices of its MAC address change so that they can update their ARP entries. A device receiving a gratuitous ARP packet can add the information carried in the packet to its own dynamic ARP mapping table if it finds no corresponding ARP entry for the ARP packet in the cache.
Page 970: Displaying And Maintaining Arp
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 1 ARP Configuration To do… Use the command… Remarks — Enter system view system-view Required Enable ARP source arp source-suppression suppression enable Disabled by default. Set the maximum number of packets with the same...
Page 971: Chapter 2 Proxy Arp Configuration
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 2 Proxy ARP Configuration Chapter 2 Proxy ARP Configuration When configuring proxy ARP, go to these sections for information you are interested in: Proxy ARP Overview Enabling Proxy ARP Displaying and Maintaining Proxy ARP 2.1 Proxy ARP Overview...
Page 972: Displaying And Maintaining Proxy Arp
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 2 Proxy ARP Configuration 2.3 Displaying and Maintaining Proxy ARP To do… Use the command… Remarks Display whether proxy display proxy-arp [ interface Available in any view ARP is enabled...
Page 973: Local Proxy Arp Configuration Example In Case Of Port Isolation
Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 2 Proxy ARP Configuration III. Configuration procedure # Configure Proxy ARP on the device to enable the communication between Host A and Host D. <Switch> system-view [Switch] vlan 2 [Switch-vlan2] quit [Switch] interface vlan-interface 1 [Switch-Vlan-interface1] ip address 192.168.10.99 255.255.255.0...
Page 974 Operation Manual – ARP H3C S3610&S5510 Series Ethernet Switches Chapter 2 Proxy ARP Configuration [Switch-vlan2] port ethernet 1/0/3 [Switch-vlan2] quit [Switch] interface ethernet 1/0/2 [Switch-Ethernet1/0/2] port-isolate enable [Switch-Ethernet1/0/2] quit [Switch] interface ethernet 1/0/3 [Switch-Ethernet1/0/3] port-isolate enable [Switch-Ethernet1/0/3] quit # Configure an IP address of VLAN-interface 2.
Page 975: Dhcp
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 DHCP Overview......................1-1 1.1 Introduction to DHCP......................1-1 1.2 DHCP Address Allocation....................1-2 1.2.1 Allocation Mechanisms ................... 1-2 1.2.2 Dynamic IP Address Allocation Process..............1-2 1.2.3 IP Address Lease Extension ...................
Page 976 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Table of Contents 2.8 Displaying and Maintaining the DHCP Server..............2-16 2.9 DHCP Server Configuration Examples................2-17 2.10 Troubleshooting DHCP Server Configuration..............2-19 Chapter 3 DHCP Relay Agent Configuration ................3-1 3.1 Introduction to DHCP Relay Agent ..................
Page 977 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Table of Contents 6.4 BOOTP Client Configuration Example ................6-3...
Page 978: Introduction To Dhcp
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview Chapter 1 DHCP Overview When configuring ARP, go to these sections for information you are interested in: Introduction to DHCP DHCP Address Allocation DHCP Message Format DHCP Options Protocols and Standards 1.1 Introduction to DHCP...
Page 979: Dhcp Address Allocation
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview Note: When residing in a different subnet from the DHCP server, the DHCP client can get the IP address and other configuration parameters from the server via a DHCP relay agent.
Page 980: Ip Address Lease Extension
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview If several DHCP servers send offers to the client, the client accepts the first received offer, and broadcasts it in a DHCP-REQUEST message to formally request the IP address.
Page 981 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview Figure 1-3 DHCP message format op: Message type defined in option field. 1 = REQUEST, 2 = REPLY htype,hlen: Hardware address type and length of a DHCP client.
Page 982: Dhcp Options
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview 1.4 DHCP Options 1.4.1 DHCP Options Overview The DHCP message adopts the same format as the Bootstrap Protocol (BOOTP) message for compatibility, but differs from it in the option field, which identifies new features for DHCP.
Page 983 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview I. Relay agent option (Option 82) Option 82 is the relay agent option in the option field of the DHCP message. It records the location information of the DHCP client. When a DHCP relay agent receives a client’s request, it adds Option 82 to the request message and sends it to the server.
Page 984 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview Figure 1-7 Sub-option 1 in verbose padding format Note: In the above figure, except that the VLAN ID field has a fixed length of 2 bytes, all the other padding contents of sub-option 1 are length variable.
Page 985 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 1 DHCP Overview 1.5 Protocols and Standards RFC2131: Dynamic Host Configuration Protocol RFC2132: DHCP Options and BOOTP Vendor Extensions RFC1542: Clarifications and Extensions for the Bootstrap Protocol RFC 3046: DHCP Relay Agent Information Option...
Page 986: Introduction To Dhcp Server
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Chapter 2 DHCP Server Configuration When configuring the DHCP server, go to these sections for information you are interested in: Introduction to DHCP Server DHCP Server Configuration Task List...
Page 987: Dhcp Address Pool
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.1.2 DHCP Address Pool I. Address pool structure In response to a client’s request, the DHCP server selects an idle IP address from an address pool and sends it together with other parameters such as lease and DNS server address to the client.
Page 988: Dhcp Server Configuration Task List
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration For example, two address pools are configured on the DHCP server. The ranges of IP addresses that can be dynamically assigned are 1.1.1.0/24 and 1.1.1.0/25 respectively.
Page 989: Enabling The Dhcp Server On An Interface
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Follow these steps to enable DHCP: To do… Use the command… Remarks Enter system view system-view — Required Enable DHCP dhcp enable Disabled by default. 2.4 Enabling the DHCP Server on an Interface With the DHCP server enabled on an interface, upon receiving a client’s request, the...
Page 990: Configuring An Address Pool For The Dhcp Server
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5 Configuring an Address Pool for the DHCP Server 2.5.1 Configuration Task List Complete the following tasks to configure an address pool: Task Remarks Creating a DHCP Address Pool...
Page 991: Configuring An Address Allocation Mode
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5.3 Configuring an Address Allocation Mode Caution: You can configure either the static binding or dynamic address allocation for an address pool as needed. It is required to specify an address range for the dynamic address allocation. A static binding is a special address pool containing only one IP address.
Page 992 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Note: Use the static-bind ip-address command together with static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration. In a DHCP address pool, if you execute the static-bind mac-address command before the static-bind client-identifier command, the latter will overwrite the former and vice versa.
Page 993: Configuring A Domain Name Suffix For The Client
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks Optional dhcp server Except IP addresses of the Exclude IP addresses forbidden-ip DHCP server interfaces, all from automatic allocation low-ip-address...
Page 994: Configuring Wins Servers And Netbios Node Type For The Client
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Follow these steps to configure DNS servers in the DHCP address pool: To do… Use the command… Remarks Enter system view system-view — Enter DHCP address dhcp server ip-pool —...
Page 995: Configuring The Bims Server Information For The Client
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks netbios-type { b-node | Required Specify the NetBIOS node h-node | m-node | type Not specified by default. p-node } Note: If b-node is specified for the client, you need to specify no WINS server address.
Page 996: Configuring Option 184 Parameters For The Client With Voice Service
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks Required gateway-list Specify gateways No gateway is specified ip-address&<1-8> by default. 2.5.9 Configuring Option 184 Parameters for the Client with Voice Service To assign voice calling parameters along with an IP address to DHCP clients with voice service, you need to configure Option 184 on the DHCP server.
Page 997: Configuring The Tftp Server And Bootfile Name For The Client
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5.10 Configuring the TFTP Server and Bootfile Name for the Client This task is to specify the IP address and name of a TFTP server and the bootfile name in the DHCP address pool.
Page 998 Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Define existing DHCP options. Some options have no unified definitions in RFC 2132; however, vendors can define such options as needed. The self-defined DHCP option enables DHCP clients to obtain vendor-specific information.
Page 999: Configuring The Dhcp Server Security Functions
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration Caution: Be cautious when configuring self-defined DHCP options because such configuration may affect the DHCP operation process. When you use self-defined option (Option 51) to configure the IP address lease duration, convert the lease duration into seconds in hexadecimal notation.
Page 1000: Configuring Ip Address Conflict Detection
Operation Manual – DHCP H3C S3610&S5510 Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.6.3 Configuring IP Address Conflict Detection To avoid IP address conflicts, the DHCP server checks whether the address to be assigned is in use via sending ping packets.

This manual is also suitable for:

S3610-28tp S3610-52m-dc S5510-24p-ac S5510-24f-ac S5510-24p-dc S5510-24f-dc ... Show all

H3C S3610-28P Operation Manual

Table of Contents

Chapter 1 Obtaining the Documentation

Chapter 3 Product Overview

Chapter 4 Networking Applications

Chapter 2 Logging in through the Console Port

Quick Links

Chapters

Troubleshooting

Related Manuals for H3C S3610-28P

Summary of Contents for H3C S3610-28P