QTech QSW-3900 User Manual

page of 245

/ 245
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Download this manual

QTECH

Software Configuration Manual

QSW-3900 Ethernet Switch

User's Manual

Table of Contents

Need help?

Do you have a question about the QSW-3900 and is the answer not in the manual?

Questions and answers

Summary of Contents for QTech QSW-3900

Page 1 QTECH Software Configuration Manual QSW-3900 Ethernet Switch User’s Manual...
Page 2: Table Of Contents
QTECH Software Configuration Manual Content Chapter 1 Accessing Switch........................1-13 Command Line Interface ......................1-13 1.1.1 Command Line Configuration Mode ..............1-13 1.1.2 Command Syntax Comprehension ................ 1-15 1.1.3 Syntax Help ......................1-15 1.1.4 History command ....................1-16 1.1.5 Symbols in command..................... 1-16 Command Symbols Description....................
Page 3 QTECH Software Configuration Manual Monitor system by SNMP ......................2-32 2.8.1 Brief introduction of SNMP..................2-32 SNMP Mechanism........................2-32 2.10 SNMP Protocol Version ......................2-33 2.11 MIB Overview........................... 2-33 2.12 SNMP Configuration......................... 2-33 2.12.1 Configure community name and accessing right........... 2-34 2.12.2...
Page 4 QTECH Software Configuration Manual 4.2.10 Enable/disable interface flow-control ..............4-51 4.2.11 Port mode configuration..................4-52 4.2.12 Trunk allowed VLAN configuration................. 4-52 4.2.13 The default vlan-id of trunk port configuration ............4-52 4.2.14 Add access port to specified VLAN ............... 4-52 4.2.15...
Page 5 QTECH Software Configuration Manual 5.2.2 Add/delete VLAN interface..................5-68 5.2.3 Specify/restore VLAN description ................5-68 5.2.4 Configure interface type ..................5-68 5.2.5 Configure interface default vlan ID................. 5-68 5.2.6 Configure tag vlan ....................5-69 5.2.7 Display VLAN information ..................5-69 Brief introduction of GVRP......................
Page 6 QTECH Software Configuration Manual 7.2.2 RIP Version ......................7-86 7.2.3 RIP Message Format ..................... 7-86 7.2.4 TRIP ........................7-87 7.2.5 Protocols and Standards ..................7-88 RIP configuration list......................... 7-88 7.3.1 Enable RIP ......................7-89 7.3.2 Specify IP network to run RIP protocol ..............7-89 7.3.3...
Page 7 QTECH Software Configuration Manual 9.2.3 Configure BGP timer .................... 9-122 9.2.4 Configure local preference................... 9-123 9.2.5 Configure AS MED ....................9-123 9.2.6 Compare MED from different AS neighbors ............9-123 9.2.7 Configure BGP route aggregation................ 9-124 9.2.8 Configure route information of IGP protocol introduced by BGP......9-124 9.2.9...
Page 8 QTECH Software Configuration Manual vlan-id of the tagged attribution ..................10-143 10.7.5 Display cross-vlan multicast................10-143 Chapter 11 DHCP Configuration ......................11-144 11.1 Brief introduction of DHCP.....................11-144 11.2 Technical details........................11-145 11.2.1 DHCP discovery....................11-145 11.2.2 DHCP offers ....................... 11-145 11.2.3 DHCP requests ....................
Page 9 QTECH Software Configuration Manual 12.1.2 ARP probe......................12-163 12.1.3 ARP mediation ....................12-163 12.1.4 Variants of the protocol ..................12-163 12.1.5 Inverse ARP and Reverse ARP ................. 12-163 12.2 ARP spoofing ........................12-164 12.2.1 How ARP spooing works?.................. 12-164 12.2.2 ARP Spoofing/poising Animation ...............
Page 10 QTECH Software Configuration Manual 14.1.9 Choose interface outputting queue for packet ........... 14-180 14.1.10 Queue scheduler....................14-180 14.1.11 cos-map......................14-181 14.1.12 Flow mirror ......................14-181 14.1.13 Statistics based on flow..................14-181 14.1.14 Copy packet to CPU................... 14-181 14.2 QOS Configuration....................... 14-181 14.2.1...
Page 11 QTECH Software Configuration Manual 16.1 Brief introduction of 802.1X configuration................16-207 16.2 802.1X Configuration......................16-207 16.2.1 AAA configuration mode..................16-207 16.3 RADIUS and TACACS+ Server Configuration............... 16-207 16.3.1 System default user ................... 16-208 16.3.2 User’s authentication..................16-208 16.4 Local authentication configuration..................16-208 16.4.1...
Page 12 QTECH Software Configuration Manual 20.3 Basic Concepts in ERRP...................... 20-226 20.3.1 ERRP domain..................... 20-226 20.3.2 ERRP ring ......................20-227 20.3.3 Control VLAN and data VLAN................20-227 20.3.4 Node ........................20-227 20.3.5 Primary port and secondary port................ 20-227 20.3.6 Common port and edge port ................20-228 20.3.7...
Page 13 QTECH Software Configuration Manual 22.4.6 Configure cfm cc interval..................22-242 22.4.7 Enable/disable VLAN sending cfm cc enable level ........... 22-242 22.4.8 cfm ping......................22-242 22.4.9 cfm traceroute ....................22-243 22.4.10 Display cfm domain.................... 22-243 22.4.11 Display cfm maintenance-points local..............22-243 22.4.12...
Page 14: Chapter 1 Accessing Switch
QTECH Software Configuration Manual Accessing Switch Chapter 1 This chapter is the basic knowledge for system management, including : 1) Command line interface 2) Command syntax comprehension 3) Syntax help 4) History command 5) Symbols in command 6) Parameter in command...
Page 15 QTECH Software Configuration Manual 8) Domain configuration mode The function and details of each command mode are as following : Command Line Configuration Mode Command line mode Function Prompt character Command for entering Command for exiting User mode See switch QTECH>...
Page 16: Command Syntax Comprehension
“quit” is a command without parameter. The name of the command is quit. Press enter button after inputting it to execute this command. ! User need input parameter QTECH(config)#vlan 3 “vlan 3”is a command with parameter and keyword, vlan of which is command keyword and 3 of which is parameter.
Page 17: History Command
<enter> The command end. · Parameter range and form QTECH(config)#spanning-tree forward-time ? INTEGER<4-30> switch delaytime : <4-30>(second) · Command line end prompt QTECH(config)#spanning-tree ? <enter> The command end. 1.1.4 History command Command line interface will save history command inputted by user automatically so that user can invoke history command saved by command line interface and re-execute it.
Page 18: Command Parameter Categories
QTECH Software Configuration Manual Square brackets [ ] Square brackets ([ ]) mean optional elements. For example : show vlan [ vlan-id ] Braces { } Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
Page 19: System Default User Name
If the privilege doesn’t configure, the default privilege is ordinary user. At most 8 users are supported. Caution : User name supports case insensitivity while password doesn’t support case sensitivity. ! Add a new administrator “red”, configure privilege to be 3, and password to be 1234 QTECH(config)#username qtech privilege 3 password 0 1234 1.3.3 Modify password In global configuration mode, system administrator admin can use the following command to modify password of his or other user.
Page 20: Remove User Name
& Caution : User name supports case insensitivity while password doesn’t support case sensitivity. For example : ! Modify the privilege of administrator “qtech” to be 1, and password to be 1234 QTECH(config)#username qtech privilege 1 password 0 1234 1.3.5...
Page 21: Start Radius/Tacacs+ Remote Authentication
Step 5 : As administrator, after entering privileged mode, use copy running-config startup-config command to save configuration. QTECH#copy running-config startup-config When following information is displayed : Startup config in flash will be updated, are you sure(y/n)? [n]y Building, please wait...
Page 22: Manage Switch By Telnet
QTECH Software Configuration Manual Build successfully. It means current configuration is saved successfully. Following information is displayed when system booting : Ready to load startup-config, press ENTER to run or CTRL+C to cancel : Press enter button to make saved configuration be effective, and press CTRL+C to restore system default configuration.
Page 23: Enable/Disable Ssh Function Of The Device
Example : ! Download keyfile pub.txt from tftp server 1.1.1.1 to be SSH public key QTECH#load keyfile public tftp 1.1.1.1 pub.txt 1.7.2.3 Clear configured key. This command will clear all keyfiles storaged in Flash storage. The configuration command is as following :...
Page 24: Others
SSH key is configured, it will load automatically. The configuration command is as following : crypto key refresh Example : ! Load new SSH key : QTECH#crypto key refresh 1.7.3 Others Use following command to display SSH configuration show ssh This command is used to display SSH version number, enabling/disabling SSH and SSH keyfile.
Page 25: Chapter 2 Switch Manage And Maintenance
Mask means netmask. For example : ! Configure IP address of VLAN 100 to be 192.168.0.100, netmask to be 255.255.0.0. QTECH(config-if-vlan)#ipaddress 192.168.0.100 255.255.0.0 Configuration Files Management 2.4.1 Edit configuration files Configuration files adopts text formatting which can be upload to PC from devices by FTP and TFTP protocol.
Page 26: Erase Saved Configuration
! Display all saved configuration QTECH#show running-config ! Display saved configuration of GARP and OAM module QTECH#show running-config garp oam 2.4.6 Display current configuration User can display syatem current configuration information in the form of text by command line interface.
Page 27: Online Loading Upgrade Program
For example : ! Upload configuration to 192.168.0.100 by FTP and saved as abc QTECH#upload configuration ftp 192.168.0.100 abc username password Configuration information saved when uploading is successful. ! Download configuration program abc to 192.168.0.100 by TFTP QTECH#load configuration ftp 192.168.0.100 abc...
Page 28: Download Files By Xmodem
1234 and file download path in privileged mode. For example : ! Upload configuration to 192.168.0.100 by FTP and saved as abc QTECH#upload configuration ftp 192.168.0.100 abc user 1234 Configuration information saved when uploading is successful. ! Download configuration program abc to 192.168.0.100 by FTP QTECH#load configuration ftp 192.168.0.100 abc user 1234...
Page 29: Reboot
For example : ! Display system version QTECH(config)#sh ver software platform : Broadband NetWork Platform Software software version : QTECH QSW-3900 V100R001B01D003P001SP9 copyright : Copyright (c) 2001-2009 compiled time : Jul 16 2009 10 : 10 : 00 processor : PPC 8245, 400MHz...
Page 30: Network Connecting Test Command
: character strings range from 1 to 32, these strings can be printable, excluding such wildcards as '/', ' : ', '*', '?', '\\', '<', '>', '|', '"'etc. Use no hostname command in global configuration mode to restore default host name to be QTECH. For example :...
Page 31: Loopback Test Command
For example : ! Configure ip address allowed by telnet management system to be 192.168.0.0/0/255.255.0.0 QTECH(config)#login-access-list telnet 192.168.0.0 0.0.255.255 QTECH(config)#no login-access-list telnet 0.0.0.0 255.255.255.255 Use show login-access-list command to display all ip address allowed by web, snmp, telnet management system.
Page 32: Routing Tracert Command
Example : ! Configure only 2 Telnet users can enter privileged mode QTECH(config)#login-access-list telnet-limit 2 2.7.6 Routing tracert command Tracert is used for routing detecting and network examination. Configure it in privileged mode :...
Page 33: Monitor System By Snmp
Response packet, and return it to NMS. On the other hand, the Trap packet of abnormity of cold boot or hot boot of devices will send to NMS. QTECH company is present it own QTECH NMS and Agent server. Please refer to the http : //www.QTECH.ru/support/software.htm...
Page 34: Snmp Protocol Version
QTECH Software Configuration Manual Inform operation : NMS sends Trap information to other NMSs through this operation. 2.10 SNMP Protocol Version Currently, SNMP agents support SNMPv3 and are compatible with SNMPv1 and SNMPv2c. SNMPv1 and SNMPv2c authenticate by means of community name, which defines the relationship between an SNMP NMS and an SNMP Agent.
Page 35: Configure Community Name And Accessing Right
Delete community name and accessing right no snmp-server community community-name community-name is existed community name. For example : ! Add community qtech, and configure privilege to be rw, and permit QTECH(config)#snmp-server community qtech rw permit ! Remove community qtech QTECH(config)#no snmp-server community qtech...
Page 36: Configure Trap Destination Host Adress
MIB which is switch name. Configure it in global configuiration mode : snmp-server name sysname no snmp-server name Sysname means the charater string of system name ranges from 1 to 255 printable characters. For example : ! Configure system name to be QSW-3900 2-35...
Page 37: Configure Notify
QTECH(config)# snmp-server engineid local 12345 ! Configure remote engine that can be recognized locally. Configure remote engine ip to be 1.1.1.1, and port number to be 888, and id to be 1234 QTECH(config)# snmp-server engineid remote 1.1.1.1 udp-port 888 1234 2-36...
Page 38: Configure View
For example : ! Add view “view1”, and configure it to have a subtree “1.3.6.1” QTECH(config)# snmp-server view view1 1.3.6.1 include ! Add a subtree “1.3.6.2” for existed view “view1” QTECH(config)# snmp-server view view1 1.3.6.2 include ! Remove existed view “view1”...
Page 39: Configure User
! Add group “group1” to local facility, using security model 1, and configure read, write, and notify view to be internet QTECH(config)# snmp-server group group1 1 read internet write internet notify Internet ! Remove group “group1” from local facility QTECH(config)# no snmp-server group group1 1 ! Display current group configuration.
Page 40: Enable/Disable Dlf Forword Packet
QTECH Software Configuration Manual des encryption with the auth-password to be 1234 and privpassword to be 4321 QTECH(config)# snmp-server user user3 grp3 auth md5 auth-password 1234 priv des priv-password 4321 2.13 Enable/disable dlf forword packet Use dlf-forward command to enable dlf forword.
Page 41: Configure Cpu Busy Or Unbusy Threshold
> unbusy. Default CPU busy threshold is 90%, and CPU unbusy threshold is 60%. For example : ! Configure CPU busy threshold to be 30%, and CPU unbusy threshold to be 10% QTECH(config)#alarm cpu threshold busy 30 unbusy 10 2.14.5 Display CPU alarm information...
Page 42: Chapter 3 Mac Address Table Management
QTECH Software Configuration Manual MAC address table management Chapter 3 Introduction to Bridging A bridge is a store-and-forward device that connects and transfers traffic between local area network (LAN) segments at the data-link layer. In some small-sized networks, especially those with dispersed distribution of users, the use of bridges can reduce the network maintenance costs, without requiring the end users to perform special configurations on the devices.
Page 43 QTECH Software Configuration Manual Figure 1. Host A sends an Ethernet frame to Host B on LAN segment 1 As the bridge receives the Ethernet frame on bridge interface 1, it determines that Host A is attached to bridge interface 1 and creates a mapping between the MAC address of Host A and bridge interface 1 in its bridge table, as shown in Figure 2.
Page 44: Forwarding And Filtering
QTECH Software Configuration Manual Figure 3 The bridge determines that Host B is also attached to interface 1 Finally, the bridge obtains all the MAC-interface mappings (assume that all hosts are in use), as shown in Figure 4. Figure 4 The final bridge table 3.2.2...
Page 45 QTECH Software Configuration Manual Figure 5 Forwarding When Host A sends an Ethernet frame to Host B, as Host B is on the same LAN segment with Host A, the bridge filters the Ethernet frame instead of forwarding it, as shown in II. Figure 6.
Page 46: Brief Introduction Of Mac Address Table Management
QTECH Software Configuration Manual Figure 7 The proper MAC-to-interface mapping is not found in the bridge table Note : & When a bridge receives a broadcast or multicast frame, it forwards the frame to all interfaces other than the receiving interface.
Page 47: Configure Mac Address Item
For example : ! Add mac address 00 : 01 : 02 : 03 : 04 : 05 to be static address table. QTECH(config)#mac-address-table static 00 : 01 : 02 : 03 : 04 : 05 interface ethernet 0/0/1 vlan 1 3.6.2...
Page 48: Delete Mac Address Item
For example : ! Enable MAC address learning on interface Ethernet 0/0/7. QTECH(config-if-ethernet-0/0/7)#no mac-address-table learning 3.6.6 Display MAC address learning show mac-address learning [ interface [ interface-num ] ] Use show mac-address-table learning command to display MAC address learning.
Page 49: Modify Mac Address Learning Mode
It will be effective after rebooting. mac-address-table learning mode { svl | ivl } show mac-address-table learning mode For example : ! Modify MAC address to be IVL QTECH(config)#mac-address-table learning mode ivl ! Display MAC address learning mode. QTECH(config)#show mac-address-table learning mode 3-48...
Page 50: Chapter 4 Port Configuration
QTECH Software Configuration Manual Port Configuration Chapter 4 Port configuration introduction System can provide 24 10/100Base-T Ethernet interfaces, 2 1000Base-TX(LX/SX) Ethernet interfaces and a Console interface. Ethernet interface can work in half duplex and full duplex mode, and can negotiate other working mode and speed rate with other network devices to option the best working mode and speed rate automatically to predigest system configuration and management.
Page 51: Configure Interface Duplex Mode And Speed Rate
QTECH Software Configuration Manual For example : ! Enable Ethernet interface 1 QTECH(config-if-ethernet-0/0/1)#no shutdown ! Disable Ethernet interface 25 QTECH(config-if-ethernet-0/1/1)#shutdown When interface is shutdown, the physical link is working for diagnosis. 4.2.4 Configure interface duplex mode and speed rate 100 BASE TX supports the speed of 10Mbps and 100Mbps, while 100 BASE FX supports the speed of 100Mbps.
Page 52: Ingress/Egress Bandwidth-Control Configuration
QTECH Software Configuration Manual QTECH(config)#show description interface ethernet 0/0/3 4.2.7 Ingress/egress bandwidth-control configuration Egress/ingress bandwidth-control is to restrict the total speed rate of all sending and receiving packets. Use following command to configure engress/ingress bandwidth-control. Configure it in interface configuration mode :...
Page 53: 4.2.11 Port Mode Configuration
For example : ! Add trunk ports Ethernet0/0/1 to VLAN 3, 4, 70 to 150 QTECH(config-if-ethernet-0/0/1)# switchport trunk allowed vlan 3, 4, 70- 150 4.2.13 The default vlan-id of trunk port configuration Use switchport trunk native vlan command to configure the default vlan-id (pvid) of trunk port. When receiving untagged packet, it will be transferred to VLAN defaulted VLAN ID.
Page 54: Display Interface Information
QTECH Software Configuration Manual Add current port to specified VLAN, and the default VLAN-ID is configured to be the specified VLAN switchport access vlan vlan-id Remove current port from specified VLAN, if the default vlan-id of the current port is the specified VLAN and this port also belongs to VLAN 1, the default vlan-id of the current port restores to be 1, or the default VLAN ID will not be changed.
Page 55: Brief Introduction Of Port Lacp
For example : ! Configure Ethernet 0/0/1 to Ethernet 0/0/12 to be mirror source interfaces QTECH(config)# mirror source-interface ethernet 0/0/1 to ethernet 0/0/12 both ! Remove Ethernet 0/0/10 to Ethernet 0/0/12 from mirror source interfaces QTECH(config)#no mirror source-interface ethernet 0/0/10 to ethernet 0/0/12 4.3.2.3 Display interface mirror...
Page 56: Manual Link Aggregation
QTECH Software Configuration Manual the remote system compares the received information with the information received on other ports to determine the ports that can operate as selected ports. This allows the two systems to reach agreement on the states of the related...
Page 57: Static Lacp Link Aggregation
QTECH Software Configuration Manual · Select a port from the ports in up state, if any, in the order of full duplex/high speed, full duplex/low speed, half duplex/high speed, and half duplex/low speed, with the full duplex/high speed being the most preferred.
Page 58: Load-Balance In A Link Aggregation Group
In interface configuration mode, add current interface to channel group and specify the mode of interface. If the channel group doesn’t exist, create it. For example : ! Add Ethernet 0/0/3 to channel-group 3 and specify the port to be active mode QTECH(config-if-ethernet-0/0/3)#channel-group 3 mode active Delete interface member in channel group 4-57...
Page 59 Use show lacp interval command to display the information of group members, if the there is no keywords, all groups are displayed. For example : Display the member information of channel group 2. QTECH#show lacp internal 2 Display information of neighbour interface of channel group show lacp neighbor [channel-group-number] Use show lacp neighbor command to display the information of the neighbour port in the group.
Page 60: Interface Bpdu-Rate Configuration
QTECH Software Configuration Manual Interface BPDU-rate configuration 4.8.1 Brief introduction of interface CAR Interface CAR is used to restrict the speed rate of BPDU packets with MAC 01 : 80 : C2 : xx : xx : xx impacted CPU of single interface. CPU can make speed rate statistics of each interface. If the speed rate is larger than the configured threshold (it is defaulted to be 300 packet/second), disable this interface and send trap of interface being abnormal.
Page 61: Configure The Port-Car-Rate
Software Configuration Manual port-car-open-time time By default, port-car-open-time is 480 seconds For example : ! Configure port-car-open-time to be 10 seconds QTECH(config)#port-car-open-time 10 4.8.6 Configure the port-car-rate Please configure it in global configuration mode : Configure the port-car-rate port-car-rate rate...
Page 62: Enable/Disable Port Alarm On The Port
60 For example : ! Configure alarm all-packets exceed threshold to be 500, and normal threshold to be 300 QTECH(config)#alarm all-packets threshold exceed 500 normal 300 4.9.6 Display port alarm Input following command in any configuration mode to display global interface alarm :...
Page 63: Shutdown-Control Feature
[ broadcast | multicast | unicast ] By default, shutdown-control is disabled. Example : ! Enable shutdown-control of e0/0/8 for broadcast and speed rate is 100pps. QTECH(config-if-ethernet-0/0/8)#shutdown-control broadcast 100 4.11.3 Display shutdown-control Configure it in any configuration mode :...
Page 64: Strom Control Configuration
! Add Ethernet 0/0/1, Ethernet 0/0/3, Ethernet 0/0/4, Ethernet 0/0/5, Ethernet 0/0/8 to be downlink isolation port. QTECH(config)#port-isolation ethernet 0/0/1 ethernet 0/0/3 to ethernet 0/0/5 ethernet 0/0/8 ! Remove ethernet 0/0/3, Ethernet 0/0/4, Ethernet 0/0/5, ethernet 0/0/8 from downlink isolation port.
Page 65: Chapter 5 Vlan Configuration
QTECH Software Configuration Manual VLAN Configuration Chapter 5 Introduction to VLAN 5.1.1 VLAN Overview Ethernet is a network technology based on the Carrier Sense Multiple Access/Collision Detect (CSMA/CD) mechanism. As the medium is shared in an Ethernet, network performance may degrade as the number of hosts on the network is increasing.
Page 66: Vlan Fundamental
QTECH Software Configuration Manual 5.1.2 VLAN Fundamental To enable packets being distinguished by the VLANs they belong to, a field used to identifying VLANs is added to packets. As common switches operate on Layer 2, they only process Layer 2 encapsulation information and the field thus needs to be inserted to the Layer 2 encapsulation information of packets.
Page 67: Port-Based And 802.1Q Vlan
QTECH Software Configuration Manual 5.1.5 Port-Based and 802.1Q VLAN This is the simplest yet the most effective way of classifying VLANs. It groups VLAN members by port. After added to a VLAN, a port can forward the packets of the VLAN.
Page 68: Vlan Configuration List
QTECH Software Configuration Manual support it. Now, only the switch supported IEEE 802.1Q can be recognize IEEE 802.1Q frame so only a port linking to a switch supported IEEE 802.1Q can be configured to be Tagged port. 5.1.10 Default VLAN There is a default VLAN of production, which possesses following features : ·...
Page 69: Add/Delete Vlan Interface
VLAN with the status of being untagged. If it is trunk port, change it to be tagged in VLAN. For example : ! Add Ethernet 1, 3, 4, 5, 8 to current VLAN QTECH(config-if-vlan)#switchport ethernet 0/0/1 ethernet 0/0/3 to ethernet 0/0/5 ethernet 0/0/8 ! Remove Ethernet 3, 4, 5, 8 from current VLAN QTECH(config-if-vlan)#no switchport ethernet 0/0/3 to ethernet 0/0/5 ethernet 0/0/8 Command switchport access vlan and its no command can also add and delete port to or from VLAN.
Page 70: Configure Tag Vlan
The detailed introduction of the corresponding command. For example : ! Configure default vlan-id of Ethernet interface 1 to be 2 QTECH(config-if-ethernet-0/0/1)#switchport mode access QTECH(config-if-ethernet-0/0/1)#switchport access vlan 2 switchport trunk native vlan Caution : To use vlan-id must guarantee the specified interface to be switchport access vlan trunk, and belongs to specified VLAN, and the VLAN ID is not 1.
Page 71: Garp Messages And Timers
QTECH Software Configuration Manual for VLAN aware switches, which requires IEEE 802.1Q. Generic Attribute Registration Protocol (GARP) provides a mechanism that allows participants in a GARP application to distribute, propagate, and register with other participants in a bridged LAN the attributes specific to the GARP application, such as the VLAN or multicast address attribute.
Page 72 QTECH Software Configuration Manual & Note : · The settings of GARP timers apply to all GARP applications, such as GVRP, on a LAN. · Unlike other three timers, which are set on a port basis, the LeaveAll timer is set in system view and takes effect globally.
Page 73: Gvrp Configuration List
QTECH Software Configuration Manual Field Description Value Attribute Consists of an Attribute Length, an –– Attribute Event, and an Attribute Value Attribute Length Number of octets occupied by an 2 to 255 (in bytes) attribute, inclusive of the attribute length field...
Page 74: Enable/Disable Gvrp On A Port
Ethernet ports. If specified, the command displays GVRP information on specified Ethernet port. For example : ! Display GVRP information on interface Ethernet 0/0/1 QTECH(config)#show gvrp interface ethernet 0/0/1 5.4.4 Add/delete vlan that can be dynamic learnt by GVRP Use garp permit vlan command to add configured static vlan to GVRP module for other switches to learn.
Page 75: Examples For Gvrp Configuration
! Enable GVRP on Ethernet port 2 QTECH(config-if-ethernet-0/0/2)#gvrp ! Disable GVRP on Ethernet port 2 QTECH(config-if-ethernet-0/0/2)#no gvrp Brief introduction of QinQ QinQ is used for the commnunication between discrete client vlan whose service model is the interconnection of one or more switches supported QinQ by service provider interfaces which are in service provider vlan.
Page 76: Implementations Of Qinq
QTECH Software Configuration Manual · Provides a simple Layer 2 VPN solution for small-sized MANs or intranets.  N ote : The QinQ feature requires configurations only on the service provider network, and not on the customer network. 5.5.2 Implementations of QinQ There are two types of QinQ implementations : basic QinQ and selective QinQ.
Page 77: Qinq Configuration List
5.6.1 Configure global QinQ QSW-3900 supports two QinQ : 1) Static QinQ. Vlan protocol number in this mode can be configured but cannot be configured to ignore tag head of ingress packet. If vlan protocol number is not the same as the port configuration value or the port is...
Page 78: Configure Interface Dynamic Qinq
Delete all configured vlan tag packets to add a tag head with destination vlan3 from the start vlan1 to end vlan2. QTECH(config)#no dtag insert 1 2 3 3. Configure a series vlan to be transparent transmitted in dynamic QinQ in the form of start vlan. All vlan tag packets can be transmitted from start vlan without adding new tag head because the priority of transparent transmission id superior than adding tag head, transparent transmission will not be influenced by svlan inset command.
Page 79: Configure Global Vlan-Swap
Example : Configure rewrite-outer-vlan of e0/0/1 with inner vlan ID being the range of 1~50, outer vlan ID being 3 and new outer vlan ID being 100 QTECH(config-if-ethernet-0/0/1)# rewrite-outer-vlan 1 50 outer-vlan 3 new-outer-vlan 5.6.7 Display dynamic QinQ 1. Display dynamic vlan...
Page 80: Display Vlan-Swap
QTECH Software Configuration Manual show dtag pass-through Example : Display transparent transmission vlan QTECH(config)#show dtag pass-through 5.6.8 Display vlan-swap Display vlan swap status ! Command mode is global configuration mode show vlan-swap Example : Display vlan swap status QTECH(config)#show vlan-swap 5.6.9...
Page 81: Chapter 6 Layer 3 Configuration
QTECH QSW-3900 is a GE Intelligent Routing Switch based on ASIC technology which can support transmission in both layer 2 and layer 3. The interaccessing of hosts in the same VLAN is the transmission in layer 2 and the interaccessing of hosts in the different VLAN is the transmission in layer 3.
Page 82: Create Vlan Interface For Normal Vlan
IP address in the same network interface (10.11.0.0/16), such as 10.11.1.1/24. Configure IP address of VLAN interface 2 to be 10.11.0.0/1/16 : QTECH(config-if-vlanInterface-2)#ip address 10.11.0.1 255.255.0.0 Delete IP address of VLAN interface 2 : QTECH(config-if-vlanInterface-2)#no ip address Specify an IP address of specified interface to be the primary IP address : QTECH(config-if-vlanInterface-2)#ip address primary 10.11.0.1...
Page 83: Arp Proxy Configuration
Display all layer 3 interface configuration information : QTECH(config)#show ip interface Display VLAN interface 2 configuration information : QTECH(config)#show ip interface vlan-interface 2 Display superVLAN interface 3 configuration information : QTECH(config)#show ip interface supervlan-interfac 3 Brief introduction of static routing A static route is a special route that is manually configured by the network administrator.
Page 84: Application Environment Of Static Routing
QTECH QSW-3900 is a GE Intelligent Routing Switch based on ASIC technology which maintains a layer 3 transmission routing table to designatethe next hop address and related information which can be dynamically learnt and manually configured.
Page 85: Chapter 7 Rip Configuration
QTECH Software Configuration Manual RIP Configuration Chapter 7 Brief introduction of RIP RIP is short for Routing Information Protocol. It is a protocol based on D-V（Distance-Vector）algorithm which is widely used in real application. It submits routie information through UDP（User Datagram Protocol）and sends upgrade packet every 30 seconds.
Page 86: Rip Working Mechanism
QTECH Software Configuration Manual 7.2.1 RIP Working Mechanism 7.2.1.1 Basic concept of RIP RIP is a Distance-Vector-based routing protocol, using UDP packets for exchanging information through port 520. RIP uses a hop count to measure the distance to a destination. The hop count is known as metric. The hop count from a router to a directly connected network is 0.
Page 87: Rip Version
QTECH Software Configuration Manual RIP uses the following mechanisms to prevent routing loops. · Counting to infinity. The metric value of 16 is defined as unreachable. When a routing loop occurs, the metric value of the route will increment to 16.
Page 88: Trip
QTECH Software Configuration Manual 7.2.3.2 RIPv2 message format The format of RIPv2 message is similar with RIPv1. RIPv2 Message Format The differences from RIPv1 are stated as following. · Version : Version of RIP. For RIPv2 the value is 0x02.
Page 89: Protocols And Standards
QTECH Software Configuration Manual 7.2.4.1 Working mechanism Routing information is sent in triggered updates rather than periodic broadcasts to reduce the routing management cost the WAN. Only when data in the routing table changes or the next hop is unreachable, a routing update message is sent.
Page 90: Enable Rip
QTECH Software Configuration Manual 7.3.1 Enable RIP By default, RIP is disabled. Enable RIP mode in global configuration mode : Enable RIP and enter RIP configuration mode route rip Disable RIP no route rip 7.3.2 Specify IP network to run RIP protocol By default, after RIP enabling, no interface runs RIP protocol, only when administrator specifies some IP network to run RIP protocol, this interface will send and receive RIP packet.
Page 91: Enable Host Routing
QTECH Software Configuration Manual Specify RIP working version of interface to be RIPV2 broadcast ip rip version 2 bcast Delete rip version number and configure it to default rip1 no ip rip version 7.3.5 Enable host routing In some cases, RIP packet received by router contains host route table item which has little to do with searching address but occupies a lot of resources.
Page 92: Configure Metricin
QTECH Software Configuration Manual 7.3.9 Configure metricin Routing Metric is input or output metric added by RIP route. Routing Metric cannot change route metric in route table, but add a specified metric when sending and receiving route. Configure it in interface configuration mode :...
Page 93: Display Rip Configuration
QTECH Software Configuration Manual distribute-list prefix-list in Configure RIP to filtrate sent route distribute-list prefix-list out Configure RIP to receive specified route distribute-list gate-way in Cancel filtration no distribute-list 7.3.13 Display RIP configuration There are 3 commands to display RIP information.
Page 94: Chapter 8 Ospf Configuration
QTECH Software Configuration Manual OSPF Configuration Chapter 8 Brief introduction of OSPF OSPF is short for Open Shortest Path First which is an internal route protocol based on link status and the shortest path precedence. In IP network, it searches and transmits route dynamically through collecting and delivering link status of autonomy system;...
Page 95: Basic Concepts
QTECH Software Configuration Manual 8.1.1 Basic Concepts 8.1.1.1 Autonomous System A set of routers using the same routing protocol to exchange routing information constitute an Autonomous System (AS). 8.1.1.2 OSPF route computation OSPF route computation is described as follows : ·...
Page 96: Ospf Area Partition And Route Summarization
QTECH Software Configuration Manual · Network Summary LSA : Type-3 LSA, originated by ABRs (Area Border Routers), and flooded throughout the LSA's associated area. Each summary-LSA describes a route to a destination outside the area, yet still inside the AS (an inter-area route).
Page 97 QTECH Software Configuration Manual OSPF area partition After area partition, area border routers perform route summarization to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes. 8.1.2.2 Classification of Routers The OSPF routers fall into four types according to the position in the AS : 1) Internal Router All interfaces on an internal router belong to one OSPF area.
Page 98 QTECH Software Configuration Manual OSPF router types 8.1.2.3 Backbone area and virtual links Each AS has a backbone area, which is responsible for distributing routing information between none-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area.
Page 99 QTECH Software Configuration Manual Another application of virtual links is to provide redundant links. If the backbone area cannot maintain internal connectivity due to a physical link failure, configuring a virtual link can guarantee logical connectivity in the backbone area, as shown below.
Page 100: Route Types
QTECH Software Configuration Manual Like stub areas, virtual links cannot transit NSSA areas. \ NSSA area 8.1.2.6 Route summarization Route summarization : An ABR or ASBR summarizes routes with the same prefix with a single route and distribute it to other areas.
Page 101: Classification Of Ospf Networks
QTECH Software Configuration Manual The intra-area and inter-area routes describe the network topology of the AS, while external routes describe routes to destinations outside the AS. OSPF classifies external routes into two types : Type-1 and Type-2. A Type-1 external route is an IGP route, such as a RIP or static route, which has high credibility and whose cost is comparable with the cost of an OSPF internal route.
Page 102: Dr And Bdr
QTECH Software Configuration Manual 8.1.4 DR and BDR 8.1.4.1 DR/BDR introduction On broadcast or NBMA networks, any two routers exchange routing information with each other. If n routers are present on a network, n(n-1)/2 adjacencies are required. Any change on a router in the network generates traffic for routing information synchronization, consuming network resources.
Page 103: Ospf Packet Formats
QTECH Software Configuration Manual other interfaces may be a BDR or DRother. · After DR/BDR election and then a new router joins, it cannot become the DR immediately even if it has the highest priority on the network. · The DR may not be the router with the highest priority in a network, and the BDR may not be the router with the second highest priority.
Page 104 QTECH Software Configuration Manual Hello packet format Major fields : · Network Mask : Network mask associated with the router’s sending interface. If two routers have different network masks, they cannot become neighbors. · HelloInterval : Interval for sending hello packets. If two routers have different intervals, they cannot become neighbors.
Page 105 QTECH Software Configuration Manual DD packet format Major fields : · Interface MTU : Size in bytes of the largest IP datagram that can be sent out the associated interface, without fragmentation. · I (Initial) The Init bit, which is set to 1 if the packet is the first packet of database description packets, and set to 0 if not.
Page 106 QTECH Software Configuration Manual · LS type : Type number of the LSA to be requested. Type 1 for example indicates the Router LSA. · Link State ID : Determined by LSA type. · Advertising Router : ID of the router that sent the LSA.
Page 107 QTECH Software Configuration Manual LSA header format Major fields : · LS age : Time in seconds elapsed since the LSA was originated. A LSA ages in the LSDB (added by 1 per second), but does not in transmission. ·...
Page 108 QTECH Software Configuration Manual to a transit network; a value of 3 indicates a link to a stub network; a value of 4 indicates a virtual link. · #TOS : Number of different TOS metrics given for this link. ·...
Page 109 QTECH Software Configuration Manual · Network Mask : The network mask for the type 3 LSA; set to 0.0.0.0 for the Type-4 LSA · metric : The metric to the destination & Note : A Type-3 LSA can be used to advertise a default route, having the Link State ID and Network Mask set to 0.0.0.0.
Page 110: Supported Ospf Features
QTECH Software Configuration Manual NSSA external LSA format 8.1.6 Supported OSPF Features 8.1.6.1 Multi-process With multi-process support, multiple OSPF processes can run on a router simultaneously and independently. Routing information interactions between different processes seem like interactions between different routing protocols.
Page 111 QTECH Software Configuration Manual To avoid unnecessary SPF calculation, when a router restarts, it will inform neighboring routers the shutdown is temporary. Then these routers will not delete the router from their neighbor tables, and other routers have no idea about this restart.
Page 112: Protocols And Standards
QTECH Software Configuration Manual 8.1.6.7 VPN OSPF supports multi-instance, which can run on PEs in VPN networks. In BGP MPLS VPN networks, multiple sites in the same VPN can use OSPF as the internal routing protocol, but they are treated as different ASs. An OSPF route learned by a site will be forwarded to another site as an external route, which leads to heavy OSPF routing traffic and management issues.
Page 113: Enable/Disable Ospf
IP address mask or the wildcard after NON the mask. Example : !Specify running OSPF in IP address 10.11.5.2 QTECH(config-router-ospf)#network 10.11.5.2 255.255.255.0 area 0.0.0.0 8.2.4 Configure area authentication type Authentication type of all routers in an area must be the same （ support plain text authentication, MD5 encrypt authentication, not authentication）...
Page 114: Configure Interface Type
Software Configuration Manual no area area-id authentication Example : !Configure authentication of OSPF area 0 to be MD5 QTECH(config-router-ospf)#area 0 authentication message-digest 8.2.5 Configure interface type OSPF protocol calculating route is based on neighbor network topology of current router. Each router describes the network topology of its neighbor network and transmits it to other routers.
Page 115: Configure Priority When Selecting Dr
By default, the priority of VLAN interface to select “designated router” is in the range of 0～255 Example : !Configure priority of VLAN interface 3 to be 100 QTECH(config-if-vlanInterface-3)#ip ospf priority 100 8.2.8 Configure Hello time interval Hello packet is a geneally used packet which is periodically sent to neighbor router to search and maintain neighborship and select DR and BDR.
Page 116: Configure Interface Invalid Time Of Neighbour Routers
OSPF neighbor for point-to-multipoint, non-broadcast is 120seconds. Example : !Configure the dead interval of interface 3 to be 60seconds QTECH(config-if-vlanInterface-3)#ip ospf dead-interval 60 Caution : After modifying network type, hello-interval and dead-interval are restore to the default value.
Page 117: Configure Packet Authentication Key
1～16 bytes. Example : !Configure simple authentication key of VLAN interface 3 to be abc123 QTECH(config-if-vlanInterface-3)#ip ospf authentication-key abc123 8.2.13 Configure STUB area of OSPF Stub area is special LSA area. ABR in stub area doesn’t transmit the router outside of autonomy system. The scale of routing table and transmission number of routing packet in these areas will greatly reduced.
Page 118: Configure Route Convergence In Ospf
Example : !Convergent 202.38.160.0 255.255.255.0 and 202.38.180.0 255.255.255.0to be one route 202.38.0.0 255.255.0.0 QTECH(config-router-ospf)#area 1.1.1.1 range 202.38.0.0 255.255.0.0 8.2.15 Configure OSPF virtual connection After dividing SOPF areas, not all areas are equal. One area with the area-id being 0.0.0.0 is different which is called BackboneArea.
Page 119: Configure Route Introduced By Ospf Other Route Protocol
5 seconds；the value of transmit-delay is 1 second；the value of dead-intervalis 40 seconds. Example : !Configure a virtual connection with the transmission area being 1.1.1.1，router-id of the opposite end being 10.11.5.2 QTECH(config-router-ospf)#area 1.1.1.1 virtual-link 10.11.5.2 8.2.16 Configure route introduced by OSPF other route protocol Each dynamic routing protocol can share routing information.
Page 120: Ospf Monitor And Maintain
By default, the metric of received external route is 1 and type is 2. Example : !Configure the metric of received external route to be 10 QTECH(config-router-ospf)#default redistribute metric 10 8.2.19 OSPF monitor and maintain Followings are display command : show ip ospf Display OSPF information.
Page 121: Chapter 9 Bgp Configuration
QTECH Software Configuration Manual BGP Configuration Chapter 9 Brief Introduction of BGP BGP （Border Gateway Protocol） is a dynamic route protocol in anonymous system whose basic function is automatically changing no-loop route information in AS and contructs topology from AS through changing network layer arrival information with AS routine attribution.
Page 122: Enable/Disable Bgp
BGP is defaulted to be disabled. Example: !Enable BGP QTECH(config)#router bgp 400 Specify the network route BGP to be notified Use network command to specify the network route BGP to be notified and also mask. Configure it in BGP configuration mode.
Page 123: Configure Bgp Timer
QTECH Software Configuration Manual Delete neighborhood no neighbor neighbor-address remote-as as-number 9.2.2.2 configure permit setting up connection to the indirect-connected peerof EBGP generally, EBGP and peer should be physically connected, or configure it through following command. Configure permit setting up connection to the indirect-connected peer of EBGP...
Page 124: Configure Local Preference
The above router only compares the MED from different EBGP peer route in the same AS. Use bgp always-compare-med command to compare the peer route in the different AS. Example: QTECH(config)#default-metric 20 9.2.6 Compare MED from different AS neighbors MED is used for choosing the best path. The smaller MED value will be chosen. It is recommended to use this command when the IGP and route choosing method are the same in the corresponded AS.
Page 125: Configure Bgp Route Aggregation
If ip distribute-list command is configured, there must be at least one command with ip distribute-list permit for the items with the same list number, or all route will be filtered when using neighbor distribute-list command. Example: QTECH(config)# ip distribute-list 3 deny 192.168.9.0 0.0.0.255 QTECH(config)# ip distribute-list 3 permit 0.0.0.0 255.255.255.255 9.2.10...
Page 126: Bgp Monitor And Maintenance
In the process of matching, the relationship between aspath-list-number is ”or”，that is, route information matching one item of this list group means it matches the filtration of the distribute list of the as-path list id. Example: QTECH(config)# ip as-path access-list 10 deny ^700$ QTECH(config)# ip as-path access-list 10 permit .* 9.2.11 BGP monitor and maintenance Use show command in any configuration mode.
Page 127 QTECH Software Configuration Manual show BGP peer summary show ip bgp summary QTECH# show ip bgp summary Neighbor MsgRcvd MsgSent Up/Down State/PfxRcd 192.168.3.3 04:41:13 Established 192.168.3.7 00:44:15 Established 192.168.3.8 06:27:29 Established 9-126...
Page 128: Chapter 10 Multicast Protocol Configuration
QTECH Software Configuration Manual Multicast Protocol Configuration Chapter 10 10.1 Multicast overview 10.1.1 Multicast Address As receivers are multiple hosts in a multicast group, you should be concerned about the following questions : · What destination should the information source send the information to in the multicast mode? ·...
Page 129 QTECH Software Configuration Manual Local management multicast addresses, which are for specific local use 239.0.0.0 to 239.255.255.255 only. As specified by IANA, the IP addresses ranging from 224.0.0.0 to 224.0.0.255 are reserved for network protocols on local networks. The following table lists commonly used reserved IP multicast addresses :...
Page 130: Gmrp Overview
QTECH Software Configuration Manual Mapping relationship between multicast IP address and multicast MAC address The high-order four bits of the IP multicast address are 1110, representing the multicast ID. Only 23 bits of the remaining 28 bits are mapped to a MAC address. Thus, five bits of the multicast IP address are lost. As a result, 32 IP multicast addresses are mapped to the same MAC address.
Page 131: Enable/Disable Gmrp On A Port
Ethernet ports. If specified, the command displays GMRP information on specified Ethernet port. For example : ! Display GMRP information of Ethernet 0/0/2 to ethernet 0/0/4 ethernet 0/1/2 QTECH(config)#show gmrp interface ethernet 0/0/2 to ethernet 0/0/4 ethernet 0/1/2 port GMRP status e0/0/2 enable...
Page 132: Display Multicast That Can Be Learnt By Gmrp
Software Configuration Manual Add multicast group 01 : 00 : 5e : 00 : 01 : 01 vlan 1 to GMRP QTECH(config)#garp permit multicast mac-address 01 : 00 : 5e : 00 : 01 : 01 vlan 1 10.3.6 Display multicast that can be learnt by GMRP Display multicast group can be statically learnt by GMRP.
Page 133: Basic Concepts In Igmp Snooping
QTECH Software Configuration Manual 10.4.2 Basic Concepts in IGMP Snooping 10.4.2.1 IGMP Snooping related ports As shown in Figure 2, Router A connects to the multicast source, IGMP Snooping runs on Switch A and Switch B, Host A and Host C are receiver hosts (namely, multicast group members).
Page 134: How Igmp Snooping Works
QTECH Software Configuration Manual Timer Description Message before expiry Action after expiry For each router port, the IGMP general query of The switch removes this Router port aging switch sets a timer initialized which the source address is port from its router port...
Page 135: Processing Of Multicast Protocol Messages
QTECH Software Configuration Manual address will suppress their own reports upon hearing this report, and this will prevent the switch from knowing whether any hosts attached to that port are still active members of the reported multicast group. 10.4.3.3 When receiving a leave group message When an IGMPv1 host leaves a multicast group, the host does not send an IGMP leave group message, so the switch cannot know immediately that the host has left the multicast group.
Page 136 QTECH Software Configuration Manual If IGMP is disabled, the switch clears all its router ports. If IGMP is enabled, the switch maintains all its Layer 2 multicast entries and router ports. 10-135...
Page 137 QTECH Software Configuration Manual Table 2-3 IGMP Snooping messages Message Sender Receiver Purpose Switch action IGMP Multicast Multicast Query if Check if the message comes from the If yes, reset the aging general router member original router port timer of the router port...
Page 138: Protocols And Standards
: igmp-snooping host-aging-time Use following command to display host-aging-time dynamic multicast group learnt by igmp-snooping : show igmp-snooping For example : ! Configure host-aging-time of the dynamic multicast group learnt by igmp-snooping to be 10 seconds QTECH(config)#igmp-snooping host-aging-time 10 10-137...
Page 139: Igmp Snooping Max-Response-Time Configuration
! Configure Ethernet 0/0/1 not to learn multicast 01 : 00 : 5e : 00 : 01 : 01 QTECH(config-if-ethernet-0/0/1)#igmp-snooping deny group 01 : 00 : 5e : 00 : 01 : 01 ! Configure the learning regulation of default group to allow all multicast group QTECH(config)#igmp-snooping permit group all 10.5.6...
Page 140: Enable/Disable Igmp Snooping Querier
Example : ! Configure interval of sending IGMP query to be 90s QTECH(config)# igmp-snooping querier 90 10.5.9 Configure IGMP Snooping querier vlan Sending IGMP query must specify vlan. Packet will be transferred to all ports of this vlan.
Page 141: Configure Igmp Snooping Query Source Ip
Example : Configure e0/0/1 of vlan 2 to be route port of current group(determined by source IP of querie) QTECH(config)# igmp-snooping route-port vlan 2 interface ethernet 0/0/1 10.6 Static Multicast Configuration 10.6.1 Brief introduction of Static Multicast Static multicast configuration command is used to crewate multicast group and add interfaces to it.
Page 142: Static Multicast Configuration
For example : ! Add interface Ethernet 0/0/2 to ethernet 0/0/4 ethernet 0/0/8 to existed multicast group QTECH(config)#multicast mac-address 01 : 00 : 5e : 01 : 02 : 03 vlan 1 interface ethernet 0/0/2 to ethernet 0/0/4 ethernet 0/0/8 10.6.5...
Page 143: Delete Interface Members From Multicast Group
All means all the members in multicast group. For example : ! Delete interface ethernet 5, 6 from existed multicast group. QTECH(config)#no multicast mac-address 01 : 00 : 5e : 01 : 02 : 03 vlan 1 interface ethernet 0/0/5 ethernet 0/0/6 10.6.7...
Page 144: Enable/Disable Cross-Vlan Multicast
Use this command to display cross vlan configuration and specified interface configuration. show cross-vlan multicast [interface] Example : ! Display configuration of cross vlan multicast of e0/0/1 QTECH(config)#show cross-vlan multicast interface ethernet 0/0/1 cross-vlan multicast : enabled. port tag vlanid 0/0/1 false 0 Total [1] item(s), printed [1] item(s).
Page 145: Chapter 11 Dhcp Configuration
QTECH Software Configuration Manual DHCP Configuration Chapter 11 11.1 Brief introduction of DHCP Dynamic Host Configuration Protocol (DHCP) is a network application protocol used by devices (DHCP clients) to obtain configuration information for operation in an Internet Protocol network. This protocol reduces system administration workload, allowing devices to be added to the network with little or no manual intervention.
Page 146: Technical Details
QTECH Software Configuration Manual 11.2 Technical details Schema of a typical DHCP session DHCP uses the same two IANA assigned ports as BOOTP : 67/udp for the server side, and 68/udp for the client side. DHCP operations fall into four basic phases. These phases are IP discovery, IP lease offer, IP request, and IP lease acknowledgement.
Page 147: Dhcp Acknowledgement
QTECH Software Configuration Manual 11.2.4 DHCP acknowledgement When the DHCP server receives the DHCPREQUEST message from the client, the configuration processes enters its final phase. The acknowledgement phase involves sending a DHCPACK packet to the client. This packet includes the lease duration and any other configuration information that the client might have requested. At this point, the IP configuration process is complete.
Page 148: Obtaining Ip Addresses Dynamically
QTECH Software Configuration Manual · Manual assignment. The administrator statically binds IP addresses to few clients with special uses (such as WWW server). Then the DHCP server assigns these fixed IP addresses to the clients. · Automatic assignment. The DHCP server assigns IP addresses to DHCP clients. The IP addresses will be occupied by the DHCP clients permanently.
Page 149 QTECH Software Configuration Manual DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPACK UDP Src=0.0.0.0 sPort=68 UDP Src=192.168.1.1 sPort=67 UDP Src=0.0.0.0 sPort=68 UDP Src=192.168.1.1 sPort=67 Dest=255.255.255.255 Dest=255.255.255.255 Dest=255.255.255.255 Dest=255.255.255.255 dPort=67 dPort=68 dPort=67 dPort=68 OP HTYPE HLEN HOPS OP HTYPE HLEN HOPS OP HTYPE HLEN HOPS...
Page 150: Dhcp Server Configuration List
3 network, each VLAN needs a DHCP server which greatly wastes of resources. A better way to solve this problem is to configure DHCP relay in QTECH QSW-3900 to relay DHCP packet to DHCP server which can need at least only one DHCP server.
Page 151: Enable Dhcp Relay
Disable DHCP server no dhcp-server group-num Example : !Configure IP address of DHCP server 1 to be 192.168.0.100 QTECH(config)#dhcp-server 1 ip 192.168.0.100 !Disable DHCP server 1 QTECH(config)#no dhcp-server 1 11.3.3 Specify DHCP server for layer 3 interface After creating DHCP server, specify DHCP server for each layer 3 interface, and system will relay DHCP packet to DHCP server of this interface after receiving DHCP packet.
Page 152: Local Ip Address Pool Configuration
After enabling this function, IP address of DHCP server in IP address information requested by DHCP client cannot be the real IP address of DHCP server, but primary IP address of current interface of QTECH QSW-3900 to hide DHCP server directory.
Page 153: Configure Local Ip Address Pool Network Interface
QTECH Software Configuration Manual QTECH(config)#ip pool nic !Delete IP address pool nic QTECH(config)#no ip pool nic 11.4.2 Configure gateway and netmask of local IP address pool Use this command in local IP address pool configuration mode : Configure gateway and netmask of local IP address pool...
Page 154: Configure Lease Time
The shortest is 0 : 0 : 1 and the longest is 999 : 23 : 59. It is defaulted to be 1day. For example : !Configure lease time to be 1 day 1 hour 1minute QTECH(config-ip-pool-nic)#lease 1 : 1 : 1 11.4.6 Configure DNS Configure it in local IP address pool configuration mode :...
Page 155: Configure Ip-Bind
!Add client with mac address being 01 : 00 : 5e : 22 : 22 : 22，vlan being 2，ip addrss being 5.5.1.2 QTECH(config)#dhcp-client 01 : 00 : 5e : 22 : 22 : 22 5.5.1.2 2 !Delete client with mac address being 01 : 00 : 5e : 22 : 22 : 22，vlan being 2 QTECH(config)#no dhcp-client 01 : 00 : 5e : 22 : 22 : 22 2 11.4.12...
Page 156: Dhcp Relay Agent Fundamentals
In a three-level architectured network constructed with QTECH QSW-3500 or QSW-3900, a DHCP server is put in each VLAN. This is a greate waste of resources.A solution to this is to use the DHCP relay feature of QTECH QSW-3900, which relays DHCP messages to DHCP servers.Thus only one DHCP server is needed at least.
Page 157: Option 82 Supporting
QTECH Software Configuration Manual 3) The DHCP server assigns IP addresses and transmits the configuration information to the clients through the DHCP relay agent so that the clients can be configured dynamically. The transmission mode depends on the flag field in the DHCP-DISCOVER packet.
Page 158 QTECH Software Configuration Manual The form of sub-option1is as following : VLAN ID Sub Length 0065 Sub Type Port Slot The form of sub-option2 is as following : Sub Length 0002 001fce115100 Sub Type MAC Address 11.5.3.1 Introduction to option 82 supporting Option 82 is a relay agent information option in DHCP packets.
Page 159: Dhcp Relay Configuration List
QTECH Software Configuration Manual 11.5.3.3 Mechanism of option 82 supporting on DHCP relay agent The procedure for a DHCP client to obtain an IP address from a DHCP server through a DHCP relay agent is similar to that for the client to obtain an IP address from a DHCP server directly. The following are the mechanism of option 82 supporting on DHCP relay agent.
Page 160: Configure Vlan Interface
Use for example this configuration for set the IP address of DHCP server and specify the interface VLAN aliase : QTECH(config)#vlan vlannumber QTECH(config-if-vlan)#interface ipaddress mask gateway QTECH(config-if-vlan)#dhcpserver ip ipadddress 11.6.3 Support relay option82 When relay devices receive the DHCP_DISCOVER and DHCP_REQUEST packet sent by client, add option82 and send to server.
Page 161 · Trusted ports forward any received DHCP packet to ensure that DHCP clients can obtain IP addresses from valid DHCP servers. Untrusted ports drop all the received packets. Figure 1 illustrates a typical network diagram for DHCP snooping application, where Switch B is an QSW-3900 series switch.
Page 162: Dhcp Snooping Configuration List
QTECH Software Configuration Manual animus attacktion. 11.8 DHCP snooping configuration list 11.8.1 Enable DHCP snooping Enable DHCP snooping dhcp-snooping 11.8.2 Configure trust ports Specify some port as trust port. In general, valid servers are connected to the trust ports. Specify port as trust port dhcp-snooping trust 11.8.3...
Page 163: Chapter 12 Arp Configuration
QTECH Software Configuration Manual ARP Configuration Chapter 12 12.1 Brief Introduction of ARP In computer networking, the Address Resolution Protocol (ARP) is the method for finding a host's link layer (hardware) address when only its Internet Layer (IP) or some other Network Layer address is known. ARP is...
Page 164: Arp Announcements
QTECH Software Configuration Manual Ø Sender protocol address (SPA) Protocol address of the sender. Ø Target hardware address (THA) Hardware address of the intended receiver. This field is ignored in requests. Ø Target protocol address (TPA) Protocol address of the intended receiver.
Page 165: Arp Spoofing
QTECH Software Configuration Manual 12.2 ARP spoofing Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP Spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether (known as a denial of service attack).
Page 166: Anti-Flood Arp
Add a static ARP table item with the IP address being 192.168.0.100，MAC address being 00 : 01 : 02 : 03 : 04 : 05，the corresponded VLAN interface being 1，and port number being 3 : QTECH(config)#arp 192.168.0.100 00 : 01 : 02 : 03 : 04 : 05 1 0/3 Delete the corresponded ARP table item of IP address 192.168.0.100 : QTECH(config)#no arp 192.168.0.100...
Page 167: Display Arp Table Item
Display static ARP table item : show arp static Display all ARP table item with the IP address being 192.168.0.100 : QTECH(config)#show arp 192.168.0.100 12.5.3 Configure ARP aging time Use this command to modify ARP aging time : arp aging seconds 12.5.4...
Page 168: Configure Deny Action And Threshold Of Arp Anti-Flood
Example : ! Recover banned mac : 00 : 0a : 5a : 00 : 02 : 02 QTECH(config)#arp anti-flood recover 00 : 0a : 5a : 00 : 02 : 02 ! Recover all banned mac QTECH(config)#arp anti-flood recover all...
Page 169: Display Arp Anti-Flood Attack Information
! Bind mac : 00 : 0a : 5a : 00 : 02 : 02 QTECH(config)#arp anti-flood bind blackhole 00 : 0a : 5a : 00 : 02 : 02 ! Bind all blackhole mac generated by all arp anti-flood QTECH(config)#arp anti-flood bind blackhole all 12.5.12...
Page 170: Enable/Disable Arp Anti-Spoofing Valid-Check
Example : ! Configure unknown ARP packet handling strategy to be flood QTECH(config)#arp anti-spoofing unknow flood Strategy discard means to drop unknown arp packet without corresponded static arp. Strategy flood means to flood to each interface（transmit to each interface）. The default strategy is discard.
Page 171: Configure Trust Port Of Arp Anti-Attack
Software Configuration Manual 12.5.17 Configure trust port of ARP anti-attack Use this command to set the port to be trust and ARP packet from this port will not be check attacking and spoofing. !Configure e0/0/1 to be trust QTECH(config-if-ethernet-0/0/1)#arp anti trust 12-170...
Page 172: Chapter 13 Acl Configuration
QTECH Software Configuration Manual ACL Configuration Chapter 13 13.1 ACL Overview An access control list (ACL) is used primarily to identify traffic flows. In order to filter data packets, a series of match rules must be configured on the network device to identify the packets to be filtered. After the specific packets are identified, and based on the predefined policy, the network device can permit/prohibit the corresponding packets to pass.
Page 173: Ways To Apply Acl On A Switch
QTECH Software Configuration Manual numbers of other ACEs to be considered in deciding their priority order, weighting principles will be used in deciding their priority order. The weighting principles work as follows : · Each ACE is given a fixed weighting value. This weighting value and the value of the ACE itself will jointly decide the final matching order.
Page 174: Configuring Acl
QTECH Software Configuration Manual 13.2 Configuring ACL 13.2.1 Matching order configuration An ACL rule consists of many “permit | deny” syntax, and the range of data packet specified by each syntax is different. When matching a data packet and ACL rule, there should be order. Use following command to configure...
Page 175: Acl Configuration
QTECH Software Configuration Manual The max sub-rule number which can be configured 3000 Time range The absolute time range which can be configured by a time range The periodic time range which can be configured by a time range Sub-item of activating ACL 1416 13.3...
Page 176: Standard Acl
QTECH Software Configuration Manual no periodic days-of-the-week hh : mm : ss to [ day-of-the-week ] hh : mm : ss The effective time range of periodic time is a week. It can configure at most 32 periodic time range.
Page 177: Define Layer 2 Acl
QTECH Software Configuration Manual 13.3.4.1 Define extended ACL with number ID Extended ACL based on number ID is using number to be ID of extended ACL. Use following command to define extended ACL based on number ID. access-list access-list-number2 { permit | deny } [ protocol ] [ established ] { source-addr...
Page 178: Activate Acl
QTECH Software Configuration Manual time-range-name ] Define the matching order of ACL : access-list access-list-number match-order { config | auto } Delete all the subitems or one subitem in one ACL with number ID or name ID or all ACLs.
Page 179 QTECH Software Configuration Manual show time-range [ all | statistic | name time-range-name ] Display detail information of ACL show access-list config { all | access-list-number | name access-list-name } Display statistic information of ACL show access-list config statistic Display runtime information of ACL...
Page 180: Chapter 14 Qos Configuration
QTECH Software Configuration Manual QOS Configuration Chapter 14 14.1 Brief introduction of QOS In traditional packet network, all packets are equal to be handled. Each switch and router handles packet by FIFO to make best effort to send packets to the destination and not to guarantee the transmission delay and delay variation.
Page 181: Flow Monitor
14.1.10.2 WRR queue scheduler divides a port into 4 or 8 outputting queues (QSW-3900 has 8 queues, that is, 3, 2, 1, 0) and each scheduler is in turn to guarantee the service time for each queue. WRR can configure a weighted value (that is, w3, w2, w1, w0 in turn) which means the percentage of obtaining the resources.
Page 182: Cos-Map
QTECH Software Configuration Manual (3) WRR with maximum delay Compared with WRR, WRR with maximum delay can guarantee the maximum time from packets entering superior queue to leaving it will not beyond the configured maximum delay. 14.1.11 cos-map This is a relationship of hardware priority queue and priority of IEEE802.1p protocol System will map between 802.1p protocol priority of packet and hardware queue priority.
Page 183: Priority Configuration
QTECH Software Configuration Manual no traffic-redirect { [ ip-group { access-list-number | access-list-name } [ subitem subitem ] ] [ link-group { access-list-number | access-list-name } [ subitem subitem ] ] } } Instruction : Use this command to redirect the data packet which matched specified accessing list regulations (it is only be effective for permit rules of accessing list).
Page 184: Flow Mirror Configuration
For example : ! Configure packed-priority 1 to mapped priority 6 of IEEE 802.1p QTECH(config)#queue-scheduler cos-map 1 6 14.2.6 Flow mirror configuration Flow mirror is copying the service flow which matches ACL rules to specified monitor interface to analyse and monitor packet.
Page 185 QTECH Software Configuration Manual show qos-info statistic Display flow mirror configuration show qos-info mirrored-to Display queue scheduler and parameter show queue-scheduler Display the cos-map relationship of hardware priority queue and priority of IEEE802.1p protocol show queue-scheduler cos-map Display QOS configuration of all interface...
Page 186: Chapter 15 Stp Configuration
QTECH Software Configuration Manual STP Configuration Chapter 15 15.1 Brief introduction of STP Configuration STP(Spanning Tree Protocl) is a part of IEEE 802.1D network bridge. The realization of standard STP can eliminate network broadcast storm caused by network circle connection and the circle connection caused by misplaying and accidence, and it also can provide the possibility of network backup connection.
Page 187 QTECH Software Configuration Manual The device directly connected with The port through which the For a device this device and responsible for designated bridge forwards forwarding BPDUs BPDUs to this device The device responsible for The port through which the...
Page 188 QTECH Software Configuration Manual For the convenience of description, the description and examples below involve only four parts of a configuration BPDU : · Root bridge ID (in the form of device priority) · Root path cost · Designated bridge ID (in the form of device priority) ·...
Page 189 QTECH Software Configuration Manual Table 2 Selection of the optimum configuration BPDU Step Description Upon receiving a configuration BPDU on a port, the device performs the following processing : · If the received configuration BPDU has a lower priority than that of the configuration BPDU generated by the port, the device will discard the received configuration BPDU without doing any processing on the configuration BPDU of this port.
Page 190 QTECH Software Configuration Manual Step Description The device compares the calculated configuration BPDU with the configuration BPDU on the port of which the port role is to be defined, and does different things according to the comparison result : ·...
Page 191 QTECH Software Configuration Manual BPDU of port after Device Comparison process comparison · Port AP1 receives the configuration BPDU of Device B {1, 0, 1, BP1}. Device A finds that the configuration BPDU of the local port {0, 0, 0, AP1} is superior to the configuration received message, and discards the received configuration BPDU.
Page 192 QTECH Software Configuration Manual BPDU of port after Device Comparison process comparison By comparison : · The configuration BPDUs of CP1 is elected as the optimum configuration BPDU, so CP1 is identified as Root port CP1 : the root port, the configuration BPDUs of which will {0, 0, 0, AP2} not be changed.
Page 193: Introduction To Mstp
QTECH Software Configuration Manual & Note : To facilitate description, the spanning tree computing process in this example is simplified, while the actual process is more complicated. The BPDU forwarding mechanism in STP · Upon network initiation, every switch regards itself as the root bridge, generates configuration BPDUs with itself as the root, and sends the configuration BPDUs at a regular interval of hello time.
Page 194 QTECH Software Configuration Manual MSTP features the following : · MSTP supports mapping VLANs to MST instances by means of a VLAN-to-instance mapping table. · MSTP divides a switched network into multiple regions, each containing multiple spanning trees that are independent of one another.
Page 195 QTECH Software Configuration Manual As an attribute of an MST region, the VLAN-to-instance mapping table describes the mapping relationships between VLANs and MST instances. In Figure 4, for example, the VLAN-to-instance mapping table of region A0 describes that the same region name, the same VLAN-to-instance mapping (VLAN1 is mapped to MST instance 1, VLAN2 to MST instance 2, and the rest to CIST.
Page 196 QTECH Software Configuration Manual Figure 5 Port roles Figure 5 helps understand these concepts. Where, · Devices A, B, C, and D constitute an MST region. · Port 1 and port 2 of device A connect to the common root bridge.
Page 197: Protocols And Standards
QTECH Software Configuration Manual 15.1.2.3 How MSTP works MSTP divides an entire Layer 2 network into multiple MST regions, which are interconnected by a computed CST. Inside an MST region, multiple spanning trees are generated through computing, each spanning tree called an MST instance.
Page 198: Enable/Disable Stp
By default, interface STP enables. For example : ! Disable STP on Ethernet 01 QTECH(config-if-ethernet-0/0/1)#no spanning-tree 15.2.4 Configure STP priority Configure STP priority when STP enables, and the inferior priority of the switch can be the root bridge. Use...
Page 199: Configure Switch Forward Delay
Software Configuration Manual ! Configure the priority of the switch in spanning tree to 30000 QTECH(config)#spanning-tree priority 30000 Caution : If the priorities of all network bridge in switching network are the same, choose the one with the smallest MAC address to be the root. If STP enables, configuring network bridge may cause the re-accounting of the STP.
Page 200: Configure Path Cost Of Specified Interfaces
For example : ! Configure the Max Age to 10 seconds QTECH(config)#spanning-tree max-age 10 Caution : Max Age is used to configure the longest aging interval of STP. Lose packet when overtiming. The STP will be frequently accounts and take crowded network to be link fault, if the value is too small.
Page 201: Configure Interface To Force To Send Rstp Packet
For example : ! Configure the link connected to Ethernet 0/0/1 as a point-to-point link QTECH(config-if-ethernet-0/0/1)#spanning-tree point-to-point forcetrue 15.2.13 Configure the current port as an edge port Edge port is the port connecting to the host which can be in transmission status in very short time after linkup, but once the port receiving STP packet, it will shift to be non-edge port.
Page 202: Stp Monitor And Maintainenance
For example : ! Display STP configuration QTECH(config)#show spanning-tree interface ethernet 0/0/1 The bridge is executing the IEEE Rapid Spanning Tree protocol The bridge has priority 32768, MAC address : 001f.ce10.14f1 Configured Hello Time 2 second(s), Max Age 20 second(s), Forward Delay 15 second(s) Root Bridge has priority 32768, MAC address 001f.ce10.14f1...
Page 203: Enable/Disable Stp Remote-Loop-Detect
Use no command to disable this function. For example : ! Enable spanning-tree remote-loop-detect interface of Ethernet 0/0/1 QTECH(config)#spanning-tree remote-loop-detect interface ethernet 0/0/1 ! Disable remote-loop-detect of Ethernet 0/0/1 QTECH(config-if-ethernet-0/0/1)#no spanning-tree remote-loop-detect 15.3 Brief Introduction of MSTP Multiple spanning tree(IEEE802.1S, MSTP) is the upgrade for SST(Simple spanning tree,...
Page 204: Configure Mstp Timer Parameter
Configure mapping relationship between MSTP and VLAN spanning-tree mst instance instance-num vlan vlan-list Example : ! Configure MSTP name to be QTECH QTECH(config)#spanning-tree mst name QTECH ! Configure MSTP revision level to be 10 QTECH(config)#spanning-tree mst revision 10...
Page 205: Configure Mstp Interface Edge Interface Status
Example : ! Configure the path cost in instance 2 to be 10 QTECH(config-if-ethernet-0/0/2)#spanning-tree mst instance 1 cost 10 ! Configure external path cost of e0/0/2 to be 10 QTECH(config-if-ethernet-0/0/2)#spanning-tree mst external cost 10 15.4.8 Configure MSTP interface priority In MSTP, interface priority is based on each STP instance.
Page 206: Configure Spanning-Tree Mst Root-Guard
Display MSTP configuring mark QTECH(config)#show spanning-tree mst config-id Display interface 0/0/2 information of instance1 QTECH(config)#show spanning-tree mst instance 1 interface ethernet 0/0/2 15.4.11 Enable/disable digest snooping When interface of switch connects to switch which has its own private STP, switch cannot connect to each other because of the private STP protocol.
Page 207 Disable Ignore of VLAN no spanning-tree mst ignored vlan vlan-list Display Ignore of VLAN show spanning-tree mst ignored-vlan Example : ! Enable Ignore of VLAN 10 and 20-30 QTECH(config)# spanning-tree mst ignored vlan 10, 20-30 15-206...
Page 208: Chapter 16 802.1X Configuration Command
QTECH Software Configuration Manual 802.1X Configuration Command Chapter 16 16.1 Brief introduction of 802.1X configuration IEEE 802.1X is the accessing management protocol standard based on interface accessing control passed in June, 2001. Traditional LAN does not provide accessing authentication. User can acess the devices and resources in LAN when connecting to the LAN, which is a security hidden trouble.
Page 209: System Default User
QTECH Software Configuration Manual Administrator can manage himself; for example, change his own privilege and password. It cannot create or delete other users and change other user’s password and privilege. This chapter contains following sections : Ø System default user Ø...
Page 210: Change Password
Caution : Case-sensitive is for password but not username. Example : !Create administrator "green" with its password being 1234 and privilege level is 3 QTECH(config)#username green privilege 3 password 0 1234 16.4.2 Change password In global configuration mode, Super-administrator "admin" can use following command to change the password of all users, but other administrators can only change their own password.
Page 211: Delete User
Caution : Case-sensitive is for password but not username. Example : !Modify the privilege of the existed user "green" to be 1 and its password to be 1234 QTECH (config)#username green privilege 0 password 0 1234 16.4.4 Delete User Only Super-administrator "admin" can add and delete user in global configuration mode. Enter global configuration...
Page 212: Remote Authentication Configuration
There are 16 levels (0-16) priorities but there are only 2 levels (0-1 means normal users and 2-15 means administrators) for QTECH switches. When configuring TACACS+ unauthorization, the priority is determined by priv_lvl replied from remote server (no reply means administrator). Authorization failure means normal user.
Page 213: Configuration
By default, 802.1x daemon is not sent by default. When 802.1x enables, default interval to send daemon is 60seconds. For example : ! Enable dot1x daemon on ethernet 0/0/5 with the period time of 20 seconds QTECH(config-if-ethernet-0/0/5)#dot1x daemon time 20 dot1x eap-finish dot1x eap-transfer (3) Use...
Page 214 QTECH(config-if-ethernet-0/0/5)#dot1x max-user 10 (7) Use dot1x user cut command to remove specified online user. Remove specified online user by specified username and MAC address. For example : ! Remove user with username of aaa@QTECH.com QTECH(config)#dot1x user cut username aaa@QTECH.com 16-213...
Page 215: Chapter 17 Sntp Client Configuration
For example : ! Enable SNTP client QTECH(config)#sntp client 17.2.2 SNTP client working mode configuration SNTPv4 can work in three modes : unicast, broadcast (multicast), anycast. In unicast and anycast, client sends requirement and gets the response to adjust system time. In broadcast and multicast, client waits for the broadcast packet sent by server to adjust system time.
Page 216: Sntp Client Unicast Server Configuration
In order to restrict the range of sending multicast packet, TTL-value setting is suggested. The default ttl-value is 255. For example : ! Configure TTTL-value of sending multicast packet to be 5 QTECH(config)#sntp client multicast ttl 5 17.2.6 SNTP client poll interval configuration Use following command to configure poll-interval of SNTP client in unicast or anycas.
Page 217: Sntp Client Retransmit Configuration
For example : ! Configure SNTP client MD5 authentication-key, with the key ID being 12, and the key being abc and trusted-key being 12 QTECH(config)#sntp client authenticate QTECH(config)#sntp client authentication-key 12 md5 abc QTECH(config)#sntp trusted-key 12 17-216...
Page 218: Chapter 18 Syslog Configiration
QTECH Software Configuration Manual Syslog Configiration Chapter 18 18.1 Brief introduction of Syslog Syslog is system information center, which handles and outputs information uniformly. Other modules send the information to be outputted to Syslog, and Syslog confirms the form of the outputting of the information according to user’s configuration, and outputs the information to specified displaying...
Page 219: Enable/Disable Syslog
{ notime | uptime | datetime } no logging timestamps For example : ! Configure datetime to be the timestamps QTECH(config)#logging timestamps datetime 18.2.4 Syslog terminal outputting configuration Use following command in global configuration mode to enable monitor logging and configure filter regulation.
Page 220: Syslog Logging Buffered Outputting Configuration
: means the name of the module. … means other modules are omitted. For example : ! Configure filter regulations of all terminals to allow all modules to output information with the level of 0, 1, 2, 6 QTECH(config)#logging flash level-list 0 to 2 6 18-219...
Page 221: Syslog Logging Host Outputting Configuration
! Configure filter regulations of logging host 1.1.1.1 to allow module vlan of level 7 to output information QTECH(config)#logging host 1.1.1.1 none QTECH(config)#logging host 1.1.1.1 level-list 7 module vlan (4) Logging facility configuration command is as following : logging facility { xxx | … } no logging facility xxx : The name of logging facilities.…...
Page 222: Module Debug Configuration
: means the name of the module. … means other modules are omitted. For example : ! Configure SNMP Agent filtrate rules to be permitting information with the level 0～5 QTECH(config)#logging snmp-agent 5 18.2.9 Module debug configuration Use debug command to enable debug of a module. Use no debug command to disable debug of a module : debug { all | { xxx | …...
Page 223: Chapter 19 Lldp Configuration
QTECH Software Configuration Manual LLDP configuration Chapter 19 19.1 Brief introduction of LLDP protocol LLDP(Link Layer Discovery Protocol)is the new protocol defined by IEEE 802.1AB. It realizes proclaiming information about itself to other neighbor devices through network and receives the bulletin information from neighbor devices and stores it to standard MIB of LLDP.
Page 224: Lldp Configuration
Restore default LLDP hello-time no lldp hello-time The default LLDP hello-time is 30 seconds For example : ! Configure LLDP hello-time to be 10 QTECH(config)#lldp hello-time 10 19.2.4 Configure LLDP hold-time Use following command in global configuration mode : Configure LLDP hold-time lldp hold-time <2-10>...
Page 225: Interface Lldp Packet Receiving/Sending Mode Configuration
[ <interface-list> ] For example : ! Display LLDP information of interface Ethernet 0/0/1 QTECH(config)#show lldp interface ethernet 0/0/1 System LLDP : enable LLDP hello-time : 30(s) LLDP hold-time : 4 LLDP TTL : 120(s) Interface Ethernet 0/0/1...
Page 226 QTECH Software Configuration Manual Port Duplex : auto Port Speed : FULL-100 Port Link Aggregation : support , in aggregation , aggregated port ID is 7 19-225...
Page 227: Chapter 20 Errp Command Configuration
20.1 Brief introduction of ERRP ERRP(Ethernet Ring Redundancy Protocol) is the private Ethernet ring protocol of QTECH which is used to protect real-time service (video/voice delay sessitive service). The basic working theory is many switches serial connect to be ring to provide link redundancy, and a master device detects/maintains the ring. The master device provides redundant port which can release redundant port when the ring break down to guarantee the service smooth.
Page 228: Errp Ring
QTECH Software Configuration Manual 20.3.2 ERRP ring A ring-shaped Ethernet topology is called an ERRP ring. An ERRP domain is built up on an ERRP ring. An ERRP ring falls into primary ring and subring. Both levels are set to 0 and 1 respectively when configuration.
Page 229: Common Port And Edge Port
QTECH Software Configuration Manual 20.3.6 Common port and edge port Each edge node or assistant edge node have two ports accessing a subring, with one being a common port and the other being an edge port. Common port is a port accessing the primary ring and a subring simultaneously;...
Page 230: Typical Errp Networking
QTECH Software Configuration Manual Type Description Assistant edge node initiates Major-Fault packets to notify the edge node of Major-Fault a failure when a link of primary ring between edge node and assistant edge node is torn down. 20.4 Typical ERRP Networking Here are several typical networking applications.
Page 231: Multi-Domain Tangent Rings
QTECH Software Configuration Manual 20.4.2 Multi-domain tangent rings Transit node Domain 1 QSW-2900 Master node Transit node Ring 1 QSW-2900 QSW-2900 Transit node QSW-2900 Transit node Ring 2 Domain 2 QSW-2900 Master node QSW-2900 Figure 3 Multi-domain tangent rings There are two or more rings in the network topology and only one common node between rings. In this case, you need define an ERRP domain for each ring.
Page 232: Single-Domain Intersecting Rings
QTECH Software Configuration Manual 20.4.3 Single-domain intersecting rings Figure 4 Single-domain intersecting rings There are two or more rings in the network topology and two common nodes between rings. In this case, you only need to define an ERRP domain, and set one ring as the primary ring and other rings as subrings.
Page 233: Multi-Domain Intersecting Rings
QTECH Software Configuration Manual 20.4.5 Multi-domain intersecting rings Figure 6 Multi-domain intersecting rings There are two or more domains in a network, and there two different common nodes between any two domains. Figure 6 defines three ERRP domains, each containing one and only one ERRP primary ring. In the case of multi-domain intersection, the rings in different domains are independently configured.
Page 234: Ring Recovery
QTECH Software Configuration Manual 20.5.3 Ring recovery The master node may find the ring is restored after a period of time after the ports belonging to the ERRP domain on the transit node, the edge node or the assistant edge node are up again. A temporary loop may arise in the data VLAN in this period.
Page 235: Configure Errp Timer
Parameter : timer-value : integrity in the range of 1-10 For example : ! Configure ERRP packet sending interval to be 1 second QTECH(config)#errp hello-timer 1 20.6.4 Enter ERRP configuration mode Configure it in global configuration mode : errp domain domain-id...
Page 236: Create Errp Ring
: ring level. 0 means primary ring and 1 means secondary. For example : ! Configure primary ring 0 with role mode being master, primary port being 1 and secondary port being 2 QTECH(config-errp)#ring 0 role master primary-port ethernet 0/0/1 secondary-port ethernet 0/0/2 level 0 20.6.7...
Page 237: Chapter 21 Pppoe Plus Configuration
PPPoE Intermediate Agent should issue the corresponding PADO or PADS response with a Generic-Error TAG to the sender. This is format of PPPoE TAG (type standard) on the QSW-3900 : 0 0/0/0 : 4096.VID Switch MAC/0/0/slot/sub-slot/port Specially for HUAWEI BRAS connectivity has a type huawei of PPPoE TAG : 0 0/0/0 : 4096.VID Switch MAC/Hostname/0/slot/sub-slot/port...
Page 238: Configure Pppoe Plus Type
QTECH Software Configuration Manual 21.2.3 Configure PPPoE Plus type Configure it in global configuration mode : Configure PPPoE Plus type pppoeplus type { standard | huawei } The default type is standard. The adding tag form will include hostname information when the type is huawei.
Page 239: Chapter 22 Cfm Configuration
QTECH Software Configuration Manual CFM Configuration Chapter 22 22.1 Brief introduction of CFM CFM (Connectivity Fault Management)is a point-to-point OAM protocol defined by IEEE 802.1ag standard which is used to manage failure of operating network, including continuity detection, loopback, tracert, trap alarm and remote failure alarm.
Page 240 QTECH Software Configuration Manual Figure 2 Inbound MEP 22.3.3.2 Maintenance association intermediate point (MIP) can handle and respond to CFM packets. The MA and MD that a MIP belongs to define the VLAN attribute and level of the packets received.
Page 241: Protocols And Standards
QTECH Software Configuration Manual all the other MEPs in the same MA. If a MEP fails to receive the CCM within 3.5 sending periods, the link is regarded as faulty and a corresponding log is generated. When multiple MEPs send CCMs at the same time, the many-to-many link check is achieved.
Page 242 It is defaulted not to configure cfm mep level. For example : ! Configure cfm mep level 7 direction up mpid 7110 vlan 110 QTECH(config-if-ethernet-0/0/1)#cfm mep level 7 direction up mpid 7110 vlan 110 22.4.4 Configure cfm mip level Configure it in interface configuration mode :...
Page 243: Configure Cfm Cc Interval
For example : ! cfm ping 00 : 1f : ce : 10 : 14 : f1 level 7 vlan 110 QTECH#cfm ping 00 : 1f : ce : 10 : 14 : f1 level 7 vlan 110 PING 001f.ce10.14f1 :...
Page 244: Cfm Traceroute
For example : ! cfm traceroute 00 : 1f : ce : 10 : 14 : f1 level 4 vlan 110 QTECH#cfm traceroute 00 : 1f : ce : 10 : 14 : f1 level 4 vlan 110 22.4.10 Display cfm domain...
Page 245: Display Cfm Maintenance-Points Remote
QTECH Software Configuration Manual For example : ! Display cfm maintenance-points local QTECH(config)# show cfm maintenance-points local 22.4.12 Display cfm maintenance-points remote Configure it in any configuration mode : It will display as following : cfm maintenance-points remote § mpid cfm maintenance-points remote §...

QTech QSW-3900 User Manual

Chapter 1 Accessing Switch

Chapter 2 Switch Manage and Maintenance

Chapter 3 MAC Address Table Management

Chapter 4 Port Configuration

Chapter 5 VLAN Configuration

Chapter 6 Layer 3 Configuration

Chapter 7 RIP Configuration

Chapter 8 OSPF Configuration

Chapter 9 BGP Configuration

Chapter 10 Multicast Protocol Configuration

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for QTech QSW-3900

Summary of Contents for QTech QSW-3900