Zte ZXR10 5250 Series Configuration Manual
  1. Manuals
  2. Brands
  3. Zte Manuals
  4. Switch
  5. ZXR10 5250 Series
  6. Configuration manual

Zte ZXR10 5250 Series Configuration Manual

Gigabit-port intelligent switch
Hide thumbs Also See for ZXR10 5250 Series:
Table of Contents

Advertisement

Quick Links

ZXR10 5250 Series
Gigabit-Port Intelligent Switch
Configuration Guide
Version: 2.05.11
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://ensupport.zte.com.cn
E-mail: support@zte.com.cn

Advertisement

Table of Contents
loading

Related Manuals for Zte ZXR10 5250 Series

Summary of Contents for Zte ZXR10 5250 Series

  • Page 1 ZXR10 5250 Series Gigabit-Port Intelligent Switch Configuration Guide Version: 2.05.11 ZTE CORPORATION No. 55, Hi-tech Road South, ShenZhen, P.R.China Postcode: 518057 Tel: +86-755-26771900 Fax: +86-755-26770801 URL: http://ensupport.zte.com.cn E-mail: support@zte.com.cn...
  • Page 2 ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by contractual confidentiality obligations. All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE CORPORATION or of their respective owners.

  • Page 3: Table Of Contents

    5.6 LACP Configuration..................5-16 5.7 IGMP Snooping Configuration ................5-20 5.8 MLD Snooping Configuration ................5-24 5.9 IPTV Configuration ................... 5-26 5.10 STP Configuration ..................5-33 5.11 ACL Configuration ..................5-43 5.12 QoS Configuration ..................5-52 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 4 5.41 DHCP Relay Configuration................5-142 5.42 MFF Configuration..................5-145 5.43 SSL Configuration ..................5-148 5.44 ERPS Configuration ..................5-152 5.45 Debug Module Configuration ................5-160 Chapter 6 Management ................6-1 6.1 Remote-Access....................6-1 6.2 SSH ........................6-3 6.3 Privilege ......................6-11 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 5 7.3.6 Enable Password Lost ................7-6 7.3.7 Two Devices in the Same VLAN Cannot Communicate....... 7-7 7.3.8 Authentication Timed Out in Campus Network..........7-7 7.3.9 Solution to ARP Attacks in Campus Network..........7-9 Figures......................I Tables ......................V Glossary .......................VII SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 6 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 7: About This Manual

    Chapter Summary 1, Safety Instructions Describes safety instructions and signs. 2, System Overview Provides an overview about the ZXR10 5250 series switches. 3, Usage and Operation Describes configuration modes, command modes and usage of command line. 4, System Management Describes system management.
  • Page 8 Caution: indicates a potentially hazardous situation. Failure to comply can result in moderate injury, equipment damage, or interruption of minor services. Note: provides additional information about a certain topic. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 9: Chapter 1 Safety Instructions

    Safety precautions mentioned in this manual are only supplementary to the local safety specifications. ZTE Corporation bears no responsibility for consequences resulting from violation of general specifications for safety operations or of safety rules for design, production, and use of the equipment.
  • Page 10 ZXR10 5250 Series Configuration Guide Note: Provides additional safety information. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 11: Chapter 2 System Overview

    Chapter 2 System Overview The ZXR10 5250 series switches are an important part of the ZXR10 series Ethernet switches. The ZXR10 5250 series products are Gigabit L2+ (between layer 2 and layer 3) Ethernet switches used for Gigabit network access and convergence, and 10 Gb is available for uplinks.
  • Page 12 The ZXR10 5250 supports the 802.3ad Link Aggregation Control Protocol (LACP) function, and provides load balancing and link backup. The ZXR10 5250 supports the ZTE Ethernet Switch Ring (ZESR) to provide fast protection switching, which ensures that user services are not interrupted.
  • Page 13 Management Modes The ZXR10 5250 provides the following management modes: Supports the SNMPv1/v2c/v3 and Remote Monitoring (RMON). Supports the ZXNM01 unified network management platform. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 14 Supports accessing the switches through CLI command lines, including Console, Telnet and SSH. Supports network management through Web. Supports the ZTE Group Manage Protocol (ZGMP). Functions The ZXR10 5250 uses the Store and Forward mode, and supports layer 2 wire-speed switching.
  • Page 15 40. It supports version/configuration upload and download through the Trivial File Transfer Protocol (TFTP). 41. It supports version/configuration upload and download through the 42. The ZXR10 5250-52PM supports the 802.3af Power over Ethernet (PoE) function. The power supply of at most 30 W is supported. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 16 ZXR10 5250 Series Configuration Guide This page intentionally left blank. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 17: Figure 3-1 Zxr10 5250'S Configuration Modes

    PC. The VT100 terminal mode is applied in the Console port connection configuration. The following use the Windows HyperTerminal configuration as an example to illustrate the connection configuration. 1. Start the HyperTerminal program on the PC. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 18: Figure 3-2 Connection Description Dialog Box

    ZXR10 5250 Series Configuration Guide Select Start > All programs > Accessories > Communications > HyperTerminal in the Windows operating system to start the HyperTerminal program. 2. Establish a connection. Enter a name and select an icon for the connection, and then click OK, see Figure 3-2.

  • Page 19: Chapter 3 Usage And Operation

    Set the login password, The login-password <string> parameter value consists of at most 16 characters. set user {local | radius| tacacs-plus}<name> Set the administrator password, The admin-password <string> admin-password <string> parameter value consists of at most 16 characters. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 20: Figure 3-5 Running Telnet

    ZXR10 5250 Series Configuration Guide Note: The default username is admin and the password is zhongxing. The default administrator password is empty. It is assumed that the IP address of the layer-3 port is 192.168.3.1 and this address can be pinged successfully from the local computer.
  • Page 21 4. Enable the web network management function (by default, this function is disabled) and set a listening port. Command Function Enable the web network management function set web enable (by default, this function is disabled). set web listen-port < 80,1025-49151 > Set a listening port. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 22: Command Modes

    “>”, which is shown as follows: zte> The default host name is zte. You can modify the host name by running the hostname <name> command. The name length consists of at most 200 characters. In user mode, you can run the exit command to exit the switch configuration or run the show command to view the system configuration and operation information.
  • Page 23 TFTP uploading/downloading files through FTP copying files formatting the Flash memory SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 24 ZXR10 5250 Series Configuration Guide upgrading firmware To return to global configuration mode from file system configuration mode, run the exit command or press Ctr+Z. NAS Configuration Mode In global configuration mode, you can run the config nas command to enter NAS...
  • Page 25 In global configuration mode, you can run the config ingress-acl link number <200-299> command to enter layer-2 ingress ACL configuration mode, which is shown as follows: zte(cfg)#config ingress-acl link number 200 zte(ingress-link-acl)# In layer-2 ingress ACL configuration mode, you can add, delete and move rules for a specified layer-2 ingress ACL.
  • Page 26 ZXR10 5250 Series Configuration Guide In basic egress ACL configuration mode, you can add, delete and move rules for a basic egress ACL. To return to global configuration mode from basic egress ACL configuration mode, run the exit command or press Ctr+Z.

  • Page 27: Common Command Parameters

    In global configuration mode, you can run the config ingress-acl user-define number <801- 828> command to enter user-defined ingress ACL configuration mode, which is shown as follows: zte(cfg)#config ingress-acl user-define number 811 zte(ingress-user-define-acl)# In user-defined ingress ACL configuration mode, you can add, delete, or move the rules of ACLs with the specified ACL numbers.

  • Page 28: Usage Of Command Line

    ZXR10 5250 Series Configuration Guide Parameter Description <HH.HH.HH.HH.HH.HH> MAC address, for example, 00.22.33.44.55.66. <A.B.C.D> IP address, for example, 10.40.47.254. <A.B.C.D/M> IP address and mask bits. M must be an integer from 1 to 32, for example, 10.40.47.254/24. <string> String without spaces.
  • Page 29 ? <string> user name(maxsize:15) zte(cfg)#create user houyx ? admin create an administrator guest create a guest zte(cfg)#create user houyx guest ? <cr> <0-15> specify user's priviledge zte(cfg)#create user houyx guest zte(cfg)# <cr> Command Abbreviations In the ZXR10 5250, a command or keyword can be abbreviated as a character or string that uniquely identifies this command or keyword.

  • Page 30: Table 3-3 Editing Commands Through Keystrokes

    ZXR10 5250 Series Configuration Guide Command History The user interface supports the function of recording entered commands. A maximum of 20 historical commands can be recorded. The function is very useful for recalling a long or complicated command. To recall commands from the history buffer, perform one of the following actions.
  • Page 31 <Ctrl+C> to break —–” is displayed at the bottom of the current page. You can press Return to scroll down one line, or Space to scroll down one screen. To stop the output, press Q or Ctr+C. 3-15 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 32 ZXR10 5250 Series Configuration Guide This page intentionally left blank. 3-16 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 33 For the procedure to manage file system directories, refer to the table below: Step Command Function Enters file system config tffs zte(cfg)# configuration mode. md <directory name> Creates a directory. zte(cfg-tffs)# SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 34 ZXR10 5250 Series Configuration Guide Step Command Function rename <file-name> <file-name> Modifies the directory name. zte(cfg-tffs)# cd <directory name> Changes the current directory, zte(cfg-tffs)# and opens this directory. Lists the current directories. zte(cfg-tffs)# You can run the remove <file-name> command to delete a specified directory. The img, cf g, and data directories created by default and all non-empty directories cannot be deleted.

  • Page 35: Chapter 4 System Management

    TFTP server using TFTP server software (TFTPD) as an example. Steps 1. Run the Tftpd software at the back-end computer. The TFTP server window is displayed, see Figure 4-1. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 36: Configuring The Ftp Server

    ZXR10 5250 Series Configuration Guide Figure 4-1 TFTP Server 2. Select Tftpd > Configure. The Tftpd Settings dialog box is displayed, see Figure 4-2. Figure 4-2 Tftpd Settings Dialog Box 3. Click the Browse button on the upper side of the dialog box and select a directory to save the version file or configuration file.

  • Page 37: Figure 4-3 Connect To Server Dialog Box

    2. Set Server Address, Port and Administration password, and click OK. The FileZilla Server window is displayed, see Figure 4-4. Figure 4-4 FileZilla Server Window 3. Select Edit > Users. The Users dialog box is displayed, see Figure 4-5. Create a user name and password. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 38: Figure 4-5 Users Dialog Box

    ZXR10 5250 Series Configuration Guide Figure 4-5 Users Dialog Box 4. Select Shared folders in the left area and set a primary directory for the new user, Figure 4-6. Figure 4-6 Directory Setting SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 39: Importing And Exporting The Configuration File

    Flash memory. This file can also be uploaded to the TFTP server for view, modification and bulk configuration. zte(cfg-tffs)#cd cfg zte(cfg-tffs)#tftp 192.168.1.102 upload startrun.dat zte(cfg-tffs)#cd .. Importing the Configuration startrun.dat is a configuration file.

  • Page 40: Downloading The Software Version Automatically

    ZXR10 5250 Series Configuration Guide To prevent damage to the configuration data, back up the configuration data by using the tftp command. Run the following commands to upload the configuration file in the Flash memory to the back-end TFTP server: zte(cfg-tffs)#cd cfg zte(cfg-tffs)#tftp 192.168.1.102 upload startrun.dat...
  • Page 41 DHCP snooping-and-option82 is disabled. DHCP client is enabled. DHCP client broadcast-flag is enabled. The following table lists the complete adaptation relation: Device Configuration File Name ZXR10 5250-28TC ZXR10_5250-28TC.dat ZXR10 5250-52TC ZXR10_5250-52TC.dat ZXR10 5250-28SM ZXR10_5250-28SM.dat ZXR10 5250-52PM ZXR10_5250-52PM.dat SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 42: Configuring Automatic Saving Of A Configuration File

    ZXR10 5250 Series Configuration Guide Figure 4-7 Network Architecture for Automatic Configuration File Download The network architecture is shown in Figure 4-7. Set the TFTP server address and version file name on the DHCP server. For example, set the TFTP server address to 10.40.89.78, and the file name to *.dat@zImage.

  • Page 43: Upgrading The Software Version

    Assume that the IP address of the TFTP server is 10.40.89.78, and the configuration is saved to the server every 10 days. The configuration commands are as follows: zte(cfg)#set auto-saveconfig serverip 10.40.89.78 zte(cfg)#set auto-saveconfig period 10 zte(cfg)#set auto-saveconfig enable Caution! The enable command should be configured after serverip is configured.
  • Page 44 In global configuration mode, use the show version command to display the system hardware and software version information. The displayed contents are as follows: zte(cfg)#show version ZXR10 Router Operating System Software, ZTE Corporation: ZXR10 5250-28TC Version Number : 5250 Series V2.05.11B04 Copyright (c) 2001-2013 By ZTE Corporation...
  • Page 45 2. Restart the switch. On the HyperTerminal, press any key as prompted to enter ZXR10 Boot status. ZXR10 5250-28TC BootRom Version v1.08 Compiled Feb 27 2012 10:32:29 Copyright (c) 2010 by ZTE Corporation. boot location [0:Net,1:Flash] : 0 actport serverip : 10.40.89.78...
  • Page 46 5. Start the TFTP server software on the back-end computer and configure the TFTP by referring to 4.2 Configuring the TFTP Server. 6. In ZX10 Boot status, enter zte to enter BootManager status of the switch. Enter ? to display the command list for this status. [ZXR10 Boot]:zte [bootManager]: ?

  • Page 47: File System Configuration Commands

    File system configuration includes the following commands: Command Function md <directory name> Creates a directory. zte(cfg-tffs)# remove <file-name> Deletes a file or directory. zte(cfg-tffs)# rename <file-name><file-name> Modifies a file or directory name. zte(cfg-tffs)# 4-15 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 48 ZXR10 5250 Series Configuration Guide Command Function Displays a sub-directory and file. zte(cfg-tffs)# cd <directory name> Changes the current directory. zte(cfg-tffs)# tftp <A.B.C.D>{download | upload}<remote-file-n Uploads or downloads files to/from zte(cfg-tffs)# ame>[<local-file-name>] the TFTP server. tftp commander {download | upload}<remote...
  • Page 49 GARP/GVRP Configuration ..................5-92 DHCP Configuration....................5-95 DHCPv6 Configuration ...................5-101 VBAS Configuration ....................5-104 PPPoE-PLUS Configuration ...................5-106 ZESR Configuration ....................5-107 ZESS Configuration....................5-121 PP Configuration ....................5-125 LLDP Configuration ....................5-127 Single Port Loop Detection Configuration ...............5-130 UDLD Configuration ....................5-133 TACACS+ Configuration..................5-136 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 50 ZXR10 5250 Series Configuration Guide Time Range Configuration..................5-138 Voice VLAN Configuration ..................5-139 MAC-based VLAN Command Configuration ............5-141 DHCP Relay Configuration ..................5-142 MFF Configuration....................5-145 SSL Configuration ....................5-148 ERPS Configuration ....................5-152 Debug Module Configuration ..................5-160 5.1 Management Configuration Management Configuration Overview Management configuration includes the following configurations: 1.

  • Page 51: Chapter 5 Service Configuration

    [<string>] user. set user multi-user {enable | Sets the multi-user login function. zte(cfg)# disable} cpu-threshold <30-90> Sets the CPU usage threshold. zte(cfg)# mem-threshold <60-90> Sets the memory usage threshold. zte(cfg)# SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 52 ZXR10 5250 Series Configuration Guide Command Function Saves the current configuration information to the write zte(cfg)# Flash memory and recovers the information when the switch is rebooted. clear user <name> Deletes a user. zte(cfg)# clear reboot-time Clears automatic reboot configuration.

  • Page 53: Port Configuration

    5.2 Port Configuration Port Configuration Overview The port parameters can be configured on the ZXR10 5250. They include auto-negotiation, duplex mode, rate and line detection. The commands include the following types: 1. Port basic parameters configuration SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 54 ZXR10 5250 Series Configuration Guide 2. Port diagnosis 3. Port information view Configuring a Port The port configuration includes the following commands: Command Function set port <portlist>{enable | disable} Enables or disables the port. zte(cfg)# set port <portlist> work-mode {fiber |...
  • Page 55 Enables or disables the port protection function. zte(cfg)# | disable} set mac protect port <portlist> action Sets the port protection action. zte(cfg)# {shutdown | restrict | protect} show mac protect port <portlist> Displays the port protection state. zte(cfg)# SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 56: Poe Configuration

    ZXR10 5250 Series Configuration Guide 5.3 PoE Configuration PoE Configuration Overview Power over Ethernet (PoE) is an extended feature that supports network devices with Ethernet electrical ports. The network devices (switches or routers) supporting the PoE function can provide power supply through Twisted Pair for remote Powered Devices (PD)s such as IP phones, WLAN Access Points (APs), or network cameras, which realizes remote power supply.
  • Page 57 Displays the PoE status of the device. show poe status [port <portlist>] (all configuration modes) Displays the PoE status of the port. show poe config [port <portlist>] (all configuration modes) Displays PoE configuration information. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 58 ZXR10 5250 Series Configuration Guide PoE Configuration Instance Configuration Description A DUT device is directly connected to a PD. Configure a power supply device of PS type. The ZXR10 5250-52PM can be used as a power supply. The ZXR10 5250-52PM provides 15.4 watts of power supply complying with AF standard for 16 ports.

  • Page 59: Port Mirroring

    <1-4094> priority Sets RSPAN tag format including zte(cfg)# <0-7>{ingress | egress} VLAN-ID and priority. set mirror statistic sample-interval <1-2047>{ingress | Sets ingress or egress port zte(cfg)# mirroring sample frequency. egress} 5-11 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 60: Figure 5-2 Port Mirroring Configuration Instance

    Figure 5-2 Port Mirroring Configuration Instance Configuration Procedure 1. The following example describes how to set port mirroring in ingress direction. zte(cfg)#set mirror session 1 add source-port 1 ingress zte(cfg)#set mirror session 1 add dest-port 2 ingress zte(cfg)#set mirror statistical sample-interval 100 ingress...

  • Page 61: Mac Address Table Operation

    MAC alarm control MAC alarm control can configure the output of the common alarm information of MAC function, for example, the number of learnt MAC addresses is exceeded or the address is drifted. 5-13 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 62 ZXR10 5250 Series Configuration Guide MAC address table Function operation MAC address fixed function MAC address fixed function can transform a dynamic MAC address entry to a static or fixed MAC entry in batches. After transformation, the static entry cannot drift. When the device is rebooted, a fixed MAC address entry can recover and cannot disappear.
  • Page 63 <1-28> action {shutdown | Sets the MAC protection action. zte(cfg)# restrict | protect} set mac protect port <1-28>{enable | disable} Enables or disables the MAC protection zte(cfg)# function. 5-15 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 64: Lacp Configuration

    ZXR10 5250 Series Configuration Guide Command Function show mac (all configuration modes) Displays MAC address entry content. show mac running-config (all configuration modes) Displays MAC configuration information. show mac all-type {port <1-28>| trunk <1-15>| vlan Displays MAC address entry content <1-4094>} (all configuration modes)
  • Page 65 (PVIDs) of all trunks and unregistered multicast filtering configuration. show trunk [<trunklist>] (all configuration modes) Displays the trunk PVID and unregistered multicast filtering configuration. show trunk <trunklist> vlan (all configuration modes) Displays the VLAN configuration of trunk. 5-17 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 66: Figure 5-3 Lacp Configuration Instance

    Figure 5-3 LACP Configuration Instance Configuration Procedure 1. The detailed configuration of switch A is as follows: zte(cfg)#set lacp enable zte(cfg)#set lacp aggregator 3 add port 15-16 zte(cfg)#set lacp aggregator 3 mode dynamic zte(cfg)#set lacp load-balance packet L2 5-18 SJ-20131111172707-002|2013-11-27 (R1.0)
  • Page 67 Chapter 5 Service Configuration zte(cfg)#set vlan 2 add trunk 3 tag zte(cfg)#set vlan 2 add port 1 untag zte(cfg)#set vlan 3 add trunk 3 tag zte(cfg)#set vlan 3 add port 3 untag zte(cfg)#set port 1 pvid 2 zte(cfg)#set port 3 pvid 3 zte(cfg)#set vlan 2-3 enable 2.

  • Page 68: Igmp Snooping Configuration

    ZXR10 5250 Series Configuration Guide The above result is due to physical link failure. It is recommended to check the physical link status. 5.7 IGMP Snooping Configuration IGMP Snooping Overview Because the multicast address is not in the source address of the packet, the switch cannot learn the multicast address.
  • Page 69 Adds or deletes the filter of source zte(cfg)# <vlanlist> in the specified VLAN. set igmp filter {add | delete} query port < portlist> Adds or deletes the query packet zte(cfg)# vlan <vlanlist> filter for the specified port. 5-21 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 70 ZXR10 5250 Series Configuration Guide Command Function set igmp filter {add | delete} query trunk < trunklist> Adds or deletes the query packet zte(cfg)# vlan <vlanlist> filter for the specified trunk port. show igmp snooping (global configuration modes) Displays IGMP Snooping global configuration information.

  • Page 71: Figure 5-4 Network Topology Of Igmp Snooping Configuration Instance

    Chapter 5 Service Configuration Figure 5-4 Network Topology of IGMP Snooping Configuration Instance Configuration Procedure zte(cfg)#set vlan 200 add port 1, 3, 5, 10 untag zte(cfg)#set port 1, 3, 5, 10 pvid 200 zte(cfg)#set vlan 200 enable zte(cfg)#set igmp snooping enable...

  • Page 72: Mld Snooping Configuration

    ZXR10 5250 Series Configuration Guide 5.8 MLD Snooping Configuration MLD Snooping Overview Corresponding to the IGMP protocol, MLD is a multicast management protocol in IPv6 environment. MLD v1/v2 is supported. It is impossible to use a multicast address as a source address in a packet, so a switch cannot learn the multicast address.
  • Page 73 10, 1, 3 and 5 are in VLAN 200, users connected to Ports 1, 3 and 5 send multicast join requests to join the groups ff1e::22 and ff1e::11. Enable the MLD snooping function on the switch and display the snooping result. 5-25 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 74: Figure 5-5 Mld Snooping Configuration Instance

    ZXR10 5250 Series Configuration Guide Figure 5-5 MLD Snooping Configuration Instance Configuration Procedure zte(cfg)#set vlan 200 add port 1, 3, 5, 10 untag zte(cfg)#set port 1, 3, 5, 10 pvid 200 zte(cfg)#set vlan 200 enable zte(cfg)#set mld snooping enable zte(cfg)#set mld snooping add vlan 200...
  • Page 75 <1025-65535> Sets SMS server TCP port. zte(cfg-nas)# iptv cdr {enable | disable} Enables or disables CDR log zte(cfg-nas)# function globally. Manually triggers CDR log report iptv cdr report zte(cfg-nas)# at one time. 5-27 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 76 ZXR10 5250 Series Configuration Guide Command Function iptv cdr create-period <1-65535> Sets the interval for creating CDRs zte(cfg-nas)# when users watch programs for a long time. iptv cdr deny-right {enable | disable} Enables or disables CDR function zte(cfg-nas)# when the access authorization is deny.
  • Page 77 (all configuration modes) Displays IPTV preview global configuration information. show iptv view-profile [name <viewfile-name>| id <0-1023>] (all Displays preview configuration file configuration modes) information. show iptv cdr (all configuration modes) Displays global CDR configuration information. 5-29 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 78 ZXR10 5250 Series Configuration Guide Command Function show iptv client [{channel <0-1031>| index <0-255>| mac Displays IPTV user information. <HH.HH.HH.HH.HH.HH>| port <portid>| vlan <1-4094>}] (all configuration modes) show iptv rule [ port <portid>][vlan <1-4094>][channel | package] Displays IPTV rule information.
  • Page 79 4000 group 225.1.1.1 name CCTV1 id 1 zte(cfg-nas)#iptv port 1 service start zte(cfg-nas)#iptv port 1 control-mode channel zte(cfg-nas)#iptv port 1 channel id-list 1 order zte(cfg-nas)#iptv port 1 add mvlan 4000 uvlan 100 Configuration Verification Check configuration zte(cfg-nas)#show iptv rule MaxRuleNum:64...
  • Page 80 Figure 5-7 IPTV Configuration Instance 2 Configuration Procedure 1. Configure VLAN zte(cfg)#set vlan 100 add port 1 zte(cfg)#set vlan 4000 add port 1, 4 zte(cfg)#set vlan 100, 4000 enable zte(cfg)#set port 1 pvid 100 zte(cfg)#set port 4 pvid 4000 /*IGMP Snooping*/...

  • Page 81: Stp Configuration

    VPF1.PRF count 2 zte(cfg-nas)#iptv view-profile name VPF1.PRF blackout 10 zte(cfg-nas)#iptv view-profile name VPF1.PRF duration 20 zte(cfg-nas)#iptv channel id 1 viewfile-name VPF1.PRF Configuration Verification Check configuration /*check the configuration of preview template*/ zte(cfg-nas)#show iptv view-profile name VPF1 ViewProfile Id...

  • Page 82: Figure 5-8 Mstp Topological Structure

    ZXR10 5250 Series Configuration Guide Same mapping relationship between a VLAN and an instance. Switches should be connected directly. Multiple spanning trees can be configured in each MSTP area, and they are independent from each other. Each spanning tree is an Internal Spanning Tree (IST), and it can be called as Multiple Spanning Tree Instance (MSTI).

  • Page 83: Table 5-1 Port Role And Port State

    After the network has completed the spanning tree calculation, if a new switch is involved and the numerical value for its bridge ID is lower than that for the root bridge, the new 5-35 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 84 ZXR10 5250 Series Configuration Guide switch will become the new root bridge to replace the old root bridge, which causes the entire network to recalculate the spanning tree. To avoid this situation, port root protection can be configured on the port where a new switch accesses the network.
  • Page 85 Deletes the MSTP domain name. clear stp name zte(cfg)# show stp (all configuration modes) Displays STP global configuration information. show stp instance [<0-63>] (all configuration modes) Displays the state information of the instance. 5-37 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 86: Figure 5-9 Stp Configuration Instance

    ZXR10 5250 Series Configuration Guide Command Function show stp port [<portlist>] (all configuration modes) Displays the STP port configuration information. show stp trunk <trunklist> (all configuration modes) Displays STP trunk configuration information. STP Configuration Instance Configuration Description Configure the STP function of switch 1 and switch 2, take switch 1 as the root bridge and block a redundant port in the loop.

  • Page 87: Figure 5-10 Rstp Configuration Instance

    Figure 5-10 RSTP Configuration Instance Configuration Procedure zte(cfg)#set stp enable /*enable STP protocol of switch1 and switch2*/ zte(cfg)#set stp forceversion rstp /*set forceversion of stp as rstp*/ Configuration Verification 1. Check the STP state of switch 1 in the system view.

  • Page 88: Figure 5-11 Mstp Configuration Instance

    The configuration is as follows: establish mapping between instance 1 and service VLAN10-20; set Name to zte and Revision to 10. Take switch 1 as the root bridge in instance 1. See Figure 5-11.
  • Page 89 (cfg)#set stp name zte /*set switch1 and switch2 in the same area*/ zte(cfg)#set stp revision 10 zte(cfg)#set stp instance 1 add vlan 10-20 Configuration Verification 1. Check the STP state of switch 1 and switch 2 in the system view.
  • Page 90 ZXR10 5250 Series Configuration Guide ForwardDelay(s): 15 RemainHops : 20 BridgeID: Priority : 32769 Address : 00.d0.d0.02.00.54 HelloTime(s) MaxAge(s) : 20 ForwardDelay(s): 15 MaxHops : 20 Interface PortId Cost Status Role GuardStatus --------- ------ ------- ------- ---------- ----------- 128.1 200000 Forward Designated None 128.2...

  • Page 91: Acl Configuration

    TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, DiffServ Code Point (DSCP), source MAC address, destination MAC address, source VLAN ID and 802. 1p priority value. 6. Basic egress ACL: Only matches source IP address. 5-43 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 92 ZXR10 5250 Series Configuration Guide 7. Extended egress ACL: Matches the source IP address, destination IP address, IP protocol type, TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, ICMP type, ICMP Code and DiffServ Code Point (DSCP).
  • Page 93 ACL is used to match ARP packets. any][<dest-mac><dmac-mask>| any]} rule <1-500>{permit | deny} other Sets the rule that a layer-2 ingress zte(link-acl-group)# {[ether-type <1501-65535>| dsap-ssap <0-65535>][cos ACL is used to match packets <0-7>][<vlan-id>[<vlan-mask>]][<source-mac><smac-mask>| except IP/ARP packets. any][<dest-mac><dmac-mask>| any]} 5-45 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 94 ZXR10 5250 Series Configuration Guide Command Function rule <1-500>{permit | deny} any [cos Sets the rule that a layer-2 ingress zte(link-acl-group)# <0-7>][<vlan-id>[<vlan-mask>]][<source-mac><smac-mask>| ACL is used to match packets with specified cos, VLAN id, smac, and any][<dest-mac><dmac-mask>| any] dmac flags. clear ingress-acl link number <200-299>...
  • Page 95 ACL instance. rule <1-16>{permit | deny} port Sets the rule that a global ingress zte(global-acl-group)# {<1-28>| any}<ip-protocol>{<source-ipaddr><sip-mask>| any}{<d ACL matches specified fields of estination-ipaddr><dip-mask>| any}[dscp <0-63>][fragment][cos IPv4 packets. <0-7>][<vlan-id>[<vlan-mask>]][<source-mac><smac-mask>| any][<dest-mac><dmac-mask>| any] 5-47 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 96 ZXR10 5250 Series Configuration Guide Command Function rule <1-500>{permit | deny} port Sets the rule that a global ingress zte(global-acl-group)# {<1-28>| any} ip {<source-ipaddr><sip-mask>| any}{<destina ACL matches IPv4 packets. tion-ipaddr><dip-mask>| any}[dscp <0-63>][fragment][cos <0-7>][<vlan-id>[<vlan-mask>]][<source-mac><smac-mask>| any][<dest-mac><dmac-mask>| any] rule <1-500>{permit | deny} port...
  • Page 97 VLAN id, and dmac any] flags. clear egress-acl link number < 600-699> Clears a layer-2 egress ACL zte(cfg)# instance. config egress-acl hybrid number < 700-799> Creates a hybrid egress ACL zte(cfg)# instance and configures it. 5-49 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 98 ZXR10 5250 Series Configuration Guide Command Function rule < 1-500>{ permit | Sets a hybrid egress ACL that zte(egress-hybrid-acl)# matches specified fields of IPv4 deny}< ip-protocol>{< source-ipaddr>< sip-mask>| any}{< destination-ipaddr>< dip-mask>| any}[ dsscp < 0-63>][ fragment][ packets. coss < 0-7>][< vlan-id>[< vlan-mask>]][< source-mac><...
  • Page 99 | time-range ] Displays detailed configurations of show acl udb zte(cfg)# user-defined bytes. create acl <1-828> description <description> Sets ACL descriptions. zte(cfg)# clear acl <1-828> description Deletes ACL descriptions. zte(cfg)# ACL Configuration Instance Configuration Description 5-51 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 100: Qos Configuration

    2 deny arp any 192.168.0.1 255.255.255.255 zte(ingress-hybrid-acl)#exit zte(cfg)#set port 1-24 acl 300 enable zte(cfg)#set time-range worktime range period 09:00 to 18:00 daily zte(cfg)#set time-range worktime acl 300 rule 1 enable zte(cfg)#set time-range worktime acl 300 rule 2 enable 5.12 QoS Configuration QoS Overview can provide end-to-end data exchange with a high quality.
  • Page 101 <1-28> trust-mode Sets the port trusted mode. zte(cfg)# {dscp-priority | port-profile | user-priority} set qos priority-mapping port <1-28>{remapping-dscp Sets packet UP/DSCP zte(cfg)# | remark {dscp-priority | user-priority}}{enable | disable} remark/remapping based on the port. 5-53 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 102 ZXR10 5250 Series Configuration Guide Command Function Sets the mapping relation between set qos priority-mapping qos-profile dscp-to-dscp zte(cfg)# <0-63> to <0-63> DSCPs . set qos priority-mapping port <1-28> port-to-profile Sets the mapping relation between zte(cfg)# qos-profile <0-127> the port and the QoS profile.
  • Page 103 [<0-127>| dscp-to-dscp | Displays various priority-mapping dscp-to-profile | up-to-profile] (all configuration modes) configuration related to the QoS profile. show qos queue-schedule mode (all configuration modes) Displays QoS queue scheduling unit. 5-55 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 104 ZXR10 5250 Series Configuration Guide Command Function show qos queue-schedule port <1-28> (all configuration modes) Displays the queue scheduling policy of each queue of the port. show qos queue-schedule session [<1-7>] (all configuration modes) Displays the configuration of scheduling policy template.
  • Page 105 <1-828> rule <1-500> Clears the configuration that zte(cfg)# the specified flow implements harddrop operation. clear qos policy-counter <counterlist> Clears the counter that counts the zte(cfg)# specified flow. 5-57 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 106: Figure 5-13 Qos Configuration Instance

    PC accesses the network through port 24. See Figure 5-13. Figure 5-13 QoS Configuration Instance Configuration Procedure zte(cfg)#set qos traffic-limit ge-port 1 data-rate 2000 zte(cfg)#set qos traffic-limit ge-port 2 data-rate 2000 /*Omitted*/ 5-58 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 107: Pvlan Configuration

    Chapter 5 Service Configuration zte(cfg)#set qos traffic-limit ge-port 24 data-rate 2000 zte(cfg)#set qos traffic-shaping ge-port 26 data-rate 20 burst-size 10 Configuration Verification zte(cfg)#show qos traffic-shaping port 26 Port Egress Traffic Shaping Table: Port ID : 26 Port Shaping Rate (Kbps)
  • Page 108 ZXR10 5250 Series Configuration Guide The ZXR10 5250 series switches support four PVLAN sessions. Each PVLAN session supports an unlimited number of hybrid ports. Each PVLAN supports an unlimited number of isolated or community ports. Configuring PVLAN The PVLAN configuration includes the following commands:...

  • Page 109: Figure 5-15 Pvlan Configuration Example 2

    Chapter 5 Service Configuration zte(cfg)#set vlan pvlan session 1 promis-port 26 isolate-port 1-3 Configuration Verification zte(cfg)#show vlan pvlan pvlan session promis-ports : 26 promis-trunks isolate-ports : 1-3 isolate-trunks community-ports community-trunks : PVLAN Configuration Example Two Configuration Description Add a trunk 1 and isolated ports 4, 5 and 6 into session 2. See Figure 5-15.

  • Page 110: Layer 2 Protocol Transparent Transmission Configuration

    ZXR10 5250 Series Configuration Guide Configuration Verification zte(cfg)#show vlan pvlan pvlan session promis-ports : 16 promis-trunks isolate-ports : 1-3 isolate-trunks community-ports community-trunks : pvlan session promis-ports promis-trunks isolate-ports : 4-6 isolate-trunks community-ports community-trunks : 5.14 Layer 2 Protocol Transparent Transmission...

  • Page 111: Figure 5-16 Layer 2 Protocol Transparent Transmission Configuration Topology

    Figure 5-16 Layer 2 Protocol Transparent Transmission Configuration Topology Configuration Procedure zte(cfg)#set l2pt 0x02 enable zte(cfg)#set vlan 100 enable zte(cfg)#set vlan 100 add port 1, 3 zte(cfg)#set port 1,3 pvid 100 zte(cfg)#set vlan 200 enable zte(cfg)#set vlan 200 add port 2, 4...

  • Page 112: Ipv4 Layer 3 Configuration

    ZXR10 5250 Series Configuration Guide Configuration Verification Display the aggregation state of Switch 2 and Switch 3: zte(cfg)#show lacp aggregator 1 Group 1 Actor Partner ------------------------------- ---------------------------- Priority : 32768 32768 00.d0.d0.02.00.54 00.d0.d0.29.52.06 Ports 2, 1 2, 1 5.15 IPv4 Layer 3 Configuration...
  • Page 113 Chapter 5 Service Configuration The ZXR10 5250 series system supports the hardware routing function to increase IP packets forwarding speed. To configure the IPv4 layer-3 function, use the config router command to enter the layer-3 configuration mode first. Configuring IPv4 Layer 3 Functions...

  • Page 114: Figure 5-17 Layer-3 Configuration Instance

    ZXR10 5250 Series Configuration Guide Command Function Disable the free ARP function. clear gratuitous-send zte(cfg-router)# hardware-iproute {enable | disable} Enables or disables the hardware zte(cfg-router)# routing function. show arp [static | dynamic | invalid | ipport Displays the ARP table item zte(cfg-router)# <0-63>[static | dynamic | invalid]| ipaddress <A.B.C.D>]...

  • Page 115: Ipv6 Layer 3 Configuration

    Displays IPv6 device neighbor information, similar to the function of the show arp command in IPv4. ping6 <ipv6Addr>[<0-65535>[<48-1280>[<1-255>[<0- Checks network connectivity, zte(cfg)# 65535>]]]] similar to the function of the ping command in IPv4. 5-67 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 116: Dai Configuration

    ZXR10 5250 Series Configuration Guide Layer-3 IPv6 Configuration Instance Configuration Description On a switch, configure IPv6 address 12:12::c055:40, bind VLAN 300, configure the gateway, and set the port connected to the PC to port 10. On a PC, configure an IPv6 address and interface route.

  • Page 117: Figure 5-19 Dai Configuration Instancetopology

    ARP packets on a non-trusted port to the CPU is limited. See Figure 5-19. Figure 5-19 DAI Configuration InstanceTopology Configuration Procedure zte(cfg)#set dhcp snooping-and-option82 enable zte(cfg)#set dhcp snooping add port 49,50 zte(cfg)#set dhcp port 49 client zte(cfg)#set dhcp port 50 server zte(cfg)#show dhcp snooping 5-69 SJ-20131111172707-002|2013-11-27 (R1.0)

  • Page 118: Access Service Configuration

    ZXR10 5250 Series Configuration Guide DHCP snooping is enabled on the following port(s): PortId PortType ------ -------- Client Server zte(cfg)#set arp-inspection vlan 1 enable zte(cfg)#set arp-inspection port 49 untrust zte(cfg)#set arp-inspection port 49 limit 15 zte(cfg)#set arp-inspection validate ip enable...
  • Page 119 The NAS communicates with the Radius Server through RADIUS packets. Attributes in the RADIUS packets are used to transfer the detailed authentication, authorization, and billing information. 5-71 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 120: Figure 5-20 Using Pap Mode For Identity Authentication

    ZXR10 5250 Series Configuration Guide The EAP protocol is used between the switch and the subscriber. Three types of identity authentication methods are provided between the RADIUS servers: PAP, CHAP, and EAP-MD5. Any of the methods can be used according to different service operation requirements.

  • Page 121: Figure 5-21 Using Chap Mode For Identity Authentication

    Figure 5-22 Using EAP Mode for Identity Authentication Configuring Access Service The access service configuration includes the following commands: Command Function set port <portlist> vlanjump {enable [defaultauthvlan Enables or disables the vlan jump zte(cfg)# <1-4094>]| disable]} after user 802.1x authentication. 5-73 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 122 ZXR10 5250 Series Configuration Guide Command Function dot1x re-authenticate {enable | disable} Enables or disables zte(cfg-nas)# re-authentication function. dot1x re-authenticate period <1-4294967295> Sets the time interval for zte(cfg-nas)# re-authentication. dot1x quiet-period <0-65535> Sets quiet period of authentication. zte(cfg-nas)# dot1x tx-period <1-65535>...
  • Page 123 [<portlist>] (all configuration modes) Displays port AAA configuration information. radius isp <ispname>{enable | disable} Adds or deletes one ISP domain. zte(cfg-nas)# radius isp <ispname>{add | delete}accounting Adds or deletes accounting server zte(cfg-nas)# <A.B.C.D>[<0-65535>] in the ISP. 5-75 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 124 ZXR10 5250 Series Configuration Guide Command Function radius isp <ispname>{add | delete} authenticate Adds or deletes authentication zte(cfg-nas)# <A.B.C.D>[<0-65535>] server in the ISP. radius isp <ispname> client <A.B.C.D> Sets RADIUS client end address. zte(cfg-nas)# radius isp <ispname> sharedsecret <string> Sets the shared password of the zte(cfg-nas)# ISP domain (public key).

  • Page 125: Figure 5-23 Access Authentication Configuration Instance

    1234 zte(cfg-nas)#radius isp zte client 10.40.89.106 zte(cfg-nas)#radius isp zte add accounting 10.40.89.78 zte(cfg-nas)#radius isp zte add authentication 10.40.89.78 4. Enable radius client software on the PC and input a correct username and password.

  • Page 126: Mac Authentication Configuration

    ZXR10 5250 Series Configuration Guide When the authentication request succeeds, view the user information by using the show client command. zte(cfg)#show client MaxClients : 256 HistoryAccessClientsTotal : 1 OnlineClients: 1 HistoryFailureClientsTotal: 0 Flags:I-Index,Au-Authorized,P-PortId,US-UpSpeed,DS-DownSpeed,Y-yes,N-no UserName Au P Vlan MacAddress ElapsedTime --- ------------- -- ---- ---- ----------------- ------ ------ ------------ liushujie 00.19.e0.1a.97.dd 0...

  • Page 127: Qinq Configuration

    VLAN 10, which is determined by the PVID. 2. The uplink port of switch A inserts the outer tag (VLAN ID: 10) when forwarding the data packet received from the customer port. The tpid of this tag can be configured 5-79 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 128 ZXR10 5250 Series Configuration Guide on the switch. Inside the ISP network, the packet is broadcast along the port of VLAN 10 until it reaches the switch B. 3. Switch B finds out that the port connected to user network 2 is a customer port. Thus, it removes the outer tag in compliance with the conventional 802.1q protocol to recover...

  • Page 129: Sqinq Configuration

    Figure 5-25 QinQ Configuration Instance Configuration Procedure /*set qinq, the outer label is 100*/ zte(cfg)#set vlan 100 enable zte(cfg)#set vlan 100 add port 1 untag zte(cfg)#set vlan 100 add port 24 tag zte(cfg)#set port 1 pvid 100 zte(cfg)#set vlan qinq customer port 1 enable...

  • Page 130: Figure 5-26 Sqinq Configuration Instance

    997,998 add port 1 untag zte(cfg)#set vlan 997,998 add port 2 tag zte(cfg)#set vlan 10,12,997,998 enable zte(cfg)#set vlan sqinq session 1 customer-port 1 customer-vlan 10 uplink-vlan 997 zte(cfg)#set vlan sqinq session 2 customer-port 1 customer-vlan 12 uplink-vlan 998 Configuration Verification The following example shows how to show the SVLAN instance.
  • Page 131 <vlanlist> add port <portlist>[untag | tag] Adds a port to a VLAN and zte(cfg)# configures the location in the VLAN. set vlan <vlanlist> delete port <portlist> Deletes the port from a VLAN. zte(cfg)# 5-83 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 132 Note: By default, VLAN1 is enabled, all ports are in VLAN1 and in untag mode. Configuration Procedure zte(cfg)#set vlan 100 add port 1, 2 untag zte(cfg)#set vlan 100 add port 7, 8 tag zte(cfg)#set port 1, 2 pvid 100 zte(cfg)#set vlan 100 enable...

  • Page 133: Figure 5-27 Vlan Transparent Transmission Configuration Instance

    Figure 5-27 VLAN Transparent Transmission Configuration Instance Configuration Procedure 1. Configuration of switch A zte(cfg)#set vlan 2 add port 16 tag zte(cfg)#set vlan 2 add port 1 untag zte(cfg)#set vlan 3 add port 16 tag zte(cfg)#set vlan 3 add port 3 untag...

  • Page 134: Vlan Mapping Configuration

    ZXR10 5250 Series Configuration Guide 5.23 VLAN Mapping Configuration VLAN Mapping Overview The VLAN Mapping, namely N to One VLAN mapping, implements the VLAN convergence function by establishing mapping between customer VLAN and service provider VLAN by replacing the outer VLAN tags in the data frames. This way, customer services can be transmitted according to operator’s network planning.

  • Page 135: Figure 5-28 Vlan Mapping Network Diagram

    Uplink: replace the CVLAN with SVLAN based on “Interface+customer VLAN”. Downlink: replace the SVLAN in the outermost layer with CVLAN based on “SVLAN + Destination MAC address”. The whole system supports 400 sessions, and up to 400 CVLANs can be supported. 5-87 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 136 ZXR10 5250 Series Configuration Guide Configuring VLAN Mapping The VLAN mapping configuration includes the following commands: Command Function set vlan mapping session <session_id> customer-port Sets the VLAN Mapping function. zte(cfg)# <port-id> customer-vlan <vlan-list> uplink-vlan <vlan-id> When the VLAN Mapping is enabled, the uplink traffic is normally forwarded in SPVLAN.

  • Page 137: Syslog Configuration

    The following example shows how to configure the VLAN Mapping instance. zte(cfg)#set vlan 1-100,1000 add port 1,24 tag zte(cfg)#set vlan 1-100,1000 enable zte(cfg)#set vlan mapping session 1 customer-port 1 customer-vlan 1-100 uplink-vlan 1000 Configuration Verification The following example shows how to show the SVLAN instance.

  • Page 138: Table 5-2 Syslog Log Information

    ZXR10 5250 Series Configuration Guide The Syslog protocol can classify the log information into eight levels from the highest to the lowest level of importance. For a description of the levels, refer to Table 5-2. Table 5-2 Syslog Log Information...

  • Page 139: Ntp Configuration

    Chapter 5 Service Configuration zte(cfg)#set syslog module commandlog enable zte(cfg)#set syslog add server 1 ipaddress 192.168.1.1 name server1 Configuration Verification zte(cfg)#show syslog status Syslog status: enable Syslog level: informational Syslog enabled modules: commandlog radius Syslog disabled modules: all-others Syslog server...

  • Page 140: Garp/Gvrp Configuration

    ZXR10 5250 Series Configuration Guide Command Function set ntp timezone <(-12)-(+13)> Sets NTP time-zone. zte(cfg)# set ntp {enable | disable} Enables or disables NTP. zte(cfg)# set ntp src-udp-port {123 | 1000} Sets the ID of the udp port through zte(cfg)# which NTP messages are sent.

  • Page 141: Figure 5-30 Gvrp Configuration Instance

    Configuration Procedure 1. Configuration of switch A: zte(cfg)#set garp enable zte(cfg)#set gvrp enable zte(cfg)#set gvrp port 1 enable zte(cfg)#set vlan 10-20 enable zte(cfg)#set vlan 10-20 add port 1 2. Configuration of switch B: 5-93 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 142 ZXR10 5250 Series Configuration Guide zte(cfg)#set garp enable zte(cfg)#set gvrp enable zte(cfg)#set gvrp port 1 enable zte(cfg)#set vlan 30-40 enable zte(cfg)#set vlan 30-40 add port 1 Note: 1. The GARP function must be enabled first before the GVRP function is enabled.

  • Page 143: Dhcp Configuration

    Use Option82 technique to provide more additional information, and then strengthen the network safety ability. In the DHCP service system, the ZXR10 5250 series switches are provided with a lot of automatically deployed functions. For details, refer to Downloading the Software Version Automatically.
  • Page 144 ZXR10 5250 Series Configuration Guide Command Function set dhcp snooping bind-entry mac <HH.HH.HH.HH.HH Adds static user information zte(cfg)# .HH> ip <A.B.C.D> vlan <1-4094> port <1-28> binding entry. set dhcp snooping bind-entry mode port <portlist>{hold Sets the binding mode of the...
  • Page 145 Clears the configuration requesting zte(cfg-router)# {dns-server | domain-name | route | static-route | tftp-server-name} DHCP server to return various information. Reads DHCP binding entry from set dhcp snooping bind-entry database read zte(cfg)# the Flash memory. 5-97 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 146 ZXR10 5250 Series Configuration Guide Command Function Recovers binding entry from the set dhcp snooping bind-entry database recovery{ zte(cfg)# disable | enable } Flash memory after restarted. Writes DHCP binding entry into set dhcp snooping bind-entry database time-write zte(cfg)# {disable | enable | time <30-65535>} the Flash memory at regular time.

  • Page 147: Figure 5-31 Dhcp Snooping/Option82 Configuration Instance Topology

    5-31. Figure 5-31 DHCP Snooping/Option82 Configuration Instance Topology Configuration Procedure zte(cfg)#set dhcp snooping-and-option82 enable zte(cfg)#set dhcp snooping add port 49,50 zte(cfg)#set dhcp port 49 client zte(cfg)#set dhcp port 50 server zte(cfg)#set dhcp ip-source-guard add port 49 zte(cfg)#set dhcp option82 add port 49,50...

  • Page 148: Figure 5-32 Dhcp Client Configuration Instance Topology

    5-32, the PC can get an IP address from a specified DHCP server. Figure 5-32 DHCP Client Configuration Instance Topology Configuration Procedure zte(cfg)#set dhcp client enable zte(cfg)#set vlan 10 add port 49 untag zte(cfg)#set vlan 10 enable zte(cfg)#set port 49 pvid 10 zte(cfg)#config router...

  • Page 149: Dhcpv6 Configuration

    The Dynamic Host Configuration Protocol of IPv6 (DHCPv6) is used by a network host to dynamically request host configuration from a server. The ZXR10 5250 series system supports the following DHCPv6 functions: DHCPv6 snooping function: DHCPv6 servers and clients do not support authentication mechanism.
  • Page 150 ZXR10 5250 Series Configuration Guide Command Function set dhcpv6 option37 {enable | disable} Enables or disables the DHCPv6 zte(cfg)# snooping function globally. set dhcpv6 option37{add | delete} port <portlist> Enables or disables the DHCPv6 zte(cfg)# Option37 function on a port.

  • Page 151: Figure 5-33 Dhcpv6 Snooping/Option82 Configuration Instance

    PCs on the network. Figure 5-33 DHCPv6 Snooping/Option82 Configuration Instance Configuration Procedure zte(cfg)#set dhcpv6 snooping enable zte(cfg)#set dhcpv6 snooping add port 49,50 zte(cfg)#set dhcpv6 port 49 client zte(cfg)#set dhcpv6 port 50 server zte(cfg)#set dhcpv6 ip-source-guard add port 49...

  • Page 152: Vbas Configuration

    ZXR10 5250 Series Configuration Guide 5.29 VBAS Configuration VBAS Overview The Virtual Broadband Access Server (VBAS) is not physical equipment but a protocol standard, which is developed by China Telecom. The VBAS is used to solve the problem of wide-band user identifier.

  • Page 153: Figure 5-35 Vbas Configuration Instance Topology

    2, trust port of switch B as port 1. Figure 5-35 VBAS Configuration Instance Topology Configuration Procedure 1. Configuration of switch A: zte(cfg)#set vbas enable zte(cfg)#set vbas trust-port 1 enable zte(cfg)#set vbas cascade-port 2 enable 2. Configuration of switch B: zte(cfg)#set vbas enable zte(cfg)#set vbas trust-port 1 enable 3.

  • Page 154: Pppoe-Plus Configuration

    ZXR10 5250 Series Configuration Guide cascade port : none 5.30 PPPoE-PLUS Configuration PPPoE-PLUS Overview The typical user location technology has PPPoE-PLUS (PPPoE+) besides VBAS and DHCP OPTION82. PPPOE+ technology inserts user location information in PADI/PADR message by monitoring the PAD packet interacting procedure between PC and BAS server.

  • Page 155: Zesr Configuration

    5.31 ZESR Configuration ZESR Overview ZESR is a private ring network protection technology developed by ZTE Corporation. Evolved from EAPS, ZESR ensures that there is only one logically connected path between any two nodes in the ring network. Basic ZESR Concepts...
  • Page 156 ZXR10 5250 Series Configuration Guide Name Description ZESR Node Role A ZESR node can act as a master node, a transit node, an edge control node, or an edge assistant node. A master node implements the control function and transmits data in a ring.

  • Page 157: Figure 5-37 Diagram Of The Master Node Blocking Its Secondary Port When The Ring Is In Up State

    When the link between switch B and switch C recovers from disconnection, the secondary port of the master node is blocked again, the ring is switched to UP state, and the entire ZESR region returns to the state shown in Figure 5-37. 5-109 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 158: Figure 5-39 Transmission Link Fault Diagram

    ZXR10 5250 Series Configuration Guide link-hello Link Connectivity Detection Overview Figure 5-39 shows the transmission link fault diagram. Switch C does not have a direct connection with switch D. They are interconnected with each other through transmission links. When the transmission link marked in red in the middle of the transmission links encounters a bidirectional connectivity failure, switch C and switch D are still in UP state.
  • Page 159 The preforward time: takes effect during link failure recovery. During the failure recovery, the faulty port still remains blocked for some time for the master node to block the secondary port first to avoid temporary loops. 5-111 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 160 ZXR10 5250 Series Configuration Guide Step Command Function After the master node blocks the secondary port, it will inform the node where the faulty port is located to unblock the faulty port immediately. If the node where the faulty port is located does not...
  • Page 161 MAC address of a ZESR protocol packet uses the address 00-E0-2B-00-00-04. Special mode: the destination MAC address of a ZESR protocol packet uses a ZTE-defined address. set zesr restart-time <30-600> Configures the ZESR restart time (s). ZXR10(config)# Default: 120. Restart-time: the ZESR initialization time during the device startup.
  • Page 162 ZXR10 5250 Series Configuration Guide Step Command Function set zesr tcn-sending {port Configures to enable or disable the TCN ZXR10(config)# <portlist>| trunk <trunklist>}{enable | disable } packet sending function on a port. By default, a port is configured not to send TCN packets.

  • Page 163: Figure 5-40 Zesr Single-Domain Multi-Ring Configuration Example

    Switch_B(config)#set stp forceversion mstp Switch_B(config)#set stp instance 1 add vlan 100-110 /*Run the following command to configure the ZESR domain with VLAN 4000 as the control VLAN and protection instance 1 as the protection instance.*/ 5-115 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 164 ZXR10 5250 Series Configuration Guide Switch_B(config)#set zesr ctrl-vlan 4000 protect-instance 1 /*Run the following command to configure switch B as the transit node of the primary ring with port 1/1 as its primary port and port 1/2 as its secondary port.*/...
  • Page 165 1/2 as its secondary port. Switch A is also the master node in ZESR domain 2 with port 1/2 as its primary port and port 1/1 as its secondary port. Switches B to D are the transit nodes in both ZESR domains. 5-117 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 166: Figure 5-41 Zesr Single-Ring Multi-Domain Configuration Example

    ZXR10 5250 Series Configuration Guide Note: When multiple ZESR domains are configured on a physical ring, service data traffic in different ZESR domains can be planned to go through different paths by proper settings to achieve load balancing. Figure 5-41 ZESR Single-Ring Multi-Domain Configuration Example Configurations on switch A: /*Run the following commands to configure the spanning tree instance.*/...
  • Page 167 In order for switch C and the top network to perceive the topology change of the underlying network, port 1/1 of switch A and port 1/1 of switch B are enabled with the TCN packet sending function to notify the network topology change upwards. 5-119 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 168: Figure 5-42 Zesr Dual-Node Dual-Uplink Configuration Example

    ZXR10 5250 Series Configuration Guide Figure 5-42 ZESR Dual-Node Dual-Uplink Configuration Example Configurations on switch A: /*Run the following commands to configure the spanning tree instance.*/ Switch_A(config)#set stp enable Switch_A(config)#set stp forceversion mstp Switch_A(config)#set stp instance 1 add vlan 100-110 /*Run the following command to configure the ZESR domain with VLAN 4000 as the control VLAN and protection instance 1 as the protection instance.*/...

  • Page 169: Zess Configuration

    MAC address table. The control VLAN is not required for a ZESS domain. If the control VLAN is not configured, no Flush packets will be sent during ZESS link switching. 5-121 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 170: Figure 5-43 Zess Network Topology

    ZXR10 5250 Series Configuration Guide Name Description Receive-VLAN A Receive-VLAN can be configured on the device that is connected with a ZESS node and should have the same VLAN ID as that of the control VLAN of a ZESS node.
  • Page 171 It waits for the preup time before it implements the switching, to prevent the switching from occurring when the primary link recovery is still unstable. 5-123 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 172: Figure 5-44 Zess Networking Configuration

    ZXR10 5250 Series Configuration Guide Step Command Function Configures a port to enable the capability of set zess receive-vlan ZXR10(config)# <1-4094>{port <port-name>| trunk receiving Flush packets from a designated <trunk-name>} control VLAN. Clears the Flush packet receiving capability clear zess receive-vlan ZXR10(config)# {<1-4094>| all}...

  • Page 173: Pp Configuration

    To enhance flexibility and compatibility of the switch, PP provides the function of configuring priority users for the protocol packets sent by the switch. Configuring PP The PP configuration includes the following commands: 5-125 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 174 ZXR10 5250 Series Configuration Guide Command Function Creates a mac drop rule. create protocol-protect mac-drop rule zte(cfg)# <1-128> src-mac <HH.HH.HH.HH.HH.HH> mask <HH.HH.HH.HH.HH.HH> set protocol-protect alarm port <portlist>{enable | Enables or disables the PP alarm zte(cfg)# function on a port. disable} set protocol-protect alarm port <portlist>{protocol-na...

  • Page 175: Lldp Configuration

    Chapter 5 Service Configuration Figure 5-45 PP Configuration Instance Configuration Procedure zte(cfg)#set igmp snooping enable zte(cfg)#set igmp snooping add vlan 1 zte(cfg)#set dhcp snooping-and-option82 enable zte(cfg)#set dhcp snooping add port 1-3 Configuration Verification Use Host 1 to send DHCP Discover packets. View alarm information on the switch.
  • Page 176 ZXR10 5250 Series Configuration Guide 3. The MIB of the local device stores the network management information of all neighbor devices, and a network management program can query layer-2 connection information in the MIB. The LLDP is not a configuration protocol of the remote system or a signaling control protocol used between two ports.
  • Page 177 5-46, two switches are connected to each other through a twisted-pair. By default, the LLDP function is enabled, and all parameters use the default values. Use the show command to view neighbor establishment information. 5-129 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 178: Single Port Loop Detection Configuration

    ZXR10 5250 Series Configuration Guide Figure 5-46 LLDP Configuration Instance Configuration Verification zte(cfg)#show lldp neighbor Capability Codes: P-Repeater, B-Bridge, W-WLAN Access Point, R-Router, T-Telephone C-DOCSIS Cable Device, s-Station, S-Switch, O-Other Interface DeviceID Hdtm Capability Platform PortID ---------- ----------------- ----- ---------- ------------------ -------------- port-19 00.d0.d0.09.01.02 110...
  • Page 179 [<portlist>] (all configuration modes) Displays port information of loop detection. show loopdetect trunk [<trunklist>] (all configuration modes) Displays trunk information of loop detection. clear loopdetect Clears loop detection configuration zte(cfg)# information. 5-131 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 180: Figure 5-47 Single Port Loop Detection Configuration Topology

    ZXR10 5250 Series Configuration Guide Single Port Loop Detection Configuration Instance Configuration Description Figure 5-47, configure the single port loop detection function so that Port 1 on Switch 1 can detect the loop on Switch 2 and block Port 1.

  • Page 181: Udld Configuration

    In aggressive mode, if the device cannot confirm that the link is working properly in both directions (such as the link is connected incorrectly, the link is working properly 5-133 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 182 ZXR10 5250 Series Configuration Guide only in one direction or the link is a self-loop), the port is shut down. It is necessary to use the reset or recovery command to recover the communication ability of the port. UDLD shuts down a port in the following situations.

  • Page 183: Figure 5-49 Udld Configuration Instance

    Port mode: Aggressive(Aggr) Current state: Unidirectional Detected link failure Recovery configuration: Disable Recovery time interval: 30s Message time interval: 15s Force check configuration: Disable Force check time: 30s, Remaining: 0s No neighbour information stored 5-135 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 184: Tacacs+ Configuration

    ZXR10 5250 Series Configuration Guide 5.37 TACACS+ Configuration TACACS+ Overview Terminal Access Controller Access-Control System Plus (TACACS+) is developed from TACACS and XTACACS. It is the latest version of TACACS (not compatible with the previous two versions). It is a popular AAA protocol at present.

  • Page 185: Figure 5-50 Tacacs+ Configuration Instance

    5-50, the switch works as a TACACS+ client and its IP address is 192.168.1.1/24. The Windows server works as a TACACS+ server and its IP address is 192.168.1.100/24. Figure 5-50 TACACS+ Configuration Instance Configuration Procedure zte(cfg)#set loginauth tacacs-plus+local zte(cfg)#set adminauth tacacs-plus+local zte(cfg)#config router 5-137 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 186: Time Range Configuration

    ZXR10 5250 Series Configuration Guide zte(cfg-router)#set ipport 1 ipaddress 192.168.1.1 255.255.255.0 zte(cfg-router)#set ipport 1 vlan 1 zte(cfg-router)#set ipport 1 enable zte(cfg-router)#exit zte(cfg)#config nas zte(cfg-nas)#tacacs-plus group zte enable zte(cfg-nas)#tacacs-plus group zte add host 192.168.1.100 zte(cfg-nas)#tacacs-plus loginauthen default group zte zte(cfg-nas)#tacacs-plus loginauthor default group zte...

  • Page 187: Voice Vlan Configuration

    Clears a specific OUI configured zte(cfg)# on a port. show vlan voice-vlan (all configuration modes) Displays voice configuration on all ports. show vlan voice-vlan port <port-id> (all configuration modes) Displays voice configuration on a port. 5-139 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 188: Figure 5-51 Voice Vlan Configuration Instance

    Figure 5-51 Voice VLAN Configuration Instance Configuration Procedure zte(cfg)#set vlan 10,20,100 add port 1-3 tag zte(cfg)#set vlan 10,20,100 enable zte(cfg)#set vlan voice-vlan port 1 oui-id 1 mac-addr 00.00.01.00.00.01 mac-mask FF.FF.FF.FF.FF.FF zte(cfg)#set vlan voice-vlan port 2 oui-id 1 mac-addr 00.00.01.00.00.02 mac-mask FF.FF.FF.FF.FF.FF...

  • Page 189: Mac-Based Vlan Command Configuration

    Set the following MAC-based VLAN rule for port 1: Assign the VLAN "vlan100" to all untagged frames whose source MAC address is 00.00.00.00.00.01 and assign the VLAN "vlan200" to all untagged frames whose source MAC address is 00.d0.d0.00.00.00. Configuration Procedure Configure a MAC-based VLAN instance: 5-141 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 190: Dhcp Relay Configuration

    100 zte(mac-based-vlan)#rule 2 mac-address 00.d0.d0.00.00.00 mac-mask ff.ff.ff.00.00.00 vlan 200 zte(cfg)#set vlan mac-based port 1 session 1 bind 5.41 DHCP Relay Configuration DHCP Relay Overview DHCP Relay interacts with both the Client and the Server, acting different roles. From the view of the DHCP Client, the DHCP Relay Agent can be considered as its DHCP Server and the DHCP Relay implements the response to the IP address requests from the Client.
  • Page 191 Clears the DHCP relay information zte(cfg-router)# <A.B.C.D>} of ipport. set dhcp relay server <A.B.C.D> Sets a global DHCP server. zte(cfg-router)# Sets a global ipport for a DHCP set dhcp relay global-ipport <0-63> zte(cfg-router)# relay. 5-143 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 192: Figure 5-52 Dhcp Relay Configuration Instance

    0 ipaddress 169.1.15.1 255.255.0.0 zte(cfg-router)#set ipport 0 vlan 1 zte(cfg-router)#set ipport 0 enable zte(cfg-router)#set ipport 0 dhcp relay agent zte(cfg-router)#set ipport 0 dhcp relay server 10.230.72.2 zte(cfg-router)#set ipport 63 ipaddress 10.230.72.1 255.255.255.0 5-144 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 193 DHCP server mode ipport DHCP server retry DHCP relay option82: disable zte(cfg)#show dhcp relay option82 port 1 DHCP option82 sub-option information on port 1: Circuit-ID: Disabled Remote-ID: Enabled Format: Cisco DHCP option82 mode information on port 1: Default zte(cfg)#show ipport 0...
  • Page 194 ZXR10 5250 Series Configuration Guide access router compulsively. The gateway can monitor traffic and prevent attacks among users, which improves network security. There are two types of MFF ports: user ports and network ports. MFF user ports are connected to terminal users. When receiving an ARP packet from a user port, the switch maintains an MFF user table, and replies with a response.

  • Page 195: Figure 5-53 Mff Configuration Instance

    MFF. The configuration for dynamic MFF is similar, but it is necessary to configure the DHCP snooping function. For details, refer to 5.27 DHCP Configuration. Figure 5-53 MFF Configuration Instance 5-147 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 196: Ssl Configuration

    1/1,1/2,1/4 pvid 400 Configure the MFF attributes for the ports and VLAN: à zte(cfg)#set mff vlan 400 add port 1/1 userport zte(cfg)#set mff vlan 400 add port 1/2 userport zte(cfg)#set mff vlan 400 add port 1/4 network Configure an intra-VLAN gateway: à...

  • Page 197: Figure 5-54 Ssl Configuration Instance

    Done! zte(cfg)#set ssl en The current ca is for ipaddress 192.168.100.110, Please make sure ip of the switch matches. Then upload /flash/data/root.cer, and import to explore,the ssl is availible. zte(cfg)#config tffs zte(cfg-tffs)#cd data 5-149 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 198: Figure 5-55 Internet Options Dialog Box

    ZXR10 5250 Series Configuration Guide zte(cfg-tffs)#tftp 192.168.100.109 upload root.cer Set the browser: Set the browser as the SSL client on the PC, so that you can access the switch through HTTPS to perform Web-based management. 1. Import the root.cer file in the browser.

  • Page 199: Figure 5-56 Certificates Dialog Box

    Based on the wizard, click Next, a dialog box is displayed. Select the root.cer file. Complete the certificate import procedure. Close the dialog boxes, and restart the browser. 2. Open the SSL login page. 5-151 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 200: Erps Configuration

    ZXR10 5250 Series Configuration Guide After the SSL function is enabled for the switch, enter https://<ip address of the switch> in the address bar of the browser. The SSL login page is displayed, see Figure 5-58. Figure 5-58 SSL Login Page 3.
  • Page 201 ERPS eliminates logical loops by blocking some ports on the ring. When some links in the ring have their status changed (from up to down or from down to up), ERPS can switch a logical path immediately. 5-153 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 202: Figure 5-60 Example Of The Primary Node Blocking The Secondary Port (Ring Status: Up)

    ZXR10 5250 Series Configuration Guide As shown in Figure 5-60 Figure 5-61, an ERPS domain is configured on switches A, B, C, and D. Switch A is the owner node, and its port 1/2 is an RPL port. Switch B is the neighbor node.
  • Page 203 After the FS/MS command is executed, the corresponding port is set to block status. Displays the primary configuration of each show ERPS brief ERPS domain. show ERPS domain <1-4> Displays detailed information about the ERPS domain. 5-155 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 204: Figure 5-62 Configuration Example Of A Single Erps Domain With Multiple Loops

    ZXR10 5250 Series Configuration Guide Configuration Example of a Single ERPS Domain Figure 5-62 shows that an ERPS domain is configured on switches A to D. This type of configuration is called single-domain, single-ring. The configuration is as follows: Protection instance 1 is configured for the ERPS domain. In this instance, the dedi- cated VLAN (VLAN 4000) is used to protect VLANs 100 to 110.
  • Page 205 1/2 is an RPL port), and it is an owner node in domain 2 (the related ports are ports 1/1 and 1/2, where port 1/2 is also an RPL port). Both switches C and D are none nodes in domains 1 and 2. 5-157 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 206: Figure 5-63 Configuration Example Of Multiple Erps Domains

    ZXR10 5250 Series Configuration Guide Note: If a physical ring has multiple ERPS domains, you can plan different paths for the service traffic related to different ERPS domains through the proper configuration, so that load balancing can be implemented. Figure 5-63 Configuration Example of Multiple ERPS Domains...
  • Page 207 /*The following command configures switch C to be a none node in domain 2:*/ Switch_C(config)#set ERPS domain 2 ring-id 2 raps-vlan 4001 ring-east port 1/1 ring-west port 1/2 The configuration on switch D is the same as that on switch C. 5-159 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 208: Debug Module Configuration

    ZXR10 5250 Series Configuration Guide 5.45 Debug Module Configuration Introduction to the Debug Module The Debug module is added for debugging the DHCP, dot1x, IP, ARP, and SNMP protocols. This module configures the commands for locating faults in message sending and receiving, message statistics, and procedure printing.
  • Page 209 The following information is an example of the host receiving or sending ARP messages: zte(cfg)#ARP: received request scr 168.1.23.5 0000.0000.0001, dst 168.1.23.218 ipport 1 Enter disable to disable the debug function. 2. Run the debug protocol layer3 ip enable command to the debug information of IP messages, including the link-mtu parameter of IP ports, MAC addresses for receiving messages, and size of IP messages.
  • Page 210 ZXR10 5250 Series Configuration Guide IP: size of packet: 60, link mtu: 1500 IP: received packet mac:002421738150 --> mac:002293634f70 on port 1 IP: pointer to allocated buffer for port 0001, 2113040, bytes: 114 IP: pointer to send packet for port 0001, 211304c...
  • Page 211 !!! user not find, can't send trap! decode msg header successfully!!! decode msg context successfully!!! ***encode successfully !!!*** 5-163 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 212 ZXR10 5250 Series Configuration Guide This page intentionally left blank. 5-164 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 213 Permits or denies switch access zte(cfg)# nmp | telnet | ssh | web}{permit | deny}] from a specified IP address or network segment through SSH/SNMP/Telnet/Web. clear remote-access all Deletes all IP address zte(cfg)# configurations. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 214 ZXR10 5250 Series Configuration Guide Command Function clear remote-access ipaddress <A.B.C.D>[<A.B.C.D>] Deletes the configuration of a zte(cfg)# specified IP address and network segment. show remote-access (all configuration modes) Displays the configuration information of Remote-Access. Remote-Access Configuration Instance 1 Configuration Description Only allow the network management user to access the switch from 192.168.1.0/24...

  • Page 215: Chapter 6 Management

    Chapter 6 Management 192.168.1.1/255.255.255.255 snmp, telnet, ssh, web zte(cfg)#set remote-access ipaddress 192.168.1.1 255.255.255.255 snmp deny zte(cfg)#set remote-access ipaddress 192.168.1.1 255.255.255.255 web deny zte(cfg)#show remote-access Whether check remote manage address: YES Allowable remote manage address(es) and application(s): 192.168.1.1/255.255.255.255 telnet,ssh 6.2 SSH...

  • Page 216: Figure 6-1 Ssh Remote Login Example

    ZXR10 5250 Series Configuration Guide Figure 6-1 SSH Remote Login Example Configuration Procedure 1. Switch configuration zte(cfg)#set ssh enable zte(cfg)#show ssh SSH is enabled. There's no ssh user logging in this system. 2. Software configuration The SSH v2.0 client can use the free software PuTTY developed by Simon Tatham .

  • Page 217: Figure 6-3 Setting The Ssh Version Number

    Figure 6-3 Setting the SSH Version Number c. For the first time to log in, user confirmation is needed, see Figure 6-4. Figure 6-4 User Confirmation Dialog Box d. The SSH login result is displayed, see Figure 6-5. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 218: Figure 6-5 Ssh Login Result

    ZXR10 5250 Series Configuration Guide Figure 6-5 SSH Login Result SFTP Configuration Instance Configuration Description Figure 6-6, a layer-3 port is configured on the switch, and the IP address is 192.168.1.1/24. The IP address of the PC is 192.168.1.100/24. The SSH and SFTP server functions are enabled on the switch.

  • Page 219: Figure 6-7 Winscp Login Dialog Box-Creating A Session

    Figure 6-7. Figure 6-7 WinSCP Login Dialog Box—Creating a Session 2. From the left navigation tree, select Environment > SFTP, and then set the parameters (you can use the default settings), see Figure 6-8. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 220: Figure 6-8 Winscp Login Dialog Box-Setting Sftp Parameters

    ZXR10 5250 Series Configuration Guide Figure 6-8 WinSCP Login Dialog Box—Setting SFTP Parameters 3. From the left navigation tree, select Preferences. The Preferences dialog box is displayed, see Figure 6-9. By default, WinSCP fragments large-size files and adds filepart postfix names.

  • Page 221: Figure 6-9 Preferences Dialog Box

    4. Click OK. The WinSCP Login dialog box is displayed. Click Login. When you log in to the SFTP server for the first time, the Warning dialog box is displayed, Figure 6-10. Figure 6-10 Warning Dialog Box 5. Click Yes. The system starts authentication, see Figure 6-11. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 222: Figure 6-11 Authentication Banner Dialog Box

    ZXR10 5250 Series Configuration Guide Figure 6-11 Authentication Banner Dialog Box 6. Click Continue. Enter your password, see Figure 6-12. Figure 6-12 Password Dialog Box 7. Click OK. A message indicating successful authentication is displayed, see Figure 6-13. 6-10 SJ-20131111172707-002|2013-11-27 (R1.0)

  • Page 223: Privilege

    This protects switch configuration from being modified by any user with any permission. Privilege Configuration The Privilege configuration includes the following commands: Command Function privilege {enable | disable} Enables/disables the command zte(cfg)# level function. 6-11 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 224 Configure the switch: /*Enable the privilege function*/ zte(cfg)#privilege enable /*Grant level-12 permission to all functions of the set node*/ zte(cfg)#privilege 12 session 1 part cfg set Configuration Verification 1. Execute the following commands to check the command permission rule. zte(cfg)#show privilege session...

  • Page 225: Snmp

    MIBs. SNMP Configuration The SNMP configuration includes the following commands: Command Function Sets the SNMP engine ID of a set engineID zte(cfg-snmp)# device. 6-13 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 226 ZXR10 5250 Series Configuration Guide Command Function set recvpacket <0-100> Sets the number of SNMP zte(cfg-snmp)# messages that the SNMP protocol stack can handle in a unit time. set src-ipport <0-63> Sets the source IP address of zte(cfg-snmp)# SNMP. create community <string>{public |...
  • Page 227 Create a community named “zte” with the read/write permission and a view named “vvv”, and then associate the community “zte” with the view “vvv”. Set the IP address of the computer receiving traps to 10.40.92.105, and the community to “zte”.
  • Page 228 1 vlan 1 zte(cfg-router)#set ipport 1 enable zte(cfg-router)#exit zte(cfg)#config snmp zte(cfg-snmp)#set group ztegroup v3 priv zte(cfg-snmp)#set user zteuser ztegroup v3 md5-auth zte des56-priv zte zte(cfg-snmp)#set host 10.40.92.77 inform v3 zteuser priv 6-16 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 229: Figure 6-15 Mac Change Notification Configuration Network

    (that is, 60 seconds). Figure 6-15 MAC Change Notification Configuration Network Configuration Procedure zte(cfg-snmp)#set trap macnotification enable zte(cfg-snmp)#set trap macnotification port 1 enable zte(cfg-snmp)#set trap macnotification history-size 50 zte(cfg-snmp)#set trap macnotification interval 60 Configuration Verification If the number of changed MAC entries reaches 50 within one minute, the switch sends trap information when the number reaches 50 instead of waiting until one minute.

  • Page 230: Rmon

    ZXR10 5250 Series Configuration Guide number of sent entries is 50. If the number of changed MAC entries does not reach 50 within one minute, the switch sends trap information when one minute expires. The number of sent entries is less than or equal to 50. By default, the MAC change notification function is disabled.
  • Page 231 The instance describes how to set event 2, history 2, alarm 2 and statistics 1 respectively. The DUT device is directly connected to the network management server. Switch Configuration zte(cfg-snmp)#set event 2 description It'sJustForTest!! zte(cfg-snmp)#set event 2 type logandtrap zte(cfg-snmp)#set event 2 community public zte(cfg-snmp)#set event 2 owner zteNj...
  • Page 232 2 variable 1.3.6.1.2.1.16.2.2.1.6.2.1 zte(cfg-snmp)#set alarm 2 sample absolute zte(cfg-snmp)#set alarm 2 startup rising zte(cfg-snmp)#set alarm 2 threshold 8 eventindex 2 rising zte(cfg-snmp)#set alarm 2 threshold 15 eventindex 2 falling zte(cfg-snmp)#set alarm 2 owner zteNj zte(cfg-snmp)#set alarm 2 status valid...

  • Page 233: Zgmp

    6.6 ZGMP ZGMP Overview ZGMP is ZTE Group Manage Protocol. A cluster is a set of switches in a specific broadcast domain. The switches form a unified management domain, providing an external public network IP address and management interface, and the ability to manage and access each member in the cluster.

  • Page 234: Figure 6-16 Cluster Management Network

    ZXR10 5250 Series Configuration Guide Figure 6-16 Cluster Management Network For changeover rules of the four roles of switches within a cluster, see Figure 6-17. 6-22 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 235: Figure 6-17 Changeover Rules Of Roles

    (all configuration modes) Displays detailed ZDP neighbor information. set ztp {enable | disable} Enables or disables the global ZTE zte(cfg-group)# Topology Protocol (ZTP) function. set ztp {port <portlist>| trunk Enables or disables the ZTP zte(cfg-group)# <trunklist>}{enable | disable}...
  • Page 236 ZXR10 5250 Series Configuration Guide Command Function set ztp hop <1-128> Sets a range (hop count) of zte(cfg-group)# collecting topology information. Sets a time interval for collecting set ztp timer<0-60> zte(cfg-group)# topology information automatically. set ztp portdelay <1-100> Sets a port delay for forwarding zte(cfg-group)# topology requests.
  • Page 237 2525, the IP address to 100.1.1.10/24, the gateway address to 100.1.1.1, the cluster management VLAN to 4000, the private address pool to 192.168.1.0/24, and the IP address of the TFTP Server in the cluster to 110.1.1.2. 6-25 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 238: Figure 6-18 Cluster Management Network

    Figure 6-18 Cluster Management Network Configuration Procedure 1. Configure the public network IP address of the command switch and the gateway. zte(cfg)#set vlan 2525 enable zte(cfg)#set vlan 2525 add port 1-24 tag zte(cfg)#config router zte(cfg-router)#set ipport 25 ipaddress 100.1.1.10/24 zte(cfg-router)#set ipport 25 vlan 2525 zte(cfg-router)#set ipport 25 enable zte(cfg-router)#iproute 0.0.0.0/0 100.1.1.1...
  • Page 239 Connecting ... Mem1.zte> Mem1.zte>enable password: Mem1.zte (cfg)#set vlan 4000 enable Mem1.zte (cfg)#set vlan 4000 add port 1-16 tag 4. Delete the cluster created on VLAN 1. Cmdr.ZTE(cfg-group)#set group delete member 1-3 Deleting member id : 1 Successed to del member!

  • Page 240: Sflow

    ZXR10 5250 Series Configuration Guide 00.50.43.3c.3b.5d candi ZXR10 5250-52TC 00.00.00.00.33.33 candi ZXR10 5250-52TC Cmdr.zte(cfg-group)#set group add device 1-3 Adding device id : 1 Successed to add member! Adding device id : 2 Successed to add member! Adding device id : 3 Successed to add member! Cmdr.zte(cfg-group)#show group member...

  • Page 241: Web

    1. Open Microsoft Internet Explorer. 2. Enter the IP address of the switch in the address bar (this address is that switch can connect). The system login interface is displayed, see Figure 6-19. 6-29 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 242: Figure 6-19 System Login Interface

    ZXR10 5250 Series Configuration Guide Figure 6-19 System Login Interface 3. Enter a username and a password, and select a user privilege. The Admin user needs to enter a login password and a management password. Guest users only need to enter a login password.

  • Page 243: Figure 6-21 System Information Page

    Port Management Port State Information Check Click the directory tree on the left of the system main page, Configuration > Port > Port State. The port state information page is displayed, see Figure 6-22. 6-31 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 244: Figure 6-22 Port State Information Page

    ZXR10 5250 Series Configuration Guide Figure 6-22 Port State Information Page This page displays the following port information: Parameter Description PortClass Port class LinkState Port linkup/linkdown state Duplex Duplex working state of the port Speed Working speed of the port Note: Port linkdown means that port hasn’t a physical connection.

  • Page 245: Figure 6-23 Port Configuration Information Page

    Single Port Configuration Click the Config button in the line of the port to be configured on the port configuration information page. The configuration page of this port is displayed, see Figure 6-24. 6-33 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 246: Figure 6-24 Single Port Configuration Page

    ZXR10 5250 Series Configuration Guide Figure 6-24 Single Port Configuration Page Configure the attribute of the selected port on this page. After configuration, click the Apply button to complete the configuration. Note: “Security” and “MacLimit” are conflicting. The two attributes cannot be set to be enabled at the same time.

  • Page 247: Figure 6-25 Bulk Port Configuration Page

    You can click previous or next to turn pages or select a page number from the GO drop-down list box. This page displays the following information: 6-35 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 248: Figure 6-27 Vlan Number Entering Page

    ZXR10 5250 Series Configuration Guide Parameter Description VlanName VLAN name AdminStatus VLAN enabled or not Tag Ports Port with a tag in the VLAN UntagPorts Port without a tag in the VLAN TagTrunks Trunk with a tag in the VLAN...

  • Page 249: Figure 6-28 Single Vlan Configuration Page

    à Figure 6-29 Bulk VLAN Configuration Page Admin of Select items is used to enable the VLAN. Port is ordinary port of bulk VLAN configuration. Trunk is trunk group of bulk VLAN configuration. 6-37 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 250: Figure 6-30 Pvlan Information Page

    ZXR10 5250 Series Configuration Guide After setting some attributes on this page, click Apply to complete the configuration. PLAN Management PVLAN Information Check Click Configuration > PVLAN > Pvlan Overview on the left of the main page. The PVLAN information page is displayed, see Figure 6-30.

  • Page 251: Figure 6-31 Pvlan Configuration Page

    Port Mirroring Management Port Mirroring Information Check Click Configuration > MIRROR > Mirror Overview on the left of the main page. The mirror information page is displayed, see Figure 6-32. 6-39 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 252: Figure 6-32 Mirror Information Page

    ZXR10 5250 Series Configuration Guide Figure 6-32 Mirror Information Page This page displays the following information: Parameter Description Source port Mirroring source port Destination port Mirroring destination port Port Mirroring Configuration Click Configuration > MIRROR > Mirror Configure on the left of the main page. The...

  • Page 253: Figure 6-34 Lacp Basic Attribute Page

    When setting the same configuration of bulk aggregation port attribute, click the corresponding check box to select multiple aggregation ports (select Select All to select all ports), and then click Set. The configuration page of bulk aggregation port is displayed, see Figure 6-35. 6-41 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 254: Figure 6-35 Bulk Aggregation Port Configuration Page

    ZXR10 5250 Series Configuration Guide Figure 6-35 Bulk Aggregation Port Configuration Page After setting attributes of the aggregation port on this page, click Apply to submit. Aggregation Group Information Check Click Configuration > Lacp > Lacp State on the left of the main page.

  • Page 255: Figure 6-37 Aggregation Group Configuration Page

    Otherwise, the network management will be interrupted. Monitoring Information Terminal Log Check Click Monitoring > Terminal Log on the left of the main page. The terminal log information page is displayed, see Figure 6-38. 6-43 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 256: Figure 6-38 Terminal Log Information Page

    ZXR10 5250 Series Configuration Guide Figure 6-38 Terminal Log Information Page Click the Refresh button to update terminal log information. Port Statistics Information Check Click Monitoring > Port Statistics on the left of the main page. The port statistics information page is displayed, see Figure 6-39.

  • Page 257: Figure 6-40 Configuration Information Page

    This page displays configuration information of the switch. System Maintenance Configuration Saving Page Click Maintenance > Save on the left of the main page. The saving configuration information page is displayed, see Figure 6-41. 6-45 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 258: Figure 6-41 Saving Configuration Page

    ZXR10 5250 Series Configuration Guide Figure 6-41 Saving Configuration Page Click Ok to save configuration or click Cancel to cancel configuration. Caution! Saving configuration will cover the original configuration file. Make sure that the configuration need to be covered before clicking Ok.

  • Page 259: Figure 6-43 File Upload Page

    If the operation is not correct, the switch cannot work. Unprofessional personnel are not recommended to use this function. User Management Click Maintenance > User Manager on the left of the main page. The user management page is displayed, see Figure 6-44. 6-47 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

  • Page 260: Figure 6-44 User Management Page

    ZXR10 5250 Series Configuration Guide Figure 6-44 User Management Page By default, the Modify tab is displayed. Modify the login password and management password of the user, and then click Apply to submit. Adding User Click the add button on the user management page. The adding user page is...

  • Page 261: M_Button

    The port speed is the same as the default port speed. On (yellow) The port speed is not the same as the default port speed. On (green) The port is in full-duplex mode. On (yellow) The port is in half-duplex mode. 6-49 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 262 ZXR10 5250 Series Configuration Guide Indicator State Description On (green) The STP status of the port is Forward. On (yellow) In other statuses. The STP status of the port is Disable. CPU% On (green) A port indicator displays the current CPU usage.

  • Page 263: Telnet

    Internet login service. With this protocol, users can perform operations on a remote switch through a local PC. A ZTE switch can be used as both a Telnet client and a Telnet server. User can set the listening port number when the device is logged in to through Telnet, also user can set the port number and source IP address when the device is used as a Telnet client to log in to another device.

  • Page 264: Figure 6-47 Telnet Login Instance

    ZXR10 5250 Series Configuration Guide Command Function Sets the port number and source telnet <dest ip-addr> destination-port <port-num><src IP address when the device is zte(cfg)# used as a Telnet client to log in to ip-addr> another device. Sets the listening port number when the device is logged in to set telnet listen-port <port>...

  • Page 265: Figure 6-48 Executing The Telnet Command On The Pc

    By default, the Telnet service is installed in Windows 2000. Execute the Telnet command on the PC, see Figure 6-48. Figure 6-48 Executing the Telnet Command on the PC For the Telnet login result, see Figure 6-49. Figure 6-49 Telnet Login Result 6-53 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 266 ZXR10 5250 Series Configuration Guide This page intentionally left blank. 6-54 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 267 Monthly Maintenance Items 1. Summarizing daily operations every month. a. Summarizing problems encountered during daily operation. If necessary, discuss with ZTE maintenance engineers. b. Summarizing daily maintenance experience to perform more efficient maintenance in the future. 2. Cleaning the equipment room.

  • Page 268: Table 7-1 Maintenance Period Of The Ethernet Switch

    ZXR10 5250 Series Configuration Guide b. Cleaning cable troughs and secure loosened wires. 3. Cleaning the switch. Ensuring that the cloth is not too wet and that the operation does not affect interfaces. 4. Backing up alarm information, statistics information, and configuration information.

  • Page 269: Chapter 7 Maintenance

    /* Wiring pair for sending data in the twisted pair cable */ Cable Test Passed. No problem found. Cable Length is unknown. Example 2 zte(cfg)#show vct port 8 Cable Test Result for Port 8 RX PAIR : Cable Test Passed. Cable is open.
  • Page 270 ZXR10 5250 Series Configuration Guide Solution 1. Use a correct configuration cable. 2. Check the serial port attributes of HyperTerminal. The correct settings are as follows: Bits per Second (baud rate) is 9600, Data bit is 8, Parity is None, and Flow control is None.
  • Page 271 : ZXR10 : 00:d0:d0:30:20:10 Press any key to stop autoboot: [ZXR10 Boot]: 2. In [ZXR10 Boot] state, enter [ZXR10 Boot]:zte to enter [BootManager] state of the switch. Enter <?> for command help. [BootManager]: ? - alias for 'help' SJ-20131111172707-002|2013-11-27 (R1.0)
  • Page 272 ZXR10 5250 Series Configuration Guide - change current path exit - exit from BootManager mode format - format flash - get/put file from/to FTP server help - print online help load - load zImage - list files in current directory...
  • Page 273 Most students registered and activated their accounts. After the preparation was completed, ZTE’s maintenance engineers enabled the DOT1X function on the access layer devices of the six buildings, as required by the customer. The configuration of the ZXR10 5250 was as follows: Two devices connected to two ports in the same VLAN cannot ping each other.
  • Page 274 The students’ accounts and configuration were correct, and the configuration of the ZXR10 5250 was correct. Even if ZTE’s maintenance engineers replaced the faulty switch with a new one, the problem still existed. The diagnosis result was that the interconnection between devices of ZTE and company B was faulty.
  • Page 275 2. Notify the central equipment room of the school to prohibit the computer from accessing the Internet before its hard disk is formatted and the system is reinstalled. 3. Install an ARP virus kill tool on all computers. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 276 ZXR10 5250 Series Configuration Guide This page intentionally left blank. 7-10 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 277 Figure 5-14 PVLAN Configuration Example 1 ............5-60 Figure 5-15 PVLAN Configuration Example 2 ............5-61 Figure 5-16 Layer 2 Protocol Transparent Transmission Configuration Topology ....................5-63 Figure 5-17 Layer-3 Configuration Instance ............5-66 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 278 ZXR10 5250 Series Configuration Guide Figure 5-18 Layer-3 IPv6 Configuration Instance ............ 5-68 Figure 5-19 DAI Configuration InstanceTopology ............ 5-69 Figure 5-20 Using PAP Mode for Identity Authentication ......... 5-72 Figure 5-21 Using Chap Mode for Identity Authentication ........5-73 Figure 5-22 Using EAP Mode for Identity Authentication .........
  • Page 279 Figure 6-17 Changeover Rules of Roles ..............6-23 Figure 6-18 Cluster Management Network.............. 6-26 Figure 6-19 System Login Interface ................ 6-30 Figure 6-20 System Main Interface ................. 6-30 Figure 6-21 System Information Page..............6-31 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 280 ZXR10 5250 Series Configuration Guide Figure 6-22 Port State Information Page ..............6-32 Figure 6-23 Port Configuration Information Page ............ 6-33 Figure 6-24 Single Port Configuration Page ............6-34 Figure 6-25 Bulk Port Configuration Page ............... 6-35 Figure 6-26 VLAN Information Page ............... 6-35 Figure 6-27 VLAN Number Entering Page ..............
  • Page 281 Table 5-2 Syslog Log Information................5-90 Table 5-3 Basic ZESR Concepts ................5-107 Table 5-4 Basic ZESS Concepts ................5-121 Table 6-1 ZXR10 5250 Port Indicator Descriptions ..........6-49 Table 7-1 Maintenance Period of the Ethernet Switch ..........7-2 SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 282 Tables This page intentionally left blank. SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 283 - Common and Internal Spanning Tree - Class of Service - Common Spanning Tree C-VLAN - Customer VLAN - Dynamic ARP Inspection DHCP - Dynamic Host Configuration Protocol - Delay Measurement - Denial of Service SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 284 ZXR10 5250 Series Configuration Guide DSCP - Differentiated Services Code Point EAPOL - Extensible Authentication Protocol Over LAN EAPS - Ethernet Automatic Protection Switching ERPS - Ethernet Ring Protection Switching - File Transfer Protocol GARP - Generic Attribute Registration Protocol...
  • Page 285 - Operation, Administration and Maintenance - Organizationally Unique Identifier - Provider Edge - Power over Ethernet PPPoE - Point to Point Protocol over Ethernet PVLAN - Private Virtual Local Area Network - Quality of Service SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...
  • Page 286 ZXR10 5250 Series Configuration Guide RADIUS - Remote Authentication Dial In User Service - Remote Defect Indication RMON - Remote Monitoring - Ring Protection Link RSTP - Rapid Spanning Tree Protocol - Side Smart Bias Tee SNMP - Simple Network Management Protocol...
  • Page 287 VLAN - Virtual Local Area Network - Virtual Private Network - Weighted Round Robin - ZTE Discovery Protocol ZESR - ZTE Ethernet Switch Ring ZESS - ZTE Ethernet Smart Switch - ZTE Topology Protocol SJ-20131111172707-002|2013-11-27 (R1.0) ZTE Proprietary and Confidential...

This manual is also suitable for:

Zxr10 5250-28tcZxr10 5250-52tcZxr10 5250-28smZxr10 5250-52pmZxr10 5250-28pm

Table of Contents