HP 6125XLG Configuration Manual

R2306-hp 6125xlg blade switch network management and monitoring configuration guide.
Hide thumbs
HP 6125XLG Blade Switch
Network Management and Monitoring
Part number: 5998-3725
Software version: Release 2306
Document version: 6W100-20130912

Advertising

   Related Manuals for HP 6125XLG

   Summary of Contents for HP 6125XLG

  • Page 1: Configuration Guide

    HP 6125XLG Blade Switch Network Management and Monitoring Configuration Guide Part number: 5998-3725 Software version: Release 2306 Document version: 6W100-20130912...

  • Page 2

    HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

  • Page 3: Table Of Contents

    Contents Using ping, tracert, and system debugging ··············································································································· 1   Ping ····················································································································································································· 1   Using a ping command to test network connectivity ···························································································· 1   Ping example ···························································································································································· 1   Tracert ················································································································································································ 3   Prerequisites ······························································································································································ 4   Using a tracert command to identify failed or all nodes in a path ····································································· 4  ...

  • Page 4: Table Of Contents

    Configuring SNTP ······················································································································································ 48   Configuration restrictions and guidelines ···················································································································· 48   Configuration task list ···················································································································································· 48   Enabling the SNTP service ············································································································································ 48   Specifying an NTP server for the device ····················································································································· 48   Configuring SNTP authentication ································································································································· 49  ...

  • Page 5: Table Of Contents

    Enabling the NQA client ··············································································································································· 82   Configuring the ICMP echo operation ························································································································· 83   Configuring the UDP echo operation ··························································································································· 84   Configuring optional parameters for the NQA operation ························································································· 85   Configuring the collaboration function ························································································································ 85   Configuring threshold monitoring ·································································································································...

  • Page 6: Table Of Contents

    Local port mirroring configuration example ·············································································································· 114   Network requirements ········································································································································· 114   Configuration procedure ···································································································································· 115   Verifying the configuration ································································································································· 115   Local port mirroring with multiple monitor ports configuration example ······························································· 116   Network requirements ········································································································································· 116  ...

  • Page 7: Using Ping, Tracert, And System Debugging, Ping, Using A Ping Command To Test Network Connectivity

    Using ping, tracert, and system debugging This chapter covers ping, tracert, and information about debugging the system. Ping Use the ping utility to determine if a specific address is reachable. Ping sends ICMP echo requests (ECHO-REQUEST) to the destination device. Upon receiving the requests, the destination device responds with ICMP echo replies (ECHO-REPLY) to the source device.

  • Page 8: Configuration Procedure

    Figure 1 Network diagram Configuration procedure # Use the ping command on Device A to test connectivity to Device C. PING 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break 56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=2.137 ms 56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=2.051 ms 56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=1.996 ms 56 bytes from 1.1.2.2: icmp_seq=3 ttl=254 time=1.963 ms 56 bytes from 1.1.2.2: icmp_seq=4 ttl=254 time=1.991 ms...

  • Page 9: Tracert

    The intermediate device (Device B) adds the IP address of its outbound interface (1.1.2.1) to the RR option of the ICMP echo request, and forwards the packet. Upon receiving the request, the destination device copies the RR option in the request and adds the IP address of its outbound interface (1.1.2.2) to the RR option.

  • Page 10: Prerequisites, Using A Tracert Command To Identify Failed Or All Nodes In A Path

    The source device thinks that the packet has reached the destination device after receiving the port-unreachable ICMP message, and the path to the destination device is 1.1.1.2 to 1.1.2.2 to 1.1.3.2. Prerequisites Before you use a tracert command, perform the tasks in this section. For an IPv4 network: Enable sending of ICMP timeout packets on the intermediate devices (devices between the source •...

  • Page 11: System Debugging

    Figure 3 Network diagram 1.1.1.1/24 1.1.1.2/24 1.1.2.1/24 1.1.2.2/24 Device A Device B Device C Configuration procedure Use the ping command to test connectivity between Device A and Device C. <DeviceA> ping 1.1.2.2 PING 1.1.2.2(1.1.2.2): 56 -data bytes, press CTRL_C to break Request time out Request time out Request time out...

  • Page 12: Debugging Information Control Switches, Debugging A Feature Module

    Debugging information control switches The following switches control the display of debugging information: • Module debugging switch—Controls whether to generate the module-specific debugging information. Screen output switch—Controls whether to display the debugging information on a certain screen. • Use terminal monitor and terminal logging level commands to turn on the screen output switch. For more information about these two commands, see Network Management and Monitoring Command Reference.

  • Page 14: Configuring Ntp, Overview, How Ntp Works

    Configuring NTP Synchronize your device with a trusted time source by using the Network Time Protocol (NTP) or changing the system time before you run it on a live network. Various tasks, including network management, charging, auditing, and distributed computing depend on an accurate system time setting, because the timestamps of system messages and logs use the system time.

  • Page 15: Ntp Architecture

    The synchronization process is as follows: Device A sends Device B an NTP message, which is timestamped when it leaves Device A. The time stamp is 10:00:00 am (T1). When this NTP message arrives at Device B, Device B adds a timestamp showing the time when the message arrived at Device B.

  • Page 16: Association Modes

    To ensure time accuracy and availability, you can specify multiple NTP servers for a device. The device selects an optimal NTP server as the clock source based on parameters such as stratum. The clock that the device selects is called the reference source. For more information about clock selection, see the related protocols and standards.

  • Page 17

    Mode Working process Principle Application scenario On the symmetric active peer, specify the IP address of the symmetric passive peer. A symmetric active peer Figure 6 shows, this periodically sends clock mode is most often used A symmetric active peer synchronization messages to a between two or more and a symmetric passive...

  • Page 18: Ntp Security

    NTP security To improve time synchronization security, NTP provides the access control and authentication functions. NTP access control You can control NTP access by using an ACL. The access rights are in the following order, from least restrictive to most restrictive: Peer—Allows time requests and NTP control queries (such as alarms, authentication status, and time •...

  • Page 19: Protocols And Standards, Configuration Restrictions And Guidelines, Configuration Task List, Enabling The Ntp Service

    in the NTP message. If they are the same, the receiver accepts the message. Otherwise, it discards the message. Protocols and standards RFC 1305, Network Time Protocol (Version 3) Specification, Implementation and Analysis • RFC 5905, Network Time Protocol Version 4: Protocol and Algorithms Specification •...

  • Page 20: Configuring Ntp In Client/server Mode, Configuring Ntp In Symmetric Active/passive Mode

    Configuring NTP in client/server mode When the device operates in client/server mode, specify the IP address for the server on the client. Follow these guidelines when you configure an NTP client: A server must be synchronized by other devices or use its local clock as a reference source before •...

  • Page 21: Configuring Ntp In Broadcast Mode

    Step Command Remarks Enter system view. system-view • Specify a symmetric-passive peer: ntp-service unicast-peer { ip-address | peer-name } [ vpn-instance vpn-instance-name ] [ authentication-keyid keyid | priority | source interface-type interface-number | version Specify a symmetric-passive By default, no symmetric-passive number ] * peer for the device.

  • Page 22: Configuring Ntp In Multicast Mode

    Step Command Remarks By default, the device does not operate in broadcast server mode. Configure the device to ntp-service broadcast-server After you execute the command, operate in NTP broadcast [ authentication-keyid keyid | the device sends NTP broadcast server mode. version number ] * messages from the specified VLAN interface.

  • Page 23: Configuring Access Control Rights, Configuring Ntp Authentication, Configuring Ntp Authentication In Client/server Mode

    Step Command Remarks • Configure the device to operate in multicast server mode: ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | By default, the device does not ttl ttl-number | version number ] operate in multicast server mode. Configure the device to After you execute the command, operate in multicast server •...

  • Page 24

    NTP server on the client. The key IDs and key values configured on the server and client must be the same. Otherwise, NTP authentication fails. To configure NTP authentication for a client: Step Command Remarks Enter system view. system-view By default, NTP authentication is Enable NTP authentication.

  • Page 25: Configuring Ntp Authentication In Symmetric Active/passive Mode

    Table 2 NTP authentication results Client Server Configure a Configure a Authentication Enable NTP key and Associate the key Enable NTP key and result authenticati configure it with an NTP authenticati configure it as as a trusted server a trusted key Succeeded.

  • Page 26

    Step Command Remarks ntp-service authentication-keyid Configure an NTP By default, no NTP authentication keyid authentication-mode md5 authentication key. key is configured. { cipher | simple } value Configure the key as a trusted ntp-service reliable By default, no authentication key is key.

  • Page 27: Configuring Ntp Authentication In Broadcast Mode

    Active peer Passive peer Configure a Enable Configure a key and Associate the Authentication result Enable NTP key and configure it key with an authentic authentication configure it as as a trusted passive peer ation a trusted key Failed. NTP messages cannot be sent and received properly.

  • Page 28

    Step Command Remarks Enter system view. system-view By default, NTP authentication is Enable NTP authentication. ntp-service authentication enable disabled. ntp-service authentication-keyid Configure an NTP By default, no NTP authentication keyid authentication-mode md5 authentication key. key is configured. { cipher | simple } value Configure the key as a trusted ntp-service reliable By default, no authentication key is...

  • Page 29: Configuring Ntp Authentication In Multicast Mode

    Broadcast server Broadcast client Configure Configure a Enable Associate a key and key and Enable NTP Authentication result the key with configure configure it authenticati authentic a broadcast it as a as a trusted ation server trusted No authentication. NTP messages can be sent and received properly.

  • Page 30

    Step Command Remarks ntp-service authentication-keyid Configure an NTP By default, no NTP authentication keyid authentication-mode md5 authentication key. key is configured. { cipher | simple } value Configure the key as a trusted ntp-service reliable By default, no authentication key is key.

  • Page 31: Configuring Ntp Optional Parameters, Specifying The Source Interface For Ntp Messages

    Multicast server Multicast client Enable Configure a Configure a Authentication Associate the Enable NTP key and key and result key with a authenticatio authentic configure it as configure it as multicast server ation a trusted key a trusted key No authentication. NTP messages can be sent and received properly.

  • Page 32: Disabling An Interface From Receiving Ntp Messages, Configuring The Maximum Number Of Dynamic Associations

    To specify the source interface for NTP messages: Step Command Remarks Enter system view. system-view • Specify the source interface for NTP messages: ntp-service source-interface interface-type interface-number Specify the source interface By default, no source interface is for NTP messages. •...

  • Page 33: Configuring The Local Clock As A Reference Source, Displaying And Maintaining Ntp

    A single device can have a maximum of 128 concurrent associations, including static associations and dynamic associations. Perform this task to restrict the number of dynamic associations to prevent dynamic associations from occupying too many system resources. To configure the maximum number of dynamic associations: Step Command Remarks...

  • Page 34: Ntp Client/server Mode Configuration Example

    NTP client/server mode configuration example Network requirements As shown in Figure 8, the local clock of Device A is to be used as a reference source, with the stratum level 2. Device B operates in client mode and Device A is to be used as the NTP server for Device B. Figure 8 Network diagram Configuration procedure Set the IP address for each interface as shown in...

  • Page 35: Ipv6 Ntp Client/server Mode Configuration Example

    [DeviceB] display ntp-service sessions source reference stra reach poll now offset delay disper ******************************************************************************** [12345]1.0.1.11 127.127.1.0 -4.0 0.0038 16.262 Notes: 1 source(master), 2 source(peer), 3 selected, 4 candidate, 5 configured. Total sessions : 1 The output shows that an association has been set up between Device B and Device A. IPv6 NTP client/server mode configuration example Network requirements...

  • Page 36: Ntp Symmetric Active/passive Mode Configuration Example

    Leap indicator: 00 Clock jitter: 0.000977 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.02649 ms Root dispersion: 12.24641 ms Reference time: d0c60419.9952fb3e Wed, Dec 29 2010 19:01:45.598 The output shows that Device B has been synchronized to Device A, the clock stratum level of Device B is 3, and that of Device A is 2.

  • Page 37

    Figure 10 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 10. (Details not shown.) Configure Device A: # Enable the NTP service. <DeviceA> system-view [DeviceA] ntp-service enable # Specify the local clock as the reference source, with the stratum level 3. [DeviceA] ntp-service refclock-master 3 Configure Device B: # Enable the NTP service.

  • Page 38: Ipv6 Ntp Symmetric Active/passive Mode Configuration Example

    Local mode: sym_passive Reference clock ID: 3.0.1.33 Leap indicator: 00 Clock jitter: 0.000916 s Stability: 0.000 pps Clock precision: 2^-17 Root delay: 0.00609 ms Root dispersion: 1.95859 ms Reference time: 83aec681.deb6d3e5 Sun, Jan 4 1970 5:56:17.869 # Display IPv4 NTP association information for Device B. [DeviceB] display ntp-service sessions source reference...

  • Page 39

    Figure 11 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 11. (Details not shown.) Configure Device A: # Enable the NTP service. <DeviceA> system-view [DeviceA] ntp-service enable # Specify the local clock as the reference source, with the stratum level 3. [DeviceA] ntp-service refclock-master 3 Configure Device B: # Enable the NTP service.

  • Page 40: Ntp Broadcast Mode Configuration Example

    Clock stratum: 3 System peer: 3000::36 Local mode: sym_passive Reference clock ID: 163.29.247.19 Leap indicator: 11 Clock jitter: 0.000977 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.01855 ms Root dispersion: 9.23483 ms Reference time: d0c6047c.97199f9f Wed, Dec 29 2010 19:03:24.590 # Display IPv6 NTP association information for Device B.

  • Page 41

    Figure 12 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 12. (Details not shown.) Configure Switch C: # Enable the NTP service. <SwitchC> system-view [SwitchC] ntp-service enable # Specify the local clock as the reference source, with the stratum level 2. [SwitchC] ntp-service refclock-master 2 # Configure Switch C to operate in broadcast server mode and send broadcast messages through VLAN-interface 2.

  • Page 42: Ntp Multicast Mode Configuration Example

    # Switch A and Switch B get synchronized upon receiving a broadcast message from Switch C. Display the NTP status of Switch A after clock synchronization. [SwitchA-Vlan-interface2] display ntp-service status Clock status: synchronized Clock stratum: 3 System peer: 3.0.1.31 Local mode: bclient Reference clock ID: 3.0.1.31 Leap indicator: 00 Clock jitter: 0.044281 s...

  • Page 43

    Figure 13 Network diagram Vlan-int2 3.0.1.31/24 Switch C NTP multicast server Vlan-int3 Vlan-int3 Vlan-int2 1.0.1.11/24 1.0.1.10/24 3.0.1.30/24 Switch A Switch B NTP multicast client Vlan-int2 3.0.1.32/24 Switch D NTP multicast client Configuration procedure Set the IP address for each interface as shown in Figure 13.

  • Page 44

    Leap indicator: 00 Clock jitter: 0.044281 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.00229 ms Root dispersion: 4.12572 ms Reference time: d0d289fe.ec43c720 Sat, Jan 8 2011 7:00:14.922 The output shows that Switch D has been synchronized to Switch C, the clock stratum level of Switch D is 3, and that of Switch C is 2.

  • Page 45: Ipv6 Ntp Multicast Mode Configuration Example

    # Display the NTP status of Switch A after clock synchronization. [SwitchA-Vlan-interface3] display ntp-service status Clock status: synchronized Clock stratum: 3 System peer: 3.0.1.31 Local mode: bclient Reference clock ID: 3.0.1.31 Leap indicator: 00 Clock jitter: 0.165741 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.00534 ms Root dispersion: 4.51282 ms...

  • Page 46

    Figure 14 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 14. (Details not shown.) Configure Switch C: # Enable the NTP service. <SwitchC> system-view [SwitchC] ntp-service enable # Specify the local clock as the reference source, with the stratum level 2. [SwitchC] ntp-service refclock-master 2 # Configure Switch C to operate in IPv6 multicast server mode and send multicast messages through VLAN-interface 2.

  • Page 47

    Leap indicator: 00 Clock jitter: 0.000977 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.00000 ms Root dispersion: 8.00578 ms Reference time: d0c60680.9754fb17 Wed, Dec 29 2010 19:12:00.591 The output shows that Switch D has been synchronized to Switch C, the clock stratum level of Switch D is 3, and that of Switch C is 2.

  • Page 48: Configuration Example For Ntp Client/server Mode With Authentication

    [SwitchA] interface vlan-interface 3 [SwitchA-Vlan-interface3] ntp-service ipv6 multicast-client ff24::1 Verify the configuration: # Display the NTP status of Switch A after clock synchronization. [SwitchA-Vlan-interface3] display ntp-service status Clock status: synchronized Clock stratum: 3 System peer: 3000::2 Local mode: bclient Reference clock ID: 165.84.121.65 Leap indicator: 00 Clock jitter: 0.165741 s Stability: 0.000 pps...

  • Page 49

    Figure 15 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 15. (Details not shown.) Configure Device A: # Enable the NTP service. <DeviceA> system-view [DeviceA] ntp-service enable # Specify the local clock as the reference source, with the stratum level 2. [DeviceA] ntp-service refclock-master 2 Configure Device B: # Enable the NTP service.

  • Page 50: Configuration Example For Ntp Broadcast Mode With Authentication

    Reference clock ID: 1.0.1.11 Leap indicator: 00 Clock jitter: 0.005096 s Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.00655 ms Root dispersion: 1.15869 ms Reference time: d0c62687.ab1bba7d Wed, Dec 29 2010 21:28:39.668 The output shows that Device B has been synchronized to Device A, the clock stratum level of Device B is 3, and that of Device A is 2.

  • Page 51

    Figure 16 Network diagram Vlan-int2 3.0.1.31/24 Switch C NTP broadcast server Vlan-int2 3.0.1.30/24 Switch A NTP broadcast client Vlan-int2 3.0.1.32/24 Switch B NTP broadcast client Configuration procedure Set the IP address for each interface as shown in Figure 16. (Details not shown.) Configure Switch A: # Enable the NTP service.

  • Page 52

    <SwitchC> system-view [SwitchC] ntp-service enable # Specify the local clock as the reference source, with the stratum level 3. [SwitchC] ntp-service refclock-master 3 # Configure Switch C to operate in NTP broadcast server mode and use VLAN-interface 2 to send NTP broadcast packets.

  • Page 53

    source reference stra reach poll now offset delay disper ******************************************************************************** [1245]3.0.1.31 127.127.1.0 -0.0 0.0000 Notes: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured. Total sessions : 1 The output shows that an association has been set up between Switch B and Switch C.

  • Page 54: Configuring Sntp, Configuration Restrictions And Guidelines, Configuration Task List, Enabling The Sntp Service

    Configuring SNTP SNTP is a simplified, client-only version of NTP specified in RFC 4330. SNTP supports only the client/server mode. An SNTP-enabled device can receive time from NTP servers, but cannot provide time services to other devices. SNTP uses the same packet format and packet exchange procedure as NTP, but provides faster synchronization at the price of time accuracy.

  • Page 55: Configuring Sntp Authentication

    Step Command Remarks • For IPv4: sntp unicast-server { ip-address | server-name } [ vpn-instance vpn-instance-name ] [ authentication-keyid keyid | By default, no NTP server is source interface-type specified for the device. interface-number | version Repeat this step to specify multiple number ] * Specify an NTP server for the NTP servers.

  • Page 56: Displaying And Maintaining Sntp, Sntp Configuration Example

    Step Command Remarks • For IPv4: sntp unicast-server { ip-address | server-name } [ vpn-instance vpn-instance-name ] authentication-keyid keyid Associate the SNTP By default, no NTP server is authentication key with the • For IPv6: specified. specific NTP server. sntp ipv6 unicast-server { ipv6-address | server-name } [ vpn-instance vpn-instance-name ]...

  • Page 57

    # Configure an NTP authentication key, with the key ID of 10 and key value of aNiceKey. Input the key in plain text. [DeviceA] ntp-service authentication-keyid 10 authentication-mode md5 simple aNiceKey # Specify the key as a trusted key. [DeviceA] ntp-service reliable authentication-keyid 10 Configure Device B: # Enable the SNTP service.

  • Page 58: Configuring The Information Center, Overview, Log Types, Log Levels

    Configuring the information center The information center on a device classifies and manages logs for all modules so that network administrators can monitor network performance and troubleshoot network problems. Overview The information center receives logs generated by source modules and outputs logs to different destinations according to user-defined output rules.

  • Page 59: Log Destinations, Default Log Output Rules, Log Format

    Severity Level Description value Error Error condition. For example, the link state changes. Warning condition. For example, an interface is disconnected, or the memory Warning resources are used up. Normal but significant condition. For example, a terminal logs in to the device, Notification or the device reboots.

  • Page 60

    Output destination Format Example <190>Nov 24 16:22:21 2010 HP %%10SYSLOG/6/SYSLOG_RES <PRI>Timestamp TART: -DevIP=1.1.1.1; System Sysname %%vvModule/Level/Digest: Log host restarted –- Source; Content HP Comware Software. Table 9 describes the fields in a log message. Table 9 Log field description Field Description A log to a destination other than the log host has an identifier in front of the timestamp:...

  • Page 61: Information Center Configuration Task List

    Table 10 Timestamp precisions and configuration commands Destined to the console, monitor Item Destined to the log host terminal, log buffer, and log file Precision Seconds Milliseconds Command used to set the info-center timestamp loghost info-center timestamp timestamp format Table 11 Description of the timestamp parameters Timestamp Description Example...

  • Page 62: Outputting Logs To The Console, Outputting Logs To The Monitor Terminal

    Task at a glance • Outputting logs to the console • Outputting logs to the monitor terminal • Outputting logs to a log host • Outputting logs to the log buffer • Saving logs to the log file (Optional.) Managing security logs (Optional.) Enabling synchronous information output (Optional.)

  • Page 63: Outputting Logs To A Log Host, Outputting Logs To The Log Buffer

    Step Command Remarks info-center source { module-name | For information about default Configure an output rule for default } { console | monitor | output rules, see "Default log the monitor terminal. logbuffer | logfile | loghost } output rules." { deny | level severity } (Optional.) Configure the info-center timestamp { boot | date...

  • Page 64: Saving Logs To The Log File

    Step Command Remarks By default, the information center is Enable the information center. info-center enable enabled. Enable log output to the log By default, log output to the log info-center logbuffer buffer. buffer is enabled. (Optional.) Set the maximum info-center logbuffer [ size By default, the log buffer can store number of logs that can be buffersize ]...

  • Page 65: Managing Security Logs

    Step Command Remarks By default, log file overwrite-protection is disabled. With the all-port-powerdown keyword specified in the command, the device shuts down all the physical ports except for the console port, the management Ethernet port, and IRF ports when info-center logfile Enable log file the log file is full or the free space overwrite-protection...

  • Page 66: Saving Security Logs Into The Security Log File, Managing The Security Log File

    Saving security logs into the security log file After you enable the saving of the security logs into the security log file, the system first outputs security logs to the security log file buffer, and then saves the logs from the security log file buffer into the security log file at a specified interval (the security log administrator can also manually save security logs into the log file).

  • Page 67: Enabling Synchronous Information Output, Enabling Duplicate Log Suppression

    Task Command Remarks By default, the security log file is saved in the seclog directory in the root directory of the storage system-view medium. Change the directory of the security info-center security-logfile log file. The configuration made by this directory dir-name command cannot survive an IRF reboot or a master/subordinate switchover.

  • Page 68: Disabling An Interface From Generating Link Up/down Logging Information, Displaying And Maintaining Information Center

    Step Command Remarks Enable duplicate log info-center logging suppress By default, duplicate log suppression. duplicates suppression is disabled. Disabling an interface from generating link up/down logging information By default, all interfaces generate link up or link down log information when the state changes. In some cases, you might want to disable specific interfaces from generating this information.

  • Page 69: Configuration Example For Outputting Logs To The Console

    Configuration example for outputting logs to the console Network requirements Configure the device to output to the console FTP logs that have a severity level of at least warning. Figure 19 Network diagram Configuration procedure # Enable the information center. <Sysname>...

  • Page 70

    Configuration procedure Before the configuration, make sure that the device and the log host can reach each other. (Details not shown.) Configure the device: # Enable the information center. <Device> system-view [Device] info-center enable # Specify the log host 1.2.0.1/16 and specify local4 as the logging facility. [Device] info-center loghost 1.2.0.1 facility local4 # Disable log output to the log host.

  • Page 71: Configuration Example For Outputting Logs To A Linux Log Host

    Now, the device can output FTP logs to the log host, which stores the logs to the specified file. Configuration example for outputting logs to a Linux log host Network requirements Configure the device to output to the Linux log host 1.2.0.1/16 FTP logs that have a severity level of at least informational.

  • Page 72

    In the above configuration, local5 is the name of the logging facility used by the log host to receive logs. info is the informational level. The Linux system will store the log information with a severity level equal to or higher than informational to the file /var/log/Device/info.log. NOTE: Follow these guidelines to edit the file /etc/syslog.conf: Comments must be on a separate line and must begin with a pound sign (#).

  • Page 73: Configuring Snmp, Overview, Fips Compliance, Snmp Framework, Mib And View-based Mib Access Control

    Configuring SNMP This chapter provides an overview of the Simple Network Management Protocol (SNMP) and guides you through the configuration procedure. Overview SNMP is an Internet standard protocol widely used for a management station to access and operate the devices on a network, regardless of their vendors, physical characteristics, and interconnect technologies.

  • Page 74: Snmp Operations, Protocol Versions, Configuring Snmp Basic Parameters

    Figure 23 MIB tree A MIB view represents a set of MIB objects (or MIB object hierarchies) with certain access privileges and is identified by a view name. The MIB objects included in the MIB view are accessible while those excluded from the MIB view are inaccessible.

  • Page 75: Configuring Snmpv1 Or Snmpv2c Basic Parameters

    Configuring SNMPv1 or SNMPv2c basic parameters SNMPv1 and SNMPv2c settings are supported only in non-FIPS mode. To configure SNMPv1 or SNMPv2c basic parameters: Step Command Remarks Enter system view. system-view By default, the SNMP agent is disabled. The SNMP agent is enabled when (Optional.) Enable the snmp-agent you perform any command that...

  • Page 76: Configuring Snmpv3 Basic Parameters

    Step Command Remarks Use either method. The username configured by using method 1 is the same as that • (Method 1) Create an SNMP configured by using method 2. The community: username created by either snmp-agent community { read | method must be the same as the write } community-name [ mib-view community name configured on the...

  • Page 77

    Security model Security key settings Security model Remarks keyword for the group for the user If no authentication key is configured, SNMP communication will fail. Authentication without authentication Authentication key privacy The privacy key (if any) for the user does not take effect.

  • Page 78

    Step Command Remarks By default, the local engine ID is the company ID plus the device (Optional.) Change the local snmp-agent local-engineid IMPORTANT: engine ID. engineid After you change the local engine ID, the existing SNMPv3 users and encrypted keys become invalid, and you must re-configure them.

  • Page 79: Configuring Snmp Logging

    Step Command Remarks • In non-FIPS mode: snmp-agent calculate-password plain-password mode { md5 | sha } { local-engineid | specified-engineid engineid } (Optional.) Convert a plaintext key to an encrypted key. • In FIPS mode: snmp-agent calculate-password plain-password mode sha { local-engineid | specified-engineid engineid } •...

  • Page 80: Configuring Snmp Notifications, Enabling Snmp Notifications

    and the log buffer. The total output size for the node field (MIB node name) and the value field (value of the MIB node) in each log entry is 1024 bytes. If this limit is exceeded, the information center truncates the data in the fields.

  • Page 81: Configuring The Snmp Agent To Send Notifications To A Host

    Step Command Remarks By default, link state Enable link state enable snmp trap updown notifications are notifications. enabled. Configuring the SNMP agent to send notifications to a host You can configure the SNMP agent to send notifications as traps or informs to a host, typically an NMS, for analysis and management.

  • Page 82: Displaying The Snmp Settings

    Step Command Remarks • (Method 1) Send traps to the target host: In non-FIPS mode: snmp-agent target-host trap address udp-domain { ip-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ] ] In FIPS mode: snmp-agent target-host trap address...

  • Page 83: Snmpv1/snmpv2c Configuration Example

    Task Command Display SNMP agent system information, including display snmp-agent sys-info [ contact | location | the contact, physical location, and SNMP version. version ] Display SNMP agent statistics. display snmp-agent statistics Display the local engine ID. display snmp-agent local-engineid Display SNMP group information.

  • Page 84: Snmpv3 Configuration Example

    [Agent] snmp-agent community write private # Configure contact and physical location information for the agent. [Agent] snmp-agent sys-info contact Mr.Wang-Tel:3306 [Agent] snmp-agent sys-info location telephone-closet,3rd-floor # Enable SNMP notifications, set the NMS at 1.1.1.2 as an SNMP trap destination, and use public as the community name.

  • Page 85

    The NMS and the agent perform authentication when they set up an SNMP session. The authentication algorithm is SHA- 1 and the authentication key is authkey. The NMS and the agent also encrypt the SNMP packets between them by using the AES algorithm and the privacy key prikey. Figure 25 Network diagram Configuration procedure Configure the agent:...

  • Page 86

    # Try to get the MTU value of NULL0 interface from the agent. The get attempt succeeds. Send request to 1.1.1.1/161 ... Protocol version: SNMPv3 Operation: Get Request binding: 1: 1.3.6.1.2.1.2.2.1.4.135471 Response binding: 1: Oid=ifMtu.135471 Syntax=INT Value=1500 Get finished # Try to get the device name from the agent. The get attempt fails because the NMS has no access right to the node.

  • Page 87: Configuring Nqa, Overview, Collaboration

    Configuring NQA Overview Network quality analyzer (NQA) allows you to measure network performance, verify the service levels for IP services and applications, and troubleshoot network problems. It provides the following types of operations: • ICMP echo UDP echo • An ICMP echo or UDP echo operation sends an ICMP echo request or a UDP packet. As shown in Figure 26, the NQA source device (NQA client) sends data to the NQA destination device...

  • Page 88: Threshold Monitoring, Nqa Client Configuration Task List, Enabling The Nqa Client

    The following describes how a static route destined for 192.168.0.88 is monitored through collaboration: NQA monitors the reachability to 192.168.0.88. When 192.168.0.88 becomes unreachable, NQA notifies the Track module of the change. The Track module notifies the static routing module of the state change. The static routing module sets the static route as invalid according to a predefined action.

  • Page 89: Configuring The Icmp Echo Operation

    Configuring the ICMP echo operation The ICMP echo operation measures the reachability of a destination device. It has the same function as the ping command, but provides more output information. In addition, if multiple paths exist between the source and destination devices, you can specify the next hop for the ICMP echo operation. The ICMP echo operation is not supported in IPv6 networks.

  • Page 90: Configuring The Udp Echo Operation

    Configuring the UDP echo operation The UDP echo operation measures the round-trip time between the client and a specific UDP port on the NQA server. The UDP echo operation requires both the NQA server and the NQA client. Before you perform a UDP echo operation, configure a UDP listening service on the NQA server.

  • Page 91: Configuring Optional Parameters For The Nqa Operation, Configuring The Collaboration Function

    Configuring optional parameters for the NQA operation Unless otherwise specified, the following optional parameters apply to all types of NQA operations. To configure optional parameters for an NQA operation: Step Command Remarks Enter system view. system-view Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation...

  • Page 92: Configuring Threshold Monitoring, Threshold Types, Triggered Actions, Reaction Entry

    Step Command Remarks Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation operation-tag created. view. Specify an NQA operation type { icmp-echo | udp-echo } type and enter its view. reaction item-number By default, no reaction entry is checked-element probe-fail configured.

  • Page 93: Configuration Procedure, Configuring The Nqa Statistics Collection Function

    Before an NQA operation starts, the reaction entry is in invalid state. • • If the threshold is violated, the state of the entry is set to over-threshold. Otherwise, the state of the entry is set to below-threshold. Configuration procedure To configure threshold monitoring: Step Command...

  • Page 94: Configuring The Saving Of Nqa History Records, Scheduling The Nqa Operation On The Nqa Client

    Step Command Remarks (Optional.) Specify the interval statistics interval interval The default setting is 60 minutes. for collecting the statistics. The default setting is 2 groups. (Optional.) Specify the To disable collecting NQA maximum number of statistics statistics max-group number statistics, set the maximum number groups that can be saved.

  • Page 95: Displaying And Maintaining Nqa

    After you configure the scheduling parameters for the operation, you cannot enter NQA operation • view or any operation type view. You cannot deploy any NQA operation related parameters through IMC either. To modify the operation settings, you must first stop the operation. •...

  • Page 96: Nqa Configuration Examples, Icmp Echo Operation Configuration Example

    NQA configuration examples ICMP echo operation configuration example Network requirements As shown in Figure 28, configure and schedule an ICMP echo operation from the NQA client Device A to Device B through Device C to test the round-trip time. Figure 28 Network diagram Configuration procedure # Assign each interface an IP address.

  • Page 97: Udp Echo Operation Configuration Example

    # Enable saving history records and configure the maximum number of history records that can be saved as 10. [DeviceA-nqa-admin-test1-icmp-echo] history-record enable [DeviceA-nqa-admin-test1-icmp-echo] history-record number 10 [DeviceA-nqa-admin-test1-icmp-echo] quit # Start the ICMP echo operation. [DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the ICMP echo operation after a period of time.

  • Page 98

    Figure 29 Network diagram NQA client NQA server 10.1.1.1/16 10.2.2.2/16 IP network Device A Device B NOTE: Make sure Device B supports the NQA server configuration. Configuration procedure Assign each interface an IP address. (Details not shown.) Configure static routes or a routing protocol to make sure the devices can reach each other. (Details not shown.) Configure Device B: # Enable the NQA server, and configure a listening service to listen on the IP address 10.2.2.2...

  • Page 99: Nqa Collaboration Configuration Example

    Failures due to other errors: 0 # Display the history records of the UDP echo operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history records: Index Response Status Time Succeeded 2011-11-22 10:36:17.9 The output shows that the round-trip time between Device A and port 8000 on Device B is 25 milliseconds.

  • Page 100: Verifying The Configuration

    [SwitchA-nqa-admin-test1-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [SwitchA-nqa-admin-test1-icmp-echo] quit # Start the ICMP operation. [SwitchA] nqa schedule admin test1 start-time now lifetime forever On Switch A, create the track entry: # Create track entry 1, and associate it with reaction entry 1 of the NQA operation (admin-test1). [SwitchA] track 1 nqa entry admin test1 reaction 1 Verifying the configuration # On Switch A, display information about all track entries.

  • Page 101

    State: Negative Duration: 0 days 0 hours 0 minutes 0 seconds Notification delay: Positive 0, Negative 0 (in seconds) Tracked object: NQA entry: admin test1 Reaction: 1 # Display brief information about active routes in the routing table on Switch A. [SwitchA] display ip routing-table Destinations : 12 Routes : 12...

  • Page 102: Configuring Sflow, Protocols And Standards, Sflow Configuration Task List

    Configuring sFlow Sampled Flow (sFlow) is a traffic monitoring technology. As shown in Figure 31, the sFlow system involves an sFlow agent embedded in a device and a remote sFlow collector. The sFlow agent collects interface counter information and packet information and encapsulates the sampled information in sFlow packets.

  • Page 103: Configuring The Sflow Agent And Sflow Collector Information, Configuring Flow Sampling

    Tasks at a glance Perform at least one of the following tasks: • Configuring flow sampling • Configuring counter sampling Configuring the sFlow agent and sFlow collector information Step Command Remarks Enter system view. system-view By default, no IP address is configured for the sFlow agent.

  • Page 104: Configuring Counter Sampling, Displaying And Maintaining Sflow

    Step Command Remarks Enter system view. system-view interface interface-type Enter Ethernet interface view. interface-number By default, the sampling mode is (Optional.) Set the flow sflow sampling-mode { determine random. At present, the determine sampling mode. | random } sampling mode is not supported. Enable flow sampling and specify the number of packets By default, Flow sampling samples...

  • Page 105: Sflow Configuration Example, Network Requirements, Configuration Procedure

    sFlow configuration example Network requirements As shown in Figure 32, configure flow sampling in random mode and counter sampling on Ten-GigabitEthernet 1/1/5 of the device to monitor traffic on the port. Configure the device to send sampled information in sFlow packets through Ten-GigabitEthernet 1/1/7 to the sFlow collector. Figure 32 Network diagram Configuration procedure Configure the IP addresses and subnet masks for interfaces, as shown in...

  • Page 106: Verifying The Configurations, Troubleshooting Sflow Configuration, The Remote Sflow Collector Cannot Receive Sflow Packets

    Verifying the configurations # Display the sFlow configuration and operation information. [Sysname-Ten-GigabitEthernet1/1/5] display sflow sFlow datagram version: 5 Global information: Agent IP: 3.3.3.1(CLI) Source address: Collector information: Port Aging Size VPN-instance Description 3.3.3.2 6343 1400 netserver Port information: Interface Interval(s) FID MaxHLen Rate Mode Status...

  • Page 107: Monitoring And Maintaining Processes, Displaying And Maintaining Processes, Displaying And Maintaining User Processes

    Monitoring and maintaining processes HP Comware V7 is a full-featured, modular, and scalable network operating system based on the Linux kernel. Comware V7 software features run the following types of independent processes: • User process—Runs in user space. Most Comware V7 software features run user processes. Each process runs in an independent space so the failure of a process does not affect other processes.

  • Page 108: Monitoring Kernel Threads, Configuring Kernel Thread Deadloop Detection, Configuring Kernel Thread Starvation Detection

    Task Command Display heap memory usage for a display process memory heap job job-id [ verbose ] [ slot slot-number ] user process. Display the addresses of memory display process memory heap job job-id size memory-size [ offset blocks with a specified size used offset-size ] [ slot slot-number ] by a user process.

  • Page 109: Displaying And Maintaining Kernel Threads

    Starvation occurs when a thread is unable to access shared resources. Kernel thread starvation detection enables the system to detect and report thread starvation. If a thread is not executed within a specific interval, the system considers that a starvation has occurred, and generates a starvation message.

  • Page 110: Configuring Port Mirroring, Overview, Terminology

    Configuring port mirroring Overview Port mirroring refers to the process of copying the packets passing through a port to the monitor port connecting to a monitoring device for packet analysis. Terminology The following terms are used in port mirroring configuration. Mirroring source The mirroring source can be one or more monitored ports, which are called "source ports."...

  • Page 111: Port Mirroring Classification And Implementation

    NOTE: The reflector port is used to enable local mirroring to support multiple monitor ports. Port mirroring classification and implementation Port mirroring falls into local port mirroring and remote port mirroring depends on whether the mirroring source and the mirroring destination are on the same device. Local port mirroring In local port mirroring, the source device is directly connected to the data monitoring device and can act as the destination device to forward mirrored packets to the data monitoring device.

  • Page 112: Configuring Local Port Mirroring, Local Port Mirroring Configuration Task List, Creating A Local Mirroring Group

    Figure 34 Layer 2 remote port mirroring implementation Mirroring process in the device XGE1/1/5 XGE1/1/6 Source Destination device device XGE1/1/6 XGE1/1/5 XGE1/1/6 XGE1/1/5 Intermediate Remote Remote XGE1/1/5 XGE1/1/6 device probe VLAN probe VLAN Data monitoring Host device Original packets Source port Egress port Mirrored packets Monitor port...

  • Page 113: Configuring Source Ports For The Local Mirroring Group

    Configuring source ports for the local mirroring group You can configure a list of source ports for a mirroring group at a time in system view, or assign a port to it as a source port in interface view. To assign multiple ports to the mirroring group as source ports in interface view, repeat the operation.

  • Page 114: Using The Remote Probe Vlan To Enable Local Port Mirroring To Support Multiple Monitor Ports

    Use a monitor port for port mirroring only to make sure the data monitoring device receives and • analyzes only the mirrored traffic rather than a mix of mirrored traffic and normally forwarded traffic. Configuration procedure To configure the monitor port in system view: Step Command Remarks...

  • Page 115

    Configuration restrictions and guidelines When you use the remote probe VLAN to enable local port mirroring to support multiple monitor ports, follow these restrictions and guidelines: • HP recommends that you configure an unused port as the reflector port of a remote source mirroring group and not connect the port to a cable.

  • Page 116: Configuring Layer 2 Remote Port Mirroring, Layer 2 Remote Port Mirroring Configuration Task List

    Step Command Remarks Assign monitor ports to By default, a newly-created VLAN the remote probe port interface-list does not have any member port. VLAN. Return to system view. quit Configure the remote probe VLAN for the mirroring-group group-id By default, no remote probe VLAN is remote source mirroring remote-probe vlan rprobe-vlan-id configured for a mirroring group.

  • Page 117

    Creating a remote destination group Step Command Remarks Enter system view. system-view Create a remote destination mirroring-group group-id By default, no remote destination group. remote-destination group exists on a device. Configuring the monitor port for a remote destination group You can configure the monitor port for a mirroring group in system view, or assign a port to a mirroring group as the monitor port in interface view.

  • Page 118: Configuring A Remote Source Group On The Source Device

    When a VLAN is configured as a remote probe VLAN, use the remote probe VLAN for port • mirroring exclusively. Configure the same remote probe VLAN for the remote destination groups on the source and • destination devices. To configure the remote probe VLAN for a remote destination group: Step Command Remarks...

  • Page 119

    A port can serve as a source port for multiple mirroring groups, but the port cannot be a reflector • port, monitor port, or an egress port at the same time. To configure source ports for a remote source group in system view: Step Command Remarks...

  • Page 120: Displaying And Maintaining Port Mirroring, Local Port Mirroring Configuration Example, Network Requirements

    Step Command Remarks Configure the port as the By default, a port does not serve as mirroring-group group-id egress port for the specified the egress port for any remote monitor-egress remote source group. source group. Configuring the remote probe VLAN for a remote source group You must first create a static VLAN before you configure it as a remote probe VLAN.

  • Page 121: Verifying The Configuration, Configuration Procedure

    Figure 35 Network diagram Marketing dept. XGE1/1/5 XGE1/1/7 Device Server XGE1/1/6 Technical dept. Source port Monitor port Configuration procedure # Create local mirroring group 1. <Device> system-view [Device] mirroring-group 1 local # Configure Ten-GigabitEthernet 1/1/5 and Ten-GigabitEthernet 1/1/6 as source ports and port Ten-GigabitEthernet 1/1/7 as the monitor port for local mirroring group 1.

  • Page 122: Local Port Mirroring With Multiple Monitor Ports Configuration Example, Network Requirements, Configuration Procedure

    Local port mirroring with multiple monitor ports configuration example Network requirements As shown in Figure 36, Dept. A, Dept. B, and Dept. C are connected to Device A through ports Ten-GigabitEthernet 1/1/5, Ten-GigabitEthernet 1/1/6, and Ten-GigabitEthernet 1/1/7, respectively. Configure port mirroring to enable all three data monitoring devices (Server A, Server B, and Server C), to monitor both the incoming and outgoing traffic of the three departments.

  • Page 123: Layer 2 Remote Port Mirroring Configuration Example, Network Requirements, Configuration Procedure

    # Configure VLAN 10 as the remote probe VLAN of remote source mirroring group 1. [DeviceA] mirroring-group 1 remote-probe vlan 10 Layer 2 remote port mirroring configuration example Network requirements On the Layer 2 network shown in Figure 37, configure Layer 2 remote port mirroring to enable the server to monitor the bidirectional traffic of the marketing department.

  • Page 124

    # Configure VLAN 2 as the remote probe VLAN of the mirroring group and Ten-GigabitEthernet 1/1/6 as the monitor port of the mirroring group, disable the spanning tree feature on Ten-GigabitEthernet 1/1/6, and assign the port to VLAN 2 as an access port. [DeviceC] mirroring-group 2 remote-probe vlan 2 [DeviceC] interface ten-gigabitethernet 1/1/6 [DeviceC-Ten-GigabitEthernet1/1/6] mirroring-group 2 monitor-port...

  • Page 125

    [DeviceA-Ten-GigabitEthernet1/1/6] undo stp enable [DeviceA-Ten-GigabitEthernet1/1/6] quit Verifying the configuration # Display information about all mirroring groups on Device A. [DeviceA] display mirroring-group all Mirroring group 1: Type: Remote source Status: Active Mirroring port: Ten-GigabitEthernet1/1/5 Both Remote probe VLAN: 2 # Display information about all mirroring groups on Device C. [DeviceC] display mirroring-group all Mirroring group 2: Type: Remote destination...

  • Page 126: Configuring Traffic Mirroring, Traffic Mirroring Configuration Task List, Configuring Match Criteria

    Configuring traffic mirroring Traffic mirroring copies the specified packets to the specified destination for packet analyzing and monitoring. It is implemented through QoS policies. You define traffic classes and configure match criteria to classify packets to be mirrored, and then you configure traffic behaviors to mirror packets that fit the match criteria to the specified destination.

  • Page 127: Configuring A Traffic Behavior, Configuring A Qos Policy, Applying A Qos Policy

    Configuring a traffic behavior The CPU resides in the device configured with traffic mirroring. After you configure a traffic behavior, you can use the display traffic behavior command in any view to view traffic behavior configuration. To configure a traffic behavior: Step Command Remarks...

  • Page 128: Applying A Qos Policy To A Vlan, Applying A Qos Policy Globally

    Step Command Enter interface view. interface interface-type interface-number Apply a policy to the interface. qos apply policy policy-name { inbound | outbound } Applying a QoS policy to a VLAN You can apply a QoS policy to a VLAN to mirror the traffic in a specific direction on all ports in the VLAN.

  • Page 129: Traffic Mirroring Configuration Example, Network Requirements, Configuration Procedure

    Traffic mirroring configuration example Network requirements As shown in Figure 38, different departments of a company use IP addresses on different subnets. The marketing and technical departments use the IP addresses on subnets 192.168.1.0/24 and 192.168.2.0/24, respectively. The working hour of the company is from 8:00 to 18:00 on weekdays. Configure traffic mirroring so that the server can monitor the traffic that the technical department sends to access the Internet, and IP traffic that the technical department sends to the marketing department.

  • Page 130

    # Create traffic behavior tech_b, and configure the action of mirroring traffic to port Ten-GigabitEthernet 1/1/7. [DeviceA] traffic behavior tech_b [DeviceA-behavior-tech_b] mirror-to interface ten-gigabitethernet 1/1/7 [DeviceA-behavior-tech_b] quit # Create QoS policy tech_p, and associate traffic class tech_c with traffic behavior tech_b in the QoS policy.

  • Page 131: Support And Other Resources, Contacting Hp, Subscription Service, Related Information, Documents, Websites

    Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers • Technical support registration number (if applicable) • • Product serial numbers Error messages •...

  • Page 132: Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...

  • Page 133

    Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 134: Index

    Index NTP symmetric active/passive association mode, 10, 14, access control authenticating MIB, NTP, NTP access control rights configuration, NTP broadcast authentication, NTP peer ACL, NTP broadcast mode with authentication, NTP query ACL, NTP client/server mode authentication, NTP security, NTP client/server mode with authentication, NTP server ACL, NTP configuration, NTP synchronization ACL,...

  • Page 135

    NTP broadcast client configuration, NQA UDP echo operation, NTP multicast client configuration, NTP, 8, SNTP configuration, 48, 48, NTP access control rights, client/server NTP association mode, IPv6 NTP client/server association mode, NTP authentication, NTP association mode, 10, NTP broadcast association mode, 15, NTP client/server association mode, 17, NTP broadcast client, NTP client/server association mode with...

  • Page 136

    SNMPv1 agent notification, information center log output (Linux log host), SNMPv1 basic parameters, information center log output (UNIX log host), SNMPv2c, IPv6 NTP multicast association mode, SNMPv2c agent notification, Layer 2 remote port mirroring configuration, 1 17 SNMPv2c basic parameters, local port mirroring configuration, 106, 1 14 SNMPv3,...

  • Page 137

    processes, local port mirroring group source port, sFlow, port mirroring group, SNMP settings, SNTP, hidden information log, user processes, history duplicate log suppression, NQA client history record save, dynamic NTP max number dynamic associations, ICMP NQA, echo NQA client ICMP echo operation, NQA client ICMP echo operation, NQA ICMP echo operation, NQA client UDP echo operation,...

  • Page 138

    SNMP MIB, level SNMP notification configuration, system information log, SNMPv1 basic parameter configuration, link SNMPv1 configuration, SNMP notification, SNMPv2c basic parameter configuration, link up/down logging disable, SNMPv2c configuration, Linux SNMPv3 basic parameter configuration, displaying kernel threads, SNMPv3 configuration, kernel thread, IP addressing kernel thread deadloop detection, tracert command, 3, 4,...

  • Page 139

    NMM information center security log kernel threads, management, Linux kernel thread, NMM information center security log save to Linux user process, file, NQA client threshold monitoring, SNMP configuration, NQA threshold monitoring, system information log default output rules, multicast system information log destinations, IPv6 NTP multicast association mode, system information log levels, NTP multicast association mode, 10, 16,...

  • Page 140

    NTP authentication, traffic mirroring traffic behavior configuration, NTP broadcast association mode, network management NTP broadcast mode authentication, debugging feature module, NTP client/server association mode, information center configuration, 52, NTP client/server mode authentication, information center log output (console), NTP local clock as reference source, information center log output (UNIX log host), NTP max number dynamic associations, IPv6 NTP client/server association mode,...

  • Page 141

    using tracert, broadcast mode max number dynamic associations, Network Time Protocol. Use broadcast mode with authentication, broadcast server configuration, information center security log file management, client/server association mode, information center security log management, client/server association mode configuration, 14, information center security log save to file, client/server mode authentication configuration, client/server mode max number dynamic SNMP Get operation,...

  • Page 142

    outbound traffic mirroring QoS policy application (control plane), port mirroring, traffic mirroring QoS policy application outputting (global), information logs to console, 56, traffic mirroring QoS policy application information logs to Linux log host, (interface), information logs to log buffer, traffic mirroring QoS policy application information logs to log host, (VLAN), information logs to monitor terminal,...

  • Page 143

    local group source port configuration configuring local port mirroring group monitor restrictions, port, local mirroring configuration, 1 14 configuring local port mirroring group source ports, local mirroring configuration with multiple monitor ports, 1 16 configuring local port mirroring with multiple monitor ports, 1 16 mirroring group,...

  • Page 144

    configuring NTP symmetric active/passive creating port mirroring remote destination association mode, 14, group, 1 1 1 configuring NTP symmetric active/passive creating port mirroring remote source group, 1 12 mode authentication, debugging feature module, configuring port mirroring monitor port to disabling information center link up/down remote probe VLAN assignment, 1 12 logging,...

  • Page 145

    saving NMM information center security logs to remote security log file, Layer 2 remote port mirroring, 1 10 scheduling NQA client operation, port mirroring, specifying NTP message source interface, port mirroring remote source group, 1 12 specifying NTP server for SNTP, remote port mirroring using ping, monitor port to remote probe VLAN assignment,...

  • Page 146

    NTP multicast association mode, configuration, 96, 96, NTP symmetric active/passive association counter sampling configuration, mode, displaying, SNTP configuration, 48, 48, flow sampling configuration, rule protocols and standards, system information default log output, troubleshooting, troubleshooting remote collector cannot receive packets, sampling Simple Network Management Protocol.

  • Page 147

    SNMPv3 information center log output (console), 56, agent notification, information center log output (Linux log host), basic parameter configuration, information center log output (log buffer), configuration, information center log output (log host), Notification operation, information center log output (monitor terminal), protocol version, information center log output (UNIX log host), SNTP...

  • Page 148

    node failure detection, 3, 4, NTP broadcast association mode, Track NTP broadcast mode with authentication, NQA client Track collaboration function, NTP client/server association mode, NQA collaboration, NTP client/server mode with authentication, NQA Track collaboration, NTP configuration, 8, traffic NTP multicast association mode, mirroring.

Comments to this Manuals

Symbols: 0
Latest comments: