H3C S6550X-HI Series Command Reference Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. S6550X-HI Series
  6. Command reference manual

H3C S6550X-HI Series Command Reference Manual

Hide thumbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
Table of Contents

Advertisement

Quick Links

Download this manual
About the H3C S6550X-HI command references
The H3C S6550X-HI command references (R1116Pxx) describe the commands and command
syntax options available for the H3C S6550X-HI Ethernet Switch Series running software Release
1116 and later.
Command reference
Fundamentals Command
Reference
System Management Command
Reference
Interface Command Reference
Content
Covers the commands for logging in to and setting up the device.
This command reference includes:
CLI (command privilege settings and CLI management
commands).
RBAC.
Logging in to the device (login methods, and user interface
configuration and access control).
FTP and TFTP.
File system management.
Configuration file management.
Software upgrade.
Target configuration management.
Covers the configuration commands for device management &
monitoring and information center features.
This command reference includes:
Basic device management.
Device hardening.
Hardware resource management.
EAA.
Process monitoring and maintenance
Information center.
Covers interface configuration commands.
This command reference includes:
Common interface commands.
Bulk interface configuration.
Ethernet interface.
Loopback, null, and inloopback interfaces.
Tunnel interface.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S6550X-HI Series and is the answer not in the manual?

Questions and answers

Related Manuals for H3C S6550X-HI Series

Summary of Contents for H3C S6550X-HI Series

  • Page 1 About the H3C S6550X-HI command references The H3C S6550X-HI command references (R1116Pxx) describe the commands and command syntax options available for the H3C S6550X-HI Ethernet Switch Series running software Release 1116 and later. Command reference Content Covers the commands for logging in to and setting up the device.
  • Page 2 Command reference Content Covers the commands for configuring Layer 2 technologies and features in a LAN switched network. This command reference includes: • MAC address table. • Ethernet link aggregation. • Port isolation. • VLAN. Layer 2—LAN Switching Command • Loopback detection.
  • Page 3 Command reference Content • Routing policy. Covers the MCE commands. MCE Command Reference This command reference includes: • MCE. Covers the commands for classifying traffic with ACLs, and allocating network resources and managing congestions with QoS technologies to improve network performance and network use efficiency. ACL and QoS Command This command reference includes: Reference...
  • Page 4 Command reference Content • Track. • DLDP. • ERPS. • RRPP. • Smart Link. Covers the commands that help you manage and monitor your network, for example, manage system events, collect traffic statistics, sample packets, assess network performance, and test network connectivity.
  • Page 5 H3C S6550X-HI Switch Series Fundamentals Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1116 and later Document version: 6W100-20221110...
  • Page 6 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 7 Preface This command reference describes the fundamentals configuration commands. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 8 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 9 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.

  • Page 10: Table Of Contents

    Contents Basic CLI commands ····················································································· 1 alias ···························································································································································· 1 Display [ | [ by-linenum ] { begin | exclude | include } ] ··············································································· 2 display > ····················································································································································· 4 display >> ··················································································································································· 5 display alias ················································································································································ 6 display history-command ··························································································································· 6 display history-command all ·······················································································································...

  • Page 11: Basic Cli Commands

    Basic CLI commands alias to configure a command alias. alias to delete a command alias. undo alias Syntax alias alias command undo alias alias Default The device has a set of system-defined command aliases, as listed in Table Table 1 System-defined command aliases Command alias Command or command keyword access-list...

  • Page 12: Display [ | [ By-Linenum ] { Begin | Exclude | Include } ]

    For example, if you configure the alias , you can enter shiprt display ip routing-table to execute the command. If you configure the alias shiprt display ip routing-table ship , you can use to execute all commands that start with display ip ship display ip...
  • Page 13 Syntax display command [ | [ by-linenum ] { begin | exclude | include } regular-expression ]&<1-128> Views Any view Predefined user roles network-admin network-operator Parameters command : Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ? [ | [ by-linenum ] { begin | exclude | include } regular-expression ]&<1-128>...

  • Page 14: Display

    %Feb 6 16:44:18:113 2020 Sysname SHELL/5/SHELL_LOGOUT: VTY logged out from 169.254.100.171. # Display the running configuration, starting from the first line that contains user-group and numbering the output lines. <Sysname> display current-configuration | by-linenum begin user-group 114: user-group system 115- 116- return display >...
  • Page 15 display >> to append the output from a command to the end of a file. display >> display Syntax display command >> filename Views Any view Predefined user roles network-admin network-operator Parameters command : Specifies the keywords and arguments of a display command.

  • Page 16: Display Alias

    Twenty-FiveGigE1/0/2 display alias to display command aliases. display alias Syntax display alias [ alias ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a command alias. If you do not specify this argument, the command displays all alias command aliases.

  • Page 17: Display History-Command All

    Predefined user roles network-admin network-operator Usage guidelines The system automatically saves commands you have successfully executed to the command history buffer for the current CLI session. You can view them and execute them again. By default, the system can save up to 10 commands in the buffer. You can use the command to change the buffer size.

  • Page 18: Display Hotkey

    Date Time Terminal User 02/16/2020 20:03:33 vty0 192.168.1.26 Cmd:dis his all 02/16/2020 20:03:29 vty0 192.168.1.26 Cmd:sys Table 2 Command output Field Description Date Date when the command was executed. Time Time when the command was executed. Terminal User line used by the user. IP address of the terminal used by the user.

  • Page 19: Hotkey

    CTRL_N Display the next command in the history buffer. CTRL_P Display the previous command in the history buffer. CTRL_R Redisplay the current line. CTRL_V Paste text from the clipboard. CTRL_W Delete the word to the left of the cursor. CTRL_X Delete all characters from the beginning of the line to the cursor.
  • Page 20 Ctrl+D erase_the_character_at_the_cursor: Deletes the character at the cursor. move_the_cursor_to_the_end_of_the_line: Moves the cursor to the end of a Ctrl+E line. move_the_cursor_one_character_to_the_right: Moves the cursor one Ctrl+F character to the right. display current-configuration : Displays the running Ctrl+G configuration. erase_the_character_to_the_left_of_the_cursor: Deletes the character to the Ctrl+H left of the cursor.

  • Page 21: Quit

    Views System view Predefined user roles network-admin Parameters : Specifies a hotkey. To display the supported hotkeys, enter or see Table 3. hotkey hotkey ? : Specifies the command to be assigned to the hotkey. command : Specifies the function to be assigned to the hotkey. To display the function function supported functions, enter or see...

  • Page 22: Repeat

    Examples # Return from Twenty-FiveGigE 1/0/1 interface view to system view and then to user view. [Sysname-Twenty-FiveGigE1/0/1] quit [Sysname] quit <Sysname> repeat to repeat commands in the command history buffer for the current CLI session. repeat Syntax repeat [ number ] [ count times ] [ delay seconds ] Views Any view Predefined user roles...

  • Page 23: Return

    33% in last 5 seconds 32% in last 1 minute 33% in last 5 minutes <Sysname> display clock 07:02:28.263 UTC Thu 02/19/2020 <Sysname> display cpu-usage Slot 1 CPU 0 CPU usage: 33% in last 5 seconds 32% in last 1 minute 33% in last 5 minutes <Sysname>...

  • Page 24: System-View

    to enable pausing between screens of output for the undo screen-length disable current CLI session. Syntax screen-length disable undo screen-length disable Default The default depends on the configuration of the command in user line view. screen-length The following are the default settings for the command: screen-length •...
  • Page 25 Usage guidelines You can enter real-time-mode system view, exclusive-mode system view, or private-mode system view. • In real-time-mode system view and its lower-level views, settings are written to the running configuration and take effect immediately. • In exclusive-mode system view, private-mode system view, and their lower-level views, settings are saved to the target configuration, which takes effect after being committed by using the command.
  • Page 26 Contents RBAC commands ·························································································· 1 description ·················································································································································· 1 display role ················································································································································· 1 display role feature ····································································································································· 9 display role feature-group ························································································································ 10 feature ······················································································································································ 12 interface policy deny ································································································································ 13 permit interface ········································································································································ 14 permit vlan ················································································································································ 16 permit vpn-instance ·································································································································· 17 role ···························································································································································...

  • Page 27: Rbac Commands

    RBAC commands description to configure a description for a user role for easy identification. description to restore the default. undo description Syntax description text undo description Default A user role does not have a description. Views User role view Predefined user roles network-admin Parameters : Specifies a description, a case-sensitive string of 1 to 128 characters.
  • Page 28 Examples # Display information about user role 123. <Sysname> display role name 123 Role: 123 DlabVIPcription: (null) VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope Entity ------------------------------------------------------------------- permit command ping permit command tracert...
  • Page 29 ------------------------------------------------------------------- sys-1 permit command display * sys-2 permit command sys-3 permit command system-view ; probe ; display * sys-4 deny command display history-command all sys-5 deny command display exception * sys-6 deny command display cpu-usage configuration sys-7 deny command display kernel exception * sys-8 deny command...
  • Page 30 Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope Entity ------------------------------------------------------------------- sys-1 permit command tracert * sys-2 permit command telnet * sys-3 permit command ping * sys-4 permit command ssh2 * sys-5 permit command display * sys-6 permit command...
  • Page 31 Interface policy: permit (default) VPN instance policy: permit (default) Role: level-8 Description: Predefined level-8 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) Role: level-9 Description: Predefined level-9 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule...
  • Page 32 Role: level-14 Description: Predefined level-14 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) Role: level-15 Description: Predefined level-15 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope...
  • Page 33 sys-14 permit command sys-15 permit command rename * sys-16 permit command undelete * sys-17 permit command ftp * sys-18 permit command sftp * R:Read W:Write X:Execute Role: guest-manager Description: Predefined guest manager role can't access to commands VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) -------------------------------------------------------------------...
  • Page 34 Field Description VLAN policy of the user role: • deny—Denies access to any VLANs except for permitted VLAN policy VLANs. • permit (default)—Default VLAN policy, which enables the user role to access all VLANs. Permitted VLANs VLANs accessible to the user role. Interface policy of the user role: •...

  • Page 35: Display Role Feature

    display role feature to display features available in the system. display role feature Syntax display role feature [ name feature-name | verbose ] Views Any view Predefined user roles network-admin network-operator Parameters name feature-name : Specifies a feature by feature name. The feature-name argument represents the feature name, and all letters must be in lower case.

  • Page 36: Display Role Feature-Group

    reset aaa * Table 2 Command output (display role feature name aaa) Field Description Feature Displays the name and brief function description of the feature. domain All commands that start with the keyword in system view, system-view ; domain * and all commands in ISP domain view.
  • Page 37 Parameters : Specifies a feature group. The name feature-group-name feature-group-name argument represents the feature group name, a case-sensitive string of 1 to 31 characters. If you do not specify a feature group, the command displays information about all feature groups. : Displays the commands of each feature in feature groups.

  • Page 38: Feature

    display igmp-snooping * display multicast-vlan * display l2-multicast * system-view ; probe ; display system internal l2-multicast * system-view ; probe ; display system internal multicast-vlan * reset igmp-snooping * reset l2-multicast * debugging igmp-snooping * display debugging igmp-snooping * system-view ;...

  • Page 39: Interface Policy Deny

    Predefined user roles network-admin Parameters : Specifies a feature name. You must enter the feature name in lower case. feature-name Usage guidelines Repeat the command to add multiple features to a feature group. feature Examples # Add the AAA and ACL features to feature group security-features. <Sysname>...

  • Page 40: Permit Interface

    • Enter interface view. • Specify the interface in feature commands. The create and remove operations are available only for logical interfaces. Any change to a user role interface policy takes effect only on users who log in with the user role after the change.
  • Page 41 • Have a higher interface number than the start interface. Usage guidelines To permit a user role to access an interface after you configure the interface policy deny command, you must add the interface to the permitted interface list of the policy. With the user role, you can perform the following tasks to the interfaces in the permitted interface list: •...

  • Page 42: Permit Vlan

    role permit vlan to configure a list of VLANs accessible to a user role. permit vlan to remove the permission for a user role to access specific VLANs. undo permit vlan Syntax permit vlan vlan-id-list undo permit vlan [ vlan-id-list ] Default No permitted VLANs are configured in user role VLAN policy view.

  • Page 43: Permit Vpn-Instance

    # Permit user role role1 to access VLANs 1, 2, 4, and 50 to 100. [Sysname-role-role1] vlan policy deny [Sysname-role-role1-vlanpolicy] permit vlan 1 2 4 50 to 100 [Sysname-role-role1-vlanpolicy] quit [Sysname-role-role1] quit Verify that you cannot use user role role1 to work on all VLANs except for VLANs 1, 2, 4, and 50 to 100: # Verify that you can create VLAN 100 and enter VLAN view.

  • Page 44: Role

    With the user role, you can perform the following tasks on the VPN instances in the permitted VPN instance list: • Create, remove, or configure the VPN instances. • Enter the VPN instance views. • Specify the VPN instances in feature commands. You can repeat the command to add multiple permitted VPN instances to permit vpn-instance...

  • Page 45: Role Default-Role Enable

    Syntax role name role-name undo role name role-name Default The system has the following predefined user roles: network-admin, network-operator, level-n (where n represents an integer in the range of 0 to 15), and security-audit. Views System view Predefined user roles network-admin Parameters : Specifies a username.

  • Page 46: Role Feature-Group

    Default The default user role feature is disabled. AAA users who do not have a user role cannot log in to the device. Views System view Predefined user roles network-admin Parameters : Specifies a user role by its name for the default user role. The user role must already role-name exist.

  • Page 47: Rule

    Usage guidelines The L2 feature group includes all Layer 2 feature commands, and the L3 feature group includes all Layer 3 feature commands. These predefined feature groups are not user configurable. In addition to the predefined feature groups L2 and L3, you can create a maximum of 64 user role feature groups.
  • Page 48 : Specifies the read commands, XML elements, or MIB nodes to display configuration or read maintenance information. The , and commands are examples of read display more commands. : Specifies the write commands, XML elements, or MIB nodes to configure the system. The write command is an example of write commands.
  • Page 49 • If a predefined user role rule and a user-defined user role rule conflict, the user-defined user role rule takes effect. The following guidelines apply to OID rules: • The system compares an OID with the OIDs specified in rules, and it uses the longest match principle to select a rule for the OID.
  • Page 50 Rule Guidelines You can specify a keyword by entering the first few characters of the keyword. Any command that starts with this character string matches the rule. Keyword abbreviation is allowed. For example, "rule 1 deny command dis arp source *" denies access to the commands display arp source-mac interface and display arp source-suppression.

  • Page 51: Super

    super to obtain another user role without reconnecting to the device. super Syntax super [ role-name ] Views User view Predefined user roles network-admin Parameters : Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must role-name exist in the system and cannot be security-audit.

  • Page 52: Super Default Role

    Syntax super authentication-mode { local | scheme } * undo super authentication-mode Default Local password authentication applies. Views System view Predefined user roles network-admin Parameters : Enables local password authentication. local : Enables remote AAA authentication. scheme Usage guidelines For local password authentication, use the command to set a password.

  • Page 53: Super Password

    to restore the default. undo super default role Syntax super default role role-name undo super default role Default The default target user role is network-admin. Views System view Predefined user roles network-admin Parameters : Specifies the name of the default target user role, a case-sensitive string of 1 to 63 role-name characters.

  • Page 54: Vlan Policy Deny

    sets a password for the default target user role which is set by using the super default role command. : Specifies a password in hashed form. hash : Specifies a password in plaintext form. For security purposes, the password specified in simple plaintext form will be stored in hashed form.

  • Page 55: Vpn-Instance Policy Deny

    Views User role view Predefined user roles network-admin Usage guidelines CAUTION: command denies the access of the user role to any VLANs if the vlan policy deny permit command is not configured. vlan To restrict the VLAN access of a user role to a set of VLANs, perform the following tasks: vlan policy deny to enter user role VLAN policy view.
  • Page 56 Default A user role has access to all VPN instances. Views User role view Predefined user roles network-admin Usage guidelines CAUTION: command denies the access of the user role to any VPN vpn-instance policy deny instances if the command is not configured. permit vpn-instance To restrict the VPN instance access of a user role to a set of VPN instances, perform the following tasks:...
  • Page 57 Contents Login management commands ······································································ 1 activation-key ············································································································································· 1 authentication-mode ··································································································································· 3 auto-execute command ······························································································································ 5 character-encoding ···································································································································· 6 character-encoding check ·························································································································· 7 command accounting ································································································································· 8 command authorization ······························································································································ 9 databits ····················································································································································· 10 display | original-encoding ························································································································ 10 display character-encoding ······················································································································ 11 display line ···············································································································································...

  • Page 58: Login Management Commands

    Login management commands Some login management commands are available in both user line view and user line class view. For these commands, the device uses the following rules to determine the settings to be activated: • A setting in user line view applies only to the user line. A setting in user line class view applies to all user lines of the class.
  • Page 59 Table 1 ASCII code values for combined keys that use the Ctrl key Combined key ASCII code value Ctrl+A Ctrl+B Ctrl+C Ctrl+D Ctrl+E Ctrl+F Ctrl+G Ctrl+H Ctrl+I Ctrl+J Ctrl+K Ctrl+L Ctrl+M Ctrl+N Ctrl+O Ctrl+P Ctrl+Q Ctrl+R Ctrl+S Ctrl+T Ctrl+U Ctrl+V Ctrl+W Ctrl+X Ctrl+Y...

  • Page 60: Authentication-Mode

    [Sysname-line-aux0] activation-key s To verify the configuration: Exit the AUX session. [Sysname-line-aux0] return <Sysname> quit Log in again through the AUX line. The following message appears: Press ENTER to get started. Press Enter. Pressing Enter does not start a session. Press s.
  • Page 61 Usage guidelines CAUTION: • When authentication is disabled, users can login without authentication. For security purpose, disable authentication with caution. • When you enable password authentication, you must also configure an authentication password for the line or line class. If no authentication password is configured, you cannot log in to the device through the line or line class at the next time.

  • Page 62: Auto-Execute Command

    auto-execute command to specify the command to be automatically executed for a login auto-execute command user. to restore the default. undo auto-execute command Syntax auto-execute command command undo auto-execute command Default No command is specified to be automatically executed for a login user. Views User line view User line class view...

  • Page 63: Character-Encoding

    C:\> telnet 192.168.1.40 ****************************************************************************** * Copyright (c) 2004-2020 New H3C Technologies Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ****************************************************************************** <Sysname> Trying 192.168.1.41 ... Press CTRL+K to abort Connected to 192.168.1.41 ...

  • Page 64: Character-Encoding Check

    Usage guidelines GB18030 and UTF-8 are two common character encodings. They both support Chinese and English, but the encoding length of Chinese characters is different. If the parameters to configure contain Chinese characters, make sure the login terminal and the device use the same character encoding. Otherwise, the configuration containing Chinese characters on the device might fail to be parsed correctly, or even fail to take effect.

  • Page 65: Command Accounting

    Default Character encoding check is enabled. Views User view Predefined user roles network-admin Usage guidelines This feature examines input characters for compliance with the configured character encoding. If the characters do not comply with the character encoding, the characters are blocked and an error message is returned.

  • Page 66: Command Authorization

    After you execute the command in user line class view, you cannot command accounting execute the undo command accounting command in any user line views in the class. Examples # Enable command accounting for VTY line 0. <Sysname> system-view [Sysname] line vty 0 [Sysname-line-vty0] command accounting Related commands (User Access and Authentication Command Reference)

  • Page 67: Databits

    Related commands (User Access and Authentication Command Reference) authorization command command accounting databits to specify the number of data bits for a character. databits to restore the default. undo databits Syntax databits { 5 | 6 | 7 | 8 } undo databits Default Eight data bits are used for a character.

  • Page 68: Display Character-Encoding

    Views Any view Predefined user roles network-admin Parameters : Specifies the GB18030 encoding. gb18030 : Specifies the UTF-8 encoding. utf-8 Usage guidelines When you execute only the command, the device displays the output from the display command specified command in the system encoding. The display command | original-encoding command enables the device to convert the output from the specified { gb18030 | utf-8 }...
  • Page 69 Use the command to identify the character display character-encoding terminal encoding used on the login terminal. The device will send test characters in both UTF-8 and GB18030 encodings to the login terminal. The test characters will be displayed as 中文 for the character encoding used on the login terminal.

  • Page 70: Display Line

    display line to display user line information. display line Syntax display line [ number1 | { aux | vty } number2 ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the absolute number of a user line. The value range is 0 to 64. number1 : Specifies the AUX line.

  • Page 71: Display Telnet Client

    Line type : [AUX] 0:XXXX XXXX XX Line type : [VTY] 10:UUXX XXXX XXXX XXXX 26:XXXX XXXX XXXX XXXX 42:XXXX XXXX XXXX XXXX 58:XXXX XXXX XXXX XXXX 2 lines used. 72 lines not used. Table 4 Command output Fields Description Type of the user line: •...
  • Page 72 Syntax display user-interface [ number1 | { aux | vty } number2 ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the absolute number of a user line. The value range is 0 to 64. number1 : Specifies the AUX line.

  • Page 73: Display Users

    <Sysname> display user-interface summary Line type : [AUX] 0:XXXX XXXX XX Line type : [VTY] 10:UXUX XXXX XXXX XXXX 26:XXXX XXXX XXXX XXXX 42:XXXX XXXX XXXX XXXX 58:XXXX XXXX XXXX XXXX 2 lines used. 72 lines not used. Table 6 Command output Fields Description Type of the user line:...

  • Page 74: Escape-Key

    : Current operation user. : Current operation user works in async mode. Table 7 Command output Field Description Absolute number of the user line. Line Type and relative number of the user line. Time elapsed after the user's most recent input, in the hh:mm:ss format. Idle Time Login time of the user.

  • Page 75: Flow-Control

    Usage guidelines You can press the escape key to abort a command that is being executed, for example, a ping command. Whether a command can be aborted by Ctrl+C by default depends on the tracert software implementation of the command. For more information, see the usage guidelines for the command.

  • Page 76: Free Line

    undo flow-control Default Flow control is disabled. Views User line view Predefined user roles network-admin Parameters : Performs hardware flow control. hardware : Disables flow control. none : Performs software flow control. software Usage guidelines This command is not supported in VTY line view. The device supports flow control in both the inbound and outbound directions.

  • Page 77: Free User-Interface

    Usage guidelines This command does not release the line you are using. Examples # Release VTY line 1. <Sysname> free line vty 1 Are you sure to free line vty1? [Y/N]:y [OK] free user-interface to release a user line. free user-interface Syntax free user-interface { number1 | { aux | vty } number2 } Views...

  • Page 78: Http Acl

    Default The command history buffer for a user line stores up to 10 history commands. Views User line view User line class view Predefined user roles network-admin Parameters : Specifies the maximum number of history commands the buffer can store, in the size-value range of 0 to 256.

  • Page 79: Http Ipv6 Acl

    Usage guidelines This command does not take effect on the existing TCP connections. To control TCP connections from IPv4 HTTP clients, specify an existing ACL that has rules. Then, only IPv4 HTTP clients permitted by the ACL can establish TCP connections to the device. If no ACL is applied or the applied ACL does not exist or does not have rules, all IPv4 HTTP clients can establish TCP connections.

  • Page 80: Http Method

    To control TCP connections from IPv6 HTTP clients, specify an existing ACL that has rules. Then, only IPv6 HTTP clients permitted by the ACL can establish TCP connections to the device. If no ACL is applied or the applied ACL does not exist or does not have rules, all IPv6 HTTP clients can establish TCP connections.

  • Page 81: Https Acl

    If yes, the device uses the settings for this command to generate and return a reply to the  OPTIONS request. If not, the device returns the 405 Method Not Allowed message.  This command does not affect HTTP requests except for OPTIONS requests. Examples # Specify GET, HEAD, POST, and OPTIONS methods as the HTTP methods to be added to the reply to an OPTIONS request.

  • Page 82: Https Ipv6 Acl

    [Sysname] acl basic 2001 [Sysname-acl-ipv4-basic-2001] rule permit source 1.1.1.1 0 [Sysname-acl-ipv4-basic-2001] quit [Sysname] https acl 2001 Related commands (Network Management and Monitoring Command Reference) netconf soap acl https ipv6 acl to control TCP connections from IPv6 HTTPS clients. https ipv6 acl to restore the default.

  • Page 83: Idle-Timeout

    idle-timeout to set the CLI connection idle-timeout timer. idle-timeout to restore the default. undo idle-timeout Syntax idle-timeout minutes [ seconds ] undo idle-timeout Default The CLI connection idle-timeout timer is 10 minutes. Views User line view User line class view Predefined user roles network-admin Parameters...

  • Page 84: Line Class

    Predefined user roles network-admin Parameters : Specifies the absolute number of the first user line. The value range is 0 to 64. first-number1 : Specifies the absolute number of the last user line. The value range is 1 to 64. last-number1 This number must be greater than first-number1...
  • Page 85 • auto-execute command • authentication-mode • command accounting • command authorization • escape-key • history-command max-size • idle-timeout • protocol inbound • screen-length • set authentication password • shell • terminal type • user-role For commands that are available in both user line view and user line class view, the device uses the following rules to determine the settings to use: •...

  • Page 86: Lock

    Press Enter. Pressing Enter does not start a session. Enter s. A terminal session is started. <Sysname> Related commands line lock to lock the current user line and set the password for unlocking the line. lock Syntax lock Default The system does not lock any user lines. Views User view Predefined user roles...

  • Page 87: Lock-Key

    Views Any view Predefined user roles network-admin Usage guidelines This command locks the current user line. To unlock the user line, you must press Enter and provide the login password to pass reauthentication. If you have changed the login password after login, you must provide the new password.

  • Page 88: Parity

    Usage guidelines As a best practice, specify a combined key as the user line locking key. If you specify a single character as the key, the character acts only as the user line locking key. You cannot type the character for any commands, keywords, or arguments. Pressing the user line locking key is equivalent to executing the lock reauthentication command.

  • Page 89: Protocol Inbound

    : Uses no parity. none : Uses odd parity. : Uses space parity. space Usage guidelines This command is not supported in VTY line view. The configuration terminal and the device must use the same parity. Examples # Configure AUX line 0 to use odd parity. <Sysname>...
  • Page 90 Trying 192.168.1.241 ... Press CTRL+K to abort Connected to 192.168.1.241 ... ****************************************************************************** * Copyright (c) 2004-2020 New H3C Technologies Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ****************************************************************************** <Server>...

  • Page 91: Screen-Length

    screen-length to set the maximum number of lines of command output to send to the screen-length terminal at a time when the screen pausing feature is enabled. to restore the default. undo screen-length Syntax screen-length screen-length undo screen-length Default A maximum of 24 lines are sent. Views User line view User line class view...

  • Page 92: Set Authentication Password

    Syntax send { all | number1 | { aux | vty } number2 } Views User view Predefined user roles network-admin Parameters : Specifies all user lines. : Specifies the absolute number of a user line. The value range is 0 to 64. number1 : Specifies the AUX line.

  • Page 93: Shell

    Views User line view User line class view Predefined user roles network-admin Parameters : Specifies a password in hashed form. hash : Sets a password in plaintext form. For security purposes, the password specified in simple plaintext form will be stored in hashed form. : Specifies the password.

  • Page 94: Speed

    Predefined user roles network-admin Usage guidelines command is not supported in AUX line view or AUX line class view. undo shell You cannot disable the terminal service on the user line you are using. When the device acts as a Telnet or SSH server, you cannot execute the command.

  • Page 95: Stopbits

    • 115200 bps. Usage guidelines This command is not supported in VTY line view. The configuration terminal and the device must be configured with the same transmission rate to communicate. Examples # Set the transmission rate to 19200 bps for AUX line 0. <Sysname>...

  • Page 96: Telnet Client Source

    Syntax telnet remote-host [ service-port ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number | ip ip-address } | dscp dscp-value ] * Views User view Predefined user roles network-admin Parameters : Specifies the IPv4 address or host name of a remote host. A host name can be a remote-host case-insensitive string of 1 to 253 characters.

  • Page 97: Telnet Ipv6

    Syntax telnet client source { interface interface-type interface-number | ip ip-address } undo telnet client source Default No source IPv4 address or source interface is specified. The Telnet client uses the primary IPv4 address of the output interface for the route to the server as the source IPv4 address. Views System view Predefined user roles...

  • Page 98: Telnet Server Acl

    : Specifies the TCP port number for the Telnet service on the remote host. The value port-number range is 0 to 65535 and the default is 23. : Specifies the MPLS L3VPN instance to which the remote vpn-instance vpn-instance-name host belongs. The argument represents the VPN instance name, a vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 99: Telnet Server Acl-Deny-Log Enable

    Usage guidelines When no ACL is applied to the Telnet service, all users can Telnet to the device. To control Telnet logins, specify an ACL that exists and has rules so that only users permitted by the ACL can Telnet to the device.

  • Page 100: Telnet Server Dscp

    Related commands telnet server acl telnet server ipv6 acl telnet server dscp to specify the DSCP value for IPv4 to use for Telnet packets sent to a telnet server dscp Telnet client. to restore the default. undo telnet server dscp Syntax telnet server dscp dscp-value undo telnet server dscp...

  • Page 101: Telnet Server Ipv6 Acl

    Usage guidelines Users can Telnet to the device only when the Telnet server is enabled. Examples # Enable the Telnet server. <Sysname> system-view [Sysname] telnet server enable telnet server ipv6 acl to apply an IPv6 ACL to filter IPv6 Telnet logins. telnet server ipv6 acl to restore the default.

  • Page 102: Telnet Server Ipv6 Dscp

    [Sysname] telnet server ipv6 acl ipv6 2001 telnet server ipv6 dscp to specify the DSCP value for IPv6 to use for Telnet packets sent telnet server ipv6 dscp to a Telnet client. to restore the default. undo telnet server ipv6 dscp Syntax telnet server ipv6 dscp dscp-value undo telnet server ipv6 dscp...

  • Page 103: Telnet Server Port

    Usage guidelines This command terminates all existing Telnet connections to the IPv6 Telnet server. To use the Telnet service, users must reestablish Telnet connections. Examples # Set the IPv6 Telnet service port number to 1026. <Sysname> system-view [Sysname] telnet server ipv6 port 1026 telnet server port to specify the IPv4 Telnet service port number.

  • Page 104: Terminal Type

    Views User view Predefined user roles network-admin Parameters : Specifies the GB18030 encoding. gb18030 : Specifies the UTF-8 encoding. utf-8 Usage guidelines This command makes sense only when the system character encoding is configured. You can use to specify the system and terminal encodings. If you change the user character-encoding encoding on the user interface, use to change the terminal...

  • Page 105: User-Interface

    display problem might occur when a command line has more than 80 characters. For example, a cursor positioning error might occur. This command is available in both user line view and user line class view. A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view.

  • Page 106: User-Interface Class

    [Sysname-line-aux0] # Enter the views of VTY lines 0 to 4. <Sysname> system-view [Sysname] user-interface vty 0 4 [Sysname-line-vty0-4] Related commands user-interface class user-interface class user-interface class to enter user line class view. Syntax user-interface class { aux | vty } Views System view Predefined user roles...

  • Page 107: User-Role

    For commands that are available in both user line view and user line class view, the device uses the following rules to determine the settings to use: • A setting in user line view applies only to the user line. A setting in user line class view applies to all user lines of the class.
  • Page 108 Syntax user-role role-name undo user-role [ role-name ] Default A console user is assigned the network-admin user role. Other users are assigned the network-operator user role. Views User line view User line class view Predefined user roles network-admin Parameters : Specifies a user role name, a case-sensitive string of 1 to 63 characters. The user role role-name can be user-defined or predefined.
  • Page 109 Contents FTP commands ····························································································· 1 FTP server commands ······································································································································· 1 display ftp-server ········································································································································ 1 display ftp-user ··········································································································································· 1 free ftp user ················································································································································ 2 free ftp user-ip ············································································································································ 3 free ftp user-ip ipv6 ···································································································································· 3 ftp server acl ··············································································································································· 4 ftp server dscp ············································································································································ 5 ftp server enable ········································································································································...
  • Page 110 tftp client source ······································································································································· 42 tftp ipv6 ····················································································································································· 43 tftp-server acl ··········································································································································· 44 tftp-server ipv6 acl ···································································································································· 45...

  • Page 111: Ftp Commands

    FTP commands FTP server commands display ftp-server to display FTP server configuration and status information. display ftp-server Syntax display ftp-server Views Any view Predefined user roles network-admin network-operator Examples # Display FTP server configuration and status information. <Sysname> display ftp-server FTP server is running.

  • Page 112: Free Ftp User

    Examples # Display detailed information about online FTP users. <Sysname> display ftp-user UserName HostIP Port HomeDir root 192.168.20.184 46539 flash: A field value is wrapped if its length exceeds the limit. The segments are left justified. The following are the length limits for fields: •...

  • Page 113: Free Ftp User-Ip

    <Sysname> free ftp user-ip to manually release the FTP connections established from a specific IPv4 free ftp user-ip address. Syntax free ftp user-ip ip-address [ port port ] Views User view Predefined user roles network-admin Parameters : Specifies the source IP address of an FTP connection. To view the source IP ip-address addresses of FTP connections, execute the command.

  • Page 114: Ftp Server Acl

    ftp server acl to use an ACL to control FTP clients' access to the FTP server. ftp server acl to restore the default. undo ftp server acl Syntax server advanced-acl-number basic-acl-number ipv6 { advanced-acl-number | basic-acl-number } } undo ftp server acl [ ipv6 ] Default No ACL is used to control FTP clients' access to the FTP server.

  • Page 115: Ftp Server Dscp

    ftp server dscp to set the DSCP value for IPv4 to use for FTP packets sent to an FTP client. ftp server dscp to restore the default. undo ftp server dscp Syntax ftp server dscp dscp-value undo ftp server dscp Default IPv4 uses the DSCP value 0 for FTP packets sent to an FTP client.

  • Page 116: Ftp Server Ipv6 Dscp

    ftp server ipv6 dscp to set the DSCP value for IPv6 to use for FTP packets sent to an FTP ftp server ipv6 dscp client. to restore the default. undo ftp server ipv6 dscp Syntax ftp server ipv6 dscp dscp-value undo ftp server ipv6 dscp Default IPv6 uses the DSCP value 0 for FTP packets sent to an FTP client.

  • Page 117: Ftp Timeout

    Usage guidelines After you associate an SSL server policy with the device, a client that supports SFTP will establish a secure connection to the device to ensure data security. Examples # Associate SSL server policy myssl with the FTP server. <Sysname>...

  • Page 118: Append

    to display all commands supported by an FTP client. to display the help information for a command. ? command-name Syntax ? [ command-name ] Views FTP client view Predefined user roles network-admin Parameters : Specifies a command supported by the FTP client. command-name Usage guidelines In FTP client view, entering...

  • Page 119: Ascii

    Parameters : Specifies a file on the FTP client. localfile : Specifies a file on the FTP server. remotefile Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Append the content of the local a.txt file to the b.txt file on the FTP server. ftp>...

  • Page 120: Bye

    Syntax binary Default The file transfer mode is binary. Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. FTP transfers files in either of the following modes: •...

  • Page 121: Cdup

    to change the current working directory to another directory on the FTP server. Syntax cd { directory | .. | / } Views FTP client view Predefined user roles network-admin Parameters : Specifies the target directory. If the target directory does not exist, the command directory does not change the current working directory.

  • Page 122: Close

    Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. This command does not change the working directory if the current directory is the FTP root directory.

  • Page 123: Debug

    debug to enable or disable FTP client debugging. debug Syntax debug Default FTP client debugging is disabled. Views FTP client view Predefined user roles network-admin Usage guidelines When FTP client debugging is enabled, executing this command disables FTP client debugging. When FTP client debugging is disabled, executing this command enables FTP client debugging.

  • Page 124: Dir

    ftp> delete b.txt 250 Deleted b.txt to display or save detailed information about files and directories on the FTP server. Syntax dir [ remotefile [ localfile ] ] Views FTP client view Predefined user roles network-admin Parameters : Specifies a file or directory on the FTP server. remotefile : Specifies the name of the local file used to save the displayed information.

  • Page 125: Disconnect

    # Display the content of the file s.txt. ftp> bye 221-Goodbye. You uploaded 0 and downloaded 2 kbytes. 221 Logout. <Sysname> more s.txt -rwxr-xr-x 1481 Jul 7 12:34 a.txt Related commands disconnect to terminate the connection to the FTP server without exiting FTP client view. disconnect Syntax disconnect...

  • Page 126: Ftp

    The source IP address of the FTP client is 1.1.1.1. to log in to an IPv4 FTP server and enter FTP client view. Syntax ftp [ ftp-server [ service-port ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type interface-number | ip source-ip-address } | -d ] * ] Views User view...

  • Page 127: Ftp Client Ipv6 Source

    Connected to 192.168.0.211 (192.168.0.211). 220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user User (192.168.0.211:(none)): abc 331 Give me your password, please Password: 230 Logged in successfully Remote system type is MSDOS. ftp> # Log in to FTP server 192.168.0.211 and enable FTP client debugging. <Sysname>...

  • Page 128: Ftp Client Source

    Parameters : Specifies an interface by its type and interface interface-type interface-number number. The device will use the interface's IPv6 address as the source address. For successful FTP packet transmission, make sure the interface is up and is configured with an IPv6 address. : Specifies an IPv6 address.

  • Page 129: Ftp Ipv6

    Usage guidelines If you execute this command multiple times, the most recent configuration takes effect. The source address specified with the command takes precedence over the source address specified with the command. ftp client source The source address specified with the command applies to all FTP ftp client source connections.

  • Page 130: Get

    User (2000::154): root 331 Password required for root. Password: 230 User logged in Remote system type is H3C # Log in to FTP server 2000::154 and enable FTP client debugging. <Sysname> ftp ipv6 2000::154 –d Press CTRL+C to abort. Connected to 2000::154 (2000::154).
  • Page 131 Syntax get remotefile [ localfile ] Views FTP client view Predefined user roles network-admin Parameters : Specifies the file to be downloaded. remotefile : Specifies a name for the downloaded file. If you do not specify this argument, the localfile system uses the name of the source file.

  • Page 132: Help

    help to display all commands supported by the FTP client. help to display the help information for a command. help command-name Syntax help [ command-name ] Views FTP client view Predefined user roles network-admin Parameters : Specifies a command supported by the FTP client. command-name Usage guidelines In FTP client view, executing the...
  • Page 133 Parameters : Changes the local working directory of the FTP client to the specified local directory. directory There must be a slash sign (/) before the name of the storage medium, for example, /flash:/logfile. : Changes the local working directory of the FTP client to the local root directory. Usage guidelines To display the local working directory of the FTP client, do not specify the directory...

  • Page 134: Mkdir

    drwxr-xr-x 8192 Jul 2 14:33 diagfile drwxr-xr-x 8192 Jul 7 15:21 ftp drwxr-xr-x 8192 Jul 5 09:15 logfile drwxr-xr-x 8192 Jul 2 14:33 seclog -rwxr-xr-x 40808448 Jul 2 14:33 system-a1801.bin -rwxr-xr-x 3050 Jul 7 12:26 startup.cfg -rwxr-xr-x 54674 Jul 4 09:24 startup.mdb -rwxr-xr-x 1481 Jul 7 12:34 x.cfg...

  • Page 135: Newer

    newer to update a local file by using a file on the FTP server. newer Syntax newer remotefile [ localfile ] Views FTP client view Predefined user roles network-admin Parameters : Specifies a file on the FTP server. remotefile : Specifies the local file to be updated. localfile Usage guidelines You can perform this operation only after you log in to the FTP server.

  • Page 136: Passive

    Press CTRL+C to abort. Connected to 192.168.40.7 (192.168.40.7). 220 FTP service ready. User (192.168.40.7:(none)): root 331 Password required for root. Password: 230 User logged in. Remote system type is H3C. ftp> passive to change the FTP operation mode. passive Syntax passive Default The FTP operation mode is passive.

  • Page 137: Put

    to upload a file from the FTP client to the FTP server. Syntax put localfile [ remotefile ] Views FTP client view Predefined user roles network-admin Parameters : Specifies the local file to be uploaded. localfile : Specifies the name of the file for saving the uploaded file on the FTP server. remotefile Usage guidelines You can perform this operation only after you log in to the FTP server.

  • Page 138: Pwd

    to display the currently accessed directory on the FTP server. Syntax Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Display the currently accessed directory on the FTP server. ftp>...

  • Page 139: Rename

    Views FTP client view Predefined user roles network-admin network-operator Parameters : Specifies a file on the FTP server. remotefile : Specifies a local file. localfile Usage guidelines You can perform this operation only after you log in to the FTP server. If a file download is not completed due to network or storage space problems, use this command to get the part that has not been downloaded yet.

  • Page 140: Reset

    (to-name) b.txt 350 RNFR accepted - file exists, ready for destination 250 File successfully renamed or moved • Method 2: ftp> rename a.txt (to-name) b.txt 350 RNFR accepted - file exists, ready for destination 250 File successfully renamed or moved •...

  • Page 141: Rhelp

    Examples # Set retransmission offset to 2 bytes and retransmit the h.c file. The file has 82 bytes in total. ftp> restart 2 restarting at 2. execute get, put or append to initiate transfer ftp> put h.c h.c local: h.c remote: h.c 350 Restart position accepted (2).

  • Page 142: Rmdir

    Field Description PASS Password. NOOP Null operation. SYST System parameters. TYPE Request type. Changes the current working directory. XCWD Extended command with the meaning of CWD. Prints the working directory. CDUP Changes the directory to the upper directory. XCUP Extended command with the meaning of CDUP. XPWD Extended command with the meaning of PWD.

  • Page 143: Rstatus

    Views FTP client view Predefined user roles network-admin Parameters : Specifies a directory on the FTP server. directory Usage guidelines CAUTION: Permanently delete a directory from the FTP server with caution. When you permanently delete a directory from the FTP server, make sure the directory is no longer in use. You can perform this operation only after you log in to the FTP server.
  • Page 144 ftp> rstatus 211-FTP server status: Connected to 192.168.20.177 Logged in as root TYPE: ASCII No session bandwidth limit Session timeout in seconds is 300 Control connection is plain text Data connections will be plain text At session startup, client count was 1 vsFTPd 2.0.6 - secure, fast, stable 211 End of status Table 4 Command output...

  • Page 145: Status

    Field Description The first bit specifies the file type. • -—Common. • B—Block. • c—Character. • d—Directory. • l—Symbol connection file. • p—Pipe. • -rw-r--r-- s—socket. The second bit through the tenth bit are divided into three groups. Each group contains three characters, representing the access permission of the owner, group, and other users.

  • Page 146: System

    Nmap: off Hash mark printing: off; Use of PORT cmds: on Table 6 Command output Field Description IP address of the FTP server that is connected to the Connected to 192.168.1.56. FTP client. Verbose: on; Bell: off; Prompting: on; Globbing: off Displays debugging information.

  • Page 147: Verbose

    Parameters : Specifies the username. username : Specifies the password. password Usage guidelines If you tried to access an FTP server but failed to pass the authentication, you can use this command to try again before the connection to the FTP server expires. After you log in to an FTP server, you can initiate an FTP authentication to change to a new account.
  • Page 148 # Enable the device to display detailed information about FTP operations. ftp> verbose Verbose mode on. # Execute the command. ftp> get a.cfg 2.cfg 227 Entering Passive Mode (192,168,1,58,68,14) 150-Accepted data connection 150 The computer is your friend. Trust the computer 226 File successfully transferred 3796 bytes received in 0.00762 seconds (486.5 kbyte/s)

  • Page 149: Tftp Commands

    TFTP commands tftp to download a file from a TFTP server or upload a file to a TFTP server in an IPv4 network. tftp Syntax tftp tftp-server sget source-filename [ destination-filename ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type interface-number | ip source-ip-address } ] * [ -d ] Views User view...
  • Page 150 • : Specifies an IPv4 address. For successful TFTP packet ip source-ip-address transmission, make sure this address is the IPv4 address of an interface in up state on the device. : Enables TFTP client debugging. By default, TFTP client debugging is disabled. Usage guidelines The source address specified with the command takes precedence over the source address...

  • Page 151: Tftp Client Ipv6 Source

    Field Description got option=(parameter) The received packet contained the parameter option. The value of value=(value) the parameter option was value. TFTP_STATE_RX The TFTP service was receiving data. TFTP_STATE_TX The TFTP service was sending data. Received unexpected DATA packet The TFTP service received an unexpected data packet block (%d block %d, expecting block %d bytes long).

  • Page 152: Tftp Client Source

    Examples # Specify the source IPv6 address of 2000::1 for TFTP packets sent to an IPv6 TFTP server. <Sysname> system–view [Sysname] tftp client ipv6 source ipv6 2000::1 Related commands tftp ipv6 tftp client source to specify the source IPv4 address for TFTP packets sent to an IPv4 tftp client source TFTP server.

  • Page 153: Tftp Ipv6

    tftp ipv6 to download a file from a TFTP server or upload a file to a TFTP server in an IPv6 tftp ipv6 network. Syntax tftp ipv6 tftp-server [ -i interface-type interface-number ] { get | put | sget source-filename destination-filename vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type...

  • Page 154: Tftp-Server Acl

    • : Specifies an IPv6 address. For successful TFTP packet ipv6 source-ipv6-address transmission, make sure this address is the IPv6 address of an interface in up state on the device. : Enables TFTP client debugging. By default, TFTP client debugging is disabled. Usage guidelines The source address specified with the command takes precedence over the source...

  • Page 155: Tftp-Server Ipv6 Acl

    Examples # Allow the device to access only TFTP server 1.1.1.1. <Sysname> system-view [Sysname] acl basic 2000 [Sysname-acl-ipv4-basic-2000] rule permit source 1.1.1.1 0 [Sysname-acl-ipv4-basic-2000] quit [Sysname] tftp-server acl 2000 tftp-server ipv6 acl to use an ACL to control the device's access to TFTP servers in an tftp-server ipv6 acl IPv6 network.
  • Page 156 Contents File system management commands ···························································· 1 cd ······························································································································································· 1 copy ···························································································································································· 2 delete ························································································································································· 5 dir ······························································································································································· 6 execute ······················································································································································· 7 fdisk ···························································································································································· 7 file prompt ·················································································································································· 9 fixdisk ······················································································································································· 10 format ······················································································································································· 10 fuser ························································································································································· 11 gunzip ······················································································································································· 12 gzip ···························································································································································...

  • Page 157: File System Management Commands

    File system management commands IMPORTANT: • Before managing storage media, file systems, directories, and files, make sure you know the possible impact. • A file or directory whose name starts with a dot character (.) is a hidden file or directory. To prevent the system from hiding a file or directory, make sure the file or directory name does not start with a dot character.

  • Page 158: Copy

    <Sysname> cd test # Change to the parent directory. <Sysname> cd .. copy to copy a file. copy Syntax copy source-file dest-file dest-directory vpn-instance vpn-instance-name ] [ source interface interface-type interface-number ] Views User view Predefined user roles network-admin Parameters : Specifies the name or URL of the file to be copied.
  • Page 159 Location Name format Remarks The username and password must be the same as the username and password configured on the FTP server. If the server authenticates users only by the Enter the URL in the format of username, you are not required to enter the ftp://FTP On an FTP password.
  • Page 160 <Sysname> copy test.cfg ftp://user:private@1.1.1.1/testbackup.cfg Copy flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg? [Y/N]:y Copying file flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg... Done. # Copy test.cfg from the working directory on TFTP server 1.1.1.1. Save the copy to the local current directory as testbackup.cfg. <Sysname> copy tftp://1.1.1.1/test.cfg testbackup.cfg Copy tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg? [Y/N]:y Copying file tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg...

  • Page 161: Delete

    Copying file http://user:private@[2001::1]/test.cfg to flash:/testbackup.cfg... Done. delete to delete a file. delete Syntax delete [ /unreserved ] file Views User view Predefined user roles network-admin Parameters : Permanently deletes the specified file. If you do not specify this keyword, the /unreserved command moves the file to the recycle bin.

  • Page 162: Dir

    to display files or directories. Syntax dir [ /all ] [ file | directory | /all-filesystems ] Views User view Predefined user roles network-admin Parameters : Displays all files and directories in the current directory, visible or hidden. If you do not specify /all this option, only visible files and directories are displayed.

  • Page 163: Execute

    Field Description File or directory information: • 0—File or directory number, which is automatically allocated by the system. • -rwh—Attributes of the file or directory. The first character is the directory indicator (d for directory and – for file). The second character indicates whether the file or directory is readable (r for readable).
  • Page 164 Views User view Predefined user roles network-admin Parameters : Specifies the name of the storage medium to be partitioned. medium : Specifies the number of partitions, in the range of 1 to 4. If you specify this partition-number argument, the storage medium is divided evenly into the specified number of partitions. To customize the sizes of partitions, do not provide this argument.

  • Page 165: File Prompt

    Partition 1 (32MB~224MB, 256MB. Press CTRL+C to quit or Enter to use all available space): // Press Enter or enter 256. usba: will be divided into the following partition(s): DeviceName Capacity usba0: 256MB All data on usba: will be lost, continue? [Y/N]:y Partitioning usba:...Done.

  • Page 166: Fixdisk

    Views System view Predefined user roles network-admin Parameters : Prompts for confirmation when a destructive file or directory operation is being performed. alert : Gives no confirmation prompt for file or directory operations except the recycle bin emptying quiet operation. Usage guidelines In quiet mode, the system does not prompt for confirmation when a user performs a file or directory operation except the recycle bin emptying operation.

  • Page 167: Fuser

    Views User view Predefined user roles network-admin Parameters : Specifies the name of a file system. filesystem Usage guidelines CAUTION: Formatting a file system permanently deletes all files and directories in the file system. You cannot restore the deleted files or directories. If a startup configuration file exists in the file system, back up the file if necessary.

  • Page 168: Gunzip

    Usage guidelines Execute this command if you fail to execute a command such as fdisk fixdisk, format , or command for a file system, directory, or file. View the umount, rmdir rename delete copy command output to identify whether a process is using the file system, directory, or file. When a user logs in to the CLI of the device, a process named comsh starts to monitor the user's behavior.

  • Page 169: Gzip

    Decompress the file system.bin.gz. <Sysname> gunzip system.bin.gz Decompressing file flash:/system.bin.gz..Done. Verify the decompress operation. <Sysname> dir system.* Directory of flash: 1 -rw- 0 Jan 30 2020 11:42:25 system.bin 1048576 KB total (472844 KB free) gzip to compress a file. gzip Syntax gzip file...

  • Page 170: Md5Sum

    md5sum to use the MD5 algorithm to calculate the digest of a file. md5sum Syntax md5sum file Views User view Predefined user roles network-admin network-operator Parameters : Specifies the name of a file. file Usage guidelines You can use file digests to verify file integrity. To identify whether an uploaded or downloaded file has errors or has been tampered with, use this command to calculate digests for the file before and after the upload or download operation.

  • Page 171: More

    # Create the test/subtest directory in the current directory. <Sysname> mkdir test/subtest Creating directory flash:/test/subtest... Done. more to display the contents of a text file. more Syntax more file Views User view Predefined user roles network-admin Parameters : Specifies the name of a file. file Examples # Display the contents of the test.txt file.

  • Page 172: Move

    Usage guidelines Generally, file systems on a hot-swappable storage medium are automatically mounted when the storage medium is connected to the device. If the system cannot recognize a file system, however, you must mount the file system before you can access it. To avoid file system corruption, do not perform the following tasks while the system is mounting a file system: •...

  • Page 173: Pwd

    to display the working directory. Syntax Views User view Predefined user roles network-admin Examples # Display the working directory. <Sysname> pwd flash: rename to rename a file or directory. rename Syntax rename { source-file | source-directory } { dest-file | dest-directory } Views User view Predefined user roles...

  • Page 174: Rmdir

    Syntax reset recycle-bin [ /force ] Views User view Predefined user roles network-admin Parameters : Deletes all files in the recycle bin without prompting for confirmation. If you do not specify /force this option, the command prompts you to confirm the deletion operation for each file. Usage guidelines CAUTION: The files in a recycle bin can be restored by using the...

  • Page 175: Sha256Sum

    Parameters : Specifies a directory. directory Usage guidelines CAUTION: To delete a directory, you must first delete all files and subdirectories in the directory permanently or move them to the recycle bin. If you move them to the recycle bin, executing the command to rmdir delete the directory will delete them permanently.

  • Page 176: Tar Extract

    Predefined user roles network-admin Parameters : Uses gzip to compress the files and directories before archiving them. If you do not specify this keyword, the command archives the files and directories without compressing them. : Specifies the archive file name. If you specified the keyword, the archive-file dest-file extension of the archive file name must be .tar.gz.
  • Page 177 Parameters : Specifies the archive file name. The extension can be .tar or .tar.gz. archive-file file : Displays the names of the successfully extracted files and directories. verbose : Displays the content of the extracted files and directories on the screen. The extracted files screen are not saved.

  • Page 178: Tar List

    tar list to display the names of archived files and directories. tar list Syntax tar list archive-file file Views User view Predefined user roles network-admin Parameters : Specifies the archive file name. The extension can be .tar or .tar.gz. archive-file file Examples # Display the names of archived files and directories.

  • Page 179: Undelete

    To avoid file system corruption, do not perform the following tasks while the system is unmounting a file system: • Reboot, power cycle, or power off the device. • Install, remove, or access storage media. • Perform a switchover. Examples # Unmount a file system on a USB disk.
  • Page 181 Contents Configuration file management commands ···················································· 1 archive configuration ·································································································································· 1 archive configuration interval ····················································································································· 2 archive configuration location ····················································································································· 3 archive configuration max ·························································································································· 4 archive configuration server ······················································································································· 5 archive configuration server password······································································································· 6 archive configuration server user ··············································································································· 7 backup startup-configuration ······················································································································...

  • Page 182: Configuration File Management Commands

    Configuration file management commands archive configuration to manually archive the running configuration to the configuration archive configuration archive directory. Syntax archive configuration Views User view Predefined user roles network-admin Usage guidelines This command saves the running configuration to the specified configuration archive directory with file names generated from the specified name prefix.

  • Page 183: Archive Configuration Interval

    archive configuration interval to enable automatic running-configuration archiving archive configuration interval and set the archiving interval. to disable automatic running-configuration undo archive configuration interval archiving. Syntax archive configuration interval interval undo archive configuration interval Default The automatic running-configuration archiving feature is disabled. Views System view Predefined user roles...

  • Page 184: Archive Configuration Location

    archive configuration server password archive configuration server user display archive configuration archive configuration location to specify a local directory and file name prefix for archive configuration location archiving the running configuration. undo archive configuration location to restore the default. Syntax archive configuration location directory filename-prefix filename-prefix undo archive configuration location Default...

  • Page 185: Archive Configuration Max

    • Restores the default settings of the archive configuration interval archive commands. configuration max • Clears the configuration archive information displayed by using the display archive command. configuration Examples # Set the configuration archive directory as flash:/archive and the archive file name prefix as my_archive.

  • Page 186: Archive Configuration Server

    configuration archives have been saved before the archive limit is set to four. When saving a new configuration archive, the system first deletes the oldest four (7 – 4 + 1) archives. If you execute the command, the default archive undo archive configuration location limit is restored.

  • Page 187: Archive Configuration Server Password

    : Specifies a file name prefix for configuration archives, a filename-prefix filename-prefix case-insensitive string of 1 to 30 characters. Valid characters are letters, digits, underscores (_), and hyphens (-). Usage guidelines Before archiving the running configuration to a remote SCP server, you must perform the following tasks: •...

  • Page 188: Archive Configuration Server User

    to restore the default. undo archive configuration server password Syntax archive configuration server password { cipher | simple } string undo archive configuration server password Default No password is configured for accessing the SCP server that saves configuration archives. Views System view Predefined user roles network-admin...

  • Page 189: Backup Startup-Configuration

    Parameters : Specifies the username, a case-sensitive string of 1 to 63 characters. user-name Examples # Set the username to admin for accessing the SCP server that saves configuration archives. <Sysname> system-view [Sysname] archive configuration server user admin Related commands archive configuration server archive configuration server password display archive configuration...

  • Page 190: Configuration Commit

    Backing up the main startup configuration file to 2.2.2.2 in VPN VPN1... Done. # Back up the main next-startup configuration file to the IPv6 TFTP server at 2001::2 in the public network, and set the target file name to 192-168-1-26.cfg. <Sysname>...

  • Page 191: Configuration Encrypt

    Views System view Predefined user roles network-admin Parameters : Sets the configuration commit delay interval. The value range is 1 to 65535 minutes. delay-time Usage guidelines The system creates a rollback point to record the configuration status when you execute this command to start the configuration commit delay timer.

  • Page 192: Configuration Replace File

    Predefined user roles network-admin Parameters : Encrypts configuration with a private key. All devices running Comware 9 software private-key use the same private key. : Encrypts configuration with a public key. All devices running Comware 9 software public-key use the same public key. Usage guidelines Configuration encryption enables the device to automatically encrypt a configuration file when saving the running configuration to the file.

  • Page 193: Display Archive Configuration

    • Make sure the replacement configuration file is not encrypted. Examples # Replace the running configuration with the configuration in the my_archive_1.cfg configuration file. <Sysname> system-view [Sysname] configuration replace file my_archive_1.cfg Current configuration will be lost, save current configuration? [Y/N]:n Now replacing the current configuration.

  • Page 194: Display Current-Configuration

    The exclamation mark (!) indicates that the remote archiving attempt failed. The pound sign (#) indicates the most recent archive file. Table 1 Command output Field Description Username for accessing the SCP server that saves Username configuration archives. Absolute path of the directory for saving running-configuration Location archives.

  • Page 195: Display Current-Configuration Diff

    : Excludes preprovisioned settings from the running configuration. exclude-provision : Displays interface configuration, interface [ interface-type [ interface-number ] ] where argument represents interface type interface-type argument represents the interface number. If you do not specify the interface-number arguments, the command displays the running interface-type interface-number configuration for all interfaces.
  • Page 196 Syntax display current-configuration diff Views Any view Predefined user roles network-admin network-operator Usage guidelines This command searches for the next-startup configuration in the following order: The .cfg main next-startup configuration file. The .cfg backup next-startup configuration file if the .cfg main next-startup configuration file is unavailable.

  • Page 197: Display Default-Configuration

    Field Description Displays command differences. • cmd1 and cmd4—Command lines are contained in both source and target configurations if they are not prefixed with a minus (-) or plus (+) sign. They provide a context for locating command line differences. cmd1 •...
  • Page 198 display diff current-configuration configfile file-name-d startup-configuration } display diff startup-configuration configfile file-name-d current-configuration } Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the source configuration file for comparison. configfile file-name-s : Specifies the target configuration file for comparison. configfile file-name-d : Specifies the running configuration.

  • Page 199: Display Saved-Configuration

    +++ Startup configuration @@ -5,7 +5,7 @@ sysname Sysname -alias dhc display history-command +alias dh display hotkey <Sysname> The output shows that the command is contained only alias dhc display history-command in the running configuration, and the command is contained only in alias dh display hotkey the next-startup configuration.

  • Page 200: Display Startup

    sysname Sysname ftp server enable telnet server enable domain default enable system vlan 1 domain system ---- More ---- Related commands reset saved-configuration save display startup to display the names of all startup configuration files, including the file that display startup the device started up with and the files for next startup.

  • Page 201: Display This

    display this to display the running configuration in the current view. display this Syntax display this [ all ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays all settings in the running configuration in the current view, including the default settings.

  • Page 202: Restore Startup-Configuration

    Parameters : Specifies the backup next-startup configuration file. backup : Specifies the main next-startup configuration file. main Usage guidelines CAUTION: By default, this command permanently deletes the specified next-startup configuration file from all IRF member devices. To delete the configuration file only from the master device, disable automatic system-wide next-startup configuration file operations.

  • Page 203: Save

    : Specifies the name of the configuration file to be downloaded. The file must be src-filename a .cfg file. The file name is a case-insensitive string of up to 255 characters. : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.
  • Page 204 Parameters : Specifies a file path, a string of up to 255 characters. The file must be a .cfg file. If you file-url specify the keyword or the option, the file path cannot include a member slot slot-number ID. If the file path includes a folder name, the folder must already exist on the specified IRF member devices.
  • Page 205 By default, the command save [ safely ] [ backup | main ] [ force ] [changed ] saves the configuration to all IRF member devices. To save the configuration only to the master device, disable automatic system-wide next-startup configuration file operations. For more information about disabling these operations, see Fundamentals Configuration Guide.

  • Page 206: Startup Saved-Configuration

    (To leave the existing filename unchanged, press the enter key):test.cfg Validating file. Please wait.... Saving docker files need some time. Do you want to save docker files in this process? [Y/N]:y Saving docker files.... Done. Saved the current configuration to mainboard device successfully. Related commands display current-configuration display saved-configuration...
  • Page 207 You can also specify a configuration file as a next startup file when you use the command to save save the running configuration. Examples # Specify the main next-startup configuration file. <Sysname> startup saved-configuration testcfg.cfg Please wait ..Done. Related commands display startup...
  • Page 208 Contents Software upgrade commands ········································································ 1 boot-loader file ··········································································································································· 1 bootrom update ·········································································································································· 2 bootrom-update security-check enable ······································································································ 3 display boot-loader ····································································································································· 4 display install active ··································································································································· 4 display install backup ································································································································· 6 display install committed ···························································································································· 7 display install inactive ································································································································· 9 display install ipe-info ·······························································································································...

  • Page 209: Software Upgrade Commands

    Software upgrade commands As a best practice, store the startup images in a fixed storage medium. If you store the startup images in a hot swappable storage medium, do not remove the hot swappable storage medium during the startup process. boot-loader file to specify startup image files.

  • Page 210: Bootrom Update

    # Specify flash:/all.ipe as the main startup image file for slot 1. <Sysname> boot-loader file flash:/all.ipe slot 1 main Verifying the file flash:/all.ipe on slot 1....Done. H3C S6550X-32H-HI images in IPE: boot.bin system.bin This command will set the main startup software images. Continue? [Y/N]:Y Add images to slot 1.

  • Page 211: Bootrom-Update Security-Check Enable

    form of . The end slot number must be equal to or start-slot-number to end-slot-number greater than the start slot number. Usage guidelines BootWare images are contained in the .bin Comware boot image file. You can specify a Comware boot image file in this command to upgrade the BootWares in the system before you upgrade the Comware images.

  • Page 212: Display Boot-Loader

    display boot-loader to display current software images and startup software images. display boot-loader Syntax display boot-loader [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Examples # Display the current software images and startup software images.
  • Page 213 # Display detailed information about active software images. <Sysname> display install active verbose Active packages on slot 1: flash:/boot.bin [Package] Vendor: H3C Product: S6550X Service name: boot Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu [Component]...

  • Page 214: Display Install Backup

    Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu [Component] Component: test Description: test package Table 2 Command output Field Description [Package] Detailed information about the software image. Image type: • boot—Boot image. • boot-patch—Boot image patch. Service name •...

  • Page 215: Display Install Committed

    # Display detailed information about backup software images. <Sysname> display install backup verbose Backup startup software images on slot 1: flash:/boot.bin [Package] Vendor: H3C Product: S6550X Service name: boot Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu...
  • Page 216 # Display detailed information about main startup software images. <Sysname> display install committed verbose Committed packages on slot 1: flash:/boot.bin [Package] Vendor: H3C Product: S6550X Service name: boot Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu [Component]...

  • Page 217: Display Install Inactive

    Supported board: mpu [Component] Component: system Description: system package flash:/feature1.bin [Package] Vendor: H3C Product: S6550X Service name: feature1 Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu [Component] Component: feature1 Description: feature1 package For information about the command output, see...

  • Page 218: Display Install Ipe-Info

    Fundamentals Configuration Guide. Examples # Display information about .ipe file flash:/test.ipe. <Sysname> display install ipe-info flash:/test.ipe Verifying the file flash:/test.ipe on slot 1....Done. H3C S6550X-32H-HI images in IPE: boot.bin system.bin Related commands display install package...

  • Page 219: Display Install Package

    Examples # Display information about system.bin. <Sysname> display install package flash:/system.bin flash:/system.bin [Package] Vendor: H3C Product: S6550X Service name: system Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu # Display detailed information about system.bin.

  • Page 220: Display Install Rollback

    <Sysname> display install package flash:/system.bin verbose flash:/system.bin [Package] Vendor: H3C Product: S6550X Service name: system Platform version: 7.1.070 Product version: Test 0001015 Supported board: mpu [Component] Component: system Description: system package For information about the command output, see Table display install rollback to display rollback point information.

  • Page 221: Display Install Which

    # Display the software image file that includes pkg_ctr. <Sysname> display install which file pkg_ctr Verifying the file flash:/system-t0001015.bin on slot 1......Done. Found pkg_ctr in flash:/system-t0001015.bin on slot 1. flash:/system-t0001015.bin [Package] Vendor: H3C Product: S6550X Service name: system Platform version: 7.1.070 Product version: Test 0001015 Supported board: cen Verifying the file flash:/boot-d2601007.bin on slot 1..Done.

  • Page 222: Display Version

    <Sysname> display version H3C Comware Software, Version 9.1.043, ESS 1108 Copyright (c) 2004-2022 New H3C Technologies Co., Ltd. All rights reserved. H3C S6550X-32H-HI uptime is 0 weeks, 0 days, 11 hours, 10 minutes Last reboot reason : Cold reboot Boot image: flash:/s6550x-cmw910-boot-e1108.bin Boot image version: 9.1.043, ESS 1108...

  • Page 223: Display Version-Update-Record

    Field Description • Auto Update reboot—The reboot was caused by an automatic software upgrade. • Memory exhaust reboot—The reboot was caused by a memory-exhausted event. • Recover GOLD-detected error—The reboot was caused by a failed GOLD test. • Critical process abnormality reboot—The reboot was caused by core process abnormality.

  • Page 224: Install Abort

    install abort to abort an ongoing activate or deactivate operation. install abort Syntax install abort [ job-id ] Views User view Predefined user roles network-admin Parameters : Specifies the job ID of an ISSU operation. If you do not specify this argument, the job-id command aborts all ongoing software image activate and deactivate operations.
  • Page 225 the value string can have a maximum of 63 characters. For more information about specifying a file, see file system management in Fundamentals Configuration Guide. : This keyword is insignificant. slot slot-number : Specifies the slot number of the device, which is fixed at 1. : Only identifies the ISSU method to be used for the upgrade.

  • Page 226: Install Add

    Table 6 Command output Field Description Verifying the file The system was verifying the validity of the file. Upgrade summary according Upgrade summary. to following table Running Version Version number of the running software. New Version Version number of the new software. ISSU methods: •...

  • Page 227: Install Commit

    To identify software images that are included in an .ipe file, use the display install ipe-info command. Examples # Decompress all.ipe to the flash memory. <Sysname> install add flash:/all.ipe flash: Verifying the file flash:/all.ipe on slot 1...Done. Decompressing file boot.bin to flash:/boot.bin.......Done. Decompressing file system.bin to flash:/system.bin.........Done.

  • Page 228: Install Deactivate

    Related commands install activate install deactivate install rollback install deactivate to deactivate feature or patch images. install deactivate Syntax install deactivate feature filename&<1-30> slot slot-number install deactivate patch filename { all | slot slot-number } Views User view Predefined user roles network-admin Parameters feature...

  • Page 229: Install Rollback To

    Syntax install remove [ slot slot-number ] { filename | inactive } Views User view Predefined user roles network-admin Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Specifies a .bin file in the filesystemname/filename.bin format. The value string can filename have a maximum of 63 characters.

  • Page 230: Install Verify

    For a rollback to take effect after a reboot, you must perform a commit operation to update the main startup software image list. After a commit operation is performed, you cannot perform a rollback. Patch images do not support rollback. Examples # Roll back the software to rollback point 1.

  • Page 231: Reset Version-Update-Record

    Predefined user roles network-admin Usage guidelines To ensure a successful ISSU and make sure that the system can start up and operate correctly after an ISSU, execute this command to verify the following items: • Integrity—Verify that the boot, system, and feature images are integral. •...
  • Page 232 Views System view Predefined user roles network-admin Examples # Clear the startup software image upgrade records. <Sysname> system-view [Sysname] reset version-update-record This command will delete all records of version update. Continue? [Y/N]:y Related commands display version-update-record...
  • Page 233 Contents Target configuration management commands ··············································· 1 commit ························································································································································ 1 configuration commit max-number ············································································································· 2 configuration replace ·································································································································· 2 display configuration commit diff ················································································································ 3 display configuration commit list ················································································································ 5 display configuration sessions ··················································································································· 6 display target-configuration ························································································································ 6 refresh target-configuration ························································································································...

  • Page 234: Target Configuration Management Commands

    Target configuration management commands commit to commit the target configuration command lines. commit Syntax commit [ best-effort ] [ force ] [ label labelname ] [ save-running filename ] [ confirmed [ seconds ] | [ minutes minutes ] ] [ show-error ] [ clear-error ] [ description text ] Views Private-mode system view and its lower-level views...

  • Page 235: Configuration Commit Max-Number

    : Specifies a description for the rollback point, a case-sensitive string of 1 to 60 description text characters. Usage guidelines As a best practice, do not execute this command frequently. The system creates a configuration rollback point after each successful commit operation. Executing this command frequently increases device load and might cause commit failures.

  • Page 236: Display Configuration Commit Diff

    Views System view Predefined user roles network-admin Parameters : Specifies a rollback point by its number counting from the most recent rollback point. last number : Specifies a rollback point by its commit ID. The value range for the commit-id commit-id argument depends on the number of existing rollback points.
  • Page 237 : Displays the configuration differences between a rollback point and the running last number configuration. The argument specifies a rollback point by its number counting from the most number recent rollback point. : Displays the configuration differences between a rollback point and the since commit-id running configuration.

  • Page 238: Display Configuration Commit List

    display configuration commit list to display rollback point information. display configuration commit list Syntax display configuration commit list [ number | label ] [ verbose ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays the most recent rollback points. The argument represents the number of number number...

  • Page 239: Display Configuration Sessions

    display configuration sessions to display device configuration sessions, such as CLI, display configuration sessions NETCONF, and SNMP sessions. Syntax display configuration sessions Views Any view Predefined user roles network-admin network-operator Examples # Display device configuration sessions. <Sysname> display configuration sessions Type Line User...
  • Page 240 Syntax display target-configuration [ diff | failure [ brief ] | merge | success ] Views Private-mode system view and its lower-level views Exclusive-mode system view and its lower-level views Predefined user roles network-admin network-operator Parameters : Display differences between the target configuration and the running configuration. diff : Displays the configuration command lines that failed to be committed and the causes.

  • Page 241: Refresh Target-Configuration

    - sysname Sysname + sysname Device local-user userA class manage Table 4 Command output Field Description • -linenumber1,number1—Start command line in the running configuration to display and the number of the command lines displayed. -linenumber1,number1 • +linenumber2,number2 +linenumber2,number2—End command line in the target configuration to display and the number of the command lines displayed.

  • Page 242: Reset Configuration Commit

    Usage guidelines Configuration commit fails if the running configuration has changed and the changes in the running configuration conflict with the target configuration. Use this command to refresh uncommented target configuration to filter out command lines in target configuration that conflict with the running configuration. Examples # Refresh uncommitted target configuration.
  • Page 243 Predefined user roles network-admin network-operator Parameters : Clears a specific target configuration command line. If you do not specify this keyword, command the command clears all target configuration command lines. : Specifies a target configuration command line, a case-insensitive string. The entire length of text this command can have a maximum of 512 characters.
  • Page 244 H3C S6550X-HI Switch Series System Management Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1116 and later Document version: 6W100-20221110...
  • Page 245 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 246 Preface This command reference describes the system management configuration commands. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 247 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 248 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
  • Page 249 Contents Basic device management commands ·························································· 1 clock datetime ············································································································································ 1 clock protocol ············································································································································· 2 clock summer-time ····································································································································· 2 clock timezone ··········································································································································· 4 command ··················································································································································· 5 copyright-info enable ·································································································································· 6 display clock ··············································································································································· 6 display copyright ········································································································································ 7 display scheduler job ·································································································································· 7 display scheduler logfile ·····························································································································...

  • Page 250: Basic Device Management Commands

    Basic device management commands clock datetime to set the system time. clock datetime Syntax clock datetime time date Default The system time is the factory-default time. Views User view Predefined user roles network-admin Parameters time : Specifies a time in the hh:mm:ss format. The value range for hh is 0 to 23. The value range for mm is 0 to 59.

  • Page 251: Clock Protocol

    clock protocol to specify the system time source. clock protocol to restore the default. undo clock protocol Syntax clock protocol { none | ntp | ptp } undo clock protocol Default The device obtains the UTC time from an NTP time source. Views System view Predefined user roles...
  • Page 252 Syntax clock summer-time name start-time start-date end-time end-date add-time undo clock summer-time Default The daylight saving time is not set. Views System view Predefined user roles network-admin Parameters : Specifies a name for the daylight saving time schedule, a case-sensitive string of 1 to 32 name characters.

  • Page 253: Clock Timezone

    After you set the daylight saving time, the device recalculates the system time. To view the system time, use the command. display clock Make sure all devices on the network are using the same daylight saving time as the local time. Examples # Set the system time ahead 1 hour for the period between 06:00:00 on 08/01 and 06:00:00 on 09/01.

  • Page 254: Command

    Examples # Set the name of the time zone to Z5, and add 5 hours to the UTC time. <Sysname> system-view [Sysname] clock timezone Z5 add 5 Related commands clock datetime clock summer-time display clock command to assign a command to a job. command to revoke a command.

  • Page 255: Copyright-Info Enable

    The device will display the following statement when a user logs in: ****************************************************************************** * Copyright (c) 2004-2022 New H3C Technologies Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed.

  • Page 256: Display Copyright

    Predefined user roles network-admin network-operator Examples # Display the system time and date when the time zone is not specified. <Sysname> display clock 10:09:00 UTC Fri 03/16/2019 # Display the system time and date when the time zone Z5 is specified. <Sysname>...

  • Page 257: Display Scheduler Logfile

    Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a job by its name, a case-sensitive string of 1 to 47 characters. If you do not job-name specify a job, this command displays configuration information for all jobs. Examples # Display configuration information for all jobs.

  • Page 258: Display Scheduler Reboot

    [Sysname]interface rang twenty-fivegige 1/0/1 to twenty-fivegige 1/0/3 [Sysname-if-range]shutdown Table 1 Command output Field Description Logfile Size Size of the log file, in bytes. Schedule name Schedule to which the job belongs. Execution time Time when the job was started. Time when the job was completed. If the job has never been executed or the job does Completion time not have any commands, this field is blank.

  • Page 259: Display System Stable State

    network-operator Parameters : Specifies a schedule by its name, a case-sensitive string of 1 to 47 characters. If schedule-name you do not specify a schedule, this command displays information about all schedules. Examples # Display information about all schedules. <Sysname> display scheduler schedule Schedule name : shutdown Schedule type...
  • Page 260 Views Any view Predefined user roles network-admin network-operator Parameters Usage guidelines The device startup process takes some time. If the values of the status fields do not change to Stable, execute this command multiple times to identify the devices that are not in Stable state. You can also use other commands to identify the faulty components.

  • Page 261: Header

    Field Description The object is not operating stably. Related commands display device header to configure a banner. header to delete a banner. undo header Syntax header { legal | login | motd | shell } text undo header { legal | login | motd | shell } Default The device does not have banners.

  • Page 262: Reboot

    undo job job-name Default No job is assigned to a schedule. Views Schedule view Predefined user roles network-admin Parameters : Specifies the job name, a case-sensitive string of 1 to 47 characters. job-name Usage guidelines You can assign multiple jobs to a schedule. The jobs in a schedule are executed concurrently. The jobs to be assigned to a schedule must already exist.

  • Page 263: Reset Scheduler Logfile

    Usage guidelines CAUTION: • A reboot might interrupt network services. • Use the keyword only when the device fails or a command without the force reboot force keyword cannot perform a reboot correctly. A command with the keyword might reboot force result in file system corruption because it does not perform data protection.

  • Page 264: Restore Factory-Default

    Related commands display scheduler logfile restore factory-default to restore the factory-default configuration for the device. restore factory-default Syntax restore factory-default Views User view Predefined user roles network-admin Usage guidelines CAUTION: This command will restore the factory defaults for the device. Make sure you understand its impact on the live network before executing the command.

  • Page 265: Scheduler Logfile Size

    Predefined user roles network-admin Parameters : Specifies the job name, a case-sensitive string of 1 to 47 characters. job-name Usage guidelines A job can be referenced by multiple schedules. In job view, you can assign commands to the job. Examples # Create a job named backupconfig and enter job view.

  • Page 266: Scheduler Reboot At

    scheduler reboot at to specify the reboot date and time. scheduler reboot at to delete the reboot schedule configuration. undo scheduler reboot Syntax scheduler reboot at time [ date ] undo scheduler reboot Default No reboot date or time is specified. Views User view Predefined user roles...

  • Page 267: Scheduler Schedule

    to delete the reboot schedule configuration. undo scheduler reboot Syntax scheduler reboot delay time undo scheduler reboot Default No reboot delay time is specified. Views User view Predefined user roles network-admin Parameters : Specifies the reboot delay time in the hh:mm or mm format. This argument can contain up to time six characters.

  • Page 268: Sysname

    Syntax sysname sysname undo sysname Default The device name is H3C. Views System view Predefined user roles network-admin Parameters : Specifies a name for the device, a string of 1 to 64 characters.

  • Page 269: Time At

    Usage guidelines A device name identifies a device in a network and is used in CLI view prompts. For example, if the device name is Sysname, the user view prompt is <Sysname>. Examples # Set the name of the device to MyDevice. <Sysname>...

  • Page 270: Time Once

    time once to specify one or more execution days and the execution time for a non-periodic time once schedule. to delete the execution day and time configuration for a non-periodic schedule. undo time Syntax time once at time [ month-date month-day | week-day week-day&<1-7> ] time once delay time undo time Default...

  • Page 271: Time Repeating

    <Sysname> system-view [Sysname] scheduler schedule saveconfig [Sysname-schedule-saveconfig] time once at 15:00 month-date 15 # Configure the device to execute schedule saveconfig at 12:00 p.m. on the coming Monday and Friday. <Sysname> system-view [Sysname] scheduler schedule saveconfig [Sysname-schedule-saveconfig] time once at 12:00 week-day mon fri # Configure the device to execute schedule saveconfig after 10 minutes.

  • Page 272: User-Role

    : Specifies a day in a month, in the range 1 to 31. The month-date [ month-day | last ] last keyword indicates the last day of a month. If you specify a day that does not exist in a month, the configuration takes effect on that day in the next month.
  • Page 273 Syntax user-role role-name undo user-role role-name Default A schedule has the user roles of the schedule creator. Views Schedule view Predefined user roles network-admin Parameters : Specifies a user role name, a case-sensitive string of 1 to 63 characters. The user role role-name can be user-defined or predefined.
  • Page 274 Contents Device hardening commands ········································································ 1 password-recovery enable ························································································································· 1...
  • Page 275 Device hardening commands password-recovery enable to enable password recovery capability. password-recovery enable to disable password recovery capability. undo password-recovery enable Syntax password-recovery enable undo password-recovery enable Default Password recovery capability is enabled. Views System view Predefined user roles network-admin Usage guidelines Password recovery capability controls console user access to the device configuration and SDRAM from BootWare menus.
  • Page 276 Contents Hardware resource management commands ················································ 1 display cpu-usage ······································································································································ 1 display cpu-usage configuration················································································································· 2 display cpu-usage history ··························································································································· 2 display device ············································································································································· 4 display device manuinfo ····························································································································· 5 display device manuinfo fan ······················································································································· 5 display device manuinfo power ·················································································································· 6 display environment ···································································································································...

  • Page 277: Hardware Resource Management Commands

    Hardware resource management commands display cpu-usage to display the current CPU usage statistics. display cpu-usage Syntax display cpu-usage [ control-plane ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays CPU usage statistics for the control plane. control-plane : Displays CPU usage statistics in table form.

  • Page 278: Display Cpu-Usage Configuration

    Field Description statistics collection feature is not supported, two hyphens (--) are Last 5 min displayed. display cpu-usage configuration to display CPU usage monitoring settings. display cpu-usage configuration Syntax display cpu-usage configuration Views Any view Predefined user roles network-admin Parameters Examples # Display the CPU usage monitoring settings.
  • Page 279 network-operator Parameters : Specifies a process by its ID. The value range for is 1 to 2147483647. If you job job-id job-id do not specify a process, this command displays the statistics for the entire system's CPU usage (the total CPU usage of all processes). To view the IDs and names of the running processes, use the command.

  • Page 280: Display Device

    • Historical CPU usage statistics for the entire system during the last 60 minutes. 12 minutes ago—Approximately 5%.  13 minutes ago—Approximately 10%.  14 minutes ago—Approximately 15%.  15 minutes ago—Approximately 10%.  16 and 17 minutes ago—Approximately 5%. ...

  • Page 281: Display Device Manuinfo

    Table 3 Command output Field Description Type Device type. Device role. The value is Master. State Soft Ver Software version of the device. Most recently released patch image version that is running on the device. If no patch image is installed, this field displays None. If both incremental and non-incremental patch images are running on the device, this Patch Ver field displays the most recently released incremental patch image version.

  • Page 282: Display Device Manuinfo Power

    Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Specifies a fan tray by its ID. fan-id Examples # Display electronic label information for a fan tray. <Sysname>...

  • Page 283: Display Fan

    Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Examples # Display information about all temperature sensors on the device. <Sysname> display environment System temperature information (degree centigrade): ---------------------------------------------------------------------- Slot Sensor Temperature Lower Warning Alarm Shutdown...

  • Page 284: Display Hardware-Mode Status

    Views Any view Predefined user roles network-admin network-operator Examples # Specify the hardware resource mode for MAC address entries, ARP/ND entries, and routing entries. <H3C> display hardware-mode status mode | Route-v4 | Route-v6 | MAC | ARP | ND...

  • Page 285: Display Memory

    mode in use: 0 NORMAL 216K 108K 128K mode for next reboot: 1 ROUTE 504K 252K Table 6 Command output Field Description Current hardware resource mode for MAC address entries, ARP/ND entries, and mode in use routing entries. mode for next Hardware resource mode for MAC address entries, ARP/ND entries, and routing reboot entries after the device reboots.
  • Page 286 Total Used Free Shared Buffers Cached FreeRatio Mem: 8081628 3222792 4858836 5360 2002404 60.4% -/+ Buffers/Cache: 1215028 6866600 Swap: Container memory statistics are measured in KB: Slot 1: Total Used Free UsageRatio Mem: 8081628 1173472 4858836 14.5% # Display brief memory usage information. <Sysname>...

  • Page 287: Display Memory-Threshold

    display memory-threshold to display memory alarm thresholds and statistics. display memory-threshold Syntax display memory-threshold Views Any view Predefined user roles network-admin network-operator Parameters Usage guidelines For more information about memory usage notifications, see log information containing MEM_EXCEED_THRESHOLD or MEM_BELOW_THRESHOLD. Examples # Display memory alarm thresholds and statistics.

  • Page 288: Display Power

    Latest notification at: 0.0 Total number of notifications sent: 0 [Enter critical low-memory state] First notification at: 0.0 Latest notification at: 0.0 Total number of notifications sent: 0 display power to display power module information. display power Syntax display power [ slot slot-number [ power-id ] ] Views Any view Predefined user roles...

  • Page 289: Display Resource-Monitor

    Field Description If this field is not supported, two hyphens (--) are displayed. display resource-monitor display resource-monitor to display resource monitoring information. Syntax display resource-monitor [ resource resource-name ] [ slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin network-operator...

  • Page 290: Display Transceiver Alarm

    Related commands resource-monitor minor resend enable resource-monitor resource display transceiver alarm to display transceiver alarms. display transceiver alarm Syntax display transceiver alarm interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface by its type and interface [ interface-type interface-number ] number.

  • Page 291: Display Transceiver Diagnosis

    Table 11 Command output Field Description transceiver current alarm information Alarms present on the transceiver module. RX loss of signal Received signals are lost. RX power low Received power is low. display transceiver diagnosis to display the current values of the digital diagnosis display transceiver diagnosis parameters on transceiver modules.

  • Page 292: Display Transceiver Interface

    Connector type : MPO Wavelength (nm) : 850 Transfer distance (m) : 70(OM3),100(OM4) Digital diagnostic monitoring : Yes Vendor name : H3C Ordering Name : QSFP-100G-SR4-MM850 Part Number : AFBR-89CDDZ-H3C Serial Number : AF1709GH03A Table 13 Command output Field Description Transceiver Type Model of the transceiver module.

  • Page 293: Display Transceiver Manuinfo

    Field Description Connector type of the transceiver module: • Optical connectors, including SC connector developed by NTT, and Connector Type 1.25mm/RJ45 LC connector developed by Lucent. • Other connectors, including RJ-45 and CX4. For the transceiver module, this field displays central wavelength of the laser sent, in nm.

  • Page 294: Hardware-Mode

    Twenty-FiveGigE1/0/1 transceiver manufacture information: Manu. Serial Number : 213410A0000054000251 Manufacturing Date : 2019-09-01 Vendor Name : H3C Table 14 Command output Field Description Manu. Serial Number Serial number generated during debugging and testing. Debugging and testing date. The date takes the value of the system clock of the Manufacturing Date computer when debugging and testing is performed.

  • Page 295: Memory-Threshold

    Related commands display hardware-mode status memory-threshold to set free-memory thresholds. memory-threshold to restore the default. undo memory-threshold Syntax memory-threshold [ ratio ] minor minor-value severe severe-value critical critical-value normal normal-value undo memory-threshold Default Minor alarm threshold: 256 MB. Severe alarm threshold: 192 MB. Critical alarm threshold: 128 MB.

  • Page 296: Memory-Threshold Usage

    For more information about the thresholds, see Fundamentals Configuration Guide. Examples # Set the minor alarm, severe alarm, critical alarm, and normal state thresholds to 64 MB, 48 MB, 32 MB, and 96 MB, respectively. <Sysname> system-view [Sysname] memory-threshold minor 64 severe 48 critical 32 normal 96 # Set the minor alarm, severe alarm, critical alarm, and normal state thresholds to 3%, 2%, 1%, and 5% of the total memory size, respectively.

  • Page 297: Monitor Cpu-Usage Interval

    to disable CPU usage tracking. undo monitor cpu-usage enable Syntax monitor cpu-usage enable undo monitor cpu-usage enable Default CPU usage tracking is enabled. Views System view Predefined user roles network-admin Parameters Usage guidelines After you enable CPU usage tracking, the system samples and saves CPU usage at the interval specified by the command.

  • Page 298: Monitor Cpu-Usage Threshold

    Usage guidelines After CPU usage monitoring is enabled, the system samples and saves CPU usage at the specified interval. You can use the command to view recent CPU usage. display cpu-usage history Examples # Set the sampling interval for CPU usage monitoring to 5 seconds. <Sysname>...

  • Page 299: Monitor Resend Cpu-Usage

    Related commands display cpu-usage configuration monitor resend cpu-usage to set CPU usage alarm resending intervals. monitor resend cpu-usage to restore the default. undo monitor resend cpu-usage Syntax monitor resend cpu-usage minor-interval minor-interval severe-interval severe-interval } * undo monitor resend cpu-usage [ minor-interval | severe-interval ] Default The minor CPU usage alarm resending interval is 300 seconds.

  • Page 300: Resource-Monitor Output

    Syntax resource-monitor minor resend enable undo resource-monitor minor resend enable Default Resending of minor resource depletion alarms is enabled. Views System view Predefined user roles network-admin Usage guidelines When a resource type enters minor alarm state, the device issues a minor alarm. If the resource type stays in minor alarm state or changes from severe alarm state to minor alarm state, the device identifies whether resending of minor resource depletion alarms is enabled.

  • Page 301: Resource-Monitor Resource

    Parameters : Sends resource depletion alarms to the NETCONF feature to encapsulate the netconf-event alarms in NETCONF events. For more information, see NETCONF in Network Management and Monitoring Configuration Guide. : Sends resource depletion alarms to the SNMP feature to encapsulate the snmp-notification alarms in SNMP traps and informs.

  • Page 302: Shutdown-Interval

    Resource type Description ecmpgroup ECMP group hardware resources. ipv4host IPv4 host route resources. ipv4route IPv4 route entry resources. ipv6host IPv6 host route resources. ipv6route IPv6 route entry resources. ND hardware resources. : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Specifies a CPU by its number.

  • Page 303: Temperature-Limit

    Default The port status detection timer setting is 30 seconds. Views System view Predefined user roles network-admin Parameters : Specifies the port status detection timer value in seconds. The value range is 0 to 300. interval The vlaue of 0 inidcates that port status detection is not automatically performed, and you need to execute the command to restore the port status manually.
  • Page 304 Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Configures temperature alarm thresholds for hotspot sensors. A hotspot sensor is hotspot typically near the chip that generates a great amount of heat and used to monitor the chip. : Specifies a sensor by its number.
  • Page 305 Contents EAA commands ····························································································· 1 action cli ····················································································································································· 1 action reboot ·············································································································································· 2 action switchover ········································································································································ 2 action syslog ·············································································································································· 3 commit ························································································································································ 4 display rtm environment ····························································································································· 5 display rtm policy ········································································································································ 5 event cli ······················································································································································ 7 event hotplug ·············································································································································· 8 event interface ············································································································································...

  • Page 306: Eaa Commands

    EAA commands action cli to add a CLI action to a monitor policy. action cli to remove an action. undo action Syntax action number cli command-line undo action number Default A monitor policy does not contain any actions. Views CLI-defined policy view Predefined user roles network-admin Parameters...

  • Page 307: Action Reboot

    [Sysname-rtm-test] action 3 cli shutdown action reboot to add a reboot action to a monitor policy. action reboot to remove an action. undo action Syntax action number reboot [ slot slot-number [ subslot subslot-number ] ] undo action number Default A monitor policy does not contain any actions.

  • Page 308: Action Syslog

    undo action number Default A monitor policy does not contain any actions. Views CLI-defined policy view Predefined user roles network-admin Parameters : Specifies an action ID in the range of 0 to 231. number Usage guidelines You can configure a series of actions to be executed in response to the event specified in a monitor policy.

  • Page 309: Commit

    : Specifies a logging facility by its facility number in the range of local0 facility local-number to local7. Facility numbers are used by a log host to identify log creation facilities for filtering log messages. : Configures the log message body. msg msg-body Usage guidelines EAA sends log messages to the information center.

  • Page 310: Display Rtm Environment

    display rtm environment to display user-defined EAA environment variables and their display rtm environment values. Syntax display rtm environment [ var-name ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a user-defined EAA environment variable by its name, a case-sensitive string var-name of 1 to 63 characters.
  • Page 311 Parameters : Specifies policies that are executing the actions. active : Specifies policies that have been created. registered : Displays detailed information about monitor policies. verbose : Specifies a policy by its name, a case-sensitive string of 1 to 63 characters. If you policy-name do not specify a policy, the command displays information about all monitor policies.

  • Page 312: Event Cli

    <Sysname> display rtm policy registered verbose Total number: 1 Policy Name: test Policy Type: CLI Event Type: TimeRegistered: Aug 29 14:54:50 2019 User-role: network-operator network-admin Table 4 Command output Field Description Total number Total number of the monitor polices. PolicyName Name of the monitor policy.

  • Page 313: Event Hotplug

    : Specifies the CLI operation to monitor: mode { execute | help | tab } • : Triggers the policy when a matching command is entered. execute • : Triggers the policy when a question mark (?) is entered at a matching command line. help •...

  • Page 314: Event Interface

    Predefined user roles network-admin Parameters : Specifies the card insert event. insert : Specifies the card remove event. remove : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines You can configure only one event entry for a monitor policy. If the monitor policy already contains an event entry, the new event entry replaces the old event entry.
  • Page 315 : Specifies the operator for comparing the monitored traffic statistic with the start-op start-op start threshold. The start threshold is crossed if the comparison result meets the condition. For keywords available for the argument, see Table start-op : Specifies the start threshold to be compared with the monitored traffic start-val start-val statistic.

  • Page 316: Event Process

    EAA executes an interface event policy when the monitored interface traffic statistic crosses the start threshold in the following situations: • The statistic crosses the start threshold for the first time. • The statistic crosses the start threshold each time after it crosses the restart threshold. The following is the interface event monitor process of EAA: Compares the traffic statistic sample with the start threshold at sampling intervals until the start threshold is crossed.

  • Page 317: Event Snmp Oid

    Predefined user roles network-admin Parameters : Monitors the specified process for exceptional events. EAA executes the policy when exception an exception occurs to the monitored process. : Monitors the specified process for restart events. EAA executes the policy when the restart monitored process restarts.
  • Page 318 Parameters : Specifies the OID of the monitored MIB variable, a string of 1 to 256 characters. oid oid : Specifies the SNMP operation used for sampling variable values. monitor-obj { get | next } keyword represents the SNMP get operation, and the keyword represents the SNMP next getNext operation.

  • Page 319: Event Snmp-Notification

    <Sysname> system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] event snmp oid 1.3.6.4.9.9.42.1.2.1.6.4 monitor-obj get start-op eq start-val 1 restart-op eq restart-val 2 interval 5 event snmp-notification to configure an SNMP-Notification event for a CLI-defined event snmp-notification policy. to remove the event in a CLI-defined policy. undo event Syntax event snmp-notification oid oid oid-val oid-val op op [ drop ]...

  • Page 320: Event Syslog

    [Sysname-rtm-test] event snmp-notification oid 1.3.6.1.4.1.25506.2.2.1.1.2.1.0 oid-val admin op eq drop event syslog to configure a Syslog event for a CLI-defined monitor policy. event syslog to delete the event in a CLI-defined monitor policy. undo event Syntax event syslog priority { priority | all } msg msg occurs times period period undo event Default No Syslog event is configured.
  • Page 321 Characters Meaning Examples "u$" matches all lines ending with "u". A line Matches the end of a line. ending with "uA" is not matched. . (period) Matches any single character. ".s" matches "as" and "bs". Matches the preceding character or "zo "...

  • Page 322: Event Track

    Characters Meaning Examples Matches a word that starts with the "er\b" matches "never", but not "verb" or "erase". pattern following \b or ends with the "\ber" matches "erase", but not "verb" or "never". pattern preceding \b. Matches a word that contains the pattern but does not start or end with "er\B"...

  • Page 323: Rtm Cli-Policy

    • : Triggers the policy when the states of the track entries change from Negative to positive Positive. : Sets a suppress time in the range of 1 to 4294967295, in suppress-time suppress-time seconds. The default value is 0. Usage guidelines After you configure a track event for an EAA monitor policy, the track event occurs and triggers the policy when the state of the track entry changes from Positive to Negative or from Negative to Positive.

  • Page 324: Rtm Environment

    to delete a CLI-defined monitor policy. undo rtm cli-policy Syntax rtm cli-policy policy-name undo rtm cli-policy policy-name Default No CLI-defined monitor policies exist. Views System view Predefined user roles network-admin Parameters : Specifies the name of a CLI-defined monitor policy, a case-sensitive string of 1 to policy-name 63 characters.

  • Page 325: Rtm Event Syslog Buffer-Size

    Table 8 System-defined EAA environment variables by event type Event Variable name and description _event_id: Event ID _event_type: Event type Any event _event_type_string: Event type description _event_time: Time when the event occurs _event_severity: Severity level of an event _cmd: Commands that are matched Syslog _syslog_pattern: Log message content Hotplug...

  • Page 326: Rtm Scheduler Suspend

    undo rtm event syslog buffer-size Default The size of the EAA-monitored log buffer is 50000. Views System view Predefined user roles network-admin Parameters : Specifies the size for the EAA-monitored log buffer, in the range of 1 to 500000. buffer-size Usage guidelines After you execute a Syslog event monitor policy, the system saves a copy of the logs to the EAA-monitored log buffer.

  • Page 327: Rtm Tcl-Policy

    This command does not suspend a running monitor policy until all its actions are executed. Examples # Suspend monitor policies. <Sysname> system-view [Sysname] rtm scheduler suspend rtm tcl-policy rtm tcl-policy to create a Tcl-defined policy and bind it to a Tcl script file. to delete a Tcl policy.

  • Page 328: User-Role

    Syntax running-time time undo running-time Default The action runtime of a CLI-defined policy is 20 seconds. Views CLI-defined policy view Predefined user roles network-admin Parameters : Specifies the action runtime in the range of 0 to 31536000 seconds. If you specify 0, the policy time runs its actions forever once the policy is triggered.
  • Page 329 Usage guidelines For EAA to execute an action in a monitor policy, you must assign the policy the user role that has access to the action-specific commands and resources. If EAA lacks access to an action-specific command or resource, EAA does not perform the action and all the subsequent actions. For example, a monitor policy has four actions numbered from 1 to 4.
  • Page 330 Contents Process monitoring and maintenance commands ·········································· 1 display exception context ··························································································································· 1 display exception filepath ··························································································································· 2 display kernel deadloop ····························································································································· 3 display kernel deadloop configuration ········································································································ 6 display kernel exception ····························································································································· 7 display kernel reboot ································································································································ 10 display kernel starvation ··························································································································· 12 display kernel starvation configuration ·····································································································...

  • Page 331: Process Monitoring And Maintenance Commands

    Process monitoring and maintenance commands In the current software version, this switch series does not support CPU parameters. display memory display process display process cpu monitor process commands display information about both user processes and kernel threads. In monitor thread these commands, "process"...

  • Page 332: Display Exception Filepath

    0x7ffe19a9c640 0x7ffe19a9c640 0xffffffff 4294967295 0x293 0x687140 6844736 0x7ffe19a9c7f8 140729328977912 Traceback (most recent call last): File "/bin/core_translator", line 318, in <module> controller.translate() File "/bin/core_translator", line 274, in translate self.update() File "/bin/core_translator", line 249, in update run_cmd(gdb_cmd) File "/bin/core_translator", line 77, in run_cmd data = proc.stdout.readline() KeyboardInterrupt Table 1 Command output...

  • Page 333: Display Kernel Deadloop

    Views Any view Predefined user roles network-admin Parameters Examples # Display the core dump file directory on the MPU. <Sysname> display exception filepath The exception filepath is flash:. display kernel deadloop to display kernel thread deadloop information. display kernel deadloop Syntax display kernel deadloop show-number [ offset ] [ verbose ] Views...
  • Page 334 Recorded at : 2019-05-01 11:16:00.823018 Occurred at : 2019-05-01 11:16:00.823018 Instruction address : 0x4004158c Thread : comsh (TID: 16306) Context : thread context Slot VCPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) Last 5 thread switches : migration/0 (11:16:00.823018)--> swapper (11:16:00.833018)-->...
  • Page 335 0xe2be5f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f30: 00 00 00 00 00 00 00 00 02 be 66 c0 02 be 66 d0 0xe2be5f40: 02 be 61 e0 00 00 00 02 00 00 00 00 02 44 b3 a4 0xe2be5f50: 02 be 5f 90 00 00 00 08 02 be 5f e0 00 00 00 08 0xe2be5f60: 02 be 5f 80 00 ac 1b 14 00 00 00 00 00 00 00 00 0xe2be5f70: 05 b4 5f 90 02 be 5f e0 00 00 00 30 02 be 5f e0...

  • Page 336: Display Kernel Deadloop Configuration

    Field Description Instruction address Instruction address for the kernel thread deadloop. Thread Name and number of the kernel thread deadloop. Context Context for the kernel thread deadloop. Number of the CPU where the kernel thread ran. VCPU ID Number of the CPU core where the kernel thread ran. Information about kernel modules that had been loaded when the kernel thread deadloop was detected, including: Kernel module info...

  • Page 337: Display Kernel Exception

    Table 3 Command output Field Description Time interval (in seconds) to identify a kernel thread deadloop. A Dead loop timer (in seconds): n kernel thread deadloop occurs if a kernel thread runs more than n seconds. Kernel threads excluded from kernel thread deadloop detection. This monitor kernel deadloop field appears only if the Threads excluded from monitoring...
  • Page 338 VCPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) module name (disk) module address (0xe00bd000) # Display detailed information about the most recent kernel thread exception. <Sysname> display kernel exception 1 verbose ----------------- Exception record 1 ----------------- Description : Oops[#0] Recorded at...
  • Page 339 0xe2be5ea0: 02 be 5e c0 24 00 00 24 00 00 00 00 05 7d 94 84 0xe2be5eb0: 00 00 00 04 00 00 00 00 00 00 00 28 05 8d 34 c4 0xe2be5ec0: 02 be 60 a0 01 86 ef f0 00 00 00 00 00 00 00 00 0xe2be5ed0: 02 04 05 b4 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ef0: 95 47 73 35 00 00 00 00 00 00 00 00 00 00 00 00...

  • Page 340: Display Kernel Reboot

    Related commands reset kernel exception display kernel reboot to display reboot information for the device. display kernel reboot Syntax display kernel reboot show-number [ offset ] [ verbose ] Views Any view Predefined user roles network-admin Parameters : Specifies the number of reboots to display, in the range of 1 to 60. show-number : Specifies the offset between the starting reboot and the most recent reboot, in the range of offset...
  • Page 341 Kernel module info : module name (mrpnc) module address (0xe332a000) module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)--> swapper (11:16:00.833018)--> kthreadd (11:16:00.833518)--> swapper (11:16:00.833550)--> disk (11:16:00.833560) Dump stack (total 1024 bytes, 16 bytes/line): 0xe2be5ea0: 02 be 5e c0 24 00 00 24 00 00 00 00 05 7d 94 84 0xe2be5eb0: 00 00 00 04 00 00 00 00 00 00 00 28 05 8d 34 c4 0xe2be5ec0: 02 be 60 a0 01 86 ef f0 00 00 00 00 00 00 00 00 0xe2be5ed0: 02 04 05 b4 00 00 00 00 00 00 00 00 00 00 00 00...

  • Page 342: Display Kernel Starvation

    Function Address = 0x8012d734 Function Address = 0x80100a00 Function Address = 0xe0071004 Function Address = 0x8016ce0c Function Address = 0x801223a0 Table 4 Command output Field Description Recorded at Time when the reboot was recorded, with microsecond precision. Occurred at Time when the reboot occurred, with microsecond precision. Reason Reboot reason.
  • Page 343 : Displays detailed information. If you do not specify this keyword, the command displays verbose brief information. Examples # Display brief information about the most recent kernel thread starvation. <Sysname> display kernel starvation 1 ----------------- Starvation record 1 ----------------- Description : INFO: task comsh: 16306 blocked for more than 10 seconds.
  • Page 344 Reg: r18, Val = 0x00000000 ; Reg: r19, Val = 0x00000000 ; Reg: r20, Val = 0x024c10f8 ; Reg: r21, Val = 0x057d9244 ; Reg: r22, Val = 0x00002000 ; Reg: r23, Val = 0x0000002c ; Reg: r24, Val = 0x00000002 ; Reg: r25, Val = 0x24000024 ;...

  • Page 345: Display Kernel Starvation Configuration

    Function Address = 0x8012a4b4 Function Address = 0x8017989c Function Address = 0x80179b30 Function Address = 0x80127438 Function Address = 0x8012d734 Function Address = 0x80100a00 Function Address = 0xe0071004 Function Address = 0x8016ce0c Function Address = 0x801223a0 Instruction dump: 41a2fe9c 812300ec 800200ec 7f890000 409efe8c 80010014 540b07b9 40a2fe80 4bfffe6c 80780290 7f64db78 4804ea35 <807f002c>...

  • Page 346: Display Process

    Related commands monitor kernel starvation enable monitor kernel starvation exclude-thread monitor kernel starvation time display process to display process state information. display process Syntax display process [ all | job job-id | name process-name ] Views Any view Predefined user roles network-admin network-operator Parameters...
  • Page 347 Number of the process. The number identifies the process, and it might change as the process restarts. Parent JID Job ID of the parent process. Parent PID Number of the parent process. Executable path of the process. For a kernel thread, this field displays a Executable path hyphen (-).
  • Page 348 pts/0 00:00:10 ttyfwd 00:00:38 drvsdkd 00:00:07 drvuserd 00:00:00 mdcagentd 00:00:02 drvforwardd 00:00:01 drvqacld 00:00:03 drvrxtxd 4844 4844 00:00:00 lipcd 4848 4848 00:00:00 eventd 4896 4896 00:00:01 drvevtd 4968 4968 00:00:01 loads 4972 4972 00:00:00 stmd 4974 4974 00:00:00 fsd 4976 4976 00:00:01 dbmd 4980...

  • Page 349: Display Process Cpu

    display process cpu to display CPU usage for all processes. display process cpu Syntax display process cpu Views Any view Predefined user roles network-admin network-operator Parameters Examples # Display CPU usage for all processes. <Sysname> display process cpu CPU utilization in 5 secs: 16.8%; 1 min: 4.7%; 5 mins: 4.7% 5Sec 1Min 5Min...

  • Page 350: Display Process Memory

    network-operator Parameters Examples # Display log information for all user processes. <Sysname> display process log Process JobID Abort Core Exit Kill StartTime EndTime knotify 12-17 07:10:27 12-17 07:10:27 knotify 12-17 07:10:27 12-17 07:10:27 automount 12-17 07:10:27 12-17 07:10:28 knotify 12-17 07:10:28 12-17 07:10:28 comsh 12-17 07:10:30 12-17 07:10:30 knotify...

  • Page 351: Display Process Memory Heap

    Parameters Usage guidelines When a user process starts, it requests the following types of memory from the system: • Text memory—Stores code for the user process. • Data memory—Stores data for the user process. • Stack memory—Stores temporary data. • Dynamic memory—Heap memory dynamically assigned and released by the system according to the needs of the user process.
  • Page 352 Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a user process by its job ID, in the range of 1 to 2147483647. job job-id : Specifies an internal software module by its tag ID, a hexadecimal string in the tag [ tag-id ] range of 0 to FFFFFFFF.
  • Page 353 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 1024 0.0% 1072 0.0% 1200 0.0% 1680 0.0% 2000 0.0% 2064 0.0% 2096 0.0% 4112 0.0% 5136 0.0% 8240 0.0% 11280 0.0% Large Memory Usage: Used Blocks Used Memory(in bytes): 15769600 Free Blocks Free Memory(in bytes): 205312 Large Memory Usage detail:...
  • Page 354 14400 14528 1120 6048 1056 11328 14112 … Table 11 Command output Field Description Size of each memory block, in bytes. Size For large memory blocks, this field displays a value range in the [n1,n2) format. Free Number of free memory blocks. Used Number of used memory blocks.

  • Page 355: Display Process Memory Heap Address

    display process memory heap address to display heap memory content starting from display process memory heap address a specified memory block for a process. Syntax display process memory heap job job-id address starting-address length memory-length Views Any view Predefined user roles network-admin network-operator Parameters...

  • Page 356: Exception Filepath

    Predefined user roles network-admin network-operator Parameters : Specifies a process by its job ID, in the range of 1 to 2147483647. job job-id : Specifies an internal software module by its tag ID, a hexadecimal string in the tag [ tag-id ] range of 0 to FFFFFFFF.

  • Page 357: Monitor Kernel Deadloop Enable

    Default The directory for saving core dump files is the root directory of the default file system. For more information about the default file system, see file system management in Fundamentals Configuration Guide. Views User view Predefined user roles network-admin Parameters : Specifies the directory for saving core dump files.

  • Page 358: Monitor Kernel Deadloop Exclude-Thread

    Usage guidelines CAUTION: Use this command only under the guidance of H3C Support. Inappropriate configuration can cause system breakdown. As a best practice, leave the default unchanged. Kernel threads share resources in kernel space. If a kernel thread monopolizes the CPU for a long time, other threads cannot run, resulting in a deadloop.

  • Page 359: Monitor Kernel Deadloop Time

    65535 seconds. Usage guidelines Use this command only under the guidance of H3C Support. Inappropriate configuration can cause system breakdown. As a best practice, leave the default unchanged. If a kernel thread runs for the specified period of time, kernel thread deadloop detection considers that a deadloop has occurred.

  • Page 360: Monitor Kernel Starvation Enable

    Parameters Usage guidelines CAUTION: Use this command only under the guidance of H3C Support. Inappropriate configuration can cause system breakdown. As a best practice, leave the default unchanged. Starvation occurs when a thread is unable to access shared resources. The command enables the system to detect and report thread starvation. If a thread is not executed within an interval, the system considers that a starvation has occurred, and outputs a starvation message.

  • Page 361: Monitor Kernel Starvation Time

    Usage guidelines Use this command only under the guidance of H3C Support. Inappropriate configuration can cause system breakdown. As a best practice, leave the default unchanged. You can exclude up to 128 kernel threads from kernel thread starvation detection.

  • Page 362: Monitor Process

    65535 seconds. Usage guidelines Use this command only under the guidance of H3C Support. Inappropriate configuration can cause system breakdown. As a best practice, leave the default unchanged. If a thread is not executed within the specified period of time, the system considers that a starvation has occurred, and outputs a starvation message.
  • Page 363 Commands Description Displays state information for physical CPUs. For example, if you enter 1 for the first time, the state of each physical CPU is displayed in a separate row. If you enter 1 again, the average value of all CPU states is displayed. If you enter 1 for the third time, separate states are displayed.
  • Page 364 <Sysname> monitor process dumbtty iteration 2 79 processes; 416 threads; 8473 FDs Thread states: 1 running, 415 sleeping, 0 stopped, 0 zombie CPU0 states: 95.55% idle, 2.67% user, 1.78% kernel, 0.00% interrupt CPU1 states: 99.10% idle, 0.00% user, 0.90% kernel, 0.00% interrupt CPU2 states: 92.80% idle, 2.70% user, 4.50% kernel, 0.00% interrupt CPU3...
  • Page 365 CPU states: 96.53% idle, 1.76% user, 1.71% kernel, 0.00% interrupt Container CPU states: 3.37% total, 1.68% user, 1.69% system Memory: 15952M total, 11877M available, page size 4K Container memory: 15952M total, 11877M available PRI State MEM HH:MM:SS C-CPU Name 711 3060976K 12:00:14 1.45% 1.41% drvuserd 341444K 01:34:08...
  • Page 366 1544 1544 431872K 02:20:04 0.26% 0.24% isisd 1077 1077 379140K 00:18:45 0.17% 0.16% ethd • Enter f to sort processes by FDs in descending order. (You can also enter command c, m, or t to sort processes.) 79 processes; 416 threads; 8473 FDs Thread states: 1 running, 415 sleeping, 0 stopped, 0 zombie CPU states: 95.84% idle, 2.08% user, 2.08% kernel, 0.00% interrupt Container CPU states: 4.49% total, 2.15% user, 2.34% system...

  • Page 367: Monitor Thread

    415 sleeping, 0 stopped, 0 zombie CPU states CPU usage of the device: Free CPU usage, CPU usage in user space, CPU usage in the kernel space, and CPU usage of interrupts. Container CPU states CPU usage of the container. Memory usage of the device: Total memory size, free memory, and page size, Memory in KB.
  • Page 368 Usage guidelines If you do not specify the keyword, the command displays thread statistics in an interactive dumbtty mode. In this mode, the system automatically determines the number of displayed thread processes according to the screen size and does not display exceeding processes. You can also input interactive commands as shown in Table 14 to perform relevant operations.
  • Page 369 Container CPU7 states: 0.00% Memory: 3932M total, 173M available, page size 4K Container memory: 3932M total, 173M available TID LAST_CPU PRI State HH:MM:SS C-CPU Name 15:47:52 4.54% 4.56% scanengi 15:47:52 4.36% 4.38% managerd 1001 15:47:48 3.42% 3.44% NDClient 00:08:06 0.08% 0.08% diagd 1027 00:03:23...
  • Page 370 • Enter n, and then enter a number to modify the maximum number of displayed threads. If you enter 5, statistics for five threads are displayed. Enter the max number of threads to display(0 means unlimited): 5 72 processes; 326 threads Thread states: 4 running, 322 sleeping, 0 stopped, 0 zombie CPU states: 86.65% idle, 3.37% user, 9.07% kernel, 0.91% interrupt Container CPU states: 12.54% total, 3.39% user, 9.15% system...

  • Page 371: Process Core

    Priority level of a thread. State of a thread: • R—Running. • S—Sleeping. State • T—Traced or stopped. • D—Uninterruptible sleep. • Z—Zombie. HH:MM:SS Running time of a thread since last restart. Longest time that a single thread scheduling occupies the CPU, in milliseconds. CPU usage of a thread on the device.

  • Page 372: Reset Exception Context

    Examples # Disable core dump file generation for process routed. <Sysname> process core off name routed # Enable core dump file generation for process routed and set the maximum number of core dump files to 5. <Sysname> process core maxcore 5 name routed Related commands display exception context exception filepath...

  • Page 373: Reset Kernel Exception

    reset kernel exception to clear kernel thread exception information. reset kernel exception Syntax reset kernel exception Views User view Predefined user roles network-admin Parameters Examples # Clear kernel thread exception information. <Sysname> reset kernel exception Related commands display kernel exception reset kernel reboot to clear kernel thread reboot information.
  • Page 374 Predefined user roles network-admin Parameters Examples # Clear kernel thread starvation information. <Sysname> reset kernel starvation Related commands display kernel starvation...
  • Page 375 Contents Information center commands ······································································· 1 diagnostic-logfile save ································································································································ 1 display diagnostic-logfile summary ············································································································ 1 display info-center ······································································································································ 2 display info-center filter ······························································································································ 3 display logbuffer ········································································································································· 3 display logbuffer summary ························································································································· 5 display logfile buffer ··································································································································· 6 display logfile summary ······························································································································ 7 display security-logfile buffer ······················································································································...

  • Page 376: Information Center Commands

    Information center commands diagnostic-logfile save to manually save diagnostic logs from the diagnostic log file diagnostic-logfile save buffer to the diagnostic log file. Syntax diagnostic-logfile save Views Any view Predefined user roles network-admin Usage guidelines You can specify the directory to save the diagnostic log file by using the info-center command.

  • Page 377: Display Info-Center

    Diagnostic log file: Enabled. Diagnostic log file size quota: 10 MB Diagnostic log file directory: flash:/diagfile Writing frequency: 24 hour 0 min 0 sec Table 1 Command output Field Description Status of the diagnostic log file: • Enabled—Diagnostic logs can be output to the diagnostic Diagnostic log file log file.

  • Page 378: Display Info-Center Filter

    display info-center filter to display information about log output filters. display info-center filter Syntax display info-center filter [ filter-name ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an existing log output filter by its name. If you do not specify a log output filter-name filter, this command displays information about all log output filters.
  • Page 379 Parameters : Displays log entries chronologically, with the most recent entry at the top. If you do not reverse specify this keyword, the command displays log entries chronologically, with the oldest entry at the top. : Specifies a severity level in the range of 0 to 7. If you do not specify a severity level severity level, this command displays log information for all levels.

  • Page 380: Display Logbuffer Summary

    Actual buffer size: 512 Dropped messages: 0 Overwritten messages: 0 Current messages: 191 %Jan 1 01:00:06:784 2019 Sysname SHELL/6/SHELL_CMD: -Line=vty0-IPAddr=192.168.1.242-User=**; Command is display current-configuration %Jan 1 01:03:19:691 2019 Sysname SHELL/5/SHELL_LOGIN: VTY logged in from 192.168.1.33. %Jan 1 01:03:21:269 2019 Sysname SHELL/6/SHELL_CMD: -Line=vty1-IPAddr=192.168.1.33-User=**;...

  • Page 381: Display Logfile Buffer

    After saving the buffered logs to the log file, the system clears the log file buffer. Examples # Display the content of the log file buffer. <Sysname> display logfile buffer %@356%Dec 13 16:53:45:495 2019 H3C SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is logfile save. Related commands info-center logfile frequency...

  • Page 382: Display Logfile Summary

    display logfile summary to display the log file configuration. display logfile summary Syntax display logfile summary Views Any view Predefined user roles network-admin network-operator Examples # Display the log file configuration. <Sysname> display logfile summary Log file: Enabled. Log file size quota: 10 MB Log file directory: flash:/logfile Writing frequency: 24 hour 0 min 10 sec Table 6 Command output...

  • Page 383: Display Security-Logfile Summary

    To use this command, a local user must have the security-audit user role. For information about configuring the security-audit user role, see AAA configuration in User Access and Authentication Configuration Guide. Examples # Display the content of the security log file buffer. <Sysname>...

  • Page 384: Enable Log Updown

    Field Description Writing frequency Security log file writing frequency. Related commands (User Access and Authentication Command Reference) authorization-attribute enable log updown to enable an interface to generate link up or link down logs when the enable log updown interface state changes. to disable an interface from generating link up or link down logs undo enable log updown when the interface state changes.

  • Page 385: Info-Center Diagnostic-Logfile Enable

    Usage guidelines The specified directory must have been created. This command cannot survive a reboot. Examples # Set the diagnostic log file directory to flash:/test. <Sysname> mkdir test Creating directory flash:/test... Done. <Sysname> system-view [Sysname] info-center diagnostic-logfile directory flash:/test info-center diagnostic-logfile enable to enable saving diagnostic logs to the info-center diagnostic-logfile enable diagnostic log file.

  • Page 386: Info-Center Diagnostic-Logfile Quota

    Default The diagnostic log file saving interval is 86400 seconds. Views System view Predefined user roles network-admin Parameters : Specifies the diagnostic log file saving interval in seconds. The value range is 10 to freq-sec 86400. Usage guidelines The system outputs diagnostic logs to the diagnostic log file buffer, and then saves the buffered logs to the diagnostic log file at the specified interval.

  • Page 387: Info-Center Enable

    info-center enable to enable the information center. info-center enable to disable the information center. undo info-center enable Syntax info-center enable undo info-center enable Default The information center is enabled. Views System view Predefined user roles network-admin Examples # Enable the information center. <Sysname>...

  • Page 388: Info-Center Format

    . See Table 3 for more information about the log severity levels. The log output filter warning applies to logs of the specified severity level and all higher levels. Usage guidelines A log output filter contains a set of log output filter rules for modules. You can use this command to create multiple log output filters.

  • Page 389: Info-Center Logbuffer

    Default Logs are sent to log hosts in standard format. Views System view Predefined user roles network-admin Parameters : Specifies the China Mobile Communications Corporation (CMCC) format. cmcc : Specifies the China Unicom format. unicom Usage guidelines Logs can be sent to log hosts in standard, China Unicom, or CMCC format. For more information about log formats, see information center configuration in System Management Configuration Guide.

  • Page 390: Info-Center Logfile Directory

    to restore the default. undo info-center logbuffer size Syntax info-center logbuffersize buffersize undo info-center logbuffersize Default A maximum of 512 logs can be buffered. Views System view Predefined user roles network-admin Parameters : Specifies the maximum log buffer size. The value range is 0 to 10240. buffersize Examples # Set the maximum log buffer size to 50.

  • Page 391: Info-Center Logfile Enable

    Examples # Set the log file directory to flash:/test. <Sysname> mkdir test Creating directory flash:/test... Done. <Sysname> system-view [Sysname] info-center logfile directory flash:/test Related commands info-center logfile enable info-center logfile enable to enable the log file feature. info-center logfile enable to disable the log file feature.

  • Page 392: Info-Center Logfile Size-Quota

    Parameters : Specifies the log file saving interval in seconds. The value range is 1 to 86400. freq-sec Usage guidelines This command enables the system to automatically save logs in the log file buffer to the log file at the specified interval.

  • Page 393: Info-Center Logging Suppress Module

    undo info-center logging suppress duplicates Default Duplicate log suppression is disabled. Views System view Predefined user roles network-admin Usage guidelines Outputting consecutive duplicate logs wastes system and network resources and increases device maintenance costs. You can enable this feature to suppress output of consecutive duplicate logs. Examples # Enable duplicate log suppression on device A.

  • Page 394: Info-Center Loghost

    Usage guidelines You can configure log suppression rules to filter out the logs that you are not concerned with. A log suppression rule suppresses output of all logs or only logs with a specific mnemonic value for a module. Examples # Configure a log suppression rule to suppress output of logs with the shell_login mnemonic value for the shell module.

  • Page 395: Info-Center Loghost Source

    : Specifies a logging facility from local0 to local7 for the log host. The facility local number default value is local7. Logging facilities are used to mark different logging sources, and query and filer logs. : Specifies a log output filter to control log output to the log host. The filter filter-name argument represents the filter name, a case-insensitive string of 1 to 8 characters.

  • Page 396: Info-Center Security-Logfile Alarm-Threshold

    [Sysname-LoopBack0] ip address 2.2.2.2 32 [Sysname-LoopBack0] quit [Sysname] info-center loghost source loopback 0 info-center security-logfile alarm-threshold to set the alarm threshold for info-center security-logfile alarm-threshold security log file usage. to restore the default. undo info-center security-logfile alarm-threshold Syntax info-center security-logfile alarm-threshold usage undo info-center security-logfile alarm-threshold Default The alarm threshold for security log file usage is 80.

  • Page 397: Info-Center Security-Logfile Enable

    Predefined user roles security-audit Parameters : Specifies a directory by its name, a string of 1 to 64 characters. dir-name Usage guidelines The specified directory must have been created. To use this command, a local user must have the security-audit user role. For information about configuring the security-audit user role, see AAA configuration in User Access and Authentication Configuration Guide.

  • Page 398: Info-Center Security-Logfile Size-Quota

    to restore the default. undo info-center security-logfile frequency Syntax info-center security-logfile frequency freq-sec undo info-center security-logfile frequency Default The security log file saving interval is 86400 seconds. Views System view Predefined user roles network-admin Parameters : Specifies the security log file saving interval in seconds. The value range is 10 to 86400 freq-sec seconds.

  • Page 399: Info-Center Source

    Examples # Set the maximum size to 6 MB for the security log file. <Sysname> system-view [Sysname] info-center security-logfile size-quota 6 Related commands info-center security-logfile alarm-threshold info-center source to configure a log output rule for a module. info-center source to restore the default. undo info-center source Syntax info-center source { module-name | default } { console | logbuffer | logfile...

  • Page 400: Info-Center Synchronous

    : Specifies a severity level in the range of 0 to 7. The smaller the severity value, level severity the higher the severity level. See Table 3 for more information. Logs at the specified severity level and higher levels are allowed to be output. Usage guidelines If you do not set an output rule for a module, the module uses the output rule set by using the keyword.

  • Page 401: Info-Center Syslog Min-Age

    [Sysname] info-center synchronous Info-center synchronous output is on [Sysname] display current- At this time, the system receives log information. It displays the log information first, and then displays your previous input, which is display current- in this example. %May 21 14:33:19:425 2019 Sysname SHELL/5/SHELL_LOGIN: VTY logged in from 192.168.1.44 [Sysname] display current- Enter configuration to complete the command, and press...

  • Page 402: Info-Center Syslog Trap Buffersize

    info-center syslog trap buffersize to set the maximum number of log traps that can info-center syslog trap buffersize be stored in the log trap buffer. to restore the default. undo info-center syslog trap buffersize Syntax info-center syslog trap buffersize buffersize undo info-center syslog trap buffersize Default The log trap buffer can store a maximum of 1024 traps.

  • Page 403: Info-Center Timestamp Loghost

    Views System view Predefined user roles network-admin Parameters : Sets the timestamp format to xxx.yyy, where xxx is the most significant 32 bits (in milliseconds) boot and yyy is the least significant 32 bits. For example, 0.21990989 equals Jun 25 14:09:26:881 2019. The boot time shows the time since system startup.

  • Page 404: Info-Center Trace-Logfile Quota

    : Sets the ISO 8601 timestamp format, for example, 2019-09-21T15:32:55. : Sets the timestamp to be accurate to milliseconds for logs output to log with-milliseconds hosts in date or ISO 8601 format. The millisecond value is appended to the time information in the timestamp with a dot as the separator.

  • Page 405: Logfile Save

    logfile save to manually save logs in the log file buffer to the log file. logfile save Syntax logfile save Views Any view Predefined user roles network-admin Usage guidelines You can specify the directory to save the log file by using the info-center logfile command.

  • Page 406: Security-Logfile Save

    security-logfile save to manually save security logs from the security log file buffer to security-logfile save the security log file. Syntax security-logfile save Views Any view Predefined user roles security-audit Usage guidelines The system clears the security log file buffer after saving the buffered security logs to the security log file automatically or manually.

  • Page 407: Terminal Debugging

    Usage guidelines This command enables the device to send an SNMP notification for each log message it outputs. The device encapsulates logs in SNMP notifications and then sends them to the SNMP module and the log trap buffer. For the SNMP module to send the received SNMP notifications correctly, you must also configure SNMP on the device.

  • Page 408: Terminal Logging Level

    You can also enable output of debugging messages to the current terminal by executing the terminal logging level 7 command. The terminal logging level 7 command and command have the following differences: terminal debugging • command enables log output for all log severity levels terminal logging level 7 (levels 0 through 7).

  • Page 409: Terminal Monitor

    <Sysname> terminal logging level 7 terminal monitor to enable log output to the current terminal. terminal monitor to disable log output to the current terminal. undo terminal monitor Syntax terminal monitor undo terminal monitor Default Log output to the console is enabled, and log output to the monitor terminal is disabled. Views User view Predefined user roles...
  • Page 410 H3C S6550X-HI Switch Series Interface Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1116 and later Document version: 6W100-20221110...
  • Page 411 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 412 Preface This command reference describes the interface configuration commands. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 413 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 414 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
  • Page 415 Contents Common interface commands ······································································· 1 bandwidth ··················································································································································· 1 default ························································································································································ 1 description ·················································································································································· 2 display counters ········································································································································· 2 display counters rate ·································································································································· 4 display interface link-info ···························································································································· 5 display interface main ································································································································ 6 reset counters interface ···························································································································· 17 shutdown ·················································································································································· 17...

  • Page 416: Common Interface Commands

    Common interface commands bandwidth to set the expected bandwidth of an interface. bandwidth to restore the default. undo bandwidth Syntax bandwidth bandwidth-value undo bandwidth Default The expected bandwidth is not configured. Views Interface view Predefined user roles network-admin Parameters : Specifies the expected bandwidth in the range of 1 to 400000000 kbps. bandwidth-value Usage guidelines The expected bandwidth is an informational parameter used only by higher-layer protocols for...

  • Page 417: Description

    Usage guidelines CAUTION: command might interrupt ongoing network services. Make sure you are fully aware of default the impacts of this command when you use it in a live network. This command might fail to restore the default settings for some commands because of command dependencies or system restrictions.
  • Page 418 Views Any view Predefined user roles network-admin network-operator Parameters : Displays inbound traffic statistics. inbound : Displays outbound traffic statistics. outbound : Specifies an interface type. interface-type : Specifies an interface number. interface-number Usage guidelines To clear the interface traffic statistics, use the command.

  • Page 419: Display Counters Rate

    display counters rate to display traffic rate statistics for interfaces in up state for the most display counters rate recent statistics polling interval. Syntax display counters rate { inbound | outbound } interface [ interface-type [ interface-number ] ] Views Any view Predefined user roles network-admin...

  • Page 420: Display Interface Link-Info

    Field Description statistics polling interval. Average receiving or sending rate (in pps) for broadcast packets for the last Broadcast (pkts/sec) statistics polling interval. Average receiving or sending rate (in pps) for multicast packets for the last Multicast (pkts/sec) statistics polling interval. The command displays Overflow if the data length of a statistical item is Overflow: more than 14 decimal digits...

  • Page 421: Display Interface Main

    Field Description • Stby—The interface is a backup interface in standby state. The data link layer protocol of the interface is up, but the link is an on-demand link or does not exist. The (s) attribute represents the spoofing Protocol: (s) – spoofing flag.
  • Page 422 Predefined user roles network-admin network-operator Parameters : Specifies an interface type. If you do not specify this argument, the command interface-type displays information about interfaces of all types. : Displays brief interface information. If you do not specify this keyword, the command brief displays detailed interface information.
  • Page 423 Output (total): 0 packets, 0 bytes 0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses Output (normal): 0 packets, - bytes 0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, 0 collisions, 0 late collisions 0 lost carrier, - no carrier IPv4 traffic statistics: Last 300 seconds input rate: 0 packets/sec, 0 bytes/sec...
  • Page 424 Field Description BFD—Shuts down the data link layer when it detects a  link failure. Bandwidth Expected bandwidth of the interface. Maximum transmission unit MTU of the interface. IP packet processing capability of the interface when the interface is not assigned an IP address: Internet protocol processing •...
  • Page 425 Field Description The interface is operating at 400 Gbps. This field depends on 400Gbps-speed mode your configuration and the link parameter negotiation result. The speed of the interface is unknown because the speed Unknown-speed mode negotiation fails or the interface is physically disconnected. The interface is operating in half duplex mode.
  • Page 426 Field Description Trunk port encapsulation Encapsulation protocol type for the trunk port. The amount of time that has elapsed since the most recent Last link flapping physical state change of the interface. This field displays Never if the interface has been physically down since device startup. Reason for which the interface hardware went down: •...
  • Page 427 Field Description Last date and time when the physical state of the interface changed to up, which is displayed in the YYYY/MM/DD hh:mm:ss format by default. Last time when physical state changed If the time zone is configured, this field is in the YYYY/MM/DD to up hh:mm:ss zone-name±hh:mm:ss format, where the zone-name argument is the local time zone name.
  • Page 428 Field Description maximum Ethernet frame length is set when you configure jumbo frame support on the interface. Number of inbound frames that had a non-integer number of throttles bytes. Total number of inbound frames that had a normal length, but contained CRC errors.
  • Page 429 Field Description output errors Number of outbound packets with errors. Number of packets dropped because the output rate of the underruns interface exceeded the output queuing capability. This is a low-probability hardware anomaly. Number of packets dropped because the transmitting buffer of the buffer failures interface ran low.
  • Page 430 Loop0 UP(s) 2.2.2.9 NULL0 UP(s) Vlan1 DOWN Vlan999 192.168.1.42 Brief information on interfaces in bridge mode: Link: ADM - administratively down; Stby - standby Speed: (a) - auto Duplex: (a)/A - auto; H - half; F - full Type: A - access; T - trunk; H - hybrid Interface Link Speed Duplex Type PVID Description...
  • Page 431 Field Description Data link layer protocol state of the interface: • UP—The data link layer protocol of the interface is up. • DOWN—The data link layer protocol of the interface is down. Protocol • UP(s)—The data link layer protocol of the interface is up, but the link is an on-demand link or does not exist.

  • Page 432: Reset Counters Interface

    reset counters interface to clear the interface statistics. reset counters interface Syntax reset counters interface [ interface-type [ interface-number ] ] Views User view Predefined user roles network-admin Parameters : Specifies an interface type. interface-type : Specifies an interface number. interface-number Usage guidelines Use this command to clear history statistics if you want to collect traffic statistics for a specific time...
  • Page 433 Usage guidelines CAUTION: Executing the shutdown command on an interface will disconnect the link of the interface and interrupt communication. Use this command with caution. Some interface configurations might require an interface restart before taking effect. Examples # Shut down and then bring up Twenty-FiveGigE 1/0/1. <Sysname>...
  • Page 434 Contents Bulk interface configuration commands ························································· 1 display interface range ······························································································································· 1 interface range ··········································································································································· 1 interface range name ································································································································· 3...

  • Page 435: Bulk Interface Configuration Commands

    Bulk interface configuration commands display interface range to display information about named interface ranges created by display interface range using the command. interface range name Syntax display interface range [ name name ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface range by its name, a case-sensitive string of 1 to 32 characters.
  • Page 436 Parameters : Specifies a space-separated list of up to 24 interface items. Each item specifies interface-list an interface by its type and number or specifies a subrange of interfaces in the form of interface-type interface-number1 interface-type .When you specify a subrange of interfaces, the interfaces must be all fixed interface-number2 interfaces or on the same device.

  • Page 437: Interface Range Name

    [Sysname-if-range] shutdown interface range name to create a named interface interface range name name interface interface-list range and enter the interface range view. without the keyword to enter the view of a interface range name name interface named interface range. to delete the interface range with the specified name.
  • Page 438 To verify the configuration of the first interface, you can execute the command in display this interface range view. To view the member interfaces of a named interface range, use the display interface range command. When you bulk configure interfaces, the system generates no notifications or alarms. Make sure you understand the potential impact before configuring interfaces in bulk.
  • Page 439 Contents Ethernet interface commands ········································································ 1 Common Ethernet interface commands············································································································· 1 broadcast-suppression ······························································································································· 1 display ethernet statistics ··························································································································· 2 display interface ········································································································································· 4 display link-flap protection ························································································································ 16 display link-state-change statistics interface ···························································································· 17 duplex ······················································································································································· 18 flow-interval ·············································································································································· 19 ifmonitor crc-error ·····································································································································...

  • Page 440: Ethernet Interface Commands

    Ethernet interface commands Common Ethernet interface commands broadcast-suppression to enable broadcast suppression and set the broadcast broadcast-suppression suppression threshold. to disable broadcast suppression. undo broadcast-suppression Syntax broadcast-suppression { ratio | pps max-pps | kbps max-kbps } undo broadcast-suppression Default Ethernet interfaces do not suppress broadcast traffic. Views Ethernet interface view Predefined user roles...

  • Page 441: Display Ethernet Statistics

    display ethernet statistics to display the Ethernet module statistics. display ethernet statistics Syntax display ethernet statistics slot slot-number Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Examples # Display the Ethernet module statistics for the specified slot.
  • Page 442 Table 1 Output description Field Description Statistics about the Ethernet packets received by the Ethernet module: • Totalnum—Total number of received packets. • ETHIINum—Number of packets encapsulated by using Ethernet II. • SNAPNum—Number of packets encapsulated by using SNAP. • RAWNum—Number of packets encapsulated by using RAW.

  • Page 443: Display Interface

    Field Description Statistics about the error Ethernet packets in the outbound direction on the Ethernet module: • MbufRelayNum—Number of packets transparently sent. • NullMbuf—Number of packets with null pointers. • ErrAdjFwd—Number of packets with adjacency table errors. • ErrPrepend—Number of packets with extension errors. •...
  • Page 444 If you specify an interface type but do not specify an interface number, this command displays information about all interfaces of the specified type. Examples # Display information about Layer 3 interface Twenty-FiveGigE 1/0/1. <Sysname> display interface twenty-fivegige 1/0/1 Twenty-FiveGigE1/0/1 Current state: DOWN Line protocol state: DOWN Description: Twenty-FiveGigE1/0/1 Interface...
  • Page 445 IPv6 traffic statistics: Last 300 seconds input rate: 0 packets/sec, 0 bytes/sec Last 300 seconds output rate: 0 packets/sec, 0 bytes/sec Input: 0 packets, 0 bytes Output: 0 packets, 0 bytes # Display detailed information about Layer 2 interface Twenty-FiveGigE 1/0/1. <Sysname>...
  • Page 446 0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, 0 collisions, 0 late collisions 0 lost carrier, - no carrier IPv4 traffic statistics: Last 300 seconds input rate: 0 packets/sec, 0 bytes/sec Last 300 seconds output rate: 0 packets/sec, 0 bytes/sec Input: 0 packets, 0 bytes Output: 0 packets, 0 bytes...
  • Page 447 Field Description Maximum transmission unit MTU of the interface. IP packet processing capability of the interface when the interface is not assigned an IP address: Internet protocol processing • Disabled—The interface cannot process IP packets. • Enabled—The interface can process IP packets. IP address of the interface and type of the address in parentheses.
  • Page 448 Field Description The interface is operating in half duplex mode. This field depends half-duplex mode on your configuration and the link parameter negotiation result. The interface is operating in full duplex mode. This field depends full-duplex mode on your configuration and the link parameter negotiation result. The duplex mode of the interface is unknown because the duplex unknown-duplex mode mode negotiation fails or the interface is physically disconnected.
  • Page 449 Field Description Reason for which the interface hardware went down: • Electrical signal loss on the receiving side of the interface. • Interface MAC exception. • Interface physical exception. • Interface transceiver module exception. • Invalid interface configuration. • MAC down because the remote interface is faulty. •...
  • Page 450 Field Description Last date and time when the physical state of the interface changed to up, which is displayed in the YYYY-MM-DD hh:mm:ss format by default. Last time when physical state changed If the time zone is configured, this field is in the YYYY-MM-DD to up hh:mm:ss zone-name±hh:mm:ss format, where the zone-name argument is the local time zone name.
  • Page 451 Field Description Number of inbound giants. Giants refer to frames larger than the maximum frame length supported on the interface. For an Ethernet interface that does not permit jumbo frames, the maximum frame length is as follows: • 1532 bytes (without VLAN tags). giants •...
  • Page 452 Field Description The two fields on the first line represent the outbound normal traffic and pause frame statistics (in packets and bytes) for the interface. The four fields on the second line represent: Output(normal): 0 packets, 0 bytes • Number of outbound normal unicast packets. 0 unicasts, 0 broadcasts, 0 •...
  • Page 453 # Display brief information about all interfaces. <Sysname> display interface brief Brief information on interfaces in route mode: Link: ADM - administratively down; Stby - standby Protocol: (s) – spoofing Interface Link Protocol Primary IP Description WGE1/0/1 DOWN DOWN Loop0 UP(s) 2.2.2.9 NULL0...
  • Page 454 Table 3 Command output Field Description Brief information on interfaces in Brief information about Layer 3 interfaces. route mode: Interface Interface name. Physical link state of the interface: • UP—The interface is physically up. • DOWN—The interface is physically down. •...

  • Page 455: Display Link-Flap Protection

    Field Description Cause for the physical link state of an interface to be DOWN: • Administratively—The interface has been manually shut down by using the shutdown command. To restore the physical state of the interface, use the undo shutdown command. •...

  • Page 456: Display Link-State-Change Statistics Interface

    Table 4 Command output Field Description Status of link flapping protection on all interfaces: • Link-flap protection Enabled—Link flapping protection is enabled on all interfaces. • Disabled—Link flapping protection is disabled on all interfaces. Status of link flapping protection on an interface: •...

  • Page 457: Duplex

    Interface Change-times Last-change-time Reset link-state time Link-flap-begin Link-flap-end WGE1/0/1 Never Never Never Never Table 5 Command output Field Description Interface Abbreviated interface name. Change-times Number of physical state changes. Last-change-time Last time when the physical state changed. Reset link-state time Time when the physical link state change statistics were cleared.

  • Page 458: Flow-Interval

    [Sysname-Twenty-FiveGigE1/0/1] duplex full flow-interval to set the statistics polling interval. flow-interval to restore the default. undo flow-interval Syntax flow-interval interval undo flow-interval Default The statistics polling interval is 300 seconds. Views Ethernet interface view Predefined user roles network-admin Parameters : Sets the statistics polling interval in seconds. The interval is in the range of 5 to 300 and interval must be a multiple of 5.

  • Page 459: Ifmonitor Input-Error

    : Specifies the lower threshold for CRC error packet alarms, in the low-threshold low-value range of 1 to 4294967295 packets. : Specifies the statistics collection and comparison interval for CRC error interval interval packets, in the range of 1 to 65535 seconds. : Shuts down an interface when the number of incoming CRC error packets on the shutdown interface exceeds the upper threshold.

  • Page 460: Interface

    Parameters : Specifies the upper threshold for input error packet alarms, in high-threshold high-value the range of 1 to 4294967295 packets. : Specifies the lower threshold for input error packet alarms, in the low-threshold low-value range of 1 to 4294967295 packets. : Specifies the statistics collection and comparison interval for input error interval interval packets, in the range of 1 to 65535 seconds.

  • Page 461: Jumboframe Enable

    : Specifies an interface number. interface-number Examples # Enter the view of Twenty-FiveGigE 1/0/1. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] jumboframe enable to allow jumbo frames within the specified length to pass through. jumboframe enable to prevent jumbo frames from passing through. undo jumboframe enable to restore the default.
  • Page 462 Default Physical state change suppression is disabled. Views Ethernet interface view Predefined user roles network-admin Parameters : Suppresses link-down events. down : Suppresses link-up events. : Enables the physical state change suppression interval to be accurate to milliseconds. If you msec do not specify this keyword, the suppression interval is accurate to seconds.

  • Page 463: Link-Flap Protect Enable

    Related commands port link-flap protect enable link-flap protect enable to enable link flapping protection globally. link-flap protect enable to disable link flapping protection globally. undo link-flap protect enable Syntax link-flap protect enable [ batch [ interval interval | threshold threshold ] undo link-flap protect enable [ batch [ interval | threshold ] ] Default Link flapping protection is disabled globally.

  • Page 464: Loopback

    command works different depending on the keywords undo link-flap protect enable specified as follows: • If the keyword is not specified, this command disables link flapping protection globally. batch • If the keyword is specified but the keyword is not specified, batch interval threshold...

  • Page 465: Multicast-Suppression

    multicast-suppression to enable multicast storm suppression and set the multicast multicast-suppression storm suppression threshold. to disable multicast storm suppression. undo multicast-suppression Syntax multicast-suppression { ratio | pps max-pps | kbps max-kbps } undo multicast-suppression Default Ethernet interfaces do not suppress multicast traffic. Views Ethernet interface view Predefined user roles...

  • Page 466: Port Ifmonitor Crc-Error

    undo port fec mode Default The FEC mode of an interface is autonegotiated. Views 25-GE interface view 100-GE interface view 200-GE interface view 400-GE interface view Predefined user roles network-admin Parameters : Specifies the FEC autonegotiation mode. auto : Specifies the BASE-R FEC mode. base-r : Performs no FEC.
  • Page 467 Views Ethernet interface view Predefined user roles network-admin Parameters : Specifies the alarm thresholds in percentage. If you do not specify this keyword, you ratio configure the alarm thresholds in absolute value. : Specifies the upper threshold for CRC error packet alarms. If high-threshold high-value you specify the keyword, the value range is 1 to 100.

  • Page 468: Port Ifmonitor Input-Error

    port ifmonitor input-error to configure input error packet alarm parameters for an port ifmonitor input-error interface. to restore the default. undo port ifmonitor input-error Syntax port ifmonitor input-error high-threshold high-value low-threshold low-value interval interval [ shutdown ] undo port ifmonitor input-error Default An interface uses the global input error packet alarm parameters.

  • Page 469: Port Link-Flap Protect

    [Sysname-GigabitEthernet1/0/1] port ifmonitor input-error high-threshold 5000 low-threshold 400 interval 6 Related commands ifmonitor input-error snmp-agent trap enable ifmonitor port link-flap protect to configure link flapping protection on an interface. port link-flap protect to restore the default. undo port link-flap protect Syntax port link-flap protect { disable | enable [ interval interval | threshold threshold ] * }...

  • Page 470: Port Link-Mode

    • If the keyword is not specified, this command restores the default for the disable enable link flapping protection function on the interface. • If the keyword is specified, this command restores the default for interval threshold keyword. interval threshold With link flapping protection enabled on an interface, when the interface goes down, the system enables link flapping detection on the interface.

  • Page 471: Reset Ethernet Statistics

    Ethernet interfaces can operate either as Layer 2 or Layer 3 Ethernet interfaces. You can use this command to set the link mode to bridge (Layer 2) or route (Layer 3) for these Ethernet interfaces. Examples # Configure Twenty-FiveGigE 1/0/1 to operate in Layer 2 mode. <Sysname>...

  • Page 472: Snmp-Agent Trap Enable Ifmonitor

    Usage guidelines If you do not specify an interface type, this command clears the link state change statistics for all up interfaces that have traffic counters. If you specify an interface type but do not specify an interface number, this command clears the link state change statistics for all interfaces of the specified type.

  • Page 473: Unicast-Suppression

    Views Ethernet interface view Predefined user roles network-admin Parameters : Sets the interface speed to 10 Mbps. : Sets the interface speed to 100 Mbps. : Sets the interface speed to 1000 Mbps. 1000 : Sets the interface speed to 10000 Mbps. 10000 : Sets the interface speed to 25000 Mbps.

  • Page 474: Layer 3 Ethernet Interface Commands

    Views Ethernet interface view Predefined user roles network-admin Parameters : Sets the unknown unicast suppression threshold as a percentage of the interface bandwidth. ratio The value range for this argument (in percentage) is 0 to 100. A smaller value means that less unknown unicast traffic is allowed to pass through.
  • Page 475 Parameters : Sets the MTU in bytes. The value range for this argument is 46 to 9216. size Usage guidelines The configured MTU takes effect only on the packets forwarded by the CPU. To avoid unnecessary fragmentation, set a proper MTU value. Examples # Set the MTU to 1430 bytes for Twenty-FiveGigE 1/0/1.
  • Page 476 Contents Loopback, null, and inloopback interface commands ····································· 1 display interface inloopback ······················································································································· 1 display interface loopback ·························································································································· 3 display interface null ··································································································································· 6 interface loopback ······································································································································ 7 interface null ··············································································································································· 8...

  • Page 477: Loopback, Null, And Inloopback Interface Commands

    Loopback, null, and inloopback interface commands display interface inloopback to display information about the inloopback interface. display interface inloopback Syntax display interface [ inloopback [ 0 ] ] [ brief [ description | down ] ] Views Any view Predefined user roles network-admin network-operator Parameters...
  • Page 478 Table 1 Command output Field Description Physical link state of the interface, which is always UP, meaning that Current state the inloopback interface can receive and transmit packets. Data link layer state of the interface, which is always UP(spoofing). UP(spoofing) represents that the data link layer protocol of the Line protocol state interface is up, but the link is an on-demand link or does not exist.

  • Page 479: Display Interface Loopback

    Field Description Description of the interface. Because inloopback interfaces do not Description support CLI configuration, this field does not display a value. display interface loopback to display information about the specified or all existing display interface loopback loopback interfaces. Syntax display interface [ loopback [ interface-number ] ] [ brief [ description | down ] ] Views...
  • Page 480 Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops Table 3 Command output Field Description Physical link state of the interface:...
  • Page 481 Field Description Average input rate during the last 300 seconds: • bytes/sec—Average number of bytes received per second. Last 300 seconds input rate: 0 • bits/sec—Average number of bits received per second. bytes/sec, 0 bits/sec, 0 packets/sec • packets/sec—Average number of packets received per second.

  • Page 482: Display Interface Null

    Field Description Cause for the physical link state of the interface to be DOWN. Administratively represents that the interface has been manually Cause shutdown shut down by using the command. To restore the undo shutdown physical state of the interface, use the command.

  • Page 483: Interface Loopback

    Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops # Display brief information about Null 0. <Sysname>...

  • Page 484: Interface Null

    <Sysname> system-view [Sysname] interface loopback 1 [Sysname-LoopBack1] interface null to enter null interface view. interface null Syntax interface null 0 Default A device has only one null interface (Null 0), which cannot be created or deleted. Views System view Predefined user roles network-admin Parameters : Specifies Null 0.
  • Page 485 Contents Tunnel interface commands ··········································································· 1 destination ·················································································································································· 1 display interface tunnel ······························································································································ 2 display tunnel-interface ······························································································································ 5 interface tunnel ··········································································································································· 7 mtu ····························································································································································· 8 source ························································································································································ 8 tunnel accelerate ······································································································································ 10 tunnel dfbit enable ···································································································································· 10 tunnel discard ipv4-compatible-packet ····································································································· 11 tunnel tos ··················································································································································...

  • Page 486: Tunnel Interface Commands

    Tunnel interface commands destination to specify the destination address for a tunnel interface. destination to restore the default. undo destination Syntax destination { ipv4-address | ipv6-address } undo destination Default No tunnel destination address is configured. Views Tunnel interface view Predefined user roles network-admin Parameters...

  • Page 487: Display Interface Tunnel

    Related commands display interface tunnel display tunnel-interface interface tunnel source display interface tunnel to display tunnel interface information. display interface tunnel Syntax display interface [ tunnel [ number ] ] [ brief [ description | down ] ] Views Any view Predefined user roles network-admin network-operator...
  • Page 488 Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops Table 1 Command output Field Description Tunnel1...
  • Page 489 Field Description Tunnel TOS ToS of tunneled packets. Tunnel TTL TTL of tunneled packets. Tunnel mode and transport protocol: • GRE/IP—GRE/IPv4 tunnel mode. • GRE/IPv6—GRE/IPv6 tunnel mode. • IP/IP—IPv4 over IPv4 tunnel mode. • IP/IPv6—IPv4 over IPv6 tunnel mode. Tunnel protocol/transport •...

  • Page 490: Display Tunnel-Interface

    <Sysname> display interface tunnel brief down Brief information on interfaces in route mode: Link: ADM - administratively down; Stby - standby Interface Link Cause Tun0 DOWN Not connected Tun1 DOWN Not connected Table 2 Command output Field Description Interface Abbreviated interface name. Physical link state of the interface: •...
  • Page 491 Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a tunnel interface by its number. The specified tunnel interface must have been number created. If you do not specify a tunnel interface, this command displays information about all existing tunnel interfaces.

  • Page 492: Interface Tunnel

    interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface tunnel interface view, or enter the view of an existing tunnel interface. to delete a tunnel interface. undo interface tunnel Syntax interface tunnel number [ mode { gre [ ipv6 ] | ipv4-ipv4 | ipv4-ipv6 | ipv6-ipv4 [ 6to4 | auto-tunnel | isatap ] | ipv6-ipv6 } ] undo interface tunnel number Default...

  • Page 493: Mtu

    display tunnel-interface source to set the MTU on a tunnel interface. to restore the default. undo mtu Syntax mtu size undo mtu Default If the tunnel interface has never been up, the MTU is 64000 bytes. If the tunnel interface is up, its MTU is identical to the outgoing interface's MTU minus the length of the tunnel headers.
  • Page 494 to restore the default. undo source Syntax source { ipv4-address | ipv6-address | interface-type interface-number } undo source Default No source address or source interface is specified for a tunnel interface. Views Tunnel interface view Predefined user roles network-admin Parameters : Specifies the tunnel source IPv4 address.

  • Page 495: Tunnel Accelerate

    tunnel accelerate to enable tunnel traffic forwarding acceleration. tunnel accelerate to disable tunnel traffic forwarding acceleration. undo tunnel accelerate Syntax tunnel accelerate undo tunnel accelerate Default Tunnel traffic forwarding acceleration is disabled. Views System view Predefined user roles network-admin Usage guidelines Use this command to accelerate the forwarding of tunneled packets when the NAT, IPsec, AFT, and LB services are not deployed.

  • Page 496: Tunnel Discard Ipv4-Compatible-Packet

    [Sysname] interface tunnel 1 mode gre ipv6 [Sysname-Tunnel1] tunnel dfbit enable tunnel discard ipv4-compatible-packet tunnel discard ipv4-compatible-packet to enable dropping IPv6 packets that use IPv4-compatible IPv6 addresses. undo tunnel discard ipv4-compatible-packet to restore the default. Syntax tunnel discard ipv4-compatible-packet undo tunnel discard ipv4-compatible-packet Default IPv6 packets that use IPv4-compatible IPv6 addresses are not dropped.

  • Page 497: Tunnel Ttl

    Usage guidelines After you configure this command, all the tunneled packets of different services sent on the tunnel interface will use the same configured ToS. For more information about ToS, see ACL and QoS Configuration Guide. Examples # Set the ToS of tunneled packets to 20 on Tunnel 1. <Sysname>...
  • Page 498 H3C S6550X-HI Switch Series Layer 2—LAN Switching Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1116 and later Document version: 6W100-20221110...
  • Page 499 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 500 Preface This command reference describes the Layer 2—LAN switching configuration commands. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 501 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 502 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
  • Page 503 Contents MAC address table commands ······································································ 1 display mac-address ·································································································································· 1 display mac-address aging-time ················································································································ 2 display mac-address mac-learning ············································································································ 3 display mac-address mac-move ················································································································ 4 display mac-address statistics ··················································································································· 5 mac-address (interface view) ····················································································································· 6 mac-address (system view) ······················································································································· 7 mac-address mac-learning enable ·············································································································...

  • Page 504: Mac Address Table Commands

    MAC address table commands This document covers the configuration of unicast MAC address entries, including static, dynamic, blackhole, and multiport unicast MAC address entries. display mac-address to display MAC address entries. display mac address Syntax display mac-address [ mac address [ vlan vlan-id ] | [ [ dynamic | static ] [ interface interface-type interface-number ] | blackhole | multiport ] [ vlan vlan-id ] [ count ] ] Views...

  • Page 505: Display Mac-Address Aging-Time

    Examples # Display MAC address entries for VLAN 100. <Sysname> display mac-address vlan 100 MAC Address VLAN ID State Port/Nickname Aging 0001-0101-0101 Multiport WGE1/0/1 WGE1/0/2 0033-0033-0033 Blackhole 0000-0000-0002 Static WGE1/0/3 00e0-fc00-5829 Learned WGE1/0/4 # Display the number of MAC address entries. <Sysname>...

  • Page 506: Display Mac-Address Mac-Learning

    network-operator Examples # Display the aging timer for dynamic MAC address entries. <Sysname> display mac-address aging-time MAC address aging time: 300s. Related commands mac-address timer display mac-address mac-learning to display the global MAC address learning status display mac-address mac-learning and the MAC learning status of the specified interface or all interfaces. Syntax display mac-address...

  • Page 507: Display Mac-Address Mac-Move

    display mac-address mac-move to display the MAC address move records after the display mac-address mac-move device is started. Syntax display mac-address mac-move [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines When a MAC address frequently moves between the specified two interfaces, Layer 2 loops might...

  • Page 508: Display Mac-Address Statistics

    Field Description address record, the number of MAC address moves is increased by 1 when a new MAC address move has the same MAC address, VLAN, Current Port, and Source Port fields as the MAC address record. Related commands mac-address notification mac-move display mac-address statistics to display MAC address table statistics.

  • Page 509: Mac-Address (Interface View)

    Field Description Total Unicast MAC Addresses In Use Number of unicast MAC address entries. Maximum number of unicast MAC address entries Total Unicast MAC Addresses Available allowed. Number of multicast and multiport unicast MAC Multicast and Multiport MAC Address Count address entries.

  • Page 510: Mac-Address (System View)

    manually configure a static entry to bind the user device to the interface. Then, the frames destined for the user device (for example, Host A) are always sent out of the interface. Other hosts using the forged MAC address of Host A cannot obtain the frames destined for Host A. The MAC address entry configuration cannot survive a reboot unless you save it.
  • Page 511 Default The system is not configured with MAC address entries. Views System view Predefined user roles network-admin Parameters : Specifies dynamic MAC address entries. dynamic : Specifies static MAC address entries. static : Specifies blackhole MAC address entries. Packets whose source or destination MAC blackhole addresses match blackhole MAC address entries are dropped.

  • Page 512: Mac-Address Mac-Learning Enable

    If you execute the command without specifying any parameters, this undo mac-address command deletes all unicast MAC address entries. • You can delete all the MAC address entries from the specified VLAN. You can also delete only one type (dynamic, static, blackhole, or multiport unicast) of MAC address entries. You can single out an interface and delete the unicast MAC address entries on it.

  • Page 513: Mac-Address Mac-Learning Priority

    For example, a number of packets with different source MAC addresses reaching a device can affect the MAC address table update. To avoid such attacks, you can disable MAC address learning by following these guidelines: • You can disable MAC address learning on a per-interface basis. If you disable MAC address learning globally, MAC address learning is disabled for all interfaces.

  • Page 514: Mac-Address Mac-Move Fast-Update

    Predefined user roles network-admin Parameters : Assigns high MAC learning priority. high : Assigns low MAC learning priority. Usage guidelines The MAC address learning priority values can be high and low. An interface with high MAC address learning priority can learn any MAC address. An interface with low MAC address learning priority can learn only the MAC addresses that have not been learned by high-priority interfaces.

  • Page 515: Mac-Address Max-Mac-Count (Interface View)

    mac-address max-mac-count (interface view) to set the MAC learning limit on an interface. mac-address max-mac-count to restore the default. undo mac-address max-mac-count Syntax mac-address max-mac-count count undo mac-address max-mac-count Default The MAC learning limit on an interface is restricted by the command.

  • Page 516: Mac-Address Max-Mac-Count Enable-Forwarding (Interface View)

    Views VLAN view Predefined user roles network-admin Parameters : Specifies the maximum number of MAC addresses that can be learned for a VLAN. When count the argument is set to 0, the VLAN is not allowed to learn MAC addresses. The value range for this argument is restricted by the command.

  • Page 517: Mac-Address Max-Mac-Count Enable-Forwarding (Vlan View)

    Examples # Configure Twenty-FiveGigE 1/0/1 to learn a maximum of 600 MAC address entries. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] mac-address max-mac-count 600 # Disable the device from forwarding unknown frames received on Twenty-FiveGigE 1/0/1 after the MAC learning limit on Twenty-FiveGigE 1/0/1 is reached. [Sysname-Twenty-FiveGigE1/0/1] undo mac-address max-mac-count enable-forwarding Related commands mac-address...

  • Page 518: Mac-Address Notification Mac-Move

    mac-address notification mac-move to enable MAC address move notifications and mac-address notification mac-move optionally specify a MAC move detection interval. to disable MAC address move undo mac-address notification mac-move notifications. Syntax mac-address notification mac-move [ interval interval ] undo mac-address notification mac-move Default MAC address move notifications are disabled.

  • Page 519: Mac-Address Notification Mac-Move Suppression (Interface View)

    %May 14 17:16:45:688 2013 Sysname MAC/4/MAC_FLAPPING: MAC address 0000-0012-0034 in VLAN 500 has moved from port WGE1/0/1 to port WGE1/0/2 for 1 times The output shows that: • The VLAN ID of MAC address 0000-0012-0034 is VLAN 500. • The MAC address moved from Twenty-FiveGigE 1/0/1 to Twenty-FiveGigE 1/0/2. •...

  • Page 520: Mac-Address Notification Mac-Move Suppression (System View)

    mac-address notification mac-move suppression (system view) to set the suppression interval mac-address notification mac-move suppression or the suppression threshold. to restore the default. undo mac-address notification mac-move suppression Syntax mac-address notification mac-move suppression { interval interval | threshold threshold } undo mac-address notification...

  • Page 521: Mac-Address Timer

    to disable the static source check undo mac-address static source-check enable feature. Syntax mac-address static source-check enable undo mac-address static source-check enable Default The static source check feature is enabled. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Layer 3 Ethernet interface view Layer 3 aggregate interface view Predefined user roles...
  • Page 522 • A short aging interval results in removal of valid entries. Then, unnecessary broadcast packets appear and affect device performance. Examples # Set the aging time to 500 seconds for dynamic MAC address entries. <Sysname> system-view [Sysname] mac-address timer aging 500 Related commands display mac-address aging-time...

  • Page 523: Mac Information Commands

    MAC Information commands mac-address information enable (interface view) to enable MAC Information on an interface. mac-address information enable to disable MAC Information on an interface. undo mac-address information enable Syntax mac-address information enable { added | deleted } undo mac-address information enable { added | deleted } Default MAC Information is disabled on an interface.

  • Page 524: Mac-Address Information Interval

    Views System view Predefined user roles network-admin Usage guidelines Before you enable MAC Information on an interface, enable MAC Information globally. Examples # Enable MAC Information globally. <Sysname> system-view [Sysname] mac-address information enable Related commands (interface view) mac-address information enable mac-address information interval to set the MAC change notification interval.

  • Page 525: Mac-Address Information Queue-Length

    Syntax mac-address information mode { syslog | trap } undo mac-address information mode Default SNMP notifications are sent to notify MAC changes. Views System view Predefined user roles network-admin Parameters : Specifies that the device sends syslog messages to notify MAC changes. syslog : Specifies that the device sends SNMP notifications to notify MAC changes.
  • Page 526 • The device sends syslog messages or SNMP notifications only if the MAC change notification interval expires. Examples # Set the MAC Information queue length to 600. <Sysname> system-view [Sysname] mac-address information queue-length 600...
  • Page 527 Contents Ethernet link aggregation commands ····························································· 1 display interface ········································································································································· 1 display lacp system-id ································································································································ 5 display link-aggregation capability ············································································································· 6 display link-aggregation load-sharing mode······························································································· 6 display link-aggregation member-port ········································································································ 8 display link-aggregation summary ············································································································ 10 display link-aggregation troubleshooting ·································································································· 12 display link-aggregation verbose··············································································································...

  • Page 528: Ethernet Link Aggregation Commands

    Ethernet link aggregation commands display interface to display aggregate interface information. display interface Syntax display interface bridge-aggregation route-aggregation [ interface-number ] ] [ brief [ description | down ] ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies Layer 2 aggregate interfaces. bridge-aggregation : Specifies Layer 3 aggregate interfaces.
  • Page 529 Last clearing of counters: Never Last 300 seconds input: 0 packets/sec 0 bytes/sec -% Last 300 seconds output: 0 packets/sec 0 bytes/sec -% Input (total): 0 packets, 0 bytes 0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses Input (normal): 0 packets, 0 bytes 0 unicasts, 0 broadcasts, 0 multicasts, 0 pauses Input: 0 input errors, 0 runts, 0 giants, 0 throttles...
  • Page 530 Link: ADM - administratively down; Stby - standby Speed: (a) – auto Duplex: (a)/A - auto; H - half; F - full Type: A - access; T - trunk; H - hybrid Interface Link Speed Duplex Type PVID Description BAGG1 DOWN auto # Display brief information about Layer 3 aggregate interface Route-Aggregation 1.
  • Page 531 Field Description • DOWN. Maximum transmission unit MTU of the interface. IP packet processing capability of the interface when the interface is not assigned an IP address: Internet protocol processing • Disabled—The interface cannot process IP packets. • Enabled—The interface can process IP packets. IP address of the interface and type of the address in parentheses.

  • Page 532: Display Lacp System-Id

    Field Description Data link layer protocol state of the interface: • UP—The data link layer protocol of the interface is up. • DOWN—The data link layer protocol of the interface is down. Protocol • UP(s)—The data link layer protocol of the interface is up, but the link is an on-demand link or does not exist.

  • Page 533: Display Link-Aggregation Capability

    display link-aggregation capability to display the link aggregation capability for display link-aggregation capability the device. Syntax display link-aggregation capability Views Any view Predefined user roles network-admin network-operator Examples # Display the link aggregation capability for the device. <Sysname> display link-aggregation capability Default link aggregation capability: Maximum groups: 128 Maximum Selected ports per group: 8...
  • Page 534 Predefined user roles network-admin network-operator Parameters : Specifies Layer 2 aggregate interfaces. bridge-aggregation : Specifies Layer 3 aggregate interfaces. route-aggregation : Specifies an existing aggregate interface number. interface-number Usage guidelines If you do not specify the keyword, the command displays the global link-aggregation interface load sharing modes.

  • Page 535: Display Link-Aggregation Member-Port

    <Sysname> display link-aggregation load-sharing mode interface bridge-aggregation 1 Bridge-Aggregation1 load-sharing mode: destination-mac address source-mac address Table 4 Command output Field Description Global link-aggregation load sharing mode. By default, this field displays the link-aggregation load sharing Link-aggregation load-sharing mode modes for Layer 2 and Layer 3 traffic. If you have configured the global link-aggregation load sharing mode, this field displays the configured mode.
  • Page 536 Parameters : Specifies a list of link aggregation member ports, in the format interface-list interface-type interface-number1 [ to interface-type interface-number2 ] The value for the argument must be equal to or greater than the value for interface-number2 argument. interface-number1 : Specifies all link aggregation member ports that are enabled with automatic assignment. auto Usage guidelines A member port in a static aggregation group cannot obtain information about the peer group.

  • Page 537: Display Link-Aggregation Summary

    Table 5 Command output Field Description LACP state flags. This field is one byte long, represented by ABCDEFGH from the least significant bit to the most significant bit. A letter appears when its bit is 1 and does not appear when its bit is 0. •...
  • Page 538 Usage guidelines The Partner ID field in the command output always displays None or nothing for a static link aggregation group. This is because the local aggregation system cannot obtain information from the peer system in a static link aggregation. Examples # Display brief information about all aggregation groups.

  • Page 539: Display Link-Aggregation Troubleshooting

    display link-aggregation troubleshooting to display the aggregation states of display link-aggregation troubleshooting aggregation member ports and the reason why a port was placed in Unselected state. Syntax display link-aggregation troubleshooting [ { bridge-aggregation | route-aggregation } [ interface-number ] ] Views Any view Predefined user roles...

  • Page 540: Display Link-Aggregation Verbose

    display link-aggregation verbose to display detailed information about the display link-aggregation verbose aggregation groups that correspond to the specified aggregate interfaces. Syntax display link-aggregation verbose bridge-aggregation route-aggregation } [ interface-number ] ] [ all-configuration ] Views Any view Predefined user roles network-admin network-operator Parameters...
  • Page 541 System ID: 0x8000, 000f-e267-6c6a Local: Port Status Priority Index Oper-Key Flag WGE1/0/1 32768 {ACDEF} WGE1/0/2 32768 {ACDEF} WGE1/0/3 32768 {ACDEF} Remote: Actor Priority Index Oper-Key SystemID Flag WGE1/0/1(R) 32768 0x8000, 000f-e267-57ad {ACDEF} WGE1/0/2 32768 0x8000, 000f-e267-57ad {ACDEF} WGE1/0/3 32768 0x8000, 000f-e267-57ad {ACDEF} # Display detailed information about Layer 2 aggregation group 20, which is a static aggregation group.
  • Page 542 Field Description indicates passive. • B—Indicates the LACP timeout interval. 1 indicates the short timeout interval. 0 indicates the long timeout interval. • C—Indicates whether the sending system considers that the link is aggregatable. 1 indicates yes. 0 indicates no. •...

  • Page 543: Interface Bridge-Aggregation

    interface bridge-aggregation to create a Layer 2 aggregate interface and enter its interface bridge-aggregation view, or enter the view of an existing Layer 2 aggregate interface. to delete a Layer 2 aggregate interface. undo interface bridge-aggregation Syntax interface bridge-aggregation interface-number undo interface bridge-aggregation interface-number Default No Layer 2 aggregate interfaces exist.

  • Page 544: Jumboframe Enable

    Predefined user roles network-admin Parameters : Specifies a Layer 3 aggregate interface number. The value range for the interface-number argument is 1 to 1024. interface-number Usage guidelines When you create a Layer 3 aggregate interface, the system automatically creates a Layer 3 aggregation group with the same number.

  • Page 545: Lacp Default-Selected-Port Disable

    lacp default-selected-port disable to disable the default port selection action for lacp default-selected-port disable dynamic aggregation groups. to enable the default port selection action undo lacp default-selected-port disable for dynamic aggregation groups. Syntax lacp default-selected-port disable undo lacp default-selected-port disable Default The default port selection action is enabled for dynamic aggregation groups.

  • Page 546: Lacp Mode

    Usage guidelines Use this command on the aggregate interface that connects the device to a server if dynamic link aggregation is configured only on the device. This feature improves link reliability by enabling all member ports of the aggregation group to forward packets. This command takes effect only on an aggregate interface corresponding to a dynamic aggregation group.

  • Page 547: Lacp Select Speed

    undo lacp period Default The LACP timeout interval is the long timeout interval (90 seconds) on an interface. Views Layer 2 Ethernet interface view Layer 3 Ethernet interface view Predefined user roles network-admin Examples # Enable the short LACP timeout interval (3 seconds) on Twenty-FiveGigE 1/0/1. <Sysname>...

  • Page 548: Lacp System-Mac

    Examples # Specify port speed as the prioritized criterion for reference port selection on Layer 2 dynamic aggregate interface Bridge-Aggregation 1. <Sysname> system-view [Sysname] interface bridge-aggregation 1 [Sysname-Bridge-Aggregation1] link-aggregation mode dynamic [Sysname-Bridge-Aggregation1] lacp select speed lacp system-mac to set the LACP system MAC address. lacp system-mac to restore the default.

  • Page 549: Lacp System-Priority

    to restore the default. undo lacp system-number Syntax lacp system-number number undo lacp system-number Default The LACP system number is not set. Views System view Predefined user roles network-admin Parameters : Specifies a number in the range of 1 to 3. number Usage guidelines You must assign a unique LACP system number to each S-MLAG device.

  • Page 550: Link-Aggregation Auto-Aggregation Enable

    Usage guidelines LACPDUs carry the LACP system priority configured by using this command. To identify the LACP system priority used by a link aggregation group, examine the System ID field in the output from the command. display link-aggregation verbose You can configure the LACP system priority globally and in aggregate interface view. The global LACP system priority takes effect on all aggregation groups, and an aggregate-interface-specific LACP system priority takes precedence over the global LACP system priority.

  • Page 551: Link-Aggregation Bfd

    [Sysname] link-aggregation auto-aggregation enable Related commands lldp enable lldp global enable port link-aggregation group link-aggregation bfd to enable BFD for an aggregation group. link-aggregation bfd to disable BFD for an aggregation group. undo link-aggregation bfd Syntax link-aggregation bfd ipv4 source ipv4-address destination ipv4-address undo link-aggregation bfd [ ipv4 ] Default BFD is disabled for an aggregation group.

  • Page 552: Link-Aggregation Bfd-Compatible Enable

    If the number of BFD sessions differs between the two ends of an aggregate link, check their settings for inconsistency in the maximum number of Selected ports. You must make sure the two ends have the same setting for the maximum number of Selected ports. Examples # Enable BFD for Layer 2 aggregation group 1, and specify the source and destination IP addresses as 1.1.1.1 and 2.2.2.2 for BFD sessions.

  • Page 553: Link-Aggregation Capability

    link-aggregation capability to configure the link aggregation capability for the device. link-aggregation capability to restore the default. undo link-aggregation capability Syntax link-aggregation capability max-group max-group-number max-selected-port max-selected-port-number undo link-aggregation capability Default The device can have a maximum of 128 aggregation groups, and each aggregation group can have a maximum of 8 Selected ports.

  • Page 554: Link-Aggregation Global Load-Sharing Mode

    Please save the configuration, and reboot the device. Related commands display link-aggregation capability link-aggregation global load-sharing mode to set the global link-aggregation load link-aggregation global load-sharing mode sharing mode. to restore the default. undo link-aggregation global load-sharing mode Syntax link-aggregation global load-sharing mode...

  • Page 555: Link-Aggregation Ignore Speed

    [Sysname] link-aggregation global load-sharing mode destination-mac link-aggregation ignore speed to configure the system to ignore port speed when it link-aggregation ignore speed sets the aggregation states of the member ports in an aggregation group. to restore the default. undo link-aggregation ignore speed Syntax link-aggregation ignore speed undo link-aggregation ignore speed...

  • Page 556: Link-Aggregation Mode

    Syntax link-aggregation lacp isolate undo link-aggregation lacp isolate Default Aggregate interfaces are not isolated. Views System view Predefined user roles network-admin Usage guidelines Aggregate interface isolation is applicable to dynamic aggregate interfaces. It gracefully changes all dynamic interfaces on the device and member ports of the counterpart aggregation groups to the Unselected state.

  • Page 557: Link-Aggregation Port-Priority

    Usage guidelines When you change the aggregation mode, make sure you understand the impact of the change on services. Aggregation mode change might cause Selected member ports to become Unselected. The following restrictions apply to an aggregation group operating in 1+1 backup mode: •...

  • Page 558: Link-Aggregation Primary-Port

    link-aggregation primary-port to assign the primary role to a member port in a 1+1 link-aggregation primary-port backup aggregation group. to restore the default. undo link-aggregation primary-port Syntax link-aggregation primary-port undo link-aggregation primary-port Default A member port is not assigned the primary role in a 1+1 backup aggregation group. Views Layer 3 Ethernet interface view Predefined user roles...

  • Page 559: Link-Aggregation Secondary-Down

    Default A 1+1 backup aggregation group reverts to the primary member port immediately after that port recovers from failure. Views Layer 3 aggregate interface view Predefined user roles network-admin Parameters : Sets a reversion delay in the range of 1 to 65535 seconds. time-value Usage guidelines The reversion delay is the time a 1+1 backup aggregation group must wait before reverting to the...

  • Page 560: Link-Aggregation Selected-Port Maximum

    For this command to take effect on an aggregation group, first configure the aggregation group to operate in 1+1 backup mode. Examples # Configure Route-Aggregation 1 to place its secondary member port in down state. <Sysname> system-view [Sysname] interface route-aggregation 1 [Sysname-Route-Aggregation1] link-aggregation secondary-down Related commands link-aggregation mode...

  • Page 561: Link-Aggregation Selected-Port Minimum

    • Maximum number set by using the link-aggregation selected-port maximum command. • Maximum number of Selected ports allowed by the link aggregation capability. You can implement backup between two ports by performing the following tasks: • Assigning two ports to an aggregation group. •...

  • Page 562: Link-Aggregation Selected-Port Minimum Percentage

    Examples # Set the minimum number of Selected ports to 3 for Layer 2 aggregation group 1. <Sysname> system-view [Sysname] interface bridge-aggregation 1 [Sysname-Bridge-Aggregation1] link-aggregation selected-port minimum 3 Related commands link-aggregation selected-port maximum link-aggregation selected-port minimum percentage link-aggregation selected-port minimum percentage to set the minimum percentage of Selected ports in an aggregation group.

  • Page 563: Link-Aggregation Switchover

    [Sysname] interface bridge-aggregation 1 [Sysname-Bridge-Aggregation1] link-aggregation selected-port minimum percentage 50 # Set the minimum percentage of Selected ports to 50% for Layer 3 aggregate interface Route-Aggregation 1. <Sysname> system-view [Sysname] interface route-aggregation 1 [Sysname-Route-Aggregation1] link-aggregation selected-port minimum percentage 50 Related commands link-aggregation selected-port minimum link-aggregation switchover to perform a primary/secondary member port switchover...

  • Page 564: Mtu

    link-aggregation primary-port to set the MTU of a Layer 3 aggregate interface. to restore the default. undo mtu Syntax mtu size undo mtu Default The MTU of Layer 3 aggregate interfaces is 1500 bytes. Views Layer 3 aggregate interface view Predefined user roles network-admin Parameters...

  • Page 565: Port Lacp System-Priority

    Parameters : Specifies a MAC address in the format of H-H-H. The MAC address cannot be an mac-address all-zero, all-F, or multicast MAC address. Usage guidelines LACPDUs carry the LACP system MAC address configured by using this command. To identify the LACP system MAC address used by a link aggregation group, examine the System ID field in the output from the command.

  • Page 566: Port Link-Aggregation Group

    You can configure the LACP system priority globally and in aggregate interface view. The global LACP system priority takes effect on all aggregation groups, and an aggregate-interface-specific LACP system priority takes precedence over the global LACP system priority. Member devices in an S-MLAG system must use the same LACP system priority. Examples # Set the LACP system priority to 32 on Bridge-Aggregation 1.

  • Page 567: Port S-Mlag Group

    configurations on the aggregate interface. You can modify the attribute configurations only on the aggregate interface. keyword takes effect only when you assign the interface to an aggregation group. It force cannot be saved in the running configuration or a configuration file. Automatic assignment is available only on Layer 2 and Layer 3 Ethernet interfaces.

  • Page 568: Reset Lacp Statistics

    Examples # Assign Bridge-Aggregation 1 to S-MLAG group 1. <Sysname> system-view [Sysname] interface bridge-aggregation 1 [Sysname-Bridge-Aggregation1] port s-mlag group 1 reset lacp statistics to clear LACP statistics for the specified link aggregation member reset lacp statistics ports. Syntax reset lacp statistics [ interface interface-list ] Views User view Predefined user roles...
  • Page 569 Contents Port isolation commands················································································ 1 display port-isolate group ··························································································································· 1 port-isolate enable ······································································································································ 2 port-isolate group ······································································································································· 2...
  • Page 570 Port isolation commands display port-isolate group to display port isolation group information. display port-isolate group Syntax display port-isolate group [ group-id ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an isolation group by its ID. The value range is 1 to 8. group-id Examples # Display all isolation groups.
  • Page 571 port-isolate enable to assign a port to an isolation group. port-isolate enable to remove a port from an isolation group. undo port-isolate enable Syntax port-isolate enable group group-id undo port-isolate enable Default The port is not assigned to an isolation group. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view...
  • Page 572 undo port-isolate group { group-id | all } Default No isolation groups exist. Views System view Predefined user roles network-admin Parameters : Specifies an isolation group by its ID. The value range is 1 to 8. group-id : Deletes all isolation groups. Examples # Create isolation group 1.
  • Page 573 Contents VLAN commands ··························································································· 1 Basic VLAN commands ····································································································································· 1 default ························································································································································ 1 description ·················································································································································· 1 display interface vlan-interface··················································································································· 2 display vlan ················································································································································ 5 display vlan brief ········································································································································ 7 interface vlan-interface ······························································································································· 7 mac-address ·············································································································································· 8 mtu ····························································································································································· 9 name ·························································································································································· 9 shutdown ··················································································································································...

  • Page 574: Vlan Commands

    VLAN commands Basic VLAN commands default to restore the default settings for a VLAN interface. default Syntax default Views VLAN interface view Predefined user roles network-admin Usage guidelines CAUTION: command might interrupt ongoing network services. Make sure you are fully aware of default the impact of this command when you use it on a live network.

  • Page 575: Display Interface Vlan-Interface

    Views VLAN view Predefined user roles network-admin Parameters : Specifies a description, a case-sensitive string of 1 to 255 characters. text Usage guidelines To manage VLANs efficiently, configure descriptions for them based on their functions or connections. Examples # Configure the description of VLAN 2 as sales-private. <Sysname>...
  • Page 576 Current state: DOWN Line protocol state: DOWN Description: Vlan-interface2 Interface Bandwidth: 100000 kbps Maximum transmission unit: 1500 Internet protocol processing : Disabled IP packet frame type: Ethernet II, hardware address: 000f-e249-8050 IPv6 packet frame type: Ethernet II, hardware address: 000f-e249-8050 Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec...
  • Page 577 Field Description Maximum transmission unit MTU of the VLAN interface. IP packet processing capability of the interface when the interface is not assigned an IP address: Internet protocol processing • Disabled—The interface cannot process IP packets. • Enabled—The interface can process IP packets. IP address of the interface and type of the address in parentheses.

  • Page 578: Display Vlan

    Field Description Outbound traffic statistics (in packets and bytes) for the interface. Output: 0 packets, 0 bytes A hyphen (-) indicates that the statistical item is not supported. Brief information on interfaces in route Brief information about Layer 3 interfaces. mode Interface Abbreviated interface name.
  • Page 579 : Specifies reserved VLANs. Protocol modules determine which VLANs are reserved reserved according to function implementation. The reserved VLANs provide services for protocol modules. You cannot configure reserved VLANs. : Specifies static VLANs. If you specify this keyword, the command displays the total static number of static VLANs and each static VLAN ID.

  • Page 580: Interface Vlan-Interface

    Field Description Tagged ports Tagged members of the VLAN. Untagged ports Untagged members of the VLAN. Related commands vlan display vlan brief to display brief VLAN information. display vlan brief Syntax display vlan brief Views Any view Predefined user roles network-admin network-operator Examples...

  • Page 581: Mac-Address

    Syntax interface vlan-interface interface-number undo interface vlan-interface interface-number Default No VLAN interfaces exist. Views System view Predefined user roles network-admin Parameters : Specifies a VLAN interface number in the range of 1 to 4094. interface-number Usage guidelines Create the VLAN before you create the VLAN interface for a VLAN. Examples # Create VLAN-interface 2, and enter its view.

  • Page 582: Mtu

    Usage guidelines When you assign a MAC address to a VLAN interface, make sure the following requirements are met: • The MAC address must have the same highest 36 bits as the base MAC address. • The MAC address must be no lower than the base MAC address plus 90 (decimal). For more information about the base MAC address, see MAC address table in Layer 2—LAN Switching Configuration Guide.

  • Page 583: Shutdown

    undo name Default The name of a VLAN is argument specifies the VLAN ID in a VLAN vlan-id. vlan-id four-digit format. If the VLAN ID has fewer than four digits, leading zeros are added. For example, the name of VLAN 100 is VLAN 0100. Views VLAN view Predefined user roles...

  • Page 584: Vlan

    • The VLAN interface is down if all ports in the VLAN are down. • The VLAN interface is up if one or more ports in the VLAN are up. When you use this command to shut down a VLAN interface, the VLAN interface remains in DOWN (Administratively) state.

  • Page 585: Port-Based Vlan Commands

    Before you delete a dynamic VLAN or a VLAN locked by an application, you must first remove the configuration from the VLAN. Examples # Create VLAN 2 and enter its view. <Sysname> system-view [Sysname] vlan 2 [Sysname-vlan2] # Create VLANs 4 through 100 and VLAN 200. <Sysname>...

  • Page 586: Port

    Table 4 Command output Field Description Interface Interface name. PVID Port VLAN ID. VLAN Passing Existing VLANs allowed on the port. Tagged VLANs from which the port sends packets without removing VLAN tags. Untagged VLANs from which the port sends packets after removing VLAN tags. port to assign the specified access ports to a VLAN.

  • Page 587: Port Access Vlan

    port access vlan to assign an access port to the specified VLAN. port access vlan to restore the default. undo port access vlan Syntax port access vlan vlan-id undo port access vlan Default All access ports belong to VLAN 1. Views Layer 2 aggregate interface view Layer 2 Ethernet interface view...

  • Page 588: Port Hybrid Vlan

    Layer 2 Ethernet interface view Predefined user roles network-admin Parameters : Specifies a VLAN by its ID in the range of 1 to 4094. vlan-id Usage guidelines You can use a nonexistent VLAN as the PVID of a hybrid port. When you delete the PVID of a hybrid port by using the command, the PVID setting of the port does not change.

  • Page 589: Port Link-Type

    Parameters : Specifies a space-separated list of up to 32 VLAN items. Each item specifies a vlan-id-list VLAN ID or a range of VLAN IDs in the form of . The value range for vlan-id1 to vlan-id2 VLAN IDs is 1 to 4094. The value for the argument must be equal to or greater than the vlan-id2 value for the...

  • Page 590: Port Trunk Permit Vlan

    Examples # Configure Twenty-FiveGigE 1/0/1 as a trunk port. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] port link-type trunk port trunk permit vlan to assign a trunk port to the specified VLANs. port trunk permit vlan to remove a trunk port from the specified VLANs. undo port trunk permit vlan Syntax port trunk permit vlan { vlan-id-list | all }...

  • Page 591: Port Trunk Pvid

    port trunk pvid to set the PVID for a trunk port. port trunk pvid to restore the default. undo port trunk pvid Syntax port trunk pvid vlan vlan-id undo port trunk pvid Default The PVID of a trunk port is VLAN 1. Views Layer 2 aggregate interface view Layer 2 Ethernet interface view...
  • Page 592 Views Any view Predefined user roles network-admin network-operator Parameters : Specifies all MAC-to-VLAN entries. : Specifies dynamically configured MAC-to-VLAN entries. dynamic : Specifies the MAC address in the MAC-to-VLAN entry. The format mac-address mac-address of the argument is H-H-H. mac-address : Specifies the mask for matching MAC addresses in MAC-to-VLAN entries.

  • Page 593: Display Mac-Vlan Interface

    Related commands mac-vlan mac-address display mac-vlan interface to display all ports that are enabled with the MAC-based display mac-vlan interface VLAN feature. Syntax display mac-vlan interface Views Any view Predefined user roles network-admin network-operator Examples # Display all ports that are enabled with the MAC-based VLAN feature. <Sysname>...

  • Page 594: Mac-Vlan Mac-Address

    Related commands display mac-vlan interface mac-vlan mac-address to configure a MAC-to-VLAN entry. mac-vlan mac-address to delete the specified MAC-to-VLAN entries. undo mac-vlan Syntax mac-vlan mac-address mac-address [ mask mac-mask ] vlan vlan-id [ dot1p priority ] undo mac-vlan { all | mac-address mac-address [ mask mac-mask ] | vlan vlan-id } Default No MAC-to-VLAN entries exist.

  • Page 595: Mac-Vlan Trigger Enable

    Examples # Associate the MAC address 0000-0001-0001 with VLAN 100, and set the 802.1p priority to 7 for VLAN 100 in this entry. <Sysname> system-view [Sysname] mac-vlan mac-address 0-1-1 vlan 100 dot1p 7 # Associate VLAN 100 with MAC addresses whose six high-order bits are 121122, and set the 802.1p priority to 4 for VLAN 100 in this entry.

  • Page 596: Vlan Precedence

    Syntax port pvid forbidden undo port pvid forbidden Default When a port receives packets whose source MAC addresses fail the exact MAC address match, the port forwards them in its PVID. Views Layer 2 aggregate interface view Layer 2 Ethernet interface view Predefined user roles network-admin Usage guidelines...

  • Page 597: Vlan Group Commands

    When you enable dynamic MAC-based VLAN assignment, configure the vlan precedence command as a best practice to ensure the priority of MAC-based VLAN matching. If you mac-vlan execute the command, the command does not take effect. vlan precedence ip-subnet-vlan Examples # Configure Twenty-FiveGigE 1/0/1 to match VLANs based on MAC addresses preferentially.

  • Page 598: Vlan-Group

    Related commands vlan-group vlan-list vlan-group to create a VLAN group and enter its view, or enter the view of an existing VLAN vlan-group group. to delete a VLAN group. undo vlan-group Syntax vlan-group group-name undo vlan-group group-name Default No VLAN groups exist. Views System view Predefined user roles...
  • Page 599 Views VLAN group view Predefined user roles network-admin Parameters : Specifies a space-separated list of up to 10 VLAN items. Each item specifies a vlan-id-list VLAN ID or a range of VLAN IDs in the form of . The value range for vlan-id1 to vlan-id2 VLAN IDs is 1 to 4094.
  • Page 600 Contents Loop detection commands ············································································· 1 display loopback-detection ························································································································· 1 loopback-detection action ·························································································································· 1 loopback-detection enable ························································································································· 3 loopback-detection global action ················································································································ 3 loopback-detection global enable··············································································································· 4 loopback-detection interval-time ················································································································ 5...

  • Page 601: Loop Detection Commands

    Loop detection commands display loopback-detection to display the loop detection configuration and status. display loopback-detection Syntax display loopback-detection Views Any view Predefined user roles network-admin network-operator Example # Display the loop detection configuration and status. <Sysname> display loopback-detection Loop detection is enabled. Loop detection interval is 30 second(s).
  • Page 602 to restore the default. undo loopback-detection action Syntax In Layer 2 Ethernet interface view: loopback-detection action { block | no-learning | shutdown } undo loopback-detection action In Layer 2 aggregate interface view: loopback-detection action shutdown undo loopback-detection action Default When the device detects a loop on a port, it generates a log but performs no action on the port. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view...

  • Page 603: Loopback-Detection Enable

    loopback-detection enable to enable loop detection on a per-port basis. loopback-detection enable to disable loop detection on a port. undo loopback-detection enable Syntax loopback-detection enable vlan { vlan-id-list | all } undo loopback-detection enable vlan { vlan-id-list | all } Default Loop detection is disabled on ports.

  • Page 604: Loopback-Detection Global Enable

    Views System view Predefined user roles network-admin Parameters : Enables the shutdown mode. If a loop is detected, the device generates a log and shuts shutdown down the port. The device automatically sets the port to the forwarding state after you set the time interval by using the command (see System Management Command shutdown-interval...

  • Page 605: Loopback-Detection Interval-Time

    Usage guidelines You can enable loop detection globally or on a per-port basis. When a port receives a detection frame in any VLAN, the loop protection action is triggered on that port, regardless of whether loop detection is enabled on it. Example # Globally enable loop detection for VLAN 10 through VLAN 20.
  • Page 606 Contents Spanning tree commands ·············································································· 1 active region-configuration ························································································································· 1 check region-configuration ························································································································· 1 display stp ·················································································································································· 2 display stp abnormal-port ··························································································································· 9 display stp bpdu-statistics ························································································································ 10 display stp down-port ······························································································································· 13 display stp history ····································································································································· 14 display stp ignored-vlan ··························································································································· 16 display stp region-configuration ···············································································································...
  • Page 607 stp transmit-limit ······································································································································· 55 stp vlan enable ········································································································································· 56 vlan-mapping modulo ······························································································································· 57...

  • Page 608: Spanning Tree Commands

    Spanning tree commands active region-configuration to activate your MST region configuration. active region-configuration Syntax active region-configuration Views MST region view Predefined user roles network-admin Usage guidelines When you configure MST region parameters, MSTP launches a new spanning tree calculation process that might cause network topology instability. This is most likely to occur when you configure the VLAN-to-instance mapping table.

  • Page 609: Display Stp

    Predefined user roles network-admin Usage guidelines Spanning tree devices belong to the same MST region only when they are connected through a physical link and configured with the same details as follows: • Format selector (0 by default and not configurable). •...
  • Page 610 Syntax display stp [ instance instance-list | vlan vlan-id-list ] [ interface interface-list | slot slot-number ] [ brief ] Views Any view Predefined user roles network-admin network-operator Parameters instance instance-list : Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of .
  • Page 611 • If you specify both an MSTI list and a port list, this command applies to the specified ports in the specified MSTIs. Examples # In MSTP mode, display the brief spanning tree status and statistics for MSTI 0 on port Twenty-FiveGigE 1/0/1.
  • Page 612 Field Description • LOOP—Loop guard. • BPDU—BPDU guard. If no spanning tree protection feature is configured or spanning tree protection is not triggered, this field displays NONE. # In MSTP mode, display the detailed spanning tree status and statistics for all MSTIs on all ports. <Sysname>...
  • Page 613 Cost to master TC received ----[Port1(Twenty-FiveGigE1/0/1)][FORWARDING]---- Port protocol : Enabled Port role : Designated Port (Boundary) Port ID : 128.3 Port cost(Legacy) : Config=auto, Active=200 Desg.bridge/port : 32768.0001-0000-0000, 128.3 Protection type : Config=none, Active=none Rapid transition : True Num of VLANs mapped : 64 Port times : RemHops 20 # In PVST mode, display the spanning tree status and statistics for all ports in all VLANs.
  • Page 614 Time since last TC : 0 days 0h:5m:42s # In MSTP mode, display the spanning tree status and statistics when the spanning tree feature is disabled. <Sysname> display stp Protocol status : Disabled Protocol Std. : IEEE 802.1s Version Bridge-Prio. : 32768 MAC address : 000f-e200-8048...
  • Page 615 Field Description TC or TCN received Number of TC/TCN BPDUs received in the MSTI or VLAN. Time since last TC Time since the latest topology change in the MSTI or VLAN. Port protocol Status of the spanning tree feature on the port. Port role: •...

  • Page 616: Display Stp Abnormal-Port

    Field Description mapped Major parameters for the port: • Hello—Hello timer. • MaxAge—Maximum age timer. Port times • FwdDelay—Forward delay timer. • MsgAge—Message age timer. • RemHops—Remaining hops. BPDU sent Statistics on sent BPDUs. BPDU received Statistics on received BPDUs. RegRoot ID/IRPC MSTI regional root/internal path cost.

  • Page 617: Display Stp Bpdu-Statistics

    Predefined user roles network-admin network-operator Usage guidelines In an MSTI or VLAN, this command can display a maximum of three history records for a port that is blocked by spanning tree protection features. Examples # In MSTP mode, display history about ports that are blocked by spanning tree protection features. <Sysname>...
  • Page 618 Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface by its type and interface interface-type interface-number number. : Specifies a space-separated list of up to 10 MSTI items. Each item instance instance-list specifies an MSTI or a range of MSTIs in the form of .
  • Page 619 Type Count Last Updated --------------------------- ---------- ----------------- Timeout BPDUs Max-hoped BPDUs TC detected 10:32:40 01/13/2019 TC sent 10:33:11 01/13/2019 TC received # In PVST mode, display the BPDU statistics for Twenty-FiveGigE 1/0/1. <Sysname> system-view [Sysname] stp mode pvst [Sysname] display stp bpdu-statistics interface twenty-fivegige 1/0/1 Port: Twenty-FiveGigE1/0/1 Type Count...

  • Page 620: Display Stp Down-Port

    Field Description TCA received Number of received TCA BPDUs. Config sent Number of sent configuration BPDUs. Config received Number of received configuration BPDUs. RST sent Number of sent RSTP BPDUs. RST received Number of received RSTP BPDUs. MST sent Number of sent MSTP BPDUs. MST received Number of received MSTP BPDUs.

  • Page 621: Display Stp History

    display stp history to display port role calculation history. display stp history Syntax display stp [ instance instance-list | vlan vlan-id-list ] history [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters instance instance-list : Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of .
  • Page 622 Port Twenty-FiveGigE1/0/1 Role change : DESI->ROOT Time : 2022/08/09 17:44:06 Port priority : 32768.36b5-6d1a-0300 0 32768.36b5-7829-0400 0 32768.36b5-6d1a-0300 128.2 128.2 Designated priority : 32768.36b5-6d1a-0300 20 32768.36b5-7829-0400 0 32768.36b5-7829-0400 128.2 128.2 # In MSTP mode, display the port role calculation history on the specified slot in MSTI 2. <Sysname>...

  • Page 623: Display Stp Ignored-Vlan

    Field Description Current priority of the port: • For STP mode, RSTP mode, and ISTs (MSTI 0) in MSTP mode, port priority includes common root bridge ID, cost of the path to the common root bridge, regional root bridge ID, cost of the path to the regional root bridge, designated bridge ID, designated port ID, and ID of the port that receives Port priority messages from the designated port, which are separated with spaces.

  • Page 624: Display Stp Root

    Views Any view Predefined user roles network-admin network-operator Examples # In MSTP mode, display effective MST region configuration. <Sysname> display stp region-configuration Oper Configuration Format selector Region name : hello Revision level Configuration digest : 0x5f762d9a46311effb7a488a3267fca9f Instance VLANs Mapped 21 to 4094 1 to 10 11 to 20 Table 9 Command output...

  • Page 625: Display Stp Tc

    network-operator Examples # In MSTP mode, display the root bridge information of all spanning trees. <Sysname> display stp root MST ID Root Bridge ID ExtPathCost IntPathCost Root Port 0.00e0-fc0e-6554 200200 Twenty-FiveGigE1/0/1 # In PVST mode, display the root bridge information of all spanning trees. <Sysname>...

  • Page 626: Instance

    • If you do not specify a VLAN, this command applies to all VLANs. • If you specify a VLAN list, this command applies to the specified VLANs. In MSTP mode, the command output is sorted by MSTI ID and by port name in each MSTI. •...

  • Page 627: Region-Name

    Parameters : Specifies an MSTI ID in the range of 0 to 4094. A value of 0 represents the CIST. instance-id The value range for the argument is 1 to 4094 for the command. instance-id undo instance : Specifies a space-separated list of up to 10 VLAN items. Each item vlan vlan-id-list specifies a VLAN or a range of VLANs in the form of .

  • Page 628: Reset Stp

    Predefined user roles network-admin Parameters : Specifies the MST region name, a string of 1 to 32 characters. name Usage guidelines The MST region name, the VLAN-to-instance mapping table, and the MSTP revision level of a device determine the device's MST region. After configuring this command, execute the command to active region-configuration...

  • Page 629: Revision-Level

    Related commands display stp revision-level to configure the MSTP revision level. revision-level to restore the default MSTP revision level. undo revision-level Syntax revision-level level undo revision-level Default The MSTP revision level is 0. Views MST region view Predefined user roles network-admin Parameters : Specifies an MSTP revision level in the range of 0 to 65535.

  • Page 630: Stp Bpdu-Protection

    Syntax snmp-agent trap enable stp [ new-root | tc ] undo snmp-agent trap enable stp [ new-root | tc ] Default SNMP notifications are disabled for new-root election events. In MSTP mode, SNMP notifications are enabled in MSTI 0 and disabled in other MSTIs for spanning tree topology changes.

  • Page 631: Stp Bridge-Diameter

    Usage guidelines With BPDU guard enabled, the device shuts down an edge port and notifies the NMS of the shutdown event when the edge port receives configuration BPDUs. The device reactivates the ports that have been shut down when the port status detection timer expires.

  • Page 632: Stp Compliance

    Usage guidelines An appropriate setting of hello time, forward delay, and max age can speed up network convergence. The values of these timers are related to the network size, and you can set the timers by setting the network diameter. With the network diameter set to 7 (the default), the three timers are also set to their defaults.

  • Page 633: Stp Config-Digest-Snooping

    Usage guidelines If this command is configured in Layer 2 Ethernet interface view, it takes effect only on that interface. If this command is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface. If this command is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

  • Page 634: Stp Cost

    Related commands display stp stp global config-digest-snooping stp cost to set the path cost of a port. stp cost to restore the default. undo stp cost Syntax stp [ instance instance-list | vlan vlan-id-list ] cost cost-value undo stp [ instance instance-list | vlan vlan-id-list ] cost Default The device automatically calculates the path costs of ports in each spanning tree based on the corresponding standard.

  • Page 635: Stp Dispute-Protection

    If this command is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface. If this command is configured on a member port in an aggregation group, is takes effect only after the port leaves the aggregation group. If you do not specify an MSTI or VLAN, this command sets the path cost of a port in the MSTP CIST or in the STP or RSTP spanning tree.

  • Page 636: Stp Edged-Port

    <Sysname> system-view [Sysname] undo stp dispute-protection stp edged-port stp edged-port to configure a port as an edge port. to restore the default. undo stp edged-port Syntax stp edged-port undo stp edged-port Default All ports are non-edge ports. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Predefined user roles network-admin...

  • Page 637: Stp Enable

    stp enable to enable the spanning tree feature. stp enable to disable the spanning tree feature. undo stp enable Syntax stp enable undo stp enable Default The spanning tree feature is enabled on all ports. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Predefined user roles network-admin...

  • Page 638: Stp Global Enable

    undo stp global config-digest-snooping Default Digest Snooping is disabled globally. Views System view Predefined user roles network-admin Usage guidelines For Digest Snooping to take effect, you must enable Digest Snooping both globally and on associated ports. As a best practice, first enable Digest Snooping on ports connected to third-party vendor devices and then enable the feature globally.

  • Page 639: Stp Global Mcheck

    Examples # Enable the spanning tree feature globally. <Sysname> system-view [Sysname] stp global enable Related commands stp enable stp mode stp global mcheck to perform mCheck globally. stp global mcheck Syntax stp global mcheck Views System view Predefined user roles network-admin Usage guidelines When a port on an MSTP, RSTP, or PVST device connects to an STP device and receives STP...

  • Page 640: Stp Ignore-Pvid-Inconsistency

    Syntax stp ignored vlan vlan-id-list undo stp ignored vlan vlan-id-list Default VLAN Ignore is disabled for a VLAN. Views System view Predefined user roles network-admin Parameters : Specifies a space-separated list of up to 10 VLAN items. Each item vlan vlan-id-list specifies a VLAN or a range of VLANs in the form of .

  • Page 641: Stp Log Enable Tc

    • If the local port or its peer is a hybrid port, do not configure the local and peer ports as untagged members of the same VLAN. • Disable inconsistent PVID protection on both the local device and the peer device. Examples # In PVST mode, disable the inconsistent PVID protection feature.

  • Page 642: Stp Max-Hops

    Predefined user roles network-admin Usage guidelines On a port, the loop guard feature is mutually exclusive with the root guard feature or the edge port setting. If this command is configured in Layer 2 Ethernet interface view, it takes effect only on that interface. If this command is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

  • Page 643: Stp Mcheck

    stp mcheck to perform mCheck on a port. stp mcheck Syntax stp mcheck Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Predefined user roles network-admin Usage guidelines When a port on an MSTP, RSTP, or PVST device connects to an STP device and receives STP BPDUs, the port automatically transits to the STP mode.

  • Page 644: Stp No-Agreement-Check

    to restore the default. undo stp mode Syntax stp mode { mstp | pvst | rstp | stp } undo stp mode Default A spanning tree device operates in MSTP mode. Views System view Predefined user roles network-admin Parameters : Configures the spanning tree device to operate in MSTP mode. mstp : Configures the spanning tree device to operate in PVST mode.

  • Page 645: Stp Pathcost-Standard

    Default No Agreement Check is disabled. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Predefined user roles network-admin Usage guidelines This command takes effect only after you enable it on the root port. If this command is configured in Layer 2 Ethernet interface view, it takes effect only on that interface. If this command is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

  • Page 646: Stp Point-To-Point

    Usage guidelines If you change the standard that the device uses in calculating the default path costs, you restore the path costs to the default. Examples # Configure the device to calculate the default path cost for ports based on IEEE 802.1d-1998. <Sysname>...

  • Page 647: Stp Port Bpdu-Protection

    If this command is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group. Examples # Configure the link type of Twenty-FiveGigE 1/0/1 as point-to-point. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] stp point-to-point force-true Related commands display stp...

  • Page 648: Stp Port Priority

    Examples # Enable BPDU guard on Twenty-FiveGigE 1/0/1. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] stp port bpdu-protection enable Related commands (Fundamentals Command Reference) shutdown-interval stp bpdu-protection stp edged-port stp port priority to set the priority of a port. The port priority affects the role of a port in stp port priority a spanning tree.

  • Page 649: Stp Port Shutdown Permanent

    If you do not specify an MSTI or VLAN, this command configures the priority of the ports in the MSTP CIST or in the STP or RSTP spanning tree. Examples # In MSTP mode, set the port priority of Twenty-FiveGigE 1/0/1 to 16 in MSTI 2. <Sysname>...

  • Page 650: Stp Priority

    to disable outputting port state transition information. undo stp port-log Syntax stp port-log { all | instance instance-list | vlan vlan-id-list } undo stp port-log { all | instance instance-list | vlan vlan-id-list } Default Outputting port state transition information is disabled. Views System view Predefined user roles...

  • Page 651: Stp Pvst-Bpdu-Protection

    Syntax stp [ instance instance-list | vlan vlan-id-list ] priority priority undo stp [ instance instance-list | vlan vlan-id-list ] priority Default The device priority is 32768. Views System view Predefined user roles network-admin Parameters : Specifies a space-separated list of up to 10 MSTI items. Each item instance instance-list specifies an MSTI or a range of MSTIs in the form of .

  • Page 652: Stp Region-Configuration

    Predefined user roles network-admin Usage guidelines PVST BPDU guard enables an MSTP-enabled device to shut down a port if the port receives PVST BPDUs. The shutdown port is brought up after a detection timer expires. To set the detection timer, use the command.

  • Page 653: Stp Root Primary

    Syntax stp role-restriction undo stp role-restriction Default Port role restriction is disabled. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view Predefined user roles network-admin Usage guidelines When port role restriction is enabled on a port, the port cannot become a root port. If this command is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

  • Page 654: Stp Root Secondary

    : Specifies a space-separated list of up to 10 VLAN items. Each item vlan vlan-id-list specifies a VLAN or a range of VLANs in the form of . The value for vlan-id1 [ to vlan-id2 ] must be equal to or greater than the value for .

  • Page 655: Stp Root-Protection

    Usage guidelines Once you specify the device as a secondary root bridge, you cannot change the priority of the device. If you do not specify an MSTI or VLAN, this command configures a secondary root bridge for the MSTP CIST or the STP or RSTP spanning tree. Examples # In MSTP mode, specify the device as a secondary root bridge in MSTI 1.

  • Page 656: Stp Tc-Protection

    Related commands stp edged-port stp loop-protection stp tc-protection to enable TC-BPDU attack guard for the device. stp tc-protection to disable TC-BPDU attack guard for the device. undo stp tc-protection Syntax stp tc-protection undo stp tc-protection Default TC-BPDU attack guard is enabled. Views System view Predefined user roles...

  • Page 657: Stp Tc-Restriction

    Predefined user roles network-admin Parameters : Specifies the maximum number of immediate forwarding address entry flushes that the number device can perform every 10 seconds. The value is in the range of 1 to 255. Examples # Configure the device to perform up to 10 forwarding address entry flushes every 10 seconds. <Sysname>...

  • Page 658: Stp Tc-Snooping

    stp tc-snooping to enable TC Snooping. stp tc-snooping to disable TC Snooping. undo stp tc-snooping Syntax stp tc-snooping undo stp tc-snooping Default TC Snooping is disabled. Views System view Predefined user roles network-admin Usage guidelines TC Snooping and the spanning tree feature are mutually exclusive. You must globally disable the spanning tree feature before enabling TC Snooping.

  • Page 659: Stp Timer Hello

    argument is 1 to 4094. If you set the STP, RSTP, or MSTP forward delay, do not specify vlan-id this option. : Specifies the forward delay in centiseconds, in the range of 400 to 3000 in increments of 100 time (as in 400, 500, 600).

  • Page 660: Stp Timer Max-Age

    argument is 1 to 4094. If you set the STP, RSTP, or MSTP hello time, do not specify this vlan-id option. : Specifies the hello time in centiseconds, in the range of 100 to 1000 in increments of 100 (as time in 100, 200, 300).

  • Page 661: Stp Timer-Factor

    : Specifies the max age in centiseconds, in the range of 600 to 4000 in increments of 100 (as in time 600, 700, 800). Usage guidelines In the CIST of an MSTP network, the device determines whether a configuration BPDU received on a port has expired based on the max age timer.
  • Page 662 the upstream device within nine times of the hello time, it assumes that the upstream device has failed. Then it will start a new spanning tree calculation process. As a best practice, set the timeout factor to 5, 6, or 7 in the following situations: •...
  • Page 663 Examples # Set the BPDU transmission rate of Twenty-FiveGigE 1/0/1 to 5. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] stp transmit-limit 5 stp vlan enable to enable the spanning tree feature for VLANs. stp vlan enable to disable the spanning tree feature for VLANs. undo stp enable Syntax stp vlan vlan-id-list enable...
  • Page 664 vlan-mapping modulo to map VLANs in an MST region to MSTIs according to the specified vlan-mapping modulo modulo value and quickly create a VLAN-to-instance mapping table. Syntax vlan-mapping modulo modulo Default All VLANs are mapped to the CIST (MSTI 0). Views MST region view Predefined user roles...
  • Page 665 Contents LLDP commands ··························································································· 1 dcbx version ··············································································································································· 1 display lldp local-information ······················································································································ 1 display lldp neighbor-information ··············································································································· 6 display lldp statistics ································································································································· 11 display lldp status ····································································································································· 13 display lldp tlv-config ································································································································ 16 lldp admin-status ······································································································································ 19 lldp check-change-interval ······················································································································· 20 lldp enable ················································································································································...

  • Page 666: Lldp Commands

    LLDP commands dcbx version to set the DCBX version. dcbx version to restore the default. undo dcbx version Syntax dcbx version { rev100 | rev101 | standard } undo dcbx version Default The DCBX version is not configured. It is autonegotiated by the local port and peer port. Views Layer 2 Ethernet interface view Predefined user roles...
  • Page 667 : Sysname System description H3C Comware Platform Software, Software Version 9.1.043, ESS 1108 H3C S6550X-32H-HI Copyright (c) 2004-2022 New H3C Technologies Co., Ltd. All rights reserved. System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge System capabilities enabled : Bridge, Router, Service Bridge...
  • Page 668 Management address OID LLDP agent nearest-nontpmr management address: Management address type : IPv4 Management address : 192.168.80.61 Management address interface type : IfIndex Management address interface ID : Unknown Management address OID LLDP agent nearest-customer management address: Management address type : IPv4 Management address : 192.168.80.62...
  • Page 669 Table 1 Command output Field Description Chassis ID Bridge MAC address of the device. Supported capabilities: • Bridge—Switching is supported. • Router—Routing is supported. • Repeater—Signal repeating is supported. • Telephone—The local device can act as a telephone. • DocsisCableDevice—The local device can act as a System capabilities supported DOCSIS-compliant cable device.
  • Page 670 Field Description Management address interface Numbering type of the interface identified by the management address. type Management address interface Index of the interface identified by the management address. Management address OID Management address object ID. DCBX control info Displayed as version information in IEEE Std 802.1Qaz-2011. Oper version DCBX version number.

  • Page 671: Display Lldp Neighbor-Information

    Field Description PSE power source type: • Unknown—Unknown power supply. PoE PSE power source • Primary—Primary power supply. • Backup—Backup power supply. PoE power supply priority of PSE ports: • Unknown. • Critical. Port PSE priority • High. • Low. Available PoE power on PSE ports, or power needed on PD ports, in Port available power value watts.
  • Page 672 System description H3C Comware Platform Software, Software Version 9.1.043, ESS 1108 H3C S6550X-32H-HI Copyright (c) 2004-2022 New H3C Technologies Co., Ltd. All rights reserved. System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge System capabilities enabled : Bridge, Router, Customer Bridge...
  • Page 673 Auto-negotiation enabled : Yes OperMau : Speed(100000)/Duplex(Full) Power port class : PD PSE power supported : No PSE power enabled : No PSE pairs control ability : No Power pairs : Signal Port power classification : Class 0 Maximum frame size : 10000 # Display brief LLDP information that all LLDP agents received from all neighboring devices.
  • Page 674 Field Description Chassis ID type: • Chassis component. • Interface alias. • Port component. • Chassis type MAC address. • Network address (ipv4). • Interface name. • Locally assigned—Locally-defined chassis type other than those listed above. ID that identifies the LLDP sending device, which can be a MAC Chassis ID address, a network address, an interface, or some other value, depending on the chassis ID type of the neighboring device.
  • Page 675 Field Description • Service Bridge—The service bridge feature is enabled. • TPMR—The TPMR feature is enabled. • Other—Features other than those listed above are supported. Management address OID Management address object ID. DCBX control info Displayed as version information in IEEE Std 802.1Qaz-2011. Oper version DCBX version number.

  • Page 676: Display Lldp Statistics

    Field Description • Repeater—Signal repeating is enabled. • Bridge—Switching is enabled. • Router—Routing is enabled. • Telephone—The neighboring device is acting as a telephone. • DocsisCableDevice—The neighboring device is acting as a DOCSIS-compliant cable device. • StationOnly—The neighboring device is acting as a station only.
  • Page 677 Examples # Display the global LLDP statistics and the LLDP statistics of all ports. <Sysname> display lldp statistics LLDP statistics global information: LLDP neighbor information last change time:0 days, 0 hours, 4 minutes, 40 seconds The number of LLDP neighbor information inserted : 1 The number of LLDP neighbor information deleted The number of LLDP neighbor information dropped The number of LLDP neighbor information aged out : 1...
  • Page 678 The number of CDP error frames # Display the LLDP statistics for the nearest customer bridge agents on Twenty-FiveGigE 1/0/1. <Sysname> display lldp statistics interface Twenty-FiveGigE1/0/1 agent nearest-customer LLDP statistics information of port 1 [Twenty-FiveGigE1/0/1]: LLDP agent nearest-customer: The number of LLDP frames transmitted The number of LLDP frames received The number of LLDP frames discarded The number of LLDP error frames...
  • Page 679 Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a port by its type and number. interface interface-type interface-number If you do not specify this option, the command displays the global LLDP status and the LLDP status of all ports. : Specifies an LLDP agent type.
  • Page 680 Port status of LLDP : Enable Admin status : TX_RX Trap flag : No MED trap flag : No Polling interval : 0s Number of LLDP neighbors Number of MED neighbors Number of CDP neighbors Number of sent optional TLV : 12 Number of received unknown TLV : 5 Neighbor protection status...

  • Page 681: Display Lldp Tlv-Config

    Field Description • Tx_Only—The port can only send LLDP frames. • Disable—The port cannot send or receive LLDP frames. Trap Flag Indicates whether trapping is enabled. Polling interval LLDP polling interval, which is 0 when LLDP polling is disabled. Number of neighbors Number of LLDP neighbors connecting to the port.
  • Page 682 Examples # Display the types of advertisable optional LLDP TLVs of Twenty-FiveGigE 1/0/1. <Sysname> display lldp tlv-config interface twenty-fivegige 1/0/1 LLDP tlv-config of port 1[Twenty-FiveGigE1/0/1]: LLDP agent nearest-bridge: NAME STATUS DEFAULT Basic optional TLV: Port Description TLV System Name TLV System Description TLV System Capabilities TLV Management Address TLV...
  • Page 683 Maximum Frame Size TLV LLDP-MED extend TLV: Capabilities TLV Network Policy TLV Location Identification TLV Extended Power via MDI TLV Inventory TLV LLDP agent nearest-customer: NAME STATUS DEFAULT Basic optional TLV: Port Description TLV System Name TLV System Description TLV System Capabilities TLV Management Address TLV IEEE 802.1 extend TLV:...

  • Page 684: Lldp Admin-Status

    Field Description • Port PVID TLV. • Port and protocol VLAN ID TLV. • VLAN name TLV. • DCBX TLV. • Management VID TLV. IEEE 802.3 organizationally specific TLVs: • MAC-Physic TLV. • IEEE 802.3 extended TLV Power via MDI TLV. •...

  • Page 685: Lldp Check-Change-Interval

    Management Ethernet interface view Layer 2 aggregate interface view Layer 3 aggregate interface view Predefined user roles network-admin Parameters : Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or agent management Ethernet interface view, the command sets the operating mode for nearest bridge agents.

  • Page 686: Lldp Enable

    Management Ethernet interface view Layer 2 aggregate interface view Layer 3 aggregate interface view Predefined user roles network-admin Parameters : Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or agent management Ethernet interface view, the command enables LLDP polling and sets the polling interval for nearest bridge agents.

  • Page 687: Lldp Encapsulation Snap

    [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] undo lldp enable Related commands lldp global enable lldp encapsulation snap to set the encapsulation format for LLDP frames to SNAP. lldp encapsulation snap to restore the default. undo lldp encapsulation Syntax In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view: lldp [ agent { nearest-customer | nearest-nontpmr } ] encapsulation snap undo lldp [ agent { nearest-customer | nearest-nontpmr } ] encapsulation In Layer 2/Layer 3 aggregate interface view:...

  • Page 688: Lldp Global Enable

    to restore the default. undo lldp fast-count Syntax lldp fast-count count undo lldp fast-count Default Four LLDP frames are sent each time fast LLDP frame transmission is triggered. Views System view Predefined user roles network-admin Parameters : Sets the number of LLDP frames sent each time fast LLDP frame transmission is triggered. count The value range is 1 to 8.

  • Page 689: Lldp Global Tlv-Enable Basic-Tlv Management-Address-Tlv

    lldp global tlv-enable basic-tlv management-address-tlv to enable lldp global tlv-enable basic-tlv management-address-tlv advertisement of the management address TLV globally and set the management address to be advertised. to restore undo lldp global tlv-enable basic-tlv management-address-tlv the default. Syntax lldp [ agent { nearest-customer | nearest-nontpmr } ] global tlv-enable basic-tlv management-address-tlv [ ipv6 ] { ip-address | interface loopback interface-number | interface vlan-interface interface-number } undo lldp [ agent { nearest-customer | nearest-nontpmr } ] global tlv-enable...

  • Page 690: Lldp Hold-Multiplier

    The nearest bridge agent and nearest customer bridge agent advertise the management  address TLV. The nearest non-TPMR bridge agent does not advertise the management address TLV.  The IPv4 or IPv6 address of the LLDP frame sending port will be advertised as the management address when the following conditions exist: •...

  • Page 691: Lldp Ignore-Pvid-Inconsistency

    Examples # Set the TTL multiplier to 6. <Sysname> system-view [Sysname] lldp hold-multiplier 6 Related commands lldp timer tx-interval lldp ignore-pvid-inconsistency to disable LLDP PVID inconsistency check. lldp ignore-pvid-inconsistency to enable LLDP PVID inconsistency check. undo lldp ignore-pvid-inconsistency Syntax lldp ignore-pvid-inconsistency undo lldp ignore-pvid-inconsistency Default LLDP PVID inconsistency check is enabled.
  • Page 692 In Layer 3 aggregate interface view: lldp agent nearest-nontpmr management-address arp-learning nd-learning } [ vlan vlan-id ] undo lldp agent nearest-nontpmr management-address { arp-learning | nd-learning } Default The device does not generate an ARP or ND entry after receiving an LLDP frame that carries a management address TLV.

  • Page 693: Lldp Management-Address-Format String

    [Sysname-Twenty-FiveGigE1/0/1] lldp management-address arp-learning vlan 1 Related commands lldp source-mac vlan lldp management-address-format string to set the encoding format of the lldp management-address-format string management address to string. to restore the default. undo lldp management-address-format Syntax In Layer 2/Layer 3 Ethernet interface view/management Ethernet interface view: lldp agent nearest-customer...

  • Page 694: Lldp Max-Credit

    <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] lldp agent nearest-customer management-address-format string lldp max-credit to set the token bucket size for sending LLDP frames. lldp max-credit to restore the default. undo lldp max-credit Syntax lldp max-credit credit-value undo lldp max-credit Default The token bucket size for sending LLDP frames is 5.

  • Page 695: Lldp Neighbor-Identity Chassis-Id

    Usage guidelines The LLDP agent types supported by LLDP depend on the LLDP bridge mode: • Service bridge mode—LLDP supports nearest bridge agents and nearest non-TPMR bridge agents. LLDP processes the LLDP frames with destination MAC addresses for these agents and transparently transmits the LLDP frames with other destination MAC addresses in a VLAN.

  • Page 696: Lldp Neighbor-Identity Port-Id

    Chassis ID subtype ID basis MAC address Network address Interface name Locally assigned : Specifies the chassis ID, a case-sensitive string of 1 to 255 characters. chassis-id Usage guidelines The chassis ID TLV criterion configured on an interface takes effect only after the lldp command is configured on the interface.

  • Page 697: Lldp Neighbor-Protection Aging

    Table 7 Port ID subtypes Port ID subtype ID basis Interface alias Port component MAC address Network address Interface name Agent circuit ID Locally assigned : Specifies the port ID, a case-sensitive string of 1 to 255 characters. port-id Usage guidelines The port ID TLV criterion configured on an interface takes effect only after the lldp command is configured on the interface.

  • Page 698: Lldp Neighbor-Protection Validation

    Parameters : Blocks the interface. The block action places the data link layer protocol of the interface in block DOWN state. In this state, the interface cannot transfer data packets. The data transfer capability is automatically recovered when the interface receives an LLDP packet. : Shuts down the interface.

  • Page 699: Lldp Notification Med-Topology-Change Enable

    Related commands lldp neighbor-identity chassis-id lldp neighbor-identity port-id lldp notification med-topology-change enable to enable LLDP-MED trapping. lldp notification med-topology-change enable to disable LLDP-MED undo lldp notification med-topology-change enable trapping. Syntax lldp notification med-topology-change enable undo lldp notification med-topology-change enable Default LLDP-MED trapping is disabled.

  • Page 700: Lldp Source-Mac Vlan

    Default LLDP trapping is disabled. Views Layer 2 Ethernet interface view Layer 3 Ethernet interface view Management Ethernet interface view Layer 2 aggregate interface view Layer 3 aggregate interface view Predefined user roles network-admin Parameters : Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or agent management Ethernet interface view, the command enables LLDP trapping for nearest bridge agents.

  • Page 701: Lldp Timer Fast-Interval

    Parameters : Specifies a VLAN ID. The value range for the argument is 1 to 4094. vlan vlan-id vlan-id • In Layer 2 Ethernet interface view, specify the ID of a VLAN. The MAC address of the VLAN interface will be used as the source MAC address of outgoing LLDP frames. •...

  • Page 702: Lldp Timer Notification-Interval

    Parameters : Sets an interval for fast LLDP frame transmission, in the range of 1 to 3600 seconds. interval Examples # Set the interval for fast LLDP frame transmission to 2 seconds. <Sysname> system-view [Sysname] lldp timer fast-interval 2 lldp timer notification-interval to set the LLDP trap and LLDP-MED trap lldp timer notification-interval transmission interval.

  • Page 703: Lldp Timer Tx-Interval

    Predefined user roles network-admin Parameters : Sets the LLDP reinitialization delay in the range of 1 to 10 seconds. delay Examples # Set the LLDP reinitialization delay to 4 seconds. <Sysname> system-view [Sysname] lldp timer reinit-delay 4 lldp timer tx-interval to set the LLDP frame transmission interval.
  • Page 704 { civic-address device-type country-code { ca-type ca-value }&<1-10> | elin-address tel-number } } } undo lldp tlv-enable basic-tlv port-description system-capability system-description system-name management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ] } | dot1-tlv { all | port-vlan-id | link-aggregation | dcbx | protocol-vlan-id | vlan-name | management-vid } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory...
  • Page 705 management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ] } | dot1-tlv { all | link-aggregation } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | power-over-ethernet | location-id } } undo lldp agent { nearest-nontpmr | nearest-customer } tlv-enable...
  • Page 706 In Layer 3 aggregate interface view: lldp agent { nearest-customer | nearest-nontpmr } tlv-enable basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description | system-capability | system-description | system-name } lldp agent nearest-nontpmr tlv-enable basic-tlv management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ] undo lldp agent { nearest-customer | nearest-nontpmr } tlv-enable basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description |...
  • Page 707 Parameters : Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or agent management Ethernet interface view, the command configures the types of advertisable TLVs for nearest bridge agents. : Specifies nearest customer bridge agents. nearest-customer : Specifies nearest non-TPMR bridge agents.
  • Page 708 If none of the VLAN interfaces of the permitted VLANs is assigned an IPv4 or IPv6 address or all VLAN interfaces are down, the MAC address of the interface will be advertised. For a Layer 3 Ethernet interface, the IPv4 or IPv6 address of the interface will be advertised ...
  • Page 709 : Advertises link aggregation TLVs. link-aggregation : Advertises IEEE 802.3 organizationally specific LLDP TLVs. dot3-tlv : Advertises MAC/PHY configuration/status TLVs. mac-physic : Advertises maximum frame size TLVs. max-frame-size : Advertises power via MDI TLVs and power stateful control TLVs. power : Advertises LLDP-MED TLVs.
  • Page 710 [Sysname-Twenty-FiveGigE1/0/1] lldp agent nearest-customer tlv-enable dot1-tlv link-aggregation...
  • Page 711 Contents PFC commands ····························································································· 1 display priority-flow-control ························································································································· 1 priority-flow-control (Ethernet interface view) ····························································································· 2 priority-flow-control (system view) ·············································································································· 3 priority-flow-control deadlock auto-recover action······················································································ 4 priority-flow-control deadlock auto-recover cos·························································································· 5 priority-flow-control deadlock cos ··············································································································· 6 priority-flow-control deadlock enable·········································································································· 7 priority-flow-control deadlock precision ······································································································ 8 priority-flow-control deadlock recover ········································································································...

  • Page 712: Pfc Commands

    PFC commands display priority-flow-control to display the PFC information for an interface. display priority-flow-control Syntax display priority-flow-control interface interface-type [ interface-number ] ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface type. If you do not specify an interface type, the interface-type command displays the PFC information for all Ethernet interfaces.

  • Page 713: Priority-Flow-Control (Ethernet Interface View)

    Field Description priority. Recv Number of received PFC pause frames. Send Number of sent PFC pause frames. Inpps Incoming PFC frame rate in pps for the 802.1p priority. Outpps Outgoing PFC frame rate in pps for the 802.1p priority. Related commands priority-flow-control priority-flow-control no-drop dot1p priority-flow-control (Ethernet interface view)

  • Page 714: Priority-Flow-Control (System View)

    When congestion is eliminated, the local end notifies the remote end to continue to send packets carrying the specified 802.1p priority. In this way, the local device can forward packets carrying 802.1p priorities in the specified 802.1p priority list without packet drops. When you enable Rx PFC, the device can receive but cannot send PFC pause frames.

  • Page 715: Priority-Flow-Control Deadlock Auto-Recover Action

    • Both the local end and the remote end have the priority-flow-control no-drop command configured. dot1p • The specified 802.1p priority is in the 802.1p priority list specified by the dot1p-list argument. • The local end receives packets carrying the specified 802.1p priority, and the received packets cause congestion.

  • Page 716: Priority-Flow-Control Deadlock Auto-Recover Cos

    Usage guidelines When the device enters the PFC deadlock state, you can use this command to configure the device to drop or forward received data packets during the delay timer period for PFC deadlock detection automatic recovery. Examples # Configure the device to drop received data packets during the delay timer period for PFC deadlock detection automatic recovery.

  • Page 717: Priority-Flow-Control Deadlock Cos

    The specified CoS value must be within the 802.1p priority values configured by using the priority-flow-control no-drop dot1p command. You can set the same delay timer for different CoS values. If you execute this command multiple times for the same CoS value, the most recent configuration takes effect.

  • Page 718: Priority-Flow-Control Deadlock Enable

    The specified CoS value must be within the 802.1p priority list specified by using the command. To view the 802.1p priority for each priority-flow-control no-drop dot1p CoS value, execute the command. display qos map-table dot1p-lp You can set the same detection interval for different CoS values. If you execute this command for the same CoS value multiple times, the most recent configuration takes effect.

  • Page 719: Priority-Flow-Control Deadlock Precision

    Related commands priority-flow-control priority-flow-control deadlock cos priority-flow-control no-drop dot1p priority-flow-control deadlock precision to set the precision for the PFC priority-flow-control deadlock precision deadlock detection timer. to restore the default. undo priority-flow-control deadlock precision Syntax priority-flow-control deadlock slot slot-number precision { high | low | normal } undo priority-flow-control deadlock slot slot-number precision Default...

  • Page 720: Priority-Flow-Control Deadlock Recover-Mode

    Views Ethernet interface view Predefined user roles network-admin Usage guidelines The device can automatically release the deadlock state, but both the PFC deadlock detection and PFC features are disabled on the interface at the same time. To manually recover PFC deadlock detection on the interface, execute this command after setting the manual recovery mode for PFC deadlock detection on the interface.

  • Page 721: Priority-Flow-Control Deadlock Threshold

    When a packet loop cannot be resolved and the device enters the PFC deadlock state frequently, manually recover PFC deadlock detection on the interface as follows: Perform troubleshooting and set the manual recovery mode for PFC deadlock detection. Execute the command to recover the priority-flow-control deadlock recover PFC deadlock detection and PFC features.

  • Page 722: Priority-Flow-Control Dot1P Headroom

    The detection period specified in this command must be longer than the PFC deadlock detection interval configured by using the command, so that priority-flow-control deadlock cos you can determine whether the device frequently enters the PFC deadlock state. The specified CoS value must be within the 802.1p priority values configured by using the command.

  • Page 723: Priority-Flow-Control Dot1P Ingress-Buffer Dynamic

    Examples # Set the headroom buffer threshold to 1000 for 802.1p priority 1. <sysname> system-view Sysname interface twenty-fivegige 1/0/1 Sysname-Twenty-FiveGigE1/0/1 priority-flow-control dot1p 1 headroom 1000 Related commands (Ethernet interface view) priority-flow-control (System view) priority-flow-control priority-flow-control no-drop dot1p priority-flow-control dot1p ingress-buffer dynamic priority-flow-control dot1p ingress-buffer dynamic to set the dynamic back pressure frame triggering threshold.

  • Page 724: Priority-Flow-Control Dot1P Ingress-Buffer Static

    priority-flow-control no-drop dot1p priority-flow-control dot1p ingress-buffer static to set the static back priority-flow-control dot1p ingress-buffer static pressure frame triggering threshold. to restore the default. undo priority-flow-control dot1p ingress-buffer Syntax priority-flow-control dot1p dot1p-list ingress-buffer static threshold undo priority-flow-control dot1p dot1p-list ingress-buffer Default The static back pressure frame triggering threshold is not set.

  • Page 725: Priority-Flow-Control Dot1P Reserved-Buffer

    Syntax priority-flow-control dot1p dot1p ingress-threshold-offset offset-number undo priority-flow-control dot1p dot1p ingress-threshold-offset Default The offset between the back pressure frame stopping threshold and triggering threshold is not set. Views Ethernet interface view Predefined user roles network-admin Parameters : Specifies an 802.1p priority in the range of 0 to 7. dot1p : Specifies the offset between the back pressure frame stopping threshold and offset-number...

  • Page 726: Priority-Flow-Control Early-Warning Inpps

    Views Ethernet interface view Predefined user roles network-admin Parameters : Specifies an 802.1p priority in the range of 0 to 7. dot1p : Specifies the PFC reserved threshold. The value range is 128 to 196608. reserved-number Usage guidelines Before executing this command, you must use the priority-flow-control no-drop dot1p command to enable PFC for the specified 802.1p priority and use the priority-flow-control...

  • Page 727: Priority-Flow-Control Early-Warning Outpps

    continuous value range. Different values or value ranges are separated with commas (,). You can configure up to 16 characters for this argument. : Specifies the number of PFC frames that an interface can receive in pps, in the inpps pps-value range of 1 to 159783010.

  • Page 728: Priority-Flow-Control No-Drop Dot1P (Ethernet Interface View)

    continuous value range. Different values or value ranges are separated with commas (,). You can configure up to 16 characters for this argument. : Specifies the number of PFC frames that an interface can send in pps, in the outpps pps-value range of 1 to 159783010.
  • Page 729 Parameters : Specifies an 802.1p priority (or dot1p priority) list to identify flows that are subject to dot1p-list PFC (for example: 1,3-5). A hyphen (-) connects two numeric values, which together indicate a continuous value range. Different values or value ranges are separated with commas (,). You can configure up to 16 characters for this argument.

  • Page 730: Priority-Flow-Control No-Drop Dot1P (System View)

    Examples # Enable PFC in auto mode on Twenty-FiveGigE 1/0/1, and enable PFC for 802.1p priority 5. <Sysname> system-view [Sysname] interface twenty-fivegige 1/0/1 [Sysname-Twenty-FiveGigE1/0/1] priority-flow-control auto [Sysname-Twenty-FiveGigE1/0/1] priority-flow-control no-drop dot1p 5 Related commands display priority-flow-control priority-flow-control (system view) priority-flow-control no-drop dot1p priority-flow-control no-drop dot1p (system view) to enable PFC for 802.1p priorities on all priority-flow-control no-drop dot1p...
  • Page 731 802.1p priorities in the specified 802.1p priority list without packet drops. For more information about the 802.1p priority, see ACL and QoS Configuration Guide. If you execute this command in system view and Ethernet interface view multiple times, the most recent configuration takes effect.
  • Page 732 Contents Service loopback group commands ······························································· 1 display service-loopback group ·················································································································· 1 port service-loopback group ······················································································································· 1 service-loopback group ······························································································································ 2...

  • Page 733: Service Loopback Group Commands

    Service loopback group commands display service-loopback group to display service loopback group information. display service-loopback group Syntax display service-loopback group [ group-id ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a service loopback group ID. The value range for the argument is group-id group-id...

  • Page 734: Service-Loopback Group

    Syntax port service-loopback group group-id undo port service-loopback group Default A port does not belong to a service loopback group. Views Layer 2 Ethernet interface view Predefined user roles network-admin Parameters : Specifies a service loopback group ID. The value range for the argument is group-id group-id...
  • Page 735 Parameters : Specifies a service loopback group ID. The value range for the argument is group-id group-id 1 to 1024. : Specifies the service type of the service loopback group. type : Specifies the unicast tunnel service. tunnel Usage guidelines Service loopback groups must work with other features, such as GRE.
  • Page 736 H3C S6550X-HI Switch Series Layer 3—IP Services Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1116 and later Document version: 6W100-20221110...
  • Page 737 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 738 Preface This command reference describes the IP service configuration commands. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 739 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 740 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
  • Page 741 Contents ARP commands ····························································································· 1 arp check enable ········································································································································ 1 arp check log enable ·································································································································· 1 arp ip-unique learning enable····················································································································· 2 arp mac-interface-consistency check enable ····························································································· 3 arp max-learning-num ································································································································ 3 arp max-learning-number ··························································································································· 5 arp static ····················································································································································· 5 arp timer aging ··········································································································································· 6 arp timer aging probe-count ·······················································································································...

  • Page 742: Arp Commands

    ARP commands arp check enable to enable dynamic ARP entry check. arp check enable to disable dynamic ARP entry check. undo arp check enable Syntax arp check enable undo arp check enable Default Dynamic ARP entry check is enabled. Views System view Predefined user roles network-admin...

  • Page 743: Arp Ip-Unique Learning Enable

    Predefined user roles network-admin Usage guidelines This feature enables a device to log ARP events when ARP cannot resolve IP addresses correctly. The log information helps administrators locate and solve problems. The device can log the following ARP events: • On a proxy ARP-disabled interface, the target IP address of a received ARP packet is not one of the following IP addresses: The IP address of the receiving interface.

  • Page 744: Arp Mac-Interface-Consistency Check Enable

    access interface of the client. To resolve this issue, enable the device to learn only one ARP entry for one IP address by using the arp ip-unique learning enable command. The device deletes the old ARP entry when it receives a new ARP entry with the same IP address but different interfaces to ensure normal traffic forwarding.
  • Page 745 to restore the default. undo arp max-learning-num Syntax arp max-learning-num max-number undo arp max-learning-num Default The dynamic ARP learning limit for an interface depends on the configuration of the command. For information about the command, see hardware-mode hardware-mode hardware resource management configuration in System Management Configuration Guide. Views Layer 2 Ethernet interface view Layer 2 aggregate interface view...

  • Page 746: Arp Max-Learning-Number

    arp max-learning-number to set the dynamic ARP learning limit for a device. arp max-learning-number to restore the default. undo arp max-learning-number Syntax arp max-learning-number max-number slot slot-number undo arp max-learning-number slot slot-number Default The dynamic ARP learning limit for the device depends on the configuration of the command.

  • Page 747: Arp Timer Aging

    Predefined user roles network-admin Parameters : Specifies an IP address for the static ARP entry. ip-address : Specifies a MAC address for the static ARP entry, in the format of H-H-H. mac-address : Specifies the ID of a VLAN to which the static ARP entry belongs. The value range is 1 to vlan-id 4094.
  • Page 748 Syntax arp timer aging { aging-minutes | second aging-seconds } undo arp timer aging Default In system view, the aging timer for dynamic ARP entries is 20 minutes. In interface view, the aging timer for dynamic ARP entries is the aging timer set in system view. Views System view Layer 3 Ethernet interface view...

  • Page 749: Arp Timer Aging Probe-Count

    arp timer aging probe-count to set the maximum number of probes for dynamic ARP arp timer aging probe-count entries. to restore the default. undo arp timer aging probe-count Syntax arp timer aging probe-count count undo arp timer aging probe-count Default In system view, the maximum number of probes for dynamic ARP entries is 3.

  • Page 750: Arp Timer Aging Probe-Interval

    arp timer aging probe-interval arp timer aging probe-interval to set the interval for probing dynamic ARP entries. arp timer aging probe-interval to restore the default. undo arp timer aging probe-interval Syntax arp timer aging probe-interval interval undo arp timer aging probe-interval Default In system view, the probe interval is 5 seconds.

  • Page 751: Arp User-Ip-Conflict Record Enable

    Related commands arp timer aging arp timer aging probe-count arp user-ip-conflict record enable to enable recording user IP address conflicts. arp user-ip-conflict record enable to disable recording user IP address undo arp user-ip-conflict record enable conflicts. Syntax arp user-ip-conflict record enable undo arp user-ip-conflict record enable Default Recording user IP address conflicts is disabled.

  • Page 752: Display Arp

    Default Recording user port migrations is disabled. Views System view Predefined user roles network-admin Usage guidelines The device can generate a maximum of 10 user port migration logs per second. To display user port migration records, use the command. display arp user-move record Examples # Enable recording user port migration.
  • Page 753 Examples # Display all ARP entries. <Sysname> display arp all Type: S-Static D-Dynamic O-Openflow R-Rule I-Invalid IP address MAC address VLAN/VSI name Interface Aging Type 1.1.1.1 02e0-f102-0023 1 WGE1/0/1 1.1.1.2 00e0-fc00-0001 12 WGE1/0/2 # Display detailed information about all ARP entries. <Sysname>...

  • Page 754: Display Arp Entry-Limit

    Field Description is unknown. ARP entry type: • D—Dynamic. • S—Static. • Type O—OpenFlow. This value is not supported in the current software version. • R—Rule. • I—Invalid. ID of the SVLAN or CVLAN to which the ARP entry belongs. This field displays hyphens (--) in either of the following situations: •...

  • Page 755: Display Arp Ip-Address

    Predefined user roles network-admin network-operator Examples # Display the maximum number of ARP entries that the device supports. <Sysname> display arp entry-limit ARP entries: 90112 display arp ip-address to display the ARP entry for an IP address. display arp ip-address Syntax display arp ip-address [ slot slot-number ] [ verbose ] Views...
  • Page 756 Views Any view Predefined user roles network-admin network-operator Usage guidelines This command always displays the aging time in seconds no matter which unit you set in the command. timer aging Examples # Display the aging timer of dynamic ARP entries. <Sysname>...

  • Page 757: Display Arp User-Move Record

    New MAC: 00e0-ca63-8142 IP address: 10.1.1.2 System time: 2018-02-02 10:20:30 Conflict count: 1 Log suppress count: 0 Old interface: Twenty-FiveGigE1/0/1 New interface: Twenty-FiveGigE1/0/2 Old SVLAN/CVLAN: 100/-- New SVLAN/CVLAN: 100/-- Old MAC: 00e0-ca63-8141 New MAC: 00e0-ca63-8142 Table 2 Command output Field Description IP address IP address of a user.
  • Page 758 Usage guidelines Each device can save a maximum of 200 user port migration records. When the number of user port migration records reaches the upper limit, new records will overwrite the earliest ones. Examples # Display all user port migration records. <Sysname>...

  • Page 759: Display Arp Vpn-Instance

    display arp vpn-instance to display the ARP entries for a VPN instance. display arp vpn-instance Syntax display arp vpn-instance vpn-instance-name [ count ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an MPLS L3VPN instance by its name, a case-sensitive string of vpn-instance-name 1 to 31 characters.
  • Page 760 : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Specifies an interface by its type and interface interface-type interface-number number. If you do not specify an interface, this command clears ARP entries for all interfaces. Usage guidelines CAUTION: command will clear existing ARP entries from the ARP table.

  • Page 761: Gratuitous Arp Commands

    Gratuitous ARP commands arp ip-conflict log prompt to enable IP conflict notification. arp ip-conflict log prompt to restore the default. undo arp ip-conflict log prompt Syntax arp ip-conflict log prompt undo arp ip-conflict log prompt Default IP conflict notification is disabled. Views System view Predefined user roles...

  • Page 762: Gratuitous-Arp Mac-Change Retransmit

    Layer 3 aggregate interface view VLAN interface view Predefined user roles network-admin Parameters : Specifies the sending interval in the range of 200 to 200000 milliseconds. interval interval The default value is 2000 milliseconds. Usage guidelines This feature takes effect on an interface only when the interface has an IP address and the data link layer state of the interface is up.

  • Page 763: Gratuitous-Arp-Learning Enable

    : Specifies the interval for retransmitting a gratuitous packet, in the range of 1 interval seconds to 10 seconds. Usage guidelines The device sends a gratuitous ARP packet to inform other devices of its MAC address change. However, the other devices might fail to receive the packet because the device sends the gratuitous ARP packet once only by default.
  • Page 764 to disable sending gratuitous ARP packets undo gratuitous-arp-sending enable upon receiving ARP requests whose sender IP address is on a different subnet. Syntax gratuitous-arp-sending enable undo gratuitous-arp-sending enable Default A device does not send gratuitous ARP packets when it receives ARP requests whose sender IP address is on a different subnet.

  • Page 765: Proxy Arp Commands

    Proxy ARP commands display local-proxy-arp to display the local proxy ARP status. display local-proxy-arp Syntax display local-proxy-arp [ interface interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface by its type and interface interface-type interface-number number.

  • Page 766: Display Proxy-Arp Statistics

    Usage guidelines You can use this command to check whether proxy ARP is enabled or disabled. Examples # Display the proxy ARP status on VLAN-interface 2. <Sysname> display proxy-arp interface vlan-interface 2 Interface Vlan-interface2 Proxy ARP status: disabled Related commands proxy-arp enable display proxy-arp statistics to display statistics about proxy ARP reply packets.

  • Page 767: Local-Proxy-Arp Enable

    local-proxy-arp enable to enable local proxy ARP. local-proxy-arp enable to disable local proxy ARP. undo local-proxy-arp enable Syntax local-proxy-arp enable [ ip-range start-ip-address to end-ip-address ] undo local-proxy-arp enable Default Local proxy ARP is disabled. Views Layer 3 Ethernet interface view Layer 3 aggregate interface view VLAN interface view Predefined user roles...

  • Page 768: Proxy-Arp Enable

    proxy-arp enable to enable proxy ARP. proxy-arp enable to disable proxy ARP. undo proxy-arp enable Syntax proxy-arp enable undo proxy-arp enable Default Proxy ARP is disabled. Views Layer 3 Ethernet interface view Layer 3 aggregate interface view VLAN interface view Predefined user roles network-admin Usage guidelines...

  • Page 769: Arp Snooping Commands

    ARP snooping commands arp snooping enable to enable ARP snooping. arp snooping enable to disable ARP snooping. undo arp snooping enable Syntax arp snooping enable undo arp snooping enable Default ARP snooping is disabled. Views VLAN view Predefined user roles network-admin Examples # Enable ARP snooping for VLAN 2.

  • Page 770: Reset Arp Snooping

    Examples # Display ARP snooping entries for VLAN 2. <Sysname> display arp snooping vlan 2 IP Address MAC Address VLAN ID Interface Aging Status 3.3.3.3 0003-0003-0003 2 WGE1/0/1 Valid 3.3.3.4 0004-0004-0004 2 WGE1/0/2 Invalid # Display the ARP snooping entry for IP address 1.1.1.1 in a VLAN. <Sysname>...
  • Page 771 Examples # Delete ARP snooping entries for VLAN 2. <Sysname> reset arp snooping vlan 2 Related commands display arp snooping...

  • Page 772: Arp Fast-Reply Commands

    ARP fast-reply commands arp fast-reply enable to enable ARP fast-reply for a VLAN. arp fast-reply enable to disable ARP fast-reply for a VLAN. undo arp fast-reply enable Syntax arp fast-reply enable undo arp fast-reply enable Default ARP fast-reply is disabled on a VLAN. Views VLAN view Predefined user roles...

  • Page 773: Arp Direct Route Advertisement Commands

    ARP direct route advertisement commands arp route-direct advertise to enable ARP direct route advertisement. arp route-direct advertise to disable ARP direct route advertisement. undo arp route-direct advertise Syntax arp route-direct advertise [ preference preference-value | tag tag-value ] undo arp route-direct advertise Default ARP direct route advertisement is disabled.

  • Page 774: Arp Route-Direct Advertise Delay

    arp route-direct advertise delay to set the delay time for ARP direct route arp route-direct advertise delay generation. to restore the default. undo arp route-direct advertise delay Syntax arp route-direct advertise delay delay-time undo arp route-direct advertise delay Default ARP direct route generation is not delayed. Views Layer 3 Ethernet interface view Layer 3 aggregate interface view...
  • Page 775 Contents IP addressing commands ·············································································· 1 display ip interface ····································································································································· 1 display ip interface brief ····························································································································· 3 ip address ··················································································································································· 5 ip address unnumbered ····························································································································· 6...

  • Page 776: Ip Addressing Commands

    IP addressing commands display ip interface to display IP configuration and statistics for Layer 3 interfaces. display ip interface Syntax display ip interface [ interface-type [ interface-number ] ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface by its type. interface-type : Specifies an interface by its number.
  • Page 777 Router advert: Router solicit: Time exceed: IP header bad: Timestamp request: Timestamp reply: Information request: Information reply: Netmask request: Netmask reply: Unknown type: Table 1 Command output Field Description Physical link state of the interface: • Administrative DOWN—The interface has been shut down by using shutdown command.

  • Page 778: Display Ip Interface Brief

    Field Description ICMP packet input number: Total number of ICMP packets received on the interface (statistics start at Echo reply: the device startup): • Unreachable: Echo reply packets. • Unreachable packets. Source quench: • Source quench packets. Routing redirect: • Routing redirect packets.
  • Page 779 Usage guidelines Information displayed by the command includes the state of the physical and link layer protocols, IP address, and interface descriptions. Examples # Display brief IP configuration for VLAN interfaces. <Sysname> display ip interface vlan-interface brief down: administratively down (s): spoofing (l): loopback Interface...

  • Page 780: Ip Address

    ip address to assign an IP address to the interface. ip address to remove the IP address from the interface. undo ip address Syntax ip address ip-address { mask-length | mask } [ sub ] undo ip address [ ip-address { mask-length | mask } [ sub ] ] Default No IP address is assigned to an interface.

  • Page 781: Ip Address Unnumbered

    ip address unnumbered to configure the current interface as IP unnumbered to borrow an ip address unnumbered IP address from the specified interface. to restore the default. undo ip address unnumbered Syntax ip address unnumbered interface interface-type interface-number undo ip address unnumbered Default The interface does not borrow IP addresses from other interfaces.
  • Page 782 Contents DHCP commands ·························································································· 1 Common DHCP commands ······························································································································· 1 dhcp client-detect ······································································································································· 1 dhcp dscp ··················································································································································· 1 dhcp enable ················································································································································ 2 dhcp log enable ·········································································································································· 2 dhcp select ················································································································································· 3 DHCP server commands ··································································································································· 4 address range ············································································································································ 4 allocate-new-ip enable ·······························································································································...
  • Page 783 reserve expired-ip enable ························································································································· 49 reserve expired-ip mode ·························································································································· 50 reset dhcp server conflict ························································································································· 51 reset dhcp server expired ························································································································· 51 reset dhcp server ip-in-use ······················································································································· 52 reset dhcp server statistics ······················································································································· 53 snmp-agent trap enable dhcp server ······································································································· 53 static-bind ·················································································································································...

  • Page 784: Dhcp Commands

    DHCP commands Common DHCP commands dhcp client-detect to enable client offline detection on the DHCP server or DHCP relay dhcp client-detect agent. to disable client offline detection on the DHCP server or DHCP undo dhcp client-detect relay agent. Syntax dhcp client-detect undo dhcp client-detect Default Client offline detection is disabled on the DHCP server or DHCP relay agent.

  • Page 785: Dhcp Enable

    Views System view Predefined user roles network-admin Parameters : Specifies the DSCP value for DHCP packets, in the range of 0 to 63. dscp-value Usage guidelines The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet.

  • Page 786: Dhcp Select

    undo dhcp log enable Default DHCP server logging is disabled. Views System view Predefined user roles network-admin Usage guidelines This command enables the DHCP server to generate DHCP logs and send them to the information center. For information about the log destination and output rule configuration in the information center, see System Management Configuration Guide.

  • Page 787: Dhcp Server Commands

    When DHCP server proxy is enabled on the DHCP relay agent, the proxy forwards packets between the DHCP clients and DHCP server. • When receiving DHCP requests from DHCP clients, the proxy forwards them to the DHCP server. • When receiving DHCP responses from the DHCP server, the proxy modifies the DHCP server's IP address in these responses as its own IP address.

  • Page 788: Allocate-New-Ip Enable

    If you execute this command multiple times, the most recent configuration takes effect. The address range specified by the command must be within the subnet specified address range by the command. The addresses outside of the subnet cannot be assigned. network Examples # Specify an address range of 192.168.8.1 through 192.168.8.150 in address pool 1.

  • Page 789: Bims-Server

    bims-server to specify the IP address, port number, and shared key of the BIMS server in a bims-server DHCP address pool. to restore the default. undo bims-server Syntax bims-server ip ip-address [ port port-number ] sharekey { cipher | simple } string undo bims-server Default...

  • Page 790: Class Ip-Pool

    Default No configuration file name or URL is specified. Views DHCP address pool view Predefined user roles network-admin Parameters : Specifies the configuration file name, a case-sensitive string of 1 to 63 bootfile-name characters. : Specifies the HTTP URL of the configuration file. It is a case-sensitive string of 1 to 63 characters.

  • Page 791: Class Option-Group

    Predefined user roles network-admin Parameters : Specifies a DHCP user class by its name, a case-insensitive string of 1 to 63 class-name characters. : Specifies a DHCP address pool by its name, a case-insensitive string of 1 to 63 pool-name characters.

  • Page 792: Class Range

    • If the option groups have options in common, the server selects the option group specified for the first matching user class. • If the option groups have different options, the server selects all the matching option groups. You can specify only one option group for a DHCP user class in a DHCP address pool. If you execute this command multiple times for a user class, the most recent configuration takes effect.

  • Page 793: Default Ip-Pool

    Examples # Specify an IP address range of 192.168.8.1 through 192.168.8.150 for DHCP user class user in DHCP address pool 1. <Sysname> system-view [Sysname] dhcp server ip-pool 1 [Sysname-dhcp-pool-1] class user range 192.168.8.1 192.168.8.150 Related commands address range dhcp class display dhcp server pool default ip-pool to specify the default DHCP address pool.

  • Page 794: Dhcp Apply-Policy

    dhcp apply-policy to apply a DHCP policy to an interface. dhcp apply-policy to restore the default. undo dhcp apply-policy Syntax dhcp apply-policy policy-name undo dhcp apply-policy Default No DHCP policy is applied to an interface. Views Interface view Predefined user roles network-admin Parameters : Specifies a DHCP policy by its name, a case-insensitive string of 1 to 63 characters.

  • Page 795: Dhcp Option-Group

    Parameters : Specifies the name of a DHCP user class, a case-insensitive string of 1 to 63 class-name characters. Usage guidelines In the DHCP user class view, you can use the command to configure match rules to if-match group clients to the user class. Examples # Create DHCP user class test and enter DHCP user class view.

  • Page 796: Dhcp Policy

    Related commands class option-group option dhcp policy to create a DHCP policy and enter its view, or enter the view of an existing dhcp policy DHCP policy. to delete a DHCP policy. undo dhcp policy Syntax dhcp policy policy-name undo dhcp policy policy-name Default No DHCP policies exist.

  • Page 797: Dhcp Server Always-Broadcast

    Syntax dhcp server allocated-ip threshold threshold-value undo dhcp server allocated-ip threshold Default No SNMP notification is sent for an IP address allocation success rate threshold violation. Views System view Predefined user roles network-admin Parameters : Specifies the success rate threshold in percentage in the range of 1 to 100. threshold-value Usage guidelines If the IP address allocation success rate is lower than the threshold, the DHCP module sends an...

  • Page 798: Dhcp Server Apply Ip-Pool

    The DHCP server always unicasts a response in the following situations, regardless of whether this command is executed: • The DHCP request is from a DHCP client that has an IP address (the ciaddr field is not 0). • The DHCP request is forwarded by a DHCP relay agent from a DHCP client (the giaddr field is not 0).

  • Page 799: Dhcp Server Bootp Reply-Rfc-1048

    to restore the default. undo dhcp server bootp ignore Syntax dhcp server bootp ignore undo dhcp server bootp ignore Default The DHCP server does not ignore BOOTP requests. Views System view Predefined user roles network-admin Usage guidelines The lease duration of IP addresses obtained by BOOTP clients is unlimited. For scenarios that do not allow unlimited leases, you can configure the DHCP server to ignore BOOTP requests.

  • Page 800: Dhcp Server Check Mac-Address

    dhcp server check mac-address to enable MAC address check on the DHCP server. dhcp server check mac-address to disable MAC address check on the DHCP undo dhcp server check mac-address server. Syntax dhcp server check mac-address undo dhcp server check mac-address Default MAC address check is disabled on the DHCP server.

  • Page 801: Dhcp Server Database Update Interval

    : Specifies the URL of a remote backup file, a case-sensitive string of 1 to 255 characters. url url Usage guidelines The command automatically creates the file if you specify a nonexistent file. With this command executed, the DHCP server backs up its bindings immediately and runs auto backup.

  • Page 802: Dhcp Server Database Update Now

    Parameters : Specifies the waiting time in the range of 60 to 864000 seconds. interval Usage guidelines When a DHCP binding is created, updated, or removed, the waiting period starts. The DHCP server updates the backup file when the waiting period is reached. All bindings changed during the period will be saved to the backup file.

  • Page 803: Dhcp Server Database Update Stop

    dhcp server database update stop to terminate the download of DHCP bindings from dhcp server database update stop the backup file. Syntax dhcp server database update stop Views System view Predefined user roles network-admin Usage guidelines The DHCP server does not provide services during the binding download process. If the connection disconnects during the process, the waiting timeout timer is 60 minutes.

  • Page 804: Dhcp Server Ip-Pool

    Parameters : Specifies the start IP address. start-ip-address : Specifies the end IP address, which cannot be lower than the end-ip-address . If you do not specify this argument, only the start-ip-address start-ip-address excluded from dynamic allocation. : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 805: Dhcp Server Multi-Ip Per-Mac Enable

    Usage guidelines A DHCP address pool is used to store the configuration parameters to be assigned to DHCP clients. Examples # Create a DHCP address pool named pool1. <Sysname> system-view [Sysname] dhcp server ip-pool pool1 [Sysname-dhcp-pool-pool1] Related commands class ip-pool dhcp server apply ip-pool display dhcp server pool dhcp server multi-ip per-mac enable...

  • Page 806: Dhcp Server Ping Timeout

    Default The maximum number of ping packets is 1. Views System view Predefined user roles network-admin Parameters number : Sets the maximum number of ping packets, in the range of 0 to 10. To disable the address conflict detection, set the value to 0. Usage guidelines To avoid IP address conflicts, the DHCP server pings an IP address before assigning it to a DHCP client.

  • Page 807: Dhcp Server Relay Information Enable

    Usage guidelines To avoid IP address conflicts, the DHCP server pings an IP address before assigning it to a DHCP client. If a ping attempt succeeds, the server determines that the IP address is in use and picks a new IP address.

  • Page 808: Display Dhcp Server Conflict

    Syntax dhcp server reply-exclude-option60 undo dhcp server reply-exclude-option60 Default The DHCP server can encapsulate Option 60 in DHCP replies. Views System view Predefined user roles network-admin Usage guidelines If you do not disable the capability, the DHCP server encapsulates Option 60 in a DHCP reply in the following situations: •...

  • Page 809: Display Dhcp Server Database

    • The DHCP client sends a DECLINE packet to the DHCP server to inform the server of an IP address conflict. • The DHCP server discovers that the only assignable address in the address pool is its own IP address. If you do not specify any parameters, this command displays information about all IP address conflicts.

  • Page 810: Display Dhcp Server Expired

    Field Description Username Username for accessing the URL of the remote backup file. Password for accessing the URL of the remote backup file. This field Password displays ****** if a password is configured. Waiting time in seconds after a DHCP binding change for the DHCP Update interval server to update the backup file.
  • Page 811 IP address Client-identifier/Hardware address Lease expiration 4.4.4.6 3030-3066-2e65-3230-302e-3130-3234 Apr 25 17:10:47 2019 -2d45-7468-6572-6e65-7430-2f31 Table 3 Command output Field Description IP address Expired IP address. Client-identifier/Hardware address Client ID or MAC address. Lease expiration Time when the lease expired. # Display detailed lease expiration information about all IP addresses. <Sysname>...

  • Page 812: Display Dhcp Server Free-Ip

    Field Description Remaining time for reserving the expired IP address. If the Remaining reservation time reservation time expires, this field displays 0, and the expired IP address is deleted. Reservation mode of the expired IP address: • Based on client ID—Reserve an expired IP address based on IP address reservation mode the client ID.

  • Page 813: Display Dhcp Server Ip-In-Use

    Network: 20.1.1.0 mask 255.255.255.0 IP ranges from 20.1.1.0 to 20.1.1.255 Table 5 Command output Field Description Pool name Name of the address pool. Network Assignable network. IP ranges Assignable IP address range. Secondary networks Assignable secondary networks. Related commands address range dhcp server ip-pool network display dhcp server ip-in-use...

  • Page 814: Display Dhcp Server Pool

    If you do not specify any parameters, this command displays binding information about all assigned IP addresses. Examples # Display binding information about all assigned DHCP addresses. <Sysname> display dhcp server ip-in-use IP address Client identifier/ Lease expiration Type Hardware address 10.1.1.1 4444-4444-4444 Not used...
  • Page 815 Syntax display dhcp server pool [ pool-name | vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays information about the specified address pool. The pool name is a pool-name case-insensitive string of 1 to 63 characters. If you do not specify the argument, this pool-name command displays information about all address pools.
  • Page 816 Network 20.1.1.0 mask 255.255.255.0 address range 20.1.1.1 to 20.1.1.15 class departmentA range 20.1.1.20 to 20.1.1.29 class departmentB range 20.1.1.30 to 20.1.1.40 next-server 20.1.1.33 tftp-server domain-name www.dian.org.cn tftp-server ip-address 192.168.0.120 voice-config ncp-ip 10.1.1.2 voice-config as-ip 10.1.1.5 voice-config voice-vlan 3 enable voice-config fail-over 10.1.1.1 123* option 2 ip-address 1.1.1.3 expired day 1 hour 0 minute 0 second 0 reserve expired-ip enable...

  • Page 817: Display Dhcp Server Statistics

    Field Description servers. • If the master-backup algorithm is used, this field displays the IP address of the active DHCP server. The DHCP relay agent forwards DHCP requests to the master DHCP server first. bootfile-name Boot file name. dns-list DNS server IP address. domain-name Domain name suffix.
  • Page 818 Parameters : Specifies an address pool by its name, a case-insensitive string of 1 to 63 pool pool-name characters. If you do not specify this option, this command displays information about all address pools. : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 819: Dns-List

    Field Description • DHCPREQUEST. • DHCPDECLINE. • DHCPRELEASE. • DHCPINFORM. • BOOTPREQUEST. This field is not displayed if you display statistics for a specific address pool. DHCP packets sent to clients: • DHCPOFFER. • DHCPACK. • Messages sent DHCPNAK. • BOOTPREPLY.

  • Page 820: Domain-Name

    [Sysname-dhcp-pool-0] dns-list 10.1.1.254 Related commands display dhcp server pool domain-name to specify a domain name in a DHCP address pool. domain-name to restore the default. undo domain-name Syntax domain-name domain-name undo domain-name Default No domain name is specified. Views DHCP address pool view Predefined user roles network-admin Parameters...

  • Page 821: Forbidden-Ip

    Predefined user roles network-admin Parameters : Allows the DHCP server to use the DHCP client-suggested lease duration. The allow-hint DHCP server uses the DHCP client-suggested lease duration if the DHCP client-suggested lease duration is shorter than the lease duration in the DHCP address pool. If you do not specify this keyword, the DHCP server always uses the lease duration in the DHCP address pool.

  • Page 822: Forbidden-Ip-Range

    Default No IP addresses are excluded from dynamic allocation in an address pool. Views DHCP address pool view Predefined user roles network-admin Parameters ip-address&<1-8> : Specifies a space-separated list of up to eight excluded IP addresses. Usage guidelines The excluded IP addresses in an address pool are still assignable in other address pools. You can exclude a maximum of 4096 IP addresses in an address pool by executing this command multiple times.

  • Page 823: Gateway-List

    : Specifies an end IP address. The end IP address cannot be lower than the start end-ip-address IP address. If you do not specify this argument, the excluded IP range includes only the start IP address. Usage guidelines The forbidden IP ranges in an address pool are still assignable in other address pools. To specify multiple forbidden IP ranges, execute the command multiple forbidden-ip-range...

  • Page 824: If-Match

    : Binds the gateways to the device's MAC address in the address management export-route module. The ARP module will use the entries to reply to ARP requests from the DHCP clients. If you do not specify this keyword, the gateways will not be bound to the device's MAC address. Usage guidelines The DHCP server assigns gateway addresses to clients on a secondary subnet in the following ways:...
  • Page 825 : Specifies the mask to be ANDed with the specified hardware mask hardware-address-mask address for the match operation. The length of the mask must be the same as that of the hardware address. : Specifies a DHCP option by its number in the range of 1 to 254. option option-code : Specifies an ASCII string of 1 to 128 characters.
  • Page 826 • To match packets that contain an option, specify only the option-code argument. • To match a hexadecimal number by AND operations, specify the option option-code hex options. hex-string mask mask • To match a hexadecimal number directly, specify the option option-code hex options.

  • Page 827: Ip-In-Use Threshold

    ip-in-use threshold to set the DHCP address pool usage threshold. ip-in-use threshold to restore the default. undo ip-in-use threshold Syntax ip-in-use threshold threshold-value undo ip-in-use threshold Default The DHCP address pool usage threshold is 100%. Views DHCP address pool view Predefined user roles network-admin Parameters...

  • Page 828: Netbios-Type

    Default No WINS server address is specified. Views DHCP address pool view Predefined user roles network-admin Parameters ip-address&<1-8> : Specifies a space-separated list of up to eight WINS server IP addresses. Usage guidelines If you execute this command multiple times, the most recent configuration takes effect. If you do not specify any parameters, the command deletes all WINS server undo nbns-list...

  • Page 829: Network

    : Specifies the mixed node. An m-node client broadcasts the destination name. If it does not m-node receive a response, the m-node client unicasts the destination name to the WINS server to get the mapping. : Specifies the peer-to-peer node. A p-node client sends the destination name in a unicast p-node message to get the mapping from the WINS server.

  • Page 830: Next-Server

    : Specifies the subnet as a secondary subnet. If you do not specify this keyword, this secondary command specifies the primary subnet. If the addresses in the primary subnet are used up, the DHCP server can select addresses from a secondary subnet for clients. Usage guidelines You can use the keyword to specify a secondary subnet and enter its view.
  • Page 831 Parameters : Specifies the IP address of a server. ip-address Usage guidelines Upon startup, the DHCP client obtains an IP address and the specified server IP address. Then it contacts the specified server, such as a TFTP server, to get other boot information. If you execute this command multiple times, the most recent configuration takes effect.

  • Page 832: Reserve Expired-Ip Enable

    • Add newly released options. • Add options for which the vendor defines the contents, for example, Option 43. • Add options for which the CLI does not provide a dedicated configuration command. For example, you can use the command to define the time option 4 ip-address 1.1.1.1 server address 1.1.1.1 for DHCP clients.

  • Page 833: Reserve Expired-Ip Mode

    When the client comes online again, the DHCP server assigns the IP address in the reserved lease to the client. Disable the IP address reservation feature if you want the DHCP server to reclaim IP addresses immediately after clients go offline. Examples # Disable IP address reservation in DHCP address pool 0.

  • Page 834: Reset Dhcp Server Conflict

    • Reservation based on client MAC addresses—The DHCP server records the IP-to-MAC bindings for online clients. When these clients come online again, the server assigns them the IP addresses in the bindings based on their MAC addresses. When you change the IP address reservation mode, the device deletes all expired leases that are saved in the old reservation mode.

  • Page 835: Reset Dhcp Server Ip-In-Use

    Syntax reset dhcp server expired ip-address vpn-instance vpn-instance-name ] | pool pool-name ] Views User view Predefined user roles network-admin Parameters : Clears binding information about the specified expired IP address. If you do not ip ip-address specify an IP address, this command clears binding information about all expired IP addresses. : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 836: Reset Dhcp Server Statistics

    Usage guidelines If you use this command to clear information about an assigned static binding, the static binding becomes a free static binding. Examples # Clear binding information about IP address 10.110.1.1. <Sysname> reset dhcp server ip-in-use ip 10.110.1.1 Related commands display dhcp server ip-in-use reset dhcp server statistics to clear DHCP server statistics.

  • Page 837: Static-Bind

    Predefined user roles network-admin Parameters : Specifies notifications about the exhaustion or recovery of a DHCP address address-exhaust pool. : Specifies notifications about IP address allocation success rate threshold violation. allocated-ip The threshold is set by the dhcp server allocated-ip threshold command.

  • Page 838: Tftp-Server Domain-Name

    Default No static binding is specified in a DHCP address pool. Views DHCP address pool view Predefined user roles network-admin Parameters : Specifies the IP address of the static binding. The natural mask is ip-address ip-address used if no mask length or mask is specified. : Specifies the mask length in the range of 1 to 30.

  • Page 839: Tftp-Server Ip-Address

    Syntax tftp-server domain-name domain-name undo tftp-server domain-name Default No TFTP server name is specified. Views DHCP address pool view Predefined user roles network-admin Parameters : Specifies the TFTP server name, a case-sensitive string of 1 to 63 characters. domain-name Usage guidelines If you execute this command multiple times, the most recent configuration takes effect.

  • Page 840: Valid Class

    Examples # Specify TFTP server address 10.1.1.1 in DHCP address pool 0. <Sysname> system-view [Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] tftp-server ip-address 10.1.1.1 Related commands display dhcp server pool tftp-server domain-name valid class to add DHCP user classes to the whitelist. valid class to remove DHCP user classes from the whitelist.

  • Page 841: Voice-Config

    Syntax verify class undo verify class Default The DHCP user class whitelist is disabled. Views DHCP address pool view Predefined user roles network-admin Usage guidelines After you enable the DHCP user class whitelist, the DHCP server processes requests only from clients on the DHCP user class whitelist.

  • Page 842: Vpn-Instance

    : Specifies the voice VLAN ID in the range of 2 to 4094. voice-vlan vlan-id • : Disables the specified VLAN. DHCP clients will not take this VLAN as their voice disable VLAN. • : Enables the specified VLAN. DHCP clients will take this VLAN as their voice VLAN. enable Usage guidelines If you execute this command multiple times, the most recent configuration takes effect.

  • Page 843: Dhcp Relay Agent Commands

    The VPN information from authentication modules takes priority over the VPN information of the receiving interface. Examples # Apply DHCP address pool 0 to VPN instance abc. <Sysname> system-view [Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] vpn-instance abc DHCP relay agent commands dhcp relay always-unicast to enable the DHCP relay agent to always unicast relayed dhcp relay always-unicast...

  • Page 844: Dhcp Relay Check Mac-Address Aging-Time

    Default The MAC address check feature is disabled. Views Interface view Predefined user roles network-admin Usage guidelines This feature enables the DHCP relay agent to compare the field of a received DHCP chaddr request with the source MAC address in the frame header. If they are the same, the DHCP relay agent forwards the request to the DHCP server.

  • Page 845: Dhcp Relay Client-Information Record

    Usage guidelines This command takes effect only after you execute the dhcp relay check mac-address command. Examples # Set the aging time to 60 seconds for MAC address check entries on the DHCP relay agent. <Sysname> system-view [Sysname] dhcp relay check mac-address aging-time 60 dhcp relay client-information record to enable recording client information in relay dhcp relay client-information record...

  • Page 846: Dhcp Relay Client-Information Refresh Enable

    undo dhcp relay client-information refresh Default The refresh interval is automatically calculated based on the number of relay entries. Views System view Predefined user roles network-admin Parameters : Automatically calculates the refresh interval. The more the entries, the shorter the refresh auto interval.

  • Page 847: Dhcp Relay Dhcp-Server Timeout

    With this feature, the DHCP relay agent uses a client's IP address and the relay interface's MAC address to periodically send a DHCP-REQUEST message to the DHCP server. • If the server returns a DHCP-ACK message or does not return any message within an interval, the DHCP relay agent performs the following operations: Removes the relay entry.

  • Page 848: Dhcp Relay Gateway

    [Sysname-Vlan-interface2] dhcp relay dhcp-server timeout 60 Related commands dhcp relay server-address algorithm dhcp relay gateway to specify the DHCP relay agent address to be padded to DHCP dhcp relay gateway requests. to restore the default. undo dhcp relay gateway Syntax dhcp relay gateway ip-address undo dhcp relay gateway Default...
  • Page 849 undo dhcp relay information circuit-id Default The padding mode is and the padding format is normal Views Interface view Predefined user roles network-admin Parameters : Specifies the bas mode that fills in the Circuit ID sub-option with the interface and VLAN information.

  • Page 850: Dhcp Relay Information Enable

    The padding format for the string mode, the normal mode, or the verbose mode varies by command configuration. Table 9 shows how the padding format is determined for different modes. Table 9 Padding format for different modes If no padding format If the padding If the padding format is Keyword (mode)

  • Page 851: Dhcp Relay Information Remote-Id

    Usage guidelines This command enables the DHCP relay agent to add Option 82 to DHCP requests that do not contain Option 82 before forwarding the requests to the DHCP server. The content of Option 82 is determined by the dhcp relay information circuit-id dhcp relay information commands.

  • Page 852: Dhcp Relay Information Link-Selection

    : Specifies the string mode that uses a case-sensitive string of 1 to 63 string remote-id characters as the content of the Remote ID sub-option. : Specifies the sysname mode that uses the device name as the content of the Remote ID sysname sub-option.

  • Page 853: Dhcp Relay Information Strategy

    • To have the DHCP relay agent forward requests with Option 82 and sub-option 5, perform the following tasks first: Enable the DHCP relay agent to support Option 82 by using the dhcp relay  command. information enable Specify a source IP address for relayed DHCP requests by using the dhcp relay ...

  • Page 854: Dhcp Relay Insert Option60

    : Replaces the original Option 82 with the configured Option 82 before forwarding the replace DHCP messages. Usage guidelines This command takes effect only on DHCP requests that contain Option 82. For DHCP requests that do not contain Option 82, the DHCP relay agent always adds Option 82 to the requests before forwarding the requests to the DHCP server.

  • Page 855: Dhcp Relay Mac-Forward Enable

    After you enable Option 60 insertion on the DHCP relay agent, the relay agent first examines whether the received DHCP request contains Option 60. • If the request does not contain Option 60, the relay agent inserts the specified option string into the request before forwarding the request to the DHCP server.

  • Page 856: Dhcp Relay Master-Server Switch-Delay

    dhcp relay master-server switch-delay to enable the switchback to the master dhcp relay master-server switch-delay DHCP server and set the switchback delay time. to restore the default. undo dhcp relay master-server switch-delay Syntax dhcp relay master-server switch-delay delay-time undo dhcp relay master-server switch-delay Default The DHCP relay agent does not switch back to the master DHCP server.

  • Page 857: Dhcp Relay Server-Address

    to 31 characters. If you do not specify a VPN instance, this command releases the IP address on the public network. Usage guidelines After you execute this command, the relay agent sends a DHCP-RELEASE packet to the DHCP server and removes the relay entry of the IP address. Upon receiving the packet, the server removes binding information about the specified IP address to release the IP address.

  • Page 858: Dhcp Relay Server-Address Algorithm

    dhcp relay server-address algorithm to specify the DHCP server selecting dhcp relay server-address algorithm algorithm. to restore the default. undo dhcp relay server-address algorithm Syntax dhcp relay server-address algorithm { master-backup | polling } undo dhcp relay server-address algorithm Default The polling algorithm is used.
  • Page 859 undo dhcp relay source-address { ip-address [ default-giaddr ] [ option code [ option-text ] ] | gateway | interface | relay-interface } Default The relay agent chooses the default source IP address for relayed requests depending on whether its server-side interface and the DHCP server belong to the same VPN instance: •...
  • Page 860 If the DHCP relay agent does not support Option 82, specify the keyword when default-giaddr you configure the argument. This ip-address interface-type interface-number command will change only the source IP address field without changing the giaddr field in DHCP requests. The source IP addresses specified by the following commands overwrite each other and only the source IP address configured at last can take effect: •...

  • Page 861: Dhcp-Server Timeout

    dhcp-server timeout to set the DHCP server response timeout time for DHCP server dhcp-server timeout switchover. to restore the default. undo dhcp-server timeout Syntax dhcp-server timeout time undo dhcp-server timeout Default The DHCP server response timeout time is 30 seconds. Views DHCP address pool view Predefined user roles...

  • Page 862: Display Dhcp Relay Check Mac-Address

    Usage guidelines The smart relay feature allows the relay agent to use secondary IP addresses as the gateway address when the DHCP server does not reply the DHCP-OFFER message. The relay agent initially encapsulates its primary IP address to the giaddr field before forwarding a request to the DHCP server.
  • Page 863 Syntax display dhcp relay client-information [ interface interface-type interface-number | ip ip-address [ vpn-instance vpn-instance-name ] ] Views Any view Predefined user roles network-admin network-operator Parameters interface interface-type interface-number : Displays relay entries on the specified interface. If you do not specify an interface, this command displays relay entries on all interfaces. : Displays the relay entry for the specified IP address.

  • Page 864: Display Dhcp Relay Information

    Table 11 Command output Field Description Total number of client-information items Total number of relay entries. Total number of dynamic items Total number of dynamic relay entries. Total number of temporary items Total number of temporary relay entries. IP address IP address of the DHCP client.
  • Page 865 Predefined user roles network-admin network-operator Parameters : Displays Option 82 configuration interface interface-type interface-number information for the specified interface. If you do not specify an interface, this command displays Option 82 configuration information about all interfaces. Examples # Display Option 82 configuration information for all interfaces. <Sysname>...

  • Page 866: Display Dhcp Relay Server-Address

    Field Description Circuit ID User-defined content of the Circuit ID sub-option. Remote ID User-defined content of the Remote ID sub-option. display dhcp relay server-address to display DHCP server addresses configured on display dhcp relay server-address an interface. Syntax display dhcp relay server-address interface...

  • Page 867: Display Dhcp Relay Statistics

    Related commands dhcp relay server-address display dhcp relay statistics to display DHCP packet statistics on the DHCP relay display dhcp relay statistics agent. Syntax display dhcp relay statistics interface interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays DHCP packet statistics on the interface interface-type interface-number...

  • Page 868: Gateway-List

    BOOTPREPLY: DHCP packets sent to servers: DHCPDISCOVER: DHCPREQUEST: DHCPINFORM: DHCPRELEASE: DHCPDECLINE: BOOTPREQUEST: DHCP packets sent to clients: DHCPOFFER: DHCPACK: DHCPNAK: BOOTPREPLY: Related commands reset dhcp relay statistics gateway-list to specify gateway addresses for DHCP clients in a DHCP address pool. gateway-list to remove gateway addresses from a DHCP address pool.

  • Page 869: Master-Server Switch-Delay

    Examples # Specify gateway address 10.1.1.1 in DHCP address pool 0. <Sysname> system-view [Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] gateway-list 10.1.1.1 Related commands dhcp smart-relay enable master-server switch-delay master-server switch-delay to enable the switchback to the master DHCP server and set the switchback delay time.

  • Page 870: Remote-Server Algorithm

    Default No DHCP server is specified for the DHCP address pool. Views DHCP address pool view Predefined user roles network-admin Parameters ip-address&<1-8> : Specifies a space-separated list of up to eight DHCP server addresses. Usage guidelines If you execute this command multiple times, the most recent configuration takes effect. If you do not specify a DHCP server address, the command removes all undo remote-server...

  • Page 871: Reset Dhcp Relay Client-Information

    <Sysname> system-view [Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] remote-server algorithm master-backup Related commands dhcp relay server-address algorithm dhcp-server timeout master-server switch-delay remote-server reset dhcp relay client-information to clear relay entries on the DHCP relay agent. reset dhcp relay client-information Syntax reset dhcp relay...

  • Page 872: Dhcp Client Commands

    Predefined user roles network-admin Parameters : Specifies an interface by its type and interface interface-type interface-number number. If you do not specify an interface, this command clears all DHCP relay agent statistics. Examples # Clear all DHCP relay agent statistics. <Sysname>...

  • Page 873: Dhcp Client Identifier

    undo dhcp client dscp Default The DSCP value is 56 in DHCP packets sent by the DHCP client. Views System view Predefined user roles network-admin Parameters : Sets the DSCP value for DHCP packets, in the range of 0 to 63. dscp-value Usage guidelines The DSCP value of a packet specifies the priority level of the packet and affects the transmission...

  • Page 874: Display Dhcp Client

    Usage guidelines A DHCP client ID is added to the DHCP option 61. A DHCP server can specify IP addresses for clients based on the DHCP client ID. You can specify a DHCP client ID by performing one of the following operations: •...
  • Page 875 Allocated IP: 40.1.1.20 255.255.255.0 Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds Lease from May 21 19:00:29 2012 May 31 19:00:29 2012 DHCP server: 40.1.1.2 Transaction ID: 0x1c09322d Default router: 40.1.1.2 Classless static routes: Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16 Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16 DNS servers: 44.1.1.11 44.1.1.12 Domain name: ddd.com...

  • Page 876: Ip Address Dhcp-Alloc

    Field Description Default router Gateway address assigned to the client. Classless static routes Classless static routes assigned to the client. Static routes Classful static routes assigned to the client. DNS servers DNS server address assigned to the client. Domain name Domain name suffix assigned to the client.

  • Page 877: Bootp Client Commands

    Usage guidelines When you execute the command, the interface sends a undo ip address dhcp-alloc DHCP-RELEASE message to release the IP address obtained through DHCP. If the interface is down, the message cannot be sent out. This situation can occur when a subinterface obtained an IP address through DHCP, and the command is executed on its primary interface.

  • Page 878: Ip Address Bootp-Alloc

    Field Description BOOTP client drops the BOOTP response. Mac Address MAC address of a BOOTP client. Related commands ip address bootp-alloc ip address bootp-alloc to configure an interface to use BOOTP for IP address ip address bootp-alloc acquisition. to cancel an interface from using BOOTP. undo ip address bootp-alloc Syntax ip address bootp-alloc...
  • Page 879 Contents DNS commands ···························································································· 1 display dns domain ···································································································································· 1 display dns host ········································································································································· 2 display dns server ······································································································································ 3 display ipv6 dns server ······························································································································· 4 dns domain ················································································································································· 5 dns dscp ····················································································································································· 6 dns host aging-time ···································································································································· 6 dns proxy enable ········································································································································ 7 dns server ··················································································································································...

  • Page 880: Dns Commands

    DNS commands display dns domain to display the domain name suffixes. display dns domain Syntax display dns domain [ dynamic ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters : Displays the domain name suffixes dynamically obtained through DHCP or other dynamic protocols.

  • Page 881: Display Dns Host

    display dns host to display information about domain name-to-IP address mappings. display dns host Syntax display dns host [ ip | ipv6 ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies type A queries. A type A query resolves a domain name to the mapped IPv4 address. : Specifies type AAAA queries.

  • Page 882: Display Dns Server

    Field Description Domain name-to-IP address mapping type: • S—A static mapping configured by the ip host ipv6 host Type command. • D—A mapping dynamically obtained through dynamic domain name resolution. Time in seconds that a mapping can be stored in the cache. (a) means that dns host aging-time the aging time is set by the command.

  • Page 883: Display Ipv6 Dns Server

    202.114.0.124 169.254.65.125 Table 3 Command output Field Description Sequence number. DNS server type: • S—A manually configured DNS server. Type • D—DNS server information dynamically obtained through DHCP or other protocols. IP address IPv4 address of the DNS server. Related commands dns server display ipv6 dns server to display IPv6 DNS server information.

  • Page 884: Dns Domain

    Field Description DNS server type: • S—A manually configured DNS server. Type • D—DNS server information dynamically obtained through DHCP or other protocols. IPv6 address IPv6 address of the DNS server. Outgoing Interface Output interface. Related commands ipv6 dns server dns domain to configure a domain name suffix.

  • Page 885: Dns Dscp

    Related commands display dns domain dns dscp to set the DSCP value for DNS packets sent by a DNS client or DNS proxy. dns dscp to restore the default. undo dns dscp Syntax dns dscp dscp-value undo dns dscp Default The DSCP value is 0 in DNS packets sent by a DNS client or DNS proxy.

  • Page 886: Dns Proxy Enable

    Parameters : Specifies a domain name. It is a dot-separated, case-insensitive string that can host host-name include letters, digits, hyphens (-), underscores (_), and dots (.), for example, www.aabbcc.com. The domain name can include a maximum of 253 characters, and each separated string includes no more than 63 characters.

  • Page 887: Dns Server

    Examples # Enable DNS proxy. <Sysname> system-view [Sysname] dns proxy enable dns server to specify the IPv4 address of a DNS server. dns server to remove the IPv4 address of a DNS server. undo dns server Syntax dns server ip-address [ vpn-instance vpn-instance-name ] undo dns server [ ip-address ] [ vpn-instance vpn-instance-name ] Default No DNS server IPv4 address is specified.

  • Page 888: Dns Source-Interface

    dns source-interface to specify the source interface for DNS packets. dns source-interface to restore the default. undo dns source-interface Syntax dns source-interface interface-type interface-number [ vpn-instance vpn-instance-name ] undo dns source-interface interface-type interface-number [ vpn-instance vpn-instance-name ] Default No source interface is specified for DNS packets. The device uses the primary IP address of the output interface of the matching route as the source IP address for a DNS request.

  • Page 889: Dns Trust-Interface

    undo dns spoofing ip-address [ vpn-instance vpn-instance-name ] Default DNS spoofing is disabled. Views System view Predefined user roles network-admin Parameters : Specifies the IPv4 address used to spoof DNS requests. ip-address : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 890: Ip Host

    Parameters : Specifies an interface by its type and number. interface-type interface-number Usage guidelines By default, an interface obtains DNS suffix and DNS server information from DHCP. A network attacker might act as the DHCP server to assign a wrong DNS suffix and DNS server address to the device.

  • Page 891: Ipv6 Dns Dscp

    Do not use the command parameter ping , or as the host name. For more information about the command -tos -vpn-instance ping parameters, see Network Management and Monitoring Command Reference. Examples # Map IPv4 address 10.110.0.1 to host name aaa for the public network. <Sysname>...

  • Page 892: Ipv6 Dns Spoofing

    undo ipv6 dns server [ ipv6-address [ interface-type interface-number ] ] [ vpn-instance vpn-instance-name ] Default No DNS server IPv6 address is specified. Views System view Predefined user roles network-admin Parameters : Specifies the IPv6 address of a DNS server. ipv6-address : Specifies the output interface by its type and number.

  • Page 893: Ipv6 Host

    Predefined user roles network-admin Parameters : Specifies the IPv6 address used to spoof DNS requests. ipv6-address : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters. To enable DNS spoofing for the public network, do not specify this option.

  • Page 894: Reset Dns Host

    : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters. To create a host name-to-IPv6 address mapping for the public network, do not specify this option. Usage guidelines The system allows a maximum of 1024 host name-to-IPv6 address mappings for the public network or each VPN instance.

  • Page 895: Ddns Commands

    DDNS commands ddns apply policy to apply a DDNS policy to an interface and enable DDNS update. DDNS ddns apply policy updates the mapping between the FQDN and the primary IP address of the interface. to remove the application of a DDNS policy from an interface and undo ddns apply policy to stop DDNS update.

  • Page 896: Ddns Dscp

    ddns dscp to set the DSCP value for outgoing DDNS packets. ddns dscp to restore the default. undo ddns dscp Syntax ddns dscp dscp-value undo ddns dscp Default The DSCP value for outgoing DDNS packets is 0. Views System view Predefined user roles network-admin Parameters...

  • Page 897: Display Ddns Policy

    Usage guidelines You can create a maximum of 16 DDNS policies on the device. Examples # Create a DDNS policy named steven_policy and enter its view. <Sysname> system-view [Sysname] ddns policy steven_policy Related commands ddns apply policy display ddns policy display ddns policy display ddns policy to display information about DDNS policies.

  • Page 898: Interval

    DDNS policy: tom-policy : http://members.3322.org/dyndns/update?system= dyndns&hostname=<h>&myip=<a> Username Password Method : GET SSL client policy: Interval : 0 days 0 hours 15 minutes DDNS policy: u-policy : oray://phddns60.oray.net Username : username Password Method SSL client policy: Interval : 0 days 0 hours 15 minutes Table 5 Command output Field Description...

  • Page 899: Method

    Default The DDNS update request interval is one hour. Views DDNS policy view Predefined user roles network-admin Parameters days : Days in the range of 0 to 365. : Hours in the range of 0 to 23. hours : Minutes in the range of 0 to 59. minutes Usage guidelines Whether the interval is reached or not, a DDNS update request is initiated immediately if either of the...

  • Page 900: Password

    Views DDNS policy view Predefined user roles network-admin Parameters : Uses the get operation. http-get : Uses the post operation. http-post Usage guidelines This command applies to DDNS updates in HTTP/HTTPS. If the DDNS server uses HTTP or HTTPS service, choose a parameter transmission method compatible with the DDNS server. For example, a DHS server supports the method.

  • Page 901: Ssl-Client-Policy

    : Specifies the password. Its plaintext form is a case-sensitive string of 1 to 32 characters. Its string encrypted form is a case-sensitive string of 1 to 73 characters. Examples # In DDNS policy steven_policy, specify nevets as the password for logging in to the DDNS server. <Sysname>...

  • Page 902: Url

    (Security Command Reference) ssl-client-policy to specify the URL address for DDNS update requests. to restore the default. undo url Syntax url request-url undo url Default No URL address is specified for DDNS update requests. Views DDNS policy view Predefined user roles network-admin Parameters : Specifies the URL address, a case-sensitive string of 1 to 240 characters.
  • Page 903 DDNS server URL addresses for DDNS update requests • oray://phddns60.oray.net PeanutHull • oray://phservice2.oray.net The URL address cannot contain the username or password. To configure the username and password, use the command and the command. username password HP and GNUDIP are common DDNS update protocols. The parameter is the server-name domain name or IP address of the service provider's server using one of the update protocols.

  • Page 904: Username

    display ddns policy password username username to specify the username for logging in to the DDNS server. username to restore the default. undo username Syntax username username undo username Default No username is specified for logging in to the DDNS server. Views DDNS policy view Predefined user roles...
  • Page 905 Contents Basic IP forwarding commands ····································································· 1 display fib ··················································································································································· 1...
  • Page 906 Basic IP forwarding commands display fib to display FIB entries. display fib Syntax display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.
  • Page 907 <Sysname> display fib vpn-instance vpn1 Destination count: 6 FIB entry count: 6 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Relay F:FRR Destination/Mask Nexthop Flag OutInterface/Token Label 0.0.0.0/32 127.0.0.1 InLoop0 Null 20.20.20.0/24 20.20.20.25 M-GE0/0/0 Null 20.20.20.0/32 20.20.20.25 M-GE0/0/0 Null 20.20.20.25/32 127.0.0.1 InLoop0 Null 20.20.20.25/32...
  • Page 908 Contents Fast forwarding commands ············································································ 1 display ip fast-forwarding aging-time ·········································································································· 1 display ip fast-forwarding cache ················································································································· 1 display ip fast-forwarding fragcache ··········································································································· 2 ip fast-forwarding aging-time ······················································································································ 3 ip fast-forwarding load-sharing ··················································································································· 4 reset ip fast-forwarding cache ···················································································································· 4...

  • Page 909: Fast Forwarding Commands

    Fast forwarding commands display ip fast-forwarding aging-time to display the aging time of fast forwarding display ip fast-forwarding aging-time entries. Syntax display ip fast-forwarding aging-time Views Any view Predefined user roles network-admin network-operator Examples # Display the aging time of fast forwarding entries. <Sysname>...

  • Page 910: Display Ip Fast-Forwarding Fragcache

    Table 1 Command output Field Description Source IP address. SPort Source port number. Destination IP address. DPort Destination port number. Protocol number. Input interface type and number. Input_If If no interface is involved in fast forwarding, this field displays N/A. If the input interface does not exist, this field displays a hyphen (-).

  • Page 911: Ip Fast-Forwarding Aging-Time

    Table 2 Command output Field Description Source IP address. SPort Source port number. Destination IP address. DPort Destination port number. Protocol number. Input interface type and number. If no interface is involved in fast forwarding, this field displays N/A. Input_If If the input interface does not exist, this field displays a hyphen (-).

  • Page 912: Ip Fast-Forwarding Load-Sharing

    ip fast-forwarding load-sharing to enable fast forwarding load sharing. ip fast-forwarding load-sharing to disable fast forwarding load sharing. undo ip fast-forwarding load-sharing Syntax ip fast-forwarding load-sharing undo ip fast-forwarding load-sharing Default Fast forwarding load sharing is enabled. Views System view Predefined user roles network-admin Usage guidelines...
  • Page 913 Contents Adjacency table commands ··········································································· 1 display adjacent-table ································································································································ 1 display ipv6 adjacent-table ························································································································· 2...
  • Page 914 Adjacency table commands display adjacent-table to display IPv4 adjacency entries. display adjacent-table Syntax display adjacent-table all | physical-interface interface-type interface-number | routing-interface interface-type interface-number | slot slot-number } [ count | verbose ] View Any view Predefined user roles network-admin network-operator Parameters : Displays all IPv4 adjacency entries.
  • Page 915 <Sysname> display adjacent-table slot 1 IP address Routing interface Physical interface Type 0.0.0.0 Tun1 Tun1 Tunnel # Display the number of IPv4 adjacency entries for the specified slot. <Sysname> display adjacent-table slot 1 count Total entries on slot 1: 1 Table 1 Command output Field Description...
  • Page 916 network-operator Parameters : Displays all IPv6 adjacency entries. : Displays IPv6 adjacency physical-interface interface-type interface-number entries about the specified physical interface. : Displays IPv6 adjacency routing-interface interface-type interface-number entries about the specified routing interface. : Specifies the slot number of the device, which is fixed at 1. slot slot-number : Displays the number of IPv6 adjacency entries.
  • Page 917 Field Description Physical interface Physical interface of which the outgoing packets are sent out. Logical interface for sending the packets. If the entry has no logical Logical interface interface, this field displays N/A. Service type Link layer protocol type. Type Link layer protocol type.
  • Page 918 Contents IRDP commands ··························································································· 1 ip irdp ························································································································································· 1 ip irdp address ············································································································································ 1 ip irdp interval ············································································································································· 2 ip irdp lifetime ············································································································································· 3 ip irdp multicast ·········································································································································· 3 ip irdp preference ······································································································································· 4...

  • Page 919: Irdp Commands

    IRDP commands ip irdp to enable IRDP on an interface. ip irdp to disable IRDP on an interface. undo ip irdp Syntax ip irdp undo ip irdp Default IRDP is disabled on an interface. Views Interface view Predefined user roles network-admin Usage guidelines This command validates the IRDP settings on an interface.

  • Page 920: Ip Irdp Interval

    : Specifies the preference for the IP address, in the range of –2147483648 to preference-value 2147483647. A larger preference value represents a higher preference. Usage guidelines You can specify a maximum of four IP addresses for an interface to proxy-advertise. An RA sent on the interface includes the interface IP addresses and the proxy-advertised IP addresses.

  • Page 921: Ip Irdp Lifetime

    [Sysname-Vlan-interface100] ip irdp interval 500 300 Related commands ip irdp ip irdp lifetime ip irdp lifetime to set the lifetime of IP addresses advertised on an interface. ip irdp lifetime to restore the default. undo ip irdp lifetime Syntax ip irdp lifetime lifetime-value undo ip irdp lifetime Default The lifetime is 1800 seconds.

  • Page 922: Ip Irdp Preference

    undo ip irdp multicast Default RAs use the broadcast address 255.255.255.255 as the destination IP address. Views Interface view Predefined user roles network-admin Examples # Specify the multicast address 224.0.0.1 as the destination IP address for RAs sent on VLAN-interface 100. <Sysname>...
  • Page 923 Related commands ip irdp...
  • Page 924 Contents IP performance optimization commands ························································ 1 display icmp statistics ································································································································· 1 display ip statistics ····································································································································· 2 display rawip ·············································································································································· 4 display rawip verbose ································································································································· 4 display tcp ·················································································································································· 8 display tcp verbose ···································································································································· 9 display udp ··············································································································································· 14 display udp socket-loadbalance ··············································································································· 14 display udp socket-loadbalance verbose ·································································································...
  • Page 925 IP performance optimization commands display icmp statistics to display ICMP statistics. display icmp statistics Syntax display icmp statistics [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines ICMP statistics include information about received and sent ICMP packets.

  • Page 926: Display Ip Statistics

    Number of received or sent destination unreachable destination unreachable messages. source quench Number of received or sent source quench messages. redirects Number of received or sent redirect messages. echo replies Number of received or sent echo reply messages. parameter problem Number of received or sent parameter problem messages.
  • Page 927 <Sysname> display ip statistics Input: 7120 local bad protocol bad format bad checksum bad options dropped Output: forwarding local dropped no route compress fails 0 Reassembling: fragments reassembled dropped timeouts Fragment: fragmented couldn't fragment 0 output frags Forwarded Frags: sum Table 2 Command output Field Description...

  • Page 928: Display Rawip

    display rawip to display brief information about RawIP connections. display rawip Syntax display rawip [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines Brief RawIP connection information includes local and peer addresses, protocol, and PCB.
  • Page 929 network-operator Parameters : Displays detailed RawIP connection information for the specified PCB. The pcb pcb-index argument specifies the index of the PCB. The value range is 1 to 16.. pcb-index : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines The detailed information includes socket creator, state, option, type, protocol number, and the...
  • Page 930 Field Description Socket state: • NOFDREF—The user has closed the connection. • ISCONNECTED—The connection has been established. • ISCONNECTING—The connection is being established. • ISDISCONNECTING—The connection is being interrupted. State • ISDISCONNECTED—The connection has been terminated. • ISPCBSYNCING—Internet protocol control blocks are being synchronized.
  • Page 931 Field Description Displays send buffer information in the following order: • cc—Used space. • hiwat—Maximum space. • lowat—Minimum space. Sending buffer • (cc/hiwat/lowat/state) state—Buffer state: CANTSENDMORE—Unable to send data to the peer.  CANTRCVMORE—Unable to receive data from the peer.. ...

  • Page 932: Display Tcp

    Field Description TTL value in the Internet PCB. Sending VRF VRF from which packets are sent. Receiving VRF VRF from which packets are received. display tcp to display brief information about TCP connections. display tcp Syntax display tcp [ slot slot-number ] Views Any view Predefined user roles...

  • Page 933: Display Tcp Verbose

    Field Description TCP connection state: • CLOSED—The server receives a disconnection request's reply from the client. • LISTEN—The server is waiting for connection requests. • SYN_SENT—The client is waiting for the server to reply to the connection request. • SYN_RCVD—The server receives a connection request. •...
  • Page 934 Connection info: src = 192.168.20.200:179 , dst = 192.168.20.14:4181 Location: slot 6 NSR standby: N/A Creator: bgpd[199] State: ISCONNECTED Options: N/A Error: 0 Receiving buffer(cc/hiwat/lowat/drop/state): 0 / 65700 / 1 / 0 / N/A Sending buffer(cc/hiwat/lowat/state): 0 / 65700 / 512 / N/A Type: 1 Protocol: 6 NAT kernel port: 0...
  • Page 935 Field Description Socket options: • SO_DEBUG—Records socket debugging information. • SO_ACCEPTCONN—Enables the server to listen connection requests. • SO_REUSEADDR—Allows the local address reuse. • SO_KEEPALIVE—Requires the protocol to test whether the connection is still alive. • SO_DONTROUTE—Bypasses the routing table query for outgoing packets because the destination is in a directly connected network.
  • Page 936 Field Description TCP port for NAT in the kernel mode. If NAT is not enabled, the value NAT kernel port of this field is 0. Flags in the Internet PCB: • INP_RECVOPTS—Receives IP options. • INP_RECVRETOPTS—Receives replied IP options. • INP_RECVDSTADDR—Receives destination IP address.
  • Page 937 Field Description TCP connection state: • CLOSED—The server receives a disconnection request's reply from the client. • LISTEN—The server is waiting for connection requests. • SYN_SENT—The client is waiting for the server to reply to the connection request. • SYN_RCVD—The server receives a connection request. •...

  • Page 938: Display Udp

    display udp to display brief information about UDP connections. display udp Syntax display udp [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines Brief UDP connection information includes local IP address and port number, and peer IP address...

  • Page 939: Display Udp Socket-Loadbalance Verbose

    network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Usage guidelines Service modules might create multiple UDP sockets on a service port and balance loads among the sockets to improve packet processing performance. In this case, the system distributes packets received on the same port with the same local IP address to multiple UDP sockets.
  • Page 940 Usage guidelines Service modules might create multiple UDP sockets on a service port and balance loads among the sockets to improve packet processing performance. In this case, the system distributes packets received on the same port with the same local IP address to multiple UDP sockets. Examples # Display detailed information about UDP socket load balancing for all ports.
  • Page 941 Field Description Location Socket location. LBCount Number of UDP sockets. LBConnectionlist UDP socket list. Entry sequence number. Used receiving buffer space in bytes. Drops Number of dropped packets because the receiving buffer is full. Failures Number of the packets that failed to be issued to the kernel. RvdPkts Number of received packets.

  • Page 942: Display Udp Verbose

    Table 10 Command output Field Description Information about received packets. • Total—Total number of UDP packets. • checksum error—Number of packets with checksum error. • no checksum—Number of packets with no checksum. • shorter than header—Number of packets whose packet length is shorter than the header length.
  • Page 943 Location: slot 6 Creator: sock_test_mips[250] State: N/A Options: N/A Error: 0 Receiving buffer(cc/hiwat/lowat/drop/full/state): 0 / 41600 / 1 / 0 / 0 / N/A Sending buffer(cc/hiwat/lowat/state): 0 / 9216 / 512 / N/A Type: 2 Protocol: 17 Inpcb flags: N/A Inpcb extflag: N/A Inpcb vflag: INP_IPV4 TTL: 255(minimum TTL: 0)
  • Page 944 Field Description Socket options: • SO_DEBUG—Records socket debugging information. • SO_ACCEPTCONN—Enables the server to listen connection requests. • SO_REUSEADDR—Allows the local address reuse. • SO_KEEPALIVE—Requires the protocol to test whether the connection is still alive. • SO_DONTROUTE—Bypasses the routing table query for outgoing packets because the destination is in a directly connected network.

  • Page 945: Ip Forward-Broadcast

    Field Description Flags in the Internet PCB: • INP_RECVOPTS—Receives IP options. • INP_RECVRETOPTS—Receives replied IP options. • INP_RECVDSTADDR—Receives destination IP address. • INP_HDRINCL—Provides the entire IP header. • INP_REUSEADDR—Reuses the IP address. • INP_REUSEPORT—Reuses the port number. • INP_ANONPORT—Port number not specified. •...

  • Page 946: Ip Icmp Error-Interval

    Views Interface view Predefined user roles network-admin Usage guidelines A directed broadcast packet is destined for all hosts on a specific network. In the destination IP address of the directed broadcast, the network ID identifies the target network, and the host ID is made up of all ones.

  • Page 947: Ip Icmp Fragment Discarding

    A token is placed in the bucket at intervals until the maximum number of tokens that the bucket can hold is reached. A token is removed from the bucket when an ICMP error message is sent. When the bucket is empty, ICMP error messages are not sent until a new token is placed in the bucket.

  • Page 948: Ip Redirects Enable

    • For an ICMP echo request, the source IP address is the IP address of the sending interface. • For an ICMP echo reply, the source IP address is the destination IP address of the ICMP echo request specific to this reply. Views System view Predefined user roles...

  • Page 949: Ip Ttl-Expires Enable

    • The packet source IP address and the IP address of the packet receiving interface are on the same segment. • There is no source route option in the received packet. Examples # Enable sending ICMP redirect messages. <Sysname> system-view [Sysname] ip redirects enable ip ttl-expires enable to enable sending ICMP time exceeded messages.

  • Page 950: Ip Virtual-Reassembly Enable

    Syntax ip unreachables enable undo ip unreachables enable Default Sending ICMP destination unreachable messages is disabled. Views System view Predefined user roles network-admin Usage guidelines A device sends ICMP destination unreachable messages by following these rules: • The device sends the source an ICMP network unreachable message when the following conditions are met: The received packet does not match any route.

  • Page 951: Reset Ip Statistics

    undo ip virtual-reassembly enable Default IPv4 virtual fragment reassembly is disabled. Views System view Predefined user roles network-admin Usage guidelines To prevent each service module from processing packet fragments that do not arrive in order, you can enable the virtual fragment reassembly feature. This feature virtually reassembles the fragments of a datagram through fragment check, sequencing, and caching, ensuring fragments arrive at each service module in order.

  • Page 952: Reset Udp Statistics

    Usage guidelines Use this command to clear history IP traffic statistics before you collect IP traffic statistics for a time period. Examples # Clear IP traffic statistics. <Sysname> reset ip statistics Related commands display ip interface display ip statistics reset udp statistics to clear UDP traffic statistics.

  • Page 953: Tcp Mss

    : Enables statistics collection for outgoing Layer 3 packets. outbound Usage guidelines With this feature enabled on an interface, the device counts incoming and outgoing IP packets on the interface. To display the collected statistics, execute the command. To display ip statistics display the receiving and sending rates of IP packets on the interface, execute the display command.

  • Page 954: Tcp Path-Mtu-Discovery

    This configuration takes effect only on TCP connections that are established after the configuration and not on the TCP connections that already exist. This configuration is effective only on IP packets. If MPLS is enabled on the interface, do not set the TCP MSS on the interface.

  • Page 955: Tcp Timer Fin-Timeout

    Syntax tcp syn-cookie enable undo tcp syn-cookie enable Default SYN Cookie is disabled. Views System view Predefined user roles network-admin Usage guidelines A TCP connection is established through a three-way handshake: The sender sends a SYN packet to the server. The server receives the SYN packet, establishes a TCP semi-connection in SYN_RECEIVED state, and replies with a SYN ACK packet to the sender.

  • Page 956: Tcp Timer Syn-Timeout

    Parameters : Specifies the TCP FIN wait timer in the range of 76 to 3600 seconds. time-value Usage guidelines TCP starts the FIN wait timer when the state of a TCP connection changes to FIN_WAIT_2. If no FIN packet is received within the timer interval, the TCP connection is terminated. If a FIN packet is received, TCP changes the connection state to TIME_WAIT.
  • Page 957 undo tcp window Default The size of the TCP receive/send buffer is 63 KB. Views System view Predefined user roles network-admin Parameters : Specifies the size of the TCP receive/send buffer, in the range of 5 to 64 KB. window-size Examples # Set the size of the TCP receive/send buffer to 6 KB.
  • Page 958 Contents IPv6 basics commands ·················································································· 1 display ipv6 fib ············································································································································ 1 display ipv6 icmp statistics ························································································································· 2 display ipv6 interface ·································································································································· 4 display ipv6 interface prefix ························································································································ 8 display ipv6 pathmtu ·································································································································· 9 display ipv6 prefix ····································································································································· 10 display ipv6 rawip ····································································································································· 11 display ipv6 rawip verbose ·······················································································································...

  • Page 959: Ipv6 Basics Commands

    IPv6 basics commands display ipv6 fib to display IPv6 FIB entries. display ipv6 fib Syntax display ipv6 fib [ vpn-instance vpn-instance-name ] [ ipv6-address [ prefix-length ] ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an MPLS L3VPN instance by its name, a vpn-instance vpn-instance-name case-sensitive string of 1 to 31 characters.

  • Page 960: Display Ipv6 Icmp Statistics

    Field Description Nexthop Next hop address. Route flag: • U—Usable route. • G—Gateway route. • H—Host route. • Flags B—Black hole route. • D—Dynamic route. • S—Static route. • R—Recursive route. • F—Fast re-route. Time stamp Time when the IPv6 FIB entry was generated. Inner MPLS label.
  • Page 961 unreachable address unreachable no port too big time exceed transit time exceed reassembly 0 redirect ratelimited other errors Table 2 Command output Field Description bad code Number of received packets with error codes. too short Number of received packets with the length too short. checksum error Number of received packets with checksum errors.

  • Page 962: Display Ipv6 Interface

    display ipv6 interface to display IPv6 interface information. display ipv6 interface Syntax display ipv6 interface [ interface-type [ interface-number ] ] [ brief ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies an interface by its type. interface-type interface-number : Specifies an interface by its number.
  • Page 963 Hosts use stateless autoconfig for addresses IPv6 Packet statistics: InReceives: InTooShorts: InTruncatedPkts: InHopLimitExceeds: InBadHeaders: InBadOptions: ReasmReqds: ReasmOKs: InFragDrops: InFragTimeouts: OutFragFails: InUnknownProtos: InDelivers: OutRequests: OutForwDatagrams: InNoRoutes: InTooBigErrors: OutFragOKs: OutFragCreates: InMcastPkts: InMcastNotMembers: OutMcastPkts: InAddrErrors: InDiscards: OutDiscards: Table 3 Command output Field Description Physical state of the interface: •...
  • Page 964 Field Description source or destination address of a packet. If an address is in this state, the command does not display the address state. • DEPRECATED—The address is beyond the preferred lifetime but in the valid lifetime. It is valid, but it cannot be used as the source address for a new connection.
  • Page 965 Field Description InUnknownProtos Received IPv6 packets with unknown or unsupported protocol type. Received IPv6 packets that are delivered to user protocols (such as InDelivers ICMPv6, TCP, and UDP). OutRequests Local IPv6 packets sent by IPv6 user protocols. OutForwDatagrams IPv6 packets forwarded by the interface. Received IPv6 packets that are discarded because no matching route InNoRoutes can be found.

  • Page 966: Display Ipv6 Interface Prefix

    Field Description Link layer protocol state of the interface: • Protocol down—The network layer protocol state of the interface is down. • up—The network layer protocol state of the interface is up. IPv6 address of the interface. • If multiple global unicast addresses are configured, this field displays the lowest address.

  • Page 967: Display Ipv6 Pathmtu

    Filed Description How the prefix is generated: • ipv6 nd ra prefix STATIC—Manually configured by using the command. For more information about this command, see IPv6 neighbor discovery Origin commands in Layer 3—IP Services Command Reference. • RA—Advertised in RA messages after stateless autoconfiguration is enabled. •...

  • Page 968: Display Ipv6 Prefix

    IPv6 destination address PathMTU Type 1:2::3:2 1800 Static 1:2::4:2 1400 Dynamic 1:2::5:2 1280 Dynamic # Displays the total number of Path MTU entries. <Sysname> display ipv6 pathmtu all count Total number of entries: 3 Table 6 Command output Field Description IPv6 destination address IPv6 destination address.

  • Page 969: Display Ipv6 Rawip

    Examples # Display information about all IPv6 prefixes. <Sysname> display ipv6 prefix Number Prefix Type 1::/16 Static 11:77::/32 Dynamic # Display information about the IPv6 prefix with prefix ID 1. <Sysname> display ipv6 prefix 1 Number: 1 Type : Dynamic Prefix: ABCD:77D8::/32 Preferred lifetime 90 sec, valid lifetime 120 sec Table 7 Command output...

  • Page 970: Display Ipv6 Rawip Verbose

    #: Kernel RawIP connection Local Addr Foreign Addr Protocol Slot Cpu PCB 2001:2002:2003:2 3001:3002:3003:3 0x0000000000000009 004:2005:2006:20 004:3005:3006:30 07:2008 07:3008 2002::100 2002::138 0x0000000000000008 0x0000000000000002 Table 8 Command output Field Description The pound sign (#) indicates a Comware kernel connection. Local Addr Local IPv6 address.
  • Page 971 Receiving buffer(cc/hiwat/lowat/drop/state): 0 / 9216 / 1 / 0 / N/A Sending buffer(cc/hiwat/lowat/state): 0 / 9216 / 512 / N/A Type: 3 Protocol: 58 Inpcb flags: N/A Inpcb extflag: INP_EXTRCVICMPERR INP_EXTFILTER Inpcb vflag: INP_IPV6 Hop limit: 255 (minimum hop limit: 0) Send VRF: 0xffff Receive VRF: 0xffff Table 9 Command output...
  • Page 972 Field Description available for OSI Socket and RawIP. • N/A—No options are set. Error Error code. Displays receive buffer information in the following order: • cc—Used space. • hiwat—Maximum space. • lowat—Minimum space. • Receiving buffer drop—Number of dropped packets. (cc/hiwat/lowat/drop/state) •...

  • Page 973: Display Ipv6 Statistics

    Field Description • IN6P_RTHDRDSTOPTS—Receives the destination options extension header preceding the routing extension header. • IN6P_TCLASS—Receives the traffic class of the packet. • IN6P_AUTOFLOWLABEL—Attaches a flow label automatically. • IN6P_RFC2292—Uses the API specified in RFC 2292. • IN6P_MTU—Discovers differences in the MTU size of every link along a given data path.
  • Page 974 Syntax display ipv6 statistics [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Examples # Display IPv6 and ICMPv6 packet statistics. <Sysname>...
  • Page 975 Bad codes: Unreachable: Too big: Hop limit exceeded: Reassembly timeouts: Parameter problems: Unknown error types: Echo requests: Echo replies: Neighbor solicits: Neighbor adverts: Router solicits: Router adverts: Redirects: Router renumbering: Unknown info types: Deliver failed: Bad length: Table 10 Command output Field Description IPv6 statistics:...
  • Page 976 messages. Echo replies: • Echo requests—Number of Echo Requests. Neighbor solicits: • Echo replies—Number of Echo Replies. Neighbor adverts: • Neighbor solicits—Number of Neighbor Solicitation Router solicits: messages. Router adverts: • Neighbor adverts—Number of Neighbor Advertisement Redirects: messages. • Router solicits—Number of Router Solicitation messages. Router renumbering •...

  • Page 977: Display Ipv6 Tcp

    display ipv6 tcp to display brief information about IPv6 TCP connections. display ipv6 tcp Syntax display ipv6 tcp [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number : Specifies the slot number of the device, which is fixed at 1. Examples # Display brief information about IPv6 TCP connections.

  • Page 978: Display Ipv6 Tcp Verbose

    Field Description request. • FIN_WAIT_2—The client receives a disconnection reply from the server. • TIME_WAIT—The client receives a disconnection request from the server. PCB index. display ipv6 tcp verbose to display detailed information about IPv6 TCP connections. display ipv6 tcp verbose Syntax display ipv6 tcp verbose [ slot slot-number [ pcb pcb-index ] ] Views...
  • Page 979 Send VRF: 0x0 Receive VRF: 0x0 Table 12 Command output Field Description TCP inpcb number Number of IPv6 TCP Internet PCBs. Connection information, including source IPv6 address, source port Connection info number, destination IPv6 address, and destination port number. This field is not supported in the current software version. NAT kernel port TCP port for NAT in the kernel mode.
  • Page 980 Field Description • N/A—No options are set. Error Error code. Displays receive buffer information in the following order: • cc—Used space. • hiwat—Maximum space. • lowat—Minimum space. • Receiving drop—Number of dropped packets. buffer(cc/hiwat/lowat/drop/state) • state—Buffer state: CANTSENDMORE—Unable to send data to the peer. ...
  • Page 981 Field Description • IN6P_RTHDRDSTOPTS—Receives the destination options extension header preceding the routing extension header. • IN6P_TCLASS—Receives the traffic class of the packet. • IN6P_AUTOFLOWLABEL—Attaches a flow label automatically. • IN6P_RFC2292—Uses the API specified in RFC 2292. • IN6P_MTU—Discovers differences in the MTU size of every link along a given data path.

  • Page 982: Display Ipv6 Udp

    Field Description • CLOSE_WAIT—The server receives a disconnection request from the client. • FIN_WAIT_1—The client is waiting for the server to reply to a disconnection request. • CLOSING—The server and client are waiting for peer's disconnection reply when receiving disconnection requests from each other.

  • Page 983: Display Ipv6 Udp Verbose

    Predefined user roles network-admin network-operator Parameters : Specifies the slot number of the device, which is fixed at 1. slot slot-number Examples # Displays brief information about IPv6 UDP connections. <Sysname> display ipv6 udp #: Kernel UDP connection LAddr->port FAddr->port Slot Cpu PCB 2001:2002:2003:2 3001:3002:3003:3...
  • Page 984 Total UDP socket number: 1 Connection info: src = ::->69, dst = ::->0 Location: slot: 1 cpu: 0 Creator: sock_test_mips[250] State: N/A Options: N/A Error: 0 Receiving buffer(cc/hiwat/lowat/drop/state): 0 / 41600 / 1 / 0 / N/A Sending buffer(cc/hiwat/lowat/state): 0 / 9216 / 512 / N/A Type: 2 Protocol: 17 Inpcb flags: N/A...
  • Page 985 Field Description • SO_REUSEPORT—Allows the local port reuse. • SO_TIMESTAMP—Records the timestamps of the input packets, accurate to milliseconds. This option is applicable to protocols that are not connection orientated. • SO_NOSIGPIPE—Disables the socket from sending data. As a result, a sigpipe cannot be established when a return failure occurs. •...
  • Page 986 Field Description • INP_PROTOCOL_PACKET—Identifies a protocol packet. • INP_RCVVLANID—Receives the VLAN ID of the packet. Only UDP and RawIP support this flag. • IN6P_IPV6_V6ONLY—Only supports IPv6 protocol stack. • IN6P_PKTINFO—Receives the source IPv6 address and input interface of the packet. •...

  • Page 987: Ipv6 Address

    Field Description Send VRF VRF from which packets are sent. Receive VRF VRF from which packets are received. ipv6 address to configure an IPv6 global unicast address for an interface. ipv6 address to delete an IPv6 global unicast address of the interface. undo ipv6 address Syntax ipv6 address { ipv6-address prefix-length | ipv6-address...

  • Page 988: Ipv6 Address Auto

    Syntax ipv6 address { ipv6-address prefix-length | ipv6-address prefix-length } anycast undo ipv6 address ipv6-address prefix-length ipv6-address prefix-length } anycast Default No IPv6 anycast address is configured for an interface. Views Interface view Predefined user roles network-admin Parameters s: Specifies an IPv6 anycast address. ipv6-addres : Specifies a prefix length in the range of 1 to 128.

  • Page 989: Ipv6 Address Auto Link-Local

    Usage guidelines After a global unicast address is generated through stateless autoconfiguration, a link-local address is generated automatically. To delete the global unicast address and the link-local address that are automatically generated, use either of the following commands: • undo ipv6 address auto •...

  • Page 990: Ipv6 Address Eui-64

    The automatically generated link-local address does not take effect.  The link-local address of an interface is still the manually assigned address.  If you delete the manually assigned address, the automatically generated link-local address takes effect. Examples # Configure VLAN-interface 100 to automatically generate a link-local address. <Sysname>...

  • Page 991: Ipv6 Address Link-Local

    [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 address 2001::1/64 eui-64 Method 2: <Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 address 2001::1 64 eui-64 Related commands display ipv6 interface ipv6 address link-local to configure a link-local address for the interface. ipv6 address link-local to restore the default.
  • Page 992 ipv6 address prefix-number to specify an IPv6 prefix for an interface to automatically ipv6 address prefix-number generate an IPv6 global unicast address and advertise the prefix. to restore the default. undo ipv6 address prefix-number Syntax ipv6 address prefix-number sub-prefix/prefix-length undo ipv6 address prefix-number Default No IPv6 prefix is specified for IPv6 address autoconfiguration.

  • Page 993: Ipv6 Bandwidth-Based-Sharing

    Related commands ipv6 prefix ipv6 dhcp client pd ipv6 bandwidth-based-sharing to enable IPv6 load sharing based on bandwidth. ipv6 bandwidth-based-sharing to disable IPv6 loading sharing based on undo ipv6 bandwidth-based-sharing bandwidth. Syntax ipv6 bandwidth-based-sharing undo ipv6 bandwidth-based-sharing Default IPv6 load sharing based on bandwidth is disabled. Views System view Predefined user roles...

  • Page 994: Ipv6 Hoplimit-Expires Enable

    Parameters : Specifies the number of hops, in the range of 1 to 255. value Usage guidelines The hop limit determines the number of hops that an IPv6 packet generated by the device can travel. The device advertises the hop limit in RA messages. All RA message receivers use the advertised value to fill in the Hop Limit field for IPv6 packets to be sent.

  • Page 995: Ipv6 Icmpv6 Error-Interval

    ipv6 icmpv6 error-interval to set the bucket size and the interval for tokens to arrive in ipv6 icmpv6 error-interval the bucket for ICMPv6 error messages. to restore the default. undo ipv6 icmpv6 error-interval Syntax ipv6 icmpv6 error-interval interval [ bucketsize ] undo ipv6 icmpv6 error-interval Default The bucket allows a maximum of 10 tokens, and a token is placed in the bucket every 100...

  • Page 996: Ipv6 Icmpv6 Source

    Default The device is disabled from replying to multicast echo requests. Views System view Predefined user roles network-admin Usage guidelines If a host is configured to reply to multicast echo requests, an attacker can use this mechanism to attack the host. For example, the attacker can send an echo request to a multicast address with Host A as the source.

  • Page 997: Ipv6 Mtu

    Examples # Specify IPv6 address 1::1 as the source address for outgoing ICMPv6 packets. <Sysname> system-view [Sysname] ipv6 icmpv6 source 1::1 ipv6 mtu to set the interface MTU for IPv6 packets. ipv6 mtu to restore the default. undo ipv6 mtu Syntax ipv6 mtu size undo ipv6 mtu...

  • Page 998: Ipv6 Pathmtu Age

    Views System view Predefined user roles network-admin Parameters : Specifies an MPLS L3VPN instance to which the Path vpn-instance vpn-instance-name MTU belongs. The argument represents the VPN instance name, a vpn-instance-name case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command sets the Path MTU for the public network.

  • Page 999: Ipv6 Prefer Temporary-Address

    Predefined user roles network-admin Parameters : Specifies the aging time for Path MTU in minutes, in the range of 10 to 100. age-time Usage guidelines After the dynamic path MTU from a source host to a destination host is determined, the source device sends subsequent packets to the destination host based on this MTU.

  • Page 1000: Ipv6 Prefix

    Related commands ipv6 address auto ipv6 nd ra prefix ipv6 temporary-address ipv6 prefix to configure a static IPv6 prefix. ipv6 prefix to delete a static IPv6 prefix. undo ipv6 prefix Syntax ipv6 prefix prefix-number ipv6-prefix/prefix-length undo ipv6 prefix prefix-number Default No static IPv6 prefix is configured.

  • Page 1001: Ipv6 Temporary-Address

    undo ipv6 redirects enable Default Sending ICMPv6 redirect messages is disabled. Views System view Predefined user roles network-admin Usage guidelines The default gateway sends an ICMPv6 redirect message to the source of an IPv6 packet to inform the source of a better first hop. Sending ICMPv6 redirect messages enables hosts that hold few routes to establish routing tables and find the best route.

Table of Contents